Skip to content

Commit

Permalink
libvirt: Add the option of EFI firmware support for mkosi
Browse files Browse the repository at this point in the history
- The packer build doesn't want a custom firmware,
so we can't easily keep the default to be ovmf.
Instead reverse the logic and set it as blank unless provided.
- In order to preserve the existing behaviour set the
kustomization.yaml with the old default and update
the packer e2e testing to comment it out
- Also rename to LIBVIRT_EFI_FIRMWARE to clarify that it's
explicitly used for EFI firmware

- If the EFI firmware path is set, then set domain firmware to efi
and set the device disk to sata & sdb as
mkosi needs sata and packer needs IDE. In future once we
drop packer we can potentially simplify this.

Signed-off-by: stevenhorsman <[email protected]>
  • Loading branch information
stevenhorsman committed Dec 2, 2024
1 parent b161020 commit b96f554
Show file tree
Hide file tree
Showing 4 changed files with 37 additions and 3 deletions.
16 changes: 16 additions & 0 deletions .github/workflows/e2e_libvirt.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -117,12 +117,28 @@ jobs:
run: |
sudo apt install -y gh
- name: Double check that OVMF is installed
run: |
sudo apt install -y ovmf
- name: Install kustomize
run: |
command -v kustomize >/dev/null || \
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \
sudo bash -s /usr/local/bin
# For the legacy packer approach we don't want to use the default firmware, so comment it out
- name: Set blank firmware for packer libvirt tests
if: ${{ !inputs.oras }}
run: |
pushd "install/overlays/libvirt"
sed -i 's/\(- LIBVIRT_EFI_FIRMWARE=.*\)/#\1/g' kustomization.yaml
# Print for debugging
echo "::group::Kustomization.yaml"
cat kustomization.yaml
echo "::endgroup::"
popd
- name: Update kustomization configuration
run: |
pushd "install/overlays/libvirt"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@ configMapGenerator:
- DISABLECVM="true" # set as false to enable confidential VM
- SECURE_COMMS="false" # set as true to enable Secure Comms
- INITDATA="" # set default initdata for podvm
- LIBVIRT_EFI_FIRMWARE="/usr/share/OVMF/OVMF_CODE_4M.fd" # Edit to change the EFI firmware path, or comment to unset, if not using EFI.
#- LIBVIRT_LAUNCH_SECURITY="" #sev or s390-pv
#- LIBVIRT_FIRMWARE="" # Uncomment and set if you want to change the firmware path. Defaults to /usr/share/edk2/ovmf/OVMF_CODE.fd
#- LIBVIRT_VOL_NAME="" # Uncomment and set if you want to use a specific volume name. Defaults to podvm-base.qcow2
#- PAUSE_IMAGE="" # Uncomment and set if you want to use a specific pause image
#- VXLAN_PORT="" # Uncomment and set if you want to use a specific vxlan port. Defaults to 4789
Expand Down
18 changes: 18 additions & 0 deletions src/cloud-providers/libvirt/libvirt.go
Original file line number Diff line number Diff line change
Expand Up @@ -388,6 +388,24 @@ func createDomainXMLx86_64(client *libvirtClient, cfg *domainConfig, vm *vmConfi
},
}

if vm.firmware != "" {
domain.OS.Loader = &libvirtxml.DomainLoader{
Path: vm.firmware,
Readonly: "yes",
Type: "pflash",
}

domain.OS.Firmware = "efi"

// TODO - IDE seems to only work with packer builds and sata only with mkosi,
// so we temporarily use the firmware being non-blank to assume this is mkosi
cidataDiskIndex := 1
var cidataDiskAddr uint = 1
domain.Devices.Disks[cidataDiskIndex].Target.Bus = "sata"
domain.Devices.Disks[cidataDiskIndex].Target.Dev = "sdb"
domain.Devices.Disks[cidataDiskIndex].Address.Drive.Unit = &cidataDiskAddr
}

switch l := vm.launchSecurityType; l {
case NoLaunchSecurity:
return domain, nil
Expand Down
4 changes: 2 additions & 2 deletions src/cloud-providers/libvirt/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ const (
defaultDataDir = "/var/lib/libvirt/images"
defaultVolName = "podvm-base.qcow2"
defaultLaunchSecurity = ""
defaultFirmware = "/usr/share/edk2/ovmf/OVMF_CODE.fd"
defaultFirmware = ""
)

func init() {
Expand All @@ -47,7 +47,7 @@ func (_ *Manager) LoadEnv() {
provider.DefaultToEnv(&libvirtcfg.NetworkName, "LIBVIRT_NET", defaultNetworkName)
provider.DefaultToEnv(&libvirtcfg.VolName, "LIBVIRT_VOL_NAME", defaultVolName)
provider.DefaultToEnv(&libvirtcfg.LaunchSecurity, "LIBVIRT_LAUNCH_SECURITY", defaultLaunchSecurity)
provider.DefaultToEnv(&libvirtcfg.Firmware, "LIBVIRT_FIRMWARE", defaultFirmware)
provider.DefaultToEnv(&libvirtcfg.Firmware, "LIBVIRT_EFI_FIRMWARE", defaultFirmware)
}

func (_ *Manager) NewProvider() (provider.Provider, error) {
Expand Down

0 comments on commit b96f554

Please sign in to comment.