I have been curious about the ArchLinux distribution for some time. I have a Ubuntu 20.04 server running in headless mode in my home lab, with
KVM + libvirt already set up, so I decided to set up a virtual machine to give Arch a try.
I spent a fair amount of time researching how best to use
libvirt to create a new VM, but almost all of the tutorials and how-tos that I found assumed access to an X desktop, either with
virt-manager or with some sort of graphics driver given to
virt-install. Only a couple1 talked about how to use
--graphics none to create a VM purely from the command line, with examples of how to connect to the virtual machine to run through the installation process.
It's not for the faint of heart.
However, when I went to the ArchLinux Downloads page, the section on Vagrant Images jumped out at me. Vagrant is a tool that I have been meaning to play with as well, and right there on the ArchLinux site were instructions for setting up an Arch virtual machine using Vagrant!
So I went and downloaded Vagrant from Hasicorp's website, and tried to follow along with How To Use Vagrant with Libvirt on Linux. I kept tripping over missing dependencies when trying to install the
vagrant-libvirt plugin, however. I didn't have
make installed yet, and then I ran into all of the
Ruby dependencies . . .
I was expecting a long night. Fortunately, when I went to double-check that I had
libvirt installed on my server,
apt list | grep libvirt told me that Ubuntu had
vagrant-libvirt available from the default repository. Installing
vagrant along with the
vagrant-libvirt plugin and all of the necessary
Ruby dependencies turned out to be as simple as:
$ sudo apt-get install vagrant-libvirt
vagrant in hand, I followed along with the steps from the ArchLinux documentation:
$ vagrant init archlinux/archlinux $ vagrant up
Everything looked fine, until Vagrant attempted to set up the NFS mounts. The process hung there, and eventually timed out.
Searching the internet for advice, I came across a 3-year-old issue report on Vagrant's GitHub: vagrant up stuck when mounting NFS shared folders. This made me realize that my firewall was blocking the NFS mount. The discussion thread had good advice for people using
firewall-cmd but unfortunately, my server is using the
ufw firewall instead.
So it was back to Google, where I pieced together a solution from a number of helpful articles.2
First, I had to tell
mountd to listen on a known port, rather than a random one, by editing
/etc/default/nfs-kernel-server to replace
RPCMOUNTDOPTS="--manage-gids --port 32767"
I then restarted the NFS processes by executing:
$ sudo sysctl --system $ sudo /etc/init.d/nfs-kernel-server restart
ufw rules that I settled on were:
$ sudo ufw allow in on virbr2 to any port nfs $ sudo ufw allow in on virbr2 to any port 111 $ sudo ufw allow in on virbr2 to any port 32767
I chose to allow connections from any of the virtual hosts set up by
libvirt by creating
allow rules for
libvirt's virtual network device
The first rule takes advantage of
ufw being able to look into
/etc/services to find the port for
The second rule is to enable
The final rule is to enable the port configured for
With the firewall finally configured correctly,
vagrant up worked, and
vagrant ssh dropped me into a shell inside my new ArchLinux virtual machine.
I don't know that I can yet join the Arch meme crowd – BTW, I use Arch – but I'm a step closer to being able to, now.
https://unix.stackexchange.com/questions/309788/how-to-create-a-vm-from-scratch-with-virsh and https://www.thegeekstuff.com/2014/10/linux-kvm-create-guest-vm/ being a couple examples of sites that did talk about
Chief among the helpful articles about setting up
ufwwere: Firewall problem using autofs with NFS-exported mounts, Which ports do I need to open in the firewall to use NFS?, and SecuringNFS ↩︎