AS we dive into FreeIPA (or for the RedHat users out there, Identity Management), it's important to have a learning environment setup. I'll be using a machine that I originally bought for some Steam Gaming, but have used maybe twice in the time I've had it for that purpose.
So, I installed Ubuntu 20.04 on the bare metal, and next installed Virt-Manager, KVM, QEMU, and a couple of other utilities on it, and we will use it for our FreeIPA experiement.
A couple of things we want out of our virtual machine playground for this to work well:
- Easily Bridged Network Interfaces (so the network on my virtual machines will be part of my main LAN - just for ease)
- The ability to connect remotely and manage the Virtual Machines.
- The ability to have the VMs stay up and running in the background unless I shut them down intentionally.
There are dozens of virtualization options out there, and you are welcome to use any system you prefer. I ask only the following:
If you run into issues and have not used Virt-manager, please make sure that you have setup the networking in the same way as me for troubleshooting ease.
Virtualbox, is absolutely a usable options, but I found it to be a bit more resource intensive in my early testing, and decided to give Virt-manager a try.
Installing Virt-Manager and its Dependencies
In Ubuntu, make sure you've updated your repos. You can do this now with the command:
sudo apt update
Or via the GUI through Software Updates.
Next we'll install all of the dependecies and virt-manager itself.
sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager -y
You most likely don't have to reboot, but I did, just in case.
Now, you should be able to start virt-manager from the GUI by searching you applications for Virt-Manager, or from the CLI by typing
If you get an error when it starts, you may need to use sudo privileges to start virt-manager.
Install our First Client OS (our Server)
The first Client OS we want to insstall is Fedora 32 Workstation. NOTE: Fedora 33 Workstation was in Beta when I began this, and is now out. I presume it will work just as well, but I have not tested on anything except Fedora 32.
You can download the Fedora 32 Workstation .iso file from https://dl.fedoraproject.org/pub/fedora/linux/releases/32/Workstation/
Let's Get it Installed as a VM
Open Virt-manager, and click on the New VM Button
Next, make sure "QEMU / KVM" is selected in the drop-down, the select "Local Install Medie" from the radio-buttons, and click "Forward".
On the next screen we need to select our .iso file, so click the "Browse..." button.
Now click the "Downloads" option on the left (presuming you downloaded the .iso file to your Downloads folder). If you don't see the "Downloads" option, or you have the .iso file somewhere else, click the "+" icon at the bottom of the left pane, and select the location from there.
Once the location is selected in the left pane, you should see a list of available files in the right pane to choose from. Select the Fedora 32 Workstation .iso file, then click "Choose Volume"
On the next screen, make sure the bottom field says "Fedora". If it doesn't, then type into the field, and select the Fedora 32, or Fedora Unknown option from the list that pops up. Then click "Forward".
On the next screen set your RAM alottment for this VM, and the CPU alottment.
The FreeIPA docs suggest a minimum of 4 GB RAM and 2 CPUs. Try to set it no lower, but make sure you leave CPU and RAM for your host machine, as well as for our next VM install for our FreeIPA client machine.
I set mine to 4096 MB RAM (4 GB), and 2 CPUs. Now click "Forward"
Next, make sure to enable storage for this Virtual Machine if it's not already checked. You can keep the default, or change it if you wish. I only intended to use this for testing FreeIPA so I set it down to 15 GB, but I also have a fairly small SSD on this host machine.
Next, we need to give our VM a name. I suggest using the FQDN (Fully Qualified Domain Name) you'll use for it on the network. In my case I made it ipasrv.myhome.local. I use .local because I don't intend to try and connect over the internet. I'll only connect through the LAN.
NOTE: This does not set the hostname of the machine. It is just a name to identify the machine in our list of Virtual Machines in Virt-manager.
Before leaving this screen, you need to expand the Network selection section.
Select the host device / interface that is connected to your netowrk, and make sure the Source Mode drop-down is set to "bridge". Don't worry about the warning text that comes up. It does that to me every time, and has worked every time without issue.
Now, when you click "Finish" you'll see the Virtual Machine start, and you can follow along in the Video to get Fedora installed on the Virtual Drive.
Install our FreeIPA Client
The good news, is that you are just going to repeat the steps above to install our Ubuntu VM. Instead of using the Fedora 32 Workstation .iso, we want to use a Ubuntu 20.04 .iso (though ubuntu !8.04, 18.10, 19.04, 19.10, and / or 20.10 should work as well). NOTE: I have only tested this using Ubuntu 20.04.
You can download the Ubuntu 20.04.1 .iso from https://ubuntu.com/download/desktop/thank-you?version=20.04.1&architecture=amd64.
Once downloaded, follow the same steps as above to create a New VM, select the Ubuntu iso, and so on. The only change you may want to make is to give it 1 CPU instead of 2 (going on the assumption that you have 4 CPUs to work with on your host machine.
Again, follow the video for getting Ubuntu installed as a Virtual Machine.
Once you've got these setup, we will be ready to start installing the FreeIPA Server, and the FreeIPA Client. We'll do that in Part II of this series. I'll release Part II just a couple of days after this video is released.