Creating a Virtual Machine with Linux KVM

  • By Aaron
  • Thu 28 November 2019
  • Updated on Sat 18 January 2020

Installing Linux KVM Utilities

You will need the following libraries to manage KVM hosts on your machine. I am running CentOS 7 with SELinux.

yum update
yum install policycoreutils-python
yum install qemu-kvm-tools
yum install virt-install
yum install libguestfs-tools

I stopped disabling SELinux once I learned how to create custom SELinux policies. As a result, we need to allow a file context for the VM disks.

# semanage fcontext --add -t virt_image_t '/storage/vm(/.*)?'

VM Networking with Host iptables

The host server I'm building the lab on has 4 ethernet devices and 2 10Gbps SPFs.

My objective is to have all host traffic isolated to em1 and all VM traffic travel over em2. My internal network is configured as 192.168.0.0/21 allowing my to utilize everything below 192.168.8.0 for my network. I chose to correlate each ethernet device to its corresponding /24: em1 -> 192.168.1.0/24, em2 -> 192.168.2.0/24, etc.

I don't really know how to pull this off yet, but when I figure it out, I'll post an article about it.

In fact, it has been so difficult to accomplish this, that I decided instead to use NAT for my VMs and be done with it.

Creating a new Virtual Machine

While you could certainly create your own image, I will save the time and use an image already created by the CentOS team.

There is a directory of cloud images located here: https://cloud.centos.org/centos/7/images/

# wget https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1907.qcow2 -O /storage/vm/images/CentOS-7-x86_64-GenericCloud-1907.qcow2

Create a copy of the image to become the VM's disk.

# cp -v /storage/vm/images/CentOS-7-x86_64-GenericCloud-1907.qcow2 /storage/vm/disk/vm-guest-1.qcow2

The image we have downloaded from CentOS contains no root password and a cloud-init script. Since we're not running in the cloud and would like a root password, let's customize the image.

# virt-customize -a /storage/vm/images/CentOS-7-x86_64-GenericCloud-1907.qcow2 --root-password password:PASSW0RD --uninstall cloud-init
[   0.0] Examining the guest ...
[   5.7] Setting a random seed
[   5.7] Uninstalling packages: cloud-init
[   7.7] Setting passwords
[   9.2] Finishing off

Now we can start the VM

# virt-install \
  --name vm-guest-1 \
  --memory 4096 \
  --vcpus 1 \
  --disk path=/storage/vm/disk/vm-guest-1.qcow2 \
  --graphics none \
  --virt-type kvm \
  --import \
  --os-variant centos7.0 \
  --noautoconsole

Verify running VM

# virsh list
 Id    Name                           State
----------------------------------------------------
 1     vm-guest-1                     running

Connect to the console for test drive

# virsh console vm-guest-1
Connected to domain vm-guest-1
Escape character is ^]

CentOS Linux 7 (Core)
Kernel 3.10.0-957.27.2.el7.x86_64 on an x86_64

localhost login: root
Password: 
[root@localhost ~]#

Using the password we defined during the customization step, we were able to log in without issue.

tags: Linux KVM