coreos-assembler
coreos-assembler copied to clipboard
coreos
Support `AMD SEV-SNP` instances on GCP
Feature Request
Currently we can create AMD SEV type confidential instances and run tests on GCP using kola. See
https://github.com/coreos/coreos-assembler/pull/3474
We should also support AMD SEV-SNP type confidential instances on GCP. See https://github.com/coreos/coreos-assembler/pull/3547
Desired Feature
-
To create instances with
AMD SEV, add option--gcp-confidential-type sev -
To create instances with
AMD SEV-SNP, add option--gcp-confidential-type sev-snp
Other Information
To create instances with AMD SEV-SNP ,
- For gcloud command, should add
alphaand--confidential-compute-type=SEV_SNP, like this:
gcloud alpha compute instances create example-instance \
--confidential-compute-type=SEV_SNP \
...
- For api should contain
confidentialInstanceType,
...
"confidentialInstanceConfig": {
"confidentialInstanceType": "SEV_SNP"
}
The current api v1 is not yet supported for confidentialInstanceType , but in api alpha, should wait until it includes into v1.
@HuijingHei do we know if this statement is still the case today?
The current api v1 is not yet supported for
confidentialInstanceType, but in api alpha, should wait until it includes into v1.
@HuijingHei do we know if this statement is still the case today?
The current api v1 is not yet supported for
confidentialInstanceType, but in api alpha, should wait until it includes into v1.
Yes, no confidentialInstanceType in latest v1, but in v0.alpha, I have no idea if there is any plan to be included in v1
The latest v1 already includes ConfidentialInstanceType which supports "SEV_SNP", I think we can improve cosa to support it.