After the two QEMU full virtualization howtos
- Howto do QEMU full virtualization with MacVTap networking
- Howto do QEMU full virtualization with bridged networking
You can use QEMU with a nearly native full virtualization. Here are some important tips for the guest CPU to consider when using QEMU directly (without any virtualization manager like virt-manager, libvirt and so on).
TIP 1)Choose your host CPU emulation
You can see what options are available for host emulation with:
srv@local ~$ qemu-system-x86_64 -cpu help x86 qemu64 QEMU Virtual CPU version 2.0.0 x86 phenom AMD Phenom(tm) 9550 Quad-Core Processor x86 core2duo Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz x86 kvm64 Common KVM processor x86 qemu32 QEMU Virtual CPU version 2.0.0 x86 kvm32 Common 32-bit KVM processor x86 coreduo Genuine Intel(R) CPU T2600 @ 2.16GHz x86 486 x86 pentium x86 pentium2 x86 pentium3 x86 athlon QEMU Virtual CPU version 2.0.0 x86 n270 Intel(R) Atom(TM) CPU N270 @ 1.60GHz x86 Conroe Intel Celeron_4x0 (Conroe/Merom Class Core 2) x86 Penryn Intel Core 2 Duo P9xxx (Penryn Class Core 2) x86 Nehalem Intel Core i7 9xx (Nehalem Class Core i7) x86 Westmere Westmere E56xx/L56xx/X56xx (Nehalem-C) x86 SandyBridge Intel Xeon E312xx (Sandy Bridge) x86 Haswell Intel Core Processor (Haswell) x86 Opteron_G1 AMD Opteron 240 (Gen 1 Class Opteron) x86 Opteron_G2 AMD Opteron 22xx (Gen 2 Class Opteron) x86 Opteron_G3 AMD Opteron 23xx (Gen 3 Class Opteron) x86 Opteron_G4 AMD Opteron 62xx class CPU x86 Opteron_G5 AMD Opteron 63xx class CPU x86 host KVM processor with all supported host features (only available in KVM mode) Recognized CPUID flags: pbe ia64 tm ht ss sse2 sse fxsr mmx acpi ds clflush pn pse36 pat cmov mca pge mtrr sep apic cx8 mce pae msr tsc pse de vme fpu hypervisor rdrand f16c avx osxsave xsave aes tsc-deadline popcnt movbe x2apic sse4.2|sse4_2 sse4.1|sse4_1 dca pcid pdcm xtpr cx16 fma cid ssse3 tm2 est smx vmx ds_cpl monitor dtes64 pclmulqdq|pclmuldq pni|sse3 smap adx rdseed rtm invpcid erms bmi2 smep avx2 hle bmi1 fsgsbase 3dnow 3dnowext lm|i64 rdtscp pdpe1gb fxsr_opt|ffxsr mmxext nx|xd syscall perfctr_nb perfctr_core topoext tbm nodeid_msr tce fma4 lwp wdt skinit xop ibs osvw 3dnowprefetch misalignsse sse4a abm cr8legacy extapic svm cmp_legacy lahf_lm pmm-en pmm phe-en phe ace2-en ace2 xcrypt-en xcrypt xstore-en xstore kvm_pv_unhalt kvm_pv_eoi kvm_steal_time kvm_asyncpf kvmclock kvm_mmu kvm_nopiodelay kvmclock pfthreshold pause_filter decodeassists flushbyasid vmcb_clean tsc_scale nrip_save svm_lock lbrv npt
The host server will expose different instruction set to the guest server (the emulated CPU), so when you choose your host to emulate for example “qemu64” with:
qemu-system-x86_64 -enable-kvm \ -cpu qemu64,+ssse3,+sse4.1,+sse4.2,+x2apic -smp 2,maxcpus=8 \ -daemonize -vnc 192.168.0.10:1 \ -drive file=/mnt/storage/qemu/roofs/srv_virt.qcow2,index=0,cache=none,aio=threads,if=virtio \ -cdrom /mnt/storage/images/install-amd64-minimal-20140327.iso -boot d \ -net nic,model=virtio,macaddr=$(< /sys/class/net/macvtap0/address) \ -net tap,fd=3 3<>/dev/tap$(< /sys/class/net/macvtap0/ifindex) \ -balloon virtio -m 8192 \ -monitor telnet:127.0.0.1:5801,server,nowait -writeconfig /opt/qemu/config/srv_virt.qcow2.conf
The guest server (the virtual machine) will have the following CPU and instruction set:
vendor_id : GenuineIntel cpu family : 6 model : 6 model name : QEMU Virtual CPU version 2.0.0 stepping : 3 microcode : 0x1 cpu MHz : 2133.408 cache size : 4096 KB fpu : yes fpu_exception : yes cpuid level : 4 wp : yes flags : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush mmx fxsr sse sse2 syscall nx lm rep_good nopl pni ssse3 cx16 sse4_1 x2apic popcnt hypervisor lahf_lm bogomips : 4266.81 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 6 model name : QEMU Virtual CPU version 2.0.0 stepping : 3 microcode : 0x1 cpu MHz : 2133.408 cache size : 4096 KB fpu : yes fpu_exception : yes cpuid level : 4 wp : yes flags : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush mmx fxsr sse sse2 syscall nx lm rep_good nopl pni ssse3 cx16 sse4_1 x2apic popcnt hypervisor lahf_lm bogomips : 4266.81 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management:
A base set of instructions (flags) with the explicitly included by our command with
+ssse3,+sse4.1,+sse4.2,+x2apic
. The format:
-cpu qemu64,+ssse3,+sse4.1,+sse4.2,+x2apic
IF you choose the last option:
-cpu host
the host server will try to emulate and expose to the virtual machine its processor and all flags:
qemu-system-x86_64 -enable-kvm \ -cpu host -smp 2,maxcpus=8 \ -daemonize -vnc 192.168.0.10:1 \ -drive file=/mnt/storage/qemu/roofs/srv_virt.qcow2,index=0,cache=none,aio=threads,if=virtio \ -cdrom /mnt/storage/images/install-amd64-minimal-20140327.iso -boot d \ -net nic,model=virtio,macaddr=$(< /sys/class/net/macvtap0/address) \ -net tap,fd=3 3<>/dev/tap$(< /sys/class/net/macvtap0/ifindex) \ -balloon virtio -m 8192 \ -monitor telnet:127.0.0.1:5801,server,nowait -writeconfig /opt/qemu/config/srv_virt.qcow2.conf
The virtual machine:
[root@vm0 ~]# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 44 model name : Intel(R) Xeon(R) CPU E5606 @ 2.13GHz stepping : 2 microcode : 0x1 cpu MHz : 2133.408 cache size : 8192 KB fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon rep_good nopl pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes hypervisor lahf_lm tsc_adjust bogomips : 4266.81 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management:
The host server:
[root@srv0 ~]# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 44 model name : Intel(R) Xeon(R) CPU E5606 @ 2.13GHz stepping : 2 microcode : 0x14 cpu MHz : 1200.000 cache size : 8192 KB physical id : 0 siblings : 4 core id : 0 cpu cores : 4 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid dca sse4_1 sse4_2 popcnt aes lahf_lm tpr_shadow vnmi flexpriority ept vpid dtherm arat bogomips : 4266.41 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management:
TIP 2) Disable certain CPU flags (instruction sets)
As you can see with the above CPU options you can hide your exact type of processor and you could disable specific CPU flags (instruction sets) to the user’s virtual machine. The purpose is up to the user and one reason for example could be not offer “avx” (or “avx2”) to discourage crypto mining with the virtual machine. Or limit the SSE2/3/4/4.2/SSSE3 and other “multimedia” instruction sets to discourage video encoding and so on. Probably you would like to be used It’s up to you what to offer to the virtual machine user.
Here is the command to emulate the host CPU with all supported flags but disable “sse4.1” and “sse4.2”:
The syntax:
-cpu host,-sse4.1,-sse4.2
And the qemu command is:
qemu-system-x86_64 -enable-kvm \ -cpu host,-sse4.1,-sse4.2 \ -smp 2,maxcpus=8 \ -daemonize -vnc 192.168.0.10:1 \ -drive file=/mnt/storage/qemu/roofs/srv_virt.qcow2,index=0,cache=none,aio=threads,if=virtio \ -cdrom /mnt/storage/images/install-amd64-minimal-20140327.iso -boot d \ -net nic,model=virtio,macaddr=$(< /sys/class/net/macvtap0/address) \ -net tap,fd=3 3<>/dev/tap$(< /sys/class/net/macvtap0/ifindex) \ -balloon virtio -m 8192 \ -monitor telnet:127.0.0.1:5801,server,nowait -writeconfig /opt/qemu/config/srv_virt.qcow2.conf
So the virtual machine lacks the disabled flags:
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon rep_good nopl pni pclmulqdq ssse3 cx16 pcid x2apic popcnt tsc_deadline_timer aes hypervisor lahf_lm tsc_adjust
TIP 3) Number of virtual processors in the virtual machine
The syntax
-smp 2,maxcpus=8
of the qemu command:
qemu-system-x86_64 -enable-kvm -cpu host \ -smp 2,maxcpus=8 \ -daemonize -vnc 192.168.0.10:1 \ -drive file=/mnt/storage/qemu/roofs/srv_virt.qcow2,index=0,cache=none,aio=threads,if=virtio \ -cdrom /mnt/storage/images/install-amd64-minimal-20140327.iso -boot d \ -net nic,model=virtio,macaddr=$(< /sys/class/net/macvtap0/address) \ -net tap,fd=3 3<>/dev/tap$(< /sys/class/net/macvtap0/ifindex) \ -balloon virtio -m 8192 \ -monitor telnet:127.0.0.1:5801,server,nowait -writeconfig /opt/qemu/config/srv_virt.qcow2.conf
will start up the virtual machine with 2 processors and you can hot add a cpu up to 8 total in any time you want with the management console listening on 127.0.0.1:5801.