ipmi
play

IPMI Matthew Garrett <matthew.garrett@nebula.com> - PowerPoint PPT Presentation

Jun 13, 2023 •288 likes •595 views

IPMI Matthew Garrett <matthew.garrett@nebula.com> Intelligent Platform Management Interface Solves the biggest problem in server admin (How do you turn it off and turn it on again without having to leave your desk?) IPMI Remote

  1. IPMI Matthew Garrett <matthew.garrett@nebula.com>

  2. Intelligent Platform Management Interface

  3. Solves the biggest problem in server admin

  4. (How do you turn it off and turn it on again without having to leave your desk?)

  5. IPMI ● Remote power control ● Watchdog ● Boot order ● Serial over LAN ● Sensor monitoring ● Alarms

  6. Vendor differentiation ● Remote console ● Firmware configuration ● Virtual CD device

  7. IPMI ● Linux is near ubiquitous ● Your network contains embedded Linux

  8. Your network contains embedded Linux

  9. Your network contains embedded Linux

  10. Your network contains embedded Linux

  11. Your network contains embedded Linux

  12. Your network contains embedded Linux

  13. IPMI wants to be free ● Having a separate BMC network is difficult and expensive ● So why not just steal packets from the host NIC?

  14. Security isn't great ● Old software ● Insecure software ● Bad software

  15. Security isn't great

  16. Security isn't great ● Authentication, encryption, attestation ● Pick any number

  17. Security isn't great ● Authentication, encryption, attestation ● Pick any number ● (including 0)

  18. Security isn't great ● Spec requires that the BMC hand over the hashed password

  19. Security isn't great ● Usernames may be hardcoded

  20. Best practices ● Physically distinct network ● Make sure they're all plugged in ● Change default credentials ● Change default usernames ● Disable unused users ● Disable cipher 0

  21. Ponies

  22. Server deployment is tedious ● Takes a long time to access firmware ● Opportunity to make mistakes ● Inconsistent configs = inconsistent performance

  23. More vendor differentiation ● Vendor tools for config ● Vendor APIs for config ● Lock-in with vendor tooling ● Annoying for heterogeneous networks

  24. Wouldn't abstraction be nice? ● Spoiler:

  25. Wouldn't abstraction be nice? ● Spoiler: – (yes)

  26. python-firmware-config import firmware-config fw = firmware-config.create(“cisco”, “192.168.0.20”, “admin”, “admin”) options = fw.get_options if options['TPMSupport']['current'] != “enabled”: options['TPMSupport']['new'] = “enabled fw.set_fw_options(options)

  27. Mostly vendor-neutral ● API identical between vendors ● Option names differ ● Semantics may vary

  28. Currently supported vendors ● Cisco ● Dell

  29. Currently supported vendors ● Cisco ● Dell ● (Your name here)

  30. Free software ● Apache 2.0 license ● http://github.com/nebula/firmware_config

Recommend

IPMI, SlowControl, DQM Status, Performance, Lessons learned (Seeon, 13.5.2016) B. Spruck,

IPMI, SlowControl, DQM Status, Performance, Lessons learned (Seeon, 13.5.2016) B. Spruck,

IPMI, SlowControl, DQM Status, Performance, Lessons learned (Seeon, 13.5.2016) B. Spruck, 13.5.2016, p. 1 IPMI @ DESY TB IPMI @ DESY TB IPMI Monitoring and Control Boards 2 IPMC used on ONSEN Carrier 2 MMC used on ONSEN AMC cards (none

360 views • 13 slides
An overview on CINNAMON An update on IPMI monitoring @ CERN IT Luca Gardi September 30, 2020 An

An overview on CINNAMON An update on IPMI monitoring @ CERN IT Luca Gardi September 30, 2020 An

An overview on CINNAMON An update on IPMI monitoring @ CERN IT Luca Gardi September 30, 2020 An overview on CINNAMON 2 What is CINNAMON? What does CINNAMON do? Introduction to IPMI Design and architecture Improvements Monitoring and

375 views • 35 slides
Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX

Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX

Remote Management Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 1 HEPiX 2007 fall meeting IMAGE: trolley Andras Horvath, CERN IT FIO Large-Scale Remote Management via IPMI 2 HEPiX 2007 fall meeting IMAGE: racks Andras

349 views • 12 slides
Interpreting Complex Images Using Appearance Models Chris Taylor Imaging Science and Biomedical

Interpreting Complex Images Using Appearance Models Chris Taylor Imaging Science and Biomedical

Interpreting Complex Images Using Appearance Models Chris Taylor Imaging Science and Biomedical Engineering University of Manchester Acknowlegments Tim Cootes Gareth Edwards Christine Beeston Rhodri Davies (IPMI 2003 and PhD

509 views • 29 slides
Learnings from scaling Ironic at Yahoo Arun S A G saga@yahoo-inc.com zer0c00l on freenode Yahoo

Learnings from scaling Ironic at Yahoo Arun S A G saga@yahoo-inc.com zer0c00l on freenode Yahoo

Learnings from scaling Ironic at Yahoo Arun S A G saga@yahoo-inc.com zer0c00l on freenode Yahoo Inc May 08, 2017 https://github.com/sagarun/presentations/ Background and Architecture 1 / 25 Cluster Architecture OOB - ipmi power management

664 views • 49 slides

More recommend