Using Nested Virtualization with Custom VM Endpoints

Prev Next

As discussed in the Custom VM Endpoints this document highlights sample configurations with examples when using Custom VM Endpoints in nested configurations. The core scenarios would be:

  • Windows Host VM with a Nested Virtualization solution for example Hyper-V or Virtual Box
  • Linux Host VM with a Nested Virtualization solution for example KVM or Virtual Box
  • ESX Host VM
  • Cisco Modeling Labs (CML) Host VM
  • Windows or Linux running as a Container Host

Custom VM Endpoints does not put any restrictions on the Skillable fabric (Hyper-V or ESX), if the environment works without Endpoints it will work with Endpoints.

Why Use Custom VM Endpoints for a Nested Lab

Custom VM Endpoints, simplify and improve the user experience when using nested resources. The Custom VM Endpoints reduces the potential number of clicks and steps and user would need to make as well as ensuring the user does not suffer from reduced screen area working with Windows in Windows.
Consider this complex user workflow for accessing an application:

  1. Log onto a VM
  2. Launch the Nested Virtualization software
  3. Find the correct VM
  4. Connect to the VM
  5. Login into the VM
  6. Launch the software

Custom VM Endpoints allow the user to be connected directly to the application or service and therefore simplifying the user workflow.

There are scenarios where the nested virtualization software is the subject being taught and in those use cases Custom VM Endpoints might not be an appropriate solution.

Sample Solutions

A number of the solutions above are available as Showcase Solutions within the Template Gallery. These are designed to be used as an enablement resource as opposed to a template for building labs upon, however, is one of these solutions meet your requirements then they can be used as a template for your lab. These templates can be found in the Template Gallery by selecting the following filters:

  • Solutions Showcase
    • Feature Demonstrations

The following sections document each of the published solutions.

Windows Host with Nested Hyper-V

This Windows nested Hyper-V solution is made up of the following technologies as show in the image below:

VM Endpoints Nested Hyper-V

  • Windows Server 2022 Host with Hyper-V installed
  • Windows Server 2022 nested VM with Remote Desktop, SSH (PowerShell), and HTTP (IIS) endpoints being presented
  • Rocky Linux 9.5 nested VM with Remote Desktop (xRDP), SSH (Bash), and HTTP (NGINX) endpoints being presented
    VM Endpoints as shown in the Lab Client

To present the Custom VM Endpoints the Lab Profile has the following configuration on the Virtual Machine page:

Endpoint Name Protocol Port
🐧 Linux Remote Desktop RDP 33389
🐧 Linux VM SSH - Bash SSH 3022
🐧 Linux VM Web - Apache HTTP 3080
🪟 Windows Remote Desktop RDP 23389
🪟 Windows VM SSH - PowerShell 7 SSH 2022
🪟 Windows VM Web - IIS HTTP 2080

To ensure that each endpoint is accessible by the Skillable platform each service that an Endpoint is required for must have a unique TCP Port number, as this solution uses a Network Address Translation service and will route inbound requests based on the incoming port number. It is very important the NAT service is configured correctly to listen on the appropriate port numbers and route the requests to the correct destinations. As can be seen in the table above each unique connection has a unique port number. In this case Port numbers of 2/3 digits (e.g. SSH Port 22) were prefixed with a 20 for the Windows VM and a 30 for Linux VM, and 4 digit ports numbers had a 3 added as a prefix.

The Windows VMIs then configured using the Windows inbuilt Network Address Translation service NetNat. This service is used to route the requests from the Skillable ShellNet network into the Host VM and then route the requests to the correct port into the nested VM. As an example:

  1. User clients on the 🐧 Linux Remote Desktop Endpoint tab
  2. Lab Client sends a request via the ShellNet network into the Host VM with a destination address of 172.20.x.y/TCP/33389
  3. The Windows NetNat service receives the request and has been configured to route requests coming in on Port 33389 to address 10.0.0.20/TCP/3389
  4. The Linux xRDP desktop is returned to the Lab Client
Walk through of a working example

For full configuration details explore the Showcase: Nested Custom VM Endpoints (Windows) Lab Solution Template in the Template Gallery.