Rocky 8.5 VM guest install

I’m testing Rocky 8.5 as a guest VM on a CentOS 8.4 KVM host, using things like virt-install and virsh, specifically to test things like Secure Boot, UEFI and GPT partitions, and it’s working…

BUT

There are two things (related to virtualization) that I can’t make sense of:

1. If I set up the VM guest as a standard user, the “default” network doesn’t work, and I end up with a guest that can’t talk to anything, and can’t be ssh’d into.
2. If I set up the VM guest as root, the “default” network works, but I get a major problem at install time, where virt-install exits saying:

No protocol specified
Unable to init server: Could not connect: Connection refused
(virt-viewer:22409): Gtk-WARNING **: 23:08:42.225: cannot open display: :0
Domain installation still in progress. You can reconnect to 
the console to complete the installation process.

this is because root (running in a terminal) doesn’t have a “display”, and the Rocky installer uses a GUI at install time, so it needs virt-viewer.

So my questions are:

1. Should I be creating VMs as ‘root’ or as a standard user?
2. If stanard user, how can I get the “default” network to work?
3. If ‘root’, how can I get virt-viewer to work?

A standard user in the libvirt, libvirt-qemu, livbirt-dnsmasq, and ubridge groups should work. (/etc/group)

I’ve looked in /etc/group, but I can’t see anything related to ‘bridge’ or ‘ubridge’.
Is there any man page (or similar) with more details?
It would definitely make sense to get this working as a standard user.

I just add myself to libvirt group and works for me:

gpasswd -a username libvirt

replace username with your username. I log out and back in again, and I can create VM’s as my own user and default network works.

Sorry, ignore the ubridge. It may be related to a previous GNS3 installation. Just check the libvirt groups.

I use Virtual Machine Manager (VMM) for accessing/viewing both root and user vm instances - no issues (and it asks if you want to set the selinux permissions when you add storage and does it for you !)

I did have issues with networking on a user instance. I opened the settings for the machine in VMM and may have edited the NIC xml directly (under xml tab) or maybe the option was there - “specify shared device name” and used the virbr0 bridge a root vm was using (compared the xml in existing vm). So the user vm xml looks like this:

NIC hardware item :

<interface type=“bridge”>
…
<source bridge=“virbr0”/>
<model type=“e1000e”/>
<address type=“pci” domain=“0x0000” bus=“0x01” slot=“0x00” function=“0x0”/>
</interface>

and I’ve just had a window 7 vm open under root and a centos 7 vm open under user and each got their own address on the same network , could ping each from the other and had simultaneous internet access on both.

(can’t say if there are other ramifications /time will tell, no warranties etc )

Also, this might save someone some time: using the command line / interactive virsh is very weird - you have to go in as user, then change to root if you want to access both.
These are my notes from how I ended up with the above:

VIRSH
Always launch as user (not sudo)
check uri is session

virsh # uri
qemu:///session

then if connect to ///system will be asked for pswd and subsequently be able to switch between URIs and access both.

virsh # connect qemu:///system

virsh # uri
qemu:///system

(in order to use with qemu:///session you MUST have launched virsh as the session user (not sudo) - otherwise you are su and no access to session)

qemu:///session networks impossible to setup as 1) need to be user to access and 2) need to be root to create.

solution is to ammend the VM nic to use a shared device, set bridge to virbr0 (qemu:///system bridge) and type to e1000e

note however that direct card use (available for /system) is not available for /session

Is that the python-based virt-manager that is deprecated?
EL8 has cockpit, supposedly as replacement. (More generic as you don’t need a client; browser is enough.)

I do use virt-manager, usually on CentOS 7, that I start as root (since none of my VM’s are user sessions) even though I have GUI session as regular user. The virt-manager (and virt-viewer?) connects to remote hosts with SSH.

Can you give kernel command-line options to the installer? (If started via PXE boot, then definitely yes.) If yes, then you can tell the installer to start a VNC server. Then you can connect to installer remotely and thus have GUI.

I tried adding myself to the ‘libvirt’ group, and after logging out (and reboot), the default network is still not listed when running as the standard user. I try this command:
virsh net-list --all
but the list is empty. Running the same command as ‘root’ shows the “default” network.

Can you create your own network?

VMM not deprecated apparently: virt-manager is deprecated in RHEL (but only RHEL) | Cole Robinson

I last tried cockpit on a Centos7 install and it didn’t have all the functionality available in VMM so went back to VMM - just had a look at latest on RL8.4 and doesn’t seem to have changed - in particular the extensive gui HW management aspect of VMM doesn’t seem to have been implemented (yet?)

If using cockpit, to do what I did with the XML/NIC entry in VMM to get qemu://session instance networking up, edit the vm’s network to

interface type : virtual network
source : virbr0 ( where this is the bridge you use with the qemu://system instances )
model : (PCI)
mac address : whatever it has been created as for the vnic

virtual networks are associated with the connection - qemu://system or qemu://session.

when you run virsh as a standard user you are connected (initially) to the qemu://session connection and won’t see the qemu://system networks.

If you look at my previous entry it tells you how to run virsh as std user then change connections once you’re in - if you switch connection (uri) to qemu://system you should see the networks for that connection listed.

I found I could not create a network under qemu://session as I needed to be root to create it but std usr to be in the right place (in virsh) to do it - catch 22… which is why I ended up with the vibr0 option (detailed above).

Since then I’ve noticed that in VMM there appears to be a way to add networks to qemu://session though I haven’t tried it yet.
VMM, right click on the session > details > virtual networks tab > + button

I found a workaround for when you want to create the guest as ‘root’. The original problem was related to the GUI for the Rocky installer (virt-viewer), and not being able to connect to the display.

The work around, is to issue this command as the standard user:
xhost +SI:localuser:root
this allows the ‘root’ user to use the display of the standard (logged in) user.
I can now create the VM guest as ‘root’, and virt-install is now able to fire up virt-viewer without an error, and it even works following the reboot of the guest after the install.

When creating the guest as root, the “default” network is ready to go.
Using ‘ip addr’ on the host and guest, I was able to note the IP addresses being used by each, and was then able to ping from host to guest, and then from guest to host. I was also able to use ssh with the IP number to connect to the guest.