wikiIPMI Analyse mit openipmish
Zur Navigation springen
Zur Suche springen
IPMI bietet umfangreiche Möglichkeiten zur Hardware-Überwachung. Mit dem Linux ipmitool können Sie Sensoren abfragen, Server remote einschalten oder auch IPMI konfigurieren. Für eine detaillierte Analyse bzw. für ein ausführliches Debugging eignet sich allerdings ein weiteres Tool. In diesem Artikel beschreiben wir wie Sie unter Linux mit openipmish IPMI im Detail analysieren. Ein konkretes Beispiel finden Sie im Artikel Detaillierte Analyse eines IPMI Sensors.
Installation
openipmish ist Bestandteil von OpenIPMI, das bereits bei den meisten Linux Distributionen direkt enthalten ist. Unter Debian/Ubuntu installieren Sie OpenIPMI einfach mit
apt-get install openipmi
Grundlagen
openipmish ist ein Shell Interface zu einem IPMI System. Hilfetexte zur Bedienung und den Funktionen bekommen Sie direkt nach dem Start von openipmish mit dem Kommando help:
user@ubuntu:~$ openipmish
> help
help
domain - Commands dealing with domains
con - Commands dealing with connections
entity - Commands dealing with entities
mc - Commands dealing with MCs
pet - Commands dealing with Platform Event Traps (PETs)
lanparm - Commands dealing with LAN Parameters (lanparms)
solparm - Commands dealing with SOL Parameters (solparms)
fru - Commands dealing with FRUs
pef - Commands dealing with PEF Parameters (pefs)
sensor - Commands dealing with sensors
control - Commands dealing with controls
sel - Commands dealing with the SEL
evinfo true | false - Enable/disable printing info about the object when an
event is reported on it (such as entity info, domain info, etc.)
debug <type> true | false - Turn on/off the specific debugging. The
debugging types are: msg, rawmsg, events, con0, con1, con2, con3. This is
primarily for designers of OpenIPMI trying to debug problems.
redisp_cmd on|off - If an asynchronous event comes in, redisplay the current
working command. This is on by default.
exit - leave the program
read <file> - Read commands from the file and execute them
>
Verbindung zu einem IPMI BMC aufbauen
Eine Verbindung zu einem IPMI BMC können Sie über das domain Unterkommando aufbauen. Im folgenden Beispiel zeigen wir eine Verbindung über einen IPMI LAN Channel:
> domain list Domains > domain open dom1 lan -U ADMIN -P ADMIN 10.10.10.75 Event Object Type: Domain Name: dom1 Operation: Add > INFO: dom1 0 ipmi_lan.c(connection_up): Connection 0 to the BMC is up INFO: dom1 0 ipmi_lan.c(connection_up): Connection to the BMC restored Event Object Type: Domain Name: dom1 Operation: Connection Change Connection Number: 0 Port Number: 0 Any Connection Up: true Error: 0 Domain Created: dom1 Event Object Type: Domain Name: dom1 Operation: Connection Change Connection Number: 0 Port Number: 0 Any Connection Up: true Error: 0 Event Object Type: MC Name: dom1(0.20) Operation: Add [...] Event Object Type: MC Name: dom1(0.20) Operation: Change [...] Event Object Type: MC Name: dom1(0.20) Operation: Active Changed Active: true [...] Event Object Type: MC Name: dom1(0.20) Operation: Fully Up Event Object Type: Domain Domain: dom1 Operation: Domain fully up >
Die Domain steht nun zur Verfügung:
> domain list Domains Name: dom1 >
weitere Optionen
Mit dem Unterkommando help domain bekommen Sie ausführliche Informationen zu den möglichen Optionen für einen Verbindungsaufbau:
> help domain
domain - Commands dealing with domains
list - List all the domains in the system
info <domain> - Dump information about a domain
new Obsolete, use domain open
open <domain name> [<options>] <domain parms> [<domain parms>]- Set up a new
domain using an argument parser. Format for the connection's <domain parms>
depends on the connections type. Two connections (to two different MCs) can
be done by specifying two sets of parms. Connections types are:
smi
smi <num>
where the <num> is the IPMI device number to connect to.
lan
lan [-U <username>] [-P <password>] [-p[2] port] [-A <authtype>]
[-L <privilege>] [-s] [-Ra <auth alg>] [-Ri <integ alg>]
[-Rc <conf algo>] [-Rl] [-Rk <bmc key>] [-H <hackname>]
[-M <max outstanding msgs>] <host1> [<host2>]
If -s is supplied, then two host names are taken (the second port
may be specified with -p2). Otherwise, only one hostname is
taken. The defaults are an empty username and password (anonymous),
port 623, admin privilege, and authtype defaulting to the most
secure one available.
privilege is one of: callback, user, operator, admin, or oem. These
select the specific commands that are available to the connection.
Higher privileges (ones further to the right in the above list) have
more commands available to them.
authtype is one of the following: rmcp+, md5, md2, straight, or none.
Setting this to anything but rmcp+ forces normal rmcp
authentication. By default the most secure method available is
chosen, in the order given above.
For RMCP+ connections, the authentication algorithms supported (-Ra)
are: bmcpick, rakp_none, rakp_hmac_sha1, and rakp_hmac_md5. The
integrity algorithms (-Ri) supported are: bmcpick, none, hmac_sha1,
hmac_md5, and md5. The confidentiality algorithms (-Rc) are: bmcpick,
aes_cbc_128, xrc4_128, and xrc_40. The defaults are
rackp_hmac_sha1, hmac_sha1, and aes_cb_128. -Rl turns on lookup up
names by the name and the privilege level (allowing the same name with
different privileges and different passwords), the default is straight
name lookup. -Rk sets the BMC key, needed if the system does two-key
lookups. The -M option sets the maximum outstanding messages.
The default is 2, ranges 1-63.
The -H option enables certain hacks for broken platforms. This may
be listed multiple times to enable multiple hacks. The currently
available hacks are:
intelplus - For Intel platforms that have broken RMCP+.
rakp3_wrong_rolem - For systems that truncate role(m) in the RAKP3 msg.
rmcpp_integ_sik - For systems that use SIK instead of K(1) for integrity.
Options are:
-[no]all - all automatic handling
-[no]sdrs - sdr fetching
-[no]frus - FRU fetching
-[no]sel - SEL fetching
-[no]ipmbscan - IPMB bus scanning
-[no]oeminit - special OEM processing (like ATCA)
-[no]seteventrcvr - setting event receivers
-[no]activate - connection activation
-[no]localonly - Just talk to the local BMC, (ATCA-only, for blades)
-wait_til_up - wait until the domain is up before returning
close <domain> - Close the domain
fru <domain> <is_logical> <device_address> <device_id> <lun> <private_bus>
<channel> - Fetch FRU data with the given parms
msg <domain> <channel> <ipmb> <LUN> <NetFN> <command> [data...] - Send a
message to the given address
scan <domain> <channel> <ipmb addr> [ipmb addr] - scan an IPMB to add or
remove it. If a range is given, then scan all IPMBs in the range
presence <domain> - Check the presence of all entities in the domain
sel_rescan_time <domain> <time in seconds> - Set the time between SEL rescans
for all SELs in the domain. Zero disables scans.
rescan_sels <domain> - Rescan all the SELs in the domain
ipmb_rescan_time <domain> <time in seconds> - Set the time between IPMB
rescans for this domain. zero disables scans.
stats <domain> - Dump all the domain's statistics
>
mc Operationen
mc list
> mc list
Domain
Name: dom1
MCs
Name: dom1(0.20)
>
mc info
> mc info dom1(0.20)
MC
Name: dom1(0.20)
Active: true
GUID: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
SEL Rescan Time: 10
provides_device_sdrs: false
device_available: false
chassis_support: true
bridge_support: false
ipmb_event_generator: true
ipmb_event_receiver: true
fru_inventory_support: true
sel_device_support: true
sdr_repository_support: true
sensor_device_support: true
device_id: 0x20
device_revision: 1
fw_revision: 1.30
version: 2.0
manufacturer_id: 0xb980
product_id: 0x605
aux_fw_revision: 0x00 0x00 0x00 0x00
>
mc sel_info
> mc sel_info dom1(0.20) MC Name: dom1(0.20) SEL Version: 1.0 SEL Count: 0 SEL Slots Used: 0 SEL Free Bytes: 10240 SEL Last Addition Timestamp: -1 SEL overflow: false SEL Supports Delete: false SEL Supports Partial Add: false SEL Supports Reserve: true SEL Supports Get SEL Allocation: true >
mc sdrs
Mit mc sdrs können Sie einzelne Sensor Data Repositories im Detail analysieren. Informationen zur Bedeutung der einzelnen Datenfelder finden Sie in der IPMI Spezifikation (siehe IPMI Grundlagen -> Einzelnachweise).
Hinweis: Bei dieser Abfrage kann es einige Sekunden dauern bis eine Ausgabe kommt nachdem Sie das Kommando abgesetzt haben.
> mc sdrs dom1(0.20) main
> MC
Name: dom1(0.20)
SDR
Record ID: 4
Type: 1
Version: 1.5
Data: 0x20 0x00 0x11 0x07 0x1c 0x7d 0x68 0x01
0x01 0x95 0x7a 0x95 0x7a 0x3f 0x3f 0x00
0x01 0x00 0x00 0x64 0x00 0x80 0xc0 0x00
0xe2 0x07 0xa0 0xba 0x96 0xff 0x00 0xd0
0xc6 0xbc 0x80 0x8a 0x94 0x02 0x02 0x00
0x00 0x00 0xcb 0x53 0x79 0x73 0x74 0x65
0x6d 0x20 0x54 0x65 0x6d 0x70
SDR
Record ID: 71
Type: 1
Version: 1.5
Data: 0x20 0x00 0x12 0x07 0x01 0x7f 0x68 0xc0
0x70 0x10 0x00 0x10 0x00 0xff 0x7f 0xc0
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0xc8 0x43 0x50 0x55 0x20 0x54
0x65 0x6d 0x70
SDR
Record ID: 406
Type: 1
Version: 1.5
Data: 0x20 0x00 0x45 0x07 0x21 0x7d 0x68 0x04
0x01 0x95 0x7a 0x95 0x7a 0x3f 0x3f 0x00
0x12 0x00 0x00 0xb9 0x00 0x00 0xc0 0x00
0x01 0x07 0x80 0xaa 0x14 0xff 0x00 0xb2
0xaf 0xac 0x10 0x11 0x12 0x01 0x01 0x00
0x00 0x00 0xc5 0x46 0x41 0x4e 0x20 0x35
[...]
SDR
Record ID: 1612
Type: 192
Version: 1.5
Data: 0x57 0x01 0x00 0x0d 0x01 0x88 0x00 0x1d
0x1e 0x1f 0x20
Total Size: 905
>
 |
Autor: Werner Fischer Werner Fischer arbeitet im Product Management Team von Thomas-Krenn. Er evaluiert dabei neueste Technologien und teilt sein Wissen in Fachartikeln, bei Konferenzen und im Thomas-Krenn Wiki. Bereits 2005 - ein Jahr nach seinem Abschluss des Studiums zu Computer- und Mediensicherheit an der FH Hagenberg - heuerte er beim bayerischen Server-Hersteller an. Als Öffi-Fan nutzt er gerne Bus & Bahn und genießt seinen morgendlichen Spaziergang ins Büro.
|
Das könnte Sie auch interessieren
Detaillierte Analyse eines IPMI Sensors
IPMI Fan Sensor meldet Lower Non-Recoverable Fehler
Supermicro IPMI Product IDs
