Unable to get the AMT version for power query
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Triaged
|
Medium
|
Unassigned |
Bug Description
In Maas 3.4, The AMT node is enlisted, but while setting the power type, its not working. It was observed that AMT version is "Intel® Active Management Technology firmware version: 16.1.25-build 2049", which only supports HTTPS and that too port 16993 or 16995 only
But on the other hand the same version of MAAS is working fine for AMT version "Intel® Active Management Technology firmware version: 15.0.10-build 1414" without any issue as it supports HTTP(port 16992).
Going deeper into the code and logs, it was found that for AMT power type, it uses the wsman utility to fetch the "AMT version" on port 16992(which is not supported now for the latest version of AMT) and hence it returns the following error
"Power state could not be queried: Unable to retrieve AMT version: Connection failed. response code = 0#012Couldn't connect to server"
Maas.log:
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
2024-03-
WSMAN version and config:
ubuntu@maas:~$ cat /snap/maas/
#######
#
# Client side settings
#
#######
[client]
agent = openwsman 2.2.0
# file for certificate revocation list (CRL)
# (rfc3280, used by CURL library)
# crlfile =
# set CURLOPT_NOSIGNAL for libcurl
# with multithreading client applications, the libcurl backend might crash if DNS lookups time out.
# setting curlopt_nosignal = 1 prevents these crashes at the risk of hanging DNS lookups.
# see http://
# defaults to 0
curlopt_nosignal = 0
NOTE: FOR INTEL AMT
note-icon End of Support for Non-TLS Connections (Ports 16992, 16994 and 623):
Starting from Alder Lake platforms with Raptor Lake CPUs running Intel CSME 16.1 firmware, remote connections to Intel AMT unsecure TCP/IP ports 16992, 16994 and 623 are no longer supported. TLS ports 16993, 16995 and 664 must be used for connecting to Intel AMT.
Starting from Intel CSME 19 firmware on Arrow Lake platforms, connecting to Intel AMT without TLS is not supported at all (i.e., also local connections must use TLS ports).
You are quite correct. Triaging.