As much as I like containers, I’m thinking maybe a bunch of qemu VMs, backed by thin provisioned qcow2 images.
Write a shell script to start a vm, and run it once per student.
Enabling KSM on the host should help reduce memory pressure somewhat.
Additionally, you could have common shares using virtio-9p - for example for home dirs for both root and user accounts (making ssh keys easy to provision, and bash history easy to inspect)
If you need regular (e.g. every minute snapshots that don’t break filesystems or databases), lookup snapshot_blkdev qemu command . If things get really pear shaped (sudo rm -rf /) you can turn off the VM, locate a bash history timestamp where that happened, make a copy of a previous snapshot file, and start a VM using that file as a main block device.
The above approach doesn’t require root on your own host system to be able to operate (past the initial setup). The approach is also fairly portable, you don’t have to host the 8 VMs on your laptop, or you can perhaps start on your laptop, and then simply copy all the files to a different machine and hold future classes there.
But yeah, as i said above, in this case, when trying to teach - attempting to babysit 6+ screens and do that at the same time isn’t going to catch much.
So … don’t do that, just nuke and pave as you said
edit:
also, fast creation/destruction/repair should be a thing anyway. end of class? nuke and rebuild. extra student shows up? spin up a clone
It’ll also give OP some experience with containers. I really enjoyed learning how to use Docker, when I first got into it. Even though I hated the concept of not using a full-fat VM.
ZFS snapshots do make for an easy restore, though there can be serious complications in regards to taking snapshots on a running vm (or database), and then trying to bring it back up. It’ll faithfully save everything written to the disk, but can’t and won’t know about that the vm was doing. For example, if a snapshot is taken during an system update, reverting to that snapshot will cheerfully and faithfully present the partially finished data, which may flat out not work.
I’m not familiar with the best way to deal with this, so things like:
When I did a Linux class for work I required everyone to bring their own laptop and have them a vm to load before they arrived. Is this something you could do?
The snapshot_blkdev works the same effect as zfs, btrfs or lvm snapshots. The state of the snapshot is as if you’ve cut power to storage.
As long as the filesystem and/or database sitting on top of it is configured correctly/and supports logging and journalling at worst you might end up with corrupted data that was in flight that might need to get cleaned up or transactions rolled back.
With all of these this is where data=ordered and similar filesystem options come into play.
Why don’t you make some VMs on a Proxmox or XCP-ng server or even on your Linux box (if it’s got enough power for 8 VMs) using Virt-Manager, make the disks qcow2 and have a snapshot on each of them before class starts? Remote could be done via VNC, so you can also monitor their screens and if they do manage to break something, you just revert to the previous snapshot, start the VM and they’re good to go. Sure, they probably won’t recover their work to that point, so you’ll probably want a local FTP or Samba server where they only have access to their designated folders (so they don’t delete somebody else’s work).
You could even log to a central syslog server. Easy to bypass if you intend to use it to audit a secure system, but for your use case it would likely fit the bill perfectly.
You could just install proxmox in virtualbox on your laptop, and use ZFS on that VM. Give everyone their own container and snapshot it every X minutes. 4 GB of ram would be plenty for such a thing, given they’re going to run only light tasks 256 MB of ram for each container should be sufficient.
