We download the latest release of pfSense as a gzipped ISO, then extract it and pass it to virt-install
to get the VM up and running. Interactive portions of setup are done with virt-install
's native console redirection.
Install and start libvirtd
sudo dnf -y install libvirt-daemon
sudo systemctl enable --now libvirtd
Find the latest release here.
Download the gzipped memstick-serial image from a mirror into a directory that KVM can access, then unzip it:
mkdir -p ~/vm/pfSense
cd ~/Downloads
curl https://sgpfiles.netgate.com/mirror/downloads/pfSense-CE-memstick-serial-2.6.0-RELEASE-amd64.img.gz | gzip -cd > /tmp/pfSense-CE-memstick-serial-2.6.0-RELEASE-amd64.img
Now call virt-install
to begin your installation.
- Any
--network
lines will show up in this order as your virtual NICs.
virt-install \
--name pfSense \
--memory 512 \
--autostart \
--os-type=freebsd \
--os-variant=freebsd12.3 \
--disk /tmp/pfSense-CE-memstick-serial-2.6.0-RELEASE-amd64.img \
--boot hd,menu=on,useserial=on \
--disk pfSense0.raw,size=2,format=raw \
--network bridge=virbr0,model=virtio \
--graphics none \
--console target_type=serial \
--debug
Install as normal, I suggest using BIOS UFS.
NOTE: disk0 is the boot media here. Install to disk 1.
When installation is finished, choose Yes when it asks you to drop to a shell, then give it the poweroff
command:
# poweroff
Shutdown NOW!
poweroff: [pid 1295]
# Oct 17 16:20:47 shutdown: power-down by root:
System shutdown time has arrived
Waiting (max 60 seconds) for system process `vnlru' to stop... done
Waiting (max 60 seconds) for system process `bufdaemon' to stop... done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining... 0 0 0 done
All buffers synced.
Uptime: 1m57s
acpi0: Powering system off
[Sat, 17 Oct 2020 12:20:57 virt-install 24937] DEBUG (virt-install:709) Domain state after install: 5
[Sat, 17 Oct 2020 12:20:57 virt-install 24937] DEBUG (cli:272) Domain creation completed.
Domain creation completed.
Add the EPEL repo if you don't have it already:
sudo yum install -y epel-release
Install xmlstarlet
:
sudo yum install -y xmlstarlet
Remove the installation media from the VM config:
virsh dumpxml pfSense | xmlstarlet ed -d "domain/devices/disk[1]" > /tmp/pfSense.xml
virsh define /tmp/pfSense.xml
rm -f /tmp/pfSense.xml
Restart pfSense and connect to it:
virsh start pfSense && virsh console pfSense
Assign interfaces and disconnect ^]
when finished.