Merge "Added the ability to configuring white list of PCI devices"
diff --git a/.gitreview b/.gitreview
new file mode 100644
index 0000000..c3b59b4
--- /dev/null
+++ b/.gitreview
@@ -0,0 +1,4 @@
+[gerrit]
+host=gerrit.mcp.mirantis.com
+port=29418
+project=salt-formulas/nova.git
diff --git a/README.rst b/README.rst
index ff0ce8d..0184a83 100644
--- a/README.rst
+++ b/README.rst
@@ -326,6 +326,9 @@
name: "a1"
product_id: "154d"
vendor_id: "8086"
+ passthrough_whitelist:
+ - vendor_id: "10de"
+ product_id: "1db4"
network:
engine: neutron
host: 127.0.0.1
@@ -482,7 +485,7 @@
barbican:
enabled: true
-Define aliases for PCI devices:
+Define aliases for a PCI passthrough devices:
.. code-block:: yaml
nova:
@@ -496,6 +499,17 @@
product_id: "154d"
vendor_id: "8086"
+Define white list of PCI devices available to VMs:
+.. code-block:: yaml
+
+ nova:
+ compute:
+ ...
+ pci:
+ passthrough_whitelist:
+ - vendor_id: "10de"
+ product_id: "1db4"
+
Nova metadata custom bindings:
.. code-block:: yaml
diff --git a/nova/files/ocata/nova-compute.conf.Debian b/nova/files/ocata/nova-compute.conf.Debian
index 585db21..13be77c 100644
--- a/nova/files/ocata/nova-compute.conf.Debian
+++ b/nova/files/ocata/nova-compute.conf.Debian
@@ -8343,6 +8343,13 @@
{%- endfor %}
{%- endif %}
+{%- if compute.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in compute.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
+
+
[placement]
#
diff --git a/nova/files/ocata/nova-controller.conf.Debian b/nova/files/ocata/nova-controller.conf.Debian
index 3d6736e..cfb4a1d 100644
--- a/nova/files/ocata/nova-controller.conf.Debian
+++ b/nova/files/ocata/nova-controller.conf.Debian
@@ -8315,6 +8315,11 @@
# (multi valued)
# Deprecated group/name - [DEFAULT]/pci_passthrough_whitelist
#passthrough_whitelist =
+{%- if controller.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in controller.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
[placement]
diff --git a/nova/files/pike/nova-compute.conf.Debian b/nova/files/pike/nova-compute.conf.Debian
index 38f8ca6..1dbc3d3 100644
--- a/nova/files/pike/nova-compute.conf.Debian
+++ b/nova/files/pike/nova-compute.conf.Debian
@@ -8546,6 +8546,13 @@
{%- endfor %}
{%- endif %}
+{%- if compute.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in compute.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
+
+
[placement]
#
diff --git a/nova/files/pike/nova-controller.conf.Debian b/nova/files/pike/nova-controller.conf.Debian
index b9a3c5a..3df6b0d 100644
--- a/nova/files/pike/nova-controller.conf.Debian
+++ b/nova/files/pike/nova-controller.conf.Debian
@@ -8529,6 +8529,11 @@
# (multi valued)
# Deprecated group/name - [DEFAULT]/pci_passthrough_whitelist
#passthrough_whitelist =
+{%- if controller.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in controller.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
[placement]
diff --git a/nova/files/queens/nova-compute.conf.Debian b/nova/files/queens/nova-compute.conf.Debian
index 59714d3..a056170 100644
--- a/nova/files/queens/nova-compute.conf.Debian
+++ b/nova/files/queens/nova-compute.conf.Debian
@@ -8238,6 +8238,13 @@
{%- endfor %}
{%- endif %}
+{%- if compute.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in compute.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
+
+
[placement]
#
diff --git a/nova/files/queens/nova-controller.conf.Debian b/nova/files/queens/nova-controller.conf.Debian
index 5114380..e38313e 100644
--- a/nova/files/queens/nova-controller.conf.Debian
+++ b/nova/files/queens/nova-controller.conf.Debian
@@ -8099,6 +8099,13 @@
{%- endfor %}
{%- endif %}
+{%- if controller.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in controller.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
+
+
[placement]
{%- set _data = controller.identity %}
diff --git a/nova/files/rocky/nova-compute.conf.Debian b/nova/files/rocky/nova-compute.conf.Debian
index a0b9fea..4621588 100644
--- a/nova/files/rocky/nova-compute.conf.Debian
+++ b/nova/files/rocky/nova-compute.conf.Debian
@@ -7442,6 +7442,12 @@
{%- endfor %}
{%- endif %}
+{%- if compute.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in compute.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
+
[placement]
diff --git a/nova/files/rocky/nova-controller.conf.Debian b/nova/files/rocky/nova-controller.conf.Debian
index 421f7ec..bbb411f 100644
--- a/nova/files/rocky/nova-controller.conf.Debian
+++ b/nova/files/rocky/nova-controller.conf.Debian
@@ -7263,6 +7263,12 @@
{%- endfor %}
{%- endif %}
+{%- if controller.get('pci', {}).get('passthrough_whitelist', false) %}
+ {%- for item in controller.pci.passthrough_whitelist %}
+passthrough_whitelist = {{ item | json }}
+ {%- endfor %}
+{%- endif %}
+
[placement]