UEFI Setting on VM for nested virtualization?
-
Hi,
I'm running a Win2k19 Server as a VM with UEFI.
I have activated nested virtualization.But Docker or Hyper-V won't run. Error message is that a Hyper-V component is not running.
So I was thinking I might have to enable some virtualiztion option in "BIOS", but I'm running UEFI on this VM.
Is this possible or how should I make this work?
Thanks.
-
I've successfully run nested UEFI XCP-ng in a VM in XCP-ng, but nested virt is not a guaranteed-stable feature for every use, so it may need improvements for running Hyper-V or Docker in Windows.
However the cause may be elsewhere and I'm not knowledgeable enough about Windows and Hyper-V or Docker on Windows to be really helpful.
-
Ok... But do I need to get into some settings in UEFI? Like in BIOS, where you can press, DEL or F1 or something to go into settings and enable virtualization function?
-
I don't have the answer, but maybe someone else does...
-
@noiden Hello, there is an obscure setting in new versions of Windows 10/Server 2019 under Security, Exploit Protections, Programs, vmcompute.exe, Control Flow Guard (CFG), toggle switch off to allow Hyper-V and Docker Containers to run. Have a look at that.
-
@xcp-ng-justgreat Hello, I tried that, but got the same error.
I think on VMware you had to enable it in the BIOS settings,
Don't I have to do that on this VM in XCP-ng also? But I can't find any way to get into the BIOS settings, is it because I have UEFI? Or should I not push "DEL" to get into the settings on boot?
Thanks.
-
There's no emulated BIOS with options in XCP-ng. If it's enabled on the VM (nested), it should work.
If it doesn't, it might be a problem on the guest OS and the nested mechanism.
-
@olivierlambert Ok, and nested should work with UEFI? Or should I change to BIOS?
-
In theory, it's unrelated.
-
@noiden @olivierlambert There are settings in the Tiano UEFI firmware. Can't remember if there is one to turn on guest virtualization. I believe the hotkey to enter is F2. On Windows, if you click the power, restart option while holding down the SHIFT key, it should provide you with advanced startup options one of which is to access UEFI firmware settings.
-
@xcp-ng-justgreat I got in there, but there was no settings about that. I should troubleshoot some more, with Hyper-V itself.
-
@noiden Assuming the setting preventing processor virtualization is not in UEFI firmware, then keep looking at those obscure new exploit protection settings. I know that disabling CFG solved the problem for us on a physical server where we needed to run Docker containers. I have personally used nested virtualization of a UEFI-booted XCP-ng guest, running on XCP-ng (very cool, it works!) and did not have any problems. Since Docker won't run without the Hyper-V virtualization engine running, I still believe the answer for you lies there.
