From abf52420a4cd94bdc688a11f8af52885bd85d8b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Tue, 21 May 2024 10:26:39 +0200 Subject: [PATCH] runtime: tdx: Allow default_{cpu,memory} annotations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For now, let's allow the users to set the default_cpu and default_memory when using TDX, as they may hit issues related to the size of the container image that must be pulled and unpacked inside the guest, Signed-off-by: Fabiano FidĂȘncio --- src/runtime/Makefile | 2 ++ src/runtime/config/configuration-qemu-tdx.toml.in | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/runtime/Makefile b/src/runtime/Makefile index d7f058c3e..0e565bd4e 100644 --- a/src/runtime/Makefile +++ b/src/runtime/Makefile @@ -219,6 +219,7 @@ DEFMAXMEMSZ := 0 #Default number of bridges DEFBRIDGES := 1 DEFENABLEANNOTATIONS := [\"enable_iommu\", \"virtio_fs_extra_args\", \"kernel_params\"] +DEFENABLEANNOTATIONSTEE := [\"enable_iommu\", \"virtio_fs_extra_args\", \"kernel_params\", \"default_vcpus\", \"default_memory\"] DEFDISABLEGUESTSECCOMP := true DEFDISABLEGUESTEMPTYDIR := false #Default experimental features enabled @@ -752,6 +753,7 @@ USER_VARS += DEFVIRTIOFSCACHE USER_VARS += DEFVIRTIOFSQUEUESIZE USER_VARS += DEFVIRTIOFSEXTRAARGS USER_VARS += DEFENABLEANNOTATIONS +USER_VARS += DEFENABLEANNOTATIONSTEE USER_VARS += DEFENABLEIOTHREADS USER_VARS += DEFSECCOMPSANDBOXPARAM USER_VARS += DEFENABLEVHOSTUSERSTORE diff --git a/src/runtime/config/configuration-qemu-tdx.toml.in b/src/runtime/config/configuration-qemu-tdx.toml.in index 34b34eb55..58d050e39 100644 --- a/src/runtime/config/configuration-qemu-tdx.toml.in +++ b/src/runtime/config/configuration-qemu-tdx.toml.in @@ -48,7 +48,7 @@ confidential_guest = true # List of valid annotation names for the hypervisor # Each member of the list is a regular expression, which is the base name # of the annotation, e.g. "path" for io.katacontainers.config.hypervisor.path" -enable_annotations = @DEFENABLEANNOTATIONS@ +enable_annotations = @DEFENABLEANNOTATIONSTEE@ # List of valid annotations values for the hypervisor # Each member of the list is a path pattern as described by glob(3).