Baremetal provisioning using UEFI secure boot mode

Registered by Shivanand Tendulker on 2015-09-30

For the some of the enterprise customers, it is important that all the software components they use are digitally signed.
For such customers, even the deploy image used for provisioning baremetal needs to be signed and provisioning should happen in UEFI secure boot mode wherein the deploy ramdisk gets validated for its digital signatures.

To cater to such customers Ironic, should support baremetal provisioning using UEFI secure boot environment.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Shivanand Tendulker
Direction:
Needs approval
Assignee:
Shivanand Tendulker
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/secure-baremetal-deploy-in-uefi,n,z

Addressed by: https://review.openstack.org/231927
    Baremetal provisioning in UEFI secure boot mode for iLO drivers

We're moving from using blueprints to track features to RFE bugs. I've filed one for your change (see related bugs section). Please track further work there using Closes-Bug, Partial-Bug or Related-Bug in commit messages and use this newly created RFE bug.
//vdrok 2015-12-16

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.