The Virtual Machine Manager, or virt-manager, is a graphical application for creating and managing guest virtual machines. You can use the virt-manager application to create new virtual machines, install guest OS in virt-manager using a wizard or manually, configure virtual machine resource allocation, and manage virtual hardware. It also provides an overview of virtual machines that are currently running and their live performance.

Before proceeding, ensure that the KVM hypervisor has been installed and that the host is ready for virtualization. If you haven’t already installed the KVM hypervisor on your Linux distribution, visit my other blog “How Do I Properly Install KVM on Linux“.

In this blog, I’ll show you how to use the Virtual Machine Manager graphical application to install the guest operating system. However, if you would like to install the guest operating system from the command line interface, see my other article “How to Install a KVM Guest OS from the Command-Line“.

The operating system I chose for the guest virtual machine for this blog is Rocky 9 Enterprise Linux. You may, however, choose any other operating system.

So, let’s begin.

Table of Contents

• 1. Install Guest OS in virt-manager Using the Wizard
• 2. Setting up the Advanced Options
  • 2.1 Choose the Firmware Type
  • 2.2 Configure the CPU
    • 2.2.1 Enable the Virtual CPU Hot Plug/Unplug Feature
    • 2.2.2 Choose a CPU Model
  • 2.3 Configure the Memory
  • 2.4 Configure the Storage
    • 2.4.1 Disk Bus
    • 2.4.2 Cache Mode
    • 2.4.3 Discard Mode
  • 2.5 Trusted Platform Module
  • 2.6 Setup Video
    • 2.6.1 Display Device Model
    • 2.6.2 Screen Resolution
• 3. Conclusion

1. Install Guest OS in virt-manager Using the Wizard

Using the Virtual Machine Manager’s Wizard, you can easily create a guest virtual machine.

Open Virtual Machine Manager from the application menu or in the terminal by typing virt-manager. When it comes up, click the computer icon in the upper left corner.

This will start a wizard and let you create a new virtual machine in five easy steps.

STEP 1: Choose how you would like to install the operating system.

• Select the first option if you are installing the operating system from an ISO image.
• Select the second option if you want to install it from the network. You must provide the installation tree’s URL, such as ‘https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/‘.
• Select the third option if you have downloaded the ready-to-use qcow2 image provided by most operating systems.
• Finally, select the fourth option if you want to install it manually.

Because I’m using an ISO image to install Rocky Linux, I’ll select the first option and press the [Forward] button.

STEP 2: Choose ISO or CDROM install media.

Provide the location of the ISO installer image as well as the operating system for which the guest virtual machine must be optimized.

In this blog, I’ll use Rocky 9 Enterprise Linux as an example, but you can use any other operating system. Click [Forward] to continue.

STEP 3: Choose Memory and CPU settings.

Set the amount of host memory and the number of virtual CPUs that the guest virtual machine will have.

• Enter the amount of host RAM (in MiB) that you want to assign to the guest VM.
• Enter the number of virtual CPUs to be assigned to the guest VM.

Click the [Forward] button to continue.

STEP 4: Enable storage for this virtual machine.

Set the size of the disk image you want to assign to the virtual machine.

• I have set the disk image size to 40 GiB, but you may adjust it to meet your needs.
• Select the second option if you want to use a different disk image you created earlier.

Click the [Forward] button to continue.

STEP 5: Set the name of the virtual machine and the network type.

This is the final configuration screen of the Virtual Machine Creation Wizard.

1. Enter the name of the guest virtual machine. It must be unique among all known guests of the hypervisor on the connection, including those not currently active.
2. Check this box if you want to make any advanced changes before installing the operating system on the guest. If not, leave it unchecked.
3. Select the network type for the guest virtual machine. If you haven’t configured another network, it will be the ‘default’ NAT network. If you’ve set up a network bridge, you can select it here. To configure a network bridge, check the ‘Configure a network bridge‘ section on my other blog.

Click the [Finish] button to complete the setup wizard and start the installation of the guest operating system.

2. Setting up the Advanced Options

If you selected ‘Customize configuration before install‘ in the installation wizard, you can further customize the settings. I’ll just go over some of the most important features here. Examine these features and implement them if necessary; otherwise, discard them.

2.1 Choose the Firmware Type

Choose what kind of firmware you would like to have on your guest virtual machine. I’ll be using UEFI firmware for this tutorial.

BIOS:

The BIOS option will be selected by default. This firmware is fully supported by the KVM hypervisor. When using this firmware, you will be able to take internal snapshots both offline and online, which is very useful when experimenting with something. The majority of modern computers, however, use UEFI, and BIOS is considered legacy.

UEFI:

Use this option if you want the virtual machine to boot with automatic UEFI firmware and secure boot. From what I understand, this option uses pflash-based firmware with the OVMF_CODE.secboot.fd binary only when the virtual machine is online. Internal snapshots are currently not possible when pflash-based firmware is used. As a result, internal snapshots can only be taken when the virtual machine is offline and not online.

OVMF_CODE.secboot.fd:

This option also allows you to boot the virtual machine with UEFI firmware and secure boot, but with the OVMF_CODE.secboot.fd binary manually selected. Internal snapshots are not supported in this option.

OVMF_CODE.fd:

Choose this option if you want UEFI firmware but no secure boot. This option also does not support internal snapshots.

OVMF.amdsev.fd:

If you have an AMD chip and want to enable AMD’s Secure Encrypted Virtualization (SEV) with Encrypted State (SEV-ES), use this option. The SEV feature enables virtual machine memory to be encrypted. SEV with Encrypted State (SEV-ES), which goes a step further by encrypting the CPU register content of the virtual machine. This provides protection against a wide range of cross-VM and hypervisor-based attacks.

OVMF.inteltdx.fd:

This one is for Intel chips, and the application is nearly identical to AMD’s OVMF.amdsev.fd. This one, on the other hand, makes use of Intel’s TDX (Trust Domain Extensions) technology. For more information, visit the GitHub tdx-tools page.

2.2 Configure the CPU

In the CPUs section, a number of CPU-related settings can be set.

2.2.1 Enable the Virtual CPU Hot Plug/Unplug Feature

At step 3 of the wizard, you assigned the guest virtual machine 2 fixed virtual CPUs (vCPU). If you want, you can also enable the vCPU Hot Plug/Unplug feature. This allows you to change the number of vCPUs dynamically while the guest virtual machine is running.

To enable the vCPU Hot Plug/Unplug feature, first, set the ‘vCPU allocation‘ slot with the maximum number of vCPUs that can be hotplugged to the running guest.

I’m running an old 4th Generation Intel I5, which has only 4 CPUs. As a result, I’ll limit the maximum number of vCPUs to 3. If you have a recent processor, you will have more CPUs and can set the maximum to even more.

Next, in the XML tab, set the current number of vCPUs you want the guest to have every time it boots. I’ll set it to 2.

Note: If XML editing is disabled, enable it in Virtual Machine Manager (Edit -> Preferences -> General).

As shown in the image above, I’ve set the current vCPUs to 2 and the maximum vCPUs to 3. So, when I boot the guest virtual machine, I will start with 2 vCPUs, with an additional vCPU available for hot plugging later. If your processor is newer and has more CPUs, you can, for example, set the current to 4 and the maximum to 8 vCPUs.

To dynamically increase (or decrease) the number of vCPUs of a running virtual machine, for example, to 3, run the following command on the host machine.

$ sudo virsh setvcpus rocky9-server-gui 3 --live

2.2.2 Choose a CPU Model

The KVM comes with a number of standard CPU models. If you need a specific CPU model for your virtual machine, you can choose from the CPU models list.

To see all available models, uncheck the ‘Copy host CPU configuration‘ checkbox or run the following command in the host terminal.

$ sudo virsh domcapabilities --arch $(uname -m) | grep "model usable='yes'"

Alternatively, you can change the CPU type by specifying the mode. To see what modes are available, run the following command in the host terminal.

$ sudo virsh domcapabilities --arch $(uname -m) | grep 'mode name'

Among all available modes/models, these are the two most important:

host-passthrough

When the mode is set to ‘host-passthrough‘, the host CPU’s model and features are exactly passed on to the guest virtual machine. This is the recommended and default option as well. The disadvantage is that live migration to different hosts with different hardware will be impossible.

host-model

You can also set the mode to ‘host-model‘. In this mode, a CPU model similar to the host CPU is first chosen from the CPU models list. Then, to get as close as possible to the host CPU, additional features are added. This will not exactly match the host CPU like ‘host-passthrough‘, but it will provide many of the benefits of host-passthrough while also making live migration safe.

To find out which CPU model and features will be assigned to the guest virtual machine if the mode is set to ‘host-model‘, run the following command on your host.

$ sudo virsh capabilities | xmllint --xpath '//cpu' -

2.3 Configure the Memory

In the same step 3 of the wizard, you also set the amount of memory to a fixed 4 GiB. If you want, you can also enable the memory Hot Plug/Unplug feature in the same way you did for the CPU.

For the memory hot plug/unplug feature, I will keep the current memory allocation of 4 GiB while increasing the maximum allocation to 8 GiB.

As shown in the image above, I’ve set the current memory to 4 GiB and the maximum memory to 8 GiB. So, when I boot the guest virtual machine, it will start with 4 GiB of memory and will have an additional 4 GiB (up to 8 GiB) available for hot plugging later.

To dynamically increase (or decrease) the memory of a running virtual machine, for example, to 6 GiB, run the following command on the host machine.

$ sudo virsh setmem rocky9-server-gui 6G --current

2.4 Configure the Storage

This section lets you fine-tune your virtual disk in a variety of ways.

2.4.1 Disk Bus

This option defines what kind of storage controller the guest virtual machine should have. KVM supplies multiple virtual storage controllers, such as ‘SATA’, ‘SCSI’, ‘USB’, and ‘VirtIO’. The recommended option is VirtIO, which is also the default.

If you are creating a Microsoft Windows VM, you cannot use the VirtIO bus right away because Microsoft does not recognize it. To make the VirtIO drivers available to Windows guests, you must first download the virtio-win.iso image. For more information, see the section titled ‘Install VirtIO Drivers for Windows Guests‘ in my other blog post ‘How Do I Properly Install KVM on Linux‘.

2.4.2 Cache Mode

KVM provides multiple storage caching strategies when configuring a guest VM. Each guest disk interface can have one of the following cache modes.

None

Recommended. The host page cache is bypassed and I/O happens directly between the hypervisor user space buffers and the storage device. Because the actual storage device may report a write as completed when placed in its write queue only, the guest’s virtual storage adapter is informed that there is a writeback cache. The guest would be expected to send down flush commands as needed to manage data integrity. Performance-wise, it is equivalent to direct access to your host’s disk.

Writethrough

Writes are reported as completed only when the data has been committed to the storage device. The host page cache is used in what can be termed a writethrough caching mode. The guest’s virtual storage adapter is informed that there is no writeback cache, so the guest would not need to send down flush commands to manage data integrity. The storage behaves as if there is a writethrough cache.

Writeback

The host page cache is used and writes are reported to the guest as completed when they are placed in the host page cache. The normal page cache management will handle commitment to the storage device. Additionally, the guest’s virtual storage adapter is informed of the writeback cache, so the guest would be expected to send down flush commands as needed to manage data integrity.

Directsync

Writes are reported as completed only when the data has been committed to the storage device, and when it is also desirable to bypass the host page cache. Like writethrough, it is helpful to guests that do not send flushes when needed. It was the last cache mode added, completing the possible combinations of caching and direct access semantics.

Unsafe

The key aspect of this “unsafe” mode, is that all flush commands from the guests are ignored. Using this mode implies that the user has accepted the trade-off of performance over the risk of data loss in case of a host failure. Useful, for example, during guest installation, but not for production workloads.

2.4.3 Discard Mode

There are two different modes here – ignore and unmap. When you delete files in the guest VM, the changes are immediately reflected in the guest file system. However, the qcow2 disk image associated with the VM does not shrink to reflect the newly freed space. With the unmap option selected, you can reclaim that free space.

In the host, enter the following command to reclaim the free space (while the guest is running).

$ sudo virsh domfstrim rocky9-server-gui --minimum 0

2.5 Trusted Platform Module

The Trusted Platform Module (TPM) technology is designed to provide hardware-based security functions. You can enable the TPM device in a guest virtual machine to have access to TPM functionality. The TPM device can be either TPM 1.2 or TPM 2.0.

The device could be a TPM passthrough or a TPM emulator. TPM passthrough allows a single guest virtual machine to access the host’s TPM. The TPM emulator, on the other hand, allows each guest virtual machine its own private TPM.

In the TPM emulator, KVM supports two models: TPM Interface Specification (TIS) and Command-Response Buffer (CRB). TIS (tpm-tis) supports both version 1.2 and version 2.0. CRB (tpm-crb) however, only supports version 2.0.

In this tutorial, I will enable the TPM emulator with TIS version 2.0. To do so, click the ‘Add Hardware‘ button in the bottom left corner of the window and select the TPM device.

2.6 Setup Video

The Video section lets you configure various video settings.

2.6.1 Display Device Model

Here you can select which video device model will be attached to the guest. The video settings that are valid depend on the hypervisor. Recent KVM options include Virtio, QXL, VGA, Ramfb, and Bochs. Visit this page for more information on which video model is best for you.

The recommended model, which is also the default, is Virtio.

2.6.2 Screen Resolution

If you want the guest virtual machine screen to have a specific resolution at boot, you can specify it in the XML tab of the video section.

First, insert the following line. I’m going to set the resolution to 1360x768. You can set it to any resolution you want.

<resolution x="1360" y="768"/>

Note: For some reason, if the number is not divisible by 16, the display becomes distorted for me. For example, if I set 1366x768, 1366 is not divisible by 16, so the display of the guest virtual machine will be distorted. As a result, I’ve set the resolution to 1360x768.

After that, assuming you’ve finished with the advanced settings, click the Begin Installation button in the upper left corner of the window. Continue to press the [Esc] button until the firmware settings window appears.

Go to ‘Device Manager‘, then ‘OVMF Platform Configuration‘, and set the preferred resolution to 1360x768.

Click the ‘Commit Changes and Exit‘ button to set and save your new resolution. Restart the virtual machine.

Note: When you restart the virtual machine, you may receive the error ‘No bootable option or device was found’. To resolve this, just force shut down the virtual machine and remount the Rocky Installer ISO.

The Rocky 9 Installer starts.

Follow the standard installation procedure of the guest operating system and you have successfully finished the installation of a guest virtual machine using the Virtual Machine Manager (virt-manager).

3. Conclusion

In this blog, you learned how to install a KVM guest virtual machine using the graphical Virtual Machine Manager application. With the guest VM installed, you can now start experimenting with whatever you want.

Going forward, if you want to share files between the KVM host and the Linux guests, visit my other blog, ‘Share Files Between KVM Host and Linux Guest Using Virtiofs‘, to learn how.