CentOS 6 Virt SIG Xen 4.6 Packages Available In CentOS-virt-xen-testing

Home » CentOS-Virt » CentOS 6 Virt SIG Xen 4.6 Packages Available In CentOS-virt-xen-testing
CentOS-Virt 21 Comments

As mentioned yesterday, Xen 4.6 packages are now available for testing. These also include an update to libvirt 1.3.0, in line with what’s available for CentOS 7. Please test, particularly the upgrade if you can, and report any problems here.

To upgrade:

yum update –enablerepo

21 thoughts on - CentOS 6 Virt SIG Xen 4.6 Packages Available In CentOS-virt-xen-testing

  • Per conversation in IRC, Xen 4.6 no longer includes xend and therefore no longer has the “xm” command. This is problematic for people who may be using xm in various scripts on their host (such as home-brewed backup scripts).

    I think it’s a bad idea to break this functionality without warning by allowing a simple “yum update” to remove it. You will take a lot of people by surprise and cause such scripts to stop working, if people are running yum cron the situation becomes even worse.

    I think that due to this lack of backwards compatibility with Xen 4.4
    and earlier versions it would be a good idea to not force the upgrade on people who are not wary of it. I propose that the new packages carry the name “xen46” and they purposefully conflict with the old “xen”
    packages. That will require people to take positive action to do the upgrade and hence avoid breaking systems unintentionally.

    Peter

  • Thanks, PJ, for your input.

    Just to be clear:

    1. In the Xen 4.4 packages (first released October 2014), xend was disabled by default; so anyone using xend at the moment has already manually intervened to enable deprecated functionality

    2. In 4.4, the first time xm was executed, it printed this warning:

  • My .02 is to stay the course.  As a server admin, I want to be able to type things like:

    yum upgrade php

        not

    yum upgrade php55-epel-rpmforge-fancy-package

    Having to remember all the idiosyncrasies of a system is what causes some type of major failure in the future whenever (1) you forget something or (2) someone else has to pick up the box to adminster.

  • Well when the last upgrade 4.2 > 4.4 went live and XM was disabled by default it took many hosts down without warning. 4.4 > 4.6 may cause the same issues. It’s a dangerous upgrade for sure. Why can’t 4.4 be LTS for C6? as it’s the last build with XM. Any XSA patches should not be hard to backport. and maybe the optional xen4.6 for C6.

  • Its my impression that as a general rule from RH once some software has been released into a major release any further release of that software does not change major version or fundamental features..

    For C6 I would argue Xen 4.2 should stay packaged as xen and Xen 4.4 be packaged as xen44 … I do not believe that Xen has been released for C7 yet so what ever package version is released should be xen and others should be xen4x.

    It provides consistency for those who expect it and upgrading for those who need it.

    Looking at a C7 with epel added. I can see python, python2 and python3.

  • It’s not a huge amount, but it is definitely time that I (and my employer) would prefer to spend on other things.

    As I’ve said elsewhere, this is a community project — so if someone wants to step up and maintain Xen 4.4 for CentOS 6, they are welcome. I do agree that it shouldn’t be a huge amount of work for someone to pick this up, now that I’ve got the basic setup. (And I’ll definitely still be around to help.)

    If someone wanted to step up and maintain the 4.4 xen packages, I’d be happy to hand that off, and just have xen46 for C6 and xen (v 4.6) for C7.

    -George

  • They started bringing this up before the 4.4 release .. that one had to move from xm to xl. They also gave instructions:
    ====================================================
    from the wiki:

    Xen-4.4 and libxl

    Note: All versions of Xen before version 4.4 had xm and xend enabled by default. The xen-4.4.1 (and newer) rpms instead enable xl support and no longer use xend. Please see /MigratingToXl for details on how to migrate from em rpms older than 4.4.1 to the new version
    ====================================================

    Here is the link to /MigratingToXl

    https://wiki.CentOS.org/HowTos/Xen/Xen4QuickStart/MigratingToXl

    So, I would say people need to migrate to xl anyway.

    Well, the problem with that is xenproject.org does not maintain their old releases forever either.

    How long will they release patches to 4.4?

    It is already listed as unsupported, with 4.5 and 4.6 the only supported versions.

    They have been releasing 4.4 patches recently .. not sure how much longer that will happen. Once they stop putting out 4.4 patches for XSAs, then it becomes difficult as the things they release for 4.5/4.6
    will not necessarily work on 4.4 or below.

    George, do you know?

  • This is a community SIG .. and xenproject.org does NOT release XSAs for
    4.2. The goal of Xen4CentOS was to use an upstream LTS kernel and update those as required to stay on an LTS. Also to do every second point release of xen (ie, 4.2, 4.4, 4.6). All so we are longer term than upstream, BUT we have supported code from upstream.

    So, the goal is to use supported code for the longest amount of time the upsreams support them. For xenproject.org .. they support the two newest releases. For kernel.org, they do a new kernel LTS about every 2
    years.

    We don’t have 5000 engineers to maintain community SIGs like they maintain the distro. We have to have supported code from upstream projects.

  • So what does this mean ..

    xenproject.org supports 4.6 and 4.5 right now. (last 2 releases).

    When they release 4.7 then they will support 4.7 and 4.6 and drop support for 4.5 .. and we will keep 4.6 active.

    When they release 4.8, they support 4.8 and 4.7 and drop support for
    4.6. At this point we will release 4.8 as an upgrade to 4.6.

    If we want to get XSA patches, that is what we have to do. And we certainly want to continue doing security patches.

    The alternative is we need dedicated engineers to figure out older things differ from the supported versions and how to backport code. As you move further from the supported version this becomes harder and harder.

    If there are people who want to do this .. and if we can be sure they will do it for the long term, then maybe and older long term support can be created .. however, it becomes harder to maintain as time goes on.

    Xen Project 4.4.0 was released on March 10, 2014 .. so that is basically
    2 years on a major version. That also corresponds to the LTS kernel time frame. That is the best we can do and maintain supported upstream code.

  • This isn’t exactly right.

    Recent releases have 18 months of “support” (meaning, bug fixes are backported), and then another 18 months of “security backports”, which means only XSAs are backported [1], regardless of when or how many releases have been made. It just happens that most releases recently have ended up taking about 9 months, which means at any given time you have 2 in ‘active support’; but that’s mostly a coincidence. :-)

    So 4.4 won’t be getting any more point releases, but it should continue to get XSAs through March 2017. (This table [2] has it ending in March 2016, but I’m pretty sure that’s a mistake.)

    -George

    [1] http://wiki.xenproject.org/wiki/Xen_Project_Maintenance_Releases

    [2] http://wiki.xenproject.org/wiki/Xen_Project_Release_Features

  • Cool. I do know that our target goal was every second release.

    I would be for maintaining releases as long as there are XSAs for them
    .. obviously as long as we have people to maintain them.

    The 3.18.x LTS kernel has support until Jan 2017. Then we will pick one with the longest lifetime and shift.

    Thanks, Johnny Hughes

  • My comment was targeted more at naming than support.

    I appreciate that there are vanishingly few resources to throw at support.

    I am glad to see any xen support for C7 and am thankful of all those who are putting in time to make things happen. I try to help out when I can but it is all too infrequently.

  • Yes, that’s the way I understood you. :-) It’s an interesting model to consider; as I said earlier, making that the standard (either always having “xen44”, “xen46”, “xen48”, or starting with “xen” and then major upgrades getting renames as you suggest) has certain advantages if we ever go the manpower to maintain two different versions.

    -George

  • The Xen Project does large of testing of Xen before updates and releases; and I do a basic amount of smoke-testing before sending an update. But I don’t really have the resources or the ability to do the kind of extensive testing which would allow me to recommend automatically pulling updates without testing them first, nor do I
    envision any SIG ever having that amount of resource. If that’s the kind of support you want, you might want to consider paying for either XenServer or SLES. :-)

    -George

  • My inclination is towards a naming scheme like xen46, xen48, etc + a meta package that always depends on the latest. It should be more obvious when there’s a major upgrade, and those who can’t afford a major upgrade can uninstall the meta package.

    For the record, we have no particular desire for xen 4.4 but haven’t done enough testing to say xen 4.6 is good yet.

  • Xen4CentOS was first available in CentOS 6.4 with Xen 4.2, so we really need to look back that far. You may be right here, though, because Xen
    4.2 was the first version of Xen that used xl by default. xl was still new at the time, though, and there were admins, especially ones who were migrating from a CentOS 5 based Xen, who would have preferred XM and were already using XM in other installs, so xm would have still seen widespread use at the time. That means that those boxes could very well still be using xm now.

    The warning was not in Xen 4.2 or 4.3. Considering that it is reasonable for someone to expect enterprise-like behavior from an enterprise distro, one would not assume that XEND would just disappear overnight.

    There are some notable differences that can break compatibility in many cases:

    1. xl does not support the “xl create foo” syntax, one must now use,
    “xl create /path/to/foo.cfg”. This I can actually see breaking compatibility for a *lot* of people.

    2. xl requires those that use the old xend networking setup to switch to a distro-based networking setup. This can be a serious undertaking for someone running a production machine with the easy possibility of breaking networking and requiring either OOB or physical access to the machine to fix. Therefore this in itself means that someone should be able to plan for the upgrade at a convenient time rather than having it sprung on them with a “yum update”.

    3. Config files no longer support embedded python.

    …There are additional incompatibilities that could bite an unwary admin in the ass.

    These are certainly concerns, but there is precedence for doing it this way:

    mysql (5.0), mysql51, mysql55 in EL5. bind (9.3), bind97 in EL5.
    …etc

    These are all cases of Red Hat offering newer versions without wishing to break older installs, and at least in the case of mysql, dropping support for the older version alltogether, but still doing it in a way that doesn’t *force* the admin to upgrade and break their systems as a result.

    I do believe that looking to what Red Hat has done in the past is appropriate when determining what action to take ourselves as people expect the same level of stability from CentOS, and consequenty Xen4CentOS.

    This is true, and I’d leave that choice up to you.

    Peter

  • Hello

    I’ve attempted to upgrade today to xen 4.6 ( because of something which seems to be a reincarnation of http://lists.xen.org/archives/html/xen-devel/2014-01/msg02259.html ) and I noticed that the new xen-runtime package tries to bring in a whole bunch of other packages:

    Installing for dependencies:
    atk x86_64 1.30.0-1.el6 base 195 k
    avahi-libs x86_64 0.6.25-15.el6 base 55 k
    cairo x86_64 1.8.8-6.el6_6 base 309 k
    cups-libs x86_64 1:1.4.2-72.el6 base 321 k
    fontconfig x86_64 2.8.0-5.el6 base 186 k
    freetype x86_64 2.3.11-15.el6_6.1 base 361 k
    gdk-pixbuf2 x86_64 2.24.1-6.el6_7 updates 501 k
    gtk2 x86_64 2.24.23-6.el6 base 3.2 M
    hicolor-icon-theme noarch 0.11-1.1.el6 base 40 k
    jasper-libs x86_64 1.900.1-16.el6_6.3 base 137 k
    libXcomposite x86_64 0.4.3-4.el6 base 20 k
    libXcursor x86_64 1.1.14-2.1.el6 base 28 k
    libXft x86_64 2.3.1-2.el6 base 55 k
    libXi x86_64 1.7.2-2.2.el6 base 37 k
    libXinerama x86_64 1.1.3-2.1.el6 base 13 k
    libXrandr x86_64 1.4.1-2.1.el6 base 23 k
    libXrender x86_64 0.9.8-2.1.el6 base 24 k
    libthai x86_64 0.1.12-3.el6 base 183 k
    libtiff x86_64 3.9.4-10.el6_5 base 343 k
    pango x86_64 1.28.1-10.el6 base 351 k

    Is this really needed ?

    wolfy

  • Those kinds of dependencies are automatically generated by rpmbuild based on the linkages of the actual libraries.

    I agree it would be nice to minimize the dependencies; but that would take someone sitting down and figuring out which features / components
    / libraries / whatever were causing the dependencies, and either disabling them or moving them to a separate package. I don’t have time to do that at the moment; but I would be happy to help someone else do so, and review pull requests to the xen package repos at https://github.com/CentOS-virt7/xen.

    -George

  • The packages are built in mock (a clean buildroot with only required packages) … so only things called out as required by the spec file is in the build root.

    We can look at the build root log here:

    http://bit.ly/1T4NGvy

    Searching for this line in the log:

    Getting requirements for xen-4.6.0-9.el6.src

    It seems that SDL-devel, ghostscript, libX11-devel and gtk2-devel are build requirements for xen-4.6 packages from that root.log .. so that adds in all the X and gtk devel packages for linking against.

    Looking at the spec file:

    http://bit.ly/1SSRxu5

    In Lines 105 to 108, those requires are there, so they are going to pull in all the X and GNOME devel files that get linked against, so if those spec file dependencies are requires, the links will be produced.

    I don’t see any way to get rid of those requires unless one redesigns the packages.

    Thanks, Johnny Hughes

  • BTW, we had a discussion about this particular idea at the Virt SIG
    meeting, and KB said that different naming of packages like this can cause dependency problems. For example, a package depends on
    “xen-version >= $N” will fail because as far as rpm is concerned, you don’t have package ‘xen’ installed at all.

    Another idea is to keep separate repos, and then have
    “CentOS-release-xen-$VERSION”, which would always point to $VERSION, and “CentOS-release-xen”, which would always be the newest version. That might satisfy both types of people.

    -George

  • You explicitly provide it:

    Provides: xen-%{version}-%{release}

    This has the added benefit that once “xen” is removed from the repo, attempts to install “xen” will actually install “xen46”.

    I’m rather surprised that kb didn’t know to do that.

    Peter