libvirt: Report secure boot support to scheduler

The final step. We now start reporting this trait to the scheduler, allowing instances requesting secure boot to be scheduled here. Blueprint: allow-secure-boot-for-qemu-kvm-guests Change-Id: I171d47d72ebc81d1c905eb9130378dfef9a55ce5 Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
2021-02-12 19:24:40 +00:00 · 2021-02-12 19:24:40 +00:00 · 46e3502c30
commit 46e3502c30
parent e7d704899f
2 changed files with 27 additions and 2 deletions
--- a/nova/tests/unit/virt/libvirt/test_driver.py
+++ b/nova/tests/unit/virt/libvirt/test_driver.py
@ -1124,6 +1124,21 @@ class LibvirtConnTestCase(test.NoDBTestCase,
            "'swtpm_enabled=True'"
        )

+    @mock.patch.object(
+        libvirt_driver.LibvirtDriver, '_register_instance_machine_type',
+        new=mock.Mock())
+    @mock.patch.object(
+        host.Host, 'supports_secure_boot', new_callable=mock.PropertyMock)
+    def test_driver_capabilities_secure_boot(self, mock_supports):
+        drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
+        drvr.init_host("dummyhost")
+        self.assertTrue(
+            drvr.capabilities['supports_secure_boot'],
+            "Driver capabilities for 'supports_secure_boot' is invalid when "
+            "host should support this feature"
+        )
+        mock_supports.assert_called_once_with()
+
    def test_driver_raises_on_non_linux_platform(self):
        with utils.temporary_mutation(sys, platform='darwin'):
            self.assertRaises(
@ -2705,8 +2720,8 @@ class LibvirtConnTestCase(test.NoDBTestCase,
        test_init_host()
        # NOTE(dkliban): Will fail if get_host_capabilities is called before
        # registerErrorHandler
-        self.assertEqual(['fake_registerErrorHandler',
-                          'fake_get_host_capabilities'], calls)
+        self.assertEqual('fake_registerErrorHandler', calls[0])
+        self.assertEqual('fake_get_host_capabilities', calls[1])

    def test_sanitize_log_to_xml(self):
        # setup fake data
--- a/nova/virt/libvirt/driver.py
+++ b/nova/virt/libvirt/driver.py
@ -684,6 +684,8 @@ class LibvirtDriver(driver.ComputeDriver):
    def init_host(self, host):
        self._host.initialize()

+        self._update_host_specific_capabilities()
+
        self._check_cpu_set_configuration()

        self._do_quality_warnings()
@ -781,6 +783,14 @@ class LibvirtDriver(driver.ComputeDriver):

        self._register_instance_machine_type()

+    def _update_host_specific_capabilities(self) -> None:
+        """Update driver capabilities based on capabilities of the host."""
+        # TODO(stephenfin): We should also be reporting e.g. SEV functionality
+        # or UEFI bootloader support in this manner
+        self.capabilities.update({
+            'supports_secure_boot': self._host.supports_secure_boot,
+        })
+
    def _register_instance_machine_type(self):
        """Register the machine type of instances on this host