Ensure kvm_intel is loaded with nested support Related-PROD: PRODX-3456 Change-Id: I27b5f15dda510815ae2de981ff12aa56fdbf0cde

commit: ab3793f29cb00c0af66e02d2a4b5a94831562114 [log] [tgz]
author: Oleh Hryhorov <ohryhorov@mirantis.com> Thu Jun 04 18:37:22 2020 +0300
committer: Oleh Hryhorov <ohryhorov@mirantis.com> Thu Jun 04 18:37:22 2020 +0300
tree: 491fa9c41bec48c47d73a99d11bf1c18291b7add
parent: a1ccba46f956b40b10d11f6429b92fee1110264e [diff]
diff --git a/de/heat-templates/scripts/instance_boot.sh b/de/heat-templates/scripts/instance_boot.sh
index 977fe9d..43cfa06 100644
--- a/de/heat-templates/scripts/instance_boot.sh
+++ b/de/heat-templates/scripts/instance_boot.sh

@@ -456,6 +456,18 @@
     fi
 }
 
+function nested_virt_config {
+
+cat << EOF > /etc/modprobe.d/qemu-system-x86.conf
+options kvm_intel nested=1
+options kvm_intel enable_apicv=1
+options kvm_intel ept=1
+EOF
+
+    modprobe -r kvm_intel || true
+    modprobe kvm_intel nested=1
+
+}
 
 case "$NODE_TYPE" in
     # Please keep the "prepare_metadata_files", "disable-rp-filter", "network_config" and "prepare_network" functions
@@ -483,6 +495,7 @@
         disable_iptables_for_bridges
         ;;
     master)
+        nested_virt_config
         prepare_metadata_files
         disable_rp_filter
         network_config
@@ -502,6 +515,7 @@
         disable_iptables_for_bridges
         ;;
     worker)
+        nested_virt_config
         prepare_metadata_files
         disable_rp_filter
         network_config
commit	ab3793f29cb00c0af66e02d2a4b5a94831562114	[log] [tgz]
author	Oleh Hryhorov <ohryhorov@mirantis.com>	Thu Jun 04 18:37:22 2020 +0300
committer	Oleh Hryhorov <ohryhorov@mirantis.com>	Thu Jun 04 18:37:22 2020 +0300
tree	491fa9c41bec48c47d73a99d11bf1c18291b7add
parent	a1ccba46f956b40b10d11f6429b92fee1110264e [diff]