ipmi
play

IPMI Matthew Garrett <matthew.garrett@nebula.com> - PowerPoint PPT Presentation

Jun 13, 2023 •288 likes •595 views

IPMI Matthew Garrett <matthew.garrett@nebula.com> Intelligent Platform Management Interface Solves the biggest problem in server admin (How do you turn it off and turn it on again without having to leave your desk?) IPMI Remote

  1. IPMI Matthew Garrett <matthew.garrett@nebula.com>

  2. Intelligent Platform Management Interface

  3. Solves the biggest problem in server admin

  4. (How do you turn it off and turn it on again without having to leave your desk?)

  5. IPMI ● Remote power control ● Watchdog ● Boot order ● Serial over LAN ● Sensor monitoring ● Alarms

  6. Vendor differentiation ● Remote console ● Firmware configuration ● Virtual CD device

  7. IPMI ● Linux is near ubiquitous ● Your network contains embedded Linux

  8. Your network contains embedded Linux

  9. Your network contains embedded Linux

  10. Your network contains embedded Linux

  11. Your network contains embedded Linux

  12. Your network contains embedded Linux

  13. IPMI wants to be free ● Having a separate BMC network is difficult and expensive ● So why not just steal packets from the host NIC?

  14. Security isn't great ● Old software ● Insecure software ● Bad software

  15. Security isn't great

  16. Security isn't great ● Authentication, encryption, attestation ● Pick any number

  17. Security isn't great ● Authentication, encryption, attestation ● Pick any number ● (including 0)

  18. Security isn't great ● Spec requires that the BMC hand over the hashed password

  19. Security isn't great ● Usernames may be hardcoded

  20. Best practices ● Physically distinct network ● Make sure they're all plugged in ● Change default credentials ● Change default usernames ● Disable unused users ● Disable cipher 0

  21. Ponies

  22. Server deployment is tedious ● Takes a long time to access firmware ● Opportunity to make mistakes ● Inconsistent configs = inconsistent performance

  23. More vendor differentiation ● Vendor tools for config ● Vendor APIs for config ● Lock-in with vendor tooling ● Annoying for heterogeneous networks

  24. Wouldn't abstraction be nice? ● Spoiler:

  25. Wouldn't abstraction be nice? ● Spoiler: – (yes)

  26. python-firmware-config import firmware-config fw = firmware-config.create(“cisco”, “192.168.0.20”, “admin”, “admin”) options = fw.get_options if options['TPMSupport']['current'] != “enabled”: options['TPMSupport']['new'] = “enabled fw.set_fw_options(options)

  27. Mostly vendor-neutral ● API identical between vendors ● Option names differ ● Semantics may vary

  28. Currently supported vendors ● Cisco ● Dell

  29. Currently supported vendors ● Cisco ● Dell ● (Your name here)

  30. Free software ● Apache 2.0 license ● http://github.com/nebula/firmware_config

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

IPMI, SlowControl, DQM Status, Performance, Lessons learned (Seeon, 13.5.2016) B. Spruck,

IPMI, SlowControl, DQM Status, Performance, Lessons learned (Seeon, 13.5.2016) B. Spruck,

IPMI, SlowControl, DQM Status, Performance, Lessons learned (Seeon, 13.5.2016) B. Spruck, 13.5.2016, p. 1 IPMI @ DESY TB IPMI @ DESY TB IPMI Monitoring and Control Boards 2 IPMC used on ONSEN Carrier 2 MMC used on ONSEN AMC cards (none

360 views • 13 slides
An overview on CINNAMON An update on IPMI monitoring @ CERN IT Luca Gardi September 30, 2020 An

An overview on CINNAMON An update on IPMI monitoring @ CERN IT Luca Gardi September 30, 2020 An

An overview on CINNAMON An update on IPMI monitoring @ CERN IT Luca Gardi September 30, 2020 An overview on CINNAMON 2 What is CINNAMON? What does CINNAMON do? Introduction to IPMI Design and architecture Improvements Monitoring and

375 views • 35 slides
Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX

Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX

Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX 2007 fall meeting IMAGE: trolley Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 2 HEPiX 2007 fall meeting IMAGE: racks Andras

349 views • 12 slides
Interpreting Complex Images Using Appearance Models Chris Taylor Imaging Science and Biomedical

Interpreting Complex Images Using Appearance Models Chris Taylor Imaging Science and Biomedical

Interpreting Complex Images Using Appearance Models Chris Taylor Imaging Science and Biomedical Engineering University of Manchester Acknowlegments Tim Cootes Gareth Edwards Christine Beeston Rhodri Davies (IPMI 2003 and PhD

509 views • 29 slides
Learnings from scaling Ironic at Yahoo Arun S A G saga@yahoo-inc.com zer0c00l on freenode Yahoo

Learnings from scaling Ironic at Yahoo Arun S A G saga@yahoo-inc.com zer0c00l on freenode Yahoo

Learnings from scaling Ironic at Yahoo Arun S A G saga@yahoo-inc.com zer0c00l on freenode Yahoo Inc May 08, 2017 https://github.com/sagarun/presentations/ Background and Architecture 1 / 25 Cluster Architecture OOB - ipmi power management

664 views • 49 slides
Are We Conversational Yet? A Design Study And Empirical Evaluation of Multi-Turn Dialogues For

Are We Conversational Yet? A Design Study And Empirical Evaluation of Multi-Turn Dialogues For

Are We Conversational Yet? A Design Study And Empirical Evaluation of Multi-Turn Dialogues For Virtual Assistants Project Pitch CS294S Fall 2020 Almond is out there, now what? Almond 1.99 released in September 2020 First assistant to

113 views • 8 slides
The Knowledge Grows Beth Tucker Long Who am I? Beth Tucker Long PHP Developer

The Knowledge Grows Beth Tucker Long Who am I? Beth Tucker Long PHP Developer

The Knowledge Grows Beth Tucker Long Who am I? Beth Tucker Long PHP Developer Stay-at-home mom User group leader Mentor &amp; Apprentice OSMIhelp.org Open Sourcing Mental Illness Handbooks to help improve workplaces

1.1k views • 85 slides
Last minute information Antoine, Pierre January 26 th 2020, Paris Table of contents 1. New

Last minute information Antoine, Pierre January 26 th 2020, Paris Table of contents 1. New

Last minute information Antoine, Pierre January 26 th 2020, Paris Table of contents 1. New information 2. Coaches 3. Reminders 4. Spoiler 1 New information Rule reminder TShirts and badges are mandatory on the contest floor Nothing

327 views • 18 slides
The Effect of State Policy Suites on Solar Markets Hosted by Warren Leon, Executive Director,

The Effect of State Policy Suites on Solar Markets Hosted by Warren Leon, Executive Director,

State-Federal RPS Collaborative Webinar The Effect of State Policy Suites on Solar Markets Hosted by Warren Leon, Executive Director, CESA Monday, February 2, 2015 Housekeeping www.cleanenergystates.org 2 About CESA Clean Energy States

631 views • 30 slides
Optimal Orientation On-line Lech Duraj Grzegorz Gutowski Theoretical Computer Science Department

Optimal Orientation On-line Lech Duraj Grzegorz Gutowski Theoretical Computer Science Department

Introduction Lower bound Upper bound Summary Optimal Orientation On-line Lech Duraj Grzegorz Gutowski Theoretical Computer Science Department Jagiellonian University SOFSEM 2008 Lech Duraj, Grzegorz Gutowski Optimal Orientation On-line

927 views • 49 slides
Programming up to Congruence Vilhelm Sj oberg and Stephanie Weirich University of Pennsylvania

Programming up to Congruence Vilhelm Sj oberg and Stephanie Weirich University of Pennsylvania

Programming up to Congruence Vilhelm Sj oberg and Stephanie Weirich University of Pennsylvania October 14, 2013 WG 2.8 Aussois, France FP + dependent types What does this mean? Goal A functional programming language with an expressive

603 views • 33 slides
Sets, Maps, Bit Sets Section 2.3 Dr. Mayfield and Dr. Lam Department of Computer Science James

Sets, Maps, Bit Sets Section 2.3 Dr. Mayfield and Dr. Lam Department of Computer Science James

Sets, Maps, Bit Sets Section 2.3 Dr. Mayfield and Dr. Lam Department of Computer Science James Madison University Oct 02, 2015 C/C++ pointers For those unfamiliar with pointers . . . int i; // integer int *p; // integer pointer p =

413 views • 15 slides
1 Principal Components Analysis 1. PC analysis is one of several statistical factor analysis

1 Principal Components Analysis 1. PC analysis is one of several statistical factor analysis

Announcement: Papers due on Wednesday. Next week set aside for presentations. You decide amongst yourselves how to split up the presentation duties (everyone should say something though). We will do the presentations on Zoom. Too many

321 views • 3 slides
Logical laws for random graphs Maksim Zhukovskii Moscow Institute of Physics and Technology

Logical laws for random graphs Maksim Zhukovskii Moscow Institute of Physics and Technology

Logical laws for random graphs Maksim Zhukovskii Moscow Institute of Physics and Technology IPMCCC April 18 2019 1 / 34 Examples A graph is... 2 / 34 Examples A graph is... triangle-free x 1 x 2 x 3 ( x 1 x

1.61k views • 104 slides
Decidability of branching bisimulation on normed commutative context - free graphs W ojciech

Decidability of branching bisimulation on normed commutative context - free graphs W ojciech

Decidability of branching bisimulation on normed commutative context - free graphs W ojciech Czerwi ski Piotr Hofman S awomir Lasota University of W arsaw Problem Problem Given: infinite graph G, two vertices u, v Problem Given:

1.16k views • 112 slides
The Composition Method Wolfgang Thomas Francqui Lecture, Mons, April 2013 Mastering compositions

The Composition Method Wolfgang Thomas Francqui Lecture, Mons, April 2013 Mastering compositions

The Composition Method Wolfgang Thomas Francqui Lecture, Mons, April 2013 Mastering compositions Wolfgang Thomas Overview 1. Motivation 2. m -equivalence and the EF-game 3. Applications 4. m -types 5. Monadic types Wolfgang Thomas

1.06k views • 40 slides
Constraints, Graphs, Algebra, Logic, and complexity Moshe Y. Vardi Rice University Constraint

Constraints, Graphs, Algebra, Logic, and complexity Moshe Y. Vardi Rice University Constraint

Constraints, Graphs, Algebra, Logic, and complexity Moshe Y. Vardi Rice University Constraint Satisfaction Problem (CSP) Input: ( V, D, C ) : A fi nite set V of variables A fi nite set D of values A fi nite set C of constraints

834 views • 38 slides
Exam Q&amp;A I&amp;E Basics/IBICT 2019 December 18th 2019 IBICT Attending 15 marks

Exam Q&amp;A I&amp;E Basics/IBICT 2019 December 18th 2019 IBICT Attending 15 marks

Exam Q&amp;A I&amp;E Basics/IBICT 2019 December 18th 2019 IBICT Attending 15 marks Battle report (group essay of ~12 pages) Deliver by beginning of January 3 marks Battle class performance (+1 for winner) 15 marks

391 views • 9 slides
Counterterrorism/ Counterinsurgency Class 8 - August 27 How can governments stop insurgents or

Counterterrorism/ Counterinsurgency Class 8 - August 27 How can governments stop insurgents or

Counterterrorism/ Counterinsurgency Class 8 - August 27 How can governments stop insurgents or terrorists? How can governments stop insurgents or terrorists? Use force Punitive military tactics Repression Police measures

564 views • 31 slides
Infinite and Finite Model Theory Part II Anuj Dawar Computer Laboratory University of Cambridge

Infinite and Finite Model Theory Part II Anuj Dawar Computer Laboratory University of Cambridge

Infinite and Finite Model Theory Part II Anuj Dawar Computer Laboratory University of Cambridge Lent 2002 3/2002 0 Finite Model Theory Finite Model Theory motivated by computational issues; relationship between language and

693 views • 67 slides
Connectivity Corollary. GRAPH CONNECTIVITY is not FO definable Connectivity Corollary. GRAPH

Connectivity Corollary. GRAPH CONNECTIVITY is not FO definable Connectivity Corollary. GRAPH

Connectivity Corollary. GRAPH CONNECTIVITY is not FO definable Connectivity Corollary. GRAPH CONNECTIVITY is not FO definable If A is a linear order of size n, let G( A ) be the graph with edges { i, i+2 mod n } for all a A Connectivity

905 views • 55 slides
SECURITY IN THE AGE OF FRAMEWORKS LUKA KLADARIC // L@K.HR // @KLL 1 FSec 2016 2 FSec

SECURITY IN THE AGE OF FRAMEWORKS LUKA KLADARIC // L@K.HR // @KLL 1 FSec 2016 2 FSec

SECURITY IN THE AGE OF FRAMEWORKS LUKA KLADARIC // L@K.HR // @KLL 1 FSec 2016 2 FSec 2016 ONCE UPON A TIME... 3 FSec 2016 WE WROTE OUR OWN CODE 4 FSec 2016 ALL OF IT. 5 FSec 2016 so we knew what was in it. we knew every

788 views • 68 slides
Absorber Introduction &amp; Overview Jim Hylen LBNE Hadron Absorber Core Advanced Conceptual

Absorber Introduction &amp; Overview Jim Hylen LBNE Hadron Absorber Core Advanced Conceptual

Absorber Introduction &amp; Overview Jim Hylen LBNE Hadron Absorber Core Advanced Conceptual Design Review 20 January 2015 Outline Summary of Requirements Brief description of absorber design Details of radiation &amp; energy

1.99k views • 51 slides
Bounding Data Races in Space and Time KC Sivaramakrishnan University of Darwin College, 1851

Bounding Data Races in Space and Time KC Sivaramakrishnan University of Darwin College, 1851

Bounding Data Races in Space and Time KC Sivaramakrishnan University of Darwin College, 1851 Royal OCaml Labs Cambridge Cambridge Commission 1 Multicore OCaml 2 Multicore OCaml OCaml is an industrial-strength, functional

1.2k views • 99 slides

More recommend