SRT210 Lab 2
- Set up a nested virtual machine
- Get familiar with basic networking setup and utilities used on Linux
PART 1: NESTED VIRTUAL MACHINE
Since we're forced to use a Windows machine as the main VM host, we're going to have to set up nested virtualisation. Luckily that's not too difficult.
- Change the settings for your c7host to have at least 4GB of RAM, and enable "Virtual Intel VT-X/EPT or AMD-V/RVI" under VM/Settings/Processors.
- Install the following packages: qemu-kvm qemu-img virt-manager libvirt libvirt-python libvirt-client virt-install virt-viewer bridge-utils
- Make sure (using
systemctl enable) that the libvirtd service starts at boot.
- Those will include both the KVM hypervisor and Virt Manager, which is a graphical tool used to administer it.
- Create a new virtual machine with the following settings:
- Will be installed from the network: https://mirror.senecacollege.ca/centos/7/os/x86_64/ or http://mirror.netflash.net/centos/7/os/x86_64/
- 2GB of RAM
- 10GB of disk
- NAT for networking
- hostname lin1
- Minimal install
After you're done - you'll have a command-line-only CentOS machine (lin1) running inside a graphical CentOS desktop (c7host).
PART 2: BASIC NETWORKING
New virtual network
By default a KVM setup has a NAT network with a DHCP server. That works nicely out of the box but won't work for us because we'll need to configure network settings manually.
- Power off lin1
- In the Connection Details dialog box, select the Virtual Networks tab
- Click to de-select the Autostart (on boot) check-box options and click the Apply button.
- Stop the default network by clicking on the stop button at the bottom left-side of the dialog box.
- Click the add button to add a new network configuration.
- Leave the default network name network1.
- In the next screen, enter the new network IP address space called: 192.168.210.0/24
- Disable DHCPv4
- Enable Network Forwarding by Selecting Forwarding to physical network, the destination should be Any physical device and the mode should be NAT
PART 2: IPTABLES
CentOS comes with firewalld installed by default. We will not be using that, instead we'll do all our firewall work with iptables. Therefore we'll need to uninstall firewalld and install iptables management tools:
- Use systemctl to stop firewalld and disable it from starting on boot.
- Use yum to uninstall firewalld and install iptables-services
- Use systemctl to start the iptables service and configure it to be started on boot.