Intel Haswell CPU available in June with VMCS shadowing – nested virtualization

In the beginning of June, the new Intel Haswell CPUs will be available. Besides the regular improvements like being faster, having better energy efficiency and having better graphics capabilities, these new CPUs will also include VMCS shadowing (Virtual Machine Control Structure Shadowing).

Basically it’s a feature that allows you to run a hypervisor (like VMware, Hyper-V, Xen Server) and create another hypervisor as a VM beneath it. This is also called nested virtualization.

Some of you might say, “Hey this is not new, I’ve already done this with VMware!”. The difference however is that the current method uses some sort of emulation that does not directly access the hardware. And even though it’s great for testing purposes, the performance is suboptimal.

With the embedded hardware supported VMCS shadowing in the new Intel Haswell CPU the nested hypervisor can directly access the hardware, which should improve performance. Also, it might even make it possible to use non-VMware hypervisors in a nested virtualization scenario.

Of course as always, we’ll just have to wait and see how the performance will be in real-life. It’s also not clear to me yet if hypervisors need to be updated to be able to leverage this option. Nonetheless, to me it sounds very promising and I look forward to playing around with it.

For more information read this great article by Gabe Knuth called “Could VMCS Shadowing (a.k.a. nested VMs) from Intel’s new Haswell processors be what Bromium needs to work in VMs?”. When you use the links in the article you will be able to get more information about the Intel Haswell CPUs including benchmarks and more detailed information about VMCS shadowing and use cases.

[EDIT 08-06-2013] Citrix is working hard on integrating VMCS Shadowing / Nested VMs in their products:

If you’re planning to build / buy an Intel Haswell based computer or Home Lab, be sure to look into the confirmed USB3 bug in the chipset. Also unfortunately the DDR3 prices have increased substantially (almost 50%) over the last half year.


Home LAB – How to use Windows 8 Client Hyper-V and VMware Workstation on the same machine

In yesterday’s post I described that for my purposes it was still necessary to run VMware Workstation sometimes despite having Client Hyper-V installed on my Windows 8 machine.

What you have to keep in mind though, is that you’re already running a hypervisor when you have Client Hyper-V installed in Windows 8. Installing and running VMware Workstation might cause problems. So unfortunately you cannot run them at the same time. This is also true for other virtualization products like by example virtualbox.

As a workaround you can either uninstall or (temporarily) disable Hyper-V. When you want to switch between Hyper-V and VMware Workstation it is ofcourse best to just temporarily disable Hyper-V.

In this forum post, a couple of methods are described to (temporarily) disable Hyper-V. It includes creating a seperate boot menu entry to boot with Hyper-V disabled and modifying the setting either through registry or a command. All methods do require a reboot however.


  • This kind of configuration is ofcourse not supported and should only be used for testing purposes in non production environments.
  • Depending on both your hardware and what your planning to do, you might also want to consider:
    • Running VMware ESXi from a USB stick
    • Running Windows 8 from a USB stick with Windows To Go (WTG).
  • It should also work on Hyper-V in Windows Server 2008 and up, but I haven’t tested it.

Home LAB – Virtualization and how to enable nested ESXi and other hypervisors in VMware vSphere 5.1

As a passionate ICT person, I work with multiple virtualization products including Microsoft Hyper-V and VMware vSphere.

At home I’m running Server 2012 with Hyper-V in my home lab and even though it works perfectly, I miss the option to be able to run multiple other hypervisors beneath it like by example multiple Hyper-V, VMware ESXi or Citrix XenServer instances.

With VMware products like VMware Fusion, VMware Workstation you can enable this with only a couple of minor adjustments as described in these great articles:

For me personally, I’ll stay with my Hyper-V based home server and my Windows 8 Client with Client Hyper-V installed. For testing purposes however, I’ll have to use VMware Workstation 9 on my Windows 8 machine.  (even though I have Client Hyper-V installed). This way I can still run other hypervisors when needed.

I still hope though that Microsoft will add a similar feature to Hyper-V in the future.


Home LAB Setup guide – 02 Hypervisor selection and installation

In the first part of this LAB setup guide, I described the hardware selection process. In this second part I will be describing the hypervisor selection and installation.

Hypervisor selection

First of all, you have to decide on which bare metal hypervisor(s) you wish to use. Personally I prefer Microsoft Hyper-V and VMWare ESXi. Alternatives include but are not limited to Citrix XenServer, Xen, KVM, Red Hat Enterprise Virtualization. I don’t have much experience with these hypervisors though.

Characteristics that could influence your choice of hypervisor:

  • Supported hardware.
  • Performance of the hypervisor.
  • Features of the hypervisor. By example when using Transparent Memory Page Sharing, it requires less memory when you run many highly identical systems on a host.
  • Footprint / attack surface.
  • Supported methods for running the OS. By example run from USB stick.
  • Price (many hypervisors have free versions available, compare features).
  • Support (for a home lab probably not that important).
  • Available documentation / study resources.
  • How active the community behind it is.
  • Supported VM / guest operating systems.
  • Ease-of-use.
  • Availabilty of downloadable virtual appliances (VMWare) or pre-prepped environments (Microsoft) without having to (try and) convert them.

Everyone needs to determine which hypervisor best meets their needs. Personally I mainly work with Microsoft software and decided to use Hyper-V 3.0 in Windows Server 2012. It’s convenient for me to be able to easily load pre-prepped environments that are provided by Microsoft (in Hyper-V format). I also run Client Hyper-V on my Windows 8 laptop, which makes it easier for me to take my VM’s with me. I do plan to keep up with VMWare developments as well though, so I will create a bootable USB flash drive to boot in VMWare from time to time.

Hypervisor installation

  • Before installing the hypervisor, make sure that virtualization related settings are enabled. The names of these settings may differ. Examples are Intel VT (Virtualization Technology), AMD-V and Hardware DEP (Data Execution Prevention), EM64T, Execute Disable Bit. During installation you will get prompted normally though if you have forgotten to enable these.
  • There are often many options with regards to the installation. By example do a GUI install or a scripted/CLI install. Or install/run from normal harddisk or flash drive. With Server 2012 Hyper-V you can choose to run it in Windows Server 2012 core or in the GUI version. I chose to use the Server 2012 GUI Hyper-V installation because I’m not sure if my raid management software will work from within the core version.
  • Installation of the hypervisor is normally pretty straight forward. But before you install, read the documentation.
  • After you’re done installing, you still need to configure the settings to meet your requirements. Preferrably you’ve already created and documented your own design.
  • Don’t forget to configure hardware monitoring if possible. In my case I’ve configured my raid controller management software to send e-mails when storage related issues are detected.
  • Think about and implement a strategy for backing up and recovering your hypervisor. There are numerous programs for backing up and most are free for personal use. I have no personal experience with specific products, but VeeAm has a good reputation and I’ll be trying if for my lab. Also if you’re a Microsoft Certified Professional, you can get a free NFR license for Veeam Backup & Replication v6.5 for Hyper-V. The same is true if you’re a VMWare Certified Professional (VCP).

In the next post I will describe the VM guest preparations, installations and storage strategy.


