www.bundesbrandschatzamt.de
Babblings about Systems Administration.

IPMI

I am using IPMI and other out-of-band management interfaces since 2006.

Sometimes they are referred to as BMC, ILOM or Remote Supervisor Adapter (RSA). There are quite some differences:

Cheapest models supply only features like power on/off, reset and serial-over-lan. They work quite well and fit most needs. If you spend more money you get features like upload of floppy images, mounting remote CD/DVD or even KVM capabilities. Nowadays you have often a web interface. Sometimes you get a dedicated LAN port for it. Quite often its shared with LAN0. Both versions work well and it depends more on your grade of paranoia which type you prefer. If you buy server hardware you get the basic module for free. In a Linux environment you can stay with that type. For Windows I recommend using the KVM version. Even though Windows Server can do serial-over-lan since version 2003.

Your first task is probably to enter the BIOS and enable this baby. Enable the option stay on after boot, too. Sometimes you can configure the ip address for your remote management board here, too. But we can do this later.

I assume you have already installed CentOS or some other RHEL type Linux.

you have to install ipmi:

sudo yum install OpenIPMI OpenIPMI-libs ipmitool

Now you must load some kernel modules:

modprobe ipmi-devintf
modprobe ipmi-si
#+END_SRC bash

After these steps you should see your ipmi interface and can use it:

#+BEGIN_SRC bash
ipmitool shell

This is a typical configuration process you do in ipmitool shell:

lan set 1 ipaddr 192.168.42.42
lan set 1 netmask 255.255.255.0
lan set 1 defgw ipaddr 192.168.42.1
lan set 1 defgw macaddr 00:30:48:84:BD:16
user list 1
user set password 2

user set name 3 monitor
user set password 3
channel setaccess 1 3 link=on ipmi=on callin=on privilege=2
user priv 3 4
user enable 3
sol set volatile-bit-rate 19.2 1
sol set non-volatile-bit-rate 19.2 1
mc reset cold

With the last command you reboot your management board and it will be available soon. You can use ipmitool from another host and use the serial console with sol activate. Best practise is to use dns entries for all your management boards. Something like yourhost-ipmi.yourdomain or yourhost-rm.yourdomain makes life easier. If you do this before configuring the server you can automate the process. Just do a nslookup in your script and you get the ip you need for your configuration.

Your hardware is now ready but your operating system needs some changes, too.

RHEL 6 made life easier. Just 2 little tweaks and you are done. First your /etc/securetty/:

ttyS0
ttyS1
#+END_SRC bash

Now you have to modify your /=/boot/grub/grub.conf/=/. You can append console=ttyS0 to
Kernelparameters. Multiple console entries are possible but the last console entry
is the real console waiting for in input in case of any errors like check disk:
#+BEGIN_SRC bash
kernel /vmlinuz-2.6.32-220.7.1.el6.x86_64 quiet console=tty0 console=ttyS0,19200n8 panic=60

above the menu entries you add these lines:

serial --unit=0 --speed=19200
terminal --timeout=10 serial console

Now you can reboot and see the output on your serial console and login as root. If you run something like CentOS 5 you have some more work. Your /etc/inittab/ needs these lines:

# Local serial lines:
s1:12345:respawn:/sbin/agetty -L ttyS0 19200 vt100
s2:12345:respawn:/sbin/agetty -L ttyS1 19200 vt100

If you wonder: Why the heck 19200 baud? Well, sometimes your serial terminal output misses some bytes if you go higher. I never had issues with 19.2k. Keep in mind that delete and backspace are probably inverted. You have to press backspace to enter the BIOS. Typical command lines to start ipmi from a remote server are these:

ipmitool -I lan -H yourhost-ipmi -U ADMIN shell
ipmitool -I lanplus -H yourhost-ipmi -U ADMIN shell

Depending on your board you have to use lanplus or lan.

I recommend using - and not a subdomain like yourhost.ipmi.yourdomain. With dash you can use autocompletion. The dot breaks autocompletion and you would have to type the whole domain.