Endel Intel systemer idag kommer med vPro. Dette vil si at det er en slags billig iLO/iDRAC løsning integrert. Systemet jeg konfigurerte hadde en eldre versjon, som kun gir mulighet for å styre power samt konsoll over seriell. For oss er det mer enn godt nok for breakfix ved feil.
I korte trekk hva som må konfigureres.
1. IP på Intel ME firmware. Trykk F9? rett etter BIOS. I utgangspunktet kan Intel ME ligge på samme IP som host, og ta over trafikk på vei inn på maskinen. Av gammel vane liker jeg helst å separere denne trafikken helt.
2. Konfigurer grub
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
# For full documentation of the options in this file, see:
# info -f grub -n 'Simple configuration'
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet elevator=deadline console=ttyS2,115200n8"
GRUB_CMDLINE_LINUX=""
# Uncomment to enable BadRAM filtering, modify to suit your needs
# This works with Linux (no patch required) and with any kernel that obtains
# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
# Uncomment to disable graphical terminal (grub-pc only)
GRUB_TERMINAL="console serial"
GRUB_SERIAL_COMMAND="serial --port=0xc000 --speed=115200 --word=8 --parity=no --stop=1"
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
#GRUB_GFXMODE=640x480
# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
#GRUB_DISABLE_LINUX_UUID=true
# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY="true"
# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"
Kort forklaring på “–port=0xc000”. Denne finner du ved å kjøre:
# dmesg |grep ttyS2 |grep irq
[ 0.527818] 0000:00:03.3: ttyS2 at I/O 0xc000 (irq = 17, base_baud = 115200) is a 16550A
Ser at det stemmer med
# lspci |grep KT
00:03.3 Serial controller: Intel Corporation 82Q35 Express Serial KT Controller (rev 02)
3. Konfigurer systemd med getty.
# systemctl enable serial-getty@ttyS2.service
# systemctl start serial-getty@ttyS2.service
4. Koble til med amttool / amtterm
# export AMT_PASSWORD=passw0rd
# amttool hostname
### AMT info on machine 'hostname' ###
AMT version: 3.2.3
Use of uninitialized value $domainname in printf at /bin/amttool line 244.
Hostname: hostname.
Powerstate: S0
Remote Control Capabilities:
IanaOemNumber 0
OemDefinedCapabilities IDER SOL BiosSetup
SpecialCommandsSupported PXE-boot HD-boot cd-boot
SystemCapabilitiesSupported powercycle powerdown powerup reset
SystemFirmwareCapabilities 0
# amtterm hostname
amtterm: NONE -> CONNECT (connection to host)
ipv4 hostname [192.168.2.3] 16994 open
amtterm: CONNECT -> INIT (redirection initialization)
amtterm: INIT -> AUTH (session authentication)
amtterm: AUTH -> INIT_SOL (serial-over-lan initialization)
amtterm: INIT_SOL -> RUN_SOL (serial-over-lan active)
serial-over-lan redirection ok
connected now, use ^] to escape
Debian GNU/Linux 8 hostname ttyS2
hostname login:
Kan også nå web interface for å styre power, se på events osv på port 16992. eks http://192.168.2.3:16992/
Kilder:
https://linux.die.net/man/7/amt-howto
https://wiki.debian.org/AMT/SerialOverLan
http://0pointer.de/blog/projects/serial-console.html
https://en.wikipedia.org/wiki/Intel_AMT_versions