0

I know that VMWare vSphere can be booted from SD card and run entirely from memory. It doesn't save logs locally in that case. It's slow to boot, but there's nothing to read or write after boot so the speed of the card doesn't matter. ( VMs are run off proper storage , of course ).

Can the SD can be locked so that it can't be written / altered , and VMWare still boot from it successfully?

I would be shutting down and unlocking intentionally for maintenance / upgrades. I would be writing logs to an external server.

MountainMan
  • 5,839
  • 1
    Why didn't you just try it, use the side switch for testing. I do think you'll need the patience of a saint to run a VM from an SD anyway… – Tetsujin Sep 15 '23 at 16:16
  • Thanks for the query, question has been edited. I only have one production server and it's not worth rolling the dice until I have a spare. The performance is OK aside from boot time ; nothing is read or written to the card after boot as far as I know. – MountainMan Sep 15 '23 at 16:22
  • 1
    @Tetsujin part of the problem is that the side switch is only there to tell the operating system to write protect the drive, the card reader may not pass on the write protect status. The sliding switch is not connected to anything on the card that would intelligently drop write commands: https://superuser.com/questions/354473/is-the-lock-mechanism-on-an-sd-card-hardware-firmware-or-software-driver-os and there is some evidence that newer card readers don't bother reporting it https://superuser.com/questions/1737227 – Mokubai Sep 15 '23 at 16:23
  • @Mokubai - I'm aware of that. I just thought it was one of those things that would be simple to test first, then ask if there are issues. Otherwise it becomes a 'please do my research for me' request. It's not something I'm ever going to be trying in the near future. I've 20 or so VMs on HD & they're slow enough to drive me insane. I move production VMs to SSD after testing. – Tetsujin Sep 15 '23 at 16:28
  • @Tetsujin , thank you for your earlier comments. There are community standards of prior work to be done before asking a question , and I thank you for policing them. I had to balance too-much-info-in-a-question and reveal-security-information-about-my-company against the wide variety of unconfirmable information I'd found prior via Googling. I wanted to be certain malware couldn't touch the next SD card and Mokubai 's comment made it clear that the SD card reader hardware makes no such guarantee. So, just another tool I can't rely on and can't afford to spend worry on. – MountainMan Oct 27 '23 at 12:54

0 Answers0