RedFish Platform Management

Hardware

Published

April 14, 2023

Modified

November 6, 2024

What is Redfish?

Scalable Platform Management API¹ for out of band system-management…

…defined by the DMTF² (Distributed Management Task Force)
…many improvements over IPMI standard
- …modern technology stack based on HTTPS, JSON and OData
- …secure replacement for IPMI-over-LAN
…purposefully designed for automation around physical platforms
…cross-vendor …interoperable management interface
- …intended to meet OCP (Open Compute Project) remote machine management requirements
- …brought support from industry, i.e. Supermicro, Dell, Mellanox, HP, Intel

Standard design for SDDC (Software Defined Data Center)…

…monitor equipment health …automate alerts
…power cycling …configure/update firmware
…bare-metal provisioning …console sessions
…power & thermal management
…inventory management
…logging data aggregation

Used along with SNIA Swordfish a standard for remote storage management

RESTful

Platform management REST API

…HTTPS in JSON format based on OData v4
…schema-backed but human-readable …usable by web-apps, GUIs and CLI scripts
…supports custom extension (i.e. SNMP) with OEM schema

Resource map (simplified)…

…GET https://<ip-addr>/redfish/v1/Systems/<id>/Processors/<id>
…major resources in collections …allow aggregation over many nodes/racks

…all resources linked from service entry point:

/redfish/v1/                   # service entry point...
           /Accounts/...
           /Events/...
           /Systems/...        # logical view of a computer systems
                   /<id>/Processor
                        /Disk
                        /...
           /Chassis/...        # physical view of a computer system
                   /<id>/Power
                        /Termal
                        /...
           /Managers/...       # administrative functions aka BMC
                    /<id>/LogService
                         /SerialInterface
                         /...
           /...

Data Model (Schema)

First versions mimics functionality provided by IPMI…

System data… /redfish/v1/Systems
- …status & health …fan speed …temperatures
- …hardware inventory …CPUs, memory, storage, network devices
- …host OS information
Hardware management functionality… /redfish/v1/Chassis
- …power cycle …reboot …boot device order
- …power thresholds
- …alerting …notifications (via email)
- …event logs
- …SSH serial console
BMC management… /redfish/v1/Managers
- …network configuration …user accounts
- …chassis inventory …DCIM sensors

Beyond the first versions …added support for data center equipment…

Power (meters, generators, UPS, PDUs) …/redfish/v1/DCMICooling
Cooling (chillers, pumps, fans, sensors) …/redfish/v1/DCMIPower
…alarm modeling …triggers & notifications

Mockup explorer for the data schema: https://redfish.dmtf.org/redfish/mockups/v1

Redfish Mockup Server…

# ...get the container
podman pull dmtf/redfish-mockup-server:latest
# ...start the container
podman run --rm dmtf/redfish-mockup-server:latest
# ...send a simple query
curl 0.0.0.0:8000/redfish

Usage

REST API

Query the Redfish API³ with curl…

# set variables..
bmc=
user=
password=

# get the security token and store it to a file
curl -k -H "Content-Type: application/json" \
     -X POST https://${bmc}/redfish/v1/SessionService/Sessions \
     -d '{"UserName" : "$user", "Password" : "$password"}' \
     -D headers.txt

# read the security token into a variable
token=$(grep X-Auth-Token headers.txt |cut -d ':' -f 2)

# query the chassis information
curl -k -H "${token}" -X GET https://${bmc}/redfish/v1/Chassis/1 | jq '.'

Modify data…

>>> curl -s ${address}/redfish/v1/Chassis/1U | jq .Location.Placement
>>> cat location_update.json
{
    "Location": {
        "Placement": {
            "Rack": "DB06",
            "RackOffset": 8,
            "RackOffsetUnits": "EIA_310",
            "Row": "North"
          }
    }
}
# ...send the patch request
>>> curl -s -X PATCH -d @./location_update.json \
          -H 'Content-Type: application/json' \
          ${address}/redfish/v1/Chassis/1U

Redfishtool

redfishtool⁴ implements the client side of the Redfish RESTful API:

…negotiates the latest Redfish protocol version …send and receive Redfish requests
…automatically handles multiple queries to a redfish service (to traverse the data schema)
…common functionality like …power-on/off/reset …setting power limits …indicator LEDs

sudo dnf install -y python3-pip
pip install redfishtool

The redfishtool requires authentication options…

redfishtool -u $BMC_USER -p "$BMC_PPASSWORD" -S Always -r $bmc_fqdn -ssss root

Tacklebox

Redfish Tacklebox⁵ …contains utilities to perform management operations:

sudo dnf install -y python3-pip   # dependency

# install in user-space
pip install redfish_utilities -U

Commands are prefixed with rf_* and use a common set of generic connection options:

Option	Description
`-u`/`--user`	User account used to login
`-p`/`--password`	Login password
`-r`/`--rhost`	Service module IP-address of hostname

Helper shell-function to inject account options…

redfish-tacklebox() {
        local rf_options="--user $BMC_USER --password '$BMC_PASSWORD'"
        local rf_command=rf_${1}.py
        shift
        exec="$rf_command $rf_options $@"
        eval $exec
}
alias rf=redfish-tacklebox

Example usage:

rf sensor_list -r https://$bmc_fqdn
# additional command-line arguments are passed...
rf raw_request -r https://$bmc_fqdn -req /redfish/v1/UpdateService

Ansible

DMTF provides a generic Ansible playbook⁶

Footnotes

Redfish Standard & Specifications
https://www.dmtf.org/standards/redfish ↩︎
DMTF’s Redfish Developer Hub
https://redfish.dmtf.org
https://github.com/DMTF
https://www.youtube.com/c/DmtfOrg ↩︎
Redfish User Guide (2022)
https://www.dmtf.org/sites/default/files/standards/documents/DSP2060_1.0.0.pdf ↩︎
Redfishtool
https://github.com/DMTF/Redfishtool ↩︎
RedFish Tacklebox
https://pypi.org/project/redfish-utilities/
https://github.com/DMTF/Redfish-Tacklebox ↩︎
Asnible Playbook, GitHub
https://github.com/DMTF/Redfish-Ansible-Playbooks ↩︎

--- title: RedFish Platform Management categories: - Hardware date: 2023/04/14 date-modified: 2024/11/06 toc-expand: 3 --- # What is Redfish? Scalable Platform Management API[^l1iEv] for out of band system-management... - ...defined by the **DMTF**[^NoLqs] (Distributed Management Task Force) - ...many improvements over IPMI standard - ...modern technology stack based on HTTPS, JSON and OData - ...secure replacement for IPMI-over-LAN - ...purposefully designed for automation around physical platforms - ...cross-vendor ...interoperable management interface - ...intended to meet OCP (Open Compute Project) remote machine management requirements - ...brought support from industry, i.e. Supermicro, Dell, Mellanox, HP, Intel [^NoLqs]: DMTF’s Redfish Developer Hub <https://redfish.dmtf.org> <https://github.com/DMTF> <https://www.youtube.com/c/DmtfOrg> [^l1iEv]: Redfish Standard & Specifications <https://www.dmtf.org/standards/redfish> Standard design for **SDDC** (Software Defined Data Center)... - ...monitor equipment health ...automate alerts - ...power cycling ...configure/update firmware - ...bare-metal provisioning ...console sessions - ...power & thermal management - ...inventory management - ...logging data aggregation Used along with SNIA Swordfish a standard for remote storage management # RESTful Platform management **REST API** - ...HTTPS in JSON format based on OData v4 - ...schema-backed but human-readable ...usable by web-apps, GUIs and CLI scripts - ...supports custom extension (i.e. SNMP) with OEM schema Resource map (simplified)... - ...`GET https://<ip-addr>/redfish/v1/Systems/<id>/Processors/<id>` - ...major resources in collections ...allow aggregation over many nodes/racks ...all resources linked from **service entry point**: ```sh /redfish/v1/ # service entry point... /Accounts/... /Events/... /Systems/... # logical view of a computer systems /<id>/Processor /Disk /... /Chassis/... # physical view of a computer system /<id>/Power /Termal /... /Managers/... # administrative functions aka BMC /<id>/LogService /SerialInterface /... /... ``` # Data Model (Schema) First versions mimics functionality provided by IPMI... - **System** data... `/redfish/v1/Systems` - ...status & health ...fan speed ...temperatures - ...hardware inventory ...CPUs, memory, storage, network devices - ...host OS information - **Hardware** management functionality... `/redfish/v1/Chassis` - ...power cycle ...reboot ...boot device order - ...power thresholds - ...alerting ...notifications (via email) - ...event logs - ...SSH serial console - **BMC** management... `/redfish/v1/Managers` - ...network configuration ...user accounts - ...chassis inventory ...DCIM sensors Beyond the first versions ...added support for data center equipment... - **Power** (meters, generators, UPS, PDUs) ...`/redfish/v1/DCMICooling` - **Cooling** (chillers, pumps, fans, sensors) ...`/redfish/v1/DCMIPower` - ...alarm modeling ...triggers & notifications Mockup explorer for the data schema: <https://redfish.dmtf.org/redfish/mockups/v1> [Redfish Mockup Server](https://github.com/DMTF/Redfish-Mockup-Server)... ```sh # ...get the container podman pull dmtf/redfish-mockup-server:latest # ...start the container podman run --rm dmtf/redfish-mockup-server:latest # ...send a simple query curl 0.0.0.0:8000/redfish ``` # Usage ## REST API Query the Redfish API[^QRDjk] with `curl`... [^QRDjk]: Redfish User Guide (2022) <https://www.dmtf.org/sites/default/files/standards/documents/DSP2060_1.0.0.pdf> ```sh # set variables.. bmc= user= password= # get the security token and store it to a file curl -k -H "Content-Type: application/json" \ -X POST https://${bmc}/redfish/v1/SessionService/Sessions \ -d '{"UserName" : "$user", "Password" : "$password"}' \ -D headers.txt # read the security token into a variable token=$(grep X-Auth-Token headers.txt |cut -d ':' -f 2) # query the chassis information curl -k -H "${token}" -X GET https://${bmc}/redfish/v1/Chassis/1 | jq '.' ``` Modify data... ```sh >>> curl -s ${address}/redfish/v1/Chassis/1U | jq .Location.Placement >>> cat location_update.json { "Location": { "Placement": { "Rack": "DB06", "RackOffset": 8, "RackOffsetUnits": "EIA_310", "Row": "North" } } } # ...send the patch request >>> curl -s -X PATCH -d @./location_update.json \ -H 'Content-Type: application/json' \ ${address}/redfish/v1/Chassis/1U ``` ## Redfishtool `redfishtool`[^oSLyM] implements the client side of the Redfish RESTful API: [^oSLyM]: Redfishtool <https://github.com/DMTF/Redfishtool> - ...negotiates the latest Redfish protocol version ...send and receive Redfish requests - ...automatically handles multiple queries to a redfish service (to traverse the data schema) - ...common functionality like ...power-on/off/reset ...setting power limits ...indicator LEDs ```sh sudo dnf install -y python3-pip pip install redfishtool ``` The `redfishtool` requires authentication options... ```bash redfishtool -u $BMC_USER -p "$BMC_PPASSWORD" -S Always -r $bmc_fqdn -ssss root ``` ## Tacklebox Redfish Tacklebox[^oxfLX] …contains utilities to perform management operations: [^oxfLX]: RedFish Tacklebox <https://pypi.org/project/redfish-utilities/> <https://github.com/DMTF/Redfish-Tacklebox> ```bash sudo dnf install -y python3-pip # dependency # install in user-space pip install redfish_utilities -U ``` Commands are prefixed with `rf_*` and use a common set of **generic connection options**: Option | Description -------|------------------ `-u`/`--user` | User account used to login `-p`/`--password` | Login password `-r`/`--rhost` | Service module IP-address of hostname Helper shell-function to inject account options… ```bash redfish-tacklebox() { local rf_options="--user $BMC_USER --password '$BMC_PASSWORD'" local rf_command=rf_${1}.py shift exec="$rf_command $rf_options $@" eval $exec } alias rf=redfish-tacklebox ``` Example usage: ```bash rf sensor_list -r https://$bmc_fqdn # additional command-line arguments are passed... rf raw_request -r https://$bmc_fqdn -req /redfish/v1/UpdateService ``` ## Ansible DMTF provides a generic Ansible playbook[^VS0n0] [^VS0n0]: Asnible Playbook, GitHub <https://github.com/DMTF/Redfish-Ansible-Playbooks>