You are not logged in.

#1 2016-03-13 21:39:45

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Virtual BunsenLabs with QEMU & KVM

This is *not* an authoritative guide to QEMU/KVM, I am far from expert on this subject and this thread constitutes my notes when setting up a virtualised instance of BL.

Any advice, hints, error corrections or insults are welcomed smile

QEMU (short for Quick Emulator) is a free and open-source hosted hypervisor that performs hardware virtualization (not to be confused with hardware-assisted virtualization).

QEMU is a hosted virtual machine monitor: It emulates CPUs through dynamic binary translation and provides a set of device models, enabling it to run a variety of unmodified guest operating systems. It also can be used together with KVM in order to run virtual machines at near-native speed (requiring hardware virtualization extensions on x86 machines). QEMU can also be used purely for CPU emulation for user-level processes, allowing applications compiled for one architecture to be run on another.

https://en.wikipedia.org/wiki/QEMU

Advantages of QEMU/KVM:

  • Integrated into the kernel, no custom modules needed

  • Speed is equivalent to VirtualBox if KVM is supported

  • Fully open & free (as in speech), no proprietary code included

  • Security support is *much* better, VirtualBox is particularly poor in this respect

I referred mostly to the excellent ArchWiki page for this set up:
https://wiki.archlinux.org/index.php/QEMU

First, create a directory (I'm using ~/qemubl) and a disk image for the BunsenLabs system:

mkdir ~/qemubl && cd ~/qemubl
qemu-img create -f raw lab.img 30G # adjust size as needed

Then boot up the BunsenLabs ISO image and run the installer on ~/qemubl/lab.img

qemu-system-x86_64 -cdrom bunsenlabs.iso -boot order=d -drive file=lab.img,format=raw -m 1G

(Use the full, correct name and path for the ISO image and disk image)

Once the system is installed (it may take a while), write a script to launch the hypervisor.

This contains all the options needed to run the emulator, see qemu(1) for a full list of all the available options.

Save the script somewhere in your $PATH (eg, ~/bin/blaunch) and make it executable with `chmod +x ~/bin/blaunch`

This is what my script looks like:

#!/bin/sh
qemu-system-x86_64      -enable-kvm \
                        -m 2G \
                        -device virtio-vga,virgl=on \
                        -drive file=/home/empty/qemubl/lab.img,format=raw,if=virtio \
                        -cpu host \
                        -smp 4 \
                        -soundhw hda \
                        "$@"

For readability and ease of editing, use \ followed immediately by <Return> to create a newline break in the script wink

Change qemu-system-x86_64 & -smp 4 to match whichever architecture and SMP configuration you are using (mine is "amd64" & 4 cores, as shown in `htop`) and add or change other options as needed with reference to `man qemu`

The virtual system can then be started by running `blaunch` in a terminal or a command launcher such as gmrun or dmenu

Once the system is booted, you may have to generate an appropriate modeline to set your desired display resolution, as per https://wiki.archlinux.org/index.php/Xr … esolutions

This is my file for a 1080p monitor:

https://gist.githubusercontent.com/Head … nitor.conf

You may have to work through https://wiki.archlinux.org/index.php/Xr … esolutions to generate the correct modeline with cvt(1)

Enjoy!
smile

Last edited by Head_on_a_Stick (2018-03-31 12:04:58)

Offline

#2 2016-09-27 06:20:31

Snap
Member
Registered: 2015-10-02
Posts: 465

Re: Virtual BunsenLabs with QEMU & KVM

Sorry to resurrect this old topic (well, I'm not wink  )

Thanks for the launching tips, HoaS. Got me some VMs booting!

I'm taking my very first steps with qemu (trying to replace virtualbox for once). The Debian wiki seems to be rather obsolete in this matter. Some packages doesn't even exist anymore. And the Arch wiki is helpful but maybe a bit too "archey".

The thing is I'm all lost with what packages I need to install (qemu, libvirt, kvm... there are plenty of them!). Though the baby is alive anyhow, I'm wondering if it's healthy or mutilated. LOL

Regarding this command

qemu-image create -f raw lab.img 30G

I needed to change it to something like

qemu-img create -f qcow2 ant.img 8G

No idea if it's a typo, things changed since then, or what. Just pointing it out.

Anyone knows a decent basic Qemu guide on Debian for total beginners? At least to install it properly. As I've said there are dozens of quemu and libvirt packages to choose. I guess I don't need them all.

Offline

#3 2016-09-27 06:31:56

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

Snap wrote:

Regarding this command

qemu-image create -f raw lab.img 30G

I needed to change it to something like

qemu-img create -f qcow2 ant.img 8G

I'm not sure what you mean by "needed to change" but qcow2 disk images are the QEMU equivalent of VirtualBox's "dynamically allocated images", these take up less space than a conventional image but will effect performance adversely -- I would consider the latter to be the more important factor, hence my recommendation wink

See https://en.wikibooks.org/wiki/QEMU/Images#Image_types for more on this.

Having said all that I don't really use virtualisation much days, I prefer containers...

#nonemoretrendy

Offline

#4 2016-09-27 06:34:28

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

Offline

#5 2016-09-28 08:22:59

Snap
Member
Registered: 2015-10-02
Posts: 465

Re: Virtual BunsenLabs with QEMU & KVM

@ HoaS. It was the other part of the command qemu-image instead of qemu-img what I was referring to. Not the image type. Sorry for not being clear. Anyway thanks for the explanation. Didn't knew about the performance penalty of dynamically allocated images. Good point to know.

aqemu is in my todo list. It should coming in at some point today.

Containers... I guess I should peek there.

Offline

#6 2016-09-28 08:33:55

Snap
Member
Registered: 2015-10-02
Posts: 465

Re: Virtual BunsenLabs with QEMU & KVM

Host-side [...] 4.4 Linux kernel and Mesa 11.1.

[...]

    Guest-side, you need Mesa 11.1 and a 4.4 Linux kernel.

One question. kernel versions should match? Or is it something like 4.4 and above?

Offline

#7 2016-09-28 10:12:07

Snap
Member
Registered: 2015-10-02
Posts: 465

Re: Virtual BunsenLabs with QEMU & KVM

Cool, thank you.

BTW... aqemu, no, thanks. virt-manager feels waaay better and capable, but it's damned GTK3. I'll stay away from GUIs for now...

Offline

#8 2018-03-25 22:10:56

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

I've updated the OP to take advantage of virtio (rather than -vga std), as suggested by nobody, the graphics card should now be reported as "Virtio GPU" by Red Hat.

Offline

#9 2018-03-26 21:13:32

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

OK, I'm a bit freaked out by the virtio performance (BunsenLabs Helium-dev guest, Alpine Linux host):

empty@animal:~ $ sudo hdparm -t /dev/vda                                                                            
[sudo] password for empty: 
/dev/vda:
 Timing buffered disk reads: 1428 MB in  3.00 seconds = 475.90 MB/sec
empty@animal:~ $ sudo hdparm -t /dev/vda                                                                            

/dev/vda:
 Timing buffered disk reads: 1736 MB in  3.00 seconds = 577.70 MB/sec
empty@animal:~ $ sudo hdparm -t /dev/vda                                                                            

/dev/vda:
 Timing buffered disk reads: 1930 MB in  3.00 seconds = 642.79 MB/sec
empty@animal:~ $ sudo hdparm -t /dev/vda                                                                            

/dev/vda:
 Timing buffered disk reads: 2084 MB in  3.01 seconds = 693.23 MB/sec
empty@animal:~ $ sudo hdparm -t /dev/vda                                                                            

/dev/vda:
 Timing buffered disk reads: 2216 MB in  3.01 seconds = 737.07 MB/sec
empty@animal:~ $

And it keeps going up hmm

On the bare metal `hdparm` reports a consistent ~540MiB in 3 seconds, wtf?

Is it caching?

Last edited by Head_on_a_Stick (2018-03-26 21:15:17)

Offline

#10 2018-03-27 08:26:02

unklar
Back to the roots 1.9
From: #! BL
Registered: 2015-10-31
Posts: 2,722

Re: Virtual BunsenLabs with QEMU & KVM

^ Thank you for publishing your updated script.  smile

I do the tests on my 7-year-old SSD with these commands:

# hdparm -tT /dev/sda

/dev/sda:
 Timing cached reads:   1320 MB in  2.00 seconds = 659.90 MB/sec
 Timing buffered disk reads: 260 MB in  3.02 seconds =  86.05 MB/sec


# hdparm -tT --direct /dev/sda

/dev/sda:
 Timing O_DIRECT cached reads:   172 MB in  2.02 seconds =  85.03 MB/sec
 Timing O_DIRECT disk reads: 264 MB in  3.01 seconds =  87.64 MB/sec

and, she still almost has the values she had on the first day.   big_smile

Last edited by unklar (2018-03-27 08:30:46)

Offline

#11 2018-03-27 20:02:56

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

Thanks unklar but I still get the strange effect with my virtio hard drive:

empty@animal:~ $ sudo hdparm -t /dev/vda

/dev/vda:
 Timing buffered disk reads: 746 MB in  3.00 seconds = 248.57 MB/sec
empty@animal:~ $ sudo hdparm -t /dev/vda                                                 

/dev/vda:
 Timing buffered disk reads: 1102 MB in  3.00 seconds = 367.33 MB/sec
empty@animal:~ $ sudo hdparm -t --direct /dev/vda                                        

/dev/vda:
 Timing O_DIRECT disk reads: 1292 MB in  3.01 seconds = 429.39 MB/sec
empty@animal:~ $ sudo hdparm -t --direct /dev/vda                                        

/dev/vda:
 Timing O_DIRECT disk reads: 1662 MB in  3.00 seconds = 553.77 MB/sec
empty@animal:~ $

The performance is unreal, it doesn't feel virtualised at all.

Also, with the virtio graphics card the display adjusts it size automatically to fit the space available, the window makes room for dwm's title bar and window borders:

Virtual-1 connected primary 1272x752+0+0 (normal left inverted right x axis y axis) 0mm x 0mm

^ The native display is 1280x800, the mouse cursor moves seemlessly between guest and host.

Last edited by Head_on_a_Stick (2018-03-27 20:05:41)

Offline

#12 2018-03-27 21:44:53

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 767

Re: Virtual BunsenLabs with QEMU & KVM

Head_on_a_Stick wrote:

Thanks unklar but I still get the strange effect with my virtio hard drive:

Not surprising at all. The 'hdparm' flushes buffers, i.e. flushes (forces writing) data to the disk. This works on real hardware.

However, in virtual machine the 'hdparm' may flush buffer, but the kvm's buffer kicks in, effectively caching data (i.e. hypervisor decides to not to write data to disk immediately, but store data to RAM). It is natural that 'hdparm' in virtual machine cannot instruct/order flushing to the hypervisor.

It would be interesting to see what will happen when size

Timing buffered disk reads: 746 MB in ...

increases even more, for example close to the available RAM to your host (minus already occupied memory by host and virtual machine).

At least, I think how it is done ....


Postpone all your duties; if you die, you won't have to do them ..

Offline

#13 2018-03-27 21:47:50

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

^ Thank you for the explanation, it is very much appreciated.

The caching effect is fascinating, no wonder so much of the cloud is virtualised.

Offline

#14 2018-03-28 10:57:38

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 767

Re: Virtual BunsenLabs with QEMU & KVM

AFAIK, any OS does caching, irrespective of whether one has virtualized environment or not. During ordinary use, one has impression that the disk is notably faster than it really is. (That's the reason why 'hdparm' flushes buffers when measuring throughoutput, see man page for 'hdparm'.)

Reason for the virtualization/clouds? I think it has nothing to do with the chaching, but instead it has to do with the efficient resource managing, together with the security in the mind.

For example, two companies want certain complicate web pages (PHP, MariaDB, ssh, whatnot ...) to be served. Securitywise, it is much better to have two separated virtual machines ('containers') for each company; breach on one will not affect another one. Maintenancewise, it is quite simple to make backup of the virtual machine (with zero downtime), and bring it back in minutes if something got wrong, while not disturbing other one. Softwarewise, one setup might have contradictory/incompatible configuration requests for installed software. Resourcewise, given today prices of the RAM, disk and processor power, it is cheaper to invest certain amount of money in hardware, than pay able(!) sysadmin(s) who will constantly and intensively monitor single- and unvirtualized server (serving both companies web page).

First-hand experience: I was building cups server for my department ... I simply created two small cups servers in vritual machines, one for real, and one for checking new stuff and testing. And all that with few other small servers (one dedicated to mariadb, one for www, ...). As I learned/tested cups more and more, new features were added ... and all that without any of the (ordinary) users noticing.

It seems that we are returning to the old 'time-sharing' idiom ... single powerfull 'mainframe' computer, and many clients who occasionally need a bit of processing power, but otherwise stay almost idle.

(Sorry for tl;dr ...)


Postpone all your duties; if you die, you won't have to do them ..

Offline

#15 2018-03-28 20:02:23

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

iMBeCil wrote:

security

Any "security" conferred by virtualisation is purely in the imagination of the sales person big_smile

I'm with Theo on this one:

Theo de Raadt wrote:

x86 virtualization is about basically placing another nearly full kernel, full of new bugs, on top of a nasty x86 architecture which barely has correct page protection. Then running your operating system on the other side of this brand new pile of [redacted].

You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.

^ That's from 2007 and I do think he has been proven right since then 8)

Last edited by Head_on_a_Stick (2018-03-28 20:03:01)

Offline

#16 2018-03-29 08:15:04

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 767

Re: Virtual BunsenLabs with QEMU & KVM

Head_on_a_Stick wrote:
Theo de Raadt wrote:

stupid

Apparently, Theo de Raadt and you HoaS think of me as a stupid person. Noice.


Postpone all your duties; if you die, you won't have to do them ..

Offline

#17 2018-03-29 08:34:08

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

^ well obviously you are not stupid so if you really do believe that virtualisation is secure in any meaningful way then you must be deluded smile

Offline

#18 2018-03-29 10:42:20

ohnonot
...again
Registered: 2015-09-29
Posts: 5,592

Re: Virtual BunsenLabs with QEMU & KVM

how is the situation with qemu? should i not use it right now? is the problem debian specific?

[ot_rant]
i'm a little sick of seeing theo de raadt quotes. it seemed genial the first few dozen times, but grows boring quickly.
the acidity & arrogance of absolutely dismissing anything that is not BSD, creates the image that BSD is indeed flawless.
it doesn't take much common sense to understand that that can't be the final truth, either.

nevertheless, a whole cult seems to have developed around (Open)BSD, but more and more often i think that people are just lured by the opportunity to be as abusive & dismissive as possible about anything that is "NOT BSD".

Offline

#19 2018-03-29 11:38:28

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 767

Re: Virtual BunsenLabs with QEMU & KVM

I'm definitely stupid trying to make normal conversation on internet. And definitely deluded by the assumption that no one will indiscriminately extract a single word from (in this case: my) post, and base its answer on that single word without context and proper meaning. tongue

In my defense: I succumb to the stupidity and delude-idity(?) about once a year, only  big_smile  big_smile


Postpone all your duties; if you die, you won't have to do them ..

Offline

#20 2018-03-29 23:27:55

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 9,093
Website

Re: Virtual BunsenLabs with QEMU & KVM

ohnonot wrote:

how is the situation with qemu? should i not use it right now? is the problem debian specific?

There is no problem with QEMU, it's the best virtualisation solution available in Debian at the moment.

I just meant to point out that VMs aren't inherently more secure and should not be used for that purpose (IMO).

I apologise to iMBeCil for any offence caused, I didn't mean to dismiss your post but rather correct what I saw to be a common misconception.

Offline

Board footer

Powered by FluxBB