Shulou(Shulou.com)06/03 Report--

Introduction and use of ipmi

What is IPMI?

How IPMI works

What can IPMI do?

IPMI Functionality

Side-Band and Out-of-Band

The following functions can be achieved with ipmi

What does IPMI do?

Be careful

Server-side settin

Client Settin

Operate in the local operating system

Remote operation

What is IPMI?

The Intelligent Platform Management Interface (IPMI) specification is an Intel led standard which defines a set of common interfaces to a computer system which system administrators can use to monitor system health and manage the system. More than two hundred companies support IPMI. Dell, HP, Intel Corporation and NEC Corporation announced IPMI v1.0 on 1998-09-16, v1.5 on 2001-03-01, and v2.0 on 2004-02-14. The technology is now considered a de-facto standard.

IPMI is the abbreviation of Intelligent platform Management Interface (Intelligent Platform Management Interface). It is an industry standard used to manage the peripherals used in enterprise systems based on Intel structure. The standard is developed by Intel, Hewlett-Packard, NEC, Dell computer and SuperMicro. Users can use IPMI to monitor the physical health characteristics of the server, such as temperature, voltage, fan working status, power supply status and so on. And more importantly, IPMI is an open free standard, so users don't have to pay extra to use it.

Since 1998, IPMI Forum has created the IPMI standard dependency, which has been supported by more than 170 vendors, which has gradually become a complete hardware management specification that includes servers and other systems (such as storage devices, networks and communication devices). At present, the latest version of the standard is IPMI 2.0, which has many improvements. This includes the ability to manage server systems (including remote switches) through serial ports, Modem and Lan, as well as improvements in security, VLAN and blade support.

IPMI provides an intelligent management mode for a large number of jobs that monitor, control and automatically reply to the server. This standard applies to different server topologies, as well as Windows, Linux, Solaris, Mac, or hybrid operating systems. In addition, because IPMI can operate under different attribute values, IPMI can function properly even if the server itself is not functioning properly or cannot provide services for any reason.

The core of IPMI is a dedicated chip / controller (called server processor or substrate management controller (BMC)), which does not rely on the server's processor, BIOS or operating system to work. It is very independent. It is an agentless management subsystem running separately in the system. As long as it has BMC and IPMI firmware, it can start working, while BMC is usually an independent board installed on the server motherboard. There are also server motherboards that provide support for IPMI. The good autonomous feature of IPMI overcomes the limitations of the previous operating system-based management, such as operating system can still switch on and off, information extraction and so on when the operating system does not respond or is not loaded.

When working, all IPMI functions are completed by sending commands to BMC, which uses the instructions specified in IPMI specification. BMC receives and records event messages in the system event log, and maintains sensor data records that describe the situation of sensors in the system. IPMI's new serial (SOL) feature on LAN is useful when you need remote access to the system. SOL changes the direction of the local serial port during an IPMI session to provide remote access to emergency management services, Windows dedicated management consoles, or Linux serial consoles. BMC does this by changing the direction of the information sent to the serial port on the LAN, providing a standard way to diagnose and repair faults by remotely viewing startup, operating system loaders, or emergency management consoles independent of the manufacturer.

How does IPMI work?

The Serial Over LAN (SOL) feature is useful when remote access to the system text console is required. SOL redirects the local serial interface through an IPMI session, allowing remote access to Windows's Emergency Management console (EMS), Special Management console (SAC), or LINUX Serial console. The step in this process is for the IPMI firmware to intercept the data and then resend the information directed to the serial port over the local area network. This provides a standard way to remotely view the BOOT, OS loader, or emergency management console to diagnose and fix server-related problems, regardless of vendor. It allows various components to be configured during the boot phase.

In terms of the security of command transmission, users need not worry. IPMI's enhanced authentication (based on secure hash algorithm 1 and key hash message authentication) and encryption (Advanced encryption Standard and Arcfour) features help to achieve secure remote operations. Support for VLAN provides convenience for setting up and managing private networks, and can be configured on a channel-based basis.

What can IPMI do? IPMI Functionality?

An IPMI sub-system operates independently of the operating system and allows administrators to manage a system remotely even in the absence of an operating system or the system management software, or even if the monitored system is powered off, but connected to a power source. IPMI can also function after the operating system has started, and exposes management data and structures to the system management software. IPMI prescribes only the structure and format of the interfaces as a standard, while detailed implementations may vary. An implementation of IPMI version 1.5 can send out alerts via a direct serial connection or side-band local area network (LAN) connection to a remote client. IPMI uses what is called a side-band LAN connection, which utilizes the board Network Management Interface (NIC). This solution is less expensive of a dedicated LAN connection but also has limited bandwidth. Systems compliant with IPMI version 2.0 can also send alerts via serial over LAN. System administrators can then use IPMI messaging to query platform status, to review hardware logs, or to issue other requests from a remote console through the same connections. The standard also defines an alerting mechanism for the system to send a simple network management protocol (SNMP) platform event trap (PET).

Side-Band and Out-of-Band?

IPMI implements what is often called a "side-band" management LAN connection. This connection utilizes a System Management Bus (SMBUS) interface between the BMC and the boardNetwork Interface Controller (NIC). This solution has the advantage of reduced costs but also provides limited bandwidth-sufficient for text console redirection but not for video redirection. In other words, when a remote computer is down the system administrator can access it through IPMI and utilize a text console. This will be sufficient for a few vital functions, such as checking the event log, accessing the BIOS setup and perform power on, power off or power cycle. However, more advanced functions, such as remote re-installation of an operating system, may require an Out-of-band management approach utilizing a dedicated LAN Connection.

Can you use ipmi to achieve the following functions?

1. It can be managed remotely when the server is powered on (without booting the operating system): boot, shutdown, restart

two。 Text-based console redirection, you can remotely view and modify bios settings, system startup process, login system, etc.

3. You can connect to the server remotely through sol to solve problems such as unreachable ssh services, remote installation of the system, and viewing system startup failures.

4. Can be accessed through the serial port of the system

5. Failure logging and SNMP alarm sending, access to system event logs (System Event Log, SEL) and sensor status

What does IPMI do?

Test environment: dell R410 server, supporting ipmi 2.0, the first network card to connect to the switch

The BMC of Dell can realize network management through the first network card integrated on the motherboard, and the IP set by ipmi needs to be occupied separately.

The Dell server implements the IPMI v1.5 specification in the 1850 IPMI 2850 series, that is, the ability to shut down and restart the server through ipmi instructions, but not the ipmi console login. The Dell server implemented the IPMI v2.0 specification after 1950 IPMI 2950 to redirect the console to ipmi so that you can connect to the server remotely, just like a keyboard and monitor.

BMC Management traffic will not function properly if the LAN on Motherboad (LOM) is teamed with any network adapter add-in-cards is prompted when IPMI Over LAN is activated, indicating that the IPMI function will fail if the network card is on the motherboard and the network card bonding is attached.

Server-side settings?

1.ipmi configuration SOL (Serial Over LAN): Remember to make sure that your Base management controller has IPMI 2.0 functionality.

When post reaches the following screen, press ctrl-E to enter the configuration of ipmi:

Enter the IPMI interface:

Enter LAN Parameters and configure nic selection as Share:

Set ipv4 to static and set ip. If you do not need to manage through the public network, you do not need to set a gateway:

Set the user name and password, here I set it to ADMIN and password:

two。 Configure console redirection for bios:

After turning on f2, the following interface appears after the self-test

Press f2 again to select Serial Communication

After selecting "Serial Communication", the configuration is as follows:

And then modify the field labeled "Serial Communication" to be "On with Console Redirection via COM2". This will pipe all the console traffic to COM2, which is connected to the BMC.

Be careful?

When Failsafe baud rate is set to 115200, the relevant speed settings such as grub and kernel should be the same, otherwise garbled may be displayed.

When Remote Terminal Type is set to VT100/VT220, client needs to be consistent.

Redirection After Boot is set to Enabled so that the operating system can be controlled through sol.

Instead of using "VT100/VT220" as your terminal type, you may select "ANSI", the output will not be as pretty though, since ANSI doesn't support some of the characters represented in the console.

Once your settings are configured press "Enter", then "Escape". Save the changes to the BIOS and Reboot.

The network of ipmi needs to communicate with the first network card of the server, namely eth0.

3. Configure the operating system:

Vi / boot/grub/grub.conf

The result of the configuration is:

Serial-unit=1-- speed=115200-- word=8-- parity=no-- stop=1 terminal-- timeout=3 console serial default=0 timeout=5 title CentOS (2.6.18-194.el5) root (hd0,0) kernel / vmlinuz-2.6.18-194.el5 ro root=LABEL=/ console=tty0 console=ttyS1,115200n8 initrd / initrd-2.6.18-194.el5.img

The configuration is explained as follows:

Add the following two lines before the first Title to redirect the grub to the com port, so that when you start loading the grub, the system will display: Press any key to continue. Press any key to enter the grub selection menu.

Serial-unit=1-speed=115200-word=8-parity=no-stop=1 terminal-timeout=5 serial console

Comment splashp_w_picpath because only text content can be redirected

# splashp_w_picpath= (hd0,0) / grub/splash.xpm.gz

Comment hiddenmenu so that if you have multiple kernels or operating systems, you can choose grub

# hiddenmenu

Pass the parameter console=tty1 console=ttyS1,115200 to the kernel to redirect the CONSOLE to the serial port, and you can see the boot process of the system.

Kernel / vmlinuz-2.6.18-194.el5 ro root=/dev/VolGroup00/LogVol00 console=tty1 console=ttyS1,115200

Note: if console=tty1 is not configured in the kernel line, the kernel boot process will not be displayed even if the monitor is connected to the system boot.

Vi / etc/inittab

# must be text to redirect, so you cannot select 5-X11

Id:3:initdefault:

# in order to display the interface of the login system

7:2345:respawn:/sbin/agetty-h ttyS1 115200 vt100

Vi / etc/securetty # in order to log in to the system through sol

TtyS1 client settings? yum install-y OpenIPMI OpenIPMI-tools

The terminal settings under mac are as follows: note: set the terminal emulation window to 80x25. Otherwise, the screen may appear garbled.

Sometimes the lines show overlap, reopen a tab, and then the sol will be normal.

Some machines will stay in the following interface for nearly 10 minutes after rebooting:

GRUB Loading stage2... Press any key to continue. Operating in the local operating system? chkconfig ipmi on service ipmi start

Use the ipmitool command to set up IPMI:

Ipmitool-I open lan set 1 ipaddr 10.10.10.8 ipmitool-I open lan set 1 netmask 255.255.255.0 ipmitool-I open lan set 1 access on

If you need to set up a gateway:

Ipmitool-I open lan set 1 defgw ipaddr 10.10.10.99

To enhance BMC security, modify the default SNMP communication string:

Ipmitool-I open lan set 1 snmp COMUNIATION

Set the password for the null user:

Ipmitool-I open lan set 1 password PASSWD

Set the root user password:

Ipmitool-I open user set password 2 PASSWD

Check the configuration:

Ipmitool-I open lan print 1 remote operation?

Check whether the target server is started: boot, shutdown

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD power status

Soft shutdown is equivalent to pressing the power button quickly:

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD power soft

Hard shutdown is equivalent to pressing the power button for a few seconds:

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD power off

Start the system:

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD power on

Soft restart:

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD power cycle

Hard restart (this is the same as artificial hard restart by pressing the power button or abnormal power loss, which may result in raid loss or data loss of the hard drive):

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD power reset

Show Syslog (sel, system event log):

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD sel list

Change the password:

Ipmitool-I lan-H 10.10.10.8-U ADMIN-P PASSWORD user set password 2 NEWPASSWORD

Console redirect, press ~. Exit:

Ipmitool-I lanplus-U ADMIN-P PASSWORD-H 10.10.10.8 sol activate

Note: Sometimes you'll find that when you exit the console, the BMC will still believe that the session is connected, and so when you try to connect again, it will say console redirection is already open. To fix this, type "sol deactivate" instead of "sol activate" This will disconnect the previously connected session and you'll be free to issue your command again (sol activate), and you should be able to connect without any problem.

For other commands, see help:

Ipmitool-help

# if you don't use ipmi sol for remote management, you can also use a terminal server solution: terminal servers have many COM ports and can connect to multiple servers (or CONSOLE of network devices such as Cisco routers) at the same time for centralized management.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.