XenServer cleanup [EN]

Speaking about XenServer again. Recently i had to fix its certificates because of the recent Windows update. This also reminded me about a long standing issue with Control Domain disk running out of space. XenCenter was showing alert messages for some time stating that this storage was already at 96, 97 and last time at 98%. It’s annoying that it doesn’t show this storage details anywhere in the XenCenter GUI (or i haven’t found). Because this is an internal XenServer’s disk, used for configuration, logs, etc. I’ve read that space may be occupied by logs. So i went out on a hunt. Here’s how to deal with this:

Control Domain disk can run out of space after running XenServer for a long time. Our server is in duty for 5-6 years and we never cleaned it up.

First you need to connect to its local shell. Either directly (if monitor is connected) or via SSH. Login with root.
Go to /var/log/
Run command: du -sh (it will show how much space does your log folder take; it was 1.7 GB in our case)
Additionally ls -lh will list all files in that folder with a readable size values (MB or GB)
Then delete logs with a force switch (you may want to leave some logs, but i just wiped them all as this is just a testing box):
rm SMlog* -f
rm xensource.log* -f
rm messages* -f
rm xenstored-access* -f
Run du -sh to see how much space have you freed. In my case it was around 1.5 GB.

Fixing SSL error when accessing XenServer after KB3175024 update [EN]

We’ve been using Citrix’s XenServer at work for probably 6 years now (originally Citrix, now it is Open Source and not run by them). But we were too lazy to upgrade to the newest version. Because it is time consuming and would take lots of effort to migrate current machines. But mostly, we were lazy 🙂 So, we are still on 5.6 version (i think). This month Microsoft has released a Windows update KB3175024, which probably made all certificates using less than 1024 bits of encryption not secure and made apps trying to access services, which were still using such certificates, go bonkers. So, trying to access our XenServer from a Windows application XenCenter resulted in a TLS\SSL error. Windows Event Log also was collecting useless Schannel errors (yeah, errors just giving some random numbers are very useful). XenServer is using 512 bits keys by default (and from what i have gathered browsing Xen forums, even newest versions are affected by this). Combining tips from several sources i have compiled a little guide to overcome this issue. On a plus side, this made me use SSH (to access our XenServer) and refresh my Linux cmd skills a bit 🙂 Read More