Reading more than experimenting, here I go to test some knowledge shared in the Internet, while this person is the base inspiration of this post. I really like his style, while I have no implications with his voice. (I have some implications with some other users that share good information about OpenBSD). Anyway, lets dive into this Virtualization technology, that is already included in OpenBSD, which is fast enought to do what I wish to, which is only running isolated applications in a dedicated enviroment, without the need to buy new hardware, while that choice is for later days. Right now, this will be tested in a Laptop that have OpenBSD, while I try to follow the recommendations that this YouTuber share with everyone.
Note: The answer of AI had some errors, which demonstrate how much AI cannot help, while it helps when is describing the application or process, even if OpenBSD documentation don't have the best examples, I invite the community to share more examples. I don't care about graphics, I care about defensive security, since the offensive is the criminal one, at least, when is not asked to perform those attacks. For example, I read about some Apache2 world wide attack. Is amazing.. I like so much the Apache features, while I need to stand with Nginx, for now. I think that Perl have some problems, and Apache have some Perl modules that by logic, create problems, like the CGI and others, which is technology that is used by many users and companies around the world.
Anyway, I guess everything is possible, while we always need to make a choice, at least we have time to learn more about all, and make some choice.
So, vmctl is a tool to control the virtual-machines.
And before we start to play with them, we need to ensure that everything is ready
doas fw_updatedoas rcctl enable vmddoas rcctl start vmd
Next, we need to add net.inet.ip_forwarding=1 to /etc/sysctl.conf
Then, we need to "copy and paste" the example using in OpenBSD documentation(networking) in vmm, into /etc/pf.conf
After that, we should reload the Firewall rules to apply them: doas pfctl -f /etc/pf.conf, so our vms can access internet.
Like this guy did, I follow his suggestion even if is not the best for that I wish, is not the worst indeed. mkdir ~/vmms && cd vmms
Now, we need to create the Hard drive of this virtual-machine, but AI suggestion was to create the total space in a file, while the author of this tutorials that you can find in his YouTube channel, let us create the file without expending the limit-size of that file-disk. So we do
doas vmctl create -s (size) nameofDisk.qcow2As you can see using ls -lh, the file that have for example 50GB is wasting only 250kb
Before we continue is good to remember the Obvious: we need to download the linux distribution or bsd if we wish.
qutebrowser distrowatch.com while we want the servers, not the GUIs distros. Debian is good enought.
With that in place lets start the vm and follow the tricks that this OpenBSD user share.
doas vmctl start -c -m 2G -L -i 1 -r $PATH/to/iso/file.iso -d $PATH/to/disk-file.qcow2 Debian13
The Debian installation process starts, while if you press Enter-key, you will blow it. This is a concern, I may need to change this to FreeBSD or OpenBSD it self, but is quiet nice the technical hack that he use, to continue the installation. Don't press enter use TAB and enter the code: console=ttyS0,9600n8 , then press Enter-key and you will get another error, and after that one, press Space-key to continue the installation.
This expert approach is awesome but hopefully I don't need this approach when installing distros that don't use GUI by default, it will work with OpenBSD or FreeBSD, without doing this cool hack all the time I need to create a dedicated-vm.
After installation is finish the start the new vm.
In the main host, doing ifconfig gives the IP of the new vm. If we install SSH-SERVER we can connect to it and start preparing our vms.
Now we can think: How much hard-disk-space Nginx needs to work propertly?
How much Memory?
I guess for testing can be few, but for realtime, is much more, while that space, can be managed in the main host.