First Look: Nested Hyper-V Virtualization in Azure v3 Virtual Machines
Saturday, July 15, 2017
Nested virtualization has finally arrived on Azure. It is available on Dv3 and Ev3 virtual machines. This enables a lot of scenarios. For instance, you can run a VM inside a VM, and Windows containers can now run with Hyper-V isolation.
The most exciting part about nested virtualization coming to Azure for me is I can finally run a fully functional dev machine in the cloud. This is particularly useful because I want to set up VMs with Windows, Visual Studio, Docker (Linux and Windows) for presentations and demos. Prior to this, I had to run a lot of my Docker presentations from my laptop.
I might even want to run a dev machine in the cloud instead of on Parallels on my Mac.
Enabling nested Hyper-V
Prior to the v3 series VMs, when we try to enable Hyper-V on Windows 2016 or Windows 10 running in a VM on Azure, we get this error:
We can now create VMs using the new Dv3 sizes and the machines will have nested Hyper-V enabled. For existing VMs, we can easily switch them to Dv3 by stopping them completely (deallocate them); then selecting the new SKU:
Now when the machine boots up, we can enable Hyper-V in the operating system. On Windows 2016, we can do this using the Add Role wizard. On Windows 10, we can add Hyper-V via the "Turn Windows Features On or Off" window.
Hyper-V containers
Hyper-V containers run in a higher level of isolation than standard containers. This may one day also allow us to run containers with kernels different than the kernel on the host machine (run Linux containers in Windows, for instance).
Windows 10 also requires Windows containers to run with Hyper-V isolation. Before nested Hyper-V came along, we couldn't run a Windows 10 VM in Azure and use Windows containers.
To start a container in Hyper-V isolation, we use the exact same docker run
command, except with an additional flag: --isolation=hyperv
(this is optional in Windows 10 as all containers are run in this mode by default).
Linux containers in Windows 10 with Docker for Windows
Docker for Windows installs the Windows Docker client and daemon on Windows 10. It also installs a Linux Hyper-V VM to run Linux Docker containers. We were not able to run Linux containers on Azure VMs prior to the arrival of v3 series VMs.
Now on a Dv3 VM, we can run Docker for Windows and start Linux containers:
We can also switch to Windows containers. As we mentioned above, Windows 10 requires Windows containers to run in Hyper-V isolation so this wasn't possible before nested virtualization.
Emulators in Visual Studio
Visual Studio Emulators, such as the one for Android, require (you guessed it) Hyper-V. This, too, is possible now with nested virtualization:
VM in a VM
Of course, I couldn't pass up the opportunity to try running Windows XP on a VM inside my Windows 10 Azure VM. That also worked!
Nested virtualization has finally arrived on Azure. It is available on Dv3 and Ev3 virtual machines. This enables a lot of scenarios. For instance, you can run a VM inside a VM, and Windows containers can now run with Hyper-V isolation.
The most exciting part about nested virtualization coming to Azure for me is I can finally run a fully functional dev machine in the cloud. This is particularly useful because I want to set up VMs with Windows, Visual Studio, Docker (Linux and Windows) for presentations and demos. Prior to this, I had to run a lot of my Docker presentations from my laptop.
I might even want to run a dev machine in the cloud instead of on Parallels on my Mac.
Enabling nested Hyper-V
Prior to the v3 series VMs, when we try to enable Hyper-V on Windows 2016 or Windows 10 running in a VM on Azure, we get this error:
We can now create VMs using the new Dv3 sizes and the machines will have nested Hyper-V enabled. For existing VMs, we can easily switch them to Dv3 by stopping them completely (deallocate them); then selecting the new SKU:
Now when the machine boots up, we can enable Hyper-V in the operating system. On Windows 2016, we can do this using the Add Role wizard. On Windows 10, we can add Hyper-V via the "Turn Windows Features On or Off" window.
Hyper-V containers
Hyper-V containers run in a higher level of isolation than standard containers. This may one day also allow us to run containers with kernels different than the kernel on the host machine (run Linux containers in Windows, for instance).
Windows 10 also requires Windows containers to run with Hyper-V isolation. Before nested Hyper-V came along, we couldn't run a Windows 10 VM in Azure and use Windows containers.
To start a container in Hyper-V isolation, we use the exact same docker run
command, except with an additional flag: --isolation=hyperv
(this is optional in Windows 10 as all containers are run in this mode by default).
Linux containers in Windows 10 with Docker for Windows
Docker for Windows installs the Windows Docker client and daemon on Windows 10. It also installs a Linux Hyper-V VM to run Linux Docker containers. We were not able to run Linux containers on Azure VMs prior to the arrival of v3 series VMs.
Now on a Dv3 VM, we can run Docker for Windows and start Linux containers:
We can also switch to Windows containers. As we mentioned above, Windows 10 requires Windows containers to run in Hyper-V isolation so this wasn't possible before nested virtualization.
Emulators in Visual Studio
Visual Studio Emulators, such as the one for Android, require (you guessed it) Hyper-V. This, too, is possible now with nested virtualization:
VM in a VM
Of course, I couldn't pass up the opportunity to try running Windows XP on a VM inside my Windows 10 Azure VM. That also worked!