Forwarded from Jamon, with a similar idea to Daniel's. I looked at containers and haven't totally ruled it out, but I think I prefer full OS installs. Obviously containers would use a lot less hard drive space, but full virtualization offers more isolation. ---------- Forwarded message ---------- From: Jamon Camisso Date: 2 July 2015 at 15:14 Subject: Re: [GTALUG] Living in Virtual Machines Hey top posting from an email that isn't able to post to tlug ... feel free to forward this link to the list if you like: https://blog.jessfraz.com/post/docker-containers-on-the-desktop/ Using docker's volumes feature to bind mount directories and files into a container allows things like running Xorg, with persistent writes to shared files. No NFS needed even. Jamon On 07/02/2015 12:09 PM, Giles Orr wrote:
I have this idea that's been slowly forming in my head. I wanted to run it by TLUG for opinions to find out if I'm totally crazy or if it might work.
I hope to set up my desktop (and probably my laptop as well) to have a Debian stable base OS - about as stripped as I can manage, just X with a lightweight window manager (probably OpenBox). On top of that would be VirtualBox, the idea being to run all my applications from virtual machines.
Since I'd have multiple machines accessing the same /home/, I'd want NFS. That could be run by the host OS, but I was thinking about using OpenWRT as the NFS server. But that immediately runs into a difficulty: it appears that getting the VirtualBox Guest Additions running in OpenWRT is (very?) difficult, so I'd probably have to use raw partition access. The problem with that is that if the partition is accessed simultaneously by any application on the host OS, you can munge the partition.
I'm also planning on running another OpenWRT instance: this would be used for routing, with all the other virtual machines going through it to access the outside world. Among other things, that would mean I only have to administer a firewall in one place. One idea I'm still considering is giving full control of the network card to the OpenWRT instance and making the host OS go through OpenWRT to get to the outside world ...
This could all probably be done with KVM rather than VirtualBox, but I prefer VB not only because I'm more familiar with it, but also because .VDI disc images can vary in size (Qemu's .qcow2 image format are fixed size) and because VirtualBox handles full screen display of OSes better (at least once Guest Additions is installed). I'm happy to listen to reasons in favour of KVM.
Other virtual machines would include TinyCore, SliTaz, and Debian Stretch. The latter would probably be my primary OS. The thought was to ssh from the host OS to the guest with X forwarding, and then run a launcher from the guest on the host so any applications run from the launcher were from the guest.
Advantages: - I get to tinker with multiple OSes (something I enjoy) - if I'm about to go to a dubious website, I can clone a virtual machine, use it for the dubious visit, then destroy it
Disadvantages that I've thought of so far: - memory usage - speed reduction - hard drive usage for disk images - complexity - mounting USB sticks on guests is extremely problematic - playing sound/video from guests through the host is imperfect - hard to determine where an application is running from
I'm sure there are many, many other problems with this idea. Go to town, that's why I'm here.
-- Giles http://www.gilesorr.com/ gilesorr@gmail.com