From fdb091c2e7fdb169cf944b577447e4a6dcaa3226 Mon Sep 17 00:00:00 2001 From: Doug MacEachern Date: Tue, 5 Nov 2024 22:08:00 -0800 Subject: [PATCH] govc: add vm.change -migrate-encryption and -ft-encryption-mode options Fixes #3493 Signed-off-by: Doug MacEachern --- govc/USAGE.md | 2 ++ govc/test/vm.bats | 9 +++++++++ govc/vm/change.go | 9 ++++++++- simulator/virtual_machine.go | 2 ++ 4 files changed, 21 insertions(+), 1 deletion(-) diff --git a/govc/USAGE.md b/govc/USAGE.md index eb2f514ec..7b1459f80 100644 --- a/govc/USAGE.md +++ b/govc/USAGE.md @@ -6476,6 +6476,7 @@ Options: -cpu.shares= CPU shares level or number -e=[] ExtraConfig. = -f=[] ExtraConfig. = + -ft-encryption-mode= Encrypted fault tolerance mode (ftEncryptionDisabled|ftEncryptionOpportunistic|ftEncryptionRequired) -g= Guest OS -iommu-enabled= Enable IOMMU -latency= Latency sensitivity (low|normal|medium|high|custom) @@ -6486,6 +6487,7 @@ Options: -mem.shares= Memory shares level or number -memory-hot-add-enabled= Enable memory hot add -memory-pin= Reserve all guest memory + -migrate-encryption= Encrypted vMotion mode (disabled|opportunistic|required) -name= Display name -nested-hv-enabled= Enable nested hardware-assisted virtualization -scheduled-hw-upgrade-policy= Schedule hardware upgrade policy (never|onSoftPowerOff|always) diff --git a/govc/test/vm.bats b/govc/test/vm.bats index f84bbef7c..bc0d36a53 100755 --- a/govc/test/vm.bats +++ b/govc/test/vm.bats @@ -212,6 +212,15 @@ load test_helper run govc object.collect -s "vm/$id" config.managedBy assert_success "" + run govc vm.change -vm $id -migrate-encryption required -ft-encryption-mode ftEncryptionRequired + assert_success + + run govc collect -s "vm/$id" config.migrateEncryption + assert_success "required" + + run govc collect -s "vm/$id" config.FtEncryptionMode + assert_success "ftEncryptionRequired" + nid=$(new_id) run govc vm.change -name $nid -vm $id assert_success diff --git a/govc/vm/change.go b/govc/vm/change.go index 245e8186c..b11e837c6 100644 --- a/govc/vm/change.go +++ b/govc/vm/change.go @@ -103,7 +103,11 @@ func (cmd *change) setLatency() error { return fmt.Errorf("latency must be one of: %s", strings.Join(latencyLevels, "|")) } -var hwUpgradePolicies = types.ScheduledHardwareUpgradeInfoHardwareUpgradePolicy("").Strings() +var ( + hwUpgradePolicies = types.ScheduledHardwareUpgradeInfoHardwareUpgradePolicy("").Strings() + ftEncryptionModes = types.VirtualMachineConfigSpecEncryptedFtModes("").Strings() + migrateEncryptionModes = types.VirtualMachineConfigSpecEncryptedVMotionModes("").Strings() +) // setHwUpgradePolicy validates hwUpgradePolicy if set func (cmd *change) setHwUpgradePolicy() error { @@ -176,6 +180,9 @@ func (cmd *change) Register(ctx context.Context, f *flag.FlagSet) { f.Var(flags.NewOptionalBool(&cmd.Flags.VvtdEnabled), "iommu-enabled", "Enable IOMMU") f.StringVar(&cmd.hwUpgradePolicy, "scheduled-hw-upgrade-policy", "", fmt.Sprintf("Schedule hardware upgrade policy (%s)", strings.Join(hwUpgradePolicies, "|"))) + + f.StringVar(&cmd.FtEncryptionMode, "ft-encryption-mode", "", fmt.Sprintf("Encrypted fault tolerance mode (%s)", strings.Join(ftEncryptionModes, "|"))) + f.StringVar(&cmd.MigrateEncryption, "migrate-encryption", "", fmt.Sprintf("Encrypted vMotion mode (%s)", strings.Join(migrateEncryptionModes, "|"))) } func (cmd *change) Description() string { diff --git a/simulator/virtual_machine.go b/simulator/virtual_machine.go index 68f4528c8..7ca667f74 100644 --- a/simulator/virtual_machine.go +++ b/simulator/virtual_machine.go @@ -238,6 +238,8 @@ func (vm *VirtualMachine) apply(spec *types.VirtualMachineConfigSpec) { {spec.Files.SnapshotDirectory, &vm.Config.Files.SnapshotDirectory}, {spec.Files.SuspendDirectory, &vm.Config.Files.SuspendDirectory}, {spec.Files.LogDirectory, &vm.Config.Files.LogDirectory}, + {spec.FtEncryptionMode, &vm.Config.FtEncryptionMode}, + {spec.MigrateEncryption, &vm.Config.MigrateEncryption}, } for _, f := range apply {