Nested Hypervisors
Nested hypervisors are a powerful tool in the world of virtualization. They allow for creating virtual machines within virtual machines, enabling even greater flexibility and resource allocation. In this blog post, we will explore the concept of nested hypervisors, their benefits, and some use cases where they can be particularly useful.
At its core, a nested hypervisor is a hypervisor that runs as a virtual machine on another hypervisor. This means that instead of running directly on the physical hardware, the hypervisor runs within a virtual machine, creating a nested hierarchy of virtualization layers. This nesting allows for multiple levels of virtualization, each with its own set of virtual machines.
Highlights: Nested Hypervisors
- Cloud Applications
When considering nested hypervisors, from the perspective of cloud migration, two main types of cloud applications exist; Cloud-Centric & Cloud-Ready. Cloud-centric applications are “born for the cloud,” built as greenfield cloud application stacks, meeting all cloud requirements.
On the other hand, cloud-ready applications must be redesigned or changed in a way that they can fit the cloud structure. Cloud-centric applications are often built with different tools and runtimes than traditional applications. For example, a cloud-centric application may replace a relational database with a NoSQL database, like Cloudant or MongoDB.
- The role of the public cloud
The public cloud is an excellent platform for developing cloud-centric greenfield applications. Unfortunately, it’s not an ideal place to build custom application stacks using a variety of customized network infrastructure, especially if it has complicated high availability requirements. If you were to redesign your application to meet all the cloud-ready rules, you would never move anything to the cloud.
Cloud-ready rules are easier to incorporate into cloud-centric applications. But things can get more complicated if you migrate applications onto a cloud environment for the first time. Modifying application structures to make them cloud-ready can be difficult, and NETWORKING is usually the first stumbling block.
You may find the following helpful posts for pre-information:
- SD WAN Overlay
- Full Proxy
- Distributed Firewalls
- Overlay Virtual Networks
- Network Overlays
- Application Delivery Network
Nested Hypervisors |
|
Back to basics with the Hypervisor.
The Hypervisor
The Hypervisor is the software responsible for monitoring and controlling virtual machines or guest OSes. In addition, the hypervisor/VMM is accountable for providing different virtualization management tasks. Such tasks may include providing virtual hardware, virtual machine life cycle management, migrating virtual machines, allocating resources in real-time, and defining policies for virtual machine management, to name a few. This carries many benefits, such as running multiple guests operating on the same physical system or hardware. Furthermore, these guest systems can be on the same OS or different. In terms of types, we can categorize hypervisors as either type 1 or 2.
Test and Develop
One of the primary benefits of nested hypervisors is the ability to test and develop virtualization environments without needing additional physical hardware. Running a hypervisor within a virtual machine makes it possible to create and manage multiple virtual machines, each with its unique configuration and operating system.
Another use case for nested hypervisors is in the field of cloud computing. Cloud service providers often use nested virtualization to provide their customers with virtual machines that can run their hypervisors. This gives customers complete control over their virtualization environment, enabling them to run their virtual machines and manage them as they see fit.
Furthermore, nested hypervisors can be used for teaching and learning purposes. They provide a safe and isolated environment for students and professionals to experiment with different virtualization setups without the risk of affecting the underlying hardware. This allows for hands-on experience and the exploration of various virtualization technologies.
Despite the many benefits of nested hypervisors, some considerations must be considered. Since each layer of virtualization adds additional overhead, performance can be impacted. The more levels of nesting, the more resources are required to maintain the virtualization environment. It is essential to consider the hardware resources available carefully and the workload requirements before implementing nested hypervisors.
No Layer 2 in the Public Cloud
Adding custom applications to public clouds is difficult as it does not support clean layer 2 environments. Broadcast and multicast frames are filtered, and VLANs, Gratuitous ARPs are mainly unsupported. High availability, auto-discover, and clustering solutions that rely on multicast and broadcast do not work in the public cloud. For example, in Microsoft Azure public cloud, the high availability function for F5 BIG-IP products only works with Azure Traffic Manager.
An inherent lack of probable control over networking is a limiting factor for migrating complex application stacks. The solution is a technology that allows the migration of workloads to any cloud provider without changing the stack.
Nested hypervisors and public cloud agnostic
It would help if you aimed to make the public cloud easy to consume on demand. You are saying enterprises to replicate all on-premise infrastructure to the cloud without changing the internal application structure and infrastructure. It operates by snapping a blueprint of what you have on-premise and then copying that “file” to Ravello’s cloud network, which lies on Amazon and Google (no support for Azure yet). For example, you may have a 3-tier application stack load balanced with Netscaler and secured by Fortinet and Paolo Alto.
Each tier has its clustering requirement with non-routable packets. Ravello’s technology allows you to take a blueprint of the tiers and support infrastructure and replicate it to their cloud. Their solution allows enterprise data center applications to benefit from the elastic and agile cloud benefits without changing the application. How does all this work?
Overlay Tunnels & Nested Hypervisors
Ravello nested hypervisor solution is a Software as a service (SaaS) cloud services provider, a cloud that sits on top of other clouds. Ravello utilizes existing public clouds to seed its cloud by deploying a cloud to a cloud. Their ability to provide a clean layer 2 environment comes from constructing point-to-point overlays using User Datagram Protocol (UDP) as the transport.
Ravello is powered by a new HVX nested hypervisor and Software-Defined Networking (SDN). Its distributed hypervisor combines software-defined overlay networking and a nested virtualization engine. The nested hypervisor approach allows customers to bring their network elements (e.g., Juniper or Cisco router, F5 or NetScaler load balancer, and various firewall appliances ) to implement a chosen network function and topology.
Full overlay solution
Ravello implements a full overlay solution that exposes clean Layer 2 networking to the guest. Now, you can use any networking feature; multicast, broadcast, VLAN, VMAC, GARP, and span ports, giving access to all functionality initially available with on-premise data centers. It’s similar to buying a Virtual Private LAN Service (VPLS) from a managed Service Provider. With VPLS, you can design any topology.
However, by default, public clouds are not network-ready and have limited complex topology support, mainly due to the lack of Layer 2. With Ravello, you can have full layer 2 and 3 flexibility in Amazon and Google’s public cloud.
Their network overlay consists of a data plane and a control plane element. The control plane comprises a distributed Layer 3 router and other DNS / DHCP features. A Data plane is a fully distributed virtual switch and virtual router. With an overlay network, you get a layer 2 frames, encapsulate it, and send it to the other side. Traffic between hosts is tunneled/encapsulated and invisible to the cloud. The tunneling method allows you to build whatever topology you want. You can even use the same on-premise IP and MAC addresses.
The first step is to export the VM from Vmware/KVM to Ravello networks. They have a tool that connects directly to vCenter so that you can suck information automatically. No changes were made, and it’s a simple drag-and-drop process. Conceptually, they extract the application environment, recreate it in their SaaS cloud, and then start a VM in the new environment.
Ravello parses the virtual machines’ metadata and automatically constructs the network and infrastructure. The application thinks it’s running in its native environment, but it’s running in Ravello’s environment that runs on top of either Amazon or Google.
In conclusion, nested hypervisors offer a unique and powerful approach to virtualization. They enable the creation of virtual machines within virtual machines, providing increased flexibility and resource allocation. Whether for testing and development, cloud computing, or educational purposes, nested hypervisors have proven to be a valuable tool in virtualization.