KVM: Nested Virtualization Support
This hit me like a sack of bricks, I looked for this before and never found any way of doing it, but I just happened to have found some articles from early last year that showed it was supported. As I’m writing this I’m getting a fully set up UEC cloud going, the proof is in the setup for this as it’ll flat out warn you 2-3 times that you don’t have KVM support, and it hasn’t yet. There are very few steps:
You’ll want to stop libvirtd in some instances, depending on what route you chose. Here we will remove and reinsert the module with nested support.
jason@Desktop:~$ sudo /etc/init.d/libvirt-bin stop jason@Desktop:~$ sudo modprobe -r kvm_amd jason@Desktop:~$ sudo modprobe kvm_amd nested=1
Next we will want to either add a new script to apparmor and the bin directory or change the current symlinked /usr/bin/kvm file. Let’s start off with the safe way, by creating separate script. This one I’ve named kvm-nested.
#!/bin/bash exec /usr/bin/kvm -enable-nesting "$@"
Once that is done, you’ll need to edit the /etc/apparmor.d/abstractions/libvirt-qemu file and add the line below line into it in the section for “the various binaries”.
/usr/bin/kvm-nested rmix,
The one draw back to this method is you will need to manually edit each VM’s xml file to point to that new script /usr/bin/kvm-nested in this line.
<emulator>/usr/bin/kvm-nested</emulator>
The other way which I found more simple was deleting the current kvm symlink to qemu-system-x86_64 and pointing it to the script below.
jason@Desktop:~$ cat /usr/bin/kvm #!/bin/bash /usr/bin/qemu-system-x86_64 -enable-nesting "$@" jason@Desktop:~$ ls -l /usr/bin/kvm lrwxrwxrwx 1 root root 10 2011-01-21 19:13 /usr/bin/kvm -> /usr/bin/kvm-nested
That really should be it, now to keep testing to see if any issues arise.
Media Streamer Showdown Ubuntu: udev Wrongly Assigns NIC IDs
Interesting article -
what hypervisor have you nested under kvm and how is the performance?
Both KVM and Hyper-V work, ESX(i) is still a no. Performance isn’t that bad, I used Proxmox to deploy a few VM’s as a test and they ran decently. I really haven’t done any huge performance tests.
Jason, how did you get hyper-v to work ? I’ve tried to copy what you have here but hyper-v cannot start because the virtual machine bus fails to start with error code 39.
Well truthfully I hadn’t tested all of Hyper-V, I just wanted to make sure it was enabled as a proof of concept. With vSphere 5 coming within the next few months, running nested hypervisors should be more stable and have better compatibility.
OK. The situation seems to be that hyper-v will install but does not actually run, at least on my Ubuntu 10.04.2LTS box. I’ve tried W2K8 and W2K8R2 but both report the failure to start the virtual machine bus on the device manager after the hyper-v role is installed. Pity.
Thanks for coming back to my question though as it helped me to know it is not fully operational.
[...] Its possible, read more here – http://blog.coildomain.com/2011/01/24/kvm-nested-virtualization-support/ [...]
[WORDPRESS HASHCASH] The comment’s server IP (64.90.55.54) doesn’t match the comment’s URL host IP (64.90.54.59) and so is spam.
[...] KVM on KVMをするための前提条件は、以下のサイトが参考になりました。 KVM: Nested Virtualization Support http://blog.coildomain.com/2011/01/24/kvm-nested-virtualization-support/ [...]