Post

Installing PVM Without Pain

Posted
By Muhammad Yuga Nugraha
2 min read

In my previous post, I shared how to install PVM from source code. Now I’ll show you how easy it is to install it without compiling the source code. I found a very useful solution from Loophole Labs, which provides a ready-to-use kernel package. However, it’s only available for a few Linux distributions such as Fedora, Rocky Linux, and AlmaLinux. Unfortunately, there’s no Ubuntu package available, but that’s okay.

This package should work with any Linux distribution that follows the mentioned ones, or you can check out this repository. Let’s get started! I’m using AlmaLinux on Hetzner Cloud with a CPX41 instance (8 vCPUs and 16GB RAM). I will simplify the process for you, but keep in mind that the package name might need to be adjusted because I found it different from their documentation.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

#cloud-config
runcmd:
  - dnf config-manager --add-repo 'https://loopholelabs.github.io/linux-pvm-ci/alma/hetzner/repodata/linux-pvm-ci.repo'
  - dnf install -y 6.7.12_pvm_host_alma_hetzner*
  - grubby --set-default /boot/vmlinuz-6.7.12-pvm-host-alma-*
  - grubby --copy-default --args="pti=off nokaslr lapic=notscdeadline" --update-kernel /boot/vmlinuz-6.7.12-pvm-host-alma-*
  - dracut --force --kver $(ls /lib/modules/ | grep "^6.7.12-pvm-host-alma-hetzner-*") 
  - dnf -y install dnf-plugins-core tar zstd
  - dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
  - dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin zstd
  - systemctl enable docker
  - wget https://github.com/firecracker-microvm/firecracker/releases/download/v1.12.0/firecracker-v1.12.0-x86_64.tgz
  - tar -xzvf firecracker-v1.12.0-x86_64.tgz
  - mv release-v1.12.0-x86_64/firecracker-v1.12.0-x86_64 /usr/local/bin/firecracker
  - rm -rf release-v1.12.0-x86_64
  - reboot

write_files:
  - path: /etc/modprobe.d/kvm-intel-amd-blacklist.conf
    permissions: "0644"
    content: |
      blacklist kvm-intel
      blacklist kvm-amd
  - path: /etc/modules-load.d/kvm-pvm.conf
    permissions: "0644"
    content: |
      kvm-pvm

power_state:
  mode: reboot
  condition: True

The above is a config for cloud-init that you can put before creation. After a few minutes, you will be able to SSH again to the server and check if PVM is being installed using the command below.

1

lsmod | grep pvm

We are all set now! The next thing is to run your microVM and everything. You can follow my first post about Firecracker here: Part 1: Getting Started with Firecracker or Step by Step to Run Firecracker without KVM, Thanks to PVM!. Both are pretty similar to create a base image, but this time since we are using a ready kernel image from Loophole Labs, I couldn’t find any guest kernel I could use initially. However, I found it after the CEO of Loophole Labs responded to my recent post, which we can download here.

1
2

wget https://github.com/loopholelabs/drafter/releases/download/v0.7.3/drafteros-oci-x86_64_pvm.tar.zst
zstd -dc drafteros-oci-x86_64_pvm.tar.zst | tar -xvf -

The filename is kernel, so please use it when you want to boot up the microVM as it works with any Firecracker version as they mentioned. However, do note that snapshot/restore may not work without their custom Firecracker binary. For now, I’m going to ignore it, so I use the default Firecracker binary which works seamlessly. It’s a good thing it’s simpler to do as I’m too lazy to compile the kernel :)

microVM, Firecracker
Virtualization
This post is licensed under CC BY 4.0 by the author.

Trending Tags

Homelab Virtualization