| # Check Virtualization Setup |
|
|
| You are helping the user check if the system is properly set up to run virtualized workloads and remediate any issues. |
|
|
| ## Your tasks: |
|
|
| 1. **Check if CPU supports virtualization:** |
|
|
| **Intel (VT-x):** |
| ```bash |
| grep -E "vmx" /proc/cpuinfo |
| ``` |
|
|
| **AMD (AMD-V):** |
| ```bash |
| grep -E "svm" /proc/cpuinfo |
| ``` |
|
|
| If no output, virtualization is not supported or not enabled in BIOS. |
|
|
| 2. **Check if virtualization is enabled in BIOS:** |
| ```bash |
| sudo apt install cpu-checker |
| sudo kvm-ok |
| ``` |
|
|
| If it says KVM can be used, virtualization is enabled. |
| If not, user needs to enable it in BIOS/UEFI. |
|
|
| 3. **Check current virtualization software:** |
|
|
| **KVM/QEMU:** |
| ```bash |
| which qemu-system-x86_64 |
| lsmod | grep kvm |
| ``` |
|
|
| **VirtualBox:** |
| ```bash |
| which virtualbox |
| VBoxManage --version |
| ``` |
|
|
| **VMware:** |
| ```bash |
| which vmware |
| systemctl status vmware |
| ``` |
|
|
| **Docker (containerization):** |
| ```bash |
| docker --version |
| systemctl status docker |
| ``` |
|
|
| 4. **Check KVM kernel modules:** |
| ```bash |
| lsmod | grep kvm |
| ``` |
|
|
| Should show: |
| - `kvm_intel` (for Intel) |
| - `kvm_amd` (for AMD) |
| - `kvm` (base module) |
|
|
| If not loaded, try: |
| ```bash |
| sudo modprobe kvm |
| sudo modprobe kvm_intel # or kvm_amd |
| ``` |
|
|
| 5. **Install KVM and related tools (if not installed):** |
| ```bash |
| sudo apt update |
| sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager |
| ``` |
|
|
| 6. **Check libvirt status:** |
| ```bash |
| sudo systemctl status libvirtd |
| ``` |
|
|
| If not running: |
| ```bash |
| sudo systemctl enable libvirtd |
| sudo systemctl start libvirtd |
| ``` |
|
|
| 7. **Add user to required groups:** |
| ```bash |
| sudo usermod -aG libvirt $USER |
| sudo usermod -aG kvm $USER |
| ``` |
|
|
| User needs to log out and back in for group changes to take effect. |
|
|
| 8. **Verify user permissions:** |
| ```bash |
| groups |
| ``` |
|
|
| Should include: `libvirt` and `kvm` |
|
|
| 9. **Check libvirt connectivity:** |
| ```bash |
| virsh list --all |
| ``` |
|
|
| If permission denied, user is not in libvirt group or not logged back in. |
|
|
| 10. **Check virtualization networking:** |
|
|
| **Default network:** |
| ```bash |
| virsh net-list --all |
| ``` |
| |
| If default network is not active: |
| ```bash |
| virsh net-start default |
| virsh net-autostart default |
| ``` |
| |
| **Bridge networking:** |
| ```bash |
| ip link show |
| brctl show # if bridge-utils installed |
| ``` |
| |
| 11. **Check nested virtualization (if needed):** |
|
|
| **For Intel:** |
| ```bash |
| cat /sys/module/kvm_intel/parameters/nested |
| ``` |
| |
| **For AMD:** |
| ```bash |
| cat /sys/module/kvm_amd/parameters/nested |
| ``` |
| |
| If shows `N` or `0`, nested virtualization is disabled. |
| |
| To enable: |
| ```bash |
| echo "options kvm_intel nested=1" | sudo tee /etc/modprobe.d/kvm-intel.conf |
| # or for AMD: |
| echo "options kvm_amd nested=1" | sudo tee /etc/modprobe.d/kvm-amd.conf |
| ``` |
| |
| Then reload: |
| ```bash |
| sudo modprobe -r kvm_intel |
| sudo modprobe kvm_intel |
| ``` |
| |
| 12. **Check IOMMU for PCIe passthrough (if needed):** |
| ```bash |
| dmesg | grep -i iommu |
| ``` |
| |
| If IOMMU is needed, add to kernel parameters in `/etc/default/grub`: |
| ``` |
| GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on" |
| # or for AMD: |
| GRUB_CMDLINE_LINUX_DEFAULT="quiet splash amd_iommu=on" |
| ``` |
| |
| Then update grub: |
| ```bash |
| sudo update-grub |
| sudo reboot |
| ``` |
| |
| 13. **Check available storage pools:** |
| ```bash |
| virsh pool-list --all |
| ``` |
| |
| Create default pool if needed: |
| ```bash |
| virsh pool-define-as default dir --target /var/lib/libvirt/images |
| virsh pool-start default |
| virsh pool-autostart default |
| ``` |
| |
| 14. **Check system resources for virtualization:** |
| ```bash |
| free -h |
| df -h /var/lib/libvirt/images |
| cat /proc/cpuinfo | grep "processor" | wc -l |
| ``` |
| |
| Recommendations: |
| - At least 4GB RAM for light VMs |
| - At least 20GB free disk space |
| - Multiple CPU cores recommended |
| |
| 15. **Test VM creation (small test):** |
| ```bash |
| virt-install --name test-vm \ |
| --ram 512 \ |
| --disk size=1 \ |
| --cdrom /path/to/iso \ |
| --graphics vnc \ |
| --check all=off \ |
| --dry-run |
| ``` |
| |
| 16. **Check for conflicting virtualization:** |
| VirtualBox and KVM can sometimes conflict. Check if both are installed: |
| ```bash |
| dpkg -l | grep -E "virtualbox|qemu-kvm" |
| ``` |
| |
| VirtualBox kernel modules can conflict with KVM: |
| ```bash |
| lsmod | grep vbox |
| ``` |
| |
| 17. **Check virtualization acceleration:** |
| ```bash |
| ls -l /dev/kvm |
| ``` |
| |
| Should be: |
| ``` |
| crw-rw---- 1 root kvm /dev/kvm |
| ``` |
| |
| 18. **Install virt-manager (GUI) if desired:** |
| ```bash |
| sudo apt install virt-manager |
| ``` |
| |
| Test launch: |
| ```bash |
| virt-manager |
| ``` |
| |
| 19. **Check for Secure Boot issues:** |
| Secure Boot can prevent some virtualization modules from loading: |
| ```bash |
| mokutil --sb-state |
| ``` |
| |
| If Secure Boot is enabled and causing issues, user may need to: |
| - Sign modules |
| - Disable Secure Boot in BIOS |
| - Use signed versions |
| |
| 20. **Performance tuning:** |
|
|
| **Enable hugepages for better performance:** |
| ```bash |
| sudo sysctl vm.nr_hugepages=1024 |
| echo "vm.nr_hugepages=1024" | sudo tee -a /etc/sysctl.conf |
| ``` |
| |
| **Check CPU governor:** |
| ```bash |
| cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor |
| ``` |
| |
| For virtualization, `performance` governor is recommended: |
| ```bash |
| sudo apt install cpufrequtils |
| sudo cpufreq-set -g performance |
| ``` |
| |
| 21. **Report findings:** |
| Summarize: |
| - CPU virtualization support status |
| - BIOS/UEFI virtualization enabled status |
| - KVM modules loaded status |
| - libvirt status |
| - User group membership |
| - Network configuration |
| - Nested virtualization status |
| - Storage pools status |
| - Available resources |
| - Any conflicts or issues |
| - Recommendations |
| |
| 22. **Provide recommendations:** |
| - Enable VT-x/AMD-V in BIOS if not enabled |
| - Install KVM/QEMU if not present |
| - Add user to libvirt and kvm groups |
| - Set up default network |
| - Enable nested virtualization if needed |
| - Configure IOMMU for PCIe passthrough if needed |
| - Install virt-manager for GUI management |
| - Allocate sufficient resources |
| - Resolve any conflicts (VirtualBox vs KVM) |
| - Performance tuning suggestions |
|
|
| 23. **Basic virtualization commands to share:** |
| - `virsh list --all` - List all VMs |
| - `virsh start <vm>` - Start a VM |
| - `virsh shutdown <vm>` - Shutdown a VM |
| - `virsh destroy <vm>` - Force stop a VM |
| - `virsh console <vm>` - Connect to VM console |
| - `virsh net-list` - List networks |
| - `virsh pool-list` - List storage pools |
| - `virt-manager` - Launch GUI |
| - `virt-install` - Create new VM from command line |
|
|
| ## Important notes: |
| - Virtualization must be enabled in BIOS/UEFI |
| - User must be in kvm and libvirt groups |
| - Log out and back in after adding to groups |
| - VirtualBox and KVM can conflict |
| - Nested virtualization is disabled by default |
| - IOMMU required for PCIe passthrough |
| - Secure Boot may prevent module loading |
| - Sufficient RAM and disk space needed |
| - Performance governor recommended for VMs |
| - Check if system is itself a VM before enabling nested virtualization |
|
|
