Chapter 6. RHSA-2014:0038 - rhevm

The bugs contained in this chapter are addressed by advisory RHSA-2014:0038. Further information about this advisory is available at https://rhn.redhat.com/errata/RHSA-2014-0038.html.

ovirt-engine-backend

BZ#961154
When a host was put into maintenance mode, not all virtual machines on the host were migrated. Now, if a virtual machine encounters an input/output error during migration, the migration is aborted by default.
BZ#971812
When virt-v2v converted a virtual machine from a foreign hypervisor such as Xen or VMWare, it set the vm_snapshot_id of all the virtual machine's disks to an empty guid. This caused erroneous disk IDs to be assigned to virtual machines when snapshots were created. Now, the engine checks if the snapshot ID is empty and provides an error message, preventing snapshot mismatch errors.
BZ#971237
Previously, the getdisksvmguid() procedure would consume a large quantity of available CPU resources due to the inclusion of a large volume of irrelevant data in database queries, causing those queries to be slow. With this update, queries now only retrieve relevant data, increasing the speed of queries.
BZ#949281
This update introduces a new PrepareForHibernation virtual machine status, which denotes that a virtual machine is about to hibernate but VDSM had not yet saved its memory state. The status changes to SavingState when the 'hibernate' verb is called in VDSM and VDSM reports back that it has started migrating to the file.
BZ#950768
Previously users could edit the USB policy while the virtual machine was running, which could lead to errors in running the virtual machine. Now, the USB policy can only be edited when the virtual machine is down, preventing users from attaching a new USB device without detaching the old one.
BZ#953501
When creating a virtual machine from a template with a disk image, the virtual machine's disk inherited the template disk's quota setting, even if the user creating the virtual machine did not have access to that quota. Now, when the template disk quota is enforced, virtual machines cannot be created from the template with disks. If this is attempted a null pointer exception is raised.
BZ#1004066
Previously, sound devices would not be found when restoring the configuration of a stateless virtual machine, resulting in a new sound device being added. This would result in new sound devices being added to stateless virtual machines each time those machines were started, eventually preventing them from starting. With this update, the code that searches for sound devices has been updated so that sound devices are now correctly discovered when restoring stateless virtual machines, and no new sound devices are created. Stateless virtual machines now only have a single sound device and will not experience any issues due to sound devices after being started multiple times.
BZ#1029106
Retrieving a list of virtual machine templates required a long time when there was a large number of templates, which also resulted in a long time to create virtual machines from templates. This update improves the performance of the search query for templates by a factor of 5, so creating virtual machines from templates is now faster.
BZ#1006659
Previously, pre-started Windows virtual machines in a virtual machine pool would not run sysprep when they start for the first time. With this update, pre-started Windows virtual machines in virtual machine pools now run sysprep correctly when they start for the first time.
BZ#782526
A failure in the virtual machine hibernation process (for example, a VDSM hook error) caused the virtual machine to be stuck in a 'Saving' state, even though it is actually 'Up'. Only restarting the Manager could resolve this issue. A new internal status has been added to flag different phases of the hibernation process, allowing better recovery. Now, the virtual machine returns to the 'Up' state when the hibernation process fails, allowing users to continue using the virtual machine as normal.
BZ#1024654
To prevent the risk of split brain incidents on Red Hat Storage domains, the use of shareable disks on Red Hat Storage domains is disabled. Attempting to create a shareable disk brings up a warning in the administration portal which recommends the use of Quorum on the Red Hat Storage server to ensure data integrity.

Note that this policy is only applicable for Red Hat Storage domains created as a Red Hat Storage domain type. This policy is not enforced on Red Hat Storage domains created on a POSIX domain with GlusterFS specified as the virtual file system type.
BZ#975191
A highly available virtual machine with an attached CD could not restart after the host on which it was running was fenced, and if there was no Storage Pool Manager. This was because the ISO prefix, which is needed for the CD-ROM path setting to run the virtual machine, was queried from the SPM. Now, the ISO path is queried from the destination host, and determined using priority values in descending order, which makes the process more efficient. Virtual machines can now migrate successfully after host fencing.
BZ#968311
The is_initialized flag was ignored on virtual machines belonging to a pool, so custom sysprep files could not be applied on pool virtual machines if they were created through the user portal. This fix sets the is_initialized flag to false, so custom sysprep files work as expected on pool virtual machines.
BZ#1023131
After attempting to cancel multiple live migrations, some virtual machines were killed. To fix this, when the migration is cancelled, libvirt raises an error to prevent the operation from proceeding, which also avoids calling the destination VDSM to create the virtual machine instance.
BZ#1015638
Previously, pre-started virtual machines in a virtual machine pool would sometimes remain in an image locked state after being shut down. This was caused by a race condition in asynchronous task handling that would occur when the Red Hat Enterprise Manager attempted to start a pre-started virtual machine while that virtual machine was being shut down. With this update, shared resources are now locked correctly, allowing pre-started virtual machines in virtual machine pools to be stopped and started without issue.
BZ#1016408
Previously, OpenSSL would used special characters to build the subject field of certificates for Hypervisors being attached to the Red Hat Enterprise Virtualization Manager, resulting in an invalid subject when such characters were present. With this update, special characters are now escaped, allowing the subject to be produced as required.
BZ#967268
Previously, the vm-devices feature included when upgrading from Red Hat Enterprise Virtualization 3.0 would cause the 'boot' flag on virtual machine disks not to be taken into account during the upgrade process. On virtual machines with more than one disk, this would sometimes result in a different disk being used as the boot disk after the upgrade, preventing those virtual machines from starting. With this update, the upgrade script now takes the 'boot' flag into account and retains the same boot disk after the upgrade is complete, allowing virtual machines with more than one disk to start without issue.
BZ#1018201
The CPU pinning option is now available for virtual machines running on the Local on Host type data center, and is enabled by default even if the virtual machine is not pinned to the host.
BZ#908327
Previously, if importing a virtual machine failed for any reason, then trying to re-import the virtual machine again failed, stating "the Storage Domain already contains the target disk(s)". Only manual removal of the disks from the storage domain would allow the virtual machine to be re-imported properly. Now, if a virtual machine fails to import correctly, the disks are removed from the storage domain automatically and the virtual machine can be re-imported.
BZ#991787
Previously, the MaxVmNameLengthWindows configuration option would be ignored, resulting in a hard-coded limit of 15 characters being imposed on the names of Windows virtual machines. With this update, the value of the MaxVmNameLengthWindows configuration option is now read correctly, allowing administrators to define Windows virtual machines with names longer than 15 characters if the configuration option allows it.
BZ#1010963
Previously, users needed import-export permissions on a virtual machine to remove it from the export domain. This was problematic if the virtual machine to be removed did not exist on the system. Now, the 'delete vm' permissions have to be conferred on the user for the export domain, so users can now delete virtual machines from the export domain even if they do not exist in the database.
BZ#958766
Scanning an export domain marked as Up while the share is not available executes an SPM command which will attempt to perform failover in case of failure. This command was issued every 5 seconds, causing the requests to pile up and perform multiple failovers. Now, the automatic refresh is replaced with a manual refresh button, which decreases the number of failover attempts.
BZ#890568
This feature provides support for a branding configuration file that allows administrators to configure the look and feel of Red Hat Enterprise Virtualization, including branding, and override certain text displayed to end users. With this feature, administrators can now install an external package that will override logos, titles and certain colors in the welcome page, Administration Portal and User Portal.
BZ#957703
When a virtual machine disappeared or crashed during a Live Storage Migration, the newly created image on the destination storage domain was not cleaned up, preventing future migrations. Now the images on the relevant storage domain are properly removed.
BZ#955498
A desktop virtual machine imported from version 3.0 did not have any sound devices. This update adds a check to the virtual machine and adds sound devices if it is a desktop machine.
BZ#1002664
Failure to remove volumes from an import domain marked the imported volumes on the data domain as illegal. With this update, the engine now checks if the parent command is an image or template removal command before setting the volume as illegal.
BZ#863211
This update introduces two parameters that control the time required to react when there are connection issues. The vdsConnectionTimeout parameter sets the amount of time allowed for establishing connections for hosts before timing out. The vdsRetries paramter sets the number of times to retry host operations when there are I/O errors.
BZ#1032807
Previously the snapshot manager attempted to remove disks that are not part of a snapshot. Now, if the device is not a disk known by the engine, it is not removed, similar to the behavior of non-snapshot disks.
BZ#1000789
Previously a non-initialized array caused a null pointer exception when trying to create a virtual machine from a template without disks. This exception is now handled correctly, so virtual machines can be created from a template without disks.
BZ#859727
This update introduces a search field that allows a user to search only for users (type = user) or groups (type = group).
BZ#971020
Previously, engine-setup would not enforce umask or explicitly apply file attributes, resulting in an unusable installation if an administrator set up a custom umask. With this update, the expected umask is now enforced at the beginning of the setup process, resulting in a usable installation regardless of the umask.
BZ#982707
When extending a LUN-based storage domain, the Manager attempted to connect all the hosts to the LUN. If one or more hosts fail to access the chosen LUN for the extension, the Manager attempted to disconnect all hosts from the target. Now, if the connection ID is null, the Manager loads it from the database, to prevent disconnection from targets that are used by other LUNs.
BZ#927342
When creating a template from a virtual machine which has disks in multiple storage domains, the disk allocation table selected the first storage domain as the default storage domain, causing all disks in the template to be created on the single storage domain regardless of where the original disks resided. Now, the disks are created according to where the original disks resided.
BZ#982527
Previously, certain disks and permissions would be left in the database after forced removal of a storage domain or storage pool, resulting in partial titles remaining visible in the Permissions tab of the details pane for the User tab. With this update, the forced removal procedure has been updated to include the deletion of all disks and permissions from the database.
BZ#962587
The 'Refresh Capabilities' button is now available on the 'Hosts' tab of the administration portal. This allows the administrator to obtain updated network configuration (such as available NICs) from the host.
BZ#1026835
When deleting a snapshot, the volume was extended by 10% to allow for additional qcow2 metadata. This was not necessary in cases where the volume was very large, for example a 1TB volume would be allocated 100GB when it only needed 10GB. This update adds an autoshrink capability which shrinks the resulting merged volume after deletion of a snapshot.
BZ#979036
Previously, the value of the SpiceReleaseCursorKeys configuration key would not be localized in the front end if changed by engine-config. This would result in an exception that prevented users from accessing the console of virtual machines. With this update, front-end support for the SpiceReleaseCursorKeys configuration key has been added, making it possible to change the value of this configuration key using engine-config and continue to access the console of virtual machines.
BZ#891056
The configuration of the management bridge on the host was moved from ovirt-host-deploy phase into the engine for the 3.3 cluster level. Once the host is installed, the engine will configure the management network according to its logical definition on the data center level.

Previously, the ovirt-host-deploy created the management bridge using more primitive methods compared to the engine capabilities. This lead to higher chance of fail, failure to revert or having incorrect network settings.

As a side effect and by trusting the engine to be able to recover from invalid network configuration, the host reboot is no longer required as the last step of the host installation.
BZ#920535
Previously, attempting to import a raw sparse disk to a block domain would result in a generic error message being displayed. The content of the error message displayed when attempting an unsupported import action has been updated to provide additional information on disk configuration and storage domain compatibility.
BZ#879904
The engine performed reverse DNS lookups of IP addresses when it failed to connect to the database. This includes looking up its own name and delaying the rest of the operations, including the deployment of the connection pool, which raises a null pointer exception in the administration and user portals. This update modifies the engine so that it locates the data source in a loop and retries until it is successful .
BZ#614859
A description field has been added for storage domains. Users can describe storage domains using the field in the administration portal and REST API.
BZ#953614
After setting UserSessionTimeOutInterval value, automatic logout did not always happen after the specified period for inactivity, it took much longer than the time set. This update adds the UserSessionTimeOutInvalidationInterval parameter which invalidates the session timeout after a specified amount of time has elapsed and the logout has not occurred. The actual timeout value will be between the times set for both parameters.
BZ#922504
The audit logs now distinguish between regular and force removal of data centers, which mirrors existing behavior for storage domain removal.
BZ#995501
Previously, it was possible for separate users to attempt the installation, upgrade or approval of a single virtualization host at the same time, or for a single user to to fire such events multiple times by clicking a button more than once in succession. This would result in the same action being performed concurrently on the virtualization host, causing conflicts in processing. This feature locks hosts during the installation, upgrade and approval of virtualization hosts, preventing these actions from being run concurrently.
BZ#974066
All virtual machine operating system properties (from vdc_options and VmOsType.java enum) are now merged in one file-based repository which is external to the code. This makes it easier for administrators to extend and configure operating system information.
BZ#999878
Previously, a race condition would occur while loading the Import Template(s) window, preventing the window from loading and making it impossible to import templates via the Administration Portal. With this update, server calls are now serialized correctly, making it possible to import templates using the Import Template(s) window.
BZ#962177
Previously, the data warehouse would assume that the engine was not running when all hosts registered in the engine were non-resposive because the engine would not update their data. This update introduces a data warehouse heartbeat job that lets the data warehouse know that the engine is active even when all hosts are in a non-responsive state. The heartbeat job functions by periodically updating the status in the database to notify the data warehouse that the engine is active. The interval for updating the heartbeat can be configured via engine-config using the DwhHeartBeatInterval variable.
BZ#848072
When an SSH session is established with a host, the Manager extracts the destination host key fingerprint before authentication, and validates this fingerprint against the expected host fingerprint. If the fingerprints do not match, the Manager disconnects the host and fails host installation. This implementation prevents credentials or sensitive data from being exposed during host validation.
BZ#962162
Previously, only user name and password authentication was supported for host installation and upgrade. With this update, public key authentication is now supported. This feature provides a higher level of security, streamlines subsequent authentication, and reduces the possibility of man-in-the-middle attacks by displaying and retaining the SSH public key fingerprint of remote hosts.
BZ#987783
Previously, live storage migration of unplugged disks on a running virtual machine would fail. With this feature, administrators can now migrate unplugged disks on a running virtual machine as though the virtual machine was offline. Furthermore, errors messages are now displayed when attempting to migrate a mixture of plugged and unplugged disks to notify administrators that such operations are not permitted.
BZ#974982
Previously, it was not possible to set the engine time zone using engine-config. With this update, engine-config can now be used to configure the time zone via two keys: DefaultWindowsTimeZone for Windows virtual machines, and DefaultGeneralTimeZone for all other virtual machines.
BZ#947977
Red Hat Enterprise Virtualization Manager now supports a virtual watchdog device which can be used to pause, reset, dump a guest. The watchdog model and action options can be set from the New Virtual Machine -> High Availability tab in the administration and user portals.

Note that in order to use the watchdog device you need the relevant drivers depending on the guest operating system.
BZ#873795
With this feature, the Edit Virtual Machine window now uses the default time zone specified in engine-config. The default time zone used in the window corresponds to the DefaultWindowsTimeZone key for Windows-based virtual machines and the DefaultGeneralTimeZone key for all other virtual machines.
BZ#920694
Previously, deactivating the master domain and concurrently putting all hosts in maintenance left the hosts non-operational upon activation. With this update, a host that runs through InitVdsOnUp does not attempt to reconstruct. In case of failure during ConnectStoragePool, the host fails in initializeStorage only if the master domain is not in an inactive or unknown status and if the exception was not an XmlRpcRunTimeException.
BZ#967327
Red Hat Enterprise Virtualization Manager now supports OpenLDAP as a domain provider, with the following conditions:

1. Kerberos must be installed and co-hosted with the OpenLDAP server.

2. The ldif files must be installed. 

Run the following commands to add the cosine and inetorgperson schemas:

# ldapadd -H ldapi:/// -Y EXTERNAL -f /etc/openldap/schema/cosine.ldif
# ldapadd -H ldapi:/// -Y EXTERNAL -f /etc/openldap/schema/inetorgperson.ldif

Add the memberof overlay: 

# cat > memberof.ldif <<'.'
dn: cn={0}module,cn=config
objectClass: olcModuleList
cn: {0}module
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}memberof.la

dn: olcOverlay={0}memberof,olcDatabase={2}hdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: {0}memberof
.

# ldapadd -H ldapi:/// -Y EXTERNAL -f overlay.ldif

3. The field used to query for groups is groupOfNames, and the field for users is uid. 

4. The field used to map returned results to engine entities are:
- For group: entryuuid , memberof
- For user: entryuuid, givenname, title, mail, sn, memberof, uid
BZ#872719
External systems and plug-ins can now log their events in the application Audit Log. This feature allows administrators to view events linked to external tasks using the same mechanism as application events.
BZ#967987
This update enhances logging of the JndiAction class in debug mode, which enables users to view more detailed information on the query path, URI and user for performing the authentication and ticket creation.
BZ#967604
When the host reported the ISO or Export domain as problematic during the InitVdsOnUp flow, it did not move to status Up. When ISO or Export domains are reported as problematic by some of the hosts those hosts remain Up and do not move to NonOperational. The behaviour between these two flows have been unified, so when hosts report ISO or Export domain as a problem, it does not stop the host from moving to Up.
BZ#917586
With this update, the ovirt-engine configuration file located in /etc/sysconfig/ has been migrated to /etc/ovirt-engine/engine.conf. This is because the configuration file is not only used by the ovirt-engine service, but by other tools as well, and because the /etc/sysconfig/ directory is not common in distributions other than Red Hat Enterprise Linux.
BZ#967328
This feature adds a new step to the flow of automatic fencing whereby non-responsive hosts are made responsive again faster and without having to perform real fencing. With this feature, VDSM is restarted using an SSH connection when a host is non-responsive, and real fencing is executed if this restart does not make the host responsive again. For more information, see http://www.ovirt.org/Automatic_Fencing#Automatic_Fencing_in_oVirt_3.3
BZ#968900
This update changes the way asynchronous task placeholders are cleared on server restart for commands that are partially submitted to VDSM. For example, if a task has 4 placeholders and only 2 have been submitted to VDSM, the database has two tasks with VDSM IDs respectively and 2 tasks with empty IDs. When the server is restarted the task placeholders with empty VDSM IDs are removed from the database, and the tasks which have VDSM IDs are added to a partially completed tasks list. Once polling is done they are removed from the database.

ovirt-engine-config

BZ#1003117
Previously, administrators were not able to use engine-config to define whether communication between the Red Hat Enterprise Virtualization Manager and hosts was secure. With this update, administrators can now use engine-config to define whether communication is secure with the EncryptHostCommunication configuration key.
BZ#1037894
Previously, using the rhevm-manage-domains action=edit command for LDAP servers did not work as the changes were not stored at the proper location at the vdc_options table. This fix specifies the correct location for storing the changes, so edits to the LDAP server can be made using the rhevm-manage-domains tool.

ovirt-engine-restapi

BZ#674521
Previously in the REST API, it was not possible to view a list of clusters for a data center. With this update, a clusters sub-collection has been added to data centers, making it possible for administrators to retrieve a list of clusters belonging to a data center using the REST API.
BZ#999812
It is now possible for the REST API to retrieve users and disk resources by pagination, so the results can be sorted accordingly to the specified category.
BZ#755579
Previously all engine failures resulted in 400 BAD_REQEST. Infrastructure has been added to return proper error messages, depending on the exact failure.
BZ#959879
Previously users could not update power management options via the command line, while it was possible to do so through the administration portal. With this update, all the fields available from the administration portal can be used via the command line.
BZ#829672
Previously in the REST API, there was no disk sub-collection for virtual machines or templates in an export domain. Due to this, users would not be able to use the REST API to view the disks owned by these objects. With this update, a disk sub-collection has been added to virtual machines and templates in export domains, making it possible for administrators to view the disks that belong to those virtual machines or templates.
BZ#977322
/api/capabilities now lists the state of snapshots, for example "locked" or "ok".
BZ#926928
Previously in the REST API, there was no way for administrators to view a list of the applications installed on a virtual machine. With this update, administrators can now retrieve a list of the applications installed on a virtual machine by using the applications sub-collection of a vm object.
BZ#916832
Previously in the REST API, the keyboard layout used by virtual machines could only be set via a single, global configuration option. With this update, administrators can now set the keyboard layout for individual virtual machines via the keyboard_layout option in the display subtype of a vm object.

ovirt-engine-setup

BZ#980926
Previously, using a Java runtime environment other than OpenJDK as the default Java runtime environment would sometimes result in an unusable engine keystore when upgrading to Red Hat Enterprise Virtualization Manager 3.2. This was caused by PKCS#12 being output in a format unusable by OpenJDK. With this update, the OpenJDK keytool utility is now explicitly used, resulting in a usable keystore.
BZ#1003664
The Red Hat Enterprise Virtualization Manager 3.0 to 3.1 upgrade did not copy all pki files that were generated during the 3.0 setup. This resulted in issuing certificates without extensions in upgraded environments, where attempting to install new hypervisors would fail with the error message "Certificate enrollment failure". This update restores the pki artifacts missing from the 3.0 upgrade, so new hypervisors can be added without certificate errors.
BZ#976671
Previously, migrating from Red Hat Enterprise Virtualization version 2.2 to 3.0 would update the key store with the CA certificate and not the trust store, resulting in an unusable trust store when later upgrading to Red Hat Enterprise Virtualization version 3.2. With this update, the trust store is now re-created during the upgrade to Red Hat Enterprise Virtualization 3.2, resulting in a valid trust store.
BZ#973383
Previously, local replication of a yum repository would sometimes fail to correctly replicate groups depending on the tool used, resulting in no groups being replicated. This would result in yum issuing an exception when attempting to search for groups instead of returning an empty set, causing engine-setup to fail. With this update, such exceptions are now ignored and an empty set is returned, making it possible for engine-setup to proceed.
BZ#1028966
The java-1.7.0-openjdk-1.7.0.45-2.4.3.3.el6 package modified the default configuration of Java to use NSS as a default security provider, due to a bug in the PKCS#11 provider the JVM leaked memory. This issue is resolved by adding a conflict with java-1.7.0-openjdk-1.7.0.45-2.4.3.3.el6 so that older or newer packages will be pulled. There is now no memory leak as NSS is not the default security provider in these packages.
BZ#983295
Previously, when installing Red Hat Enterprise Virtualization Manager, the system would not allow installation to proceed unless a fully qualified domain name (FQDN) was specified. This caused problems under some conditions, such attempting to install the Red Hat Enterprise Virtualization Manager in a lab where an FQDN may not be available. With this update, the Red Hat Enterprise Virtualization Manager can now be installed without specifying an FQDN unless in all-in-one configuration.
BZ#1002401
The backup and restore procedure can now be used to move the database from one location to another, for example from local to remote.
BZ#824056
Previously, there was no supported method for renaming the Red Hat Enterprise Virtualization Manager. Due to this, the only methods for renaming the Red Hat Enterprise Virtualization Manager were difficult to perform and prone to error. With this update, a utility (/usr/share/ovirt-engine/setup/bin/ovirt-engine-rename) has been introduced that provides administrators with a supported method for changing the name of the Red Hat Enterprise Virtualization Manager and updating related configuration files and PKI certificates.
BZ#905146
Previously, backup files created while upgrading the Red Hat Enterprise Virtualization Manager were stored in different locations. With this update, these backup files are now all stored in /var/lib/ovirt-engine/backups.
BZ#1029177
The taskcleaner.sh -l option now correctly produces a log file.
BZ#880773
Previously, all packages except the rhev-guest-tools-iso package would be downloaded and installed when upgrading from Red Hat Enterprise Virtualization version 3.0 to 3.1. With this update, the rhev-guest-tools-iso package is now a dependency of rhevm, and older versions of rhev-guest-tools-iso in the ISO domain are updated when running engine-setup.
BZ#894405
The Red Hat Support plug-in for Red Hat Enterprise Virtualization enables users to create and manage Red Hat support cases and access Red Hat documentation from the Red Hat Enterprise Virtualization Manager administration portal. It offers easy and instant access to Red Hat knowledge, resources, engagement, and diagnostic features.
BZ#967353
This update enforces the use of an Apache proxy during a new installation of Red Hat Enterprise Virtualization version 3.3 if it is not enabled already, and forces migration to an Apache proxy during an upgrade from earlier versions of Red Hat Enterprise Virtualization Manager. Redirection of the ports for http and https to ports 80 and 443 respectively is also recommended. However, while the user is prompted to use ports 80 and 443 for http and https during the engine-setup process, existing ports are preserved when this process is performed without user interaction.

Conflicts with freeipa-server and ipa-server are now also detected, and installation or upgrade of Red Hat Enterprise Virtualization Manager on systems running these servers is disallowed.
BZ#863060
The user portal can now be deployed on a standalone machine separate from the Red Hat Enterprise Virtualization Manager. This is done by configuring a web server to function as a proxy to the user portal. Further instructions can be found on https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.3/html/Installation_Guide/index.html
BZ#948481
Previously, Red Hat Enterprise Virtualization Manager would use multiple log rotation mechanisms, including the JBoss rotation mechanism for Java. Because the JBoss rotation mechanism does not support the compression of rotated logs, a proprietary cron script was introduced to compress and remove logs. However, the implementation of this script is application-specific and difficult for administrators to access. With this update, the standard logrotate package is now used to rotate logs for Red Hat Enterprise Virtualization Manager, resulting in a log rotation mechanism that is easier for administrators to access and allows configuration of log rotation capabilities via /etc/logrotate.d/ovirt*.conf such as interval, size, compression.

ovirt-engine-userportal

BZ#986700
Previously, the disk table of the Basic tab in the User Portal would be automatically refreshed every five seconds, causing the Red Hat Enterprise Virtualization Manager to consume a high level of CPU resources to refresh the list. With this update, automatic refreshing has been removed and replaced by a button for manually refreshing disks, greatly reducing CPU resource consumption.
BZ#1013860
On the Resources tab in the Power User Portal, the user interface appeared unable to display all virtual machine disks. The layout has been fixed so all items are now correctly displayed.
BZ#955407
Previously, user input for disk quotas would be ignored when a user created a virtual machine based on a template and quota mode is not disabled. This would cause the disk quota of the new virtual machine to be inherited from the template. With this update, the disk quota of the new virtual machine is set in accordance with user input, while the default disk quota remains that of the template. This allows users to change the disk quota for new virtual machines created based on a template.
BZ#974060
This feature integrates the SPICE-HTML5 console client with Red Hat Enterprise Virtualization Manager, allowing users to connect to the SPICE console from a browser via the SPICE-HTML5 client. For this feature to work, the websocket proxy must be set up and running in the virtualization environment, and the Red Hat Enterprise Virtualization Manager must be aware of the websocket proxy by correctly configuring the WebSocketProxy configuration key using engine-config. Moreover, the client machine must have a browser that supports websockets and postMessage, and the Certificate Authority of the Red Hat Enterprise Virtualization Manager must be imported into the client browser is SSL is enabled.
BZ#909270
Clipboard sharing is now enabled by default between a virtual machine client and guest using an RDP console.
BZ#915904
Previously, the performance of displaying and updating sub-tabs in the General tab of virtual machines and templates in the User Portal was low when using older browsers such as Internet Explorer 8, reducing the overall performance of the User Portal. With this update, the implementation of these sub-tabs has been optimized to avoid unnecessary DOM operations, resulting in greater performance for sub-tabs in the General tab for virtual machines and templates both in the User Portal and Administration Portal.
BZ#953611
Previously, when a user was logged in to the User Portal, they would never time out even when idle, preventing the user from being automatically logged out. With this update, the automatic refresh queries have been updated to correctly pass the flag that indicates that the user session should not be refreshed, automatically logging users out of the User Portal after the pre-set idle time.

ovirt-engine-webadmin-portal

BZ#986979
The lexo-numeric comparator was using the Integer class which is limited to parsing numbers, and would cause an exception if the sequence of numbers was too long. Consequently, it was not possible to assign any network to any cluster or any virtual machine. This update changes the class to BigInteger which is unlimited in size, and has the required functionality. Now networks can be correctly assigned to clusters and virtual machines.
BZ#982636
Previously, cloning a virtual machine based on the snapshot of a virtual machine would clone the virtual machine devices to the original virtual machine instead of the new virtual machine. This would cause the original virtual machine to become corrupted. With this update, virtual machine devices are now correctly copied to the new virtual machine, preventing corruption in the original virtual machine and making it possible to clone new virtual machines based on the snapshot of a virtual machine without issue.
BZ#994463
Previously, the Import Domain operation executed from the Administration Portal would sometimes fail to attach the relevant Storage Domain. With this update, this issue has been resolved by eliminating a race condition in the execution of the steps required to complete the Import Domain operation.
BZ#960749
Previously, when a host was put into maintenance, its icon changed immediately from a green Up arrow to a wrench which signifies that it is already in maintenance, even when it was still preparing for maintenance. This update introduces a new hourglass icon to denote the preparing for maintenance stage.
BZ#730965
Several virtual machine status icons have been changed, including different icons for when a virtual machine is running or in a run once operation, new icons for migration, paused, suspended, not responding, and powering down.
BZ#911347
Previously, the Manager prompted users to upgrade the hypervisor even when there were no updates available. This fix adds a validation to compare the hypervisor version against ISOs available on the Manager, and only prompts users to upgrade when there are new versions available.
BZ#970824
The miimon=100 parameter is now set by default for preset bonding options. This allows the kernel to poll for the status of bonded NICs.
BZ#970046
Users can now manage Red Hat Storage hooks (volume lifecycle extensions) from the Red Hat Enterprise Virtualization Manager. The hooks are deployed during installation of Red Hat Storage servers in a cluster. The functions available to users are enabling or disabling hooks, viewing hook content and resolving content conflict.
BZ#729577
There is now a button to refresh the list of ISO images in the ISO domain 'Images' tab, and in the virtual machine Boot Options and Run Once windows. This enables users to select images from an updated list.
BZ#970195
Previously, the Load column in the Host tab only reported the virtual machines in the Up status, without taking into account virtual machines which were in the process of migration. This has been fixed, and now virtual machines which are being migrated are also counted.
BZ#892642
Previously, certain disks and permissions would be left in the database after forced removal of a storage domain or storage pool, resulting in partial titles remaining visible in the Permissions tab of the details pane for the User tab. With this update, the forced removal procedure has been updated to include the deletion of all disks and permissions from the database.
BZ#999506
Previously, when an administrator attached nested tags with three or more levels of nesting to a resource, it was not possible to detach tags on the third level of nesting and below. With this update, administrators can now attach unlimited levels of tags, and detach tags on all levels without issue.
BZ#961645
On Red Hat Storage nodes, gluster processes were blocked by iptables rules, so volumes could not be mounted. This update adds the ports required for GlusterFS brick processes (49152 to 49251) and for accessing Gluster volumes (port 111) in the iptables configuration file. It also leaves the old ports (24009 to 24108) open for compatibility with older servers.
BZ#999046
Previously, upgrading a Data Center would sometimes involve upgrading the meta data of the storage pool in an operation that would take a long time to complete, during which no warning was displayed to the administrator. This would create the impression that an error may have occurred. With this update, administrators are now notified when a Data Center upgrade involves upgrading the storage pool meta data. This notification is displayed when upgrading from Red Hat Enterprise Virtualization version 2.2 to 3.* and from version 3.1 to 3.2 or version 3.2 to 3.3.
BZ#958526
Previously, when virtual machines and templates were exported, some virtual machine devices would be marked with a resource type of OTHER. On import, it was not possible to tell which of the devices with a resource type of OTHER needed to be treated as managed devices, resulting in incorrect or duplicate device addresses for these devices. This would prevent virtual machines created based on imported templates from starting. With this update, special devices with a resource type of OTHER are marked as managed when importing templates, allowing virtual machines created from those templates to be used without issue.
BZ#683013
Previously, when creating a new virtual machine based on a template, it was only possible to see the name of the template in the Based on Template drop-down list in the New Virtual Machine window. With this update, the description of the template is also included in the Based on Template drop-down list, providing additional information about the selected template and improving the user experience.
BZ#525028
Previously, when an administrator would change the width of columns in the Administration Portal, those widths would not be saved when the page was refreshed or after the administrator logged out. With this update, column widths are now saved for individual browsers and are retained across page refreshes and subsequent logins.
BZ#971695
Previously, when performing a search by pressing the Enter key, the entries in the search results would be duplicated, and selecting a duplicated entry would select both results. With this update, the code has been revised to prevent duplicate entries from appearing in the results of searches performed by pressing the Enter key.
BZ#902353
Previously, it was not possible to specify the host on which a virtual machine would start running when starting the virtual machine using the Run Once option in the Administration Portal. This feature adds a field to the Run Once window that allows administrators to specify the host on which the virtual machine will start running.
BZ#868154
This feature makes it possible to sort virtual machines in the Administration Portal in accordance with the host on which the virtual machines are running. With this feature, administrators can now access 'host' under 'Vm: sortby' in the search bar.
BZ#966003
Previously, it appeared that users could edit the quota of a virtual machine pool using the Edit Pool window, because the quota field was enabled. The quota field is now disabled when editing a pool.
BZ#918890
This feature allows users to access RDP consoles without the Microsoft RDP ActiveX plug-in. However, users can still choose the method of invocation via the Console Options dialog: Plugin, which requires Microsoft Internet Explorer and the RDP ActiveX plug-in; Native, which is supported in all browsers independent of whether the RDP ActiveX plug-in is present, and Auto, in which the Plugin method is used if available and the Native method is used if not. Furthermore, administrators can configure the default invocation method via the ClientModeRdpDefault configuration key using engine-config. Note that when using the Native invocation method, single sign on is disabled due to technical limitations of the RDP descriptor file.
BZ#908835
Previously cloning a quota dropped previously-assigned consumers and permissions. Now users can select the option to copy consumers and permissions when cloning a quota, preventing manual reassignment.
BZ#907491
Previously, when switching between sub-tabs of a main tab in the Administration Portal (for example, switching between the Network Interfaces and Disks sub-tabs when a virtual machine is selected) the details of the old sub-tab would display for a second before being replaced by a loading indicator. This created a source of confusion as to the currently selected sub-tab until the loading indicator displayed. With this update, the loading indicator is now shown when switching sub-tabs rather than when displaying the old data, providing a better indication of the current sub-tab and improving the user experience.
BZ#916866
Previously, it was not possible to set the keyboard layout for individual virtual machines when connecting using the VNC protocol. Moreover, changing the global keyboard layout applied to all virtual machines was inflexible and required the Red Hat Enterprise Virtualization Manager to be restarted. With this update, the keyboard layout of individual virtual machines when connecting using the VNC protocol can be specified via the Edit Virtual Machine window. If not keyboard layout is specified, the default, global value is used.
BZ#825801
The drag and drop logic for bonding in the Host Setup Networks window has been improved for ease of use. Now, bonds and interfaces can be joined by dragging one onto another without manual detaching and reattaching. The original network assignments are not overwritten unless specified.
BZ#988259
Older versions of the Manager set the virtual machine's default time zone to an empty string, but this field is now set to a null value. This update adds a database migration script to handle this change, so users can update the time zone on running virtual machines.
BZ#968178
Previously when a host was moved from a Virt cluster to a Gluster cluster, there was no check for Gluster capabilities on the host. Now, during a cluster change the host is checked for Gluster capabilities, and if it fails the host is not activated. The VDSM dictionary is also updated, so service monitoring strategies are updated.
BZ#968499
Previously, the Red Hat Enterprise Virtualization user interface technology stack used older releases of dependent third party software such as software development kits, frameworks, and libraries. This prevented the user interface from incorporating the latest features of these components such as new features, bug fixes and other enhancements. With this update, all components of the Red Hat Enterprise Virtualization user interface technology have been upgraded to the newest release, making it possible to take advantage of the latest improvements that each component offers.
BZ#1021326
In the General tab under the Cluster tab, the Maximum Memory Over Commitment unit has been changed from MB to % for better readability.
BZ#912258
Previously, when an administrator would look at the sub-tabs of the Templates tab, such as Network Interfaces, Disks or Storage, the data grid would appear blank if no network interfaces, disks or storage were defined. This caused the appearance of these sub-tabs to be inconsistent with those of other sub-tabs, which would display 'No items to display' when there was no data. With this update, the sub-tabs on the Templates tab now display this message when there is no data to display.

RFEs

BZ#816173
This feature provides support for a branding configuration file that allows administrators to configure the look and feel of Red Hat Enterprise Virtualization, including branding, and override certain text displayed to end users. With this feature, administrators can now install an external package that will override logos, titles and certain colors in the welcome page, Administration Portal and User Portal.
BZ#514420
Users can now limit the inbound and outbound network traffic on a virtual NIC level by applying profiles which define attributes such as port mirroring, quality of service (QoS) or custom properties.
BZ#867642
The General tab of the Hosts tab now displays the SPM priority of each host, for easy reference.
BZ#857935
virtio-SCSI is a new para-virtualized SCSI controller device which provides similar performance as the virtio-blk device, while improving scalability, supporting standard SCSI command sets and device naming, allowing for SCSI device passthrough.
BZ#567585
Attaching a storage domain to a pool now automatically activates the domain, so users no longer have to manually do it.
BZ#600483
Previously, it was not possible to change the size of a virtual disk after that disk had been created. This feature adds a new field 'Extend size by (GB)' to the Edit Virtual Disk window that allows users to increase the size of a virtual disk in increments of single GB. With this feature, users can now extend disks even while those disks are in use.
BZ#610501
This feature adds a new Comment field to data centers, logical networks, storage domains, clusters, hosts and virtual machines that allows users to add human-readable, free-text descriptions to these resources.
BZ#838468
This features introduces the noVNC console client to Red Hat Enterprise Virtualization Manager. With this feature, users can connect to VNC consoles from within their browser using the noVNC client. For this feature to work, the websocket proxy must be set up and running in the virtualization environment, and the Red Hat Enterprise Virtualization Manager must be aware of the websocket proxy by correctly configuring the WebSocketProxy configuration key using engine-config. Moreover, the client machine must have a browser that supports websockets and postMessage, and the Certificate Authority of the Red Hat Enterprise Virtualization Manager must be imported into the client browser is SSL is enabled.
BZ#889271
The setup scripts of the engine did not keep track of the packages used during setup, upgrade, or cleanup. Conseqeuently it was sometimes hard to analyse and find the root cause for problems if a user did not know the exact version of the packages used. Now, the setup, upgrade, and cleanup scripts have been changed to log an event when started and successfully ended, including the list of packages installed. As a result, when problems are encountered, it is easier to know the exact set of actions taken, whether they succeeded or not, and what versions of packages were installed during these actions.
BZ#629034
The Storage Pool Manager role can be manually assigned or re-assigned to hosts, using the administration portal or the "forceselectspm" action on the REST API.
BZ#967541
Custom properties can now be defined for virtual network interface cards (NIC) on virtual machines. This enables a range of connection options, including:
* Create a host NIC via Mellanox UFM and connect it directly to a virtual NIC.
* Use OpenStack's Quantum to connect a virtual NIC to one of its defined networks.
* Pass non-standard quality of service (QoS) settings for a virtual NIC.
BZ#967516
Initial support for OpenStack Neutron as a network provider on Red Hat Enterprise Virtualization Manager is offered as a technology preview. 

Description of the Technology Preview: 
http://www.ovirt.org/Features/Detailed_Quantum_Integration
BZ#629835
A cluster administrator can now grant the "migration" role to a cluster network. This feature separates migration data to the designated migration network, to prevent migration traffic from choking other networks. The Manager uses the migration network's IP address on the destination host when it requests a virtual machine migration, replacing the previous implementation when a virtual machine's details were sent in plain text to the destination host via the management network.
BZ#797961
Red Hat Enterprise Virtualization now supports native GlusterFS-based storage domains and data center types.
BZ#788977
Previously if the hypervisor was not directly visible to the SPICE client, users could not connect to a console of a virtual machine running on it. Now, it is possible to specify an FQDN for a host to return instead of its IP address, allowing users to connect to the virtual machine console.
BZ#922475
Red Hat Enterprise Virtualization now provides an API set for Independent Software Vendors (ISVs) to backup and restore virtual machines. For backup, a snapshot of a virtual machine's disk is created then attached to a virtual appliance. For restore, disks are attached to a virtual appliance, the data is restored to the disks, then the disks are attached to a virtual machine
BZ#1015148
The Storage General tab now has a new column showing the total, free and used sizes of each storage domain.
BZ#773427
The virt-alignment-scan application scans the partition alignment in virtual machines and reports to the Manager if a partition is not aligned.
BZ#957729
A virtual machine's memory limit can be edited using the VM64BitMaxMemorySizeInMB, VM32BitMaxMemorySizeInMB and VMMinMemorySizeInMB options in rhevm-config. Likewise, a virtual machine's maximum number of CPUs can be edited using the MaxNumOfCpuPerSocket, MaxNumOfVmCpus, and MaxNumOfVmSockets options.
BZ#723055
Virtual machines are now automatically unpaused after recovering from storage errors and the storage domain is active, decreasing downtime.
BZ#887378
When trying to add a Storage Domain to an uninitialized Storage Pool, there is now a warning message that the Pool is uninitialized and that the user should first add a data domain to initialize the pool.
BZ#960280
A new utility called engine-backup has been introduced to backup and restore a complete ovirt-engine environment. This utility is provided to simplify the backup and restore process.
BZ#953067
It is now possible for administrators to copy permissions of a virtual machine to a template, and from a template to a virtual machine. This feature enhances usability so administrators do not have to manually add permissions to all virtual machines.
BZ#753549
This update changes a move disk operation to a copy and delete disk operation. This enables the virtual machine to start in the target storage domain before removing the disk from the source storage domain, which makes the process more efficient and easier to troubleshoot.
BZ#960931
It is now possible to save the state of a virtual machine's memory when creating a live snapshot, and restore a virtual machine's memory to the state captured in the snapshot.
BZ#925998
Users can now search for disks by their ID. This feature is useful as a disk's name is not unique throughout the system, for example when several virtual machines are created from the same template it creates duplicate disks. The disk ID can be used to distinguish between disks.
BZ#962509
The Storage tab now has a new column showing the total size of each storage domain.
BZ#962653
The CPU Shares option allows users to specify the priority of CPU utilization between virtual machines with shared CPU resources. This option can be found in the Resource Allocation tab of the New / Edit Virtual Machine window in the administration portal.

CPU shares are evaluated by the hypervisor's kernel, for currently running virtual machines. The share's value can be a predefined one, or a custom number between 0 and 262144. By default this is disabled. A virtual machine marked with high priority will receive twice the amount of CPU resources allocated to a medium priority machines, and four times the amount allocated to a low priority machine.
BZ#921544
The 'In Use' column indicated the LUN is a part of a VG (which contains data), but it was confused with being used by the engine (the LUN is a part of an existing storage domain). This column has been removed to decrease ambiguity.
BZ#962686
The 'Allocated' field has been added to the General tab under the Storage tab, which displays the total space that has been assigned to virtual machines in the selected domain.
BZ#877555
It is now possible to select multiple virtual machines and open all their consoles at once. Note for "native" console invocation this opens multiple browser windows.
BZ#649239
Users can now add new bonds from the manager administration portal, in addition to the five predefined bonds for each host.
BZ#815642
Previously when creating a virtual machine based on a template, the template was locked in a way that prevented creating additional virtual machines from that template at the same time. This lock has been removed, and users can now create multiple virtual machines from a template in parallel.
BZ#892260
A pattern-based solution has been introduced for changing the name of virtual machines created from a pool. Users can now specify a mask inside the pool name for the indexes that are included in the generated names of the virtual machines in the pool.
BZ#879038
There is now a "Start in Pause Mode" checkbox in the regular Edit VM window instead of only in the Run Once window. One can define a virtual machine as always started in paused mode for opening the console at the beginning of virtual machine's boot process.
BZ#827248
It is now possible to assign multiple virtual machines from the same pool to a user, which is useful when a user needs multiple instances of the same system. To do so, specify the maximum value of assigned virtual machines per user in the Edit VM window in the web portals, or use the REST API to check out virtual machines up to the specified limit.
BZ#618636
Users can now define a gateway for each logical network on a host. This feature is beneficial for deployments in which a host has more than one network device. Any traffic that has to be returned to a network outside the host's subnets will be routed back via the device through which the traffic came, instead of the host's default gateway.
BZ#670470
It is now possible to edit and manage iSCSI storage domain connections via the REST API. This means that users can now edit the logical domain to point to a different physical storage, which is useful if the underlying LUNs are replicated for backup purposes.
BZ#531384
The host's hardware tab now displays information about host bus adapters (HBAs), including type, model, manufacturer of the device, world wide name and world wide port name device and port identifiers. This enables identification of hosts with specific Fiber Channel or iSCSI devices.
BZ#619761
Red Hat Enterprise Virtualization now supports cloud-init, which facilitates the provisioning of virtual machines by performing the initial setup of networking, SSH keys, timezones, user data injection, and more.
BZ#675830
Previously, the Virtual Machines tab under the Storage tab displayed only the top ten virtual machines which consumed the most storage resources. This limitation has now been removed, so all virtual machines that reside on the storage domain can be retrieved.
BZ#970948
Quota management, which was offered as a technology preview in version 3.2, is now officially supported Note that quota in version 3.3 does not include REST API support.
BZ#838456
This feature makes it possible to view the content of the welcome page for the Red Hat Enterprise Virtualization Manager in accordance with the desired locale. With this feature, the welcome page now automatically determines the locale of the browser and presents content in the language of that locale. A button has also been added to the welcome page that allows administrators to select their desired locale. This preference is stored across sessions.
BZ#835543
Previously, it was not possible to alter the parameters of connections to storage domains (NFS, POSIX, and local) in Red Hat Enterprise Virtualization. This update provides administrators with greater management capabilities that allow them to alter connections to storage domains after they have been created. These capabilities are available both in the Administration Portal and via the REST API.
BZ#878459
VirtIO Console devices can now be attached to or detached from a virtual machine. The feature is exposed as a checkbox in the VM/Template/Pool popup dialog in the Console tab and in the REST API.
BZ#908375
Red Hat Enterprise Virtualization Manager now supports parallel NFS (pNFS) storage. pNFS as a specification supports blocks, objects, and files. A hypervisor that uses pNFS to access a virtual machine data store can take advantage of multiple connections per session, which can be distributed across multiple interfaces.
BZ#908656
This feature provides administrators with four additional VDSM hooks: before_disk_hotplug, after_disk_hotplug, before_disk_hotunplug, and after_disk_hotunplug. With these hooks, administrators can now add user actions before and after a disk is hot-plugged or hot-unplugged.
BZ#909930
A new 'Create Snapshot' button has been added to the action panel of the Virtual Machines tab, and as a context menu item when a virtual machine is selected.
BZ#791354
Previously, it was not possible to use encrypted channels as a policy for live migration with virtual machines and clusters. This feature introduces the ability to perform a 'tunnel migration' of clusters and virtual machines over encrypted channels, improving security.
BZ#912076
Red Hat Enterprise Virtualization Manager includes a new scheduler to handle the placement of virtual machines, allowing users to create new scheduling policies and write their own logic in Python and include that logic in a policy.

The new oVirt scheduler serves virtual machine scheduling requests during migration or while virtual machine are running. Scheduling is performed by applying hard constraints and soft constraints to get the optimal host for that request at a given point of time.

Scheduling Policy Elements

* Filter: a basic logic unit that filters out hypervisors that do not satisfy the hard constraints for placing a given virtual machine.

* Weight function: a function that calculates a score for a given host based on the internal logic of the function. Weight functions are a method for implementing soft constraints in the scheduling process. Since these are weights, a lower score is considered to be better.

* Load balancing module: code implementing logic for distributing loads. To date, the definition of a load was mostly CPU related, which could be resolved by migrating a virtual machine. The new scheduler allows users to write their own logic to handle other load types such as network and I/O by other means such as integrating with third-party systems.

Scheduling Process Outline

Every cluster has a scheduling policy. To date, there were three main policies - None, Even distribution, and Power saving - and now administrators can create their own policies or use the built-in policies. Each policy contains a list of filters, one or more weight functions and a single load-balancing module. The scheduling process takes all relevant hosts and runs them through the relevant filters of a specific policy. Note that filter order is meaningless. The filtered host list is then used as an input to the relevant weight functions of that policy, which creates a cost table. The cost table indicates the host with the lowest weight (cost), which is the optimal solution for the given request. Multiple weight functions may be prioritized using a factor.

Adding User Code

See Bug #912059 for more information on adding code.

Important Notes

- New scheduling policies created by administrators are not validated by the system. This may end up with unexpected results, so it is highly important to verify that a new policy is not introducing issues or instability to the system.
- User-provided code is unsupported.
- Using user-provided code may affect performance, so administrators are advised to carefully test their code and the general performance changes.
BZ#787578
Previously, multiple monitor support could misbehave on Red Hat Enterprise Linux guests. 

This occurred when a virtual machine used a single QXL device (SPICE virtual graphics card) which did not provide sufficient memory for the virtual machine.

Now, more VRAM is available for QXL devices, so multi-monitor is supported on Linux machines using a single QXL device. This is the default setting for Linux guests using the SPICE display type.
BZ#972455
When a new storage domain is created, the host nominated as the Storage Pool Manager of the data center is automatically set as the default host, preventing performance issues with random selection and operations running on incorrect hosts.
BZ#929057
Red Hat Enterprise Virtualization Manager now supports Trusted Compute Pools based on the OpenAttestation project. This feature allows administrators to build trusted clusters based on Intel's hardware-based security features. A trusted cluster includes only hosts verified by Intel's OpenAttestation, securing virtual machines infrastructure and establishing the foundation for a secure enterprise stack.
Note that in order to be able to use this feature in RHEV, the admin needs to install Intel's OpenAttestation RPMs.
BZ#760666
Previously, it was not possible to view the available space on a storage domain in the storage domain drop-down lists of the Add Virtual Disk, Copy Disk(s), Move Disk(s), New Template and Import Virtual Machine windows. With this feature, administrators can now see the available space on a storage domain alongside the name of that storage domain in the above drop-down lists.
BZ#983120
The login page in the user portal can now display a message of the day, which allows administrators to show users important system messages. To set this message, use the UserMessageOfTheDay option on engine-config.
BZ#953989
Previously, the user interface plug-in API did not support integration with the main Events tab and its individual sub-tabs, both of which are standard tab types in the Administration Portal. This resulted in user interface plug-ins being unable to use 'add action button' functionality for these tab types, including context-sensitive buttons located in the action panel of the main tab and sub-tabs and context-sensitive menu items triggered by right-clicking the main tab or sub-tabs. With this update, the plug-in API has been updated to enable 'add action button' for the above tabs, allowing user interface plug-ins to integrate with the Events tab and its sub-tabs via the action button concept.
BZ#958318
Previously, it was possible to both pin a virtual machine to a specific host and enable high availability for that virtual machine at the same time. This resulted in highly available virtual machines not being migrated when required due to being pinned to a host. With this update, high availability and host pinning are now mutually exclusive options and cannot be enabled at the same time for a virtual machine.
BZ#675061
Red Hat Enterprise Virtualization now provides support for more guest operating systems, including Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04, Ubuntu 13.10, and SUSE Linux Enterprise Server 11.
BZ#966192
AuditLogDirector.log(*) methods now update engine.log, so every event that appears in the administration portal's event viewer is logged permanently to the log file.
BZ#967278
Initial support for the Foreman host provider is offered as a technology preview. You can add the new Foreman provider in the administration portal, and use the "Add Hosts" window to select a host provided by Foreman on Red Hat Enterprise Virtualization Manager.
BZ#967572
This feature makes it possible to use virtio balloons for memory optimization.

Every virtual machine in clusters with a compatibility level of 3.2 and higher includes a balloon device unless that device is specifically removed. This balloon device requires guest drivers and a guest agent to control the balloon size.

Ballooning optimization is a cluster-level policy attribute, which is disabled by default. To have a balloon running, the virtual machine must have a balloon device with the relevant drivers, and the cluster it belongs to must enable ballooning optimization. Each host in the cluster receives a balloon policy update when the status of that host changes to 'Up'. A manual option is also available for emergencies that makes it possible to force an update for a specific host.

Once this is set, MoM will start ballooning where and when possible to allow memory over-commitment, with a limitation of the guaranteed memory size that every virtual machine has.

Note that in some scenarios ballooning may collide with KSM. In such cases, MoM will attempt to adjust the balloon size to minimize collisions. Additionally, in some scenarios ballooning may cause sub-optimal performance for a virtual machine. Administrators are advised to use ballooning optimization with caution.
BZ#967573
When ballooning is enabled for a cluster, appropriate messages now appear in the Events tab of the administration portal when the following errors occur:
* The balloon is requested but the balloon driver on the virtual machine is not responding.
* The balloon is inflated, but the Memory Overcommit Manager (MOM) has lost control over the balloon device for various reasons such as failure of the guest agent.
BZ#967574
When a virtual machine is running on a host which cannot provide the amount of guaranteed memory specified in the virtual machine configuration, RHEV engine issues an alert. In a future release, this issue will be handled by migrating the virtual machine to a host which has sufficient memory.
BZ#968917
Previously, all options in the New Virtual Machine and Edit Virtual Machine windows, including advanced options, were visible by default. This resulted in it being difficult to navigate these windows when only the basic options were required. With this update, advanced options are now hidden by default, and a new 'Show Advanced Options' button has been added to allow users to display advanced options as required.
BZ#975097
Red Hat Enterprise Virtualization now provides technology preview support for importing and exporting images and disks from the OpenStack Glance domain provider.
BZ#968918
The previous separation of flows for creating servers and desktop has been replaced with only one "New VM" window, which also provides a checkbox to optimize it for either server or desktop. This replaces the previous behavior where it was not possible to do mixed configurations (for example, a server with a soundcard).
BZ#974849
ISO domains can now be created on any supported file-based storage, including NFS, POSIX, GlusterFS and local storage. This feature decreases dependency on NFS which was previously the only supported format, and allows creating ISO domains on local storage which is ideal for small-scale deployments or evaluations.