Just Memo...
###################################################################################################
Linux OS底下,查詢DMI Table Type 42的資訊,並取得IPv4 Redfish Service Address的資訊
# dmidecode -t 42
# dmidecode 3.3
Getting SMBIOS data from sysfs.
SMBIOS 3.5.0 present.
# SMBIOS implementations newer than version 3.3.0 are not
# fully supported by this version of dmidecode.
Handle 0x0029, DMI type 42, 17 bytes
Management Controller Host Interface
Host Interface Type: KCS: Keyboard Controller Style
Handle 0x0053, DMI type 42, 133 bytes
Management Controller Host Interface
Host Interface Type: Network
Device Type: USB
idVendor: 0x1d6b
idProduct: 0x0105
Protocol ID: 04 (Redfish over IP)
Service UUID: c50052c4-745f-5e30-be5a-f1f6ed531ced
Host IP Assignment Type: Static
Host IP Address Format: IPv4
IPv4 Address: 169.254.0.18
IPv4 Mask: 255.255.0.0
Redfish Service IP Discovery Type: Static
Redfish Service IP Address Format: IPv4
IPv4 Redfish Service Address: 169.254.0.17
IPv4 Redfish Service Mask: 255.255.0.0
Redfish Service Port: 443
Redfish Service Vlan: 0
Redfish Service Hostname:
###################################################################################################
剛好遇到實作的方法是用token,所以servey了一下相關的實作方式
除了透過Outband的方式連線,在SUT的Linux OS底下,透過DMI Type 42上的USB Nic去溝通也是一個辦法。
快速確認哪個nic是USB裝置,ls -l /sys/class/net/* | grep usb | awk '{print $NF}' | awk -F "/net/" '{print $NF}'
註解:BMC能長出虛擬的USB NIC,讓HOST的Linux OS透過USB NIC,使用IP跟BMC溝通。
export authtoken=`curl -k -H "Content-Type: application/json" -X POST https://<bmc_ip>/login -d '{"username" : "root", "password" : "0penBmc"}' | grep token | awk '{print $2;}' | tr -d '"'`
curl -k -H "X-Auth-Token: $authtoken" -X GET https://<bmc_ip>/redfish/v1/Systems/system
curl -k -H "X-Auth-Token: $authtoken" -X GET https://<bmc_ip>/redfish/v1/Systems/system
Ref: https://www.ibm.com/docs/en/power8/9080-MME?topic=icmcti-managing-power-systems-servers-by-using-dmtf-redfish-apis
---------------------------------------------------------------------------------------------------
OpenBMC Redfish data sheet
This document is intended to provide a set of Redfish client commands for OpenBMC usage. (Using CURL commands)
www.dmtf.org/standards/redfish
Query Root 查詢Redfish的Root根
-b /--cookie <name=string> cookie 字符串或者文件讀取位置
-k/--insecure 允許不使用證書連接到SSL站點
# export bmc=xx.xx.xx.xx
# curl -b cjar -k https://${bmc}/redfish/v1
Establish Redfish connection session
Method 1
-X/--request <command> http連線的操作
-D/--dump-header <file> 把header的信息寫入到改文件中
-d/--data <data> HTTP POST方式傳送數據
這是不是以後再使用redfish連接不用輸入用戶名和密碼啦? yes
# export bmc=xx.xx.xx.xx
# curl --insecure -X POST -D headers.txt https://${bmc}/redfish/v1/SessionService/Sessions -d '{"UserName":"root", "Password":"0penBmc"}'
A file, headers.txt, will be created.
Find the "X-Auth-Token" in that file. Save it away in an env variable like so:
export bmc_token=<token>
Method 2
# export bmc=xx.xx.xx.xx
# export token=`curl -k -H "Content-Type: application/json" -X POST https://${bmc}/login -d '{"username" : "root", "password" : "0penBmc"}' | grep token | awk '{print $2;}' | tr -d '"'`
# curl -k -H "X-Auth-Token: $token" https://${bmc}/redfish/v1/...
Note: Method 2 is used in this document.
View Redfish Objects
# curl -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Chassis
# curl -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Managers
# curl -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Systems
Host power 主機電源選項:-?Host soft power off: 軟關機
# curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/Systems/system/Actions/ComputerSystem.Reset -d '{"ResetType": "GracefulShutdown"}'
Host hard power off: 硬關機
# curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/Systems/system/Actions/ComputerSystem.Reset -d '{"ResetType": "ForceOff"}'
Host power on: 開機
# curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/Systems/system/Actions/ComputerSystem.Reset -d '{"ResetType": "On"}'
Reboot Host 重啟
# curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/Systems/system/Actions/ComputerSystem.Reset -d '{"ResetType": "GracefulRestart"}'
Log entry 系統日誌
Display logging entries: 顯示系統日誌
# curl -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Entries
Delete logging entries:清除系統日誌
# curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/Systems/system/LogServices/EventLog/Actions/LogService.Reset
Firmware ApplyTime:
# curl -k -H "X-Auth-Token: $token" -X PATCH -d '{ "ApplyTime":"Immediate"}' https://${bmc}/redfish/v1/UpdateService
or
# curl -k -H "X-Auth-Token: $token" -X PATCH -d '{ "ApplyTime":"OnReset"}' https://${bmc}/redfish/v1/UpdateService
Firmware update 韌體升級
Firmware update: Note the <image file path> must be a tarball.使用https進行韌體升級
# curl -k -H "X-Auth-Token: $token"
-H "Content-Type: application/octet-stream"
-X POST -T <image file path> https://${bmc}/redfish/v1/UpdateService
TFTP Firmware update using TransferProtocol: Note: The <image file path> contains the address of the TFTP service: xx.xx.xx.xx/obmc-phosphor-xxxxx-xxxxxxxxx.static.mtd.tar
使用tftp進行韌體升級
# curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate -d '{"TransferProtocol":"TFTP","ImageURI":"<image file path>"}'
TFTP Firmware update with protocol in ImageURI: 使用ImageURI進行韌體升級
# curl -k -H "X-Auth-Token: $token"
-X POST https://${bmc}/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate -d '{"ImageURI":"tftp://<image file path>"}'
Update "root" password 修改密碼
Change password to "0penBmc1":
# curl -k -H "X-Auth-Token: $token" -X PATCH -d '{"Password": "0penBmc1"}' https://${bmc}/redfish/v1/AccountService/Accounts/root
Refer: https://zhuanlan.zhihu.com/p/183976500