aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-02-23 07:24:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

runtime: Adds annotations for SEV/kbs controls at the pod level

Browse Source 
Note: only for online-kbs configuration

Fixes #5782

Signed-off-by: Jim Cadden <jcadden@ibm.com>
This commit is contained in:
Jim Cadden
2022-11-30 12:03:35 -05:00
parent 4eb88d6a74
commit 4510aeaa91
5 changed files with 60 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/how-to/how-to-set-sandbox-config-kata.md
View File

@@ -94,6 +94,16 @@ There are several kinds of Kata configurations and they are listed below.
| `io.katacontainers.config.hypervisor.enable_guest_swap` | `boolean` | enable swap in the guest |
| `io.katacontainers.config.hypervisor.use_legacy_serial` | `boolean` | uses legacy serial device for guest's console (QEMU) |
## Confidential Computing Options
| Key | Value Type | Comments |
|-------| ----- | ----- |
| `io.katacontainers.config.pre_attestation.enabled"` | `bool` |
determines if SEV/-ES attestation is enabled |
| `io.katacontainers.config.pre_attestation.uri"` | `string` |
specify the location of the attestation server |
| `io.katacontainers.config.sev.policy"` | `uint32` |
specify the SEV guest policy |
## Container Options
| Key | Value Type | Comments |
|-------| ----- | ----- |