Tuesday Jun 12, 2012

Oracle Virtual Desktop Infrastructure

A lot of the recent blog entries here have been about Oracle VM VirtualBox, possibly the coolest personal desktop virtualization product known to man. Deploying VirtualBox on your PC or Mac lets you run many virtual desktops at the same time to one user, you.

But did you know that VirtualBox can also power an Enterprise-scale virtual desktop deployment too, delivering many desktops to many users? 

As part of another Oracle product, Oracle Virtual Desktop Infrastructure (VDI), VirtualBox can run your Windows, Linux or Solaris desktops on servers located in the datacenter. Oracle VDI orchestrates the whole deal by looking after :

  • creating or cloning the virtual desktops from a master template;
  • managing the lifecycle of the desktops (create, start, suspend, resume, stop, delete);
  • assigning which users get which desktops; 
  • delivering easy and fast access to these virtual desktops from almost any device, such as existing PCs or Macs, iPads, or specially designed Sun Ray client devices too;
  • load balancing and session management of all of this.

 Architecturally the solution looks something like this:

VDI Architecture

This is an increasingly hot area of the IT landscape, so the Fat Bloke has decided to create a new blog category (VDI) and dedicate a few blog entries to look into this in a bit more detail over the next few weeks.

Watch this space...

- FB 

Friday Jun 08, 2012

Networking in VirtualBox

VirtualBox.pngNetworking in VirtualBox is extremely powerful, but can also be a bit daunting, so here's a quick overview of the different ways you can setup networking in VirtualBox, with a few pointers as to which configurations should be used and when.

VirtualBox allows you to configure up to 8 virtual NICs (Network Interface Controllers) for each guest vm (although only 4 are exposed in the GUI) and for each of these NICs you can configure:

  1. Which virtualized NIC-type is exposed to the Guest. Examples include:
    • Intel PRO/1000 MT Server (82545EM), 
    • AMD PCNet FAST III (Am79C973, the default) or 
    • a Paravirtualized network adapter (virtio-net).
  2. How the NIC operates with respect to your Host's physical networking. The main modes are:

The choice of NIC-type comes down to whether the guest has drivers for that NIC.  VirtualBox, suggests a NIC based on the guest OS-type that you specify during creation of the vm, and you rarely need to modify this.

But the choice of networking mode depends on how you want to use your vm (client or server) and whether you want other machines on your network to see it. So let's look at each mode in a bit more detail...

Network Address Translation (NAT)

This is the default mode for new vm's and works great in most situations when the Guest is a "client" type of vm. (i.e. most network connections are outbound). Here's how it works:

NAT Networking

When the guest OS boots,  it typically uses DHCP to get an IP address. VirtualBox will field this DHCP request and tell the guest OS its assigned IP address and the gateway address for routing outbound connections. In this mode, every vm is assigned the same IP address (10.0.2.15) because each vm thinks they are on their own isolated network. And when they send their traffic via the gateway (10.0.2.2) VirtualBox rewrites the packets to make them appear as though they originated from the Host, rather than the Guest (running inside the Host).

This means that the Guest will work even as the Host moves from network to network (e.g. laptop moving between locations), and from wireless to wired connections too.

However, how does another computer initiate a connection into a Guest?  e.g. connecting to a web server running in the Guest. This is not (normally) possible using NAT mode as there is no route into the Guest OS. So for vm's running servers we need a different networking mode....

Bridged Networking

Bridged Networking is used when you want your vm to be a full network citizen, i.e. to be an equal to your host machine on the network.

In this mode, a virtual NIC is "bridged" to a physical NIC on your host, like this:

Bridging to wired LAN

The effect of this is that each VM has access to the physical network in the same way as your host. It can access any service on the network such as external DHCP services, name lookup services, and routing information just as the host does. Logically, the network looks like this:

Bridged Networking

The downside of this mode is that if you run many vm's you can quickly run out of IP addresses or your network administrator gets fed up with you asking for statically assigned IP addresses. Secondly, if your host has multiple physical NICs (e.g. Wireless and Wired) you must reconfigure the bridge when your host jumps networks. 

Hmm, so what if you want to run servers in vm's but don't want to involve your network administrator? Maybe one of the next 2 modes is for you...

Internal Networking

When you configure one or more vm's to sit on an Internal network, VirtualBox ensures that all traffic on that network stays within the host and is only visible to vm's on that virtual network. Configuration looks like this:

Configuring Internal Networks

The internal network ( in this example "intnet" ) is a totally isolated network and so is very "quiet". This is good for testing when you need a separate, clean network, and you can create sophisticated internal networks with vm's that provide their own services to the internal network. (e.g. Active Directory, DHCP, etc). Note that not even the Host is a member of the internal network, but this mode allows vm's to function even when the Host is not connected to a network (e.g. on a plane).

Internal Network

Note that in this mode, VirtualBox provides no "convenience" services such as DHCP, so your machines must be statically configured or one of the vm's needs to provide a DHCP/Name service.

Multiple internal networks are possible and you can configure vm's to have multiple NICs to sit across internal and other network modes and thereby provide routes if needed.

But all this sounds tricky. What if you want an Internal Network that the host participates on with VirtualBox providing IP addresses to the Guests? Ah, then for this, you might want to consider Host-only Networking...

Host-only Networking

Host-only Networking is like Internal Networking in that you indicate which network the Guest sits on, in this case, "vboxnet0":

Host-Only Networking

All vm's sitting on this "vboxnet0" network will see each other, and additionally, the host can see these vm's too. However, other external machines cannot see Guests on this network, hence the name "Host-only".

Logically, the network looks like this:

Host-only networking

This looks very similar to Internal Networking but the host is now on "vboxnet0" and can provide DHCP services. To configure how a Host-only network behaves, look in the VirtualBox Manager...Preferences...Network dialog:

Configure Host-only NetworksDHCP Server

Port-Forwarding with NAT Networking

Now you may think that we've provided enough modes here to handle every eventuality but here's just one more...

What if you cart around a mobile-demo or dev environment on, say, a laptop and you have one or more vm's that you need other machines to connect into? And you are continually hopping onto different (customer?) networks.

In this scenario:

  • NAT - won't work because external machines need to connect in.
  • Bridged - possibly an option, but does your customer want you eating IP addresses and can your software cope with changing networks?
  • Internal - we need the vm(s) to be visible on the network, so this is no good.
  • Host-only - same problem as above, we want external machines to connect in to the vm's.

Enter Port-forwarding to save the day!

  1. Configure your vm's to use NAT networking;
  2. Add Port Forwarding rules;
  3. External machines connect to "host":"port number" and connections are forwarded by VirtualBox to the guest:port number specified.

For example, if your vm runs a web server on port 80, you could set up rules like this: 

Port-forwarding Rules

...which reads: "any connections on port 8080 on the Host will be forwarded onto this vm's port 80".

Port Forwarding route

 This provides a mobile demo system which won't need re-configuring every time you open your laptop lid.

Summary

VirtualBox has a very powerful set of options allowing you to set up almost any configuration your heart desires. 
For more information, check out the VirtualBox User Manual on Virtual Networking.

-FB 

About

Fat Bloke

Search

Categories
Archives
« June 2012 »
SunMonTueWedThuFriSat
     
1
2
3
4
5
6
7
9
10
11
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
       
Today