Proposal for chassis 'obmc-chassis-blackout@.target'
Some OpenBMC systems have services they need run after a system blackout
occurs. This design change proposes a new target to coordinate these
services.
Signed-off-by: Corey Hardesty <corey.hardesty@icloud.com>
Change-Id: I7798b758a539bfae408ddf1d8422b144fcaf7a34
diff --git a/designs/power-recovery.md b/designs/power-recovery.md
index cd07987..9016f88 100644
--- a/designs/power-recovery.md
+++ b/designs/power-recovery.md
@@ -21,6 +21,11 @@
In these situations, the user may wish for the system to not automatically
power on the system, because they want to debug the reason for the BMC error.
+During blackout scenarios, system owners may have a set of services they need
+run once the power is restored. For example, IBM requires all LED's be toggled
+to off in a blackout. OpenBMC needs to provide a mechanism for system owners
+to run services in this scenario.
+
A brownout is another scenario that commonly utilizes automated power-on
recovery features. A brownout is a scenario where BMC firmware detects (or is
told) that chassis power can no longer be supported, but power to the BMC
@@ -88,6 +93,24 @@
- Not implement any power recovery policy on the system
- Turn power recovery back on once BMC has a normal reboot
+### Blackout
+A blackout occurs when AC power is cut from the system, resulting in a total
+loss of power if there is no UPS installed to keep the system on. To identify
+this scenario after a BMC reboot, chassis-state-manager will check to see what
+the last power state was before the loss of power and compares it against
+the pgood pin. Blackouts can be intentionally triggered by a user
+(i.e a pinhole reset) or in severe cases occur when there is some sort of
+an external outage. In either case the BMC must take into account this
+detrimental state.
+When this condition occurs, the BMC may(depending on configuration):
+- Provide a generic target, `obmc-chassis-blackout@.target` to be called when
+ a blackout is detected
+- Adhere to the current power restore policy
+
+BMC firmware must also be able to:
+- Discover why the system is in a blackout situation. From either loss of
+ power or user actions.
+
### Brownout
As noted above, a brownout condition is when AC power can not continue to be
supplied to the chassis, but the BMC can continue to have power and run.
@@ -167,6 +190,14 @@
if it sees the `PinholeReset` reason (or any other reason that indicates a user
initiated a reset of the system).
+### Blackout
+A new systemd target `obmc-chassis-blackout.target` should be added to
+allow system maintainers to call services in this condition. This new target
+will be called when the BMC detects a blackout. The target will allow for
+system owners to add their own specific services to this new target.
+Phosphor-chassis-state-manager will ensure `obmc-chassis-blackout.target` will
+be called after a blackout.
+
### Brownout
The existing `xyz.openbmc_project.State.Chassis` interface will be enhanced to
support a `CurrentPowerStatus` property. The existing