Featured image of post Setup A Debian64 12 KVM Server and Virt-Manager Client

Setup A Debian64 12 KVM Server and Virt-Manager Client

This post discusses how to setup a minimal Debian64 12 KVM Server with bridged networking. This also discusses how to setup a Debian64 12 GUI Virt-Manager client for your KVM server.

  • Note 1: It is assumed that the IP of your Debian 12 64-bit KVM server is 192.168.1.251. Change this if necessary.
  • Note 2: It is assumed that the gateway IP of your Debian 12 64-bit KVM server is 192.168.1.1. Change this if necessary.
  • Note 3: It is assumed that the broadcast IP of your Debian 12 64-bit KVM server is 192.168.1.255. Change this if necessary.
  • Note 4: The KVM server setup here will use 192.168.1.1 as the DNS.

###Setup server for remote access:

  • # Install minimal Debian 12 64-bit. Create a regular user “regular”. I deselected everything in the “Software selection” (tasksel) window.

  • # Remove installation media.

  • # Make sure CD-ROM is commented out in “/etc/apt/sources.list”, and that you have configured an official Debian mirror there.

      apt-get -y update
      apt-get -y upgrade
      apt-get -y install net-tools openssh-server openssh-client
    
  • cp -p /etc/network/interfaces /etc/network/interfaces.orig ; vi /etc/network/interfaces # Have the following contents. You may modify the contents if necessary.

      # This file describes the network interfaces available on your system
      # and how to activate them. For more information, see interfaces(5).
    
      source /etc/network/interfaces.d/*
    
      # The loopback network interface
      auto lo
      iface lo inet loopback
    
      # The primary network interface
      allow-hotplug enp3s0
      iface enp3s0 inet static
      	address 192.168.1.251/24
      	network 192.168.1.0
      	broadcast 192.168.1.255
      	gateway 192.168.1.1
      	dns-nameservers 192.168.1.1
    
  • reboot

###You may now remotely access the server:

ssh [email protected]
su -
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
  • vi /etc/ssh/sshd_config # Make sure the following is uncommented:

      ListenAddress 0.0.0.0
    
  • systemctl reload ssh.service

  • # Proceed to setup UFW:

      apt-get -y install ufw
      ufw default deny incoming
      ufw default allow outgoing
      # Substitute the "192.168.1.217" IP address in the next command with the IP address you are using for your SSH client:
      ufw allow proto tcp from 192.168.1.217 to any port 22
      ufw enable
      ufw status numbered
    
  • # Reference: https://www.cyberciti.biz/faq/install-kvm-server-debian-linux-9-headless-server/

      egrep --color 'vmx|svm' /proc/cpuinfo # To confirm if CPU supports virtualization
      apt-get -y install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin
    
  • # Make user “regular” able to manage virtual machines:

      usermod -aG libvirt regular
      usermod -aG libvirt-qemu regular
    
  • # Reload Linux group membership with the help of newgrp command:

      newgrp libvirt
      newgrp libvirt-qemu
    
  • vi /etc/network/interfaces # Modify if necessary.

      # This file describes the network interfaces available on your system
      # and how to activate them. For more information, see interfaces(5).
    
      source /etc/network/interfaces.d/*
    
      # The loopback network interface
      auto lo
      iface lo inet loopback
    
      # The primary network interface
      allow-hotplug enp3s0
      iface enp3s0 inet manual
      #iface enp3s0 inet static
      #	address 192.168.1.251/24
      #	network 192.168.1.0
      #	broadcast 192.168.1.255
      #	gateway 192.168.1.1
      #	dns-nameservers 192.168.1.1
    
      auto br0
      iface br0 inet static
      	address 192.168.1.251
      	broadcast 192.168.1.255
      	netmask 255.255.255.0
      	gateway 192.168.1.1
      	dns-nameservers 192.168.1.1
      	bridge_ports enp3s0    # replace enp3s0 with your actual interface name
      	bridge_stp off       # disable Spanning Tree Protocol
      	bridge_waitport 0    # no delay before a port becomes available
      	bridge_fd 0          # no forwarding delay
    
  • reboot

  • # Do the additional following steps to setup bridged networking in KVM:

      ssh [email protected]
      su -
    
  • vi /root/bridged.xml #Content of file bridged.xml is following:

      <network>
      	<name>br0</name>
      	<forward mode="bridge"/>
      	<bridge name="br0"/>
      </network>
    
  • # Execute the following virsh commands:

      virsh net-define --file /root/bridged.xml
      virsh net-autostart br0
      virsh net-start br0
    
  • reboot

Setup client:

  • # Install Debian 12 64-bit with X.org and a window manager.

  • # Remove installation media.

  • # The following instructions is for setting up a Debian 12 64-bit virt-manager client with X.org.

      su -
      # Make sure CD-ROM is commented out in "/etc/apt/sources.list".
      apt-get -y install virt-manager ssh-askpass --no-install-recommends
      apt-get -y install gir1.2-spiceclientgtk-3.0
      exit
    
  • # Proceed to setup UFW:

      apt-get -y install ufw
      ufw default deny incoming
      ufw default allow outgoing
      ufw enable
      ufw status numbered
    
  • # Setup passwordless SSH in client machine(be a regular, non-root user):

      ssh-keygen # Client; Use defaults, and do not set a passphrase.
      scp ~/.ssh/id_rsa.pub [email protected]:~/ # Client
      ssh [email protected] # Client
      mkdir .ssh ; cat ~/id_rsa.pub >> ~/.ssh/authorized_keys ; chmod 600 ~/.ssh/authorized_keys ; exit # Remote server
      ssh [email protected] # Client; You should successfully SSH without a password here.
      exit # Remote server
      su - # Client
      reboot # Client
    
  • # The client machine should be able to run virt-manager, and you can add the KVM server into it. Proceed with clicking “File->Add Connection”. Use “QEMU/KVM” for the “Hypervisor:”. Make sure “Connect to remote host” is ticked. “Method:” should be SSH. You should use the regular. non-root user you made in the KVM server for the “Username:”. It is “regular” in this documentation. “Hostname:” should have the port number used by SSH(In this documentation, the value for “Hostname:” is “192.168.1.251”. You may modify it if necessary.). You may tick “Autoconnect:” if you like.

  • # When creating a Virtual Machine, please make sure “Virtual network ‘br0’ : Bridge network” is selected under “Network selection” of the “New VM” window.

comments powered by Disqus
Built with Hugo
Theme Stack designed by Jimmy