Hardware

Does your hardware even support virtualization (Intel VT-x Vanderpool or AMD-V Pacifica or VIA VT)?

$ dmesg | grep ^kvm
kvm: Nested Virtualization enabled
kvm: Nested Paging enabled

Here’s some stuff to check:

$ grep --color '\(vmx\|svm\| ept\|vpid\|vnmi\)' /proc/cpuinfo
flags       : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca
cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt
pdpe1gb rdtscp lm constant_tsc rep_good nonstop_tsc extd_apicid
aperfmperf pni monitor ssse3 cx16 popcnt lahf_lm cmp_legacy **svm**
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch ibs skinit wdt
cpb npt lbrv **svm**_lock nrip_save pausefilter

Note that SVM is AMD’s "Secure Virtual Machine".

Xen

Xen is a high performance VM strategy that allows specially modified guest kernels to run concurrently on the same hardware. Control is shared among the competing running OS instances by the "hypervisor" (which is the Xen software specifically). The hypervisor is responsible for booting the dom0 or domain 0 which is the only instance that has direct access to the real physical hardware. Guest operating systems (domU or domain Unprivileged) negotiate with the hypervisor for resources. Xen is like an operating system for your operating systems in the same way that the normal Linux kernel is an operating system for your processes.

Xen is notable for being able to manage VMs at a low level on hardware that does not support native VM switching. I think that modern CPUs are capable of handling a lot of the functionality of the Xen dom0. I’m not sure how this affects the added utility of Xen in the modern world. I think it would be hard for CPU based virtualization technologies to do live migrations of a domU from one machine to another. This may be the compelling advantage that Xen maintains. Xen also can target processors not traditionally equipped for native VM operations (XenARM).

Kernel-based Virtual Machine (KVM)

KVM is a Linux kernel feature (kvm.ko) that provides a /dev/kvm interface which can be used to populate and control guest VMs. This requires hardware CPU VM support. QEMU is required to manage the VMs. QEMU tries to use this if the hardware supports it but can also use other virtualization backends.

Here is the official home page.

Here’s the procedure I used to get a VM fired up with minimal fuss and maximal wholesomeness.

sudo apt install qemu-system libvirt-daemon-system virt-manager
sudo gpasswd -a xed libvirt
virt-manager

This runs a GUI graphical emulation of the screen that you can interact with. During the setup you can specify something like /tmp/debian-11.5.0-amd64-netinst.iso to boot and the size of the "drive" or put the image where you think it should go. Etc.

There are also command line ways to do things. For example, you should be able to see any VMs you have going with this CLI utility.

virsh --connect qemu:///system list --all

If you’re in the graphical mode looking at your virtual machine, you can get into a pickle if you somehow go to full screen mode. How do you then un-focus the VM? Here are some possibly important keyboard shortcuts.

Ok, these do not seem to work.

  • [ctrl+alt+f] - Toggle full screen.

  • [ctrl+alt+plus] - Enlarge the screen.

  • [_ctrl+alt+-] - Shrink the screen.

  • [_ctrl+alt+u] - Restore unscaled dimensions.

  • [_ctrl+alt+1] - Target system display.

  • [_ctrl+alt+2] - Monitor.

  • [_ctrl+alt+3] - Serial port.

Maybe my keyboard? Don’t know. Leaving them here for now in case they do work in some context.

What if you accidentally told Mate to autohide a toolbar? Turns out that you can never get it back. When you go to the retrieval position 1 pixel from the edge of the (virtual) display, it contexts you out into your host system. So now what? The answer is to sudo apt install dconf-editor and then hunt down /org/mate/panel/toplevels/top/auto-hide and turn that back off. You can also modify /org/mate/panel/toplevels/top/auto-hide-size to 3 or so if you really want this feature and that does work.

QEMU

QEMU does both virtualization and emulation. The virtualization is done using KVM and is apparently very efficient. The machine emulation, while slower, allows for tricks such as running programs designed for a different CPU architecture. QEMU specifically is a hypervisor process which manages hardware virtual machine instances. QEMU can also allow user processes compiled for different architectures to run in a user mode emulation.

Here is QEMU’s main page. Here is a more proper documentation page.

VirtualBox

This is a hypervisor. Although it is claimed to be somewhat GPL, some words from the Wikipedia page stood out: Oracle, Microsoft, Sun, Licensing… Ok, next. Oh and from the Ubuntu Wiki on VirtualBox: "The free edition only allows usage of a 32-bit operating system (as the guest OS) whereas the subscription edition allows a 64-bit guest OS. (Both require registration.)" There seems to be limitations on USB3 support and some other things. Some licenses are free only for personal or evaluation purposes.

This is where I will make a note of how to purge Ubuntu of all intrinsic knowledge of VirtualBox… Once I figure out how.

VMWare

Proprietary and either very expensive or very inexpensive. GUI management of guests. Easy like proprietary software can be. Difficult like proprietary software can be.

Vagrant

Wikipedia says: "Vagrant is an open-source software product for building and maintaining portable virtual software development environments,[4] e.g. for VirtualBox, Hyper-V, Docker, VMware, and AWS." Requires Ruby.

UserModeLinux (UML)

This is an interesting idea, basically you run the Linux kernel as a user process in a currently running Linux system. To me this seems like a slightly more wholesome way to think of VMs. My top level criticism of VMs is, if you configured your computer properly to begin with, why would you need to trick it with VMs? But this method seems to treat "running an OS" as just another thing that an OS can run.

Here’s the official homepage. Notes on getting this to work on Ubuntu. Gentoo people seem to find this interesting.

Docker

Could it be that UML is semi-obsolete? Docker gets an atom bomb’s worth of hype and it does look relatively sane if you really need "lightweight containers". What exactly that means is not always easy to ascertain. My best understanding is they’re like Gentoo overlays.

The Wikipedia Software container article is interesting.