Hits : 8753


We want to add virtualization flags to our Guest OS (Virtual Machine)

tl;dr


# rmmod kvm_intel
# modprobe kvm_intel nested=1
# qemu-kvm /mnt/VMs/images/fedora/18/f18.qcow2 -m 2048 -cpu host


Long Version – WalkThrough and try to understand

cpu flags


Find if your cpu has virtualization capabilites (flags)


# grep -E '^flags.*(vmx|svm)' /proc/cpuinfo


eg.


flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms

libvirt info


# virsh nodeinfo
CPU model:           x86_64
CPU(s):              4
CPU frequency:       1900 MHz
CPU socket(s):       1
Core(s) per socket:  2
Thread(s) per core:  2
NUMA cell(s):        1
Memory size:         8038060 KiB


Take a look at libvirt api documentation


https://libvirt.org/html/index.html


top


kernel modules


# lsmod | grep -i kvm
kvm_intel             124064  0 
kvm                   384721  1 kvm_intel


Formatter "highlight/html" not found


So the boolean parameter is: nested:bool


top


Nested


Lets find out if nested in enable:


allocate the kvm_intel parameter file


# find /sys/module/kvm_intel | grep -i nested
/sys/module/kvm_intel/parameters/nested


Is it ?


# cat /sys/module/kvm_intel/parameters/nested
N


Now if you try to:


# sysctl -w kvm-intel.nested=1


then a msg error will get:


sysctl: cannot stat /proc/sys/kvm-intel/nested: No such file or directory


if kvm_intel is loaded:


# lsmod | grep kvm_intel
kvm_intel             124064  0 
kvm                   384721  1 kvm_intel


Then you need to unload it.


rmmod kvm_intel


top


modprobe


# man modprobe | head


show us how to pass a parameter on a module


NAME
       modprobe - Add and remove modules from the Linux Kernel

SYNOPSIS
       modprobe [-v] [-V] [-C config-file] [-n] [-i] [-q] [-b] [modulename] [module parameters...]


so the command we should use to pass the nested through modprobe should be:


And load a the kernel module with the modprobe


modprobe kvm-intel nested=1

Verify


# cat /sys/module/kvm_intel/parameters/nested
Y


and through systool


# systool -m kvm_intel -v | grep nested
    nested              = "Y"


top


Enable kvm nested on boot


There are a few ways to enable nested at boot time (permanently).

grub


Add this at the end kernel line:


kvm-intel.nested=1

modprobe


with modprobe configuration file:


# echo "options kvm-intel nested=1" > /etc/modprobe.d/kvm-intel.conf


top