Skip to content

BMC access

BMC access

With OpenStack Ironic, the access model to the underlying hardware changes from the way it works currently when managing physical machines. With Ironic, Foreman is not aware of BMC credentials of the machine as Foreman itself does not distinguish if the node created with ai-bs is a physical or a virtual one.

In most cases when you have a proper image prepared and uploaded, you shouldn't need to access the BMC console as it is up to the Bare Metal Service to perform the whole installation process.

Nonetheless, if you still need to access the BMC console of a Physical Instance provisioned with OpenStack, you can get the BMC credentials via the OpenStack API, with the following command:

$ openstack console url show $YOUR_INSTANCE_NAME -f json

This will prompt you the BMC credentials that will allow you to access the remote console. It also outputs pre-formatted commands as shown below for convenience:

{
  "url": {
    "url": "https://cd6428773-490-1-ipmi.cern.ch",
    "username": "uuuuu",
    "password": "ppppp",
    "ipmitool_chassis_power_status": "ipmitool -I lanplus -U uuuuu -P ppppp -H cd6428773-490-1-ipmi.cern.ch chassis power status",
    "ipmitool_mc_reset_cold": "ipmitool -I lanplus -U uuuuu -P ppppp -H cd6428773-490-1-ipmi.cern.ch mc reset cold"
  },
  "type": "novnc"
}

This could be simplified to:

$ openstack console url show $YOUR_INSTANCE_NAME -f json | jq .url.ipmitool_mc_reset_cold | tr -d '"'
ipmitool -I lanplus -U uuuuu -P ppppp -H cd6428773-490-1-ipmi.cern.ch mc reset cold

More recent nodes do not rely on IPMI as the protocol to communicate with the BMCs anymore, but have moved to its designated successor called Redfish. The output of the above command changes for these nodes:

{
  "url": {
    "url": "https://dl7872442-253825-3-ipmi.cern.ch",
    "username": "uuuuu",
    "password": "ppppp",
    "system_id": "/redfish/v1/Systems/253825-3",
    "power_status": "rf_power_reset.py --user uuuuu --password ppppp --rhost https://dl7872442-253825-3-ipmi.cern.ch --info",
    "get_sel": "rf_logs.py --details --user uuuuu --password ppppp --rhost https://dl7872442-253825-3-ipmi.cern.ch",
    "power_reset": "rf_power_reset.py --user uuuuu --password ppppp --rhost https://dl7872442-253825-3-ipmi.cern.ch --type"

  }
  "type": "novnc"
}

The URL, username and password still allow you to access the console of the node, just as before. The commands to interact with a Redfish endpoint, however, change and require the installation of the Redfish Tacklebox:

$ pip3 install redfish_utilities

Please abstain yourself from executing IPMI power operations (power on, off, etc.) bypassing OpenStack. OpenStack nova will try to enforce the power state it has in its database, sometimes resulting in unexpected behaviours (e.g. if a node is powered off, and it gets powered on via IPMI or physically pressing the button, OpenStack nova will enforce the node to be down).

In case you need to power on/off the physical node, just use the openstack server start and openstack server stop commands.