What is new in this release................................................................................................................................................. 5
Other documents you may need........................................................................................................................................ 5
Redfish Based Systems Management................................................................................ 7
HTTP Status Codes and Error Messages..........................................................................................................................10
SSL Certificates of iDRAC................................................................................................................................................ 10
The Redfish Scalable Platforms Management API is a standard defined by the Distributed Management Task Force (DMTF).
Redfish is a next-generation systems management interface standard, which enables scalable, secure, and open server
management. It is a new interface that uses RESTful interface semantics to access data that is defined in model format to perform
out-of-band systems management. It is suitable for a wide range of servers ranging from stand-alone servers to rack mount and
bladed environments and for large scale cloud environments.
Dell PowerEdge servers offer a comprehensive range of embedded systems management functions enabled by the Integrated Dell
Remote Access Controler (iDRAC) with Lifecycle Controller. These functions are designed by adhering industry standard application
programming interfaces (APIs) including Redfish.
iDRAC with Lifecycle Controller technology is part of a larger data center solution that helps keep business critical applications and
workloads available always. The technology allows administrators to deploy, monitor, manage, configure, update, troubleshoot, and
remediate Dell servers from any location, and without the use of agents. It accomplishes this regardless of an operating system or a
Hypervisor presence or state.
This document provides a brief overview on Redfish and information on various aspects of Redfish protocol, supported schema, and
Redfish Eventing implemented in iDRAC. It also provides guidelines for using the Dell Redfish APIs.
What is new in this release
This release of Redfish API supports the following features:
•Supports Redfish Specification v1.0*2 (errata)
•Supports Server Configuration Profile (SCP) files
Benefits
Redfish is a new global standard for open server management. It has the capabilities to support single servers, converged
infrastructure, and hyper—scale architecture. It provides the following benefits over existing server management methods:
•Increased simplicity and usability
•High data security
•Programmable interface that can be easily scripted
•Follows widely-used standards
Key Technologies
Redfish uses web and cloud-based technologies that enable communications with servers using common programming and scripting
languages such as Python, JAVA, and C. The key technologies are as follows:
•REpresentational State Transfer (REST) interface — REST is a web based API, which provides a way to interact with a system
over a normal web connection. It supports both HTTPS and HTTP.
•Java Script Notation (JSON) — JSON represents data in such a way that it is much easier to read than XML. It also provides
the formatting that is required for scripting languages to interface with the data.
•OData — It is important to standardize the data format when implementing a common interface across multiple vendors. OData
provides the required framework to ensure that the data structure remains interchangeable between server vendors.
Other documents you may need
In addition to this guide, the following documents available on the DMTF website provide additional information about Redfish.
•For information about Redfish Schema, see http://Redfish.dmtf.org/schemas/DSP8010_1.0.0.zip .
5
•For more information about Redfish Specification v1.0.2 (errata), see http://Redfish.dmtf.org/schemas/DSP8010_1.0.0.zip
•For information about Redfish API, see the DMTF Redfish white paper available at https://www.dmtf.org/sites/default/files/
standards/documents/DSP2044_1.0.0.pdf.
6
Redfish Based Systems Management
This section provides an overview of Redfish service implemented in the iDRAC firmware. It includes information about the Redfish
API, schema, configuration, authentication, authorization, and so on.
URL support
Redfish is a web-based API which implies that resources are accessed using client supplied URLs. URLs are required to identify
Redfish resources. The Redfish API uses a simple URL hierarchy which follows a /redfish/v1/ pattern for all resources. To
access a Redfish resource, use the URL pattern https://<iDRAC IP>/redfish/v1/<Resource Path>. For more
information on the supported resources, see
iDRAC:
•/redfish — URL for the Redfish version object.
•/redfish/v1 — Root URL for version 1 of Redfish services.
•/redfish/v1/odata — Redfish services expose an OData service document at this URI. This service document provides a
standard format for enumerating the resources that are exposed by the service by enabling all generic hypermedia-driven OData
clients to navigate to the resources of the service.
•/redfish/v1/$metadata — Redfish services expose a metadata document in XML format. This document describes the
resources and collections that are available at the service root URI. It also provides references to other metadata documents,
which describe the complete set of resource types that are exposed by the service.
•/redfish/v1/$metadata#<Collection or a Singleton resource> — Metadata URL specified as a part of
@odata.context property for all resources. This URL returns data in XML format.
•/redfish/v1/JsonSchemas — This URL returns data in JSON format. This returns a collection of JsonSchemaFile
resource instances.
•/redfish/v1/JsonSchemas/<resource URI> — The JSON Schema File resource instance describes the location
(URI) of a particular Redfish schema definition being implemented or referenced by a Redfish service. This URL returns data in
JSON format.
•/redfish/v1/<other resource specific URIs> — All instrumentation resources follow this pattern.
Redfish Resources. The following are the list of URI patterns that are supported by
NOTE: iDRAC's implementation of Redfish supports only HTTPs protocol. Earlier, the # was being parsed as # during
the execution, and due to this character being treated as a break characters by the code, and anything after # was
getting ignored. Now, # is automatically converted to %23. This allows the consoles or REST clients to use the URL
without any errors.
Redfish Configuration
You can configure the Redfish interface on iDRAC by enabling or disabling the iDRAC attribute. If this attribute is disabled, HTTP
requests to Redfish URIs will fail with a HTTP status code of 404 and an error message indicating that this attribute is currently
disabled.
NOTE: You do not need to restart the web server when enabling or disabling Redfish attribute.
Configuring Redfish service by using iDRAC web interface
To enable or disable the Redfish service on iDRAC, perform the following tasks:
1.In iDRAC web interface, click Overview → iDRAC Settings → Network → Services. The Services page is displayed.
2.Under Redfish, select the Enabled check box to enable the service. To disable the service, clear the check-box.
3.Click Apply to apply the changes.
Configuring Redfish service by using iDRAC RACADM
You can enable or disable the Redfish service using the iDRAC attribute iDRAC.Redfish.Enable (Read or Write).
Configuring Redfish service by using WS-MAN
7
The Redfish attribute iDRAC.Redfish.Enable is modeled under the existing DCIM_iDRACCardEnumeration class. You can
configure the Redfish service using existing methods such as SetAttribute, SetAttributes, and ApplyAttributes of
DCIM_iDRACCardService class.
Redfish Schema
This is the Schema definitions for Redfish resources. It is defined according to OData Schema representation that can be directly
translated to a JSON Schema representation.
Redfish Authentication and Authorization
For certain resources, Redfish clients may require to authenticate access. Redfish relies on the managed system for the required
credentials and supported forms of authentication. In iDRAC, authentication is based on local credentials and remote protocols such
as Active Directory and LDAP.
NOTE: You must have the required iDRAC license to use Active Directory and LDAP.
Authorization includes both user privilege and license authorization. The iDRAC Redfish support is included in all levels of iDRAC
licensing. The following table details the authentication and authorization required for each iDRAC Redfish action:
The Redfish service provides access to Redfish URLs by using the following methods:
•Basic authentication: In this method, user name and password are provided for each Redfish API request.
•Session based authentication: This method is used while issuing multiple Redfish operation requests.
– Session login is initiated by accessing the Create session URI. The response for this request includes an X-Auth-Token
header with a session token. Authentication for subsequent requests is made using the X-Auth-Token header.
– Session logout is performed by issuing a DELETE of the Session resource provided by the Login operation including the X-
Auth-Token header.
NOTE: The iDRAC firmware incorporates the concept of application sessions for various existing interfaces such as the
GUI, WSMAN, and RACADM. With the introduction of Redfish-specific sessions, Redfish inherits the characteristics of
web server sessions and the property Session Timeout inherits the web server session timeout value.
NOTE: To ensure a secure connection, Dell recommends using TLS 1.1 or later.
iDRAC Licensing
iDRAC Redfish support is included in all levels of iDRAC licensing. However, some of the iDRAC features require specific licenses. If
a required license is not present, certain Redfish APIs are not accessible and return a HTTP 403 status code. 403 implies that there
8
is no sufficient privileges. In other cases, some of the properties in certain resource may not be returned in a response. The service
may also return errors when such properties are modified. For information of specific license requirements for the resources, see
Redfish Resources.
HTTP Methods
The REST API allows you to specify the type of request. It adheres to the Create, Retrieve, Update, and Delete (CRUD) standard
format. The data is generated via access to URIs, which can be accessed by using the following HTTP methods:
•GET
•POST
•PUT
•PATCH
•DELETE
GET
Use the GET method to retrieve a representation of a resource. The representation can either be a single resource or a collection.
The service returns the resource representation by using one of the media types specified in the Accept header depending on the
media type requirement. If the Accept header is not present, the service returns the resource representations in the expected
format either as application/json or application/xml. The formats are supported by that resource as per the Redfish standard.
The HTTP GET method is used to retrieve a resource without causing any side effects. The service ignores the content of the body
on a GET. The GET operation is unchanged in the absence of external changes to the resource.
POST
Use the POST method to invoke actions and create a new resource. The POST request is submitted to the resource collection in
which the new resource belongs. Submitting a POST request to a resource representing a collection is equivalent to submitting the
same request to the Members property of that resource. Services that support adding members to a collection support both forms.
Services support the POST method for creating resources. If the resource does not support this, status code 405 is returned. The
body of the create request contains a representation of the object to be created. The service can ignore any service controlled
attributes such as ID, forcing those attributes for the service to be overridden. The service sets the Location header to the URI of
the newly created resource. The response to a successful create request is status code 201, which indicates the new resource has
been created and includes a response body containing the representation of the newly created resource.
PUT
Use the PUT method to replace the property values of a resource completely. Properties omitted from the request body are reset
to their default value. Services support the PUT method to replace a resource completely. If a service does not implement this
method, status code 405 is returned. Services may return a representation of the resource after any server-side transformations
occur in the body of the response. The PUT operation must be unchanged in the absence of external changes to the resource, with
the exception that the ETag values may change as a result of this operation.
PATCH
The PATCH method is the preferred method, which is used to perform updates on pre-existing resources. Changes to the resource
are sent in the request body. The PATCH request does not change the properties that are not specified in the request body. The
response is either empty or a representation of the resource after the update is done or a success code if the operation is done
successfully.. The implementation may reject the update operation on certain fields based on its own policies and does not apply any
of the requested updates.
9
DELETE
Use the DELETE method to remove a resource. Services support the DELETE method for resources that can be deleted. If the
resource cannot be deleted, status code 405 is returned. Services return a representation of the deleted resource in the response
body. Services may return status code 404 or a success code if the resource is deleted successfully.
HTTP Headers
The server response contains only basic information about related resources. Any metadata, which is required to process a request
or response is accessed by using HTTP headers. iDRAC supports the following request headers:
HeaderBehavior
If-MatchSupported for AccountService requests. Ignored for all other URIs.
If-None-MatchSupported for AccountService and metadata URIs. Ignored for all other URIs.
iDRAC supports the following response headers:
HeaderBehavior
Content-LengthReturned on all responses except those having Transfer-Encoding: chunked.
Content-TypeResponses other than OData metadata — application/json;charset=utf-8
OData responses — application/xml;charset=utf-8
ETagSupported on AccountService and metadata URIs.
LocationService sets this header when resources are created or when HTTP requests are
redirected to other resources.
Cache-ControlReturned on all responses. Metadata URIs support cached responses. Instrumentation
resources are not cacheable.
X-Auth-TokenUsed for authentication of user sessions. See “Session based authentication” under
Redfish Authentication and Authorization
HTTP Status Codes and Error Messages
HTTP defines status codes that can be returned in response messages. When the HTTP status code indicates a failure, the
response body contains an extended error resource, which provides meaningful and deterministic error semantics.
Dell Redfish service extended error information contains error or exception information that is unique to the Dell implementation. It
provides additional details and recommendations for error resolution. To learn more about extended error information, see the
iDRAC with Lifecycle Controller Dell Event Message Reference white paper available at http://en.community.dell.com/techcenter/
extras/m/white_papers/20442267.
For more information about supported status codes, see the Redfish Scalable Platforms Management API Specification document
available at https://www.dmtf.org/standards/redfish.
For more information about error messages, see the white papers available at https://www.dmtf.org/standards/redfish.
SSL Certificates of iDRAC
iDRAC includes a web server that is configured to use the industry-standard SSL security protocol to transfer encrypted data over a
network. Built upon asymmetric encryption technology, SSL is widely accepted for providing authenticated and encrypted
communication between clients and servers to prevent eavesdropping across a network. Redfish service reuses SSL certificate
installed on the iDRAC web server. The iDRAC web server has a Dell self-signed unique SSL digital certificate by default. You can
replace the default SSL certificate with a certificate signed by a well-known Certificate Authority (CA). SSL certificates can be
10
replaced using the iDRAC interfaces such as web interface, RACADM, or WS-MAN. For more information on managing SSL
certificates of iDRAC, see the latest iDRAC User’s Guide available at dell.com/idracmanuals.
Eventing
The Redfish service generates asynchronous notifications (events) that are defined by Redfish subscription for the eventing
service. These events are sent to an event destination by using HTTP POST method. Events are generated when some significant
change or error condition typically of time critical nature occurs. When an event occurs on the service, it notifies the clients. Redfish
service must be enabled and iDRAC must be configured to create event subscriptions and to gain read-only privilege for viewing
event subscriptions.
The iDRAC implementation of a Redfish service supports only HTTPS notifications. In certain situations, iDRAC may not be able to
verify certificates sent by a peer. To handle such situations, iDRAC can be configured to skip certificate verification by using the
attribute iDRAC.RedfishEventing.IgnoreCertificateErrors. This attribute can be configured to True or False
(Default) using RACADM or the WS-MAN interface. Set this attribute to True if certificate validation is not required.
NOTE: In this release, this attribute is read-only and is set to True.
Redfish service provides Lifecycle and Alert events. Lifecycle events may occur when resources are created, modified, or destroyed.
Alert events occur when a resource needs to indicate a significant event. This may be either directly or indirectly pertaining to the
resource. Examples of this kind of event are when a chassis is opened, button is pressed, cable is unplugged, or threshold is
exceeded. iDRAC supports up to 20 event subscriptions.
NOTE: In this release, iDRAC supports only Alert event notifications.
In case an event delivery fails, the event service of iDRAC retries delivering the failed event. The number of retries and delivery
intervals can be configured using the following attributes:
PowerEdge FX2/FX2s Chassis Management using iDRAC Redfish
On a PowerEdge FX2/FX2s chassis, iDRAC can monitor and manage chassis components such as fans, power supplies, and so on.
Redfish service provides information about chassis components when Chassis Management and Monitoring is set to Enabled on
iDRAC. This setting allows you to monitor and manage the chassis even if the CMC is not on the network. On an FX2/FX2s CMC,
ensure that the Chassis Management at Server setting is set to Monitor or Manage and Monitor. While this feature is enabled,
iDRAC also generates Redfish notifications for chassis events.
Configuring Chassis Management and Monitoring using iDRAC web interface