MAAS using unexpected IPMI credentials to log into OOO management interface

Users
,
1

Hello.

I have a bunch of servers using RedFish with no standard username and password. Normally, in the Machines Configuration section, I’d normally have:

Power configuration

Power type Redfish
Redfish address 10...*
Redfish user USERID
Redfish password ********
Node ID

I just powered on that node and spot in the console that the commission has started (luckily I did not have any data on that node), with a bizarrely looking Machine Configuration section already populated:

Power configuration

Power type IPMI
Power driver LAN_2_0 [IPMI 2.0]
Power boot type EFI boot
IP address10...*
Power user maas
Power password ***************
K_g BMC key —
Cipher Suite ID 3 - HMAC-SHA1::****
Privilege Level Administrator
Workaround Flags Opensesspriv
Power MAC ****
Power off mode Power off

How would it get all those details from and successfully have control over IPMI interface? Is this some part of RedShift framework?

Also, is the act of commissioning actually destroying anything on the node’s storage or this is only like running a live-CD to gather all the details about the server?

Cheers.

2

It uses ipmitool and I confirm that commissioning/enlisting does not write any data on the disks

3

See https://maas.io/docs/maas-settings also

4

Hi @simeruk

How would it get all those details from and successfully have control over IPMI interface? Is this some part of RedShift framework?

During machine netboot MAAS will serve ephemeral Ubuntu image and pass some parameters to GRUB, so once it is booted cloud-init knows how to talk to MAAS and special commissioning scripts can be downloaded and executed.

One of these commissioning scripts is doing BMC configuration

Also, is the act of commissioning actually destroying anything on the node’s storage or this is only like running a live-CD to gather all the details about the server?

As @r00ta already mentioned, this operation is absolutely safe.
Ephemeral Ubuntu is not installed on the disk and runs in memory. Built-in scripts do not do any harmful operation and do not do anything with existing data on your disks.