8fc6fa5414
This commit will add tests to cover vTPM device support for instances.
The vTPM device allows storing secrets at instance level and its managed
by the Barbican backend.
The _vptm_server_creation_check helper method is used to create server
with specific vtpm version and model and assert that it is configured as
needed from the instance xml.
The test_create_server_with_vtpm_tis method will verify creation of
instance with tpm-tis model and supported version 2.0.
Similarly, test_create_server_with_vtpm_crb will verify creation of
instance with tpm-crb model and supported version 2.0.
In addition the Barbican client service was leveraged from the barbican
tempest plugin [1]. This is to allow the vTPM test to communicate with
the barbican client, confirm the secret key found in the guest domain is
present in the client, the key is active, and the keys description
accuratly describes its purpose is vTPM for the guest. Example reply
from barbican below:
{'algorithm': None,
'bit_length': None,
'content_types': {'default': 'application/octet-stream'},
'created': '2021-10-13T18:17:52',
'creator_id': '4b1cc6071236438c881f9da54657468f',
'expiration': None,
'mode': None,
'name': 'vTPM secret for instance b537c0df-0e39-4af8-94b3-04bcc8262f20',
'secret_ref': 'http://192.168.24.3:9311/v1/secrets/13a9ae5e-5187-4c0f-acde-b2cda06ae00c',
'secret_type': 'passphrase',
'status': 'ACTIVE',
'updated': '2021-10-13T18:17:52'}
[1] https://github.com/openstack/barbican-tempest-plugin
Related to:
https://review.opendev.org/c/openstack/nova/+/631363/
https://review.opendev.org/c/openstack/glance/+/633256/
https://bugzilla.redhat.com/show_bug.cgi?id=1782128
Change-Id: I7b1a1306beb871a9294884116f6430ead91ce601
27 lines
1.5 KiB
Plaintext
27 lines
1.5 KiB
Plaintext
NOVA_FILTERS="$NOVA_FILTERS,NUMATopologyFilter"
|
|
|
|
WHITEBOX_AVAILABLE_CINDER_STORAGE=${WHITEBOX_AVAILABLE_CINDER_STORAGE:-24}
|
|
SMT_HOSTS=${SMT_HOSTS:-''}
|
|
WHITEBOX_FILE_BACKED_MEMORY_SIZE=${WHITEBOX_FILE_BACKED_MEMORY_SIZE:-8192}
|
|
WHITEBOX_RX_QUEUE_SIZE=${WHITEBOX_RX_QUEUE_SIZE:-1024}
|
|
WHITEBOX_DEFAULT_VIDEO_MODEL=${WHITEBOX_DEFAULT_VIDEO_MODEL:-'virtio'}
|
|
WHITEBOX_MAX_DISK_DEVICES_TO_ATTACH=${WHITEBOX_MAX_DISK_DEVICES_TO_ATTACH:-7}
|
|
|
|
WHITEBOX_NOVA_COMPUTE_CONFIG_PATH=${WHITEBOX_NOVA_COMPUTE_CONFIG_PATH:-/etc/nova/nova-cpu.conf}
|
|
WHITEBOX_NOVA_COMPUTE_STOP_COMMAND=${WHITEBOX_NOVA_COMPUTE_STOP_COMMAND:-'systemctl stop devstack@n-cpu'}
|
|
WHITEBOX_NOVA_COMPUTE_START_COMMAND=${WHITEBOX_NOVA_COMPUTE_START_COMMAND:-'systemctl start devstack@n-cpu'}
|
|
|
|
WHITEBOX_LIBVIRT_START_COMMAND=${WHITEBOX_LIBVIRT_START_COMMAND:-'systemctl start libvirtd'}
|
|
WHITEBOX_LIBVIRT_STOP_COMMAND=${WHITEBOX_LIBVIRT_STOP_COMMAND:-'systemctl stop libvirtd'}
|
|
WHITEBOX_LIBVIRT_MASK_COMMAND=${WHITEBOX_LIBVIRT_MASK_COMMAND:-'systemctl mask libvirtd'}
|
|
WHITEBOX_LIBVIRT_UNMASK_COMMAND=${WHITEBOX_LIBVIRT_UNMASK_COMMAND:-'systemctl unmask libvirtd'}
|
|
|
|
WHITEBOX_CPU_TOPOLOGY=${WHITEBOX_CPU_TOPOLOGY:-''}
|
|
WHITEBOX_DEDICATED_CPUS_PER_NUMA=${WHITEBOX_DEDICATED_CPUS_PER_NUMA:-4}
|
|
WHITEBOX_SHARED_CPUS_PER_NUMA=${WHITEBOX_SHARED_CPUS_PER_NUMA:-2}
|
|
|
|
COMPUTE_FEATURE_VIRTIO_RNG=${COMPUTE_FEATURE_VIRTIO_RNG:-'True'}
|
|
COMPUTE_FEATURE_RBD_DOWNLOAD=${COMPUTE_FEATURE_RBD_DOWNLOAD:-'False'}
|
|
COMPUTE_FEATURE_UEFI_SECURE_BOOT=${COMPUTE_FEATURE_UEFI_SECURE_BOOT:-'True'}
|
|
COMPUTE_FEATURE_VTPM_ENABLED=${COMPUTE_FEATURE_VTPM_ENABLED:-'True'}
|