When managing large server fleets, manually configuring BIOS settings through physical access becomes impractical. The need to enable IPMI (Intelligent Platform Management Interface) across multiple SL6 (Scientific Linux 6) machines requires a programmatic approach.
There are several technical approaches to modify BIOS settings from Linux:
- Vendor-specific utilities: Tools like Dell's Racadm or HP's hpasmcli
- IPMI raw commands: Using ipmitool for direct hardware access
- UEFI Shell scripting: For modern UEFI-based systems
For IPMI configuration, the ipmitool package provides the most direct method. First install it:
yum install ipmitool -y
modprobe ipmi_msghandler
modprobe ipmi_devintf
modprobe ipmi_siExample script to enable IPMI access:
#!/bin/bash
# Enable IPMI over LAN
ipmitool -I open lan set 1 access on
# Set IPMI channel 1 to static IP configuration
ipmitool -I open lan set 1 ipsrc static
ipmitool -I open lan set 1 ipaddr 192.168.1.100
ipmitool -I open lan set 1 netmask 255.255.255.0
# Set admin password
ipmitool -I open user set password 2 'newpassword'For Dell PowerEdge servers using Racadm:
racadm config -g cfgIpmiLan -o cfgIpmiLanEnable 1
racadm config -g cfgIpmiLan -o cfgIpmiLanAuthType 4After BIOS changes, implement controlled reboots:
#!/bin/bash
# Schedule immediate reboot
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-triggerAdd validation checks to your scripts:
if ! ipmitool -I open lan print 1 | grep -q "Enabled"; then
echo "IPMI LAN channel not enabled" >&2
exit 1
fiWhen automating BIOS access:
- Always use encrypted IPMI sessions (IPMI 2.0)
- Change default credentials immediately
- Restrict IPMI network access via firewalls
For non-IPMI systems or older hardware:
# Using dmidecode to check current BIOS settings
dmidecode -t bios
# Some vendors provide BIOS config files via /sys/firmwareWhen managing a large server farm, manually configuring BIOS settings via KVM becomes impractical. The need to enable IPMI across hundreds of machines requires an automated solution that can work within Linux environments, particularly Scientific Linux 6 (SL6).
There are several technical paths to consider for BIOS modification from Linux:
- IPMI raw commands (if IPMI is already partially enabled)
- Vendor-specific utilities like Dell's racadm or HP's conrep
- EFI Shell scripting for UEFI-based systems
- Direct firmware access through /sys/class/dmi/id interfaces
For systems where basic IPMI functionality exists, here's a sample script to enable full IPMI access:
#!/bin/bash # Enable IPMI over LAN ipmitool -I open lan set 1 access on # Set IPMI channel privilege ipmitool -I open channel setaccess 1 ADMIN ipmi # Configure IP address (DHCP example) ipmitool -I open lan set 1 ipsrc dhcp # Enable user authentication ipmitool -I open user enable 1
For Dell PowerEdge servers using RACADM:
# Export current BIOS config racadm get -t xml -f current_bios.xml bios # Modify the XML file to enable IPMI sed -i 's/<IPMILan>Disabled<\/IPMILan>/<IPMILan>Enabled<\/IPMILan>/' current_bios.xml # Apply modified configuration racadm set -t xml -f current_bios.xml bios
After modifying BIOS settings, a cold reboot is typically required. Here's how to handle it programmatically:
# For IPMI-controlled systems ipmitool -I lanplus -H $BMC_IP -U admin -P password power cycle # For standard Linux systems echo 1 > /proc/sys/kernel/sysrq echo b > /proc/sysrq-trigger
Always include verification steps in your automation:
# Verify IPMI status
ipmitool -I open lan print 1 | grep "IP Address Source" | grep -q "DHCP"
if [ $? -eq 0 ]; then
echo "IPMI configuration successful"
else
echo "Configuration failed" >&2
exit 1
fi
When automating BIOS changes:
- Always use secure protocols (IPMI over LANplus instead of LAN)
- Rotate credentials after mass deployment
- Implement proper logging of all changes
- Consider BIOS password protection implications