Skip to content

Build & Run RPC

Developed in Go* programming language, the Remote Provisioning Client (RPC) application runs on the managed device and communicates with the Remote Provisioning Server (RPS) microservice on the development system. The RPC and RPS configure and activate Intel® AMT on the managed device. Once properly configured, the remote managed device can call home to the Management Presence Server (MPS) by establishing a Client Initiated Remote Access (CIRA) connection with the MPS. See Figure 1.

Beta Version Instructions Ahead

This version of the RPC application contains functional enhancements. See Release Notes.

However, it is a Beta version release.

If you are unable to complete the installation below or you simply require an older release of the RPC, see Open AMT Cloud Toolkit 2.0:

Production Environment

In a production environment, RPC can be deployed with an in-band manageability agent to distribute it to the fleet of AMT devices. The in-band manageability agent can invoke RPC to run and activate the AMT devices.

Figure 1: RPC Configuration
Figure 1: RPC Configuration

Figure 1 Details

The RPC on a managed device communicates with the Intel® Management Engine Interface (Intel® MEI, previously known as HECI) Driver and the Remote Provisioning Server (RPS) interfaces. The Driver uses the Intel® MEI to talk to Intel® AMT. The RPC activates Intel® AMT with an AMT profile, which is associated with a CIRA configuration (Step 3). The profile, which also distinguishes between Client Control Mode (CCM) or Admin Control Mode (ACM), and configuration were created in Create a CIRA Config or Create an AMT Profile. After running RPC with a profile, Intel® AMT will establish a CIRA connection with the MPS (Step 4) allowing MPS to manage the remote device and issue AMT commands (Step 5).

Prerequisites

Before installing and building the RPC, install:

  • Go* Programming Language
  • tdm-gcc (On Windows* only)

    To install prerequisites on Linux*:

    1. See Go's Download and Install.
    2. Choose and download a distribution appropriate for your managed device and operating system (e.g., tar.gz).
    3. Extract the archive in the location indicated in Go's installation instructions.
    4. Follow the remaining instructions.

    To install prerequisites on Windows:

    1. See Go's Download and Install.
    2. Choose and download a distribution appropriate for your managed device and operating system (e.g., msi).
    3. Run the downloaded file and follow prompts to install.
    4. See tdm-gcc.
    5. Choose a version and download the .exe.
    6. Run the downloaded file and follow prompts to install. For a new installation, choose Create and accept all default installation options.

To verify Go and tdm-gcc installations:

  1. Open a Terminal or Command Prompt:
    go version
    
    For Windows only:
    gcc -v
    
  2. Confirm the version numbers.

Get the RPC

To clone the repository:

  1. Open a Terminal or Command Prompt and navigate to a directory of your choice for development:

    git clone https://github.com/open-amt-cloud-toolkit/rpc-go --branch v2.1.0
    

  2. Change to the cloned rpc-go directory:

    cd rpc-go
    

Build the RPC

To build the executable:

  1. Open a Terminal (Linux) or Powershell/Command Prompt as Administrator (Windows):

    sudo apt install build-essential
    
    go build -o rpc ./cmd
    

    go build -o rpc.exe ./cmd
    
    docker build -f "Dockerfile" -t rpc-go:latest .
    

    Note

    The image created with the Docker instruction above is only suitable for Docker on a Linux host.

    RPC Go Build Warnings

    You may see the go build command output a series of warnings similar to below. The binary still successfully built. These warnings show due to LMS, which is based on C, and it's interactions with AMT firmware. In the future, this may change.

    $ go build -o rpc ./cmd
    # rpc/internal/amt
    In file included from internal/amt/commands.go:14:
    internal/amt/../../microlms/heci/LMEConnection.c: In function 'LME_Init':
    internal/amt/../../microlms/heci/LMEConnection.c:129:24: warning: passing argument 1 of 'ILibSpawnNormalThread' from incompatible pointer type [-Wincompatible-pointer-types]
      129 |  ILibSpawnNormalThread((voidfp)(&LME_Thread), module);
      ...
    
  2. Confirm a successful build:

    sudo ./rpc version
    
    .\rpc version
    
    sudo docker run --device=/dev/mei0 rpc-go:latest version
    

Run RPC to Activate and Connect the AMT Device

The toolkit provides a reference implementation called the Sample Web UI to manage the device. After running device activation instructions below, your device will be listed on the Devices tab in the Sample Web UI.

To run the application and connect the managed device:

  1. After building the RPC, copy the executable to the managed device.

  2. On the managed device, open a Terminal (Linux) or Powershell/Command Prompt as Administrator (Windows).

  3. Navigate to the directory containing the RPC application.

  4. Running RPC with the activate command configures or provisions Intel® AMT. It will take 1-2 minutes to finish provisioning the device. In the instruction below:

    • Replace [Development-IP-Address] with the development system's IP address, where the MPS and RPS servers are running.
    • Replace [profile-name] with your created profile in the Sample Web UI. The RPC application command line parameters are case-sensitive.
    sudo ./rpc activate -u wss://[Development-IP-Address]/activate -n --profile [profilename]
    
    .\rpc activate -u wss://[Development-IP-Address]/activate -n --profile [profilename]
    
    sudo docker run --device=/dev/mei0 rpc-go:latest activate -u wss://[Development-IP-Address]/activate -n --profile [profilename]
    

    Note - RPC Arguments

    Find out more information about the flag and other arguments.

    Success

    Example Output after Activating and Configuring a device into ACM:

    Figure 1: RPC Success
    Figure 1: RPC Success

    Troubleshooting

    Run into an issue? Try these troubleshooting steps.

Transition Activated Device

If an Intel vPro® Platform has been previously activated, either in the BIOS or with another management solution or tool, it can be brought under Open AMT Cloud Toolkit control with the rpc-go application.

Additionally, use the following instructions to transition from a previously established toolkit stack to a fresh installation on a new development system.

Note

Use the following instructions to transition devices to either ACM or CCM profiles. You will need the AMT password.

Open AMT Cloud Toolkit increases security with multiple passwords. Find an explanation of toolkit passwords in Reference -> Architecture Overview.

To transition the activated device:

  1. Check the activation status with amtinfo flag:

    sudo ./rpc amtinfo
    
    .\rpc amtinfo
    
    sudo docker run --device=/dev/mei0 rpc-go:latest amtinfo
    

    The control mode indicates the managed device's state:

    • pre-provisioning or deactivated
    • activated in client control mode (CCM)
    • activated in admin control mode (ACM)
  2. Run the rpc-go application with the activate command and the password flag:

    sudo ./rpc activate -u wss://[Development-IP-Address]/activate -n -profile [profilename] -password [AMT password]
    
    .\rpc activate -u wss://[Development-IP-Address]/activate -n -profile [profilename] -password [AMT password]
    
    sudo docker run --device=/dev/mei0 rpc-go:latest activate -u wss://[Development-IP-Address]/activate -n -profile [profilename] -password [AMT password]
    

    Success

    To verify the managed devices list after transitioning, log into the Sample Web UI on the development system. Go to the Devices tab. Alternatively, learn how to list the managed devices via a REST API Call.

Back to top