Difference between revisions of "IC-OS Installation - UEFI Configuration - Gen2 Dell"
From Internet Computer Wiki
(Remove PCIE preferred IO Bus setting) |
|||
Line 56: | Line 56: | ||
# In System BIOS, select ''Integrated Devices'' | # In System BIOS, select ''Integrated Devices'' | ||
#: [[File:UEFI_Menu_Dell_SystemBiosMenu.png|580px]] | #: [[File:UEFI_Menu_Dell_SystemBiosMenu.png|580px]] | ||
− | |||
− | |||
# Set ''SR-IOV Global Enable'' to ''Enabled'' | # Set ''SR-IOV Global Enable'' to ''Enabled'' | ||
− | #: [[File: | + | #:[[File:Dell bios SR.png|580px]] |
− | # Select ''Back'' to return to System BIOS. | + | #Select ''Back'' to return to System BIOS. |
− | == 6. UEFI - System Security == | + | ==6. UEFI - System Security== |
− | # In System BIOS, select ''System Security'' | + | #In System BIOS, select ''System Security'' |
− | #: [[File:UEFI Menu Dell SystemSecurity TPM.png|580px]] | + | #:[[File:UEFI Menu Dell SystemSecurity TPM.png|580px]] |
− | # Set ''TPM Security'' to ''On'' | + | #Set ''TPM Security'' to ''On'' |
− | # Set ''TPM Hierarchy'' to ''Enabled'' | + | #Set ''TPM Hierarchy'' to ''Enabled'' |
− | # Select menu item ''TPM Advanced settings'' | + | #Select menu item ''TPM Advanced settings'' |
− | #: [[File:UEFI Menu Dell SystemSecurity TPM Advanced.png|580px]] | + | #:[[File:UEFI Menu Dell SystemSecurity TPM Advanced.png|580px]] |
− | # Set ''TPM2 Algorithm Selection'' to ''SHA256'' | + | #Set ''TPM2 Algorithm Selection'' to ''SHA256'' |
− | == 7. UEFI - Miscellaneous Settings == | + | ==7. UEFI - Miscellaneous Settings== |
− | # In System BIOS, select ''Miscellaneous Settings'' | + | #In System BIOS, select ''Miscellaneous Settings'' |
− | #: [[File:UEFI_Menu_Dell_SystemBios_Miscellaneous.png|580px]] | + | #:[[File:UEFI_Menu_Dell_SystemBios_Miscellaneous.png|580px]] |
# | # | ||
− | # Set ''F1/F2 Prompt on Error'' to ''Disabled'' | + | #Set ''F1/F2 Prompt on Error'' to ''Disabled'' |
− | # Select ''Back'' to return to System BIOS. | + | #Select ''Back'' to return to System BIOS. |
− | #: [[File:UEFI_Menu_Dell_MiscellaneousSettings.png|580px]] | + | #:[[File:UEFI_Menu_Dell_MiscellaneousSettings.png|580px]] |
# | # | ||
− | # Select ''Finish'' and press ''enter''. | + | #Select ''Finish'' and press ''enter''. |
− | #: [[File:27.png|580px|screenshot]] | + | #:[[File:27.png|580px|screenshot]] |
# | # | ||
− | # Select ''Yes'' to save the changes and press ''enter''. | + | #Select ''Yes'' to save the changes and press ''enter''. |
− | #: [[File:28.png|580px|screenshot]] | + | #:[[File:28.png|580px|screenshot]] |
# | # | ||
− | # Select ''OK'' and press ''enter''. | + | #Select ''OK'' and press ''enter''. |
− | #: [[File:29.png|580px|screenshot]] | + | #:[[File:29.png|580px|screenshot]] |
# | # | ||
# Confirm the exit and press ''enter''. The system will reboot now. '''Please do not unplug the IC-OS USB stick''' at this point. | # Confirm the exit and press ''enter''. The system will reboot now. '''Please do not unplug the IC-OS USB stick''' at this point. | ||
− | == 8. Boot Manager - Enter Boot Manager == | + | ==8. Boot Manager - Enter Boot Manager== |
# | # | ||
− | # Watch for the Blue screen with boot options in the top left corner. Press ''F11'' a couple of times, once the options are listed. | + | #Watch for the Blue screen with boot options in the top left corner. Press ''F11'' a couple of times, once the options are listed. |
− | #: [[File:16.png|580px|screenshot]] | + | #:[[File:16.png|580px|screenshot]] |
# | # | ||
− | # If your option is recognized by the system, it should highlight ''Entering Boot Manager''. | + | #If your option is recognized by the system, it should highlight ''Entering Boot Manager''. |
− | #: [[File:32.png|580px|screenshot]] | + | #:[[File:32.png|580px|screenshot]] |
# | # | ||
− | # In the Boot Manager, select ''One-shot UEFI Boot Menu'' and press ''enter''. | + | #In the Boot Manager, select ''One-shot UEFI Boot Menu'' and press ''enter''. |
− | #: [[File:33.png|580px|screenshot]] | + | #:[[File:33.png|580px|screenshot]] |
# | # | ||
− | # In the Boot Menu, select your ''USB device'' and press ''enter''. | + | #In the Boot Menu, select your ''USB device'' and press ''enter''. |
− | #: [[File:34.png|580px|screenshot]] | + | #:[[File:34.png|580px|screenshot]] |
# | # | ||
− | == Return to the Installation Runbook == | + | ==Return to the Installation Runbook== |
− | * If using the '''non-HSM''' onboarding procedure, return to the [[IC-OS Installation Runbook#8. UEFI Setup and Boot Menu|IC-OS Installation Runbook]]. | + | *If using the '''non-HSM''' onboarding procedure, return to the [[IC-OS Installation Runbook#8. UEFI Setup and Boot Menu|IC-OS Installation Runbook]]. |
− | * If using the '''legacy, HSM''' onboarding procedure, return to the [[NitroKey HSM installation runbook#8. UEFI Setup and Boot Menu|NitroKey HSM installation runbook]] | + | *If using the '''legacy, HSM''' onboarding procedure, return to the [[NitroKey HSM installation runbook#8. UEFI Setup and Boot Menu|NitroKey HSM installation runbook]] |
Revision as of 21:49, 3 August 2023
1. UEFI - Enter System Setup and reset IDRAC password
- Reboot or power on the server.
- Watch for the blue screen with boot options in the top left corner.
- Press F2 a couple of times, once the options are listed.
- If your option is recognized by the system, it should be highlighting Entering System Setup.
- In the System Setup, select iDRAC Settings and press enter.
- Select User Configuration and press enter.
- Select Change Password and press enter.
- Enter your desired password and select OK. This needs to be changed from the default the server ships with.
- Select Back and Finish.
2. UEFI - Check Version
- In the System Setup, System BIOS press enter.
- In the System BIOS, select System Information and press enter.
- Verify the System BIOS Version is at least 2.8.4
- If BIOS Version is below 2.8.4, ABORT configuring and update the BIOS.
- Select Back to return to System BIOS.
3. UEFI - Processor Settings
- In System BIOS, select Processor Settings and press enter.
- Set Logical Processor to Enabled
- Set Virtualization Technology to Enabled
- Set NUMA Nodes Per Socket to 0
- Set Secure Memory Encryption to Enabled
- Set Minimum SEV non-ES ASID to 253
- Set Secure Nesting Paging to Enabled
- Set SNP Memory Coverage to Enabled
- Set Transparent Secure Memory Encryption to Disabled
- Select Back to return to System BIOS.
4. UEFI - Boot Settings
- In System BIOS, select Boot Settings and press enter.
- Set Boot Mode to UEFI
- Select Back to return to System BIOS.
5. UEFI - Integrated Devices
- In System BIOS, select Integrated Devices
- Set SR-IOV Global Enable to Enabled
- Select Back to return to System BIOS.
6. UEFI - System Security
- In System BIOS, select System Security
- Set TPM Security to On
- Set TPM Hierarchy to Enabled
- Select menu item TPM Advanced settings
- Set TPM2 Algorithm Selection to SHA256
7. UEFI - Miscellaneous Settings
- In System BIOS, select Miscellaneous Settings
- Set F1/F2 Prompt on Error to Disabled
- Select Back to return to System BIOS.
- Select Finish and press enter.
- Select Yes to save the changes and press enter.
- Select OK and press enter.
- Confirm the exit and press enter. The system will reboot now. Please do not unplug the IC-OS USB stick at this point.
8. Boot Manager - Enter Boot Manager
- Watch for the Blue screen with boot options in the top left corner. Press F11 a couple of times, once the options are listed.
- If your option is recognized by the system, it should highlight Entering Boot Manager.
- In the Boot Manager, select One-shot UEFI Boot Menu and press enter.
- In the Boot Menu, select your USB device and press enter.
Return to the Installation Runbook
- If using the non-HSM onboarding procedure, return to the IC-OS Installation Runbook.
- If using the legacy, HSM onboarding procedure, return to the NitroKey HSM installation runbook