Is it possible to run vyos on incus vm /container ??
Pretty sure others have run it fine inside of VMs before.
Containers may be trickier depending on exactly what kind of privileged access it may need.
Good to know VyOS works well inside Incus VMs.
I’ll proceed with a VM rather than a container.
is there a useful document i can follow.? i did not find one online.
thanks again.
stgraber@castiana:~$ incus create vyos --empty --vm -d root,io.bus=nvme -c limits.cpu=4 -c limits.memory=4GiB -c security.secureboot=false
Creating vyos
stgraber@castiana:~$ incus config device add vyos install disk source=/home/stgraber/Downloads/vyos-2025.11.12-0020-rolling-generic-amd64.iso boot.priority=10
Device install added to vyos
stgraber@castiana:~$ incus start vyos --console=vga
Seems to work fine here.
1 Like
That’s interesting - it seems it is no longer necessary to import an ISO image into a storage volume before you can use it.
The documentation here still shows that being done - can I suggest it be amended to show this way, as it is far quicker and saves storage space?
@stgraber
I just used these same steps to create an Incus vyos vm.
Then VM starts and I can console into it and login with the default “vyos” “vyos”
But incus does not show any IP address for the vyos vm?
Creating an ubuntu vm works and it does get an IP.
Is there some other step involved than just…
What kind of network is it connected to?
If it’s on a managed Incus bridge (like incusbr0), Incus can report the IP address that was provided by dnsmasq. But if your VM is connected to a physical network instead, then Incus doesn’t know what the IP address is.
For Ubuntu VMs, it can ask the agent inside of the VM for that information, but if the VM doesn’t run the incus agent (vyos wouldn’t), then Incus would be blind to what IP address is used.
On the Host (ubuntu 24.04)
$ incus config show vyos-vm
architecture: x86_64
config:
limits.cpu: “4”
limits.memory: 4GiB
security.secureboot: “false”
volatile.cloud-init.instance-id: a1e8bea6-3bd9-482d-8e3d-bfebf04ed5ef
volatile.eth0.host_name: tap3c9de82d
volatile.eth0.hwaddr: 10:66:6a:8f:da:75
volatile.last_state.power: RUNNING
volatile.root.io.bus: nvme
volatile.uuid: b8896446-076b-45b7-97ec-4a43e4e3c296
volatile.uuid.generation: b8896446-076b-45b7-97ec-4a43e4e3c296
volatile.vm.definition: pc-q35-10.1
volatile.vm.rtc_adjustment: “-7”
volatile.vm.rtc_offset: “-1”
volatile.vsock_id: “3494110791”
devices:
eth0:
nictype: bridged
parent: incusbr0
type: nic
install:
boot.priority: “10”
source: /home/bmullan/ciab/mesh-vpn/VYOS/vyos-generic.iso
type: disk
root:
io.bus: nvme
path: /
pool: default
type: disk
ephemeral: false
profiles:
- default
stateful: false
description: “”
$ incus ls vyos-generic
| NAME | STATE | IPV4 | IPV6 |
| vyos-vm | RUNNING | | fd42:caa6:2123:62bd:1266:6aff:fe8f:da75 (eth0) | VIRTUAL-MACHINE
From “inside” the VM
$ ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 gdisc mq state UP group default qlen 1000
link/ether 10:66:6a:8f:da:75 brd ff:ff:ff:ff:ff:ff
altname enps5s0
inet6 fe80::1266:6aff:fe8f:da75/64 scope link
valid_lft forever preferred_lft forever
3: pim6reg@NONE: <NOARP,UP,LOWER_UP> mtu 1452 qdisc noqueue state UNKNOWN group default qlen 1000 link/pimreg
Okay, so looks like the VM is booted, it has its eth0 device and is on a managed bridge on the Incus side.
You see an IPv6 as we can calculate that from the MAC address, even if the guest hasn’t gotten it configured yet. For IPv4 you don’t see an address because the VM hasn’t yet made a DHCP query to get one from Incus.
I’m not familiar with VyOS, but to me it looks like you need to configure eth0 here to enable a DHCP client and IPv6 auto-configuration on it so it can grab an IPv4 address and so the listed IPv6 address actually becomes active in the VM.
Thanks Stephane…
I had started looking in that direction myself.
I assigned a static IP to eth0 & then I could ping the VM from the host and vice versa but since the VM didn’t have DNS set up either that was as far as I got before I got distracted with something else.