C.2. Feature Restrictions
The hypervisor package included with Red Hat Enterprise Linux is qemu-kvm. This differs from the qemu-kvm-rhev package included with Red Hat Virtualization (RHV) and Red Hat OpenStack (RHOS) products. Many of the restrictions that apply to qemu-kvm do not apply to qemu-kvm-rhev.
For more information about the differences between the qemu-kvm and qemu-kvm-rhev packages, see What are the differences between qemu-kvm and qemu-kvm-rhev and all sub-packages?
The following restrictions apply to the KVM hypervisor included with Red Hat Enterprise Linux:
- Maximum vCPUs per guest
- Red Hat Enterprise Linux 7.2 and above supports 240 vCPUs per guest, up from 160 in Red Hat Enterprise Linux 7.0.
- Nested virtualization
- Nested virtualization is available as a Technology Preview in Red Hat Enterprise Linux 7.2 and later. This feature enables KVM to launch guests that can act as hypervisors and create their own guests.
- TCG support
- QEMU and libvirt include a dynamic translation mode using the QEMU Tiny Code Generator (TCG). This mode does not require hardware virtualization support. However, TCG is not supported by Red Hat.When the qemu-kvm package is used to create nested guests in a virtual machine, it uses TCG unless nested virtualization is enabled on the parent virtual machine. Note that nested virtualization is currently a Technology Preview. For more information, see Chapter 12, Nested Virtualization.A TCG-based guest can be recognized using the following:
- The domain XML file of the guests contains the
<domain type='qemu'>line, whereas a KVM guest contains
- In the Overview pane of the Virtual hardware details view, virt-manager displays the type of virtual machine as
QEMU TCG, instead of
- Constant TSC bit
- Systems without a Constant Time Stamp Counter (TSC) require additional configuration. See Chapter 8, KVM Guest Timing Management for details on determining whether you have a Constant Time Stamp Counter and configuration steps for fixing any related issues.
- Emulated SCSI adapters
- SCSI device emulation is only supported with the virtio-scsi paravirtualized host bus adapter (HBA). Emulated SCSI HBAs are not supported with KVM in Red Hat Enterprise Linux.
- Emulated IDE devices
- KVM is limited to a maximum of four virtualized (emulated) IDE devices per virtual machine.
- Paravirtualized devices
- Paravirtualized devices are also known as VirtIO devices. They are purely virtual devices designed to work optimally in a virtual machine.Red Hat Enterprise Linux 7 supports 32 PCI device slots per virtual machine bus, and 8 PCI functions per device slot. This gives a theoretical maximum of 256 PCI functions per bus when multi-function capabilities are enabled in the virtual machine, and PCI bridges are used. Each PCI bridge adds a new bus, potentially enabling another 256 device addresses. However, some buses do not make all 256 device addresses available for the user; for example, the root bus has several built-in devices occupying slots.See Chapter 16, Guest Virtual Machine Device Configuration for more information on devices and Section 16.1.5, “PCI Bridges” for more information on PCI bridges.
- Migration restrictions
- Device assignment refers to physical devices that have been exposed to a virtual machine, for the exclusive use of that virtual machine. Because device assignment uses hardware on the specific host where the virtual machine runs, migration and save/restore are not supported when device assignment is in use. If the guest operating system supports hot plugging, assigned devices can be removed prior to the migration or save/restore operation to enable this feature.Live migration is only possible between hosts with the same CPU type (that is, Intel to Intel or AMD to AMD only).For live migration, both hosts must have the same value set for the No eXecution (NX) bit, either
off.For migration to work,
cache=nonemust be specified for all block devices opened in write mode.
WarningFailing to include the
cache=noneoption can result in disk corruption.
- Storage restrictions
- There are risks associated with giving guest virtual machines write access to entire disks or block devices (such as
/dev/sdb). If a guest virtual machine has access to an entire block device, it can share any volume label or partition table with the host machine. If bugs exist in the host system's partition recognition code, this can create a security risk. Avoid this risk by configuring the host machine to ignore devices assigned to a guest virtual machine.
WarningFailing to adhere to storage restrictions can result in risks to security.
- Live snapshots
- The backup and restore API in KVM in Red Hat Enterprise Linux does not support live snapshots.
- Streaming, mirroring, and live-merge
- Streaming, mirroring, and live-merge are not supported. This prevents block-jobs.
- I/O throttling
- Red Hat Enterprise Linux does not support configuration of maximum input and output levels for operations on virtual disks.
- I/O threads
- Red Hat Enterprise Linux does not support creation of separate threads for input and output operations on disks with VirtIO interfaces.
- Memory hot plug and hot unplug
- Red Hat Enterprise Linux does not support hot plugging or hot unplugging memory from a virtual machine.
- Red Hat Enterprise Linux does not support implementation of a user space vhost interface.
- CPU hot unplug
- Red Hat Enterprise Linux does not support hot-unplugging CPUs from a virtual machine.
- NUMA guest locality for PCIe
- Red Hat Enterprise Linux does not support binding a virtual PCIe device to a specific NUMA node.
- Core dumping restrictions
- Because core dumping is currently implemented on top of migration, it is not supported when device assignment is in use.
- Realtime kernel
- KVM currently does not support the realtime kernel, and thus cannot be used on Red Hat Enterprise Linux for Real Time.