kvm: fix disk controller for secure boot vm #10213
Conversation
Fixes apache#9460 Signed-off-by: Abhishek Kumar <[email protected]>
|
This would fix the issue but not sure if could cause the issue of disks not being identified when virtio drivers are not installed. Maybe we can add some documentation. ping @pavanaravapalli, if you've any advise @blueorangutan package |
|
@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## 4.19 #10213 +/- ##
============================================
+ Coverage 15.16% 15.47% +0.30%
- Complexity 11332 11735 +403
============================================
Files 5412 5416 +4
Lines 475033 493478 +18445
Branches 57963 66305 +8342
============================================
+ Hits 72048 76343 +4295
- Misses 394930 408648 +13718
- Partials 8055 8487 +432
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 12127 |
| } else { | ||
| disk.defFileBasedDisk(physicalDisk.getPath(), devId, diskBusType, DiskDef.DiskFmtType.QCOW2); | ||
| } | ||
| disk.defFileBasedDisk(physicalDisk.getPath(), devId, diskBusType, DiskDef.DiskFmtType.QCOW2); |
There was a problem hiding this comment.
for DATADISK, should it use diskBusTypeData instead ?
...ypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
Outdated
Show resolved
Hide resolved
A VM or template detail can be added with key `win.skip.force.disk.controller` and value `true` to allow skipping forcing DATA disk controller for the VM. Signed-off-by: Abhishek Kumar <[email protected]>
|
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch. |
|
@pavanaravapalli @weizhouapache cc @rajujith @vladimirpetrov I've made the behaviour configurable using VM (or template) detail. User/operator can add a VM/template detail - win.skip.force.disk.controller = true to make KVM plugin not force SATA controller for Windows VM with secured boot @blueorangutan package |
|
@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✖️ debian ✔️ suse15. SL-JID 13161 |
|
@blueorangutan package |
|
@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 13164 |
|
@blueorangutan package |
|
@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 13345 |
|
@blueorangutan package |
|
@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 14717 |
|
@blueorangutan package |
|
@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 14884 |
|
@blueorangutan test |
|
@DaanHoogland a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests |
|
[SF] Trillian test result (tid-14360)
|
| } | ||
| } | ||
|
|
||
| defineDiskForDefaultPoolType(disk, volume, isWindowsTemplate, isUefiEnabled, isSecureBoot, |
There was a problem hiding this comment.
@shwstppr If a user forces the disk type with this template flag, will Secure Boot still work?
There was a problem hiding this comment.
@pavanaravapalli probably not for all guest OSes, but should work for newer ones, as #9460 reports VM works fine with virtio. Also, as this is optional, it is up to the operator to check and use
There was a problem hiding this comment.
@shwstppr Thanks for the response. We should mention potential UEFI workflow issues in the flag description since guest OS support varies.
| String NIC_PACKED_VIRTQUEUES_ENABLED = "nic.packed.virtqueues.enabled"; | ||
|
|
||
| // KVM specific, disk controllers | ||
| String KVM_WIN_SKIP_FORCE_DISK_CONTROLLER = "win.skip.force.disk.controller"; |
There was a problem hiding this comment.
In my opinion, the root disk and data disk controller should not be changed when vm is stopped and started, in regardless of the vm settings
There was a problem hiding this comment.
@weizhouapache In my test they are not really changed. Even at the deployment time, Windows VM with secure boot was always getting sata while other (Linux, etc) VMs were getting virtio
|
I'm closing this for now, as we don't have a consensus and a proper solution |
|
Recreated here, #11750 |
Description
Fixes #9460
Types of changes
Feature/Enhancement Scale or Bug Severity
Feature/Enhancement Scale
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
How did you try to break this feature and the system with this change?