CubicleNate.com

Connecting Virt-Manager to KVM Hosts Easily

by

CubicleNate
in

KVM is a Kernel-based virtual machine module in the Linux kernel to allow the kernel to function as a hypervisor. It’s been in the kernel since 2007 which allows the host machine to run multiple, isolated, virtual environments. A super cool feature that just started using for the convenience factor is to have Virt-Manager be able to access multiple, remote, virtual machines from a single host.

Depending on your ambitions and security posture, specifically the working environment that you will be conducting this activity, this may not be for you. However, if you have security in layers this may be perfectly safe to perform. I find this to be a fantastic and fun way to manage my remote VMs that I highly recommend doing for fun.

Situation

You have a server or series of servers running VMs using KVM / QEMU that you want to be able to access conveniently from Virt-Manager (Virtual Machine Manager) on your desktop Linux machine. My “work” is often my “play” and being able to work or play, test and experiment with VMs on my server is not only fun but once you get through the frustrating bits, can be quite rewarding. I have much need to remotely manage virtual machines for various purposes so this is an essential tool.

Virt-Manager

Virt-Manager is a fantastic tool you can use for managing virtual machines on your Linux box as well as remote machines through a ssh connection. If you have not yet installed Virtual Machine Manager, follow this guide for openSUSE Leap or Tumbleweed here.

There is the simple way to make this happen to get you started but I wouldn’t recommend just leaving it at this setting.

echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/50-rootlogin.conf
sudo systemctl reload sshd.service 
sudo systemctl restart sshd.service

This will allow you to perform a remote login, so long as you have the root password for that machine but the issue here is, this is not a great system security strategy. So, I would recommend, first you test this out then we can tighten the security screws. I will illustrate the fix for that in the Pre-Shared SSH key portion of this article.

Test the connection in terminal:

ssh root@remote-host

Test Remote QEMU/KVM Connection

Open Virtual machine Manager and enter the information for the remote host to access its virtual machines. In the menu, select File > Add Connection…

Set the Hypervisor to QEMU/KVM, select Connect to remote host over SSH and enter the Hostname or IP address of the target machine. In my case, I am connecting to my server “optimus” that houses many of my VMs.

You will be prompted for your root password and if everything has worked so far, this too will work. If this doesn’t work check again to see that you have access to the root user over ssh.

This is great but it is very annoying to have to enter the root password, every time you want to connect to a remote virtual machine. The solution for this is to take advantage of sharing your ssh key.

Pre-shared SSH Key

If this works go through the process of adding your Pre-shared RSA key to the root account. You can use this guide here for creating a Pre-shared key for logging into your remote system but with one change, for the remote username, use root instead.

Once you have completed ssh-copy-id root@remote-host on the remote machine and tested to make sure that you are logging in without having to enter a password, go back into the previously configured configuration file, /etc/ssh/sshd_config.d/50-rootlogin.conf and change the PermitRootLogin line to this:

PermitRootLogin prohibit-password

Reload and restart the sshd service

sudo systemctl reload sshd.service 
sudo systemctl restart sshd.service

Verify that logging into your remote machine using the root user still works in the terminal.

Now, connect to your remote host in Virt-Manager. Disconnect from the remote host if it is still connected and connect to verify that it will automatically connect without it is a password.

If this does not work there is a terminal method to make the connection to your remote hypervisor in the terminal:

virt-manager -c 'qemu+ssh://root@optimus/system?keyfile=id_rsa'

After running this command in the terminal, you will see the remote connection populate in the Virtual Machine Manager main window.

What I Like

Having the ability to connect to multiple, remote hosts from one client and have an immediate snapshot of each machine’s status is absolutely brilliant. I can quickly check in on a machine at any time and even more valuable, I can play around with distributions on my server that has a bit more in the way of RAM and storage than my Framework

QEMU/KVM has been incredibly reliable on Linux hosts. Using KVM as my hypervisor on my Tumbleweed Linux machines has been a steady and reliable experience. Whether I am playing with a new distribution, testing an idea in a VM or deploying VMs in a production environment, KVM is becoming the go-to for these tasks.

What I Don’t Like

Some aspects of Virtual Machine Manager seems just a bit confusing. This is a me problem but maybe it isn’t. Regardless, if all the hypervisors I’ve used, this is absolutely my favorite and I think I need to do more to understand how to maximize my experience with it.

Interacting with a VM on remote host, when your network connection is less than stellar, there is some lag and that can be annoying. This is not a fault of KVM but rather the thing I don’t like about running remote VMs. As a consequence, it is sometimes better to just run the VM locally.

Final Thoughts

It would be nice if there was a step-by-step walk-through within the virt-manager for may of its really cool functions. Since I see a lack of information out there about doing cool things with QEMU / KVM / Virt-Manager. I will try to do a bit to highlight some of it.

Linux and KVM really makes computers fun. Virtual Machine Manager is such a great application for viewing and interacting with all the virtual machines you have out there to play with.

Next on my list, make sure I know how to use the migration feature properly!

References

Virtual Machine Manager with QEMU/KVM on openSUSE Tumbleweed
Dell PowerEdge R710
Pre-shared SSH Key
KVM: virt-manager to connect to a remote console using qemu+ssh

Discover more from CubicleNate.com

Subscribe to get the latest posts sent to your email.

Comments

3 responses to “Connecting Virt-Manager to KVM Hosts Easily”

  1. Phil Avatar
    Phil

    Excellent write-up. Thank you doing this. I too am a big fan of libvirt/VMM and also hit frustration points, especially with setting up virtual network i/f’s. I am looking forward to reading more of your articles. Again, Thank you.
    Phil

    Reply
    1. CubicleNate Avatar
      CubicleNate

      Thank you for letting me know! I do try to make sure anything I produce is useful… to at least someone… Are there any particular topics that interest you the most?

      Reply
      1. Phil Avatar
        Phil

        Hi,
        I’m a former Sun MicroSystems and IBM System Engineer (from decades ago) so have a tendency to use those older machines in my home lab. For example, currently in the rack are 3 x Sun X4-2 (intel), 3 x IBM 3550-M4 and 2 x IBM 3650-M3.
        I read that you like to re-purpose older systems too and that caught my attention. I’ve been playing with different server OS’s trying to find a light weight distro to use on my vm server. Right now I’m running Oracle Linux 9.6 but that distro is a little bloated but I don’t want to go throught the whole Red Hat developer subscription routine and Fedora’s constant upgrade dance 🙂
        Again, thank you for that article. I’m still going through your previous posts.
        Phil

Leave a Reply

Discover more from CubicleNate.com

Subscribe now to keep reading and get access to the full archive.

Continue reading