In the beginning there was dual boot, it was the only way to have more than one operating system on the same laptop. At the time, it was difficult for these operating systems to be run simultaneously or interact with each other. Many years passed before it was possible, on common PCs, to run an operating system inside another through virtualization.
Recent PCs or laptops, including moderately-priced ones, have the hardware features to run virtual machines with performance close to the physical host machine.
Virtualization has therefore become normal, to test operating systems, as a playground for learning new techniques, to create your own home cloud, to create your own test environment and much more. This article walks you through using Virt Manager on Fedora to setup virtual machines.
Introducing QEMU/KVM and Libvirt
Fedora, like all other Linux systems, comes with native support for virtualization extensions. This support is given by KVM (Kernel based Virtual Machine) currently available as a kernel module.
QEMU is a complete system emulator that works together with KVM and allows you to create virtual machines with hardware and peripherals.
Finally libvirt is the API layer that allows you to administer the infrastructure, ie create and run virtual machines.
The set of these three technologies, all open source, is what we’re going to install on our Fedora Workstation.
Step 1: install packages
Installation is a fairly simple operation. The Fedora repository provides the “virtualization” package group that contains everything you need.
sudo dnf install @virtualization
Step 2: edit the libvirtd configuration
By default the system administration is limited to the root user, if you want to enable a regular user you have to proceed as follows.
Open the /etc/libvirt/libvirtd.conf file for editing
sudo vi /etc/libvirt/libvirtd.conf
Set the domain socket group ownership to libvirt
unix_sock_group = "libvirt"
Adjust the UNIX socket permissions for the R/W socket
unix_sock_rw_perms = "0770"
Step 3: start and enable the libvirtd service
sudo systemctl start libvirtd
sudo systemctl enable libvirtd
Step 4: add user to group
In order to administer libvirt with the regular user you must add the user to the libvirt group, otherwise every time you start virtual-manager you will be asked for the password for sudo.
sudo usermod -a -G libvirt $(whoami)
This adds the current user to the group. You must log out and log in to apply the changes.
Getting started with virt-manager
The libvirt system can be managed either from the command line (virsh) or via the virt-manager graphical interface. The command line can be very useful if you want to do automated provisioning of virtual machines, for example with Ansible, but in this article we will concentrate on the user-friendly graphical interface.
The virt-manager interface is simple. The main form shows the list of connections including the local system connection.
The connection settings include virtual networks and storage definition. it is possible to define multiple virtual networks and these networks can be used to communicate between guest systems and between the guest systems and the host.
Creating your first virtual machine
To start creating a new virtual machine, press the button at the top left of the main form:
The first step of the wizard requires the installation mode. You can choose between a local installation media, network boot / installation or an existing virtual disk import:
Choosing the local installation media the next step will require the ISO image path:
The subsequent two steps will allow you to size the CPU, memory and disk of the new virtual machine. The last step will ask you to choose network preferences: choose the default network if you want the virtual machine to be separated from the outside world by a NAT, or bridged if you want it to be reachable from the outside. Note that if you choose bridged the virtual machine cannot communicate with the host machine.
Check “Customize configuration before install” if you want to review or change the configuration before starting the setup:
The virtual machine configuration form allows you to review and modify the hardware configuration. You can add disks, network interfaces, change boot options and so on. Press “Begin installation” when satisfied:
At this point you will be redirected to the console where to proceed with the installation of the operating system. Once the operation is complete, you will have the working virtual machine that you can access from the console:
The virtual machine just created will appear in the list of the main form, where you will also have a graph of the CPU and memory occupation:
libvirt and virt-manager is a powerful tool that allows great customization to your virtual machines with enterprise level management. If something even simpler is desired, note that Fedora Workstation comes with GNOME Boxes pre-installed and can be sufficient for basic virtualization needs.
Since late 1990’s into the early 2000’s, I have used virtualization on many PC’s in Industrial Control applications. For the Systems Integrator/Solution Provider of Industrial Control applications programming, it has been a must have. This is due in large part to the fact that different OEM vendors of the control equipment (PLC’s, HMI’s etc…) didn’t play well together, and it was a constant, sometimes very painful, process of reconfiguring your system to accomidate that. VM’s wiped that out overnight.
I have a question, which is the best pratice to use another directory to store de ISO’s and the VM’s files, like an external drive, instead the main disk.
In the connection details, storage, you can add a large number of storage pool type. If you have an external drive you can mount it on a directory and add this directory as storage pool.
Nice article Marco. Virt-Manager has been my go-to for KVM VM management for many years due to it’s incredible detail in the settings. One thing I’d like to point out, in the article it is stated, “Note that if you choose bridged the virtual machine cannot communicate with the host machine.” In my experience I’ve been able to communicate with the host machine after configuring bridge mode. My guest VM would get the IP address from the router instead of the default NAT. I used the instructions from Lief Madsen’s site to do it. Even though it was published almost 3 years ago it still works today. Maybe using these instructions allows communication to the host.
Great suggestion! Thanks.
John L. Ries
Curiously enough, IBM’s OS/2 employed virtualization to run its DOS and Windows subsystems back in the 1990s.
I recently found my old OS/2 Warp CD and reinstalled it in a virtual machine, fully functional 🙂
Walter van der Schee
What OS/2 called virtualization, was the i386 ‘virtual 8086’ mode, which allowed the Intel 80386 to run up to 8 fully protected 8086 mode PC VM’s. If the DOS mode needed no more than 16-bit addressing, this worked nicely and quick (for a i386 machine…). DOS extenders or Windows enhanched mode did not run inside those VMs, since it was 16-bit 8086 mode nothing more.
Very interesting article. I knew there was a way to manage VMs without VMware or VirtualBox. Did you make an article about the “Debian” side of things (I use Ubuntu servers) ?
Debian has packages in its repository, https://wiki.debian.org/KVM I’m pretty sure also Ubuntu has.
Is this a viable alternative for recent-ish Windows-targeted games? Or am I stuck with a native installation?
I think at least there is a display performance problem. Spice console has pretty good performances but not enough for gaming.
Ho Ron, have you checked out the virtio option for graphics instead of QXL. According to https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Deployment_and_Administration_Guide/sect-KVM_Para_virtualized_virtio_Drivers-Using_KVM_virtio_drivers_for_GPU_devices.html. this enhances GPU 3d acceleration performance. This may work with some — or maybe all — your games. You can find the virtio drivers and installation guide at https://docs.fedoraproject.org/en-US/quick-docs/creating-windows-virtual-machines-using-virtio-drivers/index.html
i need example how run raspbery pi zero w in qemu
If you install the qemu-system-arm package you can choose the arm architecture at the first step of VM creation. This article helps you https://fedoraproject.org/wiki/Architectures/ARM/HowToQemu
Does this open up an security hole if someone gains access to the normal user? Isn’t the reason for sudo the wish to isolate systemstuff from the regular user should someone enter the user’s id?
Consider that virt-manger can be used (and it is used) to administer libvirt remotely. In this case, using a regular user instead of root is a security enhancement.
I am confused. Why would administering libvirt remotely through a regular user be more secure than root? Isn’t the root user harder to come by? Or does this have to do with usually disallowing root to log on remotely?
P.S. I am a longtime fedora user, but I guess there is a lot about security that I do not know.
How is the performance. I had tried this setup a couple years ago and found the performance to be horrible to the point of being unusable. So I have resorted to virtualbox. If there has been vast performance improvements to the virt-manager system of virtualization then I may give it a try again.
The computational performances are close to those of the host machine, this because the CPU virtualization is not emulated but managed directly by the hardware (if it supports). This applies to all hypervisors including VirtualBox. Of course processes that benefit from other low-level computational resources, such as GPUs, cannot have comparable performance.
Also consider that KVM is widely used in cloud implementations, for example OpenStack.
This is actually brilliant compare to Virtual Box and other variants. I had bit of trouble when installing a windows machine using VirtIO. Here is a guide i found if any one needed.
Superb article, many thanks for this. I’m also a long time user of Fedora and Virtualbox. Now I feel more confident to run virtual machine with virt-manager so I can release Virtualbox to regain space on my SSD … 🙂
Justin W. Flory
I was surprised virt-manager was mentioned. I noticed in the RHEL 8.0 release notes, virt-manager is deprecated in favor of Cockpit. Will virt-manager continue to receive active development attention or should Fedora users look more closely at using Cockpit to manage libvirt VMs?
Currently the management of virtual machines in Cockipt has limited functionality compared to virt-manager. This is the current version of Fedora.
Still waiting for the ability to create virtual networks on the libvirt user session. Then I wouldn’t have to have permissions to the system instance and wouldn’t have to reconfigure the storage path so that the images aren’t stored on /var.