Hi Piotr,Is there any way to get this debug info (or xml dump) from CloudStack, what it is creating versus what ends up in virsh? I think I have configured everything correctly1. cloudstack uefi enabled in database for host
(host.uefi.enable)2. host agent has uefi.properties with all paths configured (snippet below based Ubuntu 20.04.3)3. instance is configured for UEFI (tried both legacy and secure
boot)uefi.properties==========guest.nvram.template.secure=/usr/share/OVMF/OVMF_VARS.fdguest.nvram.template.legacy=/usr/share/OVMF/OVMF_VARS.fdguest.loader.secure=/usr/share/OVMF/OVMF_CODE.secboot.fdguest.loader.legacy=/usr/share/OVMF/OVMF_CODE.fdguest.nvram.path=/var/lib/libvirt/qemu/nvram/sudo
ls -lh /usr/share/OVMF/====================-rw-r--r-- 1 root root 1.9M Sep 20 13:11 OVMF_CODE.fdlrwxrwxrwx 1 root root 20 Sep 20 13:11 OVMF_CODE.ms.fd -> OVMF_CODE.secboot.fd-rw-r--r-- 1 root root 1.9M Sep 20 13:11
OVMF_CODE.secboot.fd-rw-r--r-- 1 root root 128K Sep 20 13:11 OVMF_VARS.fd-rw-r--r-- 1 root root 128K Sep 20 13:11 OVMF_VARS.ms.fd-rw-r--r-- 1 root root 128K Sep 20 13:11 OVMF_VARS.snakeoil.fdsyslog=====java[47841]: INFO
[kvm.resource.LibvirtComputingResource] (main:) (logid:) uefi.properties file found at /etc/cloudstack/agent/uefi.properties java[47841]: INFO [kvm.resource.LibvirtComputingResource] (main:) (logid:) guest.nvram.template.legacy =
/usr/share/OVMF/OVMF_VARS.fdjava[47841]: INFO [kvm.resource.LibvirtComputingResource] (main:) (logid:) guest.loader.legacy = /usr/share/OVMF/OVMF_CODE.fdjava[47841]: INFO [kvm.resource.LibvirtComputingResource] (main:) (logid:)
guest.nvram.template.secure = /usr/share/OVMF/OVMF_VARS.fdjava[47841]: INFO [kvm.resource.LibvirtComputingResource] (main:) (logid:) guest.loader.secure =/usr/share/OVMF/OVMF_CODE.secboot.fdjava[47841]: INFO
[kvm.resource.LibvirtComputingResource] (main:) (logid:) guest.nvram.path = /var/lib/libvirt/qemu/nvram/-PieterOn 17 Dec 2021, at 16:15, Piotr Pisz <pi...@piszki.pl> wrote:Hi Pieter,I have just checked, everything works as
expected, maybe you have something wrongly configured, check according to this:https://lab.piszki.pl/cloudstack-vm-with-vtpm-and-secure-boot-uefi/Regards,PiotrFrom: Pieter Harvey <pieter.har...@icloud.com.INVALID> Sent:
Friday, December 17, 2021 4:11 PMTo: "users@cloudstack.apache.org" <users@cloudstack.apache.org>Subject: UEFI on KVM silently becomes BIOS modeHello,Maybe it's something wrong with CloudStack, maybe it's my brain
but I have an issue regarding UEFI on CloudStack (4.16) + KVM (Ubuntu 20.04)1. CloudStack Compute node is running, and can boot machines configured as UEFI in the GUI (secure or legacy).2. When the machine is booted, I check the
virsh xml config on the host and noticed that the machine is still in BIOS mode, even though CloudStack "thinks" it has deployed a fresh UEFI enabled instance.I have configured uefi.properties on the agent and the host
is UEFI enabled in CloudStack but this is the config snippet of a deployed machine<os><type arch='x86_64' machine='pc-q35-4.2'>hvm</type><boot dev='cdrom'/><boot dev='hd'/><smbios
mode='sysinfo'/></os>However what I am expecting to see is: <os firmware="efi"><type arch='x86_64' machine='pc-q35-4.2'>hvm</type><loader secure="yes"/><boot
dev='cdrom'/><boot dev='hd'/><smbios mode='sysinfo'/></os>So CloudStack has changed the default machine type from 440fx to q35 but no mention of UEFI or secureboot options in the output XML.Any tips to get
UEFI and possibly secure boot fully working?- Pieter
