Hi Brendan, I'm not sure why you're getting only 50/50 success rate on the installations. For me it's been perfect every time. This will need to be investigated.
Some of that stuff about increasing I/O throughput and stub priority stuff sounds great as I was unaware of it. Right now when QWT is installed the automatic installation leaves a checkbox related to increasing I/O performance with an extra Xen driver unchecked. I believe I tested it before and as long as you have decent amount of updates installed it appears to work fine. Maybe we can fine a command-line switch to install that extra driver too? As for the Windows updates do be informed that we must install a minimum of them or QWT will fail to install causing the system to go into recovery mode on next boot. Just having Service Pack 1 (SP1) isn't enough. Hence why I had to at least use wusa.exe to install those to WSU update packages out of the box. (The Servicing Stack and Convenience Rollup which is a bunch of updates in two update packages) I don't see why restarting windows-mgmt would be necessary. If you look at the create-media.sh script I've tried to make it as safe as possible by setting a TRAP on exit, ^C, etc so if the process is interrupted in anyway it will do it's best to clean up. However, all this may be fixed by packer (package on Debian) which I'm looking into and could completely streamline this process. Right now I have updates set to download and install automatically but turned off automatic reboots. I didn't want to turn off updates out of the box because as provided the machine is missing many important security updates. For example, it's vulnerable to MS17-010. However, this technically shouldn't matter as long as port 445 it's port forwarded to the LAN or another qube. I also never had an issue with the qrexec_timeout but perhaps that's because I have a fast SSD. I've been working on this lately as it would be able to easily specify programs to pre-install: https://github.com/crazyqube/qvm-create-windows-qube/tree/chocolatey (Read the todo in the README for more info about research and future changes) It's mostly done although it requires testing. Also, this: https://github.com/chocolatey/chocolatey.org/issues/687 is currently a big issue as I don't want people who want their Windows VM behind Tor to be treated like second-class citizens. Lastly, this project is in the process of being put into official documentation! https://github.com/QubesOS/qubes-doc/pull/854 Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, August 29, 2019 1:27 PM, <brendan.h...@gmail.com> wrote: > Hi crazyqube, > > I've used this to generate 20-30 VMs. > > I've noticed some incomplete installs (50/50). There do seem to be come > timing dependencies that sometimes cause failures. I'll be investigating > these further next week. > > I have some thoughts on changes I'll work on, if you're not planning to work > on them, that might address some of these: > > - Defaulting to debug=true so that boot problems can be easily diagnosed, > with instructions on how the user should manually disable it when finished. > - Increasing the device-stub VM priority from 256 to 1000 during install > utilizing xl sched-credit. This dramatically increases the IO throughput for > the installation. > - Defaulting to no-network. For the most qubes usage, I think many of us > won't plan to connect Windows to the internet. > - If network is explicitly set, only set it to the given option before/after > the final boot cycle, to minimize interference. > - Increasing the run-time of the final boot cycle, and possibly overlapping > that shutdown with the next creation. Utilize qvm-run shutdown.exe or qvm-run > a script instead of qvm-shutdown. > - Refactor repeated code into bash functions. > - Ensure loop devices in windows-mgmt are removed when finished (keep the > qui-devices menu uncluttered) > - Perhaps restart windows-mgmt between VM creations. > - Automate installation of xenvbd 8.2.2 or 8.2.1 after appropriate Windows 7 > updates are installed. > - Document that xenvbd is needed for attaching block devices from qui-devices. > - Utilize double digit counter instead of single digit. > - Option to disable windows update permanantly. > - Option to initiate windows update on last reboot (after QWT is installed). > - Increase qrexec_timeout to 600 by default. > > Brendan > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > [https://groups.google.com/d/msgid/qubes-users/aa0b38ae-ec25-40cb-a0c4-0c92b3cd2be7%40googlegroups.com](https://groups.google.com/d/msgid/qubes-users/aa0b38ae-ec25-40cb-a0c4-0c92b3cd2be7%40googlegroups.com?utm_medium=email&utm_source=footer). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ZOck9fwJg3pT0yM_BwYJWPmP_bUxTuNcP5UxXrUXX-cN-gSwIDN60MZCO6VxX4TszlgsMGtva61yvKrEkvbelLtHKZdunygZR72a3s-mYTU%3D%40protonmail.com.
