Support Intel TDX instances on GCP
#1814
Labels
jira
for syncing to jira
status/pending-stable-release
Fixed upstream and in testing. Waiting on stable release.
Comments
bgartzi
added a commit
to bgartzi/coreos-assembler
that referenced
this issue
Jan 22, 2025
Previous work: coreos#3547 Previous work: coreos#3871 Fixes: coreos/fedora-coreos-tracker#1814 Fixes: https://issues.redhat.com/browse/COS-3111
bgartzi
added a commit
to bgartzi/coreos-assembler
that referenced
this issue
Jan 22, 2025
Previous work: coreos#3547 Previous work: coreos#3871 Fixes: coreos/fedora-coreos-tracker#1814 Fixes: https://issues.redhat.com/browse/COS-3111
|
Re-open for tests. |
|
Maybe click the wrong button? |
HuijingHei
added a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Feb 12, 2025
See coreos/fedora-coreos-tracker#1814 Use type `c3-standard-4` with only 1 disk that uses the NVMe interface, as Intel TDX `c3-standard-4-lssd` is not supported yet. (Refer to https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#limitations)
|
Add test coreos/fedora-coreos-config#3356, welcome to review, thanks! |
HuijingHei
added a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Feb 12, 2025
See coreos/fedora-coreos-tracker#1814 Use type `c3-standard-4` with only 1 disk that uses the NVMe interface, as Intel TDX `c3-standard-4-lssd` is not supported yet. (Refer to https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#limitations)
HuijingHei
added a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Feb 12, 2025
See coreos/fedora-coreos-tracker#1814 Use type `c3-standard-4` with only 1 disk that uses the NVMe interface, as Intel TDX `c3-standard-4-lssd` is not supported yet. (Refer to https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#limitations)
HuijingHei
added a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Feb 12, 2025
See coreos/fedora-coreos-tracker#1814 Use type `c3-standard-4` with only 1 disk that uses the NVMe interface, as Intel TDX `c3-standard-4-lssd` is not supported yet. (Refer to https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#limitations)
HuijingHei
added a commit
to coreos/fedora-coreos-config
that referenced
this issue
Feb 14, 2025
See coreos/fedora-coreos-tracker#1814 Use type `c3-standard-4` with only 1 disk that uses the NVMe interface, as Intel TDX `c3-standard-4-lssd` is not supported yet. (Refer to https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#limitations)
|
And the related pipeline config update coreos/fedora-coreos-pipeline#1092 |
HuijingHei
added a commit
to HuijingHei/fedora-coreos-pipeline
that referenced
this issue
Feb 14, 2025
Update config to run SNP test and add Intel TDX test. See: - test script coreos/fedora-coreos-config#3356 - tracker issue coreos/fedora-coreos-tracker#1814
|
Close this issue as done. |
dustymabe
added
status/pending-testing-release
|
The fix for this went into |
|
The fix for this went into |
marmijo
removed
status/pending-testing-release
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Google Cloud Platform supports "Confidential Compute Instances" which are run on Intel TDX hardware nodes, see https://cloud.google.com/blog/products/identity-security/rsa-google-intel-confidential-computing-more-secure.
In order to fully support this VM option, the images need to be marked as
TDX_CAPABLE.Check list:
TDX_CAPABLE.TDX_CAPABLEinstances in GCP.Related AMD SEV-SNP issue, see:
SEV_SNP_CAPABLEcoreos-assembler#3547AMD SEV-SNPconfidential instances coreos-assembler#3871 & mantle/platform/gcloud: fix confidential compute check coreos-assembler#3876The text was updated successfully, but these errors were encountered: