B.2. Using KVM Virtualization on IBM z Systems
- Ensure that your system meets the hypervisor requirements:
- Verify that the CPU virtualization extensions are available:
grep sie /proc/cpuinfoThe output of this command must include the
sieentry, which indicates that your processor has the required virtualization extension.
features : esan3 zarch stfle msa ldisp eimm dfp edat etf3eh highgprs te sie
- Load the KVM kernel module:
- Verify that the KVM kernel module is loaded:
lsmod | grep kvmIf KVM was loaded successfully, the output of this command includes
kvm. If it does not, make sure that you are using the kernel-alt version of the kernel for Red Hat Enterprise Linux 7.
- Install the qemu-kvm-ma package in addition to other virtualization packages described in Chapter 2, Installing the Virtualization Packages.
- When setting up guests, it is recommended to configure their CPU in one of the following ways to protect the guests from the "Spectre" vulnerability:
- Use the host CPU model, for example as follows:
<cpu mode='host-model' check='partial'> <model fallback='allow'/> </cpu>This makes the
bpbfeatures available to the guest if the host supports them.
- If using a specific host model, add the
bpbfeatures. The following example uses the
<cpu mode='custom' match='exact' check='partial'> <model fallback='allow'>zEC12</model> <feature policy='force' name='ppa15'/> <feature policy='force' name='bpb'/> </cpu>
- The <boot dev='device'/> XML configuration element is not supported on z Systems. To define device boot order, use the <boot order='number'/> in the <devices> section. For an example, see the upstream libvirt documentation.
NoteUsing <boot order='number'/> for boot order management is preferred also on AMD64 and Intel 64 hosts.
- SMBIOS configuration is not available.
- The watchdog device model used on IBM z Systems should be
- To enable nested virtualization, do the following. Note that like on AMD64 and Intel 64 systems, the nested virtualization feature is available as a Technology Preview on IBM z Systems, and therefore is not recommended for use in production environments.
- 1. Check whether nested virtualization is already enabled on your system:
cat /sys/module/kvm/parameters/nestedIf this command returns
1, the feature is already enabled.If the command returns
0, use the following steps to enable it.
- 2. Unload the
modprobe -r kvm
- 3. Activate the nesting feature:
modprobe kvm nested=1
- 4. The nesting feature is now enabled only until the next reboot of the host. To enable it permanently, add the following line to the
options kvm nested=1
kvm-clockservice is specific to AMD64 and Intel 64 systems, and does not have to be configured for time management on IBM z Systems.