The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter includes the following sections:
Boot policy overrides the boot order in the BIOS setup menu, and determines the following:
Selection of the boot device
Location from which the server boots
Order in which boot devices are invoked
For example, you can choose to have associated servers boot from a local device, such as a local disk or CD-ROM (vMedia), or you can select a SAN boot or a LAN (PXE) boot.
You can either create a named boot policy that can be associated with one or more service profiles, or create a boot policy for a specific service profile. A boot policy must be included in a service profile, and that service profile must be associated with a server for it to take effect. If you do not include a boot policy in a service profile, the UCS domain applies the default boot policy.
Note | Changes to a boot policy will be propagated to all service profiles created with an updating service profile template that includes that boot policy. Reassociation of the service profile with the server to rewrite the boot order information in the BIOS is automatically triggered. |
Cisco UCS Central enables you to use standard or enhanced boot order for the global boot policies you create in Cisco UCS Central.
Standard boot order is supported for all Cisco UCS servers, and allows a limited selection of boot order choices. You can add a local device, such as a local disk, CD-ROM, or floppy, or you can add SAN, LAN, or iSCSI boot.
Enhanced boot order allows you greater control over the boot devices that you select for your boot policy. Enhanced boot order is supported for all Cisco UCS B-Series M3 and M4 Blade Servers and Cisco UCS C-Series M3 and M4 Rack Servers at release 2.2(1b) or greater, and for Cisco UCS M-Series Modular Servers.
The following boot order devices are supported for standard boot order, but can be used with both:
Local LUN/Local Disk—Enables standard boot from a local hard disk. Do not enter a primary or secondary LUN name. Those are reserved for enhanced boot order only.
CD/DVD ROM Boot—Enables standard boot from local CD/DVD ROM drive.
Floppy—Enables standard boot from local floppy drive.
LAN Boot—Enables standard boot from a specified vNIC.
SAN Boot—Enables standard boot from a specified vHBA.
iSCSI Boot—Enables standard boot from a specified iSCSI vNIC.
The following boot order devices are supported only for enhanced boot order:
Local LUN/Local Disk—Enables boot from local hard disk, or local LUN.
Local CD/DVD—Enables boot from local CD/DVD drive.
Local Floppy—Enables boot from local floppy drive.
SD Card—Enables boot from SD Card.
Internal USB—Enables boot from Internal USB.
External USB—Enables boot from External USB.
Embedded Local Disk—Enables booting from the embedded local disk on the Cisco UCS C240 M4SX and C240 M4L servers.
Note | You can add either the embedded local disk or the embedded local LUN to the boot order. Adding both is not supported. |
Embedded Local LUN—Enables boot from the embedded local LUN on the Cisco UCS C240 M4SX and C240 M4L servers.
Note | You can add either the embedded local disk or the embedded local LUN to the boot order. Adding both is not supported. |
Local JBOD—Enables boot from a local disk.
KVM Mapped CD/DVD—Enables boot from KVM mapped ISO images.
KVM Mapped Floppy—Enables boot from KVM mapped image files.
CIMC Mapped HDD—Enables boot from CIMC mapped vMedia drives.
CIMC MAPPED CD/DVD—Enables boot from CIMC mapped vMedia CDs and DVDs.
LAN Boot—Enables you to select a specific vNIC from which to boot.
SAN Boot—Enables you to select a specific vHBA from which to boot.
iSCSI Boot—Enables you to select a specific iSCSI vNIC from which to boot.
Remote Virtual Drive—Enables boot from a remote virtual drive.
Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system and platform firmware. Cisco UCS uses UEFI to replace the BIOS firmware interfaces. This allows the BIOS to run in UEFI mode while still providing legacy support.
You can choose either legacy or UEFI boot mode when you create a boot policy. Legacy boot mode is supported for all Cisco UCS servers. UEFI boot mode is supported on Cisco UCS B-Series M3 and M4 Blade Servers, Cisco UCS C-Series M3 and M4 Blade Servers, and M-Series servers, and allows you to enable UEFI secure boot mode.
The following limitations apply to the UEFI boot mode:
UEFI boot mode is not supported on Cisco UCS B-Series M1 and M2 Blade Servers and Cisco UCS C-Series M1 and M2 Rack Servers.
UEFI boot mode is not supported with the following combinations:
You cannot mix UEFI and legacy boot mode on the same server.
Make sure an UEFI-aware operating system is installed in the device. The server will boot correctly in UEFI mode only if the boot devices configured in the boot policy have UEFI-aware OS installed. If a compatible OS is not present, the boot device is not displayed on the Boot Policies page.
In some corner cases, the UEFI boot may not succeed because the UEFI boot manager entry was not saved correctly in the BIOS NVRAM. You can use the UEFI shell to enter the UEFI boot manager entry manually. This situation could occur in the following situations:
If a blade server with UEFI boot mode enabled is disassociated from the service profile, and the blade is manually powered on using the Server page or the front panel.
If a blade server with UEFI boot mode enabled is disassociated from the service profile, and a direct VIC firmware upgrade is attempted.
If a blade or rack server with UEFI boot mode enabled is booted off SAN LUN, and the service profile is migrated.
Cisco UCS Central supports UEFI secure boot on Cisco UCS B-Series M3 and M4 Blade Servers, and Cisco UCS M-Series Modular Servers. When UEFI secure boot is enabled, all executables, such as boot loaders and adapter drivers, are authenticated by the BIOS before they can be loaded. To be authenticated, the images must be signed by either the Cisco Certificate Authority (CA) or a Microsoft CA.
The following limitations apply to UEFI secure boot:UEFI boot mode must be enabled in the boot policy.
The Cisco UCS Manager software and the BIOS firmware must be at Release 2.2 or greater.
User-generated encryption keys are not supported.
UEFI secure boot can only be controlled by Cisco UCS Manager or Cisco UCS Central.
You cannot downgrade to an earlier version of Cisco UCS Manager if:
An associated server has a boot policy with UEFI boot mode enabled.
An associated server has a boot policy with UEFI secure boot enabled.
An associated server has a boot policy with enhanced boot order. For example, if an associated server has a boot policy which contains any of the following:
An associated server has a boot policy that includes both SAN and local LUN.
Note | This dialog box is read-only unless you configured the iSCSI targets directly under the service profile or service profile template using the Cisco UCS Central CLI or the Flash-based GUI. |
Step 1 | From the Service Profile or Service Profile Template page, click the Settings icon. |
Step 2 | Click
Configure iSCSI Targets.
This launches the Configure iSCSI Targets dialog box. |
Step 3 | Click Primary or Secondary and enter the iSCSI vNIC. |
Step 4 | Select the iSCSI Target Definition Mode and complete the necessary fields: |
Step 5 | Click Save . |