How to enable nested virtualization in KVM

From FedoraProject

Jump to: navigation, search

Nested virtualization allows you to run a virtual machine (VM) inside another VM while still using hardware acceleration from the host.


Nested virt support

Check if your system supports it:

  1. For Intel processors, look into /sys/module/kvm_intel/parameters/nested, for AMD processors into /sys/module/kvm_amd/parameters/nested. You should receive 1 or Y, if nested virt is supported, 0 or N otherwise. AMD processors should have it enabled by default, (certain) Intel processors might not. Example:
    $ cat /sys/module/kvm_intel/parameters/nested
  2. If your host system does not have nested virt enabled (most probably just Intel case), try to enable it by booting with kvm-intel.nested=1 argument on the kernel command line and check it again.

If your system still doesn't advertise support for nested virt, your hardware might be too old, or your distribution version outdated. Try booting latest Fedora.

Configuration in virt-manager

Configure your VM to use nested virt:

  1. Make sure your VM is shut down
  2. Open virt-manager, go to the VM details page for that VM.
  3. Click on the Processor page.
  4. In the Configuration section, there are two options - either type host-passthrough into to Model field or enable Copy host CPU configuration checkbox (that fills host-model value into the Model field). Click Apply.
    • The difference between those two values is complicated, some details are in bug 1055002. For nested virt, you'll probably want to use host-passthrough until issues with host-model are worked out. Be aware though, that host-passthrough is not recommended for general usage, just for nested virt purposes.

Test nested virt

  1. Start the VM
  2. Inside the VM, run sudo dnf group install virtualization
  3. Verify that the guest has virt correctly setup with: sudo virt-host-validate . The check for hardware virtualization should pass:
    $ sudo virt-host-validate 
      QEMU: Checking for hardware virtualization                                 : PASS
      QEMU: Checking for device /dev/kvm                                         : PASS
      QEMU: Checking for device /dev/vhost-net                                   : PASS
      QEMU: Checking for device /dev/net/tun                                     : PASS
       LXC: Checking for Linux >= 2.6.26                                         : PASS

See Also