Partitioning a hypervisor into virtual hypervisors

We claim: 1. A computer system, comprising: a hardware platform; a hypervisor executing on the hardware platform, the hypervisor managing one or more virtual machines external to the hypervisor, the hypervisor including a kernel and a plurality of user-space instances defined by the kernel using operating system (OS)-level virtualization, each user-space instance being isolated from each other user-space instance through namespaces, each user-space instance having resources confined by hierarchical resource groups; and a plurality of virtual hypervisors, each virtual hypervisor executing in a respective user-space instance of the plurality of user-space instances, each virtual hypervisor including an instance of a management plane of the hypervisor. 2. The computer system of claim 1 , further comprising: one or more virtualized computing instances executing within each of the plurality of virtual hypervisors. 3. The computer system of claim 1 , wherein each user-space instance is isolated from each other user-space instance through process namespaces of the namespaces, each user-space instance including processes executing within a respective process namespace. 4. The computer system of claim 1 , wherein the kernel includes a virtual file system interface providing hardware state of the hardware platform and kernel state of the kernel, the kernel configured to hide or stub one or more nodes of the virtual file system interface for processes executing in each user-space instance. 5. The computer system of claim 1 , wherein the kernel includes a system call interface, the kernel configured to hide or stub one or more system calls of the system call interface for processes executing in each user-space instance. 6. The computer system of claim 1 , wherein each virtual hypervisor comprises a management plane providing an application programming interface (API). 7. The computer system of claim 1 , wherein each user-space instance is isolated from each other user-space instance through storage namespaces of the namespaces, each user-space instance including a respective storage namespace backed by at least one of persistent storage or non-persistent storage. 8. The computer system of claim 7 , wherein the persistent storage backing the respective storage namespace for each user-space instance comprises a storage volume configured to store state information, of the respective user-space instance, comprising at least one of: virtual computing instance files; log files; or configuration files. 9. The computer system of claim 7 , wherein the storage namespace for each user-space instance includes at least one of: at least one mount point or at least one re-parse point, in a file system of the hypervisor. 10. The computer system of claim 1 , wherein each user-space instance is isolated from each other user-space instance through network namespaces of the namespaces, each user-space instance including an instance of a network stack in a respective network namespace. 11. A method of creating a tenant in a multi-tenant hypervisor executing on a hardware platform of a host, the method comprising: creating a user-space instance included in the multi-tenant hypervisor and defined by a kernel of the multi-tenant hypervisor using operating system (OS)-level virtualization, the user-space instance being isolated from one or more other user-space instances through namespaces, the user-space instance having resources confined by hierarchical resource groups, the multi-tenant hypervisor managing one or more virtual machines external to the multi-tenant hypervisor,; and creating a virtual hypervisor within the user-space instance, the virtual hypervisor including an instance of a management plane of the multi-tenant hypervisor. 12. The method of claim 11 , wherein the step of creating the user-space instance comprises: provisioning persistent storage for storing tenant state; provisioning a storage namespace of the namespaces; and provisioning a network namespace of the namespaces. 13. The method of claim 12 , wherein the step of provisioning the storage namespace comprises: creating a root file system linked with a global file system of the multi-tenant hypervisor for the user-space instance; and creating one or mount points, one or more re-parse points, or one or more symbolic links in the root file system. 14. The method of claim 12 , wherein the step of provisioning the network namespace comprises: creating a network stack instance for the user-space instance; and creating a simulated physical network interface card (NIC) for the user-space instance. 15. The method of claim 11 , wherein the step of creating the virtual hypervisor comprises: provisioning an instance of a management plane in the namespaces of the user-space instance. 16. The method of claim 15 , wherein the step of provisioning the instance of the management plane comprises: populating a root file system for the user-space instance with files for management daemons and processes; and creating one or more virtual network devices. 17. The method of claim 15 , wherein the step of creating the virtual hypervisor further comprises: storing a configuration of the virtual hypervisor as part of tenant state in persistent storage allocated for use by the user-space instance. 18. The method of claim 15 , wherein the step of creating the virtual hypervisor further comprises: starting up the management plane for access by a user. 19. A non-transitory computer readable medium having instructions stored thereon that when executed by a processor cause the processor to perform a method of creating a tenant in a multi-tenant hypervisor executing on a hardware platform of a host, the method comprising: creating a user-space instance included in the multi-tenant hypervisor and defined by a kernel of the multi-tenant hypervisor using operating system (OS)-level virtualization, the user-space instance being isolated from one or more other user-space instances through namespaces, the user-space instance having resources confined by hierarchical resource groups, the multi-tenant hypervisor managing one or more virtual machines external to the multi-tenant hypervisor,; and creating a virtual hypervisor within the user-space instance, the virtual hypervisor including an instance of a management plane of the multi-tenant hypervisor. 20. The non-transitory computer readable medium of claim 19 , wherein the step of creating the user-space instance comprises: provisioning persistent storage for storing tenant state; provisioning a storage namespace of the namespaces; and provisioning a network namespace of the namespaces.