Product QVD 4.2 Virtual Deckard
QVD Docs Team <>
Legal notice


Important The current guide contains the necessary commands to make a mononode QVD installation, where all the components will installed into the same machine. In a multinode installation will exist additional steps and network configuration may be different.
Important During the process, some packages will be installed and the network configuration will be affected. It is recommended use a testing environment.

1. Requirements

1.1. Database

  • 2 CPU cores

  • 2 GB of RAM

  • PostgreSQL 10 or higher

1.2. HKD

2. Pre-installation

  • Verify that the required ports (443 and 8443) are open

    root@qvdnode:~# firewall-cmd --list-all
    • If they are not listening, perform the following configuration:

      root@qvdnode:~# firewall-cmd --permanent --add-service https
      root@qvdnode:~# firewall-cmd --permanent --add-port 8443/tcp
      root@qvdnode:~# systemctl restart firewalld
      root@qvdnode:~# firewall-cmd --list-all
  • Add the public key of the QVD parcels to your trusted keys (like root):

    root@qvdnode:~# wget -qO - | sudo apt-key add -
  • ANow, add the repository and get updates:

    root@qvdnode:~# echo "deb QVD-4.2.0 main" > \
    root@qvdnode:~# apt-get update
    • For commercial packages:

      root@qvdnode:~#  echo "deb http://$USUARIO:$ QVD-4.2.0 main" > \
      root@qvdnode:~#  apt-get update
      Note $USER and $PASSWORD are the credentials received when the suscription is purchased.

3. Database installation and configuration

root@qvdnode:~# apt-get install postgresql
root@qvdnode:~# systemctl enable --now postgresql@10-main.service

3.1. Create a user account

root@qvdnode:~# su - postgres
postgres@qvdnode:~$ createuser -SDRP qvd
Enter password for new role: passw0rd
Enter it again: passw0rd

3.2. Create the QVD database

postgres@qvdnode:~$ createdb -O qvd qvddb
postgres@qvdnode:~$ exit

3.3. Change the PostgreSQL configuration

Edit the file /etc/postgresql/10/main/postgresql.conf and set the following parameters:

listen_addresses = ''
default_transaction_isolation = 'serializable'

Edit the file /etc/postgresql/10/main/pg_hba.conf and add the following line to the beginning:

host qvddb qvd md5
Note Make sure to replace the default network with the network that your platform uses.

Restart PostgreSQL.

root@qvdnode:~# systemctl restart postgresql@10-main.service

4. HKD Installation

root@qvdnode:~# yum install perl-QVD-HKD

4.1. Basic configuration

  • Copy template sample-node.conf to your configuration:

    root@qvdnode:~# cp -v /usr/lib/qvd/config/sample-node.conf /etc/qvd/node.conf
    root@qvdnode:~# chown root:root /etc/qvd/node.conf
    root@qvdnode:~# chmod 0640 /etc/qvd/node.conf
  • Edit the /etc/qvd/node.conf file and modify/include the following entries:

    nodename = qvdnode
    path.log = /var/log/qvd
    log.filename = ${path.log}/qvd.log
    log.level = INFO
    • Where

      • nodename: Name of the node, normally it is the same name of the server

      • Server where the QVD database resides

      • Name of the QVD database

      • database.user: User account required to connect

      • database.password: Password of the previously specified user

    • You could also add a log level for debugging purposes.

    • The entries related to the log must be established here because the relevant QVD components are started before connecting to the database.

    Note You must ensure that the nodename,,, database.user and database.password contain values that coincide with the ones that you have configured. Once these settings are in place, any utility that requires access to the database will have the correct configuration to do so.
  • Once the configurations are finished, you must Start/Enable the HKD service:

    root@qvdnode:~# systemctl enable --now qvd-hkd

4.2. Deploy schema QVD database

root@qvdnode:~# /usr/lib/qvd/bin/

5. Administration tools installation

5.1. SSL Configuration

Note If you already have a certificate signed by a third party, you can skip the auto signed certificate creation and use your signed certificate instead.
Auto signed certificate creation
root@qvdnode:~# apt-get install openssl
root@qvdnode:~# mkdir /etc/qvd/certs
root@qvdnode:~# cd /etc/qvd/certs

Generate a private key.

root@qvdnode:/etc/qvd/certs# openssl genrsa 2048 > key.pem

Create an auto signed certificate.

root@qvdnode:/etc/qvd/certs# openssl req -new -x509 -nodes -sha256 -days 3650 -key key.pem > cert.pem
Note OpenSSL will prompt you to enter the various fields that it requires for the certificate. In the field Common Name you must insert the fully qualified domain name of the host that will be running your QVD node.

5.2. API

root@qvdnode:~# apt-get install perl-qvd-api

Create the file /etc/qvd/api.conf with the following content:



To execute either the CLI or the WAT we must start the API.

root@qvdnode:̣~:# systemctl enable --now qvd-api

Calling to the endpoint info from the browser or using the following command, we will check that the API is working.

root@qvdnode:~# curl -k https://localhost:443/api/info

It should return a JSON with system information.

5.3. CLI

root@qvdnode:~# apt-get install perl-qvd-admin4

Create the file /etc/qvd/qa.conf with the following content:

qa.url = https://localhost:443/
qa.tenant = *
qa.login = superadmin
qa.password = superadmin
qa.format = TABLE
qa.insecure = 1
Caution This is just a testing installation guide. Never for be using in production environment. The parameter qa.insecure must be replaced by the parameter with your Authority certification path.

With the following command we will check that QA4 is working.

root@qvdnode:~# qa4 admin get

It should return the two administrators of the system: admin and superadmin.

5.4. WAT

root@qvdnode:~# apt-get install qvd-wat
Executing the WAT

Visit https://localhost:443


  • username: superadmin@*

  • password: superadmin

6. Basic and indispensable configuration

6.1. Network configuration

6.1.1. Establish dnsmasq to be controlled by QVD

  • Check dnsmasq status service:

    root@qvdnode:~# systemctl is-enabled dnsmasq
  • If its active, you should disable it:

    root@qvdnode:~# systemctl stop dnsmasq
    root@qvdnode:~# systemctl disable dnsmasq

6.1.2. Configure IP forwarding

  • Edit the file /etc/sysctl.conf and uncomment the line:

  • Execute:

    root@qvdnode:~# sysctl -p

6.1.3. Configure a network bridge

Edit the file /etc/network/interfaces and add the following lines:

auto qvdnet0
iface qvdnet0 inet static
  pre-up brctl addbr qvdnet0
  pre-up iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source
  pre-up iptables -t nat -A PREROUTING -d -p tcp --dport 8443 -j DNAT --to-destination
  post-down brctl delbr qvdnet0
Note You will need to change the IP address to the IP address of the network interface that you intend your clients to connect to.
Note The range should be unique within your infrastructure.

Bring up the network bridge

root@qvdnode:~# ifup qvdnet0

6.1.4. Configure QVD for your network

root@qvdnode:~# qa4 config set tenant_id=-1,,value=0
root@qvdnode:~# qa4 config set tenant_id=-1,,value=
root@qvdnode:~# qa4 config set tenant_id=-1,,value=24
root@qvdnode:~# qa4 config set tenant_id=-1,,value=
root@qvdnode:~# qa4 config set tenant_id=-1,,value=
root@qvdnode:~# qa4 config set tenant_id=-1,,value=qvdnet0

6.2. Configure QVD to use the SSL certificates

root@qvdnode:~# qa4 config ssl key=/etc/qvd/certs/key.pem, cert=/etc/qvd/certs/cert.pem
root@qvdnode:~# openssl version -d

The previous command may return the following response by default:

OPENSSLDIR: "/usr/lib/ssl"
Note If other directory is returned, use it instead /usr/lib/ssl for the following steps.

The trusted certificates are stored in /usr/lib/ssl/certs.

root@qvdnode:~# trusted_ssl_path=/usr/lib/ssl/certs
root@qvdnode:~# cert_path=/etc/qvd/certs/cert.pem
root@qvdnode:~# cert_name=`openssl x509 -noout -hash -in $cert_path`.0
root@qvdnode:~# cp $cert_path $trusted_ssl_path/QVD-L7R-cert.pem
root@qvdnode:~# ln -s $trusted_ssl_path/QVD-L7R-cert.pem $trusted_ssl_path/$cert_name

6.3. HKD node configuration

  • Add the node to the solution by running:

    root@qvdnode:~# qa4 host new name=qvdnode,address=
  • And restart HKD service:

    root@qvdnode:~# systemctl restart qvd-hkd

And now, what?

Should you have any issue, please check the full QVD installation guide.

If you have already done all the steps of this guide, congratulations, you already have a solution QVD installed. Now you should:

  • Configure your first OSF

  • Install your first image

  • Add your first user

  • Add a VM for your user

Note We recommend to you to continue with the Web Administration Tool (WAT) Manual to do these steps.

Once finished, you will only have to:


If you have any questions or need additional support, visit our Web Site or contact us.