Chapter 14. Sharing files between the host and its virtual machines

You may frequently require to share data between your host system and the virtual machines (VMs) it runs. To do so quickly and efficiently, you can set up NFS or Samba file shares on your system.

14.1. Sharing files between the host and Linux virtual machines

For efficient file sharing between your host system and the Linux VMs it is connected to, you can export an NFS share that your VMs can mount and access.

Prerequisites

  • The nfs-utils package is installed on the host.

  • A directory that you want to share with your VMs. If you do not want to share any of your existing directories, create a new one, for example named shared-files. 

    # mkdir shared-files

  • The host is visible and reachable over a network for the VM. This is generally the case if the VM is connected using the NAT and bridge type of virtual networks. However, for the macvtap connection, you must first set up the macvlan feature on the host. To do so:

    1. Create a network device file, for example called vm-macvlan.netdev in the host’s /etc/systemd/network/ directory. 

      # touch /etc/systemd/network/vm-macvlan.netdev

    2. Edit the network device file to have the following content. You can replace vm-macvlan with the name you chose for your network device. 

      [NetDev]
Name=vm-macvlan
Kind=macvlan

[MACVLAN]
Mode=bridge

    3. Create a network configuration file for your macvlan network device, for example vm-macvlan.network. 

      # touch /etc/systemd/network/vm-macvlan.network

    4. Edit the network configuration file to have the following content. You can replace vm-macvlan with the name you chose for your network device. 

      [Match]
Name=_vm-macvlan_

[Network]
IPForward=yes
Address=192.168.250.33/24
Gateway=192.168.250.1
DNS=192.168.250.1

    5. Create a network configuration file for your physical network interface. For example, if your interface is enp4s0: 

      # touch /etc/systemd/network/enp4s0.network

      If you are unsure what interface name to use, you can use the ifconfig command on your host to obtain the list of active network interfaces.

    6. Edit the physical network configuration file to make the physical network a part of the macvlan interface, in this case vm-macvlan: 

      [Match]
Name=enp4s0

[Network]
MACVLAN=vm-macvlan
    7. Reboot your host.
  • Optional: For improved security, ensure your VMs are compatible with NFS version 4 or later.

Procedure

  1. On the host, export a directory with the files you want to share as a network file system (NFS).

    1. Obtain the IP address of each virtual machine you want to share files with. The following example obtains the IPs of testguest1 and testguest2. 

      # virsh domifaddr testguest1
Name       MAC address          Protocol     Address
----------------------------------------------------------------
vnet0      52:53:00:84:57:90    ipv4         192.168.124.220/24

# virsh domifaddr testguest2
Name       MAC address          Protocol     Address
----------------------------------------------------------------
vnet1      52:53:00:65:29:21    ipv4         192.168.124.17/24

    2. Edit the /etc/exports file on the host and add a line that includes the directory you want to share, IPs of VMs you want to share with, and sharing options. 

      Shared directory VM1-IP(options) VM2-IP(options) [...]

      For example, the following shares the /usr/local/shared-files directory on the host with testguest1 and testguest2, and enables the VMs to edit the content of the directory: 

      /usr/local/shared-files/ 192.168.124.220(rw,sync) 192.168.124.17(rw,sync)

    3. Export the updated file system. 

      # exportfs -a

    4. Ensure the NFS process is started: 

      # systemctl start nfs

    5. Obtain the IP address of the host system. This will be used for mounting the shared directory on the VMs later. 

      # ip addr
[...]
5: virbr0: [BROADCAST,MULTICAST,UP,LOWER_UP] mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:32:ff:a5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.124.1/24 brd 192.168.124.255 scope global virbr0
       valid_lft forever preferred_lft forever
[...]

      Note that the relevant network is the one being used use for connection to the host by the VMs you want to share files with. Usually, this is virbr0.

  2. On the guest OS of a VM specified in the /etc/exports file, mount the exported file system.

    1. Create a directory you want to use as a mount point for the shared file system, for example /mnt/host-share: 

      # mkdir /mnt/host-share

    2. Mount the directory exported by the host on the mount point. This example mounts the /usr/local/shared-files directory exported by the 192.168.124.1 host on /mnt/host-share in the guest: 

      # mount 192.168.124.1:/usr/local/shared-files /mnt/host-share

    3. To verify the mount has succeeded, access and explore the shared directory on the mount point: 

      # cd /mnt/host-share
# ls
shared-file1  shared-file2  shared-file3

14.2. Sharing files between the host and Windows virtual machines

For efficient file sharing between your host system and the Windows VMs it is connected to, you can prepare a Samba server that your VMs can access.

Prerequisites

  • The samba packages are installed on your host. If they are not: 

    # yum install samba

  • The host is visible and reachable over a network for the VM. This is generally the case if the VM is connected using the NAT and bridge type of virtual networks. However, for the macvtap connection, you must first set up the macvlan feature on the host. To do so:

    1. Create a network device file, for example called vm-macvlan.netdev in the host’s /etc/systemd/network/ directory. 

      # touch /etc/systemd/network/vm-macvlan.netdev

    2. Edit the network device file to have the following content. You can replace vm-macvlan with the name you chose for your network device. 

      [NetDev]
Name=vm-macvlan
Kind=macvlan

[MACVLAN]
Mode=bridge

    3. Create a network configuration file for your macvlan network device, for example vm-macvlan.network. 

      # touch /etc/systemd/network/vm-macvlan.network

    4. Edit the network configuration file to have the following content. You can replace vm-macvlan with the name you chose for your network device. 

      [Match]
Name=_vm-macvlan_

[Network]
IPForward=yes
Address=192.168.250.33/24
Gateway=192.168.250.1
DNS=192.168.250.1

    5. Create a network configuration file for your physical network interface. For example, if your interface is enp4s0: 

      # touch /etc/systemd/network/enp4s0.network

      If you are unsure what interface to use, you can use the ifconfig command on your host to obtain the list of active network interfaces.

    6. Edit the physical network configuration file to make the physical network a part of the macvlan interface, in this case vm-macvlan: 

      [Match]
Name=enp4s0

[Network]
MACVLAN=vm-macvlan
    7. Reboot your host.

Procedure

  1. On the host, create a Samba share and make it accessible for external systems.

    1. Add firewall permissions for Samba. 

      # firewall-cmd --permanent --zone=public --add-service=samba
success
# firewall-cmd --reload
success

    2. Edit the /etc/samba/smb.conf file:

      1. Add the following to the [global] section: 

        map to guest = Bad User

      2. Add the following at the end of the file: 

        #=== Share Definitions ===
[VM-share]
path = /samba/VM-share
browsable = yes
guest ok = yes
read only = no
hosts allow = 192.168.122.0/24

        Note that the hosts allow line restricts the accessibility of the share only to hosts on the VM network. If you want the share to be accessible by anyone, remove the line.

    3. Create the /samba/VM-share directory. 

      # mkdir -p /samba/VM-share

    4. Enable the Samba service. 

      # systemctl enable smb.service
Created symlink /etc/systemd/system/multi-user.target.wants/smb.service → /usr/lib/systemd/system/smb.service.

    5. Restart the Samba service. 

      # systemctl restart smb.service

    6. Allow the VM-share directory to be accessible and modifiable for the VMs. 

      # chmod -R 0755 /samba/VM-share/
# chown -R nobody:nobody /samba/VM-share/

    7. Add the SELinux Samba sharing label to /etc/samba/VM-share/ 

      # chcon -t samba_share_t /samba/VM-share/

  2. On the Windows guest operating system, attach the Samba share as a network location.

    1. Open the File Explorer and right-click "This PC".

    2. In the context menu, click Add a network location.

      virt Win10 network loc1
    3. In the Add Network Location wizard that opens, select "Choose a custom network location" and click Next.

    4. In the "Internet or network address" field, type host-IP/VM-share, where host-IP is the IP address of the host. Usually, the host IP is the default gateway of the VM. Afterwards, click Next.

      virt Win10 network loc2
    5. When the wizard asks if you want to rename the shared directory, keep the default name. This ensures the consistency of file sharing configuration across the VM and the guest. Click Next.
    6. If accessing the network location was successful, you can now click Finish and open the shared directory.