From 861efa052943e2eb1054577a0f18eb4a2b146e9e Mon Sep 17 00:00:00 2001 From: Jaromir Hradilek Date: Thu, 13 Feb 2025 18:54:58 +0100 Subject: [PATCH] CNV-47151: Added information about vTPM device snapshots --- modules/virt-about-vtpm-devices.adoc | 7 +++---- .../creating_vms_advanced_web/virt-cloning-vms.adoc | 7 ++++++- virt/managing_vms/virt-using-vtpm-devices.adoc | 6 ++++++ 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/modules/virt-about-vtpm-devices.adoc b/modules/virt-about-vtpm-devices.adoc index 3e95fcf7aa..46d926fd1b 100644 --- a/modules/virt-about-vtpm-devices.adoc +++ b/modules/virt-about-vtpm-devices.adoc @@ -8,14 +8,10 @@ A virtual Trusted Platform Module (vTPM) device functions like a physical Trusted Platform Module (TPM) hardware chip. - You can use a vTPM device with any operating system, but Windows 11 requires the presence of a TPM chip to install or boot. A vTPM device allows VMs created from a Windows 11 image to function without a physical TPM chip. -If you do not enable vTPM, then the VM does not recognize a TPM device, even if -the node has one. - A vTPM device also protects virtual machines by storing secrets without physical hardware. {VirtProductName} supports persisting vTPM device state by using Persistent Volume Claims (PVCs) for VMs. You must specify the storage class to be used by the PVC by setting the `vmStateStorageClass` attribute in the `HyperConverged` custom resource (CR): [source,yaml] @@ -29,3 +25,6 @@ spec: # ... ---- +If you do not enable vTPM, then the VM does not recognize a TPM device, even if +the node has one. + diff --git a/virt/creating_vms_advanced/creating_vms_advanced_web/virt-cloning-vms.adoc b/virt/creating_vms_advanced/creating_vms_advanced_web/virt-cloning-vms.adoc index 095458da75..6afd2f6f0c 100644 --- a/virt/creating_vms_advanced/creating_vms_advanced_web/virt-cloning-vms.adoc +++ b/virt/creating_vms_advanced/creating_vms_advanced_web/virt-cloning-vms.adoc @@ -8,6 +8,11 @@ toc::[] You can clone virtual machines (VMs) or create new VMs from snapshots. +[IMPORTANT] +==== +Cloning a VM with a vTPM device attached to it or creating a new VM from its snapshot is not supported. +==== + include::modules/virt-cloning-vm-web.adoc[leveloffset=+1] include::modules/virt-creating-vm-from-snapshot-web.adoc[leveloffset=+1] @@ -16,4 +21,4 @@ include::modules/virt-creating-vm-from-snapshot-web.adoc[leveloffset=+1] [id="additional-resources_{context}"] == Additional resources -* xref:../../../virt/creating_vms_advanced/creating_vms_cli/virt-creating-vms-by-cloning-pvcs.adoc#virt-creating-vms-by-cloning-pvcs[Creating VMs by cloning PVCs] \ No newline at end of file +* xref:../../../virt/creating_vms_advanced/creating_vms_cli/virt-creating-vms-by-cloning-pvcs.adoc#virt-creating-vms-by-cloning-pvcs[Creating VMs by cloning PVCs] diff --git a/virt/managing_vms/virt-using-vtpm-devices.adoc b/virt/managing_vms/virt-using-vtpm-devices.adoc index b2692c0ddf..ff6903043e 100644 --- a/virt/managing_vms/virt-using-vtpm-devices.adoc +++ b/virt/managing_vms/virt-using-vtpm-devices.adoc @@ -10,5 +10,11 @@ Add a virtual Trusted Platform Module (vTPM) device to a new or existing virtual machine by editing the `VirtualMachine` (VM) or `VirtualMachineInstance` (VMI) manifest. +[IMPORTANT] +==== +With {VirtProductName} 4.18 and newer, you can xref:../../virt/managing_vms/virt-exporting-vms.adoc#virt-exporting-vms[export virtual machines] (VMs) with attached vTPM devices, xref:../../virt/backup_restore/virt-backup-restore-snapshots.adoc#creating-snapshots_virt-backup-restore-snapshots[create snapshots of these VMs], and xref:../../virt/backup_restore/virt-backup-restore-snapshots.adoc#restoring-vms-from-snapshots_virt-backup-restore-snapshots[restore VMs from these snapshots]. However, cloning a VM with a vTPM device attached to it or creating a new VM from its snapshot is not supported. +==== + include::modules/virt-about-vtpm-devices.adoc[leveloffset=+1] + include::modules/virt-adding-vtpm-to-vm.adoc[leveloffset=+1]