SOP OCP4 configure UEFI boot

Signed-off-by: David Kirwan <dkirwan@redhat.com>

modules/ocp4/pages/sop_configure_baremetal_pxe_uefi_boot.adoc

@@ -0,0 +1,51 @@
+== Configure Baremetal PXE-UEFI Boot
+A high level overview of how a baremetal node in the Fedora Infra gets booted via UEFI is as follows.
+
+- Server powered on
+- Gets ip via dhcp
+- DHCP server uses `next-server` command to point the Server to next contact the tftpboot server and retrieve `grub.cfg`
+- tftpboot serves `grub.cfg`
+- Sysadmin manually chooses the correct UEFI menu to boot
+- tftpboot serves kernal and initramfs to the server
+- Server boots with kernal and initramfs, and retrieves ingition file from `os-control01`
+
+=== Resources
+
+- [1] https://pagure.io/fedora-infra/ansible/blob/main/f/roles/dhcp_server[Ansible Role DHCP Server]
+- [2] https://pagure.io/fedora-infra/ansible/blob/main/f/roles/tftp_server[Ansible Role tftpboot server]
+
+=== UEFI Configuration
+The configuration for UEFI booting is contained in the `grub.cfg` config which is not currently under source control. It is located on the `batcave01` at: `/srv/web/infra/bigfiles/tftpboot2/uefi/grub.cfg`.
+
+The following is a sample configuration to install a baremetal OCP4 worker in the Staging cluster.
+
+----
+menuentry 'RHCOS 4.8 worker staging' {
+  linuxefi images/RHCOS/4.8/x86_64/rhcos-4.8.2-x86_64-live-kernel-x86_64 ip=dhcp nameserver=10.3.163.33 coreos.inst.install_dev=/dev/sda coreos.live.rootfs_url=http://10.3.166.50/rhcos/rhcos-4.8.2-x86_64-live-rootfs.x86_64.img coreos.inst.ignition_url=http://10.3.166.50/rhcos/worker.ign
+  initrdefi images/RHCOS/4.8/x86_64/rhcos-4.8.2-x86_64-live-initramfs.x86_64.img
+}
+----
+
+Any new changes must be made here. Writing to this file requires one to be a member of the `sysadmin-main` group, so best to instead create a ticket in the Fedora Infra issue tracker with patch request. See the following https://pagure.io/fedora-infrastructure/issue/10213[PR] for inspiration.
+
+=== Pushing new changes out to the tftpboot server
+To push out changes made to the `grub.cfg` the following playbook should be run, which requires `sysadmin-noc` group permissions:
+
+----
+sudo rbac-playbook groups/noc.yml -t 'tftp_server,dhcp_server'
+----
+
+On the `noc01` instance the `grub.cfg` file is located at `/var/lib/tftpboot/uefi/grub.cfg`
+
+If particular changes to OS images for example, are required, they should be made on the `noc01` instance directly at `/var/lib/tftpboot/images/`. This will require users to be in the `sysadmin-noc` group.
+
+
+
+
+
+
+
+
+
+
+

modules/ocp4/pages/sops.adoc

@@ -1,30 +1,4 @@
 == SOPs
 
 - xref:sop_installation.adoc[SOP Openshift 4 Installation on Fedora Infra]
-
-=== Configure the baremetal nodes to pxeboot with UEFI into RHCOS
-
-=== Create MachineConfigs to configure RHCOS
-
-=== Retrieve the OCP4 Cluster's CA Cert to configure haproxy
-
-=== Configure the Image Registry Operator to use NFS Storage
-
-=== Configure OIDC for Noggin/IPA in OCP4
-
-=== Disable self provisioners role
-
-=== Installation/Configuration of the Local Storage Operator
-
-=== Installation/Configuration of the Openshift Container Storage Operator
-
-=== Configure the OCP4 User Workload Monitoring Stack
-
-
-
-
-
-
-
-
-
+- xref:sop_configure_baremetal_pxe_uefi_boot.adoc[SOP Configure Baremetal PXE-UEFI Boot]