http://xen-orchestra.com/blog/new-xo-virtual-appliance-2/
-- via my feedly newsfeed
In the next weeks, we'll release a new version of the virtual appliance itself, which is running Xen Orchestra.
This new appliance will be unified, more secure, faster and easier to use. Let's see why!
Unified XOA? It means one XOA to rule them all. No dedicated version of Free, Starter, Enterprise or Premium. Because our updater is able to "transform" it on-the-fly. Doesn't matter if you upgrade or downgrade, just run the update and you are OK!
Security
Sudo
Root account password is now disabled. You'll connect via a xoa
user, and use sudo
to make system operations.
Password change
After your first connection to XOA with xoa user and xoa password (SSH or via console), the system will ask you to change your password.
Firewall
By default, XOA is now behind a firewall. SSH is even protected with a rate limit rule. We'll update the doc to give you more details on how to configure it if necessary, but only needed ports are open. XOA stays turnkey (you can reach it without any pre-configuration), but it's far more secure!
Speed
This new appliance is running in PVHVM mode. In general, this give a 15% performance boost, see our previous article on PV vs PVHVM XenServer benchmark.
Simplicity
Bashrc
We added a bashrc file to have a beautiful prompt, helping you to have a distinct shell on XOA.
The prompt also display any change in a Git repository (see the next paragraph).
/etc in Git
This will allow to track changes done in the XOA conf, and rollback if necessary.
SSH support ready
A xoa-support
account exists, but can only log via a SSH key pair (no password), that we only have (ie the private key). If you don't want this, you can disable the account with the chage -E 0 xoa-support
command.
Built for tomorrow
Extra packages are also include for future possibilities in XOA. It also includes the latest LTS version of Node (6).
Want to test it?
Beside your production XOA, you can make a try if you like. You can download it from here (only XS7 compatible for now, but will be 6.x too in the final release).
No comments:
Post a Comment