This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
ipmi_on_linux [2008/04/22 14:23] adam |
ipmi_on_linux [2016/11/25 22:38] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
===== Running IPMI on Linux ===== | ===== Running IPMI on Linux ===== | ||
+ | |||
==== What is IPMI? ==== | ==== What is IPMI? ==== | ||
- | IPMI is standard which allows remote server management, | + | IPMI is standard which allows remote server management, |
The primary benefits of IPMI are: | The primary benefits of IPMI are: | ||
Line 12: | Line 13: | ||
* Ability to set up a console on a serial port and have the BMC redirect that console over a network port, which in cooperation with BIOS level console redirection, | * Ability to set up a console on a serial port and have the BMC redirect that console over a network port, which in cooperation with BIOS level console redirection, | ||
- | Essentially, | + | Essentially, |
Line 20: | Line 22: | ||
* IPMI v1.0 - Autonomous access, logging and control. IPMI messaging command sets, sensor data records and event messages. Access through system interfaces like memory mapped IO, I2C bus etc. | * IPMI v1.0 - Autonomous access, logging and control. IPMI messaging command sets, sensor data records and event messages. Access through system interfaces like memory mapped IO, I2C bus etc. | ||
- | * IPMI v1.5 - Ability to send IPMI messages to BMC over LAN, LAN alerting. No SOL as part of standard but some vendor specific SOL implementations. | + | * IPMI v1.5 - Ability to send IPMI messages to BMC over LAN, LAN alerting. No SOL as part of the standard's specification |
- | * IPMI v2.0 - Serial Over LAN enabling console redirection, | + | * IPMI v2.0 - Serial Over LAN enabling console redirection, |
- | IPMI version 2.0 is desirable as it allows you to use SOL to get a remote console on the server as though it were local in cases where the operating system locks up and SSH or telnet access are not available due to the operating system being inoperable; v 2.0 also allows you to encrypt the contents of the IPMI packets | + | IPMI version 2.0 is desirable as it allows you to use SOL to get a remote console on the server as though it were local in cases where the operating system locks up and SSH or (heaven forbid) |
==== Glossary ==== | ==== Glossary ==== | ||
Line 52: | Line 54: | ||
* SuperoDoctor : A SuperMicro proprietary IPMI tool. Verision II is a command line tool for local access on the managed system to IPMI interface. Version III is a GUI based tool for local access but works only on windows platform. This requires the openIPMI kernel modules to be installed on the managed machine. | * SuperoDoctor : A SuperMicro proprietary IPMI tool. Verision II is a command line tool for local access on the managed system to IPMI interface. Version III is a GUI based tool for local access but works only on windows platform. This requires the openIPMI kernel modules to be installed on the managed machine. | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
==== Installation ==== | ==== Installation ==== | ||
Line 70: | Line 61: | ||
For Supermicro servers, open up the server chassis and make a note of the MAC address on the IPMI port. You're supposed need this later when flashing the BMC with it's firmware, however I found that it wasn't necessary to tell the BMC it's MAC address as it already knew and offered it as a default when asking for it. The wise amongst you will write this down anyway and compare it to what the flashing utility says. Beware also that the Supermicro docs erroneously tell you to get the MAC address from the LAN ports, not the BMC socket, this is wrong, you need the MAC written on the BMC's socket. | For Supermicro servers, open up the server chassis and make a note of the MAC address on the IPMI port. You're supposed need this later when flashing the BMC with it's firmware, however I found that it wasn't necessary to tell the BMC it's MAC address as it already knew and offered it as a default when asking for it. The wise amongst you will write this down anyway and compare it to what the flashing utility says. Beware also that the Supermicro docs erroneously tell you to get the MAC address from the LAN ports, not the BMC socket, this is wrong, you need the MAC written on the BMC's socket. | ||
- | In the BIOS, set the console redirection to COM2, which is the BMC console port, it doesn' | + | In the BIOS, set the console redirection to COM2, which is the BMC console port, it doesn' |
- | Supermicro BMCs require you to boot from a CD and use their tool to flash the BMC prior to use, refer to the FTP link below and go up a few directories to get the latest IPMI CD image (the one shipped with the server caused me problems). Burn the image to a CD and boot from it. Use the utility to install the firmware for your IPMI version and then your motherboard version. I had to guess whether to use RCMP+ or RCMP. I have the [[http:// | + | Supermicro BMCs require you to boot from a CD and use their tool to flash the BMC prior to use, refer to the FTP link below and go up a few directories to get the latest IPMI CD image (the one shipped with the server caused me problems). Burn the image to a CD and boot from it. Use the utility to install the firmware for your IPMI version and then your motherboard version. I had to guess whether to use RCMP+ (meaning it supports encryption) |
When the process finished, use the ipnmac utility while still booted from the CD, by typing ipnmac (if you're not in the right directory you'll have to navigate using cd and dir commands to find it). Give it a unique IP address from any other interface on the machine or on your network. The BMC needs to be network addressable in its own right. Also give it the MAC address you took from the IPMI socket on the motherboard, | When the process finished, use the ipnmac utility while still booted from the CD, by typing ipnmac (if you're not in the right directory you'll have to navigate using cd and dir commands to find it). Give it a unique IP address from any other interface on the machine or on your network. The BMC needs to be network addressable in its own right. Also give it the MAC address you took from the IPMI socket on the motherboard, | ||
Line 94: | Line 85: | ||
modprobe ipmi_msghandler | modprobe ipmi_msghandler | ||
modprobe ipmi_devintf | modprobe ipmi_devintf | ||
+ | modprobe ipmi_si | ||
+ | |||
+ | If ipmi_si won't load, you may need to use: | ||
+ | |||
modprobe ipmi_si type=kcs ports=0xca8 regspacings=4 | modprobe ipmi_si type=kcs ports=0xca8 regspacings=4 | ||
- | If ipmi_si won't load, look at the output of dmidecode for the base address of your IPMI BMC and then use that base address for the '' | + | Or look at the output of dmidecode for the base address of your IPMI BMC and then use that base address for the '' |
Kernel 2.4 people will have to follow the Debian IPMI instructions, | Kernel 2.4 people will have to follow the Debian IPMI instructions, | ||
- | If this works without errors then Fedora/ | + | If this works without errors then Fedora/ |
If you then '' | If you then '' | ||
+ | |||
==== Setting Up Serial Consoles ==== | ==== Setting Up Serial Consoles ==== | ||
Line 110: | Line 106: | ||
You should have set up your BIOS for console redirection earlier, so now we will do the bootloader and init. | You should have set up your BIOS for console redirection earlier, so now we will do the bootloader and init. | ||
- | To allow your bootloader to redirect over the BMC's serial port, edit / | + | To allow your bootloader to redirect over the BMC's serial port, for Grub v1, edit / |
+ | |||
+ | serial --unit=1 --speed=19200 --word=8 --parity=no --stop=1 | ||
+ | terminal --timeout=10 serial console | ||
Disable splash screens by commenting out anything starting with splash outside of the OS boot menu section and remove any splash options from your kernel lines. A text console can't display them. | Disable splash screens by commenting out anything starting with splash outside of the OS boot menu section and remove any splash options from your kernel lines. A text console can't display them. | ||
- | Add '' | + | To make kernel messages output over your BMC, add '' |
title | title | ||
Line 123: | Line 122: | ||
boot | boot | ||
- | This gives you a serial console on the second serial port, which should be your BMC's serial port. The order of the console options above os above. The last listed will be the system' | + | For Grub2, look [[http:// |
+ | |||
+ | This gives you a serial console on the second serial port, which should be your BMC's serial port, at 19200Kb per second, which should match what you chose in the BIOS. The order of the console options above is important. The last listed will be the system' | ||
About halfway through the bootup procedure, once the kernel has booted and loaded drivers for your hardware and has mounted the hard disks and so on, the bootloader hands over to init which brings up your services and network configurations etc. To get init and therefore your booting/ | About halfway through the bootup procedure, once the kernel has booted and loaded drivers for your hardware and has mounted the hard disks and so on, the bootloader hands over to init which brings up your services and network configurations etc. To get init and therefore your booting/ | ||
Line 133: | Line 134: | ||
S1: | S1: | ||
- | This gives you a serial console on the second serial port, which should be your BMC's serial port, for the BIOS as configured earlier, the bootloader and init. | + | This gives you a serial console on the second serial port, which should be your BMC's serial port, for the BIOS as configured earlier, the bootloader and init. Again, change 19200 to whatever you chose in your BIOS. |
- | + | ||
+ | Users of Ubuntu (and presumably Debian and it's other derivative distributions) can read [[https:// | ||
==== IPMI Commands ==== | ==== IPMI Commands ==== | ||
Line 169: | Line 169: | ||
ipmitool -I open chassis power status | ipmitool -I open chassis power status | ||
| | ||
- | -I open - use the local openipmi interface. | + | -I open - use the local openipmi |
chassis | chassis | ||
power - run a command relating to power. | power - run a command relating to power. | ||
Line 176: | Line 176: | ||
Thats pretty simple. | Thats pretty simple. | ||
- | Assuming you get a local response, then try a remote command from another machine, you won't need to be root as you are talking to the BMC directly, rather than through the OS. | + | Assuming you get a local response, then try a remote command from another machine, you won't need to be root as you are talking to the BMC directly, rather than through the OS. IPMI 2.0 BMCs support both encrypted (RCMP+) and non-encrypted (RCMP) IPMI traffic sent over the network, 1.5 BMCs only support non-encrypted traffic. Encrypted lan traffic is specified by the '' |
- | adam@ns0:~$ ipmitool -I lan -H 192.168.10.123 -U root -a chassis power status | + | adam@ns0:~$ ipmitool -I lanplus |
Password: | Password: | ||
Chassis Power is on | Chassis Power is on | ||
- | adam@ns0:~$ ipmitool -I lan -H 192.168.10.123 -U root -a chassis status | + | adam@ns0:~$ ipmitool -I lanplus |
Password: | Password: | ||
System Power : on | System Power : on | ||
Line 205: | Line 205: | ||
Command dissection: | Command dissection: | ||
- | ipmitool -I lan -H 192.168.10.123 -U ipmiadmin -a chassis power status | + | ipmitool -I lanplus |
| | ||
- | -I lan - Run the command over the LAN. | + | -I lanplus |
-H 192.168.10.123 | -H 192.168.10.123 | ||
- | -U root - -U specifies a user, followed by the username set up on the BMC, not a local or remote OS user. | + | -U root - -U specifies a user, followed by the username set up on the BMC, this is not a local or remote OS user. |
- | -a - prompt for password. | + | -a - prompt for password. You can also possible to supply the password as an environment variable instead of using -a, but I guess this is less secure. |
chassis power status | chassis power status | ||
If that all works for you then you can a woop and a holler. | If that all works for you then you can a woop and a holler. | ||
- | IPMItool has a familiar UNIX or Cisco IOS syntax, which allows you to complete the command as you go along. If you type in an incomplete command, IPMItool will provide you with a list of options that can be used to complete your command. | + | IPMItool has a familiar UNIX bash shell or Cisco IOS syntax, which allows you to complete the command as you go along. If you type in an incomplete command, IPMItool will provide you with a list of options that can be used to complete your command. |
Simply typing ipmitool -I open will offer the top-level sub-commands, | Simply typing ipmitool -I open will offer the top-level sub-commands, | ||
Line 276: | Line 276: | ||
ipmitool lan set 1 snmp < | ipmitool lan set 1 snmp < | ||
+ | |||
+ | ==== Getting a Remote Console Using IPMI==== | ||
+ | |||
+ | To get a Serial Over LAN console, assuming you have set up the various BMC redirections correctly, run: | ||
+ | |||
+ | ipmitool -I lanplus -H 192.168.10.123 -U ipmiadmin -a sol activate | ||
+ | |||
+ | SOL only works on IPMI 2.0 BMCs and so only works with devices which support the encrypted lanplus interface (though my Supermicro' | ||
+ | |||
+ | If SOL doesn' | ||
+ | |||
+ | ~. | ||
+ | |||
+ | to get out. It seems that inside a SOL session, all of ipmitool' | ||
+ | |||
+ | Alternatively you may use a graphical tool as described below. | ||
==== Graphical IPMI ==== | ==== Graphical IPMI ==== | ||
- | Graphical IPMI tools make life easier as you don't have to remember commands or syntax and as most GUI tools are provided by the IPMI device vendors, they may offer vendor specific functionality that isn't available in the generic command line tools. Of course, in all cases except regarding vendor specific (and thus not standards compliant) functionality, | + | Graphical IPMI tools make life easier as you don't have to remember commands or syntax and as most GUI tools are provided by the IPMI device vendors, they may offer vendor specific functionality that isn't available in the generic command line tools. Of course, in all cases except regarding vendor specific (and thus not standards compliant) functionality, |
This section describes the installation and use of Supermicro' | This section describes the installation and use of Supermicro' | ||
- | There is a Java application from Supermicro called IPMIView which allows you to graphically manage servers with IPMI BMCs. The primary advantage of this tool is that SOL works easily. The version which is shipped on the CD (as of late 2007) doesn' | + | There is a Java application from Supermicro called IPMIView which allows you to graphically manage servers with IPMI BMCs. The primary advantage of this tool is that SOL works easily |
Install as a regular user using sudo from the command line (by uncommenting the following line from / | Install as a regular user using sudo from the command line (by uncommenting the following line from / | ||
Line 316: | Line 332: | ||
You should now be able to search for the host's IPMI device address in IPMIView and log in with the username and password of ADMIN. You should add a new user, change it's user level to administrator and delete the ADMIN user. | You should now be able to search for the host's IPMI device address in IPMIView and log in with the username and password of ADMIN. You should add a new user, change it's user level to administrator and delete the ADMIN user. | ||
+ | |||
+ | |||
+ | |||
==== Links ==== | ==== Links ==== | ||
Line 348: | Line 367: | ||
[[ftp:// | [[ftp:// | ||
+ | |||
+ | The April 2008 issue, number 89, of Linux Pro Magazine (aka Linux Magazine outside of Canada and the USA), contains a decent IPMI article written by Justin Penney. This doesn' | ||
=== IPMI Howtos === | === IPMI Howtos === | ||
- | [[http:// | + | [[https:// |
+ | |||
+ | [[http:// | ||
[[http:// | [[http:// |