| View previous topic :: View next topic |
| Author |
Message |
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
 Posted: Mon Sep 05, 2022 12:37 pm Post subject: Virtualization vs. Container for Home Assistant |
 |
|
I'm looking to run Home Assistant on my Gentoo-based home server. I actually had it installed via the layman repository, but the python dependency conflicts became nightmarish on a few occasions and I'm looking to simplify. The recommended method is a stand-alone server (probably via Raspberry Pi). I may do this in the future, but for now I want to keep running off of my current hardware. I was starting to setup the OS via virt-install, but then wondered if the container method (I'd likely use Docker) has any significant drawbacks. I'm not running state of the art hardware here (See below) but do have a file server and Plex Media Server running off the device already (so I'm looking to run more than just Home Assistant). Any thoughts on whether I'd see any major benefit (performance or otherwise) in choosing one over the other?
My system stats are:
| emerge --info: | Portage 3.0.30 (python 3.10.6-final-0, default/linux/amd64/17.1, gcc-11.3.0, glibc-2.35-r8, 5.15.59-gentoo x86_64)
=================================================================
System uname: Linux-5.15.59-gentoo-x86_64-Intel-R-_Core-TM-_i5-2500K_CPU_@_3.30GHz-with-glibc2.35
KiB Mem: 16377156 total, 1433124 free
KiB Swap: 524284 total, 510348 free
Timestamp of repository gentoo: Sun, 04 Sep 2022 17:00:01 +0000
Head commit of repository gentoo: ac2ab96aef096314918ec90fd65598674b9cce88
sh bash 5.1_p16-r1
ld GNU ld (Gentoo 2.38 p4) 2.38
app-misc/pax-utils: 1.3.5::gentoo
app-shells/bash: 5.1_p16-r1::gentoo
dev-lang/perl: 5.34.1-r3::gentoo
dev-lang/python: 3.8.13_p7::gentoo, 3.9.13_p4::gentoo, 3.10.6_p2::gentoo
dev-lang/rust: 1.62.1::gentoo
dev-util/cmake: 3.23.3::gentoo
dev-util/meson: 0.62.2::gentoo
sys-apps/baselayout: 2.8::gentoo
sys-apps/openrc: 0.44.10::gentoo
sys-apps/sandbox: 2.29::gentoo
sys-devel/autoconf: 2.71-r1::gentoo
sys-devel/automake: 1.16.5::gentoo
sys-devel/binutils: 2.38-r2::gentoo
sys-devel/binutils-config: 5.4.1::gentoo
sys-devel/gcc: 11.3.0::gentoo
sys-devel/gcc-config: 2.5-r1::gentoo
sys-devel/libtool: 2.4.7::gentoo
sys-devel/make: 4.3::gentoo
sys-kernel/linux-headers: 5.15-r3::gentoo (virtual/os-headers)
sys-libs/glibc: 2.35-r8::gentoo
Repositories:
gentoo
location: /usr/portage
sync-type: rsync
sync-uri: rsync://rsync.gentoo.org/gentoo-portage
priority: -1000
sync-rsync-verify-max-age: 24
sync-rsync-verify-metamanifest: yes
sync-rsync-extra-opts:
sync-rsync-verify-jobs: 1
plex-overlay
location: /var/lib/layman/plex-overlay
masters: gentoo
priority: 50
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@FREE ubiquiti Plex linux-fw-redistributable no-source-code SSPL-1 NPSL GPL license CC-BY-NC-SA-3.0"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/easy-rsa /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php8.1/ext-active/ /etc/php/cgi-php8.1/ext-active/ /etc/php/cli-php8.1/ext-active/ /etc/php/fpm-php8.1/ext-active/ /etc/php/phpdbg-php8.1/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=native -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="https://mirrors.rit.edu/gentoo/ https://gentoo.osuos1.org/"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
SHELL="/bin/bash"
USE="a52 aac acl acpi amd64 apache2 apm avahi bash-completion bluetooth bzip2 cddb cli crypt dedicated dri dts dv dvb fortran ftp gdbm geoip geolocation gnutls headless iconv imap ipv6 libglvnd libtirpc lm_sensors mms multilib nas ncurses nls nptl offensive openmp pam pcre php readline samba sasl seccomp smp split-usr ssl tidy udev udisks unicode upnp upnp-av upower vim-syntax xattr zeroconf zlib" ABI_X86="64" ADA_TARGET="gnat_2020" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_10" PYTHON_TARGETS="python3_10" RUBY_TARGETS="ruby27" USERLAND="GNU" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset: ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EMERGE_DEFAULT_OPTS, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LEX, LFLAGS, LIBTOOL, LINGUAS, MAKE, MAKEFLAGS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS |
|
|
| Back to top |
|
 |
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 916
|
| Posted: Tue Sep 06, 2022 11:12 am Post subject: |
|
|
I have experimented with Home Assistant in a container and in itself it works fine. (I ended up removing it for reasons i don't remember, not related to virtual vs. container).
One limit i'm aware of is that containers don't support bluetooth, so if you wish to use bluetooth from home assistant containers won't be the way to go. With a VM you could probably assign a USB bluetooth device to the VM and get it working.
Most z-ware/zigbee devices i'm aware of present themselves as serial ports to the OS so they will be usable in both containers and a VM.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Wed Sep 07, 2022 12:54 am Post subject: |
|
|
| Not looking for bluetooth, I don't think, but I did install the VM and having networking issues. Home Assistant instructions basically say that once installed it should just work, but I found that the bridging wasn't setup properly and I couldn't connect from outside the host. I fixed that with xinetd, but now it's still considered on a separate (host) network and doesn't see the rest of my LAN (ie: it doesn't detect any of my LAN devices). Any sense on whether a container would be easier to configure in CLI or run faster/slower than a VM? |
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 916
|
| Posted: Wed Sep 07, 2022 6:11 am Post subject: |
|
|
I don't think containers are more or less difficult than virtualization, especially network-wise. You'll still need to configure networking inside the VM/container and you still need some kind of bridging to connect it to the rest of your network.
In terms of speed a container will win, specially on slower hardware the difference will be noticeable. A VM has ~20% overhead (ie: software inside the VM will run 20% slower than software outside the VM), for containers this is even below 1%. As an example: I'm running 10 full gentoo containers on an Intel Atom CPU and CPU load is ~1.0 so there is room for more. With VM's it would even be a challenge to make it fit.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Thu Sep 08, 2022 12:45 am Post subject: |
|
|
Thanks. That's helpful. I've only had the VM running for a day or two (And then my house lost power and it was off for a day or two) so I'll have to keep an eye on the load.
Meanwhile, any suggested readings for setting up the bridging to fix the networking issue? Networking has never been my strong suit. |
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 916
|
| Posted: Thu Sep 08, 2022 8:10 am Post subject: |
|
|
Regarding bridging:
You'll need net-misc/bridge-utils
Set up your networking to include a bridge, the netifrc docs provide nice examples, be sure to include your actual network interface with the bridge 
(Pitfall: If you add your physical interface to the bridge the IP address configured on the physical interface does not work anymore, you need to move your IP configuration to your bridge interface)
Instruct your VM/container to be attached to the bridge, how that is done is up to the software you use.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
grknight
Retired Dev
Joined: 20 Feb 2015
Posts: 2114
|
| Posted: Thu Sep 08, 2022 12:31 pm Post subject: |
|
|
| pa4wdh wrote: | Regarding bridging:
You'll need net-misc/bridge-utils |
Only older scripts/programs need bridge-utils. netifrc does not use it.
bridge-utils has been superseded by iproute2 and sysfs configurations. |
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 916
|
| Posted: Thu Sep 08, 2022 5:12 pm Post subject: |
|
|
Thanks for letting me/us know.
I'm kind of old-skool when it comes to networking tools so i use brctl myself and i was not aware that netifrc does not need it
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Fri Sep 09, 2022 12:39 am Post subject: |
|
|
| I'll look into iproute2 then. Any suggested readings beyond man pages? (ideally examples, though some man pages are better with those than others) |
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 916
|
| Posted: Fri Sep 09, 2022 7:42 am Post subject: |
|
|
I think /usr/share/doc/netifrc-<version>/net.example.bz2 is a good read, especially the section called "Bridging (802.1d)".
Also make sure you understand the network concepts related to bridging in general and virtual interfaces provided by your hypervisor/container platform.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Sat Oct 15, 2022 2:57 pm Post subject: |
|
|
So update on this. I did elect to go the container (docker) route as my hardware doesn't support virtualization and it sounds like the overhead would be ridiculous. I installed docker per the wiki instructions and got the expected output in the test at the bottom of the instructions. For reference:
| emerge -pv app-containers/containerd app-containers/docker app-containers/docker-cli: | [ebuild R ] app-containers/docker-cli-20.10.17::gentoo USE="-hardened (-selinux)" 0 KiB
[ebuild R ] app-containers/containerd-1.6.8::gentoo USE="cri device-mapper seccomp -apparmor -btrfs -hardened (-selinux) -test" 0 KiB
[ebuild R ] app-containers/docker-20.10.17::gentoo USE="cli container-init device-mapper seccomp -apparmor -aufs -btrfs -hardened -overlay (-selinux)" 0 KiB |
I then installed the Home Assistant container as per their instructions here (specifically, the section "PLATFORM INSTALLATION" and stopping at "RESTARTING HOME ASSISTANT", as that section and beyond doesn't appear to apply). The install also appears to go smoothly and without error, however the interface (http://192.168.xxx.xxx:8123) times out when I try to connect. I have the iPhone app installed too and, interestingly, it shows the server, but also times out when I try to connect. At this point I suspect the culprit is my firewall. I did make sure to open the port with iptables:
| Code: | | iptables -I INPUT -p tcp --dport 8123 -j ACCEPT |
Somewhat randomly I thought to check what dmesg was showing and this comes up:
| Code: | [ 946.736725] Bridge firewalling registered
[ 1002.918348] docker0: port 1(vethfe40b58) entered blocking state
[ 1002.918354] docker0: port 1(vethfe40b58) entered disabled state
[ 1002.918420] device vethfe40b58 entered promiscuous mode
[ 1002.918520] docker0: port 1(vethfe40b58) entered blocking state
[ 1002.918523] docker0: port 1(vethfe40b58) entered forwarding state
[ 1002.919070] docker0: port 1(vethfe40b58) entered disabled state
[ 1003.782145] eth0: renamed from veth768b006
[ 1003.799088] IPv6: ADDRCONF(NETDEV_CHANGE): vethfe40b58: link becomes ready
[ 1003.799130] docker0: port 1(vethfe40b58) entered blocking state
[ 1003.799134] docker0: port 1(vethfe40b58) entered forwarding state
[ 1003.799174] IPv6: ADDRCONF(NETDEV_CHANGE): docker0: link becomes ready
[ 1004.018449] docker0: port 1(vethfe40b58) entered disabled state
[ 1004.018500] veth768b006: renamed from eth0
[ 1004.119611] docker0: port 1(vethfe40b58) entered disabled state
[ 1004.119827] device vethfe40b58 left promiscuous mode
[ 1004.119831] docker0: port 1(vethfe40b58) entered disabled state
[ 2019.792316] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. |
Any other thoughts what could be the problem? |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Sat Oct 15, 2022 3:09 pm Post subject: |
|
|
Sorry, one more quick update. The Home Assistant log shows this:
| Code: | | 2022-10-15 09:08:03.214 ERROR (MainThread) [homeassistant.components.http] Failed to create HTTP server at port 8123: [Errno 98] error while attempting to bind on address ('::', 8123, 0, 0): address in use |
So maybe a configuration issue on the home assistant side? Would address '::' be considered localhost? I do have other things serving from this device (plex and file server). Could those be interfering? I'll try to research how the network is configured in docker. An initial google search isn't showing anything quite like what I'm seeing, I don't think. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Sat Oct 15, 2022 3:26 pm Post subject: |
|
|
Ok. I may have figured it out.
Turns out:
| netstat -tnlp grep 8123: | | tcp6 0 0 :::8123 :::* LISTEN 3147/xinetd |
Looks like my xinetd install from earlier in this process was holding onto the address space. Removing it lets the UI load as expected. Any reason I should have xinetd installed? I think I only had it on earlier regarding bridging, but that's resolved now. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23336
|
| Posted: Sat Oct 15, 2022 3:59 pm Post subject: |
|
|
| alienjon wrote: | | I did elect to go the container (docker) route as my hardware doesn't support virtualization |
Most modern x86 hardware should have it, and your emerge --info suggests you have an Intel Core series. How did you determine that you do not have virtualization support? | alienjon wrote: | | The install also appears to go smoothly and without error, however the interface (http://192.168.xxx.xxx:8123) times out when I try to connect. |
Please show us the full docker command that you used to start the container, so that we can see how its network is configured. | alienjon wrote: | | I have the iPhone app installed too and, interestingly, it shows the server, but also times out when I try to connect. |
I suggest getting a Linux-based client able to connect first, since we can probably get better diagnostics about failures in that than we can get from the iPhone app. At the least, most of us will be more familiar with the error reporting style of the Linux tools. | alienjon wrote: | | At this point I suspect the culprit is my firewall. |
That seems reasonable. | alienjon wrote: | I did make sure to open the port with iptables: | Code: | | iptables -I INPUT -p tcp --dport 8123 -j ACCEPT |
|
If docker is playing tricks with network namespaces, this may not be useful. | alienjon wrote: | | Any other thoughts what could be the problem? |
I would start by assuming a firewalling/routing problem. | alienjon wrote: | The Home Assistant log shows this: | Code: | | 2022-10-15 09:08:03.214 ERROR (MainThread) [homeassistant.components.http] Failed to create HTTP server at port 8123: [Errno 98] error while attempting to bind on address ('::', 8123, 0, 0): address in use |
So maybe a configuration issue on the home assistant side? |
That will be a problem, but it is not your first problem. Attempting to access the container should fail with "Connection refused" if the Home Assistant error is your only problem. You have not gotten far enough to get "Connection refused" yet. Consider it the difference between knocking on a door and nobody answers (time out) versus knocking and the resident tells you to go away ("Connection refused"). The resident might yet tell you to go away, but you haven't gotten an answer yet to know that. | alienjon wrote: | | Would address '::' be considered localhost? |
That is the IPv6 wildcard address, not localhost. IPv6 localhost would be ::1. | alienjon wrote: | | I do have other things serving from this device (plex and file server). Could those be interfering? |
If they are in the same network namespace and listening on the same port, then yes. Otherwise, they are probably not the culprit.
---
I see that you added an explanation while I was composing. I will post my earlier message anyway, as it may be useful for background information. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Sun Oct 16, 2022 6:29 pm Post subject: |
|
|
Firstly, so far and still good. Stopping xinetd seems to have fixed the problem.
| hu wrote: | | Most modern x86 hardware should have it, and your emerge --info suggests you have an Intel Core series. How did you determine that you do not have virtualization support? |
From this wiki page I ran:
| Code: | | grep --color -E "vmx|svm" /proc/cpuinfo |
and got no output (here's the full /proc/cpuinfo)
| cat /proc/cpu: | processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
stepping : 7
microcode : 0x14
cpu MHz : 1605.220
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti xsaveopt dtherm ida arat pln pts
bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_unknown
bogomips : 6624.37
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
stepping : 7
microcode : 0x14
cpu MHz : 1605.186
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 1
cpu cores : 4
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti xsaveopt dtherm ida arat pln pts
bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_unknown
bogomips : 6624.37
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
stepping : 7
microcode : 0x14
cpu MHz : 1600.000
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 2
cpu cores : 4
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti xsaveopt dtherm ida arat pln pts
bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_unknown
bogomips : 6624.37
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
stepping : 7
microcode : 0x14
cpu MHz : 1600.000
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 3
cpu cores : 4
apicid : 6
initial apicid : 6
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti xsaveopt dtherm ida arat pln pts
bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_unknown
bogomips : 6624.37
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management: |
Secondly, this output:
| virt-host-validate: | QEMU: Checking for hardware virtualization : FAIL (Host not compatible with KVM; HW virtualization CPU features not found. Only emulated CPUs are available; performance will be significantly limited)
QEMU: Checking if device /dev/vhost-net exists : PASS
QEMU: Checking if device /dev/net/tun exists : PASS
QEMU: Checking for cgroup 'cpu' controller support : PASS
QEMU: Checking for cgroup 'cpuacct' controller support : PASS
QEMU: Checking for cgroup 'cpuset' controller support : PASS
QEMU: Checking for cgroup 'memory' controller support : PASS
QEMU: Checking for cgroup 'devices' controller support : PASS
QEMU: Checking for cgroup 'blkio' controller support : PASS
QEMU: Checking for device assignment IOMMU support : WARN (Unknown if this platform has IOMMU support)
QEMU: Checking for secure guest support : WARN (Unknown if this platform has Secure Guest support)
LXC: Checking for Linux >= 2.6.26 : PASS
LXC: Checking for namespace ipc : PASS
LXC: Checking for namespace mnt : PASS
LXC: Checking for namespace pid : PASS
LXC: Checking for namespace uts : PASS
LXC: Checking for namespace net : PASS
LXC: Checking for namespace user : PASS
LXC: Checking for cgroup 'cpu' controller support : PASS
LXC: Checking for cgroup 'cpuacct' controller support : PASS
LXC: Checking for cgroup 'cpuset' controller support : PASS
LXC: Checking for cgroup 'memory' controller support : PASS
LXC: Checking for cgroup 'devices' controller support : PASS
LXC: Checking for cgroup 'freezer' controller support : PASS
LXC: Checking for cgroup 'blkio' controller support : PASS
LXC: Checking if device /sys/fs/fuse/connections exists : PASS
CH: Checking for hardware virtualization : FAIL (Only emulated CPUs are available, performance will be significantly limited) |
Maybe I'm using the wrong language, but hardware virtualization doesn't appear available on my cpu, but emulated would be possible. Based on earlier comments it appears that docker would likely be a faster/better option in my setup? |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23336
|
| Posted: Sun Oct 16, 2022 7:54 pm Post subject: |
|
|
Emulated would definitely be slower than hardware-assisted virtualization. Assuming docker is not being stupid, even hardware-assisted virtualization would perform at best equally, and quite possibly worse than, docker.
As I read ARK: Core i5 2500K, your CPU ought to support virtualization. However, since you do not want to use it here, we do not need to pursue why it seems not to be available to you. I recall that some systems shipped with a firmware that would disable virtualization support at boot time. Some, but not all, of those had a user-configurable setting in the pre-boot environment to choose whether to lock out virtualization. Once locked this way, it could only be unlocked by rebooting and avoiding having it locked again on the next boot. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1732
|
| Posted: Mon Oct 17, 2022 1:02 am Post subject: |
|
|
| Thanks for the insight. Curious that it isn't enabled. I may check the bios if I get the chance but, honestly, I'm looking to upgrade my desktop soon and could use my desktop hardware to upgrade the server (Which should open up virtualization options as my desktop CPU is newer). |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Kernel & Hardware
