Advanced Virtual Machines pre-requisites
This section details the particular case of install the esReven server in a virtual machine (VM).
Most common hypervisors were tested. That includes QEMU/KVM (e.g. Proxmox, virt-manager, ...), VMware ESXi, VMware Workstation, Microsoft Hyper-V, but others should work too.
Tips and tricks
Here are some quick guidelines that should help you get in the right direction. In any case, please refer to the official documentation for your hypervisor or your system administrator to get the most accurate guidance.
QEMU/KVM
The status of nested virtualization on Linux can be checked with the following files:
/sys/module/kvm_intel/parameters/nested
for Intel CPUs./sys/module/kvm_amd/parameters/nested
for AMD CPUs.
For example:
$ cat /sys/module/kvm_intel/parameters/nested
Y
If nested virtualization is disabled, you can enable it by running the following as root
:
- For Intel CPUs:
# echo 'options kvm_intel nested=1' > /etc/modprobe.d/kvm.conf
- For AMD CPUs:
# echo 'options kvm_amd nested=1' > /etc/modprobe.d/kvm.conf
The modification will be effective after the next reboot.
VMware ESXi
Nested virtualization on ESXi can be enabled by running the following command as root
:
echo 'vhv.allow = "TRUE"' >> /etc/vmware/config
The nested virtualization option must then be further enabled on a per-guest basis. The option to look for is called Hardware virtualization: Expose hardware assisted virtualization to the guest OS
.
VMware Workstation
The nested virtualization setting on Workstation is set on a per-VM basis. Look for the Virtualize Intel VT-x/EPT or AMD-V/RVI
option in the VM Settings.
Microsoft Hyper-V
The nested virtualization setting on Hyper-V is set on a per-VM basis. It is activated by running the following in a Powershell console:
Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
Troubleshooting
Reven refuses to launch with a /dev/kvm problem
If you encounter the following error in docker-compose logs reven
:
ERROR: '/dev/kvm' does not have read/write permissions with this user.
This may be due to the nested virtualization being ill-configured. You can check that easily with kvm-ok
directly in
the virtual machine:
sudo apt install cpu-checker
sudo kvm-ok
If the last command returned an error, then you should check that the VM does have nested virtualization enabled.
Issue during 'Prepare VM'
If during a Prepare VM
task, you happen to have libguestfs
complaining with the following error:
kvm_put_msrs: Assertion 'ret == cpu->kvm_msr_buf->nmsrs' failed.
Try running the following as root
on the guest VM you installed Reven on:
echo Y > /sys/module/kvm/parameters/ignore_msrs
If this works, you can make it permanent after next reboot:
echo 'options kvm ignore_msrs=Y' > /etc/modprobe.d/kvm_ignore_msrs.conf