Radoslav Panev

SysAdmin and DevOps

KVM and VirtManager on CentOS 7

29 Oct 2014 » linux, kvm, centos

KVM is a kernel-based hypervisor which grows quickly in maturity and popularity in the Linux server market. Red Hat officially dropped Xen in favor of KVM since RHEL. With KVM being officially supported by Red Hat, installing KVM on RedHat-based systems should be a breeze.

In this tutorial, I will describe how to install and configure KVM and VirtManager on CentOS. To use this tutorial, it is not required to have CentOS desktop environment. This tutorial was in fact tested on CentOS 7 server.

Check Hardware Virtualization Supoort

KVM requires hardware virtualization support such as Intel VT or AMD’s AMD-V, which are instruction set extensions for hardware-assisted virtualization. Check if hardware virtualization support is available on CentOS host machine:

egrep -i 'vmx|svm' --color=always /proc/cpuinfo

If CPU flags contain „vmx“ or „svm“, it means hardware virtualization support is available.

Disable SELinux

Before installing KVM, be aware that there are several SELinux booleans that can affect the behavior of KVM and libvirt. In this tutorial, I’m going to set SELinux to „disable“ for demonstration purpose. If you do not wish to change SELinux mode, refer to the documentation on KVM SELinux booleans.

To disable SELinux on CentOS:

nano /etc/selinux/config

Edit this line


Reboot the machine for the change to take effect.

Install KVM, QEMU and user-space tools

Install KVM and virtinst (a tool to create VMs) as follows:

yum install kvm libvirt python-virtinst qemu-kvm dejavu-lgc-sans-fonts

Start libvirtd daemon, and set it to auto-start:

service libvirtd start
chkconfig libvirtd on

Check if KVM has successfully been installed. You should see no error as follows.

virsh -c qemu:///system list
 Id    Name                           State

Configure Linux Bridge for VM Networking

Installing KVM alone does not allow VMs to communicate with each other or access external networks. You need to configure VM networking separately. In this tutorial, I am going to set up „bridged networking“ via Linux bridge.

Install a package needed to create and manage bridge devices:

yum install bridge-utils

Disable Network Manager service if it’s enabled, and switch to default net manager as follows.

service NetworkManager stop
chkconfig NetworkManager off
chkconfig network on
service network start

To configure a new bridge, you have to pick an active network interface (e.g., eth0), and enslave it to the bridge. Depending on whether the network interface is assigned an IP address via DHCP or statically, there are two different ways to configure a new bridge.

To configure bridge br0 with a static IP address:

edit /etc/sysconfig/network-scripts/ifcfg-eth0


edit /etc/sysconfig/network-scripts/ifcfg-br0


Note that the configuration for the enslaved interface (eth0) does not have „BOOTPROTO“ field, but „BRIDGE“ field added.

Once configuration files are generated accordingly, run the following to activate the change.

service network restart

You should now see br0 bridge interface with a proper IP address as follows.

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet  netmask  broadcast
        inet6 fe80::230:48ff:fef9:9f38  prefixlen 64  scopeid 0x20

<link />
ether 00:00:00:00:00:00  txqueuelen 0  (Ethernet)
        RX packets 419447  bytes 689986593 (658.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 385147  bytes 495758281 (472.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163&lt;UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 00:00:00:00:00:00  txqueuelen 1000  (Ethernet)
        RX packets 675144  bytes 737692473 (703.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 573506  bytes 510598440 (486.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xd0200000-d0220000  

lo: flags=73&lt;UP,LOOPBACK,RUNNING>  mtu 65536
        inet  netmask
        inet6 ::1  prefixlen 128  scopeid 0x10&lt;host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 375733  bytes 550545800 (525.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 375733  bytes 550545800 (525.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099&lt;UP,BROADCAST,MULTICAST>  mtu 1500
        inet  netmask  broadcast
        ether 7a:99:87:6b:8b:aa  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1  bytes 90 (90.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163&lt;UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::fc54:ff:feb7:889b  prefixlen 64  scopeid 0x20

<link />
ether fe:54:00:b7:88:9b  txqueuelen 500  (Ethernet)
        RX packets 268  bytes 20742 (20.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 800  bytes 549088 (536.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Install VirtManager

The final step is to install a desktop UI called VirtManager for managing virtual machines (VMs) through libvirt.

To install VirtManager:

yum install virt-manager libvirt qemu

If you are using CentOS desktop, you should be able to launch VirtManager locally at this point, by simply running:


However, if you are using CentOS server without desktop UI, follow these steps to launch VirtManager.

Enable X11 forwarding on SSH server:

yum install xauth
nano /etc/ssh/sshd_config
X11Forwarding yes
service sshd restart

Next list xauth

xauth list
legolas.smrad.eu/unix:10  MIT-MAGIC-COOKIE-1  7a8b4e69f4de0c5b3da1913f44f15b15

and finally add the result

xauth add legolas.smrad.eu/unix:10  MIT-MAGIC-COOKIE-1  7a8b4e69f4de0c5b3da1913f44f15b15

Then connect to your CentOS server from a separate desktop machine, and run the wrapper script vm to launch VirtManager remotely.

ssh -X root@legolas.smrad.eu

In the end it is necessary to add the following rule :

echo “-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT” > /etc/sysconfig/iptables-forward-bridged

Install monitoring

yum install virt-top -y