Windows 11: enable TPM and EFI persistence #611
Conversation
kubevirt-bot
added
the
release-note
kubevirt-bot
added
dco-signoff: yes
|
Thanks @ksimon1! |
|
@jean-edouard Do you want to enable this for Win 2k22 as well? See kubevirt/common-instancetypes#182 |
|
can anyone approve this? |
|
@acardace What about Win 2k22? For consistency it should be handled the same in common-templates and common-instancetypes. |
|
Right, sorry, adding the change to Win 2k22 now |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: 0xFelix The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
kubevirt-bot
added
the
approved
|
/retest |
2 similar comments
|
/retest |
|
/retest |
|
@jean-edouard it looks like the win11/2k22 VMs are failing because of this change |
|
/hold |
kubevirt-bot
added
the
do-not-merge/hold
|
I'd remove win2k22 from this PR, we just need to introduce this for win11, if needed we can open a separate pr for that. |
The Windows 11 template enables TPM and EFI, since both a required. However, they were both non-persistent by default, which means bitlocker won't work. Also, in recent versions of Windows 11, bitlocker requires both TPM and EFI to be persistent. This enables persistent EFI and TPM, which requires a RWO FS storage class to be present. Signed-off-by: Jed Lejosne <[email protected]>
Signed-off-by: Jed Lejosne <[email protected]>
Signed-off-by: Jed Lejosne <[email protected]>
jean-edouard
force-pushed
the
persistentwin11
branch
from
81d5255 to
64e2730
Compare
kubevirt-bot
added
size/S
and removed
lgtm
|
/retest |
2 similar comments
|
/retest |
|
/retest |
|
/lgtm |
|
/hold cancel |
kubevirt-bot
removed
the
do-not-merge/hold
|
@jean-edouard @ksimon1 does this need to backported to a release branch to have it in 4.17? |
|
https://github.com/kubevirt/common-templates/releases/tag/v0.30.0 |
|
/cherrypick release-v0.29 |
|
@fossedihelm: new pull request created: #639 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherrypick release-v0.27 |
|
@fossedihelm: new pull request created: #640 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherrypick release-v0.26 |
|
@fossedihelm: new pull request created: #641 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What this PR does / why we need it:
The Windows 11 template enables TPM and EFI, since both a required. However, they were both non-persistent by default, which means bitlocker won't work. Also, in recent versions of Windows 11, bitlocker requires both TPM and EFI to be persistent. This enables persistent EFI and TPM, which requires a RWO FS storage class to be present.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
Release note: