[tech] Mooneye and The Mystery (remote) Management Milestone

[dylanh333]

Hi All,

Just a heads up, in case you missed out on the discussions on Discord/IRC last night: we now have functional remote management for Mooneye!
This is specifically of the IPMI kind - sadly not a(n) (i)DRAC - as discovered by James Arcus when he physically had a look at the ports on the back of Mooneye yesterday.

Mooneye's BMC (Baseboard Management Controller) runs/hosts the IPMI service, piggybacks of eth0, and had already been configured previously with the IP address 192.168.2.9 and VLAN 1. The problem looks like it may have arisen since we had our main switch replaced with Kerosene, as the port that Mooneye is plugged into (Gi2/9) was (until last night) configured to be just an acces port on VLAN 2, and it didn't even have a description until the other day.

The fix was to reconfigure Gi2/9 as a trunk port with VLANs 1 and 2 being allowed, and setting VLAN 2 as the native VLAN, so that Mooneye's normal non-VLAN-aware traffic would be placed on VLAN 2 by default. This means that the IPMI traffic being tagged with VLAN 1 by the BMC will (and is) now be(ing) accepted by the switch.

In terms of what can be done with this - you won't be able to get any sort of remote keboard/video/mouse facilities via this (that's what you'd get if it had a DRAC or iDRAC), but you can power cycle Mooneye with it, monitor things like temperature and fan speed, and (by the looks of it) also potentially get remote serial port access.

If you ever want to poke at it, there's more information in /home/wheel/docs/RemoteManagement.org, otherwise you can run `ipmitool -I lan -H 192.168.2.9 -U root shell`, using the older listed password in UCCPass.

Cheers,
Dylan Hicks [333]
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20200421/e2ec1b27/attachment-0001.htm