Child pages
  • 7.3 KVM
Skip to end of metadata
Go to start of metadata

Work in Progress

This page is currently a work in progress. If you would like to improve it, please request a wiki account.

Table of contents:

Requirements

Currently KVM on OpenIndiana only supports recent Intel chipsets with VT and EPT instructions. It is also a very fresh port so bugs are to be expected.

Installing KVM

pkg install \
    driver/i86pc/kvm \
    system/qemu \
    system/qemu/kvm

Using KVM

First create a zvol for the guest:

zfs create -p -V 10G rpool/kvm/myguest/disk0

Create a vnic (assumes e1000g0 as your primary NIC, substitute as necessary):

dladm create-vnic -l e1000g0 vnic0
MAC=$(dladm show-vnic -po macaddress vnic0)

Invoke the qemu-kvm command, for example:

pfexec /usr/bin/qemu-kvm \
        -boot cd \
        -enable-kvm \
        -vnc 0.0.0.0:1 \
        -smp 2 \
        -m 2048 \
        -no-hpet \
        -localtime \
        -drive file=/dev/zvol/rdsk/rpool/kvm/myguest/disk0,if=ide,index=0 \
        -drive file=/path/to/some/cdimage.iso,media=cdrom,if=ide,index=2  \
        -net nic,vlan=0,name=net0,model=e1000,macaddr=$MAC \
        -net vnic,vlan=0,name=net0,ifname=vnic0,macaddr=$MAC \
        -vga std

/usr/bin/qemu

The /usr/bin/qemu command is vanilla QEMU with no KVM support. You must use /usr/bin/qemu-kvm to use KVM.

Fresh example

  • Recent changes in illumos has caused malfunction of VirtualBox package on OI /hipster, thus making it unusable (it is crashing whole system). Since I already had few VB guests, all using zfs volumes, I have decided to try KVM instead...
    • Opening bug at VirtualBox for compiling problems did not show any progress
    • KVM (which also was failing because same illumos change) was easily fixed (see #4410) and OpenIndiana forum could not offer solution for VirtualBox failure problem.
  • I was using Windows guest, so I can run some s/w which is missing for OI platform: Skype, TeamViever, Zoom, etc... (like recent browser versions, since OI Firefox 52 has lack of some ciphers support, for example). This example has purpose to give an idea how to use it, w/o spending hours on digging it from internet...
  • qemu-kvm  has several limitations (as far as I can tell):
    • it has no support of spice libraries, which provide clipboard sharing
    • graphical cards support is poor (maximum I could get is 1024x768, which is really not enough)
  • Using guest GUI also has limitations:
    • both native vga and vnc support are lacking interaction with host MATE environment (shared folders and clipboard)
    • vnc support offers password protection, but you have to use change vnc password command to set it after guest boot (so no other people can access VM)
  • Decided to enable remote desktop "server" on windows (so, user MUST have password set) and to access guest with rdesktop  (present in OI; support both shared folder and clipboards) or xfreerdp  (self compiled; supports shared clipboards, but I could not manage to get support for shared folders) utility
    • First, we need to start guest:

      KVM start
      $ qemu-kvm -m 1536M \
                 -cpu host \
                 -drive file=/dev/zvol/rdsk/mypool/VBoxGuests/WinHD \
                 -k de \
                 -smp 1 \
                 -localtime \
                 -clock unix \
                 -soundhw all \
                 -no-hpet \
                 -bios /usr/share/qemu/bios.bin \
                 -usbdevice tablet \
                 -enable-kvm \
                 -device e1000,netdev=user.0 \
                 -netdev user,id=user.0,hostfwd=tcp::3389-:3389 \
                 -nographic \
                 -daemonize

      NOTES:

      • port 3389 is forwarded to guest (RDP)

      • nographics option can be used ONLY after you were able to have GUI access to guest and enable remote desktop access

      • also, you have to wait a bit, until guest is booted before you try to connect to it
      • RDP window geometry is something you might want to experiment with (1900x1000 fits to my needs)
      • windows NLA security has to be disabled (did not investigated further if there is another way to access to guest via RDP)
    • Connection options (guest has to be booted, obviously, example assume windows user predrag zecevic)
      • rdesktop:

        rdesktop
        :; rdesktop -k de -z -m -x b -u "predrag zecevic" -p <PASSWORD> -g 1900x1000 -a 16 -T Win -r disk:PZ=/nobackup/shared_folder -r clipboard:PRIMARYCLIPBOARD 0.0.0.0 &
      • xfreerdp:

        xfreerdp
        :; xfreerdp -sec-nla -themes -wallpaper -glyph-cache +clipboard /u:"predrag zecevic" /p:<PASSWORD> /kbd:German /audio-mode:1 /compression /bpp:16 /async-update /async-input /geometry /dynamic-resolution /size:1900x1000 /t:Win /v:0.0.0.0 &
    • Various references:
    • Hope this will help someone. My personal favorite is xfreerdp (even w/o shared folder support, because it is somehow "faster" and offers better font rendering). Predrag Zečević2018/10/02

31 Comments

  1. Anonymous

    What does it mean, to have a recent Intel Cpu with VT.
    How recent?
    On my laptop, which has VT support, kvm always issues an error. To let VittualBox running, I have to unload the KVM kernel module.

  2. Anonymous

    wanna try, but Intell only (sad)
    does KVM for AMD (phenom II) expected in nearest future?

    1. Anonymous

      a fork for SVM already exists!

      1. Anonymous

        What do you mean by that? What is "a fork of KVM for SVM"? Does that mean, one will be able to run Zones with native KVM support on AMD 64bit CPUs? Thanks.

  3. Anonymous

    Even on Intel machines with VT-x simply doesn't work...at least on my hardware, just freeze and then reboot the host machine after starting showing the boot process of the "iso" on the guest machine, try on 2 different VT-x machines, and 4 different guests, always hang/reboot at same stage...

    1. Anonymous

      Not only on your hardware. I have the same symptoms here.
      My first comment here attempted to get a hint how recent the CPU must be.

      my CPU here is
      ~/Downloads$psrinfo -vp
      The physical processor has 4 virtual processors (0-3)
      x86 (GenuineIntel 1067A family 6 model 23 step 10 clock 2000 MHz)
      Intel(r) Core(tm)2 Quad CPU Q9000 @ 2.00GHz

      Now I use VirtualBox again and unload the kvm module before. When testing the kvm on my side,
      VirtualBox didn't start with the kvm module loaded in the system.
      For VirtualBox and the SFE repository there is a hint how to start it ( see http://wiki.openindiana.org/oi/Spec+Files+Extra+Repository )

      1. Anonymous

        yes, is the hardware, I found that vmx isn't enough you need a vmc processor also with EPT (SLAT).

        1. Anonymous

          /s/vmc/vmx

  4. Anonymous

    This is lacking info. I found this on the Joyent illumnos github...

    VNICs
    We have added an option to have a virtual machine's network interface card directly correspond to a Crossbow vnic on the system. The -net vnic has several mandatory arguments:

    vlan must be specified and correspond to a single -net nic line
    name must be specified and correspond to a single -net nic line
    macaddr must be specified if the MAC Address of the VNIC does not match the MAC address on the -net nic line.
    ifname must be specified and correspond to the name of the crossbow vnic.
    To set up the crossbow vnic, simply create it. There is no need to plumb it. The device will be opened up in promiscuous mode.

    To create a vnic you'll want something akin to:

    $ dladm create-vnic -l e1000g0 vnic0
    The -net vnic option also supports configuring networking on the virtual machine via dhcp. In this mode, qemu acts as a DHCP server for the virtual machine. To enable vnic dhcp, specify the following arguments:

    ip (eg: 192.168.0.2) must be specified in order to enable dhcp
    netmask (eg: 255.255.255.0) must be specified
    gateway_ip (eg: 192.168.0.1) must be specified
    server_ip (eg: 192.168.0.3) is optional. This allows specifying the IP address of qemu's DHCP server.
    dns_ip (eg: 8.8.4.4) is optional, and allows specifying the DNS server the virtual machine will use. The default value is 8.8.8.8.
    hostname (eg: myhostname) is optional. This defaults to no hostname.
    lease_time (eg: 3600) is optional, and allows specifying the DHCP lease time in seconds. The default value is 86400 (or 1 day).
    The following is a sample -net vnic line for running with DHCP:

    -net vnic,vlan=0,name=net0,ifname=eth0,macaddr=90:b8:d0:c0:ff:ee, \
    ip=10.88.88.50,netmask=255.255.255.0,gateway_ip=10.88.88.2, \
    server_ip=10.88.88.200,dns_ip=8.8.4.4,hostname=host1,lease_time=3600

    1. Anonymous

      Does anyone know how to set a root/administrator password for guest OS's through qemu-kvm?

      Thanks,

      Paul

  5. Anonymous

    KVM installation does not work for my system (Thinkpad R61). Installation of driver/i86pc/kvm
    seems to crash the system (at least causes a sudden reboot) and leaves me with a corrupted package database since subsequent attempts to install anything result in an error message:
    "Catalog file '/var/pkg/state/known/catalog.attrs' is invalid."
    I did this twice with fresh installations, and the error was reproducible.
    Did anyone else come across this bug?

    1. Anonymous

      Does Thinkpad R61 installed processor supports EPT?, you need vmx with EPT or when guest OS starts kvm will panic the host, you should get a crash dump, use savecore after host reboots to get that in "/var/crash/<hostname>.

    2. Anonymous

      Same thing happens on a Dell R910 (Quad Octo X7550).

      1. isainfo -v

      64-bit amd64 applications
      vmx sse4.2 sse4.1 ssse3 popcnt tscp cx16 sse3 sse2 sse fxsr mmx cmov
      amd_sysc cx8 tsc fpu
      32-bit i386 applications
      vmx sse4.2 sse4.1 ssse3 popcnt tscp ahf cx16 sse3 sse2 sse fxsr mmx
      cmov sep cx8 tsc fpu

      However, I am able to use a Dell R710 (Dual Quad E5630).

      1. isainfo -v

      64-bit amd64 applications
      vmx pclmulqdq aes sse4.2 sse4.1 ssse3 popcnt tscp cx16 sse3 sse2 sse
      fxsr mmx cmov amd_sysc cx8 tsc fpu
      32-bit i386 applications
      vmx pclmulqdq aes sse4.2 sse4.1 ssse3 popcnt tscp ahf cx16 sse3 sse2
      sse fxsr mmx cmov sep cx8 tsc fpu

      I'm going to go on the limb and say that Westmere processors are OK with the current state of KVM but not Nehalem, correct?

  6. Anonymous

    Please help !!!

    KVM not working just freeze the machine, tested on desktop and laptop:

    Desktop:

    System Configuration: Gigabyte Technology Co., Ltd. X48-DQ6
    BIOS Configuration: Award Software International, Inc. F8D 04/24/2009

    Q6600 Intel(R) Core(TM)2 Quad CPU Socket 775

    pandora@tesla:~$ isainfo -v
    64-bit amd64 applications
    vmx ssse3 cx16 sse3 sse2 sse fxsr mmx cmov amd_sysc cx8 tsc fpu
    32-bit i386 applications
    vmx ssse3 ahf cx16 sse3 sse2 sse fxsr mmx cmov sep cx8 tsc fpu

    Virtualization (VT-x) in bios is enabled.

    Laptop:

    Toshiba Tecra S10-11A
    Intel® Core™2 Duo processor P8600, Intel® PM45 Express chipset

    pandora@laptop:~$ isainfo -v
    64-bit amd64 applications
    vmx sse4.1 ssse3 cx16 sse3 sse2 sse fxsr mmx cmov amd_sysc cx8 tsc fpu
    32-bit i386 applications
    vmx sse4.1 ssse3 ahf cx16 sse3 sse2 sse fxsr mmx cmov sep cx8 tsc fpu

    Virtualization (VT-x) in bios is enabled.

    Do these machines support the KVM or not ???

    1. Anonymous

      Hi
      I got a replay on my blog and also some postings above is standing, that you need EPT support in your cpu.
      The core2 doesn't support this. The nehalem and corei cpus only support this festure.
      It is not enough to support virtualization.

      1. Anonymous

        Thank you very much.

  7. Hi,

    I want to know where the configuration file for guest OS on KVM is. Now I installed Windows 2008R2 on KVM. But I can't find the configuration file, that I think xml file. Now I use vncviewer to connect to the guest OS. But the mouse pointer on guest OS is off the point of the mouse course on OI.

    1. Anonymous

      if mouse pointer is out of sync , just add "-usbdevice tablet"

      Regards,
      CA

      1. Thank you for your info. I can resolve this.

  8. I finished to setup Windows 2003R2SP2 x86 and Windows 2008R2 on KVM. So can I install the PV driver for Linux on this guest OS? Or where is PV driver?

    And can I use virsh or virt-manager to manage the guest OSs on KVM?

  9. Anonymous

    I am also having the freeze issue, however on my machine I have a Core i7 processor. Which I was under the impression had EPT in addition to VT.

    I expected to see "ept" when doing an isainfo -v. But I do not.

    Any ideas. I was under the impression that all Core (info) procs would have EPT. As such I bought the i7 thinking that if that was wrong at least I would be covered with the i7

  10. Anonymous

    just installed virt-manager (and virt-inst, qemu, qemu-kvm, etc..) oi_151_a and there are two dependencies missing:
    python-gnome-libs-24
    python-dbus-24

    virt-manager starts up, but it says qemu is not running:

    Unable to open a connection to the libvirt management daemon.
    Libvirt URI is: qemu:///system
    Verify that:

    • The 'libvirtd' daemon has been started

    i don't see this uri in smf ... how do you start the libvirtd daemon?

    1. Anonymous

      Look for svc:/system/xvm/virtd:default

      However, it seems like it can work only with Xen. Also, if you search on google for openindiana kvm libvirt, there are several articles saying that it is not yet available for KVM.

  11. Anonymous

    I am trying to make this work on a Intel Pentium G620 with 4G of RAM. The CPU, according to Intel, supports both VT and EPT.

    I installed the packages as you suggested, downloaded a DSL iso and put it to boot from. However qemu-kvm dies with this error message:

    qemu_ram_alloc: Could not lock 2147483648 memory, errno = 11

    I could find no further information about this, if enyone knows how to debug this memory allocation problem, please help.

    1. Anonymous

      Never mind ... I was trying to allocate more memory than it was available.

  12. Anonymous

    Pffft! I've been a huge Sun supporter for 20+ years... from the Berkeley SunOS 3.x days. I've tried to remain steadfast, but the Oracle buyout and their disrespect of customers, even the slap in the face to a whole community of stalwart Solaris champions, coupled with the ridiculous lack of even a basic HCL and now arbitrary support of specific processors... excluding AMD... I am DONE.

    I spent today hoping, while searching and digging for a reason to not blow away my OpenIndiana NAS box and just load RHEL or CentOS 6.2. I thought I might have found something here with KVM port, to find that it is Intel only, and then only the very most recent vintage CPUS, while I have bought AMD only for many years.

    How do you guys expect hobbyists to maintain? We cannot afford to buy the latest and greatest CPUs and systems just to run a home NAS in order to champion a sinking ship. The best OS tech in the world doesn't help when there is no HCL, and only a very limited list of known-good kit works with OI, and most of that is very old (4-5 years).

    Look at this slide of deployed systems in supercomputers, and realize this tells the tale for commercial *IX use as well. http://en.wikipedia.org/wiki/File:Operating_systems_used_on_top_500_supercomputers.svg

    Try to find an *IX job doing anything but Linux lately? It is time to bail on OpenSolaris, BSD, and all this niche distraction from what is really happening in open systems. Join the Linux movement or waste your time and buy-in to endless frustration and a slow, lingering sense of DOOM. Sad, but true... I'm going to now experiment with 'ZFS on Linux' and try to get motivated again.

    Ciao...

    1. Looking at the figures you presented; I'm surprised that anyone looks for work in Windows ...

      your comments were unnecessary, as they were neither correct or relevant

  13. First of all: thanks for this KVM-port!

    My constellation:
    OpenIndiana 151a5 (server) on VMware Workstaion 8, 1 NIC, bridged to host's physical NIC
    NIC inside vm is an e1000g0  intel 1-gigabit-card

    Host: Windows 7 x64 SP1, 
    Host-NIC: Intel 82567V-2 (Intel X58 chipset)
    Host-CPU:  Intel Core i7 980 (Gulftown) @3,4 GHz 

    At first it wouldn't work. OpenIndiana was telling me at startup that there was no hardware-support for KVM.
    It took me quite some time to find out... I activated the virtualization-feature in BIOS and checked it with the cpuid-bootcd which is mentioned on this vmware-knowledgebase-article. I just had forgotten to activate the passthrough inside VMware-workstation, found in Virtual Machine Settings --> Hardware --> Processors --> "Virtualize Intel VT-x/EPT or AMD-V/RVI" (wink).

    After activating this, my KVM boot was successful and I could install some ubuntu 12.10 server (now double-virtualized).

    Now here come my issues:
    I created one vnic "vnic0", as the guide says (linked over physical, no etherstubs).
    BUT: my physical interface (e1000g0, with static IPv4-address) won't keep working after a reboot!

    Before I reboot everything seems to be fine, I can use both, nic and vnic. If I reboot the OpenIndiana (vm), the e1000g0 won't communicate any more (no ping in nor out, no more ssh,...). If I wanted, though, I could "plumb" the vnic, retrieve a DHCP-address from my host-side network and it would have complete access. As soon as I do 

    dladm delete-vnic vnic0

    the "physical" connection (e1000g0) is re-established and I can communicate with my Indiana agian.

    I have no zones set up (if that is of any concern).

     

    I'm still new to OI/Solaris (and especially to using these vnics), so if anyone can please tell me what I do wrong, I'll be delighted to follow your suggestions.

    Unfortunately the "Virtual Network Interfaces"-section of this WIKI is not filled with life yet. Otherwise I would have posted my help request there.

     

    1. On the developer list there has been some discussion about the e1000g driver that is used in VMware ... 

      http://www.listbox.com/member/archive/182179/2012/11/sort/time_rev/page/5/entry/7:158/20121104004944:0C1CBB9A-263B-11E2-BC4C-C7AAB0C0C73A/

      this might be related to your situation.

      Jon

      1. Thank you, Jonathan!
        That's exactly my problem.

        Okay, I have absolutely no idea of how to build myself a custom driver with this information.

        Keeping my seach on this topic I found this mailing about crossbow-technology/vnics. There was another Jonathan there. (smile) He has found out that forcing the nic into promiscuous mode by starting snoop does temporarily solve the problem.
        I hope, the kernel networking developer will stick to his words and add some functionality to dladm, making the max. number of unicast hardware slots a writable property (didn't find that one implemented yet).

        I know it's not very elegant, but until then I'll keep my

        sudo snoop >/dev/null 2>&1 &

        at startup (made it a service using manifold - which is a nice little helper).
        So far it seems to help and survives a reboot.

        But if anyone comes up with a better idea... (wink)

        Thanks,

        Matthias