32 vCPU limit per VM

[dkleva]

This limit is very disturbing. Modern systems have long supported a much larger number of processors (hyper-v, vmware). We use a database server on 4 socket hardware, with more than 100 cores, and are forced to look for other solutions.

[olivierlambert]

Hi @dkleva

This is likely a limit on Xen itself (I suppose). Can you ask on Xen user list? I'll see if I can ping a Xen dev on my side.

[olivierlambert]

@dkleva This is just a UI limit in XenCenter/XCP-ng center. It works in Xen Orchestra or xe CLI. Please test on your side and confirm.

[olivierlambert]

Tested myself, and I confirm it works by settings this in Xen Orchestra.

[borzel]

It's a template issue, not a bug/restriction in XCP-ng Center, because it just uses the max allowed values from the template:

# xe template-param-get uuid=552bce37-51b2-445d-84f2-5f33fa112d7e param-name=recommendations
<restrictions><restriction field="memory-static-max" max="137438953472"/><restriction field="vcpus-max" max="32"/><restriction field="has-vendor-device" value="false"/><restriction max="255" property="number-of-vbds"/><restriction max="7" property="number-of-vifs"/></restrictions>

Note here:

<restriction field="vcpus-max" max="32"/>

@olivierlambert maybe XenOrchestra should also parse that field?

[olivierlambert]

We don't want to, because we want to use more than 32vCPUs :)

[borzel]

so the route is to allow as many vcpu's as someone wants? Hmm... so you prefer to just do it and deal with errors if they occour on VM startup?

Is there a known vcpu limit on current XCP-ng 7.6 xen?

[stormi]

32 is the maximum that guarantees that an untrusted VM will not be able to do nasty things to the hypervisor. More will still work but without that guarantee.

Ideally, I think XO and XCP-ng Center should allow to go above the limit, but warn about the possible security issues (e.g. a VM managing to crash the hypervisor on purpose).