Home
Name Modified Size InfoDownloads / Week
viminal-livecd 2023-08-24
medi6-lab 2019-04-08
vodka-lab 2019-02-08
mobidik-lab 2018-11-30
README.textile 2019-04-10 14.6 kB
README.textile-20190410 2019-04-10 14.6 kB
README.textile-20190408 2019-04-08 12.6 kB
README.textile-20181128 2018-11-30 11.5 kB
Totals: 8 Items   53.3 kB 1

VIMINAL ( * )

VIrtual Model for Ip Network Architecture Lab

Available titles
MOBIDIK lab Linux Routing lab MEDI6 lab VODKA lab

( * ) The Viminal Hill (Latin Collis Viminalis, Italian Viminale) is the smallest and least important of the famous seven hills of Rome, and as such always referred to as collis rather than mons.

http://en.wikipedia.org/wiki/Viminal
http://penelope.uchicago.edu/Thayer/E/Gazetteer/Places/Europe/Italy/Lazio/Roma/Rome/_Texts/PLATOP*/Viminalis.html*/Viminalis.html

Introduction

VIMINAL (VIrtual Model for Ip Network Architecture Lab) platform is an autonomous network and system lab environment. Available on a liveDVD / LiveUSB, it offers network models on which you have extended rights. It integrates all the materials needed to securely play system and IP network labs on common computers. The main goal is to play such labs, with no installation nor configuration changes on your computer.

0.x versions of VIMINAL liveDVD were based on VNUML (Virtual Network User-Mode Linux http://jungla.dit.upm.es/~vnuml/), a neat project of Telematics Engeneering Department (DIT) of the Technical University of Madrid (UPM), now replaced by VNX (http://web.dit.upm.es/vnxwiki/index.php/Main_Page).

1.x versions, model lab virtualization environment was qemu-kvm in association with libvirt library and virsh tool.

2.x version, model lab virtualization environment (except for vodka lab, which is a pure libvirt/qemu-kvm lab) is LXD system container (lightervisor)

VIMINAL collection

VIMINAL offers several titles :

MOBIDIK lab (Model to Observe Basic Infrastructure Doing Identification with Kerberos)

This lab model is made up of three virtual machines (kdc, appsrv, and client1) interconnected on mobidik lan. The lab goal is to configure MOBIDIK.LAB Kerberos realm and observe, using wireshark network analyzer, traffic between the different protagonists during Kerberos authentication process.

Download:

  • Lab instruction sheet : mobidik-lab/viminal-mobidik-lab-all-in-1-en.pdf
  • iso file of the DVD : mobidik-lab/viminal-mobidik-v2.0-r20181025.iso
  • MD5 hash of the iso file : mobidik-lab/viminal-mobidik-v2.0-r20181025.iso.DIGESTS.md5.txt

  • Since VIMINAL 2.0, an hybrid (BIOS / UEFI) Multiboot USB Key image is also available; (Combine all downloaded usb key image part files to rebuild original USB key single image using ” cat viminal-mobidik-v2.0-r20181025-hybrid-multi-boot-usb.img.part* > viminal-mobidik-v2.0-r20181025-hybrid-multi-boot-usb.img” command on linux or ” type viminal-mobidik-v2.0-r20181025-hybrid-multi-boot-usb.img.part* > viminal-mobidik-v2.0-r20181025-hybrid-multi-boot-usb.img” command on MS-Windows. Then see “VIMINAL LiveUSB key cloning howto” below to transpose that image to your USB key) : viminal-mobidik-v2.0-r20181025-hybrid-multi-boot-usb.img.part[00-02]

Linux Routing lab

(not available for now, new edition in future ? work in progress).This lab model is composed of 4 GNU/Linux hosts (host1 to host 4) interconnected by 4 networks (net1 to net4). The main goal is to let you configure network interfaces of each host, make connectivity tests, and then configure routing functions to convert host in router. That model was used to validate VIMINAL platform concepts.

Download :

  • Lab instruction sheet :
  • iso file of the DVD :
  • MD5 hash of the DVD :
  • (Hardware requirement : Virtual machine performances can be low if you don’t have a HVM (Hardware Virtual Machine) based processor on your host as Intel-VT or AMD-V).

MEDI6 lab (Model for Experimentation and Discovery of Ip v6)

This lab build an Ipv6 architecture. The lab goal is in its first part, to familiarize with basics of the new protocol as IPv6 address format, stateless auto-configuration, IPv6 address DNS integration and observe IPv6 traffic, using wireshark network analyzer. The second part is about Ipv4/IPv6 cohabitation and transition tools.

Download :

  • Lab instruction sheet : medi6-lab/viminal-medi6-lab-all-in-1-en.pdf
  • iso file of the DVD : medi6-lab/viminal-medi6-v2.0-r20181025.iso
  • MD5 hash of the DVD : medi6-lab/viminal-medi6-v2.0-r20181025.iso.DIGESTS.md5.txt

  • Since VIMINAL 2.0, an hybrid (BIOS / UEFI) Multiboot USB Key image is also available; (Combine all downloaded usb key image part files to rebuild original USB key single image using ” cat viminal-medi6-v2.0-r20181025-hybrid-multi-boot-usb.img.part* > viminal-medi6-v2.0-r20181025-hybrid-multi-boot-usb.img” command on linux or ” type viminal-medi6-v2.0-r20181025-hybrid-multi-boot-usb.img.part* > viminal-medi6-v2.0-r20181025-hybrid-multi-boot-usb.img” command on MS-Windows. Then see “VIMINAL LiveUSB key cloning howto” below to transpose that image to your USB key) : viminal-medi6-v2.0-r20181025-hybrid-multi-boot-usb.img.part[00-02]

VODKA lab (Virtualisation Operation Discovery on Kvm Architecture)

This lab is a tutorial for the discovery and ownership of KVM (Kernel Based Virtual Machine) virtualization environment, libvirt library and related tools “virsh”, “virt-install”, “virt -manager “. This was the first variation of VIMINAL based on KVM and libvirt “virsh.

Download :

  • Lab instruction sheet : vodka-lab/instruction-sheets/viminal-vodka-lab-en.pdf
  • iso file of the DVD : vodka-lab/viminal-vodka-v2.0-r20181025.iso
  • MD5 hash of the DVD : vodka-lab/viminal-vodka-v2.0-r20181025.iso.DIGESTS.md5.txt
  • (Hardware requirement : Virtual machine performances can be low if you don’t have a HVM (Hardware Virtual Machine) based processor on your host as Intel-VT or AMD-V).

  • Since VIMINAL 2.0, an hybrid (BIOS / UEFI) Multiboot USB Key image is also available; (Combine all downloaded usb key image part files to rebuild original USB key single image using ” cat viminal-vodka-v2.0-r20181025-hybrid-multi-boot-usb.img.part* > viminal-vodka-v2.0-r20181025-hybrid-multi-boot-usb.img” command on linux or ” type viminal-vodka-v2.0-r20181025-hybrid-multi-boot-usb.img.part* > viminal-vodka-v2.0-r20181025-hybrid-multi-boot-usb.img” command on MS-Windows. Then see “VIMINAL LiveUSB key cloning howto” below to transpose that image to your USB key) : viminal-vodka-v2.0-r20181025-hybrid-multi-boot-usb.img.part[00-02]

To be published in future

  • MOLDOVA lab (Model to Observe Ldap Directory Objects with Versatile Attributes) : LDAP lab,
  • MIMOSA lab (Model for Initiation into network Management Operations with SNMP Agent) : SNMP lab
  • VOLCANIC (Virtualisation Operation on Linux Container Architecture N? I? C?) a LXC or Docker lab ?
  • Shibboleth lab : ?

Utilization

Bare metal booting your host

For VIMINAL 0.x or 1.x series, the easiest way to play the lab was to download and “burn” the iso file on a DVD. You, then, have just to boot your workstation on that DVD. Lab instruction sheet (in english and in french) and the model network map are available on the desktop of your host. At the end of the lab, shutting down the workstation will automatically eject the DVD. The workstation can then be rebooted on its initial operating system.

Nowadays, bare metal booting VIMINAL on your host from LiveUSB mode is more comfortable than LiveDVD, accesses are faster and quieter (no mechanical drive). (see Live USBkey howto bellow)

Nota : Depending of the model to play, the workstation must have a minimal RAM space if no swap partition is available on one of its disks.

VIMINAL virtualization

For 2.x version, model lab virtualization environment (except for Vodka lab, which is a pure libvirt/qemu-kvm lab) is LXD system container (lightervisor). So as there’s no HVM (Hardware Virtual Machines : Intel VMX or AMD SVM extensions) dependencies, you can easily play VIMINAL labs inside an hypervized (KVM, VMWare, Virtualbox, …) virtual machine. Just create a 2 VCPU, 4MB RAM LiveCD booting virtual machine. Configure the CD-ROM device of the your virtual machine pointing to the VIMINAL iso file. Then fire up your VM, inside the virtual machine maybe adjust your virtual screen resolution, that’all, you’re ready to play.

For VIMINAL 1.x models and VIMINAL Vodka lab 2.x which are built on qemu-kvm virtualization environment. Trying to play the VIMINAL LiveCD as virtual appliance brings about a two level virtualization stack. So you need an hypervisor able to export HVM (Hardware Virtual Machine : Intel VMX or AMD SVM) extensions inside the virtual machine to allow the second virtualization level (qemu-kvm) to work. Result is without guaranty.

  • KVM : The liveDVD and models work quite well, given that “nested KVM” working properly;
  • QEMU/KQEMU : Works but that’s not reasonable. LiveDVD boots but model start is too long.
  • VMWARE : While VMWARE is freely available VIMINAL has not be tested on that platform. I don’t use VMAWRE environment, as I don’t want to be dependent on dominant sofware vendor. But some reports me that it works.
  • XEN : An old version of Xen, in paravitualized mode, didn’t allow another level of virtualization in a domU virtual machine. Stacking two virtualization mechanisms was not supported. I don’t know if a newer version of Xen or if the full virtualization mode (HVM) can do it.
  • HyperV : Not tested, probably the same limitation described for Xen
  • VirtualBox : AFAIK VirtualBox is unable to run nested KVM
  • Docker : Untested, launching KVM / libvirt machines in a LXC container is probably adventurous … but elasticity of virtualization amazes us everyday!.

VIMINAL LiveUSB key cloning howto

The VIMINAL iso file can be directly transposed on an USBkey, but in that case the key can be booted only in legacy BIOS mode.

Since VIMINAL 2.0, an hybrid Multiboot (BIOS / UEFI) USB Key image is also available.

  • This hybrid USB key (BIOS / UEFI) can be “bare metal” booted on a larger panel of computers (legacy BIOS PC, modern UEFI PC, and even some Apple hosts),
  • Based on Grub2 bootloader, this key directly boots the VIMINAL isofile located on the ntfs partition of the key, (with Grub2 multi entries menu, it could potentialy be used to offer mutli iso boot … imagine all the VIMINAL iso collection on a single USB key).
  • Instead of directly booting from the key on bare metal machine, the iso file, located on the ntfs partition of the key, can also be used under a hypervisor (KVM, VMWare, or Virtualbox) to boot a virtual machine in LiveCD mode (as mentioned in “VIMINAL virtualization” above).

VIMINAL iso files or hybrid multiboot USB key image file can easily be transposed on a bootable USB key using a disk block copy utility such.

  • dd command on GNU/Linux system (see bellow)
  • Rufus on MS Windows system (https://rufus.ie/en_IE.html) (disclaimer : Rufus may work to transpose VIMINAL image on USB, but with no warranty as I’ve not yet tested RUFUS)

*On GNU/Linux system : *
Disclaimer warning: all the data on the target USB key, will be erased. Make sure this is what you want to do.

Disclaimer warning: When “block copying” (using dd command) on /dev/sdX device, double verify /dev/sdX is your target usb key device. An error on the X device designation, by specifying a wrong device, will irretrievably erase that X device. Do it at you own risk !!!

Plug your target key. Find the USB key device (/dev/sdX) using dmesg or lsblk commande

# dmesg

or

# lsblk

Block copy the image on the target key using dd command

# dd if=/path/to/your/archive/dir/viminal-iso-or-hybrid-mutliboot-usbkey-image-file of=/dev/sdX bs=8M

Be patient …!! copy can be long.

That’s all, you can now unplug the key and test it to “bare metal” boot a workstation.

Evolutions

In the future, it is planned to make the VIMINAL models available on the CIRRUS (Cloud Iaas Reservoir de Ressources Unifiees pour Salles de TP) cloud, in the form of virtual appliances. CIRRUS is an openstack cloud platform, it is intended for the support of remote access for computer lab resources on demand. It foreshadows what could be seen as “MOOL” (Modern Open Online Lab) which could constitute the practical part of MOOC (Massive Open Online Courses) …
The ramp-up of containerized and orchestrated application environments is supplanting the previous architectures based on the deployment of application VMs. The Kubernetes orchestrator (k8s), driving complex applications in the form of Docker or CoreOS container swarms, is emerging as the dominant model in the CI / CD context (Continuous Integration / Continuous Deployment) driven by the Devops movement.
So a reflection is underway to define the future architecture of the VIMINAL 3.x system and network mockups in a VIP (VIMINAL In a Pod) form. A first intermediate step could be to encapsulate the kvm/libvirt VM, booting the VIMINAL iso file, inside a k8s pod (using kubevirt : https://github.com/kubevirt, https://blog.openshift.com/re-imagining-virtualization-with-Kubernetes-and-kubevirt/). This approach makes it possible to reuse the existing iso files while delegating the deployment of working positions to kubernetes on the cloud whether private, public or hybrid. Large-scale and on-demand working position management would be handled by the k8s Orchestrator. However, it maintains the dependence on complete virtualization HVM (Hardware the Virtual Machine) which has the advantage of ensuring a strict confinment of each work position, at the cost of resource consumption which remains important. The second VIP target, will be to redefine the architecture of VIMINAL models in the form of k8s pod: each element of a model (host, router, virtual switch, …) being executed in separate containers agregated inside a pod. This more k8s-compliant approach would enable large deployments of cloud-based lab positions without the additional cost of full virtualization. In order to preserve the original spirit of VIMINAL, namely to execute the lab mock-ups on its own individual workstation (baremetal liveUSB or in a VM), the VIMINAL pod could also be run in the Minikube environment integrated into a complete system embedded as a LiveCD / USB iso file …

Jacques Landru
Ingénieur d’Etudes — Institut Mines-TELECOM
IMT Lille Douai
C.E.R.I. Systemes Numeriques

——-oOo——-

Source: README.textile, updated 2019-04-10