Difference between revisions of "RMU build Gen-1.5: IV. Best Practices - E. Enable Remote Access to Servers Console"
From Internet Computer Wiki
Katie.peters (talk | contribs) (Finished page) |
Katie.peters (talk | contribs) |
||
Line 109: | Line 109: | ||
# Within a few minutes, you should see all of your iDRAC devices appear in your main teleport Web UI | # Within a few minutes, you should see all of your iDRAC devices appear in your main teleport Web UI | ||
− | ==Continue to next section: [[RMU build Gen-1.5: IV. Best Practices - F. | + | ==Continue to next section: [[RMU build Gen-1.5: IV. Best Practices - F. Enable GUI Access to OPNsense devices|F. Enable GUI Access to OPNsense devices]]== |
Go to the index of the [[RMU build Gen-1.5|Gen-1.5 RMU build runbook]]. | Go to the index of the [[RMU build Gen-1.5|Gen-1.5 RMU build runbook]]. |
Latest revision as of 19:02, 1 March 2024
This page is part of the Gen-1.5 RMU build runbook.
Go back to the previous section: D. Update Firmware on SuperMicro Nodes
E. Enable Remote Access to Servers Console (Recommended)
These processes are dependent on the Dell OpenManage Enterprise (OME) installation.
Allow iDRACs To Be Browsable Through Teleport
- Select
Devices
in the top navigation bar - Select the Checkbox towards the middle of the screen and then check
Across all pages
to select all your nodes - Select the
More Actions
drop down and then selectRACADM CLI
- In the Arguments box, enter
set idrac.webserver.HostHeaderCheck 0
- Ensure that Selected devices includes all your nodes
- Select
Finish
- Select
Monitor
in the top navigation bar and then select Jobs. - Find the Remote command line job and select it
- Select
View Details
- You will see each of your nodes, feel free to select one and you should see more details for that specific node on the right side of the screen.
.
Add Teleport Entries For BMC/iDRAC access
- (No longer needed for the idrac.sh script) On the MaaS server, in a shell (access via Teleport MaaS SSH access as user
admin
), configure themaas
command:sudo apt install jq -Y sudo maas apikey --username dfnadmin stuff:stuff:stuff maas login maas http://localhost:5240/MAAS API key (leave empty for anonymous access): <enter the api key above>
- Rename the
/etc/teleport
.yaml file to/etc/teleport.yaml-base
:sudo mv /etc/teleport.yaml /etc/teleport.yaml-base
- Copy the following into a file called
idrac.sh
on the MaaS server:#! /usr/bin/env bash # Start with the base /etc/teleport.yaml file and add # the iDRAC device entries to it. if [ -r /etc/teleport.yaml-base ] ; then cp /etc/teleport.yaml-base /etc/teleport.yaml else echo "/etc/teleport.yaml-base not found. Aborting." exit 1 fi # Add a comment at the end of the base configuration to # indicate where the automagic script configuration starts. echo "### Automation added below ###" >> /etc/teleport.yaml echo "Finding iDRAC devices..." # Only pull out the DHCP Dynamic Range (from MaaS) grep '10.10.100.[56789][0-9]' /var/log/syslog | grep DHCPACK | while read a a a a a a a IP a a NAME stuff do echo "$NAME $IP" done | # Get rid of the duplicates sort -u | # Walk the list of NAME/IP and clean up the values while read NAME IP do # Sanitize the NAME variable by removing the '()' and lower casing it NAME="$(echo $NAME | sed -e 's/[()]//g' | tr [:upper:] [:lower:])" echo "$NAME $IP" done | # Add the host to the /etc/teleport.yaml while read NAME IP do echo "Adding ${NAME} to /etc/teleport.yaml ..." tee -a /etc/teleport.yaml <<EOF - name: ${NAME}-idrac uri: https://${IP}:443 #public_addr: "" public_addr: "${NAME}-idrac.teleport.<dc>.dfinity.network" insecure_skip_verify: true rewrite: headers: - "Host: ${NAME}-idrac.teleport.<dc>.dfinity.network" - "Origin: https://${NAME}-idrac.teleport.<dc>.dfinity.network" labels: dc: "<dc>" type: "bmc" EOF done
- Modify the <dc> to match your location code, save, and run via:
chmod +x ./idrac.sh sudo ./idrac.sh
- It may run for a few moments, and then you are ready to reload the teleport server:
sudo systemctl reload teleport
- Within a few minutes, you should see all of your iDRAC devices appear in your main teleport Web UI
Continue to next section: F. Enable GUI Access to OPNsense devices
Go to the index of the Gen-1.5 RMU build runbook.