### LinuxCBT VBOX Edition ###
### LinuxCBT VBOX Edition ###
Features:
1.Tier-2 Hypervisor(虚拟层)
a.runs on existing OS instead of Tier-1(VMware ESXI) - which runs on bare-metal
2.Container (Hypervisor) for additional OSes
3.Runs on:Intel | AMD 32|64 bit platforms
4.Includes supports for:Intel PAE systems(64 bit) - supporting up to 46GB RAM
5.HOSTS - Supports common 32 | 64 bit HOST OSes - Windows | MacOSX | Linux | Solaris
6.GUSTS - Windows | Linux | BSD | Solaris
Note:Virtualization solutions include:HOSTs & GUESTs
7.64 bits HOST can be host both:32|64 bit GUESTS
8.32 bit HOST can host solely:32 bit GUESTS
Note:it is NOT recommend to have higher bit GUESTS in lower HOSTS,i.e,32 bit HOST with 64 bit GUEST
9.Multiple front-Ends - Symlinks to 'VBox.sh'
a.'VirtubBox' - GUI on HOST - requires graphical support on HOST
b.'VBoxManage' - cLI - requires NO GUI
c.'VBoxSDL' - Reduces GUI - requires fewer libraries
d.'VBoxHeadless' - Used to connect from client via VRDP(Enabled in this mode by default)
Note:Any standard RDP client(i.e,rdesktop) can be used to manage VBox environment
Note:This is a light GUI,that does NOT require X:i.e,'ubuntudexktop' packages on ubuntu systems
e.Third Custom Clients via APIs
10.<= 32 CPUs per GUESTS
11.RDP display of GUESTS of all OSes sans need for APP for GUEST
Note:This mode exports FULL STDOUT(console) of GUEST via RDP
12.Direct (out-of-band from GUEST) ISCSI support
Note:IF you have ISCSI storage on your network,your GUEST may access outside of HOST
Note:VBox operates as an ISCSI initiator on behalf of GUESTS
13.Snapshots - i.e,ability to rollback to point-of-time configuration
14.Multiscreen Displays - exports multiple screens from HOST
15.PXE boot for GUEST
16.ACPI support i.e,slow CPU,etc.
17.USB Support for GUESTS via 'vboxusers' group - members of this group may use usb devices in GUESTS
18.Works with | without hardware virtualization - i.e,Intel VT[X] | AMD-V
19.Portability of GUESTS - Easy moves to other VBox || other Hypervisor i.e,VMware,etc.
20.import of third-party GHESTS i.e,VMware,Parallels,etc.
21.UP to 8 NICs per GUEST using common drivers: AMD PCNET,Inet E1000(fastest),virtio(fastest && preferred)
Note:4 are manageable via GUI (virtualBox)
22.NIC Modes of Operation
a.Not attached - i.e,disconnected the Ethernet cable
b.NAT(slowest but most reliable) - Various limitations,i.e,ICMP,UDP broudcasts dropped,No CAE,<1024 port-forwarding fails
c.Bridged
d.Internal Networking - Restricted to specified GUESTS - NOT to HOST and outside
e.Host-only networking - Restricted to HOST and specified GUESTS
f.UDP -Tunneling Mode - allows communications between GUESTS of disparate HOSTS
23.Ability to limit 'transmission' bandwidth - Note:Receives are currently NOT limited
Note:bandwidth limitations are limited to : Transmits
24.Storage Access Options : Concepts | Management
Emulation provided for common controllers
a.ATA(default for CD-ROM) - up to 3 hard disks and 1 CD-ROM
b.SATA(Default drive controller) (faster than ATA) - up to 30 drives
c.SCSI (ISI Logic && Buslogic SCSI controllers supported) - up to 15 drives per controllers
d.SAS(ISI logic) - up to 8 devices currently
DISK Image files:i.e
a.VMOX(VMware)
b.VDI(default) (Virtual Box Image)
c.HDD(Parallels V2)
d.VHD(Microsoft)
e.QEMU
f.QCOW
Provisioned as either:
a.Fixed Size (reserves ALL storage up-front)
b.Dynamic allocated(groups according to usage up to MAX)
25.Disk(s) connected to HOST can be accessed by guest(s)
26.'Virtual Media Manager' - displays all media Managed by VBox across ALL GUESTS
27.Extensible,i.e,Guest Additions Extension Pack" - consult virtualbox.org
Note:"Guest Additions Pack" is licenced more restrictively then base package
28.Facilitates Rapid Prototyping of systems i.e,via cloning
29.Most operations are carried out in non-privileged mode:i.e,$USER=linuxcbt
30.Potential to improve the productivity of development due to less reliance on IT
31.In NAT mode,virtualbox functions as router,i.e,provision of RFC-1918 address space for GUEST(s)
Note:This means that Virtualbox also functions as a DHCP server
### VBox installation ###
Requirements:
1.Graphical & DMMS Kernel Support
Note:Our installation entails running VBOX within VMware,this can pose various issues,
a aptitude install libsdl1.2debian libqt4-gui libxcursor1 libxinerama1 libxmu6
b.'ubuntu-desktop' - ensure this is installed to provide X management,etc.
Note:Otherwise,you will have to use exported RDP(VRDP) or CLI management front-ends
Note:Dynamic Modules Support - used to ensure VBOX module are recompiled throughout the Kernel upgrade life cycle
Note:NAT mode simply translates,on the fly,requests (outbound > default) ,from 10.0.2.0/24 (Virtualbox RFC-1918 private Network) to our internal RFC-1918 192.168.75.0/24 subnet,then out for the other Nets,including,but not limited to the internet
Note:DHCP settings are inherited from HOST
Tasks:
1.Ensure Dependencies:
2.Download latest Offering from virtualbox.org
3.Confirm sums
4.Install
a.dpkg -i http://download.virtualbox.org/virtualbox/4.3.10/virtualbox-4.3_4.3.10-93012~Ubuntu~quantal_amd64.deb - FAILs due to lake of 64-bit support
Note:we are running ubuntu HOST within VMware,which reduces capabilities,resulting in lack of 64 bit support natively,as underlying hardware does NOT export either:AMD-V,or Intel-VIx hardware virtualization technologies
Note:This means we will opt for 32bit VBOX HOST
Note:This is NOT a problem,so long as GHESTS are 32-bit
Note:This mode provides Kernel PAE support,which provides up to 64GB of RAM
5.Confirm Installation
a.dpkg -l | egrep '(virtual|libsdl|libqt|dkms|libcursor|libinerama|libxmu6)'
b.'lsmod | grep vbox' - reveals kernel modules
c.'dpkg -L virtualbox-4.2' - enumerates contents of package
Note:Logs: '/var/log/vbox-install.log'
Note:If errors and post-installation-fixes,run:'/etc/init.d/vboxdrv setup' - reconfigure VBOX
### GUI Administration ###
Features:
1.Graphical interface
2.Runs across SSH(semi-headless setup) (requires X configuration on target)
i.e ssh -X TARGET - Exports X to local node
Tasks:
1.launch and Explore
a.'VirtualBox' - this is in the $PATH
b.'/home/username/VirtualBox VMs' - Default repository for GHESTS(virtual Hosts)
2.Provision 'linuxcbtguest1' - ubuntu server
a.define and allocate appropriate resources
Note:Ensure that installation media are available i.e removable || ISO image
b.Download i386 Image to local system
Note:This image handles PAE(32-bit)
Note:Hypervisors @ iter-2 will reserve 50% RAM for local OS | Hypervisor usage
Note:Disk allocation requires the selection of:
a.Dynamic Allocation (Thin-Provision)
b.Fixed Size(Thick Provision VMware)
Note:ideal virtualization solution for developers to quickly prototype target environment without the need for physical system access
Note:One implementation that may be ideal for developers is to:
a.provisioned a restricted VLAN with N number of IPs available
b.and N number of virtual box Hosts with ample:CPU,RAM,Storage,Network
c.ISO images for various target OSes(although,developers will download required ISOs)
Note:During provision of GUEST,witness '.MDI' file growth to reflect actual usage,after using 'Thin' || 'Dynamically Allocated' storage mechanism
Note:Same applies post-Installation
Note:'ssh -X' - introduces delays regarding keyboard | mouse captures with respect to virtualbox console
Note:Approach the provision of GUESTS as template nodes,which allows ultimate portability for rapid prototyping or dervlative nodes
Note:with this approach,the following need to be changed post-installation
a.IP configuration(address)
b.HOSTNAME
c.Possibly SSH HOST Keys '/etc/ssh'
Note:There is some performance overhead to using 'Thin|Dynamically Allocated' storages as opposed to up-front reservation 'Fixed Size | Thick'
Note:While GUEST is operable,there is limited changeability
3.Explore
a.Freeze state - dumps to 'snapshots/' DIR
b.unfreeze state - removes associated file(s) from the 'snapshots' directory
### remote desktop virtual hosts via RDP (VRDP|VRDE) ###
Features:
1.Forked virtual Hosting
2.Facilitates lights-out management
3.Does NOT require server to have GUI
4.guests run in the background,SANS GUI
5.Uses RDP transport,which is efficient
6:VRDP support is auto-enabled for GUEST management unless explicitly disabled '--vrde off'option
7.Optionally VRDP may be controlled per-VM,based on config of the VM - 'vrde onfig'
8.Various RDP AUTH methods
a.'null' - NO AUTH - anyone with RDP to server,may see console
Note:This is necessarily the worst configuration,as passerby may also see your console
b.'external' - uses HOSTS AUTH stack,i.e,PAM,Windows,MACOSx LDAP
c.'guest' - use GUEST AUTH stack - Guest Additions package
d.Third-party AUTH
9.Supports multiple simultaneous RDP connections to GUEST - optional per VM
Note:This is useful to allow multiple parties (developers,sys admins,marketing,sales,etc) to debug simultaneously
10.Supports standard RDP clients,i.e,rdesktop,mstsc and RDP for MacOSX
11.Each virtual machine GUEST must bind to a distinct port,i.e,3389,3390,3391,etc.
Note:Find a comfortable range to cover all managed nodes
Note:Once allocated,document the port allocations i.e 'visio','Nagios',text files etc
12.Connections to GUESTS(VMs) are made using IP address or HOST(not guestL) and port of GUEST
Note:the host functions as a proxy to the various guest(s) i.e,NAT
Tasks:
1.Start VM SANS Extension Pack
a.'VBoxHeadless -startvm <host|uuid' - start GUEST SANS RDP support
Note:IF GUEST name includes non-printing chars,use quotes to escape accordingly
Note:When 'VirtualBox' GUI launches,default GUESTs configuration have RDP disabled
Note:'VBoxHeadless' - assists in troubleshooting VM startup issues by dumping output to STDOUT ($SHELL window)
Note:'VBoxHeadless' does NOT auto-fork
Note:IF the console 'VBoxHeadless' instances are interupted,the VM GUEST will die
Note:This is why forking is better
Note:The same apply to the virtualbox GUI
b.'VBoxHeadless -startvm guest1' - starts SANS RDP support because extensions are NOT installed
b.'netstat -ntl | grep PORT i.e,3389' - on HOST to check RDP listener is available
Note:Now Instance is running in the background and we may close 'Virtualbox' but not 'VBoxHeadless'
Note:There are three ways to invocation
a.'VBoxHeadless -startvm <name|uuid>'
b.'VBoxManage startvm "VM Name" --type headless' - normal procedure - background (forks) VMs
c.VirtualBox - hold shift key while starting VM
Note:One caveat to 'null' AUTH is if you are logged in as privileged user,other connections may inherit those privileges i.e,'aptitude upgrade
### Virtual Box CLI - VBoxManage ###
Features:
1.$SHELL based management of ALL facets of VirtualBox ecosystem
2.Creation of new VMs 'createvm'
3.Register|unregister VMs
Tasks:
1.list VMs and related information:'VBosManage list'
a.'VBoxManage list VMs'
b.'VBoxManage list --long VMs' - akin to 'showinfo' option of 'VBoxManage'
c.'VBoxManage showvminfo vmname' - enumerates above options per indicated node
d.'running vms' - enumerates running VMs
VBoxManage list ostypes
2.Control VMs 'controlvm'
a.'VBoxManage controlvm vmname pause' - pause node at point-to-time
b.'resume' - un-pauses
c.'reset' - reboots immediately
d.'poweroff'
e.'vrde off'
e.'vrde on' - toggles VRDP services
f.'vrdeport 3390' - changes port to TCP:3390 on the fly
3.Create VM - 'createvm'
Note;without '--register' option,the GUEST is NOT auto-registered with HOST
a.'createvm --name server2 --ostype Ubuntu --register'
b.Create Storage controller and Drive
b1.'VBoxManage storagectl server2 --add sata --controller intelAHCI --booatable on -- name SATA'
b2.'VBoxManage createhd --filename server2_1 --size 8192'
Note:this will create a drive in your current directory
b3.'VBoxManage storageattach server2 --storagectl sata --port 0 --type hdd --medium ser2.vdi'
Note:Addition storage may exist anywhere on your network(ISCSI) or on our sysem
Note:Simply update XML file or VirtualBox GUI to reflect location of media
4.Modify VM - update Specs relates to VMs(GUESTS)
a.'VBoxManage mdifyvm server2 --memory 512 --cpus 2 --vrde on --vrdeport 3390 --vrdemulticon on'
### Clones | Snapshots ###
Features:
1.Rapid provision of consistent images
2.facilitates the generation and maintance of OS|Stack builds
a i.e,OS Release - ubuntu 12.04
b.i.e,Patch level - Spring 2013
3.Provisioned via 'VBoxManage clonevm|snapshot ' && GUI
4.Supports cloning from Snapshots
5.facilitates rollback support of OS | Stack build;
i.e,Developers have made a mistake and you(IT) need to rollback OS|Stack build to point-to-time
6.Snapshots are NOT full images of the VM,but rather differences reflecting a point to time
7.Storage requirements are typical minimal for Snapshots
8.Clones however requires duplicate storage unless linking to a snapshot
9.Supports '--mode all|machine|machineandchildren' - these mode dictate exactly what is cloned
10.Ability to handle MAC address '-options |keepallmacs|keepnatmacs' generate new(default)
Note:Sometimes,with migrations it is desirable to preserve original MAC address of source machine to reduce network L2 resolution issues
11.Ability to clone a specific snapshot:'--options link --snapshot NAME' - creates an instance of ou VM(clone) on a point-to-time
12.Cron Entry candidates
13.Cloning requires VM to be powered off
14.Snapshots auto-pause,briefly then resumes when invoked
Basic Uage:
a.'VBoxManage clonevm source --name NEW_NAME [--basefilder] --register'
Tasks:
1.Remove existing
a."VBoxManage controlvm server2 poweroff"
a."VBoxManage unregistervm server2" --delete
2.Clone existing GUEST(server2)
a.'VBoxManage clonevm server2 --basefolder ~/Virtual box/ --name server3 --register' clones 'current state'
Note:If you can't find your clone,console '~/.Virtualbox'
3.Generate Snapshots - Make changes - create VM from changed Snapshot
a.use GUI
b.Make Changes
dd if=/dev/zero of=100MB count=102400 bs=1024
c.Take snapshot
d.link new clone to snapshot
d1.'VBoxManage createvm server2 --basefolder ~/.VirtualBox --name server4 --register --options link --snapshot "Snampsort 2"'
e.Start VM
e1.'VBoxManage startvm vmname --type headless'
Note:As you instantiate VMs,ensure that distinct RDP ports are in-use to avoid console access conflicts