As virtualization technologies become mature, with the support of super-fast, extremely robust server hardware, everything seems can be virtualized. In a modern datacenter, you’ll see the entire IT infrastructure being virtualized, including servers, workstations, network devices, storage, PBX and so on. Have you heard of “nested virtualization”? It simply means that you are running virtual machines inside virtual machines by utilizing technologies like OpenStack. Make sure you enable Intel-VT and AMD-V Support Hardware Accelerated KVM Virtualization Extensions to gain full advantage of the virtualization technologies. Here is why-

One of the challenges that virtualization faced was that when running a guest OS under virtual environment, the guest OS does not have direct access to the server hardware such as CPU and RAM without going through the hosting system like VMWare ESXi. Until the Intel VT and AMD-V virtualization technology were developed, modifications must be done to the guest OS to emulate its access to CPU. This had significant performance impact to the guest virtual servers.

Hardware accelerated virtualization solved this problem by proving certain instructions or extensions so that the guest OS appears to have direct access to the server hardware. Intel VT and AMD’s AMD-V are instruction set extensions that provide hardware assistance to virtual machine monitors. They enable running fully isolated virtual machines at native hardware speeds, with minimum overhead.

Enable Intel-VT and AMD-V Support Hardware Accelerated KVM Virtualization Extensions

enableIntelVTXAMDvirtualization

Hardware Requirements

CPU support

Does my CPU support Virtualization Technology? To verify, you can reference the following websites.

Intel: http://www.intel.com/support/processors/sb/cs-030729.htm

AMD: http://products.amd.com/

A processor with Intel-VT does not guarantee that virtualization works on your system. It requires a computer system with a chipset, BIOS, enabling software and/or operating system, device drivers, and applications designed for this feature.

If the BIOS includes a setting to enable or disable support for Intel VT, make sure it is enabled. For Intel® Desktop Boards, enter the BIOS by pressing the F2 key as the system starts.

BIOS support

Once you confirmed that you have a CPU supports virtualization technology, next to check if your motherboard supports it and it is enabled in BIOS settings. Usually most recent motherboards have virtualization support but cross check this information by reading the motherboard manual.

I’ve attached a few screenshots taken from different servers and PCs for your reference. The setting is typically located in System Services – Processor Settings.

VIRL Installation on Bare-metal Standalone Server (1) VIRL Installation on Bare-metal Standalone Server (2) VIRL Installation on Bare-metal Standalone Server (3)

enable-vt-x-in-bios1 enable-vt-x-in-bios2

Verification

On a Linux based systems, /proc/cpuinfo will tell you if the processor supports virtualization and if it is enabled.

cat /proc/cpuinfo | grep “vmx \| svm”

We are essentially looking for “vmx” and “svm” flags. Here is what all the flags mean.

  • vmx — Intel VT-x, basic virtualization
  • svm — AMD SVM, basic virtualization
  • ept — Extended Page Tables, an Intel feature to make emulation of guest page tables faster.
  • vpid — VPID, an Intel feature to make expensive TLB flushes unnecessary when context switching between guests.
  • npt — AMD Nested Page Tables, similar to EPT.
  • tpr_shadow and flexpriority — Intel feature that reduces calls into the hypervisor when accessing the Task Priority Register, which helps when running certain types of SMP guests.
  • vnmi — Intel Virtual NMI feature which helps with certain sorts of interrupt events in guests.

Verify AMD-V CPU virtualization extensions on a Linux

# grep --color svm /proc/cpuinfo

Verify Intel or AMD 64 bit CPU

grep -w -o lm /proc/cpuinfo | uniq

On a Ubuntu server the following commands can be used to verify VT-X is enabled.

lscpu | egrep 'Arch|On-Line|Vend|Virt'
egrep -wo 'vmx|ept|svm|npt|ssse3' /proc/cpuinfo | sort | uniq

Cisco-Virl-installation11

Confirm KVM acceleration can be used by running this verification command.

$sudo kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used

If kvm-ok command isn’t there, you need to install the KVM module. There are two different brands of virtualization (from Intel and AMD) which are incompatible. Therefore KVM has separate device drivers for each.

To load KVM on an Intel processor:

modprobe kvm_intel

To load KVM on an AMD processor:

modprobe kvm_amd

To verify the module is loaded, use “dmesg” and “lsmod” as root.

In this session we covered how to enable and verify Intel-VT and AMD-V Support Hardware Accelerated KVM Virtualization Extensions. Intel VT (Virtualization Technology) is the company’s hardware assistance for processors running virtualization platforms. Intel VT includes a series of extensions for hardware virtualization. The Intel VT-x extensions are probably the best recognized extensions, adding migration, priority and memory handling capabilities to a wide range of Intel processors.