Slashdot Mirror
Ask slashdot: Which 100+ User Virtualization Solution Should I Use?
Gonzalez_S writes "Let's say you need to give access to 100+ users to create their own virtual machines and devices (eg. switches, .., ms windows or linux family) in a manageable and secure way. Which virtualization solution would you choose? There are vmware, xen, kvm, .. based solutions, but which one would you prefer and why? The solution should be stable, manageable, scriptable and preferably have ldap integration. In this case I also need to setup a playground for IT students, next to hosting production servers on the same system."
Why not work with AWS to setup a "private cloud" sandbox? Reserved instances can keep your costs relatively flat, and the AWS crew seems pretty amenable to helping out when it comes to unique needs...
vmware is cheaper and easier to set up
Citrix is a lot more expensive and a PITA to set up but a lot faster since Windows 7 and later has native citrix code in it for virtualization and a lot more customization
When my company had to come up with a solution to have all of our developers to develop in an environment that absolutely mimicked the production server we used a combination of VMWare to run a version of the Ubuntu. Puppet made creating all of this really easy. It gave us the ability to completely blow away a machine and reconstitute in very little time.
Considering that you are likely out of an educational institution, Microsoft likely provides you with free licenses for their products. As such, Hyper-V and SystemCenter would provide you with a fairly good experience that is easy to manage and automatically deploy based off of Active Directory. It is a solution that will likely meet all of your stated requirements and your other likely needs and wants in a package that is "good enough".
If you have a budget, consider VMware's vSphere offering. It can get pretty expensive (license costs greater than that of your physical hardware) however it is currently best-in-class and provides some truly amazing administration tools.
Thirty four characters live here.
Opinions are a great thing to gather when building any type of system no matter how experienced you are. People stand shit up all the time that they aren't 100% familiar with and in this day and age products can change drastically. Do you really expect OP to know everything about every possible virtualization product? I don't see anywhere in his post that he is asking for anything more than an opinion. He doesn't even state that he needs one, he's simple asking for peer feedback. Instead he gets asshat responses from the internets...
It's free and offers higher performance than VMWare (which as far as ESXi 5 goes) sucks.
You can create users with privilege levels as expected and you may also cluster several servers together (as you can with other solutions).
You can also do containers OR a full virtual machine depending upon the OS you are trying to emulate.
Give this a shot before paying for any of the software others have recommended. Our company has switched all virtualized servers to run on Proxmox hosts and the uptime is 100% with MANY users.
End of story, everything else here is overkill. KVM sounds just about right for your needs and is very stable and FREE.
You can provide people with a variety of images and single command to deploy them (without root). It's not even that hard to setup. The hard part really is setting up an LDAP server to meet your needs.
---Up Up Down Down Left Right Left Right B A START
I don't agree. There is nothing really unique to virtualization, it's just really interdisciplinary, storage, network engineering, wintel admin, Linux admin, physical datacenter management, etc on these scales. Nothing anyone who has been in IT for awhile and worn a few hats in that time can't be expected to do so reading and then get started.
It is a useful question to ask though, at least several of the products mentioned can likely meet his needs, there are qualitative and technical differences and soliciting some info on he experience of others, to help direct his research effort is not unreasonable
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Virtualization will not isolate them against each other. For example, it is quite easy to saturate I/O from the playground. Then your production performance goes down the drain as well. Also, basically no plain virtualization is really secure, these things are fat too complex. Another reason not to mix different classification levels like production and playground. Maybe if you really, really carefully isolate them with SE-Linux, but then you still have things like VM-to-VM crypto-key leakage.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I think the closest thing you'll get to "out of the box" for what you're looking for is Apache Cloudstack running on Citrix XenServer for a hypervisor. With basic networking, you can keep things pretty simple. With advanced networking, you can allow your users to build virtual data centres. It can be 100% free open-source software as well, although if you get Citrix CloudPlatform, you get a couple of extra features, and support, but you pay for the support. You could be something similar with other products, but CloudStack actually has a pretty amazing amount of stuff that is just there already, and doesn't need configuring.
I don't agree. There is nothing really unique to virtualization, it's just really interdisciplinary, storage, network engineering, wintel admin, Linux admin, physical datacenter management, etc on these scales. Nothing anyone who has been in IT for awhile and worn a few hats in that time can't be expected to do so reading and then get started.
If he had those discplines and skills then I doubt he would be asking slashdot. Seriously if you need to ask slashdot the question he asked then he is unlikely to have the skillset to implemet ANY of the solutions in a well managed way.
There are a lot of options, and the OP is just asking for a general structure. Classic /. community fail to assume we are even dealing with someone that will be doing with implementation. This could be the director trying to get a ballpark before sinking their teeth in or a under-paid teacher, with little time, whto wants to make their students' learning environment better. I was the only one with a VPS in my classes, and thus the only one, in the end, who actually knew how to get anything done, outside of theory.
My rant to /. is over. Now to answer the OP:
The easiest way to get started would be Xen Cloud Platform + Citrix Xen Center. That alone will get you a free robust virtual hosting environment, but this will require you to set up a few VM templates and manually deploy to students. You can take this one step further by using OpenStack + XCP which will give you an API which you can use to build a web-front for student deployment. Some might already exist, but all the ones I am aware of are built around payment models.
As for users managing switches, I have no clue and good luck there. IMHO, I would VLAN and let OpenStack manage it. You can use the US Navy's network simulator to teach concepts if you like. It even allows using tools like wireshark for real-world analysis experience.
Good luck, I hope you use this to make students more ready for the real world.
I ran redhat 6.0 with virtualbox to 60 plus student doing computer science projects. The base was on a quad core with 16 Gb and local Tb storage. this worked great with ssh access. Adim was via nomachine and ssh.
Try the same in redhat 6.3 with redhat virtualization.
Take a look at using Jenkins which is a continuous integration builder but can be customized to just bring up VMS as needed.
VMS? Cool!!
$ DEFINE/SYSTEM LNK$LIBRARY $DISK1:[PLAYGROUND]STARTER_EXAMPLES
If you have to be so arrogant and pretend to know what is best without research or asking other I.T. professionals then I have to say you are not doing yours and neither are the moderators who made this +4??
Stating that you are not qualified is also highly insulting and ruins the quality of candid discussion on Slashdot that I do like and enjoy reading the comments.
In fact regardless of the field I do not know of anyone who is competent who does not look to others with more expertise in a specific area for opinions. No matter how badass you think you are at your job there is always someone who knows more than you. Especially in a particularly area such as this case virtualization.
http://saveie6.com/
Nah, it's called getting a set of basic user requirements and then looking through a set of products to see which match the list.
"That worked so well!!", said no one who ever did that ever.
Or an expert for that matter?
I have setup VMware before but I sure as hell would ask others before I put live production and recommend an expensive solution and put my job on the line for 100 users. Google will show just search engine optimized crap of people trying to see stuff anyway and it is hard to tell which is real and which is a fake website pulling data from another designed to pimp up the ratings of a 2nd website.
Windows 7 forums are copied by bots all the time and put in fake ad/malware ridden sites with links to someone trying to sell something to get a higher Google SEO rating whenever I try to search for something technical. It is annoying.
http://saveie6.com/
The specific virtualization system you use doesn't really matter. You're looking for ways to manage it.
If you want to run your own cluster, check out http://en.wikipedia.org/wiki/OpenStack , specifically the Nova, Quantum, and Keystone components.
If you want to do it efficiently you might also want to consider using it as a service. Other people are already selling OpenStack on a massive scale with levels of efficiency that you'll never touch. Rent what you need, see what works, and then start building your own in-house when (or if) you find things you need to improve.
www.ovirt.org
Full VM solution, for free. What more do you want. Easy to setup, easy to use, easy to control. It has LDAP integration.
"Even if it's just for students to play with: If you have to ask us, then you're not qualified to do your job."
You seem to suffer under the impression that US schools have the money to hire top specialists.
oVirt, of course. It is the upstream of RHEV - which is Red Hat's offering, well polished and what not.
I highly agree with you. The answers to technical/geeky questions on Slashdot always have a lot of experience and insight. That is something Google searches would never yield, unless they happen to be results of Slashdot questions regarding the topic you're searching for.
Gotta step in somewhere.
My first response halfway through Gonzalez' post was "Oh, yeah, he's an instructor, maybe at a community college, and he's in charge of getting this thing up and running." Next thought, "He's done no homework other than learning the names of some virtualization methods/engines and wants the smart folks on /. to do it for him." Clinched with the last two sentences.
Then, before delving into all the helpful posts thus far, I figured it was also possible he'd done a bit of swotting up and reached the point where he's brain-burnt, confused and maybe over his head. As another here has said, simply trying to use Google to get to sources for decent advice or real infos can be... disheartening.
Finally, since we all plopped out of the womb knowing little more than how to suck, poop, and cry, it's not unreasonable to ask those who might know more, or who've been in the same boat, for any useful info, pointers, advices, which lead him to right here and now.
Now to continue reading, see if anything interesting and useful shows up.
What a load of elitist bullshit. Maybe he has already done a lot of research and has a good idea. Do you really think he is panicking and turning to /. because he has no clue? I think that this, being a technical community that still has alot of expertise and insight in it, he decided to hear other peoples/professionals perspectives.
OP: You can do what you want with a simple install of ubuntu and 20 minutes worth of bash to get a prototype together.
Prototypes are easy; there are a lot of problems you don't have to worry about like bad neighbors on a VM host, or proper failover and reliability considerations.
The author said secure and manageable.
It's hard to imagine something as less manageable than "You have to write your own code" just to even get a working prototype.
And it's hard to imagine something less secure from an availability perspective than... "I just cobbled together some ad-hoc failover code in bash"
Our central infrastructure is on Hyper-V at work now on account of VMWare wanting way too much money. We use a lot of RHEL systems and they all work well. Our web server, MySQL server, puppet server, that sort of thing all run on Hyper-V. The Linux admin didn't have much trouble with it. The main limitation I'm aware of is that you can't do dynamic memory.
While it isn't ad Linux friendly as VMWare, it seems to work just fine. As to which between them you should use, depends on features and price. In our case Hyper-V was "free" since we have software assurance with MS campus wide and VMWare wanted like $20,000 per system for vSphere with the feature set we wanted, so it was stacked heavily to Hyper-V. You case may be different, so make sure to check out both.
However don't write off Hyper-V because it is MS. With Server 2012 it is a real, no-shit, enterprise virtualization solution that works well and has loads of good features. They fixed their rubbish networking from 2008R2 also, their virtual switches are exceedingly fast, and it supports full SR-IOV if your NICs do.
I was very pleased when I tried it out, our Linux admin liked it, so we migrated (we had an old VMWare 3 setup). Migrating VMs was easy too. Uninstall VMWare tools, use the Starwind converter to go from vmdk to vhd, use Hyper-V to go from vhd to vhdx (and make it fixed size), set up a VM, start it, and install the integration services.