Panel | ||||
---|---|---|---|---|
In this section:
|
Info | ||
---|---|---|
| ||
Related articles:
|
The primary interfaces used to access the
Spacevars | ||
---|---|---|
|
Spacevars | ||
---|---|---|
|
The EMA provides a comprehensive method to provision, maintain and administer the
Spacevars | ||
---|---|---|
|
For login details, refer to Logging Into EMA.
The EMA in Platform Mode provides current status of the platform, application software version information and system information. The EMA in Platform Mode is also used to start, stop and restart the application as well as reboot the host. The EMA in Platform Mode supports upgrading the operating system and application. Additional features include a web interface for generic troubleshooting activities, security and remote access management.
For more information, refer to Logging into EMA in Platform Mode.
Command Line Interface (CLI) is the traditional method to configure systems from any machine with network access using a secure shell (SSH) client terminal emulator).
For login details, refer to Logging Into CLI.
Include Page | ||||
---|---|---|---|---|
|
The Baseboard Management Controller (BMC) supports the following functions:
For login details, refer to Logging Into the BMC
Spacevars | ||
---|---|---|
|
RESTCONF has the following properties:
Client-Server model: In a client-server model, clients are associated with the user interface, and the servers manage data storage behind the interface. This allows a separation between the client and server.
Spacevars | ||
---|---|---|
|
To use a
Spacevars | ||
---|---|---|
|
For access details, refer to Accessing RESTCONF API.
SOAP APIs provide access to Simple Object Access (SOAP) API which is protocol specification used to exchange structured information in the implementation of web services. It uses XML information set for its message format, and usually relies on other application layer protocols, such as Hypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission. The advantage of using SOAP is that it is very versatile and uses different transport protocols. The standard stacks use HTTP as a transport protocol.
The SBC SOAP API supports the following requests for each managed object:
The
Spacevars | ||
---|---|---|
|
Spacevars | ||
---|---|---|
|
Spacevars | ||
---|---|---|
|
Spacevars | ||
---|---|---|
|
For access details, refer to Accessing SOAP API.
If your network includes the
Spacevars | ||
---|---|---|
|
Spacevars | ||
---|---|---|
|
Info | ||
---|---|---|
| ||
The SBC Core includes the utility When executed, the program
The advantage of using |
The SBC SWe and SBC CNe use a RAMP configured for CNe as the single point of authentication for the SBC when using the SBC RESTCONF API or the SBC CLI. This single sign-on feature applies when the SBC CLI and SBC RESTCONF APIs are proxied from RAMP to the SBC (without requiring any knowledge on RAMP of the semantics of the request).
The SBC is enhanced with the following capabilities:
In a deployment, end-users are authenticated and authorized by RAMP when they connect to the SBC. RAMP may interface with external identity providers for this purpose. After authentication, RAMP determines the usergroup that the user belongs to. RAMP passes on this user and usergroup information to the ConfD through the mechanisms mentioned below.
RAMP uses the existing 'emsadmin' user account to interface with the SBC. When the SBC registers with the RAMP, the LCA (Life Cycle Agent) on the SBC requests a password for the 'emsadmin' user account. The LCA updates this account on the SBC with the password generated and returned by RAMP in its response.
RAMP provides a web-based CLI terminal to the end-user. RAMP connects to the SBC's CLI port over the SSH, and proxy requests and responses from/to the end-user's web-based CLI terminal. RAMP connects to the SBC's CLI port as explained below:
End-user's username and groupname will be passed as the ssh ‘command’: The end-user's username and the groupname of the enduser's group is passed as arguments to the ssh command exactly as shown in the example below:
Code Block |
---|
ssh -t emsadmin@10.34.175.181 "alice admin" |
Here, the first argument ('alice') represents the end-user's username. The last argument ('admin') represents the group to which the end-user belongs.
RAMP proxies the RESTCONF requests from the end-user over HTTPS, after substituting the end-user's credentials with a special set of credentials. RAMP connects to the SBC as shown below:
With a special password: The space (' ') , proxy admin username and groupname is appended to the password field in the format shown below:
Code Block |
---|
<space><ramp username>;<end-user's groupname>;<proxy admin user's password> |
Here, semi-colons are used to separate the various fields of the password.
Info | ||
---|---|---|
| ||
When logging into the SBC as a proxied user, if a user with the same name exists on the SBC and if the local user group matches the RAMP passed-in user group, then the authentication is allowed to proceed. If the local user group does not match the RAMP passed-in user group, then the authentication is rejected. Please note that in this case, if the user's local password has expired, they are prompted to change it before proceeding. This means that a REST API request is rejected until the user changes it through the CLI / UI. This feature is only supported when the SBC is configured to use local authentication. It does not work when using external authentication (e.g. RADIUS, LDAP). |