libvirt driver launching AMD SEV-encrypted instances

Registered by Adam Spiers on 2018-10-11

Booting an instance with a flavor containing an SEV-specific required trait extra spec should cause that instance to be defined and booted on a compute host which provides that trait. Additionally the instance must be created with additional XML in the libvirt domain definition which causes QEMU to boot the instance with SEV enabled.

Blueprint information

Status:
Started
Approver:
Matt Riedemann
Priority:
Low
Drafter:
Adam Spiers
Direction:
Approved
Assignee:
Adam Spiers
Definition:
Approved
Series goal:
Accepted for stein
Implementation:
Good progress
Milestone target:
None
Started by
Matt Riedemann on 2019-02-01

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:amd-sev-libvirt-support,n,z

Addressed by: https://review.openstack.org/609779
    Add spec for libvirt driver launching AMD SEV-encrypted instances

Gerrit topic: https://review.openstack.org/#q,topic:bp/amd-sev-libvirt-support,n,z

Approved for Stein. -- mriedem 20190103

Addressed by: https://review.openstack.org/628252
    AMD SEV: address final feedback received prior to merge

Addressed by: https://review.openstack.org/633855
    Add detection of SEV support from QEMU/AMD-SP/libvirt on AMD hosts

Addressed by: https://review.openstack.org/635608
   Add HW_CPU_AMD_SEV trait

Addressed by: https://review.openstack.org/636334
    Extract SEV-specific bits on host detection

Addressed by: https://review.openstack.org/636318
    Add configs for AMD SEV

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.