This post has been sitting in my drafts folder for quite some time now. It was easier to set everything up than to find spare time to do a write-up.
What’s the Big Idea?
While studying for LPIC and RedHat certifications, I always had a need to test different things on various Linux platforms in order to learn how they work (or don’t). At some point this has become fairly frustrating due to haphazard management, and I came up with a brilliant at the time idea of setting up my own home lab environment where I could easily provision new virtual machines to play around with.
Why Linux Home Lab?
Simply because the host OS that runs virtualisation is CentOS Linux, and guests that I use are Linux systems as well. However, don’t get yourself confused, this home lab can be used to run *BSD, Debian, Solaris or Windows guests too.
Well. Some people say Porsche. Some people say Porsh-uh. I don’t choose sides. I let the car do the talking. OK. Fine. I say Porsh-uh. It’s longer. Better chance someone will overhear me talking about it. Porsh-uhhhh.
I stuck with Oracle VirtualBox many years ago, although nowadays I also use the Xen Project Hypervisor and KVM (Proxmox). It does the job well, is cross-platform, easy to set up (type 2 hypervisor) and software is free of charge. A personal preference for my home environment, I guess.
You can get one of those 1TB USB 3.0 military-grade shock resistance portable hard drives, get it fully LUKS encrypted, put NTFS filesystem on top and use with VirtualBox on both Linux and Windows computers. You’ll need FreeOTFE or LibreCrypt for Windows, it works fine on Windows 7, but I didn’t test with any other version, so YMMV. You end up having all of your virtual machines stored on an encrypted portable disk, with USB 3.0 giving a fair amount of speed to run multiple VMs simultaneously.
Needs for the Home Lab
I need a home lab where I can provision and run multiple Linux (mainly CentOS) boxes for various testing purposes (web, database, proxy, email, LDAP etc.) even when there is no Internet access available. This, however, must not prevent me from installing packages on any of those virtual machines.
All virtual machines have to reside on a single local area network (LAN) so that they can communicate with each other assuming that local firewall (iptables, firewalld) is configured to permit this.
Moreover, there needs to be a central management server on the LAN so that I don’t have to configure basic things like addresses or DNS on newly provisioned machines myself. The central management server should, at least, do the following:
- Act as a DHCP server to provide leases for DHCP clients.
- Act as a DNS server (with internal zones).
- Act as an NFS server for file sharing.
- Provide NTP services for time configuration and sync.
- Contain a local repository of packages available to clients. I’m talking about Spacewalk here.
- Work as a mail relay so that clients can send emails out if required.
- Apply some basic security configuration to clients. This includes firewall configuration, SELinux, Linux security limits, kernel sysctl configuration etc.
- Ideally, provision clients as a database or a web server, depending on their role. I’m talking about Puppet here. This can then be extended further.
All virtual machines have to have an easy access from the PC they are hosted on. I’m referring to the Host-only VirtualBox networking mode.
Home Lab Networking
The network schema for the home lab is very basic. It can be seen below.
VirtualBox LAN is on 10.8.8.0/24. This is a Host-only network (see https://www.virtualbox.org/manual/ch06.html) with a VirtualBox built-in DHCP server disabled.
There is a Puppet management server, that has two network interfaces: eth1 is a Host-only network with a static IP address of 10.8.8.2, eth0 is a NAT network for Internet access. Other servers are test boxes used for illustrative purposes only. They all have an eth0 Host-only network adapter attached (with no Internet access) and get IP leases from the Puppet DHCP server. By design, the only server that can access the Internet is the master Puppet server.
Optionally, the Puppet server can be configured as a router to provide Internet access to other virtual machines.
Check this blog post for how to configure Linux server as a router.
CentOS Template and The Master Server
UPDATE: as of April 2016, my home lab is on CentOS 7. The set up is practically the same, the major difference is that you need to replace service/chkconfig with systemctl, and use firewalld (or disable it and use iptables).
The way I see it all working is quite simple. There is a CentOS 6.7 (minimal) VirtualBox template created with a Spacewalk client already installed. I should update to CentOS 7 at some point, I know. Eventually. Moreover, the template has a Puppet agent deployed with a default server role that is pre-defined (check Part 7 for more details on server roles).
There is a Puppet master server set up, that acts as a Puppet master (surprise surprise), plus contains Spacewalk for software content management. On top of that, the server provides DHCP, DNS, NTP and SMTP relay services to clients.
When a new virtual machine is manually provisioned from the CentOS template, it boots up and gets an IP address lease from the DHCP server. Then with a bit of manual work, I can SSH and get the VM registered with Spacewalk, and run a puppet agent test. This will then push NTP, SMTP etc. configuration from the Puppet master. You get the idea. And there is much more that could be automated.
Setting up the Management Server
The main emphasis here is put on setting up the management Puppet server. The whole lab environment is deployed on my laptop. It’s an octa-core (VT-x, VT-d) machine with 12GB of RAM and a second HDD installed to store VirtualBox images.
The Puppet server has the following specs:
- 2 CPU cores
- 6GB of RAM
- 4GB swap
Once the CentOS template and the management server are created, I can use the lab pretty much anywhere I go, even with no Internet access.
I do have VirtualBox 5 with a GUI installed on my machine, however, the first part that covers VirtualBox setup is dedicated for a headless machine (no GUI). This is for advanced users as we all know how easy it is to install VirtualBox on a GUI based machine, don’t we?
Below is the list of steps that leads to the creation of the management server.
Part 1: Setup VirtualBox 5.0 on a Headless CentOS 6 Server
Part 2: Setup BIND DNS Server on CentOS 6
Part 3: Setup NTP Server on CentOS 6
Part 4: Setup DHCP Server on CentOS 6
Part 5: Setup Postfix to Relay Mail to an External SMTP Server on CentOS 6
Part 6: Setup Spacewalk 2.4 on CentOS 6
Part 7: Setup Puppet Server with Hiera on CentOS 6
Part 8: Setup NFS Server on CentOS 6
Great article, thanks a lot for sharing. I was looking for setting a home lab myself. Any chance to turn the Puppet server into a router so that other boxes can access the Internet, say over HTTP?
Hi Sado, yes, that’s a good point. I’ve updated the article and included the link to the blog post showing how to configure CentOS as a router.
Thanks for your work!
Fantastic work. Thanks a ton.
You’re welcome Amit.
been searching for a guide, this will help TONS for my LPIC Cert
You’re welcome Jason.
do you have an updated article series for setting up the home lab with CentOS 7.x?
I don’t because 90% of CentOS 6 configuration that is used here will work on CentOS 7. In most cases it’s a matter of replacing chkconfig with systemctl and using iptables instead of firewalld.
Can this puppet server be replaced by Ansible to manage all the nodes in our home lab environment.
It can be replaced with any configuration management software that you like. I used Puppet because I was studying for EX405, but Ansible would have also done the job.
Just wondering what anticipated changes are there to make this all KVM as I have a physical CentOS6 setup up with KVM already?
Thank you! I wrote blog series about my KVM lab here. In reality it should be fairly straightforward to create KVM guests and replicate VirtualBox guest configuration.
I plan on taking my machine (Intel I7; 64 G RAM; 4 – 4TB WD Black configured RAID-1) and make this my home lab using KVM.
I favor KVM because I was exposed to it to lean virtualization in our lab at work before being allowed to us the main VMWare systems at work. Now that I am retired KVM Is all I know.
If you have experience with KVM, then go for it. Chances are any hypervisor will do the job for you unless you have some specific homelab requirements.
Your approach to getting your Virtual Lab in your laptop looks really interesting.
But unfortunately, have some deficiencies from my point of view.
If someone would like to do the same job as you, have almost all the information to replicate it and it’s well documented and self-explanatory, but lacks about some important details like how much CPU/Memory/HDD you assigned to your Master Copy of Centos 6 that will handle the Puppet Master, SpaceWalk, DNS, NTP, Postfix, NFS, etc.
That could be important and desirable to be able to create a copy of your setup.
Note: You only mention that your Virtual Lab it’s with you in a Laptop with 12 GB RAM and the HDD it’s provided by external disk (HDD) we can find in the provision script that the memory consumption will be low, but we don’t know how many CPU’s, HDD’s and Memory is using your Master.
Thanks, you are right, I didn’t add that info, sorry about that.
The master server has 2 CPUs, 6GB of RAM and 4GB of swap.
I’ve also updated the article.
One last question.
Is it not simpler to set up a FreeIPA instead of your configuration?
I mean, FreeIPA, have LDAP, IDaM, BIND (DNS) and you can set up apart the Puppet Master and NTP.
Just to understand completely.
The Puppet Master/Spacewalk are the same VM or not?
I mean, all the Parts are to set-up the LAB that consist in the Puppet Master/Spacewalk/NTP/DNS … etc
I used this VirtualBox homelab several years ago, and back then, I didn’t need FreeIPA. While FreeIPA has its advantages, it also brings in a layer of complexity.
I did use FreeIPA in my other homelab here. FreeIPA can be a bit too much sometimes, that’s why I still OpenLDAP (in a master/slave replication).
At the end of the day it’s really up to you. It’s your homelab, you get to set it up the way you want. If you feel you will be better off by using FreeIPA, then go for it.
The Puppet master and Spacewalk are on the same VM, that’s correct. All services are configured on the same VM.
Long time and didn’t start with the setup my lab yet. :'(
You tell about the size of the SWAP but what about the HDD, and the LVM Structure or partitions?
Thanks for all your answers, you’re great.
Hi, check Spacewalk setup requirements.
How many HDD’s do you have in the Puppet Master?
LVM Layout, please.
Thanks in advance.
Laptop has two disks: SSD to run the host OS, and HDD to store VirtualBox images. I also have a 1TB external HDD (USB 3.0) connected which acts as a backup drive, and can also be considered as a portable homelab (since all images are on the drive, I can plug it into any PC that has VirtualBox).
I don’t remember the LVM layout to be honest, I would need to check. If that’s a concern, then simply create a large volume group, and add new partitions as you configure different services (e.g. Spacewalk).
I mean the Virtualbox Disks configuration.
A 70GB disk should do, depending on how many Spacewalk repositories you plan on syncing.
great Job, thanks a million
I’ve changed my direction and I will be using VirtualBox because at least one of my VM’s will be a new version of OS/2 called ArcaOS which isn’t supported on KVM.
I’m looking at the network chart and I would like to know how many physical machines are being used? If these are virtual servers, could the switch be openVSwitch?
The whole lab environment is deployed on my laptop. You can use any virtual switch that works for you. I used host-only networking therefore VirtualBox took care of it.
If I’m placing this lab on a single physical machine running CentOS 6.10 x86_64. I noticed that your diagram is showing a switch (both a LAN switch and a VBox switch), would it be OK to use a OpenVSwitch configuration?
I’m assuming that the VirtualBox is running on the physical machine (KVM will run nested), how many physical NICs are being used (my physical machine has 5 NICs with one being used for the Bridge network)?
So, it looks like there is 1 physical machine and 7 virtual machines – based on what’s being described which one of the virtual machines could be used for CMS testing – or do I need a separate VM?
You can use any switch solution that does the job for you. You are right, VirtualBox is running on a physical machine, and it has 2 NICs.
The image with 7 VMs is for illustrative purposes only, you can run as many VMs as your want (as long as you have hardware resources available).
Virtual machines can have multiple virtual NICs created if that’s what you need. With regards to CMS testing, it’s up to you.
I’ve a new machine and I want to create a lab using CentOS 7. I love the directions above but it’s time to upgrade from CentOS 6 to CentOS 7. How exactly did you do that? This new machine I’ve got is just sitting there ready for CentOS installation.
I agree. I wrote this article in 2015 when CentOS 6 was very popular. I have since upgraded to CentOS 7 and moved away from using VirtualBox to KVM.
Have a look at my CentOS 7 homelab set up here: https://www.lisenet.com/2018/homelab-project-with-kvm-katello-and-puppet/
I’ll be upgrading to CentOS 8 at some point in the future.