VirtualCenter Server from VMware
Now you have all you need to host a wide range of operating systems and applications. With the power of the ESXi server and its ability to manage hardware resources, you can quickly create new machines and play with them as desired. And thanks to the server's ability to create snapshots, you don't have to worry about wasting time trying to rebuild a system that was destroyed by a virus or some invalid configuration. Simply revert to a previous point in history, and your system is cleansed of all wrongdoing.
The ESXi provides a great resource for local lab building, but VMware has pushed the limits of virtualization to the edge and can provide a remote desktop to your machine via a browser via the console. Consider the possibilities:
- Full access to your lab from anywhere
- Share your lab with remote users
- Training and exercise development for multiple users
- Remote assistance via shared console access
- Permissions-based machine access
The VMware VirtualCenter is available as a 60-day trial download and is included in the Virtual Infrastructure Management demo. Though it's included with the VIM, the VirtualCenter is a completely different solution. The difference comes down to the number of machines. Basically, the single-device ESX management solution is $1,500 for the standard (basic) version. If you want to manage multiple hosts, you'll need VirtualCenter, which starts at $6,000. However, for enterprises with multiple virtual machines spread across multiple sites, the power provided by this central management solution is well worth the cost.
Perhaps the neatest thing about VirtualCenter is its ability to port consoles to a browser. As a result, it's possible to open a browser anywhere in the world and remotely connect to your network. This capability might be beyond the needs of a lab, but it creates a perfect solution for on-the-road testing and management. The following steps walk through the procedure for connecting to a remote virtual machine.
- Ensure that VirtualCenter is installed on an internal machine that's accessible from outside the firewall (port forwarding).
- Log into VirtualCenter from the local system via VIC. Note that you'll need to use a local administrator's account to log into VirtualCenter. (Please ensure that the account has a password.) Once logged in, you should see a window similar to the one shown in Figure 12.
Figure 12 A fresh VirtualCenter installation.
- Right-click Hosts & Clusters, select Add Datacenter, and enter a name for new datacenter.
- Right-click the new datacenter and select Add Host.
- Enter the IP of the ESX server and the username/password. Click through the wizard until it's finished.
At this point, you can manage the ESXi server with the much more powerful VirtualCenter, which provides features such as roles, automated snapshots, moving and management of machines, and more. However, you also can manage your virtual machines via a browser. To do this, simply open Firefox or Internet Explorer and go to http://<IP_<VirtualCenter> (replace <IP_<VirtualCenter> with the IP address for your VirtualCenter). This action opens a web page from which you can select Log in to Web Access (see Figure 13), which will redirect you to a secure connection that will prompt for a username and password (see Figure 14).
Figure 13 VirtualCenter main web page.
Figure 14 VirtualCenter web login.
This will load up the VMware Web Access component of VirtualCenter, from which you can control your virtual machines. Note that you may be required to install a plug-in for the console to load. Figure 15 shows BackTrack 3 running in a browser—just beautiful.
Figure 15 Running BackTrack 3 via web-based console.
Security note: It's possible to generate a Remote Console URL that can be used to access a specific console directly. The URL is encoded, as illustrated in the following lines, but it's trivial to decode it and re-create a new URL that will point to a different console:
It's possible to use roles and restrict certain users to limited access—or no access—of a certain machine, but the concept of a direct URL should not be assumed to be a secure URL.