Vagrant

Vagrant is an easy way to setup and configure system images for virtualbox, but also AWS (amazon). So for cloud deployment this is a very interesting package.

Disable check for updates in Virtualbox. Vagrant does not keep the same pace and won't work directly with new release.

Last time it was a stable release (6.1) and you will have to wait until vagrant 2.2.7 to have this fixed !!! There was a fix : visit

But virtualbox works fine and you should only update it manually when you have the time to fix problems.

quick start

Type :

brew install vagrant
vagrant init chef/centos-6.5
vagrant up
vagrant ssh
vagrant destroy

For the init step, you need to specify an image to base the VM on, if you want another OS you could choose here : visit If it is not there some manual configuration should be needed... later !

Virtualbox and vagrant

Simplest version and free of course. Normally you start in a separate directory :

mkdir test
cd test
vagrant init hashicorp/precise32
vagrant up
vagrant ssh
vagrant destroy

This downloads an image from visit. So it is clear the image is taken from visit and it has to exist. This particular example is an ubuntu (precise pangolin) 32 bits image. See the page in question for your options :

visit

It simply says : "We make Vagrant, Vagrant Cloud, and other products." So be it....

or search it : visit

The vagrant up then does everything, download the image, startup a new vbox image. vagrant ssh log's you in, if you need root access, do 'sudo su' vagrant destroy removes the whole thing without a trace (almost: Vagrantfile remains).

If you look at the Vagrantfile created in this directory by vagrant init , there is a lot of comments, and actually only one plain line :

config.vm.box = "hashicorp/precise32"

Of course this is the reference to the image, another example could be :

config.vm.box = "opscode-centos6.6" config.vm.box_url = "[http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode\_centos-6.6\_chef-provisionerless.box](http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.6_chef-provisionerless.box)"

In this case, the url also has to be given, see the amazon section about this version. Another entry we like is the network interface

config.vm.network "private_network", ip: "192.168.33.10" 

Vagrantfile is in ruby style, so you might see constructs like

Vagrant.configure(2) do |config|
end

See ruby docs about that. In short, do..end is a code block, or closure. And they must follow a method invocation. So that's the configure() in this case. Inside this method the code block called using the yield keyword with a parameter specifying the config parameter between ||.

If you want the provisioning be done with ansible you could end up with this minimal Vagrantfile :

VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
    config.vm.box = "ubuntu/trusty64"

    config.vm.network "forwarded_port", guest: 80, host: 8080

    config.vm.provision :ansible do |ansible|
        ansible.playbook = "playbook.yml"
    end
end

Vagrant up will provision it the first time, after that you need to :

vagrant provision

If you encounter problems like :

GATHERING FACTS *************************************************************** 
fatal: [default] => SSH encountered an unknown error during the connection. We recommend you re-run the command using -vvvv, which will enable SSH debugging output to help diagnose the issue

Make sure you remove user: root from the playbook, not :

- hosts: default
  user: root
  sudo: yes

but

- hosts: default
  sudo: yes

note:: you can also skip ansible and provision with a simple bash script

A simple example of that (working freeipa example)

#!/bin/bash
ip=$1
name=$2
domain='kees.rinis.nl'
DOMAIN=`echo $domain | awk '{print toupper($0)}'`

echo "proxy=http://10.10.1.13:3128" >> /etc/yum.conf

yum -y update
yum install -y ipa-server-dns

# install hosts
echo "${ip} ${name}.${domain} ${name}"  >> /etc/hosts.tmp
cat /etc/hosts >> /etc/hosts.tmp
mv /etc/hosts.tmp /etc/hosts

# install hostname, just overwrite
echo "${name}.${domain}"  > /etc/hostname

# setup in one command :
ipa-server-install -a '][p][p][p' -p '][p][p][p' --setup-dns --hostname=${name}.${domain} -n ${domain} -r ${DOMAIN} --forwarder='10.0.2.3' -U

This can be run with parameters from vagrant like this :

config.vm.define "ipa2" do |ipa2|
    ipa2.vm.box = "box-cutter/centos70"
    ipa2.vm.network "private_network", ip: "192.168.55.139"
    ipa2.vm.network "forwarded_port", guest: 22, host: 5639, id: "ssh", auto_correct: true
    ipa2.vm.provision "shell" do |s|
        s.path = "provision.sh"
        s.args = ['192.168.55.139','ipa2']
    end
end

config.vm.define "ipa3" do |ipa3|
    ipa3.vm.box = "box-cutter/centos70"
    ipa3.vm.network "private_network", ip: "192.168.55.140"
    ipa3.vm.network "forwarded_port", guest: 22, host: 5640, id: "ssh", auto_correct: true
    ipa3.vm.provision "shell" do |s|
        s.path = "provision.sh"
        s.args = ['192.168.55.140','ipa3']
    end
end

vbguest plugin

This could have been a nice plugin, but it sadly causes more problem than advantages.

sadly (2017) this is still not worth the effort of installing in a proxy environment.

I will explain the problems though.

installation

In an ideal world :

vagrant plugin install vagrant-vbguest
vagrant vbguest

That would be it! But in the proxy setup at RINIS we get this problem :

GuestAdditions versions on your host (4.3.30) and guest (4.3.20) do not match.
Loaded plugins: fastestmirror
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os error was

The problem is that this happens at an early stage where we did not make the box proxy-capable yet. You should :

• vagrant up on a vagrant box with the proxy settings as shown above
• this will fail, but you can log in to the box. So do a yum update
• now do a vagrant halt
• vagrant up, it seems to come a long way installing but still says failure
• log in again and do /etc/init.d/vboxadd restart by hand.
• now it works

And that each and every time you startup a new vagrant box. So i ended up doing :

vagrant plugin uninstall vagrant-vbguest

downgrading a box

A special problem with the geerlingguy/Centos7 box was that the vbguest plugin failed to work after an upgrade to at least 1.2.12

So i wanted to step back boxes until it works again. There is no downgrade command in vagrant, but you can just do :

vagrant destroy # destroy the box
vagrant box list    # list available boxes
rm -rf rm -rf ~/.vagrant.d/boxes/geerlingguy-VAGRANTSLASH-centos7/1.2.12
vagrant up      # it will now start warning about new versions again

Just don't update anymore until it mentions the vbguest problem is fixed.

Here are the steps back until it worked again.

version 1.2.11 (one step back)

This complains about mismatching guest versions:

vagrant vbguest --status
[default] GuestAdditions versions on your host (5.2.18) and guest (5.2.20) do not match.

Note that this is what you get in one directory (demo) but in ldap it just says :

[srv] GuestAdditions 5.2.18 running --- OK.

Also the box must be running, so it seems like something on the running machine and not the directory config.

Now the host version is quickly found, login to the VM and type :

ls /opt 
# you will get among possible others :
VBoxGuestAdditions-5.2.18

That's one down, but where does the 5.2.20 come from ?!?

List the vms under your own name !

VBoxManage list vms
# result
"gitlab_default_1518509717720_64466" {612e36f1-cc60-44ba-922d-966fdeffcf3e}
"jira_jira_1530625849975_9646" {cf5f29e5-ea13-4a24-bcb5-a58db323f6b1}
"mail_default_1539866925762_95659" {f96710b7-c799-4623-b832-dba6fde0ee41}
"IE11 - Win7" {6177802a-9e7c-4866-aba8-8e62badf5a9a}
"ldap_srv_1543916686020_56596" {2ad9478a-a46a-4405-9865-4d8a9e2e5f20}
"demo" {9553b6ac-f958-405f-8980-e03514051fb1}

Copy the key between {} and use it to query the vm :

VBoxManage guestproperty get 9553b6ac-f958-405f-8980-e03514051fb1 /VirtualBox/GuestAdd/Version
Value: 5.2.18

If you try the other ones they will give all kind of different(older) versions, so each VM definitely has it's own vbox additions installed.

If you downgrade even further things become more clear. On the website with the geerlingguy boxes he stopped mentioning the guest addition versions after V1.2.7 visit

So i stepped back to 1.2.7 and indeed, after installation :

vagrant vbguest

Got different reports about installed GuestAdditions version:
Virtualbox on your host claims:   5.2.10
VBoxService inside the vm claims: 5.2.18
Going on, assuming VBoxService is correct...
[default] GuestAdditions 5.2.18 running --- OK.
Got different reports about installed GuestAdditions version:
Virtualbox on your host claims:   5.2.10
VBoxService inside the vm claims: 5.2.18
Going on, assuming VBoxService is correct...

So this leads me to two statements:

GuestAdditions versions on your host (5.2.18) and guest (5.2.20) do not match, means host is the hypervisors version of VBox+GuestAdd and guest is the Additions version that the box was installed with.

If the host is newer than the box, it seems fine, the other way around means trouble. Just try to match them up! (geerlingguy 1.2.10 works)

creating your own boxes

This is described here : visit but.. it directly states that this is a tedious process, and i surely opt for the alternative, which is to get a default box and extend it to my own needs.

This is very simple : source visit

First vagrant up the box you need to extend, and go ahead installing software etc. After you are satisfied, perform these steps :

make the box as small as possible

sudo apt-get clean

However: It does seem to be good practice but the first thing you will have to do is a apt-get update the get the cache back.

I therefore chose not to clean the cache and leave my box as-is

repackage the box

You could now bring down the box (halt !!, not destroy!!), but the next command will do that anyway :

vagrant package --output mynew.box

The file can be anywhere on the system, this command puts it into the current working directory, in the next step the place is remembered so you might want to move it to a common location. The other boxes where in :

mv mynew.box ~/.vagrant.d/boxes

Add the box to your vagrant install

vagrant box add mijnbox ~/.vagrant/boxes/mynew.box

Alter the box in your vagrant file :

And vagrant up your new box.

amazon

Troubleshooting vagrant

symptom

GATHERING FACTS *************************************************************** 
fatal: [127.0.0.1] => SSH encountered an unknown error during the connection. We recommend you re-run the command using -vvvv, which will enable SSH debugging output to help diagnose the issue

Just after starting vagrant up. The -vvvv will not do anything.

diagnose

Unknown, i only added an apparent cure.

cure

Add a line to map the port (useful if you want to steer ports anyway) :

config.vm.network "private_network", ip: "192.168.33.10"

becomes :

config.vm.network "private_network", ip: "192.168.33.10" config.vm.network "forwarded_port", guest: 22, host: 2223, id: "ssh", auto_correct: true

box-cutter/centos70

This particular box has a problem with the vagrant vboxguest plugin, it will fail with :

Building the OpenGL support module[FAILED] (Look at /var/log/vboxadd-install.log to find out what went wrong. The module is not built but the others are.)

And inspecting the log file will reveal something about :

drm_mmap undeclared

Now this is a known problem, and a workaround is to login to the box and do as root :

cd /usr/src/kernels/2.6.32-431.el6.i686/include/drm/  
ln -s /usr/include/drm/drm.h drm.h  
ln -s /usr/include/drm/drm_sarea.h drm_sarea.h  
ln -s /usr/include/drm/drm_mode.h drm_mode.h  
ln -s /usr/include/drm/drm_fourcc.h drm_fourcc.h}

And then run the vagrant vbguest again, this time it will succeed.

no SATA controller

I was generally using SATA Controller as the controller to add new disks, because these were part of the box-cutter images by default. However, begin December 2016 an update of either Virtualbox, the guest additions or the box-cutter images cause the networking to fail. So i had to find another base for the centos7 boxes. The most prominent one is on the Vagrant site itself : visit , it's the centos/7 box mentioned there. However it does not have a SATA controller, so this line won't work :

vb.customize ["createhd", "--filename", file_to_disk, "--size", 500 * 1024 ]
vb.customize ['storageattach', :id, '--storagectl', 'SATA Controller', '--port', 1, '--device', 0, '--type', 'hdd', '--medium', file_to_disk]

Note: startup the VM and look at the 'storage' section to see if the SATA controller is defined, and also what the exact name is !! It could be named just "SATA" or "SATAController" or "Dave". The name MUST match.

Otherwise you might just want to use IDE controllers because these are default. :

vb.customize ['storageattach', :id, '--storagectl', 'IDE Controller', '--port', 0, '--device', 1, '--type', 'hdd', '--medium', file_to_disk]

A working way to install mate desktop on box-cutter/centos7

All centos boxes seem to want to install vbox guest additions, but not the X11 additions. So somewhere the -nox11 option is explicitly added. But also it is in the way when installing them yourself with vagrant-vbguest. Here is a way to reinstall everything that worked :

VBoxManage list vms

Remember/or cut'n'paste the name of the box, let's say 'my-box' Then reset the name and check that it is empty

VBoxManage guestproperty set “my-box” /VirtualBox/GuestAdd/Version
VBoxManage guestproperty get “my-box” /VirtualBox/GuestAdd/Version

So the last command should say: "No value set!" Now login in to the box and uninstall the current guest additions :

mybox> /opt/VirtualBoxGuestAdditions/uninstall.sh
mybox> rm -rf /tmp/VirtualBox**
mybox> rm -rf /opt/VirtualBox**

Fill in the correct versions. Now run the installer again , with verbose output:

VAGRANT_LOG=info vagrant vbguest --do install

This should either install ok, or give you a lot of info about what might happen. Note : it almost always says it failed with a messages like :

INFO interface: warn: An error occurred during installation of VirtualBox Guest Additions 5.0.12. Some functionality may not work as intended.
In most cases it is OK that the "Window System drivers" installation failed.
An error occurred during installation of VirtualBox Guest Additions 5.0.12. Some functionality may not work as intended.
In most cases it is OK that the "Window System drivers" installation failed.
INFO ssh: Execute: umount /mnt (sudo=true)
INFO ssh: Execute: test -f /tmp/VBoxGuestAdditions.iso && rm /tmp/VBoxGuestAdditions.iso (sudo=false)

So you better just check if it works first, before debugging.

Now you have a virtualbox with two more problems: There were no icons in most of the menu's of the MATE installation, and at every login there was a popup about VBoxClient. I added both as separate chapters for easier lookup :

VBoxClient: the VirtualBox kernel service is not running. Exiting

I have no idea what caused this but on a hunch i tried to boot the second kernel line instead of the first , it was 3.10.0-327 vs 3.10.0-327.4.4. Since that worked i chose the pragmatic way and altered the boot menu of grub. To do that first view /etc/grub2.conf, which contains the strings of the menu options. This file is regenerated so moving the second menu up does not work (i tried ;) . Copy the string from the menu you want to boot and place it in the file /etc/default/grub instead of the line :

GRUB_DEFAULT=saved

Alter it to contain the saved string :

GRUB_DEFAULT="CentOS Linux (3.10.0-327.el7.x86_64) 7 (Core)"

Then rerun the grub configuration :

grub2-mkconfig -o /boot/grub2/grub.cfg

And reboot to see the second option is booted now. Then login to check if the VBoxClient messages is gone.

No icons showing in the MATE desktop menu's

The last time i fixed it with :

yum groupinstall "MATE Desktop"

This has been added to the mate-desktop role now, making all packages installed for mate :

@X Window System
@MATE Desktop
mate-desktop
lightdm
tcpdump
iptraf

And i specifically deleted mate-screensaver because it occasionally hangs the desktop.

yum remove mate-screensaver

After this, i made a new box with :

vagrant halt
vagrant package

And install locally :

mv package.box ~/.vagrant.d/boxes/newname.box
vagrant box add  ~/.vagrant.d/boxes/newname.box

Or remotely :

scp newname.box root@repo.rinis.nl:
ssh root@repo.rinis.nl
mv newname.box /var/www/html/centos/repo/Downloads/vagrant/centos7mate.box
chown reposync.reposync /var/www/html/centos/repo/Downloads/vagrant/cenos7mate.box

Then use this url to fetch it.

config.vm.box_url = "http://repo.rinis.nl/Downloads/vagrant/centos7mate.box"

Though this will not be enough when behind a proxy , see next chapter. proxy problem

When getting a box from repo.rinis.nl it means we want to bypass the proxy and go straight for repo.rinis.nl. However vagrant is in fact ruby and ruby takes the environment and uses that in it's scripts. So it will adopt http_proxy=http://10.10.1.13:3128 and timeout on the download of the box.

Unsetting the environment each time you start a vagrant download is not even an option, so use the following lines in the Vagrantfile itself :

if ENV['http_proxy']
  ENV['http_proxy'] = nil
end

It instructs ruby to unset an environment variable for this script only.

Vagrant hd problem : VERR_ALREADY_EXISTS

Vagrant fails to create a harddisk file for Virtualbox with lines like this :

file_to_disk="./sdb.vdi" vb.customize ["createhd", "--filename", file_to_disk, "--size", 500 * 1024 ]

And it will say :

Progress state: VBOX_E_FILE_ERROR
VBoxManage: error: Failed to create medium
VBoxManage: error: Could not create the medium storage unit '/Users/keesklop/projects/ansible/consolidate/provision-repo/test/./sdb.vdi'.
VBoxManage: error: VDI: cannot create image '/Users/keesklop/projects/ansible/consolidate/provision-repo/test/./sdb.vdi' (VERR_ALREADY_EXISTS)

Actually it will work when you rename the disk file to './sdg.vdi' or something. You can look up what's wrong in the virtualbox interface under 'file'->'virtual media manager' and there will be some erroneous disk names, so just remove them or fix in some other way.

You will see in that list that multiple disks with the same name are normal, just all red ones should be fixed.

Workaround We seem to be stuck with this problem for a while until they fix it. We already went back from vagrant 1.8.5 to 1.8.4 for the 'key insertion' problem. But how far back do we go for this error. 1.8.4 does not fix it So maybe until that time use this workaround that detects the existence of the disk in the Vagrantfile. Actual example of the repo server script (with two attached disks) :

config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--vram", "16"]
    # repo servers have a two-disk setup , which has to be test-installed also
    unless File.exist?(file_to_disk)
        vb.customize ["createhd", "--filename", file_to_disk, "--size", 500 * 1024 ]
        vb.customize ["createhd", "--filename", file_to_disk2, "--size", 500 * 1024 ]
        # now attach it to the default controller which seems to be :
        vb.customize ['storageattach', :id, '--storagectl', 'SATA Controller', '--port', 1, '--device', 0, '--type', 'hdd', '--medium', file_to_disk]
        vb.customize ['storageattach', :id, '--storagectl', 'SATA Controller', '--port', 2, '--device', 0, '--type', 'hdd', '--medium', file_to_disk2]
    end

Vagrant+ansible --limit does not match any hosts

Complete error :

ERROR: Specified --limit does not match any hosts
Ansible failed to complete successfully. Any error output should be visible above. Please fix these errors and try again.

This error occurs when you do not define a default host in the hosts file. For instance this hosts file will not work:

[productie]
reponew.rinis.nl
repo.rinis.net

[development]
192.168.50.23
10.10.7.23

[not_a_dell]
192.168.50.23

But adding this group will work :

[default]
192.168.50.23

Installing vbguest problem

When trying to install vagrant vbguest on a machine that already has a vboxadd installation:

INFO interface: info: VirtualBox Guest Additions installer

VirtualBox Guest Additions installer
 INFO interface: info: You appear to have a version of the VBoxGuestAdditions software
on your system which was installed from a different source or using a
different type of installer.  If you installed it from a package from your
Linux distribution or if it is a default part of the system then we strongly
recommend that you cancel this installation and remove it properly before
installing this version.  If this is simply an older or a damaged
installation you may safely proceed.

do you wish to continue anyway? [yes or no]

You can get rid of this by removing the complete tree at /opt/VBoxGuestAdditions on the target machine. Then run the command again :

VAGRANT_LOG=info vagrant vbguest --do install

Windows testing images

To test Internet Explorer versions in particular, you might not want to buy windows. There is an easy way with vagrant. Microsoft offers VM installations for various combinations of windows and explorers for you to test. See :

visit

There are versions for Virtualbox, VMWare but also vagrant. To install, download and unzip the image, which will give you a .box file. The file will be the basis for the vagrant box so place it somewhere safe (not Download) and add it like this :

vagrant box add "win7 IE8" ~/Install/IE8 - Win7.box
vagrant init "win7 IE8"
vagrant up 

There are more flavours, like IE8,IE9,IE10 and IE11 for windows7 and IE11 for windows 10. I just tried the w7 ones. Now to avoid the same search for proxy settings as always, it is hidden here :

start->control panel->network and internet->internet options->connection->lan settings->proxy..

Now these are virtual machines that expire after 90 days, i presume that is from the installation point and not the download point !? Any way microsoft itself advises you to take a snapshot right after installation and restore that at/after expiration. Todo: test if vagrant destroy/vagrant up also works !

symptom

The machine does not start up but just says 'aborted' Servert, demo install.

diagnose

First re-enable the gui. maybe that gives more info. In general, you can enable debugging with --debug and reread any Vagrantfile changes with reload.

vagrant reload --debug

This clearly hints at network manager (again), but also weirdly it starts up when run like this !?!

cure

Not sure yet, for now it worked to remove network manager, but that also seemed to tear-down X so these steps might get you back on track :

vagrant ssh
sudo su 
yum remove NetworkManager
reboot
# now on the hypervisor, run the mate install again
ansible-playbook playbook.yml

automatic key for ansible

Many use cases are in combination with vagrant to get a working system, but it does mean installing the key manually :

ssh-copy-id vagrant@192.168.3.3

An extra action needed. But there are also boxes that come with ssh login disabled. This time it means :

vagrant ssh
sudo su 
vi /etc/ssh/sshd_config #  change the policy there
systemctl sshd restart
CTRL-D
ssh-copy-id ....

That would mean 6 extra actions. So there is a way to shorten this and use your own key on each of these machines.

Be careful how you use these boxes. Only do this for local testing !!

The private key will be installed on the box (!!) if you do it like this:

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
   # works ok, but it is 80 GB, way too large..
   config.vm.box = "debian/buster64"

   # these are the 3 extra settings :
   config.ssh.insert_key = false
   config.ssh.private_key_path = ["~/.ssh/id_rsa", "~/.vagrant.d/insecure_private_key"]
   config.vm.provision "file", source: "~/.ssh/id_rsa.pub", destination: "~/.ssh/authorized_keys"

   config.vm.network "private_network", ip: "192.168.44.200"
   config.vm.network "forwarded_port", guest: 22, host: 4400, auto_correct: true
   config.vm.provider "virtualbox" do |vb|
       vb.gui = true
       vb.name = "klopt"
       vb.memory = "4096"
       vb.customize ["modifyvm", :id, "--vram", "32"]
   end
end

I included a complete example for quick usage, but the 3 lines do this:

• config.ssh.insert_key : stop the normal insertion of a random generated key
• private_key_path: set the path of all keys (can be multiple)
• provision : install the public key into authorized keys.

You can now start ansible without any extra commands.

there was an error when attempting to rsync a synced folder.

This stopped vagrant up on my owb_forms vm. here are some of the errors displayed

there was an error when attempting to rsync a synced folder. 
vagrant Error: symlink has no referent

It seems to happen when transferring the generated private key. To be short : adding this to Vagrantfile helps :

config.vm.synced_folder ".", "/vagrant", disabled: true