Issue date: 2017-11-17
Affected products: Virtuozzo 7.0
Virtuozzo Advisory ID: VZA-2017-103
The Update 6 for Virtuozzo 7.0 provides new features, security fixes as well as stability and usability bug fixes.
2. Security Fixes
- [Low] Downloadable ISO images of Virtuozzo as well as their MD5 and SHA256 checksums can now be verified against the GPG key stored at a secure location. For more details, see https://docs.virtuozzo.com/keys/. (PSBM-69459)
3. New Features
- Simpler high availability (HA) cluster setup. The 'hastart' script is introduced that automates operations required to set up a HA cluster. (PSBM-60692)
- Virtual environments residing on Virtuozzo Storage now keep their home paths after migration by default. (PSBM-67853)
- abrt is now configured to automatically send crash notifications to Virtuozzo (for more information, see https://help.virtuozzo.com/customer/portal/articles/2894186). (PSBM-67969)
- Improved host ownership identification for containers. The 'SERVER_UUID' parameter is added to '/etc/vz/vz.conf'. This unique server identifier is randomly generated and set when the 'vz' service starts. It is used to identify host ownership of containers on shared storage and provide access to their disks. This parameter is now required for creating HA clusters. (PSBM-69099)
- Support for passing through block devices to containers. (PSBM-71385)
- The 'ntp' package is installed by default. NOTE: In Virtuozzo 7, time synchronization via NTP is enabled by default using the 'chronyd' service. If you want to use 'ntpdate' or 'ntpd', stop and disable 'chronyd' first. (PSBM-72304)
- Rebase to the RHEL7.4 kernel 3.10.0-693.1.1.el7. RHEL7.4 is a major update bringing a number of features, bug fixes, and support for new hardware. (PSBM-69674)
- E-mail notifications configured in the Virtuozzo Storage management panel. It is now possible to receive e-mails about cluster alerts, including license expiration, node/disk failure, and such.
- Quality of service for iSCSI in Virtuozzo Storage. It is now possible to set limits on IOPS and network bandwidth per iSCSI target.
- S3 geo-replication in Virtuozzo Storage. Virtuozzo Storage can now store and keep up-to-date replicas of data in multiple geographically distributed datacenters with S3 clusters based on Virtuozzo Storage. Geo-replication works in the Active-Active mode.
- Custom SSL certificates for the Virtuozzo Storage management panel. Users can now install custom SSL certificates via the management panel to enable secure access to it.
4. Bug Fixes
- Without guest tools, VM could fail to start immediately after being stopped. (PSBM-58438)
- Attempting to compact a disk of a running VM will now result in an error message and the disk itself will remain healthy. (PSBM-59958)
- Could not install guest tools on Ubuntu 14.04.5 with kernel 4.4.x. (PSBM-62068)
- sysinfo() could return 0 for uptime if called from a Virtuozzo 7 container. (PSBM-62094)
- It is now impossible to try to use the same IP address for the management panels of both Virtuozzo Automator and Virtuozzo Storage. (PSBM-65770)
- Container restore could fail due to insufficient memory. (PSBM-67194)
- Some Virtuozzo 6 containers with 'kmemsize' limit could experience performance issues on reaching said limit. (PSBM-69226)
- VM disks could become misconfigured after migration, making the VM itself unbootable. (PSBM-69333)
- Nested CPU groups did not inherit container CPU limit. (PSBM-69678)
- An "invalid ctid" error could accidentally show up in logs while creating a container in Virtuozzo Automator or command line. (PSBM-69807)
- The number of mounts in a container was counted incorrectly. (PSBM-69880)
- SDK calls for setting CPU limit in MHz did not work. (PSBM-70011)
- Node and containers on it could become unresponsive due to memory allocation issues. (PSBM-70540)
- Container could hang in the "zombie" state due to CRIU being stuck while getting memory pages for one of container's processes. (PSBM-70832)
- After starting VNC in a container, the first attempt to connect to container's VNC console via websocket could fail. (PSBM-72293)
- VM with Virtuozzo 7 as a guest could hang due to enabled paravirt locks. (PSBM-72313)
- Incomplete instructions for detaching backups. (PSBM-72537)
- The '--skip-dump' option was renamed to '--skip_dump' in Virtuozzo 7. (PSBM-72748)
- vzpkg was unable to access repositories via HTTPS. (PSBM-73171)
- Node could become overcommitted due to PDRS not taking into account some of the used RAM. (PSBM-73680)
- Unable to migrate VMs with passthrough iSCSI disks. (PSBM-75103)
- Virtuozzo 7 nodes could not boot if more than 3 software RAIDs were created during installation. (PSBM-75522)
- Node could become unresponsive due to memory reclaim issues. (PSBM-70556, PSBM-75563)
- Remote backup of a VM with a large virtual disk but much less actual data could take too long due to incorrect handling of zeroes by qemu-nbd. (PSBM-75655)
- Could not enable/disable quotas for running containers. (PSBM-75676)
- Daily backups of Virtuozzo Storage management panel were not created due to a typo in crontab. (PSBM-75702, VSTOR-4946, VSTOR-4997)
- Copying a virtual environment with a large disk (over 2GB) could result in kernel lockup. (PSBM-76102)
- vzlicmonitor could log "license limit exceeded" messages for unlimited licenses. (PSBM-76143)
- Unable to use virtual networks with whitespaces in the name. (PSBM-76536)
- Unable to manually create LVM partitions while installing Virtuozzo 7 due to memory-related issues in anaconda. (PSBM-76752)
- VNC could stop working after VM live migration. (PSBM-76753)
- Other fixes. (PSBM-56275, PSBM-72109, PSBM-72350, PSBM-75112, PSBM-75515, PSBM-75639)
5. Installing the Update
Install the update by running 'yum update'. IMPORTANT: Update of Virtuozzo Storage management panel from v2.2 to v2.3 must be performed from the console inside the container 'vstorage-ui' as follows: 'yum clean all && yum update -y'.
The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-103.json.