From 28ea9743e77b7750092f13742a9db5a095b6d57a Mon Sep 17 00:00:00 2001 From: Harika Nittala Date: Thu, 12 Dec 2024 22:40:05 +0000 Subject: [PATCH 1/4] Update snp docs to add --guest-name and --guest-port option usage Signed-off-by: Harika Nittala --- docs/snp.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/snp.md b/docs/snp.md index aac81d4..0986b5c 100644 --- a/docs/snp.md +++ b/docs/snp.md @@ -84,6 +84,12 @@ The `--non-upm` option can be specified with the above command if a non-upm vers of the kernel is desired. The `setup-host` command must be run with this same option if launching the guest with a non-upm kernel. +A user can launch separate SNP guests at the same time using unique guest name and guest qemu port. +A user can set guest name and guest port with the `--guest-name` option and `--guest-port` option while the launch of a separate SNP guest as follows: +``` +./snp.sh launch-guest --guest-name --guest-port +``` + Attest the guest using the following command: ``` ./snp.sh attest-guest @@ -105,6 +111,10 @@ All script created guests can be stopped by running the following command: ./snp.sh stop-guests ``` +User created SNP guest via guest-name option can be stopped with the `--guest-name` option as follows: +``` +./snp.sh stop-guests --guest-name +``` ## BYO Image The SNP script utility provides support for the user to provide their own image. From 8bda76d582f5f51d9a40e7c3b738e076c444cdb0 Mon Sep 17 00:00:00 2001 From: Harika Nittala Date: Thu, 12 Dec 2024 19:17:07 +0000 Subject: [PATCH 2/4] snp.sh: Use of --guest-name and --guest-port command option to launch a separate SNP guest This supports launch of various SNP Guests at the same time using unique guest name and guest qemu port. A separate SNP guest can be launched with the --guest-name and --guest-port command option as follows: ./snp.sh launch-guest --guest-name --guest-port Signed-off-by: Harika Nittala --- tools/snp.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tools/snp.sh b/tools/snp.sh index 61e836f..893fc10 100755 --- a/tools/snp.sh +++ b/tools/snp.sh @@ -117,6 +117,8 @@ usage() { >&2 echo " where OPTIONS are:" >&2 echo " -n|--non-upm Build AMDSEV non UPM kernel (sev-snp-devel)" >&2 echo " -i|--image Path to existing image file" + >&2 echo " -g-n|--guest-name Create a separate guest launch working directory" + >&2 echo " -g-p|--guest-port Set guest qemu port for networking" >&2 echo " -h|--help Usage information" return 1 @@ -1319,6 +1321,20 @@ main() { shift; shift ;; + -g-n|--guest-name) + GUEST_NAME="${2}" + LAUNCH_WORKING_DIR="${LAUNCH_WORKING_DIR}/${GUEST_NAME}" + GUEST_SSH_KEY_PATH="${LAUNCH_WORKING_DIR}/${GUEST_NAME}-key" + QEMU_CMDLINE_FILE="${LAUNCH_WORKING_DIR}/qemu.cmdline" + IMAGE="${LAUNCH_WORKING_DIR}/${GUEST_NAME}.img" + shift; shift + ;; + + -g-p|--guest-port) + HOST_SSH_PORT="${2}" + shift; shift + ;; + setup-host) COMMAND="setup-host" shift From 13ec06e929a111b4739c30b0f80976327d64454a Mon Sep 17 00:00:00 2001 From: Harika Nittala Date: Mon, 2 Dec 2024 23:58:49 +0000 Subject: [PATCH 3/4] snp.sh: snp-guest-key location and guest user name update Updated to show the correct details for the guest SSH access. Signed-off-by: Harika Nittala --- tools/snp.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/snp.sh b/tools/snp.sh index 893fc10..46e143a 100755 --- a/tools/snp.sh +++ b/tools/snp.sh @@ -1412,7 +1412,7 @@ main() { echo -e "Guest SSH port forwarded to host port: ${HOST_SSH_PORT}" echo -e "The guest is running in the background. Use the following command to access via SSH:" - echo -e "ssh -p ${HOST_SSH_PORT} -i ${LAUNCH_WORKING_DIR}/snp-guest-key amd@localhost" + echo -e "ssh -p ${HOST_SSH_PORT} -i ${GUEST_SSH_KEY_PATH} ${GUEST_USER}@localhost" ;; attest-guest) From 7edf7e183099630da6e91c36de062627787902dc Mon Sep 17 00:00:00 2001 From: Harika Nittala Date: Thu, 12 Dec 2024 22:01:00 +0000 Subject: [PATCH 4/4] snp.sh: Update ubuntu guest image download to optimize the guest creation process Updated the ubuntu guest download process to download it once and re-use the same image to quickly create multiple guests with the improved performance. Update of the guest image download structure in ubuntu also helps to easily add support for the same in the other OS linux distros. Signed-off-by: Harika Nittala --- tools/snp.sh | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/tools/snp.sh b/tools/snp.sh index 46e143a..452d4c5 100755 --- a/tools/snp.sh +++ b/tools/snp.sh @@ -98,6 +98,9 @@ SNPGUEST_URL="https://github.com/virtee/snpguest.git" SNPGUEST_BRANCH="tags/v0.8.0" NASM_SOURCE_TAR_URL="https://www.nasm.us/pub/nasm/releasebuilds/2.16.01/nasm-2.16.01.tar.gz" CLOUD_INIT_IMAGE_URL="https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img" +CLOUD_INIT_IMAGE_URL_UBUNTU="https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img" +IMAGE_BASENAME_UBUNTU=$(basename "${CLOUD_INIT_IMAGE_URL_UBUNTU}") +IMAGE_BASENAME="" DRACUT_TARBALL_URL="https://github.com/dracutdevs/dracut/archive/refs/tags/059.tar.gz" SEV_SNP_MEASURE_VERSION="0.0.11" @@ -503,6 +506,33 @@ generate_guest_ssh_keypair() { ssh-keygen -q -t ed25519 -N '' -f "${GUEST_SSH_KEY_PATH}" <<&2 echo -e "ERROR: ${linux_distro}" + return 1 + ;; + esac + + local base_launch_directory=${LAUNCH_WORKING_DIR//"/$GUEST_NAME"*/} + local base_guest_image=${base_launch_directory}/${IMAGE_BASENAME} + + # Download image if not present already + if [ ! -f ${base_guest_image} ]; then + wget "${CLOUD_INIT_IMAGE_URL}" -O ${base_guest_image} + fi + + # Copy image to launch directory + cp -v ${base_guest_image} "${IMAGE}" +} + cloud_init_create_data() { if [[ -f "${LAUNCH_WORKING_DIR}/${GUEST_NAME}-metadata.yaml" && \ -f "${LAUNCH_WORKING_DIR}/${GUEST_NAME}-user-data.yaml" && \ @@ -541,8 +571,8 @@ EOF "${LAUNCH_WORKING_DIR}/${GUEST_NAME}-user-data.yaml" \ "${LAUNCH_WORKING_DIR}/${GUEST_NAME}-metadata.yaml" - # Download ubuntu 20.04 and change name - wget "${CLOUD_INIT_IMAGE_URL}" -O "${IMAGE}" + # Download Guest Image from cloud init URL + download_guest_os_image } resize_guest() {