Virtual machine hosting
We can host Linux server and Windows Server virtual machines (VMs) for you on our highly available cluster of servers. This is typically suitable for:
- running a service that needs to be online 24/7
- running applications that require a server operating system
- providing an application to multiple people, and allowing them to work on the same data at the same time.
Bare-metal VM hosting is available to run vendor supplied appliances or, in very exceptional cases, custom operating system installations. Please contact IT Services to discuss your requirements.
- Bare-metal VMs are not intended to run client application software with a graphical user interface, or act as an interactive session host for multiple users. For this use the virtual desktop service (VDS).
Key features
- VMs are built to one of our standard specifications (CPU, RAM, hard disk size, etc) and hosted on our highly available cluster of servers.
- You can request VMs running Ubuntu, Rocky Linux, Oracle Linux or Windows Server Standard edition at no cost. Redhat Enterprise Linux VMs can also be provided at additional cost. You may only request current and previous OS releases (LTS or major versions).
- The server can be backed up for you, with backups kept for 90 days. Backups are crash consistent by default and exclude data on external storage mounts (eg NFS on Linux, iSCSI or SMB shares on Windows Server).
- If the VM requires a physical USB device to be present, eg when used as copy protection, this can be provided using our USB Concentrator.
- Non-standard VM specifications can be discussed on a case-by-case basis to meet specific requirements.
Access instructions
Requests should be made by a Departmental Computing Officer (DCO) using our self service request tool:
Open VM self service (DCOs only)
Please allow five working days for your VM to be set up.
To access your VM, you’ll need to connect to the virtual private network (VPN):
- Linux server access is via SSH.
- Windows Server access is via RDP, Windows Admin Center or PowerShell remoting.
- Console access to your VM using a web browser is available on request.
Available to staff, postgraduate researchers and student societies (restrictions apply)
Authorised users can use this service on devices connected to the VPN.
Funded by the University
There's no cost for standard use. RedHat Enterprise Linux VMs are at additional cost.
Additional information
- VMs can be resized to grow or shrink as necessary. IT Services monitor VM utilisation, and may deem it necessary to reduce the size of any VM, particularly if this is impacting other VMs on the shared service.
- We may request additional justification or clarification before increasing a VMs resources, such as adding additional CPUs, memory or disk space. The hardware on which the VM hosting service operates is limited, so it may not always be possible for IT Services to agree to a significant increase, however we will always try to explain clearly our reasoning.
Access instructions
Requests should be made by a Departmental Computing Officer (DCO) using our self service request tool:
Open VM self service (DCOs only)
Please allow five working days for your VM to be set up.
To access your VM, you’ll need to connect to the virtual private network (VPN):
- Linux server access is via SSH.
- Windows Server access is via RDP, Windows Admin Center or PowerShell remoting.
- Console access to your VM using a web browser is available on request.
Contact for support
If you're experiencing technical issues and need advice, please contact IT Services.
Service commitments
We expect you to ensure the server is managed effectively and maintained regularly. As a server owner and system administrator, you play a key role in protecting information. This is required by the University's information security policy and policy for device access to University information.
You must consider the following aspects:
Central administration and maintenance
When you request the VM, you can choose whether you want us to maintain it, or whether you want to look after it yourself:
- By default, your VM will be linked into the University's authentication system and the operating system will be automatically patched.
- In most cases you will be responsible for ensuring any application software is kept up to date.
- In some cases we may also be able to take on installing, monitoring and updating certain applications as well - please contact us to discuss.
- We may be able to provide automated monitoring of your server and/or the services running on it. We can discuss this as part of your request.
- If you opt-out of IT Services authentication, you must take on the responsibility for patching both OS & applications, as well as all administration tasks, including properly securing your server.
Information and cyber security
- Review the security and data protection implications of any application software before you install it. The Cyber Security team can provide relevant guidance.
- Ensure the server and any applications are securely configured. For example any local user accounts created must have secure passwords, and be disabled or deleted when no longer required.
- Ensure you don’t relax or remove any security measures IT Services have put in place, for example, overriding Group Policy and/or Puppet configuration, tampering with anti-virus software or disabling the operating system firewall.
- By default, servers do not have direct outbound access to the Internet. This can be enabled on a case-by-case basis for a specified use case (eg access to a vendor’s license portal).
- Inbound access to the server is subject to vulnerability scanning and approval of the Cyber Security team. Please contact IT Support to request this when your VM has been fully configured.
Regular updating
- The operating system and all applications must be updated regularly to stay compliant with the patching policy. This means security updates should be installed at least once a month as an absolute minimum.
- IT Services offers automated patching of our supported Linux and Windows operating systems, however, you must ensure that any pending restarts are carried out to complete patch installation.
- Any software installed must be correctly licensed, in support and be kept up to date. IT Services are not able to automatically update most application software. You must update these manually, in line with the patching policy.
- You must move any applications and data to a newer operating system at least 6 months before the OS reaches end-of-life. IT Services aim to give all VM owners approximately 12 months notice, though this cannot be guaranteed.
- endoflife.date is a useful reference.
Contact information for the VM owner
IT Services may need to perform maintenance or security operations that affect your VM. You must:
- inform us promptly when your VM is no longer required.
- ensure that each VM has a valid and current point of contact, for example if the owner changes roles or leaves the University.
- respond promptly to queries from IT Services.
The following policies apply to all IT services provided by the University.
Availability
- This is a live service, available 24/7.
Support
- This service is managed by IT Services.
- Support is available during our opening hours.
- IT Services are responsible for monitoring, identifying and fixing faults to ensure the VM remains operational.
- Deploying agents to VMs to collect event logs, to monitor security compliance, to prevent malware or for other reasons deemed necessary to manage the IT infrastructure.
- Reviewing or aggregating log data, for example to check for compliance with the patching policy.
- Scanning VMs for security vulnerabilities.
Standards
- Our service performance and standards have been produced in consultation with our customers, and we monitor the delivery, performance and availability of facilities and services.
We appreciate feedback as it helps us review and continually improve our service.
Page last reviewed: 9 September 2024