Create virtual machines with Cockpit in Fedora

This article shows you how to install the software you need to use Cockpit to create and manage virtual machines on Fedora 31. Cockpit is an interactive admin interface that lets you access and manage systems from any supported web browser. With virt-manager being deprecated users are encouraged to use Cockpit instead, which is meant to replace it.

Cockpit is an actively developed project, with many plugins available that extend how it works. For example, one such plugin is “Machines,” which interacts with libvirtd and lets users create and manage virtual machines.

Installing software

The required software prerequisites are libvirt, cockpit and cockpit-machines. To install them on Fedora 31, run the following command from a terminal using sudo:

$ sudo dnf install libvirt cockpit cockpit-machines

Cockpit is also included as part of the “Headless Management” package group. This group is useful for a Fedora based server that you only access through a network. In that case, to install it, use this command:

$ sudo dnf groupinstall "Headless Management"

Setting up Cockpit services

After installing the necessary packages it’s time to enable the services. The libvirtd service runs the virtual machines, while Cockpit has a socket activated service to let you access the Web GUI:

$ sudo systemctl enable libvirtd --now
$ sudo systemctl enable cockpit.socket --now

This should be enough to run virtual machines and manage them through Cockpit. Optionally, if you want to access and manage your machine from another device on your network, you need to expose the service to the network. To do this, add a new rule in your firewall configuration:

$ sudo firewall-cmd --zone=public --add-service=cockpit --permanent
$ sudo firewall-cmd --reload

To confirm the services are running and no issues occurred, check the status of the services:

$ sudo systemctl status libvirtd
$ sudo systemctl status cockpit.socket

At this point everything should be working. The Cockpit web GUI should be available at https://localhost:9090 or https://127.0.0.1:9090. Or, enter the local network IP in a web browser on any other device connected to the same network. (Without SSL certificates setup, you may need to allow a connection from your browser.)

Creating and installing a machine

Log into the interface using the user name and password for that system. You can also choose whether to allow your password to be used for administrative tasks in this session.

Select Virtual Machines and then select Create VM to build a new box. The console gives you several options:

  • Download an OS using Cockpit’s built in library
  • Use install media already downloaded on the system you’re managing
  • Point to a URL for an OS installation tree
  • Boot media over the network via the PXE protocol

Enter all the necessary parameters. Then select Create to power up the new virtual machine.

At this point, a graphical console appears. Most modern web browsers let you use your keyboard and mouse to interact with the VM console. Now you can complete your installation and use your new VM, just as you would via virt-manager in the past.


Photo by Miguel Teixeira on Flickr (CC BY-SA 2.0).

For System Administrators Using Software

16 Comments

  1. Lucas

    The software is great and is very easy to use.
    What if my computer does not support virtualization technology at all ?
    because i tried to install and setting up new machine in my fedora 30 and it gave
    me an error.

    • It is possible that your computer simply does not permit running Virtual Machines, you can check the BIOS settings to see if virtualization is simply disabled and enable it. If you have an Intel based system the configuration related to Virtualization will be called something like “Intel VT-d” or “Enable Intel Virtualization”. On AMD systems it will be called something like “AMD-V” or just “Enable Virtualization”. In either case the configuration to enable/disable virtualization usually can be found under CPU settings or under Advanced settings in BIOS – the exact procedure to access BIOS settings or how Virtualization settings are named in BIOS differs between different manufacturers, so it’s best to consult the user manual.

      Additionally, if you’re sure Virtualization is enabled in BIOS, you can check if the system meets the requirements by running: “virt-host-validate” (comes with libvirt and should already be available).

  2. RaphGro

    You should also take a look into Ravada VDI. We’ve it as a package in Fedora called ravada.
    https://ravada.readthedocs.io/en/latest/

  3. OppaErich

    Well, that failed fast. I’ve tried to setup a VM for FreeDOS but it does not start. There’s a red ‘OOPS’ and no VM.

    No VM is running or defined on this host

  4. OppaErich

    Hi,
    I can’t edit so I add another. Another try discovered a permission denied on the ISO.
    [oppa@oppa-labor ~]$ ls -l ~/Downloads/FD12CD.iso
    -rw-rw-r–. 1 root root 438777856 28. Nov 16:43 /home/oppa/Downloads/FD12CD.iso

    WTH? Why is this owned by root? Do I become root in Chrome by using this Cockpit thing?

    This is scary, I’ll stop using Cockpit.

    • Normally, no – Chrome doesn’t run as root when accessing Cockpit, however, tasks executed while authenticated in Cockpit and with the checkbox “Reuse my password for privileged tasks” will be run as elevated.

      You can try setting the ownership of the ISO media to “qemu:qemu” (“sudo chown qemu:qemu INSTALLATION.iso”) and see if that resolves the issue. If that wasn’t enough, SE Linux might have restricted Libvirt to access the installation ISO – you can set the context with “sudo chcon system_u:object_r:virt_content_t:s0 INSTALLATION.iso”.

    • SELinux requires that the ISO have the context virt_image_t set on it or it won’t read it. So try

      chcon virt_image_t FD12CD.iso
  5. David

    I don’t understand why virt-manager is being deprecated. Cockpit seems to be very limited in functionality compared to virt-manager. In Cockpit, I cannot even select UEFI instead of BIOS for the virtual machine, virtio-scsi controller, enable discard unmap feature etc.

    • Personally, I agree – at this moment virt-manager does offer more configuration available in GUI than Cockpit. At the same time, you still have access to virsh – the commandline interface that allows for more complex configurations than either in Cockpit or virt-manager.

      Switching over to Cockpit was a change that was made by Red Hat, I’m sure there was a good reason for it. In the meantime, Cockpit is a constantly evolving project – new features are added all the time. And I’m sure virt-manager won’t stop functioning or disappear from the repositories anytime soon or before the same functionality has been introduced in Cockpit. You can head over to GitHub and follow the progress of development and take part in improving it – https://github.com/cockpit-project/cockpit

    • First, I’ll note that “deprecated” is not the same as “removed”. virt-manager is still available as part of the libvirt upstream.

      The main reason I expect it’s being replaced by Cockpit is so that users are not required to have a Linux workstation system around just to manage their VMs. The virt-manager tool requires a full graphical environment in which to run, whereas Cockpit can run in any modern web browser.

  6. Bryce Hardy

    I get an error message saying:

    “ERROR authentication failed: access denied by policy”

  7. dtw

    I just tried cockpit and I can see how it replaces virt-manager for creating, starting and stopping VMs. What I don’t understand is how I access the VM itself from cockpit? Is the assumption that we only run headless VMs?

  8. I know I’ve had Cockpit work in the past (and it was a pretty slick interface). I’m currently working on trying to figure why my Fedora 31 server’s resetting TCP connections when I try to connect to Cockpit using Firefox.

  9. Severo Acevedo

    How to work it on Fedora SilverBlue?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

The opinions expressed on this website are those of each author, not of the author's employer or of Red Hat. Fedora Magazine aspires to publish all content under a Creative Commons license but may not be able to do so in all cases. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The Fedora logo is a trademark of Red Hat, Inc. Terms and Conditions

%d bloggers like this: