Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support confidential computing instance type configuration #1402

Open
bgartzi opened this issue Jan 20, 2025 · 1 comment · May be fixed by #1410
Open

Support confidential computing instance type configuration #1402

bgartzi opened this issue Jan 20, 2025 · 1 comment · May be fixed by #1410
Assignees
@bgartzi
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@bgartzi
Copy link

bgartzi commented Jan 20, 2025

/kind feature

Describe the solution you'd like
Apart from enabling/disabling confidential computing, GCP allows determining the confidential instance type (sev/sev-snp/tdx) see the docs.
As a user, I'd like to specify the type of confidential computing technology backing the confidential nodes provisioned in a cluster.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
compute API behavior:

  • Setting the compute ConfidentialInstanceConfig's EnableConfidentialCompute field to True will set the type to SEV on machines that support it (backward compatibility). (I'm not sure about c3d machines, I have to test that yet).
  • Setting EnableConfidentialCompute=True on any machine type that supports other technology that isn't SEV (tdx for example) will raise an error.
  • Setting any supported value to ConfidentialInstanceType in ConfidentialInstanceConfig will override EnableConfidentialCompute=False, and will instead provision a confidential VM of the specified type.
@k8s-ci-robot k8s-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Jan 20, 2025
@bgartzi
Copy link
Author

bgartzi commented Jan 20, 2025

/assign

@bgartzi bgartzi linked a pull request Jan 23, 2025 that will close this issue
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bgartzi bgartzi

Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support SEV_SNP instance type configuration bgartzi/cluster-api-provider-gcp
2 participants
@k8s-ci-robot @bgartzi