I’ve been using Qubes as my daily driver for a while now, and for an eclectically and moderately tech-literate user like me it’s been a blast. Restoring my AppVMs after a reinstall was one of the smoothest and most gratifying experiences I’ve ever had using a computer.
The ease of administration provided by the Xen architecture gave me the idea of spinning up a small cloud system at home to play around with. I now have a Xen-enabled Debian 12 system running on a refurbished 1l desktop computer, and I can create guest VMs that work. But I would like to set things up to use template VMs like they’re implemented in Qubes, and I could use some advice figuring out how to do that.
So far, I’ve been using xen-tools to configure VMs, and xl to run them. I’d like to keep my stack as simple as possible. But I haven’t been able to figure out whether setting up templates is practical or even possible with these tools, and all the documentation I could find about setting up something like this assumes working within a considerably more complex stack.
There are a couple of ways in which you might be able to help me: I would appreciate help understanding the way Qubes sets up and uses template VMs, especially if you can point me to useful resources. I could also use help learning the lingo, mostly to Google better. If you know any technical terms that are commonly used in the specific context of Xen template VMs, I would love to learn about them. It would also help to have a better understanding of various Xen management tools that could be useful for this task.
I’ll be posting similar inquiries in other places (Xen Matrix channel, Debian forums, nerd Mastodon etc.), I know this question isn’t strictly about Qubes, and I’m just doing this as a hobby, so it’s completely okay if this doesn’t yield useful answers. But if you do know anything that could be of use to me, you might really help me out.
If I understand correctly, you want to have Qubes-like templates in Xen without Qubes, even though Qubes uses Xen to create Qubes-like templates. It sounds like you’re trying to reinvent the wheel, but why? To what end? I feel that some crucial bit of explanation regarding your use case or motivation must be missing. If a tool has already been built that delivers templates in Xen, and that’s precisely what you want, why not simply use it?
Anyway, it sounds like you should check out the developer documentation and the source code on GitHub. All the answers you seek are there; it’s just a matter of how determined you are to unearth them.
I genuinely appreciate the fact that you made the effort to reply.
Qubes has many features that make it poorly suited for use as a self-hosted cloud system. It nails down all access to Dom0 except for sitting at the machine, it comes with a weird window manager that draws window decorations based on what VM it’s displaying, and an elaborate way of isolating the clipboard. My hobby machine is headless and stowed in a closet out of sight. I’d like to be able to ssh/vnc into it without having to turn off a whole host of security measures, possibly messing up other parts of the OS in the process. Ssh and vnc access is easily configured in Xen without Qubes. With Qubes, it becomes a lot more complicated. Qubes comes with a whole bunch of measures to secure the machine that I don´t need for this use case. It’s useless overhead.
Qubes didn’t invent the template/appVM configuration. I’m pretty sure Qubes uses pre-made tools for that. OpenStack and Citrix offer similar functionality. I’d like to have a basic understanding of what those tools are, and how they’re implemented in Qubes, because what Qubes does is really close to what I want. Not trying to reinvent the wheel, just trying to get some wheels without the rest of the car attached to it.
I hope you understand that comments like “it’s just a matter of how determined you are to unearth them” are worse than useless. I have a job, and a social life. I have about 4-8 hours a week to spend on this hobby. Spending it combing through the rather poorly structured and inaccessible QubesOS documentation, when I don’t even really know what I’m looking for, is an excellent way to get very frustrated and burnt out and not accomplish anything. Telling someone to do their own research (which I have been doing) and blaming their lack of determination if they don’t manage on their own isn’t helping.
Again, I appreciate the time and effort you took to respond to my post, and I’ll appreciate any advice you can give me, but if all you have is “RTFM”, then just not posting is A-Okay with me.
Hi @JOZeldenrust, the purpose of this forum is to help the community use and understand Qubes OS. You question sounds on the surface like you want to understand how Qubes OS implements templates, but really what you are asking is how to replicate the effect with XEN tools without Qubes OS.
That is decidedly off-topic here. @adw pointed you to the only place that could contain the answer (developer documentation and source code) and it appears you didn’t like that answer very much. It appears that while you are very conservative about the time you are able/willing to invest in finding the answer, you are quite generous in your expectation of Qubes OS developers taking the time to explain the answer to you, even if that does nothing to improve Qubes OS or it’s community.
Closing this thread now.