2010700 – BMC driver ipmi is not supported for secure UEFI boot in Dual stack deployment

Bug 2010700 - BMC driver ipmi is not supported for secure UEFI boot in Dual stack deployment

Summary: BMC driver ipmi is not supported for secure UEFI boot in Dual stack deployment

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Documentation
Sub Component:
Version:	4.8
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	John Wilkins
QA Contact:	Xiaoli Tian
Docs Contact:	Tomas 'Sheldon' Radej
URL:
Whiteboard:
Depends On:
Blocks:	2011893
TreeView+	depends on / blocked

Reported:	2021-10-05 11:34 UTC by Jatan Malde
Modified:	2024-12-20 21:18 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2011893 (view as bug list)
Environment:
Last Closed:	2021-11-02 15:58:21 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	6406631	0	None	None	None	2021-10-11 11:47:47 UTC

Description Jatan Malde 2021-10-05 11:34:22 UTC

Document URL: 

https://docs.openshift.com/container-platform/4.8/installing/installing_bare_metal_ipi/ipi-install-installation-workflow.html#configuring-managed-secure-boot-in-the-install-config-file_ipi-install-configuration-files

Section Number and Name: 

Configuring managed Secure Boot in the install-config.yaml file (optional)

Describe the issue: 

 The above documentation mentions an example of using ipmi driver along with UEFISecureBoot when Dual stack deployment is done for OpenShift IPI installation. 

 But when the ipmi driver is used for HP DL 360 Gen 10 with iLO5 machines, it gives the error as the ipmi driver is not supported for secure boot. 

 If the above is correct then the documentation should include the Note or example of the driver which is supported with secure boot. 

 Checking the attachment included in the bugzilla. 

Suggestions for improvement: 

Additional information:

Comment 2 Dmitry Tantsur 2021-10-05 13:16:33 UTC

Hi! This is correct, only Redfish-based drivers are supported now.

Comment 3 Dmitry Tantsur 2021-10-07 09:26:04 UTC

To elaborate: IPMI does not provide secure boot management facilities. All redfish based drivers (redfish, redfish-virtualmedia and idrac-virtualmedia) support it. I'm not 100% sure about the iRMC status: they have the related code in place, but the ball is on the Fujitsu's side on whether to support it.

Comment 4 John Wilkins 2021-10-13 05:26:30 UTC

https://github.com/openshift/openshift-docs/pull/37425

Comment 5 John Wilkins 2021-10-13 20:13:40 UTC

Verified and merged.

Note You need to log in before you can comment on or make changes to this bug.