Taming virtual machines with best practices – Part 2 of 3

Sunday 18 January 2009 - Filed under Tech Notes

Part 1 covered the preparatory steps and considerations for provisioning Windows virtual machines. Now let’s look at some of the best practices for keeping VM’s in good shape once they have been created and deployed. You may notice that what’s discussed here is very much applicable to maintaining Windows machines in general, not just virtual machines. It’s only simpler with VM’s because things like hardware device drivers are left out of the equation. So, what’s on the list?

• Turn off System Restore. Windows XP System Restore (called other things in other editions of Windows) takes snapshots of the system in case a major configuration change or installation of new software drives the machine insane – at the cost of additional hard disk space. Managing the state of a VM is supposed to be a lot easier than dealing with a physical machine as we will see in the next part of this series. Check under My Computer > Properties > System Restore, and switch it off. When it comes to VM’s, anything that causes the bloating of used disk space is a big no-no. And System Restore is usually the worst offender.
• Turn off the system beep. Although VM’s can play sound and music, you still get that uncontrollably loud system beep from time to time if you do something wrong or something goes wrong. Unless you specifically want to catch all audible alerts, turn off the annoying system beep in Device Manager. From the menu, check “Show hidden devices” and you’ll find an item called “Beep”. Disable, save, and reboot.
• Turn off the screen saver. For most non-production uses, there is no reason to let a screen saver lock up the screen of the VM. It only amounts to annoyance.
• Turn off Sticky Keys. For most people, Sticky Keys does not contribute to productivity. Either press Shift five times in a row, or hold it for about ten seconds. When the Sticky Keys settings appear, disable all keyboard shortcuts or simply turn it off for good.
• Reduce the disk space allocated to Recycle Bin. Right-click Recycle Bin, go to Properties and reduce the percentage of C drive disk space held by Recycle Bin down to 2% or less.
• Reduce the disk space allocated to temporary Internet files. From Internet Options, bring the maximum allowed disk space occupied by temporary Internet files down to 10MB or less.
• Disable Internet Explorer Enhanced Security Configuration. If the VM runs on Windows Server 2003 or 2008 and if you want to be able to test Web sites and applications, disabling IE ESC is a good idea. The steps are illustrated here.
• Disable Offline Files. From the Windows Explorer menu, go to Tools > Folder Options > Offline Files. Uncheck the “Enable Offline Files” box.
• Enable ClearType and install the ClearType Tuning Wizard. For better readability of screen fonts, take advantage of ClearType as explained in my other post. If the VM runs on Windows XP or Windows Server 2003, I recommend you separately install the Vista ClearType fonts. The easiest way of legally installing the fonts if you don’t already have them is to download and install the free PowerPoint 2007 Viewer from Microsoft.
• Enable font smoothing over Remote Desktop. If you use your Windows Server 2003 or XP VM for development and testing purposes and want to be able to Remote Desktop into it from another machine, you need to do some tweaking to maintain the font smoothing. For Windows Server 2003, there is further information and a hotfix available here. For Windows XP SP3, a registry hack is required as illustrated here. There is nothing illegal about any of this.
• Adjust performance options to best performance. In My Computer > Properties > Advanced > Performance, select “Adjust for best performance”. It basically strips all eye candy that slows down the VM. Clicking on the “best performance” choice unchecks all individual options listed in the box below it. Leave them all unchecked except for two: “Smooth edges of screen fonts” and “Use drop shadows on icon labels on the desktop”.
• Install all available software updates. Keep all your Microsoft software up to date with Microsoft Update.
• Install antivirus software. When you enable Internet access from your VM, it has the same security vulnerabilities as your physical machine. Install antivirus and firewall software as needed. Cost is no longer an excuse or barrier. For Windows Server 2003 VM’s, either install antivirus that works on Windows Server or don’t expose the machine on the Internet when in normal operation.
• Abide by the rules to avoid complications or trouble. You can toy with your VM all you want in your own playground, but when you ship it across to a controlled computing environment, remember it appears as just another machine on the network. It means the same rules and policies apply to the VM and that includes security, networking, and licensing requirements. Don’t deploy your VM, i.e. make it visible to other people’s computers, without consulting your IT administrator first. If you must fire it up in a common operating environment not knowing if it’s okay, switch the VM’s networking mode to “Host Only”. It’s like switching a mobile phone to flight mode before take-off. Your host machine and your VM can still communicate with each other, of course.

Not done yet.
It’s a mouthful already, and we haven’t even gone to the real juicy part of my VM management scribbles – that is, how to keep the virtual machine lean and free of clutter, and also how to archive it away at important milestones so you can start over effortlessly after you’ve stuffed it up beyond repair on a bad hair day.

2009-01-18  »  JK