VMware

Running Nested VMs

VERSION 8 Published

Created on: Nov 30, 2008 6:17 PM by jmattson - Last Modified:  Dec 21, 2009 10:31 AM by jmattson

Requirements

It is only possible to run nested VMs when the outer VM uses hardware-assisted virtualization (Intel VT-x or AMD-V) and the inner VM uses classic software virtualization (binary translation). You may run any 32-bit or 64-bit operating system as the outer guest. You may only run 32-bit operating systems as the inner guest. Running nested VMs under ESX 4.0 (or ESXi 4.0) under Workstation 7 is the only officially supported configuration. Other configurations may work, but are entirely unsupported.

Nested VMs are only possible when the host is running ESX 3.0 (with some caveats), ESX 3.5 (some AMD CPUs only), Workstation 6.0 (or later), or Fusion. Note that you cannot run nested VMs on Intel systems when the host is running ESX 3.5.

See the appropriate section below for the configuration options required for the two guests.

Intel VT-x Hosts

Intel VT-x is supported on many Core, Core 2, Core i3, Core i5 and Core i7 processors, and on some late-model P4 processors. Current VMware products only support VT-x on 64-bit (EM64T) Intel processors. For more information on enabling VT-x, see Verifying that VT-x is Enabled and Locked at Boot.

ESX 3.0

The configuration file for the outer guest should contain the following line:
monitor_control.vt32 = TRUE


The configuration file for the inner guest should contain the following line:
vmx.allowNested = TRUE


Note that the vmx.allowNested option is not supported by older VMware products. For nested VMs to work on an ESX 3.0 host, the VMware product running in the outer guest must be Workstation 6.0 or later or ESX 3.5 or later. Furthermore, you must not use the backdoor in the inner guest. In particular, this means that you must not install VMware tools in the inner guest.

Workstation 6.0 and Fusion 1.x

The configuration file for the outer guest should contain the following lines:
monitor_control.vt32 = TRUE
monitor_control.restrict_backdoor = TRUE


Workstation 6.5 or later, Fusion 2.0 or later and ESX 4.0

The configuration file for the outer guest should contain the following lines:
monitor.virtual_exec = hardware
monitor_control.restrict_backdoor = TRUE


AMD-V Hosts

AMD-V is supported on Rev F and later Family 0FH AMD64 processors, but current VMware products only support AMD-V on Family 10H or later AMD64 processors (Barcelona or Phenom). Thus, you can use AMD-V on Family 0FH Rev F and Rev G processors with Workstation 6.0. However, you need a Family 10H processor to use AMD-V with ESX 3.5 and Workstation 6.5 (or later).

ESX 3.0

The configuration file for the outer guest should contain the following line:
monitor_control.enable_svm = TRUE
cpuid.1.ecx = "1---:----:----:----:----:----:----:----"


The configuration file for the inner guest should contain the following line:
vmx.allowNested = TRUE


Note that the vmx.allowNested option is not supported by older VMware products. For nested VMs to work on an ESX 3.0 host, the VMware product running in the outer guest must be Workstation 6.0 or later or ESX 3.5 or later. Furthermore, you must not use the backdoor in the inner guest. In particular, this means that you must not install VMware tools in the inner guest.

Workstation 6.0

The configuration file for the outer guest should contain the following lines:
monitor_control.enable_svm = TRUE
monitor_control.restrict_backdoor = TRUE
cpuid.1.ecx = "1---:----:----:----:----:----:----:----"


ESX 3.5

The configuration file for the outer guest should contain the following lines:
monitor.virtual_mmu = hardware
monitor_control.restrict_backdoor = TRUE
cpuid.1.ecx = "1---:----:----:----:----:----:----:----"


Workstation 6.5 and ESX 4.0

The configuration file for the outer guest should contain the following lines:
monitor.virtual_exec = hardware
monitor_control.restrict_backdoor = TRUE
cpuid.1.ecx = "1---:----:----:----:----:----:----:----"


Workstation 7.0 or later

The configuration file for the outer guest should contain the following lines:
monitor.virtual_exec = hardware
monitor_control.restrict_backdoor = TRUE
Average User Rating
(6 ratings)




Dec 27, 2008 2:02 AM tom howarth  User Moderators vExpert  says:

Nice piece of work,


If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth
VMware Communities User Moderator
Blog: www.planetvm.net

VMware Beta Programs

Want to be Considered for Future Beta Programs?

Learn More

VMware Developer

Download SDKs, APIs, videos,
training, and more in the Developer community.

Learn More

Developer
Sample Code

Increase your developer productivity with VMware API sample code.

Learn More

VMworld
Sessions & Labs

Online access to the latest VMworld Sessions & Labs and online services.

Learn more

Purchase PSO Credits Online

Purchase credits to redeem training and consulting services online.

Buy Now

Community Hardware Software

View reported configurations or report your own.

Learn More

Only VMware ... Delivers Nexus 1000V

Ensure consistent, policy-based network capabilities to virtual machines across your data center.

Learn More

Communities