Virt-manager
Genel Bakış
Virt-manager uses libvirt and it's a manager of many hypervisors, including the one that we want to use here: QEMU/KVM.
Why do I need to virtualize?
- To learn about a new O.S.
- To configure a hardware that has a setup only for that operating system
- To use a software that only works on another
I want to know more
1. Virtualization
2. Hypervisor
3. Virtual machine
What we absolutely must know
1. What is my CPU. Identify it and make sure it's at least a quad core. TAKE A LOOK AT CPU-World
2. Check if the 'virtualization parameters' are enabled on BIOS using
3. How much memory I have. Check the RAM and verify that is at least 4GB.
4. The amount of free space on my hard drive. The virtual machine can use a disk image file so extra partitions are not necessary.
5. The minimum hardware requirements of the operating system you want to install as a virtual machine.
Install virt-manager, qemu and all dependencies
From terminal:
For TPM support:
Enable and start service
Add user to libvirt, libvirt-qemu and kvm groups to use the system-level virtual machines (qemu:///system).
Note that you will need to restart userspace for the groups to become active. To restart userspace
Using Virt-Manager for guest creation
0. Prepare installation image. If you're going to install Windows, prepare the Virtio driver image too.
1. Launch menu Virtual Machine Manager. It should already have a LXC connection. You can disconnect and remove it if you don't use LXC.
2. Go to File, choose Add Connection and choose hypervisor QEMU/KVM, or QEMU/KVM user session if you don't want system-level virtual machines. Click on connect.
3. You need directory pools to store the disk images of virtual machines or the ISO file of CD/DVD. Double click qemu/kvm, go on storage and add by clicking + the path to the folder where you have the iso and the folder where create the virtual machine.
4. Click on create a new virtual machine: select Local install media (ISO image or CDROM), and select the installation ISO image and OS type (if not detected).
5. How many CPU assign and how much memory? (check the recommended requirements of O.S. that you are installing)
6. Create the file system of the virtual machine by selecting Select or create custom storage and click Manage.... Under your desired directory pool, create the volume of the virtual machine (default in qcow2 format). How many GB? Check the recommended requirements O.S. you install.
7.Assign a name to the machine and flag customize configuration before install. You have access to the screen with all the hardware that will be virtualized, do a check if there is all that is needed to initialize and launch the installer.
8. In Overview, change the firmware to UEFI for future-proof capacity.
9. Change the type of SATA Disk 1 (the disk image of the creating virtual machine) to virtio for better performance. Change discard mode to unmap, and then apply the change. You should notice the device name would change from SATA Disk 1 to VirtIO Disk 1.
10. Set the NIC type to virtio too for better network performance.
11. Add TPM chip, select TIS model through Emulated device backend.
12. Add a watchdog to reboot the guest when it hangs. Leave the settings as default.
13. And a hardware RNG, to get entropy from the host.
14. Click on the top to start installation.
Install guest additions
Once the VM is started and running you have to install the spice guest tools.
For Windows is a single package: spice-guest-tools-xxxx.exe
For linux are: spice-vdagent and xf86-video-qxl. If you visrtualize a linux distro you can install them with their package manager
Visit: Spice download
Tune the display settings
The default model of display card is QXL. If your virtual machine is Linux system, you can change it to virtio and enable 3D acceleration for better graphic performance.
Windows virtual machine, however doesn't support virtio display yet. Nevertheless, we can increase its VGA memory from the default 16 MB to 64 MB to allow higher display resolution and slightly better 2D graphical performance.
To do so, we need to edit the XML file of the virtual machine.
- In virt-manager, go to edit > preference, and check Enable XML edit.
- In virtual machine details, go to display card. Under the XML tab, change the value of vgamem to 65536, then apply the change.
File sharing between host and guest
For Linux guests, Virtio-FS and 9p are available for file sharing. See ArchWiki for more information.
For Windows guest, the easiest way to share file between host and guest is through SAMBA.
- Create a SAMBA usershare
- In Windows guest, enter \\192.168.122.1 in the file explorer, and you should be able to see the usershare on your host.
- Map that SAMBA usershare to a new drive, and connect to it with the appropriate credential. That's it.
Check this article for more information.
Optimize vCPU
Check this article to customize vCPU topology for better performance.
For example, my CPU has 1 socket, 8 cores, and 16 threads in total. The automatic topology assigns 4 sockets, 1 core, and 1 thread to my guest. After changing it to 1 socket, 4 cores, and 1 thread, the performance increases significantly.
Lab: Windows 11
Windows Setup provides for setting up virtual Windows system for lab purpose. It can be for testing software or for pentesting.
For a continued use of Windows you will need a valid license key to run a virtualized Windows.
Prepare
- Create a new virtual machine
- Select a Windows 11 ISO file
- Accept the defaults clicking Next until you reach the final screen
- Tick the box Customize configuration before install and click Finish
- In the Overview pane - set vm firmware to BIOS and click Apply
- Click the button Begin Installation
Install
Before starting the installer press ShiftF10 so launch the Windows Cmd utility and launch regedit.
- Expand HKEY_LOCAL_MACHINE\SYSTEM\Setup
- Add new key named LabConfig
- Add new DWORD value with name BypassTPMCheck and change the value to 1.
- Add new DWORD value with name BypassRAMCheck and change the value to 1.
- Add new DWORD value with name BypassSecureBootCheck and change the value to 1.
Close the registry editor and exit the shell, then continue the installer
Final Setup
During last stage the installer will insist in network access but you may want use a local account instead of the required Microsoft account.
This can be disabled using the Cmd utility ShiftF10
- enter OOBE\BYPASSNRO and press Enter
- close the Cmd utility
- back in the setup window click I don't have internet