Frequently asked questions about IPMI in Supermicro motherboards: why it is needed, features, visual demonstration, pitfalls.
1) The most popular myth about KVM-over-LAN is that it is "not needed". For some reason, many people confuse it with regular remote access to the text/graphical OS console, i.e. "Why do we need KVM-over-LAN if we have SSH, VNC, RDP and Radmin?"
The difference is fundamental: KVM-over-LAN is not just access to the OS console, it does not depend on the OS in any way, it is access to the console of the server itself (and not only to the console, details will be below), i.e. we can, for example: go into the BIOS of the motherboard or additional. controller, install the OS, configure sensor monitoring (which, again, is very important - independent of the OS) via SNMP, etc.
2) How it works? It works quite simply, here it is structural scheme(Supermicro has recently been using, as a rule, Winbond or Nuvoton WPCM450:
All the work is done by the BMC (Baseboard management controller) processor - it has its own memory and a specialized OS (usually on Linux based). BMC uses USB bus for connection virtual keyboard, mouse and CD/DVD/FDD drives. Through other buses, readings from fan rotation sensors, temperature sensors, power management, and access to the COM port are collected (for remote access to the serial console). BMC is also engaged in capturing and redirecting the contents of the video buffer - modern BMCs already have an integrated video core; once upon a time, in the first implementations, BMC was engaged in digitizing the analog signal from a separate VGA controller. Exchange data with " outside world" occurs via ethernet (a dedicated port or one of the ports of an ethernet controller located on the system board).
Actually, WPCM450 in Supermicro products is a system based ARM processor 926EJ-S running Linux OS on kernel 2.6.
For diagnostic purposes, you can log in via SSH, where busybox will be waiting for you.
3) How much does it cost?
Supermicro is currently integrating IPMI BMC directly onto motherboards. Previously, additional modules were used (for example, AOC-SIMSO+). The presence of IPMI BMC on the Supermicro board is indicated by the letter F, for example: X8DTi and X8DTi-F, and the price difference does not exceed $50, which is already an obvious answer to the question “is it necessary or not,” because external IP-KVM will cost you much more. Installing a regular KVM and every time you need to reinstall or reflash something, going to the server room is also not an option, it’s a waste of time, because your server may be located tens or hundreds of kilometers away, and, in the end, it’s just inconvenient.
4) What does this look like in practice?
IPMI can be accessed either through IPMIView (a specialized utility in Java, there are assemblies for Windows and Linux) or through a regular browser (when connected to the graphical console, an additional java application will launch).
Let's take a look at IPMIView. To begin with, you can configure the IPMI ethernet port in the BIOS: the default is DHCP, but you can manually set the required IP/mask/gateway, VLAN tag (it is better to separate all stung management into a separate subnet for reasons of security and convenience).
We launch IPMIView and find the required server (you can scan a range of addresses for the presence of IPMI), the default login/password is ADMIN/ADMIN.
- Graceful shutdown- simulates a quick press Power buttons, so that the OS can correctly turn off the power on its own.
- Power Cycle- this is a Graceful shutdown followed by power on
- Reset And Power Up speak for themselves
- Power Down- hard shutdown, with a long press of the Power button
Network settings can be changed if necessary on the BMC Setting tab (remember that you can mistakenly lose remote access to the server). By the way, about remote access: the following ports are used (they will need to be forwarded through NAT or provide a way to access the management network, for example, through a VPN):
TCP:
- HTTP: 80
- HTTPS: 443
- 5901 - needed for a graphical console
- 5900 - HID, virtual keyboard/mouse traffic
- 5120 - virtual CD/DVD drive traffic
- 5123 - virtual FDD traffic
- IPMI: 623
On the tab KVM Console you can see the most useful thing- graphical server console. There are also buttons for taking a screenshot, managing virtual media (Virtual Media), switching to full-screen mode and an additional soft keyboard. Why is it needed if there is a hardware room? For various key combinations that for some reason cannot be sent to the server from a hardware keyboard, for example the classic Ctrl+Alt+Delete.
Here are a few features:
- If you have an LSI controller, then you are familiar with the mouse-oriented LSI Webbios interface. So: the mouse in Webbios via IPMI does not work in modern Supermicro boards, this is due to the fact that Webbios is designed for a PS/2 mouse, and IPMI emulates a USB mouse. In the FAQ section technical support Supermicro is considering this issue, but the recommendations do not help. You have to use only the keyboard, which is not very convenient, because... Not all items can be navigated using Tab - you need combinations with Alt, which can only be processed through the Soft Keyboard.
Switching layouts in WinPE 3.0 does not work. So build WinPE from English layout, to do this you need to add the following command to the build script after mounting the Wim image:
Dism /image:C:\winpe64\mount /Set-InputLocale:1033:00000409 "C:\winpe64\mount" - image mount point.
If you wish, you can change the locale and interface language at the same time - see the documentation for WinPE.- For non-Windows OS, change the cursor synchronization mode from absolute to relative.
You can either redirect the local drive or connect the image, which is much more convenient. For the corresponding device to appear in the boot BIOS menu A reboot may be required.
P.S. How to reset IPMI password? Only using the console utility ipmicfg. Available in versions for DOS, Windows and Linux. Running ipmicfg -fd resets all settings and sets the login/password of a user with administrative rights to the standard ADMIN/ADMIN.
Update from 04/18/2010. At some point, after the next Java update, an attempt to mount iso image in IPMIView began to cause it to crash (Windows 7 64bit with the latest updates). A new release of IPMIView has been released (build 110412 dated April 12). I have not yet checked whether this bug is fixed there, since you can use the console launch via the web interface.
Go to the tab Remote Control, click Launch Console and get it in a separate window Redirection Viewer, similar in functionality to the console in IPMIView.
It’s worth adding that the web interface does not make it easier to access the console from an external network - Redirection Viewer- this is not a Java applet, but a separate Java application and uses the same ports for video, HID and virtual drive traffic: 5900, 5901, 5120, 5123.
P.S. from 01.12.2011. Additional article: FreeIPMI.
P.S. from 06.10.2013. Similar.
P.S. from 11/10/2013.
P.S. dated June 20, 2014. Again .
Hello everyone, today I’ll tell you what an IPMI management port is, how a system engineer can use it at work on a daily basis, simplifying his life to the point of disgrace.
IPMI ( Intelligent Platform Management Interface) is an interface for remote monitoring and management of the physical state of the server. IPMI is an analogue of the well-known IP-KVM developments, iLo,.
IPMI capabilities
- remote activation, shutdown and reboot of the server;
- monitoring of temperature, voltage and cooling system;
- remote connection to the storage media server (for example, to install OS and software);
- management of user accounts and rights (there is support for LDAP and);
- access port management and access protection SSL- certificate;
- setting up notifications about server operation.
How does the BMC controller work?
Let's look at the operation diagram of the BMC controller. And so Baseboard Management Controller is an interface for remote management and monitoring of server status. In essence, Baseboard Management Controller is a single-chip system, as it is correctly called System-on-a-Chip, SoC. BMC has a built-in graphics engine that accesses and interacts with the main components motherboard server hardware, through various interfaces necessary for the operation of the IPMI standard. What's good about IPMI is that it doesn't depend on operating system host server. Personally, I use IPMI to flash the BIOS of servers and install the server operating system.
IPMI can also work behind NAT, for example in data centers; people are given the opportunity to manage their server this way, useful if it freezes. For NAT you will need to open the following ports:
- TCP 80: HTTP
- TCP 443: HTTPS
- TCP 5900, 5901: graphical console
- TCP 5120, 5123 - Virtual Media traffic
- UDP 623:IPMI
What does an IPMI port look like on servers?
I will give an example of how this management port looks on a physical SuperMicro server. I have highlighted it with an arrow; most often it is located above the USB ports.
Next, you need to configure everything, how to set up IPMI on Supermicro servers in the BIOS or through the ipmicfg utility, I already told you, I won’t stop there.
Default password on IPMI
The standard login and password for IPMI will be ADMIN / ADMIN, in capital letters.
You will see a page with summary information about the system, which you can see in the picture, it gives you an overview of the system, IP address, firmware version number, BIOS version, as well as a preview of the remote console. You can immediately turn on the server if it is not working. I used the IPMI interface many times to turn on the server after it was accidentally turned off.
On the hardware information screen, you can view different hardware components to see specifications, etc.
Using the Configuration section, you can perform a variety of tasks including alerts, RADIUS authentication, network configuration (for IPMI itself), SMTP configuration for alerts, IP access control, syslogs, etc.
The Remote Control section is one of the more interesting things, since you will most likely be interested in having remote access to the server if you are primarily accessing IPMI.
In the Remote Control section, the power management menu allows you to:
- perform reset
- immediate power off
- gradual power off
- turning power on or off, all very handy if you're trying to remotely troubleshoot or power off and on a server.
The Launch SOL menu allows you to launch the SOL console.
Virtual Media is an amazing feature too. You can mount virtual media through a Windows share and present it as if it were plugged directly into the server. The only downside to IPMI is its 4.7 GB limit, which may not be enough for some new server OSes. VL copy Windows Server 2012 R2 weighs 5.1 GB, but this seems to be solved by updating the firmware.
To launch the remote control console in IPMI (Remote Console), click on the preview image, you should download java file. The browser may complain about it, click "Keep" to confirm the download.
In order to network administrators to maximize server uptime, there are many technologies and products available. Therefore, it was necessary that management standards be the same for everyone. Today, the IPMI (Intelligent Platform Management Interface) standard is one of the most important open standards and is present on all Supermicro platforms.
Most Supermicro motherboards contain a special slot that supports IPMI 2.0 cards (IPMI over LAN). IPMI technology makes it possible to remotely manage and restore a server regardless of its status and condition. Communication with the remote management console is provided using the built-in network controller, using additional bandwidth. This is a hardware solution that is independent of the operating system. IPMI 2.0 is a fast and inexpensive way to remotely manage, monitor, diagnose and restore a server.
Since IPMI is completely independent of the operating system, monitoring, management, diagnostics and system recovery can be carried out even when the OS is frozen or the server is offline. IPMI technology implements functions to display notifications about the need to restore components - this makes it possible to monitor the state of the system and respond to possible hardware problems before they occur. The likelihood of such problems is also reduced by the hardware monitoring function. In addition, you can monitor tampering with the server hardware if you configure the IPMI system to detect openings of the enclosure. Personnel security is ensured by the use of multi-level rights and passwords in conjunction with identification and linear encryption technologies. Some IPMI 2.0 modules support KVM-over-Lan. This makes it possible to remotely log into the operating system on the server and perform the necessary manipulations to configure it, or to install and remove the necessary programs.
IPMI is easy to use because it usually comes already integrated into a server or a separate device. And most importantly, it does not require financial expenses. And allows you to control the system at those moments when software are powerless - for example, when the OS freezes. Thus, IPMI technology and existing facilities and management methods complement each other perfectly. And for effective server management it is necessary to use both software and hardware resources. -
Benefits of IPMI technology
- Remote control of power supplies, fans, voltage and temperature regardless of type and condition central processor and operating system
- Keeping a log of current events
- Support DOS, BIOS setup, Windows 2003, Linux
- Control of buttons on the body: Reset; Power down; Power up
Password protection
Altusen IP9001 and IPMI modules: embedded tools for remote computer management
Remote control modules, among which KVM switches are the most famous, are usually made in the form of external structures. But there is another class of devices, also designed for remote manipulation of server equipment, built directly into the controlled object. Every System Administrator cannot imagine its activities without using remote access to supervised servers, and in two options: remote monitoring of equipment status and remote execution of administrative functions. Typically, these tasks are solved by accessing a text console or a graphical shell desktop. Organize remote control possibly in different ways, the most common of which are software. Almost every manufacturer of servers and storage systems includes software for remote status monitoring, notification of critical situations, and equipment administration.
Not least important are the built-in remote access tools provided by the OS, not counting individual third-party products. But sometimes software tools are powerless to help troubleshoot problems without direct access to the server. This happens, for example, during a hardware failure, and only a “cold” restart or even the need to turn off/on the power can correct the situation. In such cases, a specialized hardware and software solution comes to the rescue, which is a special controller installed on the motherboard. Its power is provided from a standby source or even autonomously. It can be accessed via a network interface; in addition, there may be another channel - through a standalone COM port or modem. Such a controller has access to sensors on the motherboard, and can also perform a hardware reset and turn the power on/off. These functions are managed from the administrator's workstation, on which a client is installed that interacts with the controllers and allows monitoring/control of a group of servers equipped with such modules.>
Altusen IP9001 The IP9001 controller is essentially a “computer within a computer.” This solution ensures complete hardware independence from the managed server. Access to the remote node is carried out via a Web interface and allows you to perform any operations with the managed computer, including turning on/off and hard reset. The device is a PCI controller for remote control via the TCP/IP protocol, designed for installation on any computer equipped with an appropriate interface. In fact, IP9001 is an independent computer with its own IBM PowerPC 405GPr processor - a 400 MHz version of the already known 405GP, available with clock frequencies of 266 and 300 MHz. This processor includes an integrated PCI interface, SDRAM and Ethernet controllers. In addition to the required RAM and ROM, the board has its own ATI Rage XL graphics controller, and for connecting to the network it has an RJ-45 Ethernet port. Also worthy of attention is the possibility of working through telephone network using an additional modem module (RJ-11 connector) - it will help out if there is no access to the managed node via local network. In addition to the above, the remote control module is equipped with a decent set of peripheral interfaces, including RS-232 and a USB 2.0 hub. The device is powered in two ways - through PCI bus and an external source designed to provide independence from the managed computer. Control from a remote console provides the operator with the full range of capabilities available directly from the server itself, including working in Remote Console mode, monitoring system voltage and temperature, turning on/off, and rebooting. Support virtual disk, CD and floppy drives allow you to install updates, software and boot the OS from media physically located on the remote workstation. The software allows support for 64 accounts with differentiated management access rights for each operator. The device is designed to use operating Windows systems 2000/2003/XP, Red Hat versions 8.0 and higher. IPMI (Intelligent Platform Management Interface).
Another type of embedded device designed exclusively for server platforms is based on a set of IPMI specifications developed by a group of manufacturing companies server equipment Intel, HP, NEC and Dell for remote monitoring/management tools. It included three specifications: Intelligent Platform Management Interface; Intelligent Platform Management Bus (IPMB) and Intelligent Chassis Management Bus (ICMB). IPMB - specification of the internal interface for advanced monitoring/control within a single system, ICMB defines the specifications external interface between IPMI-compatible systems.
IPMI extenders, despite their small size, provide full control over the server. After the release of version 1.0 in 1998, version 1.5 was released, and the 2.0 specification is currently relevant. This standard has already been supported by 171 equipment manufacturers, and the list continues to grow. Version 1.5 was approved in the first quarter of 2001. It already included the following features: means for monitoring temperatures, voltages, fan speeds, case tamper sensors; reset and power management; event logging; watchdog circuit (WatchDog Timer); access and notification via COM port and local network; specialized tires for monitoring. Version 2.0 was adopted in February 2004. It includes a number of additional features, such as Serial Over LAN, packet encryption, internal and external protocols, improved protection against unauthorized access, added extensions for monitoring modular structures (blade servers) and tools for creating virtual (management only) networks. Server motherboards on the Intel 7500 platform for Xeon Prestonia with a 400 MHz bus were equipped with IPMI. It was an SMC-0001 module, compatible with IPMI-1.5, designed as a small board with a specialized processor and its own COM port in a design similar to SO-DIMM memory modules. Almost all boards on the Intel 7520/7525/7320 platform, as well as Intel 7221 for Pentium 4 is equipped with the AOC-IPMI20-E module, which is already compatible with IPMI 2.0.
IPMI architecture version 2.0. Today this is the main standard adopted by server system developers
On server platforms 7230 for Pentium D and 1U platforms of the 6014P series for Xeon, a new design for IPMI cards has appeared. It has a connector similar to PCI-X x16, only with an “inverted” key. These cards (AOC-1UIPMI-B and AOC-LPIPMI-LANG) are functionally similar to the AOC-IPMI20-E, but are equipped with an additional Gigabit network Intel card 82541PI. The AOC-LPIPMI-LANG module is designed for installation in a regular or 2U case, and the AOC-1UIPMI-B is designed for installation in a 1U case and is not equipped with a network card (it is optionally available as a separate AOC-1UIPMI-LANG module). By default, AOC-IPMI20-E uses the first network controller available on the motherboard, and AOC-1UIPMI-B and AOC-LPIPMI-LANG use its additional one, if installed. When installed in the IPMI module, the Firmware corresponding to the motherboard is first programmed, and then the IP address is set. In the operating system, the same network card can be used in parallel for other needs with an IP address different from that set for IPMI. As a rule, for security reasons it is recommended to allocate a separate network to the latter. Used for monitoring/controlling systems with IPMI adapters special utility IPMIView20, which recognizes adapters of all versions. It allows you to find IPMI adapters in a given address range, and group the detected systems according to a certain criterion. To gain access to a specific server, it is necessary to pass password authentication, and IPMI 2.0 uses password control and encryption, as well as multi-level differentiation of access rights. Software for managing servers via IPMI provides the operator with not only a set of basic functions, but also monitoring data in a convenient graphical form The main monitoring/control capabilities provided by IPMI adapters, standards: logging system events, monitoring temperatures, voltages, fan speeds, and other sensors. It is possible to reboot, turn on/off and Cycle - sequentially turning off and then turning on the power. All these functions are available in two modes: Graceful Power Control - correct shutdown of the operating system through the agent installed on it (the GPC agent is available only for Windows and Linux), and Chassis Power Control - hardware reset/power off. Access to the text console is provided by reassigning it to a COM port and implementing SOL-redirection (Serial Over LAN). The latter allows you to access the text console of a remote server and change remotely, for example, BIOS settings. In the same way, you can access the Windows boot menu or the Linux/UNIX text console.
Afterword
The devices described in the review are designed to perform the same task - to simplify the maintenance of remote systems as much as possible. The main difference between them is the scope of application. While Altusen IP9001 is suitable for any system, the installation of IPMI modules is limited exclusively to server platforms. Today, many development companies strive to include such modules as part of their systems. So, on June 15, ATEN International Co. Ltd. announced that its new IPMI firmware solution has been officially selected by Micro-Star International Co. Ltd. (MSI) for its server product line. MSI will integrate the ATEN firmware solution into its line of AMD servers to provide customers with the necessary server management functions. Separately, it is worth noting that Supermicro is preparing new AOC-SIMLP IPMI 2.0 monitoring/management tools for the Bensley platform, which will have built-in KVM Over LAN capabilities via IPMI .
Publisher: websiteworks, January 05,2015Internet servers are the “backbone” of any company’s online presence. Making sure that they remain fully operational is critical to maintaining website uptime and functionality. The current industry standard for monitoring and managing a server installation is known as Intelligent Platform Management Interface and commonly referred to as IPMI.
What is IPMI?
Generally speaking, IPMI is a standardized set of specifications for a hardware system, which allows a web host or data center to centrally monitor and control all of the servers it is managing. It was originally developed by Intel with support from Hewlett Packard, Dell, and NEC, and is now supported by most of the industry.
IPMI works in tandem with two other standard specification sets, IPMB (Intelligent Platform Management Bus) and ICMB (Intelligent Chassis Management Bus), which handle the management functions within a computer and between the machines being managed. Communication is usually handled through a direct out-of-band LAN, but it’s also possible to use a sideband LAN through a NIC card which is a less expensive approach.
Most of the key factors in a server’s hardware operation can be monitored via IPMI, including the health of the power supply, chassis security, and fans. It also tracks power levels, temperature and other important environmental factors. Additionally, the interface can check each machine’s hardware logs, can receive pre-defined alerts, and can send messages to a server to reboot or power down. It even allows remote adjustment of BIOS settings.
The front-end of an IPMI system is extremely user-friendly. Keyboard, mouse and video access to individual servers functions in the same way they would for an engineer or technician working directly on the machine. In the event a server is inaccessible, the error is clearly displayed on the monitoring console and the user may login directly from IPMI to modify specific network configurations.
A modified and simplified variant on IPMI, known as DCMI (Data Center Management Interface), is often used by data centers because it includes some functions important for their systems (such as capping power to a server) while eliminating others which aren't needed for their purposes.
Benefits Of IPMI
There are a number of reasons IPMI is superior to more traditional software used for server system diagnosis. Most of them are based on the facts that IPMI is able to manage machines in multiple physical locations, and that it is able to monitor machines “from without” rather than “from within”; that is, it is firmware running on a machine’s motherboard and is not dependent on a machine’s operating system. The major benefits:
- “Agentless” management with remote functionality: no management agents are needed for a server’s OS, and machines can be rebooted and managed off-site.
- Recovery independent of computer state: IPMI can issue commands to managed machines whether or not they’re powered on, as long as they are plugged in.
- Functionality before booting or after operating system failure: IPMI is able to facilitate adjustment to BIOS or other settings regardless of OS status, as opposed to traditional methods which require OS access or SSH login.
- Predictive monitoring: server health is constantly monitored, to provide advance warning of possible system failures.
- Advance diagnosis: IPMI often allows diagnosis of system issues before repairs are initiated, saving time and money particularly if a machine is off-site.
- Simple use: control is centralized so that system configuration changes or power up/power down can be handled with a monitor, keyboard, and mouse.
- Universally supported: IPMI is supported by almost all hardware vendors, and is often included in the price of server purchase.
Drawbacks Of IPMI
There are only a few major drawbacks to IPMI, and in almost all cases, they are far outweighed by the benefits.
- Initial configuration can sometimes require several attempts, although clearing network configurations through the BIOS can usually solve the problem.
- Networking may fail after switching ports on the motherboard or after installing IPMI patches. These issues are usually easily solvable by rebooting; occasionally, reconfiguration is necessary.
- Some analysts claim that IPMI isn’t as secure a system as it could be. They believe that design weaknesses in protocols and configuration make IPMI installations vulnerable to attack or compromise despite patches.
Despite these few issues, IPMI has been almost universally adopted by data centers and web hosts as the most efficient and economical way to monitor and manage their networks.
Implementation of remote control and monitoring computer systems large equipment manufacturers began to work closely at the end of the last century. With the rapid growth of computerization and the emergence of distributed networks of large enterprises and organizations, a technology was required that would allow centralized management of the most important nodes without direct local access to the computer. First of all, large manufacturers of server platforms have implemented the ability to perform remote access on a server, which may be located in a neighboring building or on the other side of the planet, allowing service personnel to perform the following operations:
Turn the power on or off.
Perform a hard reset of the computer.
View or change BIOS settings.
Install the operating system using virtual media.
Manage the operating system remotely using standard devices input - output.
Monitor the technical condition of the most important equipment components.
Perform hardware platform maintenance operations ( BIOS firmware motherboard or certain controllers) and providing authorized access to it.
As a result of joint efforts of major server equipment manufacturers (Intel, Dell, NEC and Hewlett-Packard), a specification was developed intelligent platform management interface (IPMI), which has become a standard for implementing remote access to computer equipment of server platforms.
Purpose and implementation of the IPMI interface.
IPMI(from the English Intelligent Platform Management Interface) is an intelligent platform management interface designed for autonomous monitoring and management of functions built directly into the hardware and firmware of server platforms. In other words, IPMI is a management tool that is implemented independently of the main server equipment and ensures that it is turned on, turned off, reset, remotely connected to virtual monitors, keyboards and mice, monitored the operation of equipment and notified about important events related to server performance. The IPMI specification version 1.0 was published back in 1998. and was based on connection to the IPMI module via serial interface RS-232. Subsequent IPMI 1.5 and 2.0 specifications are based on the use of a standard network interface.
The core of the server platform management system is a specialized device - Baseboard Management Controller (BMC), which is practically a specialized computer built into a server platform, having its own processor, memory, peripherals and operating system. The BMC module is powered by the standby voltage of the power supply (+5V Standby) and, accordingly, begins to work as soon as the primary voltage of 220V is applied to the input of the power supply, regardless of whether the computer is turned on or not.
The IPMI specification does not set strict standards for the implementation of IPMI devices. They can be made in the form of a separate adapter, can be soldered directly on the motherboard, or made as a separate microcontroller. Currently, the most common BMC controllers integrated into server motherboards are based on System-on-Chip (SoC) technology, allowing for both effective interaction with the managed platform and a huge number of remote monitoring functions, notification of important events via e-mail or SNMP, logging, etc.
BMC controllers for server motherboards connect to them via a system interface called IPMB(Intelligent Platform Management Bus/Bridge) or to other BMC controllers via interface IPMC(Intelligent Platform Management Chassis). For remote control of equipment via the BMC controller, a special application level protocol can be used Remote Management Control Protocol (RMCP), providing operation via a regular local network. As a rule, modern BMC controllers provide management of server platforms via a web interface, and also provide remote connection of CD/DVD devices and operation of a keyboard-video-mouse over a network (IP KVM), which makes it easy to perform, for example, changing BIOS settings or performing installation operating system without having physical access to the server hardware.
Basic capabilities for controlling the motherboard via the IPMI interface.
Let's look at the possibilities of server management via the IPMI interface using the example of the Supermicro X8DTT-IBQF motherboard with an integrated Nuvoton WPCM450 Baseboard Management Controller with IPMI 2.0 support.
Controller Nuvoton WPCM450 supports PCI graphics core, Virtual Media devices (virtual CD/DVD) and Keyboard/Video/Mouse redirection KVM). To connect to the local network, an external Ethernet controller is used, soldered on the motherboard.
Platform control buses are used to interact with the components of the managed system. Platform Environment Control Interface (PECI). There is a jumper on the motherboard to disable the BMC controller if the need arises. Also, it has a BMC LED (BMC Heartbeat LED) to indicate the operating status of the controller - a green flickering indicator indicates that the BMC is working normally.
Connection to the local network is made through the RJ-45 port, designated as IPMI_LAN
The initial configuration of the IPMI interface is performed in the section Adnanced – IPMI Configuration main BIOS.
Status of BMC BMC controller status
View BMC System Event Log- viewing the system event log (SEL), which is maintained by the BMC controller.
Clear BMC System Event Log- clearing the event log
Set LAN Configuration- setting up the network configuration of the adapter used by the BMC controller. You can configure it to receive the IP address, mask, and gateway address automatically via DHCP, or set them manually.
Set PEF Configuration- setting up a filter for events registered by the Platform Event Filter (PEF) controller. In this menu item, you can configure the controller’s reaction to certain events, such as turning off the power when the temperature increases or the fan speed decreases. By default, event filtering is disabled.
BMC Watch Dog Timer Action- you can configure polling of the state of the managed system and its reset, reboot or power off when it freezes. By default, disabled.
The main capabilities for managing and monitoring the status of the platform are available through the web interface. To connect to the BMC module, use any browser with java support, including address bar in which the IP address of the IPMI device is entered and, after connection, authorization is performed using the username and password specified in the documentation or specified in user settings. The default username and password for Supermicro IPMI devices is - ADMIN/ADMIN. After successful authorization, the main platform management window will open with the “System Information” tab activated:
The “Server Health” tab allows you to monitor the status of the server hardware:
Sensor Reading- viewing data from monitored sensors
Sensor Reading with Thresholds- viewing data from monitored sensors and threshold values
Event Log- view the event log
The displayed sensor information includes their names, status, and read value. There are buttons at the bottom of the screen Refresh- update sensor data and Show Thresholds- show threshold values. Via submenu Select a sensor type category you can select the type of sensors (temperature, voltage, etc.). Example of information displayed:
Viewing the event log allows you to determine the time of occurrence of the detected sensor state and obtain it short description and assess the level of danger to the operation of the equipment. Example of information displayed:
Tab Configuration allows you to configure alerts about equipment status, change network parameters, and configure an access policy for an IPMI device.
Alerts- setting up alerts. You can create up to 15 entries with different alert rules. It is possible to specify the category of events for which notification is performed - information, warning, critical event, unrecoverable state. Notification is possible by email or by sending an SNMP trap. In the first case, you must specify the e-mail to which the letter will be sent when an event of a given category occurs; in the second, the IP address of the server that collects SNMP alerts. When using notification via email, you must specify the IP address and port of the SMTP server and the sender address in the section SMTP
Sections LDAP, Active Directory , RADIUS,Users And SSL certificate are configured depending on the security requirements for access to IPMI devices. In chapter Network you can change the network settings IP address, mask, gateway. In chapter Ports- port numbers that are used when emulating virtual boot devices, video monitor, keyboard and mouse. You can also change the port number for web access to the IPMI device.
Tab Remote Control allows you to connect remotely to the server console using a java applet. Please note that when connecting for the first time, the console may not work for a long time, since the applet requires launching virtual machine Java. In addition to the usual terminal emulation, this program allows you to record a work session through the menu Video – Capture Screen, using the software keyboard ( Keyboard – Soft Keyboard) and connecting virtual media ( Media – Virtual Media Wizard)
Tab Remote Control used to turn on, turn off and reset the server.
Tab Maintenance- to update the firmware and force reset of the IPMI device.
In addition to manual equipment control, the IPMI interface allows you to configure a warning system using Email about important events related to the operation of equipment - changes in temperature, voltage, fan speed, occurrence of correctable memory errors (ECC), etc. It is also possible to monitor using the SNMP (Simple Network Management Protocol) protocol.
IPMI implementation may vary depending on the hardware manufacturer and motherboard model. So, for example, for many server Intel platforms IPMI connection via a web browser is provided by a special remote management module – Remote Management Module ( RMM), which is not included in the standard package and must be purchased separately. Moreover, there are several editions of these modules that are completely incompatible with each other; the RMM3 module cannot be installed on a platform that supports RMM4 and vice versa. When installing or replacing the RMM module, you must refer to the documentation that came with the motherboard.
In addition, for example, on many Supermicro platforms, when IPMI equipment is turned on, a link must be present at the input of the Ethernet port, otherwise access to the IPMI interface over the network will not work.
To manage platforms via the IPMI interface, not only a browser can be used, but also software developed by equipment manufacturers, such as a utility with graphical interface from Supermicro IPMI View
There are also command line utilities IPMICFG And SMCIIPMITOOL.
Loading...
