1
00:00:01,140 --> 00:00:04,490
What is nested virtualization in Microsoft Hyper‑V?

2
00:00:04,490 --> 00:00:04,940
Well,

3
00:00:04,940 --> 00:00:10,080
nested virtualization is a capability of the Hyper‑V host in which you can

4
00:00:10,080 --> 00:00:14,410
allow virtual machines to act as a Hyper‑V host itself.

5
00:00:14,410 --> 00:00:18,310
Now, in a hybrid administration standpoint, you think about Azure. Okay,

6
00:00:18,310 --> 00:00:20,360
when I create a virtual machine in Azure,

7
00:00:20,360 --> 00:00:26,320
that's a Hyper‑V VM I can presume, right? But what if you had need to host VMs

8
00:00:26,320 --> 00:00:31,580
in a nested capacity? There are selected Azure virtual machine role sizes that

9
00:00:31,580 --> 00:00:36,520
support nested virtualization. So you can stand up Hyper‑V hosts in Azure

10
00:00:36,520 --> 00:00:41,040
virtual machines. If you want more information on which Azure VM sizes are in

11
00:00:41,040 --> 00:00:45,330
scope, check the exercise files. Now the host on which you want to enable

12
00:00:45,330 --> 00:00:50,860
nested virtualization must support CPU virtualization extensions, either Intel

13
00:00:50,860 --> 00:00:55,680
or AMD. That should be a no‑brainer given you have a Hyper‑V host running. You

14
00:00:55,680 --> 00:01:00,390
can enable nested virtualization on the host for a particular VM using

15
00:01:00,390 --> 00:01:04,210
PowerShell. Specifically, this is the Hyper‑V PowerShell command

16
00:01:04,210 --> 00:01:08,930
Set‑VMProcessor, where you target a particular VM and you set

17
00:01:08,930 --> 00:01:14,210
ExposeVirtualizationExtensions to true. That's what you have to do once per VM

18
00:01:14,210 --> 00:01:20,070
on the Hyper‑V host. You also have to modify the virtual switch on the host to

19
00:01:20,070 --> 00:01:24,240
allow media access control or MAC address spoofing. Why?

20
00:01:24,240 --> 00:01:26,670
Because when you're doing nested virtualization,

21
00:01:26,670 --> 00:01:30,040
you're going to have the top‑level Hyper‑V host, and then you've got

22
00:01:30,040 --> 00:01:33,640
your collection of Hyper‑V top‑level virtual switches.

23
00:01:33,640 --> 00:01:39,130
A VM that's enabled for nested will become a Hyper‑V host itself inside the

24
00:01:39,130 --> 00:01:44,640
main host, and we'll have a second layer of switches. So thus, you need to

25
00:01:44,640 --> 00:01:47,590
be much more gracious or much more liberal,

26
00:01:47,590 --> 00:01:51,390
I guess, in terms of your MAC address tolerance and security.

27
00:01:51,390 --> 00:01:56,000
You need to relax those controls a little bit. Let's do a demo.