NixOS Wiki

Libvirt: Difference between revisions

← Older edit
Visual
imported>Onny
Update davfs mount example
Pigs (talk | contribs)
258 edits
Configuration: Add default networking section and pci passthrough section
 
(18 intermediate revisions by 10 users not shown)
Line 6: Line 6:


{{file|/etc/nixos/configuration.nix|nix|<nowiki>
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
virtualisation.libvirtd = {
virtualisation.libvirtd.enable = true;
  enable = true;
 
  qemu = {
# Enable TPM emulation (optional)
    package = pkgs.qemu_kvm;
virtualisation.libvirtd.qemu = {
    runAsRoot = true;
  swtpm.enable = true;
    swtpm.enable = true;
  ovmf.packages = [ pkgs.OVMFFull.fd ];
    ovmf = {
      enable = true;
      packages = [(pkgs.unstable.OVMF.override {
        secureBoot = true;
        tpmSupport = true;
      }).fd];
    };
  };
};
};
# Enable USB redirection (optional)
virtualisation.spiceUSBRedirection.enable = true;
</nowiki>}}
</nowiki>}}


Line 34: Line 30:


=== UEFI with OVMF ===
=== UEFI with OVMF ===
Enable UEFI firmware support, following Qemu configuration for your local user is required
{{file|~/.config/libvirt/qemu.conf|nix|<nowiki>
# Adapted from /var/lib/libvirt/qemu.conf
# Note that AAVMF and OVMF are for Aarch64 and x86 respectively
nvram = [ "/run/libvirt/nix-ovmf/AAVMF_CODE.fd:/run/libvirt/nix-ovmf/AAVMF_VARS.fd", "/run/libvirt/nix-ovmf/OVMF_CODE.fd:/run/libvirt/nix-ovmf/OVMF_VARS.fd" ]
</nowiki>}}


See [https://ostechnix.com/enable-uefi-support-for-kvm-virtual-machines-in-linux/ this tutorial] on how to run a guest machine in UEFI mode using <code>virt-manager</code>.
See [https://ostechnix.com/enable-uefi-support-for-kvm-virtual-machines-in-linux/ this tutorial] on how to run a guest machine in UEFI mode using <code>virt-manager</code>.
Line 53: Line 41:
</nowiki>}}
</nowiki>}}


=== Bridge networking ===
=== Networking ===
 
==== Default networking ====
 
To utilize the default libvirt network, you will need to install the {{nixos:package|dnsmasq}} package. This is required for DNS and DCHP functionality within the network.
 
Once the package is installed, enable and start the default network using the following commands:
 
<syntaxhighlight lang="console">
# virsh net-autostart default
# virsh net-start default
</syntaxhighlight>
 
This will configure the default network to start automatically on boot and immediately activate it.
 
==== Bridge networking ====


Create a XML file called <code>virbr0.xml</code> with the definition of the bridge interface
Create a XML file called <code>virbr0.xml</code> with the definition of the bridge interface
Line 99: Line 102:


{{file|/etc/nixos/configuration.nix|nix|<nowiki>
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
networking.interfaces.enp1s0.ipv4.addresses = [{
networking.interfaces.enp1s0 = {
  address = "10.25.0.2";
  ipv4.addresses = [{
  prefixLength = 24;
    address = "10.25.0.2";
}];
    prefixLength = 24;
  }];
  defaultGateway = {
    address = "10.25.0.1";
    interface = "ens1s0";
  };
};
</nowiki>}}
</nowiki>}}


Line 144: Line 153:
services.davfs2 = {
services.davfs2 = {
   enable = true;
   enable = true;
   extraConfig = ''
   settings.globalSection.ask_auth = 0;
    ask_auth 0
  '';
};
};


Line 153: Line 160:
     device = "http://localhost:9843/myshare";
     device = "http://localhost:9843/myshare";
     fsType = "davfs";
     fsType = "davfs";
     options = [ "ask_auth=0" ];
     options = [ "nofail" ];
   };
   };
};
};
</nowiki>}}
</nowiki>}}
=== Hooks ===
Libvirt allows the use of hooks to run custom scripts during specific events, such as daemon lifecycle events, domain lifecycle events, and network events. On NixOS, you can configure hooks via the NixOS module to automate the placement of hook scripts in the appropriate directories.
The following directories are used for placing hook scripts:
* '''<code>/var/lib/libvirt/hooks/daemon.d/</code>'''  Scripts here are triggered by daemon events like start, shutdown, and SIGHUP.
* '''<code>/var/lib/libvirt/hooks/qemu.d/</code>'''  Scripts for handling QEMU domain events such as begin, end, and migration.
* '''<code>/var/lib/libvirt/hooks/lxc.d/</code>'''  Scripts for LXC container events like begin and end.
* '''<code>/var/lib/libvirt/hooks/libxl.d/</code>'''  Scripts for Xen domains managed by <code>libxl</code> (begin/end events).
* '''<code>/var/lib/libvirt/hooks/network.d/</code>'''  Scripts triggered by network events such as begin and end.
See the [https://libvirt.org/hooks.html libvirt documentation] for more information.
An example config would be:<syntaxhighlight lang="nix">
{
  virtualisation.libvirtd.hooks = {
    daemon = {
      "example" = ./scripts/daemon-example.sh;
    };
    qemu = {
      "example" = ./scripts/qemu-example.sh;
    };
    network = {
      "example" = ./scripts/network-example.sh;
    };
  };
}
</syntaxhighlight>Note that after you added the configuration and switch, you'll have the following command to setup the hooks.<syntaxhighlight lang="bash">
systemctl start libvirtd-config.service
</syntaxhighlight>
=== PCI Passthrough ===
For detailed instructions on configuring PCI passthrough with libvirt, refer to the [[PCI passthrough]] page.


== Clients ==
== Clients ==
Line 167: Line 209:


Following are notes regarding the use of some of those tools
Following are notes regarding the use of some of those tools
==== error: cannot find any suitable libguestfs supermin ====
Use use the package libguestfs-with-appliance. See https://github.com/NixOS/nixpkgs/issues/37540
=== guestfs-tools ===
Includes virt-sysprep, used to prepare a VM image for use.  Review the manpage of virt-sysprep, virt-clone, and virt-builder.


==== <code>virt-builder</code> ====
==== <code>virt-builder</code> ====


virt-builder is installed with <code>libguestfs</code>, but has some issues from its packaging.
virt-builder is installed with <code>guestfs-tools</code>, but has some issues from its packaging.


It is possible to work around those issues without modifying the package (when a pristine nixpkgs is needed).
It is possible to work around those issues without modifying the package (when a pristine nixpkgs is needed).
Line 183: Line 235:


This will make your user use the shipped repo configurations, and works around the fact that virt-builder reads its executable name to build its configuration path. The executable being wrapped, it is named differently.
This will make your user use the shipped repo configurations, and works around the fact that virt-builder reads its executable name to build its configuration path. The executable being wrapped, it is named differently.
[[Category:Virtualization]]
==== error: cannot find any suitable libguestfs supermin ====
Use use the package libguestfs-with-appliance. See https://github.com/NixOS/nixpkgs/issues/37540


=== guestfs-tools ===
=== NixVirt ===


Includes virt-sysprep, used to prepare a VM image for use.  Review the manpage of virt-sysprep, virt-clone, and virt-builder.
[https://github.com/AshleyYakeley/NixVirt NixVirt] is a flake that provides NixOS and Home Manager modules for setting up libvirt domains, networks and pools declaratively.


=== Accessing QEMU VMs through Webbrowser ===
=== Accessing QEMU VMs through Webbrowser ===
Line 234: Line 281:
==== Get EyeOS Spice Web Client ====
==== Get EyeOS Spice Web Client ====


As said, the experience with the EyeOS Spice Web Client has been the best so far. Another client would be the [https://cgit.freedesktop.org/spice/spice-html5/ spice-html5] from freedesktop.org.
As said, the experience with the EyeOS Spice Web Client has been the best so far. Another client would be the [https://gitlab.freedesktop.org/spice/spice-html5/ spice-html5] from freedesktop.org.


1. Download the [https://github.com/eyeos/spice-web-client/ EyeOS Spice Web Client] and unpack it (if necessary) or , as example, just <code>git clone https://github.com/eyeos/spice-web-client/ /var/www/spice</code>
1. Download the [https://github.com/eyeos/spice-web-client/ EyeOS Spice Web Client] and unpack it (if necessary) or , as example, just <code>git clone https://github.com/eyeos/spice-web-client/ /var/www/spice</code>
Line 277: Line 324:


And finally you can access the VMs GUI through <code>https://mydomain.tld:4500/spice/index.html?host=mydomain.tld&port=5959</code>
And finally you can access the VMs GUI through <code>https://mydomain.tld:4500/spice/index.html?host=mydomain.tld&port=5959</code>
[[Category:Virtualization]]
[[Category:Applications]]
Retrieved from "https://wiki.nixos.org/wiki/Libvirt"