๐Ÿ’ป

Stop using VBox, Use VMM

๐Ÿ“… Archival Date
Jun 7, 2022 1:14 PM
๐Ÿท๏ธ Tags
Virtualization

Photo by Dre Tech Tips

As a Linux user, you have probably need to use Windows. Windows may be required by your jobs. Or play games that are incompatible with the Proton comparability layers. However, you probably want to run the software in an isolated environment. As the operating system is running a ton of spooky stuff under the hood. The alphabet boys have backdoors into the operating system. And these are the only security flaws that are released to the public.

Being able to run multiple operating systems on one machine requires users to virtualize an operating system. As a new user of virtualization, you have probably been recommended Virtual Box as the go software. However, despite the simplicity of the software, you will soon realize that the performance of the software is slow compared to your main operating system.

Here is why you should use Virtual Machine Manager over Virtual Box.

Virtual Machine Manager vs VirtualBox?

Virtual Machine Manager is the GUI application. While Virtual Box is the entire GUI virtualization suite for desktops. We will only compare the GUI of both applications. Virtual Box has a UI that is focused on simplicity over complexity.

Photo from linuxuprising.com

And thus it is more suited for beginner users of Linux. However, Virtual Machine Manager is tailored toward people who have more experience with virtual machines. As you can customize the software from the hardware used, display server used, emulator, etc. It is the Linux of Virtual Machine software.

Photo from Dre Tech Tips

And thus Virtual Machine Manager is more suited for advanced users. But we need more information about why customization is important. This brings us to the next point.

What is QEMU and KVM?

Virtual Machine Manager follows the Unix philosophy of software modularization. When you hear about Virtual Machine Manager you will usually hear that the software is bundled with other software such as QEMU and KVM.

QEMU is the CLI application that Virtual Machine Manager uses to manage virtual machines. KVM is the open-source hypervisor that Linux. A hypervisor is a software layer that sits between the hardware and guest OS. There are many debates about the different hypervisors that are the best. However, KVM is the best for non-enterprise users that offers the closest to bare-metal performance. You can use Xen over KVM as your hypervisor due to the modularization. VirtualBox does not even come close in terms of performance. This brings us to the next point.

Is KVM a type one or type two hypervisor?

KVM is a type one hypervisor as it uses hardware acceleration on virtual machines. The terminology of type one or type two hypervisor is outdated as most modern hypervisor uses hardware acceleration to some extent. Virtual Box is one of those exceptions as it has a type two hypervisor. This is why Virtual Box has inferior performance compared to other hypervisors.

How to install and setup Virtual Machine Manager?

So now that you are convinced that Virtual Machine Manager is the superior VM software.

  1. Install the require packages

You will need to install the entire suite of software and packages that consist of libvirt, KVM, QEMU, and Virt Manager.

Ubuntu/Debian

sudo apt-get install virt-manager libvirt-bin qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils
sudo pacman -S qemu virt-manager virt-viewer dnsmasq vde2 bridge-utils openbsd-netcat ebtables iptables

2. Start KVM libvirt service

Once you installed it, you will have to enable the KVM libvirt service at boot.

Systemd based machines

sudo systemctl enable libvirtd.service
sudo systemctl start libvirtd.service

Run the commands required to make sure that your service in running the background.

sudo systemctl status libvirtd.service

Successful Output:

โ— libvirtd.service - Virtualization daemonLoaded: loaded (/usr/lib/systemd/system/libvirtd.service; disabled; vendor preset: disabled)โ— libvirtd.socketโ— libvirtd-ro.socketDocs: man:libvirtd(8)https://libvirt.orgMemory: 20.6MCPU: 202msโ””โ”€3559245 /usr/bin/libvirtd --timeout 120Apr 03 20:55:10 dre-latitudee6440 systemd[1]: Starting Virtualization daemon...Apr 03 20:55:10 dre-latitudee6440 systemd[1]: Started Virtualization daemon.

Any output means that your daemon failed to launch which requires debugging. This will be outside of the scope of the tutorial. However, one helpful debugging method is to copy the error message provided by the application into the search engine.

3. Enable normal user account to use KVM

Now you need to enable a normal user account to access KVM. Open the config file for editing using the following command.

sudo [text-editor] /etc/libvirt/libvirtd.conf

Change the socket group ownership to libvirt.

unix_sock_group = "libvirt"
unix_sock_rw_perms = "0770"

Now add the user account that wants to access the virtualization software to the libvirt group with the following commands.

sudo usermod  -a -G libvirt $(whoami)
newgrp libvirt

Finally, restart the libvirt daemon to enable the modifications you have recently made.

sudo systemctl restart libvirtd.service

4. Enable nested virtualization(Optional)

It is assumed that you are running the Linux kernel with an Intel CPU in this section. You can enable nested virtualization to run a VM within a VM. Start by enabling the kernel module.

Then enable persistence with the following command.

echo "options kvm-intel nested=1" | sudo tee /etc/modprobe.d/kvm-intel.conf

From there you need to confirm that nested virtualization is enabled using the following commands

$ systool -m kvm_intel -v | grep nested
  nested = "Y"
  nested_early_check = "N"$ cat /sys/module/kvm_intel/parameters

On AMD replace every word that has intel with amd.

5. Launch the Virtual Machine Manager

Now that you have the software suite installed and setup, it is time to launch the application

virt-manager

This will bring up the following screenshot as the seen by the following.

Photo from Dre Tech Tips

How to use Virtual Machine Manager?

Once you have the virtualization software suite installed it is time to use the application.

We are assuming that you are running the Linux kernel with an Intel CPU in this section. You can enable nested virtualization to run a VM within a VM. Start by enabling the kernel module.

File > Add Connection

Once you have a connection setup you will have to add a virtual machine to that connection. Under the following menu option, you will add a virtual machine.

File > New Virtual Machine

Which will prompt you with the process to create a new virtual machine.

Once you choose all of your options to provision a virtual machine, you will be able to customize the options directly.

Photo from Dre Tech Tips

However, you may not need the virtual machine that you have created. All you have to do is right-click on the virtual machine and click on the delete option. You might need to make a copy of the storage for backup purposes. Most System Administrators will have to automate their backups for time-dependent recovery. Follow my tutorial on how to automate tasks to learn how you can automate Linux tasks. This helps automate VM storage file backup. This covers the major features that the application has to offer.

How to perform PCI pass-through?

For the best performance, you would want to pass through hardware directly into the machine. By default, the hardware such as the mouse and keyboard will be passed through the USB server. This middleware layer will add latency. Luckily, VM Manager allows you to add hardware directly to the machine. For most hardware, you only have to pass the hardware directly into the guest operating system.

image

The downside with passing through is that the hardware is directly is that the main OS will not be able to access the hardware. So you will need a second keyboard and mouse plugged in to escape into the main operating system, without powering off the machines.

How to pass-through the GPU?

You want to pass through the GPU to increase the performance of applications that requires GPU. This is especially important for tasks that require parallelization of algorithms such as video and game rendering or AI development. There are good tutorials out there that already exist that teach you how to pass through a GPU.

image

When you pass through your GPU, your main display will freeze. As you are giving the virtual machines full access to the GPU. The most optimal way of setting up pass-through is to have your main display running off the GPU integrated graphic card. And there is DRM for NVIDIA consumer-grade GPU that prevents users from using multiple GPUS. However, there are so many tutorials on the internet that teaches people how to remove this DRM.

In some games, the GPU performance for KVM will be faster than Bare Metal performance.

Figure 1 from fourm.level1techs.com

As crazy as that sounds. It is just another reason you should host Windows in a KVM virtual machine besides avoiding the spookiness and spyware.

How to create a header-less server?

Now that have created a visualized server on your local machine, the question of remote connection would probably come up. There are many use cases in which having a header-less server is a benefit. This is assuming that your setup has a good internet connection. You can create a header-less server that can be connected anywhere from your office or home such as your TV, Laptop or even mobile phone. By default the virtual machine libvirt libraries allow remote machines to access the hypervisor through authenticated and encrypted connections.

You should add a static IP address or hostname for the server so that you can easily access the virtual machine on any computer. The first time you try to access the service will prompt you for a password. Even with the right password, it will keep having a recurring authentication loop. I am not sure if this is a bug or something, however, you need to use a private key file to authenticate. You just need a hostname and the key file to authenticate to the server.

qemu+ssh://[email protected]/system?keyfile=~/.ssh/vm.local

Now you can access the display of the virtual private server without having to log in with your credentials anymore.

How to setup cloud gaming without the spook?

You have probably seen all of these ads with Google Stadia and NVIDIA Ge-Force Now promoting cloud gaming in the past year. These platforms will monitor all of your keystrokes, mouse movements, device types, and so on. So that they can use that data to give you targeted advertising. The dystopian stuff that you would see in Black Mirror.

Patent Figure from reddit.com

image

Not only that but some people are concerned about the lack of ownership of the software. Your account can get banned or deleted causing you to lose everything associated with the account. And of course, the company maintaining the software can go out of business meaning that you will lose all of the games you have purchased. And thus this is the reason not to keep everything in the cloud.

Figure from psu.edu

However, you do not have to forgo cloud gaming as an option. As there are some benefits such as not having to upgrade the hardware. Paying for the time you spent and not the hardware you buy. And being able to play anywhere with a solid internet connection. This is assuming that you know how to configure your cloud gaming system such that it does not have the downsides mentioned in mass-marketed cloud gaming.

You can create a VPS with an NVME Solid State Drive and the latest NVIDIA GPU. It seems like Digital Peasantry is the only option for people who cannot afford the latest hardware. The provider that I recommend such as Digital Ocean does not have options available for NVME and NVIDIA GPU. However, here are some recommended VPS providers that do offer the options of having the latest GPU and fastest NVMe Storage.

Even with fast servers, cloud gaming is only as good as the latency running on the servers. Follow these tips to decrease latency. Run your Virtual Machines on servers that are as close to your location. Look at the ping time. A close server with high ping time usually means that the quality of service algorithm the platform is using sucks or that the traffic is overloading the available bandwidth. In which case you should take a look at using another platform provider. Also, look at the reputation of the service. Some platforms are run by people who have little expertise in network security. Or they are outright FED honey pots designed to bait people whether malicious or not malicious into thinking that they are using a private VPS. Take a look at the guide on how to create a based content delivery network to learn more about optimizing content delivery. For more server optimization information take a look into researching Edge Computing.

With all of this optimization and risk, it is probably better to self-host instead of using the cloud if you do not know what you are doing. Purchasing that hardware these days would cost a lot due to scraping. However, you can buy older hardware for cheap on eBay. As most people should know that the cloud is nothing more than someone elseโ€™s servers. There are ways of saving money when using the cloud. As most servers charge not by the hours that the machine is on, but by the storage of the content. You can find a bunch of tutorials on the internet about cost reduction techniques you can use.

Once you create the VPS. Login to the VPS setup the header-less server. Make sure you create a non-root user. Configure the Virtual Machine Manager software. Now you will be able to play your games anywhere assuming that you have your private key to connect to the server. Connect to your server using the QEMU over the SSH port to prevent anyone from snooping over your connection. Now you have created cloud gaming without all spyware. It is also recommended that you run latency testing benchmarks on each service you use to optimize the performance.

In Conclusion

The IT and engineering fields are rapidly evolving fields. Not keeping up means that you will be left behind in the dust. The best way to keep up is by staying up to date on the news and educational content. Subscribe to the free email listing to 10X your career.

Join us as the 50+ people who want to fast-track their careers and knowledge base have already signed up.

Reaching this point probably means that you agree with the majority of what has been written. Leave a ton of claps to get the algorithm to promote unpopular technology such as Linux to the masses.

Related Content: