Sunday, 29 July 2018

Introduction to Crostini - Part 1: HP Chromebox G2


What is Crostini?

Official definition

Crostini is the umbrella term for making Linux application support easy to use and integrating well with Chrome and Chromium OS. It largely focuses on getting you a Terminal with a container with easy access to install whatever developer-focused tools you might want.

Explanation

Crostini is like a Matryoshka set of operating systems: an OS within an OS within an OS. The Chrome OS runs a Virtual Machine (VM) which runs a self-contained (container) Linux OS:


To a certain extent it is similar to the Windows Subsystem for Linux (WSL) in Windows 10 in that it provides a 'shell' (or a CLI) which enables you to run native Linux command-line tools directly on Chrome alongside your the Chrome apps. However it differs significantly from WSL in that the container runs the same Linux kernel that is running the VM (think 'chroot' but more secure) whereas WSL uses a compatibility layer on top of the native Windows kernel that simulates a Linux kernel environment in order to run ELF binaries and system call translation.

You can run more than one container:


with the default container (penguin) running Debian 9 (stretch) which contains some additional custom packages amongst which provide integration with Chrome.

Currently Crostini is in Beta and has limited availability being restricted at this stage to the premium Pixelbook and just the very latest Chomebooks together with the new HP Chromebox G2.



I'm using the Intel Celeron 3865U model of the G2 primarily because it is a similar device to the VORKE V5 Plus and in Part 2 I will show how to use Crosini on that device using my build of Chromium OS.

Enabling (installing) Crostini

Using Crostini is very simple and thankfully you do not need to put the device into developer mode however you do need a working internet connection and you currently must switch to the development channel:


Then simply go to Chrome OS settings (chrome://settings) and scroll down to “Linux (Beta)” and turn it on:


Next click install:


After downloading the necessary software a 'terminal' to the default container will appear:


Welcome to Debian 9 (stretch)


From here you can are in a 'bash' shell so I as per best practice I run 'apt update', 'apt upgrade':


followed by 'dpkg-reconfigure tzdata' to configure the time.


Running a GUI desktop and applications

Unlike WSL that does not aim to support GUI desktops or applications it is possible to do so under Crostini. For simplicity I recommend using 'taskel' to install the LXDE Debian desktop environment:

apt install taskel
tasksel with LXDE Debian desktop environment

To access the LXDE desktop simply install and use VNC:

apt install tightvncserver
vncserver
hostname -I
`

Integration with Chrome OS

Immediately after installing the desktop you will see some applications are available through Chrome. The following are some examples of container/Chrome integration:

Running Firefox through Chrome interface

Running Firefox through VNC interface

Running LibreOffice Calc through Chrome interface

Running LibreOffice Calc through VNC interface

Running Terminal through Chrome interface

Running Terminal through VNC interface


Accessing Linux files through Chrome

Your Linux files can be acccess using the 'Files' application under 'Linux Files':




Using alternative containers

As mentioned you are not restricted to running just the default container (and therefore Debian) in the VM as you can run multiple containers of varying Linux OS distros. New containers are imported from existing container image. 

Example: Import a pre-configured Lubuntu container image

In this example I have previously built on a different machine a container based on the upcomng Cosmic Lubuntu release and installed some additional applications including a VNC server. I then exported an image of the container as a tarball which will be used in this example.

Because of the 'tmp' file system space limitations I've split the tarball using 'split' into two parts to allow importing given this restriction.

Having copied the split tarball parts to a USB the first step is to copy them onto this device. As you cannot access a USB from the VM you first need to copy the files into a container (the default one in this example) and then extract the files to the VM:


Open the browser and enter CTRL-ALT-T to open a 'crosh'. Then connect to the VM using the command 'vsh termina'. Next make a directory to store the tarball files e.g. 'mkdir /mnt/stateful/lxc_conf/tmp' noting that this location has the largest space which is writeable to. Pull the files from the container using the 'lxc file pull <container_name>/<location>/<filename> <filename>'. Finally recreate the tarball and remove the split files as in:


You can now import the tarball as a container image in the current VM with the command 'lxc image import cosmic.tar.gz -- alias cosmic' and then create and start the container 'cosmic' from the image with 'lxc launch cosmic cosmic':


Because the image was created externally with a different user (linuxium) and group (linuxium) they need to be renamed to the current user and group (linuxiumcomau) using the following commands:

lxc exec cosmic -- killall -u linuxium
lxc exec cosmic -- groupmod -n linuxiumcomau linuxium
lxc exec cosmic -- usermod -md /home/linuxiumcomau -l linuxiumcomau linuxium
lxc exec cosmic -- loginctl enable-linger linuxiumcomau

You can then login to the container with 'lxc exec cosmic -- /bin/login -f linuxiumcomau' and start the VNC server.

Finally you can access the container using VNC after first checking the IP addrress with 'hostname -I':


Notice how the new applications are not integrated into Chrome like the with default container:


however applications from both this new container and the default container can be run in parallel:



Example: Build a new container based on Ubuntu from a built-in image remote

LXD comes with 3 default remotes providing images:
ubuntu: (for stable official and tested Ubuntu images)
ubuntu-daily: (for untested daily builds of the development Ubuntu release images)
images: (for various community supported distros including Ubuntu images)
To list all the available stable Ubuntu images use the command 'lxc image list ubuntu:':


The list can be restricted to a release for example using 'lxc image list ubuntu:18.04':


To create and start the container 'bionic' from the Ubuntu 18.04 image use the command 'lxc launch ubuntu:18.04 bionic':


You can then login to the container as root with 'lxc exec bionic -- bash".

As the container is created with the user 'ubuntu' it is first best to rename the user and group to be the same as being used in the default container. Afterwards you can then login to container as the user e.g. 'lxc exec bionic -- /bin/login -f linuxiumcomau':


'sudo' access won't work unless you also edit the user in '/etc/sudoers.d/90-cloud-init-users':


To install the full Ubuntu desktop use the command 'apt install ubuntu-desktop^' having first run 'apt update' and 'apt upgrade':


Then for GUI access install LXDE and a VNC server e.g. 'apt install lxde lxde-common tightvncserver':


Finally configure the VNC server:


After restarting the VNC server you can connect to your new container using VNC:



Accessing a different container's files through Chrome

Using 'Secure Shell App', you can set up a SFTP mount to the other remote containers and then browse via the 'Files' app. Note that you must set a password on your user so you can authenticate the SFTP mount request:





Access a container remotely

Install and configure 'Connection Forwarder' with a rule that forwards VNC connections to the IP address of the device to the IP address of the container:




Removing Crostini

Removing Crostini is a simple as removing the VM. Simply go to Chrome OS settings (chrome://settings) and scroll down to “Linux (Beta)”:


and remove it:




Trying Crostini

Whilst the above examples are taken from a HP Chromebox G2 they are not devices specific so will work on any official Chrome device currently supporting Crostini together with any device running a version of Chromium OS built with Crosini support.

If you only have a VORKE V5 Plus mini PC then see Part 2 where I provide my Chromium OS build together with instructions on how to install Chromium OS and use Crosini.


Please donate if you find this guide useful using the following link http://goo.gl/nXWSGf.

No comments:

Post a Comment