Microsoft Azure Nested Virtualization | Web Server
With the new Dv3 and Ev3 VM sizes Microsoft has released the Nested Virtualization, meaning you can simply have a Hyper-V VM inside an Azure VM. I have created a set of posts to explore the Nested Virtualization functionality. Of course nested virtualization is only supported in Windows Server 2016.
Microsoft Azure Nested Virtualization
At my previous post, Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM, I described how to create a Hyper-V VM inside an Azure VM with the new Dv3 and Ev3 VM sizes. Now we will see how to use a Hyper-V Nested VM as a Web Server that is hidden behind the Azure VM to secure access to your web application.
Starting we will add the IIS Role at the Nested VM. Go to the Server Manager, add Roles and Features and select the Web Server (IIS) Role.
Select the Features that your application requires and Install.
After that we will need to Forward the required ports to the Nested VMs. To accomplish this we will need to use PowerShell.
At my previews post I created a NAT in order to have network communication between the Host and the Nested VM. We will use that NAT to forward the port 80 and 443 to the Nested VM.
At the Host Azure VM open the PowerShell and rum:
From the results we can see the NAT Name.
Now we can create the Rules:
Add-NetNatStaticMapping -NatName "NVMNat" -Protocol TCP -ExternalIPAddress 0.0.0.0 -InternalIPAddress 192.168.168.10 -InternalPort 80 -ExternalPort 80 Add-NetNatStaticMapping -NatName "NVMNat" -Protocol TCP -ExternalIPAddress 0.0.0.0 -InternalIPAddress 192.168.168.10 -InternalPort 443 -ExternalPort 443
A final step is to create a rule at the Azure VM’s NSG to allow port 80 & 443 and also open the ports at the Windows Firewall on both the Host and the Nested VMs.
Finally we can browse to the Public IP of the Azure VM and see the IIS Welcome Page of the Nested VM.
Just add an https binding to the IIS default website and also browse at the https page.
Stay tuned for more usage scenarios for the Microsoft Azure Nested Virtualization!
Pantelis Apostolidis is a Solutions Architect professional at Office Line SA and a recognized Microsoft Azure MVP. For the last 10 years, Pantelis has been involved to major cloud projects in Greece and abroad, helping companies to adopt and deploy cloud technologies, driving business value. He is entitled to a lot of Microsoft Expert Certifications, demonstrating his proven experience in delivering high quality solutions. He is an author, blogger and he is acting as a spokesperson for conferences, workshops and webinars. He is also an active member of several communities as a moderator in azureheads.gr and autoexec.gr. Follow him on Twitter @papostolidis.