Enable nested virtualization #7191
Replies: 64 comments 46 replies
-
This feature is enabled by default in Travis CI. So I wonder why not here? |
Beta Was this translation helpful? Give feedback.
-
It looks like this is likely because azure only supports nested virtualization on dv3 or above https://azure.microsoft.com/en-ca/blog/nested-virtualization-in-azure/ but azure runs on ds2 instances: https://help.github.com/en/actions/automating-your-workflow-with-github-actions/virtual-environments-for-github-hosted-runners#cloud-hosts-for-github-hosted-runners This seems to be older than dv3 from the catalogue: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-general#dsv2-series vs https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-general#dv3-series-1 I haven't checked the exact CPU features, but i wonder if Hyper-V powering azure needs to work with a specific CPU family / featureset? Has anyone tried just running KVM on azure? What happens? Is there even support for it in the stock azure / ubuntu kernel for bionic? |
Beta Was this translation helpful? Give feedback.
-
My use-case is I'd like to run an android emulator on Github Actions btw, like with https://github.com/google/android-emulator-container-scripts |
Beta Was this translation helpful? Give feedback.
-
When I run:
This indicates there isn't CPU support, at least not passed through to the guest. I installed kvm packages and was able to modprobe Unless Azure adds support for this, or github actions switches / offers other machine classes, I don't think nested virtualization can be done. |
Beta Was this translation helpful? Give feedback.
-
Travis supports not only nested virtualization but also https://github.com/felipecassiors/ubuntu1804-4dev/blob/master/.travis.yml The support for nested virtualization is out-of-the-box there, where I use to build a Vagrant box using VirtualBox. |
Beta Was this translation helpful? Give feedback.
-
https://github.com/actions/virtual-environments/blob/master/images/macos/macos-10.15-Readme.md
macOS instances seem to support nested virtualization? |
Beta Was this translation helpful? Give feedback.
-
+1, I would also really like to see this. I wonder what went wrong, if I manually spin up an equivalent Azure VM, it has |
Beta Was this translation helpful? Give feedback.
-
Seems like it is possible indeed: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/nested-virtualization |
Beta Was this translation helpful? Give feedback.
-
Yes azure supports it but not the instance type GitHub actions runs on |
Beta Was this translation helpful? Give feedback.
-
Works fine on Travis ^^ |
Beta Was this translation helpful? Give feedback.
-
+1 - Building vagrant boxes using packer is not currently possible with GitHub Actions, unless we self-host a runner. Same with Azure DevOps (which appears to use the same hosted images as GitHub Actions). So, if this got prioritized, you would maybe solve this on both platforms. |
Beta Was this translation helpful? Give feedback.
-
I suspect that with self-hosted runners on azure you could circumvent this issue, as jobs could be dispatched to a host that supports nested virtualization. The current worker that actions runs on in their free offering just doesn’t have a processor that supports this. I suspect that if this feature is ever offered, it will be when a compatible processor is bumped into this low-tier instance class. Until then, self-hosted runners could be feasible but only really for corporate users. |
Beta Was this translation helpful? Give feedback.
-
I wouldn't mind a self-hosted runner, but I need nested virtualization for a public project, and those aren't really usable with self-hosted runners: https://help.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories |
Beta Was this translation helpful? Give feedback.
-
Yes, exactly, that's also the reason we can't use them. |
Beta Was this translation helpful? Give feedback.
-
Would also love this to be able to use packer to build images. |
Beta Was this translation helpful? Give feedback.
-
Thank you for the clarification. |
Beta Was this translation helpful? Give feedback.
-
👋 @Gustl22 With regard to your prior comment:
I would be great if a separate issue is filed for GPU support on macOS. Having customer submitted issues for this feature helps with establishing the priority of upcoming investigations. You can tag me in it as well 😄 |
Beta Was this translation helpful? Give feedback.
-
Hm, this is suboptimal:
The better alternative is to widen the permission via udev, since it doesn't require a re-login nor such a hack. See my Stackoverflow answer for details. |
Beta Was this translation helpful? Give feedback.
-
Hey folks, hope you don't mind us chiming in here. actuated supports launching VMs within CI, so long as Linux + KVM are all you need. Launching Firecracker in a GitHub Action: https://twitter.com/welteki/status/1625487015650410496?s=20 Running a NixOS build in a GitHub Action https://twitter.com/welteki/status/1625419864029466624?s=20 Nested virtualisation extensions are required on the host, so this only works on x86_64 for now. |
Beta Was this translation helpful? Give feedback.
-
https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/ << announced as live and thank you @gsauthof for the recommendation on how to better approach the KVM group :) it works and is what I have in the change log (I hope it was ok to credit you there!) |
Beta Was this translation helpful? Give feedback.
-
That's so cool @nebuk89, congrats on shipping a much requested feature! |
Beta Was this translation helpful? Give feedback.
-
This is great news. Now we just want this for the regular runners as well so the rest of us mortals can use it as well 😄. |
Beta Was this translation helpful? Give feedback.
-
Hello All, Not sure what Im missing but using the example provided through this error
KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm" |
Beta Was this translation helpful? Give feedback.
-
Can I somehow use it with an own image? We have our own Android emulator image: https://github.com/bitfireAT/docker-android-ci/ Currently it runs on a self-hosted runner, but I'd love to run it on Large Runners instead. Unfortunately I don't know how to adapt the image so that it can use the kvm functionality. I have tried to install the kvm host in the Dockerimage and so on, but failed… would be great if there were instructions to use this feature with other images! |
Beta Was this translation helpful? Give feedback.
-
CPU still doesn't support hardware virtualization under Github hosted ubuntu runner. Check it out my test with
|
Beta Was this translation helpful? Give feedback.
-
Currently with free runners, My use case: testing bindfs on multiple Linux / BSD distros, since GH Actions only supports Ubuntu. Can't do this properly with Docker, because FUSE has a kernel component. |
Beta Was this translation helpful? Give feedback.
-
Since the runner update yesterday (https://github.blog/2024-01-17-github-hosted-runners-double-the-power-for-open-source/), I am seeing that This is amazing, since with https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/ now working on these runners it allowed me to replace all my usages of Can this new support be confirmed? |
Beta Was this translation helpful? Give feedback.
-
Another user here trying things on the free tier since the free-tier runner update this week. When I try to add the user to the
I run
Is there a way to get the user to show up as part of the |
Beta Was this translation helpful? Give feedback.
-
Is this confirmation then that nested virtualization works? Would love to get the bento project working on public runners. Need hyper-v vmware fusion, parallels, virtualbox, qemu(libvirt, kvm) to work so we can build vagrant boxes for all major providers. |
Beta Was this translation helpful? Give feedback.
-
This has now shipped :) All Linux runners are now on a SKU that supports nested virtualization |
Beta Was this translation helpful? Give feedback.
-
I don't know which is the hypervisor used to spin the VMs, but enabling nested virtualization would be a great enhancement. For example, this way we could build Vagrant boxes in GitHub Actions.
Beta Was this translation helpful? Give feedback.
All reactions