diff --git a/nodeinstaller/internal/kataconfig/config.go b/nodeinstaller/internal/kataconfig/config.go index 10afd752dd7..6d97d2e70cd 100644 --- a/nodeinstaller/internal/kataconfig/config.go +++ b/nodeinstaller/internal/kataconfig/config.go @@ -74,6 +74,10 @@ func KataRuntimeConfig( config.Agent["kata"]["enable_debug"] = true config.Agent["kata"]["debug_console_enabled"] = true config.Runtime["enable_debug"] = true + // Use legacy serial (ttyS0) instead of virtio console (hvc0) to capture + // early boot output from OVMF firmware. The console watcher reads this + // and logs it to the journal. + config.Hypervisor["qemu"]["use_legacy_serial"] = true } // For larger images, we've been running into timeouts in e2e tests. config.Agent["kata"]["dial_timeout"] = 120 diff --git a/overlays/sets/debug.nix b/overlays/sets/debug.nix index 1652d4304d0..d92f13a62d4 100644 --- a/overlays/sets/debug.nix +++ b/overlays/sets/debug.nix @@ -3,10 +3,19 @@ _final: prev: { contrastPkgs = prev.contrastPkgs.overrideScope ( - _final: prev: { - contrast = prev.contrast.overrideScope ( - _final: prev: { - node-installer-image = prev.node-installer-image.override { + contrastPkgsFinal: contrastPkgsPrev: { + # Build OVMF with debug output to serial port. + OVMF-SNP = contrastPkgsPrev.OVMF-SNP.override { + debug = true; + }; + OVMF-TDX = contrastPkgsPrev.OVMF-TDX.override { + debug = true; + }; + contrast = contrastPkgsPrev.contrast.overrideScope ( + _contrastFinal: contrastPrev: { + node-installer-image = contrastPrev.node-installer-image.override { + inherit (contrastPkgsFinal) OVMF-SNP; + inherit (contrastPkgsFinal) OVMF-TDX; withDebug = true; }; } diff --git a/packages/by-name/OVMF-SNP/package.nix b/packages/by-name/OVMF-SNP/package.nix index dc49ed57c25..ae5a7083480 100644 --- a/packages/by-name/OVMF-SNP/package.nix +++ b/packages/by-name/OVMF-SNP/package.nix @@ -3,13 +3,18 @@ { edk2, + lib, nasm, acpica-tools, + debug ? false, }: edk2.mkDerivation "OvmfPkg/AmdSev/AmdSevX64.dsc" { name = "OVMF-SNP"; + buildFlags = lib.optionals debug [ "-D DEBUG_ON_SERIAL_PORT=TRUE" ]; + buildConfig = if debug then "DEBUG" else "RELEASE"; + postPatch = '' touch OvmfPkg/AmdSev/Grub/grub.efi ''; diff --git a/packages/by-name/kata/runtime/package.nix b/packages/by-name/kata/runtime/package.nix index bc11e3864b8..48e9970e233 100644 --- a/packages/by-name/kata/runtime/package.nix +++ b/packages/by-name/kata/runtime/package.nix @@ -211,9 +211,17 @@ buildGoModule (finalAttrs: { "root=/dev/vda1" "rootflags=ro" "rootfstype=erofs" + ] + # In debug mode, use legacy serial (ttyS0) instead of virtio console (hvc0/hvc1) + # to capture OVMF firmware output via kata's console watcher. + # This must match use_legacy_serial=true set in kataconfig/config.go for debug. + ++ lib.optionals (!debug) [ "console=hvc0" "console=hvc1" ] + ++ lib.optionals debug [ + "console=ttyS0" + ] ++ lib.optionals debug [ "debug" "systemd.show_status=true"