alphaspirit - Fotolia

Manage Learn to apply best practices and optimize your operations.

Why SUSE VMs have UEFI and secure boot issues

You won't be able to secure boot or use UEFI with SUSE VMs under Hyper-V because of certain support issues, so it's important to learn if your enterprise will be affected.

Why can't I secure boot or use UEFI with a SUSE VM under Hyper-V?

Although Hyper-V in Windows Server 2012 R2 supports Generation 1 and Generation 2 virtual machines, the introduction of Generation 2 greatly simplified how virtual hardware is presented to virtual machines (VMs). It also supports the Unified Extensible Firmware Interface (UEFI) rather than traditional legacy BIOS. This move adds flexibility to SUSE VM creation as powerful new server technologies become available.

For example, Generation 2 VMs can support a pre-boot execution environment to boot through standard network adapters, or boot from SCSI virtual hard drives or DVDs. In addition, the secure boot feature for Generation 2 VMs ensures the system starts using only trusted software by checking software signatures using UEFI firmware. If the signatures are accepted, the system starts normally.

Unfortunately, versions of SUSE Linux, such as SLES 11 SP3, SLES 11 SP2 and Open SUSE 12.3, do not support UEFI firmware or secure boot functionality for Generation 2 VMs under Windows Server 2012 R2. There is no current workaround to this limitation, and you'll need to use existing Generation 1 VMs. Ubuntu Linux 14.04 supports UEFI firmware, but not secure boot, so Ubuntu users may need to disable secure boot for the SUSE VM through Hyper-V Manager. As future Linux distributions embrace Generation 2 capabilities, it's likely more alternative distribution options will become available.

Next Steps

Problems to prep for when running Linux VMs in Hyper-V

Planning the live backup of an Oracle Linux VM in Hyper-V

Prevent problems with NUMA architecture on Hyper-V

Dig Deeper on Microsoft Hyper-V management