This is an old revision of the document!
Table of Contents
Misc
Convert QEMU image for VirtualBox
qemu-img convert debian10.img -O raw debian10.raw VBoxManage convertfromraw debian10.raw --format vdi debian10.vdi
Nested Virtualization in QEMU/KVM
Check nested virtualization inside QEMU :
For kvm_intel module, check /sys/module/kvm_intel/parameters/nested is “Y”… Else
# If you have an Intel CPU, use this: $ cat > /etc/modprobe.d/kvm_intel.conf options kvm-intel nested=Y
Enable Intel VMX cpu flag in bios, then in /etc/default/grub and add “intel_iommu=on” to GRUB_CMDLINE_LINUX line. Then, sudo update-grub
Check IOMMU is OK with command: virt-host-validate qemi
VNC
Quick Test:
$ qemu-system-x86_64 -vnc :0 $ vncviewer localhost
If you get the error message “Could not read keymap file: 'en-us'”, you will need to install an extra package:
$ sudo apt-get install qemu-system-data
Spice
Spice is similar to VNC… Need special graphic card “qxl”
$ qemu-system-x86_64 -vga qxl -spice port=5900,addr=127.0.0.1,disable-ticketing
Se connecter avec un viewer à la VM avec:
$ sudo apt-get install virt-viewer $ remote-viewer spice://127.0.0.1:5900
In order to add copy & paste support:
$ SPICEOPT="-vga qxl -spice port=5900,addr=127.0.0.1,disable-ticketing" $ SPICEMORE="-device virtio-serial -chardev spicevmc,id=vdagent,name=vdagent -device virtserialport,chardev=vdagent,name=com.redhat.spice.0" $ qemu-system-x86_64 -enable-kvm -hda kali.img -name syl -m 2G $SPICEOPT $SPICEMORE
Installer spice-vdagent sur le guest (linux).
$ sudo apt-get install spice-vdagent $ sudo systemctl enable spice-vdagentd $ sudo systemctl enable spice-vdagent $ sudo systemctl daemon-reload $ sudo rm -f /var/run/spice-vdagentd/* $ sudo reboot
Pour windows, il faut installer : https://www.spice-space.org/download/windows/spice-guest-tools/spice-guest-tools-latest.exe
Demarrer space-vdagentd au boot et spicevdagent apres le login X.
Socket display
# elif [ "$QEMUDISPLAY" = "socket" ] ; then # unix socket mode # # bug: with this option, any ctrl-c (SIGINT) in VM will kill all qemu session! # # solution: use socat in raw mode with escape option! # CMD="$CMD -monitor unix:$SESSIONDIR/$HOSTNAME.monitor,server,nowait" # # redirect both qemu monitor & console in two Unix sockets, that can be connected with socat # # $ socat stdin,raw,echo=0 unix-connect:session/<hostname>.sock # CMD="$CMD -serial unix:$SESSIONDIR/$HOSTNAME.sock,server" # wait client connection, else use "nowait" option # # CMD="$CMD -nographic" # CMD="$CMD -display none" # echo "[$HOSTNAME] $CMD" # bash -c "${CMD[@]}" &
# if [ "$QEMUDISPLAY" = "socket" ] ; then # echo "=> To access the QEMU console of each VM, please use the command:" # echo " $ ./connect.sh <session_dir> <vm_hostname>" # fi