 Yeah, so I was saying I'm the one between the end of the event and the beer And I'm as as you probably very tired by the event because there have been a lot of sessions. So My goal here is to make a point around the redfish standard and how many of you have heard about redfish using it Okay, great. So my name is Bruno Konek. I'm working for a hardware manufacturer company Which I will not necessarily name here because I'm on my own for the travel. So you will guess during the slide I've been involved in various open source projects in the last 25 years And I'm interested in redfish around the Python project that we have been doing in a small team of people First I would like to just to remind some definitions around what what we are dealing with so Everybody's aware of what a rest API is Yes, okay An API is clear It could be it could not be just rest. It could be politics. It could be X window It could be whatever library defines an interface between two environments Cheson is clear for everybody as well, I guess Stricted format great Oh data Okay, so this is something Microsoft have come with as a protocol to enable the Creation and consumption of first API. I'm not a huge specialist of all data But it's used in combination with the rest of the other three protocols to create redfish so redfish is another not an industry standard which is Providing specifications schema and a set of tools these days To help you with regards to server where machine management, I would say It started on the server side and the goal is to if you are familiar with the notion of BMC so an on-board Chip on the on your machine, which allows you to do which is completely separated from your operating system your pattern environment which gives you access through Syria through a Network port to another operating system running there and giving you information and Ways to manage your server out of band So this is what the BMC is doing and having a lot of startups in the past to try to help you manage at scale fleet of servers and Typically you use to to have something called a smash for example Which was a command line interface tool created by the DMTF the same guy who are creating redfish and redfish is Is there because smash did not really succeed with aware of smash in the room Okay one Was used smash in the room, okay, so that's why So it was pretty complex. It was really not standardized across vendors So it was really difficult to to deal with and you have you had to learn a new a new interface each time You were changing from hardware manufacturer, which was not really nice So that's not one of the goal for a fish redfish is really there to help different manufacturers to agree on hardware representation of your machine and An API Sustaining that hardware representation so that you can have access to the same Hardware components in different manufacturer of servers the same way So it's using as we were mentioning earlier, it's a restful API It's based on on jason and it's also using OData for some representation The goal is to have a much better hardware support that what was provided before so the ancestor I would say Fred fish was IPMI Which had a certain number of drawbacks? Especially it was not really secure. It was pretty cumbersome to use and it did not provide a lot of Hardware information on complex hardware setup complex hardware setup could be Blade system with chassis where you want to have address Do you want to address multiple servers inside a single enclosure having a single management interface or? Multinode platforms so one manufacturer and I know of which is HPE has a machine called moonshot in which you have Cartridges which can have embedded Management board as well as a chassis management board and each cartridge can have multiple CPUs multiple systems on it. So The rate fish standard was created to support all type of hardware design Not just a standard server to processors RAM memory disk Nick etc etc The goal is really to be able to have a model which is suitable for more complex platform And you may know that some manufacturers are working on memory-centric type of computing these days And we will have in a couple of years. We will have machines which will be made of pool of memory somewhere Pool of compute in other places CPUs Different type of CPUs and very high speed interconnect between the CPUs and the memories and and the disks if there are disks or Yeah, pull of large very large full of memories And so the right fish standard should be able to support those new type of design of Systems that will happen in the coming years. So it really has been architected that way Of course when you gather I Don't know ten different hardware manufacturers around the table and you say to them, okay Let's talk and make a standard It's pretty difficult to each one wants to have the best support for his own hardware many hardware servers hardware platforms, so the standard evolved slowly because They really agreed on a subset Which was pretty small at the start of certain a certain number of features that you have in a machine and everybody was in agreement on How those features should be described and should be accessed and as time passes They were adding more and more features so that more complex architecture were recognized and In common between different manufacturers. However, you always have some So so the marketing departments in in our Company calls that added value and sometimes you can call that crap, but it depends on the on your point of view But anyway A lot of hardware manufacturer have some features that are not standardized because it's something which differentiates them from another Hardware manufacturer, but they still want to be able to access to it So the best example in history is probably SNMP SNMP was working like that You had the standard me and you had public information with the OIDs and you were able to access To to certain number of information completely in a standard way from one manufacturer to another But for example our fans in our servers were accessed in what we call a private me So we had a sub number under which all the tree was our property our Yeah, IP and was described and you give access to the people to the information with that information For the fan was different from a server from Dell a server from Lenovo server from someone else Huawei or whatever so Really redfish had to propose the same type of mechanism and they created the notion of OEM schema to be able for manufacturer to store Some information that all their own information that they are not in agreement to standardize yet either because not all the manufacturer has the same Feature and so the other don't want to expose in a standard something they don't have because that would them at a disadvantage Or because it's something that the other don't have have not developed or not interested in and you want to keep it on your side So hopefully after the first time there will be a redfish Redfish page because I was supposed to make that slide based on Wikipedia as the previous page because I think it's a very good source of Information but there is no Wikipedia page for redfish yet So I've written what I had in mind on one template and I will propose that When I'm in the train back to to my country and hopefully next week We will have a redfish page which will explain a bit what I explained to you here So the standard is not completely new it's four years old standard Which has been published originally So mostly what you had were the JSON and the OData schemas to describe the resources Which are available and a very light mock-up was was made to a little developer to test redfish even if they didn't had access to A hardware supported redfish implementation Because when we started the standard was there But there were very few hardware manufacturers who had added that feature in their BMC Nowadays, it's very different. There are a lot of Manufacturer who were which are providing support for the redfish with minimum firmware version depending on the manufacturers I Put here some of the major one In terms of numbers of server souls Feel free to so I also put that in the wiki page wiki pay their page Feel free to add when if you're dealing with the manufacturer, you know that it's supporting redfish Feel free to add to the information So you have mock-ups you have real hardware you can play with it that's pretty interesting a lot of Documentation has been published as well as when paper facts, etc on this URL So the dmtf.org website under the standards are standards area So I have a redfish and three point in which you will find all this information and you can download all that so latest version is 2018.3 which has been published in 2019. Don't ask me why it's not on 19.1. I don't know That's the way it is So I have been I think seven or eight revision of the standard still Since the beginning You have released notes which each time described what has been Changed between the latest version of the standard and the newer version of the standard Since the 1.0 version originally It's mostly addition so has not been any big change in the way the standard has been has been designed Compared to 0.99 where it was a bit different Okay, so what can you do with redfish? So typically you can do what you do with a PMI historically So you can have a lot of information about server health temperature fans identification asset info information typically an inventory on On the hardware platform as much as your BMC is able to provide to you There are about something like 400 items that you can get and Among those 400 items 25% or items you can modify through redfish as well because you have the you use the The rest API interface so you can get information, but you can also post information to the redfish API and have Configuration items modified on the fly You also have actions that you can pass on the server around power management around the boot order around some thresholds for the power around alerting and logs and You can also deal with the BMC itself with its network settings and the user accounts For authentication on on the system through the BMC So DMTF is providing quite a large set of tools to to deal with As examples, I would say on how to deal with the redfish interface so that we can take that software as a reference point and Include that either in your program and programming environments. So mostly what they are providing is C bindings and Python bindings There are some CLI tools and there are More and more tools available. Not all of them are working for all of the redfish implementation So I don't take Parts here, but I'm trying to make some of those tools work on my HPE reference hardware And as souls have been developed by they'll sometimes there are some differences in the way you interact with redfish And especially the setup the access to the sash redfish that v1 interface is a bit different But globally once you have passed that hurdle the rest is working really really fine So you have the possibility to do simulators you can for example if you have a real hardware server You can capture the redfish implementation of that server and put it in a simulator and then run it as a software Appliance, so it's pretty interesting if you want to do tests without having access to the hardware Which is also nice when we were speaking about kernel CI and the possibility to do automatic testing That's one of the feature which is pretty interesting What else so Personally with a group of people we started the python right fish initiative I have another slide on that a couple of years ago. I've been ill last year, so I've not been able to work on it I hopefully I will restart that This year the oven stack guy didn't want to wait till we fix some of the issues He identified so they created another python library called sushi There is also another python library in the end on the redfish DMTF So everybody is in love with pythons these days. I'm missing my pearl bindings That's why there is a comma here and I need to do something for that But there is no reason but it's just rest API so it's easy to do bindings in other languages That's such as go or or pearl whatever language you like The only major application which has yet Already a redfish driver as probably the open sack ironic bad metal deployment project I don't know of any other tool which has integrated a redfish support to do to medic inventory or Automatic deployment for example based on the type of systems that you could have you can have a lot of ideas Using this type of tools. I will we're going to it So the data model looks like this one, but I won't pass too much time on it What I will do is more go on to directly the The life one There with me once again So I will just explore the mock-up for a simple rack mounted server. So this is on the DMTF directly the DMTF website. They are Not on swing very quickly So they provide a certain number of of mock-up for a simple rack mounted servers or OCP machines they have blade systems Okay Interesting and so when you explore the the data model it looks like that So you have your entry points which are so these are the old data stuff I don't know why we are in need. I need to discuss with the guy because I don't really understand why we are in need of that instead of just plain jason and You can have fields Directly and you can have of course collections Available so Here we have a single system, but you can have the notion of chassis So for example if you go on the on the blade here You would have more stuff you have the manager which corresponds to the BMC So for example, if you look at the manager, you have just one BMC on the server And if you go on the on the BMC, so this is this one is not a real Physical server is just a fact one To show what type of fields you can get And and you will see that you have for example the nick itself of the BMC that you can query and Finally when you have passed the tree enough you can find the MAC addresses for example of the BMC So if you want to do the GP configuration so not for the BMC because you need to have access to the big see first So that's not really the most useful part But if you go on the on the system side, of course, and you have just one system You will find exactly the same type of information For is a for the embedded mix inside the system. So for example, you see you have a TPM 1.2 Component inside that servers you have a certain number of information on the on the naming on the asset number on the BIOS version which can Help you derive an upgrade strategy if you have a fleet of servers and you want all the server to have the same firmware version that's the type of stuff you can do with it and Again, you can pass the BIOS processors memory Internet interfaces so here I have two nicks in my server and again. I have my MAC addresses IP addresses here in that case So the MAC address a hardware MAC address so you can have a Effect MAC address you can have a physical one and you can override the physical one by another one if you want so Here is the way to to pass the information and all that is accessible through the rest API. So here's it's just a nice looking Visualization system for it. Okay, let me just go back so For those of you who are a fan of of pythons there is a source a work we've done around python redfish with a couple of people initially around the open stack we use a python request tortilla to map in fact the Data model of redfish in in memory and being able to pass it very very easily Our goal and that's still a work in progress. We have a markup for that, but that's it would require a bit more development The interest for me of redfish is really around Activities so I'm part of solution center. We host 400 servers. We do models for different type of customers and we are Rebuilding the data center all the time we move servers We move parts in the servers because we have to build something which correspond to the customer request and the idea is to say Okay, how can we automate the management of those changes in relationship with our CMDB? So we have a CMDB but each time you change a RAM from one server to another your CMDB is wrong except if you do Manually the operation inside the CMDB, which is very time-consuming a stupid job so The idea is to really use while it's not stupid for some people doing it But it's it's you can use your time in a better way and drink beer that starts them for example But so the idea is really to say okay if I could claim a higher hardware platform So that this part of the inventory is always up to date and pushed into my CMDB that would be great So what we want to do is have a data model of four hours servers in the data center Which are looking like the redfish one because you don't want to reinvent anything And we want to map that data model to the CMDB data model we have and the CMDB We are using is an open-source one called itop and so the data model of item is a parameter So you can change the data model the way you want so we can very easily map the two data model and each time We modify something on the hardware side pull information through which redfish call into the CMDB and the CMDB is Working by Raising information which I've changed but keeping all the rest of the information which have not changed So it's pretty easy to use and that would allow us really to Improve the the times that the people pass on maintaining that CMDB and just maintain the information that only humans can maintain Not machines so that's one of the Area where redfish could be very useful in my opinion another area could be on the deployment So if there are redhead people in the room for anaconda for example on rail You could have a look at redfish to try to grab hardware information from the redfish schema and detect automatically a certain number of hardware informations that leads to Device names or hardware setups that could be easier to do Using redfish directly in a portable way in the interesting part is that you do the redfish call and whatever the nature of The server you get then normally you should have something which drives a decision which could be the same for all manufacturers So that's really the type of ideas you can have around that So if you want it's on pit if you want to look at it It's that's one version available. You can also look at the DMTF stuff as well I'm working on the mock-up to automate the test of our our client with regards to the DMTF mock-up so that it works correctly Any question? Yes, you're first Oh, sorry, CMDB is a configuration management database So this is a place where you are managing your assets in your in your IT infrastructure Which could be not just computers. It could be Copiers it could be phones. It could be buildings. It could be whatever you want in the CMDB We have you can also manage for example service level agreements providers Point of contact, etc And you can have a measure of impact for example Imagine you unplug a power cord in your data center because you need to do electrical maintenance on an area You can say okay. There's CMDB. Tell me if I unplug that. What is the impact on my infrastructure? So what will be the services at the end which are touched if I remove a plug on my on my wall So that's the type of service a good CMDB is able to to give to you and the more the CMDB is up to date The more precious it is for managing your environment and the more automation you can put in it The best is because if that information is correct. It's coming directly from the hardware You had one question. Yes. What about security? It means are very problematic if they put on public public The problem is you cannot you cannot expect You are expecting your client somebody who is bought that's not to put Okay, so with regards to security Customer should never put a BMC on the internet. That's clear Change customer I mean Now teach to your customer teach to your customers is really really a bad idea It will not improve with IoT devices which are also sometimes on the internet and all sort of BMC somewhere I understand the Redfish protocol is HTTPS So you need another authentication mechanism to be able to log on to the system So it's as secure as your authentication schema is So so from as you mentioned is is an update for example of that a version of BMC firmware and and that's true And and that's I mean the BMC is should be managed like a standard system So people should pass their updates on a regular base. They should automate that if possible They should I mean that's part of the CI environment for managing It's as an operating system. You are upgrading your operating system. You have a workflow You have a approval for a grade you have tests, etc You should do exactly the same for management of the BMC's on your servers because that's as critical as the rest Even if it's not on the internet Yeah, so comment is that There are problems with the Software implementation on BMC so the software stack use on BMC the fact that it becomes obsolete And the fact that it could be shared with as an first sneak of the server the access to the BMC I would say Make test with your hardware manufacturer before buying this hardware and Includes test on the BMC as part of your evaluation of the platform. There are good providers that don't do that anymore That may use to do that in the past, but don't do that anymore But I agree. It's I mean redfish has not a goal to solve those security issues per se It's a it's a way to do secure management because it's Inscripted and it has an authentication mechanism compared to IPMI which was really poor or SNMP Which has also a certain number of other problems. So it does not solve the The hangar in the world, but it sells some of the problem