Starting an Oracle Database Appliance (ODA) using a ssh connection to ILOM (with/without SSH Keys)

The question is - why does someone want to do this? Well, the business case behind this is a shortage in the power supply of a company. They do have a small battery running for some minutes which is enough time to shut down all servers. After a couple of minutes, a diesel emergency generator should have took over the power supply until the public power supply is back in a stable condition. 

If this status is reached, all servers should be restarted automatically by a software - in the right order! This means, first all infrastructure servers (like AD, exchange, DNS, ...) are started, next the database servers and last, after some minutes of wait to bring up all databases, the application servers can start. 

The customer therefore asked for a possibility to stop and start the Oracle Database Appliance using ssh and some kind of script. Well, shutting down the server is easy - one can just follow the note from Oracle Support (Note 2479508.1) for a graceful shutdown and power off of the ODA - as long as there is enough time on the battery left to do this. This may can run several minutes.

But there is no chance to connect to the ODA itself and start the server up. This means, one needs to use an ILOM connection to the ODA to start it (and in case of emergency, one can also shut it down using the same approach, even if it is not recommended and may can lead to OS file system corruption in rare cases). 

The steps:

Optional Step 1 - Create a new user

In the ILOM UI at "ILOM Administration" use "User Management" to create a new user account. The new user should get the rights "Reset and Host Control" and "Read only" (ro). If one want to use the connection as root user, one can skip this.

 

 

 

As example, I created a user "bootman" (Boot Manager).
Afterwards, your User Management looks like

 

 

The following steps do work also with another user as "root", but I have tested it with "root", so all screenshots later will only contain the root user.

 

Optional Step 2 - Create Keys for passwordless connections to ILOM 

One can create the keys for the ssh connection e.g. with the ssh-keygen on Linux. Nothing special at all.

 

 

Check the id_rsa.pub file after creation and copy it to the local computer (for later upload).

 

Optional Step 3 - Add Keys for passwordless connections in ILOM

The certificate now must be installed at the ILOM. Again, one uses the "ILOM Administration"-"User Management" with the "User Accounts" Tab to add the SSH Key. 

Now one can specify the user and the id_rsa.pub file for the passwordless connections.

After uploading the file, one can check the successfull upload. There is an entry at the SSH Key section. The user name column corresponds to the user specified (root or the new created user like "bootman"). 

Step 4 - Connect to the ILOM

If one has done Step two and three the connection can just be done using ssh <ilom_user>@<ilom-ip-address/ilom-dns>. If there is no passwordless ssh connection configured, the password for the <ilom_user> must be entered/specified at the ssh connection. 

 

Step 5 - Stop/Start the System via ILOM

Unfortunately, if one want to stop/start the ILOM, a question is raised. "Are you sure you want to start/stop /System (y/n)?". This can be overwritten by using the "-script" parameter. 

 

From a batch or second system, it is now possible to use a "one-liner" to shutdown or startup the ODA. With SSH Keys it can be done without specifying any password.

 

By the way - if it is enough to power on the ODA if the power is established again after a power loss, one can set the ILOM parameter "HOST_AUTO_POWER_ON"  to enabled.

Nice.