Ops Center 12.4 access for hardware platforms over IPMI
(Doc ID 2861822.1)
Last updated on DECEMBER 18, 2022
Applies to:
Solaris Operating System - Version 11.4 and laterEnterprise Manager Ops Center - Version 12.4.0 and later
Information in this document applies to any platform.
Symptoms
Some customers have become concerned with IPMI security and access to their hardware platforms. This document has been written to publicly provide an answer to those questions.
Changes
Some customers have tested disabling IPMI in their environment, in an attempt to close what they perceive as a security hole. This is not a viable solution for the Ops Center application, as required functionality is lost. Engineering considers disabling IPMI to be an unsupported configuration for the application.
Ops Center uses both SSH and IPMI to access the iLOM of one of it's assets. However, some critical functionality can only be accessed via IPMI. Based on testing, disabling IPMI causes (at a minimum) the loss of the following functionality:
- iLOM discovery will not be possible
- Power on/off of the chassis will not work
- Firmware upgrades via Ops Center will not work
- Auto-recovery involves power cycling the iLOM, so this also would be expected to fail
It's also likely that ASR functionality will fail for the chassis, if Ops Center is used as the access point to the Oracle back end. This has not been tested, as the configuration is considered unsupported.
This example comes from a failed discovery, after IPMI had been disabled:
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |