Skip to content

Virtual Media for Out-of-Band Management

OOB, or Out-of-Band Management, refers to a method of managing systems via a dedicated management channel that operates independently of the host operating system. This means administrators can manage the system even when the OS is unresponsive. It allows IT administrators to perform essential tasks such as rebooting devices, managing powered-down equipment, and resolving network issues without needing physical access. OOB management is crucial for maintaining network uptime and accessibility in large, distributed, or remote environments by providing a secure, always-on management channel independent of the operational network.

Virtual Media is a technology that allows users to access or map remote storage devices—such as ISO files, CD/DVDs, and USB drives—to a edge device as if they were physically connected to the edge device's USB port. This enables remote tasks like installing operating systems, performing firmware upgrades, transferring files, and running diagnostics.

1. Introduction

Virtual Media allows users to remotely mount given ISO/IMG drive images through OOB module to HOST. The remote drive is visible in HOST as USB storage device. It allows users to easily copy and move data between the remote storage and the host. With Virtual Media, users can perform OTA operations, BSP updates and even remote OS recovery on the host.

2. Technology Overview

Mode of Operation

Virtual Media operates in two modes: Proxy and Legacy. This document focuses on Legacy mode.

  • Proxy mode works directly from the browser and uses JavaScript/HTML5 to communicate over Secure WebSockets with the HTTPS endpoint hosted by the BMC web server.

  • Legacy mode is initiated from the browser using Redfish-defined VirtualMedia schemas. The BMC then connects to an external CIFS/HTTPS image specified during initialization.

Architecture

alt text

High-level component diagram

NBD (Network Block Device)

On Linux, the Network Block Device (NBD) protocol allows a block device (typically a hard disk or partition) to be forwarded from one machine to another over the network.

NBD server

The server-side component of the NBD protocol. It allows a Linux client to access a remote block device—such as a disk or disk image—as if it were a local virtual block device. The server exports storage and handles read/write requests from the NBD client, enabling remote access for virtual machine disks or local file systems.

NBD client

Establishes a connection to the NBD server, making the remote block device available on the client system.

USB Gadget

A Linux kernel feature that enables emulation of certain USB device classes via USB On-The-Go (OTG). In the case of Virtual Media, it emulates a USB mass storage device connected to the host.

Virtual Media Data Path Establishment Process

Step 1.
The client uses a browser to establish an HTTPS session with the web server via CIFS/HTTPS.

Step 2.
A new VirtualMedia mount point is created via a POST command.

Step 3.
VirtualMedia mounts the image from the CIFS/HTTPS location specified by the user.

Step 4.
VirtualMedia spawns an NBD server, mounting the image to /tmp/nbd.X.sock.

Step 5.
VirtualMedia spawns an NBD client, connecting /tmp/nbd.X.sock to /dev/nbdX.

Step 6.
VirtualMedia configures USB mass storage from /dev/nbdX.

Step 7.
The data path is successfully established.

3. Technical Details

Advanced Concepts

  1. Both the NBD server and NBD client run inside the OOB module, acting as proxies for the remote storage and the host, respectively.
  2. The NBD server and client communicate via a Unix socket.
  3. USB requests from the host are transmitted to the NBD client, forwarded to the NBD server, and then sent to the remote storage.
  4. USB response data flows from the remote storage to the NBD server, then to the NBD client, and finally to the host via USB.

Host-Side Communication Logic

  1. The OS opens the /dev/sdx device and initiates a read request. This request is captured by the NBD client via USB.
  2. The NBD client sends the request to the NBD server inside the OOB module.
  3. The NBD server forwards the request to the remote storage over the network.
  4. The remote storage reads the requested data and sends it back to the NBD server.
  5. The NBD server passes the data to the NBD client.
  6. The NBD client returns the data to the OS via USB.

4. Use Cases / Applications

  • OTA
  • BSP update
  • OS recovery

Virtual Media is used to attach remote storage media (such as an ISO image) to the edge device, allowing for remote OS installation or diagnostics as if the physical media were present. Meanwhile, Serial Over LAN (SOL) enables redirection of a edge device’s serial port I/O over the network, providing console access via an IP-based session. These are distinct but complementary remote management features available via the ERMI API, enabling console and media access even when the operating system is not running.

OTA and BSP update

With Virtual Media alone, users can securely perform OTA or BSP updates to the device remotely.

OS recovery

If an edge device fails to boot due to a corrupted boot image, users can use the SOL feature to change the boot source to Virtual Media and reinstall the OS from scratch.

5. Conclusion

This article explains the data path establishment process and host-side communication logic for Virtual Media. It enables administrators to perform remote tasks—such as OS installation, firmware updates, and diagnostics—without requiring physical access to the edge devices. This not only improves operational efficiency but also reduces security risks associated with using USB storage devices for local system recovery.

6. References

Enable secure, remote system recovery and updates with no physical access required. Simplify OS installation, firmware upgrades, and diagnostics anytime, anywhere.

Start managing your devices remotely with ERMI Virtual Media today. ERMI Series Product Page