HPE Community
BladeSystem - General
1752578 Members
4971 Online
108788 Solutions
New Discussion

Re: ILO3 & ILO4, fence_ipmilan(RH Cluster Suite) behaviour

 
chuckk281
Trusted Contributor

‎09-11-2012 06:11 AM

‎09-11-2012 06:11 AM

ILO3 & ILO4, fence_ipmilan(RH Cluster Suite) behaviour

Simo had an iLO question when using Red Hat OS.

 

****************

 

Previously only the user with Admin rights has been able to power down or reset the server, but RH added –L option to fence_ipmilan to allow fencing with user session privileges.

Customer installed the latest packages as per https://access.redhat.com/kb/docs/DOC-66997 -L option works now, but the user fenceagent cannot power off the server, even with “virtual power and reset” privileges has been set to it on ILO4. Has anyone else tested this? The following statement clearly explains that with leatest updates you should be able to use user privileges with fence_ipmilan.

 

****************

 

Reply from Jonathan:

 

******************

 

I believe you need to have the “operator” ipmi level, user was insufficient in my testing.

 

</>hpiLO-> show /map1/accounts1/fence 

 

status=0

status_tag=COMMAND COMPLETED

Mon Sep 10 14:41:41 2012

 

/map1/accounts1/fence

  Targets

  Properties

    username=fence

    password=********

    name=fence

    group=oemhp_rc,oemhp_power,oemhp_vm

  Verbs

    cd version exit show create delete set

 

cluster.conf:

<fencedevice agent="fence_ipmilan" ipaddr="mgmt1-ilo" lanplus="1" login="fence" name="mgmt1-ilo" passwd="************" power_wait="4" privlvl="operator"/>

 

***************

 

Any other comments or suggestions?

0 Kudos
Reply
2 REPLIES 2
JKytsi
Honored Contributor

‎01-29-2013 12:17 AM

‎01-29-2013 12:17 AM

Re: ILO3 & ILO4, fence_ipmilan(RH Cluster Suite) behaviour

Although redhata claims that user level is enoug, operator seems to be requirement (at least in RHEL5).

Remember to give Kudos to answers! (click the KUDOS star)

You can find me from Twitter @JKytsi
0 Kudos
Reply
Vincent Kiely
Occasional Advisor

‎08-08-2013 01:51 PM

‎08-08-2013 01:51 PM

Re: ILO3 & ILO4, fence_ipmilan(RH Cluster Suite) behaviour

I can also confirm that this is the case with ILO4 and RHEL6 ( RHEL 6.4 with latest patches)

 

You need to give the user Virtual Console, Power Reset and Virtual Media permissions at the  ILO4 level

 

also specify privlvl=operator in the fence string in the cluster.conf

 

 

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.