UEFI Boot

UEFI stands for Unified Extensible Firmware Interface. It stores all device initialization and start-up data in a .efi file on a special disk partition called the EFI System Partition (ESP). The ESP also holds the bootloader responsible for booting the operating system.

The primary purpose of creating UEFI is to overcome the limitations of BIOS and shorten system boot time. UEFI uses the GPT partitioning scheme and supports drive sizes that are much larger.

In addition, UEFI provides better security with the Secure Boot feature, preventing unauthorized applications from booting. However, the downside is that Secure Boot prevents dual booting because it treats other operating systems as unsigned applications.

UEFI runs in 32-bit or 64-bit mode, providing a graphical user interface.

UEFI Secure Boot

Secure Boot is a Unified Extensible Firmware Interface (UEFI) feature that provides a verification mechanism for ensuring the device boots using only authorized firmware and software. It prevents running unauthorized, untrusted code. Without Secure Boot, malicious code can easily be executed, and Gigamon platforms can be easily compromised.

The following table provides the details of the platforms that support UEFI boot and UEFI secure boot:

Supported Platforms

Platforms

UEFI Boot

UEFI Secure Boot

AWS

Yes

Yes

Azure

Yes

Yes

Microsoft Hyper-V

Yes

Yes

OpenStack

Yes

Yes

Nutanix

Yes

Yes

KVM

Yes

Yes

GCP

Yes

Yes

GigaVUE-FM Hardware Appliance (GFM-HW1-FM010, GFM-HW1-FM001-HW, and GFM-HW2-FM001-HW)

Yes

Yes

VMware ESXi

Yes

Yes

Rules and Notes

■   Fresh installations only support UEFI boot on any platform.
■   Image upgrade deployments do not change the boot mode of a GigaVUE-FM system.
o   BIOS boot systems remain as BIOS boot
o   UEFI boot systems remain as UEFI boot.
■   You can change a BIOS boot installation to UEFI boot by using the snapshot upgrade method, which is recommended only on AWS, and Azure platforms.
■   Disabling UEFI Secure boot after deploying GigaVUE‑FM in UEFI Secure boot mode is not recommended.
■   Secure Boot in VMware ESXi is supported by virtual hardware version 13 or later.
■   FMHA formation with a combination of UEFI Secure Boot GigaVUE Fabric Managers and Non-UEFI Secure Boot GigaVUE Fabric Managers of the same versions is allowed. However, the FMHA cluster cannot be named as a UEFI Secure Boot cluster.

Configuring UEFI boot in GigaVUE‑FM

Refer to the sections in the table to learn about how to configure UEFI boot in GigaVUE‑FM in the following platforms:

 

Platforms

Refer to

AWS

You should change the instance from m4.xlarge to m5.xlarge . UEFI boot supports only m5.xlarge. For more information, refer to Recommended Instance Types for AWSin the sectionInstalling GigaVUE‑FM on AWS

Azure

No changes in the configuration procedure.

Microsoft Hyper-V

You must specify the option Generation 2 in Specify Generation page. UEFI boot supports only Generation 2. For more information, refer toInstall GigaVUE‑FM for Microsoft Hyper-V

OpenStack

OpenStack supports UEFI from the Wallaby version and RHSOP 17.01. The train version of OpenStack does not support UEFI boot. You must specify hw_firmware_type=uefi in the image property for GigaVUE‑FM deployment in UEFI mode. For more information, refer to Installing GigaVUE‑FM on OpenStack

Nutanix

You need to switch to UEFI mode when deploying the GigaVUE‑FM. For more information, refer to Installing GigaVUE‑FM on Nutanix

KVM

You need to switch to UEFI mode when deploying the GigaVUE‑FM. For more information, refer to Installing GigaVUE‑FM on KVM.

GCP

In GCP, you must set the flag: --guest-os-features='UEFI_COMPATIBLE'. For more information, refer to Install GigaVUE-FM on GCP.

VMware ESXi

Support vSphere 6.5, virtual hardware version 13 or later. For more information, refer to Installing GigaVUE‑FM on VMware ESXi. For information related to troubleshooting ESXi 7.0, refer to Troubleshooting section in Install GigaVUE‑FM using OVA file on VMware vCenter.