Alpine Linuxβs lightweight nature makes it an excellent host for virtualization. This comprehensive guide will help you set up various virtualization technologies, from full system virtualization with KVM/QEMU to container-based solutions, turning your Alpine system into a powerful virtualization platform.
Table of Contents
- Prerequisites
- Understanding Virtualization Technologies
- Installing KVM and QEMU
- Setting Up libvirt
- Installing VirtualBox
- Configuring virt-manager
- Network Configuration
- Storage Management
- Creating Virtual Machines
- Container Virtualization
- Performance Optimization
- VM Templates and Cloning
- Backup and Snapshots
- Remote Management
- Troubleshooting
- Best Practices
- Conclusion
Prerequisites
Before setting up virtualization, ensure you have:
- Alpine Linux with hardware virtualization support
- CPU with VT-x (Intel) or AMD-V (AMD) enabled
- At least 8GB RAM (16GB+ recommended)
- 50GB+ free disk space
- Root or sudo access
- Basic understanding of virtualization concepts
Understanding Virtualization Technologies
Check Hardware Support
# Check CPU virtualization support
grep -E 'vmx|svm' /proc/cpuinfo
# Check if virtualization is enabled
lscpu | grep Virtualization
# Check KVM support
ls /dev/kvm
# Check kernel modules
lsmod | grep kvm
Virtualization types:
- Full Virtualization: KVM/QEMU for complete OS isolation
- Paravirtualization: Xen for better performance
- Container Virtualization: Docker/LXC for lightweight isolation
- Hardware-assisted: Using CPU virtualization extensions
Installing KVM and QEMU
Step 1: Install KVM/QEMU Packages
# Update package repository
apk update
# Install KVM and QEMU
apk add qemu-system-x86_64 qemu-img qemu-guest-agent
apk add libvirt libvirt-daemon libvirt-client
apk add virt-install virtio-win
# Install additional tools
apk add bridge-utils dnsmasq ebtables
apk add dmidecode netcat-openbsd
Step 2: Enable KVM Modules
# Load KVM modules
modprobe kvm
modprobe kvm_intel # For Intel CPUs
# OR
modprobe kvm_amd # For AMD CPUs
# Make modules persistent
echo "kvm" >> /etc/modules
echo "kvm_intel" >> /etc/modules # or kvm_amd
# Verify modules loaded
lsmod | grep kvm
Step 3: Configure Permissions
# Add user to libvirt group
addgroup $USER libvirt
addgroup $USER kvm
# Set permissions on KVM device
chown root:kvm /dev/kvm
chmod 660 /dev/kvm
# Create libvirt directories
mkdir -p /var/lib/libvirt/{images,boot,qemu}
Setting Up libvirt
Step 1: Configure libvirt Daemon
# Configure libvirtd
cat > /etc/libvirt/libvirtd.conf << 'EOF'
# Network connectivity
listen_tls = 0
listen_tcp = 1
tcp_port = "16509"
listen_addr = "0.0.0.0"
auth_tcp = "none"
# UNIX socket access
unix_sock_group = "libvirt"
unix_sock_ro_perms = "0777"
unix_sock_rw_perms = "0770"
# Logging
log_level = 3
log_outputs = "3:syslog:libvirtd"
# Limits
max_clients = 20
max_workers = 20
max_requests = 20
max_client_requests = 5
EOF
# Enable and start libvirtd
rc-update add libvirtd default
rc-update add virtlogd default
rc-service libvirtd start
rc-service virtlogd start
Step 2: Configure QEMU
# Configure QEMU
cat > /etc/libvirt/qemu.conf << 'EOF'
# User configuration
user = "qemu"
group = "qemu"
# Security driver
security_driver = "none"
# VNC configuration
vnc_listen = "0.0.0.0"
vnc_tls = 0
vnc_sasl = 0
# SPICE configuration
spice_listen = "0.0.0.0"
spice_tls = 0
# Memory settings
hugetlbfs_mount = "/dev/hugepages"
# Logging
log_level = 3
log_outputs = "3:syslog:qemu"
EOF
# Create qemu user
adduser -S -D -H -s /sbin/nologin -g qemu -G kvm qemu
Step 3: Test libvirt Connection
# Test local connection
virsh -c qemu:///system list --all
# Check version
virsh version
# View capabilities
virsh capabilities
Installing VirtualBox
Step 1: Install VirtualBox (Alternative to KVM)
# Note: VirtualBox requires additional repositories
# Add testing repository temporarily
echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
# Install VirtualBox
apk add virtualbox virtualbox-guest-additions virtualbox-guest-modules-virt
# Remove testing repository
sed -i '/edge\/testing/d' /etc/apk/repositories
# Load VirtualBox modules
modprobe vboxdrv
modprobe vboxnetflt
modprobe vboxnetadp
Step 2: Configure VirtualBox
# Add user to vboxusers group
addgroup $USER vboxusers
# Create VirtualBox configuration
mkdir -p /etc/vbox
cat > /etc/vbox/vbox.cfg << 'EOF'
# VirtualBox configuration
INSTALL_DIR="/usr/lib/virtualbox"
EOF
# Set up kernel modules
cat > /etc/modules-load.d/virtualbox.conf << 'EOF'
vboxdrv
vboxnetflt
vboxnetadp
vboxpci
EOF
Configuring virt-manager
Step 1: Install virt-manager (GUI)
# Install virt-manager and dependencies
apk add virt-manager virt-viewer spice-gtk
apk add gtk+3.0 gtksourceview
# For remote management
apk add openssh-client
# Configure desktop entry
cat > /usr/share/applications/virt-manager.desktop << 'EOF'
[Desktop Entry]
Name=Virtual Machine Manager
Comment=Manage virtual machines
Icon=virt-manager
Exec=virt-manager
Type=Application
Categories=System;
EOF
Step 2: Remote Management Setup
# Configure SSH for virt-manager
cat > ~/.ssh/config << 'EOF'
Host hypervisor
HostName 192.168.1.100
User root
ForwardX11 yes
ForwardAgent yes
Compression yes
EOF
# Test remote connection
virsh -c qemu+ssh://root@hypervisor/system list
Network Configuration
Step 1: Configure Bridge Networking
# Install bridge utilities
apk add bridge-utils
# Configure network bridge
cat > /etc/network/interfaces << 'EOF'
# Loopback
auto lo
iface lo inet loopback
# Physical interface (no IP)
auto eth0
iface eth0 inet manual
# Bridge interface
auto br0
iface br0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0
EOF
# Restart networking
rc-service networking restart
# Verify bridge
brctl show
Step 2: Configure NAT Network
# Create NAT network with libvirt
cat > /tmp/nat-network.xml << 'EOF'
<network>
<name>natnet</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr1' stp='on' delay='0'/>
<ip address='192.168.100.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.100.100' end='192.168.100.200'/>
</dhcp>
</ip>
</network>
EOF
# Define and start network
virsh net-define /tmp/nat-network.xml
virsh net-start natnet
virsh net-autostart natnet
Step 3: Configure Isolated Network
# Create isolated network
cat > /tmp/isolated-network.xml << 'EOF'
<network>
<name>isolated</name>
<bridge name='virbr2' stp='on' delay='0'/>
<ip address='10.0.0.1' netmask='255.255.255.0'>
<dhcp>
<range start='10.0.0.100' end='10.0.0.200'/>
</dhcp>
</ip>
</network>
EOF
virsh net-define /tmp/isolated-network.xml
virsh net-start isolated
virsh net-autostart isolated
Storage Management
Step 1: Create Storage Pools
# Create directory-based storage pool
mkdir -p /var/lib/libvirt/images
virsh pool-define-as default dir - - - - "/var/lib/libvirt/images"
virsh pool-build default
virsh pool-start default
virsh pool-autostart default
# Create LVM storage pool
virsh pool-define-as vmstorage logical - - - - /dev/vg0 vmstorage
virsh pool-build vmstorage
virsh pool-start vmstorage
virsh pool-autostart vmstorage
Step 2: Manage Storage Volumes
# Create a new volume
virsh vol-create-as default test-vm.qcow2 20G --format qcow2
# List volumes
virsh vol-list default
# Get volume info
virsh vol-info test-vm.qcow2 --pool default
# Clone a volume
virsh vol-clone original.qcow2 clone.qcow2 --pool default
Step 3: Advanced Storage Configuration
# Create thin-provisioned LVM volume
lvcreate -V 100G -T vg0/thinpool -n vm-disk
# Create ZFS storage pool (if ZFS available)
zpool create vmstorage /dev/sdb
zfs create vmstorage/images
zfs set compression=lz4 vmstorage/images
# NFS storage pool
cat > /tmp/nfs-pool.xml << 'EOF'
<pool type='netfs'>
<name>nfs-storage</name>
<source>
<host name='nfs-server.example.com'/>
<dir path='/exports/vms'/>
<format type='nfs'/>
</source>
<target>
<path>/var/lib/libvirt/nfs</path>
</target>
</pool>
EOF
virsh pool-define /tmp/nfs-pool.xml
Creating Virtual Machines
Step 1: Create VM with virt-install
# Download Alpine ISO
wget https://dl-cdn.alpinelinux.org/alpine/v3.18/releases/x86_64/alpine-virt-3.18.0-x86_64.iso \
-O /var/lib/libvirt/boot/alpine.iso
# Create Alpine Linux VM
virt-install \
--name alpine-vm \
--ram 2048 \
--vcpus 2 \
--disk path=/var/lib/libvirt/images/alpine-vm.qcow2,size=20,format=qcow2 \
--cdrom /var/lib/libvirt/boot/alpine.iso \
--network bridge=br0 \
--graphics vnc,listen=0.0.0.0,port=5901 \
--os-variant linux2020 \
--console pty,target_type=serial \
--autostart
# Create Windows VM
virt-install \
--name windows-vm \
--ram 4096 \
--vcpus 4 \
--disk path=/var/lib/libvirt/images/windows.qcow2,size=60,format=qcow2,bus=virtio \
--cdrom /var/lib/libvirt/boot/windows.iso \
--disk path=/var/lib/libvirt/boot/virtio-win.iso,device=cdrom \
--network bridge=br0,model=virtio \
--graphics spice \
--os-variant win10 \
--features kvm_hidden=on \
--cpu host-passthrough
Step 2: Create VM from XML
# Create VM definition
cat > /tmp/custom-vm.xml << 'EOF'
<domain type='kvm'>
<name>custom-vm</name>
<memory unit='GiB'>4</memory>
<vcpu placement='static'>4</vcpu>
<os>
<type arch='x86_64' machine='pc-q35-6.2'>hvm</type>
<boot dev='hd'/>
<boot dev='cdrom'/>
</os>
<features>
<acpi/>
<apic/>
<vmport state='off'/>
</features>
<cpu mode='host-passthrough' check='none'>
<topology sockets='1' cores='2' threads='2'/>
</cpu>
<devices>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' cache='writeback'/>
<source file='/var/lib/libvirt/images/custom-vm.qcow2'/>
<target dev='vda' bus='virtio'/>
</disk>
<interface type='bridge'>
<source bridge='br0'/>
<model type='virtio'/>
</interface>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<graphics type='spice' autoport='yes'>
<listen type='address' address='0.0.0.0'/>
</graphics>
<video>
<model type='qxl' vram='65536' heads='1'/>
</video>
</devices>
</domain>
EOF
# Define and start VM
virsh define /tmp/custom-vm.xml
virsh start custom-vm
Step 3: VM Management Commands
# Basic VM operations
virsh list --all # List all VMs
virsh start vm-name # Start VM
virsh shutdown vm-name # Graceful shutdown
virsh destroy vm-name # Force stop
virsh reboot vm-name # Reboot VM
virsh suspend vm-name # Suspend VM
virsh resume vm-name # Resume VM
# Connect to VM console
virsh console vm-name # Serial console
virt-viewer vm-name # Graphical console
# VM information
virsh dominfo vm-name # Basic info
virsh domstats vm-name # Detailed statistics
virsh domblklist vm-name # List disks
virsh domiflist vm-name # List network interfaces
Container Virtualization
Step 1: Install LXC/LXD
# Install LXC
apk add lxc lxc-templates lxc-download
# Install LXD
apk add lxd lxd-client
# Initialize LXD
lxd init --auto
# Add user to lxd group
addgroup $USER lxd
Step 2: Create Containers
# Create Alpine container
lxc-create -n alpine-container -t alpine
# Create Ubuntu container with LXD
lxc launch ubuntu:20.04 ubuntu-container
# List containers
lxc list
lxc-ls -f
# Start/stop containers
lxc start alpine-container
lxc stop alpine-container
# Execute commands in container
lxc exec ubuntu-container -- apt update
Step 3: Docker Setup
# Install Docker
apk add docker docker-compose
# Enable Docker service
rc-update add docker default
rc-service docker start
# Add user to docker group
addgroup $USER docker
# Test Docker
docker run hello-world
# Docker Compose example
cat > docker-compose.yml << 'EOF'
version: '3'
services:
web:
image: nginx:alpine
ports:
- "80:80"
volumes:
- ./html:/usr/share/nginx/html
db:
image: postgres:alpine
environment:
POSTGRES_PASSWORD: secret
volumes:
- db-data:/var/lib/postgresql/data
volumes:
db-data:
EOF
Performance Optimization
Step 1: CPU Pinning
# Pin VM CPUs to physical CPUs
virsh vcpupin vm-name 0 0 # vCPU 0 to pCPU 0
virsh vcpupin vm-name 1 1 # vCPU 1 to pCPU 1
# Set CPU affinity in XML
cat >> /tmp/cpu-pinning.xml << 'EOF'
<cputune>
<vcpupin vcpu='0' cpuset='0'/>
<vcpupin vcpu='1' cpuset='1'/>
<vcpupin vcpu='2' cpuset='2'/>
<vcpupin vcpu='3' cpuset='3'/>
</cputune>
EOF
Step 2: Memory Optimization
# Enable hugepages
echo 1024 > /proc/sys/vm/nr_hugepages
# Make persistent
echo "vm.nr_hugepages = 1024" >> /etc/sysctl.conf
# Configure VM to use hugepages
cat >> /tmp/hugepages.xml << 'EOF'
<memoryBacking>
<hugepages/>
</memoryBacking>
EOF
# Enable KSM (Kernel Same-page Merging)
echo 1 > /sys/kernel/mm/ksm/run
echo 1000 > /sys/kernel/mm/ksm/sleep_millisecs
Step 3: Storage Optimization
# Use virtio drivers
cat >> /tmp/virtio-disk.xml << 'EOF'
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' cache='none' io='native'/>
<source file='/var/lib/libvirt/images/vm.qcow2'/>
<target dev='vda' bus='virtio'/>
</disk>
EOF
# Enable disk caching
virsh attach-disk vm-name \
/var/lib/libvirt/images/data.qcow2 \
vdb \
--driver qemu \
--subdriver qcow2 \
--cache writeback \
--persistent
VM Templates and Cloning
Step 1: Create VM Template
# Create base VM
virt-install \
--name template-ubuntu \
--ram 2048 \
--vcpus 2 \
--disk path=/var/lib/libvirt/images/template-ubuntu.qcow2,size=20 \
--cdrom /var/lib/libvirt/boot/ubuntu.iso \
--network bridge=br0 \
--graphics none \
--console pty,target_type=serial \
--os-variant ubuntu20.04
# Customize template
virt-customize -a /var/lib/libvirt/images/template-ubuntu.qcow2 \
--update \
--install cloud-init,qemu-guest-agent \
--run-command 'dpkg-reconfigure openssh-server' \
--root-password password:template
# Sysprep template
virt-sysprep -a /var/lib/libvirt/images/template-ubuntu.qcow2
Step 2: Clone VMs
# Clone VM
virt-clone \
--original template-ubuntu \
--name prod-web-01 \
--file /var/lib/libvirt/images/prod-web-01.qcow2
# Batch clone script
cat > /usr/local/bin/batch-clone-vm << 'EOF'
#!/bin/sh
# Batch clone VMs
TEMPLATE=$1
PREFIX=$2
COUNT=$3
if [ -z "$COUNT" ]; then
echo "Usage: $0 <template> <prefix> <count>"
exit 1
fi
for i in $(seq 1 $COUNT); do
NAME="${PREFIX}-$(printf "%02d" $i)"
echo "Cloning $NAME from $TEMPLATE..."
virt-clone \
--original "$TEMPLATE" \
--name "$NAME" \
--file "/var/lib/libvirt/images/${NAME}.qcow2" \
--mac RANDOM
# Customize each clone
virt-customize -a "/var/lib/libvirt/images/${NAME}.qcow2" \
--hostname "$NAME" \
--run-command "echo $NAME > /etc/hostname"
done
EOF
chmod +x /usr/local/bin/batch-clone-vm
Backup and Snapshots
Step 1: Create Snapshots
# Create snapshot
virsh snapshot-create-as vm-name \
--name "before-update" \
--description "Snapshot before system update" \
--disk-only \
--atomic
# List snapshots
virsh snapshot-list vm-name
# Revert to snapshot
virsh snapshot-revert vm-name before-update
# Delete snapshot
virsh snapshot-delete vm-name before-update
Step 2: Backup VMs
# Create backup script
cat > /usr/local/bin/backup-vms << 'EOF'
#!/bin/sh
# Backup virtual machines
BACKUP_DIR="/backup/vms"
DATE=$(date +%Y%m%d)
mkdir -p "$BACKUP_DIR"
# Backup each VM
for VM in $(virsh list --all --name); do
if [ -n "$VM" ]; then
echo "Backing up $VM..."
# Create snapshot
virsh snapshot-create-as "$VM" backup-temp \
--disk-only --atomic --no-metadata
# Get disk path
DISK=$(virsh domblklist "$VM" | grep vda | awk '{print $2}')
# Backup disk
cp "$DISK" "$BACKUP_DIR/${VM}-${DATE}.qcow2"
# Backup XML
virsh dumpxml "$VM" > "$BACKUP_DIR/${VM}-${DATE}.xml"
# Remove temporary snapshot
virsh blockcommit "$VM" vda --active --pivot
fi
done
# Compress backups
cd "$BACKUP_DIR"
tar -czf "vms-backup-${DATE}.tar.gz" *-${DATE}.*
rm -f *-${DATE}.*
echo "Backup completed"
EOF
chmod +x /usr/local/bin/backup-vms
Step 3: Live Backup with External Snapshots
# Create live backup script
cat > /usr/local/bin/live-backup-vm << 'EOF'
#!/bin/sh
# Live backup with external snapshots
VM=$1
BACKUP_DIR="/backup/vms/live"
DATE=$(date +%Y%m%d_%H%M%S)
if [ -z "$VM" ]; then
echo "Usage: $0 <vm-name>"
exit 1
fi
mkdir -p "$BACKUP_DIR"
# Get current disk
DISK=$(virsh domblklist "$VM" | grep vda | awk '{print $2}')
SNAPSHOT="${DISK}.${DATE}"
# Create external snapshot
virsh snapshot-create-as "$VM" \
--name "backup-${DATE}" \
--diskspec "vda,file=${SNAPSHOT}" \
--disk-only \
--atomic \
--no-metadata
# Backup original disk
echo "Backing up original disk..."
cp "$DISK" "$BACKUP_DIR/${VM}-${DATE}.qcow2"
# Merge snapshot back
virsh blockcommit "$VM" vda \
--active \
--pivot \
--wait \
--verbose
# Clean up snapshot file
rm -f "$SNAPSHOT"
echo "Live backup completed: $BACKUP_DIR/${VM}-${DATE}.qcow2"
EOF
chmod +x /usr/local/bin/live-backup-vm
Remote Management
Step 1: Configure Remote Access
# Configure libvirtd for remote access
sed -i 's/#listen_tcp = 1/listen_tcp = 1/' /etc/libvirt/libvirtd.conf
sed -i 's/#tcp_port = "16509"/tcp_port = "16509"/' /etc/libvirt/libvirtd.conf
# Configure TLS for secure access
mkdir -p /etc/pki/libvirt/private
# Generate CA certificate
certtool --generate-privkey > /etc/pki/CA/private/cakey.pem
cat > /tmp/ca.info << 'EOF'
cn = Virtualization CA
ca
cert_signing_key
EOF
certtool --generate-self-signed \
--load-privkey /etc/pki/CA/private/cakey.pem \
--template /tmp/ca.info \
--outfile /etc/pki/CA/cacert.pem
# Generate server certificate
certtool --generate-privkey > /etc/pki/libvirt/private/serverkey.pem
cat > /tmp/server.info << 'EOF'
organization = Example Organization
cn = hypervisor.example.com
tls_www_server
encryption_key
signing_key
EOF
certtool --generate-certificate \
--load-privkey /etc/pki/libvirt/private/serverkey.pem \
--load-ca-certificate /etc/pki/CA/cacert.pem \
--load-ca-privkey /etc/pki/CA/private/cakey.pem \
--template /tmp/server.info \
--outfile /etc/pki/libvirt/servercert.pem
Step 2: Web-based Management
# Install Cockpit (web interface)
apk add cockpit cockpit-machines
# Enable Cockpit
rc-update add cockpit default
rc-service cockpit start
# Configure firewall for Cockpit
iptables -A INPUT -p tcp --dport 9090 -j ACCEPT
# Alternative: Install Kimchi/Wok
# Note: May require building from source on Alpine
Step 3: API Access
# Create Python script for libvirt API
cat > /usr/local/bin/vm-api.py << 'EOF'
#!/usr/bin/env python3
import libvirt
import json
from flask import Flask, jsonify, request
app = Flask(__name__)
conn = libvirt.open('qemu:///system')
@app.route('/vms', methods=['GET'])
def list_vms():
vms = []
for vm in conn.listAllDomains():
info = {
'name': vm.name(),
'state': vm.state()[0],
'id': vm.ID(),
'uuid': vm.UUIDString()
}
vms.append(info)
return jsonify(vms)
@app.route('/vms/<name>/start', methods=['POST'])
def start_vm(name):
try:
vm = conn.lookupByName(name)
vm.create()
return jsonify({'status': 'started'})
except Exception as e:
return jsonify({'error': str(e)}), 400
@app.route('/vms/<name>/stop', methods=['POST'])
def stop_vm(name):
try:
vm = conn.lookupByName(name)
vm.shutdown()
return jsonify({'status': 'stopped'})
except Exception as e:
return jsonify({'error': str(e)}), 400
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)
EOF
chmod +x /usr/local/bin/vm-api.py
Troubleshooting
Common Issues
- VM wonβt start:
# Check for errors
virsh start vm-name --console
# Check logs
tail -f /var/log/libvirt/qemu/vm-name.log
# Verify permissions
ls -la /dev/kvm
ls -la /var/lib/libvirt/images/
# Check SELinux/AppArmor
aa-status
- Network connectivity issues:
# Check bridge configuration
brctl show
ip addr show br0
# Check iptables rules
iptables -L -n -v
iptables -t nat -L -n -v
# Test network in VM
virsh domifaddr vm-name
- Performance problems:
# Check CPU usage
virsh cpu-stats vm-name
# Monitor disk I/O
virsh domblkstat vm-name vda
# Check memory usage
virsh dommemstat vm-name
# Host resource usage
vmstat 1
iostat -x 1
Debug Mode
# Enable libvirt debug logging
cat >> /etc/libvirt/libvirtd.conf << 'EOF'
log_level = 1
log_outputs = "1:file:/var/log/libvirt/libvirtd.log"
EOF
# Enable QEMU debug
cat >> /etc/libvirt/qemu.conf << 'EOF'
log_level = 1
EOF
# Restart services
rc-service libvirtd restart
# Monitor logs
tail -f /var/log/libvirt/*.log
Best Practices
Security Hardening
# Create security audit script
cat > /usr/local/bin/virt-security-audit << 'EOF'
#!/bin/sh
# Virtualization security audit
echo "=== Virtualization Security Audit ==="
# Check libvirt authentication
echo -n "Libvirt authentication: "
grep "auth_tcp" /etc/libvirt/libvirtd.conf
# Check VM isolation
echo -n "SELinux/AppArmor status: "
if command -v aa-status >/dev/null; then
aa-status --enabled && echo "Enabled" || echo "Disabled"
else
echo "Not installed"
fi
# Check network isolation
echo "Network isolation:"
virsh net-list --all
# Check disk encryption
echo "Checking for encrypted disks:"
for vm in $(virsh list --all --name); do
virsh dumpxml "$vm" | grep -q "encryption" && echo "$vm: Encrypted" || echo "$vm: Not encrypted"
done
# Check resource limits
echo "Resource limits:"
for vm in $(virsh list --name); do
echo -n "$vm: "
virsh dommemstat "$vm" | grep actual
done
EOF
chmod +x /usr/local/bin/virt-security-audit
Monitoring Script
# Create comprehensive monitoring script
cat > /usr/local/bin/virt-monitor << 'EOF'
#!/bin/sh
# Monitor virtualization infrastructure
clear
while true; do
echo "=== Virtualization Monitor - $(date) ==="
echo
# Host resources
echo "Host Resources:"
echo "CPU: $(top -bn1 | grep "Cpu(s)" | awk '{print $2}')%"
echo "Memory: $(free -h | awk '/^Mem:/ {print $3 "/" $2}')"
echo "Disk: $(df -h / | awk 'NR==2 {print $3 "/" $2}')"
echo
# VM status
echo "Virtual Machines:"
virsh list --all
echo
# Network status
echo "Virtual Networks:"
virsh net-list --all
echo
# Storage pools
echo "Storage Pools:"
virsh pool-list --all --details
sleep 5
clear
done
EOF
chmod +x /usr/local/bin/virt-monitor
Conclusion
Youβve successfully set up a comprehensive virtualization environment on Alpine Linux. With KVM/QEMU, libvirt, and optional VirtualBox support, your system can now host various types of virtual machines and containers. The lightweight nature of Alpine combined with powerful virtualization capabilities creates an efficient and flexible virtualization platform.
Remember to regularly update your virtualization software, monitor resource usage, and maintain proper backups of your virtual machines. With the tools and configurations provided, youβre ready to deploy and manage virtual infrastructure professionally.