Confidential computing

AMD Secure Encrypted Virtualization (SEV)

FEATURE STATE: KubeVirt v0.49.0 (experimental support)

Secure Encrypted Virtualization (SEV) is a feature of AMD’s EPYC CPUs that allows the memory of a virtual machine to be encrypted on the fly.

KubeVirt supports running confidential VMs on AMD EPYC hardware with SEV feature.

Preconditions

In order to run an SEV guest the following condition must be met:

  • WorkloadEncryptionSEV feature gate must be enabled.
  • The guest must support UEFI boot
  • SecureBoot must be disabled for the guest VM

Running an SEV guest

SEV memory encryption can be requested by setting the spec.domain.launchSecurity.sev element in the VMI definition:

  1. apiVersion: kubevirt.io/v1
  2. kind: VirtualMachineInstance
  3. metadata:
  4.   labels:
  5.     special: vmi-fedora
  6.   name: vmi-fedora
  7. spec:
  8.   domain:
  9.     launchSecurity:
  10.       sev: {}
  11.     firmware:
  12.       bootloader:
  13.         efi:
  14.           secureBoot: false
  15.     devices:
  16.       disks:
  17.       - disk:
  18.           bus: virtio
  19.         name: containerdisk
  20.       - disk:
  21.           bus: virtio
  22.         name: cloudinitdisk
  23.       rng: {}
  24.     resources:
  25.       requests:
  26.         memory: 1024M
  27.   terminationGracePeriodSeconds: 0
  28.   volumes:
  29.   - containerDisk:
  30.       image: registry:5000/kubevirt/fedora-with-test-tooling-container-disk:devel
  31.     name: containerdisk
  32.   - cloudInitNoCloud:
  33.       userData: |-
  34.         #cloud-config
  35.         password: fedora
  36.         chpasswd: { expire: False }
  37.     name: cloudinitdisk

Current limitations

  • SEV-encrypted VMs cannot contain directly-accessible host devices (that is, PCI passthrough)
  • Live Migration is not supported
  • The VMs are not attested