Technische Universität Braunschweig
  • Study & Teaching
    • Beginning your Studies
      • Prospective Students
      • Degree Programmes
      • Application
      • Fit4TU
    • During your Studies
      • Freshmen-Hub
      • Term Dates
      • Information for Freshman
      • Practical Information
      • Additional Qualifications
      • Financing and Costs
      • Special Circumstances
      • Campus life
    • At the End of your Studies
      • Discontinuation and Credentials Certification
      • After graduation
      • Alumni
    • For Teaching Staff
      • Strategy, Offers and Information
      • Learning Management System Stud.IP
      • Team Teaching and Media Education
    • Contact
      • Student Advice Centre
      • Academic Advice Service
      • Admissions Office
  • Research
    • Research Profile
      • Core Research Areas
      • Clusters of Excellence
      • Research Projects
      • Research Centres
    • Early Stage Researchers
      • Promotion of early career scientists
      • PhD-Students
      • Postdocs
      • Junior research group leaders
      • Junior Professorship and Tenure-Track
      • Habilitation
      • Service Offers for Scientists
    • Research Data & Transparency
      • Transparency in Research
      • Research Data
      • Open Access Strategy
      • Digital Research Announcement
    • Research Funding
      • Research funding
    • Contact
      • Research Services
      • Academy for Graduates
  • International
    • International Students
      • Why Braunschweig?
      • Degree seeking students
      • Exchange Studies
      • Doctorate (PhD)
      • Refugee Students
      • Welcome Programme
      • TU Braunschweig Summer School
    • Scientists
      • Mobile Researchers at the TU Braunschweig
      • Research Services and European Office
    • Language and intercultural competence training
      • Learning German
      • Intercultural Communication
    • International Profile
      • Internationalisation
      • International Cooperation
    • International House
      • Information for first semester students
      • Contact
      • News and Events
      • Advisory Services
      • Location
      • About us
  • TU Braunschweig
    • Our Profile
      • Aims & Values
      • Regulations and Guidelines
      • Alliances & Partners
      • Facts & Figures
      • Our History
    • Career
      • Working at TU Braunschweig
      • Vacancies
    • Economy & Business
      • Knowledge and Technology Transfer
      • Entrepreneurship
    • General Public
      • Access to the University Library
    • Media Services
      • Communications and Press Service
      • Communications and Press Service
      • Film and photo permits
      • Advices for scientists
      • Topics and stories
    • Contact
      • General Contact
      • Getting here
  • Organisation
    • Presidency & Administration
      • Presidency
      • Designated Offices
      • Administration
      • Committees
    • Faculties
      • Carl-Friedrich-Gauß-Fakultät
      • Faculty of Life Sciences
      • Architecture, Civil Engineering and Environmental Sciences
      • Faculty of Mechanical Engineering
      • Fakultät für Elektrotechnik, Informationstechnik, Physik
      • Faculty of Humanities and Studies in Education
    • Institutes
      • Institutes from A to Z
    • Facilities
      • University Library
      • Gauß-IT-Zentrum
      • International House
      • Sports Centre
      • Facilities from A to Z
    • Equal Opportunity Office
      • Equal Opportunity Office
      • Family
      • Diversity for Students
  • Search
  • Quicklinks
    • People Search
    • Webmail
    • Campus map
    • CloudStorage
    • Messenger
    • Cafeteria
    • Courses
    • Stud.IP
    • Library Catalogue
    • IT Self-Service
    • Information Portal (employees)
    • Link Collection
    • DE
    • EN
    • IBR Twitter
    • IBR YouTube
    • Facebook
    • Twitter
    • Instagram
    • YouTube
    • LinkedIn
Menu
  • Technische Universität Braunschweig
  • Organisation
  • Faculties
  • Carl-Friedrich-Gauß-Fakultät
  • Institutes
  • Institute of Operating Systems and Computer Networks
Logo IBR
IBR Login
  • Institute of Operating Systems and Computer Networks
    • News
    • About us
      • Whole Team
      • Directions
      • Floor Plan
      • Projects
      • Publications
      • Software
      • News Archive
    • Connected and Mobile Systems
      • Team
      • Courses
      • Theses
      • Projects
      • Publications
      • Software
      • Datasets
    • Distributed Systems
      • Team
      • Courses
      • Theses
      • Projects
      • Publications
      • Software
    • Algorithms
      • Team
      • Courses
      • Theses
      • Projects
      • Publications
    • Microprocessor Lab
    • Education
      • Winter 2023/2024
      • Summer 2023
      • Winter 2022/2023
      • Theses
    • Services
      • Library
      • Mailinglists
      • Webmail
      • Knowledge Base
      • Wiki
      • Account Management
      • Services Status
    • Spin-Offs
      • Docoloc
      • AIPARK
      • Confidential Technologies
    • Research Cooperations
      • IST.hub

IBR Server Management

AuthorFrank Steinberg
Keywordsnetwork
CategoriesAdministrivia

Remote management of our servers is mainly based on

  • SSH to access running operation systems (hostname.ibr.cs.tu-bs.de),
  • IPMI to access management controllers (hostname.mgmt.ibr.cs.tu-bs.de), this includes power control and Serial-over-LAN (SOL) console access
  • iDRAC to access DELL management controllers via Web (https://hostname.mgmt.ibr.cs.tu-bs.de)
  • Libvirt to manage our KVM virtual machines on kvm1..kvm4

Machines (physical or virtual) may be maintained

  • only by IBR admins. These hosts may be attached to the VLAN ibr-core and be regarded "trusted" in some sense, e.g. as NFSv3 clients with less strict authentication policies.
  • by IBR fellows. These hosts are usually attached to the VLAN ibr-misc, but never to ibr-core. Usually, IBR admins should also be given root access, e.g. by ~root/.ssh/authorized_keys.

IPMI

The tool ibr-ipmi allows all users to read some information, e.g.:
ibr-ipmi knecht power status

Host supervisors have some more priviledges, e.g.:
ibr-ipmi knecht power on

Host supervisors can use IPMI "serial-over-lan" (SOL) to connect to the serial console:
ibr-console x12
Of course, this requires the host to have getty running on the serial line and the BIOS to be configured for console redirection to SOL.

The following examples require IPMI access credentials and permissions, i.e. the authorization of ibr-ipmi does not work for them. Look for IPMI documentation to get more details.

Get a list of available IPMI commands:
ipmitool -I lanplus -H cloud1.mgmt.ibr.cs.tu-bs.de -U root -f ~/.ipmipw

Power status:
ipmitool -I lanplus -H cloud1.mgmt.ibr.cs.tu-bs.de -U root -f ~/.ipmipw power status

Get a serial console connection (SOL):
ipmi-console -h x11.mgmt.ibr.cs.tu-bs.de -u root -P

SOL requires BIOS settings to connect COM1 to the BMC and some more IPMI settings:
ipmitool sol set privilege-level admin 1
ipmitool sol set non-volatile-bit-rate 115.2 1
ipmitool sol set volatile-bit-rate 115.2 1
ipmitool sol set force-encryption true 1
ipmitool sol set force-authentication true 1
ipmitool sol set enabled true 1
ipmitool sol payload enable 1

A symlink to TEMPLATE in /ibr/adm/fai/config/files/etc/init/ttyS0.conf may be used on FAI-maintained hosts to establish a serial console login.

IPMI BMC configuration

root@x1:~# ipmitool lan print
Set in Progress         : Set Complete
Auth Type Support       : NONE MD2 MD5 PASSWORD 
Auth Type Enable        : Callback : MD2 MD5 
                        : User     : MD2 MD5 
                        : Operator : MD2 MD5 
                        : Admin    : MD2 MD5 
                        : OEM      : 
IP Address Source       : DHCP Address
IP Address              : 10.9.34.178
Subnet Mask             : 255.255.0.0
MAC Address             : 90:b1:1c:17:2f:78
SNMP Community String   : public
IP Header               : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10
BMC ARP Control         : ARP Responses Enabled, Gratuitous ARP Disabled
Gratituous ARP Intrvl   : 2.0 seconds
Default Gateway IP      : 10.9.0.1
Default Gateway MAC     : 00:00:00:00:00:00
Backup Gateway IP       : 0.0.0.0
Backup Gateway MAC      : 00:00:00:00:00:00
802.1q VLAN ID          : Disabled
802.1q VLAN Priority    : 0
RMCP+ Cipher Suites     : 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14
Cipher Suite Priv Max   : Xaaaaaaaaaaaaaa
                        :     X=Cipher Suite Unused
                        :     c=CALLBACK
                        :     u=USER
                        :     o=OPERATOR
                        :     a=ADMIN
                        :     O=OEM

root@x1:~# ipmitool lan set 1 vlan id 140  ## (only if VLAN on common eth0)

root@x1:~# ipmitool lan set 1 ipsrc dhcp

root@x1:~# ipmitool lan set 1 access on

root@x1:~# ipmitool user list 1
ID  Name	     Callin  Link Auth	IPMI Msg   Channel Priv Limit
2   root             true    true       true       ADMINISTRATOR

root@x1:~# ipmitool user set password 2
Password for user 2: XXXXX

root@x1:~# ipmitool user test 2 16
Password for user 2: XXXXX
Success

root@x1:~# ipmitool user priv 2 4 1

root@x1:~# ipmitool user enable 2

root@x1:~# ipmitool channel info 1
Channel 0x1 info:
  Channel Medium Type   : 802.3 LAN
  Channel Protocol Type : IPMB-1.0
  Session Support       : multi-session
  Active Session Count  : 0
  Protocol Vendor ID    : 7154
  Volatile(active) Settings
    Alerting            : disabled
    Per-message Auth    : disabled
    User Level Auth     : disabled
    Access Mode         : always available
  Non-Volatile Settings
    Alerting            : disabled
    Per-message Auth    : disabled
    User Level Auth     : disabled
    Access Mode         : always available

root@x1:~# ipmitool channel setaccess 1 2 callin=on ipmi=on link=on privilege=4

--- for IPMI prometheus/grafana monitoring:

root@x1:~# ipmitool user set username 3 monitoring

root@x1:~# ipmitool user set password 3
Password for user 3: XXXXX

root@x1:~# ipmitool user priv 3 2 1

root@x1:~# ipmitool user enable 3

root@x1:~# ipmitool channel setaccess 1 3 callin=on ipmi=on link=on privilege=2

    

BIOS settings

IBM x3650


last changed 2022-07-27, 11:03 by Frank Steinberg

For All Visitors

Vacancies of TU Braunschweig
Career Service' Job Exchange 
Merchandising

For Students

Term Dates
Courses
Degree Programmes
Information for Freshman
TUCard

Internal Tools

Glossary (GER-EN)
Change your Personal Data

Contact

Technische Universität Braunschweig
Universitätsplatz 2
38106 Braunschweig

P. O. Box: 38092 Braunschweig
GERMANY

Phone: +49 (0) 531 391-0

Getting here

© Technische Universität Braunschweig
ImprintPrivacyAccessibility