Hi Fariborz,
To enable nested virtualization on the KVM hypervisor hosts:
1. shutoff the running VMs on the respective host.
2. Create the following file: /etc/modprobe.d/kvm-nested.conf and add the
following details to the file: options kvm-intel nested=1
3. Remove and re-add the kvm kernel module,
modprobe -r kvm_intel
modprobe -a kvm_intel
4. Verify the content of /sys/module/kvm_intel/parameters/nested file to
validate if nested virtualization has been enabled
Add required details in the agent.properties file as stated in the earlier
emails and restart the cloudstack-agent service.
Start the VM(s) - you should now see the vmx flag in your guest VM(s).
Thanks,
Pearl
________________________________
From: Nicolas Vazquez <[email protected]>
Sent: Monday, April 19, 2021 9:33 AM
To: [email protected] <[email protected]>
Subject: Re: Enabling nested virtualization
Hi Fariborz,
Can you explore if it can be enabled by explicitly sending metada to that VM. I
would suggest passing '<cpu mode='host-model' check='partial'/>' by:
* Set the configuration 'enable.additional.vm.configuration' to true
* Set the configuration 'allow.additional.vm.configuration.list.kvm' to
'cpu'
* Encode the text to be passed, as:
'%3Ccpu%20mode%3D%27host-model%27%20check%3D%27partial%27%2F%3E'
* Stop and update the virtual machine, passing the encoded text as the
extraconfig parameter: update virtualmachine
extraconfig="%3Ccpu%20mode%3D%27host-model%27%20check%3D%27partial%27%2F%3E"
id=<VM_UUID>
More information about this feature:
https://www.shapeblue.com/cloudstack-feature-first-look-enable-sending-of-arbitrary-configuration-data-to-vms/
Regards,
Nicolas Vazquez
________________________________
From: Fariborz Navidan <[email protected]>
Sent: Sunday, April 18, 2021 7:50 PM
To: [email protected] <[email protected]>
Subject: Re: Enabling nested virtualization
Hello,
I just added the following lines to agent.properties file:
guest.cpu.mode=host-model
guest.cpu.features=vmx
And stopped/started the VM. The CPU model name inside /proc/cpuinfo on the
VM reads exac;y as the CPU model of the physical host but it still does not
expose the vmx feature to the VM. The output of command "cat /proc/cpuinfo
| grep vmx" is empty.
Please advise.
Regards.
On Sun, Apr 18, 2021 at 6:13 PM Andrija Panic <[email protected]>
wrote:
> I would use imagination and imagine that in order to apply a specific CPU
> model (and expose flags) to the needed VMs (ps aux | grep i-2-XXX-VM) -
> you will need to stop/start just the wanted VMs.
>
> Otherwise, after agent.properties change, it is required to restart the
> agent, for obvious reasons.
>
> Best,
>
> On Sun, 18 Apr 2021 at 13:22, Fariborz Navidan <[email protected]>
> wrote:
>
> > Hi,
> >
> > Should I stop/start all VMs or just the one I want to be deployed with
> VTX
> > flag?
> >
> > Regards.
> >
> > On Sun, Apr 18, 2021 at 1:49 AM Andrija Panic <[email protected]>
> > wrote:
> >
> > > Try with the custom CPU model inside the agents.properties, making sure
> > you
> > > pass the VTX and other CPU flags. (you can defined CPU model, or use
> some
> > > CPU model + some more CPU flags (i.e. VTX)
> > > Never tested, but is supposed to work that way.
> > >
> > > Best,
> > >
> > > On Sat, 17 Apr 2021 at 21:58, Fariborz Navidan <[email protected]>
> > > wrote:
> > >
> > > > Hi All,
> > > >
> > > > How can I enable nested virtualization on KVM hypervisor so that a
> > guest
> > > VM
> > > > supports nested Intel-VTX?
> > > >
> > > > TIA
> > > >
> > >
> > >
> > > --
> > >
> > > Andrija Panić
> > >
> >
>
>
> --
>
> Andrija Panić
>
[email protected]
www.shapeblue.com<http://www.shapeblue.com>
3 London Bridge Street, 3rd floor, News Building, London SE1 9SGUK
@shapeblue
[email protected]
www.shapeblue.com
3 London Bridge Street, 3rd floor, News Building, London SE1 9SGUK
@shapeblue
