Linux - Virtualization and CloudThis forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi - I deal with industrial control systems which use a Windows based HMI (AVEVA/Wonderware). Windows 10, now that it is rolling distro, is horrible for our systems because it keeps breaking things after updates. We try to delay and or turn off updates but it seems this gets over written after a planned update. As these systems control critical infrastructure and are internet accessible (not directly but indirectly) we can not simply not run updates. We have seen instances too where the updates not only halt the software but actually destroy or break things like deleting the SQL database that our software uses.
Until I can find a replacement software package I am stuck using Windows. I would like to use a linux based bare-metal hypervisor that I can run windows virtually. My hardware is generally modest - i7 8-16GB ram - but the performance demands not too high. I can then snapshot the Windows virt daily. If something breaks at 2AM its simply a matter of restoring a recent snapshot - worst case is losing data between the failure and last snapshot - not ideal but better than losing everything. These are on-premise workstations across many different customers. So any solution should be relatively easy to set up and deploy.
Does this make sense? Am I on the right path or is there some other method to make this work. What bare-metal hyper out there that is lightweight (would work with min 8GB ram along with a windows virt) and allows snapshots?
Only hardware vendors have bare metal hypervisors - Intel ME, IBM PR/SM, phone baseband ... Good luck getting any specs on any of that.
You've got Slack listed - use a minimal build of that and KVM. And yes, that means keeping an eye on (at least) security notes so the host itself is still subject to updates.
Snapshots of guests have their own requirements, especially I would think for databases running on Windoze. Are you prepared (able) to countenance a shutdown of the guest prior to the snap ?. Do you need transaction consistency ?. On NTFS ?.
Ugly visions, but I can't even spell databaes, so just brainstorming.
Thank you for the feedback and additional points to consider. Admittedly I was thinking of a lightweight linux distro that may already be set up for this use case - was hoping not to have to roll my own. But as you point out as well - I may be oversimplifying the use/value of snapshots. Perhaps I need to think this through a bit more.
On my 4GB ram laptop I run Fatdog linux and kvm/qemu OpenBSD guest and it works really well. A nice feature is that I can run iptables in Fatdog that OpenBSD can't undo, so selective in/out bound traffic can be blocked.
Perhaps Microsoft could be blocked such that any attempted Windows updates failed and the system just complained rather than having updates applied and possibly the system failing.
In my case the OpenBSD is static, so I just create a snapshot, boot/use that image, and then delete it at shutdown (or rather each time the next kvm boot occurs).
Distribution: Ubuntu based stuff for the most part
Posts: 1,173
Rep:
The Incontrol package from GRC will set Windows 10 to a target release and keep it there, only allowing security updates and not feature updates. https://www.grc.com/incontrol.htm
The page also has a link to the reg keys it makes/changes to do this, so you could do it manually yourself.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.