Libvirt KVM Issues – Resolving No KVM Capabilities Despite qemu-kvm Working

debiankvm-virtualizationlibvirt

I've learned that CirrusCI offers nested virtualization in their free package
for public repos and I am trying to make use of it for testing my Ansible
playbooks.

Unfortunately, libvirt is insisting that CI environment has no support for
full virtualization. All checks (known to me) testify of the opposite, and
qemu-kvm works fine when called directly. I'm almost certain the problem is
with my host OS configuration, and not with the CI engine. I've seen other
people use full virtualization on CirrusCI for their purposes (Android
emulation, redox testing).

I use Debian 10 for host system, slim image from DockerHub with the following
extra packages installed (–no-install-recommends):

bridge-utils  libguestfs-tools       python3-dev
coreutils     libosinfo-bin          python3-venv
cpu-checker   libssl-dev             qemu-kvm
curl          libvirt-clients        qemu-kvm
gcc           libvirt-daemon         qemu-utils
gpg           libvirt-daemon-system  systemd
gpg-agent     linux-image-amd64      vagrant
iproute2      make                   vagrant-libvirt
kmod          procps                 virt-goodies
libc-dev      python3                virtinst
libffi-dev

Base image,
CirrusCI configuration

What may I be missing? Why would libvirt tell that there is no KVM when
qemu-kvm works perfectly?

libvirt error

Error while creating domain: Error saving the server: Call to virDomainDefineXML failed: invalid argument: could not find capabilities for domaintype=kvm

virsh capabilities contains only <domain type='qemu'/> entries.

Demo of inconsistent behavior

Any tool based on libvirt fails to invoke KVM:

$ virt-install --import --virt-type kvm --name debian10-vm --memory 512 --disk path=/debian.qcow2,format=qcow2 --os-variant debian10 --noautoconsole || echo "Exit code: $?"
ERROR    Host does not support domain type kvm for virtualization type 'hvm' arch 'x86_64'
Exit code: 1

But qemu-kvm works when executed directly:

$ kvm -nographic /debian.qcow2
cSeaBIOS (version 1.12.0-1)
iPXE (http://ipxe.org) 00:03.0 C980 PCI2.10 PnP PMM+07F900F0+07ED00F0 C980
Press Ctrl-B to configure iPXE (PCI 00:03.0)...

Booting from Hard Disk...
GNU GRUB  version 2.02+dfsg1-20
...

Full CI logs

Diagnostics

lsmod shows that kvm and kvm_intel are loaded
cat /proc/cpuinfo – contains vmx flag
lscpu – Virtualization type: full
kvm-ok – OK
ls -l /dev/kvm – exists, owned by root:rdma
ls -l /var/run/libvirt – sockets exist, owned by root:root
whoami – root
groups $(whoami) – root
systemctl status – systemd is not started, libvirtd was launched via CI
rules
virt-host-validate – all checks pass, except IOMMU – should not be
important for my use case

Full listings are available in the CI log, section "kvm_before".

Best Answer

Most distro libvirt packages will be configured to run qemu as qemu:qemu user. See the UID+GID reported by virsh --connect qemu:///system capabilities | grep baselabel. If that's the case for your distro, then qemu doesn't have permissions to access /dev/kvm, so libvirt is not advertising kvm support. chmod 666 /dev/kvm should fix it. This is the default in Fedora FWIW

libvirt error

Demo of inconsistent behavior

Diagnostics

Best Answer

Related Solutions

Virtualization – Difference Between KVM and QEMU

Ubuntu – KVM-Guest does not boot: qemudParsePCIDeviceStrs

Related Topic