Skip to main content

VirtualBox, CentOS, Network and Template

I have been working with VirtualBox and CentOS recently, here are some notes about this experience.

I used VirtualBox 4.2 and CentOS 6.3, but most of this should work with other products too. I created the first headless, minimal CentOS via NetInstall.
I cover two points: create a template machine and configure the Network.

Configure the Network

We want Internet access and a LAN local to the host.
For background information read: Networking in VirtualBox by Fat Bloke on June 2012.

The easiest is to enable two Network Adapters: One will be "Host-only" and the second "Nat". In the "Preference" menu you can see the DHCP server range for the Host-only Network. So you may set fixed addresses outside this range.
Next: start the guest. There may be various results at first, depending on a lot of things. Some problem might be solved by rm -f /etc/udev/rules.d/70-persistent-net.rules and a reboot.

Anyway, configure the two interfaces (set your own IP and MAC addresses) :



I am not sure about the UUID and HWADDR usefulness. Be careful to first check that your configuration is not inverse eth0 ~ eth1. An ifconfig -a should give an indication.

Configure /etc/hosts to add the fixed IP:

Restart the Network: /etc/init.d/network restart. Quick test: ping $(hostname). You should have Internet access try with elinks or yum update. You should also be able to access from your host via SSH. On Windows you may add the host name and IP to C:\WINDOWS\system32\drivers\etc\hosts.

Prepare the machine to be a template from which other will be cloned

When cloning don't forget to set new Mac address.

This script may ease the process. You need to adapt them!
# See:
rm -f /etc/udev/rules.d/70-persistent-net.rules

# Remove MAC Address
content=$( grep -v HWADDR $ifcfg )
echo "$content"> $ifcfg

# Remove SSH keys (they will be recreated at startup)
rm -f /etc/ssh/*_host_*
After cloning, don't forget to change the hostname and fixed IP.
This script may ease the process. You may need to adapt them!

content=$( grep -v HWADDR $ifcfg )
if [ -z "$content" ] ; then
    echo "Problem $ifcfg maybe empty !?" ;  exit 1

mac=$( ifconfig eth0 | grep eth0 | awk '{print $5}' )
if [ -z "$mac" ] ; then
    echo "Problem eth0 maybe down !?" ;  exit 1

echo "$content" > $ifcfg
echo "HWADDR=\"$mac\"" >> $ifcfg

Next step ...

I should have use some Puppet or Chef automation, but since I already tried without success some time ago, I was not so keen to reiterate the experience.

I also wonder if NFS mounts would allow to keep a system up-to-date. The idea would be to have a common "kernel" base re-used by all the VM via NFS. The VM would have only user space variations. But I am not so sure if it would be reliable or even considered "good practice".


Popular posts from this blog

One in six IT projects ends up ‘out of control’

A surprisingly high number of projects are 'ticking time bombs', according to researchers at the University of Oxford. They analysed 1,500 global projects that had revamped their information technology systems within the last 10 years. They discovered that one in six projects in the sample went over budget by an average of 200 per cent (in real terms) or over ran by an average of almost 70 per cent.

Their conclusion is similar to previous studies:

TLS: Disabling legacy cipher suites

First: "A cipher suite is a named combination of authentication, encryption, and message authentication code (MAC) algorithms".If you are using TLS (for HTTPS typicaly) you may want to remove some Cipher Suites.You maybe a little bit less compatible, but also a bit more secure. Things will be better when TLS1.2 is implemented everywhere.You can also claim to be FIPS 140 compliant: !How to do it:From the command line: code: Look at the "ciphers" attribute in someone knows how to do it on the IBM J9 via configuration, I am interested.