Installing Windows though QEMU-KVM on servers without KVM or IPMI

This tutorial is loosely based on this one. It uses the same portable QEMU-KVM binaries but has more information as well as additional steps that I needed to take when I used this method of installing an OS


Introduction

This Tutorial aims to provide you with a step-by-step guide to install Windows from an ISO on a server that does not feature KVM (iDRAC, iLO, etc.) but has a rescue system available.

Hosts I've tested this with:

Both of those offer KVM devices for a limited time. Hetzner offers 3 hours for free (10€/3 hours after that, but only if you message support, otherwise it will be simply disconnected), Webtropia 48 hours but the price is not available at the moment.

I had issues with Hetzner's KVM device; the server wouldn't boot after using it. Therefore I used this method which didn't have such issues.

Prerequisites

  1. A Windows ISO
  2. A Server with a Linux-based "Rescue System" available
  3. Enough RAM to store the ISO OR a secondary hard drive
  4. A SSH and VNC Client
  5. Basic knowledge about advanced Windows settings

Part 1 - Getting the rescue system ready

First you want to boot into the rescue system, in case of Hetzner and Webtropia its as easy as pressing a button in the web interface. You'll get a root password to login into the rescue system.

Now create a RAM disk for the Windows ISO:

mount -t tmpfs -o size=6000m tmpfs /mnt

My ISO is about 4.8 GB big and fits compfortably into the 32 GB RAM my server has, if you don't have enough RAM but a second hard drive available you can use that instead.

Now download the Windows ISO, in my case it sits on a FTP(s) server that require sauthentication so I download it like this:

curl -u 'user:pw' -k --ftp-ssl 'ftp://host//ISOs/en_windows_server_2012_r2_with_update_3_x64_dvd_6052708-MAY.2016.iso' -o /mnt/windows.iso

If your host offers a repository with ISOs (such as Hetzner) you can also use wget to download the ISO:

wget -O /mnt/windows.iso "http://mirror.hetzner.de/bootimages/windows/SW_DVD5_Windows_Svr_Std_and_DataCtr_2012_R2_64Bit_English_Core_MLF_X19-05182.iso"

After that finishes it's time to download the portable QEMU-KVM version:

wget -qO- /tmp https://cdn.rodney.io/content/blog/files/vkvm.tar.gz | tar xvz -C /tmp

If your server has a main hard drive > 2TB and boots through UEFI you can use the UEFI BIOS for QEMU:

wget -qO- /tmp https://cdn.rodney.io/content/blog/files/uefi.tar.gz | tar xvz -C /tmp

However none of the servers I tested so far used UEFI to boot despite having harddrives over 2 TB.

Part 2 - Installing Windows

Now you can start QEMU-KVM and start the installation:

/tmp/qemu-system-x86_64 -net nic -net user,hostfwd=tcp::3389-:3389 -m 2048M -localtime -enable-kvm -cpu host,+nx -M pc -smp 2 -vga std -usbdevice tablet -k en-us -cdrom /mnt/windows.iso -hda /dev/sda -boot once=d -vnc :1

Or for UEFI systems:

/tmp/qemu-system-x86_64 -bios /tmp/uefi.bin -net nic -net user,hostfwd=tcp::3389-:3389 -m 2048M -localtime -enable-kvm -cpu host,+nx -M pc -smp 2 -vga std -usbdevice tablet -k en-us -cdrom /mnt/windows.iso -hda /dev/sda -boot once=d -vnc :1

Once you've started the VM you can connect to your-ip:1 using VNC and go through the graphical installer.

After installing Windows it will boot and allow you to create a User etc. Windows is now installed but not quite ready yet.

Part 3 - Configuring Windows

Basic (required) configuration

  • Enable RDP
  • Disable Firewall

You can now test the RDP connection by connecting to your-ip, the QEMU switches we used forward that port. The second step is required because Windows will recognize the real network connection of the server as a new network on startup and block RDP by default. By disabling it RDP will stay available, you can enable the firewall again after logging in and allowing RDP through the firewall on the new network.

If your server uses a NIC that is supported by Windows without any additional drivers (i.e. Intel NICs) and your provider uses DHCP you're now done, shut down the VM and disable the rescue system, then reboot. This was the case with my Hetzner box.

My Webtropia box uses a Realtek NIC and static IP configuration and required further configuration:

Additional drivers

Find out what NIC your server uses using the rescue system, you can use one of the following commands to find out:

$ lspci | egrep -i --color 'network|ethernet'
$ lshw -class network

In my case the result was RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller. I just searched for the driver and downloaded it from the Realtek website and installed it through the grapical installer. I got an error that the NIC wasn't installed but you can just ignore that. Windows will load and install the driver after booting.

Static Network configuration

In my case I got the following information from my provider:

IP Address:     37.XXX.XXX.183
Gateway:        37.XXX.XXX.129
Netmask:        255.255.255.192 (/26)

I cannot set those within the VM since the network adapter is not connected yet. So in order to set this configuration after the server reboots into windows I have to create a startup script that sets those values on the new NIC. This can be done with a simple batch script:

netsh interface ipv4 set address name="Ethernet 2" static 37.XXX.XXX.183 255.255.255.192 37.XXX.XXX.129

Order of parameters is IP, Netmask, Gateway.

This is anticipating that the new network connection will be called "Ethernet 2" which is the default on an english windows installation, you might have to adjust this based on your locale.

This single line can now be saved as C:\startup.bat and added as a startup script in gpedit.msc under "Computer Configuration"->"Windows Settings"->"Scripts (Startup/Shutdown)".

You can now reboot.

Part 4 - Finishing Touches

After rebooting and (hopefully) getting into your new machine you will be asked wether or not the new network is private or public, I choose public. After that you can configure your firewall to allow RDP and re-enable it again.

Finally remove the startup script (if any) and add DNS servers to your static configuration (if any).

You have now finished the installation, congratulations!

Part 5 - Troubleshooting, Tips and Tricks

If you server doesn't boot you can use QEMU-KVM to boot the installation on your disk, this allows you to troubleshoot and avoid reinstalling windows again if you made a mistake.

Download the portable QEMU again and start your VM from disk like this:

/tmp/qemu-system-x86_64 -net nic -net user,hostfwd=tcp::3389-:3389 -m 2048M -localtime -enable-kvm -cpu host,+nx -M pc -smp 2 -vga std -usbdevice tablet -k en-us -hda /dev/sda -boot c -vnc :1

Or with UEFI:

/tmp/qemu-system-x86_64 -bios /tmp/uefi.bin -net nic -net user,hostfwd=tcp::3389-:3389 -m 2048M -localtime -enable-kvm -cpu host,+nx -M pc -smp 2 -vga std -usbdevice tablet -k en-us -cdrom /mnt/win8-64.iso -hda /dev/sda -boot c -vnc :1

Author: Rodney

Programmer, Video Game Modder, Student and friend of Open-Source Software.

Comments on “Installing Windows though QEMU-KVM on servers without KVM or IPMI”