Technical Notes
12
To enable the old, insecure setting, edit /etc/libvirt/qemu.conf, set "relaxed_acs_check = 1", and
restart libvirtd. Note that this action will re-open possible security issues.
• Users upgrading from pre-release versions of Red Hat Enterprise Linux 6 (i.e. the virt-v2v
versions less than virt-v2v-0.6.2-2.el6) may be required to update the default virt-v2v configuration
file. Specifically, the 'viostor' app for Windows guests is replaced by the 'virtio' app, which now points
to the directory containing the complete driver. Refer to the updated default configuration file for
further details.
• I/O Advanced Programmable Interrupt Controller (I/O APIC) timer interrupts are not emulated as
non-maskable interrupts (NMIs) to virtualized guests. Consequently, if a virtualized guest uses the
kernel parameter nmi_watchdog=1, the guest kernel will panic on boot.
• The balloon service on Windows 7 guests can only be started by the "Administrator" user.
• Direct Asynchronous IO (AIO) that is not issued on filesystem block boundaries, and falls into a hole
in a sparse file on ext4 or xfs filesystems, may corrupt file data if multiple I/O operations modify the
same filesystem block. Specifically, if qemu-kvm is used with the aio=native IO mode over a sparse
device image hosted on the ext4 or xfs filesystem, guest filesystem corruption will occur if partitions
are not aligned with the host filesystem block size. Generally, do not use aio=native option along
with cache=none for QEMU. This issue can be avoided by using one of the following techniques:
1. Align AIOs on filesystem block boundaries, or do not write to sparse files using AIO on xfs or
ext4 filesystems.
2. KVM: Use a non-sparse system image file or allocate the space by zeroing out the entire file.
3. KVM: Create the image using an ext3 host filesystem instead of ext4.
4. KVM: Invoke qemu-kvm with aio=threads (this is the default).
5. KVM: Align all partitions within the guest image to the host's filesystem block boundary (default
4k).
• On Red Hat Enterprise Linux 6 KVM virtual guests, unmounting a filesystem on an mdraid
volume does not immediately free the underlying device for the mdadm --stop operation.
Consequently, during installation on a system with pre-existing mdraid volumes the following error
can appear while anaconda is looking for storage devices:
MDRaidError: mddeactivate failed for /dev/md1: 08:26:59,485 ERROR : Perhaps a
running process, mounted filesystem or active volume group?
To work around this issue, erase all data on the volume before installation by clearing the first
several sectors of the volume with zeros.
• Libvirt uses transient iptables rules for managing NAT or bridging to virtual machine guests. Any
external command that reloads iptables state ( such as running system-config-firewall) will overwrite
the entries needed by libvirt. Consequently, after running any command or tool that changes the
state of iptables, guests may lose access the network. To work around this issue, use the command
'service libvirt reload' to restore libvirt's additional iptables rules.
• Adding an rtl8139 NIC to an active Windows 2008 guest may result in the qemu-kvm process
exiting. To work around this issue, shutdown the guest before adding additional rtl8139 NICs.
Alternatively, install the virtio-net drivers and add a virtio NIC.
• KVM users with a mix of virtio and ata disks should verify the boot device that anaconda chooses
during installation. To verify the boot device, locate the "Install Target Devices" list in the disk