Merge "Add Secure Boot options to extra flavor sepc and image property docs"

2016-10-25 18:40:22 +00:00 · 2016-10-25 18:40:22 +00:00 · c8b65d13d8
commit c8b65d13d8
parent ba9f41d1ba e409c89e85
2 changed files with 22 additions and 0 deletions
--- a/doc/admin-guide/source/compute-flavors.rst
+++ b/doc/admin-guide/source/compute-flavors.rst
@ -525,3 +525,19 @@ PCI passthrough
      configuration options <http://docs.openstack.org/newton/config-reference/compute/config-options.html>`_).
    - COUNT: (integer) The amount of PCI devices of type ALIAS to be assigned
      to a guest.
+
+Secure Boot
+    When your Compute services use the Hyper-V hypervisor, you can enable
+    secure boot for Windows and Linux instances.
+
+    .. code:: console
+
+       $ openstack flavor set FLAVOR-NAME \
+            --property os:secure_boot=SECURE_BOOT_OPTION
+
+    Valid ``SECURE_BOOT_OPTION`` values are:
+
+    -  ``required``: Enable Secure Boot for instances running with this
+       flavor.
+    -  ``disabled`` or ``optional``: (default) Disable Secure Boot for
+       instances running with this flavor.
--- a/doc/cli-reference/source/glance-property-keys.rst
+++ b/doc/cli-reference/source/glance-property-keys.rst
@ -161,6 +161,12 @@ For example:
     - Secure Boot is a security standard. When the instance starts,
       Secure Boot first examines software such as firmware and OS by their
       signature and only allows them to run if the signatures are valid.
+
+       For Hyper-V: Images must be prepared as Generation 2 VMs. Instance must
+       also contain ``hw_machine_type=hyperv-gen2`` image property. Linux
+       guests will also require bootloader's digital signature provided as
+       ``os_secure_boot_signature`` and
+       ``hypervisor_version_requires'>=10.0'`` image properties.
     - * ``required`` - Enable the Secure Boot feature.
       * ``disabled`` or ``optional`` - (default) Disable the Secure Boot
         feature.