>>> "Lentes, Bernd" <[email protected]> schrieb am 28.02.2017 um 18:39 in Nachricht <476524732.41182296.1488303562492.javamail.zim...@helmholtz-muenchen.de>: > Hi, > > i have a HP server ML 350 G9 with an ILO4 card. The riloe stonith agent does
> not work, i read in a book the recommendation to use the ipmi ressource agent > instead. Why don't you use SBD (as recommended)? > I'm trying to configure the respective ILO adapter with ipmitool. OMG. > Ipmitool drives me crazy. > It's a SLES 11 SP4 node. I did "/etc/init.d/ipmi start", some modules are > loaded: > > ha-idg-1:~ # lsmod|grep -i ipmi > ipmi_devintf 17560 0 > ipmi_si 53422 0 > ipmi_msghandler 49979 2 ipmi_devintf,ipmi_si > > I have a device file: > > ha-idg-1:~ # ll /dev/ipm* > crw-rw---- 1 root root 246, 0 Feb 28 13:51 /dev/ipmi0 > > What i found out/did already: > > For channel 2 i have two users configured: > > ipmitool> user list 2 > 1 Administrator true false true ADMINISTRATOR > 2 root true false true ADMINISTRATOR > 3 (Empty User) true false false NO ACCESS > 4 (Empty User) true false false NO ACCESS > 5 (Empty User) true false false NO ACCESS > 6 (Empty User) true false false NO ACCESS > 7 (Empty User) true false false NO ACCESS > 8 (Empty User) true false false NO ACCESS > 9 (Empty User) true false false NO ACCESS > 10 (Empty User) true false false NO ACCESS > 11 (Empty User) true false false NO ACCESS > 12 (Empty User) true false false NO ACCESS > > User root has a passsword which i tested via "user test" and it was ok. > > Channel 2: > > ipmitool> channel info 2 > Channel 0x2 info: > Channel Medium Type : 802.3 LAN > Channel Protocol Type : IPMB-1.0 > Session Support : multi-session > Active Session Count : 0 > Protocol Vendor ID : 7154 > Volatile(active) Settings > Alerting : enabled > Per-message Auth : disabled > User Level Auth : enabled > Access Mode : always available > Non-Volatile Settings > Alerting : enabled > Per-message Auth : disabled > User Level Auth : enabled > Access Mode : always available > > ipmitool> lan print 2 > Set in Progress : Set Complete > Auth Type Support : > Auth Type Enable : Callback : > : User : > : Operator : > : Admin : > : OEM : > IP Address Source : DHCP Address > IP Address : 146.107.235.15 > Subnet Mask : 255.255.255.0 > MAC Address : 70:10:6f:47:0c:48 > SNMP Community String : > BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Disabled > Default Gateway IP : 146.107.235.1 > 802.1q VLAN ID : Disabled > 802.1q VLAN Priority : 0 > RMCP+ Cipher Suites : 0,1,2,3 > Cipher Suite Priv Max : XuuaXXXXXXXXXXX > : X=Cipher Suite Unused > : c=CALLBACK > : u=USER > : o=OPERATOR > : a=ADMIN > : O=OEM > > How can i grant principal access to channel 2 ? > I tried: > > ipmitool> lan set 2 access on > Set Channel Access for channel 2 failed: Unknown (0x83) > ipmitool> lan set 2 access ON > lan set access <on|off> > ipmitool> lan set 2 access=ON > lan set access <on|off> > > Does not seem to work. > > I did "lan set user 2", do not know if it's helpful. > > Also: > > ipmitool> channel authcap 2 4 > Channel number : 2 > IPMI v1.5 auth types : > KG status : default (all zeroes) > Per message authentication : disabled > User level authentication : enabled > Non-null user names exist : yes > Null user names exist : no > Anonymous login enabled : no > Channel supports IPMI v1.5 : no > Channel supports IPMI v2.0 : yes > > Don't know if it helps. > > I found > https://www.thomas-krenn.com/de/wiki/IPMI_Konfiguration_unter_Linux_mittels_i > pmitool (sorry, only in german): > > I did, as proposed: > > ha-idg-1:~ # ipmitool lan set 2 auth ADMIN MD5 > ha-idg-1:~ # ipmitool lan set 2 access on > Set Channel Access for channel 2 failed: Unknown (0x83) <===== ??? > > ha-idg-1:~ # ipmitool lan print 2 > Set in Progress : Set Complete > Auth Type Support : > Auth Type Enable : Callback : > : User : > : Operator : > : Admin : > : OEM : > IP Address Source : DHCP Address > IP Address : 146.107.235.15 > Subnet Mask : 255.255.255.0 > MAC Address : 70:10:6f:47:0c:48 > SNMP Community String : > BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Disabled > Default Gateway IP : 146.107.235.1 > 802.1q VLAN ID : Disabled > 802.1q VLAN Priority : 0 > RMCP+ Cipher Suites : 0,1,2,3 > Cipher Suite Priv Max : XuuaXXXXXXXXXXX > : X=Cipher Suite Unused > : c=CALLBACK > : u=USER > : o=OPERATOR > : a=ADMIN > : O=OEM > > Wtf ? Sorry, this is the first time in my carreer that i curse in a mailing > list, but ipmitool really frustrates me. > Why can't i set access to this channel ? I'm running the commands as root. > It's ipmitool 1.8.15. > > Can someone help me in configuring IPMI that i can used it from the other > node to fence this node ? > > Big Thanks in advance. > > > Bernd > > -- > Bernd Lentes > > Systemadministration > institute of developmental genetics > Gebäude 35.34 - Raum 208 > HelmholtzZentrum München > [email protected] > phone: +49 (0)89 3187 1241 > fax: +49 (0)89 3187 2294 > > Erst wenn man sich auf etwas festlegt kann man Unrecht haben > Scott Adams > > > Helmholtz Zentrum Muenchen > Deutsches Forschungszentrum fuer Gesundheit und Umwelt (GmbH) > Ingolstaedter Landstr. 1 > 85764 Neuherberg > www.helmholtz-muenchen.de > Aufsichtsratsvorsitzende: MinDir'in Baerbel Brumme-Bothe > Geschaeftsfuehrer: Prof. Dr. Guenther Wess, Heinrich Bassler, Dr. Alfons > Enhsen > Registergericht: Amtsgericht Muenchen HRB 6466 > USt-IdNr: DE 129521671 > > > _______________________________________________ > Users mailing list: [email protected] > http://lists.clusterlabs.org/mailman/listinfo/users > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: http://bugs.clusterlabs.org _______________________________________________ Users mailing list: [email protected] http://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
