Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote - PowerPoint PPT Presentation

Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX 2007 fall meeting

IMAGE: trolley Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 2 HEPiX 2007 fall meeting

IMAGE: racks Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 3 HEPiX 2007 fall meeting

CERN History 2003 serial consoles with logging SLAC example and software remote restart SysRq affordable but cabling is an issue Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 4 HEPiX 2007 fall meeting

IMAGE: serial cabling Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 5 HEPiX 2007 fall meeting

CERN History (cont'd) 2007 serial console for ~5000 hosts IPMI power control for ~900 most future deliveries to use IPMI console, power (ACPI!), reset, SysRq Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 6 HEPiX 2007 fall meeting

Free Extras? Orderly (ACPI) emergency shutdown Switch off unneeded capacity Bootup in service order ... Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 7 HEPiX 2007 fall meeting

Monitoring via IPMI Available remotely... ...but we do this in-band What we monitor: thermal and voltage alarms failed PSUs (PSU support required) ECC errors, PCI parity errors Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 8 HEPiX 2007 fall meeting

IPMI tips, tricks, magic Add-on card (BMC): motherboard support req'd Don't believe the vendors: TEST some blades have IPMI within the chassis only What to look for: IPMI 2.0 – encrypted authentication (no 1.5 please) RMCP+ – encrypted wire transfer (for console) Physical interface shared with host or separate? Management firmware, access control, own IP+MAC addresses ... Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 9 HEPiX 2007 fall meeting

Integration iCow: wrapper for consoles also integrates XEN VM consoles solves logging, keeps user interface SysRq (Break) different Password management per-host generated random passwords user interface for power control Power control: could integrate with VM ”virtual power button”? Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 10 HEPiX 2007 fall meeting

Future? IPMI for several years Intel Active Management Technology? too complex, security concerns KVMs and/or HTTP in BMC? too complex, no added functionality (for us) Would like: authentication options in BMC Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 11 HEPiX 2007 fall meeting

Links IPMI: http://www.intel.com/design/servers/ipmi/ https://twiki.cern.ch/twiki/bin/view/FIOgroup/IpmiRef ipmitool http://ipmitool.sourceforge.net/ console over IPMI: https://twiki.cern.ch/twiki/bin/view/FIOgroup/TsiConsoleIPMI Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 12 HEPiX 2007 fall meeting