How to install KVM server on Debian Linux 9 Headless Server

in Categories , , last updated February 9, 2018

Kernel-based Virtual Machine (KVM) is a virtualization module for the Linux kernel that turns it into a hypervisor. How can I install KVM with bridged networking, setup guest operating system as the back-end virtualization technology for non-graphic Debain Linux 9.x server?

You can use KVM to run multiple operating systems such as Windows, *BSD, Linux distribution using virtual machines. Each virtual machine has its private disk, graphics card, a network card and more.

Steps for install KVM server on Debian Linux 9.x server

  1. The host server located in the remote data center and it is a headless server.
  2. All commands in this tutorial typed over the ssh based session.
  3. You need a vnc client to install the guest operating system.
  4. In this tutorial, you will learn how to install KVM software on Debian Linux 9.x server and use KVM to setup your first guest VM.

Follow installation steps of KVM on Debian Linux 9.x headless sever

Step 1: Install kvm

Type the following apt-get command/apt command:
$ sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin
How to install kvm server on Debian Linux 9

Allow normal user to manage virtual machine

If you want normal/regular user can manage virtual machines. Add user vivek to libvirt and libvirt-qemu using usermod command:
$ sudo adduser vivek libvirt
$ sudo adduser vivek libvirt-qemu

Reload group membership with the help of newgrp command:
$ newgrp libvirt
$ newgrp libvirt-qemu

Verify your group membership with id command:
$ id
Please note that you need to use the following command to connect to KVM server:
$ virsh --connect qemu:///system
$ virsh --connect qemu:///system command
$ virsh --connect qemu:///system list --all

Step 2: Verify kvm installation on Debain

Run the following egrep command to verify that Intel VMX or AMD SVM supported on your CPU:
$ egrep --color 'vmx|svm' /proc/cpuinfo
Sample outputs:

rf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm epb kaiser tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm ida arat pln pts
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm epb kaiser tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm ida arat pln pts

Step 3: Configure bridged networking on Debian

I am going to create bridge Interface br0 as the network connection in VM guests configuration for eth0 interface:
$ sudo vi /etc/network/interfaces/br0
Append the following:

## make sure all config related to eth0 deleted ##
auto br0
iface br0 inet static
	bridge_ports eth0
	bridge_stp off       # disable Spanning Tree Protocol
        bridge_waitport 0    # no delay before a port becomes available
        bridge_fd 0          # no forwarding delay

Restart the networking service on Linux:
$ sudo systemctl restart network-manager
To see current networking setting for KVM, run:
$ sudo virsh net-list --all
Sample outputs:

 Name                 State      Autostart     Persistent
 default              inactive   no            yes

You need to configure a KVM guest domain on a bridged network. So create a file named bridge.xml as follows a text editor such as NA command:
$ sudo vi /root/bridged.xml
Append the following config:

  <forward mode="bridge"/>
  <bridge name="br0"/>

Save and close the file in vi/vim.
$ sudo virsh net-define --file /root/bridged.xml
$ sudo virsh net-autostart br0
$ sudo virsh net-start br0

How to use an existing host bridge br0 on Debian Linux 9 for KVM

Step 4: Create your first virtual machine using an ISO image installer

I am going to create a CentOS 7.x VM. First, grab CentOS 7.x latest ISO image:
$ cd /var/lib/libvirt/boot/
$ sudo wget

Create CentOS 7 VM

In this example, I’m creating CentOS 7.x VM with 2GB RAM, 2 CPU core, 1 nic and 40GB disk space, enter:
$ sudo virt-install \
--virt-type=kvm \
--name centos7 \
--ram 2048 \
--vcpus=2 \
--os-variant=rhel7 \
--virt-type=kvm \
--hvm \
--cdrom=/var/lib/libvirt/boot/CentOS-7-x86_64-DVD-1708.iso \
--network=bridge=br0,model=virtio \
--graphics vnc \
--disk path=/var/lib/libvirt/images/centos7.qcow2,size=40,bus=virtio,format=qcow2

To configure vnc login from another terminal over ssh and type:
$ sudo virsh dumpxml centos7 | grep vnc
<graphics type='vnc' port='5901' autoport='yes' listen=''>

You can also use the following command:
$ sudo virsh vncdisplay centos7
Please note down the port value (i.e. 5901). You need to use an SSH client to setup tunnel and a VNC client to access the remote vnc server. Type the following SSH port forwarding command from your client/desktop:
$ ssh -L 5901:
Once you have ssh tunnel established, you can point your VNC client at your own (localhost) address and port 5901 as follows:

Fig.0 : VNC client to complete CentOS 7.x installation
Fig.01 : VNC client to complete CentOS 7.x installation

You should see CentOS Linux 7 guest installation screen as follows:
Fig.02: CentOS 7.x installation on KVM based VM
Fig.02: CentOS 7.x installation on KVM based VM

Now just follow on screen instructions and install CentOS 7. Once installed, go ahead and click reboot button. The remote server closed the connection to our VNC client. You can reconnect via KVM client to configure the rest of the server including SSH based session or firewall.

Step 5 – Use virt-builder to create VM

Above method (virt-install) works nicely but if you need quickly building new virtual machines, try virt-builder.

How to list the virtual machines available

$ virt-builder --list | more
You can use the grep command to filter out only x86_64 arch based VMs:
$ virt-builder --list | grep x86_64
Sample outputs:

opensuse-13.1            x86_64     openSUSE 13.1
opensuse-13.2            x86_64     openSUSE 13.2
opensuse-42.1            x86_64     openSUSE Leap 42.1
opensuse-tumbleweed      x86_64     openSUSE Tumbleweed
centos-6                 x86_64     CentOS 6.6
centos-7.0               x86_64     CentOS 7.0
centos-7.1               x86_64     CentOS 7.1
centos-7.2               x86_64     CentOS 7.2
centos-7.3               x86_64     CentOS 7.3
centos-7.4               x86_64     CentOS 7.4
cirros-0.3.1             x86_64     CirrOS 0.3.1
cirros-0.3.5             x86_64     CirrOS 0.3.5
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (wheezy)
debian-8                 x86_64     Debian 8 (jessie)
debian-9                 x86_64     Debian 9 (stretch)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
fedora-21                x86_64     Fedora® 21 Server
fedora-22                x86_64     Fedora® 22 Server
fedora-23                x86_64     Fedora® 23 Server
fedora-24                x86_64     Fedora® 24 Server
fedora-25                x86_64     Fedora® 25 Server
fedora-26                x86_64     Fedora® 26 Server
fedora-27                x86_64     Fedora® 27 Server
freebsd-11.1             x86_64     FreeBSD 11.1
scientificlinux-6        x86_64     Scientific Linux 6.5
ubuntu-10.04             x86_64     Ubuntu 10.04 (Lucid)
ubuntu-12.04             x86_64     Ubuntu 12.04 (Precise)
ubuntu-14.04             x86_64     Ubuntu 14.04 (Trusty)
ubuntu-16.04             x86_64     Ubuntu 16.04 (Xenial)

To see additional notes for any os run:
$ virt-builder --notes ubuntu-16.04
$ virt-builder --notes debian-9

Sample outputs:

Debian 9 (stretch)
This is a minimal Debian install.
This image does not contain SSH host keys.  To regenerate them use:
    --firstboot-command "dpkg-reconfigure openssh-server"
This template was generated by a script in the libguestfs source tree:
Associated files used to prepare this template can be found in the
same directory.

Create Debian 9.x VM

Create Debian 9 VM with 10GB disk space, 2GB ram, 2 vCPU and random password for root account, run:
$ sudo virt-builder debian-9 \
--size=10G \
--format qcow2 -o /var/lib/libvirt/images/debian9-vm1.qcow2 \
--hostname debain9-vm1 \
--network \
--timezone Asia/Kolkata

KVM install Debian 9 VM using virt-builder
Finally import image with virt-install command:
$ sudo virt-install --import --name debian9-vm1 \
--ram 2048 \
--vcpu 2 \
--disk path=/var/lib/libvirt/images/debian9-vm1.qcow2,format=qcow2 \
--os-variant debian9 \
--network=bridge=br0,model=virtio \

Sample outputs:

Starting install...
Creating domain...  
Domain creation completed.

You can login to your VM using x0E4iZ8sHjA6ekb6 password for root account:
$ sudo virsh list --all
$ virsh console debian9-vm1

Debian 9 VM up and running
You must disable root account for ssh session and create ssh keys for your VM. Login as above:
# dpkg-reconfigure openssh-server
# useradd -r -m -d /home/vivek -s /bin/bash vivek
# passwd vivek
# systemctl enable ssh
### [ Disable root user login when using ssh ] ###
# echo 'PermitRootLogin no' >> /etc/ssh/sshd_config
# systemctl restart ssh
# ip a s

Verify that you can login using an IP address for vivek user and use ‘su -‘ to become a root user:
$ ssh vivek@
$ su -

Useful commands

Let us see some useful commands.

Find the list of the accepted OS variants

$ osinfo-query os | less
$ osinfo-query os | grep debian
$ osinfo-query os | grep freebsd

List a running vms/domains

$ sudo virsh list

Shutodwn a vm/domain called debian9-vm1

$ sudo virsh shutdown debian9-vm1

Start a vm/domain called debian9-vm1

$ sudo virsh start debian9-vm1

Suspend a vm/domain called debian9-vm1

$ sudo virsh suspend debian9-vm1

Reboot (soft & safe reboot) a vm/domain called debian9-vm1

$ sudo virsh reboot debian9-vm1

Reset (hard reset/not safe) a vm/domain called debian9-vm1

$ sudo virsh reset debian9-vm1

Delete/remove a vm/domain called debian9-vm1

$ sudo virsh undefine debian9-vm1
$ sudo virsh destroy debian9-vm1

To see a complete list of virsh command type
$ virsh help | less
$ virsh help | grep reboot

This entry is 3 of 4 in the Linux KVM Cloud Computing/VM Tutorial series. Keep reading the rest of the series:
  1. How to install KVM on CentOS 7 / RHEL 7 Headless Server
  2. How to install KVM on Ubuntu 16.04 LTS Headless Server
  3. How to install KVM server on Debian Linux 9 Headless Server
  4. How to reset root password for Linux KVM VM

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Share this on (or read 2 comments/add one below):

Notable Replies

Continue the discussion

1 more reply