Problem with PALOALTO VM in nested virtualization

Moderator: mike

Post Reply
M4TRIX
Posts: 3
Joined: Sun Apr 04, 2021 12:40 am

Problem with PALOALTO VM in nested virtualization

Post by M4TRIX » Thu Jun 09, 2022 11:18 pm

Hello everyone,

To tell you that I am having problems with the PALOALTO VM when it is used in nested virtualization, I did a test in a laboratory from scratch, in the virtualization hierarchy it would be in the following order.

EVE-NG 5.0.1-12 (Baremetal) > ESXI > PALOALTO-VM

The problem is that the machine does not start, I simply give it "Turn on" in ESXI and it does not turn on, I have tried to try with ESXI version 6.5, 6.7 and 7.0 without any result, in the same way I changed the PAN VM between versions 9.1, 10.0, 10.1, 10.2 without any result.

Verify that this enables nested virtualization in EVE-NG, with the following,

root@eve-ng:/sys/module/kvm_amd/parameters# cat /sys/module/kvm_amd/parameters/nested
1
root@eve-ng:/sys/module/kvm_amd/parameters# cat /sys/module/kvm_amd/parameters/npt
Y
root@eve-ng:/sys/module/kvm_amd/parameters# cat /sys/module/kvm/parameters/ignore_msrs

Verify that the nesting option is active on ESXI with no results by entering the following into the ESXI CLI.

echo 'vmx.allowNested = "true"' >> /etc/vmware/config

It is possible that there is something else that I need to configure due to this new version, but I am sure I have followed the installation according to the Cookbok 5.1 (Community) as well as the Howto's on the web, but this was configured in the version 2.0.3-112 and never had this type of problem.

Let me tell you that I never had this problem when I worked on the version of EVE-NG 2.0.3-112 (Community Version), I recently decided to reinstall this new version and started testing these images to see how it worked and I have come across this surprise .

My hardware configuration is very similar to "gpapison":

CPU Ryzen 9 5950X
MB Asus Crosshair VIII Dark Hero
128GB RAM

If you think it is necessary to report this in another part of the forum, please tell me, another question I have is if this will also happen in the PRO version?

Post Reply