Add `swtpm_enabled`, 'swtpm_user', 'swtpm_group' parameters
Add the necessary parameters required to enable emulated TPM support for guests in Nova. Change-Id: If896caa9fda3fabec3792adc54e29638d9ce801e Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This commit is contained in:
parent
3ff3316fdc
commit
7a3c226a01
|
@ -196,6 +196,20 @@
|
||||||
# CUSTOM_PMEM_NAMESPACE_$LABEL.
|
# CUSTOM_PMEM_NAMESPACE_$LABEL.
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
|
# [*swtpm_enabled*]
|
||||||
|
# (optional) Enable emulated Trusted Platform Module (TPM) for guests.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*swtpm_user*]
|
||||||
|
# (optional) Configure the user that the swtpm binary, used for emulated
|
||||||
|
# Trusted Platform Module (TPM) functionality, runs as.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*swtpm_group*]
|
||||||
|
# (optional) Configure the group that the swtpm binary, used for emulated
|
||||||
|
# Trusted Platform Module (TPM) functionality, runs as.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
# DEPRECATED PARAMETERS
|
# DEPRECATED PARAMETERS
|
||||||
#
|
#
|
||||||
# [*libvirt_virt_type*]
|
# [*libvirt_virt_type*]
|
||||||
|
@ -300,6 +314,9 @@ class nova::compute::libvirt (
|
||||||
$log_filters = undef,
|
$log_filters = undef,
|
||||||
$tls_priority = undef,
|
$tls_priority = undef,
|
||||||
$pmem_namespaces = $::os_service_default,
|
$pmem_namespaces = $::os_service_default,
|
||||||
|
$swtpm_enabled = $::os_service_default,
|
||||||
|
$swtpm_user = $::os_service_default,
|
||||||
|
$swtpm_group = $::os_service_default,
|
||||||
# DEPRECATED PARAMETERS
|
# DEPRECATED PARAMETERS
|
||||||
$libvirt_virt_type = undef,
|
$libvirt_virt_type = undef,
|
||||||
$libvirt_cpu_mode = undef,
|
$libvirt_cpu_mode = undef,
|
||||||
|
@ -512,6 +529,9 @@ in a future release. Use the enabled_perf_events parameter instead')
|
||||||
'libvirt/num_pcie_ports': value => $num_pcie_ports;
|
'libvirt/num_pcie_ports': value => $num_pcie_ports;
|
||||||
'libvirt/mem_stats_period_seconds': value => $mem_stats_period_seconds;
|
'libvirt/mem_stats_period_seconds': value => $mem_stats_period_seconds;
|
||||||
'libvirt/pmem_namespaces': value => $pmem_namespaces;
|
'libvirt/pmem_namespaces': value => $pmem_namespaces;
|
||||||
|
'libvirt/swtpm_enabled': value => $swtpm_enabled;
|
||||||
|
'libvirt/swtpm_user' : value => $swtpm_user;
|
||||||
|
'libvirt/swtpm_group': value => $swtpm_group;
|
||||||
}
|
}
|
||||||
|
|
||||||
if $libvirt_cpu_model != undef {
|
if $libvirt_cpu_model != undef {
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
The following parameters have been added to the ``nova::compute::libvirt``
|
||||||
|
class. These parameters can be used to configure the corresponding
|
||||||
|
parameters in nova, to set up emulated TPM support.
|
||||||
|
|
||||||
|
- ``swtpm_enabled``
|
||||||
|
- ``swtpm_user``
|
||||||
|
- ``swtpm_group``
|
|
@ -68,6 +68,9 @@ describe 'nova::compute::libvirt' do
|
||||||
it { is_expected.to contain_nova_config('libvirt/num_pcie_ports').with_value('<SERVICE DEFAULT>')}
|
it { is_expected.to contain_nova_config('libvirt/num_pcie_ports').with_value('<SERVICE DEFAULT>')}
|
||||||
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value('<SERVICE DEFAULT>')}
|
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value('<SERVICE DEFAULT>')}
|
||||||
it { is_expected.to contain_nova_config('libvirt/pmem_namespaces').with_value('<SERVICE DEFAULT>')}
|
it { is_expected.to contain_nova_config('libvirt/pmem_namespaces').with_value('<SERVICE DEFAULT>')}
|
||||||
|
it { is_expected.to contain_nova_config('libvirt/swtpm_enabled').with_value('<SERVICE DEFAULT>')}
|
||||||
|
it { is_expected.to contain_nova_config('libvirt/swtpm_user').with_value('<SERVICE DEFAULT>')}
|
||||||
|
it { is_expected.to contain_nova_config('libvirt/swtpm_group').with_value('<SERVICE DEFAULT>')}
|
||||||
it { is_expected.to contain_libvirtd_config('log_outputs').with_ensure('absent')}
|
it { is_expected.to contain_libvirtd_config('log_outputs').with_ensure('absent')}
|
||||||
it { is_expected.to contain_libvirtd_config('log_filters').with_ensure('absent')}
|
it { is_expected.to contain_libvirtd_config('log_filters').with_ensure('absent')}
|
||||||
it { is_expected.to contain_libvirtd_config('tls_priority').with_ensure('absent')}
|
it { is_expected.to contain_libvirtd_config('tls_priority').with_ensure('absent')}
|
||||||
|
@ -103,7 +106,10 @@ describe 'nova::compute::libvirt' do
|
||||||
:mem_stats_period_seconds => 20,
|
:mem_stats_period_seconds => 20,
|
||||||
:log_filters => '1:qemu',
|
:log_filters => '1:qemu',
|
||||||
:tls_priority => 'NORMAL:-VERS-SSL3.0',
|
:tls_priority => 'NORMAL:-VERS-SSL3.0',
|
||||||
:pmem_namespaces => '128G:ns0|ns1|ns2|ns3'
|
:pmem_namespaces => '128G:ns0|ns1|ns2|ns3',
|
||||||
|
:swtpm_enabled => true,
|
||||||
|
:swtpm_user => 'libvirt',
|
||||||
|
:swtpm_group => 'libvirt'
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -135,6 +141,9 @@ describe 'nova::compute::libvirt' do
|
||||||
it { is_expected.to contain_nova_config('libvirt/num_pcie_ports').with_value(16)}
|
it { is_expected.to contain_nova_config('libvirt/num_pcie_ports').with_value(16)}
|
||||||
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value(20)}
|
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value(20)}
|
||||||
it { is_expected.to contain_nova_config('libvirt/pmem_namespaces').with_value("128G:ns0|ns1|ns2|ns3")}
|
it { is_expected.to contain_nova_config('libvirt/pmem_namespaces').with_value("128G:ns0|ns1|ns2|ns3")}
|
||||||
|
it { is_expected.to contain_nova_config('libvirt/swtpm_enabled').with_value(true)}
|
||||||
|
it { is_expected.to contain_nova_config('libvirt/swtpm_user').with_value('libvirt')}
|
||||||
|
it { is_expected.to contain_nova_config('libvirt/swtpm_group').with_value('libvirt')}
|
||||||
it { is_expected.to contain_libvirtd_config('log_filters').with_value("\"#{params[:log_filters]}\"")}
|
it { is_expected.to contain_libvirtd_config('log_filters').with_value("\"#{params[:log_filters]}\"")}
|
||||||
it { is_expected.to contain_libvirtd_config('tls_priority').with_value("\"#{params[:tls_priority]}\"")}
|
it { is_expected.to contain_libvirtd_config('tls_priority').with_value("\"#{params[:tls_priority]}\"")}
|
||||||
it {
|
it {
|
||||||
|
|
Loading…
Reference in New Issue