The Tiny Internet Project, Part I
As LJ readers well know, Linux drives many of the technologies we use every day, from smart TVs to Web servers. Linux is everywhere—except most homes and classrooms.
That's a problem if we want to help breed the next generation of engineers and computer scientists. In fact, if teenagers (or any other group of curious individuals) want to learn about Linux, they often must rely on a geeky friend or parent willing to show them the way.
This three-part series seeks to change that by offering a way for anyone to learn about Linux by building what is essentially a tiny, self-contained Internet. Using old equipment and free software, you'll build a private network (with your own domain name), build Web sites, set up an e-mail server, install and use a database, and set up a Linux distro mirror.
If you like to learn by doing, but you're intimidated by the thick Linux texts you find at the bookstore, this Tiny Internet Project is for you. If you're a teacher interested in bringing Linux to the classroom, this is a great way to do it.
At the core of the project is a Proxmox KVM environment. KVM, or kernel-based virtual machine, is an open-source alternative to often costly VM technology like VMware and Hyper-V. You'll use Proxmox to host several Ubuntu 14.04 servers (or other Linux flavors), connect them over a private network and learn a lot about Linux along the way.
Figure 1. Proxmox
The Tiny Internet Project assumes you have some basic computer skills (Windows, Mac or Linux), that you have a couple computers lying around and that you have some time to tinker. The project can be done in whole or in part, depending on your interests and needs. It's particularly designed for educators who want to introduce school-aged kids to Linux.
What You'll Be Building
You'll be using open-source software for everything in this project, so everything you need will be free to download and use. You'll also take advantage of virtualization technology, which will enable you to deploy a bunch of virtual machines. In all, you'll deploy:
The Proxmox server to host all your virtual machines.
Two DNS servers, a primary and a secondary.
An e-mail server.
One or more Web servers.
An Ubuntu 14.04 repository mirror.
Strictly speaking, the mirror is optional. As long as you have an Internet connection, you'll be able to download new software and run Linux updates on all the servers you deploy. But the goal is to create a self-contained tiny Internet that will work without a permanent connection to the public Internet. Setting up a local mirror will enable you to do just that.
Optionally, you can build two or more Proxmox hosts and set up a cluster (I'll cover that when I describe building the Proxmox server). Obviously, you'll need one physical computer for each Proxmox host you want to add to your tiny Internet.
When it comes to hardware for this project, the goal is not to have you buy anything new, but to use stuff you already own—maybe your recently retired desktop, an old wireless router or an old laptop or netbook. If you don't have any hardware like this lying around, ask friends and family, and then consider Craigslist or eBay.
The bare minimum hardware you'll need includes:
One 64-bit PC that supports virtualization.
One PC that can attach to a network and run a Web browser (Windows, Mac or Linux).
One network switch or router.
Nice to have:
Another 64-bit PC that supports virtualization so you can build a cluster.
Some sort of network-attached storage (NAS).
Another old PC that can run Linux to act as a proxy server.
The Main Server:
The key requirement for this project is a primary computer with a processor that can handle virtualization. Many, many computers made since 2010 or so have this capability, including the tower I used for my very first tiny Internet. It has:
One Intel i3 processor (four cores).
8GB of memory (possible with less, but not much less).
Two 2TB SATA drives (one drive is enough).
Two 10/100/1000 Ethernet ports (it had one built in to the motherboard, and I added a PCI card).
To see if the computer you have in mind can become a Proxmox server, there are several ways to test it to see if it supports virtualization. There are tools for Windows and Linux, which are listed in the Resources section at the end of this article.
For those already using a Linux desktop or server, you can use existing commands to see if virtualization is supported. Open a terminal and run this simple command to do a quick check:
$ cat /proc/cpuinfo | grep vmx
It should return something that looks like the following (repeated several times for each core you have):
[flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr ↪pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse ↪sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc ↪arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc ↪aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl ↪vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 ↪sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c ↪rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm ↪tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms]
If the flags include
vmx (possibly highlighted red in the output), you're
probably good to go. You also might check your system's BIOS. Often,
virtualization is possible, but it's disabled by default. Look for it
in your BIOS, enable it and reboot.
If you have additional hard drives that you'd like to use with this project, you can install them in your main server (the Proxmox host machine). Technically speaking, you need only a single drive, but having more than one can give you nice options for backing up the things you build. It's also good practice to learn how to mount multiple drives!
The Administration PC:
You'll need some sort of second computer to act as your main administrative machine. This does not need to support virtualization. It only needs to be able to run a Web browser, maybe tinyproxy, and have an Ethernet port and Wi-Fi—or two Ethernet ports. If the machine doesn't have built-in Wi-Fi, you can get a USB dongle to do the job. The goal here is to have a machine with two network connections: one to your Tiny Internet and one to the network you use to access the Internet, such as your home or school network.
The administration PC can be your current desktop or laptop, and it can be Windows, Mac or Linux. If you're planning to have a main Proxmox server with two Ethernet ports, your administration PC needs to have only two network connections if you want to connect to your private tiny Internet and the public Internet simultaneously. One scenario also uses this PC as an http proxy server, which again needs access to both public and private networks.
I had a couple old laptops, and I successfully used the following for my administration PC:
An IBM ThinkPad T60p (with built-in Wi-Fi and 10/100/1000 wired Ethernet).
A Dell Mini 9 (with built-in Wi-Fi and 10/100 wired Ethernet).
A Dell Mini 10 (with built-in Wi-Fi and 10/100 wired Ethernet).
A first-generation Intel-based MacBook (with built-in Wi-Fi and -10/100/1000 wired Ethernet).
A Dell GX620 (with a Wi-Fi card and built-in 10/100 wired Ethernet).
Any old tower PC or desktop will work too—nothing fancy needed!
Ideally, your administration PC will be running a flavor of Linux with a desktop environment like GNOME, KDE or Xfce. However, it's not necessary. The goal is to ease you into Linux, not to toss you into the pool cruelly.
Optional: if it's not possible to run dedicated Linux computers in your classroom (or lab), but you want to get a taste for it, you always can boot a Windows or Intel-based Mac using a USB stick. I'll go into more detail about this later, but you can learn more about making a bootable USB with Linux on the Ubuntu Web site. Information is available in the Resources section at the end of this article.
Other PCs for Your Tiny Internet:
If you're running this project out of your den, you won't need any more computers. If you're building this in a classroom, the student machines can be much like the administration PC, though they each need just one network interface. If you're hard-wiring everyone to your tiny Internet, obviously each PC will need an Ethernet port. If you're going wireless, built-in Wi-Fi or inexpensive USB Wi-Fi dongles work great. Ideally, all the PCs in your network will be running a flavor of Linux, such as Ubuntu, Xubuntu, Linux Mint, Fedora, SUSE, CentOS, Kali—or another.
Again, you can use any switch or router you already have to create your private tiny Internet network. A single network switch or router is all you'll need to connect everything. If you already have a home network router, that can double as your tiny Internet switch, but I recommend a second to create a truly standalone system.
If you're setting up in a classroom, I strongly recommend using a wireless router so you easily can add dozens and dozens of separate student computers to your tiny Internet without running a bunch of Ethernet cables all over the place. Sure, that'll look cool, but it's not very practical.
Your tiny Internet switch (or router) requires just two ports: one connected to your main Proxmox server and one connected to your administration PC.
For my first tiny Internet, I used an old Netgear MR314 Wireless Router, which features the following:
Four 10/100 LAN ports.
One 10/100 WAN port.
Granted, this old box supports only WEP encryption, but it worked fine. Remember, your tiny Internet is self-contained, with no direct connection to the outside world. Yes, you'll want some security in place, but your main security risk is from members of your own tiny Internet, not the world.
I also tested the following networking devices with success:
A TP-Link TL-SG108 eight-port 100/1000 switch (bought new for $25).
A Netgear N600 four-port 10/100 Wireless Dual-Band Router WNDR3400.
Figure 2. Netgear
The Netgear N600 became my final choice because it has WPA2 security, wireless n capability and a USB 3.0 port for adding a USB drive (for making a poor man's NAS).
In addition to the PCs and network gear, you'll need a few USB thumbdrives. You'll burn .iso images to these and set them up so you can boot from them. In particular, you'll create these three:
Proxmox 4.x boot disk.
Ubuntu 14.04 server boot disk.
Xubuntu 14.04 Trusty Tahr (or any other Linux-flavor desktop you want).
If you don't have access to USB thumbdrives, you always can use DVDs for the purpose, but that's not nearly as easy, flexible or cheap. Still, if that's all you have, make sure you have four or five blank disks available, a decent DVD burner and disk-burning software.
Wireless capability is fairly ubiquitous in modern PCs and laptops, but your older machines may not have it. Fortunately, there are dozens of very inexpensive USB Wi-Fi dongles available (many for $8 or so). If you're thinking of getting one (or a dozen), make sure the device works under Linux. Better still: buy devices that work with Linux, Windows or Mac.
All the software you'll use for the Tiny Internet Project is free and open-source. Most of it's Linux software, of course, but I've also listed a few tools for Windows and Mac users, particularly the software you'll need to create bootable USB drives from an .iso file.
You'll notice too that I'm using Ubuntu 14.04 as the base for my virtual machines. If you would rather use, say, Fedora or SUSE, that's up to you. For brevity, I stick to Ubuntu when it comes time to talk about installation procedures.
Proxmox is an open-source KVM, or kernel-based virtual machine host. You can use many different flavors of Linux to create a KVM, but Proxmox is a good option for your tiny Internet because it comes complete. It's based on Debian, which is similar to the Ubuntu 14.04 you'll be installing, and it features an excellent browser-based management tool. It's also nice that you can install a system in minutes using the Proxmox .iso, which you'll turn into a bootable USB disk.
It's important to note that Proxmox is free to use, but offers several paid levels of support. If you want to purchase those services, that's up to you. You won't need to purchase anything for this project though.
Ubuntu 14.04 LTS:
The long-term release of Ubuntu 14.04 (also known as Trusty Tahr) is solid, stable, flexible and makes a great foundation for all your virtual machines. Let's download and install the 64-bit version, which you'll use to build your virtual machines and VM templates. The operating system also is available in a 32-bit version, which means you can install the same operating system on all your tiny Internet computers and servers—even if some of your equipment is older. When I set up my Dell Mini 9 as a proxy server, for example, I used the 32-bit Ubuntu 14.04 for seamless integration.
Figure 3. Ubuntu Server
You'll make a bootable USB drive from the latest Ubuntu 14.04 .iso; if you're going the DVD route, you'll create a bootable disk.
Webmin 1.7x: Webmin is a browser-based tool that makes administering (and understanding) a Linux server a lot easier. Hard-core command-line junkies will scoff at the GUI, but those new to Linux will appreciate Webmin's power and flexibility for managing everything from Apache Web services and Postfix-related mail services to updates and system health. You'll install Webmin on your base Ubuntu 14.04 VM template and use it on every server thereafter.
Figure 4. Webmin
The goal of the Tiny Internet Project is to build a standalone Internet, and in order to do that, you need to make all the Linux software you want (and might dream of using) available on your private network. To do that, you'll install apt-mirror on one of your Ubuntu VMs.
Figure 5. apt-mirror
To replicate the Ubuntu Trusty Tahr Linux distribution, you'll need much more disk space than all your other virtual servers combined. I've done several tests using standard apt-mirror settings (without -src, or source versions), and I found that the main, security and i386 repositories total less than 100GB. When you build the mirror VM, you'll make a 200GB disk, which should give you enough space for future additions and natural growth of the repository.
Once your local mirror is built, Ubuntu updates and upgrade will be very fast. However, initially downloading the mirror will take hours—even over fast Internet connections. Once it's done though, future updates go quickly and you'll have everything you need to build out and experiment with a variety of VM servers.
In order to make your tiny Internet as real as possible, you'll set up a domain name server (DNS) that will allow you to give your private network a working domain. Bind9 is the latest version of bind, which allows you to set up forward and reverse zones. That means if you want to run a domain called linuxrocks.com, you can, and create subdomains like dns.linuxrocks.com or mirror01.linuxrocks.com. This also will make setting up your private e-mail system a lot easier and much more familiar.
Postfix and Dovecot:
A big part of the public Internet is e-mail, and your tiny Internet would come up short if it didn't provide this important service. You'll use Postfix for mail handling and Dovecot for POP-ing or IMAP-ing the mail to e-mail clients like Thunderbird. Not only will users of your private tiny Internet be able to have their own e-mail addresses, but they'll also be able to exchange e-mail freely with one another.
These mail services are solid and reliable, and they're supported by a wide array of e-mail clients, including Thunderbird. You'll experiment with securing the mail server too, so you can learn more about mail security.
The combination of Linux, Apache (Web), MySQL (database) and PHP form the foundation for millions of servers around the world and across the Internet. The combination enables a wide array of Web sites (and content-management systems), database-driven Web applications and much more. You'll deploy a "base" LAMP stack on one of your Ubuntu 14.04 VMs and then make a template of it. That way, you'll be able to deploy as many different Web servers as you want.
The base LAMP VM will include:
The last item, phpMyAdmin, is a popular browser-based tool for managing MySQL databases. It's robust and flexible, and perfect for learning more about databases.
You have a couple options when it comes to connecting your private tiny Internet to the public Internet. One is to have multiple network cards in your main Proxmox host. The other is to have a secondary computer with two network connections to serve as a proxy server. There are advantages to each, so you can decide later which way you want to proceed.
If you take the proxy path—using a separate computer to relay all your http, https and ftp requests—you'll install tinyproxy. It's very lightweight, doesn't require caching (which can take up massive amounts of disk space), and it's fast. You'll have to make some modifications to apt to enable Ubuntu updates via the proxy, but once it's set up, it works well.
If you've played with a home network—a router provided by your Internet provider, for example—you're probably familiar with how DHCP works. A DHCP server hands out IP addresses to all the devices that attach to the network, whether they're computers, tablets, smartphones or thermostats.
If you're deploying a large tiny Internet—say, in a classroom—having DHCP will make things easy. Yes, you can assign static IP addresses to all the machines on your private network (and some servers, indeed, must have static addresses), but for casual users, DHCP works great.
If you're using a router (such as the Netgear models I mentioned earlier), it probably has its own DHCP server built in. That means the device itself hands out IP addresses to every wired and wireless connection it makes, so all your computers, tablets and smartphones have their own unique addresses. Plug in the router, connect it to your tiny Internet, and you're done.
If instead you're planning to use a simple network switch (one that doesn't hand out addresses at all), you'll need to deploy a DHCP server. Here, you'll use isc-dhcp-server for the job. It's lightweight and easy to use. Even if you plan to use a router with built-in DHCP, you may want to deploy a separate isc-dhcp-server as a back-up (I'll talk about how to do that later in this series).
Part of the fun of running your own tiny Internet is having complete control over all the pieces—the servers, the client PCs and the network. By installing a simple tool like iperf, you'll be able to test the speeds at which your components communicate. If you've ever used on-line tools like Speedtest.net to test your home or workplace Internet download and upload speeds, you'll be familiar with what iperf does.
Figure 6. iperf
You'll use iperf to test the speeds between devices across your private network and to test speeds between servers living together on the Proxmox host. This is where it really gets interesting. Even if you're using a 10Mb Ethernet switch to connect your VM host machine with your laptop, for example, you'll be able to measure gigabit speeds between your various VMs. That's because they're connected by a virtual network on a single server, limited only by the speed of the server's bus! That'll make your tiny Internet a speedy and realistic place to explore Linux.
In the next installments, you'll take the information I've covered here and build your Proxmox host, Ubuntu mirror and e-mail and domain name servers. After that, you'll deploy a LAMP stack and build some Websites, databases and even a WordPress site.
Test your computer to see if it supports virtualization:
Linux Users: http://virt-tools.org/learning/check-hardware-virt
Create Bootable USB Sticks:
Other Useful Resources: