Add uefi and a test secureboot option

2021-01-03 12:15:12 +00:00 · 2021-01-03 12:15:12 +00:00 · d6f57017bd
commit d6f57017bd
parent 57b430ca36
2 changed files with 23 additions and 7 deletions
--- a/configs/default.config
+++ b/configs/default.config
@ -9,9 +9,12 @@ storage_path="/var/lib/libvirt/maas-images"
 # Node prefix for all the nodes except for juju
 compute="maas-node"

-# The BIOS type you want to use for the VMs
-# Valid values "legacy", "uefi"
-bios_type=uefi
+# To enable or disable uEFI for VMs
+enable_uefi="true"
+
+# To enable secureboot for VMs
+# This in-advertantly enables uEFI
+enable_secureboot="false"

 # Juju node count and definition
 juju_count=1
--- a/manage-maas-nodes.sh
+++ b/manage-maas-nodes.sh
@ -236,6 +236,7 @@ build_vms() {
        # virt-install
        macaddr=()
        network_spec=""
+        extra_args=""

        # Based on the type of network we are using we will assign variables
        # such that this can be either bridge or network type
@ -305,6 +306,21 @@ build_vms() {
            continue
        fi

+        # For testing and WIP/POC
+        if [[ ${enable_secureboot} == "true" ]] ; then
+            extra_args+=" --boot loader_secure=yes"
+            #extra_args+=" --boot loader=/usr/share/OVMF/OVMF_CODE.secboot.fd"
+            #extra_args+=" --boot nvram_template=/usr/share/OVMF/OVMF_VARS.fd"
+            #extra_args+=" --boot loader_ro=yes"
+            #extra_args+=" --boot loader_type=pflash"
+            extra_args+=" --machine q35"
+            extra_args+=" --features smm=on"
+            enable_uefi="true"
+        fi
+
+        # Flags required to enable uEFI
+        [[ ${enable_uefi} == "true" ]] && extra_args+=" --boot uefi"
+
        # Creates the VM with all the attributes given
        virt-install -v --noautoconsole   \
            --print-xml                   \
@ -319,15 +335,12 @@ build_vms() {
            --graphics spice,clipboard_copypaste=no,mouse_mode=client,filetransfer_enable=off \
            --cpu host-passthrough,cache.mode=passthrough  \
            --controller "$stg_bus",model=virtio-scsi,index=0  \
-            $disk_spec \
+            $extra_args $disk_spec \
            $network_spec > "$virt_node.xml" &&

        # Create the Vm based on the XML file defined in the above command
        virsh define "$virt_node.xml"

-        # Start the VM
-        #virsh start "$virt_node" &
-
        # Call the maas_add_node function, this will add the node to MAAS
        maas_add_node ${virt_node} ${macaddr[0]} ${node_type} &