- 09 Sep 2024
- 19 Minutes to read
- Print
Best Practices for Building Virtual Machines
- Updated on 09 Sep 2024
- 19 Minutes to read
- Print
This article will help lab developers who plan to use Virtual Machines (VMs) in Skillable Studio as part of their lab strategy. By following these considerations and recommendations are part of the lab development lab developers can provide their audience with a best-in-class experience.
Best Practices for Building Virtual Machines
Setting up an effective and reliable virtual machine-based labs is important for providing an optimal hands-on learning experience. This article outlines best practices and the settings on Lab Profiles and Virtual Machine Profiles for creating virtual environments that adhere to standards and ensure seamless user interactions.
By adhering to these best practices, you will enhance the quality and effectiveness of virtual machine-based labs, providing users with a seamless and impactful hands-on learning experience. Regularly review and update configurations based on evolving requirements to maintain the highest standards of lab development.
Virtual Machine Platform Choices
Skillable can deliver a VM experience on Hyper-V, VMware ESXi, as well as public cloud platforms, Microsoft Azure, and Amazon Web Services. There are many decision points that can inform a business which platform that might be chosen. The primary use case for Cloud based VM’s is specialist hardware requirements for example Secure Compute CPU’s or Hardware Graphical Processing Units (GPUs). Running VM in the cloud are more expensive that running virtual machines in the Skillable Datacenters due to the pricing model and the ongoing costs around storage and networking. For a discussion on which platform to choose see: A perfect fit: Support your lab goals with the best fabric. - Skillable
Virtual Machine Optimization
Having selected a VM platform the next step would be to build the VM itself. There are several options on how the VM could be created:
Selecting a template from the Template Gallery (Public or Organization)
Duplicate and existing profile in Skillable Studio
Build a VM locally and upload the VM Virtual Hard Disk or OVA to Skillable Storage
Upload the OS installation media (ISO) to Skillable Storage and install a new VM from the media
Once the VM exists in Skillable Studio it would then be a best practice to optimize the configuration of the VM as part of the wider configuration of the VM. It is important to remember your use case and not implement optimizations that could impact the use case negatively. For example, we recommend updates are turned off, but there are valid scenarios where updates would need to be left on so in this case you would leave updates on.
General Settings All Operating Systems:
Resolution Settings: Setting resolution to 1024x768 creates a standardized visual experience, accommodating various display configurations and promoting uniformity.
Passwords: Set passwords not to expire.
Trash/Recycle Bin: Make sure is Trash/Recycle bin is empty.
Web Browsers: Ensure you clear the web browser history.
Power Options: Set to High Performance, and then disable the turn off the display and sleep/hibernation settings.
Update Settings: In the Automatic maintenance setting, select Turn Off (if applicable)
Virtualization Components: Ensure the VM has the latest Virtual Machine Integrations installed. Microsoft calls these Integration Services and VMware call these VMTools/Open VM Tools
Windows Only
Configuring Windows VMs involves settings related to drive visibility, user passwords, domain connectivity, resolution, and additional configurations. These settings collectively contribute to a stable, secure, and user-friendly Windows environment for effective hands-on learning.
Disable Windows Updates: For the best user experience, it is recommended Windows updates are disabled.
Drive Visibility: Ensuring all drives are visible guarantees users have access to necessary storage resources, promoting a more comprehensive hands-on experience.
User Passwords: Setting user passwords to not expire avoids potential disruptions to the lab access, providing a smoother and continuous learning experience.
Domain Connectivity: Verifying domain connectivity, if applicable, ensures users can practice scenarios in a domain environment, aligning with real-world scenarios.
Resolution Settings: Setting resolution to 1024x768 creates a standardized visual experience, accommodating various display configurations and promoting uniformity.
Network Location Popup: Consider disabling the Windows New Location Popup.
Integration Services/VMware Tools: Installing Skillable's Integration Services or VMware Tools ensures optimal performance and functionality for VMs, enhancing the overall user experience.
Additional Windows VM Configurations: Consider configuring additional settings such as lock screen, notification area, power settings, update service, cache clearance, activation, animations, wallpaper, recycling bin, browsing history, event logs, recent documents, and more, based on specific learning objectives.
Linux VMs
Linux VM configuration involves settings related to resolution, animations, VM tools, and additional configurations. These settings contribute to creating a standardized and distraction-free Linux environment, enhancing user focus and experience.
Disbale Linux Updates: For the best user experience, it is recommended Linux updates are disabled.
User Passwords: Setting user passwords to not expire avoids potential disruptions to the lab access, providing a smoother and continuous learning experience.
Linux Resolution and Animations: Setting resolution to 1024x768 and disabling animations creates a standardized and distraction-free Linux environment, enhancing user focus and experience.
VM Tools Installation: Installing Hyper-V tools or VMware Tools ensures optimal performance and functionality for Linux VMs, improving overall usability.
Linux VM Additional Configurations: Consider configuring additional settings such as automatic updates, wallpaper, trash bin clearance, bash/terminal history clearance, uDev clearance, based on specific learning objectives.
AWS or Azure VM’s
When using Skillable to power AWS or Azure as the cloud virtualization fabric because the cloud vendor provides optimised images, we would always recommend you start with an AWS AMI or an Azure Gallery VM. For VM automations to function (LCA’s and Automated Activities) ensure the Skillable VM Cloud Integration Services are installed.
Virtual Machine Profiles
VM Profiles enable a Lab Developer to define the hardware features of the VM and some settings that will affect the user experience. Full details on the VM Profile settings for different platforms can be found here, but when designing labs, the following settings can have significant impact.
Basic Information
Platform: The platform defines the Virtualization host type you wish to use. Please see this Skillable blog on making a decision if unsure
Size: The VM has a significant impact on the performance of the VM if set to low, so select an appropriate size for the lab requirements.
RAM: RAM is the main driving factor in cost. You need to determine a reasonable limit for the RAM required for your virtual machine. Setting the limit to a value that is much higher than you need will increase cost, but setting the limit to a value that is too low will provide a poor user experience. Your goal is to ensure that your users have a good learning experience, while also managing costs.
Processors: A processor count higher than 4 results in diminishing returns on performance in a single user lab, so consider 4 to be the maximum value. The minimum requirements of an application or service might require an alternative value.
Licensing considerations when using ESX; traditional ESX allows the control of physical CPU sockets and number of CPU cores allocated evenly to each socket. With some software products licensed is based on physical CPU sockets therefore, it is important to know how Skillable allocates the physical CPU sockets on ESX hosts. If you select a virtual machine size that uses 24 or less vCPU cores the virtual machine will run on a single physical CPU socket. If a virtual machine size with more than 24 vCPUs is selected, then the vCPUs will be split evenly across two physical CPU sockets.
Username and Password: Ensure these are set correctly as these are the credentials that appear in the Lab Client and allow a Lab Author to create instructions without having to enter the specific usernames and passwords in the instructions. These credentials are also used by Skillable automation activities (LCA & ABA’s) and therefore need the appropriate permissions to carry out the required actions.
Screen Width and Height: Skillable recommend the starting screen resolution to be set to 1024x768.
Host Integration Enabled: This option informs Studio the VM has the appropriate VM services installed for the platform it is running on. This must be removed if the VM does not have the services installed for a good user experience.
Use Enhanced Session Mode (Windows only): This can impact the user experience, enhanced session mode if enabled allows features from the user’s workstation to integrate with the VM. These features include sound redirection and text copy and paste as well as dynamic screen resizing. However, in a multiple VM lab when a user switches away from the VM and then return they will need to sign in again.
Enable Dynamic Screen Resizing: This allows the guest VM screen to be dynamically resized based on the available screen resolutions in the VM. This feature does not support that additional features of ESM but when users switch between VM’s the user is not required to sign in again.
ESX: Works on Windows and Linux
Hyper-V: Windows only and requires the helper app see below on installing the Integration Services.
Nested Virtualization: If your lab requires running virtualization software inside the lab, for example Hyper-V, ESXi, Virtual Box, VMware Player, etc, then select the Nested Virtualization to provide the best experience possible. When building nested virtualization solutions ESX for the host VM would be recommended if the nested virtualization software is not Hyper-V.
Network Adapters
The Network Adapters tab configures MAC addresses and settings related to networking. Proper configuration here enhances the flexibility, scalability, and realism for specific lab scenarios, crucial for both Web Access and Nested Environments.
MAC Address Configuration:
If you are configuring a network adapter to connect to an internal network, select Specify Ethernet (MAC) Address, and then select + Generate to generate a MAC address.
If you are configuring an internet-connected network adapter using Web Access (NAT), select Specify Ethernet (MAC) address and generate one.
If you are configuring multiple virtual machines at the same time, generate the MAC addresses for one virtual machine, and then save the VM Profile for that virtual machine before configuring the next virtual machine, otherwise the Skillable Studio system will generate the same MAC address for each VM Profile for which you select Generate.
If you are configuring a network adapter to use with a Web Access (Public IP) network, ensure that "Specify Ethernet (MAC) address" is not checked.
Spoofing for Nested Environments: Enabling Spoofing for Nested Environments on the Hyper-V platform is crucial for accurate networking in nested setups, enhancing the realism of the lab scenario.
Lab Profiles
Just has with VM Profiles Lab Profiles can have a significant impact on the user experience. During this section these options will be explored. For a full definition of all the Lab Profile page settings see this article.
Basic Information
The Basic Information tab sets the foundational elements of the lab, including naming, numbering, and expected duration. Ensuring compliance in these areas enhances lab organization and provides users with clear expectations regarding the lab's purpose and duration.
Name Compliance: Ensuring compliance with naming conventions enhances lab organization and consistency, making it easier for users to identify and navigate labs effectively.
Number Compliance: Proper numbering aligns with requestor expectations, streamlining the identification and tracking of labs throughout their lifecycle.
Virtualization Platform: Select the virtualization platform the VM(s) will be using. A single Lab Profile does not support multiple platforms (see collaborative labs if this is a requirement). Set to None if this Lab Profile will not have a VM.
Duration Validation: Verifying expected and maximum durations align with the request/ticket ensures that the lab's time parameters meet the intended learning objectives.
Networks
The Networks tab is vital for configuring network settings, including internet access and public IP. Correct configurations here are essential for labs that require online resources or external accessibility, ensuring a realistic and fully functional learning environment. The networks page allows for the configuration of three main network types:
Private: Simple network with no IP Services, and no direct Internet Access
Web Access (NAT): Provides a virtual network that also provides Internet access. Internet access is provided through a pFsense VM that is added to the lab
Web Access (Public IP): Provides the VM(s) attached to this network with a Public IP Address. This network connect has very limited security applied and is the responsibility of the Lab Profile developer to secure the running lab instance. To use this please contact Skillable Customer Support
Virtual Machines
The Virtual Machines page is the core of lab configuration, associating VMs, setting defaults, and configuring networks. A well-configured Virtual Machines page ensures that users have access to the right virtual resources, promoting a seamless and organized learning experience.
Default VM Selection: Setting the correct default VM ensures a smoother user experience, reducing potential confusion and streamlining the launch process.
Startup Delays: Configuring startup delays correctly prevents potential resource conflicts during the lab launch, optimizing the overall performance of the virtual environment.
Wait for heartbeat before displaying to user: This should only be selected if the VM has the services installed for Hyper-V or ESX, otherwise this option can delay the Lab Client being presented to the users.
Network Associations: Correct network associations for each VM contribute to a well-configured and secure lab environment, aligning with the network requirements specified in the request.
VM Display Order: If the Lab Profile contains more than one VM the order they are displayed on the Resources page of the lab client is controlled by the up and down arrows on the right.
Removable Media
The Removable Media tab is essential for labs that involve interaction with ISOs/VFDs. Associating the appropriate Removable Media Profiles ensures users can access the necessary tools and resources during hands-on exercises.
Removable Media Profiles: Associating appropriate Removable Media Profiles allows users to interact with ISOs/VFDs as required, enhancing the hands-on experience and providing access to necessary resources.
Build a Windows Virtual Machine
Set screen resolution to 1024x768, set the desktop to a solid color, and empty the Recycle Bin.
Set the Power Options to High Performance, and then disable the Turn off the display and Put the computer to sleep settings.
In Advanced System settings, select Adjust for best Performance, and then check Smooth Edges of Screen Fonts.
In the Action Center, in Security and Maintenance, disable all notifications.
In the Automatic maintenance setting, select Turn Off.
In Windows Defender, select Turn Off.
In Screen Saver, select Turn Off.
In Background, select a solid color.
This will provide a much smoother control by the users when the background is visible.
In Windows Firewall, select Turn Off (if appropriate).
Set the homepage of the browser to about:blank.
Clear the Recycle Bin.
Disable Password Expiration (Local and/or Domain) for the Administrator account and any other account(s) that may be used.
Ensure that security certificates will not expire during the life of the lab.
Clear the Start menu history.
Empty the event logs.
Ensure that all virtual machines in a lab profile are set to a uniform time zone and are synced with each other.
Ensure that all software used on your virtual machine is properly licensed.
Disable Windows Update.
For Hyper-V Virtual Machines
In the lab environment, on the Developer menu (the gear icon), select Integration Services.
This will attach a DVD from which you can install Integration Services. If you are prompted to install .NET 4.5, you’ll find a .NET 4.5 installer included on the DVD. You can use File Explorer to open the installer.
Integration Services allows automatic screen resizing, command execution within a virtual machine, activities and automated performance-based scoring.
For ESX Platform Virtual Machines
In the lab profile, on the Removable Media tab, add a ESX_VMTools_ForWindows Removable Media Profile.
If you don’t see the ESX_VMTools_ForWindows Removable Media option, select Create Removable Media, set the name to ESX_VMTools_ForWindows, and then in Path, select Choose (ESX). Browse to VMWare(vm)-tools-windows-9.0.5-1137270.iso, select OK, and then select Save. Launch the lab, and then in the DVD Drive list, select ESX_VMTools_ForWindows.
ESX_VMTools_ForWindows contains VMware Tools for Windows Guests that, in this environment, is primarily useful for enabling mouse control of the Virtual Machine.
Use your keyboard to proceed through the installation.
Once completed, accept the reset machine option.
Build a Linux Virtual Machine
If building a Linux VM with a Graphical desktop, set screen resolution to 1024x768, set the desktop to a solid color, and empty the Recycle Bin.
Set the Power Options to High Performance, and then disable the Turn off the display and Put the computer to sleep settings.
In Screen Saver, select Turn Off.
In Background, select a solid color.
This will provide a much smoother control by the users when the background is visible.
Set the homepage of the browser to about:blank.
Clear the Trash Can.
Clear command history (default history files are ~/.history or ~./bash_history
Disable Password Expiration for the Root account and any other account(s) that may be used.
Ensure that security certificates will not expire during the life of the lab.
Ensure that all virtual machines in a lab profile are set to a uniform time zone and are synced with each other.
Ensure that all software used on your virtual machine is properly licensed.
Disable Linux Updates.
Integration Tools
Modern Linux operating systems come with the services for Hyper-V and ESX preinstalled as they are both part of the standard device driver tree. If there are integration issues the services can be checked and re installed as required.
Hyper-V Integration Services
To check to see if the Hyper-V services are installed use the command:
sudo ps -ef | grep hv
The command should list a set of running processes if the services are installed. If they are not then use the appropriate Linux installation tool to install the Linux packages:
linux-virtual
linux-cloud-tools-virtual
linux-tools-virtual
Documentation for running Linux on Hyper-V on the Microsoft Website.
VMware Tools
For checking and installing the latest VMware tools see the VMware Tools on Linux documentation.
Configure Internet Connectivity in a Virtual Machine
For a NAT-connected NIC, set the IP, Subnet Mask, and Gateway to the scope of the Web Net (NAT) IP settings.
These settings were configured after import.
Set the DNS to 8.8.8.8 or 1.1.1.1.
You can set the DNS value to anything you want, but 8.8.8.8 or 1.1.1.1 works well for most labs.
Specific Software Configuration Recommendations
This section lists some specific Skillable recommendations with certain software services or applications.
Disabling Automatic Updates
Today, all operating systems automatically update, and this feature should be disabled for most lab environments for the following reasons:
Updating impacts machine performance
It could potentially require a system to reboot in the middle of a lab
It can make changes that could break the labs instructions, especially for graphical systems
Windows 10/11
To disable Windows Updates:
Set registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
To: DWORD(32-Bit) NoAutoUpdate = 1
Linux Distro Examples
Linux Mint - Disable in Startup Applications from Control Panel
Ubuntu Desktop – Disable in Software & Updates from control Panel
Ubuntu command line – Edit/etc/apt/apt.conf.d/20auto-upgrades
Centos – Disable and remove the package packageit
Configure a Virtual Machine that is a Domain Controller
If using multiple domain controllers, in Active Directory, increase the tombstone value to 1,000 days.
If replication is used, ensure that it is functional.
In the domain administrator account, disable password expiration. Do the same for any other accounts that may be used.
Configure Office 2013 or Later in a Virtual Machine
Run the Regedit command.
In the registry, go to HKEY_CURRENT_USER\Software\Microsoft\Office\OfficeVersion\Common, and then create a new key named Graphics.
In the Graphics key, create a new Dword value named Disableanimations.
Right-click Disableanimations, and then select Modify.
Select Decimal, enter a value of 1, and then select OK.
This disables the animations in Office, which improves performance.
Launch Office to confirm the setting change.
Windows and Office Rearms
Rearm Windows
With the Windows OS the activation timer can be reset with the rearm utilities. When the activation clock has been reset the Windows OS will run for 30 days from when it is next booted. Therefore, when a Windows VM has its activation clock reset and then a difference disk is created the clock will not start until the VM is powered up again. Today with modern versions of Windows it is not uncommon to find that Windows has over 1000 rearms available, which simplifies this process completely and only the section on when multiple rearms are left normally needs to be followed.
Checking the Rearm Count
To check the remaining number of Windows rearms, at an elevated command prompt, enter SLMGR -DLV, press Enter, and then check value of the Remaining Windows rearm count.
Rearm Windows When There Are Multiple Windows Rearms Remaining
At an elevated command prompt, run SLMGR -Rearm.
Shut down the virtual machine, and then save the differencing disk.
Rearm Windows When Only One Windows Rearm Remains
Remove the Windows rearm disk, make any additional required changes to the virtual machine, and then save those changes to a new differencing disk.
If there is only one remaining Windows rearm, you need to create a separate differencing disk to keep the rearm separated from all other changes made to the virtual machine. This ensures that the last remaining Windows rearm is preserved by allowing you to be remove the Windows rearm disk from the Hard Disks tab in the virtual machine profile in the future if any changes need to be made to the virtual machine.
Repeat the Windows rearming process, and then save the rearmed virtual machine to its own, separate differencing disk.
Rearm Office
Office often presents more of a challenge with respect to license activation today this is because office generally has far few rearms available than Windows. The preferred mechanism today is to use the Office Rearm Script in the Script Library as an LCA action on the Lab Profile. One important thing to remember is if you intend to modify the VM and create a new snapshot on the VM, disable the LCA before launching the Lab Profile as you would not wish to waste an Office rearm. If you wish to fix the rearm into the VM image, follow the instructions below. It is important to remember the Office activation clock starts next time an Office application is run, the Office activation timer is either 5 or 30 days depending on the office version.
To check the remaining number of Office rearms, at an elevated command prompt, enter cscript C:\windows\system32\slmgr.vbs /dlv All >> C:\\OfficeRearmCount.txt.
Open OfficeRearmCount.txt and find the Remaining Office rearm count for your Office installation.
Rearm Office When There Are Multiple Office Rearms Remaining
Search for OSPPREARM.EXE for your version of Office, and then run OSPPREARM.EXE as an Administrator.
As an example, the default location for OSPPREARM.EXE in Office 2016 is C:\Program Files (x86)\Microsoft Office\Office16.
Rearm Office When Only One Office Rearm Remains
Removing the Office rearm disk, make any additional required changes to the virtual machine, and then save those changes to a new differencing disk.
If there is only one remaining Office rearm, you need to create a separate differencing disk to keep the rearm separated from all other changes made to the virtual machine. This ensures that the last remaining Office rearm is preserved by allowing you to be remove the Office rearm disk from the Hard Disks tab in the virtual machine profile in the future if any changes need to be made to the virtual machine.
Repeat the Office rearming process, and then save the rearmed virtual machine to its own, separate differencing disk.
Create a Combined Rearm Disk
If you have Office installed, and either Office or Windows is down to one remaining rearm, create one differencing disk that contains the rearm for both Windows and Office, and then keep this differencing disk separate from all other work.
See Rearm Windows When Only One Windows or Rearm Remains and Rearm Office When Only One Office Rearm Remains.