KIWI Image Description for Vagrant

Vagrant is a framework to implement consistent processing/testing work environments based on Virtualization technologies. To run a system, Vagrant needs so-called boxes. A box is a TAR archive containing a virtual disk image and some metadata.

To build Vagrant boxes, you can use veewee which builds boxes based on AutoYaST. As an alternative, Packer can be utilized, which is provided by Hashicorp itself.

Both tools are based on the official installation media (DVDs) as shipped by the distribution vendor.

The KIWI way of building images might be helpful, if such a media does not exist or does not suit your needs. For example, if the distribution is still under development or you want to use a collection of your own repositories. Note, that in contrast to Packer KIWI only supports the libvirt and VirtualBox providers. Other providers require a different box layout that is currently not supported by KIWI.

In addition, you can use the KIWI image description as source for the Open Build Service which allows building and maintaining boxes.

Vagrant expects boxes to be setup in a specific way (for details refer to the Vagrant box documentation.), applied to the referenced KIWI image description from Build a Virtual Disk Image, the following steps are required:

  1. Update the image type setup

    <type image="vmx" filesystem="ext4" format="vagrant" boottimeout="0">
        <vagrantconfig provider="libvirt" virtualsize="42"/>
        <size unit="G">42</size>

    This modifies the type to build a Vagrant box for the libvirt provider including a pre-defined disk size. The disk size is optional, but recommended to provide some free space on disk.

    For the VirtualBox provider, the additional attribute virtualbox_guest_additions_present can be set to true when the VirtualBox guest additions are installed in the KIWI image:

    <type image="vmx" filesystem="ext4" format="vagrant" boottimeout="0">
        <vagrantconfig provider="virtualbox" virtualbox_guest_additions_present="true" virtualsize="42"/>
        <size unit="G">42</size>

    The resulting Vagrant box then uses the vboxfs module for the synchronized folder instead of rsync, that is used by default.

  2. Add mandatory packages

    <package name="sudo"/>
    <package name="openssh"/>
  3. Add additional packages

    If you have set the attribute virtualbox_guest_additions_present to true, add the VirtualBox guest additions. For openSUSE the following packages are required:

    <package name="virtualbox-guest-tools"/>
    <package name="virtualbox-guest-x11"/>
    <package name="virtualbox-guest-kmp-default"/>

    Otherwise, you must add rsync:

    <package name="rsync"/>

    Note that KIWI cannot verify whether these packages are installed. If they are missing, the resulting Vagrant box will be broken.

  4. Add Vagrant user

    <users group='vagrant'>
        <user name='vagrant' password='vh4vw1N4alxKQ' home='/home/vagrant'/>

    This adds the vagrant user to the system and applies the name of the user as the password for login.

  5. Integrate public SSH key

    Vagrant requires an insecure public key pair 1 to be added to the authorized keys for the user vagrant so that Vagrant itself can connect to the box via ssh. The key can be obtained from GitHub and should be inserted into the file home/vagrant/.ssh/authorized_keys, which can be added as an overlay file into the image description.

    Keep in mind to set the file system permissions of home/vagrant/.ssh/ and home/vagrant/.ssh/authorized_keys correctly, otherwise Vagrant will not be able to connect to your box. The following snippet can be added to

    chmod 0600 /home/vagrant/.ssh/authorized_keys
    chown -R vagrant:vagrant /home/vagrant/
  6. Create the default shared folder

    Vagrant boxes usually provide a default shared folder under /vagrant. Consider adding this empty folder to your overlay files and ensure that the user vagrant has write permissions to it.

    Note, that the boxes that KIWI produces require this folder to exist, otherwise Vagrant will not be able to start them properly.

  7. Setup and start SSH daemon

    In, add the start of sshd and the initial creation of machine keys as follows:

    # Create ssh machine keys
    # Activate services
    suseInsertService sshd

    Also make sure to add the line UseDNS=no into /etc/ssh/sshd_config. This can be done by an overlay file or by patching the file in the above mentioned file.

  8. Configure sudo for the Vagrant user

    Vagrant expects to have passwordless root permissions via sudo to be able to setup your box. Add the following line to /etc/sudoers or add it into a new file /etc/sudoers.d/vagrant:

    vagrant ALL=(ALL) NOPASSWD: ALL

    You can also use visudo to verify that the resulting /etc/sudoers or /etc/sudoers.d/vagrant are valid:

    visudo -cf /etc/sudoers
    if [ $? -ne 0 ]; then
        exit 1

An image built with the above setup creates a Vagrant box file with the extension or Add the box file to Vagrant with the command:

vagrant box add my-box


Using the box with the libvirt provider requires alongside a correct Vagrant installation:

  • the plugin vagrant-libvirt to be installed

  • a running libvirtd daemon

Once added to Vagrant, boot the box and log in with the following sequence of vagrant commands:

vagrant init my-box
vagrant up --provider libvirt
vagrant ssh

The insecure key is removed from the box when the it is first booted via Vagrant.