BMC and Host State Management Refactor

Wed Jan 4 09:24:00 AEDT 2017

Happy 2017 Everyone!!

As I’ve been implementing the host and chassis state control, I ran
into an issue when moving some of our existing applications over to
the new interfaces.

In skeleton/hostcheckstop/host_checkstop_obj.c there’s an assumption
that a “Reboot” request will do a hard power off (i.e. no host
notification) and then a fresh boot of the system.  However, per the
design discussion of my new code, I’m implementing reboot to do a soft
power off (i.e. host notification) which obviously won’t work if the
host has checkstopped.

I see a few options, I have my favorite last.

1. Have the checkstop code emit a checkstop signal, have the new host
state code monitor for it, if a reboot is requested after the
checkstop then the host code is smart enough to just power of the
chassis and do a power on (i.e. no soft power off)
- I’m not a big fan of the potential race conditions here on checkstop
single vs reboot (I’m not sure if DBUS guarantees in-order messages)
nor do I really like all this logic in the host state code.

2. Have the checkstop code issue the chassis power off, which will be
detected by the host state code, and then have the checkstop code
issue a power on to the host state code once the power off is
complete.
- This fits with our original plan, put the owness on the caller, but
I don’t really like putting the state logic in the checkstop code.  It
would have to issue a command, wait for a signal that we’re powered
off, then issue the power on.

3. Put some logic into the soft power off code,
phosphor-host-ipmid/host-services.c, to know if the host is up or not
and act accordingly
- Doesn’t really seem like the right place for this logic

4. Provide a softReboot and hardReboot option in the host state code.
The hardReboot would do the chassis power off (hard power off) and
then power on.  The softReboot will work as expected and issue the
soft power down command to the host.
- Seems like a happy compromise in where the logic goes.  Checkstop is
smart enough to know it needs a hardReboot and host state code knows
how to do it.

Current Interfaces:
https://github.com/openbmc/phosphor-dbus-interfaces/tree/master/xyz/openbmc_project/State

Andrew

On Sun, Nov 27, 2016 at 8:30 PM, Andrew Geissler <geissonator at gmail.com> wrote:
> On Tue, Nov 22, 2016 at 7:07 PM, Andrew Jeffery <andrew at aj.id.au> wrote:
>> On Tue, 2016-11-22 at 11:23 -0600, Andrew Geissler wrote:
>>> > On Mon, Nov 21, 2016 at 9:40 PM, Andrew Jeffery <andrew at aj.id.au> wrote:
>>> > On Mon, 2016-11-21 at 20:28 -0600, Andrew Geissler wrote:
>>> > > > > > > > On Sun, Nov 20, 2016 at 11:55 PM, Joel Stanley <joel at jms.id.au> wrote:
>>> > > > Hi Andrew and Josh,
>>> > > >
>>> > > > On Sat, Nov 19, 2016 at 7:01 AM, Andrew Geissler <geissonator at gmail.com> wrote:
>>> > > > > Josh and I are working two stories this sprint that deal with
>>> > > > > refactoring the bmc and host state management code out of skeleton
>>> > > > > (#772/#783).  Here’s the proposal on this work.
>>> > > >
>>> > > > Thanks for sending out your plan, this is great. I have a few comments
>>> > > > that came up as I was reading.
>>> > > >
>>> > > > > The overall design for both state management objects is that they will
>>> > > > > provide a set of properties on which to operate.
>>> > > > > - DesiredState
>>> > > > > - CurrentState
>>> > > > >
>>> > > > > CurrentState will be a read only property.
>>> > > >
>>> > > > You've chosen to make the desired and current states be separate,
>>> > > > which works. Another option would be to have them be the same list of
>>> > > > states, so you know that when current==desired you're not waiting on
>>> > > > anything to happen. What do you think?
>>> > > >
>>> > >
>>> > > Hmmm, I'm thinking from a DBUS/REST api perspective here.  2 seems
>>> > > more intuitive, but also I don't think I understand your proposal
>>> > > fully :)
>>> >
>>> > I think you might be misinterpreting. I don't think Joel was suggesting
>>> > you eliminate one of the DesiredState or CurrentState "variables",
>>> > rather that the /types/ of the CurrentState and DesiredState variables
>>> > be equal. That is, that the same set of states can be assigned to both.
>>> >
>>>
>>> I see now.  I'm still not seeing any huge advantages on either
>>> proposal over my original.
>>
>> The advantage I see in Joel's proposal is that we have fewer types
>> involved in the problem. The alternative (as mentioned below) is you
>> rename DesiredState to Transition, in which case I think what you are
>> suggesting is okay. Transitions and states are distinct and well
>> defined concepts.
>>
>> I don't like the idea of "desiring" a state that doesn't exist. Joel's
>> initial question suggests he thinks along these lines as well.
>>
>
> Ahh, ok I see your guys point now.  I could def rename the Desired
> variables to something like DesiredHostTransition.  Maybe even make
> their values verbs (TURN_ON, TURN_OFF, REBOOT)?  I could even knock of
> the "Desired" part (i.e. HostTransition)?  I'm not real strong on it
> either way.
>
>>>  I think I'm just going to stick with it
>>> for now since there are times where the valid states associated with
>>> each (Desired vs. Current) are different
>>
>> Can you expand on this to make it clear what you are arguing for?
>>
>>>  and I think having the two as
>>> I've defined is a bit more user friendly.
>>
>> In what way?
>>
>> Cheers,
>>
>> Andrew