Setup SNP on the RHEL host #15
Conversation
docs/snp.md
Outdated
| @@ -51,6 +52,11 @@ Download the script and add the execute permission: | |||
| wget https://github.com/amd/sev-utils/raw/main/tools/snp.sh | |||
| chmod +x snp.sh | |||
| ``` | |||
| For RHEL OS distribution, export the following environment variables for using your RHEL subscription manager credentials for installing the package dependencies: | |||
There was a problem hiding this comment.
This shouldn't be necessary. If you're installing packages on the host, let it error out if subscription manager isn't enabled.
There was a problem hiding this comment.
Done, I removed this portion
There was a problem hiding this comment.
I still see the variables and method to register the subscription manager.
tools/snp.sh
Outdated
| @@ -90,6 +90,10 @@ QEMU_CMDLINE_FILE="${QEMU_CMDLINE:-${LAUNCH_WORKING_DIR}/qemu.cmdline}" | |||
| IMAGE="${IMAGE:-${LAUNCH_WORKING_DIR}/${GUEST_NAME}.img}" | |||
| GENERATED_INITRD_BIN="${SETUP_WORKING_DIR}/initrd.img" | |||
|
|
|||
| # Redhat Sensitive Credentials -- User must specify, no default value set | |||
There was a problem hiding this comment.
See docs comment. Shouldn't be needed.
There was a problem hiding this comment.
Done, I removed this line
tools/snp.sh
Outdated
| @@ -214,7 +215,41 @@ install_sev_snp_measure() { | |||
| pip install sev-snp-measure==${SEV_SNP_MEASURE_VERSION} | |||
| } | |||
|
|
|||
| install_dependencies() { | |||
| check_if_redhat_credentials_set(){ | |||
There was a problem hiding this comment.
Instead, maybe have a function to check if the subscription manager is registered and working before proceeding.
There was a problem hiding this comment.
Created check_rhel_subscription_mgr_status() to check the status, if status is in unregister keyterms, then register RHEL subscription with the given RHEL env variables
tools/snp.sh
Outdated
| #sudo apt install -y nasm | ||
|
|
||
| # Remove any default nasm package | ||
| sudo apt purge nasm |
There was a problem hiding this comment.
Removed this line as this works on fresh os image
tools/snp.sh
Outdated
| @@ -268,10 +319,110 @@ install_dependencies() { | |||
|
|
|||
| # pip needed for sev-snp-measure | |||
| sudo apt install -y python3-pip | |||
| } | |||
|
|
|||
| check_if_redhat_credentials_set(){ | |||
There was a problem hiding this comment.
Do you have this method twice?
There was a problem hiding this comment.
Done.. I cleaned this portion
tools/snp.sh
Outdated
| # genisoimage utility supported until RedHat version 8 | ||
| # For genisoimage utility support in RedHat 9, using epel | ||
| sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm | ||
| sudo dnf install -y genisoimage |
There was a problem hiding this comment.
we need to avoid adding a repo (esp epel) unless completely necessary. Let's try to resolve this to an existing package. If not, I'll help you find a solution.
There was a problem hiding this comment.
Right now removing genisoimage from this PR (RHEL setup host PR) as this package is used in the launch-guest process..
I will update further dependencies for the SNP guest launch in the future PR
| } | ||
|
|
||
|
|
There was a problem hiding this comment.
Done.. I cleaned this up
tools/snp.sh
Outdated
| @@ -1113,6 +1264,7 @@ main() { | |||
| ;; | |||
|
|
|||
| setup-host) | |||
| identify_linux_distribution_type | |||
There was a problem hiding this comment.
Maybe we run this, only when needed?
There was a problem hiding this comment.
Done.. I updated this
tools/snp.sh
Outdated
| AMDSEV_URL="https://github.com/ryansavino/AMDSEV.git" | ||
| AMDSEV_DEFAULT_BRANCH="snp-latest-fixes" | ||
| AMDSEV_URL="https://github.com/LakshmiSaiHarika/AMDSEV.git" | ||
| AMDSEV_DEFAULT_BRANCH="rhel-snp-latest-fixes" |
There was a problem hiding this comment.
what changes here? If not too involved maybe we can merge into my existing fork.
There was a problem hiding this comment.
AMDESE changes: In your fork, I added few fixes fir RHEL in build and install script
I raised a PR (below link) to merge in your AMDESE fork:
ryansavino/amdese-amdsev#1
tools/snp.sh
Outdated
| @@ -465,6 +465,28 @@ set_grub_default_snp() { | |||
| sudo update-grub | |||
| } | |||
|
|
|||
| grubby_to_set_grub_default_snp(){ | |||
There was a problem hiding this comment.
Removed grubby from this script
Modified RHEL grub configuration and reloaded settings in "rhel_set_grub_default_snp"
LakshmiSaiHarika
force-pushed
the
rhel-changes
branch
from
a70f31b
to
9873fe7
Compare
LakshmiSaiHarika
force-pushed
the
rhel-changes
branch
from
9873fe7
to
27be224
Compare
tools/snp.sh
Outdated
| rhel) | ||
| LINUX_TYPE='rhel' | ||
|
|
||
| if [[ "$UPM" = false ]]; then |
There was a problem hiding this comment.
This check doesn't belong here. You can run a similar failure case outside this function somewhere if you want to make sure rhel doesn't proceed.
Missing break for rhel case.
indent under each category.
docs/snp.md
Outdated
| @@ -51,6 +52,11 @@ Download the script and add the execute permission: | |||
| wget https://github.com/amd/sev-utils/raw/main/tools/snp.sh | |||
| chmod +x snp.sh | |||
| ``` | |||
| For RHEL OS distribution, export the following environment variables for using your RHEL subscription manager credentials for installing the package dependencies: | |||
There was a problem hiding this comment.
I still see the variables and method to register the subscription manager.
Added RHEL 9.4 OS as one of the tested OS distribution for sev-utils Signed-off-by: Harika Nittala <lnittala@amd.com>
LakshmiSaiHarika
force-pushed
the
rhel-changes
branch
from
27be224
to
b54dd14
Compare
| AMDSEV_URL="https://github.com/ryansavino/AMDSEV.git" | ||
| AMDSEV_DEFAULT_BRANCH="snp-latest-fixes" | ||
| AMDSEV_URL="https://github.com/LakshmiSaiHarika/AMDSEV.git" | ||
| AMDSEV_DEFAULT_BRANCH="rhel-setup-host" |
There was a problem hiding this comment.
@ryansavino Please review and merge my PR for adding minor RHEL fixes into your AMDESE fork
PR link: here
Renamed old install_dependencies feature to ubuntu_install_dependencies Updated install_dependencies to perform installation of dependencies based on identified linux distribution and their package manager command Signed-off-by: Harika Nittala <lnittala@amd.com>
Removed ubuntu nasm package uninstallation step from the nasm source installation process Signed-off-by: Harika Nittala <lnittala@amd.com>
…build Added RHEL dependencies to build the SNP kernel rpm package for the host and guest Signed-off-by: Harika Nittala <lnittala@amd.com>
Generalized set_default_grub_menu across various OS distribution Renamed ubuntu_set_default_grub_menu to set specific default ubuntu grub menu to the built SNP kernel Added a function to set the RHEL default grub menu to the built SNP kernel Signed-off-by: Harika Nittala <lnittala@amd.com>
Modified AMDSEV URL to add RHEL fixes for the latest SNP kernel patches, qemu build on the RHEL OS Requested code merge into ryan's latest fix issues branch for the updated AMD_SEV_URL in sev-utils Signed-off-by: Harika Nittala <lnittala@amd.com>
LakshmiSaiHarika
force-pushed
the
rhel-changes
branch
from
b54dd14
to
876b7f7
Compare
Updated snp.sh to install dependencies, build SNP latest kernel package and set the default grub menu to the SNP latest kernel version in RHEL (Tested this on RHEL 9.4)