Installing Virtualbox within Qubes

2,284 views
Skip to first unread message

rob.k...@gmail.com

unread,
Aug 30, 2015, 8:06:40 PM8/30/15
to qubes-users
I just installed Qubes (excellent work!) and I want to run Vagrant VMs within it. (I need to be able to share the Vagrantfiles with other developers I work with as well as using the same provisioning mechanisms as we'll use in production - neither of which is Qubes-friendly.)

The normal thing to install is Virtualbox, so I've installed it (VirtualBox-5.0 from Oracle's RPM repository). But, I cannot run VMs. Here's the log:

--------------------------------

[user@opensource salt-talk]$ virtualbox
WARNING: The vboxdrv kernel module is not loaded. Either there is no module
available for the current kernel (3.18.17-5.pvops.qubes.x86_64) or it failed to
load. Please recompile the kernel module and install it by

sudo /etc/init.d/vboxdrv setup

You will not be able to start VMs until this problem is fixed.

[user@opensource salt-talk]$ sudo /etc/init.d/vboxdrv setup
Stopping VirtualBox kernel modules [ OK ]
Recompiling VirtualBox kernel modules [FAILED]
(Look at /var/log/vbox-install.log to find out what went wrong)

[user@opensource salt-talk]$ cat /var/log/vbox-install.log
Makefile:185: *** Error: unable to find the sources of your current Linux kernel. Specify KERN_DIR=<directory> and run Make again. Stop.
Makefile:185: *** Error: unable to find the sources of your current Linux kernel. Specify KERN_DIR=<directory> and run Make again. Stop.

--------------------------------

I'm pretty sure I could continue down this path and find the sources and so on, but there has to be an easier way. But, whenever I google, I find discussions of why you don't want to run Qubes within Virtualbox (duh!). Nothing about the other direction.

I'm also okay with installing lxc or using Xen as the virtualization layer (if I could even control the VMs with Virtualbox instead of Qubes ...?), but I'd prefer Virtualbox because it reduces the differences with my teammates.

cprise

unread,
Aug 31, 2015, 12:38:53 AM8/31/15
to rob.k...@gmail.com, qubes-users
This isn't yet supported by Qubes, though there is an experimental patch
you can try here:

https://groups.google.com/d/msgid/qubes-devel/865fc165-3b87-404a-9ea6-a5f256014651%40googlegroups.com

Marek Marczykowski-Górecki

unread,
Aug 31, 2015, 7:20:21 AM8/31/15
to cprise, rob.k...@gmail.com, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
You'll also need to install kernel-devel package matching the current
kernel.

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJV5DhuAAoJENuP0xzK19csK0wH/3xwU0tnoEQLmeGE22VSTOf0
jSqWTtZ/1lTocY98kt83Je6F44/aXWTIEWZ0DBXXXYs//giKf5cVF1xrBwQWlb+0
yPn1G4VkH8tLFo4u8WYj7u59g6M90NHJuj7NioJt9qeJsySpgsDMhELhVMJ7ejqO
u24Lk/oeeQ/4XId4/H6TOMrf/xXu98B7H+Tp632ON1OuYGVQB2OMo979UIYX7IuH
eHQX8m+dZV4cpNklWdL8jhICI8fji9NB7yFC45miYSl0w6QVSeWP0PkzB0rbj11i
5yHPtra46hEV6xUX6K3pjcKPDjDUqZwRKyaQmN9l8jaEwKCAO8b9+7LW5JLD+V4=
=juav
-----END PGP SIGNATURE-----

Eric Shelton

unread,
Aug 31, 2015, 8:46:54 AM8/31/15
to qubes-users, rob.k...@gmail.com
Although I did successfully boot up Linux on VirtualBox under a Linux Mint HVM appvm using the above nested HVM patch, I did not do much more than see that.  It is unexplored territory, and may not be stable - some of my attempts to run KVM under nested HVM led to its parent HVM domain locking up.  By some reports VirtualBox was not even supposed to work under nested HVM.

Probably much more useful paths to explore involve not even using VirtualBox at all, and instead installing Vagrant directly on a standalone PV-based appvm (not using fedora-21 as a template, but instead essentially making a new template appvm) or an HVM-based Linux appvm.  I imagine someone has gotten Vagrant running under a Xen domain (PV or HVM), and that you could do much the same thing under Qubes.

Eric

Vít Šesták

unread,
Aug 31, 2015, 12:35:35 PM8/31/15
to qubes-users, rob.k...@gmail.com
Making Vagrant using template-based PVM does not seem to be so simple unless some Qubes-specific change is made to the Vagrantfile. But using a HVM might be the option. Maybe implementation through Qubes RPC[1] would not be very hard. Some RPC endpoint would have to be installed to dom0 (in order to create new VMs) and some to FirewallVM (in order to allow networking to the subVM). Of course, some simple permissions model (i.e. a VM can access only their own children) would have to be implemented.

But I might miss something important about Vagrant, as I have rather minor experience with it and some basic overview of its features and VM backends. I don't use it now, so writing such plugin is far from being my priority…

Regards,
Vít Šesták 'v6ak'

[1] https://www.qubes-os.org/doc/Qrexec/

Linux Video Tutorials

unread,
Dec 18, 2017, 6:04:20 PM12/18/17
to qubes-users

Hi,

You should choose "Enable EFI (special OSes only) check-box in the VM settings.
Here is video tutorial for Qubes OS 3.2 installation on VirtualBox
https://youtu.be/x08jjZbFWPo

Hope it helps.

pixel fairy

unread,
Dec 19, 2017, 1:40:35 AM12/19/17
to qubes-users
Heres one way to run vagrant on qubes.

https://gist.github.com/xahare/0f2078fc8c52e7ddece1e5ba70c6d5fc

But this is slow. You could also make a vagrant server and use that, or even share it with your co workers. heres a convenience script for that,

https://gist.github.com/xahare/1db2970b7b684c0d54c0c15cc32afb98

If your going the virtualbox route, and you want gui desktop access, you can enable vrde in your vagrantfile.

Reply all
Reply to author
Forward
0 new messages