An Open Source Solution for Running PC Labs in Schools and Educational Institutions
[ Home ] [ Screenshots ] [ Installation ] [ Download ] [ Presentations ] [ Contact ]
Subprojects: [ Vlizedlab Remote alias lab1 ] [ Vlizedlab External alias labx ]
The most simple way to install a Vlizedlab client is to use our install CDs, which can be burnt to an install CD or copied to a bootable USB stick by standard tools.
Basically this install media can be used on a standard PC without any further preparations and without user intervention. You will get a very basic Vlizedlab client system for testing only. Careful: Any data on the hard disk of the PC you install the Vlizedlab client on will get overwritten.
You will use the install CDs for installing lab PCs, but prepare an environment for them, such they will work in a real lab with the adaptions necessary for practical use. For this purpose you will need a server in your network which is called the "Vlizedlab root server", that is used as a central service for the configuration of the Vlizedlab clients.
The Vlizedlab root server serves for maintaining the current configuration data for the Vlizedlab clients in your network. We assume, you run your Vlizedlab root server with Debian GNU/Linux. If you install a firewall, make sure your server is accessible at ports 80, 873, 3142 (and possibly 22 for ssh).
Type as root:
apt-get update
apt-get install apt-cacher-ng
nano /etc/apt-cacher-ng/acng.conf
Change line to:
CacheDir: /home/cache/
Go ahead:
mkdir -p /home/cache
chown -Rvf apt-cacher-ng.apt-cacher-ng /home/cache
/etc/init.d/apt-cacher-ng restart
The web server is needed for distributing the configuration data to the Vlizedlab clients.
Type as root:
apt-get install lighttpd
nano /etc/lighttpd/lighttpd.conf
Change lines to:
...
server.document-root = "/home/vlizedlabroot"
...
server.modules += ( "mod_accesslog" )
accesslog.filename = "/var/log/lighttpd/access.log"
# include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
Proceed:
mkdir -vp /home/vlizedlabroot
/etc/init.d/lighttpd restart
The rsync server is used for distributing the virtual PCs. In principal, this can also be done via the web server, but rsync is more efficient for this purpose. Note that there can be many hosts that distribute virtual PCs and there is no necessity to run this service at "vlizedlabroot".
Type as root:
apt-get install rsync
nano /etc/default/rsync
Change lines to:
RSYNC_ENABLE=true
Procee with:
nano /etc/rsyncd.conf
Make this file look like this:
uid = root
gid = root
[vbox]
path = /home/vboxmachines
read only = yes
Procee with:
/etc/init.d/rsync restart
Type as root:
gpg --gen-key
Choose an appropriate key length (2048 or 4096), an email-address (let's call it VLIZEDLABROOT@HERE
for now, but it can be any address). Choose password and expiry as you wish. You are strongly advised to keep the secret keyring at /root/.gnupg/secring.gpg
very secret, at this is the key for authenticating configuration data for your Vlizedlab clients.
Proceed as root:
gpg --armor --export VLIZEDLABROOT@HERE > /home/vlizedlabroot/configkey.asc
In this space we maintain the configuration data for all the Vlizedlab Clients in the network.
Type as root (take this as an example, the config data can be kept at any directory):
mkdir -vp /root/vlizedlabroot
Edit /root/vlizedlabroot/vlizedroot
as such (example):
# List of Possible vlizedroot servers. Makes search path
vlizedlabroot
192.168.3.1
10.0.134.9
root.vlizedlab.at
This is the search path for the Vlizedlab root server(s) in your network. Lines starting with #
are considered to be comments.
Type:
touch /root/vlizedlabroot/configdate
It doesn't make sense to edit this file, as we are going to overwrite it in the vlpublishconfigspace
script.
Edit /root/vlizedlabroot/vmsources
as such (example):
# This is /etc/vlizedlab/vmsources
# it defines where this vlizedlab client can get its virtual machines
# Format is
# method name source
rsync mysite vlizedlabroot::vbox
http vlizedlab http://download.vlizedlab.at/machines
# for local ressources uncomment and adapt this line:
# rsync localdisc /mounteddir
This is the search path for virtual PCs. E.g. the first line rsync mysite vlizedlabroot::vbox
refers to the rsync server we just configured.
The next line refers to the public virtual PCs at "http://download.vlizedlab.at/machines".
Lines starting with #
are considered to be comments.
Type:
echo 'YourRootPasswordForTheVlizedlabClients' | mkpasswd -Hmd5 -s
echo 'YourStudentPasswordForTheVlizedlabClients' | mkpasswd -Hmd5 -s
and note (copy&paste) the strings that are displayed. You will need them in the following scripts (see
TheRootPWString
and
TheStudentPWString
).
Edit /root/vlizedlabroot/postinst
as such (example):
#!/bin/bash
echo "vlizedlab postinst script"
######### /etc/vlizedlab/mystudentlist
if [ ! -f /etc/vlizedlab/mystudentlist ]; then
echo "Writing /etc/vlizedlab/mystudentlist"
cat > /etc/vlizedlab/mystudentlist <<EOF
# This is /etc/vlizedlab/mystudentlist.
# Write one PC (host name or IP) per line for every student
# you are responsible for.
# Lines starting with # and blank lines are ignored.
# Call vlmaketeacherpc afterwards.
# 10.1.2.3
# Insert other IPs as you wish
# 10.1.2.99
EOF
fi
######### Clients should use the apt-cacher
cat > /etc/apt/apt.conf <<EOF
Acquire::http::Proxy "http://vlizedlabroot:3142";
APT::Cache-Limit "134217728";
EOF
######## Passwords
# Call:
# echo 'yoursecrectpassword' | mkpasswd -Hmd5 -s
# and patch the resulting string here
ROOTPWSTRING='TheRootPWString'
usermod -p "$ROOTPWSTRING" root
STUDENTPWSTRING='TheStudentPWString'
usermod -p "$STUDENTPWSTRING" student
Type:
chmod a+x /root/vlizedlabroot/postinst
Let's call the script we are going to use vlpublishconfigspace
and let's assume
~root/bin
is in the path for root.
~root/bin/vlpublishconfigspace
as such:
#!/bin/bash
VLCROOT=/root/vlizedlabroot
# echo "MY`date +%Y%m%d%H%M%S`" > $VLCROOT/configdate
echo "MY`date +%Y%m%d`" > $VLCROOT/configdate
mkdir -p /root/tmp
(
cd $VLCROOT ;
tar -cvz --exclude='*.svn' -f /root/tmp/config.tar.gz *
)
cd /root/tmp
if [ -f config.tar.gz.asc ]; then rm config.tar.gz.asc; fi
gpg -v --local-user VLIZEDLABROOT@HERE -s --armor config.tar.gz
mv -vf config.tar.gz.asc /home/vlizedlabroot/
rm -vf /root/tmp/config.tar.gz
and type:
chmod a+x ~root/bin/vlpublishconfigspace
As we just generated the script, we simply call
vlpublishconfigspace
For offering virtual PCs that don't have special requirements, just network, sound and a (virtual) hard disk, just copy the
.vdi
-file of the virtual machine you may have created with Virtualbox somewhere else. Let's say we have
Testmachine.vdi
, type
mkdir -p /home/vboxmachines/TestMachine
cp whereeveritis/Testmachine.vdi /home/vboxmachines/TestMachine/TestMachine.vdi
Now we must adapt the machinelist
of our server.
Edit /home/vboxmachines/machinelist
as such:
# List of Virtual Machines here
#
# Format is:
# TYPE/NAME:FILELIST
# currently vb is the only known type
vb/TestMachine: TestMachine.vdi
Now the TestMachine
will appear in the menu of downloadable machines at the Vlizedlab clients.
For offering virtual PCs with special requirements, you can provide a script with vboxmanage
commands to generate the virtual PC at the
Vlizedlab Clients.
For example consider TestMachine2
with a mounted CD-ROM (with image blub.iso
):
Type
mkdir -p /home/vboxmachines/TestMachine2
cp whereeveritis/Testmachine2.vdi /home/vboxmachines/TestMachine2/TestMachine2.vdi
cp whereeveritis/blub.iso /home/vboxmachines/TestMachine2/blub.iso
Now we must edit /home/vboxmachines/TestMachine2/init.sh
as such:
#!/bin/bash -x
VERSION=2
# PREDEFINED ARE:
# MACHINEDIR= (e.g. /vm/vb/MyMachine)
# MACHINE= (e.g. MyMachine)
VBoxManage --nologo createvm --name $MACHINE --register --basefolder $MACHINEDIR
VBoxManage --nologo modifyvm $MACHINE --ostype linux26
VBoxManage --nologo modifyvm $MACHINE --memory 750
VBoxManage --nologo modifyvm $MACHINE --vram 128
VBoxManage --nologo modifyvm $MACHINE --acpi on
VBoxManage --nologo modifyvm $MACHINE --ioapic on
VBoxManage --nologo modifyvm $MACHINE --hwvirtex on
VBoxManage --nologo modifyvm $MACHINE --bioslogofadein off
VBoxManage --nologo modifyvm $MACHINE --bioslogofadeout off
VBoxManage --nologo modifyvm $MACHINE --bioslogodisplaytime 1
VBoxManage --nologo modifyvm $MACHINE --nic1 nat
VBoxManage --nologo modifyvm $MACHINE --audio alsa
VBoxManage --nologo storagectl $MACHINE --name C$MACHINE \
--add ide --controller PIIX4 --hostiocache on
VBoxManage --nologo storageattach $MACHINE --storagectl C$MACHINE \
--port 0 --device 0 --type hdd \
--medium $MACHINEDIR/$MACHINE.vdi --mtype immutable
VBoxManage --nologo storageattach $MACHINE --storagectl C$MACHINE \
--port 1 --device 0 --type dvddrive \
--medium $MACHINEDIR/blub.iso
And we extend /home/vboxmachines/machinelist
as such:
# List of Virtual Machines here
#
# Format is:
# TYPE/NAME:FILELIST
# currently vb is the only known type
vb/TestMachine: TestMachine.vdi
vb/TestMachine2: TestMachine2.vdi blub.iso init.sh
Now also TestMachine2
will appear in the menu of downloadable machines at the Vlizedlab clients.
With the running vlizedlabroot
server, this is easy: Just download the appropriate iso from the
download area and boot your client from it. The fully automated boot procedure
will install the Vlizedlab client for you and will load the public key and the configuration data from your
vlizedlabroot
server.
Vlizedlab Teacher PC's are ordinary Vlizedlab Clients, that are given admission to control other Clients by a one-time registration at the respective Clients.
For creating a Vlizedlab teacher PC, install it as an ordinary Vlizedlab client first. Then
login as root
and edit
/etc/vlizedlab/mystudentlist
by entering every Vlizedlab client (student PC) that this
teacher PC is going to control.
# This is /etc/vlizedlab/mystudentlist.
# Write one PC (host name or IP) per line for every student
# you are responsible for.
# Lines starting with # and blank lines are ignored.
# Call vlregisterTeacherAtStudentPCs afterwards.
192.168.1.10
192.168.1.11
192.168.1.12
# ...
After this, call vlregisterTeacherAtStudentPCs
. The machines in the list must be
up and running and accessible over the network. You will be asked to enter the root password for
every Vlizedlab client in the list. After this, logout from the teacher PC.
You will notice, that the Remote Maintenance Menu is accessible from the Maintanence Menu of your teacher PC.
If you happen to switch a Vlizedlab client PC to a new root server, login as "root" at the client PC,
edit /root/vlizedlabroot/vlizedroot
appropriately and call
vlrebrand2newrootkey
The comments from the script are self-explaining.
Additionally to the
basic services needed for running your Vlizedlab lab room
you need an installation of
FAI - Fully Automated Installation
at your central vlizedlab server.
See the details for installation of FAI at the
FAI home page.
Copy the files in
/usr/share/doc/fai-doc/examples/simple/
over to your
/srv/fai/config/
directory, recursively.
Get additional files from our
scripts download area - see the
vlizedlabfai.tar.gz
- and copy them over the existing file tree in
/srv/fai/config/
.
Finish your FAI installation and network-boot your lab PCs. They should install the Vlizedlab client now.
Additionally to the other services mentioned here and/or here you need a Guacamole server running on you lab server. A script system that accompanies the Guacamole server handles user accounts and access permissions.
More information to come.
You need a Guacamole server running, but different to the Vlizedlab remote this Guacamole server can run on any machine with a publi IP Address and some DNS name pointing to it. A script system that accompanies the Guacamole server handles user accounts and access permissions.
More information to come.
There is a special page for that.
Good luck and have fun. And if it works (or doesn't) don't hesitate to drop me an mail.