cgwalters · March 9, 2020 14:00
diff --git a/gistfile1.txt b/gistfile1.txt
 ```
 diff --git a/data/data/gcp/main.tf b/data/data/gcp/main.tf
 index ec683906e..9268f5244 100644
 --- a/data/data/gcp/main.tf
 +++ b/data/data/gcp/main.tf
 @@ -98,4 +98,6 @@ resource "google_compute_image" "cluster" {
   raw_disk {
     source = var.gcp_image_uri
   }
 +
 +  licenses = var.gcp_image_licenses
 }
 diff --git a/pkg/asset/cluster/tfvars.go b/pkg/asset/cluster/tfvars.go
 index c68961165..d18442f59 100644
 --- a/pkg/asset/cluster/tfvars.go
 +++ b/pkg/asset/cluster/tfvars.go
 @@ -279,6 +279,13 @@ func (t *TerraformVariables) Generate(parents asset.Parents) error {
 			ServiceAccount: string(sess.Credentials.JSON),
 		}
 
 +		// See https://github.com/coreos/coreos-assembler/blob/master/doc/openshift-gcp-nested-virt.md
 +		// and https://cloud.google.com/compute/docs/instances/enable-nested-virtualization-vm-instances
 +		licenses := []string{}
 +		if _, nestedvirt := os.LookupEnv("OPENSHIFT_INSTALL_OS_IMAGE_GCP_ENABLE_NESTED_VIRT"); nestedvirt {
 +			licenses = append(licenses, "https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx")
 +		}
 +
 		masters, err := mastersAsset.Machines()
 		if err != nil {
 			return err
 @@ -306,6 +313,7 @@ func (t *TerraformVariables) Generate(parents asset.Parents) error {
 				MasterConfigs:      masterConfigs,
 				WorkerConfigs:      workerConfigs,
 				ImageURI:           string(*rhcosImage),
 +				ImageLicenses:      licenses,
 				PublicZoneName:     publicZoneName,
 				PublishStrategy:    installConfig.Config.Publish,
 				PreexistingNetwork: preexistingnetwork,
 diff --git a/pkg/tfvars/gcp/gcp.go b/pkg/tfvars/gcp/gcp.go
 index ae24722f7..01bd7c554 100644
 --- a/pkg/tfvars/gcp/gcp.go
 +++ b/pkg/tfvars/gcp/gcp.go
 @@ -21,6 +21,7 @@ type config struct {
 	MasterInstanceType      string   `json:"gcp_master_instance_type,omitempty"`
 	MasterAvailabilityZones []string `json:"gcp_master_availability_zones"`
 	ImageURI                string   `json:"gcp_image_uri,omitempty"`
 +	ImageLicenses           []string `json:"gcp_image_licenses,omitempty"`
 	VolumeType              string   `json:"gcp_master_root_volume_type"`
 	VolumeSize              int64    `json:"gcp_master_root_volume_size"`
 	PublicZoneName          string   `json:"gcp_public_dns_zone_name,omitempty"`
 @@ -35,6 +36,7 @@ type config struct {
 type TFVarsSources struct {
 	Auth               Auth
 	ImageURI           string
 +	ImageLicenses      []string `json:"gcp_image_licenses,omitempty"`
 	MasterConfigs      []*gcpprovider.GCPMachineProviderSpec
 	WorkerConfigs      []*gcpprovider.GCPMachineProviderSpec
 	PublicZoneName     string
 @@ -59,6 +61,7 @@ func TFVars(sources TFVarsSources) ([]byte, error) {
 		VolumeType:              masterConfig.Disks[0].Type,
 		VolumeSize:              masterConfig.Disks[0].SizeGb,
 		ImageURI:                sources.ImageURI,
 +		ImageLicenses:           sources.ImageLicenses,
 		PublicZoneName:          sources.PublicZoneName,
 		PublishStrategy:         string(sources.PublishStrategy),
 		ClusterNetwork:          masterConfig.NetworkInterfaces[0].Network,
 ```
	```
	diff --git a/data/data/gcp/main.tf b/data/data/gcp/main.tf
	index ec683906e..9268f5244 100644
	--- a/data/data/gcp/main.tf
	+++ b/data/data/gcp/main.tf
	@@ -98,4 +98,6 @@ resource "google_compute_image" "cluster" {
	raw_disk {
	source = var.gcp_image_uri
	}
	+
	+ licenses = var.gcp_image_licenses
	}
	diff --git a/pkg/asset/cluster/tfvars.go b/pkg/asset/cluster/tfvars.go
	index c68961165..d18442f59 100644
	--- a/pkg/asset/cluster/tfvars.go
	+++ b/pkg/asset/cluster/tfvars.go
	@@ -279,6 +279,13 @@ func (t *TerraformVariables) Generate(parents asset.Parents) error {
	ServiceAccount: string(sess.Credentials.JSON),
	}

	+ // See https://github.com/coreos/coreos-assembler/blob/master/doc/openshift-gcp-nested-virt.md
	+ // and https://cloud.google.com/compute/docs/instances/enable-nested-virtualization-vm-instances
	+ licenses := []string{}
	+ if _, nestedvirt := os.LookupEnv("OPENSHIFT_INSTALL_OS_IMAGE_GCP_ENABLE_NESTED_VIRT"); nestedvirt {
	+ licenses = append(licenses, "https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx")
	+ }
	+
	masters, err := mastersAsset.Machines()
	if err != nil {
	return err
	@@ -306,6 +313,7 @@ func (t *TerraformVariables) Generate(parents asset.Parents) error {
	MasterConfigs: masterConfigs,
	WorkerConfigs: workerConfigs,
	ImageURI: string(*rhcosImage),
	+ ImageLicenses: licenses,
	PublicZoneName: publicZoneName,
	PublishStrategy: installConfig.Config.Publish,
	PreexistingNetwork: preexistingnetwork,
	diff --git a/pkg/tfvars/gcp/gcp.go b/pkg/tfvars/gcp/gcp.go
	index ae24722f7..01bd7c554 100644
	--- a/pkg/tfvars/gcp/gcp.go
	+++ b/pkg/tfvars/gcp/gcp.go
	@@ -21,6 +21,7 @@ type config struct {
	MasterInstanceType string `json:"gcp_master_instance_type,omitempty"`
	MasterAvailabilityZones []string `json:"gcp_master_availability_zones"`
	ImageURI string `json:"gcp_image_uri,omitempty"`
	+ ImageLicenses []string `json:"gcp_image_licenses,omitempty"`
	VolumeType string `json:"gcp_master_root_volume_type"`
	VolumeSize int64 `json:"gcp_master_root_volume_size"`
	PublicZoneName string `json:"gcp_public_dns_zone_name,omitempty"`
	@@ -35,6 +36,7 @@ type config struct {
	type TFVarsSources struct {
	Auth Auth
	ImageURI string
	+ ImageLicenses []string `json:"gcp_image_licenses,omitempty"`
	MasterConfigs []*gcpprovider.GCPMachineProviderSpec
	WorkerConfigs []*gcpprovider.GCPMachineProviderSpec
	PublicZoneName string
	@@ -59,6 +61,7 @@ func TFVars(sources TFVarsSources) ([]byte, error) {
	VolumeType: masterConfig.Disks[0].Type,
	VolumeSize: masterConfig.Disks[0].SizeGb,
	ImageURI: sources.ImageURI,
	+ ImageLicenses: sources.ImageLicenses,
	PublicZoneName: sources.PublicZoneName,
	PublishStrategy: string(sources.PublishStrategy),
	ClusterNetwork: masterConfig.NetworkInterfaces[0].Network,
	```