Create virtual BMCs for controlling virtual instances via IPMI for vSphere environment
Project description
VirtualBMC for vSphere (vbmc4vsphere)
Overview
A virtual BMC for controlling virtual machines using IPMI commands for the VMware vSphere environment.
In other words, the VMware vSphere version of VirtualBMC part of the OpenStack project.
Disclaimer
- For testing purposes only. Not for production use.
- The vCenter Server credentials including password are stored in plain text.
Installation
pip install vbmc4vsphere
Supported IPMI commands
# Power the virtual machine on, off, graceful off and reset
ipmitool -I lanplus -U admin -P password -H 192.168.0.1 -p 6230 power on|off|soft|reset
# Check the power status
ipmitool -I lanplus -U admin -P password -H 192.168.0.1 -p 6230 power status
Not Implemented yet:
- Inject NMI:
power diag
- Set the boot device to network, hd or cdrom:
chassis bootdev pxe|disk|cdrom
- Get the current boot device:
chassis bootparam get 5
Architecture
Quick Start
Install VirtualBMC for vSphere on some linux host, start vbmcd
daemon, and then configure through vbmc
command.
Installation
pip install vbmc4vsphere
Start Daemon
- Start daemon:
$ vbmcd
By default, daemon starts in background. You can start it in foreground by--foreground
option to get logs.$ vbmcd --foreground
Configure VirtualBMC
- In order to see all command options supported by the
vbmc
tool do:$ vbmc --help
It’s also possible to list the options from a specific command. For example, in order to know what can be provided as part of theadd
command do:$ vbmc add --help
- Adding a new virtual BMC to control VM called lab-vesxi01:
$ vbmc add lab-vesxi01 --port 6230 --viserver 192.168.0.1 --viserver-username vbmc@vsphere.local --viserver-password my-secure-password
- Binding a network port number below 1025 is restricted and only users with privilege will be able to start a virtual BMC on those ports.
- Passing the credential for your vCenter Server is required.
- By default, IPMI credential is confugired as
admin
andpassword
. You can specify your own username and password by--username
and--password
at this time.
- Adding a additional virtual BMC to control VM called lab-vesxi02:
$ vbmc add lab-vesxi02 --port 6231 --viserver 192.168.0.1 --viserver-username vbmc@vsphere.local --viserver-password my-secure-password
- Specify a different port for each virtual machine.
- Starting the virtual BMC to control VMs:
$ vbmc start lab-vesxi01 $ vbmc start lab-vesxi02
- Getting the list of virtual BMCs including their VM name and IPMI network endpoints they are reachable at:
$ vbmc list +-------------+---------+---------+------+ | VM name | Status | Address | Port | +-------------+---------+---------+------+ | lab-vesxi01 | running | :: | 6230 | | lab-vesxi02 | running | :: | 6231 | +-------------+---------+---------+------+
- To view configuration information for a specific virtual BMC:
$ vbmc show lab-vesxi01 +-------------------+--------------------+ | Property | Value | +-------------------+--------------------+ | active | False | | address | :: | | password | *** | | port | 6230 | | status | running | | username | admin | | viserver | 192.168.0.1 | | viserver_password | *** | | viserver_username | vbmc@vsphere.local | | vm_name | lab-vesxi01 | +-------------------+--------------------+
- Stopping the virtual BMC to control VMs:
$ vbmc stop lab-vesxi01 $ vbmc stop lab-vesxi02
Server Simulation
Once the virtual BMC for a specific VM has been created and started you can then issue IPMI commands against the address and port of that virtual BMC to control the VM.
In this example, if your VirtualBMC host has 192.168.0.100
, you can control:
lab-vesxi01
througth192.168.0.100:6230
lab-vesxi02
througth192.168.0.100:6231
by using IPMI. For example:
- To power on the virtual machine
lab-vesxi01
:$ ipmitool -I lanplus -H 192.168.0.100 -p 6230 -U admin -P password chassis power on Chassis Power Control: Up/On
- To check its power status:
$ ipmitool -I lanplus -H 192.168.0.100 -p 6230 -U admin -P password chassis power status Chassis Power is on
- To shutdown
lab-vesxi01
:$ ipmitool -I lanplus -H 192.168.0.100 -p 6230 -U admin -P password chassis power soft Chassis Power Control: Soft
- To reset the
lab-vesxi02
:$ ipmitool -I lanplus -H 192.168.0.100 -p 6231 -U admin -P password chassis power reset Chassis Power Control: Reset
Tips
Optional configuration file
Both vbmcd
and vbmc
can make use of an optional configuration file, which is looked for in the following locations (in this order):
VIRTUALBMC_CONFIG
environment variable pointing to a file$HOME/.vbmc/virtualbmc.conf
file/etc/virtualbmc/virtualbmc.conf
file
If no configuration file has been found, the internal defaults apply.
The configuration files are not created automatically unless you create them manually. And even if you don't create a configuration file, it won't matter in most cases.
Below is a sample of virtialbmc.conf
.
[default]
#show_passwords = false
config_dir = /home/vbmc/.vbmc
#pid_file = /home/vbmc/.vbmc/master.pid
#server_port = 50891
#server_response_timeout = 5000
#server_spawn_wait = 3000
[log]
# logfile = /home/vbmc/.vbmc/log/vbmc.log
debug = true
[ipmi]
session_timeout = 10
Manage stored data manually
Once you invoke vbmc add
command, everything that you specified will be stored as config
file per virtual machine under $HOME/.vbmc/
by default. This path can be changed by config_dir
in your virtialbmc.conf
described above.
Please note everything including password stored in plain text in the config
file.
$ cat ~/.vbmc/lab-vesxi01/config
[VirtualBMC]
username = admin
password = password
address = ::
port = 6230
vm_name = lab-vesxi01
viserver = 192.168.0.1
viserver_username = vbmc@vsphere.local
viserver_password = my-secure-password
active = True
Use with Nested-KVM and oVirt
In the oVirt, by using VirtualBMC for vSphere, you can enable the Power Management feature for Nested-KVM that is running in your vSphere environment.
To do this, configure the Fence Agent with following parameters:
- Enter the IP address of your VirtualBMC host in the
Address
field. - Enter the
User Name
andPassword
as configured in VirtualBMC. - Select
ipmilan
in theType
drop-down list. - Enter
lanplus=1,ipport=<your-port-number>
likelanplus=1,ipport=6230
in theOptions
field.
Use with Nested-ESXi and vCenter Server
Currently, VirtualBMC for vSphere can't be registered as the BMC for ESXi. So saddly the vSphere Distributed Power Management (DPM) can't work in the nested environment.
It seems the pyghmi.ipmi.bmc
and its session control on which VirtualBMC depends doesn't seem to be able to negotiate in IPMI with vCenter Server when the new BMC has added.
I'm not familiar with IPMI, normally, when working with ipmitool
and the like, the first data frame is the command to get the authentication capabilities (0x38
) as IPMI v1.5 (Authentication Type
= 0x00
). But on a data frame from vCenter Server, the same command is sent as IPMI v2.0 (Authentication Type
= 0x06
). The header structure differs between those versions, so I guess this is why the VirtualBMC can't start a negotiation.
Even if this problem is solved, vSphere and its BMC are expected to closely work with not only power management, so its emulation may be difficult enough to get DPM to work.
UPDATE: I've done patching pyghmi
to be able to handle 0x38
command sent as IPMI v2.0 and now VirtualBMC can negotiate with vCenter Server. But after negotiation vCenter Server send the command to get channel information (NetFn
= 0x06
, Command
= 0x42
, Channel
= 0x0e
) that difficult to emulate responses.
Reference resources
This project is started based on the copy of VirtualBMC 2.1.0.dev and customized to support the VMware vSphere environment instead of the OpenStack.
- Original VirtualBMC documentation (for OpenStack): https://docs.openstack.org/virtualbmc/latest
- Its source: https://opendev.org/openstack/virtualbmc
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for vbmc4vsphere-0.0.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | a8ccb7e7cbf71a9149b7282877569d189a7f158eb8668af86ad2684962643791 |
|
MD5 | a11dc4a641647b887bf83bd9d92b2df7 |
|
BLAKE2b-256 | 7b0280c8d47e155ef85e97bb231fb8022eb2f0a1085b53cdab5474369043b34f |