Deploying and Updating Virtual Machines


The following are some of the more frequently asked questions when it comes to deploying a group Virtual Machines sharing common configuration.



  • After updating the VHD and VMC, how to re-deploy the changes out to the group of physical machines
  • After deploying the duplicate VHD and VMC, how to make the Windows OS in each Virtual Machine have unique name, SID, and MIC address
  • After deploying, how to lock down the virtual and physical machine to prevent tampering
  • And do all this with as much automation as possible…

Well, here are my thoughts…


Question:


I’m considering the use of Virtual PC in a school environment. The idea is that I’ll be gradually adding software and configuration options to one machine and, after making and testing each addition, copying the virtual machine to each of the other PCs.


In addition to being able to access software and resources bundled with the virtual machine, each machine should be able to access resources stored on a server. A domain login is not required at this stage.


There is no requirement that any changes made by students be saved.


As to the ongoing management and updating of the system I am hoping to be able to copy the new image to the hosts after hours using a batch file.


I have already learnt from various sources that the requirements for this configuration will be that each virtual machine must have a unique name, unique SID and unique mac address. Therefore I would like to find the most efficient way of changing these automatically, on the fly. Is there a utility which I could call from a batch file which would update these details for each instance? Ideally I would like to develop a single batch file which would update all the machines


Another issue is that, when the student sits at the computer, I need as much lockdown as possible, preferably preventing them from shutting down, or modifying the configuration of the virtual machine. Is there a way of doing this?


Further complicating matters I would like to close the virtual machine down automatically after hours so that any updating could take place.


Thanks for any suggestions.


Answer:


How to make the Windows OS in the Duplicated VMC/VHD Unique



How to Lockdown the Environment


I suggest locking down both:




    How to re-deploy Changes:


    Closing VM after-hours to propagate changes is trivial to do with Virtual Server since it has a scriptable automation interface. See this blog entry for code on how to remotely stop/start a VM  for the purposes of backing up the VHD (you would deploy the new VHD instead of backing up the existing VHD). Virtual PC does not have such provisions since it is meant for interactive and NOT automated use – see this blog entry for details.


    My Observations


    In terms of making each duplicate VHD/VMC unique, the main challenge is to automatically launch the Change SID and Change Computer Name commands INSIDE the Guest OS when you only have control outside. This is easy to do with Virtual Server’s scriptable automation interface, to pass in keystrokes, etc from the outside in.


    Personally, I would run Virtual Server 2005 R2 instead of Virtual PC 2004. It’s completely free, has the scriptable automation interface to do everything you ask for and more, and though I don’t know of a lockdown switch, its UI is pretty spartan and locked down already. You simply have more options with VS2005R2, even if you may have to program some of them. It all depends on if you are ok with “not possible with VPC 2004” or “requires programming with VS2005R2″…


    //David

    Comments (7)

    1. Interesting post over at David Wang’s blog with info on updating and deploying Virtual machines. Very…

    2. Jim Brook says:

      As the teacher who posed the original question, my optimism that the perfect solution was available was dashed when I learned that Virtual Server does not permit the use of sound. I mainly teach ESOL, where programmes which allow students to hear spoken language are crucial. However I think that few teachers would find very useful a solution which did not allow sound. That would preclude the use of media clips, speaking dictionaries, spoken instrucational software and of course Encarta. I guess there’s no workaround… but how useful it would be in the next version!

    3. David.Wang says:

      Jim – unfortunately, you are in a customer segment that is not satisfied with a differentiated product.

      http://blogs.msdn.com/david.wang/archive/2005/07/22/Why_Virtual_PC_vs_Virtual_Server.aspx

      There is no technical reason for Sound to be excluded from Virtual Server other than:
      1. Product Differentiation
      2. Servers do not place premium on video and audio
      3. From a security perspective, if a feature is not used, don’t expose it

      So… while it would be nice to have a product that just does everything and you never have to pick, it also means added liability/security concerns. There is always a tradeoff; it’s just a matter if it is ok to you or not.

      After all, why do we have so many car models? Why not one with all the features and one price? 😉

      //David

    4. Dave says:

      "In terms of making each duplicate VHD/VMC unique, the main challenge is to automatically launch the Change SID and Change Computer Name commands INSIDE the Guest OS when you only have control outside. This is easy to do with Virtual Server’s scriptable automation interface, to pass in keystrokes, etc from the outside in."

      Can you kindly show us this script?

      Thank a trillion in advance.

    5. KumQuat says:

      Could someone post an example or sample .vmc file so I can download it and manually change things?

    6. KumQuat says:

      ok, I found one.

      here.

      This is the blank default .vmc file that Virtual PC Generates when you use default settings.  I hope this helps someone, because I’ve been trying to determine the anatomy of one of these things so I could modify it by hand, or create one from scratch

      http://www.geocities.com/hansbigtree/default.zip