KVM Virtual Machines’ Backup and Restoration


According to Redhat, KVM is an open-source virtualization technology that is incorporated into Linux. KVM stands for Kernel-based Virtual Machine. To be more specific, KVM enables the transformation of Linux into a hypervisor, which makes it possible for a single physical computer to operate simultaneously several distinct virtual environments, also known as guests or virtual machines (VMs). This post will focus mainly on backing up KVM virtual machines (VMs).

Backup your KVM VM

First, log in using the sudo user and list all of the KVM virtual machines available.

virsh list --all;
# virsh help list
#    list - list domains
#    list [--inactive] [--all] [--transient] [--persistent] [--with-snapshot] [--without-snapshot] [--state-running] [--state-paused] [--state-shutoff] [--state-other] [--autostart] [--no-autostart] [--with-managed-save] [--without-managed-save] [--uuid] [--name] [--table] [--managed-save] [--title]
#    Returns list of domains.
#    --all            list inactive & active domains

Next, you will need to log out of the virtual machine (VM) you intend to back up.

virsh shutdown $VM_NAME;
# virsh help shutdown
#    shutdown - gracefully shutdown a domain
#    shutdown <domain> [--mode <string>]
#    Run shutdown in the target domain.
#    [--domain] <string>  domain name, id or uuid
#    --mode <string>  shutdown mode: acpi|agent|initctl|signal|paravirt

Then it would be best if you executed the following to ensure that the command was executed successfully.

virsh list --all;

We can break down the process of backing up a KVM virtual machine into two essential parts:

The definition of the domain:

Specifying the physical components that make up the VM, such as its network interfaces, physical and virtual central processing units, RAM, and disk space. You will be able to see this information by executing the following command:

virsh dumpxml $VM_NAME;
# virsh help dumpxml
#    dumpxml - domain information in XML
#    dumpxml <domain> [--inactive] [--security-info] [--update-cpu] [--migratable]
#    Output the domain information as an XML dump to stdout.
#    [--domain] <string>  domain name, id or uuid
#    --inactive       show inactive defined XML
#    --security-info  include security sensitive information in XML dump
#    --update-cpu     update guest CPU according to host CPU
#    --migratable     provide XML suitable for migrations

The data file:

The path to the source file includes the location of the data file that needs to be backed up by us. It is where the virtual machine’s hard drive is stored. This section contains the internal configuration, including services, databases, etc. We can use the domain definition to determine the location of this file, or we can use the following command, which will tell you the position of the hard drive. Either way, we can find the location of this file.

virsh domblklist $VM_NAME;
# virsh help domblklist
#    domblklist - list all domain blocks
#    domblklist <domain> [--inactive] [--details]
#    Get the summary of block devices for a domain.
#    [--domain] <string>  domain name, id or uuid
#    --inactive       get inactive rather than running configuration
#    --details        additionally display the type and device value

Let’s assume that the following is the given location (which is usually the default location for virtual machines created with libvirt):


The above command will produce output similar to the following:

Target     Source
hda        /var/lib/libvirt/images/nba.qcow2
hdb        -

The qcow2 images are the disk files that we need to back up.

First, we need to create a place to put the backups:

mkdir -p /opt/backup/kvm/;

The following command creates a backup of the domain definition:

virsh dumpxml $VM_NAME > "/opt/backup/kvm/$VM_NAME.xml";

The following is what we employ to create a backup of the hard drives based on the feedback of the domblklist command:

cp /var/lib/libvirt/images/nba.qcow2 /opt/backup/kvm/;

Restore your KVM virtual machine

We will begin by erasing the virtual machine’s hard disk and undefining the VM so that it does not exist any longer. Using the domblklist command, we need to identify the qcow2 files to be deleted. After we collect that information and make sure that the VM is stopped using the shutdown command, we need to delete the file(s) from the hard drive:

rm /var/lib/libvirt/images/nba.qcow2;

Remove the VM definition:

Then you need to remove the existing definition before restoring a backup.

virsh undefine $VM_NAME;
# virsh help undefine
#    undefine - undefine a domain
#    undefine <domain> [--managed-save] [--storage <string>] [--remove-all-storage] [--delete-snapshots] [--wipe-storage] [--snapshots-metadata] [--nvram] [--keep-nvram]
#    Undefine an inactive domain, or convert persistent to transient.
#    [--domain] <string>  domain name, id or uuid
#    --managed-save   remove domain managed state file
#    --storage <string>  remove associated storage volumes (comma separated list of targets or source paths) (see domblklist)
#    --remove-all-storage  remove all associated storage volumes (use with caution)
#    --delete-snapshots  delete snapshots associated with volume(s), requires --remove-all-storage (must be supported by storage driver)
#    --wipe-storage   wipe data on the removed volumes
#    --snapshots-metadata  remove all domain snapshot metadata, if inactive
#    --nvram          remove nvram file, if inactive
#    --keep-nvram     keep nvram file, if inactive

Restore the virtual machine (VM).

Now, to bring back the virtual machine that was removed, we will first get back the hard drive:

cp /opt/backup/kvm/nba.qcow2 /var/lib/libvirt/images/;

Then, bring back the original definition of the domain.

virsh define --file "/opt/backup/kvm/$VM_NAME.xml";
# virsh help define
#    define - define (but don't start) a domain from an XML file
#    define <file> [--validate]
#    Define a domain.
#    [--file] <string>  file containing an XML domain description
#    --validate       validate the XML against the schema

If you’re moving it to a different physical host, you can check to see if the information included within the XML file needs to be updated appropriately. Check to see if the new physical host has network interfaces, for instance, and so forth.

Execute the following to check that the parameters of your virtual machine (VM) have been successfully defined:

virsh list --all;

After that, begin using the VM by:

virsh start $VM_NAME;
# virsh help start
#    start - start a (previously defined) inactive domain
#    start <domain> [--console] [--paused] [--autodestroy] [--bypass-cache] [--force-boot] [--pass-fds <string>]
#    Start a domain, either from the last managedsave
#    state, or via a fresh boot if no managedsave state
#    is present.
#    [--domain] <string>  name of the inactive domain
#    --console        attach to console after creation
#    --paused         leave the guest paused after creation
#    --autodestroy    automatically destroy the guest when virsh disconnects
#    --bypass-cache   avoid file system cache when loading
#    --force-boot     force fresh boot by discarding any managed save
#    --pass-fds <string>  pass file descriptors N,M,... to the guest

Once your virtual machine (VM) is up and running, you may use SSH or other methods to log into it and check that everything was correctly restored.

Install Gnome Boxes on Kali Linux

Our solution in getting Gnome Boxes to work on Kali Linux (which is a Debian-derived Linux distribution just like Ubuntu) is the following:

First install Gnome Boxes along with all needed virtualization software:

sudo apt-get install -y gnome-boxes qemu-kvm libvirt0 virt-manager bridge-utils;

Then, edit the file /etc/libvirt/qemu.conf to uncomment the following line:

#user = "root"

Finally, restart the host machine and your Gnome Boxes will be ready to use.

Long story

Recently, we were setting up a Kali Linux machine and one of the requirements was to add virtualization support so that the user could execute virtual machines doing.. other stuff. We started by installing gnome-boxes only (hoping that would be enough)

sudo apt-get install -y gnome-boxes;

.. but we got an error:

Boxes cannot access the virtualization backend

Apparently, installing gnome-boxes only, the dependency system did not automatically assume we would need to install an engine to handle the virtual machines, so we had to install the following as well:

sudo apt-get install -y qemu-kvm libvirt0 virt-manager bridge-utils;

After the installation, we tried  to create a new virtual machine but it would fail when we tried to start it. After looking into the logs we found the following useful information:


It seems that our user (even if it was root) could not start the QEMU process. To fix this issue we had to modify the file /etc/libvirt/qemu.conf and uncomment the following line:

#user = "root"

from this section

# The user for QEMU processes run by the system instance. It can be
# specified as a user name or as a user id. The qemu driver will try to
# parse this value first as a name and then, if the name doesn't exist,
# as a user id.
# Since a sequence of digits is a valid user name, a leading plus sign
# can be used to ensure that a user id will not be interpreted as a user
# name.
# Some examples of valid values are:
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#user = "root"

# The group for QEMU processes run by the system instance. It can be
# specified in a similar way to user.
#group = "root"

After doing this change and restarting the host machine we were able to start and use any virtual machine in Gnome Boxes.

Extra information

In this case, we were using Kali Linux, where people usually operate it using the root account only.
On other installations, like on an Ubuntu installation you would need to handle differently the last step that requires you to edit the /etc/libvirt/qemu.conf file.

Specifically, the best way to handle this issue on a multi-user environment (like Ubuntu) would be to replace the following line:

#group = "root"

with this

group = "kvm"

and then add yourself to the kvm group before restarting the host machine

sudo usermod -a -G kvm $USER;

Doing so, it allows you to enable access to the virtualization services to multiple users of you choice instead of limiting it to one account.

Fedora Configure Hardware Acceleration for the Android Emulator 1

While setting up Android Studio on a Fedora 27 x64, we got the following message from the Android Studio Setup Wizard:

We have detected that your system can run the Android emulator in an accelerated performance mode.
Linux-based systems support virtual machine acceleration through the KVM (Kernel-mode Virtual Machine) software package.

Search for install instructions for your particular Linux configuration (Android KVM Linux Installation) that KVM is enabled for faster Android emulator performance.

After going through the website mentioned in the message we noticed that there were no instructions for Fedora so we decided to write our own.

Below are the steps we followed to enable hardware acceleration for the Android emulator.

Step 1: Verify that your CPU has virtualization extensions.

Execute the following in a terminal:

egrep '^flags.*(vmx|svm)' /proc/cpuinfo;

if you get ANY output then it would mean that your CPU supports either VMX or SVM which is good.
If it does not print anything then the emulator will fall back to software virtualization, which is extremely slow.

Step 2: Install the virtualization packages

sudo dnf group install --with-optional virtualization;

Step 3: Start the service

sudo systemctl start libvirtd;

Step 4: Automatically start the service on boot:

sudo systemctl enable libvirtd;

Step 5: Verify that the kvm kernel modules were loaded

lsmod | grep kvm

If the above command does not print kvm_intel or kvm_amd, it would mean that KVM is not properly configured.

Send ALT+CTRL+Delete to QEMU virtual machine 1

Recently we wanted to start a Windows virtual machine from a physical hard disk using a Fedora w/ GNOME 3 host machine to change the domain password of a user.
To do so, we used QEMU, QEMU is a generic and open source machine emulator and virtualizer.

To perform the password change, we needed to sent the ALT+CTRL+Delete key combination to the virtual machine to access the system screen and then change the user password.
Pressing ALT+CTRL+Delete on the Fedora/GNOME 3 host machine, it popped up a prompt to shut down the host machine instead of sending the key combination to the active window of the VM. Apparently, we could not sent the key combination directly to the VM and had to find a way around it.


We pressed ALT+CTRL+2 while the QEMU window was selected/active to switch to the QEMU terminal/monitor.
In the blank screen that appeared, we typed sendkey alt-ctrl-delete and pressed the Enter key.
This action sent to the virtual machine OS the key combination ALT+CTRL+Delete.
Finally, to switch back  to the guest screen we pressed ALT+CTRL+1.

Fedora: Start a Virtual Machine using a physical hard disk

Recently, we wanted to start a Virtual Machine running a Windows installation from a physical hard disk.

We could not find a way for GNOME Boxes to achieve this, so we installed qemu to do so.

We installed qemu using:

sudo dnf install qemu -y;

Configuring our command to start the Virtual Machine from the physical hard drive:

  • Our hard disk was identified on the physical machine as /dev/sda so we set the -hda parameter to that value.
  • Then we added the parameter -boot c to instruct the virtual machine to boot from the first hard disk.
  • The default guest start-up RAM size was 128 MiB, so we set the parameter -m to 4096 to give to the virtual machine 4GB of RAM.
  • Finally we added the -snapshot parameter which instructed the system to write to temporary files instead of the disk image files (all disk images are considered as read only).
    In this case, the raw disk image used are not written back. When sectors are written, they are written in a temporary file created in /tmp.
    You can however force the write back to the raw disk images by using the commit monitor command (or C-a s in the serial console).

In the end our command was as follows:

sudo qemu-kvm -snapshot -m 4096 -boot c -hda /dev/sda;