Experiences with Replacing Desktops w/ VMs?

A user asks: "After years of dealing with broken machines, HAL incompatibility, and other Windows frustrations, I'd like to investigate moving to an entirely VM-based solution. Essentially, when an employee comes in in the morning, have them log-in, and automatically download their VM from the server. This gives the benefits of network computing, in that they can sit anywhere, if their machine breaks, we can instantly replace it, etc, and the hope is that the VM will run at near-native speeds. We have gigabit to all of the desktops, so I'm not too worried about network bandwidth, if we keep the images small. Has anyone ever tried this on a large scale? How did it work out for you? What complications did you run of that I probably haven't thought of?"

Re:Um, wouldn't a ...

[OriginalSpaceMan]

Plus, on a LAN using thinclients will be just as fast, visually, as a local PC. Hell, I play video's over my RDP thinclients and it works quite well.

Look at LTSP.ORG

[EDinNY]

LTSP.ORG does somthing similar. You run X clients on a common "server" and view it with an X server on almost anything with 64 megs or more of memory.

I work like that now, but 2000 miles away

[kabz]

I work at a client site where I implement large software. I have my own laptop, which due to sadly lacking Oracle WAN performance, I primarily use as a dumb terminal to various Citrix apps, and Windows Remote Desktop at my home office where I can run Visual Studio, db-based apps etc.

This works great, with one major caveat. If the network starts stuttering, performance of remote desktop and citrix both suffer badly. Otherwise, the benefits are great: much reduced amount of sensitive data on laptop, access to a higher performance office machine, less app latency when talking to 'local' databases 2000 miles away.

The way we do it...

[DarkNemesis618]

Where I work, we have a domain so a user can log onto any computer and have their email & favorites all set up. In their profile, it automatically maps their departmental network drives and their personal network drive (where they're supposed to save their documents to). The normal programs are installed on every machine, and it's not hard to temporarily install any special programs they need on the machine they use in the event theirs in unusable. The only issue we have is that for some reason, no matter how much we tell them to save on the network, they apparently refuse to listen and save stuff on their hard drive. And then subsequently blame us if their hard drive dies and they lose data. But that's another story.

My experience...

[Starbreeze]

I needed a quick and cheap solution for some Windows machines for our QA group to test things on. We bought some VMWare Workstation licenses and ran 6 VMs running XP on each beefy machine. (About the limit for a machine with 4GB RAM) Granted, there are better VM solutions than Workstation, but we wanted cheap and quick. Don't count on it for anything mission critical. About every two weeks, VMWare would basically eat itself and the Linux box. However, it was easy from a maintenance point of view, because I could VNC in and see all 6 VMs at once. Also, since VMWare has a cloning feature, anytime QA infected the machines with something nasty, or just pissed off XP, I could re-clone it. Also remember that any VM hogging resources can slow down other VMs on the same host.

However, for the context that you are speaking about, I would take the advice of individuals below and look at Citrix or roaming profiles.

Re:The way we do it...

[ejdmoo]

Configure folder redirection. Then the "My Documents" folder will be on the network, and users won't have to know anything special to save there.

The desktop is still a problem though.

Re:Please, god, no.

[wwest4]

Just don't what... misconfigure or misapply the technology? If "Citrix" is anything, it's too expensive in some situations and inappropriate for others. Maybe you were just using some Citrix software to do something it's not ideal at doing, or otherwise using it incorrectly... in any case, it's kinda silly to malign an entire software suite with a vague anecdote.

Re:No 3D

[Anonymous Coward]

There are a lot of complications using a VM - there's no 3D, no good audio etc.

Exactly. A good test to see how the speed on how the proposed system would perform is using terminal services (obviously on a remote computer). Even with gigabit ethernet the speed is going to drag on many applications. IMHO, if the author is running a Windows network, he or she should just use remote desktop and then standardize each computer with a default installation. Personal data will be saved on the server while all the heavy lifting software will be done locally (with the option of remotely executing high speed aps on other powerful remote machines). To speed up the updating of computers, if they are all identical he can simply use ghost software to copy hard drives. If a computer has a software problem, swap the hard drive with a previously ghosted copy (of the standard installation) and then ghost copy to that hard drive later--or ghost by network. I've done this and it works. It also makes it really easy to train junior sysadmins. Just make sure you don't allow users to store anything other than temporary files on the local systems HDs.

Re:Why not just use sunrays?

[Sampizcat]

We used Sunrays at my old workplace. They worked fine and were very reliable - just throw in your card, put in your password and away you went. I highly recommend them.

And no, I don't not work for/am not in any way affiliated with Sun Microsystems - I just really like their product.

Sampizcat

Three different takes on this

[prisoner-of-enigma]

First off, I don't think VM'ing your desktops is the answer. Current VM's really dumb down the hardware. You lose 3D, sound, and most of them run a bit slower than native (some quite a bit slower). Couple that with the size of most VM images (my Vista image is about 12GB) and you're really looking at a poor solution.

Here's what you should be thinking about:

- Get some kind of desktop management suite like Altiris. You can push software deployments easily, and it's very easy to lock machines down to the point where users can't fsck them up. I've consulted for companies that do this with hundreds of desktops and it's a very robust, reliable system.

- Go with a thin client setup like Citrix or Terminal Server. Users run nothing on their local hardware. Instead, everything runs on the big server. Downsides are similar to VM's (thin clients are notorious for very lightweight support for anything but the most basic sound and graphics) but you are at least spared the massive network thrashing of hundreds of users logging on and pulling down VM images at 8AM every morning.

- If it's users messing up machines that you're worried about, you might want to consider a solution by Clearcube. They take away everything except the keyboard, mouse, and monitor. The guts of the PC reside in a server rack in what is essentially a PC on a blade. The blades are load balanced and redundant, so swapping them out is a breeze. And users *can't* load software on them because there's no USB ports, no floppy drive...nothing! Unless you allow them to download it from the Internet, *nothing* is going to get on those machines if you don't want it to.

VM's make sense for server consolidation. I don't think they've yet gotten to the point where desktops run on them as a form of protection or reliability. There's too many other solutions that work better and have fewer downsides. The problem here isn't Windows per se, it's the fact that your workstations aren't locked down properly to prevent your users from doing stupid stuff in the first place. Fix that and suddenly you'll find a Windows workstation environment isn't the hassle it once was.

Re:Why not just use sunrays?

[CapeBretonBarbarian]

Because Sunrays are really sucky. take it from a former Sun Microsystems instructor. They really are. You're better off with a Linux solution, for Multiple reasons (not going to go into all of them, now. Just research it. Start with cost-factor and go from there).

Come on, you're going to have to give some additional information than that. We use Sun Rays quite a bit in our classrooms and labs and if you have the bandwidth and a good server on the other end, you're in the money. Sessions can be keyed to an access card and will follow you around the campus. If a Sunray breaks down, just swap in a new one and the session continues exactly as you left off. Pull your card, come back in a week, and pick up exactly where you left off. Everything resides on the server. No maintenance required at all on the client side.

What version of the Sun Ray server software were you using that made it so "sucky"? From my experience, they worked great for us. The only downside we had is that streaming video over Citrix to the Sun Rays didn't work so hot. However, streaming video natively from the Sun Ray server to the thin clients worked fine so the problem there was probably with Citrix Metaframe.

Sun has also recently upgraded the Sun Ray thin clients so they have gigabit ethernet, plus they now hsve a more complete end-to-end solution that will allow you to run Windows apps on your Sun Ray (in addition to all the Solaris/Unix apps) thanks to their Tarantella purchase. You'll still need some Terminal Server licenses, but you'll save on the Citrix.

You could try calling the local Sun reps and see if they'll give you a demo. They did that for us - drove 6 hours to our workplace and set up a server and clients to demonstrate it for us.

Re:Citrix

[discord5]

Sounds like you want something like Citrix.

Citrix (or another similar product) is exactly what he should be looking into. Downloading entire disk images over a network is just a pain in the ass everytime someone boots. However Citrix isn't the solution to all things, yet it beats VMs for most practical applications.

But you'd be looking at maybe 5 minutes for the morning boot-up. Not to mention all the employees hammering the network for a 2~4gb image at 7am will really thrash the servers.

See, that's the big negative point in the entire setup. The bootup time is a pain in the neck, but people can live with that easily. They'll fetch their cups of coffee, have the morning conversation with coworkers and will return about 10 minutes after their machines have booted up. The real issue is the server getting hammered every morning, slowing these boottimes as more machines get added to the network.

I can hear it now: set up a second server, set up a third... etc etc. Yes, set up a bunch of servers that do nothing all day but hand out images, and don't forget about the backup servers (you don't want one of those servers to crash in the morning taking out the entire accounting department). I'm seeing an entire rack of machines at this point doing nothing but handing out images, wired up to really expensive network gear, doing nothing really useful. Don't get me wrong in this last statement, the usefulness of this construction is that you can easily exchange pc's and images not having to worry about hardware, software installed on each users pc, etc. But there's a lot of more cost-effective ways to achieving something that works similar.

Take that budget for those image servers, and backup servers, VM-software licenses, and networkgear, and buy a single server and a good backup mechanism (or a backup server in failover). Spend some time on setting up profiles and think about what software is present on all machines. Take an image of every machine you install differently, and copy that to the server. Buy software like Citrix (or anything else resembling it) to have special applications available at one server (think backups here), and you have a pretty decent solution that doesn't hammer your network/servers every morning and gives you a headache by 10am because some people aren't getting their images.

I've seen the concept of VM images on a server, and I've seen people get bitten by it because they didn't forsee the amount of storage and network traffic involved. Most of these people didn't have a need for such an elaborate solution. Hell, I've seen half a serverfarm run vmware because "it was a good way to virtualize systems, and make things easily interchangable" while those people would've been much more satisfied with a "simpler" failover solution (note those quotes, denoting that failover also requires thought, but usualy ends up being a cheaper solution hardware wise).

On top of it all, using VMs for desktop operating systems uses up a lot of resources. You're running an operating system, that runs software that runs another operating system. Some would say that it's hardly noticeable, but why waste the resources? You'll make todays hardware run like last years, which for most applications is not an issue, but most likely you're going to run last years hardware like hardware from two years ago because you'd have to invest in new desktops for the entire company otherwise.

Let's talk mobility for a moment. Imagine your salesman with his laptop and flashy UMTS (or whatever standard they've cooked up) connection on the road. He's going to want to be able to check his mail on the road, so he'll have to get an image over a connection that can hardly manage streaming video... Nope, you're going to give him his operating system, install his software and pray to god he doesn't send too many large documents over that very expensive UMTS connection. That sort of starts breaking the principle of having images f

Re:No 3D

[innosent]

For Windows, use roaming profiles and default installations. For Linux, rsync works quite well for the base OS (say, a staggered start time at night based on IP), with OpenLDAP doing auth and home dirs stored on central server(s) and mounted via NFS. New system setup becomes a knoppix CD, partition the new drive, format partitions, mount them, rsync the distribution to the new machine, chroot, and setup boot loader. You could of course script all of this, and this is very similar to what I do for kiosk systems (Linux/Firefox setup), except the kiosks don't change, so it's just a big tarball via sftp instead of rsync. You could also do tarballs, and keep the last few versions as backups in case you screw something up. If the hardware is identical, use the distribution of your choice, but if there are several different systems, you may want to use one with good hardware detection (like knoppix).

Amazing

[Anonymous Coward]

You have no idea who you are talking to, yet you can judge the individual. They asked a simple question of a bunch of geeks to see if others have done it. Nothing more. And to be totally honest, I can not think of a better site to obtain useful info (mixed with absolutely worthless info, fud, and comdemnation).

Yet, you throw out basically worthless info. I am sure that they will be trialing it. But if others have done it, and offer useful info, they can also check out paths to take (or avoid).

To E1ven: Please try it out on a couple of different set-ups and let us know. It would be useful to see how it works with Xen (combined with qemu for the windows stuff).

PXE Boot

[numbski]

I think I have to disagree. Most of the better gigabit nics out there support PXE boot. Get a small boot loader image going. If these will all be on the same lan segment, at boot time it will grab the latest loader image, boot the small loader (~2MB). The loader can then boot the full OS image.

You can then just capture or encapsulate the computing session to an image file. It's not a full virtualized environment, as you still get the benefits of the cpu horsepower at the workstation, but if corruption occurs ou just roll back the session file. I think.

This is how Windows hibernation functions in a nutshell, just dumps RAM to a file I think. I haven't tried this in practice, but it should work.

Re:Amazing my left foot

[Anonymous Coward]

He never said that he would experiment with a large corporate base. He is exploring options. Nothing more. BTW, it is companies that take chances that grow fast. For example, it was Bob Crandell at AMR that took moved the the Sabre system into doing a large number of inovative ideas. Once Carter de-regulated the industry, AMR was then able to surpass the other airlines in size. Other companies that push the inovation such as Google and Amazon are then able to grow in size quickly. A better example is Walmart. Sam Walton was very conservative WRT how the company was ran. But the one place that he spent money on was technology (even though he did not understand it). In fact, when other companies were pushing big mainframes, he pushed walmart on Windows. Now, that others are pushing into Windows, Walmart is quietly pushing onto Linux. By the time that the industry realizes this and starts the move, Walmart's system will be paid for. There costs will be a fraction of the others.

In contrast, it is when a company locks down everything and is afraid to move forward with new ideas that dies (or nearly dies). For example when they start saying that the company should not change things, then they are in a death spiral.

Re:Um, wouldn't a ...

[Anonymous Coward]

Funny you should make that statement; video via RDP on my locally connected 100Mbps link is absolutely horrible. I have several computers, and I use RDP to access them all. Every time I try to watch a video, I find myself copy/pasting the link to my local computer to actually watch the video.

Are you using cheap (or onboard) NICs, cheap switches and long wires? Do the math:
100Mbps link over long wires + cheap NICs (like Realtek) + cheap switches (like Planet) = 10Mbps link
100Mbps link over short wires + 3com NICs + 3com switches = 100Mbps link

Re:And this would be an improvement how?...

[GreatDrok]

We have bought a number of quad opteron machines recently because we do a lot of background number crunching and they need to run Linux. However, everyone has also been using laptops for Windows software. At my suggestion we have been configuring VMware images of XP Pro with Office for each user and installing vmware-player on each of these Linux workstations.

We have a Linux server that runs Samba for roaming profiles to the current Windows laptops and this works OK as it does mean if a laptop dies the user has all their configuration stored on the server but unless the replacement machine is configured exactly like their old one (and the users do have various needs for software beyond just the basics so they often do differ) the roaming profile doesn't exactly work and there is a bit of fiddling.

With the VM setup the users are able to use their image on any machine (shortly even on the Macs) and it is theirs regardless so the roaming profile works well too. This also means that Windows only uses up a small part of their workstation so we can gang the quads together into a cluster and do some serious work. The best part is that each night we do an rsync of the home directories (to another server and external drives to be stored in a firesafe) which also contains their VM and so if they screw up their Windows system we can just copy back the one from the day before and all is well. Far better than Windows Restore which isn't entirely able to put a machine back into a previous state.

Finally, the price of all this destroys any other solution I can think of for running Windows apps in a largely Linux environment. The player is free, the Windows and Office licences we had already bought, Linux is free and we have got a 40 processor Opteron cluster available that effectively cost us nothing too because we needed to put desktops in to replace the laptops that some idiot thought would be a good idea when the company first got started. Every user has a local vmplayer on their Linux machine. They are getting dual 20" monitors which is better than the 15" laptop with a 17" monitor attached as the laptops can't drive anything better so they can run Windows on one monitor and have Linux on the other.

With the current situation they were all running lots of Linux apps using VNC to our few available Linux machines and lots of terminals (cygwin or putty) but had Windows because there is still a perception that we need Office, mostly PowerPoint, although I have made sure they all have OpenOffice. They were crying out for more compute power as the company grew so for not much money I was able to buy 10 Quad Opteron workstations to give them the power, dual monitors don't cost much now either and vmplayer gives them Windows on one screen and Linux on the other, or Linux on both if they don't need to be running Windows apps. They still have the laptops for presentations and mobile use but they don't need to use them every day which should prolong their lives so there is a saving there too. What's not to like?

VMware ACE

[BlueLines]

http://www.vmware.com/products/ace/ [vmware.com]

"With VMware ACE, security administrators package an IT-managed PC within a secured virtual machine and deploy it to an unmanaged physical PC. Once installed, VMware ACE offers complete control of the hardware configuration and networking capabilities of an unmanaged PC, transforming it into an IT-compliant PC endpoint."

Re:Citrix

[hdparm]

Actually, with VMware workstation you can keep base images on the workstation itself and load only user's plugins / redo stuff over the network. That's what we do and we don't see any network hit on 100 Mbps LAN. This gives you ability to run free (as in beer) Linux distro on all your workstations, which enormously helps with PC support issues compared to any Windows version. With a bit of clever scripting, KDE session retrieves all the necessary stuff from MySQL backend and users have their workstation (Windows, Linux, whatever) running full screen in no time. With good PC hardware (which is dirt-cheap these days) noone can tell that what they see and work on is VM.

Granted, for large network this solution is probably too expensive (we are .edu so we get really nice discounts on VM licenses).

Re:Um, wouldn't a ...

[Anonymous Coward]

hmm,
funny but my p3 NFS server with a realtek nic can transfer files to my desktop over cheap ethernet cables, through a cheap 100Mbps switch, into a cheap realtek NIC at around 10-11 megaBYTES per second. That's pretty close to the maximum speed you'll see over any 100Mbps link. Long wires might make a difference, but cheap nics and cheap switches seem to work fine for me. Maybe the switch will be a lot more a limiting factor if more than one simultaneous transfer is going on (I use cheap switches for my LAN where normally only 2 machines are communicating at a time). I actually changed my nfs server to a realtek NIC because the 3COM 10/100 card refused to work in 10/100 mode, and always went to 10. The cheap realtek cards are wonderful, as they're dirt cheap, and work great in linux.

Re:Still Windows

[Vancorps]

You don't need to "carefully" do anything. Folder Redirection in Windows was created just for the task. It's a feature that was introduced with Windows 2000. Beyond that you can use SMS and custom office installs to have everything configured properly everytime someone logs in. Mandatory profiles ensure that everything stays clean and spyware free. Which weaknesses are you referring to?

Beyond that I'll go and say that this approach is bomb proof and by redirecting files on to the servers which requires surprisingly little overhead you ensure that when users float from machine to machine they have all their application preferences and data. Settings can very from machine to machine with different version of software and whatnot but again, SMS will fix that.

I think we can all agree this is not a good use of virtualization. It would be very resource intensive and a simpler PXE solution already exists. With PXE you don't even have to have all the same hardware, just the proper drivers. SMS will take it from there installing the rest of the third party apps whatever they may be. Can be done from start to finish in under 30 minutes which is about how long it takes to fully restore an image. Of course over a gigabit link the time might be reduced but Windows will take a good 10 - 15 minutes to install over the network so it wouldn't be unreasonable for everything else to take another 15 minutes depending on how much there is. I know in my basic setup with Windows and Office its about 20 minutes give or take depending on processing speed and quality of hardware.

Re:Inevitably

[Anonymous Coward]

You do have a point...

I'm amazed nobody has brought this up. Someone said you'd need twice the XP licenses. That isn't true if the host OS on each PC is Linux. VMware DOES have a client for Linux. I imagine it would be a lot more secure if Linux was the host, and you can customize all the startup scripts so you wouldn't have any unncessary overhead.

I'm not sure on the loading time differences between XP host and Linux host, but last time I ran VMware on my XP laptop, it was slower than shit. 1gb of ram, Turion 1.8ghz, it ran slow...... SLOW

Re:Look at LTSP.ORG

[Sleet01]

I saw the LTSP presentation at Linux Fest 2006, and was quite pleased with the performance. It balances server-side application hosting and execution (ease of installation and administration) with client-side hardware that can be customized (3D acceleration, removable media, speakers) for a very flexible system overall. I'm considering setting an LTSP system up at my home, in fact: I could tuck the main server out of earshot and set up a couple of super-low-power clients around the house. With an ultraportable laptop, I could access the same user account no matter where I went but only have one main machine to update on a regular basis.

Windows licensing terms prevent this

[julesh]

You can't legally do this with Windows. The (bulk-licensing) EULA states that you are allowed to install Windows on one computer and one virtual machine *that runs on the same computer*. Moving the image from computer to computer is specifically prohibited, IIRC (yes, I've considered doing this before).

Re:Citrix

[gmplague]

I don't know what VMware has, but qemu [bellard.free.fr] has support for it's own COW (Copy-On-Write) filesystem. Essentially, you give it a base disk image, and then any changes to it are written to a special file. When the machine is loaded, this "diff" is applied to the base filesystem, and you have the full altered system. The advantage is that the COW (the diff) image is much smaller than the whole filesystem.

Re:Inevitably

[ThePhilips]

My friend had setup Windows for his girlfriend as guest OS under Linux host. He was using VMWare. His girlfriend was forced to use IE to access her University Intranet. Also she needed M$Office for documents from profs. The notebook was constantly plagued by malware/spyware/etc making it barely usable.

My friend installed Linux (Gentoo one) and VMWare Workstation. Inside the VMWare he installed the OEM Windows off the notebook. State of Windows - fully updated and with M$Office installed - was saved on backup image. In guest Windows, all work was done on SMB/CIFS drive of host Linux.

The only problem was video performance - e.g. macromedia flash animations at times were making the notebook to melt. Also there were some sporadic network problems - mostly attributed to poor Windows network stack implementation. (IOW, the network problems occurring with normal Windows installation under VMWare were occurring more often. E.g. Windows DHCP client was at times failing to get address from host Linux. That IE thing was at times failing to load pages properly or simply hanging. The usual WinXP/IE problems.)

Advantages were clear. Spyware/malware got to notebook? - recover from backup image. Something crashed? - data are most likely are Okay on host Linux hard drive. Also, gradually girlfriend ha been taught how to use Linux and how to get around the University Intranet with Linux and Firefox/Konqueror. Though most documents she used still required M$Office under Windows.

Parallels - Mac - 3D hwAccel.

[markpapadakis]

I have been using Parallels for quite some time on my MacBook Pro, in order to use a few apps on Windows ( installed Windows XP Professional on the VM ). It works like a charm, as fast, or at least almost as fast, as if I was to use a separate system for just Windows. I 've also installed Ubuntu today, which runs equally well. According to the rumors-mill [macrumors.com], Parallels is getting 3D hardware acceleration soon which means, among other things, you will be able to run games on the VM, get better performance on the desktop and, once Vista comes out and Parallels provides support for EFI, you will get an accelerated desktop experience through Aero. I personally have no other use for Windows other than running one or two apps once in a while and playing games ( Mac OS X is just too good to fallback to Windows for anything else ).

Re:I respectfully disagree

[Anonymous Coward]

I agree about the kernel/VM incompatibilities. It is a PITA to have the kernel modules for VMWare go out of sync with your kernel, but a script to recompile the modules against the running kernel whould be fairly trivial - and the compilation process only takes a few seconds, so it could be done at startup time quite easily.

I guess Linus, etc., would say it is to prevent hardware manufacturers from making closed source drivers, but that doesn't work anyway because either they just don't bother with a linux driver or they make a thin GPL shim which presents a consistent ABI to their closed driver like nVidia. In the end it just makes Linus more of a pain to use.

I respectfully disagree with you though, at my GF's request we have been moving her away from Windows 2000 and onto Ubuntu. Running (free!) VMWare Server on Ubuntu works great (apart from the occasional module recompile issue) and now her old Windows installation which we're still running in parallel during the switch is where it belongs - in a box. Windows has no business running on the metal ;)

Re:No 3D

[Fastolfe]

This is a different kind of a VM. .NET and Java run application logic with their own type of VM that allows their applications to interact with the OS, in many cases, just like any other native application. VMware and other VM solutions attempt to emulate an entire host computer to run an operating system, which can then run applications. These applications are constrained to accessing only the things available to them in their operating system and cannot interact with the host operating system, except through emulated networks and devices.

Java and .NET simply make the native operating system's 3D APIs available to its applications. A full VM solution would have to implement a "virtual" 3D-capable video card that a guest OS would be able to use, and then find a way to hook that emulated video card up to a variety of real video cards. This is considerably more difficult.

VMware has actually had 3D support for a while, but it's been painfully slow. The latest versions do make some attempt at using hardware 3D acceleration through the host operating system. I'm not sure how well at works, though.

Re:Um, wouldn't a ...

[Octorian]

IMHO, the Sun Ray has just about everything you could ever want out of a thin client. It's essentially a stateless box that you NEVER have to upgrade, and you can hot-desk sessions between them. Between models, the differences usually have more to do with integrated peripherals or I/O ports than anything else.

They even do audio decently, which is pretty nice. (and support USB peripherals beyond the kbd/mouse, etc.) Their only weak spot is video (and flash on web pages). Video could be fast if it used the right APIs, but the *only* program I've seen that does this is Sun's now defunct "ShowMe TV" app.

Re:No 3D

[SavvyPlayer]

Under VMWare Player, the video drivers included in the latest version of vmware-tools do support partial hardware-accelerated 3d. From the site:

Experimental support includes the following limitations: Workstation accelerates DirectX 8 applications, and DX9 applications which use only the subset of DX8. Performance/speed of 3D applications is not yet optimized. OpenGL applications run in software emulation mode. All aspects of 3D acceleration are not enabled. Some 3D features that are not yet accelerated include: Pixel and vertex shaders Multiple vertex streams are not supported. Hardware bump-mapping, environment mapping Projected textures 1, 3, or 4 dimensional textures

This support is only going to improve over time.

Re:I work like that now, but 2000 miles away

[Twiek]

Uhhh, You can tunnel RDP over VPN.

In fact, you can tunnel most network protocols over VPN....

Re:Um, wouldn't a ...

[flashdot1234]

I am under the impression that VMWare has or is in the process of releasing a system where the VMs run on servers, and you can use think clients to view the vm. This approach gives you all the the benefits of snapshots and other good VM stuff, possibly audio, and also the very controlled hardware enviroment you seem to be looking for.

Xen/VMWare

[Ashcrow]

I've used both Xen (personal use) and VMWare (comercial use). Of those two Xen is the way to go IMHO. I had FC5 running on FC5 with only 256MB RAM given to the virtual machine and the speed was amazing. It really felt like a sepereate, full powered machine!

On the other hand, VMWare is a bit sluggish. It's easier to set up virtual machines for but I've never used it where I didn't feel like it was sucking up system resources and slowing down both host and virtual machine. I also found that it seems to screw with the virtual machines clock a lot ... A coworker left his VMWare vm running over the weekend and when he returned only 2 hours had passed for the VM ...

ARDENCE is what you want!!

[Anonymous Coward]

You really want to look into ARDENCE. This system does streaming OS's. You desktops can operate as essentially a "Smart Client". You can set-up your domain so that all of the users profile info resides on the domain controller. Since you have a gig network you are almost there! http://www.ardence.com/ [ardence.com] I think this is what you are looking for

Re:Um, wouldn't a ...

[spinozaq]

I use sunrays in my home. As soon as you move to more then 3 computers, in your home, or in an office, the electrical savings will pay for the sunray investment in a year or two. You can find the "old" sunray 1g devices on ebay for around 100 dollars or so. Hooked up to a nice cheap LCD @ 1280@1024 and they are the ultimate work machine. 2D graphics are fast even on a 100Mbit wire. I personally have never found a need for 3D in normal day to day work. ( I imagine if you are in that business you should have a big workstation under your desk anyway. )

I was introduced to the sunray in college. When better then 100 workstations are needed the cost and administration savings become very apparent. 100 * 40 watts (sunray and LCD) == 4000 watts..... 100 * 200 watts ( PC and LCD ) == 20000 watts. The new devices draw 10 watts of power. ( but cost a lot more )

Also, they have very good power managment and go to sleep quickly, saving more energy. They are also fanless, giving a much more pleasent work (or in my case bedroom) environment.

Re:Another Possible Solution

[majortom1981]

This is what we use here at the library. Its a great solution. Wee have the comps automatically turn on at a certain time unfrozen and all the patches get installed via wsus and via our mcafee server then they reboot back to frozen. Couple that with group policy using group policy manager and you have a pretty secure system . Wh ygo through all the vm stuff. Just have the users store there info on a server or in the thaw space. But I agree with the topic creator that i replied to :)

Synchronization

[ChrisDolan]

For Linux, rsync works quite well for the base OS (say, a staggered start time at night based on IP)

Try Unison [upenn.edu]. It caches the state of the last sync, so it's dramatically faster at startup. Under the hood, it uses the rsync protocol when it does need to transmit changes. Additionally, it's much more configurable than rsync.

I use Unison to sync/backup my home and work computers, including my music and photo collection as well as ~/bin, ~/perl, ~/.cshrc and ~/.emacs.

Our experiences

[plopez]

I am working for a SME, and we are currently going from remote desktop to Citrix. Having most production applications hosted on either a web server or a remote server are *huge* wins for us in terms of support costs, esp. since we have a number of custom apps to support (we are in a niche market and have yet to find a large vendor who creates useful apps for us). Most of the desktop costs are gone, in that you only have to upgrade the central server or servers, users cannot monkey with the config, everyone ends up using the same versions of the software, we have images of the server loads so if it does fail we can get it back fairly quickly etc.

For remote users we use Cisco VPN to the remote desktop.

Citrix licensing is expensive but you should first rough out some numbers as to how much it costs to support the desktops individually versus the same tasks by one or 2 techs on one or two servers plus Citrix costs.

We are using VMs in our development and test environments on an older AMD 64 bit machine. It still bogs down after 3-4 Vm's are running so my advice is to by the biggest, fastest and most reliable box you can. Lots of memory, fast disks and memory and CPUs. Newer 64 bit hardaware would be sweet as you should be able to set up 32 bit OS's on it and support older apps without having to upgrade everything to 64 bits all at once. Make sure it is not 'cutting edge', rather if it is for critical apps make sure it is stable on the hardware side, even if you sacrifice a little speed. Think in terms of how mainframes do things.

HTH

Re:Citrix

[misleb]

Citrix is nice, but it is not the answer to everything. When the users run intensive or inefficient applications, it can be a severe performance problem.
The solution he has in mind does not have that problem, because his applications run locally so they utilize the local resources available on the desktop.

Some old fashioned roaming profiles and ghost (or some other imaging solution) action would seem to be the perfect compromize. Local CPU gets utilized. Network traffic is minimal. Users get good performance. Users can move to any machine with the proper appliations installed. A machien can be rebuilt in under 10 minutes. Instead of maintaining an image for EVERY SINGLE USER, you only maintain an image for every *type* of workstation in your company. Honestly, I can't figure out how this solution was overlooked.

-matthew

Re:No 3D

[quantum bit]

Server != Desktop

Servers are much more likely to be network I/O bound, physical I/O bound, or CPU bound. VMware has done a lot of work to create accelerated network and disk drivers that communicate directly with the host VM software, avoiding the overhead of emulating hardware. Additionally, most software that runs on a server spends a lot of time processing things in user mode with occasional system calls to transfer chunks of data, so the VM overhead is very low for those applications.

Desktops are much more demanding on I/O. Applications with a GUI are constantly context switching between user mode and the kernel in order to update the screen, display pretty animations, get keyboard / mouse input, etc. Just drawing the graphics for a 1280x1024x24bpp display is an immense data transfer burden that has to be routed through the VM, often a few dozen pixels at a time rather than a bulk transfer. Even with accelerated drivers, the virtual framebuffer still has to be copied / multiplexed into the real one. Even small increases in latency are very user-perceptible, so a VM will seem more "sluggish" than a physical machine.

That's just for business applications. Once a user starts playing audio (it'll be uncompressed 44/48khz PCM data by the time it gets to the VM!), streaming video (no access to the hardware YUV conversion or scaling!), or trying to do anything that needs 3D acceleration, the full impact of the virtualization will be felt.

-- Ironically, the spell checker in Konqueror wanted to change "VMware" to "Vampire"

Re:Windows roaming profiles

[BarryLoper]

Use a logon script to change their temporary internet files to a reasonable size. For some reason the temp internet files are in the roaming profile. By default, they're a percentage of the drive (usually gigs).

This one sets temp internet files to 128mb. It works for me but YMMV

On Error Resume Next

Const HKEY_CURRENT_USER = &H80000001

strComputer = "."
dwordValue = "131072"

Set objReg = GetObject("winmgmts:" & "{impersonationLevel=impersonate}\\" & strComputer & "\root\default:StdRegProv")

dwordPath = "Software\Microsoft\Windows\CurrentVersion\Interne t Settings\Cache\Content"
dwordPath2 = "Software\Microsoft\Windows\CurrentVersion\Interne t Settings\5.0\Cache\Content"

objReg.SetDWORDValue HKEY_CURRENT_USER, dwordPath, "CacheLimit",dwordValue

objReg.SetDWORDValue HKEY_CURRENT_USER, dwordPath2, "CacheLimit", dwordValue

Slashcode seems to have added some spaces, but you get the picture

Re:Um, wouldn't a ...

[Anonymous Coward]

you are right until.....

12 thin clients, works great until 4 people open Open office at the same time. I only have 4 gig of ram on the server so it all crawls to a snail as open office consumes all ram. (Please! Office suites need to be smaller than they are!)

Having seperate App servers significantly increase speed and maintainability. but this guy is talking windows, and doing thin clients under windows simply sucks. (Yes Citrix sucks compared to LTSP.. I maintain both and am citrix certified, citrix sucks!)

The cool part is that P-1 233 clients are as fast as overpowered dell junk the corperations are using today.

Small company, I Increased reliability and useability and cut IT costs by 60% by moving to LTSP. everythign just works and everyone has nice 19" lcd's on their desk, dead PC = 3 minutes of work swapping out the old pc with a new one by one of our low wage college students. Only idiots still use Microsoft in their company... well maybe not idiots, only IT incapable of learning new things...

Re:PXE Boot

[Anonymous Coward]

You'll notice that multi-hundred MB Outlook file even *with* exchange. Outlook creates a local cache file (.ost) that can be excessively large for large mailboxes.

Get a few people using a machine, and the local drive fills pretty quick (new outlook cache for every profile, sometimes multiple for a single user if windows does that thing where is gets confused and keeps creating a new local user profile periodically on login for the same friggin user. ie username, userna~1, userna~2, ...)

It's also a pain if the outlook cache gets corrupted (frustrated user, "Why am I getting months old messages marked as new in my inbox?") - in which case you'll have to track down the cache file and delete it.

Re:Windows roaming profiles

[hawaiian717]

Also make sure that users store documents not in their roaming profile (C:\Documents and Settings\Somebody\My Documents or whatever) or on their desktop (which is also in the profile) but on a separate SMB share that gets automatically mounted at login.

(MOD UP)

[Ayanami Rei]

Many Windows admins do not know about this little behavior and it comes back to bite them. It's been in there since Windows 2000: use it!

Also check this registry setting:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Consider changing the ProfilesDirectory to a mapped drive network share. If your network is fast enough this has the added benefit of having no profiles stored locally at all.
Downside is you'll have to pre-emptively create all the folders on that drive because LOCAL SYSTEM won't have permission to create the folder at first logon to a machine. But it'll detect if it's there and think you've logged on before.
Make sure you use Samba as the backing for a system like that though because you will need to play with oplocks settings so Windows doesn't bitch about loading the NTUSER.DAT hive from a network share.