[RFE] Baremetal provisioning using UEFI secure boot mode

Bug #1526755 reported by Vladyslav Drok on 2015-12-16
4
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ironic
In Progress
Wishlist
Tuan

Bug Description

For the some of the enterprise customers, it is important that all the software components they use are digitally signed.
For such customers, even the deploy image used for provisioning baremetal needs to be signed and provisioning should happen in UEFI secure boot mode wherein the deploy ramdisk gets validated for its digital signatures.

To cater to such customers Ironic, should support baremetal provisioning using UEFI secure boot environment.

Vladyslav Drok (vdrok) on 2015-12-16
Changed in ironic:
status: New → Confirmed
importance: Undecided → Wishlist
tags: added: rfe
Vladyslav Drok (vdrok) wrote :

Copy of whiteboard:

Gerrit topic: https://review.openstack.org/#q,topic:bp/secure-baremetal-deploy-in-uefi,n,z

Addressed by: https://review.openstack.org/231927
    Baremetal provisioning in UEFI secure boot mode for iLO drivers

Changed in ironic:
assignee: nobody → Shivanand Tendulker (stendulker)
Changed in ironic:
status: Confirmed → In Progress
tags: added: needs-spece
tags: added: needs-spec
removed: needs-spece
Changed in ironic:
assignee: Shivanand Tendulker (stendulker) → Tuan (tuanla)

Change abandoned by Shivanand Tendulker (<email address hidden>) on branch: master
Review: https://review.opendev.org/230274

Change abandoned by Shivanand Tendulker (<email address hidden>) on branch: master
Review: https://review.opendev.org/231927

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers