vTPM: add vm settings

Author: weizhouapache

source/_static/images/vm-settings-kvm-guest-cpu-model.png

@@ -40,6 +40,11 @@ An overview of the procedure is as follows:
    For more information, see `“Creating
    instances” <virtual_machines.html#creating-instances>`_.
 
+#. Add Virtual TPM device to the instance.
+
+   For more information, see `“Instance Settings for Virtual Trusted Platform Module (vTPM)
+   ” <virtual_machines.html#instance-settings-for-virtual-trusted-platform-module-vtpm>`_.
+
 #. Follow the steps in Sysprep for Windows Server 2008 R2 (below) or
    Sysprep for Windows Server 2003 R2, depending on your version of
    Windows Server

source/_static/images/vm-settings-uefi-secure.png

@@ -1000,6 +1000,34 @@ An example list of settings as well as their possible values are shown on the im
 |vm-settings-values-dropdown-KVM-list.png|
 (KVM disk controllers)
 
+|vm-settings-kvm-guest-cpu-model.png|
+(KVM guest CPU model, available for root admin since 4.20.1.0)
+
+Instance Settings for Virtual Trusted Platform Module (vTPM)
+-----------------------------
+
+Trusted Platform Module (TPM) is a standard for a secure cryptoprocessor, which
+can securely store artifacts used to authenticate the platform, including passwords,
+certificates, or encryption keys. TPM is required by recent Windows releases.
+
+Virtual Trusted Platform Module (vTPM) is the software-based representation of physical TPM.
+CloudStack supports vTPM for instances running on KVM and VMware since 4.20.1.0 .
+
+|vm-settings-uefi-secure.png|
+The boot type and boot mode must be set to UEFI and SECURE.
+
+|vm-settings-virtual-tpm-model-kvm.png|
+TPM model for KVM. There are two options:
+- tpm-tis, TIS means TPM Interface Specification; 
+- tpm-crb, CRB means Command-Response Buffer.
+
+|vm-settings-virtual-tpm-version-kvm.png|
+TPM version for KVM. There are two options:
+- 2.0. This is the default TPM version, which is used when version is not specified or invalid.
+- 1.2.
+
+|vm-settings-virtual-tpm-enabled-vmware.png|
+Enable vTPM or not for VMware.
 
 Instance Snapshots
 ==================
@@ -1612,6 +1640,16 @@ Instance disk statistics are shown in the Metrics tab in an individual volume vi
    :alt: List of possible VMware NIC models
 .. |vm-settings-values-dropdown-KVM-list.png| image:: /_static/images/vm-settings-values-dropdown-KVM-list.png
    :alt: List of possible KVM disk controllers
+.. |vm-settings-kvm-guest-cpu-model.png| image:: /_static/images/vm-settings-kvm-guest-cpu-model.png
+   :alt: List of possible KVM guest CPU models
+.. |vm-settings-uefi-secure.png| image:: /_static/images/vm-settings-uefi-secure.png
+   :alt: Set boot type to UEFI and mode to SECURE
+.. |vm-settings-virtual-tpm-model-kvm.png| image:: /_static/images/vm-settings-virtual-tpm-model-kvm.png
+   :alt: List of TPM models for KVM
+.. |vm-settings-virtual-tpm-version-kvm.png| image:: /_static/images/vm-settings-virtual-tpm-version-kvm.png
+   :alt: List of TPM versions for KVM
+.. |vm-settings-virtual-tpm-enabled-vmware.png| image:: /_static/images/vm-settings-virtual-tpm-enabled-vmware.png
+   :alt: Enable vTPM or not for VMware
 .. |vm-metrics-ui.png| image:: /_static/images/vm-metrics-ui.png
    :alt: VM metrics UI
 .. |vm-disk-metrics-ui.png| image:: /_static/images/vm-disk-metrics-ui.png