diff --git a/apis/v1beta1/types.go b/apis/v1beta1/types.go index 3f8c38b4d2..21cad58f31 100644 --- a/apis/v1beta1/types.go +++ b/apis/v1beta1/types.go @@ -216,6 +216,27 @@ type VirtualMachineCloneSpec struct { // +listMapKey=name // +kubebuilder:validation:MaxItems=29 DataDisks []VSphereDisk `json:"dataDisks,omitempty"` + // nestedHV controls nested hardware-assisted virtualization. + // Defaults to the eponymous property value in the template from which the + // virtual machine is cloned. + // Check the compatibility with the ESXi version before setting the value. + // +optional + // +kubebuilder:validation:Enum=enabled;disabled + NestedHV string `json:"nestedHV,omitempty"` + // ftEncryptionMode is the encrypted fault tolerance mode. + // Defaults to the eponymous property value in the template from which the + // virtual machine is cloned. + // Check the compatibility with the ESXi version before setting the value. + // +optional + // +kubebuilder:validation:Enum=ftEncryptionDisabled;ftEncryptionOpportunistic;ftEncryptionRequired + FtEncryptionMode string `json:"ftEncryptionMode,omitempty"` + // migrateEncryption is the encrypted vMotion mode. + // Defaults to the eponymous property value in the template from which the + // virtual machine is cloned. + // Check the compatibility with the ESXi version before setting the value. + // +optional + // +kubebuilder:validation:Enum=disabled;opportunistic;required + MigrateEncryption string `json:"migrateEncryption,omitempty"` } // VirtualMachineResources is the definition of the VM's cpu and memory diff --git a/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachines.yaml b/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachines.yaml index 2abe5db911..2828db6496 100644 --- a/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachines.yaml +++ b/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachines.yaml @@ -152,6 +152,17 @@ spec: Folder is the name, inventory path, managed object reference or the managed object ID of the folder in which the virtual machine is created/located. type: string + ftEncryptionMode: + description: |- + ftEncryptionMode is the encrypted fault tolerance mode. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - ftEncryptionDisabled + - ftEncryptionOpportunistic + - ftEncryptionRequired + type: string guestSoftPowerOffTimeout: description: |- GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. @@ -176,6 +187,17 @@ spec: virtual machine is cloned. format: int64 type: integer + migrateEncryption: + description: |- + migrateEncryption is the encrypted vMotion mode. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - disabled + - opportunistic + - required + type: string namingStrategy: description: NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM. @@ -198,6 +220,16 @@ spec: so we highly recommend to use a template which leads to a name shorter than 63 characters. type: string type: object + nestedHV: + description: |- + nestedHV controls nested hardware-assisted virtualization. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - enabled + - disabled + type: string network: description: Network is the network configuration for this machine's VM. diff --git a/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachinetemplates.yaml b/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachinetemplates.yaml index dce89eb86b..422615e0a9 100644 --- a/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachinetemplates.yaml +++ b/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspheremachinetemplates.yaml @@ -163,6 +163,17 @@ spec: Folder is the name, inventory path, managed object reference or the managed object ID of the folder in which the virtual machine is created/located. type: string + ftEncryptionMode: + description: |- + ftEncryptionMode is the encrypted fault tolerance mode. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - ftEncryptionDisabled + - ftEncryptionOpportunistic + - ftEncryptionRequired + type: string guestSoftPowerOffTimeout: description: |- GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. @@ -187,6 +198,17 @@ spec: virtual machine is cloned. format: int64 type: integer + migrateEncryption: + description: |- + migrateEncryption is the encrypted vMotion mode. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - disabled + - opportunistic + - required + type: string namingStrategy: description: NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM. @@ -209,6 +231,16 @@ spec: so we highly recommend to use a template which leads to a name shorter than 63 characters. type: string type: object + nestedHV: + description: |- + nestedHV controls nested hardware-assisted virtualization. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - enabled + - disabled + type: string network: description: Network is the network configuration for this machine's VM. diff --git a/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspherevms.yaml b/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspherevms.yaml index 9151886ed1..8872d63e88 100644 --- a/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspherevms.yaml +++ b/config/default/crd/bases/infrastructure.cluster.x-k8s.io_vspherevms.yaml @@ -179,6 +179,17 @@ spec: Folder is the name, inventory path, managed object reference or the managed object ID of the folder in which the virtual machine is created/located. type: string + ftEncryptionMode: + description: |- + ftEncryptionMode is the encrypted fault tolerance mode. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - ftEncryptionDisabled + - ftEncryptionOpportunistic + - ftEncryptionRequired + type: string guestSoftPowerOffTimeout: description: |- GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. @@ -203,6 +214,27 @@ spec: virtual machine is cloned. format: int64 type: integer + migrateEncryption: + description: |- + migrateEncryption is the encrypted vMotion mode. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - disabled + - opportunistic + - required + type: string + nestedHV: + description: |- + nestedHV controls nested hardware-assisted virtualization. + Defaults to the eponymous property value in the template from which the + virtual machine is cloned. + Check the compatibility with the ESXi version before setting the value. + enum: + - enabled + - disabled + type: string network: description: Network is the network configuration for this machine's VM. diff --git a/pkg/services/govmomi/vcenter/clone.go b/pkg/services/govmomi/vcenter/clone.go index 19cd1636ff..fa75c8329b 100644 --- a/pkg/services/govmomi/vcenter/clone.go +++ b/pkg/services/govmomi/vcenter/clone.go @@ -365,6 +365,19 @@ func Clone(ctx context.Context, vmCtx *capvcontext.VMContext, bootstrapData []by spec.Location.Disk = getDiskLocators(disks, *datastoreRef, isLinkedClone) spec.Location.Datastore = datastoreRef + switch vmCtx.VSphereVM.Spec.NestedHV { + case "enabled": + spec.Config.NestedHVEnabled = ptr.To(true) + case "disabled": + spec.Config.NestedHVEnabled = ptr.To(false) + } + if vmCtx.VSphereVM.Spec.FtEncryptionMode != "" { + spec.Config.FtEncryptionMode = vmCtx.VSphereVM.Spec.FtEncryptionMode + } + if vmCtx.VSphereVM.Spec.MigrateEncryption != "" { + spec.Config.FtEncryptionMode = vmCtx.VSphereVM.Spec.MigrateEncryption + } + log.Info(fmt.Sprintf("Cloning Machine with clone mode %s", vmCtx.VSphereVM.Status.CloneMode)) task, err := tpl.Clone(ctx, folder, vmCtx.VSphereVM.Name, spec) if err != nil {