This document describes the server firmware design to be configured in the backplane microcontroler.

• Table of contents
• Bootloader
• Firmware
  • • FPGA start

Bootloader¶

1. Waits for 1 second for an USB/UART (FTDI or CH340G) upgrade.
2. If the boot failure value in the external flash is greater than 2 (configurable threshold in EEPROM) : Switch to the other firmware
   1. Enable the other external firmware
   2. Reset the boot failure failure value to zero
3. If the enabled external flash firmware version is different (not necessarily higher for downgrades) from the internal flash one
   1. Check the enabled firmware signature with the ATSHA crypto chip
   2. Copy the enabled firmware from the external flash to the internal flash
4. Increment the boot failure value in the external flash
5. Continue with the internal flash firmware

Firmware¶

1. Enable the watchdog
2. Sanity self-check
3. Reset the boot failure failure value to zero
4. Hardware devices check
5. Hardware devices initialization if needed (already up and running devices should not be reinitialized to allow firmware upgrade without downtime)
6. Configure the admin network (DHCP or fixed)
7. Start the enabled services
   1. RSyslogd
   2. HTTP REST API
   3. HTTP web admin interface
      1. SSL certificates management
      2. authentication
      3. permissions
      4. monitoring
      5. DB management
   4. Node manager
   5. Hardware monitoring service (prom)
   6. Backup manager
   7. ...
8. On a regular (scheduled) basis
   1. Update the hardware watchdog
   2. Query NTP to update the RTC

FPGA start¶

Check configure the specified FPGA with the specified (in configuration) gateware from the external flash