Virtualization in Linux: Complete Guide
Overview
Linux provides comprehensive virtualization capabilities through various technologies, from lightweight containers to full hardware virtualization. This guide covers all major virtualization technologies, management tools, and implementation strategies.
Virtualization Types
Classification by Abstraction Level
# Type 1 Hypervisors (Bare Metal)
# - Run directly on hardware
# - Examples: Xen, VMware vSphere, KVM (with Linux)
# Type 2 Hypervisors (Hosted)
# - Run on top of host OS
# - Examples: VirtualBox, VMware Workstation, QEMU
# Container Virtualization
# - OS-level virtualization
# - Share kernel with host
# - Examples: Docker, LXC, Podman
# Paravirtualization
# - Guest OS aware of virtualization
# - Modified guest kernel for better performance
# - Examples: Xen paravirt, virtio drivers
KVM (Kernel-based Virtual Machine)
KVM Architecture
# KVM Components:
# - KVM kernel module (kvm.ko, kvm-intel.ko/kvm-amd.ko)
# - QEMU userspace tools
# - libvirt management layer
# - virt-manager GUI
# Check KVM support
lscpu | grep Virtualization # Check CPU virtualization support
lsmod | grep kvm # Check if KVM modules loaded
kvm-ok # Check KVM readiness (ubuntu)
KVM Installation and Setup
# Install KVM packages (Ubuntu/Debian)
sudo apt update
sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager
# Install KVM packages (CentOS/RHEL)
sudo yum groupinstall "Virtualization Host"
sudo yum install qemu-kvm libvirt virt-install virt-manager
# Enable and start libvirt
sudo systemctl enable libvirtd
sudo systemctl start libvirtd
# Add user to libvirt group
sudo usermod -aG libvirt $USER
sudo usermod -aG kvm $USER
# Verify installation
sudo virsh list --all
Creating VMs with KVM
# Create VM with virt-install
virt-install \
--name ubuntu-vm \
--ram 2048 \
--disk path=/var/lib/libvirt/images/ubuntu-vm.qcow2,size=20 \
--vcpus 2 \
--os-type linux \
--os-variant ubuntu20.04 \
--network bridge=virbr0 \
--graphics vnc \
--console pty,target_type=serial \
--location 'http://archive.ubuntu.com/ubuntu/dists/focal/main/installer-amd64/' \
--extra-args 'console=ttyS0,115200n8 serial'
# Create VM from ISO
virt-install \
--name centos-vm \
--ram 4096 \
--disk path=/var/lib/libvirt/images/centos-vm.qcow2,size=40 \
--vcpus 4 \
--os-type linux \
--os-variant centos8 \
--network bridge=virbr0 \
--graphics vnc \
--cdrom /path/to/centos.iso
# Clone existing VM
virt-clone --original ubuntu-vm --name ubuntu-vm-clone --file /var/lib/libvirt/images/ubuntu-vm-clone.qcow2
VM Management with virsh
# List VMs
virsh list # Running VMs
virsh list --all # All VMs
virsh list --inactive # Stopped VMs
# VM lifecycle management
virsh start vm-name # Start VM
virsh shutdown vm-name # Graceful shutdown
virsh destroy vm-name # Force stop
virsh reboot vm-name # Restart VM
virsh suspend vm-name # Pause VM
virsh resume vm-name # Resume paused VM
# VM configuration
virsh edit vm-name # Edit VM XML configuration
virsh dumpxml vm-name # Display VM configuration
virsh define vm-config.xml # Define VM from XML
virsh undefine vm-name # Remove VM definition
# VM snapshots
virsh snapshot-create-as vm-name snapshot1 "Description"
virsh snapshot-list vm-name
virsh snapshot-revert vm-name snapshot1
virsh snapshot-delete vm-name snapshot1
# VM autostart
virsh autostart vm-name # Enable autostart
virsh autostart --disable vm-name # Disable autostart
QEMU (Quick Emulator)
QEMU Basics
# QEMU can run standalone or with KVM acceleration
# Without KVM: Pure emulation (slower)
# With KVM: Hardware acceleration (faster)
# Check QEMU version
qemu-system-x86_64 --version
# Basic QEMU VM
qemu-system-x86_64 \
-m 2048 \
-hda disk.qcow2 \
-cdrom ubuntu.iso \
-boot d \
-vnc :1
# QEMU with KVM acceleration
qemu-system-x86_64 \
-enable-kvm \
-m 4096 \
-smp 4 \
-hda vm-disk.qcow2 \
-netdev user,id=net0 \
-device e1000,netdev=net0 \
-vnc :1
QEMU Disk Management
# Create virtual disks
qemu-img create -f qcow2 vm-disk.qcow2 20G
qemu-img create -f raw vm-disk.img 20G
qemu-img create -f vmdk vm-disk.vmdk 20G
# Convert between disk formats
qemu-img convert -f raw -O qcow2 input.img output.qcow2
qemu-img convert -f vmdk -O qcow2 vmware.vmdk kvm.qcow2
# Disk information and operations
qemu-img info vm-disk.qcow2 # Disk information
qemu-img resize vm-disk.qcow2 +10G # Resize disk
qemu-img snapshot -c snapshot1 vm-disk.qcow2 # Create snapshot
qemu-img snapshot -l vm-disk.qcow2 # List snapshots
# Backing files (linked clones)
qemu-img create -f qcow2 -o backing_file=base.qcow2 clone.qcow2
Container Technologies
Docker
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
sudo usermod -aG docker $USER
# Basic Docker operations
docker run hello-world # Test installation
docker run -it ubuntu bash # Interactive container
docker run -d nginx # Detached container
docker ps # List running containers
docker ps -a # List all containers
# Container management
docker start container_id # Start stopped container
docker stop container_id # Stop running container
docker restart container_id # Restart container
docker rm container_id # Remove container
docker logs container_id # View container logs
# Image management
docker images # List local images
docker pull ubuntu:20.04 # Download image
docker build -t myapp . # Build image from Dockerfile
docker rmi image_id # Remove image
# Docker networking
docker network ls # List networks
docker network create mynet # Create custom network
docker run --network mynet ubuntu # Use custom network
# Docker volumes
docker volume ls # List volumes
docker volume create myvolume # Create volume
docker run -v myvolume:/data ubuntu # Mount volume
LXC (Linux Containers)
# Install LXC
sudo apt install lxc lxc-templates
sudo yum install lxc lxc-templates
# Create LXC container
sudo lxc-create -n mycontainer -t ubuntu
sudo lxc-create -n centos-container -t centos
# Container lifecycle
sudo lxc-start -n mycontainer # Start container
sudo lxc-stop -n mycontainer # Stop container
sudo lxc-destroy -n mycontainer # Delete container
# Container interaction
sudo lxc-attach -n mycontainer # Attach to container
sudo lxc-console -n mycontainer # Console access
lxc-ls -f # List containers with details
# Container configuration
sudo lxc-info -n mycontainer # Container information
sudo nano /var/lib/lxc/mycontainer/config # Edit configuration
Podman (Docker alternative)
# Install Podman
sudo apt install podman # Ubuntu/Debian
sudo dnf install podman # Fedora
sudo yum install podman # CentOS/RHEL
# Podman usage (similar to Docker)
podman run hello-world # Run container
podman ps # List containers
podman images # List images
podman build -t myapp . # Build image
# Podman advantages:
# - Rootless containers
# - No daemon required
# - systemd integration
# - Pod support (Kubernetes-like)
# Create and manage pods
podman pod create --name mypod -p 8080:80
podman run --pod mypod nginx
podman pod ps # List pods
Xen Hypervisor
Xen Architecture
# Xen Components:
# - Xen Hypervisor (runs on bare metal)
# - Dom0 (privileged domain, management)
# - DomU (unprivileged domains, guest VMs)
# Install Xen (Ubuntu/Debian)
sudo apt install xen-hypervisor-amd64 xen-tools xen-utils-common
# Install Xen (CentOS/RHEL)
sudo yum install xen xen-tools
Xen VM Management
# Create Xen VM
xen-create-image \
--hostname=test-vm \
--size=10Gb \
--swap=1Gb \
--mem=1024Mb \
--vcpus=2 \
--dist=ubuntu
# Xen VM operations
xl list # List domains
xl create vm.cfg # Create domain from config
xl shutdown vm-name # Shutdown domain
xl destroy vm-name # Force destroy domain
xl console vm-name # Access console
# Xen configuration example (/etc/xen/vm.cfg)
name = "test-vm"
memory = 1024
vcpus = 2
disk = ['file:/var/lib/xen/images/test-vm.img,xvda,w']
vif = ['bridge=xenbr0']
VirtualBox
VirtualBox Installation and Management
# Install VirtualBox
sudo apt install virtualbox virtualbox-ext-pack
# Or download from Oracle website
# Command-line management (VBoxManage)
VBoxManage list vms # List VMs
VBoxManage list runningvms # List running VMs
VBoxManage startvm "VM Name" # Start VM
VBoxManage controlvm "VM Name" poweroff # Power off VM
# Create VM
VBoxManage createvm --name "Ubuntu-VM" --register
VBoxManage modifyvm "Ubuntu-VM" --memory 2048 --vram 128
VBoxManage createhd --filename "Ubuntu-VM.vdi" --size 20480
VBoxManage storagectl "Ubuntu-VM" --name "SATA Controller" --add sata
VBoxManage storageattach "Ubuntu-VM" --storagectl "SATA Controller" --port 0 --device 0 --type hdd --medium "Ubuntu-VM.vdi"
# VirtualBox networking
VBoxManage modifyvm "VM Name" --nic1 nat # NAT networking
VBoxManage modifyvm "VM Name" --nic1 bridged # Bridged networking
VBoxManage modifyvm "VM Name" --nic1 hostonly # Host-only networking
Virtualization Networking
Bridge Networking
# Create bridge interface
sudo ip link add br0 type bridge
sudo ip link set br0 up
sudo ip addr add 192.168.100.1/24 dev br0
# Add interface to bridge
sudo ip link set eth0 master br0
# Persistent bridge configuration (/etc/netplan/01-netcfg.yaml)
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
bridges:
br0:
interfaces: [eth0]
dhcp4: yes
# libvirt bridge management
virsh net-list # List networks
virsh net-define network.xml # Define network
virsh net-start default # Start network
virsh net-autostart default # Enable autostart
Advanced Networking
# Open vSwitch (OVS)
sudo apt install openvswitch-switch
sudo ovs-vsctl add-br ovs-br0
sudo ovs-vsctl add-port ovs-br0 eth0
# VLAN configuration
sudo vconfig add eth0 100 # Create VLAN interface
sudo ip link add link eth0 name eth0.100 type vlan id 100
# SR-IOV (Single Root I/O Virtualization)
echo 8 > /sys/class/net/eth0/device/sriov_numvfs # Enable VFs
Storage Virtualization
Virtual Disk Management
# LVM for VM storage
sudo pvcreate /dev/sdb # Create physical volume
sudo vgcreate vms /dev/sdb # Create volume group
sudo lvcreate -L 20G -n vm1 vms # Create logical volume
# Use LVM volume for VM
virt-install \
--disk path=/dev/vms/vm1 \
--other-options...
# Storage pools with libvirt
virsh pool-define-as mypool dir - - - - /var/lib/libvirt/images
virsh pool-start mypool
virsh pool-autostart mypool
virsh vol-create-as mypool vm-disk.qcow2 20G
Shared Storage
# NFS for VM storage
sudo apt install nfs-kernel-server
echo "/var/lib/libvirt/images *(rw,sync,no_root_squash)" >> /etc/exports
sudo exportfs -a
# iSCSI target configuration
sudo apt install tgt
# Configure in /etc/tgt/conf.d/
Performance Optimization
CPU Optimization
# CPU pinning
virsh vcpupin vm-name 0 1 # Pin vCPU 0 to physical CPU 1
virsh vcpuinfo vm-name # Show vCPU information
# NUMA topology
virsh numatune vm-name --nodeset 0 # Bind to NUMA node 0
numactl --cpubind=0 --membind=0 qemu-system-x86_64 ...
# CPU governor
echo performance > /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
Memory Optimization
# Huge pages
echo 1024 > /proc/sys/vm/nr_hugepages
mount -t hugetlbfs hugetlbfs /dev/hugepages
# KSM (Kernel Same-page Merging)
echo 1 > /sys/kernel/mm/ksm/run
echo 100 > /sys/kernel/mm/ksm/sleep_millisecs
# Memory ballooning
virsh setmem vm-name 2048M # Adjust memory dynamically
I/O Optimization
# virtio drivers for better performance
# In VM XML configuration:
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' cache='writeback' io='native'/>
<source file='/path/to/disk.qcow2'/>
<target dev='vda' bus='virtio'/>
</disk>
# I/O scheduler optimization
echo deadline > /sys/block/sda/queue/scheduler # For VMs
echo noop > /sys/block/sda/queue/scheduler # For SSDs
Security in Virtualization
VM Isolation
# SELinux with libvirt
getsebool virt_use_nfs # Check SELinux booleans
setsebool -P virt_use_nfs on # Enable NFS for VMs
# AppArmor profiles
sudo aa-enforce /etc/apparmor.d/usr.sbin.libvirtd
# Secure VM configuration
# - Disable unnecessary devices
# - Use virtio-rng for entropy
# - Enable memory protection
Container Security
# User namespaces
echo 'user.max_user_namespaces=15000' >> /etc/sysctl.conf
# Rootless containers with Podman
podman run --user 1000:1000 ubuntu
# Container scanning
docker scan image_name # Docker security scanning
trivy image image_name # Trivy security scanner
# Seccomp profiles
docker run --security-opt seccomp=custom-profile.json ubuntu
Monitoring and Management
Virtualization Monitoring
# libvirt monitoring
virt-top # Top for VMs
virsh domstats vm-name # VM statistics
virsh nodeinfo # Host information
# Container monitoring
docker stats # Container resource usage
podman stats # Podman container stats
ctop # Container top
# System monitoring for virtualization
htop -u libvirt-qemu # Process monitoring
iotop -u libvirt-qemu # I/O monitoring
netstat -i # Network monitoring
Management Tools
# Cockpit (web-based management)
sudo apt install cockpit cockpit-machines
sudo systemctl enable --now cockpit.socket
# Access via https://localhost:9090
# oVirt (enterprise virtualization management)
# Proxmox VE (complete virtualization platform)
# OpenStack (cloud infrastructure)
Automation and Orchestration
Ansible for VM Management
# Ansible playbook for VM creation
- name: Create KVM VM
virt:
name: "{{ vm_name }}"
command: define
xml: "{{ lookup('template', 'vm-template.xml.j2') }}"
- name: Start VM
virt:
name: "{{ vm_name }}"
state: running
Terraform for Infrastructure
# Terraform configuration for libvirt
provider "libvirt" {
uri = "qemu:///system"
}
resource "libvirt_domain" "vm" {
name = "terraform-vm"
memory = "2048"
vcpu = 2
disk {
volume_id = libvirt_volume.vm-disk.id
}
}
Cloud-Init Integration
# cloud-init user-data
#cloud-config
users:
- name: admin
sudo: ALL=(ALL) NOPASSWD:ALL
ssh_authorized_keys:
- ssh-rsa AAAAB3...
packages:
- nginx
- htop
runcmd:
- systemctl enable nginx
- systemctl start nginx
Troubleshooting Virtualization
Common Issues
# KVM troubleshooting
dmesg | grep kvm # Check kernel messages
lsmod | grep kvm # Verify KVM modules
cat /proc/cpuinfo | grep vmx # Check Intel VT-x
cat /proc/cpuinfo | grep svm # Check AMD-V
# libvirt troubleshooting
virsh capabilities # Check capabilities
systemctl status libvirtd # Check service status
tail -f /var/log/libvirt/libvirtd.log # Check logs
# Container troubleshooting
docker logs container_name # Container logs
docker exec -it container_name bash # Debug inside container
podman info # Podman system information
Performance Issues
# CPU performance
cat /proc/cpuinfo | grep flags | grep vmx # Hardware virtualization
cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
# Memory issues
free -h # Check available memory
cat /proc/sys/vm/swappiness # Check swap usage
virsh nodeinfo # Check NUMA topology
# I/O performance
iostat -x 1 # I/O statistics
iotop # I/O by process
Linux virtualization provides comprehensive solutions for running multiple operating systems and applications efficiently, from lightweight containers to full hardware virtualization, with robust management and monitoring capabilities.