Lights out management - still waiting for the bulb to glow
Go vertical or go home
Blog I am on a quest to lower my computer power usage. If you have read my previous article, you know that this is not by choice - it’s a necessity driven largely by cooling requirements in the spaces where my systems live. The project at hand is Lights out Management (LOM), the ability to configure and control my systems even when they are powered off, thus allowing me to keep them powered off unless I need them.
To recap: I discovered with a little bit of hunting that I could do some really cool things. Wake On Lan (WOL) can wake sleeping, hibernating or suspended systems from their torpor, while Simple Network Management Protocol (SNMP) can give me granular control over my uninterruptible power supplies (UPSes), power distribution units (PDUs) and various flavours of printer. When it comes to actually getting some out-of-band remote management on these systems (in case they experience an error while coming back online) I have at my disposal an IPKVM and several systems running Intel’s vPro.
The goal is to actually find some software that allows me to use all of these tools from one interface, schedule power downs and wake ups and poke at my systems to see what is wrong with them if they aren’t responding. Preferably, I need to come up with something that I can throw together in the next few days, learn to use in no time flat and only poke at when there’s an actual problem needing my attention. While I normally love tinkering with projects endlessly, time is short and this LOM project needs to “just work”.
Whether open source, proprietary, free or paid, there are many enterprise desktop management tools out there capable of some aspect of LOM control. I have two requirements: the first is to assemble a set of basic tools for manipulating all elements of my LOM setup independently. The second requirement is to find a centralised management tool that will allow me to run my LOM setup across my whole network seamlessly and easily.
The search for candidates to include not only in this article, but to actively deploy on my networks left me nearly weeping with frustration. My Google-fu was inadequate, because if there exist applications that actually take LOM seriously I had virtually no luck finding them. Everything I could find that appeared to begin to take it seriously was part of some vertical stack of applications offered by OEMs like IBM or HP. Third-party, platform-independent lights out management is thin on the ground. To achieve the first requirement of my project, I need to acquire some backup management tools. These have to be simple tools, or preferably a single tool that does all the things I needed simply.
vPro and WOL proved to be the easiest of the lot. Applications that can reach out and wake a computer up using WOL number in the thousands - pick your poison. I will stick with what I know, and so for my “simple WOL tool” I have a combination of the WOL abilities built into my DD-WRT Wi-Fi routers and a tiny Windows app called “magic packet sender”.
Intel offers a Manageability Developer Toolkit which comes with a program called the Manageability Commander. While I am still not 100 per cent certain if the licensing terms allow me to actually use this in a corporate setting as a regular tool, if you have a vPro system and want to start making use of it right now, this is what you were looking for.
I could find two out of the three tools to satisfy my requirements, but APC stubbornly refused to play ball. I am starting to believe that it is quite possible there is no such thing as a simple anything when it comes to managing APC equipment. APC offers centralised management software of its own, but it is anything but simple and the costs are exorbitant, even for APC. For the cost of the software, I could replace every piece of APC hardware I have with equipment from an alternate vendor that would play nice with various bits of open source software I have grown to like.
My extant APC infrastructure is definitely looking like the limiting factor on my ability to build a simple and low-cost LOM for my network. If I want to manipulate any of my APC gear, it looks like my only simple options are SSH or being stuck using the web interface. Anything else is SNMP. SNMP leads me into the second stage of this quest: finding a centralised management tool to run my LOM setup. The problem I run right into here is that, so far as I know, there are absolutely no tools out there dedicated strictly to LOM. Every piece of software I can find that incorporates LOM capabilities is backed onto a much larger desktop management application. What’s worse, the LOM capabilities are often treated as an afterthought; the applications focus far more heavily on monitoring or application/operating system deployment.
Desktop management is obviously a sector that a lot of companies hope to make an absolute killing on. (This is amusing, given the steady rise of VDI.) The information available from most commercial desktop managers has many buzzwords and happy, fluffy phrases that say absolutely nothing of value. The only signal you can extract from the noise is that you are getting exactly nowhere until you talk to a sales rep.
As the worst offender, I point the finger at Symantec on this. I know for a fact that their Altiris gear can do everything I need it to do, but what products exactly I need, and how much I will be paying for the privilege were impossible to determine. I could spend an entire day looking over that website trying to extract usable information, but after about 45 minutes I gave up and relegated Symantec back to the “thanks but no thanks” category for the next five years. Provide information without the requirement of salespeople or I will simply move on, thank you.
As a notable contrast, Dell’s KACE website was fabulous. I could quickly and easily find every scrap of information I wanted, and they even had a “chat with a live pre-sales rep” button. This connected me with some wetware able to quickly and easily answer my questions, for which I must admit to being mightily impressed. A little bit of snooping around the website reveals that they apparently offer an enormous range of desktop management and desktop deployment toys that I now covet. Sadly, all the cool toys I want are spread out over multiple different appliances and they are simply priced out of reach.
Equally disappointing was that while these KACE appliances do support the WOL I need for this project, they support neither my APC gear, nor vPro. Still, they get kudos for an excellent website that was simply head and shoulders above the clouds of obfuscation offered by the competition. The place of honour for the open source centralised monitoring and management crowd is split for me between Nagios and Zenoss. They are both absolutely fantastic network monitoring tools, and they will stunningly actually talk to my APC equipment. Sadly, while you can use either product to built alert or event triggers to try to make your network more self-healing, neither offers much in the way of default options or templates for this.
Furthermore, they don’t incorporate WOL (unless you use an external executable and an event script you write yourself), and there is simply no way to integrate any remote access tools. Whether it be vPro, VNC, RDP or Teamviewer, there is simply no integration of remote control facilities in these products. Both are spectacular at telling you when something has gone wrong, they simply have little emphasis on do anything about it. Sadly it looks as though if I want to go open source, I’m having to use alternate tools to do the actual out of band management portion, placing the open source tools firmly outside the realm of practicability for s project dedicated to LOM.
This brings me to Microsoft’s System Center suite of applications. Configuration Manager (SCCM), Operations Manager (SCOM), Data Protection Manager (SCDPM), Service Manager (SSSM), Virtual Machine Manager (SCVMM) and Essentials (SCE). There is also Opalis in this family, but I’ll admit to knowing absolutely nothing about that one. All Systems Center applications naturally bear a cost for the server software, as well as CALs for each machine. (Anyone getting the feeling that Microsoft really wants to charge you a lot to manage you servers?) Of the System Center suite, three applications can integrate with vPro, and are probably the most common applications in use to do so today.
SCCM has been quoted to me several times as the answer to nearly every desktop or server management problem I could imagine. A few days after I’d gotten over the fairly sharp learning curve, I am reluctantly beginning to agree. The cost is fairly high (especially for server management licences) and it isn’t winning any cross platform awards, but it does do a fairly good job of helping you manage your network. As you might expect, SCCM integrates nicely with remote management applications, as well as other System Center applications.
If you can swallow the cost, SCCM has absolutely excellent WOL support, good SNMP and is extensible via a plug-in framework that is nicely filled in by “the Microsoft ecosystem”. Quest Software leads the pack here. If you are looking for software to support your LOM project, you’ve found it. The last time I touched this product, it was still “System Management Server” and I was fairly underwhelmed by its capabilities. Today, I’m absolutely blown away not only by SCCM, but the entire System Center suite.
Well, almost the whole suite. The exception is Microsoft System Center Essentials (SCE), which is, compared to its bigger brethren, painfully crippled. It has no WOL support, limited remote management, terrible reporting abilities and no plug-in functionality to speak of. It might be marginally useful for SME work, but it won’t do proper LOM.
Frankly, there are open source tools that do almost everything it can better and cheaper. If you can stump up for the full suite of grown-up System Center applications, do so, but SCE just isn’t worth the time or the money. So what am I going to do to finish up my LOM project? I don’t have the funds to fork out for the System Center suite, and the open source community has failed to come up with the right shaped peg for this particular hole. I could do it by hand with the simple tools I found, but I actually did find an alternative. After much research, and many different attempts at implementation, I learned one lesson that will encompass my entire next article. It’s called Spiceworks. ®