Skip to content

Instantly share code, notes, and snippets.

@RulerOf

RulerOf/pfsense-on-centos-8.md

Last active January 9, 2024 22:18
Show Gist options
  • Save RulerOf/2608c8455b3dcf6088be206f86c686be to your computer and use it in GitHub Desktop.
Save RulerOf/2608c8455b3dcf6088be206f86c686be to your computer and use it in GitHub Desktop.
Download ZIP
Installing pfSense on KVM in CentOS 8
Raw
pfsense-on-centos-8.md

Installing pfSense on KVM in CentOS 8

We download the latest release of pfSense as a gzipped ISO, then extract it and pass it to virt-install to get the VM up and running. Interactive portions of setup are done with virt-install's native console redirection. This guide assumes you've already installed and configured KVM, and that you've created network bridges already.

Instructions

Find the latest release here.

Download the gzipped memstick-serial image from a mirror into a directory that KVM can access, then unzip it:

mkdir -p /opt/vm/pfSense
cd /opt/vm
curl -fSOJL https://nyifiles.pfsense.org/mirror/downloads/pfSense-CE-memstick-serial-2.4.5-RELEASE-p1-amd64.img.gz
gunzip pfSense-CE-memstick-serial-2.4.5-RELEASE-p1-amd64.img.gz

Now call virt-install to begin your installation.

  • Any --network lines will show up in this order as your virtual NICs.
virt-install \
--name pfSense \
--memory 1024 \
--autostart \
--os-type=freebsd \
--os-variant=freebsd11.0 \
--disk /opt/vm/pfSense-CE-memstick-serial-2.4.5-RELEASE-p1-amd64.img \
--boot hd,menu=on,useserial=on \
--disk /opt/vm/pfSense/disk0.qcow2,size=10,format=qcow2 \
--network bridge=brteam0,model=virtio \
--graphics none \
--console target_type=serial \
--debug

Install

Install as normal, I suggest using Guided ZFS on Root.

NOTE: disk0 is the boot media here. Install to disk 1.

When installation is finished, choose Yes when it asks you to drop to a shell, then give it the poweroff command:

# poweroff
Shutdown NOW!
poweroff: [pid 1295]
# Oct 17 16:20:47 shutdown: power-down by root: 

System shutdown time has arrived
Waiting (max 60 seconds) for system process `vnlru' to stop... done
Waiting (max 60 seconds) for system process `bufdaemon' to stop... done
Waiting (max 60 seconds) for system process `syncer' to stop... 
Syncing disks, vnodes remaining... 0 0 0 done
All buffers synced.
Uptime: 1m57s
acpi0: Powering system off

[Sat, 17 Oct 2020 12:20:57 virt-install 24937] DEBUG (virt-install:709) Domain state after install: 5
[Sat, 17 Oct 2020 12:20:57 virt-install 24937] DEBUG (cli:272) Domain creation completed.
Domain creation completed.

Cleanup

Add the EPEL repo if you don't have it already:

sudo yum install -y epel-release

Install xmlstarlet:

sudo yum install -y xmlstarlet

Remove the installation media from the VM config:

virsh dumpxml pfSense | xmlstarlet ed -d "domain/devices/disk[1]" > /tmp/pfSense.xml
virsh define /tmp/pfSense.xml 
rm -f /tmp/pfSense.xml

Restart pfSense and connect to it:

virsh start pfSense && virsh console pfSense

Assign interfaces and disconnect ^] when finished.

@RulerOf
Copy link
Author

RulerOf commented Jan 9, 2024
edited
Loading

@Casper042 pci passthrough has to be enabled in the kernel. Usually involves editing the kernel command line in grub: https://wiki.gentoo.org/wiki/GPU_passthrough_with_libvirt_qemu_kvm#GRUB_bootloader

That's not for centos but the process is similar. I think you'd need to edit the grub config and then rebuild the files with:

vim /etc/sysconfig/grub
grub2-mkconfig -o /boot/grub2/grub.cfg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment