To virtualize or not....

YeOldeStonecat said:
I often see .NET updates tank an LOB app. Not a bad Microsoft update..just... a .NET update. A lot of healthcare software is wicked pissy too of aggressive update schedules..surprisingly..for a niche so hell bent on security thus updates...their apps are often quite behind and twitchy!
Click to expand...

Oh now that doesn't surprise me, fortunately none of my current customers have issues on that front. The most stubborn LOB I've got in service is just a fat SQL client, and that thing while it's got plenty of issues hardly ever just flat breaks.

And said LOB vendor just forced me off 2012 and onto 2016 because they now demand that both the execution environment and the SQL environment be in MAINSTREAM MS support. 2012 just went extended last month.
 
Slaters Kustum Machines said:
LMAO, best thing I read for awhile.
Click to expand...

Seriously, it's true. Up until recently, one product for Hospices....the desktop client leaned on Java a lot. Back when I started rolling out our patch management for desktops, naturally that included Java..since Java was such a huge hole and widely exploited. One day a certain function of the app wouldn't work. Their support determined the Java version that just came out was the issue. They wanted me to roll back sooooooooo far. This was back in the...oh..late version 5.sumtin days or early v6 days. I'm like "No way I'm not rolling back that far it's crazy, I'll roll back to what it was last month cuz it was working...but...I'm not comfortable leaving them at that version for very long, you guys know this is a huge security risk right?" I worked long and hard campaigning against one of their lead developer guys telling them how big of a vector of attack this was...to have desktops on such an old version, need to make your product keep up with latest versions". They finally put more effort into that...I can now maintain this client at the latest version all the time.
 
YeOldeStonecat said:
Seriously, it's true. Up until recently, one product for Hospices....the desktop client leaned on Java a lot. Back when I started rolling out our patch management for desktops, naturally that included Java..since Java was such a huge hole and widely exploited. One day a certain function of the app wouldn't work. Their support determined the Java version that just came out was the issue. They wanted me to roll back sooooooooo far. This was back in the...oh..late version 5.sumtin days or early v6 days. I'm like "No way I'm not rolling back that far it's crazy, I'll roll back to what it was last month cuz it was working...but...I'm not comfortable leaving them at that version for very long, you guys know this is a huge security risk right?" I worked long and hard campaigning against one of their lead developer guys telling them how big of a vector of attack this was...to have desktops on such an old version, need to make your product keep up with latest versions". They finally put more effort into that...I can now maintain this client at the latest version all the time.
Click to expand...
I believed you, it was just the way you said it.
 
YeOldeStonecat said:
Their support determined the Java version that just came out was the issue. They wanted me to roll back sooooooooo far.
Click to expand...

There was a time period when the State of Illinois website for something (checking Medicaid? something insurance related) required an Ancient version of Java - not 2-3 updates back, 2 major revisions back.

Fortunately that was resolved long ago - last time I saw anything about it, they required either the current or next most recent update and would require updates for anything older than that.
 
Don't recall, I think they fixed it at least a couple years back. They were doing something with a Java applet for authentication, but I don't believe there was anything VPN-related about it - just an old piece of code that "worked" as long as the end users didn't update.
 
Take a look at Proxmox VE. It's free runs on top of Debian and is a very good choice to run any Windows system. Currently I have Proxmox VE running Windows Server 2012 R2, 2008. Proxmox VE has built in backup so no need for third party app to provide the backup. Unlike the free versions of Hyper-V and XenServer. Both need a third party app for backup. Just make sure to get the proper RAID card for Proxmox VE. There is a link on their website that lists the preferred RAID cards.

Also, no restrictions on how many CPU sockets/cores. I have used Proxmox VE, Hyper-V and XenServer and keep going back to Proxmox VE.
 
That backup on ProxMox is the same deal as plugging in a USB drive to your Hyper-V Host, and scripting a file copy of the .vhdx files to it... That's not a backup... not a real one anyway. And Windows Server backup on the host will do that very same job.

It's possible to script a backup on a vSphere host doing something similar, but it actually outputs an OVF.

This is actually why I started using HyperV because I had windows on the platform to work with, it was easier to work around the at the time horrendously expensive backup packages. These days? They're free... plentiful, and the platforms have APIs that make it bread dead easy.
 
Last edited:
Sky-Knight said:
These days? They're free... plentiful, and the platforms have APIs that make it bread dead easy.
Click to expand...

What backup softwares are on the price tier lower than Datto & Shadowprotect that you have had good experiences with? I expect they would have to be "VM Aware" to get a good backups. I've heard about (but not used) Veeam, their free version looks like it might be a good answer if better protection isn't yet in the budget.
 
Veeam is the first thing that comes to mind, but Windows Server backup on the host can grab guests too.

You can also just robocopy the virtual hard disks to a USB drive and rotate them yourself. That means build a new container and stuff in the hard disk and reboot. You have to reconfigure the NICs, but the VM generally just stands back up otherwise.

And before you ask, no you don't have to shutdown the guest to do this. The platform's VSS awareness does things for you. No open file lockouts... Now when you restart the VM after restore it's going to whine about being improperly shut down... but then again so does Datto/Shadowprotect/whatever else you use.

You can use USB pass-through on external storage and do Windows Server backup direct on the guest too if you want. But you're very quickly getting into places where you'll find you're spending more time than Datto costs.
 
HCHTech said:
@Moltuae - I meant to ask, what software did you use to produce that diagram? Well done - it looks like something I might even get the client to understand!
Click to expand...
Its wasn't specialist software I'm afraid, just Corel Draw. I'm yet to find something that will make it quicker and easier for me to document systems. I do pretty much all of my documentation using a combination of Corel Draw and Excel.
 
HCHTech said:
What backup softwares are on the price tier lower than Datto & Shadowprotect that you have had good experiences with? I expect they would have to be "VM Aware" to get a good backups. I've heard about (but not used) Veeam, their free version looks like it might be a good answer if better protection isn't yet in the budget.
Click to expand...

We use Solarwinds BDR for the clients that don't have the budget for Datto. Stick a NAS on the network or even external USB 3 drive on the host...for the local "speed vault"..and then it also syncs offsite. Nice mid range backup product for about 1/2 the cost of a Datto Alto.
 
Moltuae said:
'm not sure how it compares price-wise, but Altaro VM Backup is my preferred choice. It's free for up to 2 VMs too.
Click to expand...

Thought I would dig this up to continue the backup discussion a bit. I've been playing with Veeam, yes it's free for up to 2 VMs, BUT, you can't schedule backups. They are all manual unless you buy the paid version ($750 + yearly maintenance). I'll check out Altaro next... I'll bet the robocopy answer is out if there is any kind of database on the VM.

Edit: Altaro allows scheduling and is free for 2 VMs or less. Their limitation for the free version seems a bit more worrisome: "Restore old versions of VMs up to 4 weeks". So...you can't restore a backup that is more than 4 weeks old?
 
Last edited:
I just started playing with Cloudberrylab on a personal basis as a replacement for the Crashplan setup that we and my distant parents had set up.

Cloudberry seems OK, but it's been close to a decade since I did anything much with Amazon S3 and holy crap what a pain. Trying to do the kind of bucket setup that I might be able to use were I to go with this for client backups as well (buckets on my account, but the systems being backed up all on separate security and protected from each other), but all of the IAM stuff has been introduced since I was using it and I'm unimpressed with the toolset. I'm sure it's incredibly powerful and scriptable for automated provisioning of systems, etc. but for my initial attempts of "set up segregated backup destinations for my desktop and my father's laptop" it leaves a lot to be desired.
 
HCHTech said:
Edit: Altaro allows scheduling and is free for 2 VMs or less. Their limitation for the free version seems a bit more worrisome: "Restore old versions of VMs up to 4 weeks". So...you can't restore a backup that is more than 4 weeks old?
Click to expand...
But how often do you need to revert back more than a few weeks? You should be backing up any data separately in any case, so the purpose of the VM backups is really just to insure against anything that might screw up the VMs (eg Windows updates). In those cases you will usually be reverting back no more than a few days. And if you do have any mission-critical VMs that require greater backup retention for any reason, it would probably be wise to consider paying for Altaro since it's relatively inexpensive and includes software support, should you ever need it.
 
You must log in or register to reply here.

Similar threads

Velvis
Want to access Verizon email (now AOL) through Gmail
Replies
4
Views
777
britechguy
britechguy
C
Sysvol policy placement
Replies
1
Views
597
YeOldeStonecat
YeOldeStonecat
HCHTech
Hyper-V - Moving VM to a new host
Replies
6
Views
980
britechguy
britechguy
thecomputerguy
Clients emails either not being delivered or going to spam.
Replies
6
Views
1K
callthatgirl
callthatgirl
HCHTech
LBFO vs. SET teams
Replies
15
Views
12K
britechguy
britechguy
Back
Top