mirror of
https://github.com/virt-manager/virt-manager.git
synced 2025-01-11 05:17:59 +03:00
41757d8e2d
We support it, but we don't do distro detection so defaults are going to be crappy.
1816 lines
54 KiB
Plaintext
1816 lines
54 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
virt-install - provision new virtual machines
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
B<virt-install> [OPTION]...
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
B<virt-install> is a command line tool for creating new KVM, Xen, or Linux
|
|
container guests using the C<libvirt> hypervisor management library.
|
|
See the EXAMPLES section at the end of this document to quickly get started.
|
|
|
|
B<virt-install> tool supports graphical installations using (for example)
|
|
VNC or SPICE, as well as text mode installs over serial console. The guest
|
|
can be configured to use one or more virtual disks, network interfaces,
|
|
audio devices, physical USB or PCI devices, among others.
|
|
|
|
The installation media can be local ISO or CDROM media, or a distro install
|
|
tree hosted remotely over HTTP, FTP, or in a local directory. In the install
|
|
tree case C<virt-install> will fetch the minimal files
|
|
necessary to kick off the installation process, allowing the guest
|
|
to fetch the rest of the OS distribution as needed. PXE booting, and importing
|
|
an existing disk image (thus skipping the install phase) are also supported.
|
|
|
|
Given suitable command line arguments, C<virt-install> is capable of running
|
|
completely unattended, with the guest 'kickstarting' itself too. This allows
|
|
for easy automation of guest installs.
|
|
|
|
Many arguments have sub options, specified like opt1=foo,opt2=bar, etc. Try
|
|
--option=? to see a complete list of sub options associated with that
|
|
argument, example: virt-install --disk=?
|
|
|
|
Most options are not required. Minimum requirements are --name, --memory,
|
|
guest storage (--disk or --filesystem), and an install option.
|
|
|
|
|
|
=head1 CONNECTING TO LIBVIRT
|
|
|
|
=over 4
|
|
|
|
=item B<--connect> URI
|
|
|
|
Connect to a non-default hypervisor. If this isn't specified, libvirt
|
|
will try and choose the most suitable default.
|
|
|
|
Some valid options here are:
|
|
|
|
=over 4
|
|
|
|
=item qemu:///system
|
|
|
|
For creating KVM and QEMU guests to be run by the system libvirtd instance.
|
|
This is the default mode that virt-manager uses, and what most KVM users
|
|
want.
|
|
|
|
=item qemu:///session
|
|
|
|
For creating KVM and QEMU guests for libvirtd running as the regular user.
|
|
|
|
=item xen:///
|
|
|
|
For connecting to Xen.
|
|
|
|
=item lxc:///
|
|
|
|
For creating linux containers
|
|
|
|
=back
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
=head1 GENERAL OPTIONS
|
|
|
|
General configuration parameters that apply to all types of guest installs.
|
|
|
|
=over 4
|
|
|
|
=item B<-n> NAME
|
|
|
|
=item B<--name> NAME
|
|
|
|
Name of the new guest virtual machine instance. This must be unique amongst
|
|
all guests known to the hypervisor on the connection, including those not
|
|
currently active. To re-define an existing guest, use the C<virsh(1)> tool
|
|
to shut it down ('virsh shutdown') & delete ('virsh undefine') it prior to
|
|
running C<virt-install>.
|
|
|
|
=item B<--memory> OPTIONS
|
|
|
|
Memory to allocate for the guest, in MiB. This deprecates the -r/--ram option.
|
|
Sub options are available, like 'memory', 'currentMemory', 'maxMemory'
|
|
and 'maxMemory.slots', which all map to the identically named XML values.
|
|
|
|
Back compat values 'memory' maps to the <currentMemory> element, and maxmemory
|
|
maps to the <memory> element.
|
|
|
|
To configure memory modules which can be hotunplugged see B<--memdev> description.
|
|
|
|
Use --memory=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsMemoryAllocation>
|
|
|
|
=item B<--memorybacking> OPTIONS
|
|
|
|
This option will influence how virtual memory pages are backed by host pages.
|
|
|
|
Use --memorybacking=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsMemoryBacking>
|
|
|
|
=item B<--arch> ARCH
|
|
|
|
Request a non-native CPU architecture for the guest virtual machine.
|
|
If omitted, the host CPU architecture will be used in the guest.
|
|
|
|
=item B<--machine> MACHINE
|
|
|
|
The machine type to emulate. This will typically not need to be specified
|
|
for Xen or KVM, but is useful for choosing machine types of more exotic
|
|
architectures.
|
|
|
|
=item B<--metadata> OPT=VAL,[...]
|
|
|
|
Specify metadata values for the guest. Possible options include name, uuid, title, and description. This option deprecates -u/--uuid and --description.
|
|
|
|
Use --metadata=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsMetadata>
|
|
|
|
=item B<--events> OPT=VAL,[...]
|
|
|
|
Specify events values for the guest. Possible options include on_poweroff, on_reboot, and on_crash.
|
|
|
|
Use --events=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsEvents>
|
|
|
|
=item B<--resource> OPT=VAL,[...]
|
|
|
|
Specify resource partitioning for the guest.
|
|
|
|
Use --resource=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#resPartition>
|
|
|
|
=item B<--sysinfo> OPT=VAL,[...]
|
|
|
|
Configure sysinfo/SMBIOS values exposed to the VM OS.
|
|
|
|
Some examples:
|
|
|
|
=over 4
|
|
|
|
=item B<--sysinfo host>
|
|
|
|
Special type that exposes the host's SMBIOS info into the VM.
|
|
|
|
=item B<--sysinfo emulate>
|
|
|
|
Sepcial type where hypervisor will generate SMBIOS info into the VM.
|
|
|
|
=item B<--sysinfo bios.vendor=custom> or B<--sysinfo smbios,bios.vendor=custom>
|
|
|
|
The default type is B<smbios> and allows users to specify SMBIOS info manually.
|
|
|
|
=back
|
|
|
|
Use --sysinfo=? to see a list of all available sub options.
|
|
|
|
Complete details at L<https://libvirt.org/formatdomain.html#elementsSysinfo>
|
|
and L<https://libvirt.org/formatdomain.html#elementsOSBIOS> for B<smbios> XML element.
|
|
|
|
=item B<--qemu-commandline> ARGS
|
|
|
|
Pass options directly to the qemu emulator. Only works for the libvirt qemu driver. The option can take a string of arguments, for example:
|
|
|
|
--qemu-commandline="-display gtk,gl=on"
|
|
|
|
Environment variables are specified with 'env', for example:
|
|
|
|
--qemu-commandline=env=DISPLAY=:0.1
|
|
|
|
Complete details about the libvirt feature: L<https://libvirt.org/drvqemu.html#qemucommand>
|
|
|
|
=item B<--vcpus> OPTIONS
|
|
|
|
Number of virtual cpus to configure for the guest. If 'maxvcpus' is specified,
|
|
the guest will be able to hotplug up to MAX vcpus while the guest is running,
|
|
but will startup with VCPUS.
|
|
|
|
CPU topology can additionally be specified with sockets, cores, and threads.
|
|
If values are omitted, the rest will be autofilled preferring sockets over
|
|
cores over threads.
|
|
|
|
'cpuset' sets which physical cpus the guest can use. C<CPUSET> is a comma separated list of numbers, which can also be specified in ranges or cpus to exclude. Example:
|
|
|
|
0,2,3,5 : Use processors 0,2,3 and 5
|
|
1-5,^3,8 : Use processors 1,2,4,5 and 8
|
|
|
|
If the value 'auto' is passed, virt-install attempts to automatically determine
|
|
an optimal cpu pinning using NUMA data, if available.
|
|
|
|
Use --vcpus=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsCPUAllocation>
|
|
|
|
=item B<--numatune> OPTIONS
|
|
|
|
Tune NUMA policy for the domain process. Example invocations
|
|
|
|
--numatune 1,2,3,4-7
|
|
--numatune 1-3,5,memory.mode=preferred
|
|
|
|
Specifies the numa nodes to allocate memory from. This has the same syntax
|
|
as C<--vcpus cpuset=> option. mode can be one of 'interleave', 'preferred', or
|
|
'strict' (the default). See 'man 8 numactl' for information about each
|
|
mode.
|
|
|
|
Use --numatune=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsNUMATuning>
|
|
|
|
=item B<--memtune> OPTIONS
|
|
|
|
Tune memory policy for the domain process. Example invocations
|
|
|
|
--memtune 1000
|
|
--memtune hard_limit=100,soft_limit=60,swap_hard_limit=150,min_guarantee=80
|
|
|
|
Use --memtune=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsMemoryTuning>
|
|
|
|
=item B<--blkiotune> OPTIONS
|
|
|
|
Tune blkio policy for the domain process. Example invocations
|
|
|
|
--blkiotune 100
|
|
--blkiotune weight=100,device.path=/dev/sdc,device.weight=200
|
|
|
|
Use --blkiotune=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsBlockTuning>
|
|
|
|
=item B<--cpu> MODEL[,+feature][,-feature][,match=MATCH][,vendor=VENDOR],...
|
|
|
|
Configure the CPU model and CPU features exposed to the guest. The only
|
|
required value is MODEL, which is a valid CPU model as known to libvirt.
|
|
|
|
Libvirt's feature policy values force, require, optional, disable, or forbid,
|
|
or with the shorthand '+feature' and '-feature', which equal 'force=feature'
|
|
and 'disable=feature' respectively.
|
|
|
|
If exact CPU model is specified virt-install will automatically copy CPU
|
|
features available on the host to mitigate recent CPU speculative execution
|
|
side channel and Microarchitectural Store Buffer Data security vulnerabilities.
|
|
This however will have some impact on performance and will break migration
|
|
to hosts without security patches. In order to control this behavior there
|
|
is a B<secure> parameter. Possible values are I<on> and I<off>, with I<on>
|
|
as the default. It is highly recommended to leave this enabled and ensure all
|
|
virtualization hosts have fully up to date microcode, kernel & virtualization
|
|
software installed.
|
|
|
|
Some examples:
|
|
|
|
=over 4
|
|
|
|
=item B<--cpu core2duo,+x2apic,disable=vmx>
|
|
|
|
Expose the core2duo CPU model, force enable x2apic, but do not expose vmx
|
|
|
|
=item B<--cpu host>
|
|
|
|
Expose the host CPUs configuration to the guest. This enables the guest to
|
|
take advantage of many of the host CPUs features (better performance), but
|
|
may cause issues if migrating the guest to a host without an identical CPU.
|
|
|
|
=item B<--cpu host-model-only>
|
|
|
|
Expose the nearest host CPU model configuration to the guest.
|
|
It is the best CPU which can be used for a guest on any of the hosts.
|
|
|
|
=item B<--cpu numa.cell0.memory=1234,numa.cell0.cpus=0-3,numa.cell1.memory=5678,numa.cell1.cpus=4-7>
|
|
|
|
Example of specifying two NUMA cells. This will generate XML like:
|
|
|
|
<cpu>
|
|
<numa>
|
|
<cell cpus="0-3" memory="1234"/>
|
|
<cell cpus="4-7" memory="5678"/>
|
|
</numa>
|
|
</cpu>
|
|
|
|
=item B<--cpu host-passthrough,cache.mode=passthrough>
|
|
|
|
Example of passing through the host cpu's cache information.
|
|
|
|
=back
|
|
|
|
Use --cpu=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsCPU>
|
|
|
|
=item B<--cputune> OPTIONS
|
|
|
|
Tune CPU parameters for the guest.
|
|
|
|
Configure which of the host's physical CPUs the domain VCPU will be pinned to. Example invocation
|
|
|
|
--cputune vcpupin0.vcpu=0,vcpupin0.cpuset=0-3,vcpupin1.vcpu=1,vcpupin1.cpuset=4-7
|
|
|
|
Use --cputune=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsCPUTuning>
|
|
|
|
=item B<--security>/B<--seclabel> type=TYPE[,label=LABEL][,relabel=yes|no],...
|
|
|
|
Configure domain seclabel domain settings. Type can be either 'static' or
|
|
'dynamic'. 'static' configuration requires a security LABEL. Specifying
|
|
LABEL without TYPE implies static configuration.
|
|
|
|
Use --security=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#seclabel>
|
|
|
|
|
|
=item B<--iothreads> OPTIONS
|
|
|
|
Specify domain <iothreads> and/or <iothreadids> XML. For example, to configure <iothreads>4</iothreads>, do:
|
|
|
|
--iothreads 4
|
|
|
|
Use --iothreads=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsIOThreadsAllocation>
|
|
|
|
|
|
=item B<--features> FEAT=on|off,...
|
|
|
|
Set elements in the guests <features> XML on or off. Examples include acpi,
|
|
apic, eoi, privnet, and hyperv features. Some examples:
|
|
|
|
=over 4
|
|
|
|
=item B<--features apic.eoi=on>
|
|
|
|
Enable APIC PV EOI
|
|
|
|
=item B<--features hyperv.vapic.state=on,hyperv.spinlocks.state=off>
|
|
|
|
Enable hypver VAPIC, but disable spinlocks
|
|
|
|
=item B<--features kvm.hidden.state==on>
|
|
|
|
Allow the KVM hypervisor signature to be hidden from the guest
|
|
|
|
=item B<--features pvspinlock=on>
|
|
|
|
Notify the guest that the host supports paravirtual spinlocks for example by exposing the pvticketlocks mechanism.
|
|
|
|
=item B<--features gic.version=2>
|
|
|
|
This is relevant only for ARM architectures. Possible values are "host" or
|
|
version number.
|
|
|
|
=item B<--features smm.state=on>
|
|
|
|
This enables System Management Mode of hypervisor. Some UEFI firmwares may
|
|
require this feature to be present. (QEMU supports SMM only with q35 machine
|
|
type.)
|
|
|
|
=back
|
|
|
|
Use --features=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsFeatures>
|
|
|
|
=item B<--clock> offset=OFFSET,TIMER_OPT=VAL,...
|
|
|
|
Configure the guest's <clock> XML. Some supported options:
|
|
|
|
=over 4
|
|
|
|
=item B<--clock offset=OFFSET>
|
|
|
|
Set the clock offset, ex. 'utc' or 'localtime'
|
|
|
|
=item B<--clock TIMER_present=no>
|
|
|
|
Disable a boolean timer. TIMER here might be hpet, kvmclock, etc.
|
|
|
|
=item B<--clock TIMER_tickpolicy=VAL>
|
|
|
|
Set a timer's tickpolicy value. TIMER here might be rtc, pit, etc. VAL
|
|
might be catchup, delay, etc. Refer to the libvirt docs for all values.
|
|
|
|
=back
|
|
|
|
Use --clock=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsTime>
|
|
|
|
|
|
=item B<--pm> OPTIONS
|
|
|
|
Configure guest power management features. Example:
|
|
|
|
--pm suspend_to_memi.enabled=on,suspend_to_disk.enabled=off
|
|
|
|
Use --pm=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsPowerManagement>
|
|
|
|
=item B<--launch-security> TYPE[,OPTS]
|
|
|
|
Enable launch security for the guest, e.g. AMD SEV.
|
|
|
|
Use --launch-security=? to see a list of all available sub options. Complete
|
|
details at L<https://libvirt.org/formatdomain.html#launchSecurity>. Example
|
|
invocations:
|
|
# This will use a default policy 0x03
|
|
# No dhCert provided, so no data can be exchanged with the SEV firmware
|
|
--launchSecurity sev
|
|
|
|
# Explicit policy 0x01 - disables debugging, allows guest key sharing
|
|
--launchSecurity sev,policy=0x01
|
|
|
|
# Provide the session blob obtained from the SEV firmware
|
|
# Provide dhCert to open a secure communication channel with SEV firmware
|
|
--launchSecurity sev,session=BASE64SESSIONSTRING,dhCert=BASE64DHCERTSTRING
|
|
|
|
SEV has further implications on usage of virtio devices, so refer to EXAMPLES
|
|
section to see a full invocation of virt-install with --launchSecurity.
|
|
|
|
=back
|
|
|
|
=head1 INSTALLATION OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<-c> OPTIONS
|
|
|
|
=item B<--cdrom> OPTIONS
|
|
|
|
ISO file or CDROM device to use for VM install media. After install,
|
|
the the virtual CDROM device will remain attached to the VM, but with
|
|
the ISO or host path media ejected.
|
|
|
|
=item B<-l> LOCATION
|
|
|
|
=item B<--location> OPTIONS
|
|
|
|
Distribution tree installation source. virt-install can recognize
|
|
certain distribution trees and fetches a bootable kernel/initrd pair to
|
|
launch the install.
|
|
|
|
--location allows things like --extra-args for kernel arguments,
|
|
and using --initrd-inject. If you want to use those options with CDROM media,
|
|
you can pass the ISO to --location as well.
|
|
|
|
The C<LOCATION> can take one of the following forms:
|
|
|
|
=over 4
|
|
|
|
=item https://host/path
|
|
|
|
An HTTP server location containing an installable distribution image.
|
|
|
|
=item ftp://host/path
|
|
|
|
An FTP server location containing an installable distribution image.
|
|
|
|
=item ISO
|
|
|
|
Probe the ISO and extract files using 'isoinfo'
|
|
|
|
=item DIRECTORY
|
|
|
|
Path to a local directory containing an installable distribution image. Note that the directory will not be accessible by the guest after initial boot, so the OS installer will need another way to access the rest of the install media.
|
|
|
|
=back
|
|
|
|
Some distro specific url samples:
|
|
|
|
=over 4
|
|
|
|
=item Fedora/Red Hat Based
|
|
|
|
https://download.fedoraproject.org/pub/fedora/linux/releases/29/Server/x86_64/os
|
|
|
|
=item Debian
|
|
|
|
https://ftp.us.debian.org/debian/dists/stable/main/installer-amd64/
|
|
|
|
=item Ubuntu
|
|
|
|
https://us.archive.ubuntu.com/ubuntu/dists/wily/main/installer-amd64/
|
|
|
|
=item Suse
|
|
|
|
https://download.opensuse.org/pub/opensuse/distribution/leap/42.3/repo/oss/
|
|
|
|
=back
|
|
|
|
Additionally, --location can take 'kernel' and 'initrd' sub options. These paths
|
|
relative to the specified location URL/ISO that allow selecting specific files
|
|
for kernel/initrd within the install tree. This can be useful if virt-install/
|
|
libosinfo doesn't know where to find the kernel in the specified --location.
|
|
|
|
For example, if you have an ISO that libosinfo doesn't know about called
|
|
my-unknown.iso, with a kernel at 'kernel/fookernel' and initrd at
|
|
'kernel/fooinitrd', you can make this work with:
|
|
|
|
--location my-unknown.iso,kernel=kernel/fookernel,initrd=kernel/fooinitrd
|
|
|
|
=item B<--pxe>
|
|
|
|
Use the PXE boot protocol to load the initial ramdisk and kernel for starting
|
|
the guest installation process.
|
|
|
|
=item B<--import>
|
|
|
|
Skip the OS installation process, and build a guest around an existing
|
|
disk image. The device used for booting is the first device specified via
|
|
C<--disk> or C<--filesystem>.
|
|
|
|
=item B<--livecd>
|
|
|
|
Specify that the installation media is a live CD and thus the guest
|
|
needs to be configured to boot off the CDROM device permanently. It
|
|
may be desirable to also use the C<--disk none> flag in combination.
|
|
|
|
=item B<-x> EXTRA
|
|
|
|
=item B<--extra-args> OPTIONS
|
|
|
|
Additional kernel command line arguments to pass to the installer when
|
|
performing a guest install from C<--location>. One common usage is specifying
|
|
an anaconda kickstart file for automated installs, such as
|
|
--extra-args "ks=https://myserver/my.ks"
|
|
|
|
=item B<--initrd-inject> PATH
|
|
|
|
Add PATH to the root of the initrd fetched with C<--location>. This can be
|
|
used to run an automated install without requiring a network hosted kickstart
|
|
file:
|
|
|
|
--initrd-inject=/path/to/my.ks --extra-args "ks=file:/my.ks"
|
|
|
|
=item B<--boot> BOOTOPTS
|
|
|
|
Optionally specify the post-install VM boot configuration. This option allows
|
|
specifying a boot device order, permanently booting off kernel/initrd with
|
|
option kernel arguments, and enabling a BIOS boot menu (requires libvirt
|
|
0.8.3 or later)
|
|
|
|
--boot can be specified in addition to other install options
|
|
(such as --location, --cdrom, etc.) or can be specified on its own. In
|
|
the latter case, behavior is similar to the --import install option: there
|
|
is no 'install' phase, the guest is just created and launched as specified.
|
|
|
|
Some examples:
|
|
|
|
=over 4
|
|
|
|
=item B<--boot cdrom,fd,hd,network>
|
|
|
|
Set the boot device priority as first cdrom, first floppy, first harddisk,
|
|
network PXE boot.
|
|
|
|
=item B<--boot kernel=KERNEL,initrd=INITRD,kernel_args="console=/dev/ttyS0">
|
|
|
|
Have guest permanently boot off a local kernel/initrd pair, with the
|
|
specified kernel options.
|
|
|
|
=item B<--boot kernel=KERNEL,initrd=INITRD,dtb=DTB>
|
|
|
|
Have guest permanently boot off a local kernel/initrd pair with an
|
|
external device tree binary. DTB can be required for some non-x86
|
|
configurations like ARM or PPC
|
|
|
|
=item B<--boot loader=BIOSPATH>
|
|
|
|
Use BIOSPATH as the virtual machine BIOS.
|
|
|
|
=item B<--boot bootmenu.enable=on,bios.useserial=on>
|
|
|
|
Enable the bios boot menu, and enable sending bios text output over
|
|
serial console.
|
|
|
|
=item B<--boot init=INITPATH>
|
|
|
|
Path to a binary that the container guest will init. If a root C<--filesystem>
|
|
has been specified, virt-install will default to /sbin/init, otherwise
|
|
will default to /bin/sh.
|
|
|
|
=item B<--boot uefi>
|
|
|
|
Configure the VM to boot from UEFI. In order for virt-install to know the
|
|
correct UEFI parameters, libvirt needs to be advertising known UEFI binaries
|
|
via domcapabilities XML, so this will likely only work if using properly
|
|
configured distro packages.
|
|
|
|
=item B<--boot loader=/.../OVMF_CODE.fd,loader.readonly=yes,loader.type=pflash,nvram.template=/.../OVMF_VARS.fd,loader_secure=no>
|
|
|
|
Specify that the virtual machine use the custom OVMF binary as boot firmware,
|
|
mapped as a virtual flash chip. In addition, request that libvirt instantiate
|
|
the VM-specific UEFI varstore from the custom "/.../OVMF_VARS.fd" varstore
|
|
template. This is the recommended UEFI setup, and should be used if
|
|
--boot uefi doesn't know about your UEFI binaries. If your UEFI firmware
|
|
supports Secure boot feature you can enable it via loader_secure.
|
|
|
|
=back
|
|
|
|
Use --boot=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsOS>
|
|
|
|
=item B<--idmap> OPTIONS
|
|
|
|
If the guest configuration declares a UID or GID mapping,
|
|
the 'user' namespace will be enabled to apply these.
|
|
A suitably configured UID/GID mapping is a pre-requisite to
|
|
make containers secure, in the absence of sVirt confinement.
|
|
|
|
--idmap can be specified to enable user namespace for LXC containers. Example:
|
|
|
|
--idmap uid.start=0,uid.target=1000,uid.count=10,gid.start=0,gid.target=1000,gid.count=10
|
|
|
|
Use --idmap=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsOSContainer>
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
=head1 GUEST OS OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<--os-variant> OS_VARIANT
|
|
|
|
Optimize the guest configuration for a specific operating system (ex.
|
|
'fedora29', 'rhel7', 'win10'). While not required, specifying this
|
|
options is HIGHLY RECOMMENDED, as it can greatly increase performance
|
|
by specifying virtio among other guest tweaks.
|
|
|
|
By default, virt-install will attempt to auto detect this value from
|
|
the install media (currently only supported for URL installs). Autodetection
|
|
can be disabled with the special value 'none'. Autodetection can be
|
|
forced with the special value 'auto'.
|
|
|
|
Use the command "osinfo-query os" to get the list of the accepted OS
|
|
variants.
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
=head1 STORAGE OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<--disk> OPTIONS
|
|
|
|
Specifies media to use as storage for the guest, with various options. The
|
|
general format of a disk string is
|
|
|
|
--disk opt1=val1,opt2=val2,...
|
|
|
|
The simplest invocation to create a new 10G disk image and associated disk device:
|
|
|
|
--disk size=10
|
|
|
|
virt-install will generate a path name, and place it in the default image location for the hypervisor. To specify media, the command can either be:
|
|
|
|
--disk /some/storage/path[,opt1=val1]...
|
|
|
|
or explicitly specify one of the following arguments:
|
|
|
|
=over 4
|
|
|
|
=item B<path>
|
|
|
|
A path to some storage media to use, existing or not. Existing media can be
|
|
a file or block device.
|
|
|
|
Specifying a non-existent path implies attempting to create the new storage,
|
|
and will require specifying a 'size' value. Even for remote hosts, virt-install
|
|
will try to use libvirt storage APIs to automatically create the given path.
|
|
|
|
If the hypervisor supports it, B<path> can also be a network URL, like
|
|
https://example.com/some-disk.img . For network paths, they hypervisor will
|
|
directly access the storage, nothing is downloaded locally.
|
|
|
|
=item B<pool>
|
|
|
|
An existing libvirt storage pool name to create new storage on. Requires
|
|
specifying a 'size' value.
|
|
|
|
=item B<vol>
|
|
|
|
An existing libvirt storage volume to use. This is specified as
|
|
'poolname/volname'.
|
|
|
|
=back
|
|
|
|
|
|
|
|
Options that apply to storage creation:
|
|
|
|
=over 4
|
|
|
|
=item B<size>
|
|
|
|
size (in GiB) to use if creating new storage
|
|
|
|
=item B<sparse>
|
|
|
|
whether to skip fully allocating newly created storage. Value is 'yes' or
|
|
'no'. Default is 'yes' (do not fully allocate) unless it isn't
|
|
supported by the underlying storage type.
|
|
|
|
The initial time taken to fully-allocate the guest virtual disk (sparse=no)
|
|
will be usually balanced by faster install times inside the guest. Thus
|
|
use of this option is recommended to ensure consistently high performance
|
|
and to avoid I/O errors in the guest should the host filesystem fill up.
|
|
|
|
=item B<format>
|
|
|
|
Disk image format. For file volumes, this can be 'raw', 'qcow2', 'vmdk', etc. See format types in L<https://libvirt.org/storage.html> for possible values. This is often mapped to the B<driver_type> value as well.
|
|
|
|
If not specified when creating file images, this will default to 'qcow2'.
|
|
|
|
If creating storage, this will be the format of the new image. If using an existing image, this overrides libvirt's format auto-detection.
|
|
|
|
=item B<backing_store>
|
|
|
|
Path to a disk to use as the backing store for the newly created image.
|
|
|
|
=item B<backing_format>
|
|
|
|
Disk image format of B<backing_store>
|
|
|
|
=back
|
|
|
|
|
|
|
|
Some example device configuration suboptions:
|
|
|
|
=over 4
|
|
|
|
=item B<device>
|
|
|
|
Disk device type. Example values are be 'cdrom', 'disk', 'lun' or 'floppy'. The default is 'disk'.
|
|
|
|
=item B<boot.order>
|
|
|
|
Guest installation with multiple disks will need this parameter to boot correctly after being installed. A boot.order parameter will take values 1,2,3,... Devices with lower value has higher priority.
|
|
This option applies to other bootable device types as well.
|
|
|
|
=item B<target.bus> or B<bus>
|
|
|
|
Disk bus type. Example values are be 'ide', 'sata', 'scsi', 'usb', 'virtio' or 'xen'.
|
|
The default is hypervisor dependent since not all hypervisors support all
|
|
bus types.
|
|
|
|
=item B<readonly>
|
|
|
|
Set drive as readonly (takes 'on' or 'off')
|
|
|
|
=item B<shareable>
|
|
|
|
Set drive as shareable (takes 'on' or 'off')
|
|
|
|
=item B<cache>
|
|
|
|
The cache mode to be used. The host pagecache provides cache memory.
|
|
The cache value can be 'none', 'writethrough', 'directsync', 'unsafe'
|
|
or 'writeback'.
|
|
'writethrough' provides read caching. 'writeback' provides
|
|
read and write caching. 'directsync' bypasses the host page
|
|
cache. 'unsafe' may cache all content and ignore flush requests from
|
|
the guest.
|
|
|
|
=item B<driver.discard>
|
|
|
|
Whether discard (also known as "trim" or "unmap") requests are ignored
|
|
or passed to the filesystem. The value can be either "unmap" (allow
|
|
the discard request to be passed) or "ignore" (ignore the discard
|
|
request). Since 1.0.6 (QEMU and KVM only)
|
|
|
|
=item B<driver.name>
|
|
|
|
Driver name the hypervisor should use when accessing the specified
|
|
storage. Typically does not need to be set by the user.
|
|
|
|
=item B<driver.type>
|
|
|
|
Driver format/type the hypervisor should use when accessing the specified
|
|
storage. Typically does not need to be set by the user.
|
|
|
|
=item B<driver.io>
|
|
|
|
Disk IO backend. Can be either "threads" or "native".
|
|
|
|
=item B<driver.error_policy>
|
|
|
|
How guest should react if a write error is encountered. Can be one of
|
|
"stop", "ignore", or "enospace"
|
|
|
|
=item B<serial>
|
|
|
|
Serial number of the emulated disk device. This is used in linux guests
|
|
to set /dev/disk/by-id symlinks. An example serial number might be:
|
|
WD-WMAP9A966149
|
|
|
|
=item B<source.startupPolicy>
|
|
|
|
It defines what to do with the disk if the source file is not accessible. See
|
|
possible values in L<https://www.libvirt.org/formatdomain.html#elementsDisks>, "startupPolicy" attribute of the <disk> element
|
|
|
|
=item B<snapshot>
|
|
|
|
Defines default behavior of the disk during disk snapshots. See possible
|
|
values in L<https://www.libvirt.org/formatdomain.html#elementsDisks>,
|
|
"snapshot" attribute of the <disk> element.
|
|
|
|
=back
|
|
|
|
See the examples section for some uses. This option deprecates -f/--file,
|
|
-s/--file-size, --nonsparse, and --nodisks.
|
|
|
|
Use --disk=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsDisks>
|
|
|
|
|
|
|
|
|
|
=item B<--filesystem>
|
|
|
|
Specifies a directory on the host to export to the guest. The most simple
|
|
invocation is:
|
|
|
|
--filesystem /source/on/host,/target/point/in/guest
|
|
|
|
Which will work for recent QEMU and linux guest OS or LXC containers. For
|
|
QEMU, the target point is just a mounting hint in sysfs, so will not be
|
|
automatically mounted.
|
|
|
|
Some example suboptions:
|
|
|
|
=over 4
|
|
|
|
=item B<type>
|
|
|
|
The type or the source directory. Valid values are 'mount' (the default) or
|
|
'template' for OpenVZ templates.
|
|
|
|
=item B<accessmode> or B<mode>
|
|
|
|
The access mode for the source directory from the guest OS. Only used with
|
|
QEMU and type=mount. Valid modes are 'passthrough' (the default), 'mapped',
|
|
or 'squash'. See libvirt domain XML documentation for more info.
|
|
|
|
=item B<source>
|
|
|
|
The directory on the host to share.
|
|
|
|
=item B<target>
|
|
|
|
The mount location to use in the guest.
|
|
|
|
=back
|
|
|
|
Use --filesystem=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsFilesystems>
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
|
|
=head1 NETWORKING OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<-w> OPTIONS
|
|
|
|
=item B<--network> OPTIONS
|
|
|
|
Connect the guest to the host network. The value for C<NETWORK> can take
|
|
one of 4 formats:
|
|
|
|
=over 4
|
|
|
|
=item bridge=BRIDGE
|
|
|
|
Connect to a bridge device in the host called C<BRIDGE>. Use this option if
|
|
the host has static networking config & the guest requires full outbound
|
|
and inbound connectivity to/from the LAN. Also use this if live migration
|
|
will be used with this guest.
|
|
|
|
=item network=NAME
|
|
|
|
Connect to a virtual network in the host called C<NAME>. Virtual networks
|
|
can be listed, created, deleted using the C<virsh> command line tool. In
|
|
an unmodified install of C<libvirt> there is usually a virtual network
|
|
with a name of C<default>. Use a virtual network if the host has dynamic
|
|
networking (eg NetworkManager), or using wireless. The guest will be
|
|
NATed to the LAN by whichever connection is active.
|
|
|
|
=item type=direct,source=IFACE[,source.mode=MODE]
|
|
|
|
Direct connect to host interface IFACE using macvtap.
|
|
|
|
=item user
|
|
|
|
Connect to the LAN using SLIRP. Only use this if running a QEMU guest as
|
|
an unprivileged user. This provides a very limited form of NAT.
|
|
|
|
=item none
|
|
|
|
Tell virt-install not to add any default network interface.
|
|
|
|
=back
|
|
|
|
If this option is omitted a single NIC will be created in the guest. If
|
|
there is a bridge device in the host with a physical interface enslaved,
|
|
that will be used for connectivity. Failing that, the virtual network
|
|
called C<default> will be used. This option can be specified multiple
|
|
times to setup more than one NIC.
|
|
|
|
Some example suboptions:
|
|
|
|
=over 4
|
|
|
|
=item B<model.type> or B<model>
|
|
|
|
Network device model as seen by the guest. Value can be any nic model supported
|
|
by the hypervisor, e.g.: 'e1000', 'rtl8139', 'virtio', ...
|
|
|
|
=item B<mac.address> or B<mac>
|
|
|
|
Fixed MAC address for the guest; If this parameter is omitted, or the value
|
|
C<RANDOM> is specified a suitable address will be randomly generated. For
|
|
Xen virtual machines it is required that the first 3 pairs in the MAC address
|
|
be the sequence '00:16:3e', while for QEMU or KVM virtual machines it must
|
|
be '52:54:00'.
|
|
|
|
=item B<filterref.filter>
|
|
|
|
Controlling firewall and network filtering in libvirt. Value can be any nwfilter
|
|
defined by the C<virsh> 'nwfilter' subcommands. Available filters can be listed
|
|
by running 'virsh nwfilter-list', e.g.: 'clean-traffic', 'no-mac-spoofing', ...
|
|
|
|
=item B<virtualport.*> options
|
|
|
|
Configure the device virtual port profile. This is used for 802.Qbg, 802.Qbh,
|
|
midonet, and openvswitch config. Check for 'virtualport' references in the
|
|
libvirt documentation: C<https://libvirt.org/formatdomain.html#elementsNICS>
|
|
|
|
=back
|
|
|
|
Use --network=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsNICS>
|
|
|
|
This option deprecates -m/--mac, -b/--bridge, and --nonetworks
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
|
|
=head1 GRAPHICS OPTIONS
|
|
|
|
If no graphics option is specified, C<virt-install> will try to select
|
|
the appropriate graphics if the DISPLAY environment variable is set,
|
|
otherwise '--graphics none' is used.
|
|
|
|
=over 4
|
|
|
|
=item B<--graphics> TYPE,opt1=arg1,opt2=arg2,...
|
|
|
|
Specifies the graphical display configuration. This does not configure any
|
|
virtual hardware, just how the guest's graphical display can be accessed.
|
|
Typically the user does not need to specify this option, virt-install will
|
|
try and choose a useful default, and launch a suitable connection.
|
|
|
|
General format of a graphical string is
|
|
|
|
--graphics TYPE,opt1=arg1,opt2=arg2,...
|
|
|
|
For example:
|
|
|
|
--graphics vnc,password=foobar
|
|
|
|
Some supported options are:
|
|
|
|
=over 4
|
|
|
|
=item B<type>
|
|
|
|
The display type. This is one of:
|
|
|
|
vnc
|
|
|
|
Setup a virtual console in the guest and export it as a VNC server in
|
|
the host. Unless the C<port> parameter is also provided, the VNC
|
|
server will run on the first free port number at 5900 or above. The
|
|
actual VNC display allocated can be obtained using the C<vncdisplay>
|
|
command to C<virsh> (or L<virt-viewer(1)> can be used which handles this
|
|
detail for the use).
|
|
|
|
spice
|
|
|
|
Export the guest's console using the Spice protocol. Spice allows advanced
|
|
features like audio and USB device streaming, as well as improved graphical
|
|
performance.
|
|
|
|
Using spice graphic type will work as if those arguments were given:
|
|
|
|
--video qxl --channel spicevmc
|
|
|
|
none
|
|
|
|
No graphical console will be allocated for the guest. Guests will likely
|
|
need to have a text console configured on the first
|
|
serial port in the guest (this can be done via the --extra-args option). The
|
|
command 'virsh console NAME' can be used to connect to the serial device.
|
|
|
|
=item B<port>
|
|
|
|
Request a permanent, statically assigned port number for the guest
|
|
console. This is used by 'vnc' and 'spice'
|
|
|
|
=item B<tlsPort>
|
|
|
|
Specify the spice tlsport.
|
|
|
|
=item B<listen>
|
|
|
|
Address to listen on for VNC/Spice connections. Default is typically 127.0.0.1
|
|
(localhost only), but some hypervisors allow changing this globally (for
|
|
example, the qemu driver default can be changed in /etc/libvirt/qemu.conf).
|
|
Use 0.0.0.0 to allow access from other machines.
|
|
|
|
Use 'none' to specify that the display server should not listen on any
|
|
port. The display server can be accessed only locally through
|
|
libvirt unix socket (virt-viewer with --attach for instance).
|
|
|
|
Use 'socket' to have the VM listen on a libvirt generated unix socket
|
|
path on the host filesystem.
|
|
|
|
This is used by 'vnc' and 'spice'
|
|
|
|
=item B<password>
|
|
|
|
Request a console password, required at connection time. Beware, this info may
|
|
end up in virt-install log files, so don't use an important password. This
|
|
is used by 'vnc' and 'spice'
|
|
|
|
=item B<gl.enable>
|
|
|
|
Whether to use OpenGL accelerated rendering. Value is 'yes' or 'no'. This is
|
|
used by 'spice'.
|
|
|
|
=item B<gl.rendernode>
|
|
|
|
DRM render node path to use. This is used when 'gl' is enabled.
|
|
|
|
=back
|
|
|
|
Use --graphics=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsGraphics>
|
|
|
|
This deprecates the following options: --vnc, --vncport, --vnclisten, -k/--keymap, --sdl, --nographics
|
|
|
|
=item B<--noautoconsole>
|
|
|
|
Don't automatically try to connect to the guest console. The default behaviour
|
|
is to launch L<virt-viewer(1)> to display the graphical console, or to run the
|
|
C<virsh> C<console> command to display the text console. Use of this parameter
|
|
will disable this behaviour.
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
=head1 VIRTUALIZATION OPTIONS
|
|
|
|
Options to override the default virtualization type choices.
|
|
|
|
=over 4
|
|
|
|
=item B<-v>
|
|
|
|
=item B<--hvm>
|
|
|
|
Request the use of full virtualization, if both para & full virtualization are
|
|
available on the host. This parameter may not be available if connecting to a
|
|
Xen hypervisor on a machine without hardware virtualization support. This
|
|
parameter is implied if connecting to a QEMU based hypervisor.
|
|
|
|
=item B<-p>
|
|
|
|
=item B<--paravirt>
|
|
|
|
This guest should be a paravirtualized guest. If the host supports both
|
|
para & full virtualization, and neither this parameter nor the C<--hvm>
|
|
are specified, this will be assumed.
|
|
|
|
=item B<--container>
|
|
|
|
This guest should be a container type guest. This option is only required
|
|
if the hypervisor supports other guest types as well (so for example this
|
|
option is the default behavior for LXC and OpenVZ, but is provided for
|
|
completeness).
|
|
|
|
=item B<--virt-type>
|
|
|
|
The hypervisor to install on. Example choices are kvm, qemu, or xen.
|
|
Available options are listed via 'virsh capabilities' in the <domain> tags.
|
|
|
|
This deprecates the --accelerate option, which is now the default behavior. To install a plain QEMU guest, use '--virt-type qemu'
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
|
|
=head1 DEVICE OPTIONS
|
|
|
|
All devices have a set of B<address.*> options for configuring the
|
|
particulars of the device's address on its parent controller or bus.
|
|
See C<https://libvirt.org/formatdomain.html#elementsAddress> for details.
|
|
|
|
=over 4
|
|
|
|
=item B<--controller> OPTIONS
|
|
|
|
Attach a controller device to the guest. TYPE is one of:
|
|
B<ide>, B<fdc>, B<scsi>, B<sata>, B<virtio-serial>, or B<usb>.
|
|
|
|
Controller also supports the special values B<usb2> and B<usb3> to
|
|
specify which version of the USB controller should be used (version 2
|
|
or 3).
|
|
|
|
Some example suboptions:
|
|
|
|
=over 4
|
|
|
|
=item B<model>
|
|
|
|
Controller model. These may vary according to the hypervisor and its
|
|
version. Most commonly used models are e.g. B<auto>, B<virtio-scsi>
|
|
for the B<scsi> controller, B<ehci> or B<none> for the B<usb>
|
|
controller. For full list and further details on controllers/models,
|
|
see C<https://libvirt.org/formatdomain.html#elementsControllers>.
|
|
|
|
=item B<address>
|
|
|
|
Shorthand for setting a manual PCI address from an lscpi style string.
|
|
The preferred method for setting this is using the address.* parameters.
|
|
|
|
=item B<index>
|
|
|
|
A decimal integer describing in which order the bus controller is
|
|
encountered, and to reference the controller bus.
|
|
|
|
=back
|
|
|
|
Use --controller=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsControllers>
|
|
|
|
|
|
=item B<--input> OPTIONS
|
|
|
|
Attach an input device to the guest. Example input device types are mouse, tablet, or keyboard.
|
|
|
|
Use --input=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsInput>
|
|
|
|
|
|
=item B<--hostdev> OPTIONS
|
|
|
|
=item B<--host-device> OPTIONS
|
|
|
|
Attach a physical host device to the guest. Some example values for HOSTDEV:
|
|
|
|
=over 4
|
|
|
|
=item B<--hostdev pci_0000_00_1b_0>
|
|
|
|
A node device name via libvirt, as shown by 'virsh nodedev-list'
|
|
|
|
=item B<--hostdev 001.003>
|
|
|
|
USB by bus, device (via lsusb).
|
|
|
|
=item B<--hostdev 0x1234:0x5678>
|
|
|
|
USB by vendor, product (via lsusb).
|
|
|
|
=item B<--hostdev 1f.01.02>
|
|
|
|
PCI device (via lspci).
|
|
|
|
=item B<--hostdev wlan0,type=net>
|
|
|
|
Network device (in LXC container).
|
|
|
|
=item B<--hostdev /dev/net/tun,type=misc>
|
|
|
|
Character device (in LXC container).
|
|
|
|
=item B<--hostdev /dev/sdf,type=storage>
|
|
|
|
Block device (in LXC container).
|
|
|
|
=back
|
|
|
|
Use --hostdev=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsHostDev>
|
|
|
|
=item B<--sound> MODEL
|
|
|
|
Attach a virtual audio device to the guest. MODEL specifies the emulated
|
|
sound card model. Possible values are ich6, ich9, ac97, es1370, sb16, pcspk,
|
|
or default. 'default' will try to pick the best model that the specified
|
|
OS supports.
|
|
|
|
This deprecates the old --soundhw option.
|
|
|
|
Use --sound=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsSound>
|
|
|
|
=item B<--watchdog> MODEL[,action=ACTION]
|
|
|
|
Attach a virtual hardware watchdog device to the guest. This requires a
|
|
daemon and device driver in the guest. The watchdog fires a signal when
|
|
the virtual machine appears to hung. ACTION specifies what libvirt will do
|
|
when the watchdog fires. Values are
|
|
|
|
=over 4
|
|
|
|
=item B<reset>
|
|
|
|
Forcefully reset the guest (the default)
|
|
|
|
=item B<poweroff>
|
|
|
|
Forcefully power off the guest
|
|
|
|
=item B<pause>
|
|
|
|
Pause the guest
|
|
|
|
=item B<none>
|
|
|
|
Do nothing
|
|
|
|
=item B<shutdown>
|
|
|
|
Gracefully shutdown the guest (not recommended, since a hung guest probably
|
|
won't respond to a graceful shutdown)
|
|
|
|
=back
|
|
|
|
MODEL is the emulated device model: either i6300esb (the default) or ib700.
|
|
Some examples:
|
|
|
|
Use the recommended settings:
|
|
|
|
--watchdog default
|
|
|
|
Use the i6300esb with the 'poweroff' action
|
|
|
|
--watchdog i6300esb,action=poweroff
|
|
|
|
Use --watchdog=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsWatchdog>
|
|
|
|
=item B<--parallel> OPTIONS
|
|
|
|
=item B<--serial> OPTIONS
|
|
|
|
Specifies a serial device to attach to the guest, with various options. The
|
|
general format of a serial string is
|
|
|
|
--serial type,opt1=val1,opt2=val2,...
|
|
|
|
--serial and --parallel devices share all the same options, unless otherwise
|
|
noted. Some of the types of character device redirection are:
|
|
|
|
=over 4
|
|
|
|
=item B<--serial pty>
|
|
|
|
Pseudo TTY. The allocated pty will be listed in the running guests XML
|
|
description.
|
|
|
|
=item B<--serial dev,path=HOSTPATH>
|
|
|
|
Host device. For serial devices, this could be /dev/ttyS0. For parallel
|
|
devices, this could be /dev/parport0.
|
|
|
|
=item B<--serial file,path=FILENAME>
|
|
|
|
Write output to FILENAME.
|
|
|
|
=item B<--serial tcp,host=HOST:PORT,source.mode=MODE,protocol.type=PROTOCOL>
|
|
|
|
TCP net console. MODE is either 'bind' (wait for connections on HOST:PORT)
|
|
or 'connect' (send output to HOST:PORT), default is 'bind'. HOST defaults
|
|
to '127.0.0.1', but PORT is required. PROTOCOL can be either 'raw' or 'telnet'
|
|
(default 'raw'). If 'telnet', the port acts like a telnet server or client.
|
|
Some examples:
|
|
|
|
Wait for connections on any address, port 4567:
|
|
|
|
--serial tcp,host=0.0.0.0:4567
|
|
|
|
Connect to localhost, port 1234:
|
|
|
|
--serial tcp,host=:1234,source.mode=connect
|
|
|
|
Wait for telnet connection on localhost, port 2222. The user could then
|
|
connect interactively to this console via 'telnet localhost 2222':
|
|
|
|
--serial tcp,host=:2222,source.mode=bind,source.protocol=telnet
|
|
|
|
=item B<--serial udp,host=CONNECT_HOST:PORT,bind_host=BIND_HOST:BIND_PORT>
|
|
|
|
UDP net console. HOST:PORT is the destination to send output to (default
|
|
HOST is '127.0.0.1', PORT is required). BIND_HOST:BIND_PORT is the optional
|
|
local address to bind to (default BIND_HOST is 127.0.0.1, but is only set if
|
|
BIND_PORT is specified). Some examples:
|
|
|
|
Send output to default syslog port (may need to edit /etc/rsyslog.conf
|
|
accordingly):
|
|
|
|
--serial udp,host=:514
|
|
|
|
Send output to remote host 192.168.10.20, port 4444 (this output can be
|
|
read on the remote host using 'nc -u -l 4444'):
|
|
|
|
--serial udp,host=192.168.10.20:4444
|
|
|
|
=item B<--serial unix,path=UNIXPATH,mode=MODE>
|
|
|
|
Unix socket, see unix(7). MODE has similar behavior and defaults as
|
|
--serial tcp,mode=MODE
|
|
|
|
=back
|
|
|
|
Use --serial=? or --parallel=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsCharSerial> and L<https://libvirt.org/formatdomain.html#elementsCharParallel>
|
|
|
|
=item B<--channel>
|
|
|
|
Specifies a communication channel device to connect the guest and host
|
|
machine. This option uses the same options as --serial and --parallel
|
|
for specifying the host/source end of the channel. Extra 'target' options
|
|
are used to specify how the guest machine sees the channel.
|
|
|
|
Some of the types of character device redirection are:
|
|
|
|
=over 4
|
|
|
|
=item B<--channel SOURCE,target.type=guestfwd,target.address=HOST:PORT>
|
|
|
|
Communication channel using QEMU usermode networking stack. The guest can
|
|
connect to the channel using the specified HOST:PORT combination.
|
|
|
|
=item B<--channel SOURCE,target.type=virtio[,target.name=NAME]>
|
|
|
|
Communication channel using virtio serial (requires 2.6.34 or later host and
|
|
guest). Each instance of a virtio --channel line is exposed in the
|
|
guest as /dev/vport0p1, /dev/vport0p2, etc. NAME is optional metadata, and
|
|
can be any string, such as org.linux-kvm.virtioport1.
|
|
If specified, this will be exposed in the guest at
|
|
/sys/class/virtio-ports/vport0p1/NAME
|
|
|
|
=item B<--channel spicevmc,target.type=virtio[,target.name=NAME]>
|
|
|
|
Communication channel for QEMU spice agent, using virtio serial
|
|
(requires 2.6.34 or later host and guest). NAME is optional metadata,
|
|
and can be any string, such as the default com.redhat.spice.0 that
|
|
specifies how the guest will see the channel.
|
|
|
|
=back
|
|
|
|
Use --channel=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsCharChannel>
|
|
|
|
=item B<--console>
|
|
|
|
Connect a text console between the guest and host. Certain guest and
|
|
hypervisor combinations can automatically set up a getty in the guest, so
|
|
an out of the box text login can be provided (target_type=xen for xen
|
|
paravirt guests, and possibly target_type=virtio in the future).
|
|
|
|
Example:
|
|
|
|
=over 4
|
|
|
|
=item B<--console pty,target.type=virtio>
|
|
|
|
Connect a virtio console to the guest, redirected to a PTY on the host.
|
|
For supported guests, this exposes /dev/hvc0 in the guest. See
|
|
https://fedoraproject.org/wiki/Features/VirtioSerial for more info. virtio
|
|
console requires libvirt 0.8.3 or later.
|
|
|
|
=back
|
|
|
|
Use --console=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsCharConsole>
|
|
|
|
=item B<--video> OPTIONS
|
|
|
|
Specify what video device model will be attached to the guest. Valid values
|
|
for VIDEO are hypervisor specific, but some options for recent kvm are
|
|
cirrus, vga, qxl, virtio, or vmvga (vmware).
|
|
|
|
Use --video=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsVideo>
|
|
|
|
=item B<--smartcard> MODE[,OPTIONS]
|
|
|
|
Configure a virtual smartcard device.
|
|
|
|
Mode is one of B<host>, B<host-certificates>, or B<passthrough>. Additional
|
|
options are:
|
|
|
|
=over 4
|
|
|
|
=item B<type>
|
|
|
|
Character device type to connect to on the host. This is only applicable
|
|
for B<passthrough> mode.
|
|
|
|
=back
|
|
|
|
An example invocation:
|
|
|
|
=over 4
|
|
|
|
=item B<--smartcard passthrough,type=spicevmc>
|
|
|
|
Use the smartcard channel of a SPICE graphics device to pass smartcard info
|
|
to the guest
|
|
|
|
=back
|
|
|
|
Use --smartcard=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsSmartcard>
|
|
|
|
=item B<--redirdev> BUS[,OPTIONS]
|
|
|
|
Add a redirected device.
|
|
|
|
=over 4
|
|
|
|
=item B<type>
|
|
|
|
The redirection type, currently supported is B<tcp> or B<spicevmc>.
|
|
|
|
=item B<server>
|
|
|
|
The TCP server connection details, of the form 'server:port'.
|
|
|
|
=back
|
|
|
|
Examples of invocation:
|
|
|
|
=over 4
|
|
|
|
=item B<--redirdev usb,type=tcp,server=localhost:4000>
|
|
|
|
Add a USB redirected device provided by the TCP server on 'localhost'
|
|
port 4000.
|
|
|
|
=item B<--redirdev usb,type=spicevmc>
|
|
|
|
Add a USB device redirected via a dedicated Spice channel.
|
|
|
|
=back
|
|
|
|
Use --redirdev=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsRedir>
|
|
|
|
=item B<--memballoon> MODEL
|
|
|
|
Attach a virtual memory balloon device to the guest. If the memballoon device
|
|
needs to be explicitly disabled, MODEL='none' is used.
|
|
|
|
MODEL is the type of memballoon device provided. The value can be 'virtio',
|
|
'xen' or 'none'.
|
|
Some examples:
|
|
|
|
Use the recommended settings:
|
|
|
|
--memballoon virtio
|
|
|
|
Do not use memballoon device:
|
|
|
|
--memballoon none
|
|
|
|
Use --memballoon=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsMemBalloon>
|
|
|
|
=item B<--tpm> TYPE[,OPTIONS]
|
|
|
|
Configure a virtual TPM device.
|
|
|
|
Type must be B<passthrough>. Additional options are:
|
|
|
|
=over 4
|
|
|
|
=item B<model>
|
|
|
|
The device model to present to the guest operating system. Model
|
|
must be B<tpm-tis>.
|
|
|
|
=back
|
|
|
|
An example invocation:
|
|
|
|
=over 4
|
|
|
|
=item B<--tpm passthrough,model=tpm-tis>
|
|
|
|
Make the host's TPM accessible to a single guest.
|
|
|
|
=item B<--tpm /dev/tpm>
|
|
|
|
Convenience option for passing through the hosts TPM.
|
|
|
|
=back
|
|
|
|
Use --tpm=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsTpm>
|
|
|
|
=item B<--rng> TYPE[,OPTIONS]
|
|
|
|
Configure a virtual RNG device.
|
|
|
|
Type can be B<random> or B<egd>.
|
|
|
|
If the specified type is B<random> then these values must
|
|
be specified:
|
|
|
|
=over 4
|
|
|
|
=item B<backend>
|
|
|
|
The device to use as a source of entropy.
|
|
|
|
=back
|
|
|
|
Whereas, when the type is B<egd>, these values must be provided:
|
|
|
|
=over 4
|
|
|
|
=item B<backend.source.host>
|
|
|
|
Specify the host of the Entropy Gathering Daemon to connect to.
|
|
|
|
=item B<backend.source.service>
|
|
|
|
Specify the port of the Entropy Gathering Daemon to connect to.
|
|
|
|
=item B<backend.type>
|
|
|
|
Specify the type of the connection: B<tcp> or B<udp>.
|
|
|
|
=item B<backend.source.mode>
|
|
|
|
Specify the mode of the connection. It is either 'bind' (wait for
|
|
connections on HOST:PORT) or 'connect' (send output to HOST:PORT).
|
|
|
|
=item B<backend.connect_host>
|
|
|
|
Specify the remote host to connect to when the specified backend_type is B<udp>
|
|
and backend_mode is B<bind>.
|
|
|
|
=item B<backend.connect_service>
|
|
|
|
Specify the remote service to connect to when the specified backend_type is
|
|
B<udp> and backend_mode is B<bind>.
|
|
|
|
=back
|
|
|
|
An example invocation:
|
|
|
|
=over 4
|
|
|
|
=item B<--rng egd,backend.source.host=localhost,backend.source.service=8000,backend.type=tcp>
|
|
|
|
Connect to localhost to the TCP port 8000 to get entropy data.
|
|
|
|
=item B<--rng /dev/random>
|
|
|
|
Use the /dev/random device to get entropy data, this form implicitly uses the
|
|
"random" model.
|
|
|
|
Use --rng=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsRng>
|
|
|
|
=back
|
|
|
|
=item B<--panic> MODEL[,OPTS]
|
|
|
|
Attach a panic notifier device to the guest. For the recommended settings, use:
|
|
|
|
--panic default
|
|
|
|
Use --panic=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsPanic>
|
|
|
|
=item B<--memdev> OPTS
|
|
|
|
Add a memory module to a guest which can be hotunplugged. To add a memdev you need
|
|
to configure hotplugmemory and NUMA for a guest.
|
|
|
|
Use --memdev=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#elementsMemory>.
|
|
|
|
=item B<--vsock> OPTS
|
|
|
|
Configure a vsock host/guest interface. A typical configuration would be
|
|
|
|
--vsock cid.auto=yes
|
|
|
|
Use --vsock=? to see a list of all available sub options. Complete details at L<https://libvirt.org/formatdomain.html#vsock>.
|
|
|
|
|
|
=back
|
|
|
|
=head1 MISCELLANEOUS OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<-h>
|
|
|
|
=item B<--help>
|
|
|
|
Show the help message and exit
|
|
|
|
=item B<--version>
|
|
|
|
Show program's version number and exit
|
|
|
|
=item B<--autostart>
|
|
|
|
Set the autostart flag for a domain. This causes the domain to be started
|
|
on host boot up.
|
|
|
|
=item B<--transient>
|
|
|
|
Use --import or --boot and --transient if you want a transient libvirt
|
|
VM. These VMs exist only until the domain is shut down or the host
|
|
server is restarted. Libvirt forgets the XML configuration of the VM
|
|
after either of these events. Note that the VM's disks will not be
|
|
deleted. See:
|
|
L<https://wiki.libvirt.org/page/VM_lifecycle#Transient_guest_domains_vs_Persistent_guest_domains>
|
|
|
|
=item B<--destroy-on-exit>
|
|
|
|
When the VM console window is exited, destroy (force poweroff) the VM.
|
|
If you combine this with --transient, this makes the virt-install command
|
|
work similar to qemu, where the VM is shutdown when the console window
|
|
is closed by the user.
|
|
|
|
=item B<--print-xml> [STEP]
|
|
|
|
Print the generated XML of the guest, instead of defining it. By default this WILL do storage creation (can be disabled with --dry-run). This option implies --quiet.
|
|
|
|
If the VM install has multiple phases, by default this will print all generated XML. If you want to print a particular step, use --print-xml 2 (for the second phase XML).
|
|
|
|
=item B<--noreboot>
|
|
|
|
Prevent the domain from automatically rebooting after the install has
|
|
completed.
|
|
|
|
=item B<--wait> WAIT
|
|
|
|
Amount of time to wait (in minutes) for a VM to complete its install.
|
|
Without this option, virt-install will wait for the console to close (not
|
|
necessarily indicating the guest has shutdown), or in the case of
|
|
--noautoconsole, simply kick off the install and exit. Any negative
|
|
value will make virt-install wait indefinitely, a value of 0 triggers the
|
|
same results as noautoconsole. If the time limit is exceeded, virt-install
|
|
simply exits, leaving the virtual machine in its current state.
|
|
|
|
=item B<--dry-run>
|
|
|
|
Proceed through the guest creation process, but do NOT create storage devices,
|
|
change host device configuration, or actually teach libvirt about the guest.
|
|
virt-install may still fetch install media, since this is required to
|
|
properly detect the OS to install.
|
|
|
|
=item B<--check>
|
|
|
|
Enable or disable some validation checks. Some examples are warning about using a disk that's already assigned to another VM (--check path_in_use=on|off), or warning about potentially running out of space during disk allocation (--check disk_size=on|off). Most checks are performed by default.
|
|
|
|
=item B<-q>
|
|
|
|
=item B<--quiet>
|
|
|
|
Only print fatal error messages.
|
|
|
|
=item B<-d>
|
|
|
|
=item B<--debug>
|
|
|
|
Print debugging information to the terminal when running the install process.
|
|
The debugging information is also stored in
|
|
C<~/.cache/virt-manager/virt-install.log> even if this parameter is omitted.
|
|
|
|
=back
|
|
|
|
=head1 EXAMPLES
|
|
|
|
Install a Fedora 29 KVM guest with virtio accelerated disk/network,
|
|
creating a new 10GiB qcow2 file, installing from media in the hosts
|
|
CDROM drive. This will use Spice graphics by default, and launch autolaunch
|
|
a graphical client.
|
|
|
|
# virt-install \
|
|
--connect qemu:///system \
|
|
--virt-type kvm \
|
|
--name demo \
|
|
--memory 500 \
|
|
--disk size=10 \
|
|
--cdrom /dev/cdrom \
|
|
--os-variant fedora29
|
|
|
|
Install a Fedora 9 plain QEMU guest, using LVM partition, virtual networking,
|
|
booting from PXE, using VNC server/viewer, with virtio-scsi disk
|
|
|
|
# virt-install \
|
|
--connect qemu:///system \
|
|
--name demo \
|
|
--memory 500 \
|
|
--disk path=/dev/HostVG/DemoVM,bus=scsi \
|
|
--controller scsi,model=virtio-scsi \
|
|
--network network=default \
|
|
--virt-type qemu \
|
|
--graphics vnc \
|
|
--os-variant fedora9
|
|
|
|
Run a Live CD image under Xen fullyvirt, in diskless environment
|
|
|
|
# virt-install \
|
|
--hvm \
|
|
--name demo \
|
|
--memory 500 \
|
|
--disk none \
|
|
--livecd \
|
|
--graphics vnc \
|
|
--cdrom /root/fedora7live.iso
|
|
|
|
Run /usr/bin/httpd in a linux container guest (LXC). Resource usage is capped
|
|
at 512 MiB of ram and 2 host cpus:
|
|
|
|
# virt-install \
|
|
--connect lxc:/// \
|
|
--name httpd_guest \
|
|
--memory 512 \
|
|
--vcpus 2 \
|
|
--init /usr/bin/httpd
|
|
|
|
Start a linux container guest(LXC) with a private root filesystem,
|
|
using /bin/sh as init.
|
|
Container's root will be under host dir /home/LXC.
|
|
The host dir "/home/test" will be mounted at
|
|
"/mnt" dir inside container:
|
|
|
|
# virt-install \
|
|
--connect lxc:/// \
|
|
--name container \
|
|
--memory 128 \
|
|
--filesystem /home/LXC,/ \
|
|
--filesystem /home/test,/mnt \
|
|
--init /bin/sh
|
|
|
|
Install a paravirtualized Xen guest, 500 MiB of RAM, a 5 GiB of disk, and
|
|
Fedora Core 6 from a web server, in text-only mode, with old style --file
|
|
options:
|
|
|
|
# virt-install \
|
|
--paravirt \
|
|
--name demo \
|
|
--memory 500 \
|
|
--disk /var/lib/xen/images/demo.img,size=6 \
|
|
--graphics none \
|
|
--location https://download.fedora.redhat.com/pub/fedora/linux/core/6/x86_64/os/
|
|
|
|
Create a guest from an existing disk image 'mydisk.img' using defaults for
|
|
the rest of the options.
|
|
|
|
# virt-install \
|
|
--name demo \
|
|
--memory 512 \
|
|
--disk /home/user/VMs/mydisk.img \
|
|
--import
|
|
|
|
Start serial QEMU ARM VM, which requires specifying a manual kernel.
|
|
|
|
# virt-install \
|
|
--name armtest \
|
|
--memory 1024 \
|
|
--arch armv7l --machine vexpress-a9 \
|
|
--disk /home/user/VMs/myarmdisk.img \
|
|
--boot kernel=/tmp/my-arm-kernel,initrd=/tmp/my-arm-initrd,dtb=/tmp/my-arm-dtb,kernel_args="console=ttyAMA0 rw root=/dev/mmcblk0p3" \
|
|
--graphics none
|
|
|
|
Start an SEV launch security VM with 4GB RAM, 4GB+256MiB of hard_limit, with a
|
|
couple of virtio devices:
|
|
|
|
Note: The IOMMU flag needs to be turned on with driver.iommu for virtio
|
|
devices. Usage of --memtune is currently required because of SEV limitations,
|
|
refer to libvirt docs for a detailed explanation.
|
|
|
|
# virt-install \
|
|
--name foo \
|
|
--memory 4096 \
|
|
--boot uefi \
|
|
--machine q35 \
|
|
--memtune hard_limit=4563402 \
|
|
--disk size=15,target.bus=scsi \
|
|
--import \
|
|
--controller type=scsi,model=virtio-scsi,driver.iommu=on \
|
|
--controller type=virtio-serial,driver.iommu=on \
|
|
--network network=default,model=virtio,driver.iommu=on \
|
|
--rng driver,iommu=on \
|
|
--memballoon driver.iommu=on \
|
|
--launchSecurity sev
|
|
|
|
=head1 BUGS
|
|
|
|
Please see L<https://virt-manager.org/bugs>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright (C) Red Hat, Inc, and various contributors.
|
|
This is free software. You may redistribute copies of it under the terms of
|
|
the GNU General Public License C<https://www.gnu.org/licenses/gpl.html>. There
|
|
is NO WARRANTY, to the extent permitted by law.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
C<virsh(1)>, C<virt-clone(1)>, C<virt-manager(1)>, the project website C<https://virt-manager.org>
|
|
|
|
=cut
|