We download the latest release of pfSense as a gzipped ISO, then extract it and pass it to virt-install to get the VM up and running. Interactive portions of setup are handled with a VNC viewer because the pfSense installer doesn't seem to be able to work with virt-install's native console redirection, at least not out of the box. I'd love a tip from anyone if it's possible to fix that somehow.
CentOS 8 instructions are this way.
Find the latest release here.
Download the gzipped ISO from a mirror into a directory that KVM can access, then unzip it:
mkdir -p /opt/vm/pfSense
cd /opt/vm
curl -O https://nyifiles.pfsense.org/mirror/downloads/pfSense-CE-2.4.2-RELEASE-amd64.iso.gz
gunzip pfSense-CE-2.4.2-RELEASE-amd64.iso.gzNow call virt-install to begin your installation.
- The
--networklines will show up in this order as your virtual nics.
virt-install \
--name pfSense \
--memory 1024 \
--noautoconsole \
--graphics vnc,listen=0.0.0.0 \
--disk /opt/vm/pfSense/disk0.qcow2,size=10,format=qcow2 \
--autostart \
--os-type unix \
--cdrom /opt/vm/pfSense-CE-2.4.2-RELEASE-amd64.iso \
--network bridge=brteam0.4094,model=virtio \
--network bridge=brteam0.10,model=virtio \
--debugAllow the VNC server through the firewall:
firewall-cmd --add-service vnc-server --zone internal --permanentConnect to your private IP on port 5900 with a vnc viewer app. Finish the installation.
Restart pfSense when it shuts down after installation
virsh start pfSenseRe-connect to it with VNC to finish interface assignment.
Add the EPEL repo if you don't have it already:
sudo yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmInstall xmlstarlet:
sudo yum install -y xmlstarletUnbind the VNC server from the running VM:
virsh qemu-monitor-command pfSense --hmp change vnc noneAnd finally, remove the VNC Server from the VM config:
virsh dumpxml pfSense | xmlstarlet ed -d "domain/devices/graphics" > /tmp/pfSense.xml
virsh define /tmp/pfSense.xml
rm -f /tmp/pfSense.xml