Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Modern 100% FOSS libreboot server now available!

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)

Topic Author
anony

Modern 100% FOSS libreboot server now available!

Postby anony » Tue Jan 19, 2016 12:29 am

I have no affiliation with this company. I purchased one of their X200 100% FOSS laptops about 6mo ago and have loved it.

http://minifree.org/

Pasted from site:
Libreboot D16

A secure, high-end server that Respects Your Freedom!

These systems are sold to raise funding for development in the libreboot project.

A freedom- and privacy-respecting server, intended for utmost security, the Libreboot D16 comes with the free (libre) and open source Libreboot BIOS (or UEFI) replacement preinstalled (based on coreboot). Your choice of GNU/Linux distribution is available on request, from the list found at FSF-endorsed GNU/Linux distributions. The Libreboot D16 uses the high-end ASUS KGPE-D16 mainboard, with libreboot.

Unlike most server products, the Libreboot D16 comes without unwanted “bloatware”, DRM, spyware or restrictions on how you use your new system. Your Libreboot D16 obeys your organisation, not your competitors or the NSA. The hardware is selected, specifically to run with 100% free software in the operating system, with zero binary blobs. Libreboot systems are an escape from the abuse that you get with other products. Even Richard Stallman uses libreboot!

The Libreboot D16 is a perfect choice of hardware for any organisation. Office IT department, hosting company, internet service provider, and more. It’s also an ideal high-end workstation platform, for professional users.

Shipping worldwide! (USA and Europe included) UPS is used for all shipments. All orders come with a 1 year warranty as standard. Free technical support (via IRC, email or telephone) is also provided. The prices on this page are in Euros. If your country doesn’t use Euros (e.g. USA, UK, Switzerland), Minifree will provide an invoice with the price converted to your local currency, for your convenience. Use xe.com currency converter to check current exchange rates.

Your Freedom. Your Libreboot

Libreboot. Free as in freedom BIOS/UEFI replacement. Libreboot offers several practical advantages over proprietary BIOS/UEFI firmware; faster boot speeds, better security and customization to name a few; for example, encrypted /boot/ is possible, and you can use GPG (in the flash chip) to verify kernel signatures, during boot up. Unlike proprietary firmware, Libreboot does not contain spyware or backdoors.

Libreboot (based on coreboot) is officially endorsed by the Free Software Foundation, as boot firmware that is verified to respect and protect your privacy, security and freedom. The director of Minifree also donates to the Free Software Foundation.

Francis Rowe (founder and owner of Minifree) is also the main libreboot developer (and founder of the libreboot project), and is funding Raptor Engineering, Inc. (USA), the company that ported this system to coreboot, in their efforts to clean up the code, add new features and upstream it into coreboot. The code is already in libreboot! Development is ongoing, as is payment. This board is sold on Minifree as a way to fund that.
Trisquel is secure, stable and respects privacy

Logo-TrisquelBased on Ubuntu, the secure and stable Trisquel GNU/Linux operating system can be preinstalled on request, with your desired configuration.

This GNU/Linux distribution is marketed for domestic users, but it is also a very reliable server distribution and is used in several well-known organisations, both as a server and workstation OS. It’s based on Ubuntu 14.04 LTS (long-term-support release), and receives regular security updates from that project. The Free Software Foundation (the organisation that founded and also sponsors the GNU project) uses this on all of their servers. The main developer of Trisquel is also one of the system administrators at the Free Software Foundation.

Trisquel comes highly recommended by the Ministry of Freedom!
Free tech support for libreboot

Free tech support is also provided, for all customers. We want your organisation to be successful, and that means good support is essential. If you ever have any questions about your Libreboot D16 server, or need help with libreboot, Francis Rowe (the person running Minifree) is always happy to answer them via email, IRC (francis7 on freenode #libreboot) or telephone. He can be contacted, using the information on the contact page. Other people (volunteers for the libreboot project) are also available on the mailing list or IRC channel, for libreboot related questions.
Supports the latest 16- and 12-core configurations from AMD!

Libreboot D16 uses the latest AMD G34 chipset (45nm Opteron 6100 or 32nm Opteron 6300/6200 CPUs). This platform is ideal for high performance applications (16, 12 or 8 CPU cores possible, with quad HT3 links up to 6.4GT/s per link, and 12MiB shared L3 cache), and is ideal for setting up a custered (and libre!) super computing environment. Minifree recommends the Opteron 6200 or 6300.
Standard EEB with 16 DIMMs & Riser Card Slot (Slot 6) possible

SSI EEB 3.61 (12×13 inches) is the form factor used, with 16 DDR3 1600 DIMMs. The maximum about of RAM supported is 256GiB (DDR3 1600 supported only with Opteron 6300/6200). PCU-E x86 (Gen2 x16 link) full height/length cards are supported (1U or higher, but a 4U case is recommended).
High Quality Components for Greater System Reliability

This is high quality hardware (made by ASUS), with 6-phase CPU power and and 3-phase memory power, using high quality capacitors on the board. High-end CPUs (TDP 140W) are possible, without reliability issues.
ASUS PIKE2008 (for SAS drives) and RAID support

The PIKE2008 module is included, for compatibility with SAS drives. SATA is also available, even without the module. The PIKE2008 module provides 8 3Gbps SAS ports.

Booting directly from SATA is possible. To boot from SAS, you can put a kernel in the flash chip and use that (8MiB or 16MiB flash chip recommended), or you can have /boot/ (kernel goes there) on SATA; the GNU system can be installed on the SAS drives. Booting a kernel and bootloader directly from SAS requires use of a proprietary option ROM and SeaBIOS payload (libreboot uses GNU GRUB by default). Libreboot recommends against this, because we want all the software to be free. The Linux kernel (Minifree recommends linux-libre) can use SAS, without an option ROM.

For RAID, Minifree recommends software methods (btrfs or mdadm in the linux kernel). The main reason is that this means using free software; the second reason is that software RAID is also much easier to use and more reliable (can be transferred easily to another system, without any dependency on the type of hardware in use).
ASMB4-iKVM module *not* included

Typically, these boards are available with an add-on module for remote out-of-band management (BIOS configuration, and so on, but also a full video console for seeing screen contents and using mouse/keyboard is possible).

The module has full access to RAM, with proprietary firmware loaded onto the ASpeed GPU. This is a security risk (and the firmware is proprietary) since the module implements what is essentially a proprietary backdoor (similar to the Intel Management Engine), so Minifree does not include it at all. There may be free replacement firmware for the module in the future (if such a replacement is implemented, Minifree will start including the module as an extra option), but this is not promised; check the libreboot website for more info.

Remote management is still possible, using SSH or VNC for the operating system (e.g. OpenSSH, X11VNC forwarded through OpenSSH, etc). “BIOS” configuration in libreboot also isn’t done pre-OS, it’s handled using a mixture of these utilities in the OS: nvramtool and/or flashrom/cbfstool. This is because coreboot (upstream that libreboot uses) is modular (lots of payloads available), so a pre-OS “BIOS setup” program doesn’t make sense.
Server specifications
Processor / system bus

2 CPU sockets (G34 compatible)
HyperTransport™ Technology 3.0
CPUs supported (not provided by Minifree, yet):
AMD Opteron 6100 series (Fam10h. No IOMMU support. Not recommended)
AMD Opteron 6200 series (Fam15h, with full IOMMU support in libreboot) – HIGHLY RECOMMENDED, works well without microcode updates
AMD Opteron 6300 series (Fam15h, with full IOMMU support in libreboot. AVOID THIS. VIRTUALIZATION FAILS WITHOUT MICROCODE UPDATES
6.4 GT/s per link (triple link)

Core logic

AMD SR5690
AMD SP5100

Memory compatibility (with libreboot)

Total Slots: 16 (4-channel per CPU, 8 DIMM per CPU), ECC
Capacity: Maximum up to 256GB RDIMM
Memory Type that is compatible:
DDR3 1600/1333/1066/800 UDIMM*
DDR3 1600/1333/1066/800 RDIMM*
Compatible sizes per memory module:
16GB, 8GB, 4GB, 3GB, 2GB, 1GB RDIMM
8GB, 4GB, 2GB, 1GB UDIMM

Expansion slots

Total slot: 6
Slot Location 1: PCI 32bit/33MHz
Slot Location 2: PCI-E x16 (Gen2 X8 Link)
Slot Location 3: PCI-E x16 (Gen2 X16 Link), Auto switch to x8 link if slot 2 is occupied
Slot Location 4: PCI-E x8 (Gen2 X4 Link)
Slot Location 5: PCI-E x16 (Gen2 X16 Link)
Slot Location 6: PCI-E x16 (Gen2 X16 Link), Auto turn off if slot 5 is occupied, For 1U FH/FL Card, MIO supported
Additional Slot 1: PIKE slot (for SAS drives. See notes above)
Follow SSI Location#

Form factor

SSI EEB 3.61 (12″x13″)

ASUS features

Fan Speed Control
Rack Ready (Rack and Pedestal dual use)

Storage

SATA controller:
AMD SP5100
6 x SATA2 300MB/s
SAS/SATA Controller:
ASUS PIKE2008 3Gbps 8-port SAS card included

Networking

2 x Intel® 82574L

Graphics

Aspeed AST2050 with 8MB VRAM

On board I/O

1 x PSU Power Connector (24-pin SSI power connector + 8-pin SSI 12V + 8-pin SSI 12V power connector)
1 x Management Connector , Onboard socket for management card
3 x USB pin header , Up to 6 Devices
1 x Internal A Type USB Port
8 x Fan Header , 4pin (3pin/4pin fan dual support)
2 x SMBus
1 x Serial Port Header
1 x TPM header
1 x PS/2 KB/MS port

Back I/O ports

1 x External Serial Port
2 x External USB Port
1 x VGA Port
2 x RJ-45
1 x PS/2 KB/Mouse

Regulatory compliance

CE, C-Tick, FCC(Class B)

Environment

Operation temperature: 10C ~ 35C
Non operation temperature: -40C ~ 70C
Non operation humidity: 20% ~ 90% ( Non condensing)

Accessories

1 x User’s Guide (notes for Libreboot and Trisquel, and information about the hardware)
1 x I/O Shield
6 x SATA 3G Cable(s)

Monitoring

CPU temperatures
Fan speed (RPM)

Note:

* DDR3 1600 can only be supported with AMD Opteron 6300/6200 series processor

When new libreboot versions are released, it is possible to update to those newer versions using software. Full instructions are provided on the libreboot website.

User avatar

sysfu
Posts: 52
Joined: Mon Nov 24, 2014 10:22 am

Re: Modern 100% FOSS libreboot server now available!

Postby sysfu » Fri Mar 25, 2016 6:15 am

Thanks for posting this.

I've been looking to migrate to coreboot capable server hardware for quite some time now however all of the well supported AMD motherboards listed on the coreboot wiki have been hard to come by, especially in small form factors.


Return to “general chat, suggestions, industry news”

Who is online

Users browsing this forum: Bing [Bot] and 22 guests

cron

Login