Docker Desktop stuck on starting.... possible cause: Itlb_multihit status: KVM: VMX disabled

I am trying to install Docker Desktop(DD).

DD gets stuck on Docker Desktop starting... and after going through the self-diagnose.json, I see this error as the root cause:

"Description": "The Docker engine runs inside a Linux VM. Therefore the host must support virtualization.\n\nCheck that hardware-assisted virtualization (either Intel VMX or AMD SVM) and Data Execution Prevention (sometimes labeled XD or Execute Disable or NX) are enabled in your BIOS.\n\nCheck your bootloader is configured to launch Hyper-V.\n\nSee https://docs.docker.com/desktop/windows/troubleshoot/#virtualization",

I followed this guide to Install and Configure KVM in ArchLinux

I have also installed QEMU and Virtual Machine Manager and tried creating Gardua as a virtual machine and it works.

Digging deeper, I see these:

Vulnerabilities:
Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT
vulnerable

Is that why Docker Desktop is not starting?

[🔍] × garuda-inxi
System:
Kernel: 5.19.12-zen1-1-zen arch: x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen
root=UUID=54967066-bb53-4839-ac9a-3b81fbb342dc rw rootflags=subvol=@
quiet quiet splash rd.udev.log_priority=3 vt.global_cursor_default=0
loglevel=3
Desktop: KDE Plasma v: 5.25.5 tk: Qt v: 5.15.6 info: latte-dock, docker
wm: kwin_x11 vt: 1 dm: SDDM Distro: Garuda Linux base: Arch Linux
Machine:
Type: Desktop System: Dell product: OptiPlex 3040 v: N/A
serial: <superuser required> Chassis: type: 3 serial: <superuser required>
Mobo: Dell model: 0HKCW0 v: A00 serial: <superuser required> UEFI: Dell
v: 1.14.2 date: 12/24/2020
CPU:
Info: model: Intel Core i3-6100 bits: 64 type: MT MCP arch: Skylake-S
gen: core 6 level: v3 built: 2015 process: Intel 14nm family: 6
model-id: 0x5E (94) stepping: 3 microcode: 0xF0
Topology: cpus: 1x cores: 2 tpc: 2 threads: 4 smt: enabled cache:
L1: 128 KiB desc: d-2x32 KiB; i-2x32 KiB L2: 512 KiB desc: 2x256 KiB
L3: 3 MiB desc: 1x3 MiB
Speed (MHz): avg: 800 min/max: 800/3700 scaling: driver: intel_pstate
governor: powersave cores: 1: 800 2: 800 3: 800 4: 800 bogomips: 29598
Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx
Vulnerabilities:
Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT
vulnerable
Type: mds mitigation: Clear CPU buffers; SMT vulnerable
Type: meltdown mitigation: PTI
Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable
Type: retbleed mitigation: IBRS
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via
prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer
sanitization
Type: spectre_v2 mitigation: IBRS, IBPB: conditional, RSB filling,
PBRSB-eIBRS: Not affected
Type: srbds mitigation: Microcode
Type: tsx_async_abort status: Not affected
Graphics:
Device-1: Intel HD Graphics 530 vendor: Dell driver: i915 v: kernel
arch: Gen-9 process: Intel 14n built: 2015-16 ports: active: HDMI-A-1
empty: DP-1, DP-2, DP-3, HDMI-A-2, HDMI-A-3 bus-ID: 00:02.0
chip-ID: 8086:1912 class-ID: 0300
Display: x11 server: X.Org v: 21.1.4 with: Xwayland v: 22.1.3
compositor: kwin_x11 driver: X: loaded: modesetting
alternate: fbdev,intel,vesa gpu: i915 display-ID: :0 screens: 1
Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.00x11.22")
s-diag: 582mm (22.93")
Monitor-1: HDMI-A-1 mapped: HDMI-1 model: ViewSonic VX2452 Series
serial: <filter> built: 2016 res: 1920x1080 hz: 60 dpi: 94 gamma: 1.2
size: 521x293mm (20.51x11.54") diag: 598mm (23.5") ratio: 16:9 modes:
max: 1920x1080 min: 720x240
OpenGL: renderer: Mesa Intel HD Graphics 530 (SKL GT2) v: 4.6 Mesa 22.1.7
direct render: Yes
Audio:
Device-1: Intel 100 Series/C230 Series Family HD Audio vendor: Dell
driver: snd_hda_intel v: kernel bus-ID: 00:1f.3 chip-ID: 8086:a170
class-ID: 0403
Sound Server-1: ALSA v: k5.19.12-zen1-1-zen running: yes
Sound Server-2: PulseAudio v: 16.1 running: no
Sound Server-3: PipeWire v: 0.3.58 running: yes
Network:
Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet
vendor: Dell driver: r8169 v: kernel pcie: gen: 1 speed: 2.5 GT/s lanes: 1
port: e000 bus-ID: 02:00.0 chip-ID: 10ec:8168 class-ID: 0200
IF: enp2s0 state: down mac: <filter>
IF-ID-1: enp0s20f0u1 state: unknown speed: -1 duplex: half mac: <filter>
Bluetooth:
Device-1: MediaTek TECNO SPARK Go 2020 type: USB driver: rndis_host
v: kernel bus-ID: 1-1:41 chip-ID: 0e8d:2005 class-ID: 0a00 serial: <filter>
Report: bt-service: enabled,stopped note: tool can't run
Drives:
Local Storage: total: 465.76 GiB used: 45.89 GiB (9.9%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: Western Digital
model: WD5000AZLX-75K2TA0 size: 465.76 GiB block-size: physical: 4096 B
logical: 512 B speed: 6.0 Gb/s type: HDD rpm: 7200 serial: <filter>
rev: 1A01 scheme: GPT
Partition:
ID-1: / raw-size: 201.01 GiB size: 201.01 GiB (100.00%) used: 45.86 GiB
(22.8%) fs: btrfs dev: /dev/sda6 maj-min: 8:6
ID-2: /boot/efi raw-size: 100 MiB size: 96 MiB (96.00%) used: 30.3 MiB
(31.6%) fs: vfat dev: /dev/sda1 maj-min: 8:1
ID-3: /home raw-size: 201.01 GiB size: 201.01 GiB (100.00%) used: 45.86
GiB (22.8%) fs: btrfs dev: /dev/sda6 maj-min: 8:6
ID-4: /var/log raw-size: 201.01 GiB size: 201.01 GiB (100.00%) used: 45.86
GiB (22.8%) fs: btrfs dev: /dev/sda6 maj-min: 8:6
ID-5: /var/tmp raw-size: 201.01 GiB size: 201.01 GiB (100.00%) used: 45.86
GiB (22.8%) fs: btrfs dev: /dev/sda6 maj-min: 8:6
Swap:
Kernel: swappiness: 133 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: zram size: 11.59 GiB used: 0 KiB (0.0%) priority: 100
dev: /dev/zram0
Sensors:
System Temperatures: cpu: 49.0 C pch: 56.0 C mobo: N/A
Fan Speeds (RPM): N/A
Info:
Processes: 251 Uptime: 2h 7m wakeups: 0 Memory: 11.59 GiB used: 5.07 GiB
(43.8%) Init: systemd v: 251 default: graphical tool: systemctl
Compilers: gcc: 12.2.0 clang: 14.0.6 Packages: pm: pacman pkgs: 1424
libs: 342 tools: pamac,paru Shell: fish v: 3.5.1 default: Bash v: 5.1.16
running-in: konsole inxi: 3.3.21
Garuda (2.6.8-1):
System install date:     2022-09-03
Last full system update: 2022-10-04
Is partially upgraded:   No
Relevant software:       NetworkManager
Windows dual boot:       Probably (Run as root to verify)
Snapshots:               Snapper
Failed units:

Have you enabled virtualization in your bios

Yes, please

IMG_20221004_054211_7221920×864 78.2 KB

IMG_20221004_054226_4081920×864 70.4 KB

Would you like me to post the output of the DD self-diagnose.json?

Have you checked also this guide? It should be from the official site.
There's a strange requirenent to install gnome-terminal...
Consider also that it is experimental / untested for Arch.

Yes, I have gnome-terminal installed.

One thing confuses me, the step 2 Docker docs says I should install the Docker client binaries, but I have docker installed with pacman

I'd give the guide a chance.
They provide the package, they should know what to do.
I think you should try removing your docker package and install the binaries.
At least try...

Well, I was thinking of the same thing, so I tried and ...

image1270×720 62.1 KB

Thanks very much for your help...

I now have to figure out how to secure it

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.