IPMI: An agentless approach to better server management
There are an abundance of technologies and products available at the operating system level to help network managers maximize uptime of their servers, but these typically come with a high purchase and/or operational cost. In response, manufacturers and standards organizations have been working hard to develop common management standards that can help. The Intelligent Platform Management Interface (IPMI) is one key open standard that is most likely included with your server today. It runs on a dedicated chip/controller known as a BMC (Baseboard Management Controller).
When considering server software management, typical solutions have tended to focus on loading agents on the Operating System of the server. This is sometimes referred to as ‘Agent-Based’. A complementary and additional approach is to consider exploiting agentless management. One standard that is used at hardware level is IPMI. IPMI, utilizing a BMC, defines how administrators monitor system hardware and sensors, control system components and retrieve logs of important system events to conduct remote management and recovery. IPMI monitors hardware health conditions like temperature, fan, voltage, hardware errors (memory, network, etc.) and chassis intrusion.
Introduced in 1998, IPMI was created by the IPMI forum - an industry-wide initiative that today has over 170 vendors – including Avocent. They work together to continually update and implement this hardware management specification for servers and other systems such as storage devices, network and telecommunications equipment. In it’s third major release, IPMI 2.0, includes enhancements to, among others, Security, VLAN and Blade support.
Because IPMI operates independent of the operating system, when sending commands to the BMC over IP, it provides administrators with the ability to monitor, manage, diagnose and recover systems, even if the operating system has hung or the server is powered down. IPMI also includes alert notification and recovery capabilities that enables an administrator to monitor and react before hardware problems occur. IPMI’s hardware monitoring features also provides additional levels of security. Chassis intrusions can be detected by configuring IPMI to detect if the server has been opened. And, the use of multi-layer privileges and passwords together with authentication and on-the-wire encryption lets IT managers allow or deny access to specific IPMI features securely.
Agentless technologies and standards like IPMI are easy to exploit as they generally come pre-integrated within the server or device. And best of all, they are free. They also fill the gap left by Agent-based management by being available even if the OS has hung. In this way, they are very complementary to your existing management toolkit. For effective server management you need both agent-based on agentless approaches.
How IPMI works
The foundation of IPMI lies in specialized firmware that runs on a dedicated chip/controller – sometimes referred to as a Service Processor or BMC (Baseboard Management Controller) that is typically on the system motherboard, or blade. This approach creates an agentless management subsystem that runs separately within the system - independent of the type or condition of CPUs, the BIOS and the OS. These ‘autonomous’ characteristics remove limitations encountered with all OS-dependent management agents (agent-based approach), such as when the OS is not responding or is not loaded. And because IPMI is almost always pre-integrated, the cost-to-benefit ratio for using IPMI offers a great opportunity for IT shops to control costs.
All IPMI functions are accomplished by sending commands to the BMC over IP, using standardized instructions identified in the specification. The IPMI firmware receives and logs event messages in the System Event Log (SEL), and maintains a Sensor Data Record (SDR) that describes the sensors in a system.
When remote access to the system text console is required, the Serial Over LAN (SOL) feature can be very useful. SOL redirects the local serial interface over an IPMI Session allowing remote access to the Emergency Management Console (EMS) Special Administration Console (SAC) for Windows, or to the LINUX serial console. This is accomplished by the IPMI firmware intercepting the data, then resending this information destined for the serial port over the LAN. This offers a standard way to remotely view the BOOT, OS Loader or Emergency Management consoles, irrespective of vendor, to diagnose and repair server-related issues. It also allows configuration of various components during the BOOT phase.
Administrators can also use IPMI to proactively monitor the health of components so as to ensure pre-set thresholds, for example server temperatures, are not exceeded. This aids IT in maintaining uptime by avoiding unscheduled outages. Remember that IPMI’s autonomous implementation allows it to function no matter the condition of other devices or components (so long as the NIC is working and power is available within the server). Messages can be sent to dispatch technicians while IPMI is able to monitor and control other system components to minimize overall system impact. IPMIs predictive failure capabilities aid in IT lifecycle management as well. By examining the System Event Log (SEL), predicting failing components can be more easily determined.
Benefits of IPMI
- Offers agentless management - no OS agents need to be purchased, configured or installed
- Remote reboot, power on/off to avoid costly site visits
- Remote recovery capabilities (using the existing LAN connection) regardless of system state
- Hardware health monitoring that aids predictive failure analysis
- Tamper resistant and crash proof and for ‘always-on’ 24/7 availability
- Reduces Mean-Time-To-Repair (MTTR) by allowing ‘diagnose-before-dispatch’
- Interoperable with the existing management tools and appliances
- Supported by the major server vendors
- Lowers your management costs as it’s free with many servers!
Avocent management of IPMI : MergePoint® 5200 Management Gateway Appliance
The MergePoint 5200 management gateway appliance enables IT professionals to conduct secure, remote server management from anywhere in the world. The appliance makes use of embedded server management technologies known as service processors - including Baseboard Management Controllers (BMCs) - that support the Intelligent Platform Management Interface (IPMI).
With the MergePoint 5200 appliance, IT administrators can access the server’s Serial over LAN (SoL) console. It can also monitor and control server power management and system health, including temperature, fan and voltage. The MergePoint 5200 appliance complements existing IPMI functionality with management features such as SoL data logging, IPMI provisioning and service processor auto discovery – all without installing new tools.
The appliance also provides integrated support for other service processors such as Dell Remote Access Cards (DRAC) and HP Integrated Lights Out (iLO), enabling multi-vendor server management support. When used in conjunction with DSView® 3 management software, the MergePoint 5200 appliance provides essential server coverage, which complements the overall out-of-band management infrastructure.
- Enables logical consolidation of service processors (IPMI, DRAC and iLO)
- Provides easy-to-use IPMI provisioning capabilities
- Streamlines server access for deployment, management and troubleshooting
- Reduces downtime and speed problem resolution by proactively viewing Serial over LAN (SoL) history, server hardware health using the server event log, and sensor and hardware inventory information
- Lowers the cost and complexity of remote power control by eliminating the need for an externally- managed power unit
- Reduces the number of management consoles by using DSView 3 software to monitor and manage hundreds of IPMI servers via multiple MergePoint 5200 appliances