Did someone declare February to be National Change Your Virtualization Month?

It sure seems that way to me. After a long period of stability it appears that everything is going to change all at once.

Attention Conservation Notice:

This is not a deeply technical thing, it’s a high level report which things are changing, and why. If you’ve been considering taking the first step in virtualizing your stuff, you’ll find this useful. If you neither use nor direct people in this area, feel free to wander off and find something worthwhile to read.

Cloud:

As I’ve mentioned in other posts, Disinfodrome is at the end of the line. I turned off most of the Open Semantic Search instances yesterday, there’s a final backup happening as I write this, and it’ll be all gone come the 1st of February.

The systems that are being retired are elderly dual Xeon rackmounts with 192GB of ram and lots of disk, which were just fine for running a Proxmox cloud. Now that they’re EOL I’m down to just one Proxmox machine, a ten year old Dell Optiplex with a quad core I7, 32GB of ram, and the drives from my retired desktop. This isn’t much of a machine, but it’ll do fine for prototyping.

When you export a virtual machine from Proxmox you get a VMA file. This needs to be converted to VMDK format to run with VirtualBox or QCOW2 to run within a service provider’s cloud. OSS is a wicked tricksy sort of system and I don’t think it’s going to run within someone else’s cloud, given the weird startup requirements. I was pleased to discover that the export of my OSS template machine is less than 3GB. I’ll keep one instance here running on Opti, just in case someone wants me to build a document indexing system elsewhere.

Desktop:

I started a 24 hour experiment using a MacBook Pro as a desktop … back in October. This change was hastened by the erratic behavior of my twelve year old HP Z420, and it stuck. Trading 128GB for 16GB hurt. Adding insult to injury, the only Mac virtualization tool that seemed ready was Parallels. I got the $99 standard edition, quickly found that I needed the $120 Pro edition if I wanted anything more than a NAT network connection, and there is no upgrade path. They just expect you to pay double, which did not sit well with me.

I looked around a bit today, found a VirtualBox image that works on MacOS, and it’s running on my Mac Air. I’m going to give it a good workout, and if it doesn’t break, Parallels will linger for the sake of its Windows 11 ARM virtualization, but it will get used very rarely.

The HP EliteDesk 800 that showed up last month was acquired with an eye on Windows 11 familiarization, but it promptly got sucked into that disaster recover job that ate most of my December/January. When it comes back it’ll get upgraded to 64GB … because I found out it’s supported by Qubes. I imagine what will happen long term is that I’ll get a second machine like this when I get another big job, and the Optiplex will get relegated to storage server duties.

KVM:

I am really pleased with the Steetek four port KVM I got last month. It has my MacBook Pro, the loose cables for the absent EliteDesk, a Raspberry Pi5, and the Orange Pi I got to test as a mobile solution. The little Pi was a big disappointment. I think I can invent a long term job for it, then the 8GB Raspberry 5 will take over its role, and a 16GB Raspberry 5 will end up behind button #3 on the KVM.

Wait a minute, that is NOT virtualization …

… but why do we virtualize in the first place?

• Testing new operating systems.

• Prototyping new tool stacks on familiar operating systems.

• The ability to take snapshots along the way.

• The ability to roll back to known good snapshots.

• Creating compartments for hazardous tasks.

• The ability to export and share virtual machines.

• The ability to separate network services from compute services.

Having the KVM here with touch of a button access to Mac, Windows, and ARM Linux has been as freeing as when I first started using virtualization for experiments. Things that just never got done can now happen, because I can change context instantly. I occasionally wish I still had my Xeon workstation, but those memories fade a bit more with each passing day.

I think the final configuration will be 1) Mac, 2) Windows 11, 3) another EliteDesk just for Qubes, and 4) a 16GB Raspberry Pi 5. Faulty hardware last spring thwarted my move to Qubes, but the need to manually pull cables and rearrange things was also an impediment. Since I can instantly switch hit as needed, that creates an opening for Qubes adoption. The Pi 5 has 60% of the performance of my Mac Air, the 16GB version is just $220, which is less than half the cost of a comparable Mac Mini, and I get a machine w/o an intrusive nanny OS.

So we can do a lot of the stuff you’d want to virtualize using a collection of smaller machines and a KVM. There are some barriers, but there are also things you can do with a plant like that which virtualization can not provide - smoothly using MacOS and Windows, for instance. They can be made to work virtualized. but I’ve always found this to feel like using a twenty year old machine.

If you wanted to take a first step into doing things this way, I just discovered Steetek offers a two port KVM for $35.

And you can get an EliteDesk G5 with an i7 processor for under $300. This will run Windows 11, Ubuntu Linux, Proxmox cloud software, and Qubes.

Conclusion:

The last two months have been eye opening. I’ve seen intrusions into cell phones, personal computers, standalone servers, and cloud environments. And that’s not in the research & investigations space, that’s just plain ol’ commercial use of technology.

Given the minuscule cost of a two port KVM and the high likelihood that each of you either have (or can quickly obtain) some sort of system to use on the second port, there’s no excuse not to have some sort of hardware level separation between your living and your lurking.