Virtualbox - ghdrako/doc_snipets GitHub Wiki

VirtualBox

VirtualBox since 6.1.x now requires VT-x/AMD-v to be available for all VMs, whether 32bit, 64bit, single or multiple vCPU and so on. VirtualBox requires hardware support for virtualization (Intel VT-x or AMD-v) in order to run certain categories of VM. This includes all 64bit VMs, and all VMs which use >1 CPU core.

Credential Guard - virtualizes the LSA to isolate security operations (opposed to credentials being stored in process memory like in traditional LSA). To make use of this, you must enable the Hyper-V Hypervisor, which always conflicts with VirtualBox.

 \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\CredentialGuard\Enabled set to 0

\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Hypervisor, click on HypervisorLaunchType and set value to 0

Aby sprawdzić, czy CG jest włączony, należy uruchomić aplet "Informacje o systemie"

Aby sprawdzic czy jest w trybie Native API najechac na dole w VBox na ikone zielonego zolwia. Jesli ikona jest zielona to znaczy ze nie wykorzystuje akceleracji sprzetowej - wolno. Jak jest wyszarzony (cpu virtualization is working.) to jest wsparcie sprzetowe - szybko

The green turtle means fallback to a slower, emulated mode.

Commands

List VMs

VBoxManage list vms
VBoxManage list runningvms

Start VM

VBoxManage startvm  <uuid|vmname>...
                    [--type gui|sdl|headless|separate]
                    [-E|--putenv <NAME>[=<VALUE>]]

VBoxManage startvm "ubuntu22"
VBoxManage startvm "Trusty Tahr Clean Copy" --type gui
VBoxManage startvm <id>
VBoxManage startvm <id> --type headless # VBoxHeadless --startvm <uuid|name>

Stop VM

VBoxManage controlvm  <uuid|vmname>
                      pause|resume|reset|poweroff|savestate|

VBoxManage controlvm "ubuntu22" poweroff
VBoxManage controlvm "Trusty Tahr Clean Copy" savestate
VBoxManage controlvm <id> stop

Create VM

VBoxManage createvm  --name <name>
                     [--groups <group>, ...]
                     [--ostype <ostype>]
                     [--register]
                     [--basefolder <path>]
                     [--uuid <uuid>]
                     [--default]

Change relative VM time

VBoxManage modifyvm <id> -biossystemtimeoffset <offset in [ms]>

Interrupt network

VBoxManage controlvm <id> setlinkstate1 off

Note: the difference of controlvm vs modifyvm is that the first one is for running machines. They both have the same parameter syntax, but controlvm doesn’t support all of them.

Network

Typ VM<->VM VM->Host VM<-Host VM->LAN VM<-LAN
Not attached - - - - -
NAT - + Port Forward + Port Forward
NAT Network + + Port Forward + Port Forward
Bridge + + + + +
Internal Network + - - - -
Host-only + + + - -

Not attached

Emulate network connection is missing, much like when you unplug the Ethernet network cable when using a physical network adapter. This mode can be useful for testing. For example, you can enable this network mode for a short time to emulate unplugging the cable. When you disable the Not Attached mode by switching to another network mode, the network connection becomes available again. You can also check whether a DHCP client obtains the IP address correctly, whether the appropriate application can resume downloading after link interruption or packet loss, and so on.

NAT

This network mode is enabled for a virtual network adapter by default. A guest operating system on a VM can access hosts in a physical local area network (LAN) by using a virtual NAT (Network Address Translation) device. External networks, including the internet, are accessible from a guest OS. A guest machine is not accessible from a host machine, or from other machines in the network when the NAT mode is used for VirtualBox networking. This default network mode is sufficient for users who wish to use a VM just for internet access, for example.

Shared folders

potrzebne Guest Addition W konfiguracji vm-ki w udostepnione foldery

Foldery maszyny i zaznaczyc Automatyczne montowanie i Ustaw na stale

Take effect after reboot or logout
sudo adduser $USER vboxsf
# On Suse it's 
sudo usermod --append --groups vboxsf $USER

View configs

VBoxManage showvminfo "boot2docker-vm"

Enabling DNS proxy in NAT mode

By default boot2docker cannot access host file(/etc/hosts) configurations in host machine, to enable this following command can be used

VBoxManage modifyvm "boot2docker-vm" - natdnshostresolver1 on

Port forwarding

Incoming traffic for host machine tcp/udp ports can be forward to vm port by following command

# tcp rule
VBoxManage controlvm "boot2docker-vm" --natpf1 "tcp-port7070,tcp,,7070,,7070";
# udp rule
VBoxManage modifyvm "boot2docker-vm" --natpf1 "udp-port9090,udp,,9090,,9090";
# delete rule
VBoxManage modifyvm "boot2docker-vm" --natpf1 delete "tcp-port7070"

Connect to boot2docker

We can connects to boot2docker vm via ssh

boot2docker ssh

Config file

Boot2docker config file uses as the docker config

/var/lib/boot2docker/profile

Following is an example config file content, in here I have defined two configurations(disable tls and define insecure registry)

Disable TLS

By default docker runs with TLS enable. To disable it add following content to boot2docker profile. More info

DOCKER_TLS=no

Insecure registry

Docker default supports for secure registries with TLS enable, to have insecure registries following content need to be added to boot2docker config file

EXTRA_ARGS=" --insecure-registry=10.4.1.110"

Increase boot2docker vm size

boot2docker space and memory information can be defined in boot2docker profile at ~/.boot2docker/profile

# vm disk image size in MB (60GB)
DiskSize = 61440
# vm memory size in MB(6GB)
Memory = 6144
To apply this configuration boot2docker need to be reinitialize.
# destroy running boot2docker
boot2docker stop
boot2docker destroy
# reinitialize
boot2docker init
boot2docker start

New configuration can be viewed from boot2docker

# connect to boot2docker
boot2docker ssh
# memory info
cat /proc/meminfo

Wylaczenie Hyper-V

  1. Shut down all programs. You will have to shut down, unplug, and restart your host.
  2. Look into I have a 64bit host, but can't install 64bit guests, 2nd post, points 2 & 3 and ensure that none of these things are running: Hypervisor protected Code Integrity (HVCI), also known as Memory Integrity (see fth0's post below) DeviceGuard (See InfoSecDr's post below) Memory Integrity (See fth0's post below) Secure Core (See Mpack's post below) CredentialGuard Windows Defender's Core Isolation
  3. Find the Command Prompt icon, right click it and choose Run As Administrator.
  4. Enter this command:
bcdedit /set hypervisorlaunchtype off

Some report this command was needed also:

DISM /Online /Disable-Feature:Microsoft-Hyper-V

  1. Enter this command:
shutdown -s -t 2
  1. When the computer turns off, unplug it for 20 seconds. Then plug it in again and boot up again.
⚠️ **GitHub.com Fallback** ⚠️