Unraid OS 6.10-rc3 Now Available
As always before updating, please create a backup of your USB flash via "Main/Flash/"Flash Backup".
What's New in Release Candidate 3?
Linux Kernel
The kernel has been upgraded to the Linux 5.15.27 kernel which includes Sequoia and Dirty Pipe vulnerability mitigations.
Virtualization
Both libvirt and qemu have been updated. In addition, qemu has been compiled with OpenGL support, and ARM emulation (experimental).
Let's Encrypt Wildcard SSL Certificates
Starting with this release, we no longer issue new single-host SSL certificates (which we're calling legacy certificates). Instead, all new Unraid.net SSL certificates are wildcard certificates (still provided by Let's Encrypt). To provision a new wildcard certificate, or upgrade a legacy certificate, you must be signed in to Unraid.net. You do not need to be signed in to have either type of certificate automatically renewed when it is within 30 days of expiration.
The URL used to access your server making use of a wildcard certificate has this form:
- https://[lan-ip].[hash].myunraid.net
Where:
- [lan-ip] is your servers LAN IP address with dots changed to dashes
- [hash] is a 40-character hex string (160 bits) unique to this server (and different from similar [hash] in legacy certificates)
Example:
We added a new DDNS server that listens at "myunraid.net". This server extracts [lan-ip] from the domain name and returns the IP address where the dashes are changed back into dots.
There are several benefits to this approach for both our users and for us:
- Eliminates DNS propagation delays when you first provision a certificate or when a server LAN IP address (or WAN IP address) changes. Since the domain name includes the IP address, any IP address change also changes the domain name, hence will not be contained in any intermediate DNS cache. We also changed the TTL from 1 hour to 7 days further reducing overhead and alleviating issues where someone's internet goes down for brief periods.
- Improves privacy because your remote access WAN IP address can't be determined by simply prepending "www" to your local access URL.
- Moves DNS functionality off the 'unraid.net' domain and isolates it on the 'myunraid.net' domain.
For more detailed information on the new Wildcard SSL Certificate improvements, please see the official release post.
Base Packages
Virtually the entire base package set has been updated.
Unraid 6.10-rc3 Change Log
Scheduler Improvements
- You can now split a parity check into smaller pieces and let it run over multiple days or weeks. For example, a check can be performed in a time frame of 01:00 am to 06:00 am for several days in a row until it is completed. This way a long parity check won’t interfere with normal daily activities, like watching a movie.
- Added the ability to schedule pool 'balance' and 'scrub' operations and calculate whether a full balance is recommended.
Other Improvements in 6.10-rc3
An event-driven model has been implemented to obtain server information and update the webGUI in real-time. This means that:
- consistent state information is maintained across all browser instances open to a particular server. The advantage of this model is its scalability. Multiple browsers can be opened simultaneously to the webGUI without much impact. In addition, stale browser sessions won't create any CSRF errors anymore and users who keep their browser open 24/7 will find the webGUI stays responsive at all times.
- Fixed bug found by @thohell where md_sync_limit was not being honored to limit stripe_head cache usage when another I/O is active. The effect of this fix is to drastically slow down parity operations if another I/O is happening (such as streaming a video). Throttling of parity sync operations can be adjusted by changing the 'Settings/Disk Settings/Tunable (md_sync_limit)' value.
- Fixed btrfs pool device replace corner cases. Important note: if you 'unassign' a device from a btrfs multiple-device pool, and that device is still physically present, upon array Start we will erase the LUKS header on the device if present, and delete the partition structure, thereby effectively erasing all the data contained on the device. This is necessary in order to convince btrfs to no longer use the device and to free it for assignment to another pool.
- For cookies managed by webGUI, changed sameSite cookie attribute from 'strict' to 'lax'. This change was made to solve an issue with the Terminal window not opening in Safari.
Upgrade Instructions
- First create a backup of your USB flash boot device: Main/Flash/Flash Backup
- If you are running any 6.4 or later release, click 'Check for Updates' on the Tools/Update OS page.
- If you are running a pre-6.4 release, click 'Check for Updates' on the Plugins page.