Three features / ideas that would take Unraid to the next level


Dav3

Recommended Posts

Hi,

 

The following comes from me, a new Unraid user, one who understands the value the product offers yet has found the product to be quite technically challenging to get going to way I need.  Although I'm not a linux guru, I have a pretty typical tech background.  Therefore I think I represent a pretty large addressable market.

 

First off, this obviously isn't news but to me the product seems (or was) focused on the headless NAS market.  This is great as far as it goes, but I think it's probably being more used as a workstation OS virtualization product these days.  My attempts to get OS virtualization going leave me feeling like my attempts to use ESXi in a similar way.  Although I think I'm close to getting a solution running that meets my needs, it just feels oddly inside-out, and like trying to pound a square peg into a round hole.  This whole trying to use GPU passthrough feature, while great, is actually pretty difficult for the unwashed masses (like me) to implement and I think it really limits the product's market appeal from it's true potential. Therefore, I'm going to suggest three improvements in increasing breadth, starting with a minor tweak and culminating on a suggestion for basically a new product to sell along side Unraid server.

 

A bit of background.  I'm a primarily Windows developer, I've been programming professionally since before Windows.  Yeah, I'm kinda old.  For over a decade now I've been (mostly) happily using Vmware Workstation to virtualize windows guests on a windows host.  This has delivered a lot of convenience, allowing me to isolate my dev & test environments, etc.  And, crucially, protect my IP by not allowing secured guest VMs to access the internet while still being able to access lan resources (primarily lan file server).  However, as programming evolves, I've increasingly needed access to a full GPU.  Unfortunately Workstation has become something of a backwater product for Vmware as they chased the cloud, and they're unlikely to provide real DX12 shader program access from within a guest anytime soon.  The product has been stuck at DX9 level acceleration + some fake software emulation since like 2014.  So I haven't been able to do work in Unreal Engine, nor anything else requiring more than basic graphics for quite some time.  This has left me in an ugly multi-boot / multi-box / KVM switch environment I've wanted to move beyond for a long tme.  Thus my interest in Unraid.

 

Idea 1;  My immediate need is to set up unraid so I can work in a 'software assured' environment where my (and my clients) IP can't just slip out the net due to some phishing scam email, shareware app that self-update installs a back-door, etc.  So I've gotten unraid to boot, auto-start a pass-through GPU & SSD VM, and gotten that working pretty well.  However I need to partition the VM from the WAN but still access the LAN.  I originally intended to install pfSense since that seems the typical route people are going, so I installed a 2nd NIC.  For whatever reason stubbing that 2nd NIC broke unraid networking somehow (never figured that out) but anyway I'd prefer something lighter.  It seems like the iptables routing capability built into unraid should be sufficient for my simple needs, so I'm trying to use that with mixed effect.  It's been a long road but I'm pretty close to getting that working (with the help of @bonienl, thanks so much!)  but sitting here thinking about it, really all I need instead of a 2nd nic and dealing with br1 isolation is a virtual bridge network that's the converse of virbr0 - i.e. instad of being a wan-only bridge I need a lan-only bridge.  So my suggestion is to simply add a lanbr0 to the existing product and allow VM's to bind their virtio network adapter to it.  God that would have made my life easier!

 

Idea 2: So people want to virtualize windows.  But this is a steep learning curve for us windows-weenies.  But we are a very large addressable market, and there is a serious need for a product that makes windows more secure.  I think the following product could sell well if properly marketed.  Redesign unraid (probably new product) so that it can 1. run completely from a usb flash device, probably locally encrypted, create no HDD partitions .  2. boot, load unraid + kvm, 3. load whatever the default windows OS on the HDD into a bare-metal KVM sort of like how @SpaceInvaderOne does with his dual-"boot windows bare-iron and within a VM" youtube video, 4. pass-through all hardware devices EXCEPT the NIC(s), network access would be instead supplied by the virt-io bridge.  This would allow all sorts of opportunities to better manage the network access, insert network monitors, firewalls, etc and ideally a complete network security layer under windows.  Crucially, something needs to be done to wound windows so bypassing this security and simply booting windows natively again doesn't bypass this new security layer.  No, I haven't fully thought this part out yet.

 

Idea 3:  This running a NAS on my workstation, taking over the screen, keyboard & mouse, it's as great as it is problematic.  Getting dropped into the unraid GUI, losing the display once GPU pass-through, it's just unforgiving without multiple sets of keyboards, mice, & screens or at least a KVM switch.  I've kluged my dell monitor, which supports super basic KVM switch ability, but even now it's pretty esoteric by mortal human standards.  Yeah I know you linux gurus are laughing at me...  So, I think lime tech should come out with an entirely new product, one aimed at workstation use.  Call it Unraid Workstation.  This product might ditch (or depreciate) some of the NAS features but add a real linux desktop.  It would adopt the Looking Glass project and help get it out of beta.  It would then enable GPU virtualization while sharing the keyboard/mouse similar to how I do it in Vmware Workstation, but better (with full GPU support).  Ideally this would work in full-screen mode (as I can do in Workstation) where apps like games can run with little limitation yet when you drag the cursor to the top of the screen a window slides down and you can VM switch as easily as you can task-switch today.  Then add in a bunch of Linux goodness, like a firewall better than fpSense.  Personally I don't understand why nobody's done a docker firewall.  Is everyone waiting for wireguard?  But thhe whole thing needs to be turn-key for us non-bearded windows losers.

 

Ok that's a lot of word salad to digest, hope you enjoyed it.  Feel free to laugh / cry / etc or even ask me questions if folks want to talk about it.

 

Peace,

Dav3

 

</rant>

 

Edited by Dav3
  • Like 2
Link to comment
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.