It's insecure and not very popular. See this post for details: http://lists.openstack.org/pipermail/openstack-discuss/2021-December/026224.html Change-Id: I9a2df47bb8c08cc991b3c615a9eb533aba3171f4
6.8 KiB
SNMP driver
The SNMP hardware type enables control of power distribution units of the type frequently found in data centre racks. PDUs frequently have a management ethernet interface and SNMP support enabling control of the power outlets.
The SNMP power interface works with the pxe-boot
interface for
network deployment and network-configured boot.
Note
Unlike most of the other power interfaces, the SNMP power interface
does not have a corresponding management interface. The SNMP hardware
type uses the noop
management interface instead.
List of supported devices
This is a non-exhaustive list of supported devices. Any device not listed in this table could possibly work using a similar driver.
Please report any device status.
Manufacturer | Model | Supported? | Driver name |
---|---|---|---|
APC | AP7920 | Yes | apc_masterswitch |
APC | AP9606 | Yes | apc_masterswitch |
APC | AP9225 | Yes | apc_masterswitchplus |
APC | AP7155 | Yes | apc_rackpdu |
APC | AP7900 | Yes | apc_rackpdu |
APC | AP7901 | Yes | apc_rackpdu |
APC | AP7902 | Yes | apc_rackpdu |
APC | AP7911a | Yes | apc_rackpdu |
APC | AP7921 | Yes | apc_rackpdu |
APC | AP7922 | Yes | apc_rackpdu |
APC | AP7930 | Yes | apc_rackpdu |
APC | AP7931 | Yes | apc_rackpdu |
APC | AP7932 | Yes | apc_rackpdu |
APC | AP7940 | Yes | apc_rackpdu |
APC | AP7941 | Yes | apc_rackpdu |
APC | AP7951 | Yes | apc_rackpdu |
APC | AP7960 | Yes | apc_rackpdu |
APC | AP7990 | Yes | apc_rackpdu |
APC | AP7998 | Yes | apc_rackpdu |
APC | AP8941 | Yes | apc_rackpdu |
APC | AP8953 | Yes | apc_rackpdu |
APC | AP8959 | Yes | apc_rackpdu |
APC | AP8961 | Yes | apc_rackpdu |
APC | AP8965 | Yes | apc_rackpdu |
Aten | all? | Yes | aten |
CyberPower | all? | Untested | cyberpower |
EatonPower | all? | Untested | eatonpower |
Teltronix | all? | Yes | teltronix |
BayTech | MRP27 | Yes | baytech_mrp27 |
Software Requirements
- The PySNMP package must be installed, variously referred to as
pysnmp
orpython-pysnmp
Enabling the SNMP Hardware Type
Add
snmp
to the list ofenabled_hardware_types
inironic.conf
. Also updateenabled_management_interfaces
andenabled_power_interfaces
inironic.conf
as shown below:[DEFAULT] enabled_hardware_types = snmp enabled_management_interfaces = noop enabled_power_interfaces = snmp
To enable the network boot fallback, update
enable_netboot_fallback
inironic.conf
:[pxe] enable_netboot_fallback = True
Note
It is important to enable the fallback as SNMP hardware type does not support setting of boot devices. When booting in legacy (BIOS) mode, the generated network booting artifact will force booting from local disk. In UEFI mode, Ironic will configure the boot order using UEFI variables.
Restart the Ironic conductor service.
service ironic-conductor restart
Ironic Node Configuration
Nodes configured to use the SNMP hardware type should have the
driver
field set to the hardware type
snmp
.
The following property values have to be added to the node's
driver_info
field:
snmp_driver
: PDU manufacturer driver name orauto
to automatically choose ironic snmp driver based onSNMPv2-MIB::sysObjectID
value as reported by PDU.snmp_address
: the IPv4 address of the PDU controlling this node.snmp_port
: (optional) A non-standard UDP port to use for SNMP operations. If not specified, the default port (161) is used.snmp_outlet
: The power outlet on the PDU (1-based indexing).snmp_version
: (optional) SNMP protocol version (permitted values1
,2c
or3
). If not specified, SNMPv1 is chosen.snmp_community
: (Required for SNMPv1/SNMPv2c unlesssnmp_community_read
and/orsnmp_community_write
properties are present in which case the latter take over) SNMP community name parameter for reads and writes to the PDU.snmp_community_read
: SNMP community name parameter for reads to the PDU. Takes precedence over thesnmp_community
property.snmp_community_write
: SNMP community name parameter for writes to the PDU. Takes precedence over thesnmp_community
property.snmp_user
: (Required for SNMPv3) SNMPv3 User-based Security Model (USM) user name. Synonym for now obsoletesnmp_security
parameter.snmp_auth_protocol
: SNMPv3 message authentication protocol ID. Valid values include:none
,md5
,sha
for all pysnmp versions and additionallysha224
,sha256
,sha384
,sha512
for pysnmp versions 4.4.1 and later. Default isnone
unlesssnmp_auth_key
is provided. In the latter casemd5
is the default.snmp_auth_key
: SNMPv3 message authentication key. Must be 8+ characters long. Required when message authentication is used.snmp_priv_protocol
: SNMPv3 message privacy (encryption) protocol ID. Valid values include:none
,des
,3des
,aes
,aes192
,aes256
for all pysnmp version and additionallyaes192blmt
,aes256blmt
for pysnmp versions 4.4.3+. Note that message privacy requires using message authentication. Default isnone
unlesssnmp_priv_key
is provided. In the latter casedes
is the default.snmp_priv_key
: SNMPv3 message privacy (encryption) key. Must be 8+ characters long. Required when message encryption is used.snmp_context_engine_id
: SNMPv3 context engine ID. Default is the value of authoritative engine ID.snmp_context_name
: SNMPv3 context name. Default is an empty string.
The following command can be used to enroll a node with the
snmp
hardware type:
baremetal node create \
--driver-info snmp_driver=<pdu_manufacturer> \
--driver snmp <ip_address> \
--driver-info snmp_address=<outlet_index> \
--driver-info snmp_outlet=<community_string> --driver-info snmp_community=