mirror of
https://github.com/xcat2/xcat-core.git
synced 2026-05-09 10:10:09 +00:00
Bin Xu
eea661e405
* fix issueNode range not specified, see man page for syntax. return with no output when site.master is not set #4299 * Fix issue 4246, record rflash process in log file * dodiscovery: better disksize - ordered by major,minor and no `\n` (#4219) * better disksize: ordered by major,minor and no `\n` * nodediscover:`disksize` sent correctly: no need to `split`,`join` * general sort with explicit key columns, fix search pattern * dodiscovery: Fix bugs * dodiscovery: Fix ShellCheck SC2007,SC2004 * dodiscovery: simpler kcmdline parsing, disksize as IEC binary prefix * Add test case - switch_to_dns_forward_mode * Modify timeout of login by curl command for OpenBMC * Add makegocons command This patch enable goconserver service and manage the node sessions with a new `makegocons` command. Implement: #4215 * Refine the Cumulus Linux Section of the Doc (#4249) * No content in the switches subdirectory in docs, remove * Change the Network topic to Networking * Refine and reformat the Cumulus Linux documentation * Modify the script to build xCAT-genesis-base package (#4292) * Verify hash ID * change log messages * Timeout the ntpd process if ntpd service is not running on ntpserver (#4321) * enhance nodediscovery process: don't write "NOIP" if the node can not be resloved to an IP (#3995) * enhance nodediscovery process, if only 1 mac and have \*NOIP\* append, don't write mac table and don't generate dhcp lease entry * Enhance PR 3995: enhance nodediscovery process: don't write "NOIP" if the node can not be resloved to an IP * modified depending on comments * natural_sort_cmp: recursion to iterative implementation (#4314) * natural_sort_cmp: recursion to iterative implementation * natural_sort_cmp: correct prototype with parameters, as per `man perlfunc` * Task 3339, rspconfig ip/netmask/gateway/vlan support * * Minor enhance on xcatperftest to put all logs into one file * Fix a bug in simulatorctl.sh, and it cause the script cannot be found * modified depending on comments * QA list for makehosts (#4284) * QA list for makehosts * Fix some bus in makegocons * Revise test case - switch_to_dns_forward_mode * Enhancements after the review * Use IO::Socket to check BMC console port * Revise test case - switch_to_dns_forward_mode * modified depending on comments * Add messages to inform the user of the general action started via xCAT for flashing firmware * Fix bug, anything in the functional array is the one that's really active, priority will not be 0 if there is pending firmware * Fix 4338, remove all of in child process * fix issue #4354 :The XCATTEST_CN in xcattest can not detect HCP as config file (#4355) * Fix #4330, close the socket * Add image name to /opt/xcat/xcatinfo on compute node (#4359) * Integrate congo console from goconserver with rcons Enhance the original implement of rcons to support goconserver. `rcons` will help the user choose from one of the console backend service based on the console server status of management node. Implement #4216 * Fix 4363 - discovery broken (#4364) * do not set exit_code to 1 when the clock is not synced before the timeout (#4362) * Fix check for MTM values with spaces * modified depending on comments * rspconfig admin_password for OpenBMC * Fix merging in xdcpmerge.sh (#4328) * Fixes in xdcpmerge.sh Two fixes: 1. The grep pattern when finding duplicate usernames is missing ":" at the end. So, for example user "test" would also match "test2, etc.". Adding the ":" delimiter fixes the issue. 2. Another issue happens when the file to be merged is a superset of the files on the nodes. For example, if a new user is added and entire passwd file (that is otherwise identical) is sent to be merged. In this case, the $filebackup.nodups file, i.e. the original file with duplicates removed, becomes empty and the condition "if [ -s "$filebackup.nodups" ]" does not execute. Then the merged file ends up being original file with the merge file fully appended, clearly not what was intended. This is solved by changing the condition to check for file existence "-a" rather then for size. Additionally, I also turn the logic around so that the duplicates are removed from the merge file and then added to the original file. I think this makes logic a bit cleaner and also ensures that existing entries are not reordered or changed in any way. * Streamlining previous commit Adjustment to previous commit, streamlining and simplifying logic. Once $mergefile.nodups is created, just concatenate it the original file. * Update to xdcpmerge No need to copy $filebackup to $curfile, they are the same. * Modify for debug conveniently * add new cases and delete outdated test cases * Modify genesis build script for centos x86_64 * Add space between at and the time * Add a print out of the firmware levels for the various UT cases * Add unit test cases for rspconfig * rspconfig fix for set hostname * Enhance the testing case for rspconfig setting hostname * modified depending on comments * modified depending on comments * Add %pretrans script in <lua>. Handle directory to symlink change properly. See comment #3 of https://bugs.launchpad.net/rpm/+bug/633636 * Make xCAT-genesis-base confliects with early version of xCAT-genesis-scripts * rspconfig dump to allow admins capture logs * Adding comment * Improve the error message when BMC does not return a dump ID * Improve some messages and add timestamp for downloaded dump file * Improve the message to help Admin figure out where the file is missing * Leave a log file there when xCAT upgrade in case to debug issue while upgrading (#4389) * Listen on 0.0.0.0 instead of the hostname This patch modify the configuration of `makegocons` and `rcons` for goconserver. `cat /etc/goconserver/server.conf` ``` global: host: 0.0.0.0 ssl_key_file: /etc/xcat/cert/server-key.pem ssl_cert_file: /etc/xcat/cert/server-cert.pem ssl_ca_cert_file: /etc/xcat/cert/ca.pem logfile: /var/log/goconserver/server.log api: port: 12429 console: port: 12430 ``` * Support hostname=* for openbmc * Relay action and snmp configuration support for Coral PDU * ddns.pm: specify the "directory" option for DNS slaves too (cf. bug #4392) * Fix issue 4361, modify some sendmsg to message * 1. add "makeconserver -d" to "rmdef -C", 2. add "makeconserver -C|--cleanup" to remove entries for removed nodes * When there is a problem with the login, do not hide the message on debug mode. BMCReady does not make sense if the admin does not know how to find that state * Change function from login_logout_request to login_request, not doing any logout here * Check that RC is 200 to prevent unknown issues, handle the response generically * OpenBMC rspconfig dump timeout fixes * Fix issue 4408, modify error for rspconfig dump * Clear all BMC Dump logs when BMC firmware flash * modified depending on comments * More modifications for pr 4386, to deal with the conflicts * To handle one case which have 2 implementations, which one is for specific platform, on is for all platforms * return when current status is RSPCONFIG_DUMP_DOWNLOAD_REQUEST * fix issue 4417, delete 'clear next_status' * fix issue 4353: rspconfig needs to support multiple IPs on the BMC and ignore ZeroConfigIPs * Wait 15 seconds after OpenBMC interface with vlan tag to be activated * Fix issue #4397: rspconfig <> hostname=xxx show error message when there is multiple network in bmc * Some sentence modify for makeconservercf -C|--cleanup * OpenBMC rspconfig dump better dump file name formatting * Removed the --check and --ipsource option with PR 4258, update the man page * Improve the message on the HTTP response * modified depending on comments * Only handle 404 and 504 in the login request code, defer the rest to deal_with_response() * rflash stream support * 1. configure ip/netmask/gateway only on the NIC whose IP match node BMC attribute, 2. add some information for LinkLocal address * Fix confignetwork bond nic_type detection with multiple bonds * Modified configonie --ntp command (#4436) * Add man page for makegocons This is the guide about how to make goconserver as a replacement for conserver to help slove the issues reported for conserver, like: #4043, #3543. For openbmc, the solution of goconserver is much light-weighted than the conserver which could help save the system resource. In addition, sshpass is not needed for openbmc with goconserver. Implement: #4337 * Add another key for node_info in order not to after the content of $node_info{$node}{bmc} * enhance rflash stream * makedhcp does not work well when all service nodes not running dhcp but disjointdhcps=1 (#4426) (#4440) - if all service nodes not running dhcp, to treat it as disjointdhcps=0 - nodeset will send request to MN by default even if disjointdhcps=1 - Move out of the dhcp service checking from opts pre-check, and do it just before real makedhcp handling. * rspconfig configure bmc vlan will hung because of PR 4383 * OpenBMC rspconfig dump enhancements * Changes due to review comments * Print debug message before login attempt * Add warning when xCAT throttles SSL connections * Display first [openbmc_debug] when entering openbmc.pm * modified error msg * Make sure credential files have a trailing newline (#4442) * modified depending on comments * Fix the typo in the man page of makegocons * Update the print out based on the review comment, should not use since the regular expression is removed * Modify the nodeset disjoint test case accordingly for #4426 * Use short hostname in rcons for goconserver As the certificate of xcat is signed with short hostname, this commit force to use the short hostname in the environment variable for `congo console`. * Fix issue 3497, make sense for reventlog msg * Give summary after flash active when no debugmode * Fix the issue that the IP configuration will fail if bmc attribute is a hostname * enhance genimage for sles12sp2 (#4450) * Add dhcp-client-identifier to lease block (#4429) Machines that use Infiniband for PXE booting need to have the dhcp-client-identifier set in the lease block. Without it, they will not get the lease from the server. * Support multiple bonds on bring-up * modified depending on comments * fix the check for rc to 1 on error cases * modify response for bmcdiscover when error * Ignore syslog error in monitorctrl when setNodeStatusAttributes (#4459) * fix issue https://github.com/xcat2/xcat-core/issues/4411 (#4462) * fix issue Compute nodes fail to get provisioned #4411: covert imgsrv and xcatmaster to their ip addresses in case the hostname cannot be resolved inside initrd for diskless * More strict check to tell if it is a chroot env to avoid modify DB (#4463) when genimage for SN image (#4365) * issues for install license file on accton switches (#4460) * Add test cases for rflash regular usage against openbmc * modify depending on xuwei's comment * add 2 more cases for option d * enhance rflash upload message * Do not display message for clearing dumps when only PNOR * Display hostname even if multiple IP addresses * modified depending on comments * polished message * Modify the default consoleondemand based on the global setting This commit fix the bug that consoleondemand works incorrectly. * modify depending on comments * modified depending on comments * enhance rflash error messages * Modify documenation for servicenode attributes * build rst file from Schema.pm by db2man * change status back to starts * modified depending on comments * rm openbmcevents * Usage and man page update for rspconfig dump * let rflash error message flexible * Add support for the "file -> (noderange) file" syntax in synclist with ServiceNodes (#4445) * Add support for "file - (noderange) file" in synclist when using hierarchical mode. Fixes #4425 This patch ensures that: 1. the synclist is correctly parsed when running on a Service Node 2. all files are synchronized to SNs in hierarchical mode * Better test condition for #4425, addresses issue in https://github.com/xcat2/xcat-core/pull/4445#issuecomment-349472901 * Fix issue 4477, if has node-<mac> will not create node-<mtms> for the same node * fix issue updatenode -f loses directories when copying files to SN #4456 (#4494) * comment from ErTao * Crude attempt at including external configuration files in named.conf * Fixes after the review * Fix issue 4490, record any error when rflash active process * add -d usage and manpage * updatenode -F not work in hierachy env as the user name is FQDN of MN (#4484) * updatenode -F not work in hierachy env (#4455) - add trace when -V is enabled - get the DSH_FROM_USERID from updatenode client * - when 'updatenode -F' need to push SN first, using root as non-root does not have permission write to 'SNsyncfiledir' - move the set DSH_FROM_USERID code out of the loop, and also cover remote client case. * fix issue for command rspconfig hostname=* * enhance rflash * Adjust the server used for kernel/initrd and imgurl for petitboot (#4416) - URL for kernel/initrd, get the value from below value tftpserver -> xcatmaster -> myipfn - URL for image, get the value from below value nfsserver -> tftpserver -> xcatmaster -> myipfn * NODE attribute didn't populate in /opt/xcat/xcatinfo after reboot (#4428) * NODE attribute didn't populate in /opt/xcat/xcatinfo after reboot * Get NODE from mypostscripts * Improve the output message for reventlog, use a global variable to set PolicyFile Path * If debug_msg is not provided, use an empty string * Check for LinkLocal as well as 169.254 IP address * Fix issue 4507, add parameter check for rspconfig admin_passwd * record more information when rflash upload error * Fix the error when using array ref in updatenode with old version perl, it is introduced by PR#4484 (#4518) * Do not restart conserver if goconserver was started If goconserver was enabled, do not start conserver when restart xcatd on service node. * remove the /etc/localtime before copy timezone file * Use CONGO_CLIENT_TYPE to tell goconserver the source of client (#4501) goconserver could send back message based on the client type this commit set CONGO_CLIENT_TYPE to xcat to make the message from goconserver more friendly. * add rflash -d doc * only ignore 169.254.x.x for OpenBMC * Fix issue 4513, print out better error msg for reventlog -s * Modify or add openbmc test cases or bundle * add test cases for updatenode -f/F in hierarchy environment, covers issues #4456,#4455 and PR #4425 (#4500)
676 lines
24 KiB
Plaintext
Executable File
676 lines
24 KiB
Plaintext
Executable File
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
|
|
# Lenovo (c) 2016
|
|
#
|
|
# Raw commands to set BMCs to defaults
|
|
# dx320
|
|
# 0x2e 0x10 0x4d 0x4f 0x00 0xff
|
|
#
|
|
# dx340
|
|
# 0x30 0x13 0xff 0x00 0x00 0x00
|
|
#
|
|
# dx360/x3450
|
|
# 0x30 0x02 0x43 0x4c 0x52 0xaa
|
|
# 0x08 0x00 0x49 0x4e 0x54 0x45 0x4c
|
|
# 0x08 0x04
|
|
#
|
|
log_label="xcat.genesis.bmcsetup"
|
|
|
|
TIMEOUT=15
|
|
|
|
#
|
|
# Function: cold_reset_bmc
|
|
#
|
|
# Cold reset the BMC for certain servers
|
|
# Product ID: 309 - x3755 M4 (8722)
|
|
# Product ID: 43707 and Manufacturer ID: 0 - IBM Power S822LC and S812LC
|
|
#
|
|
# Otherwise the BMC will not respond to ping after running the ipmitool commands in this script
|
|
# It is found that Dell PowerEdge M605 server have the same product ID '43707', but its 'Manufacturer ID' is '674'
|
|
function cold_reset_bmc() {
|
|
if [ -z $XPROD ]; then
|
|
logger -s -t $log_label -p local4.crit "CRITICAL ERROR - XPROD must be set before calling ${FUNCNAME[0]}"
|
|
rm -f /tmp/ipmicfg.xml
|
|
exit 1
|
|
fi
|
|
if [ "$XPROD" = "43707" -a "$IPMIMFG" != '0' ]; then
|
|
return
|
|
fi
|
|
if [ "$XPROD" = "309" -o "$XPROD" = "43707" ] ; then
|
|
if [ "$XPROD" = "43707" ]; then
|
|
# OpenPOWER SPECIFIC, the OpenPOWER machines with AMI BMC should NOT need a
|
|
# reset after applying ipmitool commands. However, it seems there is a problem with
|
|
# the BMC where after 15 seconds, it stops responding. To work around, sleep 30
|
|
# seconds before issuing the reset of the BMC.
|
|
snooze
|
|
else
|
|
logger -s -t $log_label -p local4.info "Resetting BMC ..."
|
|
ipmitool mc reset cold
|
|
logger -s -t $log_label -p local4.info "Waiting for the BMC to appear ..."
|
|
fi
|
|
|
|
if [ "$XPROD" = "43707" ]; then
|
|
# OpenPOWER SPECIFIC, check the BMC with the following raw command to
|
|
# make sure that the bmc is really in a "ready" state before continuing
|
|
SLEEP_INTERVAL=3
|
|
MAX_ITERATION=100
|
|
tries=0
|
|
while [ $tries -lt ${MAX_ITERATION} ] ; do
|
|
sleep ${SLEEP_INTERVAL}
|
|
ret=`ipmitool raw 0x3a 0x0a 2> /dev/null`
|
|
if [ "$ret" == " 00" ]; then
|
|
return
|
|
fi
|
|
tries=$(($tries+1))
|
|
done
|
|
TOTAL_SEC=$((${SLEEP_INTERVAL} * ${MAX_ITERATION}))
|
|
logger -s -t $log_label -p local4.error "ERROR, After waiting ${TOTAL_SEC} seconds, the BMC is not in a ready state."
|
|
else
|
|
# for Non OpenPOWER servers, just sleep for some set time.
|
|
sleep 15
|
|
|
|
TRIES=0
|
|
# Get the LAN information
|
|
while ! ipmitool lan print $LANCHAN > /dev/null; do
|
|
sleep 3
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
fi
|
|
fi
|
|
}
|
|
|
|
#
|
|
# Function snooze()
|
|
#
|
|
# The purpose of this is to work around the issue with OpenPOWER BMCs after
|
|
# making a change to network configuration, sleep 30 to be sure the changes apply.
|
|
#
|
|
function snooze() {
|
|
if [ -z $XPROD ]; then
|
|
logger -s -t $log_label -p local4.crit "CRITICAL ERROR - XPROD must be set before calling ${FUNCNAME[0]}"
|
|
rm -f /tmp/ipmicfg.xml
|
|
exit 1
|
|
fi
|
|
if [ "$XPROD" = "43707" -a "$IPMIMFG" != '0' ]; then
|
|
return
|
|
fi
|
|
if [ "$XPROD" = "43707" ]; then
|
|
# For OpenPOWER Machines
|
|
logger -s -t $log_label -p local4.debug "OpenPOWER, snooze for 30 seconds..."
|
|
sleep 30
|
|
else
|
|
sleep 1
|
|
fi
|
|
}
|
|
|
|
if ! ipmitool -V 2>/dev/null| grep "version"; then
|
|
echo "No ipmitool find, please install it first";
|
|
exit 1;
|
|
fi
|
|
|
|
# Add ipmi_devintf module to allow the ipmitool operation in-band
|
|
modprobe ipmi_devintf
|
|
|
|
for parm in `cat /proc/cmdline`; do
|
|
key=`echo $parm|awk -F= '{print $1}'`
|
|
if [ "$key" = "xcatd" ]; then
|
|
XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
|
|
fi
|
|
done
|
|
|
|
allowcred.awk &
|
|
CREDPID=$!
|
|
sleep 5
|
|
IPCFGMETHOD=static
|
|
while [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; do
|
|
while ! getipmi
|
|
do
|
|
logger -s -t $log_label -p local4.info "Retrying retrieval of IPMI settings from server"
|
|
done
|
|
BMCIP=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
BMCVLAN=`grep taggedvlan /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
if [ -z "$BMCVLAN" ]; then
|
|
BMCVLAN=off;
|
|
fi
|
|
BMCGW=`grep gateway /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
BMCNM=`grep netmask /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
BMCUS=`grep username /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
BMCPW=`grep password /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
IPCFGMETHOD=`grep ipcfgmethod /tmp/ipmicfg.xml|awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
if [ -z "$IPCFGMETHOD" ]; then
|
|
IPCFGMETHOD="static"
|
|
fi
|
|
if [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; then
|
|
logger -s -t $log_label -p local4.err "FAILED TO RETRIEVE SETTINGS, RETRYING in 15 seconds"
|
|
sleep 15
|
|
fi
|
|
done
|
|
kill $CREDPID
|
|
NUMBMCS=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'|wc -l`
|
|
logger -s -t $log_label -p local4.debug "BMC Information obtained from xCAT"
|
|
logger -s -t $log_label -p local4.debug "NUMBMCS=$NUMBMCS ==> BMC IP=$BMCIP/$BMCNM, GW=$BMCGW, VLAN=$BMCVLAN"
|
|
|
|
#
|
|
# Get the BMC Version and Manufacturer ID
|
|
#
|
|
MC_INFO=/tmp/xcat.ipmitool.mcinfo
|
|
|
|
ipmitool mc info > ${MC_INFO}
|
|
IPMIVER=`cat ${MC_INFO} |grep ^IPMI|awk '{print $4}'`
|
|
IPMIMFG=`cat ${MC_INFO} |grep "^Manufacturer ID"|awk '{print $4}'`
|
|
|
|
# Get the BMC Product ID
|
|
XPROD=`cat ${MC_INFO} |grep "^Product ID"|awk '{print $4}'`
|
|
|
|
logger -s -t $log_label -p local4.info "IPMIVER=$IPMIVER, IPMIMFG=$IPMIMFG, XPROD=$XPROD"
|
|
|
|
#
|
|
# IPMIMFG=2 = IBM
|
|
# IPMIMFG=0 = OpenPOWER
|
|
# IPMIMFG=42817 and XPROD=16975 = OpenBMC
|
|
#
|
|
if [ "$IPMIMFG" == 2 ]; then #IBM
|
|
if [ "$XPROD" == "220" ]; then
|
|
LOCKEDUSERS=1
|
|
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
logger -s -t $log_label -p local4.info "BMCPORT is $BMCPORT"
|
|
if [ ! -z "$BMCPORT" ]; then
|
|
let idev=0
|
|
IFS=','
|
|
for p in $BMCPORT; do
|
|
# Set the LAN Configuration Parameters (OEM)
|
|
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
|
|
# Set the PEF Configuration Parameters (Platform Event Filtering)
|
|
ipmitool -d $idev raw 0x04 0x12 0x09 0x01 0x18 0x${p}1 0x00 > /dev/null
|
|
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
|
|
logger -s -t $log_label -p local4.info "CURBMCPORT is $CURBMCPORT"
|
|
while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
|
|
sleep 1
|
|
# Get the LAN Configuration Parameters (OEM)
|
|
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
unset IFS
|
|
fi
|
|
elif [ "$XPROD" == "291" ]; then
|
|
LOCKEDUSERS=1
|
|
else
|
|
# Get a ID for the server
|
|
IBMFAM=`ipmitool raw 0x3a 0x50 |head -n 1| awk '{print $1 $2 $3 $4}'`
|
|
logger -s -t $log_label -p local4.info "IBMFAM is $IBMFAM"
|
|
if [ "$IBMFAM" == "59554f4f" ]; then
|
|
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
if [ ! -z "$BMCPORT" ]; then
|
|
let idev=0
|
|
IFS=','
|
|
for p in $BMCPORT; do
|
|
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
|
|
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
|
|
logger -s -t $log_label -p local4.info "CURBMCPORT is $CURBMCPORT"
|
|
while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
|
|
sleep 1
|
|
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
unset IFS
|
|
fi
|
|
fi
|
|
fi
|
|
elif [ "$IPMIMFG" == 19046 -a "$XPROD" == 13616 ] ; then
|
|
LOCKEDUSERS=1
|
|
elif [ "$IPMIMFG" == 20301 -o "$IPMIMFG" == 19046 ] ; then
|
|
IBMVPDV=`ipmitool raw 0x3a 0xb 2 0 16 1`
|
|
logger -s -t $log_label -p local4.info "XPROD is $XPROD, IBMVPDV is $IBMVPDV"
|
|
if [ $IBMVPDV -eq 2 ]; then
|
|
ISITE=1;
|
|
fi
|
|
LOCKEDUSERS=1
|
|
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
logger -s -t $log_label -p local4.info "BMCPORT is $BMCPORT"
|
|
if [ ! -z "$BMCPORT" ]; then
|
|
let idev=0
|
|
IFS=','
|
|
for p in $BMCPORT; do
|
|
unset IFS
|
|
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
|
|
IFS=','
|
|
# after this change, we need to watch and wait to see that it
|
|
# actually takes effect. On port change, the service processor
|
|
# does not migrate the network configuration over
|
|
# so we might be halfway through setting up when the net config
|
|
# reverts to dhcp then static, which setting a static ip for is
|
|
# considered invalid
|
|
CHECKBMCPORT=$(echo $p|awk '{print $1}')
|
|
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
|
|
logger -s -t $log_label -p local4.info "CURBMCPORT is $CURBMCPORT"
|
|
while [ -z "$CURBMCPORT" -o 0"$CURBMCPORT" -ne 0"$CHECKBMCPORT" ]; do
|
|
sleep 1
|
|
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
unset IFS
|
|
fi
|
|
elif [ "$IPMIMFG" == "47488" ]; then
|
|
LOCKEDUSERS=1
|
|
elif [ "$IPMIMFG" == "674" ]; then # DELL
|
|
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
|
|
logger -s -t $log_label -p local4.info "BMCPORT is $BMCPORT"
|
|
if [ "$BMCPORT" == "0" ]; then # dedicated
|
|
ipmitool delloem lan set dedicated &>/dev/null
|
|
elif [ "$BMCPORT" == "1" -o "$BMCPORT" == "2" -o "$BMCPORT" == "3" -o "$BMCPORT" == "4" ]; then # shared
|
|
ipmitool delloem lan set shared &>/dev/null
|
|
ipmitool delloem lan set shared with lom$BMCPORT &>/dev/null
|
|
ipmitool delloem lan set shared with failover all loms &>dev/null
|
|
fi
|
|
elif [ "$IPMIMFG" = "42817" -a "$XPROD" = "16975" ]; then # IBM OpenPOWER servers with OpenBMC
|
|
ISOPENBMC=1
|
|
fi
|
|
|
|
LAN_MED_TYPE="802.3"
|
|
if [ ! -z "$ISOPENBMC" ]; then
|
|
# Overvide the default value for OpenBMC
|
|
LAN_MED_TYPE="Other LAN"
|
|
fi
|
|
while [ -z "$LANCHAN" ]; do
|
|
logger -s -t $log_label -p local4.info "Auto detecting LAN channel..."
|
|
for TLANCHAN in {1..16}; do
|
|
# Try to get the channel information; then get the MAC which is used for the channel
|
|
if ipmitool channel info $TLANCHAN 2> /dev/null | grep "$LAN_MED_TYPE" > /dev/null 2>&1 && ipmitool raw 0xc 2 $TLANCHAN 5 0 0 > /dev/null 2>&1; then
|
|
LANCHAN=$TLANCHAN
|
|
break;
|
|
fi;
|
|
echo -n "."
|
|
done
|
|
if [ -z "$LANCHAN" ]; then
|
|
logger -s -t $log_label -p local4.info "Unable to detect lan channel, retrying in 10 seconds"
|
|
sleep 10
|
|
fi
|
|
done
|
|
logger -s -t $log_label -p local4.info "Detected LAN channel $LANCHAN"
|
|
|
|
let idev=NUMBMCS
|
|
if [ $IPCFGMETHOD="static" ]; then
|
|
while [ $idev -gt 0 ]; do
|
|
let idev=idev-1
|
|
TRIES=0
|
|
# Set the channel to use STATIC IP address
|
|
while ! ipmitool -d $idev lan set $LANCHAN ipsrc static; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
done
|
|
let idev=0
|
|
for b in $BMCIP; do
|
|
TRIES=0
|
|
# Set the IP for the current channel
|
|
while ! ipmitool -d $idev lan set $LANCHAN ipaddr $b; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
let idev=0
|
|
for m in $BMCNM; do
|
|
TRIES=0
|
|
# Set the NETMASK for the current channel
|
|
while ! ipmitool -d $idev lan set $LANCHAN netmask $m; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
|
|
if [ ! -z "$BMCGW" ]; then
|
|
let idev=0
|
|
for g in $BMCGW; do
|
|
TRIES=0
|
|
# Set the GATEWAY for the current channel
|
|
while ! ipmitool -d $idev lan set $LANCHAN defgw ipaddr $g; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
fi
|
|
else
|
|
if [ -z "$ISOPENBMC" ];then
|
|
let idev=NUMBMCS
|
|
else
|
|
let idev=0
|
|
fi
|
|
while [ $idev -gt 0 ]; do
|
|
let idev=idev-1
|
|
TRIES=0
|
|
# Set the method to get IP for the current channel, if required.
|
|
while ! ipmitool -d $idev lan set $LANCHAN ipsrc $IPCFGMETHOD; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
done
|
|
fi
|
|
|
|
if [ "$BMCVLAN" = off ]; then
|
|
TRIES=0
|
|
while ! ipmitool raw 0xc 1 $LANCHAN 0x14 0 0; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
else
|
|
let idev=0
|
|
for b in $BMCVLAN; do
|
|
TRIES=0
|
|
# Set VLAN for the current channel
|
|
while ! ipmitool -d $idev lan set $LANCHAN vlan id $b; do
|
|
snooze
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then
|
|
break;
|
|
fi
|
|
done
|
|
let idev=idev+1
|
|
done
|
|
fi
|
|
|
|
|
|
# update the node status to 'bmcready' for openbmc, no more configuration is needed.
|
|
if [ ! -z "$ISOPENBMC" ]; then
|
|
# To enable network configuration for openbmc
|
|
#
|
|
# For OpenBMC, FW team still suggest running the raw command instead of access on, use raw for now
|
|
#
|
|
# ipmitool -d 0 lan set $LANCHAN access on
|
|
ipmitool -d 0 raw 0x06 0x40 $LANCHAN 0x42 0x44
|
|
# update the node status to 'bmcready'
|
|
if [ ! -z "$XCATMASTER" ]; then
|
|
# Wait for some time for the new network setting is ready
|
|
snooze
|
|
if ipmitool lan print 1 | grep $BMCIP >/dev/null; then
|
|
updateflag.awk $XCATMASTER 3002 "installstatus bmcready"
|
|
else
|
|
updateflag.awk $XCATMASTER 3002 "installstatus failed"
|
|
fi
|
|
fi
|
|
rm -f /tmp/ipmicfg.xml
|
|
exit $bmc_config_rc
|
|
fi
|
|
# After network commands are issued, pause to allow the BMC to apply (OpenPOWER)
|
|
snooze
|
|
|
|
let idev=NUMBMCS-1
|
|
for user in $BMCUS; do
|
|
if [ "$user" = "" ]; then
|
|
continue
|
|
fi
|
|
DISABLEUSERS=$(ipmitool user list $LANCHAN|awk '{print $1}'|grep -v ID)
|
|
# Get the User Slots
|
|
USERSLOT=`ipmitool -d $idev user list $LANCHAN |grep -v ^ID|awk '{print $1 " " $2}'|grep -w "$BMCUS"|awk '{print $1}'`
|
|
if [ -z "$USERSLOT" ]; then
|
|
USERSLOT=$((`ipmitool raw 6 0x44 1 1|awk '{print $3}'` + 1))
|
|
fi
|
|
if [ "$USERSLOT" == 0 -o -z "$LOCKEDUSERS" ]; then USERSLOT=2; fi
|
|
if [ "$ISITE" = 1 ]; then
|
|
allowcred.awk &
|
|
CREDPID=$!
|
|
while ! remoteimmsetup
|
|
do
|
|
logger -s -t $log_label -p local4.info "Waiting for xCAT remote configuration of service processor via CMM.."
|
|
done
|
|
kill $CREDPID
|
|
fi
|
|
|
|
# Get the specified user
|
|
CURRENTUSER=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $2}'`
|
|
DISABLEUSERS=`echo $DISABLEUSERS|sed -e s/$USERSLOT//`
|
|
logger -s -t $log_label -p local4.info "CURRENTUSER=$CURRENTUSER, DISABLEUSERS=$DISABLEUSERS"
|
|
for userid in $DISABLEUSERS; do
|
|
TRIES=0
|
|
# Disable the non-specified user
|
|
while ! ipmitool -d $idev user disable $userid; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
done
|
|
|
|
TRIES=0
|
|
# Enable the specified user
|
|
while ! ipmitool -d $idev user enable $USERSLOT; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
ipmitool raw 6 0x43 $(($LANCHAN|176)) $USERSLOT 4
|
|
|
|
|
|
TRIES=0
|
|
# Last param in ipmitool user priv is the channel to set it on.
|
|
# Penguin boxes are all channel 2
|
|
#
|
|
# Get privilege for the specified user
|
|
#
|
|
CURRPRIV=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $6}'`
|
|
logger -s -t $log_label -p local4.info "CURRPRIV=$CURRPRIV"
|
|
if [ "$CURRPRIV" != "ADMINISTRATOR" ]; then
|
|
# Set the ADMIN privilege for the specified user
|
|
while ! ipmitool -d $idev user priv $USERSLOT 4 $LANCHAN; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
fi
|
|
|
|
TRIES=0
|
|
# Enable the channel link for the specified user
|
|
while ! ipmitool -d $idev channel setaccess $LANCHAN $USERSLOT link=on; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
|
|
TRIES=0
|
|
if [ "$CURRENTUSER" != "$user" ]; then
|
|
# Change the user name, if necessary
|
|
while ! ipmitool -d $idev user set name $USERSLOT "$user"; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
fi
|
|
let idev=idev-1
|
|
done
|
|
|
|
let idev=NUMBMCS-1
|
|
for bmcp in $BMCPW; do
|
|
if [ "$bmcp" = "" ]; then continue; fi
|
|
|
|
TRIES=0
|
|
# Set the password for the specified user
|
|
while ! ipmitool -d $idev user set password $USERSLOT "$bmcp"; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
|
|
logger -s -t $log_label -p local4.info "Set up following user table: "
|
|
TRIES=0
|
|
# Display the user list
|
|
ipmitool -d $idev user list $LANCHAN
|
|
let idev=idev-1
|
|
done
|
|
|
|
let idev=NUMBMCS
|
|
while [ $idev -gt 0 ]; do
|
|
let idev=idev-1
|
|
|
|
MSG="Enabling the non-volatile channel access ($LANCHAN)"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
TRIES=0
|
|
# Set the non-volatile channel access: enable and privilege
|
|
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x42 0x44 > /dev/null; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
|
|
|
|
MSG="Enabling the volatile channel access ($LANCHAN)"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
TRIES=0
|
|
# Set the volatile channel access: enable and privilege
|
|
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x82 0x84 > /dev/null; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
|
|
|
|
MSG="Enabling ARP responses"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
TRIES=0
|
|
# enable the ARP response on the channel
|
|
while ! ipmitool -d $idev lan set $LANCHAN arp respond on > /dev/null; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
echo -n .
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
|
|
|
|
MSG="Enabling IPMI MD5 LAN access"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
TRIES=0
|
|
# Set the auth level to md5 for the channel
|
|
while ! ipmitool -d $idev lan set $LANCHAN auth admin md5 > /dev/null; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
|
|
|
|
if [ ! "$IPMIVER" == "1.5" ]; then
|
|
MSG="Enabling IPMI v 2.0 LAN access"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
# the following goals:
|
|
# - disable cipher suite 0 (if present, avoid password bypass)
|
|
# - disable cipher suite 1 (if present, to avoid weaking Kg if used)
|
|
# - enable cipher suite 2 (scenarios without perl Rijndael)
|
|
# - enable cipher suite 3
|
|
# - ignore the rest
|
|
#
|
|
# Read the LAN info
|
|
#
|
|
ZEROIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '%0$'|sed -e 's/:.*//')
|
|
ONEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^1$'|sed -e 's/:.*//')
|
|
TWOIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^2$'|sed -e 's/:.*//')
|
|
THREEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^3$'|sed -e 's/:.*//')
|
|
ACCESS=$(ipmitool lan print $LANCHAN|grep 'Cipher Suite Priv Max'|cut -d: -f 2|sed -e 's/ //g' -e 's/\(.\)/\1\n/g'|grep -v '^$')
|
|
# logger -s -t $log_label -p local4.info "ZEROIDX is $ZEROIDX, ONEIDX is $ONEIDX, TWOIDX is $TWOIDX, THREEIDX is $THREEIDX, ACCESS is $ACCESS"
|
|
NEWACCESS=""
|
|
i=1
|
|
for elem in $ACCESS; do
|
|
if [ $i = "$ZEROIDX" -o $i = "$ONEIDX" ]; then
|
|
NEWACCESS="$NEWACCESS"X
|
|
elif [ $i = "$TWOIDX" -o $i = "$THREEIDX" ]; then
|
|
#do not *downgrade* from OEM priv
|
|
if [ "$elem" != "O" ]; then NEWACCESS="$NEWACCESS"a; else NEWACCESS="$NEWACCESS"$elem; fi
|
|
else
|
|
NEWACCESS="$NEWACCESS"$elem
|
|
fi
|
|
i=$((i+1))
|
|
done
|
|
|
|
# logger -s -t $log_label -p local4.info "ACCESS=$NEWACCESS"
|
|
|
|
MSG="Set the cipher_privileges for the channel"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
# Set the cipher_privileges for the channel
|
|
if ipmitool lan set $LANCHAN cipher_privs $NEWACCESS > /dev/null; then
|
|
logger -s -t $log_label -p local4.info "$MSG: OK"
|
|
else
|
|
logger -s -t $log_label -p local4.info "$MSG: ERROR"
|
|
fi
|
|
|
|
MSG="Enabling SOL for channel $LANCHAN"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
TRIES=0
|
|
# Enable the SOL for the channel
|
|
while ! ipmitool -d $idev raw 0xc 0x21 $LANCHAN 0x1 0x1 > /dev/null; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
|
|
|
|
MSG="Enabling SOL for $BMCUS"
|
|
logger -s -t $log_label -p local4.info "$MSG"
|
|
TRIES=0
|
|
# Enable the SOL for the USER and set the payload 1
|
|
while ! ipmitool -d $idev raw 6 0x4c $LANCHAN $USERSLOT 2 0 0 0 > /dev/null; do
|
|
sleep 1
|
|
let TRIES=TRIES+1
|
|
if [ $TRIES -gt $TIMEOUT ]; then break; fi
|
|
done
|
|
if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
|
|
fi
|
|
|
|
# Cold reset the BMC
|
|
cold_reset_bmc
|
|
|
|
# update the node status to 'bmcready'
|
|
if [ ! -z "$XCATMASTER" ]; then
|
|
updateflag.awk $XCATMASTER 3002 "installstatus bmcready"
|
|
fi
|
|
|
|
logger -s -t $log_label -p local4.info "Lighting Identify Light"
|
|
if [ "$XPROD" = "43707" -a "$IPMIMFG" = '0' ]; then
|
|
ISOPENPOWER=1
|
|
elif [ "$IPMIMFG" = "10876" ];then
|
|
# Handle Supermicro Servers (MFG=10876)
|
|
# Boston (PROD=2437), Briggs/Stratton (PROD=2355)
|
|
if [ "$XPROD" = "2437" -o "$XPROD" = "2355" ]; then
|
|
ISOPENPOWER=1
|
|
fi
|
|
fi
|
|
|
|
|
|
if [ "$ISOPENPOWER" = '1' ]; then
|
|
# OpenPOWER BMC specific, turn on the LED beacon light.
|
|
# - default interval, # ipmitool chassis identify
|
|
# Chassis identify interval: default (15 seconds)
|
|
# - 275 is too large, # ipmitool chassis identify 275
|
|
# Given interval is too big.
|
|
ipmitool chassis identify 250
|
|
else
|
|
# All other BMCs
|
|
while :
|
|
# Identify the server by turning on the LED light
|
|
do ipmitool -d $idev raw 0 4 10 > /dev/null
|
|
sleep 7
|
|
done &
|
|
fi
|
|
done
|
|
|
|
# remove the bmc configuration information before exit
|
|
rm -f /tmp/ipmicfg.xml
|