Configuring Hypervisor for Instance Boot with UEFI

Unified Extensible Firmware Interface (UEFI) is a standard firmware designed to replace BIOS. By default, a VM instance boots in BIOS mode.

Openstack has experimental support for UEFI based instance booting.

UEFI facilitates faster boot, supports larger hard drives, and has more security features as compared to the traditional BIOS.

You can configure an authorized host or hypervisor to boot in UEFI mode.

Platform9 Managed OpenStack v4.0 and higher has support for UEFI on the following host operating systems.

  • Ubuntu 16.04
  • CentOS 7.4 and higher

Open Virtual Machine Firmware (OVMF) is a project to enable UEFI support for virtual machines. OVMF must be installed on hosts to enable UEFI mode booting for virtual machines created on hosts authorized on Platform9 Managed OpenStack.

The following sections explain how to install OVMF on CentOS and Ubuntu. Refer to the respective section based on your host operating system, verify UEFI installation on your VM, and configure images to boot with UEFI.

Install OVMF on Host running CentOS

Follow the steps given below to install OVMF on CentOS.

  1. Get the .repo file for kraxel.
      cd /etc/yum.repos.d/ && wget http://www.kraxel.org/repos/firmware.repo
    
  2. Run the following command to install OVMF for 64-bit.
      su -c 'yum install edk2.git-ovmf-x64 -y'
    
  3. Create a new directory by the name OVMF in the /usr/share directory and copy the OVMF_CODE-pure-efi.fd and OVMF_VARS-pure-efi.fd as shown in the following commands.
  mkdir -p /usr/share/OVMF/
  cp /usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd /usr/share/OVMF/OVMF_CODE.fd
  cp /usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd /usr/share/OVMF/OVMF_VARS.fd

Install OVMF on Host running Ubuntu

Run the following command to install OVMF on Ubuntu.

 apt-get install ovmf

Verify that your Virtual Machine is booted in UEFI mode

Look for the /sys/firmware/efi folder on your virtual machine (VM). The folder would be missing if your VM is using BIOS.

Alternatively, install the efibootmgr package and check if your VM has been booted with UEFI.

 sudo apt install efibootmgr
 sudo efibootmgr

If your VM is booted with UEFI, the output of the sudo efibootmgr command shows different EFI variables.

If your VM does not support UEFI, a message is displayed in the output of the sudo efibootmgr command indicating that EFI variables are not supported.

Configure Image to Boot using UEFI

Add hw_firmware_type image metadata to the UEFI image to specify UEFI as the firmware type used to boot the instance.

openstack image set --property hw_firmware_type=uefi <image UUID>