IPMI, KVM-over-LAN, virtual media in Supermicro servers - remote management and monitoring. What is IPMI? Advantages and disadvantages? Benefits of IPMI technology

In order to network administrators to maximize server uptime, there are many technologies and products available. Therefore, it was necessary that management standards be the same for everyone. Today, the IPMI (Intelligent Platform Management Interface) standard is one of the most important open standards and is present on all Supermicro platforms.

Most Supermicro motherboards contain a special slot that supports IPMI 2.0 cards (IPMI over LAN). IPMI technology makes it possible to remotely manage and restore a server regardless of its status and condition. Communication with the remote management console is provided using the built-in network controller, using additional bandwidth. This is a hardware solution that is independent of the operating system. IPMI 2.0 is a fast and inexpensive way to remotely manage, monitor, diagnose and restore a server.

Since IPMI is completely independent of the operating system, monitoring, managing, diagnosing and restoring systems can be carried out even when the OS is frozen or the server is offline. IPMI technology implements functions to display notifications about the need to restore components - this makes it possible to monitor the state of the system and respond to possible hardware problems before they occur. The likelihood of such problems is also reduced by the hardware monitoring feature. In addition, you can monitor tampering with the server hardware if you configure the IPMI system to detect openings of the enclosure. Personnel security is ensured by the use of multi-level rights and passwords in conjunction with identification and linear encryption technologies. Some IPMI 2.0 modules support KVM-over-Lan. This makes it possible to remotely log into the operating system on the server and perform the necessary manipulations to configure it, or to install and remove the necessary programs.

IPMI is easy to use because it usually comes already integrated into a server or a separate device. And most importantly, it does not require financial expenses. And allows you to control the system at those moments when software are powerless - for example, when the OS freezes. Thus, IPMI technology and existing management tools and methods complement each other perfectly. And for effective management The server must use both software and hardware resources. -

Benefits of IPMI technology

• Remote control of power supplies, fans, voltage and temperature regardless of type and condition central processor and operating system
• Keeping a log of current events
• Support DOS, BIOS setup, Windows 2003, Linux
• Control of buttons on the body: Reset; Power down; Power up

Password protection

Altusen IP9001 and IPMI modules: embedded tools for remote computer management

Remote control modules, among which KVM switches are the most famous, are usually made in the form of external structures. But there is another class of devices, also designed for remote manipulation of server equipment, built directly into the controlled object. Every system administrator cannot imagine its activities without using remote access to supervised servers, and in two options: remote monitoring of equipment status and remote performance of administrative functions. Typically, these tasks are solved by accessing a text console or a graphical shell desktop. Organize remote control Maybe in different ways, the most common of which are software tools. Almost every manufacturer of servers and storage systems includes software for remote status monitoring, notification of critical situations, and equipment administration.

Not least important are the built-in remote access tools provided by the OS, not counting individual third-party products. But sometimes software tools are powerless to help troubleshoot problems without direct access to the server. This happens, for example, during a hardware failure, and only a “cold” restart or even the need to turn off/on the power can correct the situation. In such cases, a specialized hardware and software solution comes to the rescue, which is a special controller installed on the motherboard. Its power is provided from a standby source or even autonomously. It can be accessed via a network interface; in addition, there may be another channel - through a standalone COM port or modem. Such a controller has access to sensors on the motherboard and can also perform hard reset and power on/off. These functions are controlled by workstation administrator, on which a client is installed that interacts with controllers and allows monitoring/management of a group of servers equipped with such modules.>

Altusen IP9001 The IP9001 controller is essentially a “computer within a computer.” This solution ensures complete hardware independence from the managed server. Access to the remote node is carried out via a Web interface and allows you to perform any operations with the computer being serviced, including turning on/off and hard reset. The device is a PCI controller for remote control using the TCP/IP protocol, designed for installation in any computer equipped with the appropriate interface. In fact, IP9001 is an independent computer with its own IBM PowerPC 405GPr processor - a 400-MHz version of the already known 405GP, produced with clock frequencies 266 and 300 MHz. This processor includes an integrated PCI interface, SDRAM and Ethernet controllers. In addition to the required RAM and ROM, the board has its own ATI Rage XL graphics controller, and for connecting to the network it has an RJ-45 Ethernet port. Also worthy of attention is the possibility of working through telephone network using an additional modem module (RJ-11 connector) - it will help out if there is no access to the managed node via local network. In addition to the above, the remote control module is equipped with a decent set of peripheral interfaces, including RS-232 and a USB 2.0 hub. The device is powered in two ways - through PCI bus And external source, designed to ensure independence from the managed computer. Control from a remote console provides the operator with the full range of capabilities available directly from the server itself, including working in Remote Console mode, monitoring system voltage and temperature, turning on/off, and rebooting. Support for virtual disk, CD and floppy drive allows you to install updates, software and boot the OS from media physically located on the remote workstation. The software allows support for 64 accounts with differentiated management access rights for each operator. The device is designed to use operating Windows systems 2000/2003/XP, Red Hat versions 8.0 and higher. IPMI (Intelligent Platform Management Interface).

Another type of embedded device designed exclusively for server platforms is based on a set of IPMI specifications developed by a group of server hardware companies Intel, HP, NEC and Dell for remote monitoring/management tools. It included three specifications: Intelligent Platform Management Interface; Intelligent Platform Management Bus (IPMB) and Intelligent Chassis Management Bus (ICMB). IPMB is an internal interface specification for advanced monitoring/control within a single system, ICMB defines external interface specifications between IPMI-compatible systems.

IPMI extenders, despite their small size, provide full control over the server. After the release of version 1.0 in 1998, version 1.5 was released, and the 2.0 specification is currently relevant. This standard has already been supported by 171 equipment manufacturers, and the list continues to grow. Version 1.5 was approved in the first quarter of 2001. It already included the following features: means for monitoring temperatures, voltages, fan speeds, case tamper sensors; reset and power management; event logging; watchdog circuit (WatchDog Timer); access and notification via COM port and local network; specialized tires for monitoring. Version 2.0 was adopted in February 2004. It includes a number of additional features, such as Serial Over LAN, packet encryption, internal and external protocols, improved protection against unauthorized access, added extensions for monitoring modular structures (blade servers) and tools for creating virtual (management only) networks. Server motherboards on the Intel 7500 platform for Xeon Prestonia with a 400 MHz bus were equipped with IPMI. It was an SMC-0001 module, compatible with IPMI-1.5, designed as a small board with a specialized processor and its own COM port in a design similar to SO-DIMM memory modules. Almost all boards on the Intel 7520/7525/7320 platform, as well as Intel 7221 for Pentium 4 is equipped with the AOC-IPMI20-E module, which is already compatible with IPMI 2.0.

IPMI architecture version 2.0. Today this is the main standard adopted by server system developers

On server platforms 7230 for Pentium D and 1U platforms of the 6014P series for Xeon, a new design for IPMI cards has appeared. It has a connector similar to PCI-X x16, only with an “inverted” key. These boards (AOC-1UIPMI-B and AOC-LPIPMI-LANG) are functionally similar to the AOC-IPMI20-E, but are equipped with an additional Intel 82541PI Gigabit network card. The AOC-LPIPMI-LANG module is designed for installation in a regular or 2U case, and the AOC-1UIPMI-B is designed for installation in a 1U case and is not equipped with a network card (it is optionally available as a separate AOC-1UIPMI-LANG module). By default, AOC-IPMI20-E uses the first network controller, available on the motherboard, and AOC-1UIPMI-B and AOC-LPIPMI-LANG - their additional one, if installed. When installed in the IPMI module, the Firmware corresponding to the motherboard is first programmed, and then the IP address is set. In the operating system the same network card can be used in parallel for other needs with an IP address different from that set for IPMI. As a rule, for security reasons, it is recommended to allocate a separate network to the latter. Used for monitoring/controlling systems with IPMI adapters special utility IPMIView20, which recognizes adapters of all versions. It allows you to find IPMI adapters in a given address range, and group the detected systems according to a certain criterion. To gain access to a specific server, it is necessary to pass password authentication, and IPMI 2.0 uses password control and encryption, as well as multi-level differentiation of access rights. Software for managing servers via IPMI provides the operator with not only a set of basic functions, but also monitoring data in a convenient graphic form The main monitoring/control capabilities provided by IPMI adapters, standards: logging system events, monitoring temperatures, voltages, fan speeds, and other sensors. It is possible to reboot, turn on/off and Cycle - sequentially turning off and then turning on the power. All these functions are available in two modes: Graceful Power Control - correct shutdown of the operating system through the agent installed on it (the GPC agent is available only for Windows and Linux), and Chassis Power Control - hardware reset/power off. Access to the text console is provided by reassigning it to a COM port and implementing SOL-redirection (Serial Over LAN). The latter allows you to access the text console of a remote server and change remotely, for example, BIOS settings. In the same way you can access the bootloader Windows menu or to the Linux/UNIX text console.

Afterword

The devices described in the review are designed to perform the same task - to simplify the maintenance of remote systems as much as possible. The main difference between them is the scope of application. While Altusen IP9001 is suitable for any system, the installation of IPMI modules is limited exclusively to server platforms. Today, many development companies strive to include such modules as part of their systems. So, on June 15, ATEN International Co. Ltd. announced that its new IPMI firmware solution has been officially selected by Micro-Star International Co. Ltd. (MSI) for its server product line. MSI will integrate the ATEN firmware solution into its line of AMD servers to provide customers with the necessary server management functions. Separately, it is worth noting that Supermicro is preparing new AOC-SIMLP IPMI 2.0 monitoring/management tools for the Bensley platform, which will have built-in KVM Over LAN capabilities via IPMI .

Implementation of remote control and monitoring computer systems large equipment manufacturers began to work closely at the end of the last century. With the rapid growth of computerization and the emergence of distributed networks of large enterprises and organizations, a technology was required that would allow centralized management of the most important nodes without direct local access to the computer. First of all, large manufacturers of server platforms have implemented the ability to perform remote access on a server, which may be located in a neighboring building or on the other side of the planet, allowing service personnel to perform the following operations:

Turn the power on or off.

Perform a hard reset of the computer.

View or change BIOS settings.

Install the operating system using virtual media.

Manage the operating system remotely using standard input/output devices.

Monitor the technical condition of the most important equipment components.

Perform hardware platform maintenance operations (firmware Motherboard BIOS board or certain controllers) and providing authorized access to it.

As a result of joint efforts large manufacturers server equipment (Intel, Dell, NEC and Hewlett-Packard) specification was developed intelligent platform management interface (IPMI), which has become a standard for implementing remote access to computer equipment of server platforms.

Purpose and implementation of the IPMI interface.

IPMI(from the English Intelligent Platform Management Interface) is an intelligent platform management interface designed for autonomous monitoring and management of functions built directly into the hardware and firmware of server platforms. In other words, IPMI is a management tool that is implemented independently of the main server hardware and ensures that it is turned on, off, reset, remote connection virtual monitors, keyboards and mice, monitoring the operation of equipment and notification of important events related to the performance of the server. The IPMI specification version 1.0 was published back in 1998. and was based on connection to the IPMI module via the RS-232 serial interface. Subsequent IPMI 1.5 and 2.0 specifications are based on the use of a standard network interface.

The core of the server platform management system is a specialized device - Baseboard Management Controller (BMC), which is practically a specialized computer built into a server platform, having its own processor, memory, peripherals and operating system. The BMC module is powered by the standby voltage of the power supply (+5V Standby) and, accordingly, begins to work as soon as the primary voltage of 220V is applied to the input of the power supply, regardless of whether the computer is turned on or not.

The IPMI specification does not set strict standards for the implementation of IPMI devices. They can be made in the form of a separate adapter, can be soldered directly on the motherboard, or made as a separate microcontroller. Currently, the most common BMC controllers integrated into server motherboards are based on System-on-Chip (SoC) technology, allowing for both effective interaction with the managed platform and a huge number of remote monitoring functions, notification of important events via e-mail or SNMP, logging, etc.

BMC controllers for server motherboards connect to them via a system interface called IPMB(Intelligent Platform Management Bus/Bridge) or to other BMC controllers via interface IPMC(Intelligent Platform Management Chassis). For remote control of equipment via the BMC controller, a special application layer protocol can be used Remote Management Control Protocol (RMCP), providing operation via a regular local network. As a rule, modern BMC controllers provide control of server platforms via a web interface, and also provide remote connection of CD/DVD devices and operation of a keyboard-video-mouse over a network (IP KVM), which makes it easy to perform, for example, changes BIOS settings or install an operating system without having physical access to the server hardware.

Basic capabilities for controlling the motherboard via the IPMI interface.

Let's look at the possibilities of server management via the IPMI interface using the example of the Supermicro X8DTT-IBQF motherboard with an integrated Nuvoton WPCM450 Baseboard Management Controller with IPMI 2.0 support.

Controller Nuvoton WPCM450 supports graphics core with PCI interface, Virtual Media devices (virtual CD/DVD) and keyboard-video-mouse redirection (Keyboard/Video/Mouse, KVM). To connect to the local network, an external Ethernet controller is used, soldered on the motherboard.

Platform control buses are used to interact with the components of the managed system. Platform Environment Control Interface (PECI). There is a jumper on the motherboard to disable the BMC controller if the need arises. Also, it has a BMC LED (BMC Heartbeat LED) to indicate the operating status of the controller - a green flickering indicator indicates that the BMC is working normally.

Connection to the local network is made through the RJ-45 port, designated as IPMI_LAN

The initial configuration of the IPMI interface is performed in the section Adnanced – IPMI Configuration main BIOS.

Status of BMC BMC controller status

View BMC System Event Log- viewing the system event log (SEL), which is maintained by the BMC controller.

Clear BMC System Event Log- clearing the event log

Set LAN Configuration- setting up the network configuration of the adapter used by the BMC controller. You can configure it to receive the IP address, mask, and gateway address automatically via DHCP, or set them manually.

Set PEF Configuration- setting up a filter for events registered by the Platform Event Filter (PEF) controller. In this menu item, you can configure the controller’s reaction to certain events, such as turning off the power when the temperature increases or the fan speed decreases. By default, event filtering is disabled.

BMC Watch Dog Timer Action- you can configure polling of the state of the managed system and its reset, reboot or power off when it freezes. By default, disabled.

The main capabilities for managing and monitoring the state of the platform are available through the web interface. To connect to the BMC module, use any browser with java support, enter the IP address of the IPMI device in the address bar and, after connecting, authorize using the username and password specified in the documentation or specified in user settings. The default username and password for Supermicro IPMI devices is - ADMIN/ADMIN. After successful authorization, the main platform management window will open with the “System Information” tab activated:

The “Server Health” tab allows you to monitor the status of the server hardware:

Sensor Reading- viewing data from monitored sensors

Sensor Reading with Thresholds- viewing data from monitored sensors and threshold values

Event Log- view the event log

The displayed sensor information includes their names, status, and read value. There are buttons at the bottom of the screen Refresh- update sensor data and Show Thresholds- show threshold values. Via submenu Select a sensor type category you can select the type of sensors (temperature, voltage, etc.). Example of information displayed:

Viewing the event log allows you to determine the time of occurrence of the detected sensor state and obtain it brief description and assess the level of danger to the operation of the equipment. Example of information displayed:

Tab Configuration allows you to configure alerts about equipment status, change network parameters, configure the access policy for the IPMI device.

Alerts- setting up alerts. You can create up to 15 entries with different alert rules. It is possible to specify the category of events for which notification is performed - information, warning, critical event, unrecoverable state. Notification is possible by email or by sending an SNMP trap. In the first case, you must specify the e-mail to which the letter will be sent when an event of a given category occurs; in the second, the IP address of the server that collects SNMP alerts. When using notification via email, you must specify the IP address and port of the SMTP server and the sender address in the section SMTP

Sections LDAP, Active Directory , RADIUS,Users And SSL certificate are configured depending on the security requirements for access to IPMI devices. In the section Network can be changed network settings IP address, mask, gateway. In the section Ports- port numbers that are used during emulation virtual devices boot, video monitor, keyboard and mouse. You can also change the port number for web access to the IPMI device.

Tab Remote Control allows you to connect remotely to the server console using a java applet. Please note that when connecting for the first time, the console may not work for a long time, since the applet requires launching virtual machine Java. In addition to the usual terminal emulation, this program allows you to record a work session through the menu Video – Capture Screen, using the software keyboard ( Keyboard – Soft Keyboard) and connecting virtual media ( Media – Virtual Media Wizard)

Tab Remote Control used to turn on, turn off and reset the server.

Tab Maintenance- to update the firmware and force reset of the IPMI device.

In addition to manual equipment control, the IPMI interface allows you to configure a warning system using email about important events related to the operation of equipment - changes in temperature, voltage, fan speed, occurrence of correctable memory errors (ECC), etc. It is also possible to monitor using the SNMP (Simple Network Management Protocol).

IPMI implementation may vary depending on the hardware manufacturer and motherboard model. So, for example, for many server Intel platforms IPMI connection via a web browser is provided by a special remote management module – Remote Management Module ( RMM), which is not included in standard equipment and is purchased separately. Moreover, there are several editions of these modules that are completely incompatible with each other; the RMM3 module cannot be installed on a platform that supports RMM4 and vice versa. When installing or replacing the RMM module, you must refer to the documentation that came with the motherboard.

In addition, for example, on many Supermicro platforms, when IPMI equipment is turned on, a link must be present at the input of the Ethernet port, otherwise access to the IPMI interface over the network will not work.

To manage platforms via the IPMI interface, not only a browser can be used, but also software, developed by hardware manufacturers, such as the GUI utility from Supermicro IPMI View

There are also utilities command line IPMICFG And SMCIIPMITOOL.

Hello everyone, today I’ll tell you what an IPMI management port is, how a system engineer can use it at work on a daily basis, simplifying his life to the point of disgrace.

IPMI ( Intelligent Platform Management Interface) is an interface for remote monitoring and management of the physical state of the server. IPMI is an analogue of the well-known IP-KVM developments, iLo,.

IPMI capabilities

• remote activation, shutdown and reboot the server;
• monitoring of temperature, voltage and cooling system;
• remote connection to the server of the storage medium (for example, to install the OS and software);
• management of user accounts and rights (there is support for LDAP and);
• access port management and access protection SSL- certificate;
• setting up notifications about server operation.

How does the BMC controller work?

Let's look at the operation diagram of the BMC controller. And so Baseboard Management Controller is an interface for remote management and monitoring of server status. Essentially, the Baseboard Management Controller is a single-chip system, as it is correctly called System-on-a-Chip, SoC. BMC has a built-in graphics core that accesses and interacts with the main components of the server hardware motherboard, through various interfaces necessary for the operation of the IPMI standard. What's good about IPMI is that it does not depend on the operating system of the host server. Personally, I use IPMI for BIOS firmware on servers and installing a server operating system.

IPMI can also work behind NAT, for example in data centers; people are given the opportunity to manage their server this way, useful if it’s frozen. For NAT you will need to open the following ports:

• TCP 80: HTTP
• TCP 443: HTTPS
• TCP 5900, 5901: graphical console
• TCP 5120, 5123 - Virtual Media traffic
• UDP 623:IPMI

What does an IPMI port look like on servers?

I will give an example of what this management port looks like on a physical SuperMicro server. I have highlighted it with an arrow; most often it is located above USB ports.

Next, you need to configure everything, how to set up IPMI on Supermicro servers in the BIOS or through the ipmicfg utility, I already told you, I won’t stop there.

Default password on IPMI

The standard login and password for IPMI will be ADMIN / ADMIN, namely in capital letters.

You will see a page with summary information about the system, which you can see in the picture, it gives you an overview of the system, IP address, firmware version number, BIOS version, and also preview remote console. You can immediately turn on the server if it is not working. I used the IPMI interface many times to turn on the server after it was accidentally turned off.

On the hardware information screen, you can view different hardware components to see specifications, etc.

Using the Configuration section, you can perform a variety of tasks including alerts, RADIUS authentication, network configuration (for IPMI itself), SMTP configuration for alerts, IP access control, syslogs, etc.

The Remote Control section is one of the more interesting things, since you will most likely be interested in having remote access to the server if you are primarily accessing IPMI.

In the Remote Control section, the power management menu allows you to:

• perform reset
• immediate power off
• gradual power off
• turning power on or off, all very handy if you're trying to remotely troubleshoot or power off and on a server.

The Launch SOL menu allows you to launch the SOL console.

Virtual Media is an amazing feature too. You can connect virtual media via shared resource Windows and present it as if it were plugged directly into the server. The only downside to IPMI is its 4.7 GB limit, which may not be enough for some new server OSes. VL copy Windows Server 2012 R2 weighs 5.1 GB, but this seems to be solved by updating the firmware.

To launch the remote control console in IPMI (Remote Console), click on the preview image, you should download a java file. The browser may complain about it, click "Keep" to confirm the download.

Not long ago, I managed to work with servers that were new to me Supermicro remote control of which is carried out using the interface IPMI. In this article, I will try to cover the main points in setting up IPMI on Supermciro servers, show the main menu items of the IPMI interface, and also talk about additional utilities, commands and methods for monitoring a server using ipmi.

IPMI(Intelligent Platform Management Interface) is an intelligent platform management interface designed for autonomous monitoring and management of functions built directly into the hardware and firmware of server platforms. (information taken from an official source). IPMI is implemented as a separate server controller, which does not depend on the operating system, BIOS, or server CPU and allows remote control of physical equipment.

Initial setup of the IPMI console and familiarization with the interface

Setting up IPMI begins with setting the IP address of the interface, which must be specified in the BIOS. If the server is installed in an office, this may be a gray IP address, but if your equipment is located in a Data Center, then you are probably using a white static IP address.

On Supermicro servers, you can access the BIOS by pressing the “ Del” when loading the server, I will not focus on this and will immediately move on to the interface of the BIOS itself.

As you can see in the screenshot, I entered the IPMI menu item and activated the Lan configuration option for the interface (Update IPMI Lan Configuration = Yes, Configuration Address Source = Static), specified the IP address, subnet mask and default gateway.

You can apply the settings by clicking the button F4, after which the server will reboot.

If you did everything correctly, then by entering in the browser specified for the IPMI IP interface, authorization will open:

Now let's go through the main points.

When purchasing a new server, a user has already been created in IPMI ADMIN with password ADMIN, it is with this data that we log in. I always recommend creating a new user and deleting the standard one or changing its password; leaving such a login and password is extremely unsafe. You can create a new user or change passwords/privileges for current ones in the menu Configuration -> Users.

Restarting the IPMI interface can be done from the menu Maintenance -> Unit Reset.

Mounting iso image and the OS for installation on the server is executed in the menu Virtual Media -> CD-ROM Image.

My OS iso images are stored on a Samba server in the same subnet as the IPMI server interfaces. I indicate the address Samba server, the path to the installation ISO image with the OS, after which I mount the ISO image and proceed to install the operating system.

Remote graphical Java server console ( KVM-over-IP) can be opened via Remote Control -> Console Redirection.

The console is generally convenient, but after installing the OS, I usually use ssh clients to work with the server. Sometimes there are times when this is not possible, for example, if your network does not work or has not yet been configured on the server, or there are some problems with access. That's when Remote Console comes to the rescue.

There is no need to make any separate settings in the console itself, I just want to add that it has a built-in keyboard that can be called up from the menu Virtual Media -> Virtual Keyboard.

Advice. After working with SUpermicro servers for a long time, I discovered one unpleasant bug. After installing the Centos 7 operating system and installing KVM on it, the ability to use the Remote Console disappears. While the server is booting, the console responds and you can go to Bios or see the OS kernel loading. But as soon as operating system loaded, the video in the console disappears. Through experimentation I managed to overcome this bug. You need to add the nomodeset boot parameter to the kernel boot. To do this, after installing the OS, you need to run the command:

grubby --args "nomodeset" --update-kernel /boot/vmlinuz-`uname -r`

After this, Remote Console works fine.

Server management via the IPMICFG utility from SuperMicro

To manage servers via IPMI, SuperMicro is developing its own utility IPMICFG.

You can download the IPMICFG file using the command:

wget ftp://ftp.supermicro.com/utility/IPMICFG/IPMICFG_1.30.0_build.190710.zip

At the time of publication, the file had this name, I recommend going to the SuperMicro repository using the link ftp://ftp.supermicro.com/utility/IPMICFG/ and copy the url of the current file.

Let's unpack the downloaded file into the directory we are in:

ln -s /root/IPMI*/Linux/64bit/IPMICFG-Linux.x86_64 /usr/local/sbin/ipmicfg

Now we can run the utility using the ipmicfg command (symbolic link). Let's consider basic capabilities ipmicfg utilities.

If we run the command ipmicfg -help we will get a list of all possible utility parameters.

Let's look at the basic commands:

• ipmicfg -help – complete help on the utility;
• ipmicfg -m – view the current IP and mac address for IPMI;
• ipmicfg -k - view the subnet mask;
• ipmicfg -g – view the specified gateway;
• ipmicfg -fd - reset IPMI to factory settings;
• ipmicfg -user list – view created users and their privileges.

You can change the IP address, mask and gateway of the IPMI interface:

• ipmicfg -m 192.168.1.200
• ipmicfg -k 255.255.255.0
• ipmicfg -g 192.168.1.1

Create a new IPMI user and password:

ipmicfg -user add

Using the utility we do the following:

ipmicfg -user add 6 test 123456 4

Thus, we created the user test with the password 123456 and administrator privileges.

The list of IPMI users and their privileges in the system can be displayed with the commands:

• ipmicfg -user list
• ipmicfg -user help

As you can already see in the screenshot, the test user has been created.

To change (reset) the IPMI user password, use the command:

ipmicfg -user setpwd

And I’ll give a couple more examples of using this utility:

• ipmicfg -hostname - set the hostname for the ipmi interface;

Monitoring hardware on a SuperMicro server via IPMI and the IPMICFG utility

SuperMicro server monitoring via IPMI

Via IPMI, monitoring the temperature and operation of the SuperMicro server hardware is quite simple. Full information about the server hardware is contained in the System -> Hardware Information item.

Information on the processor status, RAM and fans, you can view it by going to the Server Health -> Sensor Readings tab.

For ease of viewing, you can change the display categories of sensors, for example, temperature:

Or voltage sensors:

Since at the moment there are no problems on our server, neither with temperature nor with voltage, all sensors are in the green zone. If the server's temperature rises or there are voltage problems, the green rectangles will turn red, which will be a signal to check your server.

Monitoring using the ipmicfg utility

Checking the status of power supplies:

# ipmicfg -pminfo

Item | Value ---- | ----- Status | (00h) Input Voltage | 217.5 V Input Current | 1.06 A Main Output Voltage | 12.28 V Main Output Current | 17.93 A Temperature 1 | 23C/73F Temperature 2 | 21C/70F Fan 1 | 2064 RPM Fan 2 | 2032 RPM Main Output Power | 220 W Input Power | 228 W PMBus Revision | 0x22 PWS Serial Number | P2K4FCH02LT0125 PWS Module Number | PWS-2K04F-1R PWS Revision | REV1.0 Current Sharing Control | PEC error Item | Value ---- | ----- Status | (00h) Input Voltage | 217.5 V Input Current | 1.09 A Main Output Voltage | 12.30 V Main Output Current | 18.09 A Temperature 1 | 24C/75F Temperature 2 | 22C/72F Fan 1 | 2064 RPM Fan 2 | 2064 RPM Main Output Power | 223 W Input Power | 234 W PMBus Revision | 0x22 PWS Serial Number | P2K4FCH02LT0126 PWS Module Number | PWS-2K04F-1R PWS Revision | REV1.0 Current Sharing Control | PEC error

You can view the processor temperature with the command:

ipmicfg -nm oemgettemp

You can also check what mode the fans are operating in and change the mode if necessary.

Checking fan status and configuration

# ipmicfg -fan

Current Fan Speed ​​Mode is [ PUE2 Optimal Mode ] Supported Fan modes: 0:Standard 1:Full 3:PUE2 Optimal 4:Heavy IO

Changing the cooler operating mode: ipmicfg -fan For example, ipmicfg -fan 3

IPMI version and firmware information:

# ipmicfg -nm deviceid

Device ID = 50h Firmware Version = 4.1.4.54 IPMI Version = 2.000000 Manufacturer ID = 57 01 00 Product ID Minor Ver = Greenlow platform Implemented DCMI version = DCMI not implemented/enabled Firmware implemented version = NM Revision 4.0 Image Flag = operational image 1 raw = 50 01 04 14 02 21 57 01 00 09 0b 04 05 40 01

And you can view all sensors with the command ipmicfg -sdr

In the output, we see that there are additional columns that display information about the lower and upper limits.

There are also quite a few utilities that can be used to monitor and automate this process, for example, with nagios. At the moment, we will not focus on this, since the purpose of the article is to tell the main points in working with IPMI. If you are interested in the topic of monitoring, you can leave your wishes and perhaps in the future we will cover this topic. I hope you find this article useful!

Frequently asked questions about IPMI in motherboards Supermicro: why it is needed, features, visual demonstration, pitfalls.

1) The most popular myth about KVM-over-LAN is that it is "not needed". For some reason, many people confuse it with regular remote access to the text/graphical OS console, i.e. "Why do we need KVM-over-LAN if we have SSH, VNC, RDP and Radmin?"
The difference is fundamental: KVM-over-LAN is not just access to the OS console, it does not depend on the OS in any way, it is access to the console of the server itself (and not only to the console, details will be below), i.e. we can, for example: go into the BIOS of the motherboard or additional. controller, install the OS, configure sensor monitoring (which, again, is very important - independent of the OS) via SNMP, etc.
2) How does this work? It works quite simply, here it is block diagram(Supermicro lately usually uses Winbond or Nuvoton WPCM450:

All the work is performed by the BMC (Baseboard management controller) processor - it has its own memory and a specialized OS (usually Linux-based). BMC uses USB bus to connect virtual keyboard, mouse and CD/DVD/FDD drives. Through other buses, readings from fan rotation sensors, temperature sensors, power management, and access to the COM port are collected (for remote access to the serial console). BMC is also engaged in capturing and redirecting the contents of the video buffer - modern BMCs already have an integrated video core; once upon a time, in the first implementations, BMC was engaged in digitization analog signal from a separate VGA controller. Data exchange with the “outside world” occurs via ethernet (a dedicated port or one of the ports of an ethernet controller located on the motherboard).
Actually, WPCM450 in Supermicro products is a system based ARM processor 926EJ-S running Linux OS on kernel 2.6.

For diagnostic purposes, you can log in via SSH, where busybox will be waiting for you.

3) How much does it cost?
Supermicro is currently integrating IPMI BMC directly onto motherboards. Previously, additional modules were used (for example, AOC-SIMSO+). The presence of IPMI BMC on the Supermicro board is indicated by the letter F, for example: X8DTi and X8DTi-F, and the price difference does not exceed $50, which is already an obvious answer to the question “is it necessary or not,” because external IP-KVM will cost you much more. Installing a regular KVM and every time you need to reinstall or reflash something, going to the server room is also not an option, it’s a waste of time, because your server may be located tens or hundreds of kilometers away, and, in the end, it’s just inconvenient.
4) What does this look like in practice?
IPMI can be accessed either through IPMIView (a specialized utility in Java, there are assemblies for Windows and Linux) or through a regular browser (when connected to the graphical console, an additional java application will launch).
Let's take a look at IPMIView. To begin with, you can configure the IPMI ethernet port in the BIOS: the default is DHCP, but you can manually set the required IP/mask/gateway, VLAN tag (it is better to separate all stung management into a separate subnet for reasons of security and convenience).
Launch IPMIView and find required server(you can scan a range of addresses for the presence of IPMI), the default login/password is ADMIN/ADMIN.

• Graceful shutdown- simulates a quick press Power buttons, so that the OS can correctly turn off the power on its own.
• Power Cycle- this is a Graceful shutdown followed by power on
• Reset And Power Up speak for themselves
• Power Down- hard shutdown, with a long press of the Power button

Network settings can be changed if necessary on the BMC Setting tab (remember that you can mistakenly lose remote access to the server). By the way, about remote access: the following ports are used (they will need to be forwarded through NAT or provide a way to access the management network, for example, through a VPN):
TCP:

• HTTP: 80
• HTTPS: 443
• 5901 - needed for a graphical console
• 5900 - HID, virtual keyboard/mouse traffic
• 5120 - virtual CD/DVD drive traffic
• 5123 - virtual FDD traffic

• IPMI: 623

On the tab KVM Console you can see the most useful thing - the graphical server console. There are also buttons for taking a screenshot, managing virtual media (Virtual Media), going to full screen mode and an additional soft keyboard. Why is it needed if there is a hardware room? For various key combinations that for some reason cannot be sent to the server from a hardware keyboard, for example the classic Ctrl+Alt+Delete.

1. If you have an LSI controller, then you are familiar with the mouse-oriented LSI Webbios interface. So: the mouse in Webbios via IPMI does not work in modern Supermicro boards, this is due to the fact that Webbios is designed for a PS/2 mouse, and IPMI emulates USB mouse. In the FAQ section technical support Supermicro is considering this issue, but the recommendations do not help. You have to use only the keyboard, which is not very convenient, because... Not all items can be navigated using Tab - you need combinations with Alt, which can only be processed through the Soft Keyboard.
2. 
   Switching layouts in WinPE 3.0 does not work. So build WinPE from English layout, to do this you need to add the following command to the build script after mounting the Wim image:
   Dism /image:C:\winpe64\mount /Set-InputLocale:1033:00000409 "C:\winpe64\mount" - image mount point.
   If you wish, you can change the locale and interface language at the same time - see the documentation for WinPE.
3. For non-Windows OS, change the cursor synchronization mode from absolute to relative.

You can either redirect the local drive or connect the image, which is much more convenient. For the corresponding device to appear in boot menu The BIOS may need to be rebooted.
P.S. How to reset IPMI password? Only using the console utility ipmicfg. Available in versions for DOS, Windows and Linux. Running ipmicfg -fd resets all settings and sets the login/password of a user with administrative rights to the standard ADMIN/ADMIN.
Update from 04/18/2010. At some point, after the next Java updates, an attempt to mount an iso image in IPMIView began to cause it to crash (Windows 7 64bit with the latest updates). A new release of IPMIView has been released (build 110412 dated April 12). I have not yet checked whether this bug is fixed there, since you can use the console launch via the web interface.

Go to the tab Remote Control, click Launch Console and get it in a separate window Redirection Viewer, similar in functionality to the console in IPMIView. It’s worth adding that the web interface does not make it easier to access the console from an external network - Redirection Viewer is not a Java applet, but a separate Java application and uses the same ports for video, HID and virtual drives: 5900, 5901, 5120, 5123.
P.S. from 01.12.2011. Additional article: FreeIPMI.
P.S. from 06.10.2013. Similar.
P.S. from 11/10/2013.
P.S. dated June 20, 2014. Again .