Noob Have Boxes. Why use virtualization?
I'm seeing a lot of virtualization posts, by people who clearly know a boat load more than I do about a/many given specific topic(s). I must be missing an important concept. I have extra machines that I can dedicate to my network. Why/when would you use virtualization?
The same reasons you might use virtualisation for anything apply here.
Reduced power consumption.
Reduced rack space.
Ease of portability, backup.
Reasons you might not want to use a VM include security; bugs in the hypervisor might allow an attacker to bypass your firewall or the server on which your VM is running may be brought down by the actions of another VM.
Both these things are really very unlikely with modern virtualisation setups.
One machine rather than several…
And I could get decent wireless AP by passing through a usb adapter to a Linux vm ;D
Okay. So if you could pick just any software, OS and any required programs to run a virtual PFSense install, what would you pick?
I use vmware esxi (free), cos that's what I bought to use in the office (the non-free version), so I'm already familiar with it. Only negative is that it requires Windows to manage it. There are other solutions (kvm/xen) but I am not that familiar with them, but it all depends on your requirements.
To put it into context why I use virtualisation at home on 1 machine:
- pfsense VM. I'm in the sand pit where telco's profits & children need protecting, hence lots of sites & voip services are a no-no. An OpenVPN service as an additional gateway on pfsense is required to get around this.
- linux vm1: normal squid proxy
- linux vm2: squid proxy on VPNLan routed through vpn GW (I can quickly change proxy settings in browser to bypass ISP restrictions when required)
- linux vm3: Access Point with USB adapter passed through. 3 BSSID's for Lan Bridge, Guest & VPN Wireless. (Though technically possible on pfsense itself, recent Linux kernels, or router distributions such as OpenWRT, have better wireless driver support than pfsense/freebsd 8.*)
- A couple of other Linux VM's for various applications - torrents, syslog, apache etc…
- An additional esxi (V)LAN to play with the upcoming development version of pfsense.
- Added possibility of installing an OS for evaluation later on without having to dedicate physical hardware.
But I (have to) run Windows in Virtualbox on Linux to use the vmware management client, aka 'VSphere client'.
This is all done on a Mini ITX i5-2400S (65W) with 8GB Ram with spare capacity left over.
Thanks much for the info. A very informative snapshot of life in the real world. You just can't get that type of info from a book or a tut. Can clearly extrapolate my requirements from that. Nice!
Still not sure about how you put the machine OS and software together.
1. starting form a freshly formated, drive what when on first?
No need for the blow by blow, but am curious as to what software went on and the order that it went on.
Personally, I've started with baremetal box at home. It was just Linux OS as router - only Iptables running.
Then decided to test more features: Apache webserver, MySQL, Samba, monitoring software like Cacti, Wordpress… and MANY others. To learn them.
Guess what happens when something goes wrong (after update, after config change or so)?
After I've purchased first AMD CPU that supports virtualization I've asked myself: why not to try this new feature?
It was few years ago. Right now, I've deployed serveral virtualization hosts using serveral virtualization solutions.
This is really great. Almost NO downtime. Easy backups. Easy deploy. Easy learning. And many more..
1. freshly formatted, extra usb stick handy.
2. install esx(i) on usb stick.
3. config esx, make formatted disk datastore
4. deploy ova template for pfsense from esx manager
5. setup pfsense as explained here
6. configure pfsense as desired
7. install and test other operating systems, make snapshots, run a lab and more.
8. tell us what you have found and how things are going
Yeah, pretty much how how the true devotee does it. Same here, different hardware, with one extra: I generally buy a book or two if I can find them.
But same question: What software are you using?
That is exactly what I was looking for. Thank you very much. Will get back with report but it is going to take a few days. Darn work is cutting into my schedule.
No need to thank me, thank Biggsy instead, he is the one who spent so much effort writing up the PfSense 2 on VMware ESXi 5 docs.
As for the ova templates, that is of course all thanks to the pfsense devteam and especially Jimp.
All I did was put them together in a list for you and if that helped, great!
he is the one who spent so much effort writing up the PfSense 2 on VMware ESXi 5 docs
It kept me off the streets :D
What software are you using?
Right now, for all of my pfSense boxes are running in KVM virtualization.
But on client's site I also manage VMWare ESXi. I've also tested Citrix XenServer, Proxmox and few other platforms..
Right now, I'm going to learn something about Open vSwitch,
which I belive can support LACP for VMs, VLANs and other advanced network features.. I'm also interested in DRBD as HA solution for KVM
and Intel Vt-d / IOMMU as solution to attach physical NICs to the VM.
I'm sorry to say this, but I don't read books :( recently only one. I'm testing, testing, testing.. just check in practice.