Child pages
  • 4.6 Remote Console
Skip to end of metadata
Go to start of metadata

Remote Console

Why use a remote console

If you have more than a couple of servers, you will find that serial consoles are more convenient than using a monitor, keyboard, and mouse for each of them. Servers can be managed quite nicely from the command line. Originally, you needed a serial line from each server. Now this can all be done over the network. It's done by console redirection in concert with the serial-over-lan protocol.

The mechanism

Console redirection is somewhat more complicated than you might think. When you enable redirection to a serial port in a BIOS setup screen, the BIOS splits the output stream and merges the input streams. This works only for I/O that goes through the BIOS, normally only BIOS and GRUB input and output. The OS itself needs a second redirection, by specifying tty[a-d] as the console, because it does not use BIOS I/O. Early in the boot sequence, the OS does I/O directly to the serial port address. Later, when the asy driver runs, it opens the console device by path name, doing I/O in the conventional manner.

Older servers (or workstations repurposed for small home servers) may use a physical serial port backed by an UART chip on the motherboard, typically such ports would be COM1 or ttya, or COM2 or ttyb.

The BMC device (Baseboard Management Controller) on newer servers typically uses COM3 or ttyc for the IPMI serial-over-LAN console (and this is the setup assumed in the examples below). SOL (Serial-Over-LAN) is a standard and will be provided by all BMC devices that support IPMI v2.0.  Many BMC devices also provide KVM-over-LAN with a proprietary protocol. They do this with host software that emulates a graphic console. This software may not run on illumos or OI.

Motherboard requirements

The motherboard must contain an IPMI (Intelligent Platform Management Interface) subsystem with a BMC (Baseboard Management Controller) device. These motherboards work for me:

    Supermicro MBD-X9SCM-F-O
    Tyan S5510GM3NR

Others with the required hardware should work as well.

BIOS setup

In the appropriate BIOS setup screen, enable console redirection for the COM3 serial port. Then set the IP address and other network parameters for the BMC device.

You may be able to set the COM3 serial port speed in the BIOS. In that case, set it to 9600 bps, the illumos console default, and do a cold reboot. Otherwise, set it with ipmitool.

NOTE: The 9600 bps speed is the long-standing industry default speed. It is possible to configure higher speeds – typically 115200 bps – but this generally requires reconfiguration of all parts of the system, including BIOS, GRUB and the installed OS.

GRUB setup

The GRUB menu is typically found at /rpool/boot/grub/menu.lst.

First, you have to comment out or remove the splashimage, foreground, and background lines in the GRUB menu.

You can also add serial console support to GRUB itself, if for some reason BIOS redirection does not achieve the same effect for you; for example:

serial --unit=0 --speed=9600 ---word=8 --parity=no --stop=1
# Main GRUB console is serial; press a key on physiscal to grab input
terminal --timeout=10 serial console
# ... or ...
## Main GRUB console is physical; press a key on serial to grab input
# terminal --timeout=10 console serial

Then you can change the console device in the GRUB menu. Append ,console=ttyc to the kernel$ line, like this:

kernel$ /platform/i86pc/kernel/$ISADIR/unix -B $ZFS-BOOTFS,console=ttyc

OS files setup

If you don't specify the serial console in the GRUB menu, you can do it in /boot/solaris/bootenv.rc with the eeprom command or direct edits, followed by updating the boot archive (bootadm update-archive).

You can also change to a higher serial port speed such as 115200 BPS.  In that case, you need to append:

,console=ttyc,ttyc-mode="115200,8,n,1,-"

to the GRUB menu or make the equivalent changes to bootenv.rc .

You also need to change the console line in /etc/ttydefs like this:

console:115200 hupcl opost onlcr:115200::console

This change also requires an update to the boot archive.

Gnome setup

If you run a non-interactive server, you can disable the graphical login (to reduce the potential vulnerability surface and conserve system resources) this way:

# svcadm disable svc:/application/graphical-login/gdm:default

Virtual terminal setup

If you don't want your physical console to remain blank and unresponsive, you can enable virtual terminals (or at least the daemon and any one of the numbered bunch) which will start up late in boot:

:; svcadm enable -r vtdaemon vt2 vt3 vt4 vt5 vt6 console-login

Note that, contradictory to at least some existing documentation, the actual hotkey (Ctrl+Alt+Fn where n is the daemon/console number) switching between multiple text consoles is disabled by default. To enable and/or inspect this, you can use the following commands:

### Set up
:; svccfg -s vtdaemon setprop options/hotkeys=true
:; svcadm refresh vtdaemon
:; svcadm restart vtdaemon
 
### Inspect
:; svcprop vtdaemon | grep hotkey
options/hotkeys boolean true

 
### ... then use Ctrl+Alt+Fn to login, and:
:; who
   root     pts/1        Jun 23 10:29 (192.168.111.52)
   root     vt/2         Jun 23 10:30
   root     vt/4         Jun 23 10:39
   root     vt/3         Jun 23 10:39
   root     vt/5         Jun 23 10:39

Also, and it is more reasonable than being disabled by default, the consoles are password-protected by default (they lock up when you switch to another, and require the logged-in user's password to unblock when you switch back). On a private workstation, you can want this disabled: 

:; svccfg -s vtdaemon setprop options/secure=false
:; svcadm refresh vtdaemon
:; svcadm restart vtdaemon

(Courtesy of Volker Brandt on OmniOS discussion list)

You can also set up this facility to present an alternate console (rather than the only system one) on a serial port such as /dev/ttyS0 or /dev/cua0 (depending on your environment). Just do svcadm console-login add cua0 and then svcadm -s console-login:cua0 editprop, and then look at properties for another alternate console (e.g. svcadm -s vt6 listprop) to copy-paste them into the newly added instance; do not forget to replace the "vt6" or "vt/6" occurrences as appropriate for the console device you track, and then refresh and enable the new service. It can take some experimentation to get ttymon (or other console monitor) settings right so the locale looks and output does not duplicate, etc. proper in this session.

Serial port setup

The default serial console port speed in illumos is 9600 BPS. It can be changed, preferably in concert with your BIOS settings, GRUB serial console settings, illumos kernel settings (see eeprom (the /boot/solaris/bootenv.rc file on x86) and maybe /etc/ttydefs), and possibly the TTY (console login) daemon. All should use the same baud-speed (in that case, 115200 is the common preference – greater speeds are possible but may be not implemented by everyone).

To connect to your OI server's physical serial port from another Solaris-related OS you can use the tip client (might need adding a definition in /etc/remote to support 115200 bauds). The screen and socon programs' ability to use serial lines directly is also pretty popular and portable on Unix-like platforms. You could also find use for such serial-port clients as PuTTY, SecureCRT or HyperTerminal on Windows, or Minicom on Linux.  

For virtual serial ports provided by IPMI remote-management cards over the network (SOL), the remote console client I use is ipmitool; it is available in package system/management/ipmitool.

It connects over the network to set the serial port speed and other parameters, and to display the remote console. Every connection will prompt for the BMC password. A default for this password is provided by the motherboard vendor.

Use ipmitool from another machine to set the serial port speed to the illumos default like this:

$ ipmitool -I lanplus -H <ip address> -U ADMIN sol info
$ ipmitool -I lanplus -H <ip address> -U ADMIN sol set non-volatile-bit-rate 9.6
$ ipmitool -I lanplus -H <ip address> -U ADMIN sol set volatile-bit-rate 9.6
$ ipmitool -I lanplus -H <ip address> -U ADMIN sol info

Remote console client

You can run the SOL console on another machine like this:

$ ipmitool -I lanplus -H <ip address> -U ADMIN sol activate

The BIOS screens, the GRUB screen, and all of the Illumos console activity appear on the SOL window. Only the first two will appear on the VGA screen.

 

  • No labels