T-Shoot: KVM-ok; Your CPU does not support KVM extensions

     

    CPU flags / KVM extensions

    A typical error that is missed during the installation or is noticed during the installation is that virtualization support is not enabled or not supported by the host CPU. This is really important when we are talking about any .ova deployment. VIRL is a VM and also a host. What this means is that the VM you deployed on your workstation or ESXi server will in turn deploy virtual machines within it self. This is called nested virtualization. For this to function properly we need to be able to pass the CPU "flags" from the host to the VIRL virtual machine. In essence tricking the VM to thinking it has direct access to the CPU.

     

    Verify Nested Virtualization Support

    From you VIRL server's console or SSH session run the following commands:

    sudo kvm-ok

    INFO: /dev/kvm exists                                                                                                                                                                                                                                                                                                                                                 

    KVM acceleration can be used

    The above command shows the required value. If you system did not return the same values, continue to gather your CPU information.

     

    Capture CPU Model and Features

    These commands will give us an idea of what CPU you are using and if it will support nested virtualization. The CPU must return VTx and EPT (Intel) and AMD-v and RVI (AMD) extensions. If they fail to report the appropriate flags, check to make sure your CPU model supports nested virtualization.

    cat /proc/cpuinfo |grep 'model\|MHz\|proc'

    lscpu | egrep 'Arch|On-Line|Vend|Virt' && echo "" && egrep -w -o 'vmx|ept|svm|npt|ssse3' /proc/cpuinfo | sort | uniq

     

    Manufacturer's CPU specification sheets:

    intel
    AMD

     

    If your CPU model does support VTx and EPT or AMD-v and RVI features, ensure they are enabled in your system's BIOS. These features are commonly disabled by default. You may have to search through your BIOS screens or visit your computer manufacturer's support area for detailed instructions. Virtualization features may have a dedicated page in BIOS or in some systems you will find virtualization settings under Security BIOS page / section.

     

     

    CPU Model Supports Nested Virtualization

    In some cases the VT-x setting is not written to the configuration file of the VIRL VM. This can happen on VMWare Workstation or ESXi. In both cases the fix is the same.

     

    Manually Setting VT Support

    1. Cleanly shutdown your VIRL virtual machine
    2. Open Settings
    3. Select Processors
      • Set Virtualization Engine as shown:
        • On Windows:
          kvm-ok_WorkStation_VT.png
        • On Mac OS-X: (expand Advanced Options)
          kvm-ok_Fusion_VT.png

     

    Manually Setting VT Support (alternative)

    1. Cleanly shutdown your VIRL virtual machine
    2. Open the .vmx file with a text editor like Notepad++ or Text Wrangler
    3. Ensure this line is present and value set to TRUE
      • vhv.enable = "TRUE"

     

    VMWare KB articles for editing your .vmx file

    VMWare KB:2057902 - Editing vmx file Workstation and VMWare Player

    VMWare KB: 1714 - Tips for editing vmx file (ESXi)

     

    IMPORTANT

    Editing the .vmx while your virtual machine is running, will cause the file to be overwritten and setting reverted on virtual machine reboot or shutdown. When shutting down your virtual machine, it is recommended to shutdown cleanly (from the OS) to ensure no file locks are created on abrupt shutdown.

     

    This is getting old, still not working!

    Collect all of the output from the commands listed here, gather your logs and start a new thread, making sure to attach output and logs. For assistance with log collection, read

    How to: Collect Logs For VIRL Troubleshooting