Devices with Intel vPro processors have an out-of-band management solution built-in with Intel AMT. Adding support for AMT to PBnJ will enable BMC-like interactions to systems with these processors. This will allow full Tinkerbell management of hardware often used for small-scale cluster testing on hardware like Intel NUCs.
Expected Behaviour
PBnJ should communicate with AMT over the SOAP-based WS-Management interface to perform BMC interactions like power cycling and PXE booting the target device. Initial manual configuration to enable AMT is expected.
Current Behaviour
Currently PBnJ does not support AMT.
Possible Solution
Intel AMT has a SOAP-based WS-Management interface for interacting out-of-band with AMT systems. There are a few potential starting points below with code that communicates over this interface.
Resources:
Intel has released the Open Active Management Technology (Open AMT) Cloud Toolkit (docs, source) which provides a set of microservices and libraries for integrating AMT. The Remote Provisioning Client (RPC) may be the most helpful piece, as it's written in go and interacts with AMT directly over the WS-MAN interface. (docs, source).
There is also OpenWSMAN (site, wiki, source. This was originally developed and open-sourced by Intel and looks to be in C++.
I'm building a small cluster with 3 Intel NUCs to demonstrate EKS Anywhere, which uses Tinkerbell and PBnJ.
Your Environment
Operating System and version (e.g. Linux, Windows, MacOS):
Tinkerbell services are running in a kind cluster on an AL2 VM on a Mac OSX laptop.
How are you running Tinkerbell? Using Vagrant & VirtualBox, Vagrant & Libvirt, on Packet using Terraform, or give details:
Tinkerbell services are incorporated into EKS Anywhere.
$ eksctl version
0.117.0-dev+98027776c.2022-11-04T12:59:49Z
$ eksctl anywhere version
v0.12.1
* Hardware (x3)
Intel NUCs Model: SBNUC11TNHv50L0
32 GB memory: F4-2400C16D-32GRS
500 GB SSD: MZ-77E500B-AM
* Link to your project or a code example to reproduce issue:
n/a
## Background
[Intel Active Management Technology (AMT)](https://www.intel.com/content/www/us/en/developer/articles/guide/getting-started-with-active-management-technology.html) is part of Intel vPro. If you have a vPro processor, you have AMT.
## Other Potential Resources
There is also the High Level API (HLAPI) written in C# (seems to be Windows-focused):
[Intel AMT High-level API (HLAPI) overview](https://www.intel.com/content/www/us/en/developer/articles/technical/intel-amt-high-level-api-intel-manageability-library-to-manageability-webpage.html)
[Intel AMT High-level API (HLAPI) docs](https://software.intel.com/sites/manageability/HLAPI_Documentation/default.htm)
The docs here seem to indicate Linux is not really supported by the AMT SDK:
[Intel AMT Implementation and Reference Guide](https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm) (includes AMT SDK docs)
(Linux sample app no longer supported, Linux version required is RHEL 5.x)
Devices with Intel vPro processors have an out-of-band management solution built-in with Intel AMT. Adding support for AMT to PBnJ will enable BMC-like interactions to systems with these processors. This will allow full Tinkerbell management of hardware often used for small-scale cluster testing on hardware like Intel NUCs.
Expected Behaviour
PBnJ should communicate with AMT over the SOAP-based WS-Management interface to perform BMC interactions like power cycling and PXE booting the target device. Initial manual configuration to enable AMT is expected.
Current Behaviour
Currently PBnJ does not support AMT.
Possible Solution
Intel AMT has a SOAP-based WS-Management interface for interacting out-of-band with AMT systems. There are a few potential starting points below with code that communicates over this interface.
Resources:
Intel has released the Open Active Management Technology (Open AMT) Cloud Toolkit (docs, source) which provides a set of microservices and libraries for integrating AMT. The Remote Provisioning Client (RPC) may be the most helpful piece, as it's written in go and interacts with AMT directly over the WS-MAN interface. (docs, source).
There is also OpenWSMAN (site, wiki, source. This was originally developed and open-sourced by Intel and looks to be in C++.
An interesting (although dated) write-up on AMT from a discovery and security perspective can be found here: https://www.uberwall.org/bin/download/download/102/lacon12_intel_amt.pdf
Context
I'm building a small cluster with 3 Intel NUCs to demonstrate EKS Anywhere, which uses Tinkerbell and PBnJ.
Your Environment
Operating System and version (e.g. Linux, Windows, MacOS): Tinkerbell services are running in a kind cluster on an AL2 VM on a Mac OSX laptop.
How are you running Tinkerbell? Using Vagrant & VirtualBox, Vagrant & Libvirt, on Packet using Terraform, or give details: Tinkerbell services are incorporated into EKS Anywhere.
$ eksctl anywhere version v0.12.1