Closed 0x1a8510f2 closed 6 months ago
smira
commented
6 months ago It is continuously being tested, and it does work: https://ci.dev.talos-systems.io/siderolabs/talos/43393/14/8
If you have a specific problem, please supply a specific bug report, including the details how you acquired that ISO, etc.
frezbo
commented
6 months ago Also since the secureboot is a UKI, there shouldn't be multiple files/partitons
0x1a8510f2
commented
6 months ago Maybe I'm doing something wrong. When I burn the ISO (obtained from here: https://factory.talos.dev/?arch=amd64&cmdline-set=true&extensions=-&extensions=siderolabs%2Fi915-ucode&extensions=siderolabs%2Fintel-ucode&platform=metal&secureboot=true&target=metal&version=1.7.1) to a USB stick, I get the following:
This doesn't show up even as a bootable option in the firmware. Booting the ISO with QEMU also fails (qemu-system-x86_64 -boot d -cdrom Downloads/metal-amd64-secureboot.iso -m 512):
Meanwhile, the same command works fine with the non-secureboot Talos ISO from factory and an openSUSE ISO that supports secureboot.
Is there some additional setup I should be doing as opposed to literally DDing the ISO to /dev/sda?
0x1a8510f2
commented
6 months ago Never mind, I have been able to boot the image with the command qemu-system-x86_64 -bios /usr/share/qemu/ovmf-x86_64-ms-4m.bin -boot d -cdrom Downloads/metal-amd64-secureboot.iso -m 512 on openSUSE. Looks like I've overlooked the fact that I have to specify UEFI firmware for QEMU and my hardware is misconfigured. I'm closing the issue since it's clearly not a bug with the image.
Bug Report
Description
It seems like the bare metal secureboot Talos ISO is broken. Writing it to a USB stick results in a single ISO9660 partition as opposed to the multiple partitions produced by the non-secureboot ISO. The secureboot ISO also fails to boot both on QEMU and bare metal.
Logs
N/A
Environment