<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Carlito">Hi all,<br>
<br>
Nested KVM on the hyervisor host is there:<br>
[xxx@bigvirt ~]$ cat /sys/module/kvm_amd/parameters/nested<br>
1<br>
<br>
<br>
[root@bigvirt ~]# virsh -r dumpxml RHEV<br>
<domain type='kvm' id='2'><br>
<name>RHEV</name><br>
<uuid>98a86cc8-efbe-43b5-a8e2-4c636b6556a8</uuid><br>
<metadata xmlns:ovirt=<a class="moz-txt-link-rfc2396E" href="http://ovirt.org/vm/tune/1.0">"http://ovirt.org/vm/tune/1.0"</a>><br>
<ovirt:qos/><br>
</metadata><br>
<maxMemory slots='16'
unit='KiB'>4294967296</maxMemory><br>
<memory unit='KiB'>2097152</memory><br>
<currentMemory unit='KiB'>2097152</currentMemory><br>
<vcpu placement='static' current='2'>16</vcpu><br>
<cputune><br>
<shares>1020</shares><br>
</cputune><br>
<numatune><br>
<memory mode='interleave' nodeset='0'/><br>
</numatune><br>
<resource><br>
<partition>/machine</partition><br>
</resource><br>
<sysinfo type='smbios'><br>
<system><br>
<entry name='manufacturer'>oVirt</entry><br>
<entry name='product'>oVirt Node</entry><br>
<entry
name='version'>7-2.1511.el7.centos.2.10</entry><br>
<entry
name='serial'>60E59E92-3256-BD11-B8BD-14DAE9ED31D2</entry><br>
<entry
name='uuid'>98a86cc8-efbe-43b5-a8e2-4c636b6556a8</entry><br>
</system><br>
</sysinfo><br>
<os><br>
<type arch='x86_64'
machine='pc-i440fx-rhel7.2.0'>hvm</type><br>
<smbios mode='sysinfo'/><br>
</os><br>
<features><br>
<acpi/><br>
</features><br>
<cpu mode='custom' match='exact'><br>
<model fallback='allow'>Opteron_G3</model><br>
<topology sockets='16' cores='1' threads='1'/><br>
<feature policy='require' name='svm'/><br>
<numa><br>
<cell id='0' cpus='0-1' memory='2097152' unit='KiB'/><br>
</numa><br>
</cpu><br>
<clock offset='variable' adjustment='0' basis='utc'><br>
<timer name='rtc' tickpolicy='catchup'/><br>
<timer name='pit' tickpolicy='delay'/><br>
<timer name='hpet' present='no'/><br>
</clock><br>
<on_poweroff>destroy</on_poweroff><br>
<on_reboot>restart</on_reboot><br>
<on_crash>destroy</on_crash><br>
<devices><br>
<emulator>/usr/libexec/qemu-kvm</emulator><br>
<disk type='file' device='cdrom'><br>
<driver name='qemu' type='raw'/><br>
<source startupPolicy='optional'/><br>
<backingStore/><br>
<target dev='hdc' bus='ide'/><br>
<readonly/><br>
<serial></serial><br>
<alias name='ide0-1-0'/><br>
<address type='drive' controller='0' bus='1' target='0'
unit='0'/><br>
</disk><br>
<disk type='file' device='disk' snapshot='no'><br>
<driver name='qemu' type='raw' cache='none'
error_policy='stop' io='threads'/><br>
<source
file='/rhev/data-center/21ecac04-6bc8-4e20-88da-48bcb5b9a5a4/cb05b616-71bc-457f-9401-d18748f68678/images/bd8f017e-a33e-49c7-a487-34b1d110b678/8e72df98-7dba-47e7-baec-2b034d208496'/><br>
<backingStore/><br>
<target dev='vda' bus='virtio'/><br>
<serial>bd8f017e-a33e-49c7-a487-34b1d110b678</serial><br>
<boot order='1'/><br>
<alias name='virtio-disk0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x06' function='0x0'/><br>
</disk><br>
<controller type='scsi' index='0' model='virtio-scsi'><br>
<alias name='scsi0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x04' function='0x0'/><br>
</controller><br>
<controller type='virtio-serial' index='0' ports='16'><br>
<alias name='virtio-serial0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x05' function='0x0'/><br>
</controller><br>
<controller type='usb' index='0'><br>
<alias name='usb'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x2'/><br>
</controller><br>
<controller type='pci' index='0' model='pci-root'><br>
<alias name='pci.0'/><br>
</controller><br>
<controller type='ide' index='0'><br>
<alias name='ide'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x1'/><br>
</controller><br>
<interface type='bridge'><br>
<mac address='00:1a:4a:16:01:57'/><br>
<source bridge='ovirtmgmt'/><br>
<target dev='vnet0'/><br>
<model type='virtio'/><br>
<filterref filter='vdsm-no-mac-spoofing'/><br>
<link state='up'/><br>
<alias name='net0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x03' function='0x0'/><br>
</interface><br>
<channel type='unix'><br>
<source mode='bind'
path='/var/lib/libvirt/qemu/channels/98a86cc8-efbe-43b5-a8e2-4c636b6556a8.com.redhat.rhevm.vdsm'/><br>
<target type='virtio' name='com.redhat.rhevm.vdsm'
state='disconnected'/><br>
<alias name='channel0'/><br>
<address type='virtio-serial' controller='0' bus='0'
port='1'/><br>
</channel><br>
<channel type='unix'><br>
<source mode='bind'
path='/var/lib/libvirt/qemu/channels/98a86cc8-efbe-43b5-a8e2-4c636b6556a8.org.qemu.guest_agent.0'/><br>
<target type='virtio' name='org.qemu.guest_agent.0'
state='disconnected'/><br>
<alias name='channel1'/><br>
<address type='virtio-serial' controller='0' bus='0'
port='2'/><br>
</channel><br>
<channel type='spicevmc'><br>
<target type='virtio' name='com.redhat.spice.0'
state='disconnected'/><br>
<alias name='channel2'/><br>
<address type='virtio-serial' controller='0' bus='0'
port='3'/><br>
</channel><br>
<input type='mouse' bus='ps2'/><br>
<input type='keyboard' bus='ps2'/><br>
<graphics type='spice' port='5900' tlsPort='5901'
autoport='yes' listen='192.168.1.7'
passwdValidTo='1970-01-01T00:00:01'><br>
<listen type='network' address='192.168.1.7'
network='vdsm-ovirtmgmt'/><br>
</graphics><br>
<video><br>
<model type='qxl' ram='65536' vram='32768' vgamem='16384'
heads='1'/><br>
<alias name='video0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x02' function='0x0'/><br>
</video><br>
<memballoon model='none'><br>
<alias name='balloon0'/><br>
</memballoon><br>
</devices><br>
<seclabel type='dynamic' model='selinux' relabel='yes'><br>
<label>system_u:system_r:svirt_t:s0:c147,c512</label><br>
<imagelabel>system_u:object_r:svirt_image_t:s0:c147,c512</imagelabel><br>
</seclabel><br>
</domain><br>
<br>
Removed the machine, I was not shure if I created the machine
after adding "nested=1" to kvm_amd<br>
<br>
[root@bigvirt ~]# virsh -r dumpxml RHEV<br>
<domain type='kvm' id='5'><br>
<name>RHEV</name><br>
<uuid>a583ec5a-50ba-447a-bc4f-f88b2704847f</uuid><br>
<metadata xmlns:ovirt=<a class="moz-txt-link-rfc2396E" href="http://ovirt.org/vm/tune/1.0">"http://ovirt.org/vm/tune/1.0"</a>><br>
<ovirt:qos/><br>
</metadata><br>
<maxMemory slots='16'
unit='KiB'>4294967296</maxMemory><br>
<memory unit='KiB'>2097152</memory><br>
<currentMemory unit='KiB'>2097152</currentMemory><br>
<vcpu placement='static' current='2'>16</vcpu><br>
<cputune><br>
<shares>1020</shares><br>
</cputune><br>
<numatune><br>
<memory mode='interleave' nodeset='0'/><br>
</numatune><br>
<resource><br>
<partition>/machine</partition><br>
</resource><br>
<sysinfo type='smbios'><br>
<system><br>
<entry name='manufacturer'>oVirt</entry><br>
<entry name='product'>oVirt Node</entry><br>
<entry
name='version'>7-2.1511.el7.centos.2.10</entry><br>
<entry
name='serial'>60E59E92-3256-BD11-B8BD-14DAE9ED31D2</entry><br>
<entry
name='uuid'>a583ec5a-50ba-447a-bc4f-f88b2704847f</entry><br>
</system><br>
</sysinfo><br>
<os><br>
<type arch='x86_64'
machine='pc-i440fx-rhel7.2.0'>hvm</type><br>
<smbios mode='sysinfo'/><br>
</os><br>
<features><br>
<acpi/><br>
</features><br>
<cpu mode='custom' match='exact'><br>
<model fallback='allow'>Opteron_G3</model><br>
<topology sockets='16' cores='1' threads='1'/><br>
<feature policy='require' name='svm'/><br>
<numa><br>
<cell id='0' cpus='0-1' memory='2097152' unit='KiB'/><br>
</numa><br>
</cpu><br>
<clock offset='variable' adjustment='0' basis='utc'><br>
<timer name='rtc' tickpolicy='catchup'/><br>
<timer name='pit' tickpolicy='delay'/><br>
<timer name='hpet' present='no'/><br>
</clock><br>
<on_poweroff>destroy</on_poweroff><br>
<on_reboot>restart</on_reboot><br>
<on_crash>destroy</on_crash><br>
<devices><br>
<emulator>/usr/libexec/qemu-kvm</emulator><br>
<disk type='file' device='cdrom'><br>
<driver name='qemu' type='raw'/><br>
<source
file='/rhev/data-center/mnt/10.0.0.3:_nfs_iso/8cdabe73-5676-4820-b876-7af86854ea39/images/11111111-1111-1111-1111-111111111111/rhev-hypervisor6-6.7-20151123.0.iso'
startupPolicy='optional'><br>
<seclabel model='selinux' labelskip='yes'/><br>
</source><br>
<backingStore/><br>
<target dev='hdc' bus='ide'/><br>
<readonly/><br>
<serial></serial><br>
<boot order='1'/><br>
<alias name='ide0-1-0'/><br>
<address type='drive' controller='0' bus='1' target='0'
unit='0'/><br>
</disk><br>
<disk type='file' device='disk' snapshot='no'><br>
<driver name='qemu' type='raw' cache='none'
error_policy='stop' io='threads'/><br>
<source
file='/rhev/data-center/21ecac04-6bc8-4e20-88da-48bcb5b9a5a4/cb05b616-71bc-457f-9401-d18748f68678/images/bd8f017e-a33e-49c7-a487-34b1d110b678/8e72df98-7dba-47e7-baec-2b034d208496'/><br>
<backingStore/><br>
<target dev='vda' bus='virtio'/><br>
<serial>bd8f017e-a33e-49c7-a487-34b1d110b678</serial><br>
<boot order='2'/><br>
<alias name='virtio-disk0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x06' function='0x0'/><br>
</disk><br>
<controller type='scsi' index='0' model='virtio-scsi'><br>
<alias name='scsi0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x04' function='0x0'/><br>
</controller><br>
<controller type='virtio-serial' index='0' ports='16'><br>
<alias name='virtio-serial0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x05' function='0x0'/><br>
</controller><br>
<controller type='usb' index='0'><br>
<alias name='usb'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x2'/><br>
</controller><br>
<controller type='pci' index='0' model='pci-root'><br>
<alias name='pci.0'/><br>
</controller><br>
<controller type='ide' index='0'><br>
<alias name='ide'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x1'/><br>
</controller><br>
<interface type='bridge'><br>
<mac address='00:1a:4a:16:01:57'/><br>
<source bridge='ovirtmgmt'/><br>
<target dev='vnet0'/><br>
<model type='virtio'/><br>
<filterref filter='vdsm-no-mac-spoofing'/><br>
<link state='up'/><br>
<boot order='3'/><br>
<alias name='net0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x03' function='0x0'/><br>
</interface><br>
<channel type='unix'><br>
<source mode='bind'
path='/var/lib/libvirt/qemu/channels/a583ec5a-50ba-447a-bc4f-f88b2704847f.com.redhat.rhevm.vdsm'/><br>
<target type='virtio' name='com.redhat.rhevm.vdsm'
state='disconnected'/><br>
<alias name='channel0'/><br>
<address type='virtio-serial' controller='0' bus='0'
port='1'/><br>
</channel><br>
<channel type='unix'><br>
<source mode='bind'
path='/var/lib/libvirt/qemu/channels/a583ec5a-50ba-447a-bc4f-f88b2704847f.org.qemu.guest_agent.0'/><br>
<target type='virtio' name='org.qemu.guest_agent.0'
state='disconnected'/><br>
<alias name='channel1'/><br>
<address type='virtio-serial' controller='0' bus='0'
port='2'/><br>
</channel><br>
<channel type='spicevmc'><br>
<target type='virtio' name='com.redhat.spice.0'
state='disconnected'/><br>
<alias name='channel2'/><br>
<address type='virtio-serial' controller='0' bus='0'
port='3'/><br>
</channel><br>
<input type='mouse' bus='ps2'/><br>
<input type='keyboard' bus='ps2'/><br>
<graphics type='spice' port='5900' tlsPort='5901'
autoport='yes' listen='192.168.1.7'
passwdValidTo='2016-01-05T16:58:47' connected='disconnect'><br>
<listen type='network' address='192.168.1.7'
network='vdsm-ovirtmgmt'/><br>
</graphics><br>
<video><br>
<model type='qxl' ram='65536' vram='32768' vgamem='16384'
heads='1'/><br>
<alias name='video0'/><br>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x02' function='0x0'/><br>
</video><br>
<memballoon model='none'><br>
<alias name='balloon0'/><br>
</memballoon><br>
</devices><br>
<seclabel type='dynamic' model='selinux' relabel='yes'><br>
<label>system_u:system_r:svirt_t:s0:c19,c668</label><br>
<imagelabel>system_u:object_r:svirt_image_t:s0:c19,c668</imagelabel><br>
</seclabel><br>
</domain><br>
<br>
Still the same, on the Hypervisor prompt "modprobe -v kvm_amd"
will tell "operation not supported".<br>
<br>
But mmmm, the xml file tells "</font><font face="Carlito"><font
face="Carlito"><feature policy='require' name='svm'/><br>
<br>
grep svm /proc/cpuinfo on the hypervisor shows it is available.
On the virtual machine (using nested kvm) it is not available
despite kvm_amd is loaded with "nested=1"<br>
Mmm, does qemu not pickup the nested stuff?<br>
<br>
</font>Thankz allready!<br>
<br>
Winny<br>
</font><br>
<div class="moz-cite-prefix">Op 04-01-16 om 14:56 schreef Martin
Polednik:<br>
</div>
<blockquote
cite="mid:432672428.3091820.1451915764369.JavaMail.zimbra@redhat.com"
type="cite">
<pre wrap="">----- Original Message -----
</pre>
<blockquote type="cite">
<pre wrap="">From: "Martin Polednik" <a class="moz-txt-link-rfc2396E" href="mailto:mpolednik@redhat.com"><mpolednik@redhat.com></a>
To: <a class="moz-txt-link-abbreviated" href="mailto:wdh@dds.nl">wdh@dds.nl</a>
Cc: "users" <a class="moz-txt-link-rfc2396E" href="mailto:users@ovirt.org"><users@ovirt.org></a>, "Martin Polednik" <a class="moz-txt-link-rfc2396E" href="mailto:mpolednik@redhat.com"><mpolednik@redhat.com></a>
Sent: Monday, January 4, 2016 2:52:03 PM
Subject: Re: [ovirt-users] Nested KVM - vdsm-hook-nestedvt
On 04/01/16 14:38 +0100, <a class="moz-txt-link-abbreviated" href="mailto:wdh@dds.nl">wdh@dds.nl</a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi all,
OK, it seems I am confused. Nested KVM is NOT the same as fake KVM....
If so, I installed vdsm-hook-nestedvt on the hypervisor (only). Trying
to run ovirt-Node on a VM it complains there 's no virtualization,
despite the kvm_amd module is loaded with nested=1
How to enable nested-kvm for oVirt 3.6?
</pre>
</blockquote>
<pre wrap="">
First, make sure that you're enabling the nested feature for amd (just
noticed that the example used intel). Please show us the output of
# cat /sys/module/kvm_intel/parameters/nested
</pre>
</blockquote>
<pre wrap="">
and sorry, did the same mistake again - use
# cat /sys/module/kvm_amd/parameters/nested
</pre>
<blockquote type="cite">
<pre wrap="">on the host (physical machine), lscpu inside the VM and VM XML - use
# virsh -r list
# virsh -r dumpxml {machine_id found in the list}
Thanks,
mpolednik
</pre>
<blockquote type="cite">
<pre wrap="">Winny
Martin Polednik schreef op 04-01-2016 13:29:
</pre>
<blockquote type="cite">
<pre wrap="">On 04/01/16 09:52 +0100, Simone Tiraboschi wrote:
</pre>
<blockquote type="cite">
<pre wrap="">On Fri, Jan 1, 2016 at 3:32 PM, Winfried de Heiden <a class="moz-txt-link-rfc2396E" href="mailto:wdh@dds.nl"><wdh@dds.nl></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi all and happy new year!
I'm running oVirt 3.6 on EL7.
In order to test nested-kvm I installed vdsm-hook-nestedvt on the
hypervisor and put "fake_kvm_support = true" in /etc/vdsm/vdsm.conf.
</pre>
</blockquote>
<pre wrap="">
fake_kvm_support is just for developing purposes and it's not
needed as it
prevent guests to run.
</pre>
</blockquote>
<pre wrap="">
Not really true - fake_kvm_support enables QEMU emulation instead of
hardware virtualization (e.g. VT-x) instructions. It is also quite
broken in it's current state and fix is pending in cpuinfo branch at
gerrit.
I don't really understand the reason why fake_kvm would be used in
this case as AMD-v is enabled according to svm flag present -
following instructions should be correct for getting the flag passed
to the VMs.
</pre>
<blockquote type="cite">
<pre wrap="">Please check to understand if nested support is enabled on your host:
/sys/module/kvm_intel/parameters/nested
if not
echo "options kvm-intel nested=1" > /etc/modprobe.d/kvm-intel.conf
and reload the module
</pre>
</blockquote>
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap="">Than install vdsm-hook-nestedvt on your hosts.
If you want also to use the network on your L2 guest please
install and
configure also macspoof vdsm hook on your physical hosts otherwise
all the
traffic to/from your L2 guests will be dropped.
<a class="moz-txt-link-freetext" href="https://github.com/oVirt/vdsm/tree/master/vdsm_hooks/macspoof">https://github.com/oVirt/vdsm/tree/master/vdsm_hooks/macspoof</a>
</pre>
<blockquote type="cite">
<pre wrap="">However, afterwards the hypervisor host cannot connect to the ovirt
Manager, on ovirt Manager the engine.log will tell:
2016-01-01 15:21:42,105 WARN
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-76) [71d1638c] Correlation ID:
29daf92c,
Call Stack: null, Custom Event ID: -1, Message: Host bigvirt moved to
Non-Operational state as host does not meet the cluster's minimum CPU
level. Missing CPU features : model_Opteron_G3
After removing the option all works well again, but I'ḿ lacking
the nested
kvm option :( Is nested kvm only supported on a limited cpu's??
Winny
Information from /proc/cpuinfo:
processor : 0
vendor_id : AuthenticAMD
cpu family : 16
model : 10
model name : AMD Phenom(tm) II X6 1055T Processor
stepping : 0
microcode : 0x10000bf
cpu MHz : 2800.000
cache size : 512 KB
physical id : 0
siblings : 6
core id : 0
cpu cores : 6
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 6
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep
mtrr pge mca
cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext
fxsr_opt
pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nopl
nonstop_tsc
extd_apicid aperfmperf pni monitor cx16 popcnt lahf_lm cmp_legacy svm
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs
skinit wdt
cpb hw_pstate npt lbrv svm_lock nrip_save pausefilter
bogomips : 5625.54
TLB size : 1024 4K pages
clflush size : 64
cache_alignment : 64
address sizes : 48 bits physical, 48 bits virtual
power management: ts ttp tm stc 100mhzsteps hwpstate cpb
_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>
</pre>
</blockquote>
</blockquote>
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>
</pre>
</blockquote>
</blockquote>
<br>
</body>
</html>