Never Ending Security

It starts all here

Building the Ultimate VirtualBox Lab

Building the Ultimate VirtualBox Lab – Introduction

In my never-ending quest to continue learning as much as I can in the IT industry, one thing has always caused me some headaches until now. Setting up the proper foundation for my testing in the form of a virtual test lab where I can install multiple servers and clients easily without having to worry about taking up 40GB+ for each virtual machine.

I have received a lot of comments, private messages, and emails from the community asking me what I suggest for them to do in order to learn System Administrator topics in order to help them in job interviews or to help them in their current job if they are already working in the field.

Introduction: Ultimate VBox Setup

One answer always comes to mind with these types of questions; Virtualization. Setup a virtual test lab by configuring a virtual server (virtual pc), download the trial versions of Microsoft’s operating systems, install them and practice practice practice. Setup a domain controller or two. Take one offline and practice bringing another one online to simulate a down domain controller, Setup SQL server, WSUS, and so on.

This article is part 1 of 6 in the series:

  • Part 1: Building the Ultimate VirtualBox Lab – Intro
  • Part 2: Building the Ultimate VirtualBox Lab – Configure Vbox
  • Part 3: Building the Ultimate VirtualBox Lab – Install pfSense
  • Part 4: Building the Ultimate VirtualBox Lab – Install Windows 2012 Base
  • Part 5: Building the Ultimate VirtualBox Lab – Prep for .vdi Compacting
  • Part 6: Building the Ultimate VirtualBox Lab – Linked Clones
  • Bonus: Building the Ultimate VirtualBox Lab – RDP to Virtual Machines

citrix-logo  hyper-v-logo Virtualbox_logo vmware-logo

In the past, I have setup many different virtual lab environments including:

For this article, I chose to go with Oracle VirtualBox. If money wasn’t an issue, I would probably choose VMWare Workstation. Actually, if money really wasn’t an issue, I would buy a nice server with a SAN and setup VMWare ESXi. Ok, enough dreaming.

One of the issues I faced was having enough resources on the host’s computer where I can run 3 or 4 servers along with a couple of client computers at the same time while not worrying about CPU, RAM, and hard drive space.

Since I recently built a new computer as my main box to handle video editing (and anything else I want to throw at it), I finally decided to search out the best methods for hosting all of my virtual machines on this box. These days, I use my laptop about 95% of the time and only touch my big desktop for video editing. Why not put this computer’s horsepower to use since I’m hardly using it as is.

The specs of this machine are as follows:

At this point what I want to do is give you a visual of what I have in mind. I am not an artist by any means so hopefully you can understand what I’m illustrating here. This is just a basic idea of the SSD/HDD configuration:

Click to enlarge
Drawing of Ultimate VirtualBox Setup

To help better explain the drawing, here is what is going on. We are going to be usingLinked Clones to setup many virtual machines. The main reason I am using Linked Clonesis to save on hard drive space.

A brief description of Linked Clones: Setup a “base” virtual machine, install all patches/updates, sysprep and shutdown the machine (You will not turn this machine back on). This will be the base image that all future machines (same OS) will use when setting them up. Any changes made to the Linked Clones will be saved in their own .vdi in their own folder.

This is a HUGE plus for me since my SSDs are not very large. Also, using SSDs for this task is a huge advantage. Since I will be having multiple virtual machines running at the same time, they will all be using the base image so having the fast read/write speed will help with performance. I have not tried it using non SSDs but am curious how well it works.

As a side note: You can still have a standard HDD for things like SQL Databases, WSUS updates storage, network share storage, and more where speed is not as crucial.

Download the software and ISO images to prepare for the setup:

This article was only the beginning, introducing you to building the ultimate VirtualBox test lab.

In the next article (coming soon), we will be setting up the environment. I will walk you step-by-step in the entire process and by the end of the series, you should have a well-rounded and stable virtual test lab. From there on, you can go wild with setting up different servers, clients, testing group policies, pushing out software, breaking servers and learning how to handle disaster recovery and so on.

Building the Ultimate VirtualBox Lab – Configure VBox

Begin to learn how to become a System Administrator on your own by building the ultimate VirtualBox test-lab.

We briefly discussed what to expect with this video series and the overall configuration with hardware as well as linked clones.

Virtualization is key when wanting to setup a virtual machine test-lab. This tutorial is going to be considered video number 1 in the Building the Ultimate VirtualBox Lab series and will show you how to setup your virtual server environment. The tips shown here will help with setting up the foundation before we begin setting up our virtual machines and linked clones.

Configure VBox

Let’s begin

  • Open Oracle VM VirtualBox Manager
  • File -> Preferences -> General
  • Default Machine Folder: Navigate to the folder you want to store all your VMs in
    Virtualbox Default Machine Folder
  • Select Network in the left column
  • Highlight the adapter and click the edit button
    VirtualBox Edit Network
  • Select the DHCP Server tab
  • Remove the check from Enable Server
    VirttualBox Disable DHCP Server

That’s it for configuring Virtualbox for our Ultimate VirtualBox lab.

The next tutorial will begin by setting up pfSense to act as our lab’s router out to the internet.

Building the Ultimate VirtualBox Lab – Install pfSense

Continuing on with our self-learning to become a System Administrator, this article of Building the Ultimate VirtualBox Lab series we are focusing on how to install pfSense in VirtualBox.

I suggest you check it out since it has a couple key configuration changes in VBox that will save you some headaches later.

Install pfSense in VirtualBox

Before we get started I would like to explain the reason I have decided to use pfSense within our virtual lab for learning. When setting up a virtual server test lab, I like to try and mimmic an actual business environment as closely as possible. Because we want to use virtualization for this task, what pfSense will do is act as our virtual test lab’s router (to allow the virtual machines access to the internet). This will keep my host’s machine safe as well as any computers/devices on my host’s network. I guess you can look at it as my host’s network is acting as an ISP for my virtual environment.

Another reason why I wanted to use pfSense is so I can produce some tutorials on some key features of pfSense in the future when things settle down here at the house (remodeling/selling/buying another new house, etc.)

Let’s Get Started

We need to setup pfSense first so that during the other VM setups we can get out to the internet to install updates.

You can find the download links on this page.

Normally I like to include a lot of screenshots within these tutorials, but I think since the below instructions are pretty straight forward (and there is an associated video), I think I will hold off on the screenshots. If you feel they would help with this tutorial, please let me know in the comments section below and I will happily add them.

Create a new VM with minimum specs (pfSense doesn’t need to be run on a powerful machine).

  • Name: pfSense
  • Type: Linux
  • Version: Other Linux
  • 256MB of RAM
  • 8GB for the Dynamically allocated vdi (hard drive) should work out fine. You don’t need this one to be stored on an SSD but if you have the space, go for it.
  • 1 CPU
  • 2 NICs
    • Adapter 1: Enable Network Adapter
      • Attached to: Bridged (This will be our WAN port in pfSense)
    • Adapter 2: Enable Network Adapter
      • Attached to: Internal (This will be our LAN port in pfSense)
  • Attach the pfSense ISO to the CDRom drive so we can boot off of the CD
  • Disable:
    • Floppy drive
    • Enable absolute pointing device
    • USB Controller
    • Audio
  • If using an SSD, tell VBox that the VM is stored on an SSD
    • Select the vdi under the SATA Controller
    • Put a check in the Solid-state drive option under Attributes (This tells the guest OS that it’s drive is an SSD so it can take appropriate actions to deal with an SSD such as Windows disabling defrag, etc..)

Power on the VM and begin the setup

  • Select option 1 to boot pfSense
  • Pay attention during the install, you will see an option to select “I” to install, otherwise it will auto continue with running the live CD. Select “I”
  • Follow the prompts to install pfSense (I selected the Quick/Easy install)
  • During the first boot off of the hard drive, we need to configure a few things
    • Do you want to set up VLANs now: N
    • Enter the WAN interface name: em0
    • Enter the LAN interface name: em1
    • Optional 1 Interface: (leave blank and press Enter)
    • Let’s configure our WAN port to be static
      • Select number 2 (Set interface(s) IP address
      • Select number 1 (WAN)
      • Configure WAN interface via DHCP?: N
      • Type in the IP you want to give it (has to be on your host’s subnet) (I’m setting mine to 10.2.0.199)
      • Type in the Subnet mask (more than likely you will be using 24)
      • Revert to HTTP….: N

At this point we are done setting up pfSense. Once we setup our first Windows VM we will web into pfSense to finish a couple small configuration changes to allow our VMs access to the internet.

Building the Ultimate VirtualBox Lab – Install Windows 2012 Base

We will be focusing on installing Windows Server 2012 Base for our Building the Ultimate VirtualBox Test Lab series. We will configure a few basic settings, and install all Windows Updates to ensure we are patched up.

Quick reminder: We are setting up linked clones so we can maximize disk usage on our virtual server. If we were to setup normal clones and/or VMs, we would quickly run low on disk space. Since we are using SSDs to store the VDI (virtual hard disk files for our virtualbox VMs), it is very important that we use Linked Clones for this task.

Setup Windows 2012 Base for Linked Clones

Windows 2012 ISO Download

All of the downloads can be found HERE.

Let’s begin

Configure a new Base VM

  • Name: *_Base (i.e. Windows_Server_2012_Base)

VirtualBox Name Server 2012

  • 1024 MB RAM
  • Create a virtual hard drive now
    • VDI
    • Dynamically allocated
    • 40GB
  • 1 CPU
  • Disable:
    • Floppy drive
    • Enable absolute pointing device
    • USB Controller
    • Audio
  • NIC: Internal
  • Attach ISO for installation

VirtualBox Attach ISO and SSD

  • If using an SSD, tell VBox that the VM is stored on an SSD
    • Select the vdi under the SATA Controller
    • Put a check in the Solid-state drive option under Attributes (This tells the guest OS that it’s drive is an SSD so it can take appropriate actions to deal with an SSD such as disabling defrag, etc..)

VirtualBox Configure For Linked Clones

Install and Configure VM

  • Install the guest OS
  • Install VBox Guest Additions

VirtualBox Windows Server 2012 Install Guest Additions

  • Configure the network adapter
    • Set the IP statically (your information will probably be different than mine):
      • IPV4: 192.168.1.8
      • Subnet: 255.255.255.0
      • Gateway: 192.168.1.1 (pfSense LAN IP)
      • DNS: 10.2.0.1 (for now, set it to your home router’s LAN IP or a public DNS so we can resolve hostnames until we setup our server to be a DNS server)

Finish Configuring pfSense

  • Web into pfSense using the it’s LAN IP from within the VM lan (on this Windows 2012 VM). (For me, I connect to https://192.168.1.1)
    • Username: admin
    • Password: pfsense
    • System -> Setup Wizard
      • Run through wizard
      • Take note of the WAN Gateway: Set this to your home’s router IP address. This will ensure that pfSense knows where to send all of the VM’s internet traffic out to the internet.
      • Set a new/secure password

Final Windows Configurations

  • Make sure the timezone is set properly and the VM has the correct time
  • Install .NETt Framework 3.5 Features (if Windows Server)
    • Server Manager -> Add Roles and Features

VirtualBox Add Role to Server 2012

  • Run through the wizard until you get to Features
  • Select .NET Framework 3.5 Features and finish the wizard
  • Install all available Windows updates / patches

VirtualBox - Windows Server 2012 Windows Updates

  • Configure Windows Updates to only check and notify if there are updates so we have control of the process.

Next Step

Now that the virtual machine is installed and updated, the next part in this series will walk you through step-by-step how to prep this VM and .vdi for compacting in order to be used as a Linked Clone.

Building the Ultimate VirtualBox Lab – Prep VDI for Compacting

we installed Windows 2012 and made some basic configuration changes.

This article we will be focusing on prepping the VM for compacting the .vdi (virtual hard disk) for  Installing Windows Server 2012 Base for our Building the Ultimate VirtualBox Test Lab series.

It is comprised of deleting some folders/files in order to free up as much space as possible, running sdelete.exe, sysprep, and a few other little changes in order to simplify all future linked clone installations.

Quick reminder: We are setting up linked clones so we can maximize disk usage on our virtual server. If we were to setup normal clones and/or VMs, we would quickly run low on disk space. Since we are using SSDs to store the VDI (virtual hard disk files for our virtualbox VMs), it is very important that we use Linked Clones for this task.

Prep VM for .vdi compacting

Let’s Begin

Windows Update

  • Power on the Windows 2012 VM.
  • Configure Windows Updates to only check and notify if there are updates so we have control of the process.
  • Or… disable it all together and make sure to check/update every month.
    Ultimate-Vbox-Configure-Windows-Updates

Clean-up storage

  • Remove SP (Service Pack) installation files (if any)
    • Launch an elevated cmd or PowerShell window
    • Run: dism /online /cleanup-image /spsuperseded
  • Remove Windows update backup files
    • Launch services
    • Stop Windows Update service
      Ultimate-Vbox-Stop-Windows-Update
    • Delete the following folder and all it’s contents: C:\Windows\SoftwareDistribution
    • Start Windows Update
  • Disable hibernation
    • Launch an elevated cmd or PowerShell window
    • Run: powercfg.exe /hibernate off
  • Defrag two times (If .vdi is on a non-SSD)
  • Run sdelete to prepare for vdi compacting
    • Download sdelete and extract it’s contents
    • Launch an elevated cmd or PowerShell window
    • Change your working directory to the extracted sdelete folder
    • Run: sdelete.exe -z c:
      Ultimate-Vbox-Sdelete

Compact vdi

  • Shutdown VM
  • On the host computer (the Virtual Server):
    • Launch a NON-elevated cmd or PowerShell window
    • Change your working directory to “C:\Program Files\Oracle\VirtualBox\”
    • Run: vboxmanage.exe modifyhd <image path and name>.vdi –compact
      Ultimate-VirtualBox-Lab-Compact-VDI

Prepare VM to be a template

  • Power on the VM
  • Within the VM, run sysprep
    • Launch a cmd or PowerShell window
    • Run: c:\windows\system32\sysprep\sysprep.exe
    • Select: OOBE
    • Select: Generalize
    • Select: Shutdown
      Ultimate-Vbox-Sysprep

At this point you DO NOT want to power on this VM until you are ready to install updates to the base system in the future.

Create Base Snapshot

(All linked clones will be based on this snapshot)

  • Name: Version 1.0
  • Description: Initial version of <Windows version> all patched up to <date>. Sysprep OOBE executed before shutdown.
    Ultimate-Vbox-Snapshot

Set the Base VM not to boot

  • Open the settings for this VM up in VirtualBox
  • System -> Motherboard
  • Boot Order: Uncheck all devices
    This will ensure the Base VM doesn’t accidentally get booted up
    Ultimate-Vbox-Disable-Boot

Next Step

Now that the VM’s virtual hard disk is cleaned up as much as possible and then compacted, the next part will walk you through step-by-step on creating our first Linked Clone

Building the Ultimate VirtualBox Lab – Linked Clones

we prepped our vm and compacted the .vdi to save as much space as possible.

This article, we will be setting up a few servers using the linked clone feature available in VirtualBox.

The reason I am using “linked” clones is because I am installing my lab environment on an SSD drive. Since I didn’t win the lottery or rob a bank, I am somewhat limited on the size of the SSD I can install the VMs on.

Below briefly explains what a full clone is compared to a linked clone. See Virtualbox.org for more information on the cloning process.

Full clone: In this mode all depending disk images are copied to the new VM folder. The clone can fully operate without the source VM.

Linked clone: In this mode new differencing disk images are created where the parent disk images are the source disk images. If you selected the current state of the source VM as clone point, a new snapshot will be created implicitly.

How to Setup Linked Clones

Let’s Begin

Setup a Linked Clone

  • In VirtualBox, right click the Base VM and select Clone
    Ultimate Vbox - Clone
  • Name the VM to your Server naming conventions (I am going to simplify things and name this one DC_1 for Domain Controller)
  • Select Reinitialize the MAC address
    Ultimate VirtualBox - Name and Initialize MAC
  • Select Linked Clone
    Ultimate Vbox - Linked Clone
  • Go into the Settings of the Linked Clone and select Hard Disk for the Boot Order
    Ultimate Vbox - Boot Order

Power-on Your New Linked Clone

You can now start your Linked Clone VM.

Since we SysPrep’ed the Base VMs, the initial boot of the linked clones will go through the standard Windows startup / configuration steps.

Don’t forget you will need to re-setup your IPv4 Static address as well as name the server. I personally like to give the main/first server in my environment a .10 address (i.e. 192.168.1.10). For non-servers, I like to stick with DHCP.

Setup other Base VMs for different operating systems by following the same procedures.
ultimate vbox - setup lots of linked clones

— UPDATE

I ended up enabling Windows Update on all of the linked clones individually rather than on the base system. This is because each linked clone will be running something different (ie. WDS, Exchange, SCCM, SQL, etc…).

Building the Ultimate VirtualBox Lab – RDP to VMs

We will be focusing on setting up pfSense firewall’s port forwarding to allow RDP (Remote Desktop) connections from the host computer (Virtual Server) to the individual virtual machines within VirtualBox’s internal VM network.

Call me weird or old-school but I’m not a huge fan on using the console session of VirtualBox to work on the VMs. Instead I like to use Remote Desktop to connect to the virtual machines.

Follow along in this step-by-step article on how to set up port forwarding through pfSense so we can easily remote desktop to the virtual machines from the host machine.

Disable pfSense’s ‘Block Private Network’ option

  1. Open Internet Explorer in one of your VMs
  2. Connect to your pfSense’s web interface
  3. System -> Setup Wizard
    Ultimate Vbox pfSense Setup Wizard
  4. Continue pressing Next until you get to Configure Wan Interface
  5. Scroll down to the bottom of the page
  6. Uncheck Block RFC1918 Private Networks optionUltimate-Vbox-pfSense-Disable-Block-Private-Network
  7. Continue pressing Next and then Reload to finish the configuration change

Configure NAT rule to allow pfSense to port forward ports to VM’s 3389 MSRDP port

  1. Firewall -> NATUltimate-Vbox-pfSense-Firewall-NAT
  2. Add a NAT port forward by pressing the icon with the plus symbolUltimate-Vbox-pfSense-Add-Port-Forward
  3. Destination: Any
  4. Destination Port Range: From: <whatever port you want to use>
  5. Destination Port Range: To: <leave blank>
  6. Redirect Target IP: <IP Address of the VM you want to connect to>
  7. Redirect Target Port: MS RDP
  8. Description: Remote Desktop to <server name>
  9. Save and then Apply ChangesUltimate-Vbox-pfSense-RDP-Port-Forward-Settings

Now when you want to connect via Remote Desktop, your server address will be:

  1. Server: <pfSense WAN IP>:
  2. Example: Server: 10.2.0.199:3395Remote-Desktop_Specific-Port

For other servers/clients that you want to connect to, simply add another NAT Port Forward rule but use a different Destination Port (ie. 5002, 5003, etc…).

Advertisements

One response to “Building the Ultimate VirtualBox Lab

  1. cheap ssl 26 May 2015 at 09:23

    Quality articles is the key to be a focus for the people to pay a quick visit
    the web site, that’s what this web page is providing.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s