关于IPMI的几个问题

IPMI协议被广泛用于服务器监控中,包括采集CPU温度、风扇转速、主板温度,以及远程开关机等等。而且IPMI独立于硬件和操作系统,无论是CPU、BIOS,还是OS出现故障,都不会影响IPMI的工作。因为IPMI的硬件设备BMC(Baseboard Management Controller)是一个独立的板卡,独立供电。

使用IPMI监控服务器主要有两种模式:本地和远程。

本地监控:

需要安装:

  • IPMI驱动(硬件设备被操作系统识别)
  • ipmitool或其他工具(通过驱动获取服务器信息)

远程监控:

只需要在客户端安装ipmitool或其他工具
远程模式下,IPMI使用RMCP,RMCP基于UDP协议实现。
远程监控也就是基于UDP的网络通信。
服务器IPMI使用的端口一般是623.

下面介绍ipmitool的使用

ipmitool的使用

基本的帮助信息可以通过-h选项获取
也可以使用man ipmitool

$ ipmitool -h
ipmitool version 1.8.11

usage: ipmitool [options...] 

       -h             This help
       -V             Show version information
       -v             Verbose (can use multiple times)
       -c             Display output in comma separated format
       -d N           Specify a /dev/ipmiN device to use (default=0)
       -I intf        Interface to use
       -H hostname    Remote host name for LAN interface
       -p port        Remote RMCP port [default=623]
       -U username    Remote session username
       -f file        Read remote session password from file
       -z size        Change Size of Communication Channel (OEM)
       -S sdr         Use local file for remote SDR cache
       -D tty:b[:s]   Specify the serial device, baud rate to use
                      and, optionally, specify that interface is the system one
       -a             Prompt for remote password
       -Y             Prompt for the Kg key for IPMIv2 authentication
       -e char        Set SOL escape character
       -C ciphersuite Cipher suite to be used by lanplus interface
       -k key         Use Kg key for IPMIv2 authentication
       -y hex_key     Use hexadecimal-encoded Kg key for IPMIv2 authentication
       -L level       Remote session privilege level [default=ADMINISTRATOR]
                      Append a '+' to use name/privilege lookup in RAKP1
       -A authtype    Force use of auth type NONE, PASSWORD, MD2, MD5 or OEM
       -P password    Remote session password
       -E             Read password from IPMI_PASSWORD environment variable
       -K             Read kgkey from IPMI_KGKEY environment variable
       -m address     Set local IPMB address
       -b channel     Set destination channel for bridged request
       -t address     Bridge request to remote target address
       -B channel     Set transit channel for bridged request (dual bridge)
       -T address     Set transit address for bridge request (dual bridge)
       -l lun         Set destination lun for raw commands
       -o oemtype     Setup for OEM (use 'list' to see available OEM types)
       -O seloem      Use file for OEM SEL event descriptions
       -N seconds     Specify timeout for lan [default=2] / lanplus [default=1] interface
       -R retry       Set the number of retries for lan/lanplus interface [default=4]

Interfaces:
        open          Linux OpenIPMI Interface [default]
        imb           Intel IMB Interface 
        lan           IPMI v1.5 LAN Interface 
        lanplus       IPMI v2.0 RMCP+ LAN Interface 
        serial-terminal  Serial Interface, Terminal Mode 
        serial-basic  Serial Interface, Basic Mode 

Commands:
        raw           Send a RAW IPMI request and print response
        i2c           Send an I2C Master Write-Read command and print response
        spd           Print SPD info from remote I2C device
        lan           Configure LAN Channels
        chassis       Get chassis status and set power state
        power         Shortcut to chassis power commands
        event         Send pre-defined events to MC
        mc            Management Controller status and global enables
        sdr           Print Sensor Data Repository entries and readings
        sensor        Print detailed sensor information
        fru           Print built-in FRU and scan SDR for FRU locators
        gendev        Read/Write Device associated with Generic Device locators sdr
        sel           Print System Event Log (SEL)
        pef           Configure Platform Event Filtering (PEF)
        sol           Configure and connect IPMIv2.0 Serial-over-LAN
        tsol          Configure and connect with Tyan IPMIv1.5 Serial-over-LAN
        isol          Configure IPMIv1.5 Serial-over-LAN
        user          Configure Management Controller users
        channel       Configure Management Controller channels
        session       Print session information
        dcmi          Data Center Management Interface
        sunoem        OEM Commands for Sun servers
        kontronoem    OEM Commands for Kontron devices
        picmg         Run a PICMG/ATCA extended cmd
        fwum          Update IPMC using Kontron OEM Firmware Update Manager
        firewall      Configure Firmware Firewall
        delloem       OEM Commands for Dell systems
        shell         Launch interactive IPMI shell
        exec          Run list of commands from file
        set           Set runtime variable for shell and exec
        hpm           Update HPM components using PICMG HPM.1 file
        ekanalyzer    run FRU-Ekeying analyzer using FRU files
        ime           Update Intel Manageability Engine Firmware

下面就几个常用的选项做说明。

设置用户

首先查看用户列表

# ipmitool user list 1  
ID  Name             Callin  Link Auth  IPMI Msg   Channel Priv Limit
2   root             true    true       true       ADMINISTRATOR
# ipmitool  user  set 
User Commands: summary [<channel number>]
                   list    [<channel number>]
                   set name     <user id> <username>
                   set password <user id> [<password>]
                   disable      <user id>
                   enable       <user id>
                   priv         <user id> <privilege level> [<channel number>]
                   test         <user id> <16|20> [<password]>

例如
user id使用3

#设置用户
# ipmitool  user  set name 3 test
# ipmitool  user  set password 3 test

设置用户权限

channel 为1,user ID为3,privilege为4

privilege的值定义如下;

1 callback
2 user
3 operator
4 administrator
5 OEM

设置用户权限
# ipmitool channel setaccess 1 3 callin=on ipmi=on link=on privilege=4

查看权限

# ipmitool channel getaccess 1 3

再次查看用户列表

# ipmitool  user list 1
ID  Name             Callin  Link Auth  IPMI Msg   Channel Priv Limit
2   root             true    true       true       ADMINISTRATOR
3   test             true    true       true       ADMINISTRATOR

配置网络

配置IP、网关、子网掩码
这个地方配置的IP没有什么限制,只要不与其他机器IP冲突,符合IP规则即可。

#ipmitool lan set 1 ipaddr *.*.*.*
#ipmitool lan set 1 netmask *.*.*.*
#ipmitool lan set 1 defgw ipaddr *.*.*.*
#ipmitool lan set 1 access on

查看网络配置

#ipmitool lan print 1

interface的使用

-I interface

  • open
  • lan
  • lanplus
  • 其他

如果没有-I选项,ipmitool默认使用open,即Linux OpenIPMI

lanplus是lan的增强版
lan及lanplus主要用于远程监控

获取传感器数据

传感器简洁数据
左边第一列是Sensor ID,第二列是Sensor Readings

#ipmitool sdr list
Temp             | 27 degrees C      | ok
Temp             | 50 degrees C      | ok
Temp             | 38 degrees C      | ok
Temp             | 39 degrees C      | ok
Ambient Temp     | 26 degrees C      | ok
Ambient Temp     | 30 degrees C      | ok
IOB Temp         | 40 degrees C      | ok
Ambient Temp     | 23 degrees C      | ok
Planar Temp      | 30 degrees C      | ok
Temp             | 26 degrees C      | ok
Temp             | disabled          | ns

传感器详细数据

#ipmitool -v sdr list
Sensor ID              : Temp (0x1)
 Entity ID             : 3.1 (Processor)
 Sensor Type (Analog)  : Temperature
 Sensor Reading        : 27 (+/- 1) degrees C
 Status                : ok
 Nominal Reading       : 50.000
 Normal Minimum        : 11.000
 Normal Maximum        : 69.000
 Positive Hysteresis   : 1.000
 Negative Hysteresis   : 1.000
 Minimum sensor range  : Unspecified
 Maximum sensor range  : Unspecified
 Event Message Control : No Events From Sensor
 Readable Thresholds   : Thresholds Fixed
 Settable Thresholds   : Thresholds Fixed
 Event Status          : Event Messages Disabled
 Assertion Events      : 
 Event Enable          : Event Messages Disabled
 Assertions Enabled    : 

Sensor ID              : Temp (0x2)
 Entity ID             : 3.2 (Processor)
 Sensor Type (Analog)  : Temperature
 Sensor Reading        : 50 (+/- 1) degrees C
 Status                : ok
 Nominal Reading       : 50.000
 Normal Minimum        : 11.000
 Normal Maximum        : 69.000
 Positive Hysteresis   : 1.000
 Negative Hysteresis   : 1.000
 Minimum sensor range  : Unspecified
 Maximum sensor range  : Unspecified
 Event Message Control : No Events From Sensor
 Readable Thresholds   : Thresholds Fixed
 Settable Thresholds   : Thresholds Fixed
 Event Status          : Event Messages Disabled
 Assertion Events      : 
 Event Enable          : Event Messages Disabled
 Assertions Enabled    : 
 。。。

可以看到sensor ID是重复的,如何区分是哪个硬件模块的数据呢?
如果使用

#ipmitool sdr get "Temp"

只能获取到第一个Sensor ID的数据。

上面可以看到,有一个entity id,它是唯一的。

例如CPU1的entity id 为3.1,可以列出CPU1所有数据

# ipmitool sdr entity 3.1
Temp             | 01h | ok  |  3.1 | 34 degrees C
VCORE            | 12h | ok  |  3.1 | State Deasserted
2.5V VDDA PG     | 14h | ok  |  3.1 | State Deasserted
1.2V VDDR PG     | 16h | ok  |  3.1 | State Deasserted
Presence         | 50h | ok  |  3.1 | Present
Status           | 60h | ok  |  3.1 | Presence detected
CPU1             | 00h | ns  |  3.1 | Physical FRU @B0h

采用entity id + sensor id 就可以唯一确定一个数据

# ipmitool sdr entity 3.1 | grep "Temp"
Temp             | 01h | ok  |  3.1 | 34 degrees C

远程监控一例

获取远程主机10.10.228.118的传感器列表,端口623,用户为test,密码为test

#ipmitool -I lanplus -H 10.10.228.118 -p 623 -U test -P "test" sdr list

system event log

打印系统事件log

#ipmitool sel list 

输出:

1 | 07/31/2013 | 12:36:31 | Power Supply #0x62 | Power Supply AC lost | Asserted
...

如何找到帮助信息

以command sdr为例

#ipmitool sdr help
SDR Commands:  list | elist [all|full|compact|event|mcloc|fru|generic]
                     all           All SDR Records
                     full          Full Sensor Record
                     compact       Compact Sensor Record
                     event         Event-Only Sensor Record
                     mcloc         Management Controller Locator Record
                     fru           FRU Locator Record
                     generic       Generic Device Locator Record
               type [sensor type]
                     list          Get a list of available sensor types
                     get           Retrieve the state of a specified sensor
               info
                     Display information about the repository itself
               entity [.]
                     Display all sensors associated with an entity
               dump <file>
                     Dump raw SDR data to a file
               fill
                     sensors       Creates the SDR repository for the current configuration
                     file <file>   Load SDR repository from a file

如何查看entity有哪些

$ ipmitool sdr entity

Entity IDs:

     0  Unspecified                            1  Other                           
     2  Unknown                                3  Processor                       
     4  Disk or Disk Bay                       5  Peripheral Bay                  
     6  System Management Module               7  System Board                    
     8  Memory Module                          9  Processor Module                
    10  Power Supply                          11  Add-in Card                     
    12  Front Panel Board                     13  Back Panel Board                
    14  Power System Board                    15  Drive Backplane                 
    16  System Internal Expansion Board       17  Other System Board              
    18  Processor Board                       19  Power Unit                      
    20  Power Module                          21  Power Management                
    22  Chassis Back Panel Board              23  System Chassis                  
    24  Sub-Chassis                           25  Other Chassis Board             
    26  Disk Drive Bay                        27  Peripheral Bay                  
    28  Device Bay                            29  Fan Device                      
    30  Cooling Unit                          31  Cable/Interconnect              
    32  Memory Device                         33  System Management Software      
    34  BIOS                                  35  Operating System     

查看BMC信息

# ipmitool mc info
Device ID                 : 32
Device Revision           : 0
Firmware Revision         : 1.85
IPMI Version              : 2.0
Manufacturer ID           : 674
Manufacturer Name         : DELL Inc
。。。

问题

问题1

# ipmitool -I lan -H 10.61.*.* -U root -P "root" sdr    
Authentication type NONE not supported
Authentication type NONE not supported
Error: Unable to establish LAN session
Get Device ID command failed
Unable to open SDR for reading

解决:
使用 –I lanplus

# ipmitool -I lanplus -H 10.61.*.* -U root -P "root" sdr

问题2

# ipmitool  -I lanplus -H 10.61.*.* -U test -P "test" sdr -v
RAKP 2 message indicates an error : unauthorized name
Error: Unable to establish IPMI v2 / RMCP+ session
Get Device ID command failed
Unable to open SDR for reading

原因:
密码错误

问题3

设置权限

# ipmitool channel setaccess 1 7 callin=on ipmi=on link=on privilege=user
Set User Access (channel 1 id 7) failed: Invalid data field in request

原因:
选项privilege 只支持数字形式

改为

# ipmitool channel setaccess 1 7 callin=on ipmi=on link=on privilege=2

下面这个也会出现同样的问题

# ipmitool  user priv 7 admin

你可能感兴趣的:(Linux)