Redfish OOBM integration is broken in cloudstack #10441

kiranchavala · 2025-02-21T10:49:38Z

problem

Redfish OOBM integration is broken in cloudstack

Red fish implementation was done with this PR

#4175

versions

Cloudstack 4.20

The steps to reproduce the bug

Steps to reproduce the issue

Configure redfish emulator or the mock up server based on your choice on el8 system  
https://hub.docker.com/r/dmtf/redfish-interface-emulator
 https://github.com/DMTF/Redfish-Interface-Emulator/
 https://github.com/DMTF/Redfish-Mockup-Server 
https://www.redhat.com/en/blog/redfish-manage-servers-automatically  
I have used the redfish-interface-emulator to test the integration .

Clone the repo https://github.com/DMTF/Redfish-Interface-Emulator/  
pip3 install -r requirements.txt 
mv emulator-config_dynamic_populate.json emulator-config.json 
python emulator.py   
By default it will run on port 5000

Disable the following global setting redfish.ignore.ssl and redfish.use.https   
Navigate to cloudstack >host > configure oobm > select the driver as redfish

Enable OOBM  cloudstack >host > enable oobm 
Check the logs, even though the port is configured as 5000 , Cloudstack still sends the request on default 80 port

2025-02-21 06:02:30,485 WARN  [o.a.c.u.r.RedfishClient] (API-Job-Executor-72:[ctx-f9877630, job-661, ctx-06b862cd]) (logid:64cb0d54) Failed to execute HTTP GET request retry attempt 1/2 [URL: http://10.0.35.45/redfish/v1/Systems/] due to exception org.apache.http.conn.HttpHostConnectException: Connect to 10.0.35.45:80 [/10.0.35.45] failed: Connection refused 

  2025-02-21 06:02:32,486 DEBUG [o.a.c.u.r.RedfishClient] (API-Job-Executor-72:[ctx-f9877630, job-661, ctx-06b862cd]) (logid:64cb0d54) HTTP GET request retry attempt 2/2 [URL: http://10.0.35.45/redfish/v1/Systems/].

Run the redfish-interface-emulator on port 80

python emulator.py -port 80 

Check the logs , cloudstack fails to get Systems from the redfish emulator , it looks http://10.0.35.45/redfish/v1/Systems/ (extra slash) and finds no response

2025-02-21 08:19:25,848 WARN  [o.a.c.o.PowerOperationTask] (pool-6-thread-13:[ctx-f95f02a2]) (logid:) Out-of-band management background task operation=STATUS for host ol8.localdomain failed with: Failed to get System ID for host '10.0.35.45' with request 'GET: http://10.0.35.45/redfish/v1/Systems/'. HTTP status code expected '200' but it got '404'.

Using curl you can get the api responses

  [root@ol8 Redfish-Interface-Emulator]# curl -s localhost:80/redfish/v1/Systems
{
    "@odata.type": "#ComputerSystemCollection.ComputerSystemCollection",
    "Name": "Computer System Collection",
    "[email protected]": 1,
    "Members": [
        {
            "@odata.id": "/redfish/v1/Systems/437XR1138R2"
        }
    ],
    "@odata.context": "/redfish/v1/$metadata#Systems",
    "@odata.id": "/redfish/v1/Systems",
    "@Redfish.Copyright": "Copyright 2014-2016 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright


[root@ol8 ~]# curl s localhost:80/redfish/v1/Systems/437XR1138R2     | jq .Actions'
{
  "#ComputerSystem.Reset": {
    "target": "/redfish/v1/Systems/437XR1138R2/Actions/ComputerSystem.Reset",
    "[email protected]": [
      "On",
      "ForceOff",
      "GracefulShutdown",
      "GracefulRestart",
      "ForceRestart",
      "Nmi",
      "ForceOn",
      "PushPowerButton"
    ]
  },
  "Oem": {
    "#Contoso.Reset": {
      "target": "/redfish/v1/Systems/437XR1138R2/Oem/Contoso/Actions/Contoso.Reset"
    }
  }
}

What to do about it?

The integration with the redfish oobm should be fixed as redfish is more secure than ipmi and is widely considered as a replacement for ipmi

https://community.hpe.com/t5/servers-systems-the-right/redfish-a-more-secure-alternative-to-ipmi/ba-p/7044568

The text was updated successfully, but these errors were encountered:

This removes extra slash from the base system url in Redfish oobm client utility. Fixes apache#10441 Signed-off-by: Rohit Yadav <[email protected]>

rohityadavcloud · 2025-03-28T07:38:13Z

Raised an experimental PR solely based on @kiranchavala 's findings - thanks!

DaanHoogland · 2025-04-17T14:55:15Z

fixed in #10630

kiranchavala added component:oobm type:bug labels Feb 21, 2025

DaanHoogland added this to the 4.20.1 milestone Feb 26, 2025

Pearl1594 added the priority: low label Mar 5, 2025

rohityadavcloud mentioned this issue Mar 28, 2025

utils: fix extra slash in Redfish default systems url path #10630

Merged

14 tasks

rohityadavcloud assigned rohityadavcloud, DaanHoogland, kiranchavala and Pearl1594 Mar 28, 2025

rohityadavcloud added priority: high and removed priority: low labels Mar 28, 2025

rohityadavcloud linked a pull request Mar 28, 2025 that will close this issue

utils: fix extra slash in Redfish default systems url path #10630

Merged

14 tasks

DaanHoogland added this to Apache CloudStack BugFest - Issues Apr 7, 2025

DaanHoogland moved this to Dev In Progress in Apache CloudStack BugFest - Issues Apr 8, 2025

rohityadavcloud unassigned DaanHoogland and Pearl1594 Apr 15, 2025

rohityadavcloud moved this from Dev In Progress to ready for Testing in Apache CloudStack BugFest - Issues Apr 15, 2025

DaanHoogland closed this as completed Apr 17, 2025

github-project-automation bot moved this from ready for Testing to Done in Apache CloudStack BugFest - Issues Apr 17, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Redfish OOBM integration is broken in cloudstack #10441

Redfish OOBM integration is broken in cloudstack #10441

kiranchavala commented Feb 21, 2025

rohityadavcloud commented Mar 28, 2025

DaanHoogland commented Apr 17, 2025

Redfish OOBM integration is broken in cloudstack #10441

Redfish OOBM integration is broken in cloudstack #10441

Comments

kiranchavala commented Feb 21, 2025

problem

versions

The steps to reproduce the bug

What to do about it?

rohityadavcloud commented Mar 28, 2025

DaanHoogland commented Apr 17, 2025