Unable to setup BMC/UCS user on Cisco B200 M3

Bug #1300476 reported by Mike Rushton on 2014-03-31
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MAAS
Medium
Jason Hobbs
1.5
Medium
Jason Hobbs
maas (Ubuntu)
Critical
Unassigned
Trusty
Undecided
Unassigned

Bug Description

[Test Case]
Without the Fix:
1. Install MAAS
2. Power on Cisco B Series Nodes to boot from MAAS.
3. Nodes won't have Power Management set. MAAS won't be able to control.

With the Fix:
2. Add Cisco B Series nodes to MAAS:
maas <user> node-group probe-and-enlist-ucsm <cluster_uuid> url=<UCS BMC location, ie. https://10.20.30.5/> username=<bmc user> password=<bmc password>
3. Check that all nodes are added and with power parameters set.

On MAAS 1.5+bzr1977-0ubuntu5 enlisting nodes fails to detect the BMC power type and therefore not able to create a user to control the BMC.

Steps to reproduce:
 1. power on the node.
 2. Check node settings on MaaS Web GUI.

Expected result:
 1. Node shows up on MaaS Web GUI.
 2. The power type is set to IPMI.

Actual results:
 2. Power type is not set.

This is for a Cisco B200 M3 server running UCSM to control the BMC.

Running ipmitool manually on an ephemeral image or manual installation of Ubuntu 12.04.4 or 14.04 fails when trying the following:

ipmitool user list
Get User Access command failed (channel 14, user 1): Invalid command

ipmitool user set name 10 maas
Set User Name command failed (user 10, name maas): Invalid command

Running ipmitool against the system event log(sel), chassis status or lan print all work fine.

Cisco mentions that controlling ipmi directly is disabled by default as well as behind a firewall that is disabled. Going through hardware enablement for UCSM might be the better choice.

Related branches

Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) wrote :
Mike Rushton (leftyfb) on 2014-03-31
description: updated
Julian Edwards (julian-edwards) wrote :

r1977 has known problems with BMC detection, and a trusty upload is coming soon to fix these. If you want to try it out early, please look at the package in https://launchpad.net/~maas-maintainers/+archive/dailybuilds/+packages.

Please note that the new version requires users to re-run maas-import-pxe-files.

Changed in maas:
status: New → Incomplete
Mike Rushton (leftyfb) wrote :

This isn't exactly a matter of detection alone. The Cisco B series uses UCSM to control it's BMC. We will need to work with the HWE team to build in support for UCSM as this is the preferred method of controlling the BMC per Cisco.

That said, just to make sure things work ok, we worked with Cisco to enable their implementation of IPMI following along with: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/2-0/b_UCSM_GUI_Configuration_Guide_2_0/b_UCSM_GUI_Configuration_Guide_2_0_chapter_011100.html#d129007e3491a1635

This will allow us to hard code a username and password for IPMI for all blades in the chassis and utilize IPMI to powercycle the blades. This does not include IPMI functionality to create or edit IPMI authenticated users which is what MASS tries to do.

After enabling IPMI and manually setting the power settings for each node to IPMI and IPMI 2.0 and adding in the hard coded credentials, MAAS was able to start and stop nodes without issue.

We also ran into bug 1293791 again and had to delete the offending lines from the ipmi.template file in /etc/maas/templates/power/

Another issue we ran into which might end up being created as a separate bug was the usb flash drive(s) being detected as /dev/sda and utilizes as the /target installation which promptly runs out of space. I will know more tomorrow once Cisco removes the usb drive(s) and we restart the installations.

On Tuesday 01 Apr 2014 21:30:13 you wrote:
> We also ran into bug 1293791 again and had to delete the offending lines
> from the ipmi.template file in /etc/maas/templates/power/

This is fixed in trunk and the next upload to trusty (once the FFe is
accepted) will mean everyone gets the fix.

Changed in maas:
status: Incomplete → Triaged
importance: Undecided → Medium
tags: added: hwe

Ok thanks for the explanation here, I'll let the hardware enablement team take this over. Andres, I've tagged this "hwe", we can use that as a marker for your team if you like?

tags: added: server-hwe
tags: removed: hwe
Changed in maas:
assignee: nobody → Andres Rodriguez (andreserl)
Changed in maas:
assignee: Andres Rodriguez (andreserl) → Jason Hobbs (jason-hobbs)
Jason Hobbs (jason-hobbs) wrote :

I've been working on adding support for the use of the UCS HTTP-XML API to MAAS. MAAS will be able to probe a UCS instance and enlist the servers it finds. It will also be able to use the UCS HTTP-XML API to power on/off servers.

I have implemented a client for the portion of the UCS XML API required, and have tested that it works with a UCS managing a single server. The next step is integrating the API with MAAS and testing that it works.

Changed in maas:
status: Triaged → In Progress
Jason Hobbs (jason-hobbs) wrote :

I was able to successfully test probe and enlist, commission, and install with two B200 M3's using the new UCS manager API client implementation. The code still needs some clean up before getting merged, but it's working.

Changed in maas:
status: In Progress → Fix Committed
milestone: none → 14.10
Changed in maas (Ubuntu):
importance: Undecided → Critical
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package maas - 1.5+bzr2267-0ubuntu1

---------------
maas (1.5+bzr2267-0ubuntu1) utopic; urgency=medium

  * New upstream bugfix release. Fixes:
    - Hardware Enablement for Cisco B-Series. (LP: #1300476)
    - Allow AMT power type to specify IP Address. (LP: #1308772)
    - Spurious failure when starting and creating lock files. (LP: 1308069)
    - Fix regression introduced by a security fix (LP: #1311433, LP: #1311433)
    - Fix usage of hardware enablement kernels by fixing the preseeds
      (LP: #1310082, LP: #1310076, LP: #1310082)
    - Fix parallel juju deployments. (LP: #1314409)
    - Clear distro_series when stopping node from WebUI (LP: #1316396)
    - Fix click hijacking (LP: #1298784)
    - Fix blocking API client when deleting a resource (LP: #1313556)
    - Do not import Trusty RC images by default (LP: #1311151)
 -- Andres Rodriguez <email address hidden> Tue, 15 Apr 2014 14:41:32 -0400

Changed in maas (Ubuntu):
status: New → Fix Released
Changed in maas:
milestone: 14.10 → none
Changed in maas:
status: Fix Committed → Fix Released

Hello Mike, or anyone else affected,

Accepted maas into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/maas/1.5.1+bzr2269-0ubuntu0.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in maas (Ubuntu Trusty):
status: New → Fix Committed
tags: added: verification-needed
Mike Rushton (leftyfb) wrote :

I have confirmed after adding the above package from proposed, logging into MAAS and running the discovery script probe-and-enlist-ucsm within MAAS we are now able to properly discover the nodes with proper power settings configured. I can also confirm full control of the nodes using the MAAS web UI for commissioning and installation.

sudo apt-cache policy maas
maas:
  Installed: 1.5.1+bzr2269-0ubuntu0.1
  Candidate: 1.5.1+bzr2269-0ubuntu0.1
  Version table:
 *** 1.5.1+bzr2269-0ubuntu0.1 0
        500 http://us.archive.ubuntu.com/ubuntu/ trusty-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     1.5+bzr2252-0ubuntu1 0
        500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package maas - 1.5.1+bzr2269-0ubuntu0.1

---------------
maas (1.5.1+bzr2269-0ubuntu0.1) trusty; urgency=medium

  * Stable Release Update (LP: #1317601):
    - Hardware Enablement for Cisco B-Series. (LP: #1300476)
    - Allow AMT power type to specify IP Address. (LP: #1308772)
    - Spurious failure when starting and creating lock files. (LP: 1308069)
    - Fix usage of hardware enablement kernels by fixing the preseeds
      (LP: #1310082, LP: #1310076, LP: #1310082)
    - Fix parallel juju deployments. (LP: #1314409)
    - Clear distro_series when stopping node from WebUI (LP: #1316396)
    - Fix click hijacking (LP: #1298784)
    - Fix blocking API client when deleting a resource (LP: #1313556)
    - Do not import Trusty RC images by default (LP: #1311151)
    - debian/control: Add missing dep on python-crochet for
      python-maas-provisioningserver (LP: #1311765)
 -- Andres Rodriguez <email address hidden> Fri, 09 May 2014 22:35:43 -0500

Changed in maas (Ubuntu Trusty):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for maas has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers