https://docs.opennebula.io/7.2/product/operation_references/hypervisor_configuration/Recent content in Hypervisor Configuration onHugoenMon, 17 Feb 2025 00:00:00 +0000https://docs.opennebula.io/7.2/product/operation_references/hypervisor_configuration/kvm_driver/Mon, 17 Feb 2025 00:00:00 +0000https://docs.opennebula.io/7.2/product/operation_references/hypervisor_configuration/kvm_driver/<p><a id="kvmg"></a></p> <!--# KVM Driver --> <h2 id="requirements">Requirements</h2> <p>To support virtualization, the Hosts will need a CPU with Intel VT or AMD’s AMD-V features. KVM&rsquo;s <a href="http://www.linux-kvm.org/page/FAQ#Preparing_to_use_KVM">Preparing to use KVM</a> guide will clarify any doubts you may have regarding whether your hardware supports KVM.</p> <p>KVM will be installed and configured after following the <a href="https://docs.opennebula.io/7.2/software/installation_process/manual_installation/kvm_node_installation/#kvm-node">KVM Host Installation</a> section.</p> <h2 id="considerations--limitations">Considerations &amp; Limitations</h2> <p>Try to use <a href="https://docs.opennebula.io/7.2/product/operation_references/hypervisor_configuration/kvm_driver/#kvmg-virtio">virtio</a> whenever possible for both networks and disks. Using emulated hardware for networks and disks, will have an impact on performance and will not expose all the available functionality. For instance, if you don’t use <code>virtio</code> for the disk drivers, you will not be able to exceed a small number of devices connected to the controller, meaning that you have a limit when attaching disks and it will not work while the VM is running (live disk-attach).</p>https://docs.opennebula.io/7.2/product/operation_references/hypervisor_configuration/lxc_driver/Mon, 17 Feb 2025 00:00:00 +0000https://docs.opennebula.io/7.2/product/operation_references/hypervisor_configuration/lxc_driver/<p><a id="lxdmg"></a></p> <p><a id="lxcmg"></a></p> <!--# LXC Driver --> <h2 id="requirements">Requirements</h2> <ul> <li>LXC version &gt;= 3.0.3 installed on the Host.</li> <li>cgroup version 1 or 2 Hosts are required to implement resource control operations (e.g., CPU pinning, memory or swap limitations).</li> </ul> <h2 id="considerations--limitations">Considerations &amp; Limitations</h2> <h3 id="privileged-containers-and-security">Privileged Containers and Security</h3> <p>In order to ensure security in a multitenant environment, by default the containers created by the LXC driver will be unprivileged. The unprivileged containers will be deployed as <code>root</code>. Sub UID/GID range <code>600100001-600165537</code> will be used for mapping users/groups in order to increase security in case a malicious agent is able to escape the container.</p>