Nested hypervisors?
-
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
I mean, isn't it likely to be his own host completely? I wouldn't let someone manage a host I'm responsible for. At that point he just manages it right? No need for nesting.
-
@dustinb3403 said in Nested hypervisors?:
would nesting be required?
Only if full hypervisor control is required. I almost did this for a dev... well I did, but it turned out in the end that he wanted Virtualbox... so that's what he got.
-
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
I mean, isn't it likely to be his own host completely? I wouldn't let someone manage a host I'm responsible for
Well. . . no
Just as an example, with XenServer (and XO) you can create users and give them access to a specific pool or set amount of resources on any server in the pool, and to what guests they could affect.
So this would allow the user to do their job without the need for additional hardware or nesting. Unless their job was to develop on a specific hypervisor.
-
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
I mean, isn't it likely to be his own host completely? I wouldn't let someone manage a host I'm responsible for
Well. . . no
Just as an example, with XenServer (and XO) you can create users and give them access to a specific pool or set amount of resources on any server in the pool, and to what guests they could affect.
So this would allow the user to do their job without the need for additional hardware or nesting. Unless their job was to develop on a specific hypervisor.
Gotcha. Haven't ever needed to use that functionality. I was worrying about stuff like thin-provisioning but if you can limit the resources that's great.
-
Which I would be wary of anyone who says "I must do my development work on <insert hypervisor>". Because I know they are almost certainly doing the work within a guest and are just comfortable with the tools.
-
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
I mean, isn't it likely to be his own host completely? I wouldn't let someone manage a host I'm responsible for
Well. . . no
Just as an example, with XenServer (and XO) you can create users and give them access to a specific pool or set amount of resources on any server in the pool, and to what guests they could affect.
So this would allow the user to do their job without the need for additional hardware or nesting. Unless their job was to develop on a specific hypervisor.
To get that kind of control wiht Hyper-V , you need SCVMM.
We don't have that anymore.
On top of that, he was good with KVM. So I had created a nested KVM host on Hyper-V which was great for him for a while. But he was coming from VirtualBox, and didn't have time to convert all the stuff and whatever else that was involved.
-
@obsolesce yeah I'm not saying there isn't a reason or whatnot for using nested hypervisors. Just discussing the possible use cases I could imagine for it and where it may or may not make sense.
-
@obsolesce said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
I mean, isn't it likely to be his own host completely? I wouldn't let someone manage a host I'm responsible for
Well. . . no
Just as an example, with XenServer (and XO) you can create users and give them access to a specific pool or set amount of resources on any server in the pool, and to what guests they could affect.
So this would allow the user to do their job without the need for additional hardware or nesting. Unless their job was to develop on a specific hypervisor.
To get that kind of control wiht Hyper-V , you need SCVMM.
We don't have that anymore.
On top of that, he was good with KVM. So I had created a nested KVM host on Hyper-V which was great for him for a while. But he was coming from VirtualBox, and didn't have time to convert all the stuff and whatever else that was involved.
AzMan (Authorization Manager) was the method we used to delimit host access permissions up until 2012 R2. It's been deprecated which is sad as it actually worked quite well.
On 2016 going forward, SCVMM and I think Windows Admin Center may also have tiers but we've not really had any time to invest in WAC as of yet.
-
@wirestyle22 said in Nested hypervisors?:
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
learn and test
https://mangolassi.it/topic/17807/proud-smug-post-kvm-and-gluster-and-accomplishment/1
-
@wirestyle22 said in Nested hypervisors?:
Maybe
Guest Clusters have been around for a while on the Hyper-V platform. Backing up the shared storage being used by the guest clusters is another matter that has not been solved as of yet. At least, not cleanly.
There are some business cases for guest clusters such as Exchange or SQL whose teams require their own resilience measures be in place in order for the setup to be "supported" in the event something goes wrong.
EDIT: Meh … low blood sugar … need to eat as it's been a busy day already. I totally missed "guest cluster" versus "nested hypervisor".
-
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
Lab
-
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
But yes, working around the requirements of super shitty vendors is another reason. Adding complexity and fragility to circumvent terrible rules.
-
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
Vendors never require a specific hypervisor. If they did, you certainly wouldn't nest it. And if it was a consideration, you'd find a different vendor.
Really, it's for lab/testing.
Many do, it's surprisingly common in shitty software, which most software is.
-
@wirestyle22 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Is it common for a Dev to need access to the hypervisor themselves? Sounds weird but I don't work with devs a lot (yet)
No, Devs don't need access to anything like that. Nor would they need a SAN. Devs write code, like any other end user.
-
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
Right, that's a common thing. Making workloads like that is standard. That's what cloud does, for example.
-
@obsolesce said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
would nesting be required?
Only if full hypervisor control is required. I almost did this for a dev... well I did, but it turned out in the end that he wanted Virtualbox... so that's what he got.
What legit dev purpose would use full VM control rather than just provisioning.
-
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@dustinb3403 said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
If a vendor is stating that they only support a specific guest OS on a specific Hypervisor they had better be supporting the entire stack and not just an application that is on the guest. . .
What scenario is a nested hypervisor useful in any way?
The only realistic "production" usage for nesting, would be if you for example want to give a Dev his/her own hypervisor to cycle through VMs... or some similar situation where you can't dedicate hardware to.
Even in this case, would nesting be required?
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
I mean, isn't it likely to be his own host completely? I wouldn't let someone manage a host I'm responsible for
Well. . . no
Just as an example, with XenServer (and XO) you can create users and give them access to a specific pool or set amount of resources on any server in the pool, and to what guests they could affect.
So this would allow the user to do their job without the need for additional hardware or nesting. Unless their job was to develop on a specific hypervisor.
Gotcha. Haven't ever needed to use that functionality. I was worrying about stuff like thin-provisioning but if you can limit the resources that's great.
Think of any cloud service. Amazon, Vultr, Digital Ocean... they all do this.
-
@dustinb3403 said in Nested hypervisors?:
Which I would be wary of anyone who says "I must do my development work on <insert hypervisor>". Because I know they are almost certainly doing the work within a guest and are just comfortable with the tools.
Likely don't even know that there are tools, just repeating words that they've heard.
-
@obsolesce said in Nested hypervisors?:
@wirestyle22 said in Nested hypervisors?:
@emad-r said in Nested hypervisors?:
Yup go figure for value, Virtualbox has no intention of doing this amazing feature since 2011
Maybe I'm missing something but why in the world would I ever want to use nested hypervisors? Vendor requirements?
Vendors never require a specific hypervisor. If they did, you certainly wouldn't nest it. And if it was a consideration, you'd find a different vendor.
Really, it's for lab/testing.
This would work, as only one vendor supports the virtualization of another hypervisor (and only for a niche use case) that I'm aware of.
-
@scottalanmiller said in Nested hypervisors?:
Why not do permission based limitations so you can provide a Dev with access to create/destroy as many VM's as he/she needs within the constraints of your pool or resource limits?
This is commonly done with a Cloud Management Product that overlays the hypervisor (OpenStack, vRealize Autiomation, etc, PKS etc) that can manage the multi-tenancy etc.
Now some hypervisors support some provisioning options others don't (Instant Clones are a unique one, that allow cloning a running VM with thin memory) that may make some things more efficient
