C H A P T E R 2 |
IPMI Server Management |
Server manufacturers today have to re-invent how each new server manages itself. The hardware and software design for one server does not necessarily work with another. Every server supplier provides basic monitoring and data collection functions but no two do it exactly the same. These proprietary implementations for manageability only complicate the problem.
The standardization of server-based management, called Intelligent Platform Management Interface (IPMI), provides a solution. IPMI allows you to interconnect the CPU and devices being managed. It allows for:
IPMI is an industry-standard, hardware-manageability interface specification that provides an architecture defining how unique devices can all communicate with the CPU in a standard way. It facilitates platform-side server management and remote server-management frameworks, by providing a standard set of interfaces for monitoring and managing servers.
With IPMI, the software becomes less dependent on hardware because the management intelligence resides in the IPMI firmware layer, thereby creating a more intelligently managed server. The IPMI solution increases server scalability by distributing the management intelligence closer to the devices that are being managed.
In order to perform autonomous platform-management functions, the processor runs embedded software or firmware. Together, the processor and its controlling firmware are referred to as the Baseboard Management Controller (BMC), which is the core of the IPMI structure. Tightly integrating an IPMI BMC and management software with platform firmware facilitates a total management solution.
The BMC is a service processor integrated into the motherboard design, providing a management solution independent of the main processor. The monitored server can communicate with the BMC through one of three defined interfaces, which are based on a set of registers shared between the platform and the BMC.
Note - In these servers, the SP has software that emulates a BMC. |
The BMC provides the intelligence behind IPMI. In these servers, the SP serves as the BMC, providing access to sensor data and events through the standard IPMI interfaces.
IPMI defines a mechanism for server monitoring and recovery implemented directly in hardware and firmware. IPMI functions are available independent of the main processors, BIOS and operating system.
IPMI monitoring, logging and access functions add a built-in level of manageability to the platform hardware. IPMI can be used in conjunction with server-management software running under the OS, which provides an enhanced level of manageability.
IPMI provides the foundation for smarter management of servers by providing a methodology for maintaining and improving the reliability, availability and serviceability of expensive server hardware.
The server supports IPMI through the SP software version 2.0 and later. These servers meet compliance standards for IPMI version 1.5.
The IPMI implementation on these servers also support LAN channel access. (Refer to the IPMI specification version 1.5 for details.) The LAN channel access is disabled by default. To enable it, use the ipmi enable channel command and specify the ID of the channel to enable for the LAN Interface, as follows.
# ssh spipaddr -l spuser ipmi enable channel {sms | lan}
For more information about enabling or disabling the IPMI channel, refer to Appendix E.
Operator and administrator-level access over the LAN channel requires a valid user ID and password. These servers come preconfigured with an administrator-level user with a null user ID. However, you can re-add the anonymous user at a later time if you wish. You can configure both the user ID and password to be null.
Note - For security reasons, the LAN channel access is disabled by default. |
Note - IPMI user identities are in no way associated with user accounts defined for server-management capabilities. Refer to Initial Setup of the Service Processor for more information about these server-management user accounts. |
On these servers, Lights Out Management is performed through IPMItool, a utility for controlling IPMI-enabled devices.
IPMItool is a simple command-line interface (CLI) to servers that support the Intelligent Platform Management Interface (IPMI) v1.5 specification. It provides the ability to:
Originally written to take advantage of IPMI-over-LAN interfaces, IPMItool is also capable of using a system interface, as provided by a kernel device driver such as OpenIPMI.
http://ipmitool.sourceforge.net/
http://www.intel.com/design/servers/ipmi/spec.htm
http://openipmi.sourceforge.net/
The syntax used by IPMItool is as follows:
ipmitool [-ghcvV] -I lan -H address [-P password] expression
ipmitool [-ghcvV] -I open expression
TABLE 2-1 lists the options available for IPMItool.
TABLE 2-2 lists the expressions and parameters available for IPMItool.
Note - For each of these expressions, the beginning command is always ipmitool, followed by the expression and parameter(s). |
Note - The sol command is not supported in these servers, but you can enable a Serial-over-LAN feature. See Serial Over LAN. |
The IPMItool application utilizes a modified MontaVista OpenIPMI kernel device driver found on the Sun Fire V20z and Sun Fire V40z Servers Documentation and Support Files CD. The driver has been modified to use an alternate base hardware address and modified device IO registration.
This driver must be compiled and installed from the Documentation and Support Files CD.
The following kernel modules must be loaded in order for IPMItool to work:
The message handler for incoming and outgoing messages for the IPMI interfaces.
An IPMI Keyboard Controller Style (KCS) interface driver for the message handler.
Linux-character-device interface for the message handler.
To force IPMItool to use the device interface, you can specify it on the command line:
# ipmitool -I open [option...]
To install and compile this kernel device driver, see Initial Setup of the Service Processor.
Note - In these servers, the SP has software that emulates a BMC. |
The IPMItool LAN interface communicates with the BMC over an Ethernet LAN connection using User Datagram Protocol (UDP) under IPv4. UDP datagrams are formatted to contain IPMI request/response messages with IPMI session headers and Remote Management Control Protocol (RMCP) headers.
Remote Management Control Protocol is a request-response protocol delivered using UDP datagrams to port 623. IPMI-over-LAN uses version 1 of the RMCP to support management both before installing the OS on the server, or if the server will not have an OS installed.
The LAN interface is an authenticated, multi-session connection; messages delivered to the BMC can (and should) be authenticated with a challenge/response protocol with either a straight password/key or an MD5 message-digest algorithm. IPMItool attempts to connect with administrator privilege level as this is required to perform chassis power functions.
With the -I option, you can direct IPMItool to use the LAN interface:
# ipmitool -I lan [option...] address password
To use the LAN interface with IPMItool, you must provide a host name on the command line.
The password field is optional; if you do not provide a password on the command line, IPMItool attempts to connect without authentication. If you specify a password, it uses MD5 authentication, if supported by the BMC; otherwise, it will use straight password/key.
The file /dev/ipmi0 is a character-device file used by the OpenIPMI kernel driver.
If you want to remotely control the power of an IPMI-over-LAN-enabled server, you can use the following commands:
# ipmitool -I lan -H spipaddr -P sppasswd chassis power on
Chassis Power Control: Up/On
# ipmitool -I lan -H spipaddr -P sppasswd chassis power status
Chassis Power is on
To view the System Event Log (SEL), use IPMItool.
# ipmitool -I lan -H spipaddr -P ipmipasswd sel list
The in-band command (using OpenIPMI on a Linux-based server or LIPMI on a Solaris-based server) is:
# ipmitool -I open sel list
Note - To receive more verbose logging messages, you can run the following command:
|
You can use commands to clear the contents of the IPMI SEL.
Use one of the following commands, depending on your OS:
TABLE 2-3 describes some potential issues with IPMI and provides solutions.
Copyright © 2004, Sun Microsystems, Inc. All Rights Reserved.