summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Polenchuk <mpolenchuk@mirantis.com>2019-03-04 12:49:58 +0400
committerMichael Polenchuk <mpolenchuk@mirantis.com>2019-03-04 18:46:48 +0400
commitae600003290b3454e32cac9df696f0227951b0fa (patch)
treee2deb03102a0a819978a05587ba6d7d0b7269dd8
parent4e4b7928649577beed448004acb9ed5f33700301 (diff)
Turn off meltdown/spectre patches
Change-Id: Id75ffe4db808a4ec250ba8b86c5d49f1206c3784 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml3
-rw-r--r--mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml3
4 files changed, 12 insertions, 0 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
index 349d4f1c8..22d62c578 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
@@ -41,6 +41,9 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - nospec_store_bypass_disable
+ - noibrs
+ - noibpb
sysctl:
net.ipv4.ip_forward: 0
libvirt:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
index 0416d26db..bed9bf05c 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
@@ -68,6 +68,9 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - nospec_store_bypass_disable
+ - noibrs
+ - noibpb
neutron:
gateway:
vlan_aware_vms: true
diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
index 9709dfad2..cefed963e 100644
--- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
@@ -41,6 +41,9 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - nospec_store_bypass_disable
+ - noibrs
+ - noibpb
- intel_iommu=on
- iommu=pt
- nohz_full=${linux:system:kernel:isolcpu}
diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
index 3fbec1bcd..2dfe0370d 100644
--- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
+++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
@@ -48,6 +48,9 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - nospec_store_bypass_disable
+ - noibrs
+ - noibpb
- intel_iommu=on
- iommu=pt
- nohz_full=${linux:system:kernel:isolcpu}