On Thu, Jun 20, 2019 at 11:20 AM Eric Fried openstack@fried.cc wrote:
Jim-
So, I'd like to propose we implement TPM passthrough in Nova. My team is happy to do the work, but
I'd
love some guidance as to the best way to implement this so we can get a
spec
done (I assume it's "just another resource class"?).
And by "just another resource class" you mean:
- Add TPM to os-resource-classes (exact name subject to bikeshedding).
- Virt driver's update_provider_tree() looks at the guts of the host to
figure out how many TPM devices exist and, if nonzero, tacks an inventory of that many TPM onto the root provider (max_unit 1 presumably; all others default).
- Flavor desiring this thingy is authored with extra spec resources:TPM=1.
- Scheduler lands instance on host with TPM inventory, and allocates
one. (This is free, no additional code changes necessary.)
- Virt driver's spawn() looks at the allocation, sees TPM:1, and
augments the guest's domain XML to attach the thingy.
Is it any more complicated than that?
That makes sense to me. I don't know these bits well enough to comment if there's anything else to do. Maybe choosing the correct /dev/tpmN may get weird?
I'm fine with this.
Cool, will attempt to get a spec going, unless violent opposition shows up in this thread in the meantime.
Thanks!
// jim