In late August 2017 The Reg's virtualization desk learned that Google was working hard to make KVM better at nested virtualization. And now we know why, as the advertising giant's cloud has just revealed a nested virtualization beta.
The new offering means that you can run a virtual machine inside the virtual machines you rent from the company's infrastructure-as-a-service limb. The service is a beta for now, and requires you to get the KVM hypervisor running inside a Google Cloud VM, which itself runs on KVM. Google's not supporting ESX or Xen, but that's not a huge barrier to overcome as KVM can import VMware's VMDK files and plenty of tools let you re-format VMs.
Why bother? There's a few reasons. You might have workload you'd quite like to run in the cloud, but shy away from migrating because a lift-and-shift would likely break it. Packaging it as a VM and running it as a nested VM sorts that out.
Or perhaps you'd like to have some VMs in the cloud as a disaster recovery option, but don't want to make them native to your chosen IaaS provider. Again, nested virtualization helps by letting you get those VMs into a cloud without first having to perform major renovations.
Google's nested virtualization won't work with any old VM: you'll need to specify a Haswell or later CPU to get access to the Intel VT-x extensions that make this all possible. And then be prepared to wear what Google warns will be “at least a 10% penalty for CPU-bound workloads and possibly much more for I/O bound workloads.”
Microsoft's Azure switched on its own nested virtualization in January 2017 and AWS' EC2 can do so with help from third parties like Ravello. ®