Author: Jesús E. Category: Tutorial Date: 2020-05-03 03:12 Modified: 2022-03-22 05:57 Diaspora: https://diasp.org/u/heckyel Image: 2020/05/virt-manager.jpg Lang: en Mastodom: https://masto.nobigtech.es/@heckyel Save_as: install-a-virtual-machine-manager-on-hyperbola-gnulinux-libre/index.html Slug: instalar-un-gestor-de-maquinas-virtuales-en-hyperbola-gnulinux-libre Tags: virtual machine, tutorial Title: Install a virtual machine manager in Hyperbola GNU/Linux-libre URL: install-a-virtual-machine-manager-on-hyperbola-gnulinux-libre/ Your host may be Hyperbola GNU/Linux-libre x86_64 architecture, for example, but with enough memory and processing power you could run [Trisquel][trisquel]{:target="_blank" rel="noopener noreferrer"} and [Dragora][dragora]{:target="_blank" rel="noopener noreferrer"} at the same time, on the same machine. ## What is a virtual machine? A virtual machine is software that simulates a computer system and can execute programs as if it were a real computer. This software was originally defined as "an efficient and isolated duplicate of a physical machine". ## What programs allow me to run a virtual machine? In totally free operating systems there is a program called `qemu` that allows us to virtualize. [Qemu][qemu]{:target="_blank" rel="noopener noreferrer"} works through the command line. ## Enable virtualization ### Check if your PC supports virtualization :::console $ LC_ALL=C lscpu | grep Virtualization or run the command: :::console $ lsmod | grep kvm If your computer supports virtualization, you should see the output as `Virtualization: VT-x` or `Virtualization: AMD-V`, otherwise your computer is not capable of virtualizing. ### Qemu Installing :::console # pacman -Sy # pacman -S qemu vde2 dnsmasq bridge-utils # gpasswd -a kvm ### Enable kernel modules for virtualization - kvm_intel module (Intel processors) :::console # modprobe kvm_intel - kvm_amd module (AMD processors) :::console # modprobe kvm_amd ### Enable nested virtualization in KVM Nested virtualization allows you to run a virtual machine (VM) within another VM while still using host hardware acceleration. #### Checking if nested virtualization is supported For Intel processors, check the `/sys/module/kvm_intel/parameters/nested` file. For AMD processors, check the `/sys/module/kvm_amd/parameters/nested`. If you see `1` or `Y`, nested virtualization is supported; if you see `0` or `N`, nested virtualization is not supported. For example: :::console $ cat /sys/module/kvm_intel/parameters/nested Y #### Enable nested virtualization for Intel processors: 1. Turn off all running virtual machines and reload `kvm_intel` module: :::console # modprobe -r kvm_intel 2. Activate the nesting function :::console # modprobe kvm_intel nested=1 3. Nested virtualization is enabled until the host is restarted. To enable it permanently, add the following line to `/etc/modprobe.d/kvm.conf` file: :::console # nano -w /etc/modprobe.d/kvm.conf ---------------------------------- options kvm_intel nested=1 #### Enable nested virtualization for AMD processors: 1. Turn off all running virtual machines and reload `kvm_amd` module: :::console # modprobe -r kvm_amd 2. Activate the nesting function :::console # modprobe kvm_amd nested=1 3. Nested virtualization is enabled until the host is restarted. To enable it permanently, add the following line to `/etc/modprobe.d/kvm.conf` file: :::console # nano -w /etc/modprobe.d/kvm.conf ---------------------------------- options kvm_intel nested=1 ## Qemu usage Make virtual disk to use Virtual Machine. :::console $ qemu-img create hyper.qcow2 10G ### Simple usage :::bash #!/bin/bash qemu-system-x86_64 \ -monitor stdio \ --enable-kvm -m 512 \ -cdrom /path/to/hyperbola-milky-way-v0.4-dual.iso \ -drive file=/path/to/hyper.qcow2,if=virtio \ -boot c -rtc base=localtime \ -device virtio-keyboard-pci \ -net nic -net user \ -vga virtio `-net user` is important to have internet access within your new system. `-m 512` is the set virtual RAM size (megabytes), default is 128 MB, I chose 512 ### Qemu + VNC as server :::bash #!/bin/bash qemu-system-x86_64 \ -monitor stdio \ --enable-kvm -m 512 \ -cdrom /path/to/hyperbola-milky-way-v0.4-dual.iso \ -drive file=/path/to/hyper.qcow2,if=virtio \ -boot c -rtc base=localtime \ -device virtio-keyboard-pci \ -net nic -net user \ -vga virtio \ -display none \ -vnc :0 One can add the `-vnc :X` option to have QEMU redirect the VGA display to the VNC session. Substitute X for the number of the display (0 will then listen on 5900, 1 on 5901, 2 on 5902, etc). >Warning: The default VNC server setup does not use any form of >authentication. Any user can connect from any host. > Maybe check: ### Qemu screenshots
Hyperbola in Qemu
Screenshot of Hyperbola GNU/Linux-libre in Qemu
Trisquel in Qemu
Screenshot of Trisquel GNU/Linux in Qemu
### Modules with security issues The `vhost_net` module has [CVE-2018-3646][spectre]{:target="_blank" rel="noopener noreferrer"} security issues which is L1TF and SMT CPU error with possible data leak. It's recommended to disable it as follows: :::console # modprobe -r vhost_net If you are in Hyperbola GNU/Linux-libre this module comes disabled. [dragora]: https://dragora.org [trisquel]: https://trisquel.info [qemu]: https://wiki.qemu.org/Main_Page [spectre]: https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html