heckyel/cl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cl/content/articles/instalar-un-gestor-de-maquinas-virtuales-en-hyperbola-gnulinux-libre.en.md
Jesús 8597539c45
update to pelican v4.6.0
2021-09-20 20:59:37 -05:00

6.0 KiB
Raw Blame History

Author: Jesús E. Category: Tutorial Date: 2020-05-03 03:12 Image: 2020/05/virt-manager.jpg Lang: en Save_as: install-a-virtual-machine-manager-on-hyperbola-gnulinux-libre/index.html URL: install-a-virtual-machine-manager-on-hyperbola-gnulinux-libre/ Slug: instalar-un-gestor-de-maquinas-virtuales-en-hyperbola-gnulinux-libre Tags: virtual machine, tutorial Title: Install a virtual machine manager in Hyperbola GNU/Linux-libre

Your host may be Hyperbola GNU/Linux-libre x86_64 architecture, for example, but with enough memory and processing power you could run Trisquel{:target="_blank" rel="noopener noreferrer"} and Dragora{:target="_blank" rel="noopener noreferrer"} at the same time, on the same machine.

What is a virtual machine?

A virtual machine is software that simulates a computer system and can execute programs as if it were a real computer. This software was originally defined as "an efficient and isolated duplicate of a physical machine".

What programs allow me to run a virtual machine?

In totally free operating systems there is a program called qemu that allows us to virtualize.

Qemu{:target="_blank" rel="noopener noreferrer"} works through the command line, but there are also GUIs.

In this guide we explain how to install Virtual Machine Manager{:target="_blank" rel="noopener noreferrer"} which is very complete when virtualizing operating systems.

Virtual Machine Manager installation

Check if your PC supports virtualization

:::console
$ LC_ALL=C lscpu | grep Virtualization

or run the command:

:::console
$ lsmod | grep kvm

If your computer supports virtualization, you should see the output as Virtualization: VT-x or Virtualization: AMD-V, otherwise your computer is not capable of virtualizing.

Virtual Machine Manager Installing

:::console
# pacman -Sy

# pacman -S virt-manager qemu vde2 dnsmasq bridge-utils openbsd-netcat libvirt firewalld

# gpasswd -a <tu-usuario> kvm

# gpasswd -a <tu-usuario> libvirt

Check kvm group

:::console
# grep -E 'group="kvm"|group="78"' /etc/libvirt/qemu.conf

Check if there is group="kvm" or group="78"

Enable kernel modules for virtualization

  • kvm_intel module (Intel processors)

      :::console
  # modprobe kvm_intel

  • kvm_amd module (AMD processors)

      :::console
  # modprobe kvm_amd

Verify that the virtual machine is configured correctly

:::console
$ virt-host-validate

Services

Virt-Manager relies on the libvirtd and firewalld services to function.

Here we explain how to start these services:

Start libvirtd

:::console
# rc-service libvirtd start

Add libvirtd for default

:::console
# rc-update add libvirtd default

Start firewalld

:::console
# rc-service firewalld start

Add firewalld for default

:::console
# rc-update add firewalld default

Remove Services

If you want to remove the services and start only when you want, run:

:::console
# rc-update del libvirtd default

# rc-update del firewalld default

Enable nested virtualization in KVM

Nested virtualization allows you to run a virtual machine (VM) within another VM while still using host hardware acceleration.

Checking if nested virtualization is supported

For Intel processors, check the /sys/module/kvm_intel/parameters/nested file. For AMD processors, check the /sys/module/kvm_amd/parameters/nested. If you see 1 or Y, nested virtualization is supported; if you see 0 or N, nested virtualization is not supported.

For example:

:::console
$ cat /sys/module/kvm_intel/parameters/nested
Y

Enable nested virtualization for Intel processors:

  1. Turn off all running virtual machines and reload kvm_intel module:

     :::console
 # modprobe -r kvm_intel

  2. Activate the nesting function

     :::console
 # modprobe kvm_intel nested=1

  3. Nested virtualization is enabled until the host is restarted. To enable it permanently, add the following line to /etc/modprobe.d/kvm.conf file:

     :::console
 # nano -w /etc/modprobe.d/kvm.conf
 ----------------------------------
 options kvm_intel nested=1

Enable nested virtualization for AMD processors:

  1. Turn off all running virtual machines and reload kvm_amd module:

     :::console
 # modprobe -r kvm_amd

  2. Activate the nesting function

     :::console
 # modprobe kvm_amd nested=1

  3. Nested virtualization is enabled until the host is restarted. To enable it permanently, add the following line to /etc/modprobe.d/kvm.conf file:

     :::console
 # nano -w /etc/modprobe.d/kvm.conf
 ----------------------------------
 options kvm_intel nested=1

Virtual Machine Manager screenshots

Dragora in Virtual Machine Manager
Screenshot of Dragora GNU/Linux in Virtual Machine Manager
Trisquel in Virtual Machine Manager
Screenshot of Trisquel GNU/Linux in Virtual Machine Manager

Modules with security issues

The vhost_net module has CVE-2018-3646{:target="_blank" rel="noopener noreferrer"} security issues which is L1TF and SMT CPU error with possible data leak. It's recommended to disable it as follows:

:::console
# modprobe -r vhost_net

If you are in Hyperbola GNU/Linux-libre this module comes disabled.

*[GUI]: Graphical user interface