The Tiny Internet Project, Part II
In the May 2016 issue (also available here), I introduced the idea of the Tiny Internet Project, a self-contained Linux project that shows how to build the key pieces of the public internet on a single computer using one or two old computers, a router and a bunch of Linux software. In this second part, you'll learn how to build the virtual-machine host—using Proxmox—and deploy your first server. In Part III (coming soon), you'll build a template to make DNS and email hosts, a website and a Linux distribution mirror.
You'll need two separate computers for this project. This first is your "administration PC". It's any desktop or laptop with network access, a graphical browser (like Firefox or Chrome) and at least one USB port. The second machine will become your virtual machine host.
The central idea is to build a sort of internet-in-a-box with common Linux servers and use the setup to teach young people or newcomers about Linux. Using virtualization software, you'll deploy several servers that will handle domain names, email, web pages and more—all on a single piece of hardware. You don't need anything new or fancy. I built the prototype on a six-year-old Velocity Micro desktop with an Intel i3 processor, 8GB of RAM, two network cards and a couple 1TB drives.
Choosing Your Hardware
First off, you need a computer that supports virtualization—meaning its BIOS, 64-bit-capable CPU and motherboard allow you to share all the system's resources with virtual machines that will run on it. You may have experimented with VirtualBox or even free versions of VMware's ESXi software. The idea here is the same: place a number of virtual servers on a single physical machine and share all of that physical machine's resources, including memory, CPU and drives.
The Linux version is called KVM for Kernel-based Virtual Machine. For this project, you'll use a pre-compiled version called Proxmox, which comes with everything you need.
To see if the computer you have in mind can become a Proxmox server, you'll need to check whether it supports virtualization. Graphical tools are available for Windows, Linux or Mac OS X, and if you've got a machine with no operating system installed, you can boot it from a USB or CD drive using any flavor of Linux to test it. See the Resources section at the end of this article to learn how to do that.
On Windows, you can learn a lot from the main Computer properties. Right-click on Computer (on the desktop or Start menu), and look at the lower part of the window, which will look something like Figure 1.
Figure 1. Windows Computer Properties
If you see "Quad CPU", or something similar, and "64-bit Operating System", you likely have a machine that (once wiped) will work. To be more certain, you can use Intel or AMD tools to identify further your CPU's ability to support virtualization (again, see the Resources at the end of the article).
Figure 2. SecurAble helps you learn more about your processor.
If you're planning to use an old Intel-based Apple Mac, there are many that support virtualization. Getting an older Mac to boot from USB can be a little tricky, and I won't cover those steps here. However, I have successfully installed Linux on several Intel Macs, and it runs well.
If you already have Linux installed on a desktop or server, you can use a few simple terminal commands to see if it supports virtualization. Open a terminal and enter this command:
$ cat /proc/cpuinfo | grep vmx
If it returns something that looks like the following text (repeated several times for each CPU), you're in business and can proceed to the next step (if you're still uncertain, check the Resources for more options):
[flags : fpu vme de pse tsc msr pae mce cx8 apic sep ↪mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr ↪sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc ↪arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc ↪aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl ↪vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 ↪x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand ↪lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow ↪vnmi flexpriority ept vpid fsgsbase smep erms]
flags output includes
vmx (possibly highlighted red
in the output), you should be set. If not, check your system's
BIOS. Virtualization often is possible on a system, but it's disabled
by default. Look for virtualization settings in your system's BIOS,
enable it and reboot.
Although the Tiny Internet Project is designed to provide everything you need without having to access the public internet, the fact is you'll need your Linux distribution mirror to connect to servers on the outside. You can do this by setting up a proxy server (which I will cover in Part III) or by installing two Ethernet cards on your Proxmox host. Wired connections are easier to set up than wireless ones, and I don't recommend using a Wi-Fi card or USB dongle as the host's second connection.
With two cards installed, your Proxmox host will be able to talk to both public and private networks, and so will the virtual machines running on top of it.
The Virtualization Software: Proxmox
Since you're obviously most interested in Linux and free software, let's use the custom KVM Proxmox.
You can install KVM during the server set-up process on many Linux
distributions, particularly Debian-based flavors. These out-of-the-box
KVMs work well, but I found them a little too complicated for the Tiny
Internet Project. Installing KVM on an existing machine using
yum works, but it's not something a newcomer can do
By itself, KVM doesn't come with a GUI interface either—a shortcoming that's fine for Linux experts, but not newbies. There will be plenty of command-line work to do later, so I wanted an easy-to-use interface for KVM management, preferably something browser-based. The tools I found, such as WebVirtMgr, were workable, but again, they were a little too complicated for a newbie to set up.
Proxmox works well because it includes the following:
A fairly standard, if lightweight, Debian kernel.
An easy-to-use web interface.
A ready-made .iso that can be burned onto a USB or DVD.
Nice tools for managing clusters and storage.
Proxmox supports clustering, which lets you set up multiple VM host machines. It also supports a variety of storage types, including local and network-based drives.
1. Download the .iso and make a bootable USB. If you've ever downloaded a Linux .iso and used it to create a bootable USB or DVD, you can breeze through this step and go right to the installation. If you're new to the process, you'll need a couple tools. The Ubuntu website provides good instructions for Windows, Mac and Linux users. (See Resources to learn more about each.)
The DVD approach is doable, but it will take longer and it'll be a little less flexible. I recommend using USB thumbdrives for creating bootable OS installers, but sometimes an older system's BIOS may not support booting from USB. In those cases, rather than banging your head against a wall trying to get a raw system to start from USB, use a DVD. If you're using a Mac, this may be the only way to get started; support for USB booting on Apple hardware is a tutorial unto itself.
The .iso you want is the Proxmox Virtualization Environment (PVE). Using your administration PC, download the latest version. (It was 4.1 at the time of this writing.) The file is less than 1GB and easily fits on a 2GB thumbdrive. Burn the .iso to a USB.
Use your administration PC and go here and download the installer.
2. Boot the Proxmox PVE installer. Remove the USB from your administration PC and use it to boot your Proxmox machine.
The initial installation screen offers three choices. Select Install Proxmox VE.
Figure 3. Initial Proxmox Installation Screen
Next, choose the drive on which you want to install it. If your host machine has more than one drive, you'll get choices here. Otherwise, it will default to something like /dev/sda.
Figure 4. Choose the Installation Drive
As with any OS install, this will wipe out everything you have on the drive. Take your time and make sure to select the correct drive.
Set your location in the next screen before moving on to set up the network, which includes the hostname (the name of the machine as it will appear on your network and in DNS), the IP address, netmask, gateway and DNS server. These won't be random; you'll need to give some thought to your future network, your VMs and the address you're going to give your DNS server.
For your private network, you'll be deploying between five and seven machines that will need their own addresses and a domain name. I used "tiny.lab" to avoid using a .com, .net, .org or any other public domain extension that could cause problems. So, with this simple plan, you'll be creating the following:
The Proxmox host.
Two DNS servers.
One mail server.
Two or more web servers.
Given this schema, give the Proxmox host machine (pve in my example) the first non-gateway address, and address the others, like so:
pve — 10.128.1.2
dns01 — 10.128.1.3
dns02 — 10.128.1.4
mail — 10.128.1.5
mirror — 10.128.1.6
web01 — 10.128.1.7
Therefore, for the Proxmox host, set the Network Configuration settings to the following:
hostname — pve.tiny.lab
IP Address — 10.128.1.2
Netmask — 255.255.255.0
Gateway — 10.128.1.1
DNS Server — 10.128.1.3
Figure 5. Proxmox Network Configuration
If you're planning to deploy multiple Proxmox hosts and form a cluster, I recommend reserving the lower range of your chosen subnet—which is 10.128.1.1 to 10.128.1.255—so you can keep things logical. For example, you could give pve01 10.128.1.2 and pve02 10.128.1.3, and then start your DNS servers at 10.128.1.4.
Once you enter a password on the next screen, the installation will begin. After about five minutes, you'll be prompted to reboot. The initial boot screen looks like any Grub menu, and if all goes well, you'll end up with a login screen and a welcome telling you where to point your web browser: https://10.128.1.2:8006.
Figure 6. Proxmox is ready.
If you used a different IP address, that IP will appear instead. Later, after you've set up your domain, you'll be able to access the server at https://pve.tiny.lab:8006.
For now though, the IP is the only way in.
3. Confirm network settings on your Proxmox host. Unlike a typical Linux network setup, the Proxmox host uses bridged ports. Where you'd typically see eth0 and eth1, on Proxmox you'll see vmbr0 and vmbr1.
To get the two Proxmox host NICs to work properly, you'll need to edit the network interfaces file. From the pve login screen, log in using the user name "root" and the password you set during installation. Make a copy of the interfaces file (for safekeeping), then edit the original:
# cd /etc/network/ # cp interfaces interfaces.bak # vi interfaces
When you first open the file, it'll look something like this:
[ auto lo iface lo inet loopback iface eth0 inet manual iface eth1 inet manual ]
This isn't going to work for your purposes. You need to set up a static bridged address to eth0 and a static bridged address to eth1. First, set the interface that will communicate with your private network (tiny.lab):
[ auto lo iface lo inet loopback #iface eth0 inet manual (comment out or delete) #iface eth1 inet manual (comment out or delete) auto vmbr0 iface vmbr0 inet static address 10.128.1.2 netmask 255.255.255.0 dns-nameservers 10.128.1.3 10.128.1.4 dns-search tiny.lab bridge_ports eth0 bridge_stp off bridge_fd 0 ]
Note that the interface bridges to eth0, but eth0 itself is not configured here. That's on purpose. Now, configure the second NIC to communicate with your public network (the network in your house or classroom that connects to the internet):
[ auto vmbr1 iface vmbr1 inet static address 192.168.1.75 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 184.108.40.206 220.127.116.11 bridge_ports eth1 bridge_stp off bridge_fd 0 ]
A couple things to note here. The address—192.168.1.75—is any free address on your public network. Don't pick this at random; make sure the address is available.
Also note that there is no gateway address on the first interface. That's because you can have just one gateway on a machine connected to multiple networks. Also, the dns-nameservers are set to 18.104.22.168 and 22.214.171.124, Google's public nameservers. You can use these or the nameservers provided from your ISP or school. Finally, note that this vmbr1 interface bridges to eth1.
Save the file and reboot.
4. Set up your private network devices. From this point forward, you'll do most of your work from your administration PC, not the Proxmox host.
In order to connect other machines to your Proxmox host, you'll need to place your Proxmox server and your administration PC on the same network. That requires a network switch or router.
If you're using a router, preferably one with wireless capabilities, you can set it up with a base LAN address of 10.128.1.1. That will become its gateway address (even though you won't use it for that). If your router includes a DHCP server (most do), the device will hand out IP addresses to all the computers you attach to your tiny internet network automatically.
Figure 7. Router Setup
In your router, leave the WAN settings empty or disabled. Just set the following for the LAN:
IP address (10.128.1.1)
Turn on DHCP
Configure wireless security
If you're using a "dumb" switch (one that is unmanaged), you'll need to set up a static IP address on your administration PC before it can join your private network. The switch won't hand out DHCP addresses on the private network, so you have to set one manually. Later, you can deploy a DHCP server, but for now, static is easy.
Be sure to give your administration PC a static address beyond the range of your server addresses, perhaps starting at 10.128.1.25 or even 10.128.1.50. The basic static-IP configuration should look something like this:
IP address — 10.128.1.25
Netmask — 255.255.255.0
DNS servers — 10.128.1.3, 10.128.1.4
Again, gateway is purposely left out. In this case, your administration PC's gateway already is set to your home or school network (something like 192.168.1.1). That gateway address enables you to get to destinations on the internet. Your private-network machines won't need a gateway to talk to each other.
If your administration PC has an Ethernet port and wireless, use the wired port to connect to the public network (192.168.1.1, in this example). Use the wireless to connect to your tiny internet (10.128.1.x). That way, you'll have simultaneous access to both the public internet and your private tiny internet.
It's important to note that connecting a single computer to two separate networks can be very quirky. Fortunately, Windows 7, Mac OS X and most modern flavors of desktop Linux auto-negotiate network connections. In Linux, Network Manager (network-manager) can handle dual networks, but it can give routing priority to the wired connection. That means you should connect your internet-capable network to the wired port and use wireless to connect to your private network. In Linux Mint, I found that the opposite configuration will make web browsing slow because the system is trying to reach the internet via the wired private network first. If you must connect this way, set metrics in /etc/network/interfaces. (See Resources.)
Be aware that you may have to reboot your administration PC to get the network settings to take hold. Do that before proceeding.
5. Log in to the Proxmox GUI. Now that the PVE host is up and running, and both it and your administration PC can communicate with each other via your router (or switch), you're ready to get down to business. On your administration PC, point a browser to the address the Proxmox host offered you: https://10.128.1.2:8006. Enter the root user name and your password.
Once you click OK to dismiss the "No valid subscription warning", you'll see the main view, split into a server-manager column on the left and the main information panel on the right. The panel at the bottom gives real-time updates on actions you take, such as starting or stopping a server.
Figure 8. Proxmox Main View
If you named your Proxmox host "pve", the server listed when you expand the Datacenter folder will be "pve". Below it is listed the local storage, which is named "local".
Explore the various tabs and become familiar with the interface. Much of it is self-explanatory.
6. Deploy your first server. You're now ready to deploy your first virtual machine. Before you do, decide whether you want to deploy a cluster by adding one or more Proxmox servers to your setup. If you do, you must add the second PVE host now before adding any VMs. Otherwise, if you later decide to add more PVE hosts, you'll have to delete all the virtual machines you created and basically start over.
Proxmox has some freely available templates for everything from CentOS 7, Ubuntu 15.04, Debian 7, a LAMP stack and WordPress. If your Proxmox server has access to the internet—either directly or via a proxy server—you can download and install these by clicking on "local" (your storage drive), and then choosing the Content tab and Templates.
For now, however, you're going to deploy your own virtual machine from scratch by downloading the latest .iso of Ubuntu (or whatever flavor Linux you like) and building a VM from it.
Using your administration PC, download the Ubuntu 14.04.3-server-amd64.iso. This is the long-term release of the server version of Ubuntu, which you'll run without a GUI desktop. The .iso file is just more than 600MB.
To build a VM from this .iso, you'll need to upload it to your Proxmox server.
Figure 9. Uploading the .iso
In the main PVE browser view, open Datacenter and your machine (pve) and click on the "local" storage icon. In the right-hand pane, click the Content tab and the Upload button. In the pop-up window, browse for the .iso file you just downloaded. Click OK to begin the upload.
When the upload is complete, you should see the file listed under the ISO Image list on the Content tab page. You're now ready to deploy it.
In the top right of the main Proxmox browser view, click the Create VM button. In the modal window that opens, Node will be filled in with the name of your Proxmox host ("pve"), and the VM ID will be set to 100. Each future VM will auto-increment from there. Enter a Name, such as "ubuntu", and click the Next button or the next tab.
Figure 10. Creating a Proxmox VM, Step 1
Select the OS type—Linux 4.x/3.x/2.x Kernel (I26). Click Next and make sure the "Use CD/DVD disc image file (iso)" radio button is chosen, select the storage drive ("local"), and use the "ISO Image" drop-down to choose the .iso you uploaded. Click Next.
Figure 11. Creating a Proxmox VM, Step 2
The hard disk settings are fine as is. Note that you'll be creating a 32GB drive on the "local" drive. That will be plenty for all the machines you create, except the mirror server, which will be more like 200GB. Click Next.
Depending on how many CPUs and cores your machine has, you'll be able to add more than one "Socket" and more than one "Cores". Your Ubuntu servers will run fine with a single CPU, so leave the defaults (1 socket, 1 core, Default kvm64 Type), and click Next.
With memory, like CPU, your settings can vary based on how much memory your system has. I assume you don't have much, and I've tested various configurations and found that setting a range works best. Click the radio button next to "Automatically allocate memory within this range", and set the Maximum value to 1024 and the Minimum value to 512. The virtual machine will use only the memory it needs, which typically will be much less than 512MB, but it automatically can use as much as 1GB if necessary. Click Next.
For networking, select Bridged mode and Bridge vmbr0. Click the box next to Firewall and leave all the other settings as defaults. Click Next to review a summary of your choices. When you click Confirm, Proxmox will create the virtual machine. When it's done, you'll see a new icon in the left-hand pane of the main view.
Figure 12. Creating a Proxmox VM, Step 3
To start the new VM, either right-click on it and choose "Start" or left-click it once and choose Start from the menu located above the tabs in the right pane. As it starts up, you'll see the content of the Summary tab change. Right-click the machine and choose "Console" from this list (or from the menu above the tabs). A new browser window will open (check to make sure you're not blocking pop-ups on the site), and you'll see the Ubuntu start-up screen. You're ready to start deploying VMs!
Figure 13. You're ready to start!
Stay tuned for the third and final installment coming soon!
Create a bootable Linux (Ubuntu) USB: https://help.ubuntu.com/community/Installation/FromUSBStick
Check a Linux system for virtualization capabilities: http://virt-tools.org/learning/check-hardware-virt.
Check a Windows system for virtualization capabilities, for Intel-based systems: http://intel.ly/217A6MK.
SecurAble is a tool from Gibson Research Corp. that helps you learn more about your processor: https://www.grc.com/securable.htm.
Check a Macintosh system for virtualization capabilities—Apple provides some tools at https://support.apple.com/en-us/HT203296.
You can download the bootable Proxmox .iso files from http://proxmox.com/en/downloads/category/iso-images-pve.
Setting metrics on Ubuntu Linux interfaces: http://bit.ly/1mRibHa.
Information on router metrics from WikiPedia: https://en.wikipedia.org/wiki/Metrics_%28networking%2.
Download the Ubuntu server 14.04.3-server-amd64.iso from http://www.ubuntu.com/download/server.