[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Nested Virtualization of Hyper-V on Xen Not Working
I encourage you to run the Windows Hardware Lab Kit 11/02/2018 or HLK or maybe try the VHLK. The VHLK is a free VHD file download of win2016 that has all the tests necessary built-in. So you could manually download the test kit on your existing Windows VM or attempt the VHD.
" Default login credentials are HLKAdminUser with password Testpassword,1"
Why run the hardware lab kit in a virtualized environment and directly on the underlying hardware? Because those tests are used to validate for the SVVP. Microsoft has something similar to their Hardware Compatibility List, aka HCL. SVVP is Microsoft's Server Virtualization Validation Program. SVVP validates that Windows Operating Systems and APPS run on top of other hypervisors and once validated will receive technical support. SVVP has been around for over a decade but has of course changed over the years. Recently, it has been making news because Win11 / Win2022 requires a TPM 2.0 chip, but XCP-NG XEN does not yet support that. If the hypervisor is SVVP certified, then running MS Hyper-V Windows on top of any validated hypervisor would be much more likely to work and possibly supported directly by MS and tsanet.org. Canonical and RedHat are in tsanet, but would like to see the Linux Foundation or Vates itself.
RATIONALE: Features in recent versions of Windows now REQUIRE Hyper-V
support to work. In particular, Windows Containers, Sandbox, Docker Desktop
and the Windows Subsystem for Linux version 2 (WSL2). Running Windows in a
VM as a development and test platform is currently a common requirement for
various user segments and will likely become necessary for production in the
future. Nested virtualization of Hyper-V currently works on VMware ESXi,
Microsoft Hyper-V and KVM-based hypervisors. This puts Xen and its
derivatives at a disadvantage when choosing a hypervisor.
WHAT IS NOT WORKING? Provided the requirements set forth in:
https://wiki.xenproject.org/wiki/Nested_Virtualization_in_Xen have been met,
an hvm guest running Windows 10 PRO Version 21H1 x64 shows that all four
requirements for running Hyper-V are available using the msinfo32.exe or
systeminfo.exe commands. More granular knowledge of the CPU capabilities
exposed to the guest can be observed using the Sysinternals Coreinfo64.exe
command. CPUID flags present appear to mirror those on other working nested
hypervisor configurations.
Enabling Windows Features for Hyper-V, Virtual Machine Platform, etc. all
appear to work without error. However, after the finishing reboot, Hyper-V
is simply not active. This--despite the fact that vmcompute.exe (Hyper-V
host compute service) is running and there are no errors in the logs. In
addition, all four Hyper-V prerequisites continue to show as available.
By contrast, after the finishing reboot of an analogous Windows VM running
on ESXi, the four prerequisites are reversed: hypervisor is now active;
vmx, ept and urg (unrestricted guest) are all off as viewed with the
Coreinfo64.exe -v command. Furthermore, all functions requiring Hyper-V are
now active and working as expected.
This deficiency has been observed in two test setups running Xen 4.15 from
source and XCP-ng 8.2, both running on Intel with all of the latest,
generally available patches. We presume that the same behavior is present
on Citrix Hypervisor 8.2 as well.
SUMMATION:
Clearly, much effort has already been expended to support the Viridian
enlightenments that optimize running Windows on Xen. It also looks like a
significant amount of effort has been put forth to advance nested
virtualization in general.
Therefore, if it would be helpful, I am willing to perform testing and
provide feedback and logs as appropriate in order to help get this working.
While my day job is managing a heterogeneous collection of systems running
on various hypervisors, I have learned the rudiments of integrating patches
and rebuilding Xen from source so could no doubt be useful in assisting you
with this worthwhile endeavor.
|