IT Partners Conference – 6/2/2010 – Distributable Virtual Machines Developing and Deploying at MIT Distributable Virtual Machines IT Partners Conference.

IT Partners Conference – 6/2/2010 – Distributable Virtual Machines

Developing and Deploying at MITDistributable Virtual Machines

IT Partners ConferenceJune 2, 2010


Background of VMs at MIT

IS&T licensed VMware for MITDecember 2007

Thousands of staff & students at MIT started using VMware Workstation & Fusion

Departments started creating/using VMsDUSP IS&TSloanmore

Need a better VM for everyone


The Old Way – 2-8 hours

Create a VMInstall WindowsApply Patches, Reboot, more patches,

Reboot, even more patches (repeat)Install software and configureCopy VM files to new machinesHope settings are right


Downsides to the Old Way

Time consuming – 2-8 hours to createName conflicts

Windows SID collisions Problems adding to Windows domains

Windows machine name collisionsMAC Address conflicts

Identical user accounts (security risk)Everyone’s VM is a little bit differentSupport Nightmare


Goals for Doing things Differently

Save time and effortCreating VMInstalling & Configuring Software

Consistency (easier to support/troubleshoot)

Unique (accounts, SID, UUID & machine name)

Apply Best Practices including Security


Approach for creating distributable VMs

Lots of different needs identified by multiple groupsBase Windows VM (SWRT)Student VM (FSX & OEIT)Business Applications (Business Help Desk)Plus DLC VMs

Started several efforts until we discovered we were all working towards similar goals

Paused and brought the IS&T efforts together to provide a truly supportable and scalable Distributable Windows VM


What would be better?

Information Services & Technology

http://images.google.com/imgres?imgurl=http://www.gaztenet.com/gazteweb/sinbarreras/cursosonline/nivel1/formacion_especial/paginas/introduccion/img/windowsxp/logo_xp.gif&imgrefurl=http://www.gaztenet.com/gazteweb/sinbarreras/cursosonline/nivel1/formacion_especial/paginas/introduccion/2window_uno.htm&h=300&w=284&sz=9&tbnid=ZF_P4NgYybW5EM:&tbnh=111&tbnw=105&hl=en&ei=utohRMWnKaX-JJ7W6KgH&sig2=eMe8KVS0_AWeQwl4TM4sEQ&start=1&prev=/images?q=windowsXP+logo&svnum=10&hl=en&lr=&safe=off&rls=GGLG,GGLG:2005-29,GGLG:en


The Future


Distributable Windows VM

Windows 7 - 32 bitBest Practices Security PolicyConfigured for MIT’s WAUS and patchedGeneralized (unique SID and other

identifiers)Targeted Audiences

Base VM for customizing by DLC (IT Partners)Student VM (students)Administrative Staff (faculty & staff)


Licensing for VM’s OS

Usage up to 4 Windows VM per machine covered under MSCA

Key Management Server (KMS) with Windows 7 makes this transparent for usersHas to be on MITnet (VPN counts) at least once

every 180 days


Base VM

Designed for Local Technical Experts to create custom DLC specific VMs

Windows 7 (1 GB RAM, 40 GB HD)Security PoliciesMIT WAUS (updates applied)VirusScan & VPN installedPrint through Host’s default printerMicrosoft SysPrep to GeneralizeVMware (.VMX) Config file generalized


Base VM Demo of generalization

http://kb.mit.edu/confluence/display/istcontrib/Instructions+for+Generalizing+VM+for+deployment

https://kb.mit.edu/confluence/display/istcontrib/Instructions+for+Generalizing+VM+for+deployment

https://kb.mit.edu/confluence/display/istcontrib/Instructions+for+Generalizing+VM+for+deployment


Student VM (Base VM +)

Student oriented or licensed softwareStudent MatlabOpenOfficeNetBean & EclipseEmacsAnd much more

Mirroring of Documents FoldersHelps keep user data off VM

Custom Background


Student VM Demoof first launch


Administrative Staff (Base VM +)

Faculty/Staff oriented or licensed softwareMicrosoft Outlook 2007SAPguiBrioQueryInsert moreAnd much more

Mirroring of Document FoldersHelps keep user data off VM

Custom Background


Questions?

[email protected]

Jim Cain – OEIT – Experimental Learning Environments Team [email protected]

Jonathan Hunt – IS&T Faculty Student Experience Team [email protected]

Blake Skinner – IS&T Software Release [email protected]

mailto:[email protected]


