Hi Peter,
I have not much experience with nested virtualization in particular. But
although I am quite sure that it will not fail without host-passthrough,
I cannot imagine it to be sufficiently efficient without making use of
host-passthrough in production (and also not effective in many use
cases). So concerning enabling the host-passthrough, I assume that makes
sense.
The Red Hat Docs you refer to differ to the Quick Docs page: see 1. II.
of the procedures of both Intel and AMD at the RHEL link (as you
indicated, it seems that RHEL 9 has not yet anything online about the
topic, at least not on the publicly available pages).
The RHEL8 Docs page makes use only of "host-passthrough", whereas the
Quick Docs article seems to assume that "host-passthrough" and
"host-model" are equal and thus, the user can use any of the two without
a difference. At least as I was working with that the last time (maybe
something has changed? * ), these were two different things (host
passthrough <-> host model), and for performance reasons, I suggest to
stick with "host-passthrough" and not "host-model" in the nested use
case, except there is clear indication towards the other (see the
openstack link below for an example). At least, the quick docs article
should make clear the difference if it also notes "host-model". Or
alternatively, duplicate the RHEL8 Docs page approach and refer only to
"host-passthrough", which makes most sense for that use case imho.
Additionally, I disagree a bit with the "Note" box in
https://docs.fedoraproject.org/en-US/quick-docs/using-nested-virtualization-in-kvm/#proc_configuring-nested-virtualization-in-virt-manager
" Using host-passthrough is not recommended for general usage. It should
only be used for nested virtualization purposes. "
I am not sure if nested virtualization is the only reason to enable
host-passthrough. So at least the second sentence ("It should only be
used for nested virtualization purposes") should be removed imho. I
think implicit assumptions should be avoided at all.
Concerning the difference of host-passthrough and host-model, the
following link contains some information about the two that corresponds
to what I know: https://wiki.openstack.org/wiki/LibvirtXMLCPUModel (just
search on that page for "host-passthrough" and "host-model"). If you
search on the Internet for further information, be aware that the terms
"host-passthrough" and "pci-passthrough" are not synonymous (you will
maybe get many pages about both when querying a search machine about one
of them).
To avoid misunderstandings: I have not reviewed/tested the remaining
article. Maybe someone else has the capabilities for that.
* I cannot exclude that there have been some developments in this area
since I was using that the last time, but given the age of the Quick
Docs article, I expect the "host-passthrough = host-model" assumption
was wrong at the time of writing (being no indication for what is
currently correct), and therefore, unless someone knows it better, I
guess it makes sense to assume that there is still a difference between
the two...
Hope that helps a bit.
Regards & stay safe,
Chris
On 27/12/2022 12:59, Peter Boy wrote:
In order to use nested virtualization, Fedora Quick Docs[1] advises to activate that feature in the host kernel using modprobe and editing the file /etc/modprobe.d/kvm.conf. The comment in this file provides the same information. Additionally, you are to configure the processor of the VM hosting a nested VM as passthrough. The RHEL 8 documentation [2] provides the same information as various articles on other Web pages. In RHEL 9 documentation I couldn’t find anything about this. Additionally, you are to configure the processor of the VM hosting a nested VM as passthrough.
According to my findings these informations seem to be obsolete or in need of supplementation. At least everything works fine without any additional configuration at all (at least if the host processor as well as the processor configured in the VM support virtualization).
The Fedora docs team is in the process to check and update Fedora documentation.
It would be really helpful if someone with more technical knowledge about that matter than me would provide me with more detailed information und maybe links to current information. Even better if someone familiar with the matter would be willing to review an updated article.
--
Peter Boy
https://fedoraproject.org/wiki/User:Pboy
pboy@xxxxxxxxxxxxxxxxx
Timezone: CET (UTC+1) / CEST (UTC+2)
Fedora Server Edition Working Group member
Fedora docs team contributor and board member
Java developer and enthusiast
[1] https://docs.fedoraproject.org/en-US/quick-docs/using-nested-virtualization-in-kvm/
[2] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_virtualization/creating-nested-virtual-machines_configuring-and-managing-virtualization
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
