www.fridu.net

  • Increase font size
  • Default font size
  • Decrease font size

Virtualbox network remote access

Friday, 21 November 2008 08:31 Fulup Ar Foll
Print

While Virtuabox is mostly used as a GUI frontend to run either Windows from Linux, or Linux from Windows, with network access going from VBOX to internet, nothing enforce this behaviour. Virtualbox is a very complete virtualization tool, that can be used in a complete remote environment. Furthermore VBOX includes in its standard distribution, every necessary components to implement a fully virtualized remote hosted environment. This paper explains how to setup VBOX on a remote server [development or internet hosted] and how to expose network applications [ex: apache, tomcat, mysql, ...] hosted within those virtual machines to the external world.

Installation of VirtualBox

Virtualbox is quite easy to install [this not the goal of this post], binary packages are available for most Linux distributions for free from (here).
Warning: if you download from Sun official VirtualBox repository, you MAY need to install manually kernel-header to recompile needed module driver, as VBOX dependencies miss it .

For Debian/Ubuntu:

  •  apt-get install linux-headers-`uname -r` build-essential
  • wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc -O- | sudo apt-key add
  • apt-get install virtualbox
  • apt-get install bridge-utils   ;# needed for bridging interfaces

OpenSuSE-11

  • download directly drivers from build-service (here)
  • install virtuaserver from (sun) or directly from opensuse build-service.
  • zypper install bridge-utils  ;# needed for network bridging

Manual configuration of a guest via SSH

Step by step operation

I do not recommend you to make this manually, but in case of problem, you may have to know what automatic script does.

  1. Connect on to remote server via SSH [ssh This e-mail address is being protected from spambots. You need JavaScript enabled to view it ]
  2. Create a network bridge [brctl  addbr vbox-br]
  3. Create a TUN network NIC [ VBoxTunctl -t vbox-1 -u $USER; ifconfig vbox-1 up]
  4. Add Tun into network bridge [brctl addif vbox-br vbox-]
  5. Create VBOX virtual machine [VBoxManage createvm -name "vbox-one" -register]
  6. Update VBOX configuration [VBoxManage modifyvm "vbox-one" -memory "2556MB" -acpi "on" -boot1 "dvd" -usb off -hostifdev1 vbox-1]
  7. Create VDI disk image [VBoxManage createvdi -filename "/var/virtualbox/vbox-one.vdi" -size 1000 -register]
  8. Attach VDI disk to virtual machine [VBoxManage modifyvm "vbox-one" -hda "/var/virtualbox/vbox-one.vdi"]
  9. Download a minimal ISO distribution [cd /space/iso; wget http://www.fridu.org/download/mktinylinux/httpd-sshd-qwerty.iso]
  10. Register ISO image as VBOX DVD [VBoxManage registerimage dvd /space/iso/httpd-sshd-qwerty.iso]]
  11. Attach ISO DVD to VBOX [VBoxManage modifyvm "vbox-one" -dvd /space/iso/httpd-sshd-qwerty.iso]
  12. Start VBOX [VBoxHeadless -startvm "vbox-one"]

Automated configuration of a guest via SSH

This is probably what you want. VBoxRemoteInstall.sh is a small script, that does automatically every step explain before, It allow you to create, install and configure a VirtualBox guest OS, in a mater of seconds. In most situation 3 parameters are enough: vboxname, nicname and iso image.

Download VBoxRemoteInstall from (here)

Syntax:    ./VBoxRemoteInstall.sh vbox=vbox-one nic=vbox-1 bridge="vbox-br" [options]

  options:
  • localstore="/var/virtualbox"                                        ;# where to install vbox virtual disk
  • template=your-prefered-distrib.iso                              ;# your prefere distribution ISO installation file
  • templatedir="/space/virtualbox/template"                   ;# where to find your distribution template
  • repository="http://cdimage.ubuntu.com/jeos/releases/8.04.1/release"
  • bridge="vbox-br"                                                        ;# ethernet bridge name
  • memory=256                                                              ;# ram dedicate to vbox in MB
  • nictype=82540EM                                                     ;# ethernet NIC emulator default=e100
  • disksize=1000                                                           ;# dvirtual isk size in MB
  • debug=0|1

Example:

  • ./VBoxRemoteInstall.sh  config=linux-tiny.conf        vbox=vbox-tiny   nic=vbox-1   keyboard=qwerty|azerty
  • ./VBoxRemoteInstall.sh config=ubuntu-jeos.conf   vbox=vbox-jeos  nic=vbox-2
  • ./VBoxRemoteInstall.sh config=solaris-mila.conf    vbox=vbox-mila  nic=vbox-1
  • ./VBoxRemoteInstall.sh vbox=vbox-qwerty nic=vbox-99 bridge=vbox-br verbose=1 repository=http://www.fridu.org/download/mktinylinux template=httpd-sshd-qwerty.iso
Note: sample distributions have been selected to be small enough to allow quick tests, feel free to use your own preferred ISO distribution. Tiny-Linux is an 8MB skimmed version of OpenSuSE-11 that only supports ssh+http services, it should be more than enough to test your network configuration (less than 30s to install). Jeos is an Ubuntu distribution tailor for virtualization and Milax is the smallest distribution of OpenSolaris I found, both are around 100MB in size, and while they are still very fast to install, they are nevertheless real operating system that support standard package management, and thus can be used in production.

Host local network configuration

Bridge configuration on the host

To keep configuratin simple, we bridge all virtualbox instances on the same network bridge. 

  • brctl addbr vbox-br                                                                         ;# create a network bridge
  • VBoxTunctl -u $USER  -t vbox-?                                                 ;# create a tun device for each vbox
  • brctl addif vbox-r  vbox-?                                                               ;# add newly created tun in our bridge
  • ifconfig 10.0.0.99 netmask 255.255.255.0 vbox-br                  ;# provide a valid adress to our bridge
Note: when using VBoxRemoteInstall.sh bridge and tun are created and configure automatically, the only manual thing remaining is to provide an ip address to the bridge with ifconfig.

DHCP server on the host

While this is not mandatory, it will make your like much more simple. I recommend to use "dnsmasq" , a small network utility that is provided with every single distribtion. Install is with ("apt-get install dnsmasq", "zypper install dnsmasq", ...) When installed rename original config file and create a new "/etc/dnsmasq.conf" with something like:

 #
 # Minimal dnsmasq config to support VirtualBox
 # -----------------------------------------------------------------------------------

 # only wait on vbox-bridge
 bind-interfaces
 interface=vbox-br
 
# search domain list (OpenSolaris won't update resolv.conf if not search is provided, M$ ignores it !!!)
dhcp-option=option:domain-search,eng.apple.com
 
# this is our virtual machines DHCP range
dhcp-range=10.0.0.100,10.0.0.150,255.255.255.0,72h

# we may want to force some VMs
   dhcp-host=11:22:33:44:55:66,10.0.0.51

 

start dnsmasq "/etc/init.d/dnsmasq start" and verify is listen your interface "netstat -na | grep 53"

Network manual configuration on the target

If you do not want a local DHCP to serve your guest virtual machines, then you need to set network manual after target boot. The other option would to  bridge your guest TUN interfaces with your main Ethernet board within vbox-br and use your router DHCP. While this should work in most lab environments, it generally fail miserably within an internet hosted context.

  • lsmod | grep e1000 ;# if no driver [modprobe e1000]  ;# check your NIC kernel module is loaded
  • ifconfig eth0  10.0.0.51 netmask 255.255.255.0           ;#provide an ip-addr+netmak within vbox-br range
  • route add default gw 10.0.0.99                                         ;# point default route onto vbox-bridge-IP
  • ping 10.0.0.99                                                                      ;# verify we can ping our gateway
  • vi /etc/resolv.conf                                                                 ;# update nameserver for DNS request
  • ping www.google.com                                                        ;# check your dns resolution works

Quick start to remote VirtualBox via SSH

While you may start your guest remotly with SSH, you still need to use RDC to connect in VGA on guest OS. This mean that you will need an open TCP port in beetween your workstation and your virtualbox host, each guest will requirer a unique port. After installtion if VGA is not needed anymore you can nevertheless stop RDC.

Create a minimal guest with ssh+http

 ./VBoxRemoteInstall.sh vbox=vbox-azerty nic=vbox-4 bridge=vbox-br repository=http://www.fridu.org/download/mktinylinux template=httpd-sshd-tiny-azerty.iso verbose=1

 

Start  guest target with a private RDP port

 VBoxHeadless -startvm vbox-name --vrdpport 3389
 VirtualBox Headless Interface 1.6.6
 (C) 2008 Sun Microsystems, Inc.
 All rights reserved
 Listening on port 3389

Connect with RDC desktop client from local workstation

 rdesktop -a 16 Your-Remote-VirtualBox-host:3389

 

Stop guest target

VBoxManage controlvm vmvbox-name poweroff 


OpenSolaris (Milax minimized version)

Milax is the striped down version of OpenSolaris (~100MB), that I use for my test. Installation and life-cd should work out of the box, nevertheless is you later want to install it on hard-disk, few things need to be known.

Note while Milax is a minimized OpenSolaris, it is nevertheless a standard OpenSolaris, and allows you to later install any packages with pkgadd.

Prepare your hard disk and create a root partition and eventually a swap partition

 pfexec format                  ;# get avaliable disks
 > select 0 (c4d0)
     # Create your two partitions
     p (partition)
     0 set size to 1.5gb
     1 set swap to 0.3gb

Start ZFS installation your VirtualBox VDI disk

 # This script transfert Milax Live-CD onto disk
  pfexec /usr/dss/bin/zfsinstall c4d0s0 ;# start installation on disk
  (reboot guest; unmount ISO and select virtualbox hard-disk as primary boot)

Ethernet driver not loaded. For some strange reasons, after installation from Live-CD to disk Ethernet driver for e1000 is not loaded. 

  ifconfig -a
  ifconfig e1000g0 plumb           ;# load driver if not already present
  ifconfig e1000g0 dhcp status   ;# check dhscp status
  ifconfig e1000g0 dhcp drop     ;# abandon current IP and lease
  ifconfig e1000g0 dhcp start      ;# ask for a new IP [will refresh /etc/resolv.conf]

For further information on Milax virtualization check documentation  [here]

Make guest applications visible from Internet

We have now virtualbox guest that run in a router mode within our host. In order to route data from outside (internet) to a given guest we need to configure our firewall. For this we will use VM-firewall 

 
Comments (2)
OpenVZ+VirtualBox "VBoxHeadless" Debian Lenny Server
2 Thursday, 20 August 2009 07:31
Doug
Hello Fulup,

Very good post! My bridge setup similar to yours.
I installed VirtualBox with the OpenVZ on a Debian Lenny 64 and I'm very happy, I see everything is working very well, but wanted to make some questions:

* ends when one of VM VirtualBox, syslog shows the following information:
Aug 17 10:57:49 vmhost kernel: [2960.246908] Uncharging too much 256 h 0, res lockedpages ub 0

* I can limit the use of the CPU in VirtualBox? I use the cpulimit, but is there any other option?

Thank you in advance,

Regards
Ubuntu
1 Tuesday, 26 May 2009 14:58
Keith
Great post, prob worth mentioning on ubuntu its:
sudo ifconfig vbox-br 10.0.0.99 netmask 255.255.255.0 up
to bring the interface up.
Also where you got:
brctl addif vbox-r vbox-? ;# add newly created tun in our bridge
it should be:
brctl addif vbox-br vbox-? ;# add newly created tun in our bridge
Thanks for sharing this info though, has helped loads.
k

Add your comment

Your name:
Your email:
Subject:
Comment:
yvComment v.1.19.1