XenServer 7: Is Dundee jam today, or jam tomorrow?
XenServer 7.0 was released during Citrix Synergy. While XenServer 6.5 wasn't quite revolutionary enough to be a full new release, XenServer 7.0 has a slew of never before seen features, significant performance improvements and a mission: to build on Citrix's Infrastructure Strategy and provides a platform that lets customers avoid additional VMware license costs (dubbed the vTax).
XenServer 6.5 (plus the service pack) had its work cut out to address the calamity of messaging and confidence previous releases "open source" play did towards the viability of the hypervisor in the enterprise. Given it is reported that XenServer use increased compared to 2014 (up @10%), and many XenApp/XenDesktop deployments rely on XenServer (often more likely used than vSphere (just) or HyperV (very much so)) - you could say "job done". But, to properly address resolving a vTax, you can't stand still. Youneed to build on that growth: ideally better leveraging the fact that Citrix can more readily optimise their own hypervisor and create more value through innovation and integration within their own stack: as VMware are doing with the likes of their Instant Clone technology.
So what is new with XenServer 7.0? How does it compare to 6.5SP1, and what has ceased to be? Most importantly, what does the XenServer 7.0 release do for existing, and prospective customers?
Citrix XenServer 7.0 - Updates?
First of all, there's a quite a lot of change; hence the v7 I expect - which I've split into "general" (available to all) and "enterprise" - where you need an appropriate license. "Enterprise features are available for XenServer Enterprise edition customers, or those who have access to XenServer through their XA/XD Entitlement" and here is a link to more info on that
Generally Available XenServer 7.0 Updates
- Health Check - automate the process of uploading status reports to find out whats wrong... once you've fixed it to the point where you access the environment again, obviously: its good, not magic.
- Improved Performance and Scale: more host RAM, more VM RAM, support for more logical processors and per VM vCPU support, higher throughput for networking and storage IO.
- Simplified Heterogeneous Pool Support New hosts can be added to existing resource pools, almost irrespective of the underlying CPU type (the CPU needs to be from the same vendor family) and VMs can now freely migrate to a host within and across pools, provided that the destination host is compatible with the host the VM was booted on.
- Support for Offline Storage Migration - you don't have to turn it on anymore
- Software-boot-from-iSCSI for Cisco UCS - reduce infrastructure costs for new deploys by removing Fibre Channel HBAs
- Support for Open-FCoE
- Support for NFSv4
- XenCenter Improvements: you can sSH onto the console session, easier intergation for delivering updates, looks prettier, some nice "move between pools" stuff
- Platform Improvements: support for Intel BroadWell-H, Broadwell-EX and Skylake-S; Dom0 now uses CentOS v7.2, support for booting hosts using UEFI
- Support for New Guests: Windows Server 2016 Tech Preview (well, build 5 at least); SLED 11.3; SLED 12(+SP1); RHEL, CentOS, Oracle Linux 7.2; Debian Jessie 8; Ubuntu 16.04
- XSAVE CPU Instructions: yes, finally eh? Should give performance improvements for certain arithmetic operations.
- CPU Microcode Updates: you can now update CPI microcode through hotfixes
Enterprise Feature XenServer 7.0 Updates
- Automated Windows VM Driver Updates: If you just want the I/O drivers (PV Drivers) you can use the Windows Update Mechanism. You need to create a new VM for this to happen, and enable Windows Update in that VM & associated Internet access. You can still use the "full" Management agent using the .iso or an .msi package. A neat feature, but do testing - I'm sure there'll be fun and games with AV software once it gets into the wild.
- Intel GVT-g virtual GPU for Windows:
- Support for SMB Storage. SMB is now an SR type: not just for ISOs If you're still incorrectly referring to SMB as CIFS, go read Stephen Foskett's excellent article, then come back. I can wait.
- Direct Inspect APIs: APIs integrated within the Xen hypervisor enable third-party security products to monitor and protect virtual infrastructures against malicious activity.
- Workload Balancing Appliance : Introduces host disk R/W I/O recommendastions
- XenServer Conversion Manager Appliance: support for Win7, Win8, Win10, and Win Server 2012 from vSphere 5.0,5.5, 5.5U2 and 6.0
XenServer 7.0 Licensing
XenServer 6.5 heralded the return of the format where licensing introduces additional features: 7.0 continues down that road. As with XS6.5, XenServer 7.0 allows you to run in an "unlicensed" state; however, you will not have access to all possible features, and you will not be eligible for direct Citrix Support. Also, might be useful to know that mixed pools of licensed and unlicensed hosts will behave as if all hosts were unlicensed: so in terms of dividing up your pools, I hope you roger that particular dodge.
XenServer 7.0 is available in two commercial editions: Standard and Enterprise. Licensing is determined on a cost-per-processor model. If you've bought XenApp or XenDesktop you continue to have an entitlement to XenServer, which includes all the features contained within the Enterprise edition. Beano that the In-Memory Read Caching feature is available only for XenApp and XenDesktop Platinum customers.
If you're on XenServer 6.1 or XenServer 6.2 they're EoM Sept 30 2016 as of the time of writing. If you have active Citrix Subscription Advantage (SA), you can trade each per-host license for two per-socket licenses.
The following table gives a comparison of features between 6.2 (with paid support), 6.5 and 7.0 options - feel free to check the homework with the XenServer 7.0 Feature Matrix :
| XenServer | |||||
| Feature |
(6.2.0) Premium |
(6.5.0) Enterprise |
(7.0) Standard |
(7.0) Enterprise |
(7.0) with Platinum XA/XD |
| 64-bit Xen Hypervisor |  |
|
|
|
|
| 64-bit Dom0 |  |
|
|
|
|
| Active Directory Integration | |
|
|
|
|
| Role based administration and auditing | |
|
|
|
|
| Multi-Server Management with XenCenter GUI | |
|
|
|
|
| Live VM Migration with XenMotion | |
|
|
|
|
| Dynamic Memory Control | |
|
|
|
|
| Host Failure Protection with High Availability | |
|
|
|
|
| Performance Reporting and Alerting | |
|
|
|
|
| Mixed Resource Pools with CPU Masking | |
|
* |
* |
* |
| GPU Pass-through for Desktop Graphics (AMD,NVIDIA) | |
|
|
|
|
| Intellicache for XenDesktop Storage Optimisation | |
|
|
|
|
| Live Memory Virtual Machine Snapshot and Revert | |
|
|
|
|
| OpenFlow capable distributed virtual switch | |
|
|
|
|
| VMware vSphere to XenServer Conversion Utilities | |
|
|
* |
* |
| Support for Intel TXT | |
|
|
N/A | N/A |
| Hotfix Deployment Using XenCenter | |
|
* |
* |
* |
| GPU Virtualisation (vGPU) | |
|
|
* |
* |
| Dynamic Workload Balancing & Audit Reporting | Retired | |
|
* |
* |
| Export Pool Resource List | N/A | |
|
|
|
| In-memory Read Caching | N/A | |
|
|
|
| Health Check | N/A | N/A | |
|
|
| PV Driver Update | N/A | N/A | |
|
|
| Docker Container Management | N/A | N/A | |
|
N/S |
| SCOM Management Pack | N/A | N/A | |
|
Platinum Only |
| Support & Maintenance | |
|
|
|
|
* - Updated in xenserver v7.0; N/A - not applicable; N/S Not Supported.
If you're running vSphere for XenDesktop or Xenapp workloads, unless you're getting the hypervisor for free, definitely worth considering saving some money and hosting those workloads on XenServer.
Anyhoo, for more information on Citrix XenServer 7.0 licensing - read the XenServer 7.0 Licensing FAQ. Be interested to hear your thoughts on that.
XenCenter & APIs
I've worked quite a bit with the XenServer 6.5 API and with a good wind and improved documentation it was pretty good. XenServer 7 introduces an internal API extension framework that enables new API calls to be added and their implementation handled by separate executables within the XenServer domain 0 environment. The idea is that this designed enables a more modular, extensible toolstack where new functionality can be added with rebuilding XAPI itself: which should be very Dandy.
In my role working for Atlantis Computing I help deliver on our strategic alliance with Citrix adding additional integration and functionality to Atlantis USX for Citrix workspaces. The Atlantis USX software defined storage solution is itself extensible so that, in combination with the new extensible XenServer API should prove very interesting. Looking forward to that.
XenCenter appears cleaner, I'd say more responsive but I've no data to back that up. In your face integration with Citrix Lifecycle Management which I've talked about before. Might be nice for there to be an option that says "Enable CLM Proxy on XenServer host" - but you've got to leave something for the 7.5 team to do right?
XenServer 7.0 - A Whole Cow Pie of Performance Improvement
XenServer 7.0 has had a significant overhaul in order to deliver on improved performance. There was the introduction of control groups (or cgroups) allowing for better allocation of resources and reducing starvation of dom0 resources, improvements in queuing, and improvements that meant adding CPU resource to dom0 improved performance rather than degraded it.
One thing item to note is that in v7, Dom0's default disk sizes have been changed. The reasoning was that by moving log files to a larger, separate partition, Citrix enable more detailed logs allowing for better support and reducing likelihood of needing that support in the first space through disk full. The new layout is :-
- 18GB XenServer host control domain (dom0) partition
- 18GB backup partition
- 4GB logs partition
- 1GB swap partition
- 0.5GB UEFI boot partition
So, for new installs (upgrades remain as the same) Citrix recommends that you allocate a minimum of 46GB disk space and install XenServer 7.0 using the new GPT partition layout. If you've been hosting XenServer on 30GB flash drives, you're going to need a bigger boat - or different install switches.
At a high level, how does this actually stack up as a difference between Citrix XenServer 7.0 and Citrix XenServer 6.5/6.2?
| Capability | XenServer(6.2.0) | XenServer(6.5 SP1) | XenServer(7.0) |
| Virtual Machine Limits | |||
| Virtual CPUs per VM | 16 |
32 (Linux) 16 (Windows) |
32 (Linux) 32 (Windows) |
| Memory RAM per VM | 128GB | 192GB | 1.5TB |
| Virtual Disk Images (VDI) (including CD-ROM) per Virtual Machine | 7 | 16 | 255 |
| Virtual CD-ROM drives per Virtual Machine | 1 | 1 | 1 |
| Virtual Disk Size (NFS) | 2TB minus 4MB | 2TB minus 4MB | 2TB minus 4MB |
| Virtual Disk Size (LVM) | 2TB minus 4MB | 2TB minus 4MB | 2TB minus 4MB |
| Virtual NICs per Virtual Machine | 7 | 7 | 7 |
| XenServer Host | |||
| Logical processors per host | 160 | 160 | 288 |
| Concurrent protected VMs per host with HA enabled | 500 | 500 | 500 |
| Concurrent VMs per host | 500 (Windows VMs) / 650 Linux (VMs) | 1000 | 1000 |
| RAM per host | 1TB | 1TB | 5TB |
| Concurrent active virtual discs per host | 512 | 2048 | 4096 |
| Physical NICs per host | 16 | 16 | 16 |
| Physical NICs per network bond | 4 | 4 | 4 |
| Virtual NICs per host | 512 | 512 | 512 |
| VLANs per host | 800 | 800 | 800 |
| Network Bonds Per Host | 4 | 4 | 4 |
| GPUs Per Host | 12 | 12 | 12 |
| Storage | |||
| Paths to a LUN | 8 | 8 | 8 |
| Multipathed LUNs per host | 150 | 256 | 256 |
| Multipathed LUNs per host (used by storage repositories) | 75 | 256 | 256 |
| VMs per SR | 600 | 600 |
20000 (NFS,SMB,EXT) or 1000 (LVM) |
| Resource Pool Limits | |||
| Hosts per resource pool | 16 | 16 | 16 |
You can find the reference documents and notes for these figures in the Configuration Limits documents here XenServer 6.2, XenServer 6.5, XenServer 7.0
Retired Features:
From what I could tell the only notice on retired/deprecated was VM templates for Windows XP and Windows Server 2003 aren't in XenServer 7.0. These guests have been retired by Microsoft; if you really must use the 'other install media' template. Other than that XenServer 7.0 release notes don't mention anything specifically - but by all means check again.
So, do you really get huge performance increases/fixes?
I have seen many graphs that say so. In my testing for some workloads I was getting between 25-50%. That said, my lab h/w isn't exactly "cutting edge". When I get access to some more recent tin I'll post results.
In the meantime, have a graph showing the VM boot up time vs number of VMs running. The verdant line works (that's the lower, smoother one colour-challenged fans) by showing the benefits of cgroups that were introduced in XenServer 7.
Yes. I am quite proud of shoehorning that reference in.
Citrix XenServer 7.0 - Dundee for Billy Whizz?
When I last spoke of XenServer 6.5 I said "If this is what you get in a minor release - what of 7? " Indeed I was one of many who suggested that it, given some key changes 6.5 should've been v7 but the practically ever responsive David Cottingham's reply "this is more than a minor release, but not a radical change".
XenServer 7.0 demonstrates what a radical change looks like. It offers increased VM density, vGPU and storage performance - key for implementing your VDI. Increased networking performance - key for hosting Netscaler and, well lets be honest, pretty much anything else. If you want more information on these new foundations Citrix's James Bulpin wrote an a very good blog providing more info on XenServer 7.0 Cool New Features, which he slipped in while I wasn't looking - the minx.
With the introduction of the Direct Inspect API Citrix haven't just packaged up an old retired feature and labelled it "new", they have a genuine never-seen-before-anywhere feature. Building on effort from Citrix, the Xen Project and most notably Bitdefender, security vendors can now build a unique class of security solution. This method uses the hypervisor to provide hardware-enforced isolation: meaning the attacker can no longer directly attack the security software. That said, still early for this feature both in terms of full functionality and people having a chance to have a proper poke at it, but for a hypervisor that many thought Citrix had given up, having such a feature shows a bold and committed direction.
The proof will be longer to out in terms of knowing numbers who have stayed rather than move to (say) Hyper-V and those who moved to XenServer from, say, vSphere. Performance and reliability are going to be key factors here. The announcement of possible data loss or corruption on xenserver 7.0 is going to cause many to wince: luckily there was a hotfix available almost the next day, but having an updated .iso package for new downloads that fixes key issues would be preferable.
It is vital going forward for XenServer to not only deliver on features that drive desktop and application delivery workloads, but to drive credentials to support server and application hosting workloads. Support for Containers, support for SCOM and improved capabilities are a start: it will be interesting to see if the XenAPI extensiblity helps here too and integration with products like Atlantis USX.
It is always a difficult subject to determine when jam arrives with regards to taxation. Still, if you're running vSphere for XenDesktop or Xenapp workloads, unless you're getting the hypervisor for free, definitely worth considering saving some money and hosting those workloads on XenServer 7.0. If you're on previous releases - definitely worth a looksee (with all appropriate patches applied) for improved performance and capability.
Enjoy
