Building a flash less firmware infrastructure

We will cover in that talk various ways to start an HPE ProLiant server in a flash less mode (aka boot from the network at the BMC level and gathering everything from the network) with OpenSource Firmware

We will demonstrate how we could consider the BMC firmware as being an O/S and use the associated relevant tools to manage that initial firmware stack through network booting, in the intent to expand supply chain security. We will emphasis on OpenBMC implementation, and how we changed the bootflow to successfully boot the BMC by using a full network block storage device, and provide continuous updates capabilities to lower downtime and enhance security by easing deployment process. We will focus on the security aspect by leveraging SiROT and linux LUKS technologies. We will also open the door to hardware modification as to reach a total flash less system design based on OpenSource firmware. That talk is going to be technical and requires a good knowledge of the linux stack. It is a common talk with OVHCloud an openbmc community member. A live demo will be run during the presentation as to demonstrate the full stack.