Experience using virtualization on VirtualBox
Level: beginners
A few years ago, I began to deal with the virus, and I got some sort of travel notes, which I have now designed and posted here. No revelations will not be here, the article is addressed to novice admins. The task that I solve here is to virtualize the existing non-virtual servers on Linux and FreeBSD.
')
The reasons are presented below:
VirtualBox can be installed on almost any OS, however, stable operation and all its features (for example, RDP connection to the guest console) are available only on Linux, so Debian Linux was chosen. For the VirtualBox itself, no special OS configuration is required; it is enough to allocate a separate section for storing guest disk images and installation disk images for a clean installation of guest systems.
However, managing VirtualBox through a Web interface (phpvirtualbox) requires a web server (selected Apache 2) and PHP 5. In Debian, the default configuration of PHP 5 and Apache 2 meets the requirements of phpvirtualbox, and you do not need to configure anything in a special way.
Description of server configuration for virtualok:
For Virtualbox, there is a free web-based interface implemented in PHP using the virtualbox remote control service integrated into virtualbox.
Install phpvirtualbox:
1. On the developer's site, we look at the latest version and download it to the server:
2. Unpack:
3. Configure:
4. Register the address of the server running VirtualBox for remote connections using the built-in VirtualBox RDP-plugin:
Attention! For successful connections on the server, incoming ports must be open, by default starting at 3389 (TCP), one port per guest system.
5. Configure the virtualbox web service, for which we create the /etc/vbox/vbox.cfg file with the following content:
6. Start the virtualbox web service, before you need to make sure that the file / srv / log / vboxwebservice is available for reading and writing to the user vbox:
phpvirtualbox is now available at virtbox.site/phpvirtualbox .
Creating a virtual machine through a web interface is fairly obvious, you need to click the New button in phpvirtualbox and follow the wizard instructions. Below is an empirically developed list of guest settings that is sufficient for the normal operation of the Linux and FreeBSD guest.
Managing virtual machines through the web interface is trivial, just select the desired machine in phpvirtualbox and select the desired action in the interface, such as Start, Stop (unconditional shutdown, sending a signal to press the power button, restart, save the state of the guest system with the ability to subsequently roll back its state and pausing the operation of the guest system, preserving its memory on the disk and the possibility of subsequently loading the memory from the disk and continuing to work).
By clicking on the guest system with the right button of the machine, operations of its settings, deletion, viewing logs, etc. are available.
Also worth noting is the ability to connect to the console of the guest system, which is similar to connecting a mouse and keyboard to a real machine. To do this, select the desired guest system, select the Console tab in phpvirtualbox, set the screen size (for text-based guest OS, 800x600 is enough), click Connect and click the remote connection client (in which the contents of the guest console are displayed). You can manage the guest system from the moment you turn it on.
To manage the guest system, VirtualBox uses the VBoxManage and VBoxHeadless utilities, a detailed description of which is available in the manual .
You need to run the commands from the vbox user, under which VrtualBox itself runs, if launched from another user or root, VirtualBox will not be able to find the virtual machine configuration files that are stored in the home directory of the Vbox user, and will generate an error.
To go under the user vbox need to say:
The shell must be specified explicitly, because the default for the vbox user is the shell / bin / false.
Below, for example, are commands for turning on, turning off, and working with disk images.
1. Starting a group of guest systems (you can make it automatic when you turn on and restart the server):
If you do not specify sleep 30, some machines may not start due to very intensive reading from the server's hard disk at startup and some guest systems will decide that they have an error reading from the hard disk.
2. Turn off the guest group (you can make it automatic when the server is turned on and restarted):
Almost all cars understand pressing the power button and can correctly complete.
3. Creating a fixed-size disk for the guest system:
4. Converting a disk image from VirtualBox format to a format understandable to other virtual machines:
You can connect to the virtual machine console through RDP. In Windows, open Start-> All Programs-> Standard-> Remote Desktop Connection and specify the address virtbox.test and the port associated with a specific guest system, which can be viewed in phpvirtualbox. For ease of use in the connection settings, you can specify the screen resolution of 1024x768, then the connecting window will not occupy the entire screen and intercept system keyboard shortcuts, such as Alt + Tab.
Important note: it is possible to simultaneously connect to the same guest system multiple users. At the same time, everyone sees the same thing, and all actions performed by someone are visible to others who have connected. To enable this setting, you need to set the Allow Multiple Connections checkbox in the Display section of the Remote Display tab in the virtual machine settings in phpvirtualbox.
Snapshots provide the ability to save the state of the guest systems and return to this state on demand. What does this mean in practice?
To create a snapshot via phpvirtualbox you need:
The cloning and recovery procedures are shown on the example of the test1 server on which Debian Linux is installed (any version starting from 5 Lenny exactly). Suppose we have three partitions with three file systems:
First you need to install the dump:
Further, to create a dump of a cloning server on Debian, you need to give the following commands from the superuser (root) or using sudo (how to avoid dumping, think for yourself):
Here:
The resulting files need to transfer to the server with VirtualBox.
The cloning and recovery procedures are shown on the example of the test1 server on which FreeBSD is installed (any version starting with 6 exactly). Suppose we have three partitions with three file systems:
To create a dump of a cloned server on FreeBSD, you need to be from the superuser (root) or use the sudo command to give the following commands (again I remind you about dumping dumps):
Here:
Anaglogino, the received files need to be transferred to the server with VirtualBox.
1. You need to make a virtual machine, attach a disk and a bootable Debian LiveCD to it.
2. Then you need to mount the resulting partition, conceive dumps on it, deploy them:
3. Install the bootloader:
4. Amend UUID in
5. Verify that the /
6. Check
7. If a console was enabled on the server being restored, then remove a line similar to the following from
Created dumps need to be deployed on a disk image allocated for the guest system. Currently, support for the UFS file systems used in FreeBSD is limited, so a FreeBSD virtual machine is created for deploying the dumps, a section for storing the dumps is connected to it, to which dumps are sent from the cloned servers using scp. Then a dedicated disk image is attached to this machine, the FreeBSD file system is created on this image, and the resulting dump is deployed.
Further, it is assumed that the tmp partition is mounted on / mnt, the disk image for the guest OS is marked up under two slices, the first of which is mounted on mnt1, and the second is swaped and not mounted. Then you can deploy the dump as follows:
Here && is needed so that the next command will be executed only if the previous one is completed successfully, and thus situations are excluded where, for example, the var directory will not be created, the transition to it will not be realized and the dump will not be deployed there, because The dump is expanded relative to the current directory.
Before loading, the guest OS needs to be reconfigured to work in a virtual machine. The number of actions required is usually minimal and boils down to the following:
1. Being in the mnt1 directory (see above), we delete bootloader configuration files. This is especially true if we are virtualizing some kind of production server in order to prevent the COM port from being used as the default console, which causes the boot loader to freeze.
2. Replace the contents of the
It is assumed that the disk image of the guest OS is divided into 2 slices, the first of which is given for data storage and the second under the swap.
3. If necessary, tell the cloned system about the need to load the kernel module to work with the emulated network card, for which you need to
4. Specify the assigned IP address for the cloned system, for which you need to comment out the current network adapter settings in
6. If the cloned server is allocated an outside-visible IP address, then you need to delete its settings that are responsible for its interaction with other servers. Attention! The cloned server has all the settings of the present, so it is theoretically possible that if the settings are not deleted, then the cloned server will interfere with the operation of the combat system. The main place to check on FreeBSD-based servers is in
7. Shut down FreeBSD, which was used to deploy the dump, and load the guest system with a server clone. In case of problems during the boot process, it is possible that the kernel on the system was rebuilt with the changed configuration, this can be fixed by telling the bootloader to load the default kernel, which I hope you saved in the system during the reassembly:
To return these commands, you need to turn on the guest system, connect to it via RDP and wait for the message to appear on the screen that you can press Enter to specify options for the loader.
8. Add a user for ssh access by logging into the cloned server via RDP:
Here, the
Inside VirtualBox, you can create completely isolated virtual networks. What opportunities does it provide?
Minimize the need to reconfigure cloned servers
Creating a test environment for testing the interaction between servers
To create a virtual network, in phpvirtualbox, go to the properties of the guest system, go to the Network section, select the Internal Network option in the “Attached to” field, and select the required virtual network in the “Name” drop-down list. What difficulties may arise?
You need to create a new virtual network, and there is no such option in the interface. There are two possible solutions:
Try to write the name of the new virtual network directly in the drop-down list "Name". However, in this case an error may occur.
Then you need to bind the guest's network adapter to the virtual network via the CLI:
Here
nic1 is the network adapter of the guest system, where 1 is its sequence number. The number of adapters in the guest system is unlimited.
intnet is a virtual network, the name can be anything. The feature of VirtualBox is that it is not necessary to specifically create virtual networks, it is enough to specify the same virtual network to several guest systems and they will be connected to the (emulated) physical layer automatically, which is similar to connecting several real computers to one switch (switch) .
For more information, see section 8.7.2 Networking Setting User Guide.
The RDP server runs on a physical server, so to connect to any virtual machine rightly written in the section Management via the web interface of this article.
It is possible to create a virtual network card in the guest system with a connection through NAT (implemented automatically by VirtualBox) and forward (display) an arbitrary port of the guest system to the port of the VirtualBox server. In order to do this via phpvirtualbox, you need to:
1. Go to the properties of the guest system, go to the “Network” section, select the “NAT” option in the “Attached to” field
2. Expand the options hidden in the “Advanced” section of the same section and click the Port Forwarding button there.
3. In the “Port Forwarding Rules” window that opens, specify the following parameters:
4. The desired protocol by clicking the mouse on the naming "TCP" in the field "Protocol"
5. Enter the free port on the VirtualBox server in the “Host Port” field
6. Specify the guest port in the field “Guest Port”.
Nothing more is needed. After applying the settings, the guest port will be immediately (without rebooting) accessible via the corresponding port of the VirtualBox server. As an example, in the case of forwarding the ssh port (22 TCP) of the guest system to the 2200 port of VirtualBox, you need to specify the following parameters:
The number of displayed ports is not limited, you can display as much as you need.
In the case of creating a group of interacting guests in VirtualBox without external addresses, it makes sense to install another guest system that will play the role of a router. What goals are achieved with this?
The configuration of network adapters cloned by the server can not be changed. At the same time, the virtual router creates visibility for other guest systems that they are real and use their real host names and IP addresses.
For guest systems that do not have any external addresses or the port forwarding capability described above, which only works if the VirtualBox NAT option is used, direct ssh access is possible.
Creating a virtual router consists of the following steps:
After that, you can forward ports from the virtual router to the guest systems without external addresses. In the case of Linux with iptables, for forwarding incoming connections from port 2200 of TCP protocol of virtual router to port 22 (TCP) of a guest system without an external address with internal address 192.168.0.2, the following rule is sufficient:
It is assumed that the virtual router is configured correctly and has a network adapter configured to work with the virtual subnet in which the guest system is located with the address 192.168.0.2
ssh ssh- 2200. scp .
Experience using virtualization on VirtualBox
Introduction
A few years ago, I began to deal with the virus, and I got some sort of travel notes, which I have now designed and posted here. No revelations will not be here, the article is addressed to novice admins. The task that I solve here is to virtualize the existing non-virtual servers on Linux and FreeBSD.
')
The reasons why I chose VirtualBox
The reasons are presented below:
- Ease of use
- Excellent guide detailing all aspects of VirtualBox
- Availability of excellent graphical, console and web-based interface
- The ability to provide access to the guest OS console about the RDP protocol
- The convenience of use
Reasons for which I would not choose it now
- The lack of good web-mord. The existing web-interface, despite the fact that it allows you to perform most of the required actions with virtual machines (creation, snapshots, deletion, creation of virtual networks), and is implemented very well, has the following limitations:
- Does not allow assigning rights to virtual machines (providing access by developers on the list only to their machines)
- Does not allow you to manage multiple physical servers from one control panel
- Does not display server load statistics
- Written by third-party developers who are not related to VirtualBox, in their free time, because of what causes the possibility of termination of its development.
- Slower work with a large number of running virtual machines compared to KVM.
- License disclaimer
OS preparation for working with virtual machines
VirtualBox can be installed on almost any OS, however, stable operation and all its features (for example, RDP connection to the guest console) are available only on Linux, so Debian Linux was chosen. For the VirtualBox itself, no special OS configuration is required; it is enough to allocate a separate section for storing guest disk images and installation disk images for a clean installation of guest systems.
However, managing VirtualBox through a Web interface (phpvirtualbox) requires a web server (selected Apache 2) and PHP 5. In Debian, the default configuration of PHP 5 and Apache 2 meets the requirements of phpvirtualbox, and you do not need to configure anything in a special way.
Description of server configuration for virtualok:
- The server is named virtbox.site and the address is 10.0.0.7 (by the way, look for why you shouldn't use .local)
- The partition for storing guest OS images is created on a separate hard disk and mounted in / srv / vdi
- Apache 2 and PHP 5 packages are installed: virtbox # apt-get install apache2 php5
Install phpvirtualbox
For Virtualbox, there is a free web-based interface implemented in PHP using the virtualbox remote control service integrated into virtualbox.
Install phpvirtualbox:
1. On the developer's site, we look at the latest version and download it to the server:
virtbox# cd /var/www && wget phpvirtualbox.googlecode.com/files/phpvirtualbox-4.1-7.zip2. Unpack:
virtbox# unzip phpvirtualbox-4.1-7.zip3. Configure:
virtbox# cd phpvirtualbox-4.1-7.zip && cp config.php-example config.php && vim config.php4. Register the address of the server running VirtualBox for remote connections using the built-in VirtualBox RDP-plugin:
var $consoleHost = '10.0.0.7';Attention! For successful connections on the server, incoming ports must be open, by default starting at 3389 (TCP), one port per guest system.
5. Configure the virtualbox web service, for which we create the /etc/vbox/vbox.cfg file with the following content:
VBOXWEB_USER='vbox'
VBOXWEB_HOST=127.0.0.1
VBOXWEB_LOGFILE=/srv/log/vboxwebservice6. Start the virtualbox web service, before you need to make sure that the file / srv / log / vboxwebservice is available for reading and writing to the user vbox:
/etc/init.d/vboxweb-service start.phpvirtualbox is now available at virtbox.site/phpvirtualbox .
Creating virtual machines
Creating a virtual machine through a web interface is fairly obvious, you need to click the New button in phpvirtualbox and follow the wizard instructions. Below is an empirically developed list of guest settings that is sufficient for the normal operation of the Linux and FreeBSD guest.
- System
- Base Memory: 512 MB
- Processor (s): 1
- Enable PAE / NX: NO - emulation of support for working with more than 4 GB of memory for 32-bit systems is usually not needed
- Chipset: PIIX3 - the manual does not say anything about the dependence of speed on the type of emulated chipset, so we choose the default
- Extended features
- Enable IO APIC - some cloned servers will not work without APIC emulation enabled
- Hardware clock in UTC time - as a rule, guest systems expect system time in UTC format, and this option is responsible for transmitting the guest OS time in UTC, and not in the local time of the server.
- Display: 2 MB - the minimum possible value, if you set this value to 1 MB, rdp connections will not work. When creating new machines, you can leave the default value offered by phpvirtualbox.
- Storage: where you need to create a disk image
- Network
- Debian: Virtio - Debian with the help of guest extensions can understand that it works in a virtual machine, and use a virtual network card, which gives a very big performance gain
- FreeBSD: Intep PRO / 1000 MT Server network card - there is no guest network card driver for FreeBSD, so we choose the emulation of the fastest card available. In FreeBSD, the device is called em0.
- Serial ports: Disabled
- USB: Disabled
- Shared Folders: None - the ability of VirtualBox to provide access to the guest system to the host system files is usually not needed, it is easier to use scp or sftp
Virtual Machine Management
Web Based Management
Managing virtual machines through the web interface is trivial, just select the desired machine in phpvirtualbox and select the desired action in the interface, such as Start, Stop (unconditional shutdown, sending a signal to press the power button, restart, save the state of the guest system with the ability to subsequently roll back its state and pausing the operation of the guest system, preserving its memory on the disk and the possibility of subsequently loading the memory from the disk and continuing to work).
By clicking on the guest system with the right button of the machine, operations of its settings, deletion, viewing logs, etc. are available.
Also worth noting is the ability to connect to the console of the guest system, which is similar to connecting a mouse and keyboard to a real machine. To do this, select the desired guest system, select the Console tab in phpvirtualbox, set the screen size (for text-based guest OS, 800x600 is enough), click Connect and click the remote connection client (in which the contents of the guest console are displayed). You can manage the guest system from the moment you turn it on.
Management through the console
To manage the guest system, VirtualBox uses the VBoxManage and VBoxHeadless utilities, a detailed description of which is available in the manual .
You need to run the commands from the vbox user, under which VrtualBox itself runs, if launched from another user or root, VirtualBox will not be able to find the virtual machine configuration files that are stored in the home directory of the Vbox user, and will generate an error.
To go under the user vbox need to say:
su -s /bin/bash vboxThe shell must be specified explicitly, because the default for the vbox user is the shell / bin / false.
Below, for example, are commands for turning on, turning off, and working with disk images.
1. Starting a group of guest systems (you can make it automatic when you turn on and restart the server):
for M in test1 test2 test3 ; do VBoxManage startvm $M --type=headless ; sleep 30 ; doneIf you do not specify sleep 30, some machines may not start due to very intensive reading from the server's hard disk at startup and some guest systems will decide that they have an error reading from the hard disk.
2. Turn off the guest group (you can make it automatic when the server is turned on and restarted):
for M in test1 test2 test3 ; do VBoxManage controlvm $M acpipowerbutton ; sleep 30 ; doneAlmost all cars understand pressing the power button and can correctly complete.
3. Creating a fixed-size disk for the guest system:
VBoxManage createhd --variant Fixed --size 20000 --format vdi --filename test4. Converting a disk image from VirtualBox format to a format understandable to other virtual machines:
VBoxManage internalcommands converttoraw test1.vdi test1.rawConnection via RDP
You can connect to the virtual machine console through RDP. In Windows, open Start-> All Programs-> Standard-> Remote Desktop Connection and specify the address virtbox.test and the port associated with a specific guest system, which can be viewed in phpvirtualbox. For ease of use in the connection settings, you can specify the screen resolution of 1024x768, then the connecting window will not occupy the entire screen and intercept system keyboard shortcuts, such as Alt + Tab.
Important note: it is possible to simultaneously connect to the same guest system multiple users. At the same time, everyone sees the same thing, and all actions performed by someone are visible to others who have connected. To enable this setting, you need to set the Allow Multiple Connections checkbox in the Display section of the Remote Display tab in the virtual machine settings in phpvirtualbox.
Creating guest snapshots
Snapshots provide the ability to save the state of the guest systems and return to this state on demand. What does this mean in practice?
- You can try various database queries on the guest system with the ability to restore the initial system after each request.
- You can try various configurations of the interaction of services on the guest system without the need to manually roll back changes in many configuration files in case of receiving a non-working system
- And finally, it is sometimes a convenient backup tool that allows you to take a complete snapshot of the working machine and restore it completely in a minimal amount of administrative actions. Attention! Do not do this with production machines.
To create a snapshot via phpvirtualbox you need:
- Select the guest system with which to take a picture
- Go to the Snapshots tab
- Press the “Take Snapshot” button (with a camera image)
- Enter snapshot name and comment
- Select the guest system with which to take a picture
- Turn off the guest system by clicking “Stop”> “Power Off”
- Go to the Snapshots tab
- Select a snapshot to restore
- Click the “Restore Snapshot” button (with a computer with an up arrow)
Create dump
Debian linux
The cloning and recovery procedures are shown on the example of the test1 server on which Debian Linux is installed (any version starting from 5 Lenny exactly). Suppose we have three partitions with three file systems:
/, /var, /usrFirst you need to install the dump:
aptitude install dumpFurther, to create a dump of a cloning server on Debian, you need to give the following commands from the superuser (root) or using sudo (how to avoid dumping, think for yourself):
dump 0af test1.root /
dump 0af test1.var /var
dump 0af test1.usr /usrHere:
0 -- 0
a -- ,
L -- , , , , . Linux .
f -- .
The resulting files need to transfer to the server with VirtualBox.
Freebsd
The cloning and recovery procedures are shown on the example of the test1 server on which FreeBSD is installed (any version starting with 6 exactly). Suppose we have three partitions with three file systems:
/, /var, /usrTo create a dump of a cloned server on FreeBSD, you need to be from the superuser (root) or use the sudo command to give the following commands (again I remind you about dumping dumps):
dump 0aLf test1.root /
dump 0aLf test1.var /var
dump 0aLf test1.usr /usrHere:
0 -- 0
a -- ,
f -- .
Anaglogino, the received files need to be transferred to the server with VirtualBox.
Deploy Dump
Debian linux
1. You need to make a virtual machine, attach a disk and a bootable Debian LiveCD to it.
2. Then you need to mount the resulting partition, conceive dumps on it, deploy them:
cd /mnt1 && restore -rf /mnt/test1.root && cd usr && restore -rf /mnt/test1.usr &&
cd ../var && restore -rf /mnt/test1.var3. Install the bootloader:
grub-install /dev/sda1 .4. Amend UUID in
/etc/fstab5. Verify that the /
/boot/grub/grub.cfg correctly identifies the UUID of the partitions:search --no-floppy --fs-uuid --set df7f92ba-2877-4b39-8805-966cf9ab52f3
linux /boot/vmlinuz-2.6.32-5-amd64 root=UUID=df7f92ba-2877-4b39-8805-966cf9ab52f3 ro quiet6. Check
/var/spool/cron/crontabs, /etc/crontab and disable what is unnecessary.7. If a console was enabled on the server being restored, then remove a line similar to the following from
/etc/inittab :T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100 , and from /etc/default/grub like this:GRUB_TERMINAL=console (just comment out).Freebsd
Created dumps need to be deployed on a disk image allocated for the guest system. Currently, support for the UFS file systems used in FreeBSD is limited, so a FreeBSD virtual machine is created for deploying the dumps, a section for storing the dumps is connected to it, to which dumps are sent from the cloned servers using scp. Then a dedicated disk image is attached to this machine, the FreeBSD file system is created on this image, and the resulting dump is deployed.
Further, it is assumed that the tmp partition is mounted on / mnt, the disk image for the guest OS is marked up under two slices, the first of which is mounted on mnt1, and the second is swaped and not mounted. Then you can deploy the dump as follows:
cd /mnt1 && restore -rf /mnt/test1.root && cd usr && restore -rf /mnt/test1.usr &&
cd ../var && restore -rf /mnt/test1.varHere && is needed so that the next command will be executed only if the previous one is completed successfully, and thus situations are excluded where, for example, the var directory will not be created, the transition to it will not be realized and the dump will not be deployed there, because The dump is expanded relative to the current directory.
Necessary changes in the configuration of the guest OS of the cloned server
Before loading, the guest OS needs to be reconfigured to work in a virtual machine. The number of actions required is usually minimal and boils down to the following:
1. Being in the mnt1 directory (see above), we delete bootloader configuration files. This is especially true if we are virtualizing some kind of production server in order to prevent the COM port from being used as the default console, which causes the boot loader to freeze.
rm /mnt1/boot.config
rm /mnt1/boot/device.hints
2. Replace the contents of the
/mnt1/etc/fstab following:/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 2 2
It is assumed that the disk image of the guest OS is divided into 2 slices, the first of which is given for data storage and the second under the swap.
3. If necessary, tell the cloned system about the need to load the kernel module to work with the emulated network card, for which you need to
/boot/loader.conf if_em_load="YES" in the /boot/loader.conf if_em_load="YES" file4. Specify the assigned IP address for the cloned system, for which you need to comment out the current network adapter settings in
/etc/rc.conf and add a new line of the following type:ifconfig_em0="inet 10.0.0.8/24"6. If the cloned server is allocated an outside-visible IP address, then you need to delete its settings that are responsible for its interaction with other servers. Attention! The cloned server has all the settings of the present, so it is theoretically possible that if the settings are not deleted, then the cloned server will interfere with the operation of the combat system. The main place to check on FreeBSD-based servers is in
/var/cron/tabs/ .7. Shut down FreeBSD, which was used to deploy the dump, and load the guest system with a server clone. In case of problems during the boot process, it is possible that the kernel on the system was rebuilt with the changed configuration, this can be fixed by telling the bootloader to load the default kernel, which I hope you saved in the system during the reassembly:
unload
load boot/kernel.GENERIC/kernel
bootTo return these commands, you need to turn on the guest system, connect to it via RDP and wait for the message to appear on the screen that you can press Enter to specify options for the loader.
8. Add a user for ssh access by logging into the cloned server via RDP:
pw user add username -g wheel && passwd usernameHere, the
-g wheel option adds a user to the wheel group, whose members in FreeBSD have the right to do sudo and su.Creation of virtual networks
Inside VirtualBox, you can create completely isolated virtual networks. What opportunities does it provide?
Minimize the need to reconfigure cloned servers
Creating a test environment for testing the interaction between servers
Creating a virtual network
To create a virtual network, in phpvirtualbox, go to the properties of the guest system, go to the Network section, select the Internal Network option in the “Attached to” field, and select the required virtual network in the “Name” drop-down list. What difficulties may arise?
You need to create a new virtual network, and there is no such option in the interface. There are two possible solutions:
Try to write the name of the new virtual network directly in the drop-down list "Name". However, in this case an error may occur.
Then you need to bind the guest's network adapter to the virtual network via the CLI:
sudo su -s /bin/bash vbox
VBoxManage modifyvm test1 --nic1 intnetHere
nic1 is the network adapter of the guest system, where 1 is its sequence number. The number of adapters in the guest system is unlimited.
intnet is a virtual network, the name can be anything. The feature of VirtualBox is that it is not necessary to specifically create virtual networks, it is enough to specify the same virtual network to several guest systems and they will be connected to the (emulated) physical layer automatically, which is similar to connecting several real computers to one switch (switch) .
For more information, see section 8.7.2 Networking Setting User Guide.
Manage inaccessible outside machines in the virtual network
RDP access
The RDP server runs on a physical server, so to connect to any virtual machine rightly written in the section Management via the web interface of this article.
Port forwarding
It is possible to create a virtual network card in the guest system with a connection through NAT (implemented automatically by VirtualBox) and forward (display) an arbitrary port of the guest system to the port of the VirtualBox server. In order to do this via phpvirtualbox, you need to:
1. Go to the properties of the guest system, go to the “Network” section, select the “NAT” option in the “Attached to” field
2. Expand the options hidden in the “Advanced” section of the same section and click the Port Forwarding button there.
3. In the “Port Forwarding Rules” window that opens, specify the following parameters:
4. The desired protocol by clicking the mouse on the naming "TCP" in the field "Protocol"
5. Enter the free port on the VirtualBox server in the “Host Port” field
6. Specify the guest port in the field “Guest Port”.
Nothing more is needed. After applying the settings, the guest port will be immediately (without rebooting) accessible via the corresponding port of the VirtualBox server. As an example, in the case of forwarding the ssh port (22 TCP) of the guest system to the 2200 port of VirtualBox, you need to specify the following parameters:
Name ssh ( )
Protocol TCP
Host IP
Host Port 2200
Guest Port 22
Guest IP
The number of displayed ports is not limited, you can display as much as you need.
Virtual router
In the case of creating a group of interacting guests in VirtualBox without external addresses, it makes sense to install another guest system that will play the role of a router. What goals are achieved with this?
The configuration of network adapters cloned by the server can not be changed. At the same time, the virtual router creates visibility for other guest systems that they are real and use their real host names and IP addresses.
For guest systems that do not have any external addresses or the port forwarding capability described above, which only works if the VirtualBox NAT option is used, direct ssh access is possible.
Creating a virtual router consists of the following steps:
- Creating a guest system
- Installing any guest OS that can play the role of a router, for example, Debian Linux or FreeBSD
- Entering the guest system into the virtual network as described above.
- Configure the guest system to perform router functions
- Connection to the guest system of the second virtual network adapter in bridge mode with the VirtualBox server network adapter
After that, you can forward ports from the virtual router to the guest systems without external addresses. In the case of Linux with iptables, for forwarding incoming connections from port 2200 of TCP protocol of virtual router to port 22 (TCP) of a guest system without an external address with internal address 192.168.0.2, the following rule is sufficient:
iptables -t nat -A ROUTING -p tcp -i eth0 --dport 2200 -j DNAT --to-destination 192.168.0.2:22It is assumed that the virtual router is configured correctly and has a network adapter configured to work with the virtual subnet in which the guest system is located with the address 192.168.0.2
SSH access
ssh ssh- 2200. scp .
Source: https://habr.com/ru/post/142963/
All Articles