Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor manager to start AMD SEV encrypted VM #10

Merged
merged 25 commits into from
Aug 16, 2023
Merged

Refactor manager to start AMD SEV encrypted VM #10

merged 25 commits into from
Aug 16, 2023

Conversation

darkodraskovic
Copy link
Collaborator

@darkodraskovic darkodraskovic commented Jul 14, 2023
edited
Loading

resolves #30
resolves #32

@darkodraskovic
Refactor manager to start AMD SEV encrypted VM
10e2a6d 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add proper formatting
eaef7dd 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add host-guest http and grpc port parametrization
b92c698 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
drasko
drasko reviewed Jul 31, 2023
View reviewed changes
Copy link
Contributor

@drasko drasko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note - we should be able to start it on both SEV-SNP (default setup), but also on an ordinary PC without an enclave - for test, demo and development purposes, to deploy quickly manager on local PCs (very useful when we develop other parts of the system, like UI, but we need end-to-end functionality).

@darkodraskovic
Refactor dom.xml to start focal-server-cloudimg-amd64.qcow2
b92806c 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic darkodraskovic changed the title DRAFT - Refactor manager to start AMD SEV encrypted VM Refactor manager to start AMD SEV encrypted VM Aug 4, 2023
@darkodraskovic darkodraskovic force-pushed the manger_SEV branch 2 times, most recently from 860e647 to b7662c8 Compare August 7, 2023 14:04
@darkodraskovic
Add uefi bios vars, exec cmd line and log to file parameters
f6d5b61 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic darkodraskovic force-pushed the manger_SEV branch 2 times, most recently from 4cec272 to 0b64337 Compare August 7, 2023 15:46
@darkodraskovic
Parse env vars for qemu cmd line config
ada7cb9 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add ConstructQemuCommand and fix guestgrpc bug in sh
6294117 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Remove sudo necessity
ff47905 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Replace cmd.Output() with cmd.Start()
9c545d3 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add a tmp file to read qemu cmd line constr output
3caaf6a 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add sudo env var
1012d2c 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Remove tmp file creation and capture stdout with buffer
7e21a17 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Move cmd funcs to internal/cmd.go
d7aca93 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Replace sh script for ctor of qemu cmd line with go code
51e69d8 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic darkodraskovic force-pushed the manger_SEV branch 3 times, most recently from 5528417 to 5095ff6 Compare August 12, 2023 21:50
@darkodraskovic darkodraskovic self-assigned this Aug 14, 2023
@darkodraskovic darkodraskovic added the feature introducing new functionality label Aug 14, 2023
@darkodraskovic darkodraskovic added this to the Open source Cocos AI milestone Aug 14, 2023
@darkodraskovic
Refactor README to use focal-server-cloudimg-amd64.img
88e05ae 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add VM launch troubleshooting instructions
08f26af 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add ExecutableAndArgs generator func to qemu and qemuCmd struct to se…
5558a4f 
…rvice

Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Amend VM launch troubleshooting instructions with port forwaring sett…
4137ad3 
…ings

Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic darkodraskovic force-pushed the manger_SEV branch 3 times, most recently from dae290e to c8c191e Compare August 15, 2023 12:56
@darkodraskovic
Add CreateQemuVM endoint
6b4a708 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Revert to env var VM parametrization
1536c6c 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic darkodraskovic force-pushed the manger_SEV branch 2 times, most recently from 5b01c8d to afe4d62 Compare August 15, 2023 18:21
@darkodraskovic
Add uuid to VM creation config id fields
0b38e94 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Add file.go and temporary file creation to enable multi instance VM l…
b3ad784 
…aunch

Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
dborovcanin
dborovcanin requested changes Aug 16, 2023
View reviewed changes
cmd/manager/main.go Outdated Show resolved Hide resolved
cmd/manager/main.go Outdated Show resolved Hide resolved
cmd/manager/main.go Outdated Show resolved Hide resolved
internal/cmd.go Outdated Show resolved Hide resolved
manager/api/http/requests.go Outdated Show resolved Hide resolved
manager/api/http/transport.go Outdated Show resolved Hide resolved
@darkodraskovic
Replace literal strings by consts and properly format godoc comments
5028946 
Signed-off-by: Darko Draskovic <darko.draskovic@gmail.com>
@darkodraskovic
Copy link
Collaborator Author

darkodraskovic commented Aug 16, 2023
edited
Loading

Just a note - we should be able to start it on both SEV-SNP (default setup), but also on an ordinary PC without an enclave - for test, demo and development purposes, to deploy quickly manager on local PCs (very useful when we develop other parts of the system, like UI, but we need end-to-end functionality).

It's already addressed by the proper use of env vars, especially env vars that are SEV and sudo related and properly documented in README.

drasko
drasko requested changes Aug 16, 2023
View reviewed changes
README.md

### Verifying VM launch

NB: To verify that the manager successfully launched the VM, you need to open two terminals on the same machine. In one terminal, you need to launch `go run main.go` (with the environment variables of choice) and in the other, you can run the verification commands.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the future, we need to verify this programmatically - i.e. Manager must be capable of observing and monitoring VM log and verifying if everything is going OK.

If you are launching several VMs, you will have to keep track of all of them.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's an issue opened for this #35

manager/api/http/transport.go
encodeResponse,
opts...,
), "create_domain"))

r.Get("/qemu", otelhttp.NewHandler(kithttp.NewServer(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do not need separate endpoint, this is done via /run

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will do it in the next issue: #36, let's merge this one now.

drasko
drasko approved these changes Aug 16, 2023
View reviewed changes
manager/api/http/transport.go
encodeResponse,
opts...,
), "create_domain"))

r.Get("/qemu", otelhttp.NewHandler(kithttp.NewServer(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will do it in the next issue: #36, let's merge this one now.

@drasko drasko merged commit 2cf6e1a into main Aug 16, 2023
1 check passed
@darkodraskovic darkodraskovic deleted the manger_SEV branch August 16, 2023 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drasko drasko drasko approved these changes

@dborovcanin dborovcanin dborovcanin approved these changes

Assignees

@darkodraskovic darkodraskovic

Labels
feature introducing new functionality
Projects
None yet
Milestone
Open source Cocos AI
Development

Successfully merging this pull request may close these issues.

Replace launch-qemu.sh by go code Refactor manager to start AMD SEV encrypted VM
3 participants
@darkodraskovic @drasko @dborovcanin