Virtualisation can have a role in the home computing environment. Personal computers are kind of crap at migrating (or duplicating) your settings, applications and data from one system to another. Virtualisation can remove some of this grief. In the consumer space, Windows PCs come preloaded with crapware. The shiny new notebook …
Well you say you have to use Windows eventually.... but really, no you don't. You just don't want to spend the time to learn Linux / OSX to the level you require. Specially if whatever your doing requires windows XP and not 7.... and once April 2014 arrives and the XP updates finally stop, your STILL going to end up doing that whole upgrade shebang you hate.
I meanwhile, am curled up in a ball keeping warm off the heat of my gentoo box warming my room :)
> I meanwhile, am curled up in a ball keeping warm off the heat of my gentoo box warming my room :)
My faithful old dual Xeon Gentoo heater is building glibc at the moment. So toasty.....
Notice he installed Steam as a high priority item. Linux and OSX still lag way behind Windows when it comes to gaming, and I dont see that changing in the near future. If you are a serious gamer, Windows is still where its at...
"Linux and OSX still lag way behind Windows when it comes to gamin"
Whereas using RDP (as per the article) for gaming is OK? No it isn't, as others have already pointed out.
Does not compute.
No, Steam was the only only thingI've installed on endpoints in a long while. Not in the VM. Everything else goes in the VM.
When you've managed to get SlingPlayer working on Linux you will let me know won't you - it's the main reason I installed Windows 7 on my Netbook, over Linux.
> Steam was the only only thing I've installed on endpoints in a long while. Not in the VM. Everything else goes in the VM.
So this set up is both complicated and incomplete? Plus you now have the host machine and the network as additional points of failure.
If it's applications settings that are the problem then you can likely get the same effect with using a USB stick full of portable apps.
Yes. The RDP insanity.
RDP is not bad but it's still very limited in what it can do for you. While it can certainly handle light desktop tasks without the lag and stutter of something like VNC, There is a lot of stuff you simply can't do across RDP even if you wanted to.
There are simply limits to the whole Xserver/RDP approach.
Plus maintaining all of that big box Unix style setup seems like a bit of a chore really.
"Point of failure?"
Who cares if the computer dies? It isn't the end of the world. What I care about it never having to reconfigure anything or set anything up again for my personal research/communications/etc. environment ever again.
“A USB stick full of portable apps” doesn’t give me the apps I actually want to use. And the USB stick itself is a point of failure! (I go through about 2 a quarter.)
As to complicated…I don’t see how. “Virtual host run personal virtual machines that maintain a personal computing environment that I can move from host to host to host without having to reinstall or reconfigure anything. Ever. Oh, it also can run little scut-work virtual appliances that someone who is not me put the time and effort into testing/installing/etc.”
The endpoint runs nothing but video games locally. My house can burn down – and all my computers with it – and I could be back up and running in a half hour. Which would be important. That VM is where my email, IM, etc lives. All my contact information, my communication with my insurance company, my bank…all of it.
For all intents and purposes my entire personal life’s worth of information and communications history resides in that VM. As my personal research environment, so to do my settings, configurations and preferences. Bookmarks, saved passwords, little notepad documents with half-written ideas (digital post-it-notes!) and all the detritus that I need to do things like write articles for El Reg, find the archaic list of super-secret code words to get the good cell phone plans from my carrier, the phone numbers that let me call tier-2 tech support instead of the call center in Manila, etc.
It is more than just some files. It is like being able to take my entire office and carrying it around with me in my pocket, knowing that every scrap of paper, every pen, even my desk plant is exactly the way I left it. Safe and backed up. And I don’t have to do the smallest stitch of work to make it so.
That I have to install Steam on the notebook in order to play a game is perhaps irritating, but not remotely the end of the world. I don’t have to touch that notebook otherwise. I don’t think I have opened a browser on that device for anything other than “downloading steam” since the day I bought it 6 months ago.
So no, the setup isn’t perfect. It isn’t complete…but it requires zero effort to keep all my stuff working and configured exactly the way I want to be regardless of the hardware changes to endpoint, virtual host, etc.
And that endpoint can be – and for several hours a day usually is – an Android phone. It can be my Android tablet. (Wyse pocketcloud is a good thing.)
Unless I am playing video games, the endpoint simply does not matter. And frankly, Steam turns my windows PC into a console. Simple, easy, and my roommate’s xbox seems to need to download roughly the same amount of content anyways.
I've been doing this for about 7 years now. So far, it has served me quite well; I have gone through about 18 endpoints, but haven't had to rebuild my personal workspace once.
all well and good...
...but you're still basically re-inventing the thin client with a somewhat unnecessarily exotic design. I don't know a lot about RDP/VMware but if it's like any other similar system I'll bet a small amount that you also have issues with external peripherals and hi-def video playback; and how does dual-monitor support work? How does it work when you're out of the house?
I prefer to set things up in a more traditional thick client way; my 'endpoints' are bare-metal, fully-specced systems, but almost all actual data lives on a server (the servers are VMs) - personal mail server, web server, IRC proxy, and various utility webapps (for stuff like news reading, todo lists, note taking and so on). Like you, I can deploy a new system and have it configured exactly to my workflow in about a half an hour. (As the systems are all Linux machines, it's trivial to copy the configuration for most apps from any other client machine I have). And this way there's no loss of performance or issues with video hardware-intensive tasks or external peripherals.
The endpoint OSes handle things like watching video. Actually, they're rather good at it. I haven't even had to install VLC in quite some time.
RDP supports multi-monitor just fine.
"Out of the house" experience has thus far been positive. I use the setup from my smartphone using 3G for a couple hours a day.
You just don't really do any video-intensive stuff in the VM unless you are at home. (BTW, 720p video seems to work just fine over RDP as long as I am on the same local area network.)
Is this “reinventing the thin client?” Sure; to a limited extent. It’s a halfway point between traditional thin client and a fat client. Some tasks (gaming, video) are typically handled by the endpoint. But the central location stores most of your “daily work.’
It is about making things easy to use and configure; about being to access from anywhere without a big power expenditure. It’s about the ability *not* to nerd about the details and the Linux this or the image that or the “just use 15 lines of perl to get the job done!” As stated in the article: I do this sort of stuff for a living. I know a dozen other ways to skin this cat, but almost all of them require some form of upkeep.
This is the zero upkeep system. It doesn’t require thought. I doesn’t require care, or planning, it doesn’t require backing up your endpoints or migration or any of that crap. It just works. Anywhere. From any device. It backs itself up into the cloud.
If I drive over my laptop, I can just not care. If I want a new computer, I can go get a new computer. The power of the endpoint determines the games I can play, or the videos I can watch.
But I can get work done from a $10 android phone over a crappy 2G connection if I need to.
Someone needs to package this and sell it for a yearly fee. If I didn’t already have the setup in place, I’d be the first customer! Just because I can do all the various Linuxy things or build my own domain and group policies or manually move this and configure that doesn’t mean that I want to.
Fixing computers isn't my hobby. It's my job. I refuse to do it at home.
Any chance of you doing a brief overview of how you go about this sort of thing?
Are the personal VMs all up and running on that $750 box, or are they run up on demand like VDIs are?
What software and versions are you using etc?
I have various machines, various OSes, a SoHo NAS appliance etc and wouldn't mind being able to do the same. The thought of VMs with their snapshot/last known good configuration is a big benefit although I like the data to be kept separate from the OS (bookmarks, emails, documents etc).
Like you I've been in the VM game for quite a while. I first met it in the late '70's as a late teen. Started using it on my personal (non-IBM compatible) computers in the mid-'80's, and started using it on PC-compatibles in early beta-test versions of VMWare (ca. 2000). I've been playing with all the variants from everyone since then.
One of the first applications I used it for was a browser appliance. Go ahead and do a drive-by on my browser. Didn't matter since I never saved the browser state, just turned the VM off. Every session started from a golden image created on a disconnected machine. Then I got to thinking and started using VM's for my servers. Again, same thing. On detected hack, start working back to a non-hacked version, patch for signature/source, and back in business. Even bad patches from MS, or anyone else (virus updates anyone?) for that matter, just don't matter that much. Report it, restore the VM, move on.
Toss in having total (catastrophic) DR on top beyond just security issues, as you discuss using way off-site storage, is just icing on the cake. You are going to get a lot of flack, as I have experienced, from the various fanbois. They don't understand that this is just about doing away with being a sysadmin at home as well as at work. Been there, done that, burned the t-shirt.
Frankly, I'm more interested in which virtual appliances you've taken out, beaten up on, and how they worked out. I don't know of anyone whose taken them all out, but I'm sure you've got some helpful advice here. Be safe out there!
I'm not understanding something
The "ditto linux".
My home directory is on its own partition, so when I reinstall the operating system (half an hour) install all patches (about another half an hour) and then install the apps (another half an hour done by a simple sh script) then the things just work, because all my preferences are in my home directory.
The home directory can also be mounted on a network share which makes things even more portable.
If someone can show me how I'm not understanding the article, I'd appreciate it.
I'm glad it wasn't just me then. I thought this was going to be some clever way of reversing a virtual image out on to physical hardware or something else.
Instead it's just bizarre-o and IMHO wasteful. Games inside virtual machines? Over RDP? Yuck.
Full consumer PCs to simply remote into an XP image? Huh?
Maybe I too a missing something, but it strikes me that most of the issues could be resolved with a lot less complexity.
Out of interest, how do you manage system-wide settings?
I'm able to keep most of my settings in my home directory, but have ended up with far too many customisations sitting in /etc/, which I've occasionally forgotten about when formatting the non-/home/ partition at re-install time.
As much as I can, it's done by scripts with commands. Occasionally some of them are file copies.
One example is my screen configuration; one is twin view so I get a nice wide desktop, the other is separate x-screens so that when I start a game, it doesn't spread over both screens. A script below home, copies the appropriate file in to /etc/X11 and restarts X.
It takes a while to develop stuff like this as needed.
It also saved me a load of grief once I discovered that you can put some things like .fonts in the home directory also.
re: I'm not understanding something
I see you've been attacked by the phantom modder :)
System wide settings?
System wide settings like what?
There is very little going on in my /etc or root disk in general that isn't related to daemons that are outside of the domain of the original article. What little there is is pretty darn easy to clone since it's just human readable text in files.
[gollum voice] SED is my frieeeend [/gollum]
Try running 2x on a server 2008 R2 box.
You can do VDI with RemoteFX then. (And they have Android, iOS clients)
You can even PXE boot the 2x client software.
(now I'm wondering if they'll do an ARM client for the RasPi, that would be genius!)
That sounds nice, and it might even help for gaming via RDP, but it's hardly feasible when the budget for the host system (including OS) is $750 as per the article.
Thanks for mentioning RemoteFX, I had no idea it existed and it sounds quite interesting :)
Didn't know they did a 2xOS until this post - I've been using the Android client on my transformer, but PXE booting an RDP session is veh intermaresting. I shall be trying that over the next few days.
I just hope it supports more keyboard layouts than then droid version which has US and Japanese.
I may be confused here, but...
...is all your home computing work is done via RDP to a virtual machine? That must be awesome for gaming :P
The idea of running all your home computing on one box with virtual machines is interesting, although kind of horrific tbh (that may be because all the home computing in my household involves at least some system-intensive stuff, mostly gaming but also some video editing and graphic design work).
I was expecting this article to be about something like booting from a VHD to allow for ease of migration between machines, rather than network-bound VMs.
Also, Ninite sounds interesting but I'm not convinced it's worth the money compared to the somewhat-less-simple-but-free Secunia PSI (http://secunia.com/vulnerability_scanning/personal/) which also supports a wider range of software. Allegedly the latest version features automatic updating, which (if it works correctly - I haven't tried it yet) would solve its biggest flaw.
Also, Ninite sounds interesting but I'm not convinced it's worth the money
Ah, I appear to have gotten confused between Ninite, Ninite Pro and Ninite Updater. (Only the first one is free).
The point about Secunia's PSI covering a much wider base of software in terms of detecting updates & vulnerabilities still stands, but they can't be treated as direct rivals as they aren't aiming to do the same things.
(That being said - having long ago spent some time looking into automating the installation of a local set of "standard" software packages with very basic install scripts and silent installation switches, Ninite is of limited use to me either at home or at work...but that's my local bias rather than a judgement on the tool itself.)
And for the rest of the world
Just use DriveimageXML once a week to an external HDD...
Seems way over complicated for a home system, if you're going to use Win 7 anyway why not just do a regular system image backup to a nas or external drive?
I change endpoints too often. Window 7 system image doesn't cross hardware platforms too well.
Just the other day, I restored a Clonezilla image of a Win7 box from Intel SNB hardware to a Core2 system (both HP biz fortunately). Runs fine. Took the hard drive out of an AMD AM2+ mobo system and plopped it in a AM3 mobo system. The only glitch was the nVidia drivers needed to be removed beforehand so the AMD Radeon vid card switch-in wouldn't toast the OS on load (still was able to remove the vid drivers by swapping the old vid card into the new system, remove the drivers, then pop the Radeon back in). Simples.
Win7 isn't as bad off as XP when it comes to underlying hardware change. You can even move from SATA IDE emulation mode to AHCI with a one-liner registry change.
Trevor, your setup sounds quite extravagant, and I do hope your SNB $750 HTPC runs well hosting the 3 or 4 XP VMs that you allocate for "all your computing needs except gaming." However, I for one know that it would not work for most tech-savy users, as my web-browsing alone takes up over 750MB of RAM (yes, I have lots of research threads open, usually 6 or 7 separate browser windows with multiple tabs each). Hope you decked out that SNB with 16GB of RAM and a 120GB SSD, which is the only way it would be tolerable if both you and your family are using it concurrently.
Something you might want to look into is an nCompute setup. Works like RDP, but is a separate physical thinbox client. It's more seamless than a Wyse or the like, and gives you a more-native view than an RDP session. Also would save you having to run your i5 w/ an nVidia power-sucker just so you can tote around the internet in an RDP session.
Windows 7 Images (and Vista) are VERY good cross hardware.
Got a mix of Dell's and HP's, laptops and desktop ranging from 1 month old through to 5 years old.
One image - works on the lot.
I5 2500, 16GB RAM and Vertex 2 120GB SSD. It is in a tiny little case with an 80+ gold PSU and I am pretty sure the whole thing didn't cost me more than $750 at the time of build. (Which was some time ago.)
I regularly run with 120+ tabs of Firefox open, 50+ rdp sessions, 25-30 SSH sessions, 12-15 Notepad sessions, Outlook, Trillian, FeedDemon, Dropbox, 3 or 4 Word sessions, a pair of Excel spreadsheets, Google Calendar sync and MSE. (Give or take, that's my PVM setup.) That fits just fine a VM with 3.5GB of RAM. I have not had a problem with it in 7 years.
My wife's Windows 7 VM has 2GB of RAM, hold more or less the same loadout of programs (but nearly as many open at a time) and I haven't heard complaints. My roommate's CentOS has 4GB of RAM; no blitting from the back buffers there.
I don’t see how that “isn’t good enough for most people.” There’s gobs of free RAM for little widgety VMs to run in the background and still have lots left for the host.
The whole thing consumes next to no power (I think it averages less than 50W consumption during the day,) and the exhaust from the fans actually blows into the cage for my Geckos, helping to keep them warm.
Cheap, does the job…fast enough for three people’s work with overhead to spare. Where’s the issue?
As to Windows 7 image-based backups; my success rate with them is only about 70%. Oh, like hardware to like hardware, sure. But if the southbridge is too far out, the thing just doesn't seem to like to go.
But even is Microsoft fixed that, it is still only part of the puzzle. I own more than one endpoint! I have a desktop, notebook, netbook, two tablets two cell phones and that’s before I start counting work computers or trying to get the things I need done while over at a friend’s house or on a client’s site.
The VM solution puts everything I need on the other end of an RDP session for 50W of average electricity usage. I don’t have to leave some monstrous desktop running 24/7. I don’t have to synchronise profiles/bookmarks/settings/sqrt(-feet)/whatever between all these different devices.
I just need an RDP client. Then work gets done.
Ok, I just misunderstood your reasons, I'd assumed you were talking more about restoring OS's to dead disks, as opposed to imaging a standard OS onto new hardware.
However, I'd have thought a custom install script with a standard System iso and the required apps would have been less labour intensive.
Scripted install? For an image-based OS? (Windows 7 is image based!)
Then you have to write a script to kill aero snap with fire, install classic shell, set the folders to visible, make sure extensions show up, kill simple file sharing, beat IE9 into shape, yadda yadda yadda.
Then I have to import my bookmarks. Set up outlook. Import my dictionary for Word, move over my chat logs, install all the things on Ninite. Install mIRC, remember that nnscript is broken on modern mIRC. Uninstall mIRC. Spend an hour hunting old mIRC, then install nnscript. Copy over nnscript configs. Set up Trillian. Configure Feed Demon, Dropbox calendar sync and every single browser.
Desktop shortcuts have to be created or migrated. Quick launch configured. I have to punch in every single password for every single website or network device all over again. (If I remember them.)
I have to map my H:\ drive to my homefolder on the Synology diskstation and then “move” my “My Documents” folder to the diskstation so that dropbox and all the rest of the stuff works the way I want it to, and so that a document saved in one location will actually make it to the other computers I use. (My homefolder is ~2TB, so no, I can’t just use dropbox to syncronise files.)
Every. Single. Time.
So I am supposed to SCRIPT this? And have those scripts remain valid for more than 6 months and a handful of application versions? What a truly monumental pain in the ass!
I set up my VM seven years ago. Years. Seven of them. That is the before time! It took me a grand total of 8 hours. (Because that is what doing all of this and patch, patch, patch, patch, patch takes.) I haven’t had to reinstall it or reconfigure it, migrate it or otherwise putz around with the thing since.
It isn’t the most secure. It isn’t the most highly available or done according to a white paper or set up to never ever fail with added !!!111!!11oneoneone.
Instead, it is really – really – convenient. It requires next to no maintenance beyond periodically migrating the VM from host to host as you upgrade the hardware. (Move file. Press “play.”) The backup widgety thingamabob backs it all up once a night and so if my house burns down, I lose only a day’s worth of data. (Less; the hyper-critical stuff like financials, El Reg articles, etc. are all in Dropbox.)
Maybe what I am describing is slightly more labour intensive than setting up a single new computer. But when you look at how many computers I plough through in the course of a year, and then realise this has worked for SEVEN so far…
…the sheer laziness this has enabled gives me the happy.
Bookmarks and passwords
Xmarks in Firefox. Password protected, syncs wherever I need it. Don't care about banking passwords as I will never commit those knowingly to the storage of any browser. It's worth using even if you want to persist with VMs.
It sounds like part of your problem was, originally, not being particularly well organised ("spend an hour hunting around for old mIRC"? Really? Once, maybe, but every time you set up a new machine? Fool me once etc).
That being said, if you've gone through 18 client machines in 7 years (presumably through choice rather than buggering the hardware up) and use several devices for connectivity, your setup starts to make sense.
What sort of security do you have for inbound connections? It sounds like you're set up for external access - is that right?
Netgear WNDR3700 v2 /w Openwrt.
The Big Guns. :)
Prediction: there will be a 3rd party company,...
that will write its own utility to manage windows profiles and saved games better than default, then M$ will buy them out, add its own cruft and bundle it free in future versions of windows.
See Visio, Virtualisation, Media Player, et al.
New Machine comes into the house
Remove all the crud, patch to latest everything
create to-the-metal disk image on home file server across network
set up weekly scheduled backup to home file server across network
give to whoeveritisthatneedsit
Tutorial please, or a pointer
If I want to create a setup like that, what do I need to do to create the virtual server?
What software do I need to run on the virtual server box?
Do I need special license to allow multiple instances of XP (or Windows 7) to run?
Can anyone point me to a good tutorial on that?
You need VMware Server - it's free, though now out of support and obsolete. It runs on various flavours of linux, though for version 2 Ubuntu seems to be the only non-enterpise version.
For the VM licensing it gets fiddly. If you run Ubuntu as your host OS but want to have 3 separate Windows XP VMs, the normal assumption is that you'd need 3 licences. If you won't ever run more than 2 at a time, you might get away with having 2 licences, but I wouldn't want to bet on it unless the terms of your license explicitly allow you to count licences in this way.
There are tutorials on setting up VMware Server for Ubuntu and Fedora at http://www.howtoforge.com/how-to-install-vmware-server-2-on-ubuntu-8.10 and http://www.howtoforge.com/how-to-install-vmware-server-2-on-a-fedora-9-desktop, and advice on creating virtual machines in VMware Server at http://www.virtuatopia.com/index.php/Creating_VMware_Server_2.0_Virtual_Machines.
It probably helps if you're using a decent router at home rather than one of the freebie pieces of cack that ISPs are so keen to give new subscribers...
XenServer is a decent, free option for the host server. The free edition should provide everything you need. Of course, you'll need to download a free license for it, but that's not a huge deal.
Multiple instances of Windows require individual licenses. For Win 7, I think that Microsoft may have an alternative "VDI" licensing or similar, but the specifics are beyond the sphere I typically worry about.
> Secunia PSI... Allegedly the latest version features automatic updating, which (if it works correctly - I haven't tried it yet) would solve its biggest flaw.
Seems to work. It's slow though and there is minimal feedback on progress (which might make it feel slower than it actually is).
Interesting, I will have to give that a whirl, thanks.
I feel your pain
I've spent the last eight months installing different versions of Windows, Exchange, SharePoint and various backup packages. I'm sick to death of the whole 'virgin' browser experience.
Tell the EU to sod off - I just want a browser, thanks. Any will do.
/No/ I don't want to confirm every bloody site just because it's a server. /No/ I don't want Bing as my default search engine. /No/ I don't want accelerators. Blah, bloody blah. But what really gets up my nose is that if you decide you just can't be arsed because you just-bloody-want-to-install-the-damn-applications-thank-you-very-much then clicking No causes a new tab to open with some marketing shite anyway. Maybe we need a third button.
'No, I'll do it later'
'Fuck off and let me browse'.
As for the rest. Sigh. Turn off shutdown prompt on servers (they are only test servers anyway). Single click thank you, don't you dare hide known extensions, show the full path, open a new window for each folder. Turn off all the panes except the actual folder view.
Gordon Bennett - the list goes on. And you know you're trapped. If you try to skip something you'll get pissed off at it later anyway. And does anyone understand how the Group Policy Editor works in Win 2k8r2? You have to launch the reporter then ask it to edit a setting so that it can open the editor in some magical way that allows you to actually edit group policies. Assuming you can even find where the setting is in the first place.
I'm bloody glad I'm only a programmer. Visual Studio is bad enough but configuring Windows and applications is a nightmare. I take my hat off to IT support gurus.
Group Policy Editor in Win2k8
"And does anyone understand how the Group Policy Editor works in Win 2k8r2?"
If you're editing domain policies and prefer the Group Policy Management Console (and you have it installed), type "gpmc.msc" instead.
Ah, yes. I did a bit of Googling and I think you're right. In the past used rsop.msc then clicked edit but it looks like that is launching gpmc.msc and that ought to work on its own. Thanks for that. I'll probably forget it now that I'm back to my real work but thanks anyway :)
This is the difference between Developers and the Infrastructure guys :P
>This is the difference between Developers and the Infrastructure guys
Yeah, I guess. If you do this stuff as part of main job then you can remember it. But I still think it's poor design. Why the hell do we need two different utilities that look almost identical to do what's essentially the same job?
I think they should be replaced by a single console app 'policyeditor.msc'. If not then gpedit.msc/gpmc.msc should warn you and offer to run the correct version.
Ah well, thanks again guys anyway :)