Notes from the VirtualBox – Part 4

Configuring Ubuntu 18 Server

The single most critical bit of advice about configuring VBox and Ubuntu 18 server is to create the second network adapter in VBox BEFORE you install Ubuntu. If you install Ubuntu server and then create the second VBox network adapter, it takes a lot of screwing around to be able to communicate with it. And overall it doesn’t work as well as when it is configured from the beginning to use a second network adapter. It’s easier to just delete that VBox instance and reinstall than it is to make all the required changes.

That said, let’s get started.

Configuring VBox and Installing Ubuntu 18 Server 

Follow the instructions given in Part 1 and Part 2 of this series to set up a new VM for Ubuntu 18 server and installing it. The biggest difference in installing Ubuntu 18 server and Ubuntu 18 desktop is that you need to select the server .iso image at installation time. The server install process is not as pretty because it is text based but it’s still pretty much the same stuff. If you have installed Ubuntu desktop you should be able to install Ubuntu server.

TIP: One thing I found is that if you start the install process and then cancel it, the next time you try to start that VM it will NOT restart the install process. Instead, it will try to boot off the VM virtual disk and then will halt and ask for a bootable disk. Instead of trying to fix that VM, it’s easier to just right-click on the VM’s name (in the left-hand panel of VBox Manager) and remove it. You can then create a new VM configured as required, click the Start button, and then start the installation process again.

When it has finished the server installation, it requires a reboot. It will ask you to remove the install medium – you can just hit enter since there is no medium to install.

The first time it boots up it will probably stop for 2 minutes or so with a message that includes “Wait for Network to be Configured”. This message is caused by Ubuntu expecting an actual physical device to respond at the dhcp-assigned address of the second (virtual) network adapter. Fortunately, you can specify that the second network adapter is optional and the delay will be eliminated (described below). Less usefully, you can also just remove the VBox-defined second network adapter (Host-Only) to make the wait and the message go away.

Connecting to Ubuntu 18 Server

Starting with Ubuntu 17, the network setup has been handled with NetPlan which uses a “renderer” to configure the network. In Ubuntu 18 desktop the renderer is NetworkManager, a slick tool that automatically manages the network configuration. In Ubuntu 18 server, the renderer is networkd which configures the network using the settings specified in a configuration file in /etc/netplan (50-cloud-init.yaml for servers and 01-network-manager-all.yaml for desktops).

First, let’s see how the network adapters are setup by default. Display info about your network adapters using the ip command as shown below:

sudo ip address show
Default settings for two network adapters

All three devices are named automatically. Device 1 is named “lo” for loopback and this one is always provided. Device 2 is named enp0s3 and this is the NAT network adapter – this is the device that talks to the internet. Device 3 is named enp0s8 and this is the Host-Only network adapter – this is the device that can communicate with other systems in your computer, either the host machine or one or some of the other guest machines.

The configuration file that produced this setup can be viewed as follows:

sudo nano /etc/netplan/50-cloud-init.yaml
Default server netplan file

Note that both addresses are automatically assigned using dhcp. The NAT device always gets but the Host-Only devices receives, except that the 101 gets incrementally higher with each restart (so .101, .102, .103, etc.). Which means that if you want to set up Filezilla or putty or your browser to communicate with your VBox server, you will always have to check what your server’s address is before you try to connect to the server.

Fortunately, it’s easy to set up your server so the Host-only network adapter is assigned a static address. The following screenshot shows the changes that need to be made.

Modified Network Adapter Configuration File

A new second line has been added that specifies that the renderer is networkd. This ensures that the configuration file is used to setup the network adapters.

The enp0s8 device (the Host-Only network adapter) has two lines modified and four lines added. The first modification changes the first addresses entry to specify the desired static ip address; I chose 222 because it was unlikely to get mixed in with any dynamically assigned ip addresses that started with 101. The second modification changes the dhcp4 line to no (it used to say true.

The gateway4, nameservers, and second addresses lines were just copied from other examples on the internet. The most important line is the optional: true line. This is what will prevent your boot process from waiting for two minutes for the static ip address to respond.

When the changes have all been made, save the file and exit. Then execute the following command:

sudo netplan apply
The Host-Only Network Adapter is Now Assigned to

The default configuration of the Ubuntu 18 servers should have openssh installed automatically. Let’s check:

sudo ufw enable
sudo ufw status
sudo ufw app list

If the Uncomplicated FireWall (ufw) has already been enabled, it will ask if you want to duplicate it; if so, cancel the enable command. The ufw status command will probably respond that it is active. The command ufw app list will show all of the applications installed that could be process thru the firewall; mine only shows OpenSSH. If your server does not list OpenSSH, refer to Part 3 for instructions on installing OpenSSH. Once OpenSSH is available on your server:

sudo ufw allow openssh
sudo ufw status
Allowing OpenSSH thru ufw and Its New Status

It also would have been possible to allow port 22 instead of allowing OpenSSH but I believe the advantage of specifying the software instead of the port number is that if I wanted to SSH into my machine on a non-standard port (such as 5336), I could configure OpenSSH accordingly and the firewall would automatically adjust (although a reboot might be required). If I specified the exact port number, I would have to specify the exact port number in ufw; no problem there but then I’d have to decide if other applications might use port 22 and if I wasn’t certain, I’d probably leave port 22 open, which is less than ideal because it would leave an extra surface available to be attacked.

To complete the communications setup, the Ubuntu server needs to have Apache (or the web server of your choice) installed. Refer to the instructions in Part 3 of this series or other instructions available on the internet for help installing a web server.

Once you have your web server installed, be sure to issue the following command:

sudo ufw allow apache2
sudo ufw status

Your web server should now be available inside the VBox.

Leave a Reply

Your email address will not be published. Required fields are marked *