How to enable nested virtualization in order to use VirtualBox inside of a KVM virtual machine?

virtualbox qemu virtualization kvm-virtualization libvirt

We have a KVM hypervisor (L0, AMD, Kernel: Linux level0kvmhypervisor 4.19.0-12-amd64 #1 SMP Debian 4.19.152-1 (2020-10-18) x86_64 GNU/Linux), which runs a virtual machine that I would like to use as a nested VirtualBox hypervisor (L1). So what I'm trying to do is running VirtualBox inside of KVM. Some details about the KVM hypervisor (L0):

# cat /proc/cpuinfo
processor       : 0 ... 23
vendor_id       : AuthenticAMD
cpu family      : 23
model           : 113
model name      : AMD Ryzen 9 3900 12-Core Processor
stepping        : 0
microcode       : 0x8701021
cpu MHz         : 2193.155
cache size      : 512 KB
physical id     : 0
siblings        : 24
core id         : 0
cpu cores       : 12
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 16
wp              : yes
flags           : ... svm ...
bugs            : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass
bogomips        : 6188.58
TLB size        : 3072 4K pages
clflush size    : 64
cache_alignment : 64
address sizes   : 43 bits physical, 48 bits virtual
power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
# dpkg --list | egrep -- "(kvm|libvirt)" | sed 's/amd64.*//g'
ii  libsys-virt-perl                     5.0.0-1                             
ii  libvirt-clients                      5.0.0-4+deb10u1                     
ii  libvirt-daemon                       5.0.0-4+deb10u1                     
ii  libvirt-daemon-system                5.0.0-4+deb10u1                     
ii  libvirt-glib-1.0-0:
ii  libvirt0:
ii  python3-libvirt                      5.0.0-1                             
ii  qemu-kvm                             1:3.1+dfsg-8+deb10u8

The nested option is enabled as well:

# cat /sys/module/kvm_amd/parameters/nested 
1

Inside the KVM virtual machine, where VirtualBox is installed (L1): I'm trying to launch a VM created by Vagrant and get the following error message:

...
==> default: Booting VM...
There was an error while executing `VBoxManage`, a CLI used by Vagrant
for controlling VirtualBox. The command and stderr is shown below.
Command: ["startvm", "357a07b4-7d81-4336-9ea6-0dbf0ab49d18", "--type", "headless"]                                                                 
Stderr: VBoxManage: error: AMD-V is not available (VERR_SVM_NO_SVM)
VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component ConsoleWrap, interface IConsole

These are the KVM XML CPU setting for the VirtualBox L1 hypervisor:

<vcpu placement='static'>1</vcpu>
<cpu mode='host-model' check='partial'>
  <model fallback='allow'/>
</cpu>

I believe something must be changed here, but I'm not quite sure what. I can't find any resources on that topic, that's why I'm asking here. How can I get the VirtualBox hypervisor (L1) running inside a KVM virtual machine in order to start a VM?

Any help would be highly appreciated.


Solution 1:

<cpu mode='host-passthrough'>
    <feature policy='require' name='svm'/>
</cpu>

Use these settings for an AMD cpu in the virtualmachine settings file.

Related

Using puppet to manage incrontab
How to set some nodes on pause/hold/noop?
Null / blank values on puppet facts
Cobbler with puppet - slow in installing packages
What is apt-file update?
What is the package name for Software & Updates and how to remove it?
Can't capture output into variable in Bash
How can I know from which partition I had booted?
How to Install Node.js without sudo access but with npm 1.3.10 installed?
What does the "<>" mean in "kill -9 <>"?
What is a character device?
Ctrl+Alt+F7 doesn't switch back to X session in Kubuntu 18.04 Bionic