[libvirt-users] Help With Nested Virtualization

Kashyap Chamarthy kchamart at redhat.com
Thu Sep 1 10:11:17 UTC 2016 

On Wed, Aug 31, 2016 at 12:48:33PM +0200, Martin Kletzander wrote:
> On Mon, Aug 29, 2016 at 09:42:17PM -0400, Brandon Golway wrote:
> > (Copied from my post on the Arch Linux forums:

[...]

> > Can someone clue me in on what the issue is?
> > 
> > Here's the entire XML config for the FreeNAS VM
> > 
> > [code]<!--
> > WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
> > OVERWRITTEN AND LOST. Changes to this xml configuration should be made
> > using:
> >  virsh edit FreeNAS_10
> > or other application using the libvirt API.
> > -->
> > 
> 
> Just as I see you grabbed it from the place where it is stored, you
> should rather instead do 'virsh dumpxml FreeNAS_10', or remove the
> comment above.  Otherwise it steers other users to believing that
> mangling with internal XML files is safe.

Yeah, or use the `virt-xml` tool (comes as part of `virt-install`
package).  To pass-through host CPU to the level-1 guest:

	$ virt-xml FreeNAS_10 --edit --cpu host-passthrough,clearxml=yes

If you issue this while the guest is running, it'll take affect on next
reboot.

> > <domain type='kvm'>
> >  <name>FreeNAS_10</name>
> >  <uuid>ea816b85-7685-495a-bc97-28a882f190d7</uuid>
> >  <title>FreeNAS v10</title>
> >  <description>Nightly Alpha Test Releases</description>
> >  <memory unit='KiB'>6340608</memory>
> >  <currentMemory unit='KiB'>6340608</currentMemory>
> >  <vcpu placement='static'>4</vcpu>
> >  <os>
> >    <type arch='x86_64' machine='pc-i440fx-2.6'>hvm</type>
> >    <bootmenu enable='no'/>
> >  </os>
> >  <features>
> >    <acpi/>
> >    <apic/>
> >    <vmport state='off'/>
> >  </features>
> >  <cpu mode='host-passthrough'/>
> 
> Although what you did should be enough for the nested virt to work, I
> have just an idea to try out.  I can't try it because I don't have
> nested virt turned on for the module and don't want to reboot now. 

Assuming you're talking about the physical host, you don't need a reboot
of the host :-) You can simply:

    $ sudo rmmod kvm-intel
    $ echo "options kvm-intel nested=y" > /etc/modprobe.d/dist.conf
    $ sudo modprobe kvm-intel

> But
> if you have new enough libvirt, you should be able to do:
> 
> <cpu mode='host-passthrough'>
>  <feature policy='require' name='vmx'/>
> </cpu>
> 
> Also check that you are not missing the kvm_intel module in the L1 guest
> kernel and other similar non-nested troubleshooting steps as well.

Yeah.  If the L1 guest has the /dev/kvm character device, then he's good:

    $ file /dev/kvm
    /dev/kvm: character special (10/232)


-- 
/kashyap

More information about the libvirt-users mailing list