Today, the cost of adding in the Intel Remote Management 3 (RMM3) module in most Intel Server Systems or server boards is very low. To our clients it is actually worth about one visit. So, why not have one installed where we can so that on-site time is reduced?
For Dell we have the DRAC i6 Enterprise, HP has the iLO with Advanced license, and there are others.
What these components do for us is provide a number of out-of-band management features. That means that we do not need an OS to work with the server.
- Console access to the OS, BIOS, firmware, and other server components.
- This is done by redirected KVM session over HTTPS.
- Ability to reset the server, power it up, or power it down.
- Check the server’s sensor logs for errors.
The initial setup of the RMM3 is done in the BIOS of the server. We enable USER3, rename the user, give it a password, and make sure that it has Administrator permissions.
When we first hit the IP address of the RMM3 we need to log on using the above created user:
The page that we will be greeted with will be a summary of the system.
From an RMM3 on an SR1625URR Server System:
From an RMM3 on an SR1630HGPRX Server System:
The FRU Information link gives us our server’s PBA (Part/Model Number), serial number, and other needed information if we are in need of support or warranty replacement.
The Server Health tab gives us a view of the server’s sensor status along with access to the server’s internal Event Log.
The SR1625URR’s sensor readings:
The SR1630HGPRX sensor readings:
Note the difference in the number of sensors between the server systems. The SR1625URR is a dual Intel Xeon Nehalem 5000 series 1U server while the SR1630HGPRX is an Intel Xeon Nehalem 3000 series 1U server.
While all of the above features are very helpful as far as keeping an eye on the server’s health and for troubleshooting purposes the key RMM3 feature is its ability to give us console access to the server’s OS.
Once we click the Launch Console button we will need to approve some Java security warnings before the redirected KVM session begins.
Once we do get our session we are “sitting in front of the server”.
This is a screenshot of the SR1625URR’s KVM session:
We currently have both 1U server’s RMM3 network ports connected to our own internal network. Once we have plugged in the needed optical disk for the OS install if needed and/or USB flash drives we no longer need to be standing at the workbench to run a fresh OS install as is the case in the above screenshot.
We can have a technician run several OS installs and post install configurations while working at their own station.
Once these servers are ready to go into production, the RMM3 Ethernet ports will be set with an ISP delivered static IP address and a GoDaddy certificate will be installed to eliminate the SSL warnings for the Web portal.
When it comes to a standard access method such as Terminal Services/Remote Desktop Services or TS/RDS via TS/RDS Gateway we are stuck if the underlying services get knocked out by an update or something breaks along the way.
Using the RMM3/DRAC/iLO to run those updates means that we do not need to be concerned about the underlying services plus we can watch the server reboot through its BIOS POST as well as RAID Controller POST status indicators.
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.
The instructions for the SSL component of the Intel Remote Management 3 are not clear to me.
ReplyDeleteI am used to SSl certs on web servers, where you generate a request key that is then fulfilled by a CA authority.
How do you create a "SSL certificate and privacy key" without a generating mechanism (My remote is going to have a different DNS entry then the server itself, if oppositive is there assumption?)