https://blog.yelvlab.cn/archives/627/
IPMITOOL来由
IPMI是智能型平台管理接口(Intelligent Platform Management Interface)的缩写,是管理基于 Intel结构的企业系统中所使用的外围设备采用的一种工业标准,该标准由英特尔、惠普、NEC、美国戴尔电脑和SuperMicro等公司制定。用户可以利用IPMI监视服务器的物理健康特征,如温度、电压、风扇工作状态、电源状态等。而且更为重要的是IPMI是一个开放的免费标准,用户无需为使用该标准而支付额外的费用。
IPMITOOL原理
IPMI的核心是一个专用芯片/控制器(叫做服务器处理器或基板管理控制器(BMC)),其并不依赖于服务器的处理器、BIOS或操作系统来工作,可谓非常地独立,是一个单独在系统内运行的无代理管理子系统,只要有BMC与IPMI固件其便可开始工作,而BMC通常是一个安装自爱服务器主板上的独立的板卡,现在也有服务器主板提供对IPMI支持的。IPMI良好的自治特性便克服了以往基于操作系统的管理方式所受的限制,例如操作系统不响应或未加载的情况下其仍然可以进行开关机、信息提取等操作。
简单来说可以实现用命令行的方式操控
IPMITOOL使用
安装
-
ubuntu下安装
apt install ipmitool -y
-
验证
root@F1-158:~# ipmitool -V ipmitool version 1.8.18
报错
如果出现如下错误Could not open device at /dev/ipmi0 or /dev/ipmi/0 or/dev/ipmidev/0: No such file or directory
,那么就是模块没正常加载,需要手动加载
查看先关模块是否加载(可以看出模块未加载)
# lsmod |grep ^ipmi
加载以下模块
# modprobe ipmi_watchdog
# modprobe ipmi_poweroff
# modprobe ipmi_devintf
# modprobe ipmi_si 加载该模块如果没有不影响ipmi的使用(与系统版本有关)
# modprobe ipmi_msghandler 加载该模块如果没有不影响ipmi的使用
简单使用
查看ipmitool版本
root@F1-158:~# ipmitool -V
ipmitool version 1.8.18
查看ipmitool帮助
root@F1-158:~# ipmitool -h
ipmitool version 1.8.18
usage: ipmitool [options...] <command>
-h This help
-V Show version information
-v Verbose (can use multiple times)
-c Display output in comma separated format
-d N Specify a /dev/ipmiN device to use (default=0)
-I intf Interface to use
-H hostname Remote host name for LAN interface
-p port Remote RMCP port [default=623]
-U username Remote session username
-f file Read remote session password from file
-z size Change Size of Communication Channel (OEM)
-S sdr Use local file for remote SDR cache
-D tty:b[:s] Specify the serial device, baud rate to use
and, optionally, specify that interface is the system one
-4 Use only IPv4
-6 Use only IPv6
-a Prompt for remote password
-Y Prompt for the Kg key for IPMIv2 authentication
-e char Set SOL escape character
-C ciphersuite Cipher suite to be used by lanplus interface
-k key Use Kg key for IPMIv2 authentication
-y hex_key Use hexadecimal-encoded Kg key for IPMIv2 authentication
-L level Remote session privilege level [default=ADMINISTRATOR]
Append a '+' to use name/privilege lookup in RAKP1
-A authtype Force use of auth type NONE, PASSWORD, MD2, MD5 or OEM
-P password Remote session password
-E Read password from IPMI_PASSWORD environment variable
-K Read kgkey from IPMI_KGKEY environment variable
-m address Set local IPMB address
-b channel Set destination channel for bridged request
-t address Bridge request to remote target address
-B channel Set transit channel for bridged request (dual bridge)
-T address Set transit address for bridge request (dual bridge)
-l lun Set destination lun for raw commands
-o oemtype Setup for OEM (use 'list' to see available OEM types)
-O seloem Use file for OEM SEL event descriptions
-N seconds Specify timeout for lan [default=2] / lanplus [default=1] interface
-R retry Set the number of retries for lan/lanplus interface [default=4]
Interfaces:
open Linux OpenIPMI Interface [default]
imb Intel IMB Interface
lan IPMI v1.5 LAN Interface
lanplus IPMI v2.0 RMCP+ LAN Interface
free FreeIPMI IPMI Interface
serial-terminal Serial Interface, Terminal Mode
serial-basic Serial Interface, Basic Mode
dummy Linux DummyIPMI Interface
usb IPMI USB Interface(OEM Interface for AMI Devices)
Commands:
raw Send a RAW IPMI request and print response
i2c Send an I2C Master Write-Read command and print response
spd Print SPD info from remote I2C device
lan Configure LAN Channels
chassis Get chassis status and set power state
power Shortcut to chassis power commands
event Send pre-defined events to MC
mc Management Controller status and global enables
sdr Print Sensor Data Repository entries and readings
sensor Print detailed sensor information
fru Print built-in FRU and scan SDR for FRU locators
gendev Read/Write Device associated with Generic Device locators sdr
sel Print System Event Log (SEL)
pef Configure Platform Event Filtering (PEF)
sol Configure and connect IPMIv2.0 Serial-over-LAN
tsol Configure and connect with Tyan IPMIv1.5 Serial-over-LAN
isol Configure IPMIv1.5 Serial-over-LAN
user Configure Management Controller users
channel Configure Management Controller channels
session Print session information
dcmi Data Center Management Interface
nm Node Manager Interface
sunoem OEM Commands for Sun servers
kontronoem OEM Commands for Kontron devices
picmg Run a PICMG/ATCA extended cmd
fwum Update IPMC using Kontron OEM Firmware Update Manager
firewall Configure Firmware Firewall
delloem OEM Commands for Dell systems
shell Launch interactive IPMI shell
exec Run list of commands from file
set Set runtime variable for shell and exec
hpm Update HPM components using PICMG HPM.1 file
ekanalyzer run FRU-Ekeying analyzer using FRU files
ime Update Intel Manageability Engine Firmware
vita Run a VITA 46.11 extended cmd
lan6 Configure IPv6 LAN Channels
查看BMC信息
root@F1-158:~# ipmitool mc info
Device ID : 32
Device Revision : 1
Firmware Revision : 4.32
IPMI Version : 2.0
Manufacturer ID : 674
Manufacturer Name : DELL Inc
Product ID : 256 (0x0100)
Product Name : Unknown (0x100)
Device Available : yes
Provides Device SDRs : yes
Additional Device Support :
Sensor Device
SDR Repository Device
SEL Device
FRU Inventory Device
IPMB Event Receiver
Bridge
Chassis Device
Aux Firmware Rev Info :
0x00
0x15
0x0a
0x00
用户管理
说明:[ChannelNo] 字段是可选的,ChannoNo为1、2或8;BMC默认有2个用户:user id为1的匿名用户,user id为2的admin用户;<>字段为必选内容;:2为User权限,3为Operator权限,4为Administrator权限
- 查看用户信息:
ipmitool user list [ChannelNo] # ipmitool user list 1
- 添加用户:
ipmitool user set name <user id> <username> # ipmitool user set name 3 xh
- 查看用户权限:
# ipmitool channel getaccess 1 3
- 设置用户权限:
ipmitool channel setaccess [ChannelNo] <user id>[callin=on|off] [ipmi=on|off] <div class="list-group list-group-lg list-group-sp row" style="margin: 0"></div> [privilege=level] # ipmitool channel setaccess 1 3 callin=off ipmi=on link=onprivilege=4
- 设置用户密码:
ipmitool user set password <user id> <password> # ipmitool user set password 3 123456
- 启用/禁用用户:
禁用用户后登入会报错:Invalid Authentication(无效认证)ipmitool user enable/disable <user id> # ipmitool disable user 3
IP网络设置
说明:[ChannelNo] 字段是可选的,ChannoNo为1(Share Nic网络)或者8(BMC独立管理网络);设置网络参数,必须首先设置IP为静态,然后再进行其他设置;
- 查看网络信息:
ipmitool lan print [ChannelNo] # ipmitool lan print 1
- 修改IP为静态还是DHCP模式:
ipmitool lan set <ChannelNo> ipsrc<static/dhcp> # ipmitool lan set 1 ipsrc dhcp
- 修改IP地址:
ipmitool lan set <ChannelNo> ipaddr <IPAddress> # ipmitool lan set 1 ipaddr 192.168.2.60
- 修改子网掩码:
ipmitool lan set <ChannelNo> netmask <NetMask> # ipmitool lan set 1 netmask 255.255.0.0
- 修改默认网关:
ipmitool lan set <ChannelNo> defgw ipaddr <Gateway > # ipmitool lan set 1 defgw ipaddr 192.168.2.1
SEL日志查看
# ipmitool sel list
查看SEL日志详情
# ipmitool sel elist
SDR,Sensor信息查看
- 查看SDR Sensor信息:
# ipmitool sdr
- 查看Sensor信息:
# ipmitool sensor list 可以获得传感器ID号
- 查看某个Sensor的详情:
# ipmitool sensor get "CPU PVCCIO" 其中"CPUPVCCIO"是ID号,即传感器的名称
- 设置sensor(ID)监测项的各种限制值:
ipmitool sensor thresh <ID> <threshold><setting>
<threshold>可以是<lnr lcr lnc unc ucr unr>
unr = upper non-recoverable
ucr = upper critical
unc = upper non-critical
lnc = lower non-critical
lcr = lower critical
lnr = lower non-recoverable
<setting>表示设置的限制值
mc(管理单元BMC)状态和控制
- 查看BMC硬件信息:
# ipmitool mc info
- 使BMC重新启动:
# ipmitool mc reset <warm|cold> warm表示软重启;cold表示硬重启
远程操作
- 开启电源
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 power on
- 关闭电源
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 power off
- 重启电源
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 power reset
- 查看电源状态
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 power status
启动项相关:
- 设置为BIOS启动
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 chassis bootparam set bootflag force_bios
- 设置为pxe启动
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 chassis bootparam set bootflag force_pxe
- 设置为光盘启动
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 chassis bootparam set bootflag force_cdrom
- 设置为硬盘启动
ipmitool -I lanplus -H 服务器IP -U 远程console用户 -P 远程console密码 chassis bootparam set bootflag force_disk