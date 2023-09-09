Ubuntu users are prompted to change the default password (ubuntu) for the default user (ubuntu) upon first login. Logging in will not be possible even if the login prompt appears until all services are up (" DPU is ready " message appears in /dev/rshim0/misc ).

Warning Attempting to log in before all services are up prints the following message: "Permission denied, please try again."

Alternatively, Ubuntu users can provide a unique password that will be applied at the end of the BFB installation. This password would need to be defined in a bf.cfg configuration file. To set the password for the ubuntu user:

Create password hash. Run: Copy Copied! # openssl passwd -1 Password: Verifying - Password: $1$3B0RIrfX$TlHry93NFUJzg3Nya00rE1 Add the password hash in quotes to the bf.cfg file: Copy Copied! # vim bf.cfg ubuntu_PASSWORD='$1$3B0RIrfX$TlHry93NFUJzg3Nya00rE1' The bf.cfg file will be used with the bfb-install script in the following step. Warning Password policy: Minimum password length – 8

At least one upper-case letter

At least one lower-case letter

At least one numerical character

Warning For a comprehensive list of the supported parameters to customize bf.cfg during BFB installation, refer to section "bf.cfg Parameters".





GRUB menu entries are protected by a username and password to prevent unwanted changes to the default boot options or parameters.

The default credentials are as follows:

Username admin Password BlueField

The password can be changed during BFB installation by providing a new grub_admin_PASSWORD parameter in bf.cfg :

Copy Copied! # vim bf.cfg grub_admin_PASSWORD=’ grub.pbkdf2.sha512.10000.5EB1FF92FDD89BDAF3395174282C77430656A6DBEC1F9289D5F5DAD17811AD0E2196D0E49B49EF31C21972669D180713E265BB2D1D4452B2EA9C7413C3471C53.F533423479EE7465785CC2C79B637BDF77004B5CC16C1DDE806BCEA50BF411DE04DFCCE42279E2E1F605459F1ABA3A0928CE9271F2C84E7FE7BF575DC22935B1’

To get a new encrypted password value use the command grub-mkpasswd-pbkdf2 .

After the installation, the password can be updated by editing the file /etc/grub.d/40_custom and then running the command update-grub which updates the file /boot/grub/grub.cfg .

Warning Installing the BFB does not update the firmware. To do that, refer to section Firmware Upgrade.

A pre-built BFB of Ubuntu 20.04 with DOCA Runtime and DOCA packages installed is available on the NVIDIA DOCA SDK developer zone page.

Warning All new BlueField-2 devices are secure boot enabled, hence all SW images must be signed by NVIDIA in order to boot. All formally published SW images are signed.

To install Ubuntu BFB, run on the host side:

Copy Copied! # bfb-install -h syntax: bfb-install --bfb|-b <BFBFILE> [--config|-c <bf.cfg>] \ [--rootfs|-f <rootfs.tar.xz>] --rshim|-r <rshimN> [--help|-h]

The bfb-install utility is installed by the RShim package.

This utility script pushes the BFB image and optional configuration to the BlueField side and checks and prints the BFB installation progress. To see the BFB installation progress, please install the pv Linux tool.

Important The first boot after BFB installation includes OS configuration. If BlueField is restarted before the configuration is complete, it will not operate as expected. For example, it may not be accessible using SSH.

The following is an output example of Ubuntu 20.04 installation with the bfb-install script assuming pv has been installed.

Copy Copied! # bfb-install --bfb <BlueField-OS>.bfb --config bf.cfg --rshim rshim0 Pushing bfb + cfg 1.21GiB 0:01:14 [16.5MiB/s] [ <=> ] Collecting BlueField booting status. Press Ctrl+C to stop… INFO[BL2]: start INFO[BL2]: DDR POST passed INFO[BL2]: UEFI loaded INFO[BL31]: start INFO[BL31]: runtime INFO[UEFI]: eMMC init INFO[UEFI]: eMMC probed INFO[UEFI]: PMI: updates started INFO[UEFI]: PMI: boot image update INFO[UEFI]: PMI: updates completed, status 0 INFO[UEFI]: PCIe enum start INFO[UEFI]: PCIe enum end INFO[MISC]: Found bf.cfg INFO[MISC]: Ubuntu installation started INFO[MISC]: Installation finished INFO[MISC]: Rebooting...

Important Interrupting the update process during its " Pushing bfb " stage may cause issues that render the DPU inoperable. To recover the DPU, re-initiate the update process with bfb-install .





After installation of the Ubuntu OS is complete, the following note appears in /dev/rshim0/misc on first boot:

Copy Copied! ... INFO[MISC]: Linux up INFO[MISC]: DPU is ready

"DPU is ready" indicates that all the relevant services are up and users can login the system.

After the installation of the Ubuntu 20.04 BFB, the configuration detailed in the following sections is generated.

Warning Make sure all the services (including cloud-init) are started on BlueField before power cycling the host server.

BlueField OS image version is stored under /etc/mlnx-release in the DPU.

Copy Copied! # cat /etc/mlnx-release DOCA_v1.1_BlueField_OS_Ubuntu_20.04-<version>





Warning mlxfwreset is not supported in this release. Please power cycle the host where mlxfwreset is requested.

To upgrade firmware:

Set a temporary static IP on the host. Run: Copy Copied! sudo ip addr add 192.168.100.1/24 dev tmfifo_net0 SSH to your DPU via 192.168.100.2 (preconfigured). The default credentials for Ubuntu are as follows. Username Password ubuntu Set during installation For example: Copy Copied! ssh ubuntu@192.168.100.2 Password: <unique-password> Upgrade the firmware on the DPU. Run: Copy Copied! sudo /opt/mellanox/mlnx-fw-updater/mlnx_fw_updater.pl --force-fw-update Example output: Copy Copied! Device #1: ---------- Device Type: BlueField-2 [...] Versions: Current Available FW <Old_FW> <New_FW> Warning Important! To apply NVConfig changes, stop here and follow the steps in section "Updating NVConfig Params". Power cycle the host for the changes to take effect.

Reset the nvconfig params to their default values: Copy Copied! # sudo mlxconfig -d /dev/mst/<device-name> -y reset Reset configuration for device /dev/mst/<device-name>? (y/n) [n] : y Applying... Done! -I- Please reboot machine to load new configurations. (Optional) Enable NVMe emulation. Run: Copy Copied! sudo mlxconfig -d <device-name> s NVME_EMULATION_ENABLE=1 Skip this step if your BlueField DPU is Ethernet only. Please refer to section "Supported Platforms and Interoperability" under the Release Notes to learn your DPU type. If you have a VPI DPU, the default link type of the ports will be configured to IB. If you want to change the link type to Ethernet, please run the following configuration: Copy Copied! sudo mlxconfig -d <device-name> s LINK_TYPE_P1=2 LINK_TYPE_P2=2 Power cycle the host for the mlxconfig settings to take effect.

Using configuration parameters in the bf.cfg file, the BlueField's boot options and OS can be further customized. For a full list of the supported parameters to customize your DPU system during BFB installation, refer to section "bf.cfg Parameters". In addition to parameters, the bf.cfg file offers control over customization of the BlueField firmware and OS through scripting.

Add any of the following functions to the bf.cfg file for them to be called by the install.sh script embedded in the BFB:

bfb_modify_os – called after file the system is extracted on the target partitions. It can be used to modify files or create new files on the target file system mounted under /mnt . So the file path should look as follows: /mnt/<expected_path_on_target_OS> . This can be used to run a specific tool from the target OS (remember to add /mnt to the path for the tool).

bfb_pre_install – called before EMMC partitions format and OS filesystem is extracted

bfb_post_install – called as a last step before reboot. All EMMC partitions are unmounted at this stage.

For example, using the bf.cfg script below configures the BlueField DPU with Separated Host mode and disables the port owner from the Arm side:

Collapse Source Copy Copied! # cat /root/bf.cfg bfb_modify_os() { log ===================== bfb_modify_os ===================== log "Disable OVS bridges creation upon boot" sed -i -r -e 's/(CREATE_OVS_BRIDGES=).*/\1"no"/' /mnt/etc/mellanox/mlnx-ovs.conf } bfb_pre_install() { log ===================== bfb_pre_install ===================== } bfb_post_install() { log ===================== bfb_post_install ===================== mst start mst_device=$(/bin/ls /dev/mst/mt*pciconf0 2> /dev/null) log "Setting Separated Host mode for $mst_device" mlxconfig -y -d $mst_device s INTERNAL_CPU_MODEL=0 for mst_device in /dev/mst/mt*pciconf* do log "Disable port owner from ARM side for $mst_device" mlxconfig -y -d $mst_device s PORT_OWNER=0 done} # bfb-install -b /tmp/<BlueField-OS>.bfb -c /root/bf.cfg -r rshim0 Pushing bfb + cfg 1.18GiB 0:01:11 [17.0MiB/s] [ <=> ] Collecting BlueField booting status. Press Ctrl+C to stop… INFO[BL2]: start INFO[BL2]: DDR POST passed INFO[BL2]: UEFI loaded INFO[BL31]: start INFO[BL31]: runtime INFO[UEFI]: eMMC init INFO[UEFI]: eMMC probed INFO[UEFI]: PMI: updates started INFO[UEFI]: PMI: boot image update INFO[UEFI]: PMI: updates completed, status 0 INFO[UEFI]: PCIe enum start INFO[UEFI]: PCIe enum end INFO[MISC]: Found bf.cfg INFO[MISC]: Ubuntu installation started INFO[MISC]: Installing OS image INFO[MISC]: Disable OVS bridges creation upon boot INFO[MISC]: Setting Separated Host mode for /dev/mst/mt41686_pciconf0 INFO[MISC]: Disable port owner from ARM side for /dev/mst/mt41686_pciconf0 INFO[MISC]: Disable port owner from ARM side for /dev/mst/mt41686_pciconf0.1 INFO[MISC]: Installation finished INFO[MISC]: Rebooting...

Warning After modifying files on the BlueField DPU, run the command sync to flush file system buffers to EMMC flash memory to avoid data loss during reboot or power cycle.





The /sbin/mlnx_bf_configure script runs automatically with ib_umad kernel module loaded (see /etc/modprobe.d/mlnx-bf.conf ) and performs the following configurations:

Ports are configured with switchdev mode and software steering. Two scalable function (SF) interfaces are created (one per port) if BlueField is configured with Embedded CPU mode (default): Copy Copied! # mlnx-sf -a show SF Index: pci/0000:03:00.0/229408 Parent PCI dev: 0000:03:00.0 Representor netdev: en3f0pf0sf0 Function HWADDR: 02:61:f6:21:32:8c Auxiliary device: mlx5_core.sf.2 netdev: enp3s0f0s0 RDMA dev: mlx5_2 SF Index: pci/0000:03:00.1/294944 Parent PCI dev: 0000:03:00.1 Representor netdev: en3f1pf1sf0 Function HWADDR: 02:30:13:6a:2d:2c Auxiliary device: mlx5_core.sf.3 netdev: enp3s0f1s0 RDMA dev: mlx5_3 The parameters for these SFs are defined in configuration file /etc/mellanox/mlnx-sf.conf . Copy Copied! /sbin/mlnx-sf --action create --device 0000:03:00.0 --sfnum 0 --hwaddr 02:61:f6:21:32:8c /sbin/mlnx-sf --action create --device 0000:03:00.1 --sfnum 0 --hwaddr 02:30:13:6a:2d:2c Warning To avoid repeating a MAC address in the your network, the SF MAC address is set randomly upon BFB installation. You may choose to configure a different MAC address that better suit your network needs. Two OVS bridges are created: Copy Copied! # ovs-vsctl show f08652a8-92bf-4000-ba0b-7996c772aff6 Bridge ovsbr2 Port ovsbr2 Interface ovsbr2 type: internal Port p1 Interface p1 Port en3f1pf1sf0 Interface en3f1pf1sf0 Port pf1hpf Interface pf1hpf Bridge ovsbr1 Port p0 Interface p0 Port pf0hpf Interface pf0hpf Port ovsbr1 Interface ovsbr1 type: internal Port en3f0pf0sf0 Interface en3f0pf0sf0 ovs_version: "2.14.1" The parameters for these bridges are defined in configuration file /etc/mellanox/mlnx-ovs.conf : Copy Copied! CREATE_OVS_BRIDGES="yes" OVS_BRIDGE1="ovsbr1" OVS_BRIDGE1_PORTS="p0 pf0hpf en3f0pf0sf0" OVS_BRIDGE2="ovsbr2" OVS_BRIDGE2_PORTS="p1 pf1hpf en3f1pf1sf0" OVS_HW_OFFLOAD="yes" OVS_START_TIMEOUT=30 Warning If failures occur in /sbin/mlnx_bf_configure or configuration changes happen (e.g. switching to separated host mode) OVS bridges are not created even if CREATE_OVS_BRIDGES="yes" . OVS HW offload is configured.

Network interfaces are configured using the netplan utility:

Collapse Source Copy Copied! # cat /etc/netplan/50-cloud-init.yaml # This file is generated from information provided by the datasource. Changes # to it will not persist across an instance reboot. To disable cloud-init's # network configuration capabilities, write a file # /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following: # network: {config: disabled} network: ethernets: tmfifo_net0: addresses: - 192.168.100.2/30 dhcp4: false nameservers: addresses: - 192.168.100.1 routes: - metric: 1025 to: 0.0.0.0/0 via: 192.168.100.1 oob_net0: dhcp4: true renderer: NetworkManager version: 2 # cat /etc/netplan/60-mlnx.yaml network: ethernets: enp3s0f0s0: dhcp4: 'true' enp3s0f1s0: dhcp4: 'true' renderer: networkd version: 2

Copy Copied! ssh -6 ubuntu@fe80::21a:caff:feff:ff01%tmfifo_net<n>

Warning If tmfifo_net<n> on the host does not have an LLv6 address, restart the RShim driver: Copy Copied! systemctl restart rshim



