Description of problem:
The End goal is to be able to provision bare metal nodes over ipv6 with minimal Network infrastructure changes.
The final image on the machine may require secure boot.
Automatic configuration/selection of image should occur on Server Side  (ie Single client/bare metal box uri to find web server that the automatically provision correct image for this client).
URI should be TLS enabled, so we need to include certificate management stuff.

Initial Production target is HPE DL360 gen 10 running in UEFI.
We should use UEFI-http-boot over ipv6.
We would like to expand the provisioning system to be able to support libvirt based provisioning.
Initial Testing should use libvirt based VM for speed of testing before going to hardware based testing.

Here is the basic test environment for initial validation.

- Bare Metal Server running RHEL 8 with latest patches.  
 - This server would simulate Local ipv6 Router and Local/Remote provisioning infrastructure.
 - Static ipv6 networking with bridge setup  (to allow additional VM on same Network).
 - radvd configured to serve Router Advertisements if Network Router is not already doing so.
 - Hopefully RDNSS is configured in Router Advertisements, but solution should work even if RDNSS is not configured in Router Advertisements.
 - Web Server with iPXE menuing system configured 
 - We may configure dhcpv6 to make it easier to follow recipes for ueif-http-boot testing.
 - dhcpv6 can be turned down to show that you can do provisioning without dhcpv6.
 - Custom ipxe compiled from Source
  - We would need binaries and configuration that is not included in packaged ipxe.  
  - We would need UEFI ixpe binaries (also UEFI ipxe iso binary)
  - support for ipv6, remote syslog,debugging options, network debugging, certificate management commands, https support, custom embedded script support

- Bare Metal Server running RHEL 8 with latest patches.
 - This server would simulate client baremetal machines.
 - Static ipv6 networking with bridge setup.
 - kvm/libvirt with EDK II/UEFI Support

- VM's will be using Q35 with UEFI Firmware.

Suggested test flow for QE:
- Test booting/configuring VM via ipxe local boot, UEFI http boot.
- After we have validated a working ipxe and http boot setup.
- Add https, Trusted boot support
- Validate DL360 http-boot work against Server System.
- All test cases should be checked in VM only setup, so we can easily move debug if issues with DL360 gen 10 cases are Server or firmware problems.

Upstream bugs related to this RFE:
https://bugs.launchpad.net/tripleo/+bug/1830406 => Planed for OpenStack Train (OSP 16)
https://bugs.launchpad.net/tripleo/+bug/1754681 => Fixed in OpenStack Rocky (OSP 14)

Background Documentation:

https://github.com/tianocore/tianocore.github.io/wiki/HTTP-Boot
https://uefi.org/sites/default/files/resources/UEFI_Plugfest_Fall_2016_tianocore.pdf  (page 17)
https://software.intel.com/sites/default/files/managed/29/19/openSUSE_NetworkBootZeroTrust.pdf

https://edk2-docs.gitbooks.io/getting-started-with-uefi-https-boot-on-edk-ii/content/start_guide/configure_server_and_build_client.html

https://github.com/tianocore/tianocore.github.io/wiki/Configuring-PXE-Boot-Servers-for-UEFI

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00016376en_us  (epecially section HTTP Boot section)  -  Note that doing this all via Red Fish Virtual media will be bonus section.  Assume slaac on ilo and you have access to local switch to use anycast groups/mac address information on port (assume DL360 on known switch port) to figure out ipv6 address to access remote server via Red Fish.