diff --git a/doc/source/admin/useful-image-properties.rst b/doc/source/admin/useful-image-properties.rst index 2ad37257c1..71d2588064 100644 --- a/doc/source/admin/useful-image-properties.rst +++ b/doc/source/admin/useful-image-properties.rst @@ -444,11 +444,27 @@ Here is a list of useful image properties and the values they expect. Enables encryption of guest memory at the hardware level, if there are compute hosts available which support this. See - `nova's documentation on configuration of the KVM hypervisor - `_ + `nova's documentation on configuration of AMD SEV + `_ for more details. - Only supported by the libvirt driver. + Only supported by the libvirt driver with the KVM/QEMU hypervisor. + +``hw_mem_encryption_model`` + :Type: str + + The hardware feature name to encrypt guest memory, if there are compute hosts + available which support this. See + `nova's documentation on configuration of AMD SEV + `_ + for more details. + + Only supported by the libvirt driver with the KVM/QEMU hypervisor. + + One of: + + - ``amd-sev`` + - ``amd-sev-es`` ``hw_virtio_packed_ring`` :Type: bool diff --git a/etc/metadefs/compute-libvirt.json b/etc/metadefs/compute-libvirt.json index 3493be3885..1da08f2d45 100644 --- a/etc/metadefs/compute-libvirt.json +++ b/etc/metadefs/compute-libvirt.json @@ -29,11 +29,16 @@ }, "mem_encryption": { "title": "Hardware Memory Encryption", - "description": "Enables encryption of guest memory at the hardware level, if there are compute hosts available which support this. See https://docs.openstack.org/nova/latest/admin/configuration/hypervisor-kvm.html#amd-sev-secure-encrypted-virtualization for details.", + "description": "Enables encryption of guest memory at the hardware level, if there are compute hosts available which support this. See https://docs.openstack.org/nova/latest/admin/sev.html for details.", "type": "string", "enum": ["true", "false"] - } - , + }, + "mem_encryption_model": { + "title": "Hardware Memory Encryption Model", + "description": "The hardware feature name to encrypt guest memory, if there are compute hosts available which support this. See https://docs.openstack.org/nova/latest/admin/sev.html for details.", + "type": "string", + "enum": ["amd-sev", "amd-sev-es"] + }, "virtio_packed_ring": { "title": "Virtio Packed Ring", "description": "Enables Packed VIRT-IO Queue feature. When set to true, instance will bescheduled to hosts that support negotiating the packed virt queue format. This feature may or may not be enabled depending on the guest driver. When used it will improve the small packet performance of network io.", diff --git a/glance/tests/functional/db/base_metadef.py b/glance/tests/functional/db/base_metadef.py index c2982d0e1d..378af82bca 100644 --- a/glance/tests/functional/db/base_metadef.py +++ b/glance/tests/functional/db/base_metadef.py @@ -773,7 +773,7 @@ class MetadefLoadUnloadTests: 'CIM::VirtualSystemSettingData': 17, 'OS::Compute::XenAPI': 1, 'OS::Compute::InstanceData': 2, - 'OS::Compute::Libvirt': 4, + 'OS::Compute::Libvirt': 5, 'OS::Compute::VMwareQuotaFlavor': 2, 'OS::Cinder::Volumetype': 1, 'OS::Glance::Signatures': 4, diff --git a/releasenotes/notes/flamingo-metadef-changes-413a952cf47927ce.yaml b/releasenotes/notes/flamingo-metadef-changes-413a952cf47927ce.yaml new file mode 100644 index 0000000000..508f36c2fd --- /dev/null +++ b/releasenotes/notes/flamingo-metadef-changes-413a952cf47927ce.yaml @@ -0,0 +1,12 @@ +--- +upgrade: + - | + The following metadata definitions have been modified in the Flamingo + release: + + * Added ``hw_memory_encryption_model`` enumerations in + the ``OS::Compute::Libvirt`` namespace. + + You may upgrade these definitions using: + + ``glance-manage db load_metadefs [--path ] [--merge] [--prefer_new]``