On Sat, 2024-05-11 at 14:39 +0800, luckydog xf wrote:
set hw_machine_type=q35 would generate a machine= 'pc-q35-4.2'. But it makes no difference. ya so looking at the xml its using i440fx not q35
you do not need to specify the explict version q35 is an alias to the newest pc-q35-* machine type looking at how you typed it "openstack image set \ --property hw_firmware_type=uefi \ --property os_secure_boot=required \ --property hw_machine_type=q35 \ " that looks like you might have a space before hw_machine_type can you confirm that is not the case? hw_machine_type is the correct extra spec to set https://github.com/openstack/glance/blob/master/etc/metadefs/compute-libvirt... and you are configureing it as we would expect https://opendev.org/openstack/nova/src/branch/master/doc/source/admin/hw-mac... so it would be also good to confirm that the image porperties on the volume that was created form this glance image have the same values set if you create the volume before you updated the properties in glance it wont have the updated image properties.
On Sat, May 11, 2024 at 1:49 PM luckydog xf <luckydogxf@gmail.com> wrote:
I installed a VM on KVM manually. This VM is okay to boot from UEFI.
Here is part of XML. --- ubuntu@freeradius:~$ virsh dumpxml ubuntu20.04 <domain type='kvm'> <name>ubuntu20.04</name> <uuid>99660c76-953d-4b68-9f29-f1471da8d659</uuid> <metadata> <libosinfo:libosinfo xmlns:libosinfo=" http://libosinfo.org/xmlns/libvirt/domain/1.0"> <libosinfo:os id="http://ubuntu.com/ubuntu/20.04"/> </libosinfo:libosinfo> </metadata> <memory unit='KiB'>4194304</memory> <currentMemory unit='KiB'>4194304</currentMemory> <vcpu placement='static'>2</vcpu> <os> <type arch='x86_64' machine='pc-q35-4.2'>hvm</type> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.secboot.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/ubuntu20.04_VARS.fd</nvram> </os> --- VM controller is virtio. I uploaded VM qcow2 as an OpenStack image, and set properties like --- openstack image set \ --property hw_firmware_type=uefi \ --property os_secure_boot=required \ --property hw_machine_type=q35 \ xxx --- Then I launched an instance with this image. It cannot be started up.
XML of this instance is ...
<os> <type arch='x86_64' machine='pc-i440fx-4.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/instance-00000212_VARS.fd</nvram> <boot dev='hd'/> <smbios mode='sysinfo'/>
The difference is /usr/share/OVMF/OVMF_CODE.secboot.fd VS /usr/share/OVMF/OVMF_CODE_4M.secboot.fd. These two files have different md5 checksums.
By the way, ovmf package is the same version.
On Sat, May 11, 2024 at 1:43 PM luckydog xf <luckydogxf@gmail.com> wrote:
I uploaded volumes to images,and setup uefi properties accordingly like below. openstack image set \ --property hw_firmware_type=uefi \ --property os_secure_boot=required \ --property hw_machine_type=q35 \ xxx-image
Boot an instance from that image, however, it doesn't work. Below is part of XML definition of an instance. --- <os> <type arch='x86_64' machine='pc-i440fx-4.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram>/var/lib/libvirt/qemu/nvram/instance-00000212_VARS.fd</nvram> <boot dev='hd'/> <smbios mode='sysinfo'/> </os> ---
My compute nodes are ubuntu 20.04 and ovmf was installed. ---
On Fri, May 10, 2024 at 6:37 PM <smooney@redhat.com> wrote:
you need to modify the image properties on the boot volume to set hw_firmware_type=uefi
preferably with hw_machine_type=q35
you can do this with "openstack volume set --image-property <key=value> ..."
also in relation to your other therad you can also set the disk bus on the volume this way too by setting hw_disk_bus=sata instead of using ide
ide would also work but its much much much slower.
On Fri, 2024-05-10 at 17:06 +0800, luckydog xf wrote:
<os> <type arch='x86_64' machine='pc-q35-4.2'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram
<boot dev='hd'/> <smbios mode='sysinfo'/> </os> Here is the output from `virsh dumpxml XX`. As we can see uefi is
template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/instance-00000206_VARS.fd</nvram> properly
setup. But it seems a device is required.
On Fri, May 10, 2024 at 1:28 PM luckydog xf <luckydogxf@gmail.com> wrote:
I also set hw_machine_type=q35 and hw_machine_type=pc. Neither works.
Converting a volume to an image takes too much space and time because it's so large.
Any alternative?
On Fri, May 10, 2024 at 1:25 PM luckydog xf <luckydogxf@gmail.com> wrote:
> Hi, list, > > I migrated a volume from VMware ESXI VMDK, and originally on VMware > platform it's EFI boot mode and secure boot enabled. > > I cloned the entire VMDK by clonzilla and restored on OpenStack as a > volume. > > I referred to this link > https://docs.openstack.org/nova/latest/admin/secure-boot.html and > uploaded that volume as an image. Then set properties. > > Finally, I launched an instance with a target image, however, it cannot > boot up with a blank and dark screen. > > What's the right way to implement this? > > Thanks. > > > >