1802ab0f0SJoseph Reynolds# OpenBMC interfaces 2802ab0f0SJoseph Reynolds 3802ab0f0SJoseph ReynoldsPurpose: This introduces a simplified view of the BMC's primary interfaces. 4802ab0f0SJoseph ReynoldsIt is intended to provide a reference suitable for a wide audience: 5802ab0f0SJoseph Reynolds - Engineers provide domain expertise in specific areas and learn about use 6802ab0f0SJoseph Reynolds cases and threats their interfaces poses. 7802ab0f0SJoseph Reynolds - Give BMC administrators and system integrators a simplified view of the 8802ab0f0SJoseph Reynolds BMC's system interfaces. For example, to understand which interfaces can 9802ab0f0SJoseph Reynolds be disabled. 10802ab0f0SJoseph Reynolds - Management and security folks need everything to work and play together 11802ab0f0SJoseph Reynolds nicely. For example, to understand the BMC's attack surfaces. 12802ab0f0SJoseph Reynolds 13802ab0f0SJoseph Reynolds## Introduction to the interfaces and services 14802ab0f0SJoseph Reynolds 15802ab0f0SJoseph ReynoldsThis section shows the BMC's primary interfaces and how they are related. It 16802ab0f0SJoseph Reynoldsbegins with the BMC's physical interfaces and moves toward abstractions such 17802ab0f0SJoseph Reynoldsas network services. The intent is to show the interfaces essential to the 18802ab0f0SJoseph ReynoldsOpenBMC project in a framework to reason about which interfaces are present, 19802ab0f0SJoseph Reynoldshow they are related. This provides a foundation to reason about which can be 20802ab0f0SJoseph Reynoldsdisabled, how they are secured, etc. The appendix provides details about each 21802ab0f0SJoseph Reynoldsinterface and service shown. 22802ab0f0SJoseph Reynolds 23802ab0f0SJoseph ReynoldsOpenBMC's services and the interfaces they provide are controlled by 24802ab0f0SJoseph Reynolds`systemd`. This document references OpenBMC `systemd` unit names to help link 25802ab0f0SJoseph Reynoldsconcepts to the source code. The reader is assumed to be familiar with 26802ab0f0SJoseph Reynolds[systemd concepts][]. The templated units ("unit@.service") may be omitted 27802ab0f0SJoseph Reynoldsfor clarity. Relevant details from the unit file may be shown, such as the 28802ab0f0SJoseph Reynoldsprogram which implements a service. 29802ab0f0SJoseph Reynolds 30802ab0f0SJoseph ReynoldsThe OpenBMC [Service Management][] interface can control `systemd` services. 31802ab0f0SJoseph ReynoldsFor example, disabling a BMC service will disable the corresponding external 32802ab0f0SJoseph Reynoldsinterface. 33802ab0f0SJoseph Reynolds 34802ab0f0SJoseph Reynolds[systemd concepts]: https://www.freedesktop.org/software/systemd/man/systemd.html#Concepts 35802ab0f0SJoseph Reynolds[Service Management]: https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Control/Service/README.md 36802ab0f0SJoseph Reynolds 37802ab0f0SJoseph ReynoldsDiagrams are included to help visualize relationships. The diagrams show 38802ab0f0SJoseph Reynoldsmanagement agents on the left side, the BMC in the center, and host elements 39802ab0f0SJoseph Reynoldson the right side. The diagrams are simplified and are not intended to be 40802ab0f0SJoseph Reynoldscomplete. 41802ab0f0SJoseph Reynolds 42802ab0f0SJoseph Reynolds### Physical interfaces 43802ab0f0SJoseph Reynolds 44802ab0f0SJoseph ReynoldsThis shows the BMC's physical connections including network, USB, UART serial, 45802ab0f0SJoseph Reynoldsand connections to its host platform. This uses a simplified view of the host 46802ab0f0SJoseph Reynoldswhich shows only the host interfaces that connect directly to the BMC. A 47802ab0f0SJoseph Reynoldstypical host would have additional connections for console, network, etc. 48802ab0f0SJoseph Reynolds 49802ab0f0SJoseph ReynoldsInterfaces between the BMC and its host platform vary considerably based on 50802ab0f0SJoseph ReynoldsBMC and host platform implementation. The information presented in this 51802ab0f0SJoseph Reynoldssection and its subsections is intended to illustrate common elements, not to 52802ab0f0SJoseph Reynoldsrepresent any particular system. This section is intended to be referenced by 53802ab0f0SJoseph Reynoldsadditional documentation which gives details for specific BMC and host 54802ab0f0SJoseph Reynoldsimplementations. 55802ab0f0SJoseph Reynolds 56802ab0f0SJoseph Reynolds``` 57802ab0f0SJoseph Reynolds +----------------+ +----------------+ 58802ab0f0SJoseph Reynolds | BMC | | Host | 59802ab0f0SJoseph Reynolds | | | | 60802ab0f0SJoseph Reynolds | Network -+- LPC ---+- | 61802ab0f0SJoseph Reynolds -+- eth0 -+--PCIe --+- | 62802ab0f0SJoseph Reynolds -+- eth1 -+--UART --+- | 63802ab0f0SJoseph Reynolds | lo -+- I2C ---+- | 64802ab0f0SJoseph Reynolds | -+--I3C ---+- | 65802ab0f0SJoseph Reynolds | USB -+- SPI ---+- | 66802ab0f0SJoseph Reynolds -+- usb0 -+- PECI --+- | 67802ab0f0SJoseph Reynolds | -+- GPIOs -+- | 68802ab0f0SJoseph Reynolds | Serial -+- UTMI --+- | 69802ab0f0SJoseph Reynolds -+- tty0 | | | 70802ab0f0SJoseph Reynolds | | | | 71802ab0f0SJoseph Reynolds +----------------+ +----------------+ 72802ab0f0SJoseph Reynolds``` 73802ab0f0SJoseph Reynolds 74802ab0f0SJoseph Reynolds#### Host-BMC physical interface transport protocols 75802ab0f0SJoseph Reynolds 76802ab0f0SJoseph ReynoldsThis lists protocols that operate over the BMC-host physical interfaces: 77802ab0f0SJoseph Reynolds - Host IPMI. 78802ab0f0SJoseph Reynolds - [MCTP][]. OpenBMC offers MCTP over LPC, PCIe, UART. 79802ab0f0SJoseph Reynolds - Custom OEM solution. 80*36643e62SJoseph Reynolds - SMBus. 81802ab0f0SJoseph Reynolds 82802ab0f0SJoseph Reynolds[MCTP]: https://www.dmtf.org/sites/default/files/standards/documents/DSP0236_1.3.0.pdf 83802ab0f0SJoseph Reynolds 84802ab0f0SJoseph Reynolds#### Host-BMC data models 85802ab0f0SJoseph Reynolds 86802ab0f0SJoseph ReynoldsThis lists specifications for the data which flows over the BMC-host transport 87802ab0f0SJoseph Reynoldsprotocols: 88802ab0f0SJoseph Reynolds - Host IPMI. 89802ab0f0SJoseph Reynolds - PLDM (DMTF document DSP0240). 90802ab0f0SJoseph Reynolds - Custom OEM solution. 91802ab0f0SJoseph Reynolds 92802ab0f0SJoseph Reynolds### Network services provided 93802ab0f0SJoseph Reynolds 94802ab0f0SJoseph ReynoldsOpenBMC provides services via its management network. The default services 95802ab0f0SJoseph Reynoldsare listed here by port number. More information about each service is given 96802ab0f0SJoseph Reynoldsin sections below or in the appendix. 97802ab0f0SJoseph Reynolds 98802ab0f0SJoseph Reynolds``` 99802ab0f0SJoseph Reynolds +----------------------------------+ 100802ab0f0SJoseph Reynolds | BMC | 101802ab0f0SJoseph Reynolds | | 102802ab0f0SJoseph Reynolds -+-+ Network services | 103802ab0f0SJoseph Reynolds | | | 104802ab0f0SJoseph Reynolds | +-+ TCP ports | 105802ab0f0SJoseph Reynolds | | +- 22 ssh - shell | 106802ab0f0SJoseph Reynolds | | +- 80 HTTP (no connection) | 107802ab0f0SJoseph Reynolds | | +- 443 HTTPS | 108802ab0f0SJoseph Reynolds | | +- 2200 ssh - host console | 109802ab0f0SJoseph Reynolds | | +- 5355 mDNS service discovery | 110802ab0f0SJoseph Reynolds | | | 111802ab0f0SJoseph Reynolds | +-+ UDP ports | 112802ab0f0SJoseph Reynolds | +- 427 SLP | 113*36643e62SJoseph Reynolds | +- 623 RMCP+ IPMI | 114802ab0f0SJoseph Reynolds | +- 5355 mDNS service discovery | 115802ab0f0SJoseph Reynolds | | 116802ab0f0SJoseph Reynolds +----------------------------------+ 117802ab0f0SJoseph Reynolds``` 118802ab0f0SJoseph Reynolds 119802ab0f0SJoseph ReynoldsServices provided to connected clients may use ports for: 120802ab0f0SJoseph Reynolds - Active SSH sessions. 121802ab0f0SJoseph Reynolds - Active KVM-IP sessions. 122802ab0f0SJoseph Reynolds - Active virtual media sessions. 123802ab0f0SJoseph Reynolds 124802ab0f0SJoseph Reynolds### Network services consumed 125802ab0f0SJoseph Reynolds 126802ab0f0SJoseph ReynoldsThis section lists network services used by OpenBMC systems. OpenBMC uses the 127802ab0f0SJoseph Reynoldstypical services in the usual way, such as NTP, DNS, and DHCP. In addition, 128802ab0f0SJoseph ReynoldsOpenBMC uses: 129802ab0f0SJoseph Reynolds - TFTP (disabled by default, when invoked by BMC operator) - Trivial FTP 130802ab0f0SJoseph Reynolds client to fetch firmware images for [code update][]. 131802ab0f0SJoseph Reynolds - SNMP manager to catch [SNMP traps][] (when enabled). 132802ab0f0SJoseph Reynolds 133802ab0f0SJoseph Reynolds[code update]: https://github.com/openbmc/docs/blob/master/code-update/code-update.md 134802ab0f0SJoseph Reynolds[SNMP traps]: https://github.com/openbmc/phosphor-snmp/blob/master/docs/snmp-configuration.md 135802ab0f0SJoseph Reynolds 136802ab0f0SJoseph Reynolds### Host console 137802ab0f0SJoseph Reynolds 138802ab0f0SJoseph ReynoldsOpenBMC provides access to its host's serial console in various ways: 139802ab0f0SJoseph Reynolds - Client access via network IPMI. 140802ab0f0SJoseph Reynolds - Client access via ssh port 2200. 141802ab0f0SJoseph Reynolds - The hostlogger facility. 142802ab0f0SJoseph Reynolds 143802ab0f0SJoseph Reynolds``` 144802ab0f0SJoseph Reynolds +---------------------------+ +-----------------+ 145802ab0f0SJoseph Reynolds | BMC | | Host | 146802ab0f0SJoseph Reynolds ipmitool sol | | | | 147802ab0f0SJoseph Reynolds activate | | | | 148802ab0f0SJoseph Reynolds UDP port 623 .... netipmid ------------} | | | 149802ab0f0SJoseph Reynolds | } | | | 150802ab0f0SJoseph Reynolds ssh -p 2200 ... obmc-console-client -}---+----+- serial UART | 151802ab0f0SJoseph Reynolds TCP port 2200 | } | | console | 152802ab0f0SJoseph Reynolds | hostlogger ----------} | | | 153802ab0f0SJoseph Reynolds | | | | 154802ab0f0SJoseph Reynolds +---------------------------+ +-----------------+ 155802ab0f0SJoseph Reynolds``` 156802ab0f0SJoseph Reynolds 157802ab0f0SJoseph ReynoldsThe [obmc-console][] details how the host UART connection is abstracted within 158802ab0f0SJoseph Reynoldsthe BMC as a Unix domain socket. 159802ab0f0SJoseph Reynolds 160802ab0f0SJoseph Reynolds[obmc-console]: https://github.com/openbmc/obmc-console/blob/master/README.md 161802ab0f0SJoseph Reynolds 162802ab0f0SJoseph Reynolds### Web services 163802ab0f0SJoseph Reynolds 164802ab0f0SJoseph ReynoldsOpenBMC provides a custom HTTP/Web server called BMCWeb. 165802ab0f0SJoseph Reynolds 166802ab0f0SJoseph Reynolds``` 167802ab0f0SJoseph Reynolds +--------------------------------------------------+ 168802ab0f0SJoseph Reynolds | BMC | 169802ab0f0SJoseph Reynolds | | 170802ab0f0SJoseph Reynolds -+-+ Network services | 171802ab0f0SJoseph Reynolds | ++ TCP | 172802ab0f0SJoseph Reynolds | +- 443 HTTPS - BMCWeb -> { static content | 173802ab0f0SJoseph Reynolds | | { Web app (webui) | 174802ab0f0SJoseph Reynolds | +- (other ports) <---+ { Redfish schema | 175802ab0f0SJoseph Reynolds | | | { /login | 176802ab0f0SJoseph Reynolds | V | { Redfish REST APIs | 177802ab0f0SJoseph Reynolds -+- Websockets -+ | { Phosphor REST APIs | 178802ab0f0SJoseph Reynolds | | +<--{-- can set up: | 179802ab0f0SJoseph Reynolds | | { KVM-IP, USB-IP, | 180802ab0f0SJoseph Reynolds | various { Virtual Media | 181802ab0f0SJoseph Reynolds | | 182802ab0f0SJoseph Reynolds +--------------------------------------------------+ 183802ab0f0SJoseph Reynolds``` 184802ab0f0SJoseph Reynolds 185802ab0f0SJoseph ReynoldsIn the diagram, the arrowheads represent the flow of control from web agents to 186802ab0f0SJoseph ReynoldsBMCWeb APIs, some of which set up Websockets which give the network agent 187802ab0f0SJoseph Reynoldsdirect communication with the desired interface (not via BMCWeb). 188802ab0f0SJoseph Reynolds 189802ab0f0SJoseph ReynoldsNote that [BMCWeb is configurable][] at compile time. This section describes 190802ab0f0SJoseph Reynoldsthe default configuration (which serves the HTTP application protocol over the 191802ab0f0SJoseph ReynoldsHTTPS transport protocol on TCP port 443). 192802ab0f0SJoseph Reynolds 193802ab0f0SJoseph Reynolds[BMCWeb is configurable]: https://github.com/openbmc/bmcweb/blob/master/CMakeLists.txt 194802ab0f0SJoseph Reynolds 195802ab0f0SJoseph ReynoldsServices provided: 196802ab0f0SJoseph Reynolds - Web application (phosphor-webui) and other static content 197802ab0f0SJoseph Reynolds - REST APIs including custom phosphor-rest and Redfish APIs 198802ab0f0SJoseph Reynolds - KVM-IP (Keyboard, Video, Mouse over IP) 199802ab0f0SJoseph Reynolds - Virtual media via USB-IP (Universal Serial Bus over IP) 200802ab0f0SJoseph Reynolds - others 201802ab0f0SJoseph Reynolds 202802ab0f0SJoseph Reynolds 203802ab0f0SJoseph Reynolds### Host IPMI services 204802ab0f0SJoseph Reynolds 205802ab0f0SJoseph ReynoldsOpenBMC provides a host IPMI service. 206802ab0f0SJoseph Reynolds 207802ab0f0SJoseph Reynolds``` 208802ab0f0SJoseph Reynolds +---------------+ +-----------------+ 209802ab0f0SJoseph Reynolds | BMC | | Host | 210802ab0f0SJoseph Reynolds | | | | 211802ab0f0SJoseph Reynolds | ipmid -+----+- | 212802ab0f0SJoseph Reynolds | | | | 213802ab0f0SJoseph Reynolds +---------------+ +-----------------+ 214802ab0f0SJoseph Reynolds``` 215802ab0f0SJoseph Reynolds 216802ab0f0SJoseph ReynoldsThe IPMI firmware firewall (which aims to control which host commands and 217802ab0f0SJoseph Reynoldschannels can be used) is not implemented in OpenBMC. There is support for a 218802ab0f0SJoseph Reynolds[Phosphor host IPMI whitelist][] scheme. 219802ab0f0SJoseph Reynolds 220802ab0f0SJoseph Reynolds[Phosphor host IPMI whitelist]: https://github.com/openbmc/openbmc/blob/master/meta-phosphor/classes/phosphor-ipmi-host-whitelist.bbclass 221802ab0f0SJoseph Reynolds 222802ab0f0SJoseph Reynolds### D-Bus interfaces 223802ab0f0SJoseph Reynolds 224802ab0f0SJoseph ReynoldsOpenBMC uses D-Bus interfaces as the primary way to communicate (inter-process 225802ab0f0SJoseph Reynoldscommunication) between OpenBMC applications. Note that other methods are 226802ab0f0SJoseph Reynoldsused, for example Unix domain sockets. 227802ab0f0SJoseph Reynolds 228802ab0f0SJoseph Reynolds``` 229802ab0f0SJoseph Reynolds +--------------------------------------------------+ 230802ab0f0SJoseph Reynolds | BMC | 231802ab0f0SJoseph Reynolds | | 232802ab0f0SJoseph Reynolds | +-------+ | 233802ab0f0SJoseph Reynolds | | D-Bus | | 234802ab0f0SJoseph Reynolds | | -+- bmcweb | 235802ab0f0SJoseph Reynolds | | -+- ipmid | 236802ab0f0SJoseph Reynolds | | -+- ... | 237802ab0f0SJoseph Reynolds | | -+- many more (not shown here) | 238802ab0f0SJoseph Reynolds | | -+- ... | 239802ab0f0SJoseph Reynolds | | | | 240802ab0f0SJoseph Reynolds | +-------+ | 241802ab0f0SJoseph Reynolds | | 242802ab0f0SJoseph Reynolds +--------------------------------------------------+ 243802ab0f0SJoseph Reynolds``` 244802ab0f0SJoseph Reynolds 245802ab0f0SJoseph ReynoldsTo learn more, read the [Phosphor D-Bus interface docs][] and search for 246802ab0f0SJoseph ReynoldsREADME files in various subdirectories under the xyz/openbmc_project path. 247802ab0f0SJoseph Reynolds 248802ab0f0SJoseph Reynolds[Phosphor D-Bus interface docs]: https://github.com/openbmc/phosphor-dbus-interfaces 249802ab0f0SJoseph Reynolds 250802ab0f0SJoseph Reynolds 251802ab0f0SJoseph Reynolds## Interfaces and services 252802ab0f0SJoseph Reynolds 253802ab0f0SJoseph ReynoldsThis section lists each interface and service shown in this document. The 254802ab0f0SJoseph Reynoldsintent is to give the relevance of each item and how to locate details in the 255802ab0f0SJoseph Reynoldssource code. 256802ab0f0SJoseph Reynolds 257802ab0f0SJoseph Reynolds### BMC network 258802ab0f0SJoseph Reynolds 259802ab0f0SJoseph ReynoldsThis sections shows variations in the operational environment of the BMC's 260802ab0f0SJoseph Reynoldsmanagement network. 261802ab0f0SJoseph Reynolds 262802ab0f0SJoseph ReynoldsThe BMC may be connected to a network used to manage the BMC. This is dubbed 263802ab0f0SJoseph Reynoldsthe "management network" to distinguish it from the payload network the host 264802ab0f0SJoseph Reynoldssystem is connected to. These are typically separate networks. 265802ab0f0SJoseph Reynolds``` 266802ab0f0SJoseph Reynolds +-----------+ +----------------+ 267802ab0f0SJoseph Reynolds | BMC | | Host | 268802ab0f0SJoseph Reynoldsmanagement | | | | 269802ab0f0SJoseph Reynoldsnetwork ---+- Network | | Network -+- payload 270802ab0f0SJoseph Reynolds | | | | network 271802ab0f0SJoseph Reynolds +-----------+ +----------------+ 272802ab0f0SJoseph Reynolds``` 273802ab0f0SJoseph Reynolds 274802ab0f0SJoseph ReynoldsThe BMC may be served by a Network Controller Sideband Interface (NC-SI) which 275802ab0f0SJoseph Reynoldsmaintains a logically separate network from the host, as shown in this diagram: 276802ab0f0SJoseph Reynolds``` 277802ab0f0SJoseph Reynolds +-----------+ +----------------+ 278802ab0f0SJoseph Reynolds | BMC | | Host | 279802ab0f0SJoseph Reynoldsmanagement | | | | 280802ab0f0SJoseph Reynoldsnetwork +-+- Network | | Network -+-+ 281802ab0f0SJoseph Reynolds | | | | | | 282802ab0f0SJoseph Reynolds | +-----------+ +----------------+ | 283802ab0f0SJoseph Reynolds | | 284802ab0f0SJoseph Reynolds | +------------------+ | 285802ab0f0SJoseph Reynolds | | NIC | | 286802ab0f0SJoseph Reynolds | |.........+ -+-------------+ 287802ab0f0SJoseph Reynolds +------+- side- : | 288802ab0f0SJoseph Reynoldsmanagement -------+- band : -+- payload 289802ab0f0SJoseph Reynoldsnetwork |.........+ | network 290802ab0f0SJoseph Reynolds +------------------+ 291802ab0f0SJoseph Reynolds``` 292802ab0f0SJoseph Reynolds 293802ab0f0SJoseph ReynoldsThe BMC's management network may be provided by its host system and have no 294802ab0f0SJoseph Reynoldsdirect connection external to the host, as shown in this diagram: 295802ab0f0SJoseph Reynolds``` 296802ab0f0SJoseph Reynolds +-----------+ +----------------+ 297802ab0f0SJoseph Reynolds | BMC | | Host | 298802ab0f0SJoseph Reynolds | | | | 299802ab0f0SJoseph Reynolds +--+- Network | | Network -+- payload 300802ab0f0SJoseph Reynolds | | | | | network 301802ab0f0SJoseph Reynolds | | | +--+- management | 302802ab0f0SJoseph Reynolds | | | | | network | 303802ab0f0SJoseph Reynolds | +-----------+ | +----------------+ 304802ab0f0SJoseph Reynolds | | 305802ab0f0SJoseph Reynolds +------------------+ 306802ab0f0SJoseph Reynolds``` 307802ab0f0SJoseph Reynolds 308802ab0f0SJoseph ReynoldsThe BMC's management network may be connected to USB (LAN over USB): 309802ab0f0SJoseph Reynolds``` 310802ab0f0SJoseph Reynolds +-----------+ +----------------+ 311802ab0f0SJoseph Reynolds | BMC | | Host | 312802ab0f0SJoseph Reynolds +-+ | | | | 313802ab0f0SJoseph Reynolds USB --+---+- Network | | Network -+- payload 314802ab0f0SJoseph Reynolds +-+ | | | | network 315802ab0f0SJoseph Reynolds | | | | 316802ab0f0SJoseph Reynolds +-----------+ +----------------+ 317802ab0f0SJoseph Reynolds``` 318802ab0f0SJoseph Reynolds 319802ab0f0SJoseph Reynolds### BMC serial 320802ab0f0SJoseph Reynolds 321802ab0f0SJoseph ReynoldsThis gives access to the BMC's console which provides such function as 322802ab0f0SJoseph Reynoldscontrolling the BMC's U-Boot and then providing access to the BMC's shell. 323802ab0f0SJoseph ReynoldsContrast with the host serial console access. 324802ab0f0SJoseph Reynolds 325802ab0f0SJoseph Reynolds### Network interfaces 326802ab0f0SJoseph Reynolds 327802ab0f0SJoseph ReynoldsThis refers to the standard NIC and Linux network services on the BMC. 328802ab0f0SJoseph Reynolds 329802ab0f0SJoseph Reynolds### Secure Shell (SSH) 330802ab0f0SJoseph Reynolds 331802ab0f0SJoseph ReynoldsThis refers to the SSH protocol which provides both secure shell (ssh) and 332802ab0f0SJoseph Reynoldssecure copy (scp) access to the BMC. OpenBMC uses the Dropbear SSH 333802ab0f0SJoseph Reynoldsimplementation. Note that port 22 connects to the BMC's shell, while port 2200 334802ab0f0SJoseph Reynoldsconnects to the host console. 335802ab0f0SJoseph Reynolds 336802ab0f0SJoseph Reynolds### HTTP and HTTPS 337802ab0f0SJoseph Reynolds 338802ab0f0SJoseph ReynoldsOpenBMC supports the HTTP application protocol over HTTPS, both handled by the 339802ab0f0SJoseph ReynoldsBMCWeb server. The "http" URI scheme is disabled by default but can be 340802ab0f0SJoseph Reynoldsenabled at compile time by BMCWeb configuration options. 341802ab0f0SJoseph Reynolds 342802ab0f0SJoseph Reynolds### Host serial console 343802ab0f0SJoseph Reynolds 344802ab0f0SJoseph ReynoldsRefers to the BMC's access to its host's serial connection which typically 345802ab0f0SJoseph Reynoldsaccesses the host system's console. See also `obmc-console-server` which 346802ab0f0SJoseph Reynoldsprovides host serial access to various internal BMC services. Contrast with 347802ab0f0SJoseph Reynoldsaccess to the BMC's serial connection which provides access to the BMC's 348802ab0f0SJoseph Reynoldsconsole. 349802ab0f0SJoseph Reynolds 350802ab0f0SJoseph Reynolds### Service discovery 351802ab0f0SJoseph Reynolds 352802ab0f0SJoseph ReynoldsRefers to the multicast discovery service (mDNS). For example, you can find 353802ab0f0SJoseph Reynoldsthe BMC via the `avahi-browse -rt _obmc_rest._tcp` command. 354802ab0f0SJoseph Reynolds 355802ab0f0SJoseph Reynolds### Service Location Protocol (SLP) 356802ab0f0SJoseph Reynolds 357802ab0f0SJoseph ReynoldsRefers to the unicast service discovery protocol provided by `slpd`. For 358802ab0f0SJoseph Reynoldsexample, you can find the BMC via the `slptool -u ${ip} findsrvtypes or 359802ab0f0SJoseph Reynoldsfindsrvs` command. 360802ab0f0SJoseph Reynolds 361*36643e62SJoseph Reynolds### RMCP+, IPMI, and ipmitool 362802ab0f0SJoseph Reynolds 363*36643e62SJoseph ReynoldsRefers to the RMCP+ protocol and IPMI implementation provided by `netipmid` 364802ab0f0SJoseph Reynoldswith source here: `https://github.com/openbmc/phosphor-net-ipmid` and some 365802ab0f0SJoseph Reynoldsdetails provided by [IPMI Session management][]. Network IPMI provides access 366802ab0f0SJoseph Reynoldsto many resources including host IPMI access, SOL (access to the host 367802ab0f0SJoseph Reynoldsconsole), and more. Also known as out of band IPMI. Contrast with host-IPMI 368802ab0f0SJoseph Reynoldswhich interacts with the host and with Redfish which provides alternate 369802ab0f0SJoseph Reynoldsfunction. 370802ab0f0SJoseph Reynolds 371*36643e62SJoseph ReynoldsThe BMC's RMCP+ IPMI interface is designed to be operated by the 372802ab0f0SJoseph Reynolds`[ipmitool][]` external command. 373802ab0f0SJoseph Reynolds 374802ab0f0SJoseph Reynolds[IPMI Session management]: https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Ipmi/SESSION_README.md 375802ab0f0SJoseph Reynolds[ipmitool]: https://github.com/ipmitool/ipmitool 376802ab0f0SJoseph Reynolds 377802ab0f0SJoseph Reynolds### Host IPMI 378802ab0f0SJoseph Reynolds 379802ab0f0SJoseph ReynoldsRefers to the host-facing IPMI service provided by the `ipmid` program with 380802ab0f0SJoseph Reynoldssource here: `https://github.com/openbmc/phosphor-host-ipmid`. The systemd 381802ab0f0SJoseph Reynoldsservice is `phosphor-ipmi-host` implemented by the `ipmid` program. Also 382*36643e62SJoseph Reynoldsknown as in-band IPMI. Contrast with RMCP+ which faces the network and with 383802ab0f0SJoseph ReynoldsPLDM which provides alternate function. 384802ab0f0SJoseph Reynolds 385802ab0f0SJoseph Reynolds### BMC shell 386802ab0f0SJoseph Reynolds 387802ab0f0SJoseph ReynoldsThis refers to the BMC's command line interface which defaults to the `bash` 388802ab0f0SJoseph Reynoldsprogram provided via the `/bin/sh` path on the BMC's file system. Note that 389802ab0f0SJoseph Reynoldsthe shell (together with its utility programs) provides access to many of the 390802ab0f0SJoseph ReynoldsBMC's internal and external interfaces. 391802ab0f0SJoseph Reynolds 392802ab0f0SJoseph Reynolds### obmc-console 393802ab0f0SJoseph Reynolds 394802ab0f0SJoseph ReynoldsThis refers to support for multiple independent consoles in 395802ab0f0SJoseph Reynoldshttps://github.com/openbmc/obmc-console and two applications: 396802ab0f0SJoseph Reynolds - The `obmc-console-server` abstracts the host console (UART) connection as a 397802ab0f0SJoseph Reynolds Unix domain socket. 398802ab0f0SJoseph Reynolds - The `obmc-console-client` can connect a console to an SSH session. 399802ab0f0SJoseph Reynolds 400802ab0f0SJoseph ReynoldsOther applications use the console server. 401802ab0f0SJoseph Reynolds 402802ab0f0SJoseph Reynolds### hostlogger 403802ab0f0SJoseph Reynolds 404802ab0f0SJoseph ReynoldsRefers to the BMC service provided by the `hostlogger` program here: 405802ab0f0SJoseph Reynoldshttps://github.com/openbmc/phosphor-hostlogger which listens to the 406802ab0f0SJoseph Reynolds`obmc-console-server` and logs host console messages into the BMC's file 407802ab0f0SJoseph Reynoldssystem. 408802ab0f0SJoseph Reynolds 409802ab0f0SJoseph Reynolds### BMCWeb web server 410802ab0f0SJoseph Reynolds 411802ab0f0SJoseph ReynoldsRefers to the custom HTTP/Web server with source here: 412802ab0f0SJoseph Reynoldshttps://github.com/openbmc/bmcweb Note that BMCWeb is configurable per 413802ab0f0SJoseph Reynoldshttps://github.com/openbmc/bmcweb/blob/master/CMakeLists.txt with build-time 414802ab0f0SJoseph Reynoldsoptions to control which interfaces it provides. For example, there are 415802ab0f0SJoseph Reynoldsconfigurations options to: 416802ab0f0SJoseph Reynolds - enable downloading firmware images from a TFTP server 417802ab0f0SJoseph Reynolds - enable the "http" URI scheme 418802ab0f0SJoseph Reynolds - others 419802ab0f0SJoseph Reynolds 420802ab0f0SJoseph ReynoldsThe webserver also sets up Secure Websockets for services such as KVM-IP, 421802ab0f0SJoseph ReynoldsVirtual-USB, and more. 422802ab0f0SJoseph Reynolds 423802ab0f0SJoseph Reynolds### Redfish 424802ab0f0SJoseph Reynolds 425802ab0f0SJoseph ReynoldsRefers to the set of Redfish REST APIs served by the BMCWeb web server. See 426802ab0f0SJoseph Reynoldsdetails here: https://github.com/openbmc/bmcweb/blob/master/Redfish.md with 427802ab0f0SJoseph Reynoldsdocs here: https://github.com/openbmc/docs/blob/master/REDFISH-cheatsheet.md 428802ab0f0SJoseph Reynolds 429802ab0f0SJoseph Reynolds### phosphor-dbus-rest 430802ab0f0SJoseph Reynolds 431802ab0f0SJoseph ReynoldsRefers to the legacy REST APIs optionally served by the BMCWeb server. 432802ab0f0SJoseph ReynoldsDocs: https://github.com/openbmc/docs/blob/master/REST-cheatsheet.md 433802ab0f0SJoseph Reynolds 434802ab0f0SJoseph Reynolds### KVM-IP 435802ab0f0SJoseph Reynolds 436802ab0f0SJoseph ReynoldsRefers to the OpenBMC implementation of the Remote Frame Buffer (RFB, aka VNC) 437802ab0f0SJoseph Reynoldsprotocol which lets you operate the host system's keyboard, video, and mouse 438802ab0f0SJoseph Reynolds(KVM) remotely. See https://github.com/openbmc/obmc-ikvm/blob/master/README.md 439802ab0f0SJoseph ReynoldsAlso known as IPKvm. Do not confuse with Kernel Virtual Machine (the other 440802ab0f0SJoseph ReynoldsKVM). 441802ab0f0SJoseph Reynolds 442802ab0f0SJoseph Reynolds### Virtual media 443802ab0f0SJoseph Reynolds 444802ab0f0SJoseph ReynoldsAlso known as: remote media and USB-over-IP. Design: 445802ab0f0SJoseph Reynoldshttps://github.com/openbmc/docs/blob/master/designs/VirtualMedia.md 446802ab0f0SJoseph ReynoldsContrast with LAN-over-USB. 447802ab0f0SJoseph Reynolds 448802ab0f0SJoseph Reynolds### Virtual USB 449802ab0f0SJoseph Reynolds 450802ab0f0SJoseph ReynoldsAlso known as USB-over-IP, and helps implement virtual media. Contrast with 451802ab0f0SJoseph Reynoldsthe BMC and host physical USB ports. 452