#libvirt — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #libvirt, aggregated by home.social.
-
My favorite hobby is my #homelab. It’s where I continuously improve my Unix administration and networking skills. It took me basically all weekend but I have my home lab completely isolated and virtualized on an 8th gen i7 Dell OptiPlex 7060 with 32GB of RAM. I also have a 14TB Iron Wolf HD
The hardest part was setting up the virtual network. I’d never done that kind of thing manually. I’d just used whatever default network that #libvirt created for me. This was hard and did require googling and reading #manpages. The problem with the wizard that creates networks is there’s no option for both DNAT and SNAT.
I learned a lot and got it working perfectly despite the garbage #verizon CR1000A router and its notorious bug. Yeah, you can’t add static routes. So I’m in a double NAT situation. Turns out this is okay because it effectively isolates the homelab. All I had to do was add static routing on my laptop and desktop.
Nobody else will be able to access my homelab unless they know its network and gateway addresses, much less how to configure a static route. It’s basic but works.
-
I think I've worked out what was wrong with my VMs on Fedora 44.
Looks like the firewall rules that Docker sets up do not play well with the ones libvirtd adds.
Forcing Docker to use nftables rather than iptables/firewalld appears to fix things
https://github.com/moby/moby/issues/52612
-
Anybody else seeing network problems with Boxes/Libvirt VMs on Fedora 44?
I imported an existing disk image and tried to create a new from a Ubuntu ISO and neither get NAT network access.
If so please add any details from here:
-
I've imported a VM disk image into Fedora 44 boxes (I forgot to export the XML) and while it has got a IP address on the default network it doesn't appear to have access to the outside world (no NAT).
Anybody know how to enable it?
-
PSA for anyone using #QEMU #KVM for #SingleGPUPassthrough
Guides are all over the net suggesting hooks scripts invoking pci devices, unloading/loading kernel modules, and other unnecessary things. Here's my current hook script for starting the VM:systemctl stop display-managerThat's it. And the reverse for teardown:
systemctl start display-manager#IOMMU groups still apply, and you need to pass the correct PCI devices to your VM, but everything else is handled automatically.
Disclaimer that this is how it works currently for my AMD card. I did have a working setup with my NVIDIA card that did unload/load kernel modules, however it seems things have come a long way since I set that up.
-
PSA for anyone using #QEMU #KVM for #SingleGPUPassthrough
Guides are all over the net suggesting hooks scripts invoking pci devices, unloading/loading kernel modules, and other unnecessary things. Here's my current hook script for starting the VM:systemctl stop display-managerThat's it. And the reverse for teardown:
systemctl start display-manager#IOMMU groups still apply, and you need to pass the correct PCI devices to your VM, but everything else is handled automatically.
Disclaimer that this is how it works currently for my AMD card. I did have a working setup with my NVIDIA card that did unload/load kernel modules, however it seems things have come a long way since I set that up.
-
Asking the same question here as well.
When using libvirtd/qemu+kvm what is your preferred way for sharing a folder with a huge dataset >50TB into multiple guests especially in the case where you want the VM to be network isolated.
Are you using:
* the filesystem-"device": virtiofs, virtio-9p, mtp
* the disk-device: with dir-source
* link-local network with: NFS, SMB, ...
* a different architecture entirely?See full question: https://www.reddit.com/r/HomeServer/comments/1skp5u5/storage_pass_through_without_to_libvirtqemu_vm/
-
Apparently there is no way to run dhcpd that binds to individual interface and #libvirt network on the same host. The solutions are:
1. Find a dhcpd that binds to *:67 (and then only responds to configured interfaces/networks), or
2. Manage the libvirt bridge network interface manually, or
3. Hack libvirt with a custom patch, or
4. Create a separate interface with different dhcpd port, and bind the dhcpd to that interface and prot. Forward dhcp packets from the desired interface to this custom interface and port.I found this out the hard way when I planned to replace isc-dhcp-server with kea-dhcp4-server.
Apparently the kernel errors out if different applications want to bind to UDP *:port and UDP interface:port. Multiple apps binding to UDP *:port is fine and that is why isc-dhcp-server works with libvirt.
Two apps binding to different UDP interface0:port and interface1:port are of course ok, but unfortunately libvirt generates the bridge dnsmasq config in a way that doesn't allow specifying the specific interface for binding or excluded interfaces: https://github.com/libvirt/libvirt/blob/3f3cb3ab51740c30f1016c4fe657c48a14cc8462/src/network/bridge_driver.c#L1144
-
-
One Open-source Project Daily
Yosild is a single shell script that builds a full, minimal Linux distribution based on BusyBox.
https://github.com/jaromaz/yosild
#1ospd #opensource #busybox #cli #debian #distro #hyperv #kernelcompilation #kvm #libvirt #linux #linuxdistribution #operatingsystem #shell #terminal #ubuntu #virtualbox -
One Open-source Project Daily
Yosild is a single shell script that builds a full, minimal Linux distribution based on BusyBox.
https://github.com/jaromaz/yosild
#1ospd #opensource #busybox #cli #debian #distro #hyperv #kernelcompilation #kvm #libvirt #linux #linuxdistribution #operatingsystem #shell #terminal #ubuntu #virtualbox -
One Open-source Project Daily
Yosild is a single shell script that builds a full, minimal Linux distribution based on BusyBox.
https://github.com/jaromaz/yosild
#1ospd #opensource #busybox #cli #debian #distro #hyperv #kernelcompilation #kvm #libvirt #linux #linuxdistribution #operatingsystem #shell #terminal #ubuntu #virtualbox -
One Open-source Project Daily
Yosild is a single shell script that builds a full, minimal Linux distribution based on BusyBox.
https://github.com/jaromaz/yosild
#1ospd #opensource #busybox #cli #debian #distro #hyperv #kernelcompilation #kvm #libvirt #linux #linuxdistribution #operatingsystem #shell #terminal #ubuntu #virtualbox -
One Open-source Project Daily
Yosild is a single shell script that builds a full, minimal Linux distribution based on BusyBox.
https://github.com/jaromaz/yosild
#1ospd #opensource #busybox #cli #debian #distro #hyperv #kernelcompilation #kvm #libvirt #linux #linuxdistribution #operatingsystem #shell #terminal #ubuntu #virtualbox -
Just discovered libvirt ssh proxy with is working with systemd-ssh-generator to transfer ssh through vsock. So you can simply
$ virt-install --vsock cid.auto=yes --cloud-init user-data...And then ssh with
$ ssh qemu:system/myvmno need to predict or discover the IP address (or even to have a network interface)
-
In my (short) dad time this morning, I've tried to install mgmt [1] to run a distributed hello world on my main machine running on Ubuntu LTS. The built-in binaries depend on augeas which was easy to fix. But also libvirt which is surprisingly old on Ubuntu compared to Debian (latest). I tried to build it myself but I couldn't install nex (the lexer). I then built the binary using Docker thanks to the quick start guide.
I first started to run mgmt in standalone mode. It's nice to see etcd embedded in the binary (at least for testing). Then I tried to deploy multi mgmt nodes with a standalone etcd using docker-compose. I've lost a lot of time trying to override the command because I didn't remember the expected syntax.
I was trying to make etcd listen to all interfaces so mgmt could connect when my daughter showed up.
[1] https://github.com/purpleidea/mgmt (@purpleidea)
#mgmt #homelab #selfhosting #etcd #docker #libvirt #ubuntu #debian
-
In my (short) dad time this morning, I've tried to install mgmt [1] to run a distributed hello world on my main machine running on Ubuntu LTS. The built-in binaries depend on augeas which was easy to fix. But also libvirt which is surprisingly old on Ubuntu compared to Debian (latest). I tried to build it myself but I couldn't install nex (the lexer). I then built the binary using Docker thanks to the quick start guide.
I first started to run mgmt in standalone mode. It's nice to see etcd embedded in the binary (at least for testing). Then I tried to deploy multi mgmt nodes with a standalone etcd using docker-compose. I've lost a lot of time trying to override the command because I didn't remember the expected syntax.
I was trying to make etcd listen to all interfaces so mgmt could connect when my daughter showed up.
[1] https://github.com/purpleidea/mgmt (@purpleidea)
#mgmt #homelab #selfhosting #etcd #docker #libvirt #ubuntu #debian
-
In my (short) dad time this morning, I've tried to install mgmt [1] to run a distributed hello world on my main machine running on Ubuntu LTS. The built-in binaries depend on augeas which was easy to fix. But also libvirt which is surprisingly old on Ubuntu compared to Debian (latest). I tried to build it myself but I couldn't install nex (the lexer). I then built the binary using Docker thanks to the quick start guide.
I first started to run mgmt in standalone mode. It's nice to see etcd embedded in the binary (at least for testing). Then I tried to deploy multi mgmt nodes with a standalone etcd using docker-compose. I've lost a lot of time trying to override the command because I didn't remember the expected syntax.
I was trying to make etcd listen to all interfaces so mgmt could connect when my daughter showed up.
[1] https://github.com/purpleidea/mgmt (@purpleidea)
#mgmt #homelab #selfhosting #etcd #docker #libvirt #ubuntu #debian
-
Updated: Resolve Libvirt Error Unable to Find EFI Firmware
- Fix redirect links
https://www.adamsdesk.com/posts/resolve-libvirt-error-unable-find-efi-firmware/
-
I just posted to my blog -- "libvirt network forwarding inconsistencies": In an INCUS container on a KVM guest, ping commands are successful when executed on the container, but not when the are executed from the host on the other end -- Read more here: https://www.dfoley.ie/blog/libvirt-network-forwarding-inconsistencies -- #linux #libvirt #incus #POSSE
-
To those who still have a dedicated #Microsoft #Windows machine solely for configuring niche peripherals, no more need for moral anxiety, they get detected using a Windoze virtual machine with QEMU/KVM (requires at least a system with partial TPM 2.0 support): https://www.arscyni.cc/file/software.html#windoze:~:text=Microslop%20Windoze%20virtual%20machine
It takes slightly more attention to set it up than Oracle VirtualBox, but it runs ten times faster.
-
To those who still have a dedicated #Microsoft #Windows machine solely for configuring niche peripherals, no more need for moral anxiety, they get detected using a Windoze virtual machine with QEMU/KVM (requires at least a system with partial TPM 2.0 support): https://www.arscyni.cc/file/software.html#windoze:~:text=Microslop%20Windoze%20virtual%20machine
It takes slightly more attention to set it up than Oracle VirtualBox, but it runs ten times faster.
-
To those who still have a dedicated #Microsoft #Windows machine solely for configuring niche peripherals, no more need for moral anxiety, they get detected using a Windoze virtual machine with QEMU/KVM (requires at least a system with partial TPM 2.0 support): https://www.arscyni.cc/file/software.html#windoze:~:text=Microslop%20Windoze%20virtual%20machine
It takes slightly more attention to set it up than Oracle VirtualBox, but it runs ten times faster.
-
To those who still have a dedicated #Microsoft #Windows machine solely for configuring niche peripherals, no more need for moral anxiety, they get detected using a Windoze virtual machine with QEMU/KVM (requires at least a system with partial TPM 2.0 support): https://www.arscyni.cc/file/software.html#windoze:~:text=Microslop%20Windoze%20virtual%20machine
It takes slightly more attention to set it up than Oracle VirtualBox, but it runs ten times faster.
-
To those who still have a dedicated #Microsoft #Windows machine solely for configuring niche peripherals, no more need for moral anxiety, they get detected using a Windoze virtual machine with QEMU/KVM (requires at least a system with partial TPM 2.0 support): https://www.arscyni.cc/file/software.html#windoze:~:text=Microslop%20Windoze%20virtual%20machine
It takes slightly more attention to set it up than Oracle VirtualBox, but it runs ten times faster.
-
RE: https://furry.engineer/@Flaky/116059368890193901
lmao, Chris Titus Tech had an update to Looking Glass and now he can't access his Windows VM.
This is why vGPUs are important!
-
RE: https://furry.engineer/@Flaky/116059368890193901
lmao, Chris Titus Tech had an update to Looking Glass and now he can't access his Windows VM.
This is why vGPUs are important!
-
Finally got my VM hosts updated to the latest AlpineLinux release. Browsing Ceph RBD pools is still broken in `libvirt`… no idea why but one RBD pool works fine, the other refuses to start. (They are configured identically apart from the name of the pool being connected to.)
It tells me "An error occurred, but the cause is unknown". No logs. I asked on `libvirt-users` mailing list: no answer. It's a mystery.
But… if I hand-configure the XML (usually by taking the `dumpxml` output from another VM and hand-editing), I can link to RBD volumes just fine and it just works, so whatever.
The other gotcha was VM types becoming unavailable. A lot of my VMs were `pc-i440fx-3.1` or `pc-q35-3.1` machines. Moving from `pc-q35-3.1` to `pc-q35-10.1` was painless, but going from i440FX-based VMs to Q35 took a bit of hand-massaging the XML: remove PCI IDE/SATA/USB controllers then change the `pci-root` node to `pcie-root`.
Everything is now running `pc-q35-10.1`; so that should kick that can far down the road.
-
Man the terraform libvirt provider has matured so much. It still seems like a struggle to get bridge networking setup as expected. Something tells that’s strange is even attaching a dom interface to a nat network it won’t pickup an IP.
Creating a domain with `virt-install` seems to work as expected. The domain xml that appears to be relevant is all the same.
Time to dig back into this today.
https://github.com/dmacvicar/terraform-provider-libvirt if you’re curious
-
-
Alright, using #talosLinux with #terraform and #libvirt to build out all the #kubernetes infra to run the #selfHosted bits.
So I have 2 5950x with 64gb of ram and 4tb of storage. Then a 3950x with 1tb and 32g, and finally some small older boxes.
My desktop w the 5950 used to be a gaming machine but the steam deck has 100% replaced that functionality.
Eventually I may just run talos natively on either of the larger boxes but libvirt is a much nicer api.
-
I want to share management of existing #LXC #containers (that I handle with the command line tools) with other people who prefer to use GUIs… (oh, preferences…)
I'd rather not have to "convert" or "migrate" of whatever, but just have the GUI tools manage existing containers without screwing them up…
As I understand, at least #Proxmox will want to create them by itself so it's a no-go.
Anyone experiences with #libvirt / #virtManager can tell me if it's the same or not?
-
Virtualization on linux. Setup KVM, QUEMU and libvirt on your server at home.
#libvirt #virtualization #v12n #linux
https://writeaheadlog.net/libvirt/ -
Linux libvirt qemu: Ich war etwas erstaunt, daß die Konfiguration von vCPU = 8 bei einer Windows 11 Gastmaschine zu nur zwei "logischen Prozessoren" führt. Nach der Änderung von "Netzstruktur" auf Sockets = 1, Kerne = 4 und Threads = 2, klappt es dann auch wie erwartet (und gemäß Doku prognostiziert 😉 aber wer liest schon vorher Doku). Jedenfalls ist diese virtuelle Maschine nun auch wieder schnell.
#linux #debian #libvirt #virtualmachinemanager #virtualisierung #windows #virtuellemaschine
-
#虚拟化
突然发现很喜欢这种边讲边输入命令的视频
视频顺序是kvm qemu libvirtd
kvm kernel VM 是Linux的一个模块
qemu发音为kī mǔ 模拟
libvirt 虚拟化管理工具包,之前在cockpit的virtual machine管理用到了,libvirtd为守护进程【【你问我答】qemu, kvm, libvirtd 之间的关系-哔哩哔哩】 https://b23.tv/R6SBtz8
-
Bringing machine 'default' up with 'libvirt' provider...
[fog][WARNING] Unrecognized arguments: libvirt_ip_command
==> default: Box 'generic/freebsd15' could not be found. Attempting to find and install...
default: Box Provider: libvirt
default: Box Version: >= 0
The box 'generic/freebsd15' could not be found or could not be accessed in the remote catalog.Anyone knows if there are plans to provide more images for vagrant and FreeBSD 15 ?
-
Bringing machine 'default' up with 'libvirt' provider...
[fog][WARNING] Unrecognized arguments: libvirt_ip_command
==> default: Box 'generic/freebsd15' could not be found. Attempting to find and install...
default: Box Provider: libvirt
default: Box Version: >= 0
The box 'generic/freebsd15' could not be found or could not be accessed in the remote catalog.Anyone knows if there are plans to provide more images for vagrant and FreeBSD 15 ?
-
Bringing machine 'default' up with 'libvirt' provider...
[fog][WARNING] Unrecognized arguments: libvirt_ip_command
==> default: Box 'generic/freebsd15' could not be found. Attempting to find and install...
default: Box Provider: libvirt
default: Box Version: >= 0
The box 'generic/freebsd15' could not be found or could not be accessed in the remote catalog.Anyone knows if there are plans to provide more images for vagrant and FreeBSD 15 ?
-
Bringing machine 'default' up with 'libvirt' provider...
[fog][WARNING] Unrecognized arguments: libvirt_ip_command
==> default: Box 'generic/freebsd15' could not be found. Attempting to find and install...
default: Box Provider: libvirt
default: Box Version: >= 0
The box 'generic/freebsd15' could not be found or could not be accessed in the remote catalog.Anyone knows if there are plans to provide more images for vagrant and FreeBSD 15 ?
-
Bringing machine 'default' up with 'libvirt' provider...
[fog][WARNING] Unrecognized arguments: libvirt_ip_command
==> default: Box 'generic/freebsd15' could not be found. Attempting to find and install...
default: Box Provider: libvirt
default: Box Version: >= 0
The box 'generic/freebsd15' could not be found or could not be accessed in the remote catalog.Anyone knows if there are plans to provide more images for vagrant and FreeBSD 15 ?
-
GNOME Boxes: Schlanke Virtualisierung für den Linux-Desktop (und warum es für Admins trotzdem spannend ist)
Einleitung Virtualisierung unter Linux ist längst kein Nischenthema mehr – vom Heim-Server bis zur Enterprise-Umgebung gehören virtuelle Maschinen zum Alltag. Während Tools wie virt-manager, VirtualBox oder VMware Pro jede Menge Schalter und Hebel für Admins bieten, fühlt sich das für einfache Tests oft wie Overkill an. Genau hier setzt GNOME Boxes an: Eine minimalistische, aber ernstzunehmende Oberfläche für KVM/QEMU, die Virtualisierung auf dem Linux-Desktop radikal […] -
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять Уже месяц я изучаю создание пентест-инструментов (назовем это так, чтобы с модерацией проблем не было :-)) по книге "Black Hat Go", и до недавних пор я тестировал малварь на своём хосте, ибо в них нет ничего опасного, это простейшие утилиты по типу TCP-сканера. Значит, нужно построить свою виртуальную и изолированную лабу. В них должно быть минимум 3 машины: Windows 11 в роли жертвы, Ubuntu server lts в роли C2 сервака, и, конечно, классический Metasploitable2 опять же в роли жертвы. Читать, как я мучился последние 3 дня
https://habr.com/ru/articles/973434/
#изолированная_пентестлаборатория #malware_analysis #pfsense #виртуальная_сеть #виртуализация_KVM #libvirt #сетевой_изолятор #сетевые_правила_firewall #изоляция_трафика #информационная_безопасность
-
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять Уже месяц я изучаю создание пентест-инструментов (назовем это так, чтобы с модерацией проблем не было :-)) по книге "Black Hat Go", и до недавних пор я тестировал малварь на своём хосте, ибо в них нет ничего опасного, это простейшие утилиты по типу TCP-сканера. Значит, нужно построить свою виртуальную и изолированную лабу. В них должно быть минимум 3 машины: Windows 11 в роли жертвы, Ubuntu server lts в роли C2 сервака, и, конечно, классический Metasploitable2 опять же в роли жертвы. Читать, как я мучился последние 3 дня
https://habr.com/ru/articles/973434/
#изолированная_пентестлаборатория #malware_analysis #pfsense #виртуальная_сеть #виртуализация_KVM #libvirt #сетевой_изолятор #сетевые_правила_firewall #изоляция_трафика #информационная_безопасность
-
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять Уже месяц я изучаю создание пентест-инструментов (назовем это так, чтобы с модерацией проблем не было :-)) по книге "Black Hat Go", и до недавних пор я тестировал малварь на своём хосте, ибо в них нет ничего опасного, это простейшие утилиты по типу TCP-сканера. Значит, нужно построить свою виртуальную и изолированную лабу. В них должно быть минимум 3 машины: Windows 11 в роли жертвы, Ubuntu server lts в роли C2 сервака, и, конечно, классический Metasploitable2 опять же в роли жертвы. Читать, как я мучился последние 3 дня
https://habr.com/ru/articles/973434/
#изолированная_пентестлаборатория #malware_analysis #pfsense #виртуальная_сеть #виртуализация_KVM #libvirt #сетевой_изолятор #сетевые_правила_firewall #изоляция_трафика #информационная_безопасность
-
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять
Как я построил полностью изолированную пентест-лабораторию и почему ИИ нельзя доверять Уже месяц я изучаю создание пентест-инструментов (назовем это так, чтобы с модерацией проблем не было :-)) по книге "Black Hat Go", и до недавних пор я тестировал малварь на своём хосте, ибо в них нет ничего опасного, это простейшие утилиты по типу TCP-сканера. Значит, нужно построить свою виртуальную и изолированную лабу. В них должно быть минимум 3 машины: Windows 11 в роли жертвы, Ubuntu server lts в роли C2 сервака, и, конечно, классический Metasploitable2 опять же в роли жертвы. Читать, как я мучился последние 3 дня
https://habr.com/ru/articles/973434/
#изолированная_пентестлаборатория #malware_analysis #pfsense #виртуальная_сеть #виртуализация_KVM #libvirt #сетевой_изолятор #сетевые_правила_firewall #изоляция_трафика #информационная_безопасность
-
Just learned that you can pass the pci bus address and slot parameters to the #network paramters of #virt-install and thus get stable
enpnetwork device names in the VM for use with e.g. #ubuntu #autoinstall.yaml files.For example:
--network network="testnet",model=virtio,address.type=pci,address.bus=0x02,address.slot=0x00
will beenp2s0in the VM.Neat.
-
Just learned that you can pass the pci bus address and slot parameters to the #network paramters of #virt-install and thus get stable
enpnetwork device names in the VM for use with e.g. #ubuntu #autoinstall.yaml files.For example:
--network network="testnet",model=virtio,address.type=pci,address.bus=0x02,address.slot=0x00
will beenp2s0in the VM.Neat.
-
Virt SPINNER v1.1 ra mắt: Trình quản lý máy ảo (VM) TUI cho libvirt/QEMU/KVM, thay thế Gnome-Boxes. Nhanh, nhẹ (~50MB RAM), thân thiện với SSH, lý tưởng cho máy chủ không giao diện hoặc workflow dùng terminal. Quản lý VM, snapshot, tài nguyên thông minh, hỗ trợ Windows 11 và 3D acceleration. Cài đặt đơn giản.
#VirtSpinner #TUI #VMManager #libvirt #QEMU #KVM #SelfHosted #Linux #Terminal #MayAo #QuanLyMayAo
https://www.reddit.com/r/selfhosted/comments/1p9pu8f/virt_spinner_tui_vm_manager_for_libv
