-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor manager to start AMD SEV encrypted VM #10
Conversation
d0e0d70
to
441366c
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a note - we should be able to start it on both SEV-SNP (default setup), but also on an ordinary PC without an enclave - for test, demo and development purposes, to deploy quickly manager on local PCs (very useful when we develop other parts of the system, like UI, but we need end-to-end functionality).
3e7b959
to
b92c698
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
860e647
to
b7662c8
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
4cec272
to
0b64337
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
0b64337
to
ada7cb9
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
4197ff3
to
9c545d3
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
c7de96c
to
3caaf6a
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
1a2a47b
to
7e21a17
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
0f97eab
to
de77be9
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
5528417
to
5095ff6
Compare
8d25cb3
to
a97e983
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
a97e983
to
88e05ae
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
36767b5
to
08f26af
Compare
…rvice Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
…ings Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
dae290e
to
c8c191e
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
c8c191e
to
6b4a708
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
5b01c8d
to
afe4d62
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
afe4d62
to
0b38e94
Compare
…aunch Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
efbf53c
to
b3ad784
Compare
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
It's already addressed by the proper use of env vars, especially env vars that are SEV and sudo related and properly documented in README. |
|
||
### Verifying VM launch | ||
|
||
NB: To verify that the manager successfully launched the VM, you need to open two terminals on the same machine. In one terminal, you need to launch `go run main.go` (with the environment variables of choice) and in the other, you can run the verification commands. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the future, we need to verify this programmatically - i.e. Manager must be capable of observing and monitoring VM log and verifying if everything is going OK.
If you are launching several VMs, you will have to keep track of all of them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's an issue opened for this #35
encodeResponse, | ||
opts..., | ||
), "create_domain")) | ||
|
||
r.Get("/qemu", otelhttp.NewHandler(kithttp.NewServer( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We do not need separate endpoint, this is done via /run
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We will do it in the next issue: #36, let's merge this one now.
encodeResponse, | ||
opts..., | ||
), "create_domain")) | ||
|
||
r.Get("/qemu", otelhttp.NewHandler(kithttp.NewServer( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We will do it in the next issue: #36, let's merge this one now.
resolves #30
resolves #32