search

starbops / kubevirtbmc

Power management for KubeVirt virtual machines through IPMI
Apache License 2.0
18 stars 3 forks source link

[FEATURE] RMCP+ support #30

Open starbops opened 1 month ago

starbops commented 1 month ago

Is your feature request related to a problem? Please describe.

Currently, for the IPMI-over-LAN functionality, KubeVirtBMC only supports RMCP. But nowadays the mainstream is RMCP+, which is with the IPMIv2.

# IPMI 2.0
$ ipmitool -I lanplus -U admin -P password -H  172.19.31.70 power status
Error: Unable to establish IPMI v2 / RMCP+ session

# IPMI 1.5
$ ipmitool -I lan -U admin -P password -H  172.19.31.70 power status
Chassis Power is on

For example, bmclib does not support IPMI v1.5 at all. The flag -I lanplus is hardcoded in every ipmitool commands executed: https://github.com/bmc-toolbox/bmclib/blob/8a5f5a1a243c8f6174bb139a45c6cba30dabff9c/internal/ipmi/ipmi.go#L77

On the other hand, Tinkerbell Rufio leverages bmclib to communicate with target machine's BMC. As a result, KubeVirtBMC does not play well with Rufio. You'll get something like the following when adding a new Machine object:

{"level":"info","controller":"machine","controllerGroup":"bmc.tinkerbell.org","controllerKind":"Machine","Machine":{"name":"machine-1","namespace":"tink-system"},"namespace":"tink-system","name":"machi
ne-1","reconcileID":"9e871bba-03b2-42f2-bdb9-99b36ef83783","host":"172.19.31.70","username":"admin","v":0,"logger":"controllers/Machine","error":"8 errors occurred:\n\t* provider: asrockrack: failed to
 login\n\t* provider: supermicro: 404: failed to login\n\t* provider: gofish: 404: 404 page not found\n\n\t* provider: dell: 404: 404 page not found\n\n\t* provider: openbmc: not an OpenBMC device\n\t*
 provider: ipmitool: Error: Unable to establish IPMI v2 / RMCP+ session: exit status 1\n\t* provider: IntelAMT: unable to perform digest auth with http://172.19.31.70:16992/wsman: Post \"http://172.19.
31.70:16992/wsman\": context deadline exceeded\n\t* no Opener implementations found\n\n","providersAttempted":["gofish","dell","openbmc","ipmitool","asrockrack","IntelAMT","supermicro"],"successfulProv
ider":[],"caller":"/workspace/controller/client.go:39","time":"2024-10-23T09:14:24Z","message":"Failed to open connection to BMC"}
{"level":"error","controller":"machine","controllerGroup":"bmc.tinkerbell.org","controllerKind":"Machine","Machine":{"name":"machine-1","namespace":"tink-system"},"namespace":"tink-system","name":"mach
ine-1","reconcileID":"9e871bba-03b2-42f2-bdb9-99b36ef83783","error":"failed to open connection to BMC: 8 errors occurred:\n\t* provider: asrockrack: failed to login\n\t* provider: supermicro: 404: fail
ed to login\n\t* provider: gofish: 404: 404 page not found\n\n\t* provider: dell: 404: 404 page not found\n\n\t* provider: openbmc: not an OpenBMC device\n\t* provider: ipmitool: Error: Unable to estab
lish IPMI v2 / RMCP+ session: exit status 1\n\t* provider: IntelAMT: unable to perform digest auth with http://172.19.31.70:16992/wsman: Post \"http://172.19.31.70:16992/wsman\": context deadline excee
ded\n\t* no Opener implementations found\n\n","logger":"controllers/Machine","host":"172.19.31.70","caller":"/workspace/controller/machine.go:121","time":"2024-10-23T09:14:24Z","message":"BMC connectio
n failed"}

Describe the solution you'd like

Support RMCP+ protocol.

Describe alternatives you've considered

We can propose support for IPMI 1.5 for those projects. However, we don't know whether they are willing to support it, a fairly old standard that has been proven insecure.

Additional context

N/A

starbops commented 4 days ago

This project seems to support RMCP+ and might be worth looking at.