Virtual Machines for Development Environment Isolation

I am about to start some open source development on my new Librem Mini V2.

I am new to development on PureOS and I have never developed under Debian either.

I would like to build a list of Virtual Machine software that can meet the following criteria, listed in the order of my priority:

1. Isolates installs of development tools from my host PureOS instance.
2. Support for the following guest OSs: Debian, Arch, PureOS
3. Regarding PureOS above, I would want to be able to target Librem5 platform (I want to port an app to the L5)
4. I will likely need to be able to install Docker images (some projects have one start from there).

I am seeking simple input from people who develop on their Librem under PureOS, pointing to VM s/w one actually uses, any links to “getting started with vm x” are also useful to me.

I would like to avoid debate over which VM is the best or which guest OS is the best, which s/w is most protected from the NSA, etc.

Thanks in advance.
-james

Just to see if I can get some traction here…

I am currently trying to get to a 100% dev environment for my project using a VM.

I am 80% there with the following:

• Virtual Machine Manager - provides a qemu virtual environment within a KVM hypervisor.
• Host: PureOS Byzantium
• Guest: Debian 10 w/Gnome
• VM: 4 cpu, 4096 ram

I am able to install all my tools (including things I do not want to install on my nice PureOS host:

• Chrome, Firefox
• Visual Studio Code
• Discord
• etc

What’s left?

1. Use both of my 2 displays within the guest
2. Bluetooth with enough performance for discord-based voice (might not be achievable)

Regarding the 2 displays: I found an article that showed how to use remote-viewer via command line with:

remote-viewer spice://localhost:5900

Then they use the View | Displays … menu to check on an additional disply (e.g. [ ] Dispay 2).

The part I am missing is how to get the spice to show that it knows about more than 1 display.

Seems like I should be adding hardware to tell the VM configuration that I have 2 displays?

Anyone have any suggestions on where to look to find out how to set this up?

[PS: I will be happy to take pointers on how to get Bluetooth performing properly on the guest, but that’s a #2 priority]

Apologies for the assumptions below, maybe you already know everything … but here are some of my thoughts:

Get hardware pass through working and assign dedicated hardware that is supported. Get one or two videos cards and dedicate at least one properly supported amd video card to your main dev virtual machine. If you have a second video card you can have windows running as a vm and dedicate an amd video card to that machine just in case you need to swap over.

So basically:

1. HOST

You host os is for virtualization only and NOTHING else. Minimum packages basic config setup.

On your host you setup hardware passthrough.

2. MULTIPLE PRIMARY DEV OS VIRTUALIZED ENVIRONMENTS

If you need to run Win / Lin simultaneously on one box, will want probably two videos cards to dedicate to Windows and Linux virtual machines via hardware passthrough.

There are a bunch of open source (and closed source scamware) to share your keyboard / mouse / touchpad / joystick across whatever platform you need it on.

I don’t have any recommendations, the last non-free platform in my ecosystem is my Android and that is going to go bye bye soon.

2. SINGLE DEV ENVIRONMENT

Once you get hardware passthrough working, you will go a bit crazy with what you can do in a fully paravirtualized workflow, especially once you kinda get comfortable. Basically, once you go paravirtualized workflow you don’t go back.

Anyway, eventually most people just settle down on one main environment and a bunch of others dedicated to specific tasks. You will probably want some testing servers running concurrently on the same box, ram and storage is cheap.

And eventually, you will go from a bunch of virtual machines to a few or less unless work demands / workflow demands change.

3. MONITOR SITUATION

My recommendation is dedicated video cards for each guest os that will need to use as a desktop with hardware passthrough and just switch the source on your monitors. That is the least amount of trouble and you are completely isolated from your host machine. All non desktop virtual machines don’t need access to video cards as you will probably just ssh into them.

The core idea is that you never want to touch your host machine except for upgrades, because too much can go wrong. You can always snapshot your work environments and if you screw them up you can roll back from host. Basic risk management.

However, if you like to live stupid, there is an open source project that allows you to:

a) Do full video card passthrough to your vm guest so you get full video acceleration on the guest.

b) Work on your host and open up your guest in a window by COPYING THE RAM FROM THE VIDEO CARD. Similar to your vnc approach but basically the host accesses the video ram from the vm and renders it locally on the host for you so you get your vm in a local window with full accelration that the vm can do via access to the passthrough video card. I forget the name of the software, but if you search the Level1 youtube channels they have great demos of the software and great explanations of how this works. It’s open source.

Of course, the problem is you are working on your host os in a window and you won’t be able to resist fiddling with your host os. This will eventually result in an update or a screw up that will hose your virtual machines and you will then have to pay the price of dogfooding it raw. My advice is as per above: simplify, invest in known supported amd video cards, pass those through to your vm and just switch the source on your monitor to work in your new environment. Never touch your host os the same way you don’t fiddle with your ESXI setup without being serious about the maintenance involved.

Otherwise, welcome to the future. All the cool kids are doing hardware passthrough.

If I understand you correctly - the idea is to use my Librem Mini v2 / PureOS as hypervisor only (the minimal install - only what is necessary to run qemu/kvm and no desktop GUI etc.).

Then use as much hardware passthrough as possible - which in my case would be the video hardware and possibly the Bluetooth hardware (and if I do that, I suppose I could pass through a web cam also).

And… that if/when I get this running, it will be so stunning - that I will do all my development in these type of VMs.

This is very compelling - almost want to buy a second LM2 just to try it out on the side.

The unfortunate thing is that I am on a tight deadline at present, where I am reluctant to take on this amount reconfiguration on my 1 LM2; I think I would be slow at it while learning and I would iterate until I have all the settings dialed-in.

PS: What is it like to repave an LM2 with factory install if I had to revert?

PPS:

Stuff on my desk right now:

• Mac Mini Mid-2011 (Apple has dropped support for this January 2021): 4 cores, 8Gb RAM, 500Gb disk, 1 video card (2 ports)
• LIbrem Mini v2: 4 cores, 16Gb RAM, 500 Gb disk, 1 video card (2 ports)
• 2 x Anker HDMI A/B 2 in -> 1 out (1 for each of my 2 monitors, A from LM v2 and B from my mac mini)
• 2 Acer 27" monitors
• 8-port switch
• webcam

I want to phase out the mac mini.

Wondering how I would add a second video card to my LM2?

Then, I think I would want 1 VM for my domestic everyday life stuff: email, web, btc full node :-> and like you have said, I would use 1 primary VM for full-time dev work, and I can see how I would want a small handful of small headless VMs to run dev servers, etc.

You can do a fresh install on a usb-stick and take all the time you require to tweak that install.

When you need to get some actual work done, shutdown the usb OS, unplug it, and boot your untouched original OS.

You could even hibernate both instead of shutdown.

@ookhoi Time for me to get handy with the USB-based live OS scenario for sure! Thanks for that.

I am wondering now about a different approach, like NixOS - I don’t necessarily need to be in and out of environments quickly - for my dev work, I could potentially be in the same OS environment for several days, using my laptop for the intermittent domestic chores.

I absolutely love NixOS

I’m using it on all my servers, my laptop, the laptop of my son, and plan to use it on the laptop of my daughter and on my Librem 5 when it arrives.

Are you already using NixOS?

I was just describing some generic workflow options. I don’t know if it will work on the mini2 and setting up a fully paravirtualized workflow takes some time and work. Not a lot but enough.

You may be better of with Ookhois suggestion, but if you ever have a desktop with enough oomph, consider some of my suggestions as guideposts.

Absolutely! I thank you (and everyone) - this is going to be helpful reference for me (and perhaps others too).

I have known about nix for a few years, and I really like the concept. I hope to try it out and hopefully employ it as you have. Thank you for your post.