1802ab0f0SJoseph Reynolds# OpenBMC interfaces 2802ab0f0SJoseph Reynolds 3*f4febd00SPatrick WilliamsPurpose: This introduces a simplified view of the BMC's primary interfaces. It 4*f4febd00SPatrick Williamsis intended to provide a reference suitable for a wide audience: 5*f4febd00SPatrick Williams 6*f4febd00SPatrick Williams- Engineers provide domain expertise in specific areas and learn about use cases 7*f4febd00SPatrick Williams and threats their interfaces poses. 8*f4febd00SPatrick Williams- Give BMC administrators and system integrators a simplified view of the BMC's 9*f4febd00SPatrick Williams system interfaces. For example, to understand which interfaces can be 10*f4febd00SPatrick Williams disabled. 11802ab0f0SJoseph Reynolds- Management and security folks need everything to work and play together 12802ab0f0SJoseph Reynolds nicely. For example, to understand the BMC's attack surfaces. 13802ab0f0SJoseph Reynolds 14802ab0f0SJoseph Reynolds## Introduction to the interfaces and services 15802ab0f0SJoseph Reynolds 16802ab0f0SJoseph ReynoldsThis section shows the BMC's primary interfaces and how they are related. It 17*f4febd00SPatrick Williamsbegins with the BMC's physical interfaces and moves toward abstractions such as 18*f4febd00SPatrick Williamsnetwork services. The intent is to show the interfaces essential to the OpenBMC 19*f4febd00SPatrick Williamsproject in a framework to reason about which interfaces are present, how they 20*f4febd00SPatrick Williamsare related. This provides a foundation to reason about which can be disabled, 21*f4febd00SPatrick Williamshow they are secured, etc. The appendix provides details about each interface 22*f4febd00SPatrick Williamsand service shown. 23802ab0f0SJoseph Reynolds 24*f4febd00SPatrick WilliamsOpenBMC's services and the interfaces they provide are controlled by `systemd`. 25*f4febd00SPatrick WilliamsThis document references OpenBMC `systemd` unit names to help link concepts to 26*f4febd00SPatrick Williamsthe source code. The reader is assumed to be familiar with [systemd concepts][]. 27*f4febd00SPatrick WilliamsThe templated units ("unit@.service") may be omitted for clarity. Relevant 28*f4febd00SPatrick Williamsdetails from the unit file may be shown, such as the program which implements a 29*f4febd00SPatrick Williamsservice. 30802ab0f0SJoseph Reynolds 31*f4febd00SPatrick WilliamsThe OpenBMC [Service Management][] interface can control `systemd` services. For 32*f4febd00SPatrick Williamsexample, disabling a BMC service will disable the corresponding external 33802ab0f0SJoseph Reynoldsinterface. 34802ab0f0SJoseph Reynolds 35*f4febd00SPatrick Williams[systemd concepts]: 36*f4febd00SPatrick Williams https://www.freedesktop.org/software/systemd/man/systemd.html#Concepts 37*f4febd00SPatrick Williams[service management]: 38*f4febd00SPatrick Williams https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/yaml/xyz/openbmc_project/Control/Service/README.md 39802ab0f0SJoseph Reynolds 40802ab0f0SJoseph ReynoldsDiagrams are included to help visualize relationships. The diagrams show 41*f4febd00SPatrick Williamsmanagement agents on the left side, the BMC in the center, and host elements on 42*f4febd00SPatrick Williamsthe right side. The diagrams are simplified and are not intended to be complete. 43802ab0f0SJoseph Reynolds 44802ab0f0SJoseph Reynolds### Physical interfaces 45802ab0f0SJoseph Reynolds 46802ab0f0SJoseph ReynoldsThis shows the BMC's physical connections including network, USB, UART serial, 47802ab0f0SJoseph Reynoldsand connections to its host platform. This uses a simplified view of the host 48*f4febd00SPatrick Williamswhich shows only the host interfaces that connect directly to the BMC. A typical 49*f4febd00SPatrick Williamshost would have additional connections for console, network, etc. 50802ab0f0SJoseph Reynolds 51*f4febd00SPatrick WilliamsInterfaces between the BMC and its host platform vary considerably based on BMC 52*f4febd00SPatrick Williamsand host platform implementation. The information presented in this section and 53*f4febd00SPatrick Williamsits subsections is intended to illustrate common elements, not to represent any 54*f4febd00SPatrick Williamsparticular system. This section is intended to be referenced by additional 55*f4febd00SPatrick Williamsdocumentation which gives details for specific BMC and host implementations. 56802ab0f0SJoseph Reynolds 57802ab0f0SJoseph Reynolds``` 58802ab0f0SJoseph Reynolds +----------------+ +----------------+ 59802ab0f0SJoseph Reynolds | BMC | | Host | 60802ab0f0SJoseph Reynolds | | | | 61802ab0f0SJoseph Reynolds | Network -+- LPC ---+- | 62802ab0f0SJoseph Reynolds -+- eth0 -+--PCIe --+- | 63802ab0f0SJoseph Reynolds -+- eth1 -+--UART --+- | 64802ab0f0SJoseph Reynolds | lo -+- I2C ---+- | 65802ab0f0SJoseph Reynolds | -+--I3C ---+- | 66802ab0f0SJoseph Reynolds | USB -+- SPI ---+- | 67802ab0f0SJoseph Reynolds -+- usb0 -+- PECI --+- | 68802ab0f0SJoseph Reynolds | -+- GPIOs -+- | 69802ab0f0SJoseph Reynolds | Serial -+- UTMI --+- | 70802ab0f0SJoseph Reynolds -+- tty0 | | | 71802ab0f0SJoseph Reynolds | | | | 72802ab0f0SJoseph Reynolds +----------------+ +----------------+ 73802ab0f0SJoseph Reynolds``` 74802ab0f0SJoseph Reynolds 75802ab0f0SJoseph Reynolds#### Host-BMC physical interface transport protocols 76802ab0f0SJoseph Reynolds 77802ab0f0SJoseph ReynoldsThis lists protocols that operate over the BMC-host physical interfaces: 78*f4febd00SPatrick Williams 79802ab0f0SJoseph Reynolds- Host IPMI. 80802ab0f0SJoseph Reynolds- [MCTP][]. OpenBMC offers MCTP over LPC, PCIe, UART. 81802ab0f0SJoseph Reynolds- Custom OEM solution. 8236643e62SJoseph Reynolds- SMBus. 83802ab0f0SJoseph Reynolds 84*f4febd00SPatrick Williams[mctp]: 85*f4febd00SPatrick Williams https://www.dmtf.org/sites/default/files/standards/documents/DSP0236_1.3.0.pdf 86802ab0f0SJoseph Reynolds 87802ab0f0SJoseph Reynolds#### Host-BMC data models 88802ab0f0SJoseph Reynolds 89802ab0f0SJoseph ReynoldsThis lists specifications for the data which flows over the BMC-host transport 90802ab0f0SJoseph Reynoldsprotocols: 91*f4febd00SPatrick Williams 92802ab0f0SJoseph Reynolds- Host IPMI. 93802ab0f0SJoseph Reynolds- PLDM (DMTF document DSP0240). 94802ab0f0SJoseph Reynolds- Custom OEM solution. 95802ab0f0SJoseph Reynolds 96802ab0f0SJoseph Reynolds### Network services provided 97802ab0f0SJoseph Reynolds 98*f4febd00SPatrick WilliamsOpenBMC provides services via its management network. The default services are 99*f4febd00SPatrick Williamslisted here by port number. More information about each service is given in 100*f4febd00SPatrick Williamssections below or in the appendix. 101802ab0f0SJoseph Reynolds 102802ab0f0SJoseph Reynolds``` 103802ab0f0SJoseph Reynolds +----------------------------------+ 104802ab0f0SJoseph Reynolds | BMC | 105802ab0f0SJoseph Reynolds | | 106802ab0f0SJoseph Reynolds -+-+ Network services | 107802ab0f0SJoseph Reynolds | | | 108802ab0f0SJoseph Reynolds | +-+ TCP ports | 109802ab0f0SJoseph Reynolds | | +- 22 ssh - shell | 110802ab0f0SJoseph Reynolds | | +- 80 HTTP (no connection) | 111802ab0f0SJoseph Reynolds | | +- 443 HTTPS | 112802ab0f0SJoseph Reynolds | | +- 2200 ssh - host console | 113802ab0f0SJoseph Reynolds | | +- 5355 mDNS service discovery | 114802ab0f0SJoseph Reynolds | | | 115802ab0f0SJoseph Reynolds | +-+ UDP ports | 116802ab0f0SJoseph Reynolds | +- 427 SLP | 11736643e62SJoseph Reynolds | +- 623 RMCP+ IPMI | 118802ab0f0SJoseph Reynolds | +- 5355 mDNS service discovery | 119802ab0f0SJoseph Reynolds | | 120802ab0f0SJoseph Reynolds +----------------------------------+ 121802ab0f0SJoseph Reynolds``` 122802ab0f0SJoseph Reynolds 123802ab0f0SJoseph ReynoldsServices provided to connected clients may use ports for: 124*f4febd00SPatrick Williams 125802ab0f0SJoseph Reynolds- Active SSH sessions. 126802ab0f0SJoseph Reynolds- Active KVM-IP sessions. 127802ab0f0SJoseph Reynolds- Active virtual media sessions. 128802ab0f0SJoseph Reynolds 129802ab0f0SJoseph Reynolds### Network services consumed 130802ab0f0SJoseph Reynolds 131802ab0f0SJoseph ReynoldsThis section lists network services used by OpenBMC systems. OpenBMC uses the 132802ab0f0SJoseph Reynoldstypical services in the usual way, such as NTP, DNS, and DHCP. In addition, 133802ab0f0SJoseph ReynoldsOpenBMC uses: 134*f4febd00SPatrick Williams 135*f4febd00SPatrick Williams- TFTP (disabled by default, when invoked by BMC operator) - Trivial FTP client 136*f4febd00SPatrick Williams to fetch firmware images for [code update][]. 137802ab0f0SJoseph Reynolds- SNMP manager to catch [SNMP traps][] (when enabled). 138802ab0f0SJoseph Reynolds 139*f4febd00SPatrick Williams[code update]: 140*f4febd00SPatrick Williams https://github.com/openbmc/docs/blob/master/code-update/code-update.md 141*f4febd00SPatrick Williams[snmp traps]: 142*f4febd00SPatrick Williams https://github.com/openbmc/phosphor-snmp/blob/master/docs/snmp-configuration.md 143802ab0f0SJoseph Reynolds 144802ab0f0SJoseph Reynolds### Host console 145802ab0f0SJoseph Reynolds 146802ab0f0SJoseph ReynoldsOpenBMC provides access to its host's serial console in various ways: 147*f4febd00SPatrick Williams 148802ab0f0SJoseph Reynolds- Client access via network IPMI. 149802ab0f0SJoseph Reynolds- Client access via ssh port 2200. 150802ab0f0SJoseph Reynolds- The hostlogger facility. 151802ab0f0SJoseph Reynolds 152802ab0f0SJoseph Reynolds``` 153802ab0f0SJoseph Reynolds +---------------------------+ +-----------------+ 154802ab0f0SJoseph Reynolds | BMC | | Host | 155802ab0f0SJoseph Reynolds ipmitool sol | | | | 156802ab0f0SJoseph Reynolds activate | | | | 157802ab0f0SJoseph Reynolds UDP port 623 .... netipmid ------------} | | | 158802ab0f0SJoseph Reynolds | } | | | 159802ab0f0SJoseph Reynolds ssh -p 2200 ... obmc-console-client -}---+----+- serial UART | 160802ab0f0SJoseph Reynolds TCP port 2200 | } | | console | 161802ab0f0SJoseph Reynolds | hostlogger ----------} | | | 162802ab0f0SJoseph Reynolds | | | | 163802ab0f0SJoseph Reynolds +---------------------------+ +-----------------+ 164802ab0f0SJoseph Reynolds``` 165802ab0f0SJoseph Reynolds 166802ab0f0SJoseph ReynoldsThe [obmc-console][] details how the host UART connection is abstracted within 167802ab0f0SJoseph Reynoldsthe BMC as a Unix domain socket. 168802ab0f0SJoseph Reynolds 169802ab0f0SJoseph Reynolds[obmc-console]: https://github.com/openbmc/obmc-console/blob/master/README.md 170802ab0f0SJoseph Reynolds 171802ab0f0SJoseph Reynolds### Web services 172802ab0f0SJoseph Reynolds 173802ab0f0SJoseph ReynoldsOpenBMC provides a custom HTTP/Web server called BMCWeb. 174802ab0f0SJoseph Reynolds 175802ab0f0SJoseph Reynolds``` 176802ab0f0SJoseph Reynolds +--------------------------------------------------+ 177802ab0f0SJoseph Reynolds | BMC | 178802ab0f0SJoseph Reynolds | | 179802ab0f0SJoseph Reynolds -+-+ Network services | 180802ab0f0SJoseph Reynolds | ++ TCP | 181802ab0f0SJoseph Reynolds | +- 443 HTTPS - BMCWeb -> { static content | 182802ab0f0SJoseph Reynolds | | { Web app (webui) | 183802ab0f0SJoseph Reynolds | +- (other ports) <---+ { Redfish schema | 184802ab0f0SJoseph Reynolds | | | { /login | 185802ab0f0SJoseph Reynolds | V | { Redfish REST APIs | 186802ab0f0SJoseph Reynolds -+- Websockets -+ | { Phosphor REST APIs | 187802ab0f0SJoseph Reynolds | | +<--{-- can set up: | 188802ab0f0SJoseph Reynolds | | { KVM-IP, USB-IP, | 189802ab0f0SJoseph Reynolds | various { Virtual Media | 190802ab0f0SJoseph Reynolds | | 191802ab0f0SJoseph Reynolds +--------------------------------------------------+ 192802ab0f0SJoseph Reynolds``` 193802ab0f0SJoseph Reynolds 194802ab0f0SJoseph ReynoldsIn the diagram, the arrowheads represent the flow of control from web agents to 195*f4febd00SPatrick WilliamsBMCWeb APIs, some of which set up Websockets which give the network agent direct 196*f4febd00SPatrick Williamscommunication with the desired interface (not via BMCWeb). 197802ab0f0SJoseph Reynolds 198*f4febd00SPatrick WilliamsNote that [BMCWeb is configurable][] at compile time. This section describes the 199*f4febd00SPatrick Williamsdefault configuration (which serves the HTTP application protocol over the HTTPS 200*f4febd00SPatrick Williamstransport protocol on TCP port 443). 201802ab0f0SJoseph Reynolds 202*f4febd00SPatrick Williams[bmcweb is configurable]: https://github.com/openbmc/bmcweb#configuration 203802ab0f0SJoseph Reynolds 204802ab0f0SJoseph ReynoldsServices provided: 205*f4febd00SPatrick Williams 20661475153SGunnar Mills- Web application (webui-vue) and other static content 207802ab0f0SJoseph Reynolds- REST APIs including custom phosphor-rest and Redfish APIs 208802ab0f0SJoseph Reynolds- KVM-IP (Keyboard, Video, Mouse over IP) 209802ab0f0SJoseph Reynolds- Virtual media via USB-IP (Universal Serial Bus over IP) 210802ab0f0SJoseph Reynolds- others 211802ab0f0SJoseph Reynolds 212802ab0f0SJoseph Reynolds### Host IPMI services 213802ab0f0SJoseph Reynolds 214802ab0f0SJoseph ReynoldsOpenBMC provides a host IPMI service. 215802ab0f0SJoseph Reynolds 216802ab0f0SJoseph Reynolds``` 217802ab0f0SJoseph Reynolds +---------------+ +-----------------+ 218802ab0f0SJoseph Reynolds | BMC | | Host | 219802ab0f0SJoseph Reynolds | | | | 220802ab0f0SJoseph Reynolds | ipmid -+----+- | 221802ab0f0SJoseph Reynolds | | | | 222802ab0f0SJoseph Reynolds +---------------+ +-----------------+ 223802ab0f0SJoseph Reynolds``` 224802ab0f0SJoseph Reynolds 225802ab0f0SJoseph ReynoldsThe IPMI firmware firewall (which aims to control which host commands and 226802ab0f0SJoseph Reynoldschannels can be used) is not implemented in OpenBMC. There is support for a 227802ab0f0SJoseph Reynolds[Phosphor host IPMI whitelist][] scheme. 228802ab0f0SJoseph Reynolds 229*f4febd00SPatrick Williams[phosphor host ipmi whitelist]: 230*f4febd00SPatrick Williams https://github.com/openbmc/openbmc/blob/master/meta-phosphor/classes/phosphor-ipmi-host-whitelist.bbclass 231802ab0f0SJoseph Reynolds 232802ab0f0SJoseph Reynolds### D-Bus interfaces 233802ab0f0SJoseph Reynolds 234802ab0f0SJoseph ReynoldsOpenBMC uses D-Bus interfaces as the primary way to communicate (inter-process 235*f4febd00SPatrick Williamscommunication) between OpenBMC applications. Note that other methods are used, 236*f4febd00SPatrick Williamsfor example Unix domain sockets. 237802ab0f0SJoseph Reynolds 238802ab0f0SJoseph Reynolds``` 239802ab0f0SJoseph Reynolds +--------------------------------------------------+ 240802ab0f0SJoseph Reynolds | BMC | 241802ab0f0SJoseph Reynolds | | 242802ab0f0SJoseph Reynolds | +-------+ | 243802ab0f0SJoseph Reynolds | | D-Bus | | 244802ab0f0SJoseph Reynolds | | -+- bmcweb | 245802ab0f0SJoseph Reynolds | | -+- ipmid | 246802ab0f0SJoseph Reynolds | | -+- ... | 247802ab0f0SJoseph Reynolds | | -+- many more (not shown here) | 248802ab0f0SJoseph Reynolds | | -+- ... | 249802ab0f0SJoseph Reynolds | | | | 250802ab0f0SJoseph Reynolds | +-------+ | 251802ab0f0SJoseph Reynolds | | 252802ab0f0SJoseph Reynolds +--------------------------------------------------+ 253802ab0f0SJoseph Reynolds``` 254802ab0f0SJoseph Reynolds 255*f4febd00SPatrick WilliamsTo learn more, read the [Phosphor D-Bus interface docs][] and search for README 256*f4febd00SPatrick Williamsfiles in various subdirectories under the xyz/openbmc_project path. 257802ab0f0SJoseph Reynolds 258*f4febd00SPatrick Williams[phosphor d-bus interface docs]: 259*f4febd00SPatrick Williams https://github.com/openbmc/phosphor-dbus-interfaces 260802ab0f0SJoseph Reynolds 261802ab0f0SJoseph Reynolds## Interfaces and services 262802ab0f0SJoseph Reynolds 263*f4febd00SPatrick WilliamsThis section lists each interface and service shown in this document. The intent 264*f4febd00SPatrick Williamsis to give the relevance of each item and how to locate details in the source 265*f4febd00SPatrick Williamscode. 266802ab0f0SJoseph Reynolds 267802ab0f0SJoseph Reynolds### BMC network 268802ab0f0SJoseph Reynolds 269802ab0f0SJoseph ReynoldsThis sections shows variations in the operational environment of the BMC's 270802ab0f0SJoseph Reynoldsmanagement network. 271802ab0f0SJoseph Reynolds 272*f4febd00SPatrick WilliamsThe BMC may be connected to a network used to manage the BMC. This is dubbed the 273*f4febd00SPatrick Williams"management network" to distinguish it from the payload network the host system 274*f4febd00SPatrick Williamsis connected to. These are typically separate networks. 275*f4febd00SPatrick Williams 276802ab0f0SJoseph Reynolds``` 277802ab0f0SJoseph Reynolds +-----------+ +----------------+ 278802ab0f0SJoseph Reynolds | BMC | | Host | 279802ab0f0SJoseph Reynoldsmanagement | | | | 280802ab0f0SJoseph Reynoldsnetwork ---+- Network | | Network -+- payload 281802ab0f0SJoseph Reynolds | | | | network 282802ab0f0SJoseph Reynolds +-----------+ +----------------+ 283802ab0f0SJoseph Reynolds``` 284802ab0f0SJoseph Reynolds 285802ab0f0SJoseph ReynoldsThe BMC may be served by a Network Controller Sideband Interface (NC-SI) which 286802ab0f0SJoseph Reynoldsmaintains a logically separate network from the host, as shown in this diagram: 287*f4febd00SPatrick Williams 288802ab0f0SJoseph Reynolds``` 289802ab0f0SJoseph Reynolds +-----------+ +----------------+ 290802ab0f0SJoseph Reynolds | BMC | | Host | 291802ab0f0SJoseph Reynoldsmanagement | | | | 292802ab0f0SJoseph Reynoldsnetwork +-+- Network | | Network -+-+ 293802ab0f0SJoseph Reynolds | | | | | | 294802ab0f0SJoseph Reynolds | +-----------+ +----------------+ | 295802ab0f0SJoseph Reynolds | | 296802ab0f0SJoseph Reynolds | +------------------+ | 297802ab0f0SJoseph Reynolds | | NIC | | 298802ab0f0SJoseph Reynolds | |.........+ -+-------------+ 299802ab0f0SJoseph Reynolds +------+- side- : | 300802ab0f0SJoseph Reynoldsmanagement -------+- band : -+- payload 301802ab0f0SJoseph Reynoldsnetwork |.........+ | network 302802ab0f0SJoseph Reynolds +------------------+ 303802ab0f0SJoseph Reynolds``` 304802ab0f0SJoseph Reynolds 305802ab0f0SJoseph ReynoldsThe BMC's management network may be provided by its host system and have no 306802ab0f0SJoseph Reynoldsdirect connection external to the host, as shown in this diagram: 307*f4febd00SPatrick Williams 308802ab0f0SJoseph Reynolds``` 309802ab0f0SJoseph Reynolds +-----------+ +----------------+ 310802ab0f0SJoseph Reynolds | BMC | | Host | 311802ab0f0SJoseph Reynolds | | | | 312802ab0f0SJoseph Reynolds +--+- Network | | Network -+- payload 313802ab0f0SJoseph Reynolds | | | | | network 314802ab0f0SJoseph Reynolds | | | +--+- management | 315802ab0f0SJoseph Reynolds | | | | | network | 316802ab0f0SJoseph Reynolds | +-----------+ | +----------------+ 317802ab0f0SJoseph Reynolds | | 318802ab0f0SJoseph Reynolds +------------------+ 319802ab0f0SJoseph Reynolds``` 320802ab0f0SJoseph Reynolds 321802ab0f0SJoseph ReynoldsThe BMC's management network may be connected to USB (LAN over USB): 322*f4febd00SPatrick Williams 323802ab0f0SJoseph Reynolds``` 324802ab0f0SJoseph Reynolds +-----------+ +----------------+ 325802ab0f0SJoseph Reynolds | BMC | | Host | 326802ab0f0SJoseph Reynolds +-+ | | | | 327802ab0f0SJoseph Reynolds USB --+---+- Network | | Network -+- payload 328802ab0f0SJoseph Reynolds +-+ | | | | network 329802ab0f0SJoseph Reynolds | | | | 330802ab0f0SJoseph Reynolds +-----------+ +----------------+ 331802ab0f0SJoseph Reynolds``` 332802ab0f0SJoseph Reynolds 333802ab0f0SJoseph Reynolds### BMC serial 334802ab0f0SJoseph Reynolds 335802ab0f0SJoseph ReynoldsThis gives access to the BMC's console which provides such function as 336802ab0f0SJoseph Reynoldscontrolling the BMC's U-Boot and then providing access to the BMC's shell. 337802ab0f0SJoseph ReynoldsContrast with the host serial console access. 338802ab0f0SJoseph Reynolds 339802ab0f0SJoseph Reynolds### Network interfaces 340802ab0f0SJoseph Reynolds 341802ab0f0SJoseph ReynoldsThis refers to the standard NIC and Linux network services on the BMC. 342802ab0f0SJoseph Reynolds 343802ab0f0SJoseph Reynolds### Secure Shell (SSH) 344802ab0f0SJoseph Reynolds 345802ab0f0SJoseph ReynoldsThis refers to the SSH protocol which provides both secure shell (ssh) and 346802ab0f0SJoseph Reynoldssecure copy (scp) access to the BMC. OpenBMC uses the Dropbear SSH 347802ab0f0SJoseph Reynoldsimplementation. Note that port 22 connects to the BMC's shell, while port 2200 348802ab0f0SJoseph Reynoldsconnects to the host console. 349802ab0f0SJoseph Reynolds 350802ab0f0SJoseph Reynolds### HTTP and HTTPS 351802ab0f0SJoseph Reynolds 352802ab0f0SJoseph ReynoldsOpenBMC supports the HTTP application protocol over HTTPS, both handled by the 353*f4febd00SPatrick WilliamsBMCWeb server. The "http" URI scheme is disabled by default but can be enabled 354*f4febd00SPatrick Williamsat compile time by BMCWeb configuration options. 355802ab0f0SJoseph Reynolds 356802ab0f0SJoseph Reynolds### Host serial console 357802ab0f0SJoseph Reynolds 358802ab0f0SJoseph ReynoldsRefers to the BMC's access to its host's serial connection which typically 359802ab0f0SJoseph Reynoldsaccesses the host system's console. See also `obmc-console-server` which 360802ab0f0SJoseph Reynoldsprovides host serial access to various internal BMC services. Contrast with 361802ab0f0SJoseph Reynoldsaccess to the BMC's serial connection which provides access to the BMC's 362802ab0f0SJoseph Reynoldsconsole. 363802ab0f0SJoseph Reynolds 364802ab0f0SJoseph Reynolds### Service discovery 365802ab0f0SJoseph Reynolds 366*f4febd00SPatrick WilliamsRefers to the multicast discovery service (mDNS). For example, you can find the 367*f4febd00SPatrick WilliamsBMC via the `avahi-browse -rt _obmc_rest._tcp` command. 368802ab0f0SJoseph Reynolds 369802ab0f0SJoseph Reynolds### Service Location Protocol (SLP) 370802ab0f0SJoseph Reynolds 371802ab0f0SJoseph ReynoldsRefers to the unicast service discovery protocol provided by `slpd`. For 372*f4febd00SPatrick Williamsexample, you can find the BMC via the 373*f4febd00SPatrick Williams`slptool -u ${ip} findsrvtypes or findsrvs` command. 374802ab0f0SJoseph Reynolds 37536643e62SJoseph Reynolds### RMCP+, IPMI, and ipmitool 376802ab0f0SJoseph Reynolds 377*f4febd00SPatrick WilliamsRefers to the RMCP+ protocol and IPMI implementation provided by `netipmid` with 378*f4febd00SPatrick Williamssource here: `https://github.com/openbmc/phosphor-net-ipmid` and some details 379*f4febd00SPatrick Williamsprovided by [IPMI Session management][]. Network IPMI provides access to many 380*f4febd00SPatrick Williamsresources including host IPMI access, SOL (access to the host console), and 381*f4febd00SPatrick Williamsmore. Also known as out of band IPMI. Contrast with host-IPMI which interacts 382*f4febd00SPatrick Williamswith the host and with Redfish which provides alternate function. 383802ab0f0SJoseph Reynolds 384*f4febd00SPatrick WilliamsThe BMC's RMCP+ IPMI interface is designed to be operated by the `[ipmitool][]` 385*f4febd00SPatrick Williamsexternal command. 386802ab0f0SJoseph Reynolds 387*f4febd00SPatrick Williams[ipmi session management]: 388*f4febd00SPatrick Williams https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/yaml/xyz/openbmc_project/Ipmi/SESSION_README.md 389802ab0f0SJoseph Reynolds[ipmitool]: https://github.com/ipmitool/ipmitool 390802ab0f0SJoseph Reynolds 391802ab0f0SJoseph Reynolds### Host IPMI 392802ab0f0SJoseph Reynolds 393802ab0f0SJoseph ReynoldsRefers to the host-facing IPMI service provided by the `ipmid` program with 394802ab0f0SJoseph Reynoldssource here: `https://github.com/openbmc/phosphor-host-ipmid`. The systemd 395*f4febd00SPatrick Williamsservice is `phosphor-ipmi-host` implemented by the `ipmid` program. Also known 396*f4febd00SPatrick Williamsas in-band IPMI. Contrast with RMCP+ which faces the network and with PLDM which 397*f4febd00SPatrick Williamsprovides alternate function. 398802ab0f0SJoseph Reynolds 399802ab0f0SJoseph Reynolds### BMC shell 400802ab0f0SJoseph Reynolds 401802ab0f0SJoseph ReynoldsThis refers to the BMC's command line interface which defaults to the `bash` 402*f4febd00SPatrick Williamsprogram provided via the `/bin/sh` path on the BMC's file system. Note that the 403*f4febd00SPatrick Williamsshell (together with its utility programs) provides access to many of the BMC's 404*f4febd00SPatrick Williamsinternal and external interfaces. 405802ab0f0SJoseph Reynolds 406802ab0f0SJoseph Reynolds### obmc-console 407802ab0f0SJoseph Reynolds 408802ab0f0SJoseph ReynoldsThis refers to support for multiple independent consoles in 409802ab0f0SJoseph Reynoldshttps://github.com/openbmc/obmc-console and two applications: 410*f4febd00SPatrick Williams 411802ab0f0SJoseph Reynolds- The `obmc-console-server` abstracts the host console (UART) connection as a 412802ab0f0SJoseph Reynolds Unix domain socket. 413802ab0f0SJoseph Reynolds- The `obmc-console-client` can connect a console to an SSH session. 414802ab0f0SJoseph Reynolds 415802ab0f0SJoseph ReynoldsOther applications use the console server. 416802ab0f0SJoseph Reynolds 417802ab0f0SJoseph Reynolds### hostlogger 418802ab0f0SJoseph Reynolds 419802ab0f0SJoseph ReynoldsRefers to the BMC service provided by the `hostlogger` program here: 420802ab0f0SJoseph Reynoldshttps://github.com/openbmc/phosphor-hostlogger which listens to the 421*f4febd00SPatrick Williams`obmc-console-server` and logs host console messages into the BMC's file system. 422802ab0f0SJoseph Reynolds 423802ab0f0SJoseph Reynolds### BMCWeb web server 424802ab0f0SJoseph Reynolds 425802ab0f0SJoseph ReynoldsRefers to the custom HTTP/Web server with source here: 426802ab0f0SJoseph Reynoldshttps://github.com/openbmc/bmcweb Note that BMCWeb is configurable per 427*f4febd00SPatrick Williamshttps://github.com/openbmc/bmcweb#configuration with build-time options to 428*f4febd00SPatrick Williamscontrol which interfaces it provides. For example, there are configurations 429*f4febd00SPatrick Williamsoptions to: 430*f4febd00SPatrick Williams 431802ab0f0SJoseph Reynolds- enable downloading firmware images from a TFTP server 432802ab0f0SJoseph Reynolds- enable the "http" URI scheme 433802ab0f0SJoseph Reynolds- others 434802ab0f0SJoseph Reynolds 435802ab0f0SJoseph ReynoldsThe webserver also sets up Secure Websockets for services such as KVM-IP, 436802ab0f0SJoseph ReynoldsVirtual-USB, and more. 437802ab0f0SJoseph Reynolds 438802ab0f0SJoseph Reynolds### Redfish 439802ab0f0SJoseph Reynolds 440802ab0f0SJoseph ReynoldsRefers to the set of Redfish REST APIs served by the BMCWeb web server. See 441*f4febd00SPatrick Williamsdetails here: https://github.com/openbmc/bmcweb/blob/master/Redfish.md with docs 442*f4febd00SPatrick Williamshere: https://github.com/openbmc/docs/blob/master/REDFISH-cheatsheet.md 443802ab0f0SJoseph Reynolds 444802ab0f0SJoseph Reynolds### phosphor-dbus-rest 445802ab0f0SJoseph Reynolds 446*f4febd00SPatrick WilliamsRefers to the legacy REST APIs optionally served by the BMCWeb server. Docs: 447*f4febd00SPatrick Williamshttps://github.com/openbmc/docs/blob/master/REST-cheatsheet.md 448802ab0f0SJoseph Reynolds 449802ab0f0SJoseph Reynolds### KVM-IP 450802ab0f0SJoseph Reynolds 451802ab0f0SJoseph ReynoldsRefers to the OpenBMC implementation of the Remote Frame Buffer (RFB, aka VNC) 452802ab0f0SJoseph Reynoldsprotocol which lets you operate the host system's keyboard, video, and mouse 453802ab0f0SJoseph Reynolds(KVM) remotely. See https://github.com/openbmc/obmc-ikvm/blob/master/README.md 454*f4febd00SPatrick WilliamsAlso known as IPKvm. Do not confuse with Kernel Virtual Machine (the other KVM). 455802ab0f0SJoseph Reynolds 456802ab0f0SJoseph Reynolds### Virtual media 457802ab0f0SJoseph Reynolds 458802ab0f0SJoseph ReynoldsAlso known as: remote media and USB-over-IP. Design: 459*f4febd00SPatrick Williamshttps://github.com/openbmc/docs/blob/master/designs/VirtualMedia.md Contrast 460*f4febd00SPatrick Williamswith LAN-over-USB. 461802ab0f0SJoseph Reynolds 462802ab0f0SJoseph Reynolds### Virtual USB 463802ab0f0SJoseph Reynolds 464*f4febd00SPatrick WilliamsAlso known as USB-over-IP, and helps implement virtual media. Contrast with the 465*f4febd00SPatrick WilliamsBMC and host physical USB ports. 466