I have had this blog post in the pipeline for a while now, but I have been waiting until all the pieces fell into place, to make it something actually worthwhile to read! Be warned though, this is a rather long blog post – but please stay awake!
Having access to earlier builds of Microsoft operating systems is great (and pretty important for my job given that I specialise in deploying them!) as I get to play with new technologies long before everyone else :-). The only downside to this though is that, seeing as I only have one company laptop, it means that every few months I am constantly formatting and reinstalling my computer. This is a task that everyone knows is painful; no matter how great the setup process of Microsoft Windows and then all the applications, it is still a couple of days work afterwards getting everything just right. Also, it is not as simple as just reinstalling Windows and applications as I always had to realise the following process:
- Back up user data
- Back up Outlook PST files
- Back up Internet Favourites
- Export all certificates for my user account
- Export Bitlocker recovery keys
- Burn DVD with latest version of Microsoft Windows
- Format hard drive
- Install operating system
- Join computer to domain
- Install all patches
- Activate license for Windows
- Install all applications, i.e. Office, FOXIT PDF, Anti-Virus, Visual Studio, Visio etc. etc.
- Install more patches
- Move user data, favourites, Outlook files, certificates and everything else back to internal laptop hard drive
- Activate Bitlocker on hard drive (and re-encrypt C: partition)
It is such a tedious task that it would often put me off of changing the OS, particularly if I was away from the office travelling or did not have the time to do all of the above at home. And, after I had a Homer Simpson moment, I became paranoid that my backups were safe, so sometimes I made two copies of everything! What I wanted/needed was something a bit more ‘IKEA’-like; something modular that would allow me to swap pieces in and out easily without affecting the rest...
One day, on the way home from Barcelona on the train (trains are incredible in Spain by the way. From Madrid to Barcelona at 300 km/h without even noticing it) when I realised that, with a new feature in Windows 7 this was now possible! I have now been playing around the idea for a while and I wanted to blog about it, not so much that someone else might follow the steps (because it is far from painless at the moment, improving though) but because it shows the potential of what can be done right now with Windows 7 and existing software, and it might also be a common configuration one day in the future, who knows?
With Windows 7 a computer can boot using an operating system that is installed inside a VHD file, but the operating system is using the physical hardware of the computer – this feature is called “Boot from VHD” and has nothing to do with virtualisation apart from that it uses the VHD disk file format. What this means is that you can prepare a Windows 7 virtual machine in Hyper-V, execute sysprep and then copy the VHD file to a different computer and configure it to boot. The operating system inside the VHD file runs using all the physical hardware of the computer, but all operating system data remains inside the VHD file (think: container file, nothing more). Now, if my operating system is all contained inside a single file on the disk, here is the first step to making it modular; to change the operating system, I just need to copy a new VHD file to my hard drive and delete the unwanted VHD file or make it dual-boot.
This leaves me then with the problem of having to back up all user data before changing the operating system, and then restoring the data afterwards. But what if I configured Live Mesh to maintain a copy of my data in the cloud? By doing this, all I have to do is change the operating system, install the Live Mesh client agent and then sit back while all my user data reappears on my computer from the cloud. I won’t have had to make any backups, nor recover any files. My data is pulled down automatically from the online backup that Live Mesh maintains for me automatically and I can eliminate this pain from the process as well.
Now then, what about the reinstalling all of the applications every time? This is an easy one: if I package all of my applications into App-V “bubbles”, then I no longer need to reinstall any applications at all, all I do is just launch the application inside it’s bubble and I am up and running – no more application reinstalls and no need to worry about compatibility issues with a new operating system
In figure 1, I have represented the idea with a diagram. Every piece of the problem is contained inside it’s own module and can be swapped out easily, without affecting any other module – I can even change the underlying hardware, i.e. move to a new physical computer, with minimal effort now 🙂
Figure 1: Welcome to the Oxley-verse
In figure 2 I show my drive partition schema, so that you can see that I have no operating system actually installed, it is all inside a VHD file (note the blue colour for icon on disk 1). Disk 0 has 2 partitions, excluding the initial RAW partition, the first (the D: drive) is the partition that holds the VHD file. It is not a bootable partition, and contains only a single file, the VHD file. In the M: drive partition on disk 0 I have all of my user data, application files, etc. This is important as, in order for this to work, the VHD must only contain the operating system and nothing else.
Disk 1 is the VHD file that is mounted at boot time, containing only my Windows 7 install.
Figure 2: Drive schema
Finally, by redirecting my entire user profile to the M: drive, I am not using the C: for anything other than the operating system. All of the user data, such as Favourites, documents, even temp files, etc. are redirected to M:. I have it all working great now, but it took an awful lot of work to get there. However, now that it is done, I can change my operating system (simply swapping out the VHD, fixing a few registry keys etc.) and be working with everything again within a couple of hours, as opposed to a couple of days. Beat that for efficiency!
As with all experimenting I learnt plenty of lessons, the hard way. Also, it is not totally modular yet, as certain pieces can’t be abstracted from the operating system; an example of this is the anti-virus software that still needs to be installed inside the VHD file and certain applications insist on writing to C:\Users\USERNAME. Below, I have listed the biggest problems that I came experienced, as well as some issues that need to be considered. The biggest issue I have seen though is not actually a technical one; some of the configurations are very very very likely to be unsupported by Microsoft and/or third party vendors. This doesn’t concern me too much because I am my own helpdesk, but it may be an issue in different environments.
- Microsoft company policy states that any disk partition that contains confidential information must be protected with Bitlocker. As you can see in the drive schema above, M: is encrypted, and so is C:, which is inside the VHD file. Unless things change between now and the release of Windows 7, a Bitlocker’d “Boot from VHD” file is an unsupported configuration.
- Likewise, I am pretty certain that Windows 7 in VHD on a computer that has no operating system installed ‘normally’ (i.e. the files on the disk rather than wrapped up in a VHD file) is also an unsupported configuration.
- There is no 64 bit App-V client available yet.
- Sequencing applications in App-V can be a fiddly job, and also not all applications can be sequenced.
- There is allegedly a very slight loss of performance for Windows 7 running inside a VHD file when compared to a ‘normally installed’ Windows 7 computer. I would argue this point because, in my opinion, any performance degradation is either negligible or unnoticeable – but I am not refuting what Microsoft has published regarding this issue.
- By default, the installation of Windows 7 will not create a paging file if it detects that a VHD file is being used to boot. It took me a while to work out why I couldn’t start any virtual machines on my computer due to lack of memory because of this. You can create a paging yourself, but you’ll need to create it on a partition outside the VHD file, in my case it is on the D: drive as it is the only partition not encrypted with Bitlocker.
- Using standalone App-V packages requires a hefty amount of disk space because the packages are often larger than the space that a normal installation of the application would consume. Also, by carving up the local disk into partitions, I limited myself to the amount of space available.
- App-V applications can take a little longer to start (unless caching is used) compared to an installed application.
After reading this, the obvious questions is “why not just put the OS into a different partition?”. My answer to this though is simple; doing it this way I can prepare the VHD file using Hyper-V at leisure without loosing access to everything else while I am doing it. If it takes 3 weeks, then that is no problem! Also, and importantly, I can put all the operating systems I want to boot into VHD files that all reside on the same partition. I am currently running a dual-boot configuration with Windows 7 in one VHD file, and Window Server 2008 R2 (with Hyper-V enabled of course) in another VHD file, with both VHD files on the same partition (D:).
If you try any of this on your computer, please don’t later on phone Microsoft support for help. Not unless they publish a support statement clarifying that the configuration is a supported one! This is simply an experiment I have been working on that works extremely well for me as I often reinstall my computer.
p.s. for those that don't know. IKEA is a mega super store that sells modular furniture that you take home and try to build yourself.