KVM
Windows
Good external guide: https://ivonblog.com/posts/install-windows-11-qemu-kvm-on-linux/
Shady stuff: https://ivonblog.com/posts/microsoft-activation-scripts/
Enable TPM
* Add swtpm to ubuntu software repo Since ubuntu 22.04, swtpm is in default repo If ubuntu < 22.04, need to add repo: `Host $ sudo add-apt-repository ppa:itrue/swtpm && sudo apt update` If above fails, use this one instead `Host $ sudo add-apt-repository ppa:smoser/swtpm && sudo apt update` * Install the packages `Host $ sudo apt install swtpm swtpm-tools` * Fix misconfigured swtpm on ubuntu < 22.04 ``` # confirm user existed in /etc/passwd grep swtpm /etc/passwd # added swtpm user to end of file: /etc/libvirt/qemu.conf swtpm_user="swtpm" swtpm_group="swtpm" # restarted the service systemctl restart libvirtd ``` * Configure VM installation setting: * Add Hardware: * TPM Choose the desired version. You will need TPM 2.0 for Win11. TIS has better support.Enable secure boot
* Prerequisite: Enable TPM * Configure VM installation setting: * Overview: Chipset: Q35 Firmware: ...OVMF_CODE.secboot.fdHide virtualization from VM
This prevents the VM from knowing it is running as VM Which helps to bypass some checks that force you to run the software on real machine * Configure VM installation setting: * CPUs: (XML tab) ```Use VirtIO driver for faster disk access (optional)
Change XXXDiskXXX->Advanced option->Disk bus from SATA to VirtIO to enjoy faster disk. Note that there is no VirtIO driver inside Windows installation medium so you need to get the iso for driver here: virtio-win-*.iso in https://github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md Add extra SATA CDROM storage with the above .iso so that you end up with three storage: * VirtIO Disk 1 * SATA CDROM 1 (WinXXXXx64XXX.iso) * SATA CDROM 2 (virtio-win-*.iso) Fix the boot order so SATA CDROM 1 goes first. When you start the installation, windows will complain it cannot find any disk. Install the VirtIO driver by browse and navigate the folders in `virtio-win-*.iso` for the driver. The correct driver is inside `virtio-win-*.iso/cpuArch/OS` folder, something like `virtio-win-*.iso/AMD64/WIN11`. You will see your main disk after installing the correct driver. You may need to install the driver again when you first run the OS or else it cannot read the disk.Install Windows 11
* Requirements * CPU new enough Set CPU passthrough if host CPU is new enough, otherwise give up * Secure boot Configure as mentioned in previous Enable secure boot section * TPM Configure as mentioned in previous Enable TPM section, choose version >= 2.0Fix resolution
By default the resolution is 800x600 and requires extra driver to change that If you are using OVMF, then you don't need to waste time getting extra driver Simply press F2 when booting to get into bios `BIOS -> Device Manager -> OVMF Platform Configuration ->` `.. Choose the new resolution -> Commit Changes and Exit -> Esc -> Continue`Avoid linking or creating MS account
* Win10 Windows installation procedure will force you to create an online account or login with your existing microsoft account. The only way to leave that page is to make sure you have no internet access when the installation procedure got into that page. Directly removing the NIC is the fastest method to skip that part. You can add back the NIC later on. Note that simply disabling the NIC will not work, don't waste your time hesitating. * Win11 Ref: https://www.tomshardware.com/how-to/install-windows-11-without-microsoft-account It is similar to win10, but slightly more complicated. First do all the things in win10 section. When you got asked for connecting the internet, use shift+F10 to bring up terminal. Type `OOBE\BYPASSNRO` and enter. The computer will reboot and choose I dont have internet when asked. Continue as usual.VFIO GPU passthrough
Ubuntu 20.04: https://mathiashueber.com/pci-passthrough-ubuntu-2004-virtual-machine/
Ubuntu 22.04: https://mathiashueber.com/passthrough-windows-11-vm-ubuntu-22-04/
Before performing GPU passthrough, whether ubuntu or windows,
it is highly recommended to set up VNC server,
It greatly simplify the hassle of reverting to non-passthrough mode for debugging.
Most information are directly mentioned in above links
This document will only mention other fine details that you need to care about.
Details
* Firmware Use Q35, UEFIx86_64...OVMF_CODE...fd, any will work, their difference is for other features. i.e. secboot is for secure boot config * Disk driver For main storage disk, prefer the faster VirtIO. Note that there is no VirtIO driver inside Windows installation medium, so you better choose SATA for convenience, or add another SATA CDROM with the redhat virtio-win-\*.iso and manually install the driver during first OS installation The correct driver is inside virtio-win-\*.iso/cpuArch/OS folder virtio-win-\*.iso can be found at https://github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md You still need to install the driver again when you first run the OS or else it cannot read the disk. Just troublesome on Windows. Linux already come with VirtIO driver so it is a breeze. For installation iso, use SATA CDROM. This seems to be the restriction of Q35. (Unconfirmed) * Device config Remove Tablet If not using looking glass (or not yet), remove Display Spice, Video QXL, so that video output goes to GPU port. * Hide VM status from GPU Nvidia only supports VM usage for geforce after driver version 465.89. For quadro care, it requires license for such usage. If you are not within the above supported scope, you will need to hide VM from the driver to avoid getting error. ```Looking glass
Requirement: VFIO GPU passthrough
Main ref: https://looking-glass.io/docs/B6/install/
Host is the one running the server and sharing its screen and control.
Guest is the one using the looking glass to control the host.