At Ravello we pride ourselves on being experts in nested virtualization. I’ve written about this in our Virtualization 2.0 series. In short, nested virtualization allows us to make the cloud look more like the datacenter. It gives us an abstraction layer that we can use to smooth out the differences between the cloud and the datacenter, and also between different clouds. Our approach allows customers to reap the benefits of the cloud today, without having to perform a costly application re-architecture.
Previously, I also blogged about why nested virtualization is difficult to achieve in the cloud, and requires us to implement binary translation because of the lack of hardware virtualization features.
That said, it appears that a single level of nesting wasn’t enough for our Israel-based engineering team. Yesterday I spent a few hours on the phone with Izik Eidus, our lead engineer, and my head is still spinning: we now have a working prototype of nested virtualization, nested again. And even more impressive, the performance overhead appears to be very small. I will share more details in a future blog post (when I get my head around it!), but the gist of it is that we have adapted our binary translation so that it recognizes the double-nesting, and effectively removes one layer of nesting and runs the inner guest directly on top.
There are actually good use cases for doing this, and I’ll get to those shortly. But first let’s recap. The virtual machines that our customers normally run as part of an all-encompassing application (which includes networks and storage as well) run on our HVX hypervisor, which in turn runs in a VM in the cloud, for example AWS or the HP Cloud. These customer VMs are the “traditional” nested VMs that we’ve always offered (if “traditional” is the right word to use here). Another term we use is “second-level guests,” indicating that there is one more guest between the VM and the actual hardware.
Using the double-nested feature, it becomes possible to run KVM and VMware ESXi™ in these second-level guests, which can then in turn run third-level guests. One exciting use case this opens up is to evaluate, develop, and test virtualization and cloud solutions like VMware vSphere™ or OpenStack on the cloud, without having to set up your own hardware. We also expect this feature to be very useful in classrooms teaching these technologies.
The video below demonstrates this technology. Note that double-nesting as shown here is still a technology preview; it has not yet been rolled into our SaaS offering. Please stay tuned for updates. In the mean time, if you have any questions, feel free to reach out to me.