12

I have a new dedicated server that I'm going to create a couple of VMs on. OS will be CentOS 6.5, for the host and the VMs.

Does the GUI on the host (Gnome etc) give any real benefit when it comes to handling the VMs? Or is it just sucking up system resources unnecessarily? Can you quantify how much? Does it affect resources all the time, or only when I'm viewing it?

What does it enable me to do that I can't do from the command line with virsh etc?

This is an E5-1650 (6 core, 12 threads) box with 32GB ram.

If you're of the opinion that a GUI is a useful thing to have, can you tell me which packages I need to install. I know "yum install Desktop" does the job, but it installs a hell of a lot of dependencies, and I wondered if there's a slimline alternative?

Codemonkey
  • 1,034
  • 2
  • 17
  • 36
  • 1
    Repeat after me: "If I don't need it, I will not install it on a security-sensitive server." – Shadur May 10 '14 at 07:47
  • 1
    It may be unwarranted to assume the server is security sensitive based on the given post. While security may be a concern to you and me, there are usage cases where this is not an issue - which could leave just the resource issue. – davidgo May 10 '14 at 10:16
  • 1
    Shadur makes a good point though. I was more interested in the resources initially, but I hadn't really given security concerns any thought, and of course he's right, simpler is better. – Codemonkey May 10 '14 at 13:27

1 Answers1

13

From a security point of view, installing a GUI is a bad idea as it greatly expands the attack surface of the host. Certainly a GUI does take up some resources which could otherwise be used by the VM's. Gnome will take up resources whenever it is running - regardless of whether or not you are using it.

The solution I typically use is to NOT install a GUI on the server, but install the minimal requirements (xauth package), access the machine via SSH and then run virt-manager through SSH such that it exports onto my workstation. The added benefit being I can do this from anywhere (and I can enable compression on SSH for slower connections as well)

davidgo
  • 5,964
  • 2
  • 21
  • 38
  • So you run virt-manager on the server but the graphical output of it happens on another PC, over ssh? Can you point me to an article about that? I've just been through the rigmarole of learning about setting up VMs etc with the GUI, and have now reinstalled the host OS so I can start from scratch without making a mess of things... I can install a VM easily enough with the commandline (virt-install, --nographics, etc), but I can see the benefit of having nice little cpu/disk/network graphs for each VM, etc – Codemonkey May 09 '14 at 21:40
  • Yup. Look at the section "Launch VirtManager Remotely" at http://xmodulo.com/2013/10/install-configure-kvm-centos.html. What I do is even simpler though - just "yum install xauth", modify /etc/ssh/sshd_config so X11Forwarding is yes and restart, then login, su to root and run virt-manager - and it all happens seemlessly. I do note that my workstations are Linux boxes which make it easy. (Similar to http://thepoch.com/tumblr/so-you-want-a-centos-6-kvm-host-server.html) – davidgo May 09 '14 at 21:46
  • Yeah, my workstation is a Windows box. Not adverse to setting up a home linux box to play with this though. – Codemonkey May 09 '14 at 22:16
  • 3
    @Codemonkey Overall I've found that it's much, much easier to administer Linux servers _from_ a Linux desktop. If you're going to be doing this professionally, I strongly recommend it. – Michael Hampton May 09 '14 at 23:22
  • Thanks, I appreciate the advice. I've been doing this stuff a few years (probably badly), but have only ever used putty - which I expect is just as good on windows as it is on linux. But for things like what we're discussing here (which I had no idea was possible) I'm sure you're right. And it makes me wonder how much more I don't know.... an almost infinite amount, sadly :D – Codemonkey May 09 '14 at 23:44
  • Have a look at http://techiecook.wordpress.com/2011/06/16/how-to-export-xwindows-display-using-putty/ for a way to do this under Windows (I've not tried it) – davidgo May 10 '14 at 00:11
  • @Codemonkey The fun thing about unix/linux is that the more you learn about it, the less you realize you actually know... But you learn how and where to look for what you don't know. – Shadur May 10 '14 at 08:00
  • @Codemonkey Well, in my opinion putty is half the problem. It's pretty sad that it's the best available ssh client for Windows. I would not even think about trying to use it on Linux. – Michael Hampton May 10 '14 at 13:59
  • Care to enlighten me of its shortcomings? – Codemonkey May 10 '14 at 15:11
  • You can use remote X from Windows via putty + xming – Keith Aug 05 '14 at 19:14