Control: severity -1 wishlist 04.12.2013 12:21, Vanessa wrote: > Package: qemu-kvm Version: 1.7.0+dfsg-2 Severity: important > > Hi out there, > > I tried to give nested virtualisation a test, because this could allow me to > organise my virtual machines more like a data center. Virtual hypervisors > would form "racks" and house a set of vm's, which in turn could be migrated > between racks and full racks be migrated to different hardware.
Please note that nested virt can only be used for testing/debugging, not for production. The thing is that second layer is significantly slower than 1st, and, as you had observed, reliability of it isn't the best out there. > For testing I use an older laptop with an Intel(R) Core(TM)2 Duo CPU P8400 @ > 2.26GHz, with 4Gigs of Ram. I _think_ (not sure but just think) that it is a too old CPU for nested virt. I don't really remember what's needed on host for nested virtualization to work, maybe it is nested page tables support (which core2duo lacks), maybe something else. > Nesting is switched on for kvm_intel on the bare metal. I passed all host cpu > flags to the vm. The guest hypervisor starts without any problems and loads > kvm_intel accepting it has hypervisor capabilities. > > Trying to start kvm or qemu-system-i386 (or -x86_64) with --enable-kvm > freezes the guest hypervisor vm to death immediately. It is -x86_64; -i386 should not generally be used for kvm (nested or not), it receives almost no testing, all development is done in -x86_64. I can't confirm this on my host which is powered by some sort of Ivy Bridge Xeon, nested virtualization appears to work here. And I don't have other intel hosts to try to (on AMD CPUs, nested worked long before, even on first-gen athlons and turions). > I have tried several CPUs for the guest hypervisor including kvm64, Penryn, > core2duo, always seeing the same result. It should not matter which cpu you choose for the guest. The best in your case is to use -cpu host. > While researching the above, I found bug #697551, which by the sounds of it > is a very similar problem. No, it isn't similar. Support for nested kvm has been merged to qemu at version 1.2, before 1.2, qemu had no nested virt support at all, it was developed within qemu-kvm not qemu. Initially it was only for AMD CPUs, for intel it was quite a bit more difficult to do (due to architectural differences). Note that a fair bit of code for nested virt is within the kernel, not within qemu userspace. So for this to work, you need _both_ pieces. Kernel >=3.10 is recommended for both host and L1 guest (and you already run 3.11). So far my main suspect is the old CPU you used it on. It should not crash or stuck at 100% CPU usage, an error message of some sort would be nice, so it is a bug anyway, but even if that's fixed, it wont help you obviously. I don't really know what to do about this bug. I'll try to ask around for some confirmation (or overvise) of my theory. At any rate the severity of this bug isn't "important", it is a clean wishlist, a wish for nested virt to work. Marking it as such. Thank you! /mjt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
