KVM from the command line

Share your own howto's etc. Not for support questions!

KVM from the command line

Postby Head_on_a_Stick » 2019-12-30 21:11

The Kernel Virtual Machine, or KVM, is a full virtualization solution for Linux on x86 (64-bit included) hardware containing virtualization extensions (Intel VT or AMD-V). Using KVM one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc. KVM is open source software. The kernel component of KVM is included in mainline Linux, as of 2.6.20. The userspace component of KVM is included in mainline QEMU, as of 1.3.

https://www.linux-kvm.org/page/Main_Page

Debian offers two graphical front-end management programs for use with QEMU/KVM — gnome-boxes and virt-manager — but these both pull in lots of extra dependencies and run autostarted system daemons that may not be needed at all if the qemu-system command is run directly from the command line, or from shell functions and scripts.

For this guide I will show how to run a KVM-enabled virtual machine with a shared clipboard, a shared folder, automatic resizing of the guest desktop to fit the host's window and automatic pass-through for USB ports, all directly from the command line. It is a curated and condensed version of this ArchWiki page, which can be referred to for more detail: https://wiki.archlinux.org/index.php/QEMU

Prerequisites

Host:

The hardware virtualisation options for the processor need to be enabled from the firmware ("BIOS") menus, for Intel they should be called "VT-X" extensions and for AMD look for "AMD-V". Check if they are enabled in the host by running:
Code: Select all
LC_ALL=C lscpu | grep Virtualization

We also need the QEMU/KVM packages and a SPICE viewer to see the desktop:
Code: Select all
# apt install qemu-kvm virt-viewer

Guest:

Once the guest is installed (see the next section for details) we need the SPICE package for clipboard sharing:
Code: Select all
# apt install spice-vdagent

The xserver-xorg-video-qxl package is also needed but that's pulled in by the xorg metapackage and so should already be installed in most systems.

Installing the Guest

First create a directory to work in:
Code: Select all
mkdir ~/qemu

If this is on a btrfs filesystem then be sure to disable copy-on-write for that directory to prevent image corruption:
Code: Select all
# chattr +C ~/qemu

Now create a disk image, this example uses 30GiB with the raw format (use qcow2 for a smaller image size at the cost of some I/O):
Code: Select all
cd ~/qemu
qemu-img create -f raw disk.img 30G

And finally run the virtual machine with the disk & ISO image attached (2GiB of RAM are assigned in this example):
Code: Select all
kvm -m 2G -drive file=~/qemu/disk.img,format=raw,cache=none,if=virtio -cdrom /path/to/example.iso -boot order=d

That should pop up a QEMU screen running the installer, follow the usual installation steps and make sure that /dev/vda is selected as the bootloader target (it will offer /dev/fd0 as the default choice, which is the floppy drive).

Running the Guest

The guest can be run with a fairly simple qemu-system invocation (as when the system was being installed but without the ISO image):
Code: Select all
kvm -m 2G -drive file=~/qemu/disk.img,format=raw,cache=none,if=virtio

But for a shared clipboard and automatic desktop resizing a SPICE viewer is needed, for Debian this is provided by the virt-viewer package and the remote-viewer(1) command.

These options will launch QEMU for a SPICE viewer with a shared clipboard:
Code: Select all
kvm -m 2G \
    -cpu host \
    -soundhw hda \
    -drive file=~/qemu/disk.img,format=raw,cache=none,if=virtio \
    -vga qxl \
    -device virtio-serial-pci \
    -device virtserialport,chardev=spicechannel0,name=com.redhat.spice.0 \
    -chardev spicevmc,id=spicechannel0,name=vdagent \
    -spice unix,addr=/tmp/vm_spice.socket,disable-ticketing \
    &

And this will connect the viewer:
Code: Select all
remote-viewer "spice+unix:///tmp/vm_spice.socket"

Shared folder

There are several options for folder sharing under QEMU but here we are going to use Plan 9 folder sharing over Virtio because it doesn't need any servers running and it's the most l33t option by far.

Details here: https://wiki.qemu.org/Documentation/9psetup

Debian's kernel has all the required configuration so we just need to add these options (just before the ampersand line in the qemu-system command):
Code: Select all
    -fsdev local,id=qemu_dev,path=/home/$user/Public,security_model=none \
    -device virtio-9p-pci,fsdev=qemu_dev,mount_tag=qemu_mount \

^ That shares ~/Public, replace $user with the actual username.

Then create a shared folder on the guest:
Code: Select all
# mkdir /shared

Correct the ownership so your normal user can access it (replace "$user" with the actual username):
Code: Select all
# chown -R $user:$user /shared

And add this line to /etc/fstab in the guest to mount it automatically on demand:
Code: Select all
qemu_mount /shared 9p rw,sync,dirsync,access=client,trans=virtio,x-systemd.automount 0 0

USB device passthrough

Details here: https://www.spice-space.org/usbredir.html

So for USB 3.0 support (two ports) we add these options:
Code: Select all
    -device nec-usb-xhci,id=usb \
    -chardev spicevmc,name=usbredir,id=usbredirchardev1 \
    -device usb-redir,chardev=usbredirchardev1,id=usbredirdev1 \
    -chardev spicevmc,name=usbredir,id=usbredirchardev2 \
    -device usb-redir,chardev=usbredirchardev2,id=usbredirdev2 \


Launching the Guest

So now we can put all these options together in a launch script, for this we will use a file at /usr/bin/virt-launch with this content (again, replace $user with the actual username):
Code: Select all
#!/bin/sh
qemu-system-x86_64 -enable-kvm \
                   -m 2G \
                   -cpu host \
                   -smp cores=4 \
                   -drive file=/home/$user/qemu/disk.img,format=raw,cache=none,if=virtio \
                   -soundhw hda \
                   -vga qxl \
                   -device virtio-serial-pci \
                   -device virtserialport,chardev=spicechannel0,name=com.redhat.spice.0 \
                   -chardev spicevmc,id=spicechannel0,name=vdagent \
                   -spice unix,addr=/tmp/vm_spice.socket,disable-ticketing \
                   -device nec-usb-xhci,id=usb \
                   -chardev spicevmc,name=usbredir,id=usbredirchardev1 \
                   -device usb-redir,chardev=usbredirchardev1,id=usbredirdev1 \
                   -chardev spicevmc,name=usbredir,id=usbredirchardev2 \
                   -device usb-redir,chardev=usbredirchardev2,id=usbredirdev2 \
                   -fsdev local,id=qemu_dev,path=/home/$user/Public,security_model=none \
                   -device virtio-9p-pci,fsdev=qemu_dev,mount_tag=qemu_mount \
                   &
remote-viewer "spice+unix:///tmp/vm_spice.socket"

Now make the file exectable:
Code: Select all
# chmod +x /usr/local/bin/virt-launch

Once that's done the VM & viewer can be started with the virt-launch command.

For an XDG-compliant menu entry use a file at /usr/local/share/applications/virt-launch.desktop with this content:
Code: Select all
[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=Virtual Machine
Comment=Start QEMU/KVM with ~/qemu/disk.img
Exec=/usr/local/bin/virt-launcher
Categories=System;

Happy virtualisation! :)
Last edited by Head_on_a_Stick on 2020-01-01 19:52, edited 1 time in total.
User avatar
Head_on_a_Stick
 
Posts: 12129
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: KVM from the command line

Postby Bulkley » 2019-12-30 23:53

Thank you.
Bulkley
 
Posts: 5940
Joined: 2006-02-11 18:35

Re: KVM from the command line

Postby Bulkley » 2019-12-31 00:30

Question: does any of this depend on systemd? Spice-vdagent comes to mind. I don't know if systemd is directly or indirectly required. I've also had problems with USB redirect. Openrc is running on this machine.
Bulkley
 
Posts: 5940
Joined: 2006-02-11 18:35

Re: KVM from the command line

Postby Head_on_a_Stick » 2019-12-31 10:51

Bulkley wrote:Question: does any of this depend on systemd?

The only bit of the guide that uses systemd is the /etc/fstab line in the guest, which uses the x-systemd.automount option to only mount the shared folder on demand.

I've just tested virtual versions of MX-19 and antiX-19 and they both mount the shared folder just fine without systemd but it's always mounted rather than just on demand. The spice-vdagent daemon runs in both so automatic resizing works.
User avatar
Head_on_a_Stick
 
Posts: 12129
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: KVM from the command line

Postby Bulkley » 2019-12-31 16:45

In my previous experiments with VMs MX and Sid share while Antix and Devuan do not. They all have spice-vdagent. Antix and Devuan do not have systemd0.

I've been working my way through your instructions. Bunsen Labs Helium live CD booted beautifully. Install bogged down my old machine to the point that nothing ran. I'll try again later.
Bulkley
 
Posts: 5940
Joined: 2006-02-11 18:35

Re: KVM from the command line

Postby Bulkley » 2020-01-01 15:55

Something's missing or I'm doing something wrong. Before proceeding:
Code: Select all
~$ LC_ALL=C lscpu | grep Virtualization
Virtualization:        VT-x


I tried Bl Helium, two versions of Antix and two versions of MX.
Code: Select all
kvm -m 4G -drive file=~/qemu/disk.img,format=raw,cache=none,if=virtio -cdrom /home/bob/Downloads/[whichever].iso
does a beautiful job of bringing up the iso and running the live version. When installing, whether from the live version or directly from the boot menu, it proceeds for a few minutes and then bogs down my system to the point that I have to REISUB and reboot. We're rowing the boat but someone dropped the anchor.

As a test, I did a fresh VM install of MX using Boxes. It installed promptly. I did a few of my fresh install chores including installing spice-vdagent and easily shared. No problem. No slowing down of bogging the system. No anchor.

My system is Stretch. Does Buster install something I'm missing? I installed xserver-xorg-video-qxl but it made no difference.
Bulkley
 
Posts: 5940
Joined: 2006-02-11 18:35

Re: KVM from the command line

Postby Head_on_a_Stick » 2020-01-01 16:04

Bulkley wrote:When installing, whether from the live version or directly from the boot menu, it proceeds for a few minutes and then bogs down my system to the point that I have to REISUB and reboot.

How much system memory do you have? I think boxes assigns 2GiB by default but my command uses 4GiB, which may leave the host with too little memory.
User avatar
Head_on_a_Stick
 
Posts: 12129
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: KVM from the command line

Postby Bulkley » 2020-01-01 17:40

Head_on_a_Stick wrote:How much system memory do you have? I think boxes assigns 2GiB by default but my command uses 4GiB, which may leave the host with too little memory.
Good call; I have 4GiB.

Good call. This works.
Code: Select all
kvm -m 2G -drive file=~/qemu/disk.img,format=raw,cache=none,if=virtio -cdrom /home/bob/Downloads/MX-18.2_x64.iso


MX up and running. Thanks.
Bulkley
 
Posts: 5940
Joined: 2006-02-11 18:35

Re: KVM from the command line

Postby Head_on_a_Stick » 2020-01-01 19:51

I've changed the OP to use 2GiB instead of 4, that should still be enough for just about anything.
User avatar
Head_on_a_Stick
 
Posts: 12129
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: KVM from the command line

Postby barlafuss » 2020-01-01 20:34

Very interesting topic. Following.
Thanks !
barlafuss
 
Posts: 14
Joined: 2007-11-11 17:49
Location: Milan

Re: KVM from the command line

Postby Dai_trying » 2020-01-03 09:31

I have been using QEMU/KVM for a little while now and certainly found this thread useful (thank you Hoas), I have been using virt-manager as when I first started with QEMU I was having a lot of problems (due to my lack of knowledge) and found that virt-manager was similar enough to VirtualBox to be more familiar, and could get me started quicker.
Since this was posted I have found that when launching a QEMU instance (using virt-manager) I can search ps for the running process (ps aux | grep qemu) and it will give me all the options that have been used to start it (example output below), I have found this to be very helpful in setting some of the other parameters that can be useful when running VM's.

Code: Select all
libvirt+  1720  102  0.4 4897316 73736 ?       Sl   09:55   0:42 /usr/bin/qemu-system-x86_64 -name guest=lamp01,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-1-lamp01/master-key.aes -machine pc-q35-3.1,accel=kvm,usb=off,vmport=off,dump-guest-core=off -cpu Skylake-Client-IBRS,ss=on,hypervisor=on,tsc_adjust=on,clflushopt=on,umip=on,md-clear=on,ssbd=on,xsaves=on,pdpe1gb=on -m 4096 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1 -uuid 96a874fa-523c-4a84-8d73-9eef86f47803 -no-user-config -nodefaults -chardev socket,id=charmonitor,fd=26,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=delay -no-hpet -no-shutdown -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 -boot strict=on -device pcie-root-port,port=0x10,chassis=1,id=pci.1,bus=pcie.0,multifunction=on,addr=0x2 -device pcie-root-port,port=0x11,chassis=2,id=pci.2,bus=pcie.0,addr=0x2.0x1 -device pcie-root-port,port=0x12,chassis=3,id=pci.3,bus=pcie.0,addr=0x2.0x2 -device pcie-root-port,port=0x13,chassis=4,id=pci.4,bus=pcie.0,addr=0x2.0x3 -device pcie-root-port,port=0x14,chassis=5,id=pci.5,bus=pcie.0,addr=0x2.0x4 -device pcie-root-port,port=0x15,chassis=6,id=pci.6,bus=pcie.0,addr=0x2.0x5 -device pcie-root-port,port=0x16,chassis=7,id=pci.7,bus=pcie.0,addr=0x2.0x6 -device qemu-xhci,p2=15,p3=15,id=usb,bus=pci.2,addr=0x0 -device virtio-serial-pci,id=virtio-serial0,bus=pci.3,addr=0x0 -drive file=/home/dai/VirtualMachines/lamp.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 -device virtio-blk-pci,scsi=off,bus=pci.4,addr=0x0,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive if=none,id=drive-sata0-0-0,media=cdrom,readonly=on -device ide-cd,bus=ide.0,drive=drive-sata0-0-0,id=sata0-0-0 -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:ed:f6:50,bus=pci.1,addr=0x0 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,fd=30,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -device usb-tablet,id=input0,bus=usb.0,port=1 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vram64_size_mb=0,vgamem_mb=16,max_outputs=1,bus=pcie.0,addr=0x1 -device ich9-intel-hda,id=sound0,bus=pcie.0,addr=0x1b -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0,bus=usb.0,port=2 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1,bus=usb.0,port=3 -device virtio-balloon-pci,id=balloon0,bus=pci.5,addr=0x0 -object rng-random,id=objrng0,filename=/dev/urandom -device virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.6,addr=0x0 -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny -msg timestamp=on


And just to note that this example output is in no way fine tuned, it is a machine I set up quickly to test something and so most options are default (for virt manager).

Hopefully soon with the help of Howto's like this (and plenty of search-fu) I will become more proficient and could do away with some of the extra packages that I currently have had to install.
Dai_trying
 
Posts: 924
Joined: 2016-01-07 12:25

Re: KVM from the command line

Postby eor2004 » 2020-01-04 02:28

Thanks HoaS for this guide, very interesting, been looking to try a VM alternative other than Virtualbox! :)
OS: Debian 10 Buster 64-bit DE: MATE 1.20 CPU: AMD Phenom II X4 925 @ 2.8GHZ RAM: 8GB CORSAIR XMS2 PC2-6400U DDR2 (CM2X2048-6400C5C) GPU: ATI Radeon HD 3200 Mobo: Gigabyte GA-MA78GPM-DS2H HDD: Hitachi 2TB (HUA723020ALA641) 7200RPM
User avatar
eor2004
 
Posts: 219
Joined: 2013-10-01 22:49
Location: Puerto Rico

Re: KVM from the command line

Postby Lecram » 2020-01-10 10:13

Head_on_a_Stick wrote:
Debian offers two graphical front-end management programs for use with QEMU/KVM — gnome-boxes and virt-manager — but these both pull in lots of extra dependencies and run autostarted system daemons that may not be needed at all if the qemu-system command is run directly from the command line, or from shell functions and scripts.

There is also an another GUI option for QEMU called qemu-system-gui in the repo. In my testing VGA with std and qxl option cannot maximize properly and only virtio option could do that.
User avatar
Lecram
 
Posts: 118
Joined: 2009-06-03 08:54
Location: India

Re: KVM from the command line

Postby Head_on_a_Stick » 2020-01-10 14:56

Lecram wrote:qemu-system-gui

That's the GTK window for use without SPICE or VNC, it's not a management GUI like gnome-boxes or virt-viewer.
User avatar
Head_on_a_Stick
 
Posts: 12129
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: KVM from the command line

Postby k829king » 2020-04-24 11:40

What is the command line for qemu-system-gui ?
Is it the same thing as when you click Open from the Virtual Machine Manager ( virt-manager) ?
Reason for asking is I'm finding that when I click Open I can see the initial grub menu and or sometimes the usual startup messages but it seems to always go blank/black/freeze and I need to close it and it I click Open again and it is then on the signon screen and all okay from then on. Are there alternative ways to access the VM, or would that need setting up VNC or RDP?
k829king
 
Posts: 49
Joined: 2018-08-26 09:47

Next

Return to Docs, Howtos, Tips & Tricks

Who is online

Users browsing this forum: No registered users and 3 guests

fashionable