Slashdot Mirror
Do Any Companies Power Down at Night?
An anonymous reader writes "My Health Sciences Campus has about 8,000 desktop computers, and on any given night about half of them are left on. I know this because I track all the MAC addresses in case there is a virus outbreak. Aside from the current fad of 'being green', has anyone had any success in encouraging users to power-down at night? You could potentially eliminate running bots, protect yourself from the next virus outbreak, keep your data safe, etc. Do security concerns and power consumption issues matter enough to do this?"
I would go with a reward plan. You could do something like give the top three most energy efficient people a gift certificate to the campus eatery (or whatever really). Calculate how much money is saved (out of everyone participating) and use part of that money to create a pool for the prizes. (It seems like for a large enough group of people, the energy and maintenance costs would reduce considerably, but I wouldn't really know ;)
I know I would definitely turn off my work PC every night if I got a free lunch!
It's time that all large campuses configured their systems hibernate automatically, if left unused for 30 minutes.
Really, there is no reason NOT to use the power management settings built into the OS.
I'm at a university and many of my colleagues leave their machines on overnight because they sometimes need access to their machine, either to retrieve a file or to run a program. If the IT folks provided everyone with a wake-on-lan script then everyone could turn off their machine. For years this has seemed to me like a no-brainer.
Is there some security or other downside I'm not aware of? Is WOL not reliable?
The answer is simple. Tiny minority of the computers that are on could still be used by someone doing something important. You do not want to cut them off from the network.
I work for a large blue chip company and we have a strict policy of powering down at night (including monitor). We regularly audit the records to ensure the machine is powered down and users who are not are requested to always remember. A few users take a few reminders in order to do so and I have heard every excuse under for why they left it on and while some are valid the majority (95%) are not. Our reasons for pushing this policy is purely to save money and reduce unnecessary running time of the equipment. However we are in a position where only laptops users have VPN access so if they need to login to the network from home they already have their laptop with them. If we had open VPN access to desktop users I am sure we would see a lot of users leaving their computer on so that they can RDP into it over VPN.
It took about 6 months before we were at a realistic level. We have 633 desktops on our site so there is normally always a valid reason for one or two to be left on (valid reasons being batch copy, verify or processing of files). For those interested we have had a reduction in the amount of equipment failure (HDD mainly) as well as pretty good cost savings for power. Not to mention running greener (which regardless of if you believe in global warming or not is good).
I tend to leave the computer on overnight, but with things like monitor power-down and CPU idling enabled. When it's not doing anything it drops about 90% of it's power consumption after 15 minutes, and even when working with the monitor off (eg. running the nightly backup) it's still running at less than 50% of full power. If I power it off, by comparison, it can't run it's virus scan, backup, update check and the like overnight and has to do those things while I'm trying to use it during the day. Plus there's wear and tear to consider, I've noticed that the office computers that get turned off and on every day tend to fail and need replacing several times before mine (that stays on all the time) has a failure.
So my preference is to leave computers running but with power-saving features set to minimize power without shutting things down. This means hard drives continue to spin but the CPU goes into low-power idle mode. The monitor goes to suspend mode (beam and deflection power is off but the circuits and coils are kept warm), not powered-down completely. That seems to be the best balance between reducing power consumption, allowing it to run maintenance operations overnight and minimizing wear and tear and thermal stress on the components. If management absolutely insists on ignoring those last two in favor of the first, wake-on-LAN is essential to allow nightly maintenance to happen.
... but now IT has loaded so much crap on it ("desktop agents" [ie apps that spy on me], antivirus, patches, etc) that it is fully 15-20 minutes after turning it on before it is usable. So now I never turn it off. I did the hibernation thing for awhile, but then it stopped working for some reason and I haven't been able to fix it. And if I ask IT to fix it, their solution is always the same for every problem - wipe the machine - a tad inconvenient for me, but pretty efficient for them I suppose. Sigh.
The more you regulate a company, the worse its products become.
Reducing energy consumption isn't just about saving money, it's about not fucking up the planet too.
Chernobyl 'not a wildlife haven' - BBC News
1: Power-cycling actually reduces the MTBF opposed to just leaving it on.
2: The reduced MTBF is lower than your company intends to keep the asset.
3: Cost-savings from the "increased" MTBF by leaving it on is greater than the electricity (+ increased A/C cost) cost to run those 300W power supplies all the time.
Of the ~6 computers I've had to failure, they all lasted far longer than even a five-year technology plan, AND did not fail due to simple wear and tear on the circuits. My anecdote isn't data, but it does make me question your conventional wisdom. (Especially since those PCs I know that are left on all the time don't have a significantly increased lifespan.)
I worked for a very large (top-3) pharmaceutical for years. They always asked employees to shut off their computers at night when they went home.
Then one day, they sent out a campus-wide email telling people to leave their computers on all night and over the weekend. They used the CPU cycles to run high-performance scientific computing jobs, saving the cost of buying a supercomputer.
Of course, not every company has a need for spare CPU cycles. This place did a lot of protein-shape searches etc..
What's the cost of 10k * 261 days * 12 hours of power?
Surely you could use wake on lan to wake the machines then do your rollout 10 minutes later? Or do a patch install when the machine is turned on and connects to the domain controller?
In windows I'm sure you can set the time between warning appearing and shutdown ocuring. Give 600 seconds warning and you could probably shutdown 90% of the machines overnight.
The CS department at the college I went to used to turn off all the PCs at night but now has them set up to start doing scientific calculations during the times when the labs are closed. They use power during this time, but it's not wasted.
Someone might be using it ... there are always a few late users. Trying to determine if a computer is in use in order to shut it down isn't always that simple.
... it won't be a 100% solution, but most people would probably comply, so for the comparatively little effort put in I bet you can hardly get a better return.
I suggest a simpler, low-tech solution - just stick up visible signs in the labs, and on some of the major office floors, asking people to shut down the computers in the evenings
Just the energy savings on that many computers would be not insignificant.
False certainty characterises a bit too much of dialogue on the internet, I think, and makes it hard to be careful and humble in discussion. If I felt more sure of what I were saying, I'd have phrased it differently :) Presumably :P
For every problem, there is at least one solution that is simple, neat, and wrong.
I'm against anyone working after 2 p.m., myself.
In windows I'm sure you can set the time between warning appearing and shutdown ocuring. Give 600 seconds warning and you could probably shutdown 90% of the machines overnight.
You're assuming that 100% of machines in use are doing something interactive (and therefore have someone sat at them). This is frequently not the case.
Amen to that. I doubt anyone really wants to pull an all-nighter, they're there because there's a deadline coming or a problem that must be resolved right now. And whether true or false, the first time anyone uses the excuse "Well, I was ready to pull an all-nighter but from 10pm the network was down" the IT department will have their ass chewed out. PCs inactive -> PCs hibernate is ok, but even then you need a simple way to disable it. On several occasions I've visited copmanies that had boxes which were "don't touch - accessed remotely by VPN" where the user couldn't just unhibernate it in the morning. Plus funny stuff like updates, virus scans and backup (if applicable) that probably runs at some ungodly hour which means you need to wake them first or lose most of the downtime, run those and put them back into sleep. Sure, maybe you could get every PC do to this reliably but I think the administration and scripting of that will cost you quite a bit.
Live today, because you never know what tomorrow brings
14 hours a day times 52 times 5 times average power-consumption for an idling desktop times 10K employees works out to:
14*52*5*0.15*10000 = 5.460.000 Kwh of electric power, WORSE in the time when you use AC, because you'll need additional AC to get rid of that extra heat.
With average power-prices of 10 cent, you'll spend more than half a million dollar just paying for the electricity, in practice with AC and all you'll probably pay a million.
So, you saved $80K and wasted a million. Way to go !
Do security concerns and power consumption issues matter enough to do this?
Yes and no.
When I first got comfortable in my current job, I made a big push toward "greening" our IT resources. As one obvious (erroneously, as I'll explain in a sec) step in this, I convinced most of my users to shut down at night. If we need to push out updates, WOL works just fine for turning machines on a couple hours before the start of the day, and it doesn't impact anyone during working hours.
Then I learned how electric billing actually works for commercial users - Put simply, your company doesn't care if machines stay on all night, because they pay based on their peak load, which will always occur during normal business hours. I had applied ideas that make perfect sense at home, to an environment where they don't apply.
Now, that doesn't mean we should just leave machines on 24/7 - Using electricity has an an environmental aspect in addition to the monetary cost. But if it inconveniences users by more than a few seconds every day, any conservation efforts will actually cost the company money in the long run.
So, I still encourage my users to shut down, and 95% comply. But if they consider it too much of a hassle, I can't financially justify forcing them to spend the first minute of the work day waiting for their machine to boot (not that anyone really works for the first five to ten minutes of the day, between coffee, hitting the bathroom, and just getting the obligatory morning socializing out of the way).
As for the security aspect of this, the servers must run 24/7, and any attacker would target them rather than some random user's desktop. I don't worry about an attacker using a compromised desktop as an intermediate step to the servers, because the desktops have no more privileges on them than anything else inside the firewall (and even then, not much more than a totally untrusted source, except for nonconfidential shared resources that we could restore in a matter of minutes if necessary).
I can't help but laugh at those that quote reasons such as 'automatic updates' and 'antivirus scans' as legitimate reasons for leaving a computer on overnight.
With many enterprise management tools, such as Zenworks, it's quite simple to schedule a wake-on-lan task to wake computers up at say, 6am, to perform their daily tasks. It can even be configured to push out an automatic reimage of the machine. Once the updates and scans are done by 7am, people are just beginning to come into the office, yet you've still had a whole 10 hours of downtime. Incidentally, I've not seen a single computer in the past 4 years that doesn't support WoL on the mainboard NIC. Big bucks enterprise manglement apps aren't even required. A simple cron job, and some wakelan/ether-wake/wakeonlan/Net::Wake magic will do it for free. Just gather a list of Mac addresses with ettercap or your friendly ARP table or asset management app/spreadsheet.
May will say that the bandwidth requirements of updates squeezed into the 6am to 7am slot will degrade systems, but that's where a background process such as BITS should be used (as demonstrated by Eve Online, Zenworks, Microsoft and Google). The virus updates are a minor bandwidth requirement if you have suitable leaf services, and the actual scan is only locally intensive.
Being a public sector organisation, we're working towards a greener profile (due to govt policies), and all the tools are there and working. It just needs some effort on the part of the administrators.
You could also use that magic packet, to signal the computer to wake when the user swipes their access card first thing in the morning. By the time they reach their desk, their pc would be up and running. Ok, you have to link the access systems to a control server, but it wouldn't take too much hacking. They probably log accesses on a server anyway, so use that one.
The correct plural of virus is viruses.
occultae nullus est respectus musicae - originally a Greek proverb
Why not just have the machine shut down automatically on logout if it's between two specified times (eg. 9pm and 8am)?
Nobody else has this sig.
Unfortunately the EPA's EZ GPO page seems to have gone poof or something recently, but you can get it here.
Basically, you push a (simple) msi to the machines (I do this a lot of the time via psexec (props to Mark Russinovich) but there are other methods. Once you have that running on the machine you can configure how you want your machines to behave/re power management:
We also have a script that runs at midnight a few days of the month that does the magic packet thing as has been mentioned so WSUS and/or SMS (or SC:CM) can do their thing and automatic updates run as normal. In a few "why does my machine have to boot up every day this sucks" user groups we have a scheduled job to send magic packets about 15 minutes before they arrive to wake up their machines. With hybernate they hardly know anything happened.
Harddrives are mechanical devices, and are wearing out anytime they are powered up and running. While I'm sure that a drive does get stressed a bit more when it is turned on, I can guarantee you that a drive that runs for 40-50 hours a week is going to last longer than a drive that runs 168 hours a week.
There are also other benefits. A harddrive that has motors or bearings that are starting to fail can be caught when they have trouble spinning up and be replaced before they totally fail, preventing data loss. Furthermore, if a head crash occurs when no one is around (during the night or the weekend), having the the heads banging and grinding against the platters for hours or days is really going to hamper any recovery efforts.
Obligatory disclaimer: This is my opinion, and may not reflect that of my employers. If you have a problem with it, take it up with me, not them.
I work for Dell. I can tell you for a fact that we take the environment seriously. The building I work in houses a 24/7 call center, but certain areas of the building are not 24/7. Corporate sales for the country are here, and take up half of the 3rd floor, for example. I happen to be in the sales department myself, and there's a piece of software installed on every desktop that hibernates the computer at 20:30 EST (with a half-hour countdown to that point). My department shuts down at 19:00, no other sales department is open past 20:00. We all open at 08:00 the next day, and the automatic hibernation sets an alarm to wake up the computer at 07:45. Alternately, if you turn your own system off through the start button and shut down, it'll stay off until you turn it back on.
We've also got computer recycling programs in place, and the "plant a tree" initiative where you can have us plant a tree for every computer you buy.
Sure. Some companies don't take going green seriously. But some do. And the number of companies that are taking it seriously is growing. Besides which, every little bit helps. Do you know the amount of energy that could be saved if everybody unplugged those electronic devices that "sleep" when they're not being used? 2W doesn't sound like much, until you multiply it by half a billion devices.
If you believe everything you read, you'd better not read. - Japanese proverb
At the school I work at, we have an automatic shutdown at 6 PM. It has a five minute timer and is preceeded by a text file in a DOS window reminding people that there is an "ABORT SHUTDOWN" option in their start menu if they are using the PC and the shutdown process begins.
/DELETE ALL (or whatever the syntax is) - to prevent the AT table from getting crowded with dozens of the same command
Two simple batch files for XP, on in the All Users startup directory, one in the All Users\Information Services directory of the start menu.
Startup:
AT
AT 18:00 "shutdown -t 600"
Abort:
Shutdown -a
We reset the AT table every day just in case some know-it-all high school student finds out such a thing exists and starts screwing with it. For the most part, though, not even the techs knew such a thing existed until I proposed using it.
We tried a lot of other ideas, but this is the simplest and most user-friendly. Big signs don't work, teachers and lab aids are no better than the students about following directions. Since implementing it 18 months ago, we've gone from having roughly 900 PCs online at night to about 100...including servers, timeclock systems running thinstation terminal sessions, and technology and admin workstations that are excepted from the shutdown policy.
120 characters for a sig? That's bloody useless.
The student who walked away from (or, fell asleep at) the PC without saving learns a valuable lesson.
so, driving uphill uses the same amount of gasoline that driving downhill?
the power station does throttle down at night. they keep the generator at the same speed (3600RPM I guess, to give you 60Hz). but they don't need the same amount of fuel to keep it going. the usage on the grid acts like a brake on the generator, in the same way that the road conditions affect your bicycle.
if it's steam-based (gas, coal, nuclear), you need more steam to keep a higher pressure, to keep the generator rotating at the same speed, and that means heating more water, and more water needs more energy, and more energy needs more fuel. hydroelectric plants shut down unused turbines.
In a corporate environment, that sort of decision is made at a corporate policy level, and not at an IT personnel level. Nobody would get fired.
When our name is on the back of your car, we're behind you all the way!
Or, you could just use the power management features present in every PC and OS since 1994 and have them go into standby or suspend.
Gamingmuseum.com: Give your 3D accelerator a rest.
At one school I administered (400+ PCs on the student network) we used a product called hadguard. It could remotely shut down computers (among many other AMAZING things) and group them how you wanted. You could shutdown, boot up, restart a parrticular classroom. This was only the icing of the cake. HDGuard is completely amazing and I recommend it to everyone. Besides purchasing it once I am in no way affiliated with the product.