Tribblix: manual page: bhyve.8

BHYVE(8) Maintenance Commands and Procedures BHYVE(8)

NAME

bhyve - run a guest operating system inside a virtual machine

SYNOPSIS

bhyve [-aCDdeHhPSuWwxY]
[-c [[cpus=]numcpus][,sockets=n][,cores=n][,threads=n]] [-f
name,[string|file]=data] [-G [w][bind_address:]port] [-B
type,[key=value][,key=value]...] [-k config_file] [-K layout] [-l
lpcdev[,conf]] [-m memsize[K|k|M|m|G|g|T|t]] [-o var=value]
[-r file] [-s slot,emulation[,conf]] [-U uuid] vmname
bhyve -l help
bhyve -s help

DESCRIPTION

bhyve is a hypervisor that runs guest operating systems inside a
virtual machine.

Parameters such as the number of virtual CPUs, amount of guest memory,
and I/O connectivity can be specified with command-line parameters.

bhyve runs until the guest operating system reboots or an unhandled
hypervisor exit is detected.

OPTIONS

-a The guest's local APIC is configured in xAPIC mode. The
xAPIC mode is the default setting so this option is
redundant. It will be deprecated in a future version.

-B type,[key=value][,key=value]...
Configure smbios data. type must be set to one of 0, 1, 2
or 3. Supported keys for each type are:

0 vendor, version, release_date.

1 manufacturer, product_name (or product), version,
serial_number (or serial), sku, family_name (or
family), uuid.

2 manufacturer, product_name, version, serial_number,
asset_tag, location

3 manufacturer, version, serial_number, asset_tag,
sku.

-c [[cpus=]numcpus][,sockets=n][,cores=n][,threads=n]
Number of guest virtual CPUs and/or the CPU topology. The
default value for each of numcpus, sockets, cores, and
threads is 1. The current maximum number of guest virtual
CPUs is 32. If numcpus is not specified then it will be
calculated from the other arguments. The topology must be
consistent in that the numcpus must equal the product of
sockets, cores, and threads. If a setting is specified
more than once the last one has precedence.

-C Include guest memory in core file.

-D Destroy the VM on guest initiated power-off.

-d Suspend CPUs at boot.

-e Force bhyve to exit when a guest issues an access to an I/O
port that is not emulated. This is intended for debug
purposes.

-f name,[string|file]=data
Add a fw_cfg file name to the fw_cfg interface. If a
string is specified, the fw_cfg file contains the string as
data. If a file is specified, bhyve reads the file and
adds the file content as fw_cfg data.

-G [w][bind_address:]port
Start a debug server that uses the GDB protocol to export
guest state to a debugger. An IPv4 TCP socket will be
bound to the supplied bind_address and port to listen for
debugger connections. Only a single debugger may be
attached to the debug server at a time. If the option
begins with `w', bhyve will pause execution at the first
instruction waiting for a debugger to attach.

-H Yield the virtual CPU thread when a HLT instruction is
detected. If this option is not specified, virtual CPUs
will use 100% of a host CPU.

-h Print help message and exit.

-k config_file
Set configuration variables from a simple, key-value config
file. Each line of the config file is expected to consist
of a config variable name, an equals sign (`='), and a
value. No spaces are permitted between the variable name,
equals sign, or value. Blank lines and lines starting with
`#' are ignored. See bhyve_config(5) for more details.

-K layout Specify the keyboard layout. The value that can be
specified sets the file name in /usr/share/bhyve/kbdlayout.
This specification only works when loaded with UEFI mode
for VNC. When using a VNC client that supports QEMU
Extended Key Event Message (e.g. TigerVNC), this option
isn't needed. When using a VNC client that doesn't support
QEMU Extended Key Event Message (e.g. tightVNC), the layout
defaults to the US keyboard unless specified otherwise.

-l help Print a list of supported LPC devices.

-l lpcdev[,conf]
Allow devices behind the LPC PCI-ISA bridge to be
configured. The only supported devices are the TTY-class
devices com1, com2, com3 and com4, the TPM module tpm, the
boot ROM device bootrom, the fwcfg type and the debug/test
device pc-testdev.

The possible values for the conf argument are listed in the
-s flag description.

-m memsize[K|k|M|m|G|g|T|t]
Set the guest physical memory size. The size argument may
be suffixed with one of K, M, G or T (either upper or lower
case) to indicate a multiple of kibibytes, mebibytes,
gibibytes, or tebibytes. If no suffix is given, the value
is assumed to be in mebibytes.

The default is 256MiB.

-o var=value
Set the configuration variable var to value.

-P Force the guest virtual CPU to exit when a PAUSE
instruction is detected.

-S Wire guest memory.

-s help Print a list of supported PCI devices.

-s slot,emulation[,conf]
Configure a virtual PCI slot and function.

bhyve provides PCI bus emulation and virtual devices that
can be attached to slots on the bus. There are 32
available slots, with the option of providing up to 8
functions per slot.

The slot can be specified in one of the following formats:

+o pcislot
+o pcislot:function
+o bus:pcislot:function

The pcislot value is 0 to 31. The optional function value
is 0 to 7. The optional bus value is 0 to 255. If not
specified, the function value defaults to 0. If not
specified, the bus value defaults to 0.

The emulation argument can be one of the following:

hostbridge A simple host bridge. This is usually
configured at slot 0, and is required by
most guest operating systems.

amd_hostbridge Emulation identical to hostbridge but using
a PCI vendor ID of AMD.

passthru PCI pass-through device.

virtio-net-viona
Accelerated Virtio network interface.

virtio-net Legacy Virtio network interface.

virtio-blk Virtio block storage interface.

virtio-9p Virtio 9p (VirtFS) interface.

virtio-rnd Virtio random number generator interface.

virtio-console Virtio console interface, which exposes
multiple ports to the guest in the form of
simple char devices for simple IO between
the guest and host userspaces.

ahci AHCI controller attached to arbitrary
devices.

ahci-cd AHCI controller attached to an ATAPI
CD/DVD.

ahci-hd AHCI controller attached to a SATA hard
drive.

e1000 Intel e82545 network interface.

uart PCI 16550 serial device.

lpc LPC PCI-ISA bridge with COM1, COM2, COM3,
and COM4 16550 serial ports, a boot ROM,
and, optionally, a fwcfg type and the
debug/test device. The LPC bridge
emulation can only be configured on bus 0.

fbuf Raw framebuffer device attached to VNC
server.

xhci eXtensible Host Controller Interface (xHCI)
USB controller.

nvme NVM Express (NVMe) controller.

The optional parameter conf describes the backend for
device emulations. If conf is not specified, the device
emulation has no backend and can be considered unconnected.

Host Bridge Devices

model=model
Specify a hostbridge model to emulate. Valid
model strings, and their associated vendor and
device IDs are: amd (0x1022/0x7432), netapp
(0x1275/0x1275), i440fx (0x8086/0x1237) and q35
(0x8086/0x29b0). The default value of model is
netapp.

vendor=vendor
PCI vendor ID.

devid=devid
PCI device ID.

Providing extra configuration parameters for a host bridge
is optional, but if parameters are provided then either
model by itself, or both of vendor and devid must be
specified.

Accelerated Virtio Network Backends:

[vnic=]vnic[,feature_mask=mask]

vnic is the name of a configured virtual NIC on
the system. mask is applied to the virtio
feature flags which are advertised to the
guest. Bits set in the mask value are removed
from the advertised features.

Other Network Backends:

[vnic=]vnic[,network-backend-options]

vnic is the name of a configured virtual NIC on
the system.

The network-backend-options are:

promiscphys
Enable promiscuous mode at the physical level
(default: false)

promiscsap
Enable promiscuous mode at the SAP level
(default: true)

promiscmulti
Enable promiscuous mode for all multicast
addresses (default: true)

promiscrxonly
The selected promiscuous modes are only enabled
for received traffic (default: true).

Block storage device backends:

+o /filename[,block-device-options]

+o /dev/xxx[,block-device-options]

The block-device-options are:

nocache Open the file with O_DIRECT.

direct Open the file using O_SYNC.

ro Force the file to be opened read-only.

sectorsize=logical[/physical]
Specify the logical and physical sector sizes
of the emulated disk. The physical sector size
is optional and is equal to the logical sector
size if not explicitly specified.

nodelete Disable emulation of guest trim requests via
DIOCGDELETE requests.

bootindex=index
Add the device to the bootorder at index. A
fwcfg file is used to specify the bootorder.
The guest firmware may ignore or not have
support for this fwcfg file. In that case,
this feature will not work as expected.

9P device backends:

+o sharename=/path/to/share[,9p-device-options]

The 9p-device-options are:

ro Expose the share in read-only mode.

TTY device backends:

stdio Connect the serial port to the standard input
and output of the bhyve process.

/dev/xxx Use the host TTY device for serial port I/O.

TPM device backends:

type,path[,tpm-device-options]
Emulate a TPM device.

The tpm-device-options are:

version=version
Version of the TPM device according to the TCG
specification. Defaults to 2.0

Boot ROM device backends:

romfile[,varfile]
Map romfile in the guest address space reserved
for boot firmware. If varfile is provided,
that file is also mapped in the boot firmware
guest address space, and any modifications the
guest makes will be saved to that file.

Fwcfg types:

fwcfg The fwcfg interface is used to pass information
such as the CPU count or ACPI ables to the
guest firmware. Supported values are `bhyve'
and `qemu'. Due to backward compatibility
reasons, `bhyve' is the default option. When
`bhyve' is used, bhyve's fwctl interface is
used. It currently reports only the CPU count
to the guest firmware. The `qemu' option uses
QEMU's fwcfg interface. This interface is
widely used and allows user-defined information
to be passed o the guest. It is used for
passing the CPU count, ACPI tables, a boot
order and many other things to the guest. Some
operating systems such as Fedora CoreOS can be
configured by qemu's fwcfg interface as well.

Pass-through device backends:

/dev/pptN Connect to a PCI device on the host identified
by the specified path.

rom=romfile
Add romfile as option ROM to the PCI device.
The ROM will be loaded by firmware and should
be capable of initialising the device.

bootindex=index
Add the device to the bootorder at index. A
fwcfg file is used to specify the bootorder.
The guest firmware may ignore or not have
support for this fwcfg file. In that case,
this feature will not work as expected.

Guest memory must be wired using the -S option when a pass-
through device is configured.

The host device must have been previously attached to the
ppt driver.

Virtio console device backends:

+o port1=/path/to/port1.sock[,portN=/path/to/port2.sock ...]

A maximum of 16 ports per device can be created. Every
port is named and corresponds to a UNIX domain socket
created by bhyve. bhyve accepts at most one connection per
port at a time.

Limitations:

+o Due to lack of destructors in bhyve, sockets on the
filesystem must be cleaned up manually after bhyve
exits.

+o There is no way to use the "console port" feature, nor
the console port resize at present.

+o Emergency write is advertised, but no-op at present.

TPM devices:

type Specifies the type of the TPM device.

Supported types:

passthru

version=version
The version of the emulated TPM device
according to the TCG specification.

Supported versions:

2.0

Framebuffer device backends:

+o [rfb=ip-and-port][,w=width][,h=height][,vga=vgaconf][,wait][,password=password]

Configuration options are defined as follows:

rfb=ip-and-port (or tcp=ip-and-port)
An IP address and a port VNC should listen on.
There are two formats:

+o [IPv4:]port
+o [IPv6]:port

The default is to listen on localhost IPv4
address and default VNC port 5900. An IPv6
address must be enclosed in square brackets.

unix=path The path to a UNIX socket which will be created
and where bhyve will accept VNC connections.

w=width and h=height
A display resolution, width and height,
respectively. If not specified, a default
resolution of 1024x768 pixels will be used.
Minimal supported resolution is 640x480 pixels,
and maximum is 3840x2160 pixels.

vga=vgaconf
Possible values for this option are io
(default), on , and off. PCI graphics cards
have a dual personality in that they are
standard PCI devices with BAR addressing, but
may also implicitly decode legacy VGA I/O space
(0x3c0-3df) and memory space (64KB at 0xA0000).
The default io option should be used for guests
that attempt to issue BIOS calls which result
in I/O port queries, and fail to boot if I/O
decode is disabled.

The on option should be used along with the CSM
BIOS capability in UEFI to boot traditional
BIOS guests that require the legacy VGA I/O and
memory regions to be available.

The off option should be used for the UEFI
guests that assume that VGA adapter is present
if they detect the I/O ports. An example of
such a guest is OpenBSD in UEFI mode.

wait Instruct bhyve to only boot upon the initiation
of a VNC connection, simplifying the
installation of operating systems that require
immediate keyboard input. This can be removed
for post-installation use.

password=password
This type of authentication is known to be
cryptographically weak and is not intended for
use on untrusted networks. Many
implementations will want to use stronger
security, such as running the session over an
encrypted channel provided by IPsec or SSH.

xHCI USB device backends:

tablet A USB tablet device which provides precise
cursor synchronization when using VNC.

NVMe device backends:

+o devpath[,maxq=#][,qsz=#][,ioslots=#][,sectsz=#][,ser=#][,eui64=#][,dsm=opt]

Configuration options are defined as follows:

devpath Accepted device paths are: /dev/blockdev or
/path/to/image or ram=size_in_MiB.

maxq Max number of queues.

qsz Max elements in each queue.

ioslots Max number of concurrent I/O requests.

sectsz Sector size (defaults to blockif sector size).

ser Serial number with maximum 20 characters.

eui64 IEEE Extended Unique Identifier (8 byte value).

dsm DataSet Management support. Supported values
are: auto, enable, and disable.

AHCI device backends:

+o [[hd:|cd:]path][,nmrr=nmrr][,ser=#][,rev=#][,model=#]

Configuration options are defined as follows:

nmrr Nominal Media Rotation Rate, known as RPM.
Value 1 will indicate device as Solid State
Disk. Default value is 0, not report.

ser Serial Number with maximum 20 characters.

rev Revision Number with maximum 8 characters.

model Model Number with maximum 40 characters.

-U uuid Set the universally unique identifier (UUID) in the guest's
System Management BIOS System Information structure. By
default a UUID is generated from the host's hostname and
vmname.

-u RTC keeps UTC time.

-W Force virtio PCI device emulations to use MSI interrupts
instead of MSI-X interrupts.

-w Ignore accesses to unimplemented Model Specific Registers
(MSRs). This is intended for debug purposes.

-x The guest's local APIC is configured in x2APIC mode.

-Y Disable MPtable generation.

vmname Alphanumeric name of the guest.

CONFIGURATION VARIABLES

bhyve uses an internal tree of configuration variables to describe
global and per-device settings. When bhyve starts, it parses command
line options (including config files) in the order given on the command
line. Each command line option sets one or more configuration
variables. For example, the -s option creates a new tree node for a
PCI device and sets one or more variables under that node including the
device model and device model-specific variables. Variables may be set
multiple times during this parsing stage with the final value
overriding previous values.

Once all of the command line options have been processed, the
configuration values are frozen. bhyve then uses the value of
configuration values to initialize device models and global settings.

More details on configuration variables can be found in
bhyve_config(5).

SIGNAL HANDLING

bhyve deals with the following signals:

SIGTERM Trigger ACPI poweroff for a VM

EXIT STATUS

Exit status indicates how the VM was terminated:

0 rebooted
1 powered off
2 halted
3 triple fault
4 exited due to an error

EXAMPLES

To run a virtual machine with 1GB of memory, two virtual CPUs, a virtio
block device backed by the /my/image filesystem image, and a serial
port for the console:

bhyve -c 2 -s 0,hostbridge -s 1,lpc -s 2,virtio-blk,/my/image \
-l com1,stdio -H -P -m 1G vm1

Run a 24GB single-CPU virtual machine with three network ports.

bhyve -s 0,hostbridge -s 1,lpc -s 2:0,virtio-net-viona,vmvnic0 \
-s 2:1,virtio-net-viona,vmvnic1 -s 2:2,virtio-net-viona,vmvnic2 \
-s 3,virtio-blk,/my/image -l com1,stdio \
-H -P -m 24G bigvm

Run an 8GB virtual machine with 2 quad core CPUs, 2 NVMe disks and one
other disk attached as a Virtio block device, an AHCI ATAPI CD-ROM, a
single viona network port, an i440fx hostbridge, and the console port
connected to a socket.

bhyve -c sockets=2,cores=4,threads=2 \
-s 0,hostbridge,model=i440fx -s 1,lpc \
-s 1:0,nvme,/dev/zvol/rdsk/tank/hdd0 \
-s 1:1,nvme,/dev/zvol/rdsk/tank/hdd1 \
-s 1:2,virtio-blk,/dev/zvol/rdsk/tank/hdd1 \
-s 2:0,ahci,cd:/images/install.iso \
-s 3,virtio-net-viona,vnic=vmvnic0 \
-l com1,socket,/tmp/vm.com1,wait \
-H -P -m 8G

Run a UEFI virtual machine with a display resolution of 800 by 600
pixels that can be accessed via VNC at: 0.0.0.0:5900.

bhyve -c 2 -m 4G -w -H \
-s 0,hostbridge \
-s 3,ahci-cd,/path/to/uefi-OS-install.iso \
-s 4,nvme,/dev/zvol/rdsk/tank/hdd0 \
-s 5,virtio-net-viona,vnic=vnmic0 \
-s 29,fbuf,vga=off,rfb=0.0.0.0:5900,w=800,h=600,wait \
-s 30,xhci,tablet \
-s 31,lpc -l com1,stdio \
-l bootrom,/usr/share/bhyve/firmware/BHYVE_UEFI.fd \
uefivm

Run a UEFI virtual machine with a VARS file to save EFI variables.
Note that bhyve will write guest modifications to the given VARS file.
Be sure to create a per-guest copy of the template VARS file from
/usr/share/bhyve/firmware.

bhyve -c 2 -m 4g -w -H \
-s 0,hostbridge \
-s 31,lpc -l com1,stdio \
-l bootrom,/usr/share/bhyve/firmware/BHYVE_UEFI.fd,BHYVE_UEFI_VARS.fd \
uefivm