Install a virtual machine manager in Hyperbola GNU/Linux-libre

Your host may be Hyperbola GNU/Linux-libre x86_64 architecture, for example, but with enough memory and processing power you could run Trisquel and Dragora at the same time, on the same machine.

What is a virtual machine?

A virtual machine is software that simulates a computer system and can execute programs as if it were a real computer. This software was originally defined as "an efficient and isolated duplicate of a physical machine".

What programs allow me to run a virtual machine?

In totally free operating systems there is a program called qemu that allows us to virtualize.

Qemu works through the command line, but there are also GUIs.

In this guide we explain how to install Virtual Machine Manager which is very complete when virtualizing operating systems.

Virtual Machine Manager installation

Check if your PC supports virtualization

$ LC_ALL=C lscpu | grep Virtualization

or run the command:

$ lsmod | grep kvm

If your computer supports virtualization, you should see the output as Virtualization: VT-x or Virtualization: AMD-V, otherwise your computer is not capable of virtualizing.

Virtual Machine Manager Installing

# pacman -Sy

# pacman -S virt-manager qemu vde2 dnsmasq bridge-utils openbsd-netcat libvirt firewalld

# gpasswd -a <tu-usuario> kvm

# gpasswd -a <tu-usuario> libvirt

Check kvm group

# grep -E 'group="kvm"|group="78"' /etc/libvirt/qemu.conf

Check if there is group="kvm" or group="78"

Enable kernel modules for virtualization

  • kvm_intel module (Intel processors)

    # modprobe kvm_intel
    
  • kvm_amd module (AMD processors)

    # modprobe kvm_amd
    

Verify that the virtual machine is configured correctly

$ virt-host-validate

Services

Virt-Manager relies on the libvirtd and firewalld services to function.

Here we explain how to start these services:

Start libvirtd

# rc-service libvirtd start

Add libvirtd for default

# rc-update add libvirtd default

Start firewalld

# rc-service firewalld start

Add firewalld for default

# rc-update add firewalld default

Remove Services

If you want to remove the services and start only when you want, run:

# rc-update del libvirtd default

# rc-update del firewalld default

Enable nested virtualization in KVM

Nested virtualization allows you to run a virtual machine (VM) within another VM while still using host hardware acceleration.

Checking if nested virtualization is supported

For Intel processors, check the /sys/module/kvm_intel/parameters/nested file. For AMD processors, check the /sys/module/kvm_amd/parameters/nested. If you see 1 or Y, nested virtualization is supported; if you see 0 or N, nested virtualization is not supported.

For example:

$ cat /sys/module/kvm_intel/parameters/nested
Y

Enable nested virtualization for Intel processors:

  1. Turn off all running virtual machines and reload kvm_intel module:

    # modprobe -r kvm_intel
    
  2. Activate the nesting function

    # modprobe kvm_intel nested=1
    
  3. Nested virtualization is enabled until the host is restarted. To enable it permanently, add the following line to /etc/modprobe.d/kvm.conf file:

    # nano -w /etc/modprobe.d/kvm.conf
    ----------------------------------
    options kvm_intel nested=1
    

Enable nested virtualization for AMD processors:

  1. Turn off all running virtual machines and reload kvm_amd module:

    # modprobe -r kvm_amd
    
  2. Activate the nesting function

    # modprobe kvm_amd nested=1
    
  3. Nested virtualization is enabled until the host is restarted. To enable it permanently, add the following line to /etc/modprobe.d/kvm.conf file:

    # nano -w /etc/modprobe.d/kvm.conf
    ----------------------------------
    options kvm_intel nested=1
    

Virtual Machine Manager screenshots

Dragora in Virtual Machine Manager
Screenshot of Dragora GNU/Linux in Virtual Machine Manager
Trisquel in Virtual Machine Manager
Screenshot of Trisquel GNU/Linux in Virtual Machine Manager

Modules with security issues

The vhost_net module has CVE-2018-3646 security issues which is L1TF and SMT CPU error with possible data leak. It's recommended to disable it as follows:

# modprobe -r vhost_net

If you are in Hyperbola GNU/Linux-libre this module comes disabled.

Post a comment on "Install a virtual machine manager in Hyperbola GNU/Linux-libre"

You can format your comment with Markdown. Avatar from Libravatar