mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-03 20:01:01 -05:00
eee2df9723
Signed-off-by: Benedict Schlueter <bs@edgeless.systems> Co-authored-by: Daniel Weiße <dw@edgeless.systems>
318 lines
7.0 KiB
Go
318 lines
7.0 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package main
|
|
|
|
import (
|
|
"libvirt.org/go/libvirtxml"
|
|
)
|
|
|
|
var (
|
|
libvirtImagePath = "/var/lib/libvirt/images/"
|
|
baseDiskName = "constellation-measurement"
|
|
stateDiskName = "constellation-measurement-state"
|
|
bootDiskName = "constellation-measurement-boot"
|
|
diskPoolName = "constellation-measurement-pool"
|
|
domainName = "constellation-measurement-vm"
|
|
networkName = "constellation-measurement-net"
|
|
|
|
networkXMLConfig = libvirtxml.Network{
|
|
Name: networkName,
|
|
Forward: &libvirtxml.NetworkForward{
|
|
Mode: "nat",
|
|
NAT: &libvirtxml.NetworkForwardNAT{
|
|
Ports: []libvirtxml.NetworkForwardNATPort{
|
|
{
|
|
Start: 1024,
|
|
End: 65535,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
Bridge: &libvirtxml.NetworkBridge{
|
|
Name: "virbr1",
|
|
STP: "on",
|
|
Delay: "0",
|
|
},
|
|
DNS: &libvirtxml.NetworkDNS{
|
|
Enable: "yes",
|
|
},
|
|
IPs: []libvirtxml.NetworkIP{
|
|
{
|
|
Family: "ipv4",
|
|
Address: "10.42.0.1",
|
|
Prefix: 16,
|
|
DHCP: &libvirtxml.NetworkDHCP{
|
|
Ranges: []libvirtxml.NetworkDHCPRange{
|
|
{
|
|
Start: "10.42.0.2",
|
|
End: "10.42.255.254",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
poolXMLConfig = libvirtxml.StoragePool{
|
|
Name: diskPoolName,
|
|
Type: "dir",
|
|
Source: &libvirtxml.StoragePoolSource{},
|
|
Target: &libvirtxml.StoragePoolTarget{
|
|
Path: libvirtImagePath,
|
|
Permissions: &libvirtxml.StoragePoolTargetPermissions{
|
|
Owner: "0",
|
|
Group: "0",
|
|
Mode: "0711",
|
|
},
|
|
},
|
|
}
|
|
volumeBootXMLConfig = libvirtxml.StorageVolume{
|
|
Type: "file",
|
|
Name: bootDiskName,
|
|
Target: &libvirtxml.StorageVolumeTarget{
|
|
Path: libvirtImagePath + bootDiskName,
|
|
Format: &libvirtxml.StorageVolumeTargetFormat{
|
|
Type: "qcow2",
|
|
},
|
|
},
|
|
BackingStore: &libvirtxml.StorageVolumeBackingStore{
|
|
Path: libvirtImagePath + baseDiskName,
|
|
Format: &libvirtxml.StorageVolumeTargetFormat{},
|
|
},
|
|
Capacity: &libvirtxml.StorageVolumeSize{
|
|
Unit: "GiB",
|
|
Value: uint64(10),
|
|
},
|
|
}
|
|
|
|
volumeBaseXMLConfig = libvirtxml.StorageVolume{
|
|
Type: "file",
|
|
Name: baseDiskName,
|
|
Target: &libvirtxml.StorageVolumeTarget{
|
|
Path: libvirtImagePath + baseDiskName,
|
|
Format: &libvirtxml.StorageVolumeTargetFormat{
|
|
Type: "qcow2",
|
|
},
|
|
},
|
|
Capacity: &libvirtxml.StorageVolumeSize{
|
|
Unit: "GiB",
|
|
Value: uint64(10),
|
|
},
|
|
}
|
|
|
|
volumeStateXMLConfig = libvirtxml.StorageVolume{
|
|
Type: "file",
|
|
Name: stateDiskName,
|
|
Target: &libvirtxml.StorageVolumeTarget{
|
|
Path: libvirtImagePath + stateDiskName,
|
|
Format: &libvirtxml.StorageVolumeTargetFormat{
|
|
Type: "qcow2",
|
|
},
|
|
},
|
|
Capacity: &libvirtxml.StorageVolumeSize{
|
|
Unit: "GiB",
|
|
Value: uint64(10),
|
|
},
|
|
}
|
|
|
|
port = uint(0)
|
|
domainXMLConfig = libvirtxml.Domain{
|
|
Title: "measurement-VM",
|
|
Name: domainName,
|
|
Type: "kvm",
|
|
Memory: &libvirtxml.DomainMemory{
|
|
Value: 2,
|
|
Unit: "GiB",
|
|
},
|
|
Resource: &libvirtxml.DomainResource{
|
|
Partition: "/machine",
|
|
},
|
|
VCPU: &libvirtxml.DomainVCPU{
|
|
Placement: "static",
|
|
Current: 2,
|
|
Value: 2,
|
|
},
|
|
CPU: &libvirtxml.DomainCPU{
|
|
Mode: "custom",
|
|
Model: &libvirtxml.DomainCPUModel{
|
|
Fallback: "forbid",
|
|
Value: "qemu64",
|
|
},
|
|
Features: []libvirtxml.DomainCPUFeature{
|
|
{
|
|
Policy: "require",
|
|
Name: "x2apic",
|
|
},
|
|
{
|
|
Policy: "require",
|
|
Name: "hypervisor",
|
|
},
|
|
{
|
|
Policy: "require",
|
|
Name: "lahf_lm",
|
|
},
|
|
{
|
|
Policy: "disable",
|
|
Name: "svm",
|
|
},
|
|
},
|
|
},
|
|
Features: &libvirtxml.DomainFeatureList{
|
|
ACPI: &libvirtxml.DomainFeature{},
|
|
PAE: &libvirtxml.DomainFeature{},
|
|
SMM: &libvirtxml.DomainFeatureSMM{
|
|
State: "on",
|
|
},
|
|
APIC: &libvirtxml.DomainFeatureAPIC{},
|
|
},
|
|
|
|
OS: &libvirtxml.DomainOS{
|
|
// If Firmware is set, Loader and NVRam will be chosen automatically
|
|
Firmware: "efi",
|
|
Type: &libvirtxml.DomainOSType{
|
|
Arch: "x86_64",
|
|
Machine: "q35",
|
|
Type: "hvm",
|
|
},
|
|
BootDevices: []libvirtxml.DomainBootDevice{
|
|
{
|
|
Dev: "hd",
|
|
},
|
|
},
|
|
},
|
|
Devices: &libvirtxml.DomainDeviceList{
|
|
Emulator: "/usr/bin/qemu-system-x86_64",
|
|
Disks: []libvirtxml.DomainDisk{
|
|
{
|
|
Device: "disk",
|
|
Driver: &libvirtxml.DomainDiskDriver{
|
|
Name: "qemu",
|
|
Type: "qcow2",
|
|
},
|
|
Target: &libvirtxml.DomainDiskTarget{
|
|
Dev: "sda",
|
|
Bus: "scsi",
|
|
},
|
|
Source: &libvirtxml.DomainDiskSource{
|
|
Index: 2,
|
|
Volume: &libvirtxml.DomainDiskSourceVolume{
|
|
Pool: diskPoolName,
|
|
Volume: bootDiskName,
|
|
},
|
|
},
|
|
},
|
|
{
|
|
Device: "disk",
|
|
Driver: &libvirtxml.DomainDiskDriver{
|
|
Name: "qemu",
|
|
},
|
|
Target: &libvirtxml.DomainDiskTarget{
|
|
Dev: "vda",
|
|
Bus: "virtio",
|
|
},
|
|
Source: &libvirtxml.DomainDiskSource{
|
|
Index: 1,
|
|
Volume: &libvirtxml.DomainDiskSourceVolume{
|
|
Pool: diskPoolName,
|
|
Volume: stateDiskName,
|
|
},
|
|
},
|
|
Alias: &libvirtxml.DomainAlias{
|
|
Name: "virtio-disk1",
|
|
},
|
|
},
|
|
},
|
|
Controllers: []libvirtxml.DomainController{
|
|
{
|
|
Type: "scsi",
|
|
Model: "virtio-scsi",
|
|
},
|
|
},
|
|
TPMs: []libvirtxml.DomainTPM{
|
|
{
|
|
Model: "tpm-tis",
|
|
Backend: &libvirtxml.DomainTPMBackend{
|
|
Emulator: &libvirtxml.DomainTPMBackendEmulator{
|
|
Version: "2.0",
|
|
ActivePCRBanks: &libvirtxml.DomainTPMBackendPCRBanks{
|
|
SHA1: &libvirtxml.DomainTPMBackendPCRBank{},
|
|
SHA256: &libvirtxml.DomainTPMBackendPCRBank{},
|
|
SHA384: &libvirtxml.DomainTPMBackendPCRBank{},
|
|
SHA512: &libvirtxml.DomainTPMBackendPCRBank{},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
Interfaces: []libvirtxml.DomainInterface{
|
|
{
|
|
Model: &libvirtxml.DomainInterfaceModel{
|
|
Type: "virtio",
|
|
},
|
|
Source: &libvirtxml.DomainInterfaceSource{
|
|
Network: &libvirtxml.DomainInterfaceSourceNetwork{
|
|
Network: networkName,
|
|
Bridge: "virbr1",
|
|
},
|
|
},
|
|
Alias: &libvirtxml.DomainAlias{
|
|
Name: "net0",
|
|
},
|
|
},
|
|
},
|
|
Serials: []libvirtxml.DomainSerial{
|
|
{
|
|
Source: &libvirtxml.DomainChardevSource{
|
|
Pty: &libvirtxml.DomainChardevSourcePty{
|
|
Path: "/dev/pts/4",
|
|
},
|
|
},
|
|
Target: &libvirtxml.DomainSerialTarget{
|
|
Type: "isa-serial",
|
|
Port: &port,
|
|
Model: &libvirtxml.DomainSerialTargetModel{
|
|
Name: "isa-serial",
|
|
},
|
|
},
|
|
Log: &libvirtxml.DomainChardevLog{
|
|
File: "/tmp/libvirt.log",
|
|
},
|
|
},
|
|
},
|
|
Consoles: []libvirtxml.DomainConsole{
|
|
{
|
|
TTY: "/dev/pts/4",
|
|
Source: &libvirtxml.DomainChardevSource{
|
|
Pty: &libvirtxml.DomainChardevSourcePty{
|
|
Path: "/dev/pts/4",
|
|
},
|
|
},
|
|
Target: &libvirtxml.DomainConsoleTarget{
|
|
Type: "serial",
|
|
Port: &port,
|
|
},
|
|
},
|
|
},
|
|
RNGs: []libvirtxml.DomainRNG{
|
|
{
|
|
Model: "virtio",
|
|
Backend: &libvirtxml.DomainRNGBackend{
|
|
Random: &libvirtxml.DomainRNGBackendRandom{
|
|
Device: "/dev/urandom",
|
|
},
|
|
},
|
|
Alias: &libvirtxml.DomainAlias{
|
|
Name: "rng0",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
OnPoweroff: "destroy",
|
|
OnCrash: "destroy",
|
|
OnReboot: "restart",
|
|
}
|
|
)
|