On 03/15/2011 08:17 PM, David McGuffey wrote: > > On Tue, 2011-03-15 at 21:21 +0100, Athmane Madjoudj wrote: >> On 03/15/2011 12:54 PM, David McGuffey wrote: >>> Finished installing CentOS 5.5 x86_64 on a new Dell tower workstation >>> that has a quad core Intel processor and 8 GB of ram. BIOS has hardware >>> virtualization support enabled. /proc/cpuinfo shows that all four cores >>> have the vmx flag present. >>> >>> I applied a lot of the National Security Agency guide for securing Red >>> Hat Linux 5, testing the key applications I need as I went. At the end >>> of the process I bring up VMM and it claims that the hardware doesn't >>> support full virtualization. > >> Can you see if kvm modules are loaded: >> >> lsmod | grep kvm >> >> Example in my laptop (Intel C2D): >> >> $ lsmod | grep kvm >> kvm_intel 41950 0 >> kvm 257356 1 kvm_intel >> >> HTH > > I'll check tomorrow when I'm at the machine. Did you verify that this was working before applying those settings in the NSA guide? What does/is VMM "claiming" ... are you seeing only fully virtualized and not paravirtualized as a selection or what is the problem that you are encountering? I am not an expert on KVM, but when I install a KVM VM in Virtual Machine Manager, I have to select "Fully Virtualized" initally, then if I want to install the virtio (paravirtualized) drivers, I need to do it like this: http://www.cyberciti.biz/faq/centos-rhel-linux-kvm-virtulization-tutorial/ http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/chap-Virtualization-KVM_restrictions_and_support.html I am fairly sure that only if you are running Xen will you actually see a "Paravirtualized" selection in Virtual Machine Manager ... however I would suggest that you use KVM and not Xen as KVM is where RHEL Virtualization is moving towards and Xen is being moved away from. The BIOS of many machines can "disable" virtual machine extensions (also called other things ... usually with Virtual, Virtual Technologies, or VT in the name). According to KVM (link below), sometimes certain settings do need to be turned off while others need to be on, so there may be a specific set of on and off that make it work on this type of machine. So, it is possible for vmx to show up in the cpu flags but for it to be disabled. Specifically, some Dell machines need "Trusted Computer" or "Trusted Execution" enabled as well. http://www.linux-kvm.org/page/FAQ#.22KVM:_disabled_by_BIOS.22_error Verifying the latest version of the BIOS is installed can be very important for memory sizes greater than 4 GB of RAM and proper APIC operation on Linux as well. If you need to flash the BIOS on a Dell machine that has Linux installed, I use a "Free DOS" iso to boot from and put the Dell BIOS on my USB key, which is normally detected as C: or D: on my machines when booting the "Free Dos" ISO. I use fdfullcd.iso from here (use the LiveCD and do NOT install Free DOS on your main drive :D): http://www.freedos.org/freedos/files/ Some machines (if Linux is supported on them) have the ability to flash the BIOS via Linux, but I normally do it via FreeDOS anyway. Here is the Dell Linux site with repositories if applicable: http://linux.dell.com/ There is a link on the right hand side named "Dell Community Repository" that goes here: http://linux.dell.com/repo/community/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 253 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20110316/109cea5c/attachment-0005.sig>