Embedded server remote management system and method based on domestic processor
Technical Field
The invention relates to the technical field of server management, in particular to a remote management system and a remote management method of an embedded server based on a domestic processor.
Background
The BMC is a control unit which is deployed in a server and provided with an independent power supply and an independent I/O interface, and can control peripheral devices such as a sensor, a hard disk, a network and a PCI-E board card of the server. Whether the server is provided with an operating system or not and whether the server is started or not can be monitored as long as the baseboard management controller is powered on.
The BMC consists of two parts, namely a BMC chip and BMC firmware. The BMC chip provides hardware interfaces such as a communication interface and an independent I/O (input/output) required by remote management of the server, and provides computing capability and storage capability. The BMC firmware is embedded software for controlling the operation of the BMC. The BMC chip has high requirements on manufacturing process and complex design principle. If the BMC chip is directly attached to the circuit board, the cost of newly developed servers is high, and the production and debugging process is long.
Therefore, if the board level scheme is adopted, when the independent board embedded with the chip of the BMC is inserted into the special slot of the server, the server remote management function of the BMC can be realized. However, the existing board level schemes basically adopt BMC chips in the united states, japan or taiwan of china. There is no domestic processor-based server remote management scheme that can replace foreign BMC chips, so that the demands of the server computers in the whole country cannot be met.
Disclosure of Invention
The invention provides a remote management system and a remote management method for an embedded server based on a domestic processor, overcomes the defects of the prior art, and can effectively solve the problem that the remote management of the server can not be realized based on the domestic processor in the prior art that the remote management of the server can only be realized based on a board card of a foreign BMC chip.
One of the technical schemes of the invention is realized by the following measures: a remote management system of an embedded server based on a domestic processor comprises a management board card, a KVM over IP function module and an IMedia function module, wherein the management board card comprises a general domestic processor, an embedded operating system and a trusted computing function module;
the KVM over IP function module is used for remotely controlling the BIOS of the server and the embedded operating system of the remote control server;
the IMedia functional module is used for virtually mounting the external equipment on the server through the NBD technology;
and the trusted computing function module is used for realizing the measurement of the server firmware and the call of the server embedded operating system to trusted computing.
The following is further optimization or/and improvement of the technical scheme of the invention:
the KVM over IP function module comprises a BIOS remote control function module and an operating system remote control module;
the BIOS remote control function module is arranged on the terminal and used for enabling BIOS serial port information to be interacted between the terminal and the server management board card through an SOL technology so as to realize that the terminal remotely controls the server BIOS;
the remote control module of the operating system comprises remote desktop client software deployed in the embedded operating system and a remote desktop server deployed in the server BMC, and remote login of the embedded operating system of the server is realized by accessing the BMC, so that remote control of the embedded operating system of the server is realized.
The server management board card comprises a management interface setting module and a remote state monitoring module;
the management interface module is used for realizing the support of IPMI2.0 standard and can be connected with a sensor of the server;
and the remote state monitoring module is used for acquiring the data of the server sensor through the management interface module.
The server management board card further comprises a remote power supply management module for managing and controlling the power switch and the electrification of the server.
The second technical scheme of the invention is realized by the following measures: a server remote management method based on a domestic processor comprises the following steps:
the terminal is connected with the management board card, and the embedded operating system of the server is started remotely;
the terminal remotely controls the server BIOS and the server embedded operating system through a corresponding interface;
the terminal and the management board card judge the server remote operation required to be carried out, and carry out corresponding remote operation according to the required operation type;
and the terminal remotely closes the server.
The following is further optimization or/and improvement of the technical scheme of the invention:
the server remote operation that above-mentioned terminal and management integrated circuit board judgement needs to be carried out includes:
the management board card judges the operation required to be performed by the server and performs remote operation according to the type of the required operation;
and the terminal judges the content of the server to be checked and carries out remote operation according to the judgment result.
The above-mentioned management integrated circuit board judges the operation that the server needs to carry out, carries out remote operation according to required operation type, includes:
the management board card monitors whether the external equipment is remotely mounted or not, and responds that the external equipment is virtually mounted on the server based on the IMedia functional module;
the management board card judges whether the trusted computing support is needed or not, and responds that the embedded operating system accesses the trusted computing function module to perform the trusted computing support.
The terminal judges whether the sensor information needs to be checked, and responds that the embedded operating system provides the sensor information through the management interface module.
The terminal is connected with the management board card, and the embedded operating system of the server is started remotely, which comprises:
the server is powered on to run, the management board card completes initialization and enters a working mode;
the management board card carries out credibility measurement on key software and hardware of the server, judges whether the credibility measurement passes or not, responds to the passing, and then enters a monitoring state to wait for connection of the terminal;
and logging in a Web interface through a terminal, and remotely starting the embedded operating system of the server.
Under a high-safety environment, the remote management requirement on the server is realized based on a domestic processor, the polar plate scheme of a foreign BMC chip is effectively replaced, the remote management function of the server supported by the BMC is localized, and the requirement of localization of a server computer is met.
Drawings
Fig. 1 is a schematic structural diagram of embodiment 1 of the present invention.
FIG. 2 is a flow chart of example 2 of the present invention.
Fig. 3 is a flowchart of server remote operation required in embodiment 2 of the present invention.
Fig. 4 is a flowchart of an operation that needs to be performed by the management board to determine the server in embodiment 2 of the present invention and a corresponding operation process.
Fig. 5 is a flowchart of remotely booting a server embedded operating system according to embodiment 2 of the present invention.
Detailed Description
The present invention is not limited by the following examples, and specific embodiments may be determined according to the technical solutions and practical situations of the present invention.
The invention is further described with reference to the following examples and figures:
example 1: as shown in fig. 1, the embedded server remote management system based on a domestic processor comprises a management board card, a KVM over IP function module and an IMedia function module, wherein the management board card comprises a general domestic processor, an embedded operating system and a trusted computing function module;
the KVM over IP function module is used for remotely controlling the BIOS of the server and the embedded operating system of the remote control server;
the IMedia functional module is used for virtually mounting the external equipment on the server through the NBD technology; the external equipment comprises a U disk, a USB disk and the like;
and the trusted computing function module is used for realizing the measurement of the server firmware and the call of the server embedded operating system to trusted computing.
The IMedia function module is mainly implemented by NBD (Network Block Device) technology. First, an NBD Server is installed on a terminal so that it can access a certain block device or device image through a network. Next, the NBD Client is implemented in the embedded operating system, and this service mainly aims to obtain the content to be remotely loaded from the remote NBD server. And finally, realizing virtual USB equipment drive in the embedded operating system, wherein the management board card is physically connected with the host end through a USB, the management board card provides an OTG-type USB controller as a slave device to be connected to the host end, and virtual USB equipment such as a U disk, a USB optical disk and the like is realized in the management board card.
Through such a series of operations, the management board can acquire an ISO image or a disk device on the client terminal, read the content of the device through NBD service, transmit the device information to the management board, and then guide the information to the host through virtual USB service, so that the remote IMedia function can be realized.
The above trusted computing function module may be a trusted chip embedded on the management board card, or trusted computing software embedded in the embedded operating system. After the server is powered on, the management board card performs trusted measurement on the server BIOS to ensure the security of the server BIOS, and on the basis, the management board card can perform security verification on the identity, key hardware and core software of a user according to a security function interface provided by a trusted chip or trusted computing software to ensure the safe starting and running environment of the computer. Meanwhile, after the embedded operating system of the server is started, a functional interface of a trusted chip or trusted computing software can be called to complete safety functions such as identity verification, trusted measurement, trusted storage and the like.
Under a high-safety environment, the remote management requirement on the server is met based on a domestic processor, the polar plate scheme of a foreign BMC chip is effectively replaced, and the remote management function of the server supported by the BMC is localized.
The following is further optimization or/and improvement of the technical scheme of the invention:
as shown in fig. 1, the KVM over IP function module includes a BIOS remote control function module and an operating system remote control module;
the BIOS remote control function module is arranged on the terminal and used for enabling BIOS serial port information to be interacted between the terminal and the server management board card through an SOL technology so as to realize that the terminal remotely controls the server BIOS;
the remote control module of the operating system comprises remote desktop client software deployed in the embedded operating system and a remote desktop server deployed in the server BMC, and remote login of the embedded operating system of the server is realized by accessing the BMC, so that remote control of the embedded operating system of the server is realized.
Because the universal domestic processor does not have a customized video compression module in the BMC chip, the video stream of the server is difficult to be directly compressed by hardware and sent to the terminal. Therefore, when a server remote management system is built based on a universal domestic processor, on the basis of the existing hardware characteristics, serial port information needs to be sent to a terminal through a network, and a manager of the terminal carries out remote BIOS configuration. The mechanism mainly completes the interaction with a server management board card through SOL (Serial over LAN), namely, a serial port is redirected to a network port, serial port information is sent to a terminal, and the remote operation of a corresponding administrator keyboard and a mouse is completed.
The function of the serial port console is realized in the BIOS, the input and the output of the BIOS are re-transmitted to the serial port console, so that the configuration interface and the shell command line of the BIOS can be displayed through the serial port output, and the input operation of the BIOS can be performed through the serial port.
In summary, the BIOS remote control function module can redirect the serial port of the BIOS to a management board (for replacing the board embedded with the BM chip) through the SOL technology, and when the SOL function is activated, any data coming out of the system serial controller is encapsulated into the management board and sent to the remote-controlled LAN packet. In contrast, any character data sent from the LAN to the system serial controller is first extracted by the BMC and then transmitted to the system serial controller via the management board UART. Therefore, the terminal can access the server BIOS through remote SOL operation, and the KVM function of the BIOS stage is realized.
The remote control module of the operating system is used for deploying remote desktop client software in the embedded operating system of the server and can be automatically operated when the server is started. Meanwhile, a remote desktop Server (such as a VNC Server) is placed inside the BMC. When a user accesses the BMC, the embedded operating system of the server side can be remotely logged in through the VNC, and remote control over the operating system is achieved.
As shown in fig. 1, the server management board card includes a setting management interface module and a remote status monitoring module;
the management interface module is used for realizing the support of IPMI2.0 standard and can be connected with a sensor of the server;
and the remote state monitoring module is used for acquiring the data of the server sensor through the management interface module.
The management interface module can be an IPMI2.0 interface, an IPMI protocol stack is transplanted in an embedded operating system, so that the IPMI2.0 is supported, and meanwhile, the management interface module is connected with a sensor of a server through an external circuit of a management board card, so that data of the sensor is acquired.
The remote state monitoring module acquires sensor data through the management interface module, manages the running state of the sensor data by compiling corresponding software programs and can realize remote state monitoring of the server, wherein the sensor data comprises sensor data such as the fan rotating speed, the CPU temperature, the PSU voltage and the like of the embedded operating system.
As shown in fig. 1, the server management board further includes a remote power management module, which is used for managing and controlling a power switch and power-on of the server.
The remote power management module can transplant the Web server in the embedded operating system, so that an administrator can log in a Web interface in the server management board card to realize the management and control of power switch and electrification of the server.
Example 2: as shown in fig. 2, the remote management method for the server based on the domestic processor includes the following steps:
s1, connecting the terminal with the management board card, and remotely starting the embedded operating system of the server;
s2, the terminal controls the server BIOS and the server embedded operating system through the corresponding interface; the BIOS of the server is remotely controlled through a BIOS remote control interface of the terminal, and the embedded operating system of the server is controlled through a host operating system interface of the terminal;
s3, the terminal and the management board card judge the server remote operation needed, and corresponding remote operation is carried out according to the needed operation type;
and S4, the terminal remotely closes the server.
The following is further optimization or/and improvement of the technical scheme of the invention:
as shown in fig. 2 and 3, the terminal and the management board determine the operations to be performed, including
S31, the management board card judges the operation needed by the server and carries out remote operation according to the needed operation type;
and S32, the terminal judges the server content needing to be checked and carries out remote operation according to the judgment result.
As shown in fig. 2 and 4, the determining, by the management board, an operation that needs to be performed by the server, and performing a remote operation according to a type of the operation that needs to be performed includes:
s311, the management board monitors whether the external equipment is remotely mounted, and in response, the server is virtually mounted on the external equipment based on the IMedia function module; responding to the judgment, and the management board card continues to monitor whether the external equipment is mounted remotely;
and S312, the management board card judges whether the trusted computing support is needed, responds to the judgment, the embedded operating system accesses the trusted computing function module to carry out the trusted computing support, and responds to the judgment, the management board card continues to judge whether the trusted computing support is needed.
As shown in fig. 2, the terminal determines whether the sensor information needs to be checked, and in response, the embedded operating system provides the sensor information through the management interface module. Meanwhile, an administrator can remotely check the sensor information of the server through a management board Web interface of the terminal.
As shown in fig. 2 and 5, the terminal is connected to the management board, and remotely starts the server embedded operating system, including:
s11, electrifying the server to run, completing initialization of the management board card, and entering a working mode;
s12, the management board card carries out credibility measurement on key software and hardware of the server, judges whether the credibility measurement passes or not, responds to the passing, the management board card enters a monitoring state, and waits for terminal connection;
and S13, logging in a Web interface through the terminal, and remotely starting the embedded operating system of the server.
The above technical features constitute the best embodiment of the present invention, which has strong adaptability and best implementation effect, and unnecessary technical features can be increased or decreased according to actual needs to meet the requirements of different situations.