Set up a minimal Ubuntu server in VirtualBox

These are my notes on setting up a minimal Ubuntu server in VirtualBox. The host is Windows Vista. I work in a mostly Java shop, so the focus here is on setting up a typical Apache/Tomcat/MySQL web stack with as small a footprint as I can, for development/testing purposes.

Initial setup:

• If you need to use port forwarding feature, get VirtualBox 2.1.2 (latest version as of time of writing). This feature is broken in 2.1.0.
• Download the minimal Ubuntu iso, install as normal. Make sure you have a working Internet connection, as this downloads the packages from the Internet. The minimal install will take up about 1Gb. Perl and Python are already included as part of the minimal install.
• Try pinging out from the server to test VirtualBox NAT is working.
• If network has problems, check /etc/udev/rules.d/70-persistent-net.rules to see which MAC address got mapped to eth0. you need to do this if you regenerate a new MAC address in VirtualBox.
• Set the correct timezone: dpkg-reconfigure tzdata

Install the following packages (note that you can combine them all into a single apt-get line):

• Sun JDK:  sudo apt-get install sun-java6-jdk
• Apache 2: sudo apache2
• MySQL: sudo apt-get mysql
• Postfix (for sending emails): sudo apt-get postfix
• Subversion: sudo apt-get svn
• SSH: sudo apt-get ssh

The following are installed manually, because Ubuntu’s packages include gcj dependencies (which takes up about 20 Mb), but we don’t need/want that because we are using Sun’s Java.

• Tomcat: download from http://tomcat.apache.org and follow the instructions from http://www.howtogeek.com/howto/linux/installing-tomcat-6-on-ubuntu/
• Ant: download from ant.apache.org and unzip. Move it to anywhere you wish (e.g. /usr/local/ant)
• Edit /etc/environment to set the necessary environment variables for the above:
  • JAVA_HOME, PATH, ANT_HOME

Install optional packages, for convenience:

• Zip: sudo apt-get zip
• Vim: sudo apt-get vim (vim-tiny is installed by minimal but has no syntax highlighting)

Let’s set up the port forwarding for the VM first before continuing. This will allow you to access apache and SSH. Do this when the VM is shut down, replace “UbuDev” with the name of your VM.

cd "\Program Files\Sun\xVM VirtualBox"
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/HostPort" 8888
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/GuestPort" 80
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/Protocol" TCP
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/HostPort" 2222
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/GuestPort" 22
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/Protocol" TCP
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/tomcat/HostPort" 8880
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/tomcat/GuestPort" 8080
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/tomcat/Protocol" TCP
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssl/HostPort" 8443
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssl/GuestPort" 443
VBoxManage setextradata UbuDev "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssl/Protocol" TCP

• Use PuTTY to check that you can connect to the guest SSH server through port 2222 on the host.
• For Apache, check that you can access the default “It works!” page at port 8888.
• Check Tomcat at port 8880 (Tomcat by default will be at guest port 8080).

Set up your site on Apache:

• Decide where to put your own document root, logs, ssl certs directories. I won’t go into details. Please read the Apache docs and examples.
• Set up a site and enable it:
  • Use “sudo a2ensite” and “a2dissite” to manage sites
• Enable mod_ssl (use “sudo a2enmod” and “a2dismod”). I won’t go into details of how to set up an SSL-enabled site. Please read the Apache docs and examples.
• Generate and configure new self-signed cert:
  • sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
• Note: If you try to use HTTPS on port 80 (host port 8888), VB proxy appears to return a “record too long” error. Check which port you are trying to access first before wasting time trying to Google for a solution!

Set up Tomcat:

• Set up logrotate for Tomcat (because we installed this manually). This is quite standard, you can get many examples from the Web.
• logrotate is run daily by default, see /etc/cron.daily

We’ll use mod_proxy_ajp (comes with Apache 2 out of the box) to connect Apache to Tomcat:

• Enable mod_proxy_ajp
• Secure the proxy first (from Apache docs):

      <Proxy *>
        Order Deny,Allow
        Deny from all
        Allow from [your allowed IP addresses]      
      </Proxy>

• Use ProxyPass and ProxyPassReverse to setup the connections to port 8009 (default ajp port)
• For the configured URLs, try to access them via port 8888 on the host.
• If ok, you can disable 8080 and 8443 HTTP handlers in tomcat config, so everything will pass through Apache.

Read Full Post »