Microsoft has added the ability to enable nested virtualization to Azure. Using this, admins and companies are able to effectively work on testing, training, and more while saving money compared to typical methods.
Nested virtualization allows you to do things like run a Hyper-V container in a virtualized container host, test multimachine scenarios, and set up a Hyper-V lab in a virtualized environment.
Currently, it’s available using their new Dv3 and Ev3 virtual machine (VM) sizes, although Microsoft claims that they’re adding more support sizes soon.
What is nested virtualization?
Basically, nested virtualization is running a hypervisor within another hypervisor. This allows you to run more than one hypervisor on the same host server.
The hypervisor host itself, or the Hyper-V running on physical hardware, can be virtualized with nested virtualization. Many hypervisor vendors don’t support this type of virtualization and not every hypervisor and OS versions are able to be nested within other hypervisors.
A few key terms will help you understand nested virtualization discussion. The host hypervisor, as stated, is the hypervisor running on physical hardware. The virtual machine running on that hypervisor is referred to as the outer guest.
Then, the hypervisor that is running within the VM is called the guest hypervisor. Lastly, the VM running within the other virtual machine is referred to as an inner or nested guest. These terms might seem a bit confusing at first, but they’re handy for helping you discuss nested virtualization.
Why use it?
Some of the popular use cases for nested virtualization include testing multimachine scenarios without requiring individual hardware or running a Hyper-V container in a virtualized container host.
The flexibility of creating a VM inside of a VM leads to greater ease in many different areas, including development, testing, customer training, and more. Microsoft gives the example that your team is testing software using Hyper-V hosts on-premises. Using nested VMs as virtualized test machines, it’s now simpler to move their workloads to Azure.
With this, “The nested VM hosts will be used to replace physical Hyper-V hosts, individual testing engineer will have full control over the Hyper-V functionality on their own assigned VM Host in Azure.”
The main way to use nested virtualization is to set up multiple independent environments on one machine. These environments would then be used to run code, tests, or applications without impacting the other users or applications.
Microsoft also thinks that this tool is useful for people who want to simulate on on-premises Hyper-V setup inside Azure, those admins who like to run containers inside of VMs, or businesses that are looking to save money.
“Within nested VMs,” Microsoft explains, “even if you are running a chaos environment your users will not be impacted.” Creating these independent test environments is one of the most important aspects of nested virtualization.
Many times, a dedicated server just for testing is overlooked for cost-saving measures. Instead of provisioning a dedicated physical server with a hypervisor to allow your developers to build VMs when necessary, you can save money with nested virtualization on one machine.
Not needing to spend on hardware dedicated to testing will help drive a lot of people to nested virtualization, which still allows them to have this desired isolated environment. As long as your virtualized Hyper-V server has enough memory, virtual CPUs, and storage, a single machine will be effective.
Nested virtualization is also great to help you train new employees about how to use Hyper-V. While teaching new admins on a production Hyper-V server could be dangerous, an independent environment created through nested virtualization gives you a safe outlet to train them.
These environments could also be useful for testing migration processes before actually performing it in production, once again saving you money of needing dedicated hardware for this process.
If you wanted to test migration before, you would have had to have enough hardware to build a full Hyper-V cluster. This is unnecessary with nested virtualization, though. Instead, you can skip the dedicated physical hardware and simply create the needed cluster and test the migration process.
This isn’t true for those businesses that can afford to build their own private cloud. However, for the small startups, nested virtualization might prove useful.
Many users need to be able to create and configure their own VMs, so the majority of private cloud deployments are built with this in mind.
Instead of spending the time and money to build this complex cloud solution, “Hyper-V’s nested virtualization feature may give admins the ability to provide power users with virtualized Hyper-V servers as an alternative to a private cloud.”
Admins still have quite a bit of control over the virtual Hyper-V servers similar to real private cloud environments, such as the ability to restrict resource consumption.
Administrators might even be able to add more hardware resources to the virtualized Hyper-V servers without dealing with downtime, because Hyper-V in Windows Server 2016 "even supports hot adding memory and network adapters.”
While nested virtualization might not seem to have many use cases, you can see that it can be very handy for things like testing, training, and even creating a type of private cloud environment.
Microsoft talks in-depth about their new Dv3 and Ev3 VM sizes and explains how they made a shift from physical cores to virtual CPU’s (vCPU). This key change is credited with enabling them to “unlock the full potential of the latest processors to support even larger VM sizes.”
Gaining more power from the hardware, Microsoft explains how performance and efficiency have gone up, resulting in lower costs. In fact, the “new Hyper-Threaded sizes will be priced up to 28% lower than the previous Dv2 sizes.”
These sizes are some of the first that are running on Windows Server 2016 hosts, which enable nested virtualization for these new sizes.
If you’d like more information, Microsoft has some in-depth explanations in their document explaining all software and hardware prerequisites, as well as configuration steps and limitations.