Hyper-V Nested Virtualization

Hyper-V Nested Virtualization in Windows 10 Build 10565

This week Microsoft released a new Windows 10 Insider Preview build to the Windows Insiders. It brings a couple of new features to the OS, but Ben Armstrong (Hyper-V Program Manager at Microsoft) mentions in a blog post that it also brings a preview of Nested Virtualization to Hyper-V in Windows 10. Nested Virtualization allows you to run Hyper-V inside a VM. This is prefect for Lab and Training scenarios, so you can run multiple Hyper-V server without the need of a lot of physical hardware.

So how can you enable Nested Virtualization in this early preview build? Theo Thompson describes this in a blog post:

Step 1: Create a VM

Step 2: Run the enablement script

Given the configuration requirements (e.g. dynamic memory must be off), we’ve tried to make things easier by providing a PowerShell script.

This script will check your configuration, change anything which is incorrect (with permission), and enable nested virtualization for a VM. Note that the VM must be off.

Step 3: Install Hyper-V in the guest

From here, you can install Hyper-V in the guest VM.

Step 4: Enable networking (optional)

Once nested virtualization is enabled in a VM, MAC spoofing must be enabled for networking to work in its guests. Run the following PowerShell (as administrator) on the host machine:

Step 5: Create nested VMs

This is still a very early preview and this means this feature still has a lot of know issues:

  • Both hypervisors need to be the latest versions of Hyper-V. Other hypervisors will not work. Windows Server 2012R2, or even builds prior to 10565 will not work.
  • Once nested virtualization is enabled in a VM, the following features are no longer compatible with that VM. These actions will either fail, or cause the VM not to start:
    • Dynamic memory must be OFF. This will prevent the VM from booting.
    • Runtime memory resize will fail.
    • Applying checkpoints to a running VM will fail.
    • Live migration will fail.
    • Save/restore will fail.
  • Once nested virtualization is enabled in a VM, MAC spoofing must be enabled for networking to work in its guests.
  • Hosts with Virtualization Based Security (VBS) enabled cannot expose virtualization extensions to guests. You must first disable VBS in order to preview nested virtualization.
  • This feature is currently Intel-only. Intel VT-x is required.
  • Beware: nested virtualization requires a good amount of memory. I managed to run a VM in a VM with 4 GB of host RAM, but things were tight.