[CentOS-virt] Nested KVM issue

Boris Derzhavets

bderzhavets at hotmail.com
Sun Aug 14 20:27:21 UTC 2016

Reports  posted look good for me.  Config should provide the best available performance

for cloud VM (L2) on Compute Node.

 1.  Please, remind me what goes  wrong  from your standpoint ?

 2. Which CPU is installed on Compute Node && how much RAM ?

     Actually , my concern is :-

    Number_of_ Cloud_VMs  versus Number_CPU_Cores ( not threads)

    Please, check `top`  report   in regards of swap area size.



1. <domain type='kvm' id='6'>
  <memory unit='KiB'>104857600</memory>
  <currentMemory unit='KiB'>104857600</currentMemory>
  <vcpu placement='static'>36</vcpu>
    <type arch='x86_64' machine='pc-i440fx-rhel7.0.0'>hvm</type>
    <boot dev='hd'/>
    <bootmenu enable='no'/>
  <cpu mode='host-passthrough'/>
  <clock offset='utc'/>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2' cache='unsafe'/>
      <source file='/var/lib/libvirt/images/baremetalbrbm_1.qcow2'/>
      <target dev='sda' bus='sata'/>
      <alias name='sata0-0-0'/>
      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
    <controller type='scsi' index='0' model='virtio-scsi'>
      <alias name='scsi0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    <controller type='usb' index='0'>
      <alias name='usb'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
    <controller type='pci' index='0' model='pci-root'>
      <alias name='pci.0'/>
    <controller type='sata' index='0'>
      <alias name='sata0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
    <interface type='bridge'>
      <mac address='00:f1:15:20:c5:46'/>
      <source network='brbm' bridge='brbm'/>
      <virtualport type='openvswitch'>
        <parameters interfaceid='654ad04f-fa0a-41dd-9d30-b84e702462fe'/>
      <target dev='vnet5'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    <interface type='bridge'>
      <mac address='52:54:00:d3:c9:24'/>
      <source bridge='br57'/>
      <target dev='vnet6'/>
      <model type='rtl8139'/>
      <alias name='net1'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
    <serial type='pty'>
      <source path='/dev/pts/3'/>
      <target port='0'/>
      <alias name='serial0'/>
    <console type='pty' tty='/dev/pts/3'>
      <source path='/dev/pts/3'/>
      <target type='serial' port='0'/>
      <alias name='serial0'/>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <graphics type='vnc' port='5903' autoport='yes' listen=''>
      <listen type='address' address=''/>
      <model type='cirrus' vram='16384' heads='1'/>
      <alias name='video0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    <memballoon model='virtio'>
      <alias name='balloon0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>

[root at overcloud-novacompute-0 ~]# lsmod | grep kvm
kvm_intel             162153  70
kvm                   525409  1 kvm_intel

[root at overcloud-novacompute-0 ~]# cat /etc/nova/nova.conf | grep virt_type|grep -v '^#'

[root at overcloud-novacompute-0 ~]#  cat /etc/nova/nova.conf | grep  cpu_mode|grep -v '^#'


More details on the subject:

I suppose it is a nested KVM issue because it raised after I enabled the nested KVM feature. Without it, anyway, the second level VMs are unusable in terms of performance.

I am using CentOS 7 with:

kernel: 3.10.0-327.22.2.el7.x86_64

on both the baremetal and the compute VM.

Please, post

1) # virsh dumpxml  VM-L1  ( where on L1 level you expect nested KVM to appear)
2) Login into VM-L1 and run :-
    # lsmod | grep kvm
3) I need outputs from VM-L1 ( in case it is Compute Node )

# cat /etc/nova/nova.conf | grep virt_type
# cat /etc/nova/nova.conf | grep  cpu_mode


The only workaround now is to shutdown the compute VM and start it back from baremetal with virsh start.
A simple restart of the compute node doesn't help. It looks like the qemu-kvm process corresponding to the compute VM is the problem.


I have an OpenStack setup in virtual environment on CentOS 7.

The baremetal has nested KVM enabled and 1 compute node as a VM.

Inside the compute node I have multiple VMs running.

After about every 3 days the VMs get inaccessible and the compute node reports high CPU usage. The qemu-kvm process for each VM inside the compute node reports full CPU usage.

Please help me with some hints to debug this issue.

