translated by Google

Machine-translated page for increased accessibility for English questioners.

Remote server administration

Some servers are equipped with a special independent BMC processor (according to the manufacturer also iLO, iDRAC, etc.), which is connected to the motherboard and main processor, and which allows monitoring and control of hardware. This system can be connected via a separate IP address and is functional even if the main OS server is completely frozen. Common BMC options include power management, machine status monitoring, BIOS configuration, or operating system KVM / serial console access. Typically, the BMC has a web interface and / or IPMI (see below).

If your server supports it, we definitely recommend using this option and configuring BMC. The configuration varies between hardware and BIOS vendors, but we will try to cover the basics here. If you are interested in help, we will be happy to advise you on unix @ fi .

BMC

We recommend using a dedicated Ethernet port. If the server has a single Ethernet port, it is often possible to set up a tagged VLAN for the BMC. We will assign the address after delivery of the MAC address - for security reasons it will be due to the faculty's private scope and we will allow access only from the agreed machines or part of the FI network. Obtain the network configuration via DHCP.

In any case, make sure that you do not inadvertently leave the IPMI in the world (IPMI implementations are not exactly known for excellent security), let alone with the default credentials!

IPMI

IPMI allows using the tool ipmitool basic work with the server in text mode. Its advantage is easy usability from the terminal via SSH without the need for tunneling or port forwarding. Examples of use:

$ ipmitool -I lanplus -H host-mgmt.lab.fi.muni.cz -U user shell
ipmitool> sel list
   1 | 12/16/2021 | 11:37:48 | Memory #0xd1 | Correctable ECC | Asserted
...
ipmitool> sensor
CPU1 Temperature | 46.000     | degrees C  | ok    | 89.000    | 92.000
...
ipmitool> power status
Chassis Power is on
ipmitool> power reset
...

Serial console

After proper configuration, the Serial Console (SoL) allows access to the BIOS / POST during boot and also to the console of the bootable operating system.

For visibility of events before booting the Linux kernel, configuration in the BIOS is required, for example as follows (we recommend setting the speed as high as possible, typically 115.2k):

Console redirection........Serial Port 1
Failsafe Baud Rate.........115200
Remote Terminal Type.......VT100/VT220
Redirection After Boot.....Enabled

For the visibility of events during boot and the functionality of the console during normal OS running, it is necessary to specify these parameters in the GRUB configuration (and then run update-grub ):

# we wrap some parameters here for readability, but it is necessary
# for them to be present on one line in the real configuration
GRUB_CMDLINE_LINUX="<original parameters> console=tty0
    console=ttyS0,115200n,8"
GRUB_TERMINAL="serial console"
GRUB_SERIAL_COMMAND="serial --unit=0 --speed=115200;
    terminal --timeout=5 serial console"

Note here that the numbering of consoles in the BIOS and in the kernel may differ. Consoles in the BIOS are usually numbered from 1, while in the kernel they are numbered from ttyS0 . See also TLDP .

You can then connect to the console with the command:

$ ipmitool -I lanplus -H host-mgmt.lab.fi.muni.cz -U user sol activate

You can leave it by typing Enter ~ . (or Enter ~ ~ . if you have ipmitool running in one SSH, etc.).