Shulou(Shulou.com)06/02 Report--

The previous "process record of installing CentOS7 in VirtualBox" described how to install VirtualBox and install CentOS7 in VirtualBox, but there are many problems that have not been expanded, so we will expand to introduce the setup of VirtualBox and CentOS in this article.

Virtual machine file types supported by VirtualBox

VDI: Virtual Disk Image, which is the virtual machine file type used by VirtualBox by default.

VMDK: this is the virtual machine file type that VMware uses by default.

VHD: this is the default virtual machine file type used by Microsoft virtual machine software.

It depends on your personal preference when creating a virtual machine, but I generally prefer VMDK, because when the pre-research is successful, I can hand over the vmdk file to virtualization management and load it directly into the company's virtual machine resource pool. Of course, after creation, you can also convert between the three formats through the VBoxManage.exe provided by VirtualBox, which is located in the VirtualBox installation directory.

Virtual machine CPU settings supported by VirtualBox

By default, the virtual machine created only uses 1 core. Sometimes, in order to have a better experience when the hardware of the host is good, you can set multi-core and multi-thread. My computer is 4-core and 8-thread, so the maximum can be set to 4, as shown below:

Virtual machine network access supported by VirtualBox

When you click the "Network" option, you will see the following interface:

There are four more important settings in the interface:

How to connect.

Interface name.

Control chip.

Mixed mode.

Virtual machine network connection mode

VirtualBox supports 7 access methods:

Network address Translation NAT-Network Address Translation (NAT)

Bridge Nic-Bridged networking

Internal Network-Internal networking

Host (Host-Only) adapter only-Host-only networking.

Universal driver-Generic networking

The network connection type setting interface for VirtualBox is as follows:

A simple comparison of these network connection types is as follows:

Virtual machine network connection interface name

This is actually the current network card on the host. In bridging mode, Virtualbox uses a separate driver in the host to process network data. Filter the data of the virtual machine from the network data. Therefore, in bridging mode, be sure to select the network card that is currently in use.

Virtual machine network connection control chip

There are several interface names in VirtualBox:

AMD PCNet PCI II (Am79C970A)

AMD PCNet FAST III (Am79C973, the default):

Intel PRO/1000 MT Desktop (82540EM)

Intel PRO/1000 T Server (82543GC)

Intel PRO/1000 MT Server (82545EM)

Paravirtualized network adapter (virtio-net)

AMD PCNet FAST III (Am79C973) is recommended by default because it is supported by almost all operating systems, even GNU GRUB boot manager. The Intel PRO series is designed to support systems that are no longer driven by the operating system, such as Windows Vista. Intel PRO/1000 MT Desktop supports Windows Vista and later Windows systems, Intel PRO/1000 T Server can be recognized by Windows XP without installing drivers, and Intel PRO/1000 MT Server supports OVF files imported from other platforms.

Paravirtualized network adapter (virtio-net) is quite special, if you choose Paravirtualized network adapter (virtio-net), then you need to ensure that there is a corresponding, special software interface to achieve the corresponding network processing.

Selection of Virtual Machine Network connection promiscuous Mode

Hybrid mode (English: promiscuous mode) is a term in computer networks. It means that the network card of a machine can receive all the data streams passing through it, regardless of whether its destination address is it or not.

In general, computer network cards work in non-hybrid mode, when the network card only accepts data from the destination address of the network port pointing to itself. When the network card works in hybrid mode, the network card captures all the data from the interface and hands it to the corresponding driver.

All allowed: all data (regardless of its destination address) is sent to the virtual machine and the host respectively.

Allow virtual computers: all data (whether its destination address is its own or not) is sent only to the virtual machine.

Deny: both the virtual machine and the host receive only data whose destination address is their own.

According to the description of VirtualBox, in bridging mode, the virtual machine filters the packets sent to itself directly from the packets received by the host. In order to ensure that the virtual machine can receive its own packets, it is recommended to choose all allowed.

Security settings for CentOS7

After using the bridging mode, the following configuration is recommended on the learning machine.

Close SELINUX

SELinux is a security architecture that is integrated into Linux Kernel 2.6.x through the LSM (Linux Security Modules) framework. It is a joint project of the NSA (United States National Security Agency) and SELinux communities. Decide whether to close or not as needed in the production environment, and whether it is recommended or closed in the learning environment. In CentOS7, this setting is in the / etc/sysconfig/selinux file, and you can change "SELINUX=enforcing" to "SELINUX=disabled" through software such as vim.

Turn off the firewall

There is also a firewall in CentOS similar to that in Windows. Iptables is used by default before CentOS7, and firewall is used by default after CentOS7. You can execute systemctl disable firewalld to disable the firewall. Otherwise, by default, even if you install server software such as Apache or Nginx or Tomcat, you will find that you still cannot access the corresponding port on other terminals, because the firewall is open and fewer ports are open by default (for example, port 22, connect with SSH).

Note: the above method for shutting down SELIUNX and firewall is only suitable for learning Linux server-related knowledge on the learning machine, the production environment with the machine or honest configuration.

Network settings for CentOS7

Set the IP of CentOS7

According to my experience, the default network IP configuration file name may change under CentOS7, you can check the files in the / etc/sysconfig/network-scripts directory:

The command is as follows:

Ls-lh / etc/sysconfig/network-scripts

The effect on my virtual machine is as follows:

This configuration file usually starts with "ifcfg-enp" and is "ifcfg-enp0s3" on my virtual machine, which can be edited through vim. Because I have a router at home, in order to facilitate the operation, VirtualBox uses the bridging mode, the router IP address is 12.168.60.1, so the static IP address of CentOS is also in the 192.168.60 network segment (the reason for using static IP is that you don't want to look at its dynamic IP every time you log in to CentOS7 through SSH).

The following figure is the content of / etc/sysconfig/network-scripts/ifcfg-enp0s3 by default when installing CentOS 7 in VirtualBox in the previous article:

This is the configuration information on another CentOS that has normal access to the virtual network:

Compared with the above figure, there are the following main differences:

"BOOTPROTO=dhcp" is changed to "BOOTPROTO=static", which means that the IP address is dynamically assigned to a fixed IP address (otherwise, every time the IP address changes, you have to change the IP address in the SSH client setting, which is quite troublesome).

"ONBOOT=no" is changed to "ONBOOT=yes", which means that the system automatically connects to the existing network after startup.

Add "IPADDR=192.168.60.148", because the get IP mode is changed from dynamic mode to fixed IP, so you need to specify a fixed IP address. Note: the actual IP address should be set according to the current network segment settings.

Add "PREFIX=24" to indicate the subnet mask. We know that IP4 is represented by 4 bytes, in order to identify that it will be converted to 10 forbidden when in use, such as 192.168.1.1, and each byte is 8bit, where 24 means that if the previous 24bit of another IP in the network segment matches it strictly, then the two IP are in the same subnet segment, and the subnet mask that expresses the same meaning when configuring the Windows network is 255.255.255.0.

Add "GATEWAY=192.168.60.1" to indicate the gateway address. Note: the actual IP address should be set according to the current network segment settings. I set the home router to 192.168.60 instead of the default 192.168.1 network segment of the router.

Set up domain name resolution

The domain name resolution server settings of CentOS7 are saved in the / etc/resolv.conf file and can be modified through vim / etc/resolv.conf. The following figure shows the domain name resolution settings in my current virtual machine:

The search principle of the domain name resolution server is the same as the event handling rules in the general program: if the nearest rule definition can be handled, it will be handled by the nearest handler, otherwise it will bubble to the higher-level handler. The DNS service is not used in the host and virtual machine. Although 192.168.1.1 and 192.168.60.1 are set as DNS servers, they have no way to resolve external domain names, so they will try to find an DNS server that can resolve external domain names. To be on the safe side, it is recommended to add the DNS provided by the telecom operator where the city is located.

Set hostname

The hostname settings of CentOS are stored in / etc/hostname, which can be modified through vim / etc/hostname, as follows:

[root@centos7 ~] # vim / etc/hostname

Centos7

Systemctl restart network.service

Multi-network card setting of VirtualBox

In general, it may not be useful to support multiple network cards in VirtualBox, but this is still useful in some cases, such as my present situation: I have pulled a telecommunications broadband at home, and the wireless router is set up in the living room to facilitate the whole family's mobile phone access, while the laptop is in the study. As mentioned earlier, hybrid mode is not supported when using bridge mode under the condition of WIFI. That is, the packets sent by the external network to the virtual machine cannot be filtered from the packets received by the host (the host and the virtual machine can communicate in bridging mode). At this time, we are faced with two choices: first, both the NAT virtual machine and the host can access the Internet, but the virtual machine cannot be accessed through the SSH client on the host computer, which is very inconvenient to use; second, using Bridged networking (bridging) means that the host can access the virtual machine and surf the Internet (you can use the SSH client), but the virtual machine cannot access the Internet.

Unwittingly found that the optical cat of telecom broadband provides two access points to take care of the general family situation, supporting the Internet and iTV respectively. The iTV has been used for several years, but now it is useless, so a network cable at the light cat is connected to the wireless router in the living room, one to the slot of the network cable in the study and finally to the laptop. In this way, the notebook in the study can use both WIFI and cable, so the CentOS7 in the virtual machine is configured with dual network cards, so that when the virtual machine uses WIFI, both the host and the virtual machine can access the Internet, and the host can access the virtual machine through SSH and so on.

This is why you can configure two networks (ifcfg-enp0s3 and ifcfg-Wired_connection_1, respectively) when you execute ls-lh / etc/sysconfig/network-scripts earlier.

The following is an animated demonstration of all the configurations in this article:

Disclaimer: this article was first posted on my Wechat Subscription account: zhoujinqiaoIT, and then it will be posted on my CSDN, 51CTO and oschina blog at the same time. I will be responsible for answering questions here.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.