In the beginning of June, the new Intel Haswell CPUs will be available. Besides the regular improvements like being faster, having better energy efficiency and having better graphics capabilities, these new CPUs will also include VMCS shadowing (Virtual Machine Control Structure Shadowing).
Basically it’s a feature that allows you to run a hypervisor (like VMware, Hyper-V, Xen Server) and create another hypervisor as a VM beneath it. This is also called nested virtualization.
Some of you might say, “Hey this is not new, I’ve already done this with VMware!”. The difference however is that the current method uses some sort of emulation that does not directly access the hardware. And even though it’s great for testing purposes, the performance is suboptimal.
With the embedded hardware supported VMCS shadowing in the new Intel Haswell CPU the nested hypervisor can directly access the hardware, which should improve performance. Also, it might even make it possible to use non-VMware hypervisors in a nested virtualization scenario.
Of course as always, we’ll just have to wait and see how the performance will be in real-life. It’s also not clear to me yet if hypervisors need to be updated to be able to leverage this option. Nonetheless, to me it sounds very promising and I look forward to playing around with it.
For more information read this great article by Gabe Knuth called “Could VMCS Shadowing (a.k.a. nested VMs) from Intel’s new Haswell processors be what Bromium needs to work in VMs?”. When you use the links in the article you will be able to get more information about the Intel Haswell CPUs including benchmarks and more detailed information about VMCS shadowing and use cases.
[EDIT 08-06-2013] Citrix is working hard on integrating VMCS Shadowing / Nested VMs in their products:
If you’re planning to build / buy an Intel Haswell based computer or Home Lab, be sure to look into the confirmed USB3 bug in the chipset. Also unfortunately the DDR3 prices have increased substantially (almost 50%) over the last half year.
June 11, 2013 at 14:19
ive tried to build a haswell test lab but after installation of xenserver 6.1 the server reboots always after post messages
June 11, 2013 at 17:05
Hi Mollet, sorry to hear you’re having probkems. What hardware do you have specifically besides the CPU ? And do you get any errors, if so which ?
August 6, 2013 at 22:49
Hi Bjorn, You happen to know if they’ve rolled VMCS support over into XenServer 6.2, or the community into Xen? I just got my Haswell 4700 and Asrock Q87 yesterday and built up my system today. I’m new to Xen, and want to try it out with XenServer being my Dom0 host system, and running ESX 5.1 inside it rather than other way around (because I also want to work with Xen’s PCIe video passthrough as well, and ESX PCIe passthrough is pretty low functionality.) My ESX (or should I say vSphere) install inside XenServer 6.2 just now said that virtualization wasn’t enabled, so maybe I’m missing a flag… the actual BIOS has VT-D activated and anything pertaining to virtualization.
August 7, 2013 at 06:11
I have no idea, try asking your question here: http://forums.citrix.com/category.jspa?categoryID=101