home Rostelecom

Installing and configuring kvm centos 7. Install CentOS in VirtualBox. Connecting to a virtual machine

In continuation of the games with the organization of virtual Windows on a dedicated server, I decided to try the taste of KVM, because until that moment, VMware and VirtualBox products were always enough for my eyes. And then on one of the forums I read an angry tirade of some comrade about the fact that only idiots put VirtualBox where you can put KVM.

Well, I decided to take a look. I must say that in my understanding, VIrtualBox is a little more dreary than KVM, but it is easier to manage and there are no hemorrhoids with grid settings, although it may be inferior in functionality. What can not be said about ESXi. But first things first.

I set it as standard on CentOS 6.7, including the gestures we start with updating the system:
# yum -y update

We look at whether hardware virtualization is supported by the processor, because KVM requires support for Intel VT or AMD-V for its operation
# egrep -i "vmx|svm" --color=always /proc/cpuinfo
the output should contain either vmx or svm

Check SELinux Access Control Status
# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
policy version: 24
Policy from config file: targeted

theoretically, it can interfere with access to disks, so it must either be correctly configured to work with the images folder, or cut off, which is naturally easier for me - in the /etc/selinux/config file, change the value of the SELINUX parameter to disabled and reboot the machine
SELINUX=disabled

Importing GPG Keys for Packages
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
We put all the stuffing: kvm itself, the libvirt virtual machine management API, virtinst for creating virtual machines and the qemu-kvm hypervisor
# yum -y install kvm libvirt python-virtinst qemu-kvm

We start libvirt and prescribe the autoload module
# /etc/init.d/libvirtd start
# chkconfig libvirtd on

Check how KVM installed and started (there should be 0 errors in the output)
# virsh -c qemu:///system list
Id Name State
—————————————————-

We install a network bridge to connect guest machines to an external grid and a terrible, terrible entornet
# yum install bridge-utils

Create a network bridge config similar to the network interface settings, but with a slight difference:
# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br0

###### /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=bridge
ONBOOT=yes
BOOTPROTO=none
NM_CONTROLLED=yes
IPADDR=SERVER_IP
PREFIX=24
GATEWAY=GW_IP
DNS1=8.8.8.8
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System br0"
##################
then we edit the settings of the main interface, commenting on the BOOTPROTO, IPADDR, PREFIX, GATEWAY, DNS1 parameters and setting the network bridge
###### /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
#BOOTPROTO=none
HWADDR=01:2e:32:ab:9f:1e
#IPADDR=SERVER_IP
#PREFIX=24
#GATEWAY=GW_IP
#DNS1=8.8.8.8
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
BRIDGE=br0
##################

Now we restart the grid and see what happened - we should show 4 interfaces:
br0 with main IP
eth0 no IP
lo 127.0.0.1
virbr0 with virtual router's internal IP

check the status of our network bridge:
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.002215ab999d no eth0
virbr0 8000.52540052c0e1 yes virbr0-nic

theoretically, you can speed up the network bridge by adding the following parameters to the /etc/sysctl.conf file:
net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-iptables=0
net.bridge.bridge-nf-call-arptables=0

Now let's move on to creating a directory for storing virtual machine images and iso dist images.
# mkdir /usr/vm/iso
# mkdir /usr/vm/vm-images

by default, all machine images, disk images, etc. are stored in /var/lib/libvirt/ but I decided to show off and cut the disk in the best old-school partitioning traditions, so take this into account when installing the server, or you will have to delete the original storages and link as me, on /usr

# rm -Rf /var/lib/libvirt/images
# ln -s usr/vm/iso /var/lib/libvirt/images

After all this preparation, we are trying to create a virtual machine under Windows 7 with 2 virtual processors, 4Gb RAM, 30Gb HDD, storing the image in the /usr/vm/vm-images folder and the windows7.iso image that we downloaded earlier to the /usr/vm folder /iso

# virt-install --connect=qemu:///system -n win7 -r 4096 --vcpus=2 --disk path=/usr/vm/vm-images/win7.img,size=30 -c /usr /vm/iso/windows7.iso --vnc --noautoconsole --os-type windows --os-variant win7 --accelerate --network=bridge:br0 --hvm

If everything is fine, then we will see the process of creating a disk. On this solemn note, you can proceed to setting up the machine, and here lies the real ambush, because if you work from under Windows, then from the options there is either control via ming through putty-ssh, but this requires X Windows on the server side, or a completely incomprehensible virtual viewer tool, which I could not get to work. Therefore, all I could find was either this external service that allows you to hook up your KVM to their admin panel; or install your own web admin panel based on Webmin Cloudmin GPL.

It should be noted here that the grid initialization line –network=bridge:br0 will allow you to use a public IP on a virtual machine, while if you want to sit in a virtual local area and exit it to the Internet, then you need to put another operator –network=bridge:virbr0 what I missed during installation, including then I had to change it manually in the virtual machine settings file /etc/libvirt/qemu/win7.xml.

Machine control in the CLI is carried out through virsh (virtual shell) which we get from command line shell:
# virsh --connect qemu:///system
Welcome to virsh, the virtualization interactive terminal.
Type: 'help' for help with commands
‘quit’ to quit
virsh#list -all
Id Name State
—————————————————-
2 win7 running
virsh #shutdown win7
Domain win7 is being shutdown
virsh #start win7
Domain win7 started

I have a freshly installed CentOS 7 server on a VDS with KVM virtualization.

I will talk about how to make the basic configuration of the server to use it in any capacity at your discretion. It could be web server, vpn server , server monitoring a.

I will talk about the initial settings of the CentOS system, which increase the security and usability of the server. I note that in the 7th version of the system there have been some changes compared to previous versions.

Introduction
Initial setup of CentOS 7
Specify network parameters
Setting up a firewall
Configuring SSH on CentOS 7
Setting up the time
Adding repositories
Conclusion
Video on setting up CentOS 7

Introduction

Initial setup of CentOS 7

So, we have:

# uname -a
Linux zeroxzed.ru 3.10.0-123.20.1.el7.x86_64 #1 SMP Thu Jan 29 18:05:33 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

First of all, let's update the base system:

# yum -y update

For ease of administration, I always install Midnight Commander, or just mc:

#ifconfig

And you will see the answer:

Bash: ifconfig: command not found

At least when I first saw it, I was pretty surprised. I thought that I made a mistake in writing the command, I double-checked everything several times, but without result. It turned out that I had to separately install the package to run ifconfig and other network utilities.

Instead of ifconfig in CentOS 7 is now a utility ip. I do not understand why sawing separate programs for management network settings if ifconfig does the job just fine. In addition, I always liked that in various Linux distributions everything is about the same. Using ifconfig, you can configure the network not only in linux, but also in freebsd. It's comfortable. And when each distribution has its own tool, this is inconvenient. So I suggest installing the usual ifconfig.

Let's do it:

# yum -y install net-tools.x86_64

Now, in order for the nslookup commands to work for us or, for example, host, we need to install the bind-utils package. If this is not done, then the command:

# nslookup

There will be an output:

Bash: nslookup: command not found

So install bind-utils:

# yum -y install bind-utils

Disable SELinux. Its use and setup is a separate conversation. Now I won't do it. So let's turn it off:

# mcedit /etc/sysconfig/selinux

change the value SELINUX=disabled

For the changes to take effect, reboot:

# reboot

Specify network parameters

Now let's configure the network in CentOS. To do this, open the file /etc/sysconfig/network-scripts/ifcfg-eth0

# mcedit /etc/sysconfig/network-scripts/ifcfg-eth0

In the IPADDR field, enter your address, in the NETMASK network mask, in the GATEWAY gateway, DNS1 address of the dns server. Save the file and restart the network to apply the settings:

# /etc/init.d/network restartSet up firewall

I considered the issue of setting up iptables in CentOS 7 in great detail separately. Now we will quickly and easily configure the firewall. In CentOS 7, iptables acts as a firewall. By default it is running. To view the current rules, you need to enter the command:

# iptables -L -v -n

I want to warn you right away that without having access to the server console, setting up a firewall is a bad idea. Even if you understand very well what you are doing and have done this many times, there is still a chance to be left without access to the server. So first of all, before setting up iptables, we check access to the console through KVM or physically.

In the 7th version of CentOS, a new tool called firewalld has been developed to manage iptables and all management is done through it. I didn’t understand why they did it, and I can’t say whether it became more convenient with him or not. For me, it's more convenient to use the same iptables developments. Migrating from server to server and from distribution to distribution, I simply edit the firewall settings script.

But for some reason CentOS came up with firewalld, Ubuntu has ufw, but the essence is the same - these are utilities for configuring iptables, which is the same in all distributions. I'm used to managing iptables through a self-written script, which I transfer from server to server and edit for specific needs. I will share this script. So first, stop and disable firewalld:

# systemctl stop firewalld
# systemctl disable firewalld
rm "/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service"
rm "/etc/systemd/system/basic.target.wants/firewalld.service"

Install utilities for iptables:

# yum -y install iptables-services

Enable iptables autostart:

# systemctl enable iptables

Now let's create a file /etc/iptables_rules.sh with the following content:

#!/bin/bash
#
# Declaration of variables
exportIPT="iptables"

# Interface that looks at the Internet
export WAN=eth0
export WAN_IP=149.154.71.205

# Clear all iptables chains
$IPT -F
$IPT -F -t nat
$IPT -F -t mangle
$IPT -X
$IPT -t nat -X
$IPT -t mangle -X

# Set default policies for traffic that doesn't match any of the rules
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP

# allow local traffic for loopback
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT

# Allow outgoing connections from the server itself
$IPT -A OUTPUT -o $WAN -j ACCEPT

# The ESTABLISHED state indicates that this is not the first packet in the connection.
# Skip all already initiated connections, as well as their children
$IPT -A INPUT -p all -m state --state ESTABLISHED,RELATED -j ACCEPT
# Skip new, as well as already initiated and their child connections
$IPT -A OUTPUT -p all -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow forwarding for already initiated connections and their children
$IPT -A FORWARD -p all -m state --state ESTABLISHED,RELATED -j ACCEPT

# Enable packet fragmentation. Required due to different values MTU
$IPT -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

# Drop all packets that cannot be identified
# and therefore cannot have a defined status.
$IPT -A INPUT -m state --state INVALID -j DROP
$IPT -A FORWARD -m state --state INVALID -j DROP

# Causes system resources to be tied up, so the real
# data exchange becomes impossible, cut off
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
$IPT -A OUTPUT -p tcp ! --syn -m state --state NEW -j DROP

# Open a port for ssh
$IPT -A INPUT -i $WAN -p tcp --dport 22 -j ACCEPT
# Open port for DNS
$IPT -A INPUT -i $WAN -p udp --dport 53 -j ACCEPT
# Open port for NTP
$IPT -A INPUT -i $WAN -p udp --dport 123 -j ACCEPT

# Logging
# Everything that is not allowed, but breaks, will be sent to the undef chain

$IPT -N undef_in
$IPT -N undef_out
$IPT -N undef_fw
$IPT -A INPUT -j undef_in
$IPT -A OUTPUT -j undef_out
$IPT -A FORWARD -j undef_fw

# Log everything from undef

$IPT -A undef_in -j LOG --log-level info --log-prefix "-- IN -- DROP "
$IPT -A undef_in -j DROP
$IPT -A undef_out -j LOG --log-level info --log-prefix "-- OUT -- DROP "
$IPT -A undef_out -j DROP
$IPT -A undef_fw -j LOG --log-level info --log-prefix "-- FW -- DROP "
$IPT -A undef_fw -j DROP

# Write down the rules
/sbin/iptables-save > /etc/sysconfig/iptables

In principle, there is nothing to add, all comments are given in the file. In this form, the logs of everything blocked will be written to the /var/log/messages file and there will be a lot of entries there. So in normal work, these lines should be commented out, and used only during debugging. A more detailed description of the rules and examples of firewall settings in the case when your server is a gateway local network, is given at the link at the beginning of the section.

We make the file with the rules executable and run:

# chmod 0740 /etc/iptables_rules.sh
# /etc/iptables_rules.sh

Check if the rules apply:

# iptables -L -v -n

Each time the iptables rules file is run, all changes are written to the /etc/sysconfig/iptables file and applied when the system boots.

Configuring SSH on CentOS 7

Next, we'll make some changes to how ssh works to increase security. By default, the service runs on port 22, and if everything is left as it is, then we will get a huge number of attempts to log in. Bots scan the internet continuously and guess ssh passwords. To protect ourselves from scans of simple bots, we will change the port on which ssh is running. You can choose any five-digit number, it doesn't matter. This will protect against automatic scanning.

Hang up the ssh daemon on port 25333. To do this, edit the file /etc/ssh/sshd_config

# mcedit /etc/ssh/sshd_config

Uncomment the line Port 22 and replace the value 22 with 25333.

I also usually allow the root user to connect via ssh. It's more comfortable for me. I never had any problems with this. If you think it's not safe, don't touch this setting. To allow the root user to connect via ssh, uncomment the PermitRootLogin yes line.

We save the file. Now be sure to change the iptables settings, add port 25333 instead of 22 to the allowed connections. If this is not done, then after restarting sshd we will lose remote access to the server. So, open /etc/iptables_rules.sh and change in the line

$IPT -A INPUT -i $WAN -p tcp --dport 22 -j ACCEPT

22 by 25333 and execute the file.

Our current connection will not break, since it has already been established, but it will not work to reconnect via ssh to port 22.

Restart sshd:

# systemctl restart sshd

Check which port sshd is listening on:

# netstat -tulpn | grep sshd
tcp 0 0 0.0.0.0:25333 0.0.0.0:* LISTEN 1799/sshd
tcp6 0 0:::25333:::* LISTEN 1799/sshd

If the output is the same as mine, then everything is in order, now you can connect to ssh on port 25333.

Setting up the time

You can find out what time it is on the server using the date command:

To change the time zone, you must select the appropriate time zone file in /usr/share/zoneinfo. If you have the Moscow time zone, do the following:

# mv /etc/localtime /etc/localtime.bak
# ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime

Install the time synchronization utility on CentOS:

# yum install -y ntp

One-time synchronization of time:

# /usr/sbin/ntpdate pool.ntp.org

If ntpdate does not work, see the material, maybe this is your case. Let's start the synchronization daemon and write its startup to autoload:

# systemctl start ntpd
# systemctl enable ntpd
ln -s "/usr/lib/systemd/system/ntpd.service" "/etc/systemd/system/multi-user.target.wants/ntpd.service"

Now our clock will automatically synchronize with the time server.

More details about this topic are written separately in my material - installation, configuration and time synchronization in CentOS.

Adding repositories

To install various software, you need to connect repositories in CentOS. The most popular are EPEL and rpmforge, so let's add them. First we install EPEL. Everything is simple with him, he is added from the standard repository:

# yum -y install epel-release

Install rpmforge:

# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
# yum -y install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

Installing iftop, atop, htop on CentOS 7

And finally, let's add some useful utilities that may come in handy during server operation.

iftop shows in real time the loading of the network interface, can be started with various keys, I will not dwell on this in detail, there is information on this topic on the Internet. We put:

# yum -y install iftop

And two interesting task managers, I use htop most of the time, but sometimes atop comes in handy. We put both, see for yourself, figure out what you like best, it suits:

# yum -y install htop
# yum -y install atop

Here is what htop looks like:

That's all for me. The basic setup of CentOS 7 is completed, you can proceed with the installation and configuration of the main functionality.

Video on setting up CentOS 7

Conclusion

We have completed some of the initial setup steps that I usually do when preparing a server. I do not pretend to be an absolute truth, perhaps I am missing something or doing something not quite right. I will be glad to reasonable and meaningful comments and remarks with suggestions.

It is useful to immediately connect the server to the monitoring system after configuration. Or set it up if you haven't already.

Thanks for the information: http://serveradmin.ru

KVM is a virtualization framework for Linux for which a processor with a virtualization hardware extension can host guest systems.

KVM is a convenient solution for testing various operating systems if you do not have the opportunity to purchase expensive and energy-intensive physical devices.

The guide below introduces KVM (QEMU) installation and configuration along with Linux Bridge configuration on CentOS7/RedHat7 operating system.

1. Check CPU hardware virtualization support

Our processor must support hardware virtualization (VT-x) to become a Hypervisor KVM and host virtual machines(guest operating systems):

# lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 2 Core(s) per socket: 2 Socket(s): 1 NUMA node(s): 1 Vendor ID: GenuineIntel CPU family: 6 Model: 42 Model name: Intel(R) Core(TM) i5-2520M CPU @ 2.50 GHz Stepping: 7 CPU MHz: 800.000 BogoMIPS: 4988.58 Virtualization: VT-x L1d cache: 32K L1i cache: 32K L2 cache: 256K L3 cache: 3072K NUMA node0 CPU(s): 0-3

2. Disable and stop NetworkManager

NetworkManager is known to cause problems when working with Linux Bridge, so it's best for us to disable it:

# systemctl stop NetworkManager # systemctl disable NetworkManager Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service. Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service. Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.

3. Install KVM related packages

# yum install qemu-kvm qemu-img libvirt libvirt-python libvirt-client virt-install virt-viewer virt-manager

4. Start and enable the libvirtd daemon

# systemctl enable libvirtd # systemctl start libvirtd

5. Set system-wide privileges for KVM

We need to add our regular tuxfixer user to the kvm group so that it can run virt-manager

# usermod -a -G kvm tuxfixer

We also need to install polkit (policy kit) rules for KVM.
Editing the 49-polkit-pkla-compat.rules file:

# vim /etc/polkit-1/rules.d/49-polkit-pkla-compat.rules

and add the following:

Polkit.addRule(function(action, subject) ( if (action.id == "org.libvirt.unix.manage" && subject.isInGroup("kvm")) ( return polkit.Result.YES; ) ));

6. Create a KVM Linux Bridge (KVM hypervisor modem network interface with VM network interfaces)

In this tutorial, we want the VMs to get their IP addresses from the same network where the KVM Hypervisor host is connected, so we will connect its main network interface (em1) to the VM's network interfaces.

To do this, we need to create a Linux Bridge from the em1 interface on the KVM Hypervisor host.

Current Hypervisor network configuration (immediately after installing KVM):

# ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6::1/128 scope host valid_lft forever preferred_lft forever 2: em1: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether d0:67:e5:33:15:3f brd ff:ff:ff:ff:ff :ff inet 192.168.2.3/24 brd 192.168.2.255 scope global dynamic em1 valid_lft 73193sec preferred_lft 73193sec inet6 fe80::d267:e5ff:fe33:153f/64 scope link valid_lft forever preferred_lft forever 3: wlp3s0: mtu 1500 DN qdiscop state 1000 link/ether 00:24:d7:f4:dc:e8 brd ff:ff:ff:ff:ff:ff 4: virbr0: mtu 1500 qdisc noqueue state DOWN link/ether 52:54:00:b7:22: b3 brd ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr0-nic: mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500 link/ether 52 :54:00:b7:22:b3 brd ff:ff:ff:ff:ff:ff

ifcfg-em1 configuration file (before creating the KVM Linux Bridge):

# cat /etc/sysconfig/network-scripts/ifcfg-em1 DEVICE="em1" TYPE="Ethernet" BOOTPROTO="none" NAME="em1" ONBOOT="yes" HWADDR="D0:67:E5:33: 15:3F" IPADDR=192.168.2.3 PREFIX=24 GATEWAY=192.168.2.1 PEERDNS="no" NM_CONTROLLED="no"

To configure the KVM network, we will use the virt-manager application, which is a user-friendly GUI for the KVM command line interface.

Note. The virbr0 interface was created automatically with the KVM installation and represents a virtual network that exists "inside" a KVM environment with NAT (network address translation).

Since we don't need NAT in the KVM environment (we want to hide the Hypervisor interface), we can remove the existing KVM virtual network based on the virbr0 interface.

Run virt-manager as root user:

# virt-manager

... the virt-manager window should appear:

Right click on QEMU/KVM -> Details -> Virtual Networks -> Disable network: “default” -> Delete network: “default” based on virbr0

Now we can connect the Hypervisor KVM (em1) interface:

Right click: QEMU/KVM -> Details -> Network Interfaces -> Add interface:

Interface type: Bridge
Interface name: br-em1
Start mode: on boot
Activate now: enabled
IP settings: copy configuration from 'em1'
Bridge settings: STP on, delay 0.00 sec

… click Finish to override the existing configuration and create the KVM Linux Bridge.

We can now test the newly created Linux Bridge (br-em1):

Check the current IP configuration (the IP is now assigned to br-em1 and em1 is now only acting as an interface):

# ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6::1/128 scope host valid_lft forever preferred_lft forever 2: em1: mtu 1500 qdisc pfifo_fast master br-em1 state UP qlen 1000 link/ether d0:67:e5:33:15:3f brd ff:ff:ff :ff:ff:ff 3: wlp3s0: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:24:d7:f4:dc:e8 brd ff:ff:ff:ff:ff:ff 6: br-em1: mtu 1500 qdisc noqueue state UP link/ether d0:67:e5:33:15:3f brd ff:ff:ff:ff:ff:ff inet 192.168.2.3/24 brd 192.168.2.255 scope global br-em1 valid_lft forever preferred_lft forever inet6 fe80::d267:e5ff:fe33:153f/64 scope link valid_lft forever preferred_lft forever

Check your bridge setup:

# brctl show bridge name bridge id STP enabled interfaces br-em1 8000.d067e533153f yes em1

Now the KVM Linux bridge is configured, and we can continue installing the virtual machine.

CentOS is one of the popular Linux based systems and for this reason many users want to get familiar with it. Installing it as a second operating system on your PC is not an option for everyone, but instead you can work with it in a virtual, isolated environment called VirtualBox.

You can download CentOS for free. For the convenience of users, the developers have made 2 variations of the distribution kit and several ways of downloading.

Herself operating system There are two versions: full (Everything) and truncated (Minimal). For a full acquaintance, it is recommended to download full version- the truncated one does not even have a graphical shell, and it is not intended for ordinary home use. If you need a truncated home page CentOS click Minimal ISO. It is downloaded in exactly the same way as Everything, the download of which we will consider below.

You can download the Everything version via torrent. Since the approximate size of the image is about 8 GB.
To download, do the following:

Step 2: Create a Virtual Machine for CentOS

In VirtualBox, each operating system you install needs a separate virtual machine (VM). This step selects the type of system to be installed, creates a virtual drive, and configures advanced settings.

This completes the VM installation.

Step 3: Set up the virtual machine

This step is optional, but will be useful for some basic settings and a general introduction to what can be changed in the VM. To enter the settings, right-click on the virtual machine and select "Tune".

In the tab "System" - "CPU" you can increase the number of processors to 2. This will give some performance boost to CentOS.

Going to "Display", you can add some MB to the video memory and enable 3D acceleration.

The remaining settings can be set at your discretion and returned to them at any time when the machine is not running.

Step 4: Install CentOS

The main and last stage: installation of the distribution kit, which has already been downloaded.

Select the virtual machine with a mouse click and click on the button "Run".
After starting the VM, click on the folder and use the standard system explorer to specify the location where you downloaded the OS image.
The system installer will start. Use the up arrow on your keyboard to select "Install CentOS Linux 7" and press Enter.
Some operations will be performed automatically.
The installer will start running.
The CentOS graphical installer will launch. We want to note right away that this distribution has one of the most elaborate and friendly installers, so it will be very easy to work with it.
Select your language and its variety.
In the settings window, configure:
Click on the button "Start Installation".
During installation (the status is displayed at the bottom of the window as a progress bar) you will be prompted to come up with a root password and create a user.
Enter password for root rights(superuser) 2 times and click "Ready". If the password is simple, the button "Ready" you need to press twice. Don't forget to switch your keyboard layout to English first. The current language can be seen in the upper right corner of the window.
Enter your initials in the field "Full name". Line "Username" will be filled in automatically, but you can change it manually.
Optionally, make this user an administrator by checking the appropriate checkbox.

Create a password for account and press "Ready".
Wait for the OS to install and click on the button "Finish setup".
Some more settings will be made in automatic mode.

The GRUB bootloader will appear, which by default will continue loading the OS after 5 seconds. You can do it manually without waiting for the timer by clicking on Enter.
The CentOS download window will appear.
The settings window will reappear. This time you need to accept the terms of the license agreement and set up the network.
Check this short document and click "Ready".
To turn on the Internet, click on the option "Network and hostname".
Click on the slider and it will move to the right.
Click on the button "To complete".
You will be taken to the login screen. Click on it.
Switch keyboard layout, enter password and click "To come in".

Now you can start using the CentOS operating system.

Installing CentOS is one of the easiest and can be done without difficulty even by a beginner. This operating system, on first impressions, can be noticeably different from Windows and be unusual, even if you have previously used Ubuntu or MacOS. However, in mastering this OS, there will be no particular difficulties due to the convenient desktop environment and an expanded set of applications and utilities.

A task: install CentOS 7 to the virtual machine Hyper-V second generation(Generation 2). First go to the official CentOS website and download the iso image of the desired version of the system.

1. Create a virtual machine

Let's create a new virtual machine in Hyper-V. Let's give it a name, for example VM-CentOS.

In the next step, we indicate that it will be second generation virtual machine(Generation 2).

Then "Configure Networking" - select Connection - LAN.

Now "Connect Virtual Hard Disk" - select the creation of a new disk (Create a virtual hard disk) and set its size, name and location. For example, VM-CentOS.vhdx.

Next, "Installation Options" - select the installation of the system from the image (Install an OS from a bootable image file), which must be downloaded as an iso file from the official CentOS website, and point to it (Image file iso).

The virtual machine has been created.

Right-click to go to the machine settings (Settings). In the Hardware block, select Firmware and uncheck " Enable Secure Boot".

If this is not done, then the following error will appear on startup: " Boot failed. EFI SCSI Device. Failed Secure Boot Verification."

2. Installing CentOS 7 on the created virtual machine

Now we start the car (Start). The welcome window of the CentOS system installer will be displayed. If necessary, add the Russian language.

Now you can pre-configure.

Let's go to the "Keyboard" button. Here we can change the layout parameters, if necessary (for example, raise the English language to the top, change the layout keys, for example, to the "Ctrl + Shift" combination).

By clicking the "Select programs" button, go to the selection software, where you can specify which packages will be preinstalled. These parameters are highly dependent on what you plan to use in the future. this system. If performance is important, then you can select "Minimum installation", and then "reinstall" all the necessary components.

When planning to use a CentOS machine for hosting sites, you can set the "Standard Web Server" option, add, for example, "PHP Support", "MariaDB Client" and others.

If you need a graphical interface, then you can choose "GNOME Environment" or "KDE Plasma Workspaces", add "Office Suite" to it, etc.

Now let's set the network parameters. Go to "Network and host name", set the host name and turn on the network using the top right radio button.

Now click "Start Installation".

While in background installation is in progress, we will set the necessary passwords for access.

Click "Password root" and set the password for the administrator account.

Create a user if necessary.

Now we are waiting for the installation of CentOS 7.

Click "Finish Setup" and wait for the installation process to complete. After that, you will be prompted to reboot.

3. Checking the generation of the virtual machine

After the reboot, enter the previously created login-password.

Note for installers Linux system for the first time: the password is not displayed on the screen when you enter it.

Next, we check whether the created virtual machine is indeed a second generation machine (Generation 2). To do this, run Windows PowerShell on the hypervisor and run the following command (instead of "VM-CentOS" enter the name of your machine):

Get-vm VM-CentOS | fl name,generation

We make sure that Generation 2 is indicated. The installation is complete.

Monitoring IIS Web Server HTTP Requests with Fiddler

Kooboo. Lesson 1: Introduction