Spawning AArch64 VMs using salt.control.virt requires a few extra
domain configuration items to be configurable:
- libvirt xml: pass loader param to vm
Based on upstream commit [1].
- libvirt xml: pass virt machine type
- libvirt xml: pass cpu mode to vm
- virt module: Allow NVRAM unlinking on DOM undefine
UEFI-enabled VMs usually have pflash (NVRAM) devices attached,
which require one additional libvirt flag to be passed at 'undefine'.
This is usually the case for AArch64 (arm64) VMs, where AAVMF (AA64
UEFI) is the only supported guest bootloader.
[1] https://github.com/saltstack/salt/commit/9cace9adb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
* Salt minion is unable unencrypt the messages from master during boot
because of lack of entropy, throwing the exception:
File "/usr/lib/python2.7/dist-packages/salt/utils/rsax931.py", line 146, in sign
raise SSLError('Unable to encrypt message')
SSLError: Unable to encrypt message:
error:80064191:lib(128):osrandom_init:getrandom() initialization failed with EAGAIN. Most likely Kernel CPRNG is not se
error:80065190:lib(128):osrandom_rand_bytes:getrandom() initialization failed.
error:04088003:rsa routines:RSA_setup_blinding:BN lib
error:04066044:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:internal error
After node has been booted up, and /dev/random device collected some
extra entropy, salt-minion could start.
This patch configures libvirt vms to use /dev/urandom for faster
entropy regeneration
Change-Id: I470166b4424752d24ac4bb2cb87d9f99cd14752e
Co-Authored-By: Oleksandr Savatieiev <osavatieiev@mirantis.com>
Prod-Related: PROD-19711
[Fix] Doc
Issue: - It is not possible to pass [R]andom [N]umber [G]enerator
device to libvirt guest xml in order to control entropy.
- Doc has no information on how to provision vms using salt
Solution: - Pass rng parameters via kwargs from node: pillar
Attach rng xml object to generated xml.
- Provide with an example
Prod-Related: PROD-19214
Customer-Found
Change-Id: Iea111f2d927edf46f06bb7ccfad06d37b752fba9
The patch deletes deprecated cmd.run function which actually
was defined in salt 2016 as alias for cmd.shell therefore this
change supports backward compatibility.
Change-Id: I47eae0b8ee45ca1a1a9b3e8e544c893614573fda
Related-PROD: 17056
Do not change VCP disk profile globally, it causes to re-use
the properties from one node in another.
Change-Id: Iff98010c32c1060b50bc0ae040edb72108c57da1