1. Introduction
This blog will introduce to AMD Cloud Manageability solutions.
1.1. AMD Manageability
AMD Manageability solution enables IT administrators to effectively manage enterprise systems both, when either the system is powered on or if the system is powered off. AMD Manageability covers organizations of all sizes, say small and medium enterprises (SME) and large enterprises. More details about AMD Manageability can be found at www.amd.com/DASH.
AMD Manageability support both wired and wireless interfaces. Wireless manageability solution is called AIM-T (AMD Integrated Management Technology). Wired manageability is supported by AMD partners like Realtek and Marvell.
AMD Manageability solution also consists of console software release by AMD like DASH CLI, AMC and AMPS
Before AMD Manageability is deployed, AIM-T system must be provisioned with enterprise credentials. APC (AMD Manageability Console) is application which will ease the provisioning and deployment process.
1.2. AMD Cloud Manageability
AMD Cloud Manageability Service (ACMS) is a software product within AMD Manageability solution which enables IT administrators to manage enterprise systems when systems are outside enterprise network. In the hybrid and remote work environments when some employees are working away from office and enterprises can still manage the systems.
2. Design
AIM-T will connect to cloud only if system is outside office and registers itself with ACMS as available. Inside office AIM-T will not register with ACMS but system will be manageable from any supported DASH console.
AMD Cloud Manageability solution can be initiated when platform is in Windows desktop. All manageability feature like DASH and KVM are supported.
When DASH console wants to manage this AIM-T system, console connects to ACMS server and looks for system hostname, if the system has registered with ACMS. ACMS will facilitate the connection between system and console.
3. Setup requirements
To create the test setup following software are needed. All of them are available for download at www.amd.com/DASH.
- AIM-T 2.0 and above system
- AMD Provisioning Console (APC).
Any windows system.
- ACMS Software
ACMS is installed on a system with public IP either on Linux or Windows. One of the ways to get a public IP is to spawn a virtual machine on any cloud provider (Amazon EC2, Azure VM, etc.).
- DASH CLI
Any Windows or Linux systems.
At a minimum, three systems are required.
- Windows: Install APC and DASH CLI (Management Console)
- Public IP Windows/Linux: Install ACMS.
- AIM-T 2.0 or above system (Managed Node)
4. Installation and setup
Typically, APC is used to generates the cloud supported provisioning package, certificates, keys for establishing cloud manageability connection.
The provisioning package generated by APC is installed on AIM-T system. Certificates and keys are installed on DASH console and on ACMS.
4.1. Generate AIM-T Provisioning Package, certificates, and keys.
Observer secure path is C:\Users\AMD\Documents and package name is MyOrg
Enable cloud manageability as shown below.
On completion, following certificates would be generated at C:\Users\AMD\Documents\AMD Provisioning Console\Packages\MyOrg\Cloud\
- ACMS
- acmscert.pem
- acmskey.pem
- trustedclients.pem
- Console
- acmscert.pem
- consolecert.pem
- AIM-T
- nodecert.pem
- nodekey.pem
- acmscert.pem
ensure these files are present in the package path.
4.2. Enable & setup AIM-T system for manageability.
Refer AIM-T User Guide Windows (document number 57880) at https://www.amd.com/DASH
Install the package to AIM-T as instructed in C:\Users\AMD\Documents\AMD Provisioning Console\Packages\MyOrg\Readme.txt
e.g., provisioning command
AIM-TProvisioningApp.exe -i <ProvisioningPackage>_oMt
4.3. Install & configure ACMS.
On Windows download the ACMS installer and follow the instructions on installation screen.
On Ubuntu, download ACMS DEB package from https://www.amd.com/DASH
Double click from Nautilus or run this from terminal application.
$ sudo apt install ./acms_1.0.0.32_amd64.deb
Copy following files from APC package path C:\Users\AMD\Documents\AMD Provisioning Console\Packages\MyOrg\AIM-T\ACMS\Cloud\ generated in step 4.1
/etc/acms/amcscert.pem /etc/acms/acmskey.pem /etc/acms/trustedclients.pem
By default ACMS listens and binds on port 443. To customize IP address and port, edit /lib/systemd/system/acms.service and update the --bind option to desired IP address and port in ipaddress:port format. Add a firewall rule to allow port 443 or customized port number.
On Windows, installer will prompt to customize IP address and port while installation and make the firewall exceptions.
$ sudo ufw allow 443/tcpStart the ACMS service.
$ sudo systemctl start acms
Ensure ACMS service is running.
$ systemctl status acms
You can watch live logs.
$ journalctl -fu acms
On Windows logfile is C:\ProgramData\AMD\Manageability\acms.log
4.4. Install & configure DASH CLI.
Install latest DASH CLI from https://www.amd.com/DASH
Copy following files from APC package path C:\Users\AMD\Documents\AMD Provisioning Console\Packages\MyOrg\AIM-T\ACMS\DASHCLI\ generated in Step 4.1
C:\Program Files (x86)\DASH CLI 5.0\certs\consolecert.pem C:\Program Files (x86)\DASH CLI 5.0\certs\acmscert.pem
5. Usage
Issue a DASH command with -r option.
dashcli.exe -r acms-host -C -h aimt-host -u admin -P adminpass enumerate computersystem
the output will be like regular DASH command. Likewise, other DASH commands can be executed, and this command would go over ACMS.
6. For more information
List of AIM-T systems: AIM-T Notebooks in the Market - AMD Community
Blog on APC: AMD Provisioning Console (APC) 2.0 Release Announc... - AMD Community
DASH CLI DASH CLI 3.0 Release Announcement - AMD Community
Keywords: Cloud manageability using AMD solution, AMD Manageability in hybrid work environment, Managing systems outside enterprise network.
