[arcticgeek]

We have various Supermicro boards in production at work with BMCs from 2018 or so. The ATEN iKVM on them works just fine with a recent OpenJDK 11 and OpenWebStart. I’ve found that all the features work including mounting ISOs and doing remote upgrades. No need to whine about installing anything ancient or spreading ridiculous Java FUD.

[dijit]

Happy for you.

Sysadmin for 15 years here though, Java was always a problem. The version wasn't always the worst bit, but it was always an exercise in frustration.

Mostly security controls to blame, but I have had so many issues across so many systems that I cannot stand by and let you claim this is FUD about Java.

the .NET applets are also a problem (because who has a compatible IE version?), but they worked more consistently than the Java ones back in the day.

The HTML5 ones are the only ones that seem to work consistently; but that could be biased as HTML5 is much newer, so BMCs implementing that might be updated with more regularity. (or be more modern hardware)

[ilyt]

I keep VM with old java/ff precisley for some old shitty servers kvms

[dveeden2]

With current browsers Java applets are not supported anymore. Some older HPE systems the didn't update the firmware to provide alternatives.

I've seen multiple vendors with problematic code that didn't work with newer Java versions.

This is by no means meant to bash Java. Some non-Java BMCs can be horrible as well (e.g. require many TCP ports in a firewall/tunnel unfriendly way or require SSH with old algorithms that are no longer enabled by default, or telnet..)

[arcticgeek]

I‘ve really only had experience with Supermicro BMCs but I totally believe you that there are lots of crufty OOB environments in the wild which are hard to work with. While it’s true that applets don’t work anymore (probably a good thing), and therefore the experience isn‘t as integrated or seemless as it once was, it’s a practical matter to just log into the BMC and click on the console preview, using the JNLP file to launch the console via OpenWebStart as an independent application outside of the browser. One other thing is that the self signed certs from these older implementations are often expired and therefore throw an extra warning or two when you launch these interfaces, but you just click through them and carry on.

[ixs]

For fun: This actually runs the Java Applet KVM viewer on a SuperMicro X7 board: https://github.com/ixs/kvm-cli/blob/master/kvm_x7.py

1. Downloads the data from the IPMI interface

2. Modifies the files to run locally

3. Writes out a Java configuration with weak security settings so that TLS works with the deprecated ciphers.

4. Fires off a socat instance to redirect the localhost ports to the remote IPMI device.

5. Starts appletviewer locally.

Great fun writing that. Thank god we decomissioned the last X7 based storage appliances a while ago...