Cloned from launchpad blueprint https://blueprints.launchpad.net/nova/+spec/sriov-trusted-vfs. Description: A new kernel feature allows Virtual Functions to become "trusted" by the Physical Function and perform some privileged operations, such as enabling VF promiscuous mode and changing VF MAC address within the guest. The inability to modify mac addresses in the guest prevents the users from being able to easily setup up two VFs in a fail-over bond in a guest. This spec aims to suggest a way for users to boot instances with trusted VFs. Specification URL (additional information): None
Nir can we get a lucky volunteer from the networking team to take a look over the current iteration of the spec (we intend to re-submit for Pike): https://review.openstack.org/#/c/397932/ Vladik is interested in feedback on whether this will make sense from a Neutron POV.
Upstream patches: https://review.openstack.org/#/q/topic:bp/sriov-trusted-vfs
New spec proposed for Queens
Spec re-proposed for Rocky: https://review.openstack.org/#/c/485522/
Patches merged upstream https://review.openstack.org/#/q/status:merged+project:openstack/nova+branch:master+topic:bp/sriov-trusted-vfs
For the tests you need to configure pci/passtrhough_whitelist with trusted=true [pci] passthrough_whitelist = {"devname": "eth0", "trusted": "true", "physical_network": "phys0"} Then you need to create a port that is asking for a trusted VF device: neutron port-create <net-id> --name sriov_port --vnic-type direct --binding:profile type=dict trusted=true Finally starting the instance using the port created. The guest should start successfully and the vf assigned should indicate that trusted mode is active. using "ip link show eth" on host.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2019:0045