To run Guix in a virtual machine (VM), one can use the pre-built Guix VM image
This image is a compressed image in QCOW format. You will first need to
xz -d, and then you can pass it to an emulator such
as QEMU (see below for details).
This image boots the Xfce graphical environment and it contains some
commonly-used tools. You can install more software in the image by running
guix package in a terminal (see Invoking guix package). You can
also reconfigure the system based on its initial configuration file available
as /etc/config.scm (see Using the Configuration System).
Instead of using this pre-built image, one can also build their own virtual
machine image using
guix system vm-image (see Invoking guix system). The returned image is in qcow2 format, which the
QEMU emulator can efficiently use.
If you built your own image, you must copy it out of the store
(see The Store) and give yourself permission to write to the copy
before you can use it. When invoking QEMU, you must choose a system
emulator that is suitable for your hardware platform. Here is a minimal
QEMU invocation that will boot the result of
vm-image on x86_64 hardware:
$ qemu-system-x86_64 \ -net user -net nic,model=virtio \ -enable-kvm -m 512 \ -device virtio-blk,drive=myhd \ -drive if=none,file=/tmp/qemu-image,id=myhd
Here is what each of these options means:
This specifies the hardware platform to emulate. This should match the host.
Enable the unprivileged user-mode network stack. The guest OS can access the host but not vice versa. This is the simplest way to get the guest OS online.
You must create a network interface of a given model. If you do not
create a NIC, the boot will fail. Assuming your hardware platform is
x86_64, you can get a list of available NIC models by running
qemu-system-x86_64 -net nic,model=help.
If your system has hardware virtualization extensions, enabling the virtual machine support (KVM) of the Linux kernel will make things run faster.
RAM available to the guest OS, in mebibytes. Defaults to 128 MiB, which may be insufficient for some operations.
virtio-blk drive called “myhd”.
virtio-blk is a
“paravirtualization” mechanism for block devices that allows QEMU to achieve
better performance than if it were emulating a complete disk drive. See the
QEMU and KVM documentation for more info.
Use our QCOW image, the /tmp/qemu-image file, as the backing store the the “myhd” drive.
run-vm.sh script that is returned by an invocation of
guix system vm does not add a
-net user flag by default.
To get network access from within the vm add the
to your system definition and start the VM using
`guix system vm config.scm` -net user. An important caveat of using
-net user for networking is that
ping will not work, because
it uses the ICMP protocol. You’ll have to use a different command to check for
network connectivity, for example
To enable SSH inside a VM you need to add an SSH server like
openssh-service-type to your VM (see
openssh-service-type). In addition you need to forward the SSH port,
22 by default, to the host. You can do this with
`guix system vm config.scm` -net user,hostfwd=tcp::10022-:22
To connect to the VM you can run
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 10022
ssh the port you want to connect to.
-o UserKnownHostsFile=/dev/null prevents
ssh from complaining
every time you modify your
config.scm file and the
-o StrictHostKeyChecking=no prevents you from having to allow a
connection to an unknown host every time you connect.
As an alternative to the default
qemu graphical client you can
remote-viewer from the
virt-viewer package. To
connect pass the
-spice port=5930,disable-ticketing flag to
qemu. See previous section for further information on how to do this.
Spice also allows you to do some nice stuff like share your clipboard with your
VM. To enable that you’ll also have to pass the following flags to
-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 -chardev spicevmc,name=vdagent,id=vdagent -device virtserialport,nr=1,bus=virtio-serial0.0,chardev=vdagent, name=com.redhat.spice.0
You’ll also need to add the see Spice service.