IC-OS UEFI Configuration — Gen-2 Gigabyte

This runbook configures the BIOS/UEFI on a Gen-2 Gigabyte server so that IC-OS can install and run correctly. It is the BIOS-side step of the Node Deployment Guide (Gen-2) — at section 9, "UEFI setup and boot menu", branch here, complete the steps below, then return to the deployment guide and continue to step 10.

[!WARNING] Do not enable the RAID BIOS setting. RAID will break IC-OS installation.

1. UEFI — Enter Setup

1. Reboot or power on the server.
2. Watch for the screen with the Gigabyte logo and boot options listed underneath.
3. Press DEL (delete) a couple of times once the options are listed to enter setup.

2. UEFI — Check version

Check the version number at the bottom of the screen. The UEFI/BIOS version must be 2.21.1279 or higher — this is the version tested to support the features IC-OS requires.

If the version is lower than 2.21.1279, download the latest version from the Gigabyte support site↗ and follow the included update instructions before continuing.

3. UEFI — Advanced Settings

Switch to the Advanced menu.

Trusted Computing

1. Select Trusted Computing.
2. Set Security Device Support to Enabled.
3. Set SHA256 PCR Bank to Enabled.
4. Set Platform Hierarchy to Enabled.
5. Set Storage Hierarchy to Enabled.
6. Set Endorsement Hierarchy to Enabled.
7. Press ESC to return to the Advanced main menu.

CPU Configuration

1. Select CPU Configuration and press Enter.
2. Set SVM Mode to Enabled.
3. Press ESC to return to the Advanced main menu.

PCI Subsystem Settings

1. Select PCI Subsystem Settings and press Enter.
2. Set SR-IOV Support to Enabled (scroll to the bottom of the page to find this setting).
3. Press ESC to return to the Advanced main menu.

4. UEFI — AMD CBS

Switch to the AMD CBS menu.

CPU Common Options

1. Select CPU Common Options and press Enter.
2. Set SEV ASID Count to 253 ASIDs.
3. Set SEV-ES ASID Space Limit Control to Manual.
4. Set SEV-ES ASID Space Limit to 100.
5. Set SNP Memory (RMP Table) Coverage to Enabled.
6. Set SMEE to Enabled.

Performance

1. Select Performance.
2. Set SMT Control to Enabled.
3. Press ESC twice to return to the AMD CBS main menu.

DF Common Options

1. Select DF Common Options and press Enter.
2. Select Memory Addressing and press Enter.
3. Set NUMA nodes per socket to NPS0.
4. Press ESC twice to return to the AMD CBS main menu.

UMC Common Options

1. Select UMC Common Options and press Enter.
2. Select DDR4 Common Options and press Enter.
3. Select Security and press Enter.
4. Set TSME to Disabled.
5. Press ESC three times to return to the AMD CBS main menu.

NBIO Common Options

1. Select NBIO Common Options and press Enter.
2. Set Enable AER Cap to Enabled.
3. Set SEV-SNP Support to Enabled.
4. Press ESC to return to the AMD CBS main menu.

5. UEFI — Boot Menu

1. Switch to the Boot menu.
2. Set Boot Mode Select to UEFI.
3. Select Save Changes and Exit, then select Yes at the prompt and press Enter.

The system will now reboot.

[!WARNING] Do not unplug the IC-OS USB stick during this reboot.

6. Boot the IC-OS USB image

1. Watch for the screen with the Gigabyte logo and boot options. Press F10 a couple of times once the options are listed.
2. From the boot menu, select the first partition on the USB device and press Enter.

Return to the deployment runbook

• If you are following the non-HSM path, return to Node Deployment Guide (Gen-2) at section 9, "UEFI setup and boot menu", and continue to step 10.
• If you are following the legacy HSM path, return to Node Deployment Guide (Gen-1, with HSM) at section 9 and continue to step 10.

Related

• Node Deployment Guide (Gen-2) — the full deployment runbook this configuration is part of.
• Node Provider Machine Hardware Guide — hardware specifications by generation.
• Troubleshooting Node Deployment Errors — what to do if installation fails after BIOS configuration.
• IC-OS UEFI Configuration — Gen-2 ASUS — sibling configuration with a similar AMD CBS structure.