From: CentOS-virt-bounces@CentOS.org [mailto:CentOS-virt-bounces@CentOS.org] On Behalf Of Laurentiu Soica Sent: Thursday, August 4, 2016 3:07 AM
To: CentOS-virt@CentOS.org Subject: [CentOS-virt] CentOS 7 newer kernel needed
Hello,
I am looking for a Linux kernel for CentOS 7 that implements a feature introduced in kernel version 3.12:
“nested EPT support to KVM’s nested VMX.”
If anyone has used this feature with CentOS 7, please let me know.
Laurentiu
Hello Xlord,
The CPU does have VT support and I already have the nested KVM enabled.
Checking the Linux Kernel release notes I saw that the nested kvm feature was implemented in 3.10 but he EPT support is in 3.12.
So CentOS 7’s kernel which is 3.10 does have the EPT support? Is there a way to check that the EPT support is available in the kernel?
From: CentOS-virt-bounces@CentOS.org [mailto:CentOS-virt-bounces@CentOS.org ] On Behalf Of Laurentiu Soica Sent: Thursday, August 4, 2016 3:07 AM
To: CentOS-virt@CentOS.org
Subject: [CentOS-virt] CentOS 7 newer kernel needed
Hello,
I am looking for a Linux kernel for CentOS 7 that implements a feature introduced in kernel version 3.12:
“nested EPT support to KVM’s nested VMX.”
If anyone has used this feature with CentOS 7, please let me know.
From: CentOS-virt-bounces@CentOS.org [mailto:CentOS-virt-bounces@CentOS.org ] On Behalf Of Laurentiu Soica Sent: Thursday, August 4, 2016 3:07 AM
To: CentOS-virt@CentOS.org
Subject: [CentOS-virt] CentOS 7 newer kernel needed
Hello,
I am looking for a Linux kernel for CentOS 7 that implements a feature introduced in kernel version 3.12:
“nested EPT support to KVM’s nested VMX.”
If anyone has used this feature with CentOS 7, please let me know.
The Standard CentOS kernel is built from the source code and configuration files of the released RHEL kernel. The only way to get things into the main CentOS kernel is for it to be in the RHEL source code.
Red Hat does backport changes into the RHEL kernel, so if they support nested those changes or ones like it may be there. See Backporting:
Also, if you want to try a newer kernel, we do have 2 available. I
manage both of these kernels, they are both based on an LTS version of the kernel from kernel.org .. but neither gets nearly the attention (or smart people looking at them) as the RHEL based kernel. If you want to try either of them, they are in:
Those kernels both work, I am running both on production machines .. but I am not a kernel hacker, so I just build what the upstream LTS kernel maintainer releases. They may or may not do what you want.
The RHEL kernel team does a lot of work to make sure the RHEL kernel
Thanks, Johnny Hughes
–sVxWDmbPf59MBWhimBqsAThJ5IotJOUwJ
Dear Laurentiu, Agree with Johnny for kernel upgrade if upgrade helps, alternative if 3.10
or above already supported it, you can check from kernel parameter or options if they are disabled on purpose. You can do that via the “make menuconfig” via
“https://wiki.CentOS.org/HowTos/I_need_the_Kernel_Source” or
“https://wiki.CentOS.org/HowTos/BuildingKernelModules”. Hope that helps!
Xlord
—–Original Message—
Hello,
OK. Thank you both for answering. I have enough information now to decide next if a kernel upgrade is required in my case or not.
I think the decision will be based on whether the 2nd level of virtualization performs fast enough and without issues.
8 thoughts on - CentOS 7 Newer Kernel Needed
Dear Laurentiu,
Please check below info since assume your CentOS7 box CPU processor already VT supported in advance.
1) Checkpoint #1: Hardware and Kernel modules
a. cat /proc/cpuinfo | grep vmx
b. cat /sys/module/kvm_intel/parameters/nested (if “N” then go to checkpoint #2)
2) Checkpoint #2: Assume your CentOS box support
a. echo ‘options kvm-intel nested=y’ >> /etc/modprobe.d/dist.conf b. modprobe kvm-intel
3) Checkpoint #3: Verification
a. Reboot yout CentOS box
b. cat /sys/module/kvm_intel/parameters/nested (if “Y” then you can carry one process the KVM installation.
PS: Source: https://lalatendu.org/2015/11/01/kvm-nested-virtualization-in-fedora-23/ which should be very similar with CentOS and CentOS 7 already capable with on with KVM Nested EPT with CPU pass-through options supported. Hope that helps & cheers!!
Xlord
From: CentOS-virt-bounces@CentOS.org [mailto:CentOS-virt-bounces@CentOS.org] On Behalf Of Laurentiu Soica Sent: Thursday, August 4, 2016 3:07 AM
To: CentOS-virt@CentOS.org Subject: [CentOS-virt] CentOS 7 newer kernel needed
Hello,
I am looking for a Linux kernel for CentOS 7 that implements a feature introduced in kernel version 3.12:
“nested EPT support to KVM’s nested VMX.”
If anyone has used this feature with CentOS 7, please let me know.
Laurentiu
Hello Xlord,
The CPU does have VT support and I already have the nested KVM enabled.
Checking the Linux Kernel release notes I saw that the nested kvm feature was implemented in 3.10 but he EPT support is in 3.12.
So CentOS 7’s kernel which is 3.10 does have the EPT support? Is there a way to check that the EPT support is available in the kernel?
Thank you, Laurentiu
——=_NextPart_001_0002_01D1EE73.5D07B150
Content-Type: text/plain;
charset=”utf-8″
Content-Transfer-Encoding: quoted-printable
Dear Laurentiu,
Assume your hardware does support Intel VT-x with EPT supported, I have also look into the kernel part for fun!
Just quick look at CentOS 7 and installed a CentOS_7x_x64_build1511 @installation at minimum, below is my sharing and hope to help!
1) CentOS Linux Kernel version: 3.10.0-327.e17.x86_64 SMP
2) Kernel parameters which should be your requirement;
a. Default “kvm-intel.ept=1” (refer to Kernel Archive “https://www.kernel.org/”)
b.
Xlord
From: Laurentiu Soica [mailto:laurentiu@soica.ro]; Discussion about the virtualization on CentOS
Sent: Thursday, August 4, 2016 2:41 PM
To: -=X.L.O.R.D=-
Subject: Re: [CentOS-virt] CentOS 7 newer kernel needed
Hello Xlord,
The CPU does have VT support and I already have the nested KVM enabled.
Checking the Linux Kernel release notes I saw that the nested kvm feature was implemented in 3.10 but he EPT support is in 3.12.
So CentOS 7’s kernel which is 3.10 does have the EPT support? Is there a way to check that the EPT support is available in the kernel?
Thank you,
Laurentiu
Dear Laurentiu,
Please check below info since assume your CentOS7 box CPU processor already VT supported in advance.
1) Checkpoint #1: Hardware and Kernel modules
a. cat /proc/cpuinfo | grep vmx
b. cat /sys/module/kvm_intel/parameters/nested (if “N” then go to checkpoint #2)
2) Checkpoint #2: Assume your CentOS box support
a. echo ‘options kvm-intel nested=y’ >> /etc/modprobe.d/dist.conf b. modprobe kvm-intel
3) Checkpoint #3: Verification
a. Reboot yout CentOS box
b. cat /sys/module/kvm_intel/parameters/nested (if “Y” then you can carry one process the KVM installation.
PS: Source: https://lalatendu.org/2015/11/01/kvm-nested-virtualization-in-fedora-23/ which should be very similar with CentOS and CentOS 7 already capable with on with KVM Nested EPT with CPU pass-through options supported. Hope that helps & cheers!!
Xlord
From: CentOS-virt-bounces@CentOS.org [mailto:CentOS-virt-bounces@CentOS.org ] On Behalf Of Laurentiu Soica Sent: Thursday, August 4, 2016 3:07 AM
To: CentOS-virt@CentOS.org
Subject: [CentOS-virt] CentOS 7 newer kernel needed
Hello,
I am looking for a Linux kernel for CentOS 7 that implements a feature introduced in kernel version 3.12:
“nested EPT support to KVM’s nested VMX.”
If anyone has used this feature with CentOS 7, please let me know.
Laurentiu
——=_NextPart_001_0002_01D1EE73.5D07B150
Content-Type: text/html;
charset=”utf-8″
Content-Transfer-Encoding: quoted-printable
——=_NextPart_001_0008_01D1EE73.B27B2680
Content-Type: text/plain;
charset=”utf-8″
Content-Transfer-Encoding: quoted-printable
Dear Laurentiu,
Could you please check if your CPU supported from /proc/cpuinfo and lscpu ?
EPT supported
Xlord
From: -=X.L.O.R.D=- [mailto:xlord.sl@gmail.com]; ‘Discussion about the virtualization on CentOS’
Sent: Thursday, August 4, 2016 5:12 PM
To: ‘Laurentiu Soica’
Subject: RE: [CentOS-virt] CentOS 7 newer kernel needed
Dear Laurentiu,
Assume your hardware does support Intel VT-x with EPT supported, I have also look into the kernel part for fun!
Just quick look at CentOS 7 and installed a CentOS_7x_x64_build1511 @installation at minimum, below is my sharing and hope to help!
1) CentOS Linux Kernel version: 3.10.0-327.e17.x86_64 SMP
2) Kernel parameters which should be your requirement;
a. Default “kvm-intel.ept=1” (refer to Kernel Archive “https://www.kernel.org/”)
b.
Xlord
From: Laurentiu Soica [mailto:laurentiu@soica.ro] >; Discussion about the virtualization on CentOS >
Sent: Thursday, August 4, 2016 2:41 PM
To: -=X.L.O.R.D=-
Subject: Re: [CentOS-virt] CentOS 7 newer kernel needed
Hello Xlord,
The CPU does have VT support and I already have the nested KVM enabled.
Checking the Linux Kernel release notes I saw that the nested kvm feature was implemented in 3.10 but he EPT support is in 3.12.
So CentOS 7’s kernel which is 3.10 does have the EPT support? Is there a way to check that the EPT support is available in the kernel?
Thank you,
Laurentiu
Dear Laurentiu,
Please check below info since assume your CentOS7 box CPU processor already VT supported in advance.
1) Checkpoint #1: Hardware and Kernel modules
a. cat /proc/cpuinfo | grep vmx
b. cat /sys/module/kvm_intel/parameters/nested (if “N” then go to checkpoint #2)
2) Checkpoint #2: Assume your CentOS box support
a. echo ‘options kvm-intel nested=y’ >> /etc/modprobe.d/dist.conf b. modprobe kvm-intel
3) Checkpoint #3: Verification
a. Reboot yout CentOS box
b. cat /sys/module/kvm_intel/parameters/nested (if “Y” then you can carry one process the KVM installation.
PS: Source: https://lalatendu.org/2015/11/01/kvm-nested-virtualization-in-fedora-23/ which should be very similar with CentOS and CentOS 7 already capable with on with KVM Nested EPT with CPU pass-through options supported. Hope that helps & cheers!!
Xlord
From: CentOS-virt-bounces@CentOS.org [mailto:CentOS-virt-bounces@CentOS.org ] On Behalf Of Laurentiu Soica Sent: Thursday, August 4, 2016 3:07 AM
To: CentOS-virt@CentOS.org
Subject: [CentOS-virt] CentOS 7 newer kernel needed
Hello,
I am looking for a Linux kernel for CentOS 7 that implements a feature introduced in kernel version 3.12:
“nested EPT support to KVM’s nested VMX.”
If anyone has used this feature with CentOS 7, please let me know.
Laurentiu
——=_NextPart_001_0008_01D1EE73.B27B2680
Content-Type: text/html;
charset=”utf-8″
Content-Transfer-Encoding: quoted-printable
–089e0103e5603b773005393e1d50
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Hi Xlord,
Yes, the CPU has support for EPT.
I wrongly thought that the nested EPT was first introduced in 3.12. Following your instructions I see that I have it enabled on my system as well.
However, checking the kernel commits from 3.12 on search string ‘nested ept’ I found about 10 code changes/fixes for nested EPT.
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/?id=refs%2Ftags%2Fv3.12.62&qt=grep&q=Nested+ept
What options do I have to get this commits on a CentOS 7 kernel?
Thank you, Laurentii
–089e0103e5603b773005393e1d50
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Hi Xlord,
–089e0103e5603b773005393e1d50
–sVxWDmbPf59MBWhimBqsAThJ5IotJOUwJ
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
The Standard CentOS kernel is built from the source code and configuration files of the released RHEL kernel. The only way to get things into the main CentOS kernel is for it to be in the RHEL source code.
Red Hat does backport changes into the RHEL kernel, so if they support nested those changes or ones like it may be there. See Backporting:
https://access.redhat.com/security/updates/backporting
We do have a CentOSPlus kernel, maintained by a volunteer (hi toracat). She will take potential patches here if you have something that works:
https://bugs.CentOS.org/view.php?id=6828
Also, if you want to try a newer kernel, we do have 2 available. I
manage both of these kernels, they are both based on an LTS version of the kernel from kernel.org .. but neither gets nearly the attention (or smart people looking at them) as the RHEL based kernel. If you want to try either of them, they are in:
3.18.x LTS:
http://mirror.CentOS.org/CentOS/7/virt/x86_64/xen-46/
4.4.x LTS:
http://mirror.CentOS.org/altarch/7.2.1511/experimental/x86_64/Packages/
Those kernels both work, I am running both on production machines .. but I am not a kernel hacker, so I just build what the upstream LTS kernel maintainer releases. They may or may not do what you want.
The RHEL kernel team does a lot of work to make sure the RHEL kernel
Thanks, Johnny Hughes
–sVxWDmbPf59MBWhimBqsAThJ5IotJOUwJ
Dear Laurentiu, Agree with Johnny for kernel upgrade if upgrade helps, alternative if 3.10
or above already supported it, you can check from kernel parameter or options if they are disabled on purpose. You can do that via the “make menuconfig” via
“https://wiki.CentOS.org/HowTos/I_need_the_Kernel_Source” or
“https://wiki.CentOS.org/HowTos/BuildingKernelModules”. Hope that helps!
Xlord
—–Original Message—
Hello,
OK. Thank you both for answering. I have enough information now to decide next if a kernel upgrade is required in my case or not.
I think the decision will be based on whether the 2nd level of virtualization performs fast enough and without issues.
Have a great day, Laurentiu