running a kvm guest without libvirt

assuming the kvm host is up and running already

requirements

which kvm
man kvm

mkdir -p /etc/qemu/
vi /etc/qemu/bridge.conf

allow guestbr0

disk skeleton

guest=bookworm1

mkdir -p /data/guests/$guest/
cd /data/guests/$guest/

–either– skeleton sparse-file

dd if=/dev/zero of=$guest.ext4 bs=1G count=0 seek=10

mkfs.ext4 $guest.ext4

mkdir lala/ 
mount -o loop $guest lala/

bootstrap

# use same mirror as from host system
cat /etc/apt/sources.list
mirror=`cat /etc/apt/sources.list | awk '{print $2}'`

apt install lsb-release debootstrap

# use same release as host system
lsb_release -cs
time debootstrap --arch=amd64 `lsb_release -cs 2>/dev/null` lala/ $mirror

post-bootstrap

cat > lala/etc/fstab <<-EOF # override
/dev/vda1 / ext4 defaults 0 0
proc /proc proc defaults 0 0
tmpfs /tmp tmpfs rw,nodev,nosuid,noatime,relatime 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
EOF

setup the network

vi lala/etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address x.x.x.x/xx
    gateway x.x.x.x

unlock the root account

chroot lala/

passwd root
^D

is host kernel suitable for serial output?

ls -lhF /boot/config*
grep CONFIG_VIRTIO_CONSOLE /boot/config-6.1.0-32-cloud-amd64
grep -i virtio /boot/config-6.1.0-32-cloud-amd64

get guest kernel modules ready

mkdir lala/lib/modules/
cp -R /lib/modules/6.1.0-32-cloud-amd64/ lala/lib/modules/

fortunately here we’re using same kernel on both sides – anyhow that would be executed at boot-time

chroot lala/ depmod -a

and you’re good to go

umount -R lala/
rmdir lala/

kvm -nic model=help

screen -S consoles

vdisk=/root/guest1.ext4
vdisk=/root/guest2.ext4
vdisk=/root/guest3.ext4

bridge=guestbr0

# we are lucking we're doing a poc using nested virtualization here...
ls -lhF /boot/vmlinuz*
ls -lhF /boot/initrd*
kernel=/boot/vmlinuz-6.1.0-32-cloud-amd64
initrd=/boot/initrd.img-6.1.0-32-cloud-amd64

# beware the path here needs to be /dev/vda not /dev/vda1
kvm --enable-kvm -m 256 \
    -display curses -serial pty \
    -drive file=$vdisk,media=disk,if=virtio,format=raw \
    -kernel $kernel -initrd $initrd -append "ro root=/dev/vda net.ifnames=0 biosdevname=0 mitigations=off" \
    -nic bridge,br=guestbr0,model=virtio-net-pci

    # init=/bin/bash
    # ,mac=xx:xx:xx:xx:xx:xx
    # -overcommit mem-lock=off \
    # -display none -nographic -serial pty \
    # -device virtio-serial-pci,id=serial0 \

HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Licensed under MIT