Nested Virtualization on Google Cloud.

Tanmoy Sinha tanmoy.sinha at gmail.com
Sun May 10 13:53:12 UTC 2020 

I am using nested virtualization on a Google Cloud Compute instance. Things
are generally working fine with libvirt using qemu+kvm, however I observed
that <cpu mode='host-model'> is not exposing avx and avx2 instruction set
to the guest Linux instance. Google Cloud platform claims the CPU model of
the host compute instance is Broadwell, however libvirt capabilities maps
it to Westmere-IBRS and it has avx and avx2 features, yet host-model is not
exposing those.



As a workaround, I am using <cpu mode='host-passthrough'>, but I would like
to know what is going wrong here? I can also share the output of cpuid of
the host system, if that helps.  I am not sure whether it's a libvirt issue
or something to do with KVM. Any help would be appreciated.


Following is the host information, along with the qemu process details for
the linux guest.


root at dev-vm:~# kvm --version

QEMU emulator version 2.8.1(Debian 1:2.8+dfsg-6+deb9u9)

Copyright (c) 2003-2016 Fabrice Bellard and the QEMU Project developers


root at dev-vm:~# virsh --version

setlocale: No such file or directory

3.0.0


root at dev-vm:~# virsh capabilities


<capabilities>


  <host>

    <uuid>a2b6c5d9-dfea-7efb-defb-3cce3aadb067</uuid>

    <cpu>

      <arch>x86_64</arch>

      <model>*Westmere-IBRS*</model>

      <vendor>Intel</vendor>

      <topology sockets='1' cores='4' threads='2'/>

      <feature name='vme'/>

      <feature name='ss'/>

      <feature name='ht'/>

      <feature name='pclmuldq'/>

      <feature name='vmx'/>

      <feature name='fma'/>

      <feature name='pcid'/>

      <feature name='x2apic'/>

      <feature name='movbe'/>

      <feature name='xsave'/>

      <feature name='osxsave'/>

      <feature name='avx'/>

      <feature name='f16c'/>

      <feature name='rdrand'/>

      <feature name='hypervisor'/>

      <feature name='arat'/>

      <feature name='fsgsbase'/>

      <feature name='tsc_adjust'/>

      <feature name='bmi1'/>

      <feature name='hle'/>

      <feature name='avx2'/>

      <feature name='smep'/>

      <feature name='bmi2'/>

      <feature name='erms'/>

      <feature name='invpcid'/>

      <feature name='rtm'/>

      <feature name='rdseed'/>

      <feature name='adx'/>

      <feature name='smap'/>

      <feature name='md-clear'/>

      <feature name='ssbd'/>

      <feature name='xsaveopt'/>

      <feature name='pdpe1gb'/>

      <feature name='rdtscp'/>

      <feature name='abm'/>

      <feature name='3dnowprefetch'/>

      <feature name='invtsc'/>

      <pages unit='KiB' size='4'/>

      <pages unit='KiB' size='2048'/>

      <pages unit='KiB' size='1048576'/>

    </cpu>

    <power_management>

      <suspend_mem/>

      <suspend_disk/>

      <suspend_hybrid/>

    </power_management>

    <migration_features>

      <live/>

      <uri_transports>

        <uri_transport>tcp</uri_transport>



15771 ?        Sl     0:03 qemu-system-x86_64 -enable-kvm -name
guest=Util-LIN-1,debug-threads=on -S -object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-11-Util-LIN-1/master-key.aes
-machine pc-i440fx-2.1,accel=kvm,usb=off,dump-guest-core=off -cpu
*Westmere-IBRS*
,+vme,+ss,+ht,+pclmuldq,+vmx,+fma,+pcid,+x2apic,+movbe,+xsave,+osxsave,
*+avx,*+f16c,+rdrand,+hypervisor,+arat,+fsgsbase,+tsc_adjust,+bmi1,+hle,
*+avx2*,+smep,+bmi2,+erms,+invpcid,+rtm,+rdseed,+adx,+smap,+md-clear,+ssbd,+xsaveopt,+pdpe1gb,+rdtscp,+abm,+3dnowprefetch
-m 4096 -realtime mlock=off -smp 4,sockets=4,cores=1,threads=1 -uuid
caa60e3c-f946-40a4-80ac-1fb86366c5f6 -no-user-config -nodefaults -chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-11-Util-LIN-1/monitor.sock,server,nowait
-mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown
-boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2
-device ahci,id=sata0,bus=pci.0,addr=0x4 -drive
file=/var/lib/libvirt/images/Util-LIN-1/Util-LIN-1.qcow2,format=qcow2,if=none,id=drive-sata0-0-0
-device ide-hd,bus=sata0.0,drive=drive-sata0-0-0,id=sata0-0-0,bootindex=1
-drive
file=/var/lib/libvirt/images/Util-LIN-1/Util-LIN-1-acdisk.qcow2,format=qcow2,if=none,id=drive-sata0-0-2
-device ide-hd,bus=sata0.2,drive=drive-sata0-0-2,id=sata0-0-2 -netdev
tap,fd=34,id=hostnet0,vhost=on,vhostfd=36 -device
virtio-net-pci,netdev=hostnet0,id=net0,mac=1a:b2:ae:f7:69:c7,bus=pci.0,addr=0x3
-chardev pty,id=charserial0 -device
isa-serial,chardev=charserial0,id=serial0 -device
usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:8 -device
cirrus-vga,id=video0,bus=pci.0,addr=0x2 -incoming defer -device
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on

Regards
Tanmoy Sinha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20200510/004db167/attachment.htm>

More information about the libvirt-users mailing list