Open Stack

On Thu, Jun 20, 2019 at 11:20 AM Eric Fried <openstack at fried.cc> wrote:

> Jim-
>
> > So, I'd like to propose we
> > implement TPM passthrough in Nova. My team is happy to do the work, but
> I'd
> > love some guidance as to the best way to implement this so we can get a
> spec
> > done (I assume it's "just another resource class"?).
>
> And by "just another resource class" you mean:
>
> - Add TPM to os-resource-classes (exact name subject to bikeshedding).
> - Virt driver's update_provider_tree() looks at the guts of the host to
> figure out how many TPM devices exist and, if nonzero, tacks an
> inventory of that many TPM onto the root provider (max_unit 1
> presumably; all others default).
> - Flavor desiring this thingy is authored with extra spec resources:TPM=1.
> - Scheduler lands instance on host with TPM inventory, and allocates
> one. (This is free, no additional code changes necessary.)
> - Virt driver's spawn() looks at the allocation, sees TPM:1, and
> augments the guest's domain XML to attach the thingy.
>
> Is it any more complicated than that?
>

That makes sense to me. I don't know these bits well enough
to comment if there's anything else to do. Maybe choosing
the correct /dev/tpmN may get weird?


> I'm fine with this.
>

Cool, will attempt to get a spec going, unless violent
opposition shows up in this thread in the meantime.

Thanks!

// jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190620/408e15f3/attachment.html>