Chapter 23. Remote management with IPMI and Redfish by using the rhel_mgmt collection

23.1. Setting the boot device by using the rhel_mgmt.ipmi_boot module
Copiar enlace

You can set the boot device of a host by using the ipmi_boot module of the redhat.rhel_mgmt collection. This module uses the Intelligent Platform Management Interface (IPMI) to perform this operation.

Important

When you use this Ansible module, three hosts are involved: the control node, the managed node, and the host with the baseboard management controller (BMC) on which the actual IPMI operation is applied. The control node executes the playbook on the managed node. The managed host connects to the remote BMC to execute the IPMI operation. For example, if you set hosts: managed-node-01.example.com and name: server.example.com in the playbook, then managed-node-01.example.com changes the setting by using IPMI on server.example.com.

Prerequisites

You have prepared the control node and the managed nodes.
You are logged in to the control node as a user who can run playbooks on the managed nodes.
The account you use to connect to the managed nodes has sudo permissions on them.
The ansible-collection-redhat-rhel_mgmt package is installed on the control node.
You have credentials to access the BMC, and these credentials have permissions to change settings.
The managed node can access the remote BMC over the network.

Procedure

Store your sensitive variables in an encrypted file:
1. Create the vault:
  $ ansible-vault create ~/vault.yml New Vault password: <vault_password> Confirm New Vault password: <vault_password>
  Copy to Clipboard Toggle word wrap
2. After the ansible-vault create command opens an editor, enter the sensitive data in the <key>: <value> format:
  ipmi_usr: <username> ipmi_pwd: <password>
  Copy to Clipboard Toggle word wrap
3. Save the changes, and close the editor. Ansible encrypts the data in the vault.
Create a playbook file, for example, ~/playbook.yml, with the following content:
```
---
- name: Set the boot device by using IPMI
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Install python3-pyghmi prerequisite
      ansible.builtin.dnf:
        name: python3-pyghmi
        state: latest

    - name: Set the boot device to hd
      redhat.rhel_mgmt.ipmi_boot:
        name: <bmc_hostname_or_ip_address>
        port: <bmc_port_number>
        user: "{{ ipmi_usr }}"
        password: "{{ ipmi_pwd }}"
        bootdev: hd
        persistent: true
```
```
---
- name: Set the boot device by using IPMI
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Install python3-pyghmi prerequisite
      ansible.builtin.dnf:
        name: python3-pyghmi
        state: latest

    - name: Set the boot device to hd
      redhat.rhel_mgmt.ipmi_boot:
        name: <bmc_hostname_or_ip_address>
        port: <bmc_port_number>
        user: "{{ ipmi_usr }}"
        password: "{{ ipmi_pwd }}"
        bootdev: hd
        persistent: true
```
Copy to Clipboard Toggle word wrap
The settings specified in the example playbook include the following:
name: <bmc_hostname_or_ip_address>
Defines the hostname or IP address of the BMC. This is the BMC of the host on which the managed node performs the action.
port: <bmc_port_number>
Sets the Remote Management Control Protocol (RMCP) port number. The default is 623.
bootdev: <value>
Sets the boot device. You can select one of the following values:
hd: Boots from the hard disk.
network: Boots from network.
optical: Boots from an optical drive, such as a DVD-ROM.
floppy: Boots from a floppy disk.
safe: Boots from hard drive in safe mode.
setup: Boots into the BIOS or UEFI.
default: Removes any IPMI-directed boot device request.
persistent: <true|false>
Configures whether the remote host uses the defined setting for all future boots or only for the next one. By default, this variable is set to false. Note that not all BMCs support setting the boot device persistently.
For details about all variables used in the playbook, use the ansible-doc redhat.rhel_mgmt.ipmi_boot command on the control node to display the documentation of the module.
Validate the playbook syntax:
```
ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
```
$ ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
Copy to Clipboard Toggle word wrap
Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

Run the playbook:

ansible-playbook --ask-vault-pass ~/playbook.yml

$ ansible-playbook --ask-vault-pass ~/playbook.yml

Copy to Clipboard

Toggle word wrap

23.2. Setting the system power state by using the rhel_mgmt.ipmi_power module
Copiar enlace

You can set the hardware state by using the ipmi_power module of the redhat.rhel_mgmt collection. For example, you can ensure that a host is powered on or hard-reset it without involvement of the operating system.

The ipmi_power module uses the Intelligent Platform Management Interface (IPMI) to perform operations.

Important

When you use this Ansible module, three hosts are involved: the control node, the managed node, and the host with the baseboard management controller (BMC) on which the actual IPMI operation is applied. The control node executes the playbook on the managed node. The managed host connects to the remote BMC to execute the IPMI operation. For example, if you set hosts: managed-node-01.example.com and name: server.example.com in the playbook, then managed-node-01.example.com changes the setting by using IPMI on server.example.com.

Prerequisites

You have prepared the control node and the managed nodes.
You are logged in to the control node as a user who can run playbooks on the managed nodes.
The account you use to connect to the managed nodes has sudo permissions on them.
The ansible-collection-redhat-rhel_mgmt package is installed on the control node.
You have credentials to access the BMC, and these credentials have permissions to change settings.
The managed node can access the remote BMC over the network.

Procedure

Store your sensitive variables in an encrypted file:
1. Create the vault:
  $ ansible-vault create ~/vault.yml New Vault password: <vault_password> Confirm New Vault password: <vault_password>
  Copy to Clipboard Toggle word wrap
2. After the ansible-vault create command opens an editor, enter the sensitive data in the <key>: <value> format:
  ipmi_usr: <username> ipmi_pwd: <password>
  Copy to Clipboard Toggle word wrap
3. Save the changes, and close the editor. Ansible encrypts the data in the vault.

Create a playbook file, for example, ~/playbook.yml, with the following content:

---
- name: Configure the system state by using IPMI
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Install python3-pyghmi prerequisite
      ansible.builtin.dnf:
        name: python3-pyghmi
        state: latest

    - name: Ensure a machine is powered on
      redhat.rhel_mgmt.ipmi_power:
        name: <bmc_hostname_or_ip_address>
        port: <bmc_port_number>
        user: "{{ ipmi_usr }}"
        password: "{{ ipmi_pwd }}"
        state: on

---
- name: Configure the system state by using IPMI
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Install python3-pyghmi prerequisite
      ansible.builtin.dnf:
        name: python3-pyghmi
        state: latest

    - name: Ensure a machine is powered on
      redhat.rhel_mgmt.ipmi_power:
        name: <bmc_hostname_or_ip_address>
        port: <bmc_port_number>
        user: "{{ ipmi_usr }}"
        password: "{{ ipmi_pwd }}"
        state: on

Copy to Clipboard

Toggle word wrap

The settings specified in the example playbook include the following:

name: <bmc_hostname_or_ip_address>

Defines the hostname or IP address of the BMC. This is the BMC of the host on which the managed node performs the action.

port: <bmc_port_number>

Sets the Remote Management Control Protocol (RMCP) port number. The default is 623.

state: <value>

Sets the state which the device should be in. You can select one of the following values:

on: Powers on the system.
off: Powers off the system without notifying the operating system.
shutdown: Requests a shutdown from the operating system.
reset: Performs a hard reset.
boot: Powers on the system if it was switched off, or resets the system if it was switched off.

For details about all variables used in the playbook, use the ansible-doc redhat.rhel_mgmt.ipmi_power command on the control node to display the documentation of the module.

Validate the playbook syntax:
```
ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
```
$ ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
Copy to Clipboard Toggle word wrap
Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

Run the playbook:

ansible-playbook --ask-vault-pass ~/playbook.yml

$ ansible-playbook --ask-vault-pass ~/playbook.yml

Copy to Clipboard

Toggle word wrap

23.3. Managing out-of-band controllers by using the rhel_mgmt.redfish_command module
Copiar enlace

You can send commands to the Redfish API to remotely manage out-of-band (OOB) controllers by using the redfish_command module of the redhat.rhel_mgmt collection. With this module, you can perform a large number of management operations.

For example, you can perform the following operations:

Performing power management actions
Managing virtual media
Managing users of the OOB controller
Updating the firmware

Important

When you use this Ansible module, three hosts are involved: the control node, the managed node, and the host with the OOB controller on which the actual operation is performed. The control node executes the playbook on the managed node, and the managed host connects to the remote OOB controller by using the Redfish API to execute the operation. For example, if you set hosts: managed-node-01.example.com and baseuri: server.example.com in the playbook, then managed-node-01.example.com executes the operation on server.example.com.

Prerequisites

You have prepared the control node and the managed nodes.
You are logged in to the control node as a user who can run playbooks on the managed nodes.
The account you use to connect to the managed nodes has sudo permissions on them.
The ansible-collection-redhat-rhel_mgmt package is installed on the control node.
You have credentials to access the OOB controller, and these credentials have permissions to change settings.
The managed node can access the remote OOB controller over the network.

Procedure

Store your sensitive variables in an encrypted file:
1. Create the vault:
  $ ansible-vault create ~/vault.yml New Vault password: <vault_password> Confirm New Vault password: <vault_password>
  Copy to Clipboard Toggle word wrap
2. After the ansible-vault create command opens an editor, enter the sensitive data in the <key>: <value> format:
  redfish_usr: <username> redfish_pwd: <password>
  Copy to Clipboard Toggle word wrap
3. Save the changes, and close the editor. Ansible encrypts the data in the vault.
Create a playbook file, for example, ~/playbook.yml, with the following content:
```
---
- name: Send commands to OOB controller by using the Redfish API
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Power on the system
      redhat.rhel_mgmt.redfish_command:
        baseuri: <uri>
        username: "{{ redfish_usr }}"
        password: "{{ redfish_pwd }}"
        category: Systems
        command: PowerOn
```
```
---
- name: Send commands to OOB controller by using the Redfish API
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Power on the system
      redhat.rhel_mgmt.redfish_command:
        baseuri: <uri>
        username: "{{ redfish_usr }}"
        password: "{{ redfish_pwd }}"
        category: Systems
        command: PowerOn
```
Copy to Clipboard Toggle word wrap
The settings specified in the example playbook include the following:
baseuri: <uri>
Defines the URI of the OOB controller. This is the OOB controller of the host on which the managed node performs the action.
category: <value>
Sets the category of the command to execute. The following categories are available:
Accounts: Manages user accounts of the OOB controller.
Chassis: Manages chassis-related settings.
Manager: Provides access to Redfish services.
Session: Manages Redfish login sessions.
Systems (default): Manages machine-related settings.
Update: Manages firmware update-related actions.
command: <command>
Sets the command to execute. Depending on the command, it can be necessary to set additional variables.
For details about all variables used in the playbook, use the ansible-doc redhat.rhel_mgmt.redfish_command command on the control node to display the documentation of the module.
Validate the playbook syntax:
```
ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
```
$ ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
Copy to Clipboard Toggle word wrap
Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

Run the playbook:

ansible-playbook --ask-vault-pass ~/playbook.yml

$ ansible-playbook --ask-vault-pass ~/playbook.yml

Copy to Clipboard

Toggle word wrap

23.4. Querying information from out-of-band controllers by using the rhel_mgmt.redfish_info module
Copiar enlace

You can remotely query information from of out-of-band (OOB) controllers through the Redfish API by using the redfish_info module of the redhat.rhel_mgmt collection. To display the returned value, register a variable with the fetched information, and display the content of this variable.

Important

When you use this Ansible module, three hosts are involved: the control node, the managed node, and the host with the OOB controller on which the actual operation is performed. The control node executes the playbook on the managed node, and the managed host connects to the remote OOB controller by using the Redfish API to execute the operation. For example, if you set hosts: managed-node-01.example.com and baseuri: server.example.com in the playbook, then managed-node-01.example.com executes the operation on server.example.com.

Prerequisites

You have prepared the control node and the managed nodes.
You are logged in to the control node as a user who can run playbooks on the managed nodes.
The account you use to connect to the managed nodes has sudo permissions on them.
The ansible-collection-redhat-rhel_mgmt package is installed on the control node.
You have credentials to access the OOB controller, and these credentials have permissions to query settings.
The managed node can access the remote OOB controller over the network.

Procedure

Store your sensitive variables in an encrypted file:
1. Create the vault:
  $ ansible-vault create ~/vault.yml New Vault password: <vault_password> Confirm New Vault password: <vault_password>
  Copy to Clipboard Toggle word wrap
2. After the ansible-vault create command opens an editor, enter the sensitive data in the <key>: <value> format:
  redfish_usr: <username> redfish_pwd: <password>
  Copy to Clipboard Toggle word wrap
3. Save the changes, and close the editor. Ansible encrypts the data in the vault.

Create a playbook file, for example, ~/playbook.yml, with the following content:

---
- name: Query information by using the Redfish API
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Get CPU inventory
      redhat.rhel_mgmt.redfish_info:
        baseuri: <uri>
        username: "{{ redfish_usr }}"
        password: "{{ redfish_pwd }}"
        category: Systems
        command: GetCpuInventory
      register: result

    - name: Display the fetched information
      ansible.builtin.debug:
        msg: "{{ result.redfish_facts.cpu.entries | to_nice_json }}"

---
- name: Query information by using the Redfish API
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Get CPU inventory
      redhat.rhel_mgmt.redfish_info:
        baseuri: <uri>
        username: "{{ redfish_usr }}"
        password: "{{ redfish_pwd }}"
        category: Systems
        command: GetCpuInventory
      register: result

    - name: Display the fetched information
      ansible.builtin.debug:
        msg: "{{ result.redfish_facts.cpu.entries | to_nice_json }}"

Copy to Clipboard

Toggle word wrap

The settings specified in the example playbook include the following:

baseuri: <uri>

Defines the URI of the OOB controller. This is the OOB controller of the host on which the managed node performs the action.

category: <value>

Sets the category of the information to query. The following categories are available:

Accounts: User accounts of the OOB controller
Chassis: Chassis-related settings
Manager: Redfish services
Session: Redfish login sessions
Systems (default): Machine-related settings
Update: Firmware-related settings
All: Information from all categories.

You can also set multiple categories if you use a list, for example ["Systems", "Accounts"].

command: <command>

Sets the query command to execute.

For details about all variables used in the playbook, use the ansible-doc redhat.rhel_mgmt.redfish_info command on the control node to display the documentation of the module.

Validate the playbook syntax:
```
ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
```
$ ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
Copy to Clipboard Toggle word wrap
Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

Run the playbook:

ansible-playbook --ask-vault-pass ~/playbook.yml

$ ansible-playbook --ask-vault-pass ~/playbook.yml

Copy to Clipboard

Toggle word wrap

23.5. Managing BIOS, UEFI, and out-of-band controllers by using the rhel_mgmt.redfish_config module
Copiar enlace

You can configure BIOS, UEFI, and out-of-band (OOB) controllers settings through the Redfish API by using the redfish_config module of the redhat.rhel_mgmt collection. This enables you to modify the settings remotely with Ansible.

Important

When you use this Ansible module, three hosts are involved: the control node, the managed node, and the host with the OOB controller on which the actual operation is performed. The control node executes the playbook on the managed node, and the managed host connects to the remote OOB controller by using the Redfish API to execute the operation. For example, if you set hosts: managed-node-01.example.com and baseuri: server.example.com in the playbook, then managed-node-01.example.com executes the operation on server.example.com.

Prerequisites

You have prepared the control node and the managed nodes.
You are logged in to the control node as a user who can run playbooks on the managed nodes.
The account you use to connect to the managed nodes has sudo permissions on them.
The ansible-collection-redhat-rhel_mgmt package is installed on the control node.
You have credentials to access the OOB controller, and these credentials have permissions to change settings.
The managed node can access the remote OOB controller over the network.

Procedure

Store your sensitive variables in an encrypted file:
1. Create the vault:
  $ ansible-vault create ~/vault.yml New Vault password: <vault_password> Confirm New Vault password: <vault_password>
  Copy to Clipboard Toggle word wrap
2. After the ansible-vault create command opens an editor, enter the sensitive data in the <key>: <value> format:
  redfish_usr: <username> redfish_pwd: <password>
  Copy to Clipboard Toggle word wrap
3. Save the changes, and close the editor. Ansible encrypts the data in the vault.
Create a playbook file, for example, ~/playbook.yml, with the following content:
```
---
- name: Configure BIOS/UEFI settings by using the Redfish API
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Change the boot mode to UEFI
      redhat.rhel_mgmt.redfish_config:
        baseuri: <uri>
        username: "{{ redfish_usr }}"
        password: "{{ redfish_pwd }}"
        category: Systems
        command: SetBiosAttributes
        bios_attributes:
          BootMode: "Uefi"
```
```
---
- name: Configure BIOS/UEFI settings by using the Redfish API
  hosts: managed-node-01.example.com
  vars_files:
    - ~/vault.yml
  tasks:
    - name: Change the boot mode to UEFI
      redhat.rhel_mgmt.redfish_config:
        baseuri: <uri>
        username: "{{ redfish_usr }}"
        password: "{{ redfish_pwd }}"
        category: Systems
        command: SetBiosAttributes
        bios_attributes:
          BootMode: "Uefi"
```
Copy to Clipboard Toggle word wrap
The settings specified in the example playbook include the following:
baseuri: <uri>
Defines the URI of the OOB controller. This is the OOB controller of the host on which the managed node performs the action.
category: <value>
Sets the category of the command to execute. The following categories are available:
Accounts: Manages user accounts of the OOB controller.
Chassis: Manages chassis-related settings.
Manager: Provides access to Redfish services.
Session: Manages Redfish login sessions.
Systems (default): Manages machine-related settings.
Update: Manages firmware update-related actions.
command: <command>
Sets the command to execute. Depending on the command, it can be necessary to set additional variables.
For details about all variables used in the playbook, use the ansible-doc redhat.rhel_mgmt.redfish_config command on the control node to display the documentation of the module.
Validate the playbook syntax:
```
ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
```
$ ansible-playbook --ask-vault-pass --syntax-check ~/playbook.yml
```
Copy to Clipboard Toggle word wrap
Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

Run the playbook:

ansible-playbook --ask-vault-pass ~/playbook.yml

$ ansible-playbook --ask-vault-pass ~/playbook.yml

Copy to Clipboard

Toggle word wrap

Este contenido no está disponible en el idioma seleccionado.

23.1. Setting the boot device by using the rhel_mgmt.ipmi_boot module
Copiar enlace

23.2. Setting the system power state by using the rhel_mgmt.ipmi_power module
Copiar enlace

23.3. Managing out-of-band controllers by using the rhel_mgmt.redfish_command module
Copiar enlace

23.4. Querying information from out-of-band controllers by using the rhel_mgmt.redfish_info module
Copiar enlace

23.5. Managing BIOS, UEFI, and out-of-band controllers by using the rhel_mgmt.redfish_config module
Copiar enlace

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Hacer que el código abierto sea más inclusivo

Acerca de Red Hat

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

Este contenido no está disponible en el idioma seleccionado.

Chapter 23. Remote management with IPMI and Redfish by using the rhel_mgmt collection

23.1. Setting the boot device by using the rhel_mgmt.ipmi_boot moduleCopiar enlaceEnlace copiado en el portapapeles!

23.2. Setting the system power state by using the rhel_mgmt.ipmi_power moduleCopiar enlaceEnlace copiado en el portapapeles!

23.3. Managing out-of-band controllers by using the rhel_mgmt.redfish_command moduleCopiar enlaceEnlace copiado en el portapapeles!

23.4. Querying information from out-of-band controllers by using the rhel_mgmt.redfish_info moduleCopiar enlaceEnlace copiado en el portapapeles!

23.5. Managing BIOS, UEFI, and out-of-band controllers by using the rhel_mgmt.redfish_config moduleCopiar enlaceEnlace copiado en el portapapeles!

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Hacer que el código abierto sea más inclusivo

Acerca de Red Hat

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

23.1. Setting the boot device by using the rhel_mgmt.ipmi_boot module
Copiar enlace

23.2. Setting the system power state by using the rhel_mgmt.ipmi_power module
Copiar enlace

23.3. Managing out-of-band controllers by using the rhel_mgmt.redfish_command module
Copiar enlace

23.4. Querying information from out-of-band controllers by using the rhel_mgmt.redfish_info module
Copiar enlace

23.5. Managing BIOS, UEFI, and out-of-band controllers by using the rhel_mgmt.redfish_config module
Copiar enlace