Nested KVM(the ability to run kvm on kvm) configuration

-

Its possible to configure nested KVM to deploy kvm guests. Its not a very ideal scenario for production environment but could be a better option to run Proof of Concept (PoC) for both standalone and clustered kvm platform.

  • Standalone KVM Platform: virsh/virt-manager
  • Clustered KVM Platform: oVirt/Openstack



Fig-01: Low level Nested KVM Architecture 


Both Intel and AMD processors support this feature. Following procedure can help to enable the nested KVM virtualization.

[a] On Intel based KVM hypervisor:

    To check if the nested KVM Kernel parameter is enabled:
    # cat /sys/module/kvm_intel/parameters/nested
      N

    Create the following file:
    # cat > /etc/modprobe.d/kvm-nested.conf <<_EOF
      options kvm-intel nested=1
      _EOF

    Make sure no VM is running and remove & add the KVM module:
    # modprobe -r kvm_intel
    # modprobe -a kvm_intel

    Ensure that KVM module is loaded now:
    # lsmod | egrep ^kvm
      kvm_intel  174841 80
      kvm        578558 1 kvm_intel

    # cat /sys/module/kvm_intel/parameters/nested
      Y

[b] On AMD based KVM hypervisor:

    To check if the nested KVM Kernel parameter is enabled:
    # cat /sys/module/kvm_amd/parameters/nested
      0

    Create the following file:
    # cat > /etc/modprobe.d/kvm-nested.conf <<_EOF
      options kvm-amd nested=1
      _EOF

    Make sure no VM is running and remove & add the KVM module:
    # modprobe -r kvm_amd
    # modprobe -a kvm_amd

    Ensure that KVM module is loaded now:
    # lsmod | egrep ^kvm
      kvm_amd  174841 80
      kvm      578558 1 kvm_amd

    # cat /sys/module/kvm_amd/parameters/nested
      1

    
    Now expose Virtualization Extensions to guest hypervisor VM by editing the VM’s libvirt XML configuration using virsh utility on the physical KVM host:

    # virsh edit <vm_name>


    Add 'host-passthrough' to expose the host CPU features to the virtual machine:

    <cpu mode='host-passthrough'>
    </cpu>

    ==: With the above change the guest hypervisor is now ready to host new vm. :==








Comments

Post a Comment

Popular posts from this blog

VNC Configuration using Ansible in CentOS 7

-
1. Install epel repo on CentOS 7 system:   # yum install epel-release -y 2. Install ansible using yum:   # yum install ansible -y 3. Go to '/etc/ansible/roles/' directory and run the below command to create the skeleton directory structure:   # ansible-galaxy init vnc7 --offline   # tree vnc7          vnc7     ├── defaults     │   └── main.yml     ├── files     ├── handlers     │   └── main.yml     ├── meta     │   └── main.yml     ├── README.md     ├── tasks     │   └── main.yml     ├── tests     │   ├── inventory     │   └── test.yml     └── vars         └── main.yml 4. Create the service file to allow 'root' user to access the vncserver using port 5901.    In "/etc/ansible/roles/vnc7/files/" directory create a ...
Read more

How to build Ubuntu Server 20.04 LTS OVA with vAPP Properties ?

-
Image
This document will explain how to build an Ubuntu Server 20.04 LTS ova with vAPP properties enabled. Requirement: VM Deployment access required in vCenter environment. We have used the vCenter Server 6.7 and ESXi 6.5 while documented the below steps 1. Install a ubuntu server 20.04 lts vm with minimal cpu, ram and HDD(as needed). Make your own partition. 2. Use apt-get to upgrade all the packages along with the additional packages that required to install in the vm:      $ sudo apt-get update && apt-get upgrade -y 3. Make sure that 'open-vm-tools' and 'ifupdown' package is installed in the vm:       $ sudo apt-get install open-vm-tools  -y       $ sudo apt-get install ifupdown  -y 4. Take the console of the vm and stop, disable and mask the Network Manager service:       $ systemctl  stop  NetworkManager.service       $ systemctl  disable NetworkManager.service     ...
Read more

LVM Configuration using Ansible in CentOS 7

-
1. Install epel repo on CentOS 7 system:   # yum install epel-release -y 2. Install ansible using yum:   # yum install ansible -y   3. Open '/etc/ansible/hosts' file and make a group called 'dbhosts' to add two hosts in it:   # vi  /etc/ansible/hosts   [dbhosts]    host1.example.com    host2.example.com  4. Configure passwordless ssh to both host1 & host2 from ansible server:   # ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: ce:7d:fd:65:4e:61:4e:a9:09:61:90:d2:75:1b:d1:1d root@server.example.com The key's randomart image is: +--[ RSA 2048]----+ |        ..o. +oEo| |       . o. . o..| | ...
Read more