88e21d8e5e
Read port info to extract the trusted tag from binding profile then set it in the request spec. The test_create_pci_requests_for_sriov_ports test is updated and re-written in mock. Implements blueprint sriov-trusted-vfs Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@redhat.com> Change-Id: Iaea17b7a02d53463d2b815bdc5f4e83e422188eb
32 lines
1.1 KiB
YAML
32 lines
1.1 KiB
YAML
features:
|
|
- |
|
|
The libvirt compute driver now allows users to create instances
|
|
with SR-IOV virtual functions which will be configured as trusted.
|
|
|
|
The operator will have to create pools of devices with tag
|
|
trusted=true.
|
|
|
|
For example, modify ``/etc/nova/nova.conf`` and set:
|
|
|
|
.. code-block:: ini
|
|
|
|
[pci]
|
|
passthrough_whitelist = {"devname": "eth0", "trusted": "true",
|
|
"physical_network":"sriovnet1"}
|
|
|
|
Where "eth0" is the interface name related to the physical
|
|
function.
|
|
|
|
Ensure that the version of ``ip-link`` on the compute host supports setting
|
|
the trust mode on the device.
|
|
|
|
Ports from the physical network will have to be created with a
|
|
binding profile to match the trusted tag. Only ports with
|
|
``binding:vif_type=hw_veb`` and ``binding:vnic_type=direct`` are supported.
|
|
|
|
.. code-block:: ini
|
|
|
|
$ neutron port-create <net-id> \
|
|
--name sriov_port \
|
|
--vnic-type direct \
|
|
--binding:profile type=dict trusted=true |