Add SEV-related extra spec and image properties

The AMD SEV support recently introduced to nova[0] depends on certain metadata properties for flavors and images which were either missing or only partially covered by existing glance metadata, so fill the missing gaps: - Add the hw:mem_encryption flavor extra spec and corresponding hw_mem_encryption image property. - hw_firmware_type has been supported by nova for quite a while, so register it as an official metadata property. - Add hw_cdrom_bus which was missing as per https://bugs.launchpad.net/glance/+bug/1808868. This shares values with hw_disk_bus, so document that too. [0] https://docs.openstack.org/nova/latest/admin/configuration/hypervisor-kvm.html#amd-sev-secure-encrypted-virtualization Closes-Bug: 1808868 Change-Id: I8116565ad0326d0125b320d840d787edcb086aa9
2019-09-12 12:02:50 +01:00
parent 73fefddd96
commit 3a281b9bc6
4 changed files with 65 additions and 3 deletions
--- a/etc/metadefs/compute-libvirt-image.json
+++ b/etc/metadefs/compute-libvirt-image.json
@@ -10,6 +10,22 @@
        }
    ],
    "properties": {
+        "hw_cdrom_bus": {
+            "title": "CD-ROM Bus",
+            "description": "Specifies the type of disk controller to attach CD-ROM devices to.",
+            "type": "string",
+            "enum": [
+                "scsi",
+                "virtio",
+                "uml",
+                "xen",
+                "ide",
+                "usb",
+                "fdc",
+                "sata",
+                "lxc"
+            ]
+        },
        "hw_disk_bus": {
            "title": "Disk Bus",
            "description": "Specifies the type of disk controller to attach disk devices to.",
@@ -22,7 +38,17 @@
                "ide",
                "usb",
                "fdc",
-                "sata"
+                "sata",
+                "lxc"
+            ]
+        },
+        "hw_firmware_type": {
+            "title": "Firmware Type",
+            "description": "Specifies whether the image should be booted with a legacy BIOS or with UEFI.",
+            "type": "string",
+            "enum": [
+                "bios",
+                "uefi"
            ]
        },
        "hw_rng_model": {
--- a/etc/metadefs/compute-libvirt.json
+++ b/etc/metadefs/compute-libvirt.json
@@ -26,6 +26,12 @@
            "description": "If true, enables the BIOS bootmenu. In cases where both the image metadata and Extra Spec are set, the Extra Spec setting is used. This allows for flexibility in setting/overriding the default behavior as needed.",
            "type": "string",
            "enum": ["true", "false"]
+        },
+        "mem_encryption": {
+            "title": "Hardware Memory Encryption",
+            "description": "Enables encryption of guest memory at the hardware level, if there are compute hosts available which support this. See https://docs.openstack.org/nova/latest/admin/configuration/hypervisor-kvm.html#amd-sev-secure-encrypted-virtualization for details.",
+            "type": "string",
+            "enum": ["true", "false"]
        }
    },
    "objects": []