Cisco UCS Manager GUI Configuration Guide, Release 2.0 First Published: September 06, 2011 Last Modified: September 04, 2012 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTENTS Preface Preface xxxiii Audience xxxiii Conventions xxxiii Related Cisco UCS Documentation xxxv Documentation Feedback xxxv Obtaining Documentation and Submitting a Service Request xxxv PART I CHAPTER 1 Introduction 1 New and Changed Information 3 New and Changed Information for this Release 3 CHAPTER 2 Overview of Cisco Unified Computing System 9 About Cisco Unified Computing System 9 Unified Fabric 10 Fibre Channel over Ethernet 11 Link-Level Flow Control 11 Priority Flow Control 11 Server
Contents Boot Policy 15 Chassis Discovery Policy 16 Dynamic vNIC Connection Policy 19 Ethernet and Fibre Channel Adapter Policies 19 Global Cap Policy 20 Host Firmware Package 21 IPMI Access Profile 21 Local Disk Configuration Policy 22 Management Firmware Package 22 Management Interfaces Monitoring Policy 23 Network Control Policy 23 Power Control Policy 24 Power Policy 24 Quality of Service Policy 25 Rack Server Discovery Policy 25 Server Autoconfiguration Policy 25 Server Discovery Policy 25 Server Inhe
Contents UUID Suffix Pools 32 WWN Pools 32 Management IP Pool 33 Traffic Management 33 Oversubscription 33 Oversubscription Considerations 33 Guidelines for Estimating Oversubscription 34 Pinning 35 Pinning Server Traffic to Server Ports 35 Guidelines for Pinning 36 Quality of Service 37 System Classes 37 Quality of Service Policy 38 Flow Control Policy 38 Opt-In Features 38 Stateless Computing 38 Multi-Tenancy 39 Virtualization in Cisco UCS 40 Overview of Virtualization 40 Overview of Cisco Virtual Machin
Contents Status Bar 50 Table Customization 51 LAN Uplinks Manager 52 Internal Fabric Manager 52 Hybrid Display 53 Logging in to Cisco UCS Manager GUI through HTTPS 53 Logging in to Cisco UCS Manager GUI through HTTP 54 Logging Off Cisco UCS Manager GUI 54 Web Session Limits 55 Setting the Web Session Limit for Cisco UCS Manager 55 Pre-Login Banner 56 Creating the Pre-Login Banner 56 Modifying the Pre-Login Banner 56 Deleting the Pre-Login Banner 57 Cisco UCS Manager GUI Properties 57 Configuring the Cisco
Contents Enabling a Standalone Fabric Interconnect for Cluster Configuration 72 Ethernet Switching Mode 72 Configuring Ethernet Switching Mode 73 Fibre Channel Switching Mode 74 Configuring Fibre Channel Switching Mode 74 Changing the Properties of the Fabric Interconnects 75 Determining the Leadership Role of a Fabric Interconnect 76 CHAPTER 6 Configuring Ports and Port Channels 77 Server and Uplink Ports on the 6100 Series Fabric Interconnect 77 Unified Ports on the 6200 Series Fabric Interconnect 78 P
Contents Default Zoning 95 Enabling Default Zoning 96 Disabling Default Zoning 97 Uplink Ethernet Port Channels 97 Creating an Uplink Ethernet Port Channel 98 Enabling an Uplink Ethernet Port Channel 99 Disabling an Uplink Ethernet Port Channel 99 Adding Ports to and Removing Ports from an Uplink Ethernet Port Channel 99 Deleting an Uplink Ethernet Port Channel 100 Appliance Port Channels 100 Creating an Appliance Port Channel 100 Enabling an Appliance Port Channel 103 Disabling an Appliance Port Channel 1
Contents Disabling a Server Port with the Internal Fabric Manager 112 CHAPTER 7 Configuring Communication Services 113 Communication Services 113 Configuring CIM-XML 114 Configuring HTTP 115 Configuring HTTPS 115 Certificates, Key Rings, and Trusted Points 115 Creating a Key Ring 116 Creating a Certificate Request for a Key Ring 117 Creating a Trusted Point 118 Importing a Certificate into a Key Ring 119 Configuring HTTPS 119 Deleting a Key Ring 121 Deleting a Trusted Point 121 Configuring SNMP 121 Infor
Contents LDAP Group Rule 134 Configuring LDAP Providers 134 Configuring Properties for LDAP Providers 134 Creating an LDAP Provider 135 Changing the LDAP Group Rule for an LDAP Provider 139 Deleting an LDAP Provider 140 LDAP Group Mapping 140 Creating an LDAP Group Map 141 Deleting an LDAP Group Map 141 Configuring RADIUS Providers 142 Configuring Properties for RADIUS Providers 142 Creating a RADIUS Provider 142 Deleting a RADIUS Provider 144 Configuring TACACS+ Providers 144 Configuring Properties for TA
Contents Organizations in a Multi-Tenancy Environment 155 Hierarchical Name Resolution in a Multi-Tenancy Environment 156 Creating an Organization under the Root Organization 157 Creating an Organization under a Sub-Organization 158 Deleting an Organization 158 CHAPTER 10 Configuring Role-Based Access Control 159 Role-Based Access Control 159 User Accounts for Cisco UCS Manager 159 Guidelines for Cisco UCS Manager Usernames 160 Reserved Words: Locally Authenticated User Accounts 161 Guidelines for Cisco
Contents Disabling a User Account 176 Clearing the Password History for a Locally Authenticated User 177 Deleting a Locally Authenticated User Account 177 Password Profile for Locally Authenticated Users 177 Configuring the Maximum Number of Password Changes for a Change Interval 179 Configuring a No Change Interval for Passwords 179 Configuring the Password History Count 180 Monitoring User Sessions 180 CHAPTER 11 Managing Firmware 183 Overview of Firmware 183 Firmware Image Management 184 Firmware Imag
Contents Verifying the Status of I/O Modules 203 Verifying the Status of Servers 203 Verifying the Status of Adapters on Servers in a Chassis 204 Downloading and Managing Firmware Packages 204 Obtaining Software Bundles from Cisco 204 Downloading Firmware Images to the Fabric Interconnect from a Remote Location 206 Downloading Firmware Images to the Fabric Interconnect from the Local File System 207 Canceling an Image Download 208 Determining the Contents of a Firmware Package 209 Checking the Available Sp
Contents Adding Firmware Packages to an Existing Service Profile 229 Verifying Firmware Versions on Components 230 Managing the Capability Catalog 230 Capability Catalog 230 Contents of the Capability Catalog 230 Updates to the Capability Catalog 231 Activating a Capability Catalog Update 232 Verifying that the Capability Catalog Is Current 232 Viewing a Capability Catalog Provider 233 Downloading Individual Capability Catalog Updates 233 Obtaining Capability Catalog Updates from Cisco 233 Updating the Cap
Contents CHAPTER 14 Managing Licenses 247 Licenses 247 Obtaining the Host ID for a Fabric Interconnect 248 Obtaining a License 249 Downloading Licenses to the Fabric Interconnect from the Local File System 250 Downloading Licenses to the Fabric Interconnect from a Remote Location 251 Installing a License 252 Viewing the Licenses Installed on a Fabric Interconnect 253 Determining the Grace Period Available for a Port or Feature 255 Determining the Expiry Date of a License 256 Uninstalling a License 256 CH
Contents Disabling a Port Channel with the LAN Uplinks Manager 269 Adding Ports to a Port Channel with the LAN Uplinks Manager 269 Removing Ports from a Port Channel with the LAN Uplinks Manager 270 Deleting a Port Channel with the LAN Uplinks Manager 270 Configuring LAN Pin Groups 270 Creating a Pin Group with the LAN Uplinks Manager 270 Deleting a Pin Group with the LAN Uplinks Manager 271 Configuring Named VLANs 271 Creating a Named VLAN with the LAN Uplinks Manager 271 Deleting a Named VLAN with the LA
Contents Quality of Service 297 Configuring System Classes 297 System Classes 297 Configuring QoS System Classes 298 Enabling a QoS System Class 300 Disabling a QoS System Class 300 Configuring Quality of Service Policies 301 Quality of Service Policy 301 Creating a QoS Policy 301 Deleting a QoS Policy 303 Configuring Flow Control Policies 304 Flow Control Policy 304 Creating a Flow Control Policy 304 Deleting a Flow Control Policy 305 CHAPTER 21 Configuring Network-Related Policies 307 Configuring vNIC
Contents Configuring Cisco UCS for Upstream Disjoint L2 Networks 324 Creating a VLAN for an Upstream Disjoint L2 Network 325 Assigning Ports and Port Channels to VLANs 327 Removing Ports and Port Channels from VLANs 328 Viewing Ports and Port Channels Assigned to VLANs 329 Storage Configuration 331 PART IV CHAPTER 23 Configuring Named VSANs 333 Named VSANs 333 Fibre Channel Uplink Trunking for Named VSANs 334 Guidelines and Recommendations for VSANs 334 Creating a Named VSAN 335 Creating a Storage VSAN
Contents Adding a WWN Block to a WWPN Pool 351 Deleting a WWN Block from a WWPN Pool 351 Adding a WWPN Initiator to a WWPN Pool 352 Deleting a WWPN Initiator from a WWPN Pool 353 Deleting a WWPN Pool 353 CHAPTER 26 Configuring Storage-Related Policies 355 Configuring vHBA Templates 355 vHBA Template 355 Creating a vHBA Template 355 Deleting a vHBA Template 357 Binding a vHBA to a vHBA Template 357 Unbinding a vHBA from a vHBA Template 358 Configuring Fibre Channel Adapter Policies 358 Ethernet and Fibre
Contents Configuring a Blade Server to Use a Static IP Address 374 Configuring a Blade Server to Use the Management IP Pool 374 Configuring the Management IP Address on a Rack Server 375 Configuring a Rack Server to Use a Static IP Address 375 Configuring a Rack Server to Use the Management IP Pool 376 Setting the Management IP Address on a Service Profile 376 Setting the Management IP Address on a Service Profile Template 377 Configuring the Management IP Pool 377 Management IP Pool 377 Creating an IP Add
Contents Guidelines for all Local Disk Configuration Policies 407 Guidelines for Local Disk Configuration Policies Configured for RAID 408 Creating a Local Disk Configuration Policy 410 Changing a Local Disk Configuration Policy 412 Deleting a Local Disk Configuration Policy 413 Configuring Scrub Policies 413 Scrub Policy 413 Creating a Scrub Policy 414 Deleting a Scrub Policy 415 Configuring Serial over LAN Policies 415 Serial over LAN Policy 415 Creating a Serial over LAN Policy 415 Deleting a Serial ove
Contents vNIC/vHBA Placement Policies 429 vCon to Adapter Placement 430 vNIC/vHBA to vCon Assignment 430 Creating a vNIC/vHBA Placement Policy 433 Deleting a vNIC/vHBA Placement Policy 434 Explicitly Assigning a vNIC to a vCon 434 Explicitly Assigning a vHBA to a vCon 435 CHAPTER 30 Configuring Server Boot 439 Boot Policy 439 Creating a Boot Policy 440 SAN Boot 441 Configuring a SAN Boot for a Boot Policy 441 iSCSI Boot 443 iSCSI Boot Process 444 iSCSI Boot Guidelines and Prerequisites 444 Enabling MPIO
Contents Configuring a LAN Boot for a Boot Policy 465 Local Disk Boot 465 Configuring a Local Disk Boot for a Boot Policy 466 Virtual Media Boot 466 Configuring a Virtual Media Boot for a Boot Policy 466 Deleting a Boot Policy 467 CHAPTER 31 Deferring Deployment of Service Profile Updates 469 Deferred Deployment of Service Profiles 469 Deferred Deployment Schedules 470 Maintenance Policy 470 Pending Activities 471 Guidelines and Limitations for Deferred Deployment 471 Configuring Schedules 472 Creating a
Contents Creating Service Profiles 489 Creating a Service Profile with the Expert Wizard 489 Page 1: Identifying the Service Profile 490 Page 2: Configuring the Storage Options 491 Page 3: Configuring the Networking Options 496 Page 4: Setting the vNIC/vHBA Placement 502 Page 5: Setting the Server Boot Order 504 Page 6: Adding the Maintenance Policy 507 Page 7: Specifying the Server Assignment 509 Page 8: Adding Operational Policies 511 Creating a Service Profile that Inherits Server Identity 513 Creating
Contents Resetting the UUID Assigned to a Service Profile from a Pool in a Service Profile Template 549 Modifying the Boot Order in a Service Profile 550 Creating a vNIC for a Service Profile 553 Resetting the MAC Address Assigned to a vNIC from a Pool in a Service Profile Template 555 Deleting a vNIC from a Service Profile 556 Creating a vHBA for a Service Profile 556 Changing the WWPN for a vHBA 559 Resetting the WWPN Assigned to a vHBA from a Pool in a Service Profile Template 560 Clearing Persistent Bi
Contents Power Control Policy 569 Creating a Power Control Policy 569 Deleting a Power Control Policy 570 Configuring Manual Blade-Level Power Capping 570 Manual Blade-Level Power Capping 570 Setting the Blade-Level Power Cap for a Server 571 Viewing the Blade-Level Power Cap 572 System Management 573 PART VI CHAPTER 34 Managing Time Zones 575 Time Zones 575 Setting the Time Zone 575 Adding an NTP Server 576 Deleting an NTP Server 576 CHAPTER 35 Managing the Chassis 577 Chassis Management in Cisco UC
Contents Booting a Server from the Service Profile 587 Determining the Boot Order of a Blade Server 587 Shutting Down Blade Servers 588 Shutting Down a Blade Server 588 Shutting Down a Server from the Service Profile 588 Resetting a Blade Server 589 Avoiding Unexpected Server Power Changes 590 Reacknowledging a Blade Server 591 Removing a Server from a Chassis 591 Decommissioning a Blade Server 592 Recommissioning a Blade Server 593 Reacknowledging a Server Slot in a Chassis 593 Removing a Non-Existent Bla
Contents Renumbering a Rack-Mount Server 606 Removing a Non-Existent Rack-Mount Server from the Configuration Database 607 Turning the Locator LED for a Rack-Mount Server On and Off 607 Resetting the CMOS for a Rack-Mount Server 608 Resetting the CIMC for a Rack-Mount Server 608 Recovering the Corrupt BIOS on a Rack-Mount Server 609 Viewing the POST Results for a Rack-Mount Server 610 Issuing an NMI from a Rack-Mount Server 610 CHAPTER 38 Starting the KVM Console 611 KVM Console 611 Virtual KVM Console 6
Contents Creating an Import Operation 626 Running an Import Operation 629 Modifying an Import Operation 630 Deleting One or More Import Operations 630 Restoring the Configuration for a Fabric Interconnect 631 CHAPTER 41 Recovering a Lost Password 633 Recovering a Lost Password 633 Password Recovery for the Admin Account 633 Determining the Leadership Role of a Fabric Interconnect 634 Verifying the Firmware Versions on a Fabric Interconnect 634 Recovering the Admin Account Password in a Standalone Configu
Contents Support for Disk Drive Monitoring 658 Prerequisites for Disk Drive Monitoring 659 Viewing the Status of a Disk Drive 659 Interpreting the Status of a Monitored Disk Drive 660 CHAPTER 44 Configuring Statistics-Related Policies 663 Configuring Statistics Collection Policies 663 Statistics Collection Policy 663 Modifying a Statistics Collection Policy 664 Configuring Statistics Threshold Policies 666 Statistics Threshold Policy 666 Creating a Server and Server Component Threshold Policy 666 Adding
Contents Configuring Call Home Policies 688 Call Home Policies 688 Configuring a Call Home Policy 688 Disabling a Call Home Policy 689 Enabling a Call Home Policy 690 Deleting a Call Home Policy 690 Example: Configuring Call Home for Smart Call Home 690 Configuring Smart Call Home 690 Configuring the Default Cisco TAC-1 Profile 692 Configuring System Inventory Messages for Smart Call Home 693 Registering Smart Call Home 694 CHAPTER 46 Managing the System Event Log 695 System Event Log 695 Viewing the Sys
Contents Cisco UCS Manager GUI Configuration Guide, Release 2.
Preface This preface includes the following sections: • Audience, page xxxiii • Conventions, page xxxiii • Related Cisco UCS Documentation, page xxxv • Documentation Feedback, page xxxv • Obtaining Documentation and Submitting a Service Request, page xxxv Audience This guide is intended primarily for data center administrators with responsibilities and expertise in one or more of the following: • Server administration • Storage administration • Network administration • Network security Conventions This do
Preface Conventions Note Tip Convention Indication courierfont Terminal sessions and information that the system displays appear in courier font. [] Elements in square brackets are optional. {x | y | z} Required alternative keywords are grouped in braces and separated by vertical bars. [x | y | z] Optional alternative keywords are grouped in brackets and separated by vertical bars. string A nonquoted set of characters.
Preface Related Cisco UCS Documentation Related Cisco UCS Documentation Documentation Roadmaps For a complete list of all B-Series documentation, see the Cisco UCS B-Series Servers Documentation Roadmap available at the following URL: http://www.cisco.com/go/unifiedcomputing/b-series-doc. For a complete list of all C-Series documentation, see the Cisco UCS C-Series Servers Documentation Roadmap available at the following URL: http://www.cisco.com/go/unifiedcomputing/c-series-doc .
Preface Obtaining Documentation and Submitting a Service Request Cisco UCS Manager GUI Configuration Guide, Release 2.
PART I Introduction • New and Changed Information, page 3 • Overview of Cisco Unified Computing System, page 9 • Overview of Cisco UCS Manager, page 43 • Overview of Cisco UCS Manager GUI, page 47
CHAPTER 1 New and Changed Information This chapter includes the following sections: • New and Changed Information for this Release, page 3 New and Changed Information for this Release The following table provides an overview of the significant changes to this guide for this current release. The table does not provide an exhaustive list of all changes made to the configuration guides or of the new features in this release.
New and Changed Information for this Release Table 2: New Features and Significant Behavioral Changes in Cisco UCS, Release 2.0(2) Feature Description Where Documented IQN Pools Adds support for IQN pools in Cisco UCS domains configured for iSCSI boot. iSCSI Boot, on page 443 Adapter Port Channels Enables you to group all the physical Configuring Ports and Port links from a Cisco UCS Virtual Channels, on page 77 Interface Card (VIC) to an I/O Module into one logical link.
New and Changed Information for this Release Feature Description Where Documented iSCSI Boot iSCSI boot enables a server to boot its iSCSI Boot, on page 443 operating system from an iSCSI target machine located remotely over a network. Licensing Updated information for new UCS hardware. Pre-login Banner Displays user-defined banner text prior Pre-Login Banner, on page 56 to login when a user logs into Cisco UCS Manager using the GUI or CLI.
New and Changed Information for this Release Feature Description Where Documented Virtual Interface Card Drivers Cisco UCS Virtual Interface Card This feature is now (VIC) drivers facilitate communication documented in the following between supported operating systems installation guides: and Cisco UCS Virtual Interface Cards • Cisco UCS Manager (VICs).
New and Changed Information for this Release Feature Description Where Documented VM-FEX Integration for KVM (Red Hat Linux) Cisco Virtual Machine Fabric Extender This feature is documented in (VM-FEX) for VMware provides the following configuration external switching for virtual machines guides: running on a KVM Linux-based • Cisco UCS Manager hypervisor in a Cisco UCS domain.
New and Changed Information for this Release Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 2 Overview of Cisco Unified Computing System This chapter includes the following sections: • About Cisco Unified Computing System , page 9 • Unified Fabric, page 10 • Server Architecture and Connectivity, page 12 • Traffic Management, page 33 • Opt-In Features, page 38 • Virtualization in Cisco UCS , page 40 About Cisco Unified Computing System Cisco Unified Computing System (Cisco UCS) fuses access layer networking and servers.
Unified Fabric High Availability The management and data plane of Cisco UCS is designed for high availability and redundant access layer fabric interconnects. In addition, Cisco UCS supports existing high availability and disaster recovery solutions for the data center, such as data replication and application-level clustering technologies. Scalability A single Cisco UCS domain supports multiple chassis and their servers, all of which are administered through one Cisco UCS Manager.
Unified Fabric At the fabric interconnect, the server-facing Ethernet port receives the Ethernet and Fibre Channel traffic. The fabric interconnect (using Ethertype to differentiate the frames) separates the two traffic types. Ethernet frames and Fibre Channel frames are switched to their respective uplink interfaces. Fibre Channel over Ethernet Cisco UCS leverages Fibre Channel over Ethernet (FCoE) standard protocol to deliver Fibre Channel.
Server Architecture and Connectivity Server Architecture and Connectivity Overview of Service Profiles Service profiles are the central concept of Cisco UCS. Each service profile serves a specific purpose: ensuring that the associated server hardware has the configuration required to support the applications it will host. The service profile maintains configuration information about the server hardware, interfaces, fabric connectivity, and server and network identity.
Server Architecture and Connectivity You do not need to configure these hardware components directly. Server Identity Management through Service Profiles You can use the network and device identities burned into the server hardware at manufacture or you can use identities that you specify in the associated service profile either directly or through identity pools, such as MAC, WWN, and UUID.
Server Architecture and Connectivity such as UUID and MAC address, on the new server are overwritten with the configuration in the service profile. As a result, the change in server is transparent to your network. You do not need to reconfigure any component or application on your network to begin using the new server.
Server Architecture and Connectivity Service Profile Templates With a service profile template, you can quickly create several service profiles with the same basic parameters, such as the number of vNICs and vHBAs, and with identity information drawn from the same pools. Tip If you need only one service profile with similar values to an existing service profile, you can clone a service profile in the Cisco UCS Manager GUI.
Server Architecture and Connectivity • Location from which the server boots • Order in which boot devices are invoked For example, you can choose to have associated servers boot from a local device, such as a local disk or CD-ROM (VMedia), or you can select a SAN boot or a LAN (PXE) boot. You must include this policy in a service profile, and that service profile must be associated with a server for it to take effect.
Server Architecture and Connectivity Table 4: Chassis Discovery Policy and Chassis Links Number of 1-Link Chassis 2-Link Chassis 4-Link Chassis 8-Link Chassis Links Wired Discovery Discovery Discovery Discovery Policy for the Chassis Policy Policy Policy Platform-Max Discovery Policy 1 link between IOM and fabric interconnects Chassis is discovered by Cisco UCS Manager and added to the Cisco UCS domain as a chassis wired with 1 link.
Server Architecture and Connectivity Number of 1-Link Chassis 2-Link Chassis 4-Link Chassis 8-Link Chassis Links Wired Discovery Discovery Discovery Discovery Policy for the Chassis Policy Policy Policy 4 links between IOM and fabric interconnects 8 links between IOM and fabric interconnects Chassis is discovered by Cisco UCS Manager and added to the Cisco UCS domain as a chassis wired with 1 link.
Server Architecture and Connectivity are grouped in a fabric port channel. If set to no group, links from the IOM to the fabric interconnect are not grouped in a fabric port channel. Once a fabric port channel is created, links can be added or removed by changing the link group preference and reacknowledging the chassis, or by enabling or disabling the chassis from the port channel.
Server Architecture and Connectivity Note For Fibre Channel adapter policies, the values displayed by Cisco UCS Manager may not match those displayed by applications such as QLogic SANsurfer. For example, the following values may result in an apparent mismatch between SANsurfer and Cisco UCS Manager: • Max LUNs Per Target—SANsurfer has a maximum of 256 LUNs and does not display more than that number. Cisco UCS Manager supports a higher maximum number of LUNs.
Server Architecture and Connectivity Host Firmware Package This policy enables you to specify a set of firmware versions that make up the host firmware package (also known as the host firmware pack). The host firmware includes the following firmware for server and adapter endpoints: • Adapter • BIOS • Board Controller • FC Adapters • HBA Option ROM • Storage Controller Tip You can include more than one type of firmware in the same host firmware package.
Server Architecture and Connectivity Local Disk Configuration Policy This policy configures any optional SAS local drives that have been installed on a server through the onboard RAID controller of the local drive. This policy enables you to set a local disk mode for all servers that are associated with a service profile that includes the local disk configuration policy. The local disk modes include the following: • No Local Storage—For a diskless server or a SAN only configuration.
Server Architecture and Connectivity Management Interfaces Monitoring Policy This policy defines how the mgmt0 Ethernet interface on the fabric interconnect should be monitored. If Cisco UCS detects a management interface failure, a failure report is generated. If the configured number of failure reports is reached, the system assumes that the management interface is unavailable and generates a fault. By default, the management interfaces monitoring policy is disabled.
Server Architecture and Connectivity default behavior directs Cisco UCS Manager to bring the remote Ethernet interface down if the associated border port fails. In this scenario, any vFibreChannel interfaces that are bound to the remote Ethernet interface are brought down as well. Note Cisco UCS Manager, release 1.4(2) and earlier did not enforce the Action on Uplink Fail property for those types of non-VM-FEX capable converged network adapters mentioned above.
Server Architecture and Connectivity For more information about power supply redundancy, see Cisco UCS 5108 Server Chassis Hardware Installation Guide. Quality of Service Policy A quality of service (QoS) policy assigns a system class to the outgoing traffic for a vNIC or vHBA. This system class determines the quality of service for that traffic. For certain adapters you can also specify additional controls on the outgoing traffic, such as burst and rate.
Server Architecture and Connectivity Server Inheritance Policy This policy is invoked during the server discovery process to create a service profile for the server. All service profiles created from this policy use the values burned into the blade at manufacture.
Server Architecture and Connectivity • Server inheritance policy • Server pool policy vHBA Template This template is a policy that defines how a vHBA on a server connects to the SAN. It is also referred to as a vHBA SAN connectivity template. You need to include this policy in a service profile for it to take effect. VM Lifecycle Policy The VM lifecycle policy determines how long Cisco UCS Manager retains offline VMs and offline dynamic vNICs in its database.
Server Architecture and Connectivity vNIC/vHBA Placement Policies vNIC/vHBA placement policies are used to determine what types of vNICs or vHBAs can be assigned to the physical adapters on a server. Each vNIC/vHBA placement policy contains four virtual network interface connections (vCons) that are virtual representations of the physical adapters.
Server Architecture and Connectivity Flow Control Policy Flow control policies determine whether the uplink Ethernet ports in a Cisco UCS domain send and receive IEEE 802.3x pause frames when the receive buffer for a port fills. These pause frames request that the transmitting port stop sending data for a few milliseconds until the buffer clears.
Server Architecture and Connectivity BIOS Settings Scrub One of the following occurs to the BIOS settings when a service profile containing the scrub policy is disassociated from a server: • If enabled, erases all BIOS settings for the server and and resets them to the BIOS defaults for that server type and vendor • If disabled, preserves the existing BIOS settings on the server Serial over LAN Policy This policy sets the configuration for the serial over LAN connection for all servers associated with ser
Server Architecture and Connectivity the policy to raise an alarm if the CPU temperature exceeds a certain value, or if a server is overutilized or underutilized. These threshold policies do not control the hardware or device-level thresholds enforced by endpoints, such as the CIMC. Those thresholds are burned in to the hardware components at manufacture.
Server Architecture and Connectivity you do not have to manually configure the MAC addresses to be used by the server associated with the service profile. In a system that implements multi-tenancy, you can use the organizational hierarchy to ensure that MAC pools can only be used by specific applications or business services. Cisco UCS Manager uses the name resolution policy to assign MAC addresses from the pool. To assign a MAC address to a server, you must include the MAC pool in a vNIC policy.
Traffic Management Management IP Pool The management IP pool is a collection of external IP addresses. Cisco UCS Manager reserves each block of IP addresses in the management IP pool for external access that terminates in the CIMC on a server. You can configure service profiles and service profile templates to use IP addresses from the management IP pool. You cannot configure servers to use the management IP pool.
Traffic Management For the 6200 series fabric interconnects running Cisco UCS Manager, version 2.0 and higher, Ethernet uplink ports and Fibre Channel uplink ports are both configurable on the base module, as well as on the expansion module. For example, if you have two Cisco UCS 5100 series chassis that are fully populated with half width Cisco UCS B200-M1 servers, you have 16 servers. In a cluster configuration, with one LAN uplink per fabric interconnect, these 16 servers share 20GbE of LAN bandwidth.
Traffic Management Network Type The network type is only relevant to traffic on uplink ports, because FCoE does not exist outside Cisco UCS. The rest of the data center network only differentiates between LAN and SAN traffic. Therefore, you do not need to take the network type into consideration when you estimate oversubscription of a fabric interconnect port. Pinning Pinning in Cisco UCS is only relevant to uplink ports.
Traffic Management Links on Chassis Link 1 / Fabric Port Channel Link 2 Link 3 Link 4 Link 5 Link 6 Link 7 Link 8 2 links Server Server None slots 1, 3, slots 2, 4, 5, and 7 6, and 8 None None None None None 4 links Server Server Server Server None slots 1 and slots 2 and slots 3 and slots 4 and 5 6 7 8 None None None 8 links Server slot 1 Fabric Port Channel All server N/A slots Server slot 2 Server slot 3 Server slot 4 Server slot 5 Server slot 6 Server slot 7 Server slot 8
Traffic Management Quality of Service Cisco UCS provides the following methods to implement quality of service: • System classes that specify the global configuration for certain types of traffic across the entire system • QoS policies that assign system classes for individual vNICs • Flow control policies that determine how uplink Ethernet ports handle pause frames System Classes Cisco UCS uses Data Center Ethernet (DCE) to handle all traffic inside a Cisco UCS domain.
Opt-In Features Quality of Service Policy A quality of service (QoS) policy assigns a system class to the outgoing traffic for a vNIC or vHBA. This system class determines the quality of service for that traffic. For certain adapters you can also specify additional controls on the outgoing traffic, such as burst and rate. You must include a QoS policy in a vNIC policy or vHBA policy and then include that policy in a service profile to configure the vNIC or vHBA.
Opt-In Features • MAC address (used for LAN connectivity) • World Wide Names (used for SAN connectivity) • Boot settings Stateless computing creates a dynamic server environment with highly flexible servers. Every physical server in a Cisco UCS domain remains anonymous until you associate a service profile with it, then the server gets the identity configured in the service profile.
Virtualization in Cisco UCS access any policies in the Finance organization. However, both Finance and HR can use policies and pools in the root organization.
Virtualization in Cisco UCS Overview of Cisco Virtual Machine Fabric Extender A virtualized server implementation consists of one or more VMs running as 'guests' on a single physical server. The guest VMs are hosted and managed by a software layer called the hypervisor or virtual machine manager (VMM). The hypervisor typically presents a virtual network interface to each VM and performs Layer 2 switching of traffic from a VM to other local VMs or to a physical interface to the external network.
Virtualization in Cisco UCS Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 3 Overview of Cisco UCS Manager This chapter includes the following sections: • About Cisco UCS Manager , page 43 • Tasks You Can Perform in Cisco UCS Manager , page 44 • Tasks You Cannot Perform in Cisco UCS Manager , page 46 • Cisco UCS Manager in a High Availability Environment, page 46 About Cisco UCS Manager Cisco UCS Manager is the management system for all components in a UCS Manager. Cisco UCS Manager runs within the fabric interconnect.
Tasks You Can Perform in Cisco UCS Manager Centralized Management Cisco UCS Manager centralizes the management of resources and devices, rather than using multiple management points. This centralized management includes management of the following devices in a Cisco UCS domain: • Fabric interconnects. • Software switches for virtual servers. • Power and environmental management for chassis and servers.
Tasks You Can Perform in Cisco UCS Manager • Ports • Interface cards • I/O modules Cisco UCS Resource Management You can use Cisco UCS Manager to create and manage all resources within a Cisco UCS domain, including the following: • Servers • WWN addresses • MAC addresses • UUIDs • Bandwidth Server Administration A server administrator can use Cisco UCS Manager to perform server management tasks within a Cisco UCS domain, including the following: • Create server pools and policies related to those pools, su
Tasks You Cannot Perform in Cisco UCS Manager • Create the pools and policies related to the network configuration, such as WWN pools and Fibre Channel adapter profiles Tasks You Cannot Perform in Cisco UCS Manager You cannot use Cisco UCS Manager to perform certain system management tasks that are not specifically related to device management within a Cisco UCS domain.
CHAPTER 4 Overview of Cisco UCS Manager GUI This chapter includes the following sections: • Overview of Cisco UCS Manager GUI , page 47 • Logging in to Cisco UCS Manager GUI through HTTPS, page 53 • Logging in to Cisco UCS Manager GUI through HTTP, page 54 • Logging Off Cisco UCS Manager GUI , page 54 • Web Session Limits, page 55 • Pre-Login Banner, page 56 • Cisco UCS Manager GUI Properties, page 57 • Determining the Acceptable Range of Values for a Field, page 60 • Determining Where a Policy Is Used, p
Overview of Cisco UCS Manager GUI Fault Summary Area The Fault Summary area displays in the upper left of Cisco UCS Manager GUI. This area displays a summary of all faults that have occurred in the Cisco UCS domain. Each type of fault is represented by a different icon. The number below each icon indicates how many faults of that type have occurred in the system. If you click an icon, Cisco UCS Manager GUI opens the Faults tab in the Work area and displays the details of all faults of that type.
Overview of Cisco UCS Manager GUI The major nodes below the Equipment node in this tab are the following: • Chassis • Fabric Interconnects Servers Tab This tab contains the server-related components, such as service profiles, polices, and pools. A server administrator typically accesses and manages the components on this tab.
Overview of Cisco UCS Manager GUI Admin Tab This tab contains system-wide settings, such as user manager and communication services, and troubleshooting components, such as faults and events. The system administrator typically accesses and manages the components on this tab.
Overview of Cisco UCS Manager GUI On the left, the status bar displays the following information about your current session in Cisco UCS Manager GUI: • A lock icon that indicates the protocol you used to log in. If the icon is locked, you connected with HTTPS and if the icon is unlocked, you connected with HTTP. • The username you used to log in. • The IP address of the server where you logged in. On the right, the status bar displays the system time.
Overview of Cisco UCS Manager GUI Name Description Wildcard option The criteria you enter can include one of the following wildcards: • _ (underscore) or ? (question mark)—replaces a single character • % (percent sign) or * (asterisk)—replaces any sequence of characters Less Than option Displays only that content in the column which is less than the value specified. Less Than Or Equal option Displays only that content in the column which is less than or equal to the value specified.
Logging in to Cisco UCS Manager GUI through HTTPS Hybrid Display For each chassis in a Cisco UCS domain, Cisco UCS Manager GUI provides a hybrid display that includes both physical components and connections between the chassis and the fabric interconnects. This tab displays detailed information about the connections between the selected chassis and the fabric interconnects.
Logging in to Cisco UCS Manager GUI through HTTP a) (Optional) Check the check box to accept all content from Cisco. b) Click Yes to accept the certificate and continue. Step 6 In the Login dialog box, do the following: a) Enter your username and password. b) If your Cisco UCS implementation includes multiple domains, select the appropriate domain from the Domain drop-down list. c) Click Login.
Web Session Limits Cisco UCS Manager GUI blurs on your screen to indicate that you cannot use it and displays the Exit dialog box. Step 2 From the drop-down list, select one of the following: • Exit to log out and shut down Cisco UCS Manager GUI. • Log Off to log out of Cisco UCS Manager GUI and log in a different user. Step 3 Click OK.
Pre-Login Banner Pre-Login Banner With a pre-login banner, when a user logs into Cisco UCS Manager GUI, Cisco UCS Manager displays the banner text in the Create Pre-Login Banner dialog box and waits until the user dismisses that dialog box before it prompts for the username and password. When a user logs into Cisco UCS Manager CLI, Cisco UCS Manager displays the banner text in a dialog box and waits for the user to dismiss that dialog box before it prompts for the password.
Cisco UCS Manager GUI Properties Deleting the Pre-Login Banner Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management. Click the User Services node. In the Work pane, click the Banners tab. Step 5 Step 6 In the Actions area, click Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Cisco UCS Manager GUI Properties Name Description Log Level drop-down list The amount of Java message logging done for Cisco UCS Manager GUI on the user's local machine. This can be one of the following: • All—All relevant Java information for the GUI is logged. There can be a maximum of 10 log files, each of which can be a maximum of 10 MB in size. Once the final file has been filled, Cisco UCS Manager deletes the oldest log file and starts a new one.
Cisco UCS Manager GUI Properties Step 4 Name Description Confirm Successful Operations check box If checked, Cisco UCS Manager GUI displays a confirmation when operations are successful. Click OK. Configuring Properties for External Applications Cisco UCS Manager GUI uses these properties to connect with external applications, such as SSH. Procedure Step 1 In the toolbar, click Options to open the Properties dialog box. Step 2 Step 3 In the right pane, click External Applications.
Determining the Acceptable Range of Values for a Field Name Description Max History Size field The number of tabs the system should store in memory for use with the Forward and Back toolbar buttons. Right Aligned Labels check box If checked, all labels are right-aligned with respect to one another. Otherwise all labels are left-aligned.
Determining Where a Pool Is Used Procedure Step 1 In the Navigation pane, click the policy whose usage you want to view. Step 2 In the Work pane, click the General tab. Step 3 In the Actions area, click Show Policy Usage. Cisco UCS Manager GUI displays the Service Profiles/Templates dialog box that shows the associated service profiles and service profile templates.
Copying the XML Cisco UCS Manager GUI Configuration Guide, Release 2.
PART II System Configuration • Configuring the Fabric Interconnects, page 65 • Configuring Ports and Port Channels, page 77 • Configuring Communication Services, page 113 • Configuring Authentication, page 131 • Configuring Organizations, page 155 • Configuring Role-Based Access Control, page 159 • Managing Firmware, page 183 • Configuring DNS Servers, page 237 • Configuring System-Related Policies, page 239 • Managing Licenses, page 247 • Managing Virtual Interfaces, page 259
CHAPTER 5 Configuring the Fabric Interconnects This chapter includes the following sections: • Initial System Setup, page 65 • Performing an Initial System Setup for a Standalone Configuration, page 67 • Initial System Setup for a Cluster Configuration, page 69 • Enabling a Standalone Fabric Interconnect for Cluster Configuration, page 72 • Ethernet Switching Mode, page 72 • Configuring Ethernet Switching Mode, page 73 • Fibre Channel Switching Mode, page 74 • Configuring Fibre Channel Switching Mode, pag
Initial System Setup • Default domain name Setup Mode You can choose to either restore the system configuration from an existing backup file, or manually set up the system by going through the Setup wizard. If you choose to restore the system, the backup file must be reachable from the management network.
Performing an Initial System Setup for a Standalone Configuration Performing an Initial System Setup for a Standalone Configuration Before You Begin 1 Verify the following physical connections on the fabric interconnect: • The console port is physically connected to a computer terminal or console server • The management Ethernet port (mgmt0) is connected to an external hub, switch, or router For more information, refer to the Cisco UCS Hardware Installation Guide for your fabric interconnect.
Performing an Initial System Setup for a Standalone Configuration Step 5 Step 6 Step 7 Copy the web link from the prompt into a supported web browser and go to the Cisco UCS Manager GUI launch page. On the Cisco UCS Manager GUI launch page, select Express Setup. On the Express Setup page, select Initial Setup and click Submit. Step 8 Step 9 In the Cluster and Fabric Setup Area, select the Standalone Mode option.
Initial System Setup for a Cluster Configuration Initial System Setup for a Cluster Configuration Performing an Initial System Setup on the First Fabric Interconnect Before You Begin 1 Verify the following physical connections on the fabric interconnect: • A console port on the first fabric interconnect is physically connected to a computer terminal or console server • The management Ethernet port (mgmt0) is connected to an external hub, switch, or router • The L1 ports on both fabric interconnects are dir
Initial System Setup for a Cluster Configuration You will see the power on self-test messages as the fabric interconnect boots. Step 3 Step 4 At the installation method prompt, enter gui.
Initial System Setup for a Cluster Configuration Field Description Domain Name field The name of the domain in which the fabric interconnect resides. Step 10 Click Submit. A page displays the results of your setup operation.
Enabling a Standalone Fabric Interconnect for Cluster Configuration A page displays the results of your setup operation. Enabling a Standalone Fabric Interconnect for Cluster Configuration You can add a second fabric interconnect to an existing Cisco UCS domain that uses a single standalone fabric interconnect.
Configuring Ethernet Switching Mode denying egress server traffic on more than one uplink port at a time. End-host mode is the default Ethernet switching mode and should be used if either of the following are used upstream: • Layer 2 switching for L2 aggregation • Virtual Switching System (VSS) aggregation layer Note When end-host mode is enabled, if a vNIC is hard pinned to an uplink port and this uplink port goes down, the system cannot re-pin the vNIC, and the vNIC remains down.
Fibre Channel Switching Mode The link for the current mode is dimmed. Step 5 In the dialog box, click Yes. Cisco UCS Manager restarts the fabric interconnect, logs you out, and disconnects Cisco UCS Manager GUI. Fibre Channel Switching Mode The Fibre Channel switching mode determines how the fabric interconnect behaves as a switching device between the servers and storage devices.
Changing the Properties of the Fabric Interconnects Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, expand Equipment > Fabric Interconnects > Fabric_Interconnect_Name. In the Work pane, click the General tab. Step 4 In the Actions area of the General tab, click one of the following links: • Set Fibre Channel Switching Mode • Set Fibre Channel End-Host Mode The link for the current mode is dimmed. Step 5 In the dialog box, click Yes.
Determining the Leadership Role of a Fabric Interconnect Step 8 Step 9 Name Description Default Gateway field The associated gateway. Click OK. Log out of Cisco UCS Manager GUI and log back in again to see your changes. Determining the Leadership Role of a Fabric Interconnect Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 In the Equipment tab, expand Equipment > Fabric Interconnects. Click the fabric interconnect for which you want to identify the role.
CHAPTER 6 Configuring Ports and Port Channels This chapter includes the following sections: • Server and Uplink Ports on the 6100 Series Fabric Interconnect, page 77 • Unified Ports on the 6200 Series Fabric Interconnect, page 78 • Server Ports, page 85 • Uplink Ethernet Ports, page 85 • Reconfiguring a Port on a Fabric Interconnect, page 86 • Enabling a Port on a Fabric Interconnect, page 87 • Disabling a Port on a Fabric Interconnect, page 88 • Unconfiguring a Port on a Fabric Interconnect, page 89 • Ap
Unified Ports on the 6200 Series Fabric Interconnect Note Ports on the 6100 series fabric interconnect are not unified. For more information on Unified Ports, see Unified Ports on the 6200 Series Fabric Interconnect. Each fabric interconnect can include the following port types: Server Ports Server ports handle data traffic between the fabric interconnect and the adapter cards on the servers. You can only configure server ports on the fixed port module. Expansion modules do not include server ports.
Unified Ports on the 6200 Series Fabric Interconnect Changing the port mode results in the existing port configuration being deleted and replaced by a new logical port. Any objects associated with that port configuration, such as VLANs and VSANS, are removed. There is no restriction on the number of times the port mode can be changed for a unified port. Port Types The port type defines the type of traffic carried over a unified port connection.
Unified Ports on the 6200 Series Fabric Interconnect Beacon LEDs for Unified Ports Each port on the 6200 series fabric interconnect has a corresponding beacon LED. When the Beacon LED property is configured, the beacon LEDs illuminate, showing you which ports are configured in a given port mode. The Beacon LED property can be configured to show you which ports are grouped in one port mode: either Ethernet or Fibre Channel. By default, the Beacon LED property is set to Off.
Unified Ports on the 6200 Series Fabric Interconnect Note The total number of uplink Ethernet ports and uplink Ethernet port channel members that can be configured on each fabric interconnect is limited to 31. This limitation includes uplink Ethernet ports and uplink Ethernet port channel members configured on the expansion module. Effect of Port Mode Changes on Data Traffic Port mode changes can cause an interruption to the data traffic for the Cisco UCS domain.
Unified Ports on the 6200 Series Fabric Interconnect Configuring Port Modes for a 6248 Fabric Interconnect Caution Changing the port mode on either module can cause an interruption in data traffic because changes to the fixed module require a reboot of the fabric interconnect and changes on an expansion module require a reboot of that module.
Unified Ports on the 6200 Series Fabric Interconnect What to Do Next Configure the port types for the ports. You can right-click on any port in the module display above the slider and configure that port for an available port type.
Unified Ports on the 6200 Series Fabric Interconnect • Click Next to configure the port mode for ports in expansion module 2. • If you do not wish to configure the port mode for ports on the remaining expansion modules, continue with Step 9. If you change the port mode for a previously configured port, the port returns to an unconfigured state. Step 8 Step 9 If you need to configure port modes for expansion module 3, repeat Step 7. Click Finish to save your port mode configuration.
Server Ports Server Ports Configuring Server Ports You can only configure server ports on the fixed port module. Expansion modules do not include server ports. This task describes only one method of configuring ports. You can also configure ports from a right-click menu, from the General tab for the port, or in the LAN Uplinks Manager. Procedure Step 1 In the Navigation pane, click the Equipment tab.
Reconfiguring a Port on a Fabric Interconnect The port or ports are configured as uplink Ethernet ports, removed from the list of unconfigured ports, and added to the Uplink Ethernet Ports node. What to Do Next If desired, change the properties for the default flow control policy and admin speed of the uplink Ethernet port. Changing the Properties of an Uplink Ethernet Port Procedure Step 1 In the Navigation pane, click the Equipment tab.
Enabling a Port on a Fabric Interconnect • Fixed Module • Expansion Module Step 4 Step 5 Click the port or ports you want to reconfigure. Drag the selected port or ports and drop them in the appropriate node. The port or ports are reconfigured as the appropriate type of port, removed from the original node, and added to the new node. Example: Reconfiguring an Uplink Ethernet Port as a Server Port 1 Expand the Uplink Ethernet Ports node and select the port you want to reconfigure.
Disabling a Port on a Fabric Interconnect The port or ports are enabled. Data traffic can begin to travel through them. Disabling a Port on a Fabric Interconnect After you enable or disable a port on a fabric interconnect, wait for at least 1 minute before you reacknowledge the chassis. If you reacknowledge the chassis too soon, the pinning of server traffic from the chassis may not be updated with the changes to the port that you enabled or disabled.
Unconfiguring a Port on a Fabric Interconnect Unconfiguring a Port on a Fabric Interconnect Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, expand Equipment > Fabric Interconnects > Fabric_Interconnect_Name.
Appliance Ports Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, expand Equipment > Fabric Interconnects > Fabric_Interconnect_Name. Depending upon the location of the ports you want to configure, expand one of the following: • Fixed Module • Expansion Module Step 4 Click one or more of the ports under the Unconfigured Ethernet Ports node.
Appliance Ports Name Description Admin Speed field The data transfer rate for the port, which should match the destination to which the port is linked. This can be one of the following: • 1 Gbps • 10 Gbps • 20 Gbps • 40 Gbps Note Step 8 The admin speed can be changed only for certain ports, and not all speeds are available on all systems. For more information, see the Hardware Installation Guide for your fabric interconnect.
Appliance Ports Name Description MAC Address field The MAC address for the endpoint. Step 10 Click OK. The port or ports are configured as Appliance ports, removed from the list of unconfigured ports, and added to the Appliance Ports node. Modifying the Properties of an Appliance Port Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, expand Equipment > Fabric Interconnects > Fabric_Interconnect_Name.
Appliance Ports Name Description Admin Speed field The data transfer rate for the port, which should match the destination to which the port is linked. This can be one of the following: • 1 Gbps • 10 Gbps • 20 Gbps • 40 Gbps Note Priority drop-down list The admin speed can be changed only for certain ports, and not all speeds are available on all systems. For more information, see the Hardware Installation Guide for your fabric interconnect.
FCoE and Fibre Channel Storage Ports Step 9 Click OK. FCoE and Fibre Channel Storage Ports Configuring an FCoE Storage Port You can configure FCoE storage ports on either the fixed module or an expansion module. This task describes only one method of configuring FCoE storage ports. You can also configure FCoE storage ports from the General tab for the port. Before You Begin The Fibre Channel switching mode must be set to Switching for these ports to be valid.
FCoE and Fibre Channel Storage Ports Before You Begin The Fibre Channel switching mode must be set to Switching for these ports to be valid. The storage ports cannot function in end-host mode. Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 On the Equipment tab, expand Equipment > Fabric Interconnects > Fabric_Interconnect_Name. Expand the Expansion Module node. Click one or more of the ports under the Uplink FC Ports node.
FCoE and Fibre Channel Storage Ports zoning option in Cisco UCS Manager is whether the default zone in a VSAN (nodes not assigned to any zone) permits or denies access among its members. When default zoning is enabled, all traffic is permitted among members of the default zone. When default zoning is disabled, all traffic is denied among members of the default zone. Default zoning is applied on a per-VSAN basis. You cannot enable default zoning at the fabric level.
Uplink Ethernet Port Channels Disabling Default Zoning Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 In the SAN tab, click the SAN node. In the Work pane, click the VSANs tab. Step 4 Click one of the following subtabs, depending upon the type of VSAN for which you want to disable default zoning: Subtab Description All Displays all VSANs in the Cisco UCS domain. Dual Mode Displays the VSANs that are accessible to both fabric interconnects.
Uplink Ethernet Port Channels Creating an Uplink Ethernet Port Channel Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 Step 5 On the LAN tab, expand LAN > LAN Cloud. Expand the node for the fabric interconnect where you want to add the port channel. Right-click the Port Channels node and choose Create Port Channel.
Uplink Ethernet Port Channels Enabling an Uplink Ethernet Port Channel Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the LAN tab, expand LAN > LAN Cloud. Expand the node for the fabric interconnect that includes the port channel you want to enable. Expand the Port Channels node. Right-click the port channel you want to enable and choose Enable Port Channel. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Appliance Port Channels • To remove ports, choose one or more ports in the Ports in the port channel table, and then click the << button to remove the ports from the port channel and add them to the Ports table. Step 7 Click OK. Deleting an Uplink Ethernet Port Channel Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the LAN tab, expand LAN > LAN Cloud. Expand the node for the fabric interconnect where you want to delete the port channel.
Appliance Port Channels Name Description Name field A user-defined name for the port channel. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Priority drop-down list The quality of service setting associated with this interface. This can be one of the following: • Fc—Use this priority for vHBA traffic only.
Appliance Port Channels Name Description Select column Check the check box in this column for each VLAN you want to use. Name column The name of the VLAN. Native VLAN column To designate one of the VLANs as the native VLAN, click the radio button in this column. c) If you clicked the access radio button, choose a VLAN from the Select VLAN drop-down list.
Appliance Port Channels Enabling an Appliance Port Channel Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the LAN tab, expand LAN > Appliances. Expand the node for the fabric interconnect that includes the port channel you want to enable. Expand the Port Channels node. Right-click the port channel you want to enable and choose Enable Port Channel. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Fibre Channel Port Channels • To remove ports, choose one or more ports in the Ports in the port channel table, and then click the << button to remove the ports from the port channel and add them to the Ports table. Step 7 Click OK. Deleting an Appliance Port Channel Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the LAN tab, expand LAN > Appliances. Expand the node for the fabric interconnect that includes the port channel you want to enable.
Fibre Channel Port Channels Name Description ID field The identifier for the port channel. Enter an integer between 1 and 256. This ID cannot be changed after the port channel has been saved. Name field A user-defined name for the port channel. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. b) Click Next.
Fibre Channel Port Channels Disabling a Fibre Channel Port Channel Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 On the SAN tab, expand SAN > SAN Cloud > Fabric > FC Port Channels. Click the port channel you want to disable. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Disable Port Channel. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Fibre Channel Port Channels Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 On the SAN tab, expand SAN > SAN Cloud > Fabric > FC Port Channels. Click the port channel that you want to modify. In the Work pane, click the General tab. Step 5 In the Actions area, change the values in one or more of the following fields: Name Description Name field The user-defined name given to the port channel. This name can be between 1 and 16 alphanumeric characters.
Adapter Port Channels Adapter Port Channels An adapter port channel groups all the physical links from a Cisco UCS Virtual Interface Card (VIC) to an IOM into one logical link. Adapter port channels are created and managed internally by Cisco UCS Manager when it detects that the correct hardware is present. Adapter port channels cannot be configured manually.
Fabric Port Channels Cabling Considerations for Fabric Port Channels When you configure the links between the Cisco UCS 2200 Series IOM and a Cisco UCS 6200 series fabric interconnect in fabric port channel mode, the available VIF namespace on the adapter varies depending on where the IOM uplinks are connected to the fabric interconnect ports. Inside the 6248 fabric interconnect there are six sets of eight contiguous ports, with each set of ports managed by a single chip.
Fabric Port Channels What to Do Next To add or remove chassis links from a fabric port channel after making a change to the chassis discovery policy or the chassis connectivity policy, reacknowledge the chassis. Chassis reacknowledgement is not required to enable or disable chassis member ports from a fabric port channel Viewing Fabric Port Channels Procedure Step 1 In the Navigation pane, click the Equipment tab.
Configuring Server Ports with the Internal Fabric Manager Configuring Server Ports with the Internal Fabric Manager Internal Fabric Manager The Internal Fabric Manager provides a single interface where you can configure server ports for a fabric interconnect in a Cisco UCS domain. The Internal Fabric Manager is accessible from the General tab for that fabric interconnect.
Configuring Server Ports with the Internal Fabric Manager Unconfiguring a Server Port with the Internal Fabric Manager Procedure Step 1 Step 2 Step 3 Step 4 In the Internal Fabric Manager, click the server port in the Server Ports table. Click Unconfigure Port. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. If you have completed all tasks in the Internal Fabric Manager, click OK.
CHAPTER 7 Configuring Communication Services This chapter includes the following sections: • Communication Services, page 113 • Configuring CIM-XML, page 114 • Configuring HTTP, page 115 • Configuring HTTPS, page 115 • Configuring SNMP, page 121 • Enabling Telnet, page 129 • Disabling Communication Services, page 129 Communication Services You can use the following communication services to interface third-party applications with Cisco UCS: Communication Service Description CIM XML This service is dis
Configuring CIM-XML Communication Service Description HTTP This service is enabled on port 80 by default. You must enable either HTTP or HTTPS to run Cisco UCS Manager GUI. If you select HTTP, all data is exchanged in clear text mode. For security purposes, we recommend that you enable HTTPS and disable HTTP. By default, Cisco UCS redirects any attempt to communicate via HTTP to the HTTPS equivalent. We recommend that you do not change this behavior.
Configuring HTTP The CIM-XML area expands to display the available configuration options. Step 5 (Optional) In the Port field, change the default port that Cisco UCS Manager GUI will use for CIM-XML. The default port is 5988. Step 6 Click Save Changes. Configuring HTTP Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Communication Management > Communication Services. Click the Communication Services tab.
Configuring HTTPS to 2048 bits. In general, a longer key is more secure than a shorter key. Cisco UCS Manager provides a default key ring with an initial 1024-bit key pair, and allows you to create additional key rings. The default key ring certificate must be manually regenerated if the cluster name changes or the certificate expires. This operation is only available in the UCS Manager CLI. Certificates To prepare for secure communications, two devices first exchange their digital certificates.
Configuring HTTPS c) Click OK. What to Do Next Create a certificate request for this key ring. Creating a Certificate Request for a Key Ring Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Key Management. Step 5 Step 6 In the General tab, click Create Certificate Request. In the Create Certificate Request dialog box, complete the following fields: Click the key ring for which you want to create a certificate request.
Configuring HTTPS Name Description Organization Unit Name field The organizational unit. Enter up to 64 characters. You can use any letters, numbers, or spaces, as well as the following special characters: , (comma), . (period), @ (at sign), ^ (carat), ( (open parenthesis), ) (close parenthesis), - (dash), _ (underscore), + (plus sign), : (colon), / (forward slash). Step 7 Step 8 Step 9 Email field The email address associated with the request. Password field An optional password for this request.
Configuring HTTPS Name Description Certificate Chain field The certificate information for this trusted point. The certificate must be in Base64 encoded X.509 (CER) format. Important Step 5 Click OK. What to Do Next When you receive the certificate from the trust anchor or certificate authority, import it into the key ring. Importing a Certificate into a Key Ring Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Key Management.
Configuring HTTPS Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Communication Management > Communication Services. Select the Communication Services tab. In the HTTPS area, click the enabled radio button. The HTTPS area expands to display the available configuration options.
Configuring SNMP Step 6 Click Save Changes. Deleting a Key Ring Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Key Management. Right-click the key ring you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Deleting a Trusted Point Before You Begin Ensure that the trusted point is not used by a key ring. Procedure Step 1 In the Navigation pane, click the Admin tab.
Configuring SNMP • An SNMP manager—The system used to control and monitor the activities of network devices using SNMP. • An SNMP agent—The software component within Cisco UCS, the managed device, that maintains the data for Cisco UCS and reports the data, as needed, to the SNMP manager. Cisco UCS includes the agent and a collection of MIBs. To enable the SNMP agent and create the relationship between the manager and agent, enable and configure SNMP in Cisco UCS Manager.
Configuring SNMP • noAuthNoPriv—No authentication or encryption • authNoPriv—Authentication but no encryption • authPriv—Authentication and encryption SNMPv3 provides for both security models and security levels. A security model is an authentication strategy that is set up for a user and the role in which the user resides. A security level is the permitted level of security within a security model.
Configuring SNMP Model Level Authentication Encryption What Happens v3 authPriv HMAC-MD5 or HMAC-SHA DES Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Provides Data Encryption Standard (DES) 56-bit encryption in addition to authentication based on the Cipher Block Chaining (CBC) DES (DES-56) standard. SNMPv3 Security Features SNMPv3 provides secure access to devices by a combination of authenticating and encrypting frames over the network.
Configuring SNMP AES Privacy Protocol for SNMPv3 Users Cisco UCS uses Advanced Encryption Standard (AES) as one of the privacy protocols for SNMPv3 message encryption and conforms with RFC 3826. The privacy password, or priv option, offers a choice of DES or 128-bit AES encryption for SNMP security encryption. If you enable AES-128 configuration and include a privacy password for an SNMPv3 user, Cisco UCS Manager uses the privacy password to generate a 128-bit AES key.
Configuring SNMP Name Description System Location field The location of the host on which the SNMP agent (server) runs. Enter an alphanumeric string up to 510 characters. Step 5 Click Save Changes. What to Do Next Create SNMP traps and users. Creating an SNMP Trap Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > Communication Management > Communication Services. Select the Communication Services tab.
Configuring SNMP Name Description Type field If you select V2c or V3 for the version, the type of trap to send. This can be one of the following: • Traps • Informs v3 Privilege field If you select V3 for the version, the privilege associated with the trap. This can be one of the following: • Auth—Authentication but no encryption • Noauth—No authentication or encryption • Priv—Authentication and encryption Step 6 Step 7 Click OK. Click Save Changes.
Configuring SNMP Creating an SNMPv3 user Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > Communication Management > Communication Services. Select the Communication Services tab. In the SNMP Users area, click +. In the Create SNMP User dialog box, complete the following fields: Name Description Name field The username assigned to the SNMP user. Enter up to 32 letters or numbers.
Enabling Telnet Deleting an SNMPv3 User Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 On the Admin tab, expand All > Communication Management > Communication Services. Select the Communication Services tab. In the SNMP Users area, click the row in the table that corresponds to the user you want to delete. Click the Delete icon to the right of the table. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Disabling Communication Services Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 8 Configuring Authentication This chapter includes the following sections: • Authentication Services, page 131 • Guidelines and Recommendations for Remote Authentication Providers, page 131 • User Attributes in Remote Authentication Providers, page 132 • LDAP Group Rule, page 134 • Configuring LDAP Providers, page 134 • Configuring RADIUS Providers, page 142 • Configuring TACACS+ Providers, page 144 • Configuring Multiple Authentication Systems, page 146 • Selecting a Primary Authentication Servic
User Attributes in Remote Authentication Providers User Accounts in Remote Authentication Services User accounts can exist locally in Cisco UCS Manager or in the remote authentication server. The temporary sessions for users who log in through remote authentication services can be viewed through Cisco UCS Manager GUI or Cisco UCS Manager CLI.
User Attributes in Remote Authentication Providers Authentication Provider Custom Attribute Schema Extension RADIUS Optional Optional. You can choose to do either of the following: Attribute ID Requirements The vendor ID for the Cisco RADIUS implementation is 009 and the vendor ID for the attribute is • Do not extend the RADIUS 001. schema and use an existing, unused attribute that meets The following syntax example shows how to specify multiples user the requirements.
LDAP Group Rule lDAPDisplayName: CiscoAVPair name: CiscoAVPair objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,CN=X LDAP Group Rule The LDAP group rule is used to determine whether Cisco UCS should use LDAP groups when assigning user roles and locales to a remote user. Configuring LDAP Providers Configuring Properties for LDAP Providers The properties that you configure in this task are the default settings for all provider connections of this type defined in Cisco UCS Manager.
Configuring LDAP Providers Name Description Base DN field The specific distinguished name in the LDAP hierarchy where the server should begin a search when a remote user logs in and the system attempts to get the user's DN based on their username. The maximum supported string length is 127 characters. This property is required. If you do not specify a base DN on this tab then you must specify one on the General tab for every LDAP provider defined in this Cisco UCS domain.
Configuring LDAP Providers • If you want to use secure communications, create a trusted point containing the certificate of the root certificate authority (CA) of the LDAP server in Cisco UCS Manager. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > User Management > LDAP. In the Work pane, click the General tab. Step 4 Step 5 In the Actions area, click Create LDAP Provider.
Configuring LDAP Providers Name Description Filter field The LDAP search is restricted to those usernames that match the defined filter. This value is required unless a default filter has been set on the LDAP General tab. Attribute field An LDAP attribute that stores the values for the user roles and locales. This property is always a name-value pair. The system queries the user record for the value that matches this attribute name.
Configuring LDAP Providers Name Description Group Authorization field Whether Cisco UCS also searches LDAP groups when authenticating and assigning user roles and locales to remote users. This can be one of the following: • Disable—Cisco UCS does not access any LDAP groups. • Enable—Cisco UCS searches all LDAP groups mapped in this Cisco UCS domain. If the remote user is found, Cisco UCS assigns the user roles and locales defined for that LDAP group in the associated LDAP group map.
Configuring LDAP Providers Changing the LDAP Group Rule for an LDAP Provider Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > LDAP. Expand LDAP Providers and choose the LDAP provider for which you want to change the group rule. In the Work pane, click the General tab.
Configuring LDAP Providers Step 6 Click Save Changes. Deleting an LDAP Provider Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > User Management > LDAP. Expand LDAP Providers. Right-click the LDAP provider you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring LDAP Providers Creating an LDAP Group Map Before You Begin • Create an LDAP group in the LDAP server. • Configure the distinguished name for the LDAP group in the LDAP server. • Create locales in Cisco UCS Manager (optional). • Create custom roles in Cisco UCS Manager (optional). Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > LDAP. Right-click LDAP Group Maps and choose Create LDAP Group Map.
Configuring RADIUS Providers Configuring RADIUS Providers Configuring Properties for RADIUS Providers The properties that you configure in this task are the default settings for all provider connections of this type defined in Cisco UCS Manager. If an individual provider includes a setting for any of these properties, Cisco UCS uses that setting and ignores the default setting. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 In the Admin tab, expand User Management > RADIUS.
Configuring RADIUS Providers The following syntax example shows how to specify multiples user roles and locales if you choose to create the cisco-avpair attribute: shell:roles="admin,aaa" shell:locales="L1,abc". Use a comma "," as the delimiter to separate multiple values. • For a cluster configuration, add the management port IP addresses for both fabric interconnects.
Configuring TACACS+ Providers b) Click OK. Step 4 Click Save Changes. What to Do Next For implementations involving a single RADIUS database, select RADIUS as the primary authentication service. For implementations involving multiple RADIUS databases, configure a RADIUS provider group. Deleting a RADIUS Provider Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 In the Admin tab, expand User Management > RADIUS.
Configuring TACACS+ Providers What to Do Next Create an TACACS+ provider. Creating a TACACS+ Provider Cisco UCS Manager supports a maximum of 16 TACACS+ providers. Before You Begin Perform the following configuration in the TACACS+ server: • Create the cisco-av-pair attribute. You cannot use an existing TACACS+ attribute. The cisco-av-pair name is the string that provides the attribute ID for the TACACS+ provider.
Configuring Multiple Authentication Systems Name Description Port field The port through which Cisco UCS should communicate with the TACACS+ database. Enter an integer between 1 and 65535. The default port is 49. Timeout field The length of time in seconds the system should spend trying to contact the TACACS+ database before it times out. Enter an integer from 1 to 60 seconds, or enter 0 (zero) to use the global timeout value specified on the TACACS+ General tab. The default is 5 seconds.
Configuring Multiple Authentication Systems Provider Groups A provider group is a set of providers that will be used by Cisco UCS during the authentication process. Cisco UCS Manager allows you to create a maximum of 16 provider groups, with a maximum of eight providers allowed per group. During authentication, all the providers within a provider group are tried in order.
Configuring Multiple Authentication Systems Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > User Management > LDAP. Expand LDAP Provider Groups. Right-click the LDAP provider group you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Creating a RADIUS Provider Group Creating a RADIUS provider group allows you to authenticate using multiple RADIUS databases.
Configuring Multiple Authentication Systems Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > User Management > RADIUS. Expand RADIUS Provider Groups. Right-click the RADIUS provider group you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Creating a TACACS+ Provider Group Creating a TACACS+ provider group allows you to authenticate using multiple TACACS+ databases.
Configuring Multiple Authentication Systems Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > User Management > TACACS+. Expand TACACS+ Provider Groups. Right-click the TACACS+ provider group you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Authentication Domains Authentication domains are used by Cisco UCS Manager to leverage multiple authentication systems.
Selecting a Primary Authentication Service Name Description Web Session Refresh Period field When a web client connects to Cisco UCS Manager, the client needs to send refresh requests to Cisco UCS Manager to keep the web session active. This option specifies the maximum amount of time allowed between refresh requests for a user in this domain. If this time limit is exceeded, Cisco UCS Manager considers the web session to be inactive, but it does not terminate the session.
Selecting a Primary Authentication Service Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > Authentication. Click Native Authentication. In the Work pane, click the General tab. Step 5 In the Console Authentication area, complete the following fields: Name Description Realm field The method by which a user logging into the console is authenticated.
Selecting a Primary Authentication Service Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > Authentication. Click Native Authentication. In the Work pane, click the General tab. Step 5 In the Default Authentication area, complete the following fields: Name Description Realm drop-down list The default method by which a user is authenticated during remote login.
Selecting a Primary Authentication Service assign-default-role Does not restrict user access to Cisco UCS Manager based on user roles. Read-only access is granted to all users unless other user roles have been defined in Cisco UCS Manager. This is the default behavior. no-login Restricts user access to Cisco UCS Manager based on user roles. If user roles have not been assigned for the remote authentication system, access is denied.
CHAPTER 9 Configuring Organizations This chapter includes the following sections: • Organizations in a Multi-Tenancy Environment, page 155 • Hierarchical Name Resolution in a Multi-Tenancy Environment, page 156 • Creating an Organization under the Root Organization, page 157 • Creating an Organization under a Sub-Organization, page 158 • Deleting an Organization, page 158 Organizations in a Multi-Tenancy Environment Multi-tenancy allows you to divide up the large physical infrastructure of an Cisco UCS d
Hierarchical Name Resolution in a Multi-Tenancy Environment • Service profile templates The root organization is always the top level organization. Hierarchical Name Resolution in a Multi-Tenancy Environment In a multi-tenant environment, Cisco UCS uses the hierarchy of an organization to resolve the names of policies and resource pools.
Creating an Organization under the Root Organization 5 If the default server pool in the root organization has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the default pool does not have an available server, Cisco UCS Manager returns an allocation error. Example: Server Pool Name Resolution in a Multi-Level Hierarchy In this example, each organization includes at least one suborganization.
Creating an Organization under a Sub-Organization This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Step 3 Step 4 In the Description field, enter a description for the organization. Click OK. Creating an Organization under a Sub-Organization Procedure Step 1 In the Navigation pane, click the Servers tab.
CHAPTER 10 Configuring Role-Based Access Control This chapter includes the following sections: • Role-Based Access Control, page 159 • User Accounts for Cisco UCS Manager , page 159 • User Roles, page 162 • User Locales, page 166 • Configuring User Roles, page 167 • Configuring Locales, page 169 • Configuring Locally Authenticated User Accounts, page 171 • Password Profile for Locally Authenticated Users, page 177 • Monitoring User Sessions, page 180 Role-Based Access Control Role-Based Access Control (R
User Accounts for Cisco UCS Manager A user account can be set with a SSH public key. The public key can be set in either of the two formats: OpenSSH and SECSH. Admin Account Each Cisco UCS domain has an admin account. The admin account is a default user account and cannot be modified or deleted. This account is the system administrator or superuser account and has full privileges. There is no default password assigned to the admin account; you must choose the password during the initial system setup.
User Accounts for Cisco UCS Manager • The unique username for each user account cannot be all-numeric. You cannot create a local user with an all-numeric username. • The unique username must start with an alphabetic character. It cannot start with a number or a special character, such as an underscore. After you create a user account, you cannot change the username. You must delete the user account and create a new one.
User Roles • debug Guidelines for Cisco UCS Manager Passwords A password is required for each locally authenticated user account. A user with admin or aaa privileges can configure Cisco UCS Manager to perform a password strength check on user passwords. If the password strength check is enabled, each user must have a strong password. Cisco recommends that each user have a strong password.
User Roles Roles can be created, modified to add new or remove existing privileges, or deleted. When a role is modified, the new privileges are applied to all users assigned to that role. Privilege assignment is not restricted to the privileges defined for the default roles. That is, you can use a custom set of privileges to create a unique role.
User Roles Server Profile Administrator Read-and-write access to logical server related operations. Read access to the rest of the system. Server Security Administrator Read-and-write access to server security related operations. Read access to the rest of the system. Storage Administrator Read-and-write access to storage operations. Read access to the rest of the system. Reserved Words: User Roles The following words cannot be used when creating custom roles in Cisco UCS Manager.
User Roles Privilege Description Default Role Assignment ext-san-security External SAN security Storage Administrator fault Alarms and alarm policies Operations operations Logs and Smart Call Home Operations pod-config Pod configuration Network Administrator pod-policy Pod policy Network Administrator pod-qos Pod QoS Network Administrator pod-security Pod security Network Administrator power-mgmt Read-and-write access to power management operations Facility Manager read-only Rea
User Locales Privilege Description Default Role Assignment service-profile-server Service profile server management Server Profile Administrator service-profile-server-oper Service profile consumer Server Profile Administrator service-profile-server-policy Service profile pool policy Server Security Administrator service-profile-storage Service profile storage Storage Administrator service-profile-storage-policy Service profile storage policy Storage Administrator User Locales A user can b
Configuring User Roles Configuring User Roles Creating a User Role Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > User Management > User Services. Right-click User Services and choose Create Role. You can also right-click Roles to access that option. Step 4 In the Create Role dialog box, complete the following fields: Name Description Name field A user-defined name for this user role.
Configuring User Roles Adding Privileges to a User Role Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the Admin tab, expand All > User Management > User Services. Expand the Roles node. Choose the role to which you want to add privileges. In the General tab, check the boxes for the privileges you want to add to the role. Click Save Changes. Removing Privileges from a User Role Procedure Step 1 In the Navigation pane, click the Admin tab.
Configuring Locales Configuring Locales Creating a Locale Before You Begin One or more organizations must exist before you create a locale. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > User Services. Right-click Locales and choose Create a Locale. In the Create Locale page, do the following: a) In the Name field, enter a unique name for the locale. This name can be between 1 and 16 alphanumeric characters.
Configuring Locales Assigning an Organization to a Locale Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > User Services. Expand the Locales node and click the locale to which you want to add an organization. In the Work pane, click the General tab. Step 5 Step 6 In the Organizations area, click + on the table icon bar.
Configuring Locally Authenticated User Accounts Deleting a Locale Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 Step 5 On the Admin tab, expand All > User Management > User Services. Expand the Locales node. Right-click the locale you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring Locally Authenticated User Accounts Name Description Login ID field The account name that is used when logging into this account. This account must be unique and meet the guidelines and restrictions for Cisco UCS Manager user accounts. • The login ID can contain between 1 and 32 characters, including the following: ◦ Any alphabetic character ◦ Any digit ◦ _ (underscore) ◦ - (dash) ◦ . (dot) • The unique username for each user account cannot be all-numeric.
Configuring Locally Authenticated User Accounts Name Description Password field The password associated with this account. If password strength check is enabled, a user's password must be strong and Cisco UCS Manager rejects any password that does not meet the following requirements: • Must contain a minimum of 8 characters and a maximum of 64 characters.
Configuring Locally Authenticated User Accounts Step 5 Step 6 Step 7 In the Roles area, check one or more boxes to assign roles and privileges to the user account. Note Do not assign locales to users with an admin or aaa role. (Optional) If the system includes organizations, check one or more check boxes in the Locales area to assign the user to the appropriate locales.
Configuring Locally Authenticated User Accounts Name Description Maximum Sessions Per User field The maximum number of concurrent HTTP and HTTPS sessions allowed for each user. Enter an integer between 1 and 256. Maximum Sessions field The maximum number of concurrent HTTP and HTTPS sessions allowed for all users within the system. Enter an integer between 1 and 256. Step 5 Click Save Changes.
Configuring Locally Authenticated User Accounts Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > User Services > Locally Authenticated Users. Click the user account that you want to modify. In the Work pane, click the General tab. Step 5 In the Roles area, do the following: • To assign a new role to the user account, check the appropriate check boxes.
Password Profile for Locally Authenticated Users Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > User Services > Locally Authenticated Users. Click the user that you want to disable. In the Work pane, click the General tab. Step 5 In the Account Status field, click the inactive radio button. The admin user account is always set to active. It cannot be modified. Step 6 Click Save Changes.
Password Profile for Locally Authenticated Users Note You must have admin or aaa privileges to change the password profile properties. Except for password history, these properties do not apply to users with admin or aaa privileges. Password History Count The password history count allows you to prevent locally authenticated users from reusing the same password over and over again.
Password Profile for Locally Authenticated Users Configuring the Maximum Number of Password Changes for a Change Interval You must have admin or aaa privileges to change the password profile properties. Except for password history, these properties do not apply to users with admin or aaa privileges. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > User Services. Click the Locally Authenticated Users node.
Monitoring User Sessions Configuring the Password History Count You must have admin or aaa privileges to change the password profile properties. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > User Management > User Services. Click the Locally Authenticated Users node.
Monitoring User Sessions Name Description Refresh Period column When a web client connects to Cisco UCS Manager, the client needs to send refresh requests to Cisco UCS Manager to keep the web session active. This option specifies the maximum amount of time allowed between refresh requests for a user in this domain. If this time limit is exceeded, Cisco UCS Manager considers the web session to be inactive, but it does not terminate the session.
Monitoring User Sessions Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 11 Managing Firmware This chapter includes the following sections: • Overview of Firmware, page 183 • Firmware Image Management, page 184 • Firmware Versions, page 186 • Firmware Upgrades, page 187 • Firmware Downgrades, page 199 • Completing the Prerequisites for Upgrading the Firmware, page 199 • Downloading and Managing Firmware Packages, page 204 • Directly Upgrading Firmware at Endpoints, page 210 • Upgrading Firmware through Service Profiles, page 222 • Verifying Firmware Versions on Compone
Firmware Image Management • Endpoints physically located on servers, such as the BIOS, storage controller (RAID controller), and Cisco Integrated Management Controller (CIMC) that can be upgraded through firmware packages included in a service profile See the required order of steps for your upgrade path to determine the appropriate order in which to upgrade the endpoints in your Cisco UCS domain. Note Beginning with Cisco UCS, Release 1.
Firmware Image Management Cisco UCS B-Series Blade Server Software Bundle This bundle includes the following firmware images that are required to update the firmware for the blade servers in a Cisco UCS domain. In addition to the bundles created for a release, these bundles can also be released between infrastructure bundles to enable Cisco UCS Manager to support a blade server that is not included in the most recent infrastructure bundle.
Firmware Versions Packages This view provides you with a read-only representation of the firmware bundles that have been downloaded onto the fabric interconnect. This view is sorted by image, not by the contents of the image. For packages, you can use this view to see which component images are in each downloaded firmware bundle. Images The images view lists the component images available on the system. You cannot use this view to see complete firmware bundles or to group the images by bundle.
Firmware Upgrades Firmware Versions in the Fabric Interconnect and Cisco UCS Manager You can only activate the fabric interconnect firmware and Cisco UCS Manager on the fabric interconnect. The fabric interconnect and Cisco UCS Manager firmware do not have backup versions, because all the images are stored on the fabric interconnect. As a result, the number of bootable fabric interconnect images is not limited to two, like the server CIMC and adapters.
Firmware Upgrades Configuration Changes and Settings that Can Impact Upgrades Depending upon the configuration of your Cisco UCS domain, the following changes may require you to make configuration changes after you upgrade. To avoid faults and other issues, we recommend that you make any required changes before you upgrade. Overlapping FCoE VLAN IDs and Ethernet VLAN IDs Are No Longer Allowed with Cisco UCS Release 2.0 Caution In Cisco UCS 1.
Firmware Upgrades If a VSAN has an ID in the reserved range, change that VSAN ID to any VSAN ID that is not used or reserved. All Connectivity May Be Lost During Upgrades if vNIC Failover and NIC Teaming Are Both Enabled All connectivity may be lost during firmware upgrades if you have configured both Enable Failover on one or more vNICs and you have also configured NIC teaming/bonding at the host operating system level. Please design for availability by using one or the other method, but never both.
Firmware Upgrades No Server or Chassis Maintenance Caution Do not remove the hardware that contains the endpoint or perform any maintenance on it until the update process has completed. If the hardware is removed or otherwise unavailable due to maintenance, the firmware update fails. This failure may corrupt the backup partition. You cannot update the firmware on an endpoint with a corrupted backup partition.
Firmware Upgrades Determine Appropriate Type of Firmware Upgrade for Each Endpoint Some endpoints, such as adapters and the server CIMC, can be upgraded through either a direct firmware upgrade or a firmware package included in a service profile. The configuration of a Cisco UCS domain determines how you upgrade these endpoints. If the service profiles associated with the servers include a host firmware package, upgrade the adapters for those servers through the firmware package.
Firmware Upgrades Required Order of Components for Firmware Activation If you upgrade firmware by individual components in a Cisco UCS domain, activate the updates in the required order for quicker activation and to avoid potential issues with conflicting firmware versions. Summary of Steps for Upgrading from Cisco UCS, Release 1.0(2) and Later 1 Download the following firmware images: • Cisco UCS Infrastructure Software Bundle—Required for all Cisco UCS domains.
Firmware Upgrades • Cisco UCS B-Series Blade Server Software Bundle—Required for all Cisco UCS domains that include blade servers. • Cisco UCS C-Series Rack-Mount Server Software Bundle—Only required for Cisco UCS domains that include integrated rack-mount servers. This bundle contains firmware to enable Cisco UCS Manager to manage those servers and is not applicable to standalone C-Series rack-mount servers.
Firmware Upgrades 1 Insert the blade server into the chassis as described in the server installation guide. Cisco UCS Manager cannot discover the server as it is unsupported, and the finite state machine (FSM) for the discovery fails with an unsupported server error. 2 Obtain the B-Series server bundle for the new blade server from Cisco.com and download it to the fabric interconnect. 3 Activate the Capability Catalog image from the server bundle. 4 Activate the Management Extension from the server bundle.
Firmware Upgrades Note Upgrades of a CIMC through a management firmware package or an adapter through a firmware package in the service profile associated with the server take precedence over direct firmware upgrades. You cannot directly upgrade an endpoint if the service profile associated with the server includes a firmware package. To perform a direct upgrade, you must remove the firmware package from the service profile.
Firmware Upgrades Caution When you configure Set Startup Version Only for an I/O module, the I/O module is rebooted when the fabric interconnect in its data path is rebooted. If you do not configure Set Startup Version Only for an I/O module, the I/O module reboots and disrupts traffic.
Firmware Upgrades • Any activities being performed on the server through the KVM console and vMedia are interrupted. • Any monitoring or IPMI polling is interrupted. Outage Impact of an Adapter Firmware Upgrade If you activate the firmware for an adapter and do not configure the Set Startup Version Only option, you cause the following outage impacts and disruptions: • The server reboots. • Server traffic is disrupted.
Firmware Upgrades This policy ensures that the host firmware is identical on all servers associated with service profiles which use the same policy. Therefore, if you move the service profile from one server to another, the firmware versions are maintained. Also, if you change the firmware version for an endpoint in the firmware package, new versions are applied to all the affected service profiles immediately, which could cause server reboots.
Firmware Downgrades Service Profile Association During this stage, you include the firmware packages in a service profile, and then associate the service profile with a server. The system pushes the selected firmware versions to the endpoints. For a host firmware package, the server is rebooted to ensure that the endpoints are running the versions specified in the firmware package.
Completing the Prerequisites for Upgrading the Firmware • Back up the configuration into an All Configuration backup file. • For a cluster configuration, verify that the high availability status of the fabric interconnects shows that both are up and running. • For a standalone configuration, verify that the Overall Status of the fabric interconnect is Operable. • Verify that the data path is up and running. For more information, see Verifying that the Data Path is Ready.
Completing the Prerequisites for Upgrading the Firmware If you do not, these identities may be changed after the import and operations such as a PXE boot or a SAN boot may no longer function. • Protocol field—Click the one of the following radio buttons to indicate the protocol you want to use to transfer the file to the backup server: ◦ FTP ◦ TFTP ◦ SCP ◦ SFTP • Hostname field—Enter the IP address or hostname of the location where the backup file is to be stored.
Completing the Prerequisites for Upgrading the Firmware Verifying the Overall Status of the Fabric Interconnects Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Fabric Interconnects. Click the node for the fabric interconnect that you want to verify. In the Work pane, click the General tab. Step 5 In the Status area, verify that the Overall Status is operable.
Completing the Prerequisites for Upgrading the Firmware Verifying the Status of I/O Modules Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis. Click on the chassis for which you want to verify the status of the I/O modules. In the Work pane, click the IO Modules tab.
Downloading and Managing Firmware Packages Step 5 If you need to verify that a server has been discovered, do the following: a) Right-click the server for which you want to verify the discovery status and choose Show Navigator. b) In the Status Details area of the General tab, verify that the Discovery State field displays a value of complete. If the fields in the Status Details area are not displayed, click the Expand icon to the right of the heading.
Downloading and Managing Firmware Packages • Cisco UCS C-Series Rack-Mount Server Software Bundle—Only required for Cisco UCS domains that include integrated rack-mount servers. This bundle contains firmware to enable Cisco UCS Manager to manage those servers and is not applicable to standalone C-Series rack-mount servers. Procedure Step 1 Step 2 Step 3 Step 4 Step 5 In a web browser, navigate to Cisco.com. Under Support, click All Downloads. In the center pane, click Unified Computing and Servers.
Downloading and Managing Firmware Packages Downloading Firmware Images to the Fabric Interconnect from a Remote Location Note In a cluster setup, the image file for the firmware bundle is downloaded to both fabric interconnects, regardless of which fabric interconnect is used to initiate the download. Cisco UCS Manager maintains all firmware packages and images in both fabric interconnects in sync. If one fabric interconnect is down, the download still finishes successfully.
Downloading and Managing Firmware Packages Name Description Path field The absolute path to the file on the remote server. If you use SCP, the absolute path is always required. If you use any other protocol, you may not need to specify a remote path if the file resides in the default download folder. For details about how your file server is configured, contact your system administrator. Step 8 User field The username the system should use to log in to the remote server.
Downloading and Managing Firmware Packages Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Firmware Management tab. Step 4 Step 5 Step 6 Click the Installed Firmware tab. Click Download Firmware. In the Download Firmware dialog box, click the Local File System radio button in the Location of the Image File field. In the Filename field, type the full path and and name of the image file.
Downloading and Managing Firmware Packages Determining the Contents of a Firmware Package Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Firmware Management tab. Step 4 Step 5 On the Packages subtab, click the + icon next to a package to view its contents. To take a snapshot of the package contents, do the following: a) Highlight the rows that include the image name and its contents.
Directly Upgrading Firmware at Endpoints Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Firmware Management tab. Step 4 Step 5 On the Firmware Management tab, click the Packages tab. In the table, click the package that you want to delete. You can use the Shift key or Ctrl key to select multiple entries. Step 6 Step 7 Right-click the highlighted package or packages and choose Delete.
Directly Upgrading Firmware at Endpoints Caution Do not remove the hardware that contains the endpoint or perform any maintenance on it until the update process has completed. If the hardware is removed or otherwise unavailable due to maintenance, the firmware update fails. This failure may corrupt the backup partition. You cannot update the firmware on an endpoint with a corrupted backup partition. Procedure Step 1 In the Navigation pane, click the Equipment tab.
Directly Upgrading Firmware at Endpoints What to Do Next Activate the firmware. Updating the Firmware on an Adapter Caution Do not remove the hardware that contains the endpoint or perform any maintenance on it until the update process has completed. If the hardware is removed or otherwise unavailable due to maintenance, the firmware update fails. This failure may corrupt the backup partition. You cannot update the firmware on an endpoint with a corrupted backup partition.
Directly Upgrading Firmware at Endpoints Activating the Firmware on an Adapter Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Expand the node for the server that includes the adapter for which you want to activate the updated firmware. Expand Adapters and select the adapter for which you want to activate the firmware. In the General tab, click Activate Firmware.
Directly Upgrading Firmware at Endpoints Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Expand the node for the server for which you want to update the BIOS firmware. On the General tab, click the Inventory tab. Click the Motherboard tab. In the Actions area, click Update Bios Firmware.
Directly Upgrading Firmware at Endpoints d) Click OK. Updating the CIMC Firmware on a Server Caution Do not remove the hardware that contains the endpoint or perform any maintenance on it until the update process has completed. If the hardware is removed or otherwise unavailable due to maintenance, the firmware update fails. This failure may corrupt the backup partition. You cannot update the firmware on an endpoint with a corrupted backup partition.
Directly Upgrading Firmware at Endpoints Caution Do not remove the hardware that contains the endpoint or perform any maintenance on it until the update process has completed. If the hardware is removed or otherwise unavailable due to maintenance, the firmware update fails. This failure may corrupt the backup partition. You cannot update the firmware on an endpoint with a corrupted backup partition. Procedure Step 1 In the Navigation pane, click the Equipment tab.
Directly Upgrading Firmware at Endpoints Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 Step 5 On the Equipment tab, expand Equipment > Chassis > Chassis Number > IO Modules. Click the I/O module that you want to update. In the General tab, click Update Firmware. In the Update Firmware dialog box, do the following: a) From the Version drop-down list, select the firmware version to which you want to update the endpoint.
Directly Upgrading Firmware at Endpoints d) Click OK. Activating the Board Controller Firmware on a Server Only certain servers, such as the Cisco UCS B440 High Performance blade server and the Cisco UCS B230 blade server, have board controller firmware. The board controller firmware controls many of the server functions, including eUSBs, LEDs, and I/O connectors. Note This activation procedure causes the server to reboot.
Directly Upgrading Firmware at Endpoints Activating the Cisco UCS Manager Software Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Firmware Management tab. Step 4 On the Installed Firmware tab, click Activate Firmware. Cisco UCS Manager GUI opens the Activate Firmware dialog box and verifies the firmware versions for all endpoints in the Cisco UCS domain.
Directly Upgrading Firmware at Endpoints Step 5 Step 6 Step 7 From the Filter drop-down list on the menu bar, choose Fabric Interconnects. On the menu bar, check the Ignore Compatibility Check check box. On the row of the Activate Firmware dialog box for the subordinate fabric interconnect, do the following: a) In the Kernel row, choose the firmware version to which you want to upgrade from the drop-down list in the Startup Version column.
Directly Upgrading Firmware at Endpoints Step 2 Step 3 Step 4 From the Filter drop-down list on the menu bar, choose Fabric Interconnects. On the menu bar, check the Ignore Compatibility Check check box. On the row of the Activate Firmware dialog box for the subordinate fabric interconnect, do the following: a) In the Kernel row, choose the firmware version to which you want to upgrade from the drop-down list in the Startup Version column.
Upgrading Firmware through Service Profiles Name Description Kernel Version drop-down list Choose the version that you want to use for the kernel. Ignore Compatibility Check check box By default, Cisco UCS makes sure that the firmware version is compatible with everything running on the server before it activates that version. Check this check box if you want Cisco UCS to activate the firmware without making sure that it is compatible first.
Upgrading Firmware through Service Profiles • FC Adapters • HBA Option ROM • Storage Controller Tip You can include more than one type of firmware in the same host firmware package. For example, a host firmware package can include both BIOS firmware and storage controller firmware or adapter firmware for two different models of adapters. However, you can only have one firmware version with the same type, vendor, and model number.
Upgrading Firmware through Service Profiles The following table describes the most common options for upgrading servers with a host or management firmware package. Service Profile Maintenance Policy Host or management firmware No maintenance package is not included in a policy service profile or an updating service profile template. OR You want to upgrade the firmware without making any changes to the existing service profile or updating service profile template.
Upgrading Firmware through Service Profiles Service Profile Maintenance Policy Upgrade Actions Host or management firmware package is included in one or more service profiles, and the service profiles are associated with one or more servers.
Upgrading Firmware through Service Profiles Service Profile Maintenance Policy Host or management firmware package is included in one or more service profiles, and the service profiles are associated with one or more servers. Configured for The following occurs when you update the changes to take effect firmware package: during a specific 1 Cisco UCS Manager asks you to confirm your maintenance window. change and advises that a user-acknowledged reboot of the servers is required.
Upgrading Firmware through Service Profiles This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Step 6 On each sub-tab, do the following for each type of firmware you want to include in the package: a) In the Select column, ensure that the check box for the appropriate lines are checked.
Upgrading Firmware through Service Profiles Manager updates the firmware according to the settings in the maintenance policies included in the service profiles. Creating a Management Firmware Package Before You Begin Ensure that the appropriate firmware has been downloaded to the fabric interconnect. Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization where you want to create the policy.
Upgrading Firmware through Service Profiles Before You Begin Ensure that the appropriate firmware has been downloaded to the fabric interconnect. Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization that includes the policy you want to update. If the system does not include multitenancy, expand the root node.
Verifying Firmware Versions on Components Step 4 Step 5 Click the service profile to which you want to add the firmware packages. In the Work pane, click the Policies tab. Step 6 Step 7 Step 8 Click the down arrows to expand the Firmware Policies section. To add a host firmware package, select the desired policy from the Host Firmware drop-down list. To add a management firmware package, select the desired policy from the Management Firmware drop-down list. Click Save Changes.
Managing the Capability Catalog Implementation-Specific Tunable Parameters • Power and thermal constraints • Slot ranges and numbering • Adapter capacities Hardware-Specific Rules • Firmware compatibility for components such as the BIOS, CIMC, RAID controller, and adapters • Diagnostics • Hardware-specific reboot User Display Strings • Part numbers, such as the CPN, PID/VID • Component descriptions • Physical layout/dimensions • OEM information Updates to the Capability Catalog Capability Catalog updates
Managing the Capability Catalog Activating a Capability Catalog Update Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All. Click the Capability Catalog node. In the Work pane, click the Catalog Update Tasks tab. Step 5 Step 6 Click Activate Catalog. In the Activate Catalog dialog box, choose the capability catalog update that you want to activate from the Version to be Activated drop-down list. Click OK.
Managing the Capability Catalog Viewing a Capability Catalog Provider Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Capability Catalog. In the Work pane, click the tab for the provider you want to view. Step 4 To view the details of a provider, do the following: a) In the table, click the row with the vendor, model, and revision of the provider you want to view.
Managing the Capability Catalog Updating the Capability Catalog from a Remote Location You cannot perform a partial update to the Capability Catalog. When you update the Capability Catalog, all components included in the catalog image are updated. A B-series server bundle includes the Capability Catalog update for that server. You do not need to download a separate Capability Catalog update. You only need to activate the Capability Catalog update.
Updating Management Extensions Step 8 Click OK. Cisco UCS Manager downloads the image and updates the Capability Catalog. You do not need to reboot any hardware components. What to Do Next Activate the Capability Catalog update. Updating the Capability Catalog from the Local File System You cannot perform a partial update to the Capability Catalog. When you update the Capability Catalog, all components included in the catalog image are updated.
Updating Management Extensions Management Extensions enable you to add support for previously unsupported servers and other hardware to Cisco UCS Manager. For example, you may need to activate a Management Extension if you want to add a new, previously unsupported server to an existing Cisco UCS domain. The Management Extension image contains the images, information, and firmware required by Cisco UCS Manager to be able to manage the new hardware.
CHAPTER 12 Configuring DNS Servers This chapter includes the following sections: • DNS Servers in Cisco UCS , page 237 • Adding a DNS Server, page 237 • Deleting a DNS Server, page 238 DNS Servers in Cisco UCS You need to specify an external DNS server for each Cisco UCS domain to use if the system requires name resolution of hostnames. For example, you cannot use a name such as www.cisco.com when you are configuring a setting on a fabric interconnect if you do not configure a DNS server.
Deleting a DNS Server Deleting a DNS Server Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 In the Admin tab, expand All > Communication Services. Click DNS Management. In the Work pane, click the General tab. Step 5 Step 6 Step 7 In the DNS Server area, right-click the DNS server you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Click Save Changes. Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 13 Configuring System-Related Policies This chapter includes the following sections: • Configuring the Chassis Discovery Policy, page 239 • Configuring the Chassis Connectivity Policy, page 243 • Configuring the Rack Server Discovery Policy, page 244 • Configuring the Aging Time for the MAC Address Table, page 245 Configuring the Chassis Discovery Policy Chassis Discovery Policy The chassis discovery policy determines how the system reacts when you add a new chassis.
Configuring the Chassis Discovery Policy cannot discover any chassis that is wired for 1 link or 2 links. Reacknowledgement of the chassis does not resolve this issue.
Configuring the Chassis Discovery Policy Number of 1-Link Chassis 2-Link Chassis 4-Link Chassis 8-Link Chassis Links Wired Discovery Discovery Discovery Discovery Policy for the Chassis Policy Policy Policy 4 links between IOM and fabric interconnects 8 links between IOM and fabric interconnects Chassis is discovered by Cisco UCS Manager and added to the Cisco UCS domain as a chassis wired with 1 link.
Configuring the Chassis Discovery Policy are grouped in a fabric port channel. If set to no group, links from the IOM to the fabric interconnect are not grouped in a fabric port channel. Once a fabric port channel is created, links can be added or removed by changing the link group preference and reacknowledging the chassis, or by enabling or disabling the chassis from the port channel.
Configuring the Chassis Connectivity Policy Step 6 Click Save Changes. What to Do Next To customize fabric port channel connectivity for a specific chassis, configure the chassis connectivity policy. Configuring the Chassis Connectivity Policy Chassis Connectivity Policy The chassis connectivity policy determines the whether a specific chassis is included in a fabric port channel after chassis discovery.
Configuring the Rack Server Discovery Policy • Port Channel—All links from an IOM to a fabric interconnect are grouped in a port channel. • Global—The chassis inherits this configuration from the chassis discovery policy. This is the default value. Step 6 Click Save Changes. Configuring the Rack Server Discovery Policy Rack Server Discovery Policy The rack server discovery policy determines how the system reacts when you add a new rack-mount server.
Configuring the Aging Time for the MAC Address Table Step 6 Click Save Changes. Configuring the Aging Time for the MAC Address Table Aging Time for the MAC Address Table To efficiently switch packets between ports, the fabric interconnect maintains a MAC address table. It dynamically builds the MAC address table by using the MAC source address from the packets received and the associated port on which the packets were learned.
Configuring the Aging Time for the MAC Address Table Step 6 Click Save Changes. Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 14 Managing Licenses This chapter includes the following sections: • Licenses, page 247 • Obtaining the Host ID for a Fabric Interconnect, page 248 • Obtaining a License, page 249 • Downloading Licenses to the Fabric Interconnect from the Local File System, page 250 • Downloading Licenses to the Fabric Interconnect from a Remote Location, page 251 • Installing a License, page 252 • Viewing the Licenses Installed on a Fabric Interconnect, page 253 • Determining the Grace Period Available for a Port
Obtaining the Host ID for a Fabric Interconnect • Cisco UCS 6296 fabric interconnect—pre-installed licenses for the first eighteen unified ports enabled in Cisco UCS Manager. Expansion modules come with eight licenses that can be used on the expansion module or the base module. Note The eight default licenses that come with a 6200 series fabric interconnect expansion module can be used to enable ports on the base module, but will travel with the expansion module if it is removed.
Obtaining a License Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Fabric Interconnects. Click the node for the fabric interconnect for which you want to obtain the host ID. In the Work pane, click the General tab. Step 5 In the Properties area, the host ID is listed in the Serial Number (SN) field. What to Do Next Obtain the required licenses from Cisco.
Downloading Licenses to the Fabric Interconnect from the Local File System Downloading Licenses to the Fabric Interconnect from the Local File System Note In a cluster setup, we recommend that you download and install licenses to both fabric interconnects in matching pairs. An individual license is only downloaded to the fabric interconnect that is used to initiate the download. Before You Begin Obtain the required licenses from Cisco. Procedure Step 1 In the Navigation pane, click the Admin tab.
Downloading Licenses to the Fabric Interconnect from a Remote Location Downloading Licenses to the Fabric Interconnect from a Remote Location Note In a cluster setup, we recommend that you download and install licenses to both fabric interconnects in matching pairs. An individual license is only downloaded to the fabric interconnect that is used to initiate the download. Before You Begin Obtain the required licenses from Cisco. Procedure Step 1 In the Navigation pane, click the Admin tab.
Installing a License Step 8 Name Description User field The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP. Password field The password for the remote server username. This field does not apply if the protocol is TFTP. Click OK. Cisco UCS Manager GUI begins downloading the license to the fabric interconnect. Step 9 (Optional) Monitor the status of the download on the Download Tasks tab.
Viewing the Licenses Installed on a Fabric Interconnect Viewing the Licenses Installed on a Fabric Interconnect Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > License Management. In the Work pane, click the Installed Licenses tab to view the following details of all licenses installed on the fabric interconnect: Name Description License File ID column The unique identifier for the license.
Viewing the Licenses Installed on a Fabric Interconnect Name Description Administrative State column The administrative state of the license. This can be one of the following: • Delete Failed—Cisco UCS could not delete the license. If this if the first time the delete failed, resubmit the delete request. If it fails a second time, contact Cisco TAC. • Delete Pending—The user has requested that Cisco UCS delete the license file from this fabric interconnect.
Determining the Grace Period Available for a Port or Feature Name Description PAK column The Product Authentication Key (PAK) associated with this license, if available. Signature column The signature key associated with the licenses of the given type. Vendor column The company that issued the license package file. Version column The version of the license package file. Determining the Grace Period Available for a Port or Feature Procedure Step 1 In the Navigation pane, click the Admin tab.
Determining the Expiry Date of a License Name Description Peer License Count Comparison The number of licenses on the peer fabric interconnect compared to this field fabric interconnect.
Uninstalling a License Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > License Management. In the Work pane, click the Installed Licenses tab. Step 4 Step 5 Step 6 Choose the license you want to uninstall from the table. Click the Clear License button. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Uninstalling a License Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 15 Managing Virtual Interfaces This chapter includes the following sections: • Virtual Interfaces, page 259 • Virtual Interface Subscription Management and Error Handling, page 259 Virtual Interfaces In a blade server environment, the number of vNICs and vHBAs configurable for a service profile is determined by adapter capability and the amount of virtual interface (VIF) namespace available on the adapter. In Cisco UCS, portions of VIF namespace are allotted in chunks called VIFs.
Virtual Interface Subscription Management and Error Handling If you change your configuration in a way that decreases the number of VIFs available to a blade, UCS Manager will display a warning and ask you if you want to proceed. This includes several scenarios, including times where adding or moving a connection decreases the number of VIFs. Cisco UCS Manager GUI Configuration Guide, Release 2.
PART III Network Configuration • Using the LAN Uplinks Manager, page 263 • Configuring VLANs, page 277 • Configuring LAN Pin Groups, page 293 • Configuring MAC Pools, page 295 • Configuring Quality of Service, page 297 • Configuring Network-Related Policies, page 307 • Configuring Upstream Disjoint Layer-2 Networks, page 321
CHAPTER 16 Using the LAN Uplinks Manager This chapter includes the following sections: • LAN Uplinks Manager, page 263 • Launching the LAN Uplinks Manager, page 264 • Changing the Ethernet Switching Mode with the LAN Uplinks Manager, page 264 • Configuring a Port with the LAN Uplinks Manager, page 264 • Configuring Server Ports, page 265 • Configuring Uplink Ethernet Ports, page 266 • Configuring Uplink Ethernet Port Channels, page 267 • Configuring LAN Pin Groups, page 270 • Configuring Named VLANs, page
Launching the LAN Uplinks Manager Some of the configuration that you can do in the LAN Uplinks Manager can also be done in nodes on other tabs, such as the Equipment tab or the LAN tab. Launching the LAN Uplinks Manager Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 On the LAN tab, click the LAN node. In the Work pane, click the LAN Uplinks Manager link on the LAN Uplinks tab. The LAN Uplinks Manager opens in a separate window.
Configuring Server Ports Procedure Step 1 Step 2 Step 3 Step 4 In the LAN Uplinks Manager, click the LAN Uplinks tab. In the Ports area, click the down arrows to expand the Unconfigured Ports section. Expand Fabric Interconnects > Fabric_Interconnect_Name . Expand one of the following: • Fixed Module—To configure a port in the fixed module as a server port or an uplink Ethernet port. • Expansion Module Number —To enable a port in an expansion module as an uplink Ethernet port.
Configuring Uplink Ethernet Ports Disabling a Server Port with the LAN Uplinks Manager Procedure Step 1 Step 2 Step 3 Step 4 Step 5 In the LAN Uplinks Manager, click the LAN Uplinks tab. In the Ports area, click the down arrows to expand the Server Ports section. Expand Fabric Interconnects > Fabric_Interconnect_Name . Right-click the port that you want to disable and choose Disable. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring Uplink Ethernet Port Channels Disabling an Uplink Ethernet Port with the LAN Uplinks Manager Procedure Step 1 Step 2 Step 3 Step 4 In the LAN Uplinks Manager, click the LAN Uplinks tab. In the Port Channels and Uplinks area, expand Interfaces > Fabric Interconnects > Fabric_Interconnect_Name . Right-click the port that you want to disable and choose Disable Interfaces. You can select multiple ports if you want to disable more than one uplink Ethernet port.
Configuring Uplink Ethernet Port Channels • Fabric Interconnect B Step 4 In the Set Port Channel Name page of the Create Port Channel wizard, do the following: a) Complete the following fields: Name Description ID field The identifier for the port channel. Enter an integer between 1 and 256. This ID cannot be changed after the port channel has been saved. Name field A user-defined name for the port channel. This name can be between 1 and 16 alphanumeric characters.
Configuring Uplink Ethernet Port Channels Disabling a Port Channel with the LAN Uplinks Manager Procedure Step 1 Step 2 Step 3 Step 4 In the LAN Uplinks Manager, click the LAN Uplinks tab. In the Port Channels and Uplinks area, expand Port Channels > Fabric Interconnects > Fabric_Interconnect_Name. Right-click the port channel that you want to disable and choose Disable Port Channel. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring LAN Pin Groups Removing Ports from a Port Channel with the LAN Uplinks Manager Procedure Step 1 Step 2 Step 3 Step 4 Step 5 In the LAN Uplinks Manager, click the LAN Uplinks tab. In the Port Channels and Uplinks area, expand Port Channels > Fabric Interconnects > Fabric_Interconnect_Name. Expand the port channel from which you want to remove ports. Right-click the port you want to remove from the port channel and choose Delete.
Configuring Named VLANs Procedure Step 1 Step 2 Step 3 In the LAN Uplinks Manager, click the LAN Uplinks tab. In the Port Channels and Uplinks area, click Create Pin Group. In the Create LAN Pin Group dialog box, enter a unique name and description for the pin group. Step 4 To pin traffic for fabric interconnect A, do the following in the Targets area: a) Check the Fabric Interconnect A check box.
Configuring Named VLANs Important You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved. VLANs in the LAN cloud and FCoE VLANs in the SAN cloud must have different IDs. Using the same ID for a VLAN and an FCoE VLAN in a VSAN results in a critical fault and traffic disruption for all vNICs and uplink ports using that VLAN. Ethernet traffic is dropped on any VLAN which has an ID that overlaps with an FCoE VLAN ID.
Configuring Named VLANs Name Description VLAN IDs field To create one VLAN, enter a single numeric ID. To create multiple VLANs, enter individual IDs or ranges of IDs separated by commas. A VLAN ID can: • Be between 1 and 3967 • Be between 4048 and 4093 • Overlap with other VLAN IDs already defined on the system For example, to create six VLANs with the IDs 4, 22, 40, 41, 42, and 43, you would enter 4, 22, 40-43. Important You cannot create VLANs with IDs from 3968 to 4047.
Configuring QoS System Classes with the LAN Uplinks Manager Deleting a Named VLAN with the LAN Uplinks Manager If Cisco UCS Manager includes a named VLAN with the same VLAN ID as the one you delete, the VLAN is not removed from the fabric interconnect configuration until all named VLANs with that ID are deleted. Procedure Step 1 Step 2 In the LAN Uplinks Manager, click the VLANs tab.
Configuring QoS System Classes with the LAN Uplinks Manager Name Description Enabled check box If checked, the associated QoS class is configured on the fabric interconnect and can be assigned to a QoS policy. If unchecked, the class is not configured on the fabric interconnect and any QoS policies associated with this class default to Best Effort or, if a system class is configured with a Cos of 0, to the Cos 0 system class. Note CoS field The class of service.
Configuring QoS System Classes with the LAN Uplinks Manager Name Description MTU drop-down list The maximum transmission unit for the channel. This can be one of the following: • An integer between 1500 and 9216. This value corresponds to the maximum packet size. • fc—A predefined packet size of 2240. • normal—A predefined packet size of 1500. Note Multicast Optimized check box If checked, the class is optimized to send packets to multiple destinations simultaneously.
CHAPTER 17 Configuring VLANs This chapter includes the following sections: • Named VLANs, page 277 • Private VLANs, page 278 • VLAN Port Limitations, page 279 • Configuring Named VLANs, page 280 • Configuring Private VLANs, page 285 • Viewing the VLAN Port Count, page 291 Named VLANs A named VLAN creates a connection to a specific external LAN. The VLAN isolates traffic to that external LAN, including broadcast traffic.
Private VLANs Guidelines for VLAN IDs Important You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved. VLANs in the LAN cloud and FCoE VLANs in the SAN cloud must have different IDs. Using the same ID for a VLAN and an FCoE VLAN in a VSAN results in a critical fault and traffic disruption for all vNICs and uplink ports using that VLAN. Ethernet traffic is dropped on any VLAN which has an ID that overlaps with an FCoE VLAN ID. VLAN 4048 is user-configurable.
VLAN Port Limitations • VIFs on VNTAG adapters can have only one isolated VLAN. Guidelines for VLAN IDs Important You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved. VLANs in the LAN cloud and FCoE VLANs in the SAN cloud must have different IDs. Using the same ID for a VLAN and an FCoE VLAN in a VSAN results in a critical fault and traffic disruption for all vNICs and uplink ports using that VLAN.
Configuring Named VLANs • Configuring and unconfiguring border ports and border port channels • Adding or removing VLANs from a cloud • Configuring or unconfiguring SAN or NAS ports • Associating or disassociating service profiles that contain configuration changes • Configuring or unconfiguring VLANs under vNICs or vHBAs • Upon receiving creation or deleting notifications from a VMWare vNIC, from an ESX hypervisor Note This is outside the control of Cisco UCS Manager • Fabric interconnect reboot • Cisc
Configuring Named VLANs Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 On the LAN tab, click the LAN node. In the Work pane, click the VLANs tab. Step 4 On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it. Step 5 In the Create VLANs dialog box, complete the following fields: Name Description VLAN Name/Prefix field For a single VLAN, this is the VLAN name.
Configuring Named VLANs Name Description VLAN IDs field To create one VLAN, enter a single numeric ID. To create multiple VLANs, enter individual IDs or ranges of IDs separated by commas. A VLAN ID can: • Be between 1 and 3967 • Be between 4048 and 4093 • Overlap with other VLAN IDs already defined on the system For example, to create six VLANs with the IDs 4, 22, 40, 41, 42, and 43, you would enter 4, 22, 40-43. Important You cannot create VLANs with IDs from 3968 to 4047.
Configuring Named VLANs Name Description Fabric ID column This can be one of the following: •A •B • Dual—The component is accessible to either fabric interconnect. This setting applies to virtual LAN and SAN networks created at the system level as opposed to the fabric interconnect level. Name column The name of the VLAN. VLAN column The numeric id for the VLAN. DN column The full path to the VLAN. Click the link in this column to view the properties for the VLAN.
Configuring Named VLANs • The LAN Cloud > VLANs node for a VLAN accessible to both fabric interconnects. • The Fabric_Interconnect_Name > VLANs node for a VLAN accessible to only one fabric interconnect. Deleting a Named VLAN If Cisco UCS Manager includes a named VLAN with the same VLAN ID as the one you delete, the VLAN is not removed from the fabric interconnect configuration until all named VLANs with that ID are deleted.
Configuring Private VLANs Configuring Private VLANs Creating a Primary VLAN for a Private VLAN In a Cisco UCS domain that is configured for high availability, you can create a primary VLAN that is accessible to both fabric interconnects or to only one fabric interconnect. Important You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved. VLANs in the LAN cloud and FCoE VLANs in the SAN cloud must have different IDs.
Configuring Private VLANs Name Description Configuration options You can choose one of the following: • Common/Global—The VLANs apply to both fabrics and use the same configuration parameters in both cases • Fabric A—The VLANs only apply to fabric A. • Fabric B—The VLAN only apply to fabric B. • Both Fabrics Configured Differently—The VLANs apply to both fabrics but you can specify different VLAN IDs for each fabric.
Configuring Private VLANs Step 6 Name Description Check Overlap button Click this button to determine whether the VLAN ID overlaps with any other IDs on the system. If you clicked the Check Overlap button, do the following: a) Click the Overlapping VLANs tab and review the following fields to verify that the VLAN ID does not overlap with any IDs assigned to existing VLANs.
Configuring Private VLANs Name Description DN column The full path to the VSAN. Click the link in this column to view the properties for the VSAN. c) Click OK. d) If Cisco UCS Manager identified any overlapping VLAN IDs or FCoE VLAN IDs, change the VLAN ID to one that does not overlap with an existing VLAN. Step 7 Click OK. Cisco UCS Manager adds the primary VLAN to one of the following VLANs nodes: • The LAN Cloud > VLANs node for a primary VLAN accessible to both fabric interconnects.
Configuring Private VLANs Name Description VLAN Name/Prefix field For a single VLAN, this is the VLAN name. For a range of VLANs, this is the prefix that the system uses for each VLAN name. The VLAN name is case sensitive. This name can be between 1 and 32 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved.
Configuring Private VLANs Name Description Sharing Type field Whether this VLAN is subdivided into private or secondary VLANs. This can be one of the following: • None—This VLAN does not have any secondary or private VLANs. • Primary—This VLAN can have one or more secondary VLANs, as shown in the Secondary VLANs area. • Isolated—This is a private VLAN. The primary VLAN with which it is associated is shown in the Primary VLAN drop-down list.
Viewing the VLAN Port Count Name Description Fabric ID column This can be one of the following: •A •B • Dual—The component is accessible to either fabric interconnect. This setting applies to virtual LAN and SAN networks created at the system level as opposed to the fabric interconnect level. Name column The name of the VSAN. ID column The numeric id for the VSAN. FCoE VLAN ID column The unique identifier assigned to the VLAN used for Fibre Channel connections.
Viewing the VLAN Port Count Name Description VLAN Port Limit field The maximum number of VLAN ports allowed on this fabric interconnect. Access VLAN Port Count field The number of available VLAN access ports. Border VLAN Port Count field The number of available VLAN border ports. Allocation Status field The VLAN port allocation status. Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 18 Configuring LAN Pin Groups This chapter includes the following sections: • LAN Pin Groups, page 293 • Creating a LAN Pin Group, page 293 • Deleting a LAN Pin Group, page 294 LAN Pin Groups Cisco UCS uses LAN pin groups to pin Ethernet traffic from a vNIC on a server to an uplink Ethernet port or port channel on the fabric interconnect. You can use this pinning to manage the distribution of traffic from the servers.
Deleting a LAN Pin Group Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 On the LAN tab, expand LAN > LAN Cloud. Right-click LAN Pin Groups and select Create LAN Pin Group. In the Create LAN Pin Group dialog box, enter a unique name and description for the pin group. Step 5 To pin traffic for fabric interconnect A, do the following in the Targets area: a) Check the Fabric Interconnect A check box.
CHAPTER 19 Configuring MAC Pools This chapter includes the following sections: • MAC Pools, page 295 • Creating a MAC Pool, page 295 • Deleting a MAC Pool, page 296 MAC Pools A MAC pool is a collection of network identities, or MAC addresses, that are unique in their layer 2 environment and are available to be assigned to vNICs on a server. If you use MAC pools in service profiles, you do not have to manually configure the MAC addresses to be used by the server associated with the service profile.
Deleting a MAC Pool Step 4 Step 5 Right-click MAC Pools and select Create MAC Pool. In the first page of the Create MAC Pool wizard: a) Enter a unique name and description for the MAC Pool. b) Click Next. Step 6 In the second page of the Create MAC Pool wizard: a) Click Add. b) In the Create a Block of MAC Addresses page, enter the first MAC address in the pool and the number of MAC addresses to include in the pool. c) Click OK. d) Click Finish. What to Do Next Include the MAC pool in a vNIC template.
CHAPTER 20 Configuring Quality of Service This chapter includes the following sections: • Quality of Service, page 297 • Configuring System Classes, page 297 • Configuring Quality of Service Policies, page 301 • Configuring Flow Control Policies, page 304 Quality of Service Cisco UCS provides the following methods to implement quality of service: • System classes that specify the global configuration for certain types of traffic across the entire system • QoS policies that assign system classes for indiv
Configuring System Classes Table 10: System Classes System Class Description Platinum A configurable set of system classes that you can include in the QoS policy for a service profile. Each system class manages one lane of traffic. Gold Silver All properties of these system classes are available for you to assign custom settings and policies. Bronze Best Effort A system class that sets the quality of service for the lane reserved for Basic Ethernet traffic.
Configuring System Classes Name Description Enabled check box If checked, the associated QoS class is configured on the fabric interconnect and can be assigned to a QoS policy. If unchecked, the class is not configured on the fabric interconnect and any QoS policies associated with this class default to Best Effort or, if a system class is configured with a Cos of 0, to the Cos 0 system class. Note CoS field The class of service.
Configuring System Classes Name Description MTU drop-down list The maximum transmission unit for the channel. This can be one of the following: • An integer between 1500 and 9216. This value corresponds to the maximum packet size. • fc—A predefined packet size of 2240. • normal—A predefined packet size of 1500. Note Multicast Optimized check box If checked, the class is optimized to send packets to multiple destinations simultaneously. Note Step 6 This field is always set to fc for Fibre Channel.
Configuring Quality of Service Policies Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 In the LAN tab, expand LAN > LAN Cloud. Select the QoS System Class node. In the Work pane, click the General tab. Step 5 Step 6 Uncheck the Enabled check box for the QoS system that you want to disable. Click Save Changes.
Configuring Quality of Service Policies Name Description Priority drop-down list The priority assigned to this QoS definition. This can be one of the following: • Fc—Use this priority for QoS policies that control vHBA traffic only. • Platinum—Use this priority for QoS policies that control vNIC traffic only. • Gold—Use this priority for QoS policies that control vNIC traffic only. • Silver—Use this priority for QoS policies that control vNIC traffic only.
Configuring Quality of Service Policies Name Description Host Control field Whether Cisco UCS controls the class of service (CoS). This can be one of the following: • None—Cisco UCS uses the CoS value associated with the priority selected in the Priority drop-down list regardless of the CoS value assigned by the host. • Full—If the packet has a valid CoS value assigned by the host, Cisco UCS uses that value.
Configuring Flow Control Policies Configuring Flow Control Policies Flow Control Policy Flow control policies determine whether the uplink Ethernet ports in a Cisco UCS domain send and receive IEEE 802.3x pause frames when the receive buffer for a port fills. These pause frames request that the transmitting port stop sending data for a few milliseconds until the buffer clears.
Configuring Flow Control Policies Name Description Priority field This can be one of the following: • Auto—Cisco UCS and the network negotiate whether PPP is used on this fabric interconnect • On—PPP is enabled on this fabric interconnect Receive field This can be one of the following: • Off—Pause requests from the network are ignored and traffic flow continues as normal • On—Pause requests are honored and all traffic is halted on that uplink port until the network cancels the pause request Send fiel
Configuring Flow Control Policies Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 21 Configuring Network-Related Policies This chapter includes the following sections: • Configuring vNIC Templates, page 307 • Configuring Ethernet Adapter Policies, page 312 • Configuring Network Control Policies, page 317 Configuring vNIC Templates vNIC Template This policy defines how a vNIC on a server connects to the LAN. This policy is also referred to as a vNIC LAN connectivity policy. Beginning in Cisco UCS, Release 2.
Configuring vNIC Templates • Named VLAN • MAC pool • QoS policy • LAN pin group • Statistics threshold policy Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 On the LAN tab, expand LAN > Policies. Expand the node for the organization where you want to create the policy. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click the vNIC Templates node and choose Create vNIC Template.
Configuring vNIC Templates Name Description Fabric ID field The fabric interconnect associated with the component. If you want vNICs created from this template to be able to access the second fabric interconnect if the default one is unavailable, check the Enable Failover check box. Note Do not enable vNIC fabric failover under the following circumstances: • If the Cisco UCS domain is running in Ethernet Switch Mode. vNIC fabric failover is not supported in that mode.
Configuring vNIC Templates b) In the VLANs area, use the table to select the VLAN to assign to vNICs created from this template. The table contains the following columns: Name Description Select column Check the check box in this column for each VLAN that you want to use. Name column The name of the VLAN. Native VLAN column To designate one of the VLANs as the native VLAN, click the radio button in this column. Create VLAN link Click this link if you want to create a VLAN.
Configuring vNIC Templates What to Do Next Include the vNIC template in a service profile. Deleting a vNIC Template Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 On the LAN tab, expand LAN > Policies > Organization_Name. Expand the vNIC Templates node. Right-click the policy you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring Ethernet Adapter Policies b) Click OK. Step 9 In the warning dialog box, click Yes to acknowledge that Cisco UCS Manager may need to reboot the server if the binding causes the vNIC to be reconfigured. Unbinding a vNIC from a vNIC Template Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Step 4 Step 5 Step 6 Expand Service_Profile_Name > vNICs. Click the vNIC you want to unbind from a template.
Configuring Ethernet Adapter Policies Note For Fibre Channel adapter policies, the values displayed by Cisco UCS Manager may not match those displayed by applications such as QLogic SANsurfer. For example, the following values may result in an apparent mismatch between SANsurfer and Cisco UCS Manager: • Max LUNs Per Target—SANsurfer has a maximum of 256 LUNs and does not display more than that number. Cisco UCS Manager supports a higher maximum number of LUNs.
Configuring Ethernet Adapter Policies Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization where you want to create the policy. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click Adapter Policies and choose Create Ethernet Adapter Policy.
Configuring Ethernet Adapter Policies Name Description Interrupts field The number of interrupt resources to allocate. In general, this value should be equal to the number of completion queue resources. Enter an integer between 1 and 514. Step 7 (Optional) In the Options area, adjust the following values: Name Description Transmit Checksum Offload field This can be one of the following: • Disabled—The CPU calculates all packet checksums.
Configuring Ethernet Adapter Policies Name Description Receive Side Scaling field RSS distributes network receive processing across multiple CPUs in multiprocessor systems. This can be one of the following: • Disabled—Network receive processing is always handled by a single processor even if additional processors are available. • Enabled—Network receive processing is shared across processors whenever possible.
Configuring Network Control Policies Deleting an Ethernet Adapter Policy Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 On the LAN tab, expand LAN > Policies > Organization_Name. Expand the Adapter Policies node. Right-click the Ethernet adapter policy that you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring Network Control Policies Note Cisco UCS Manager, release 1.4(2) and earlier did not enforce the Action on Uplink Fail property for those types of non-VM-FEX capable converged network adapters mentioned above. If the Action on Uplink Fail property was set to link-down, Cisco UCS Manager would ignore this setting and instead issue a warning. In the current version of Cisco UCS Manager this setting is enforced.
Configuring Network Control Policies Name Description CDP field This option determines whether Cisco Discovery Protocol (CDP) is enabled on servers associated with a service profile that includes this policy. This can be one of the following: • Disabled • Enabled MAC Register Mode field Whether adapter-registered MAC addresses are added only to the native VLAN associated with the interface or added to all VLANs associated with the interface.
Configuring Network Control Policies Step 6 In the MAC Security area, do the following to determine whether the server can use different MAC addresses when sending packets to the fabric interconnect: a) Click the Expand icon to expand the area and display the radio buttons.
CHAPTER 22 Configuring Upstream Disjoint Layer-2 Networks This chapter includes the following sections: • Upstream Disjoint Layer-2 Networks, page 321 • Guidelines for Configuring Upstream Disjoint L2 Networks, page 322 • Pinning Considerations for Upstream Disjoint L2 Networks, page 323 • Configuring Cisco UCS for Upstream Disjoint L2 Networks, page 324 • Creating a VLAN for an Upstream Disjoint L2 Network, page 325 • Assigning Ports and Port Channels to VLANs, page 327 • Removing Ports and Port Channels
Guidelines for Configuring Upstream Disjoint L2 Networks that is specifically assigned to that VLAN, and is selectively excluded from all other uplink ports and port channels. However, traffic for VLANs that are not specifically assigned to an uplink Ethernet port or port channel can still travel on all uplink ports or port channels, including those that carry traffic for the disjoint L2 networks. In Cisco UCS, the VLAN represents the upstream disjoint L2 network.
Pinning Considerations for Upstream Disjoint L2 Networks Appliance Port Must Be Configured with the Same VLAN as Uplink Ethernet Port or Port Channel For an appliance port to communicate with a disjoint L2 network, you must ensure that at least one uplink Ethernet port or port channel is in the same network and is therefore assigned to the same VLANs that are used by the appliance port.
Configuring Cisco UCS for Upstream Disjoint L2 Networks • Drops the traffic for all of the VLANs on the vNIC. • Raises the following faults: ◦ Link Down ◦ VIF Down Cisco UCS Manager does not raise a fault or warning about the VLAN configuration. For example, a vNIC on a server is configured with VLANs 101, 102, and 103. Interface 1/3 is assigned only to VLAN 102. Interfaces 1/1 and 1/2 are not explicitly assigned to a VLAN, which makes them available for traffic on VLANs 101 and 103.
Creating a VLAN for an Upstream Disjoint L2 Network Procedure Command or Action Step 1 Purpose Configure Ethernet switching mode for both The Ethernet switching mode must be in End-Host fabric interconnects in Ethernet End-Host Mode for Cisco UCS to be able to communicate with Mode. upstream disjoint L2 networks. See Configuring Ethernet Switching Mode. Step 2 Configure the ports and port channels that See Configuring Ports and Port Channels, on page you require to carry traffic for the disjoint 77.
Creating a VLAN for an Upstream Disjoint L2 Network The LAN Uplinks Manager opens in a separate window. Step 4 Step 5 In the LAN Uplinks Manager, click VLANs > VLAN Manager. On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it. Step 6 In the Create VLANs dialog box, complete the following fields and then click OK: Name Description VLAN Name/Prefix field For a single VLAN, this is the VLAN name.
Assigning Ports and Port Channels to VLANs Name Description Sharing Type field Whether this VLAN is subdivided into private or secondary VLANs. This can be one of the following: • None—This VLAN does not have any secondary or private VLANs. • Primary—This VLAN can have one or more secondary VLANs, as shown in the Secondary VLANs area. • Isolated—This is a private VLAN. The primary VLAN with which it is associated is shown in the Primary VLAN drop-down list.
Removing Ports and Port Channels from VLANs Step 6 Subtab Description Fabric B Displays the ports, port channels, and VLANs that are accessible to fabric interconnect B. In the Ports and Port Channels table, do the following: • To assign an Uplink Ethernet port channel to a VLAN, expand the Port Channels node and click the port channel you want to assign to the VLAN.
Viewing Ports and Port Channels Assigned to VLANs Step 6 Step 7 Subtab Description Fabric A Displays the ports, port channels, and VLANs that are accessible to fabric interconnect A. Fabric B Displays the ports, port channels, and VLANs that are accessible to fabric interconnect B. In the VLANs table, expand the appropriate node and the VLAN from which you want to remove a port or port channel. Click the port or port channel that you want to remove from the VLAN.
Viewing Ports and Port Channels Assigned to VLANs Cisco UCS Manager GUI Configuration Guide, Release 2.
PART IV Storage Configuration • Configuring Named VSANs, page 333 • Configuring SAN Pin Groups, page 343 • Configuring WWN Pools, page 345 • Configuring Storage-Related Policies, page 355
CHAPTER 23 Configuring Named VSANs This chapter includes the following sections: • Named VSANs, page 333 • Fibre Channel Uplink Trunking for Named VSANs, page 334 • Guidelines and Recommendations for VSANs, page 334 • Creating a Named VSAN, page 335 • Creating a Storage VSAN, page 337 • Deleting a VSAN, page 339 • Changing the VLAN ID for the FCoE VLAN for a Storage VSAN, page 340 • Enabling Fibre Channel Uplink Trunking, page 341 • Disabling Fibre Channel Uplink Trunking, page 341 Named VSANs A named VS
Fibre Channel Uplink Trunking for Named VSANs For FIP capable, converged network adapters, such as the Cisco UCS CNA M72KR-Q and the Cisco UCS CNA M72KR-E, the named VSAN must be configured with a named VLAN that is not the native VLAN for the FCoE VLAN ID. This configuration ensures that FCoE traffic can pass through these adapters.
Creating a Named VSAN 1 Renders all VSANs with an ID in the range from 3840 to 4079 non-operational. 2 Raises a fault against the non-operational VSANs. 3 Transfers all non-operational VSANs to the default VSAN. 4 Transfers all vHBAs associated with the non-operational VSANs to the default VSAN.
Creating a Named VSAN Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 On the SAN tab, expand SAN > SAN Cloud. In the Work pane, click the VSANs tab. Step 4 On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it. Step 5 In the Create VSAN dialog box, complete the following fields: Name Description Name field The name assigned to the network. This name can be between 1 and 32 alphanumeric characters.
Creating a Storage VSAN Name Description VSAN ID field The unique identifier assigned to the network. The ID can be between 1 and 4078, or between 4080 and 4093. 4079 is a reserved VSAN ID. In addition, if you plan to use FC end-host mode, the range between 3840 to 4079 is also a reserved VSAN ID range. FCoE VLAN field The unique identifier assigned to the VLAN used for Fibre Channel connections. • After an upgrade to Cisco UCS, release 2.0: The FCoE storage port native VLAN uses VLAN 4048 by default.
Creating a Storage VSAN Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 On the SAN tab, expand SAN > Storage Cloud. In the Work pane, click the VSANs tab. Step 4 On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it. Step 5 In the Create VSAN dialog box, complete the following fields: Name Description Name field The name assigned to the network. This name can be between 1 and 32 alphanumeric characters.
Deleting a VSAN Name Description VSAN ID field The unique identifier assigned to the network. The ID can be between 1 and 4078, or between 4080 and 4093. 4079 is a reserved VSAN ID. In addition, if you plan to use FC end-host mode, the range between 3840 to 4079 is also a reserved VSAN ID range. FCoE VLAN field The unique identifier assigned to the VLAN used for Fibre Channel connections. • After an upgrade to Cisco UCS, release 2.0: The FCoE storage port native VLAN uses VLAN 4048 by default.
Changing the VLAN ID for the FCoE VLAN for a Storage VSAN Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 In the SAN tab, click the SAN node. In the Work pane, click the VSANs tab. Step 4 Click one of the following subtabs, depending upon what type of VSAN you want to delete: Subtab Description All Displays all VSANs in the Cisco UCS domain. Dual Mode Displays the VSANs that are accessible to both fabric interconnects.
Enabling Fibre Channel Uplink Trunking • After a fresh install of Cisco UCS, release 2.0: The FCoE VLAN for the default VSAN uses VLAN 4048 by default. The FCoE storage port native VLAN uses VLAN 4049. Step 6 Click Save Changes. Enabling Fibre Channel Uplink Trunking Note If the fabric interconnects are configured for Fibre Channel end-host mode, enabling Fibre Channel uplink trunking renders all VSANs with an ID in the range from 3840 to 4079 non-operational.
Disabling Fibre Channel Uplink Trunking Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 24 Configuring SAN Pin Groups This chapter includes the following sections: • SAN Pin Groups, page 343 • Creating a SAN Pin Group, page 343 • Deleting a SAN Pin Group, page 344 SAN Pin Groups Cisco UCS uses SAN pin groups to pin Fibre Channel traffic from a vHBA on a server to an uplink Fibre Channel port on the fabric interconnect. You can use this pinning to manage the distribution of traffic from the servers. Note In Fibre Channel switch mode, SAN pin groups are irrelevant.
Deleting a SAN Pin Group Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 Step 5 In the SAN tab, expand SAN > SAN Cloud. Right-click SAN Pin Groups and select Create SAN Pin Group. Enter a unique name and description for the pin group. To pin traffic for fabric interconnect A, do the following in the Targets area: a) Check the Fabric A check box.
CHAPTER 25 Configuring WWN Pools This chapter includes the following sections: • WWN Pools, page 345 • Configuring WWNN Pools, page 346 • Configuring WWPN Pools, page 350 WWN Pools A WWN pool is a collection of WWNs for use by the Fibre Channel vHBAs in a Cisco UCS domain.
Configuring WWNN Pools WWPN Pools A WWPN pool is a WWN pool that contains only WW port names. If you include a pool of WWPNs in a service profile, the port on each vHBA of the associated server is assigned a WWPN from that pool. Configuring WWNN Pools Creating a WWNN Pool Important A WWN pool can include only WWNNs or WWPNs in the ranges from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. All other WWN ranges are reserved.
Configuring WWNN Pools Adding a WWN Block to a WWNN Pool Important A WWN pool can include only WWNNs or WWPNs in the ranges from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. All other WWN ranges are reserved.
Configuring WWNN Pools Adding a WWNN Initiator to a WWNN Pool Important A WWN pool can include only WWNNs or WWPNs in the ranges from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. All other WWN ranges are reserved.
Configuring WWNN Pools Deleting a WWNN Initiator from a WWNN Pool Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 Step 5 In the SAN tab, expand SAN > Pools > Organization_Name . Expand the WWPN Pools node. Choose the WWNN pool from which you want to delete a WWNN initiator. In the Work pane, click the Initiators tab. Step 6 Step 7 Right-click the initiator that you want to delete and choose Delete.
Configuring WWPN Pools Configuring WWPN Pools Creating a WWPN Pool Important A WWN pool can include only WWNNs or WWPNs in the ranges from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. All other WWN ranges are reserved.
Configuring WWPN Pools Adding a WWN Block to a WWPN Pool Important A WWN pool can include only WWNNs or WWPNs in the ranges from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. All other WWN ranges are reserved.
Configuring WWPN Pools Adding a WWPN Initiator to a WWPN Pool Important A WWN pool can include only WWNNs or WWPNs in the ranges from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. All other WWN ranges are reserved.
Configuring WWPN Pools Deleting a WWPN Initiator from a WWPN Pool Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 Step 5 In the SAN tab, expand SAN > Pools > Organization_Name . Expand the WWPN Pools node. Choose the WWPN pool from which you want to delete a WWPN initiator. In the Work pane, click the Initiators tab. Step 6 Step 7 Right-click the initiator that you want to delete and choose Delete.
Configuring WWPN Pools Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 26 Configuring Storage-Related Policies This chapter includes the following sections: • Configuring vHBA Templates, page 355 • Configuring Fibre Channel Adapter Policies, page 358 Configuring vHBA Templates vHBA Template This template is a policy that defines how a vHBA on a server connects to the SAN. It is also referred to as a vHBA SAN connectivity template. You need to include this policy in a service profile for it to take effect.
Configuring vHBA Templates If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click the vHBA Templates node and choose Create vHBA Template. In the Create vHBA Template dialog box, complete the following fields: Name Description Name field The name of the virtual HBA template. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and .
Configuring vHBA Templates Step 6 Click OK. What to Do Next Include the vHBA template in a service profile. Deleting a vHBA Template Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 Step 5 On the SAN tab, expand SAN > Policies > Organization_Name. Expand the vHBA Templates node. Right-click the vHBA template that you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring Fibre Channel Adapter Policies a) From the vHBA Template drop-down list, choose the template to which you want to bind the vHBA. b) Click OK. Step 9 In the warning dialog box, click Yes to acknowledge that Cisco UCS Manager may need to reboot the server if the binding causes the vHBA to be reconfigured. Unbinding a vHBA from a vHBA Template Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles.
Configuring Fibre Channel Adapter Policies Note For Fibre Channel adapter policies, the values displayed by Cisco UCS Manager may not match those displayed by applications such as QLogic SANsurfer. For example, the following values may result in an apparent mismatch between SANsurfer and Cisco UCS Manager: • Max LUNs Per Target—SANsurfer has a maximum of 256 LUNs and does not display more than that number. Cisco UCS Manager supports a higher maximum number of LUNs.
Configuring Fibre Channel Adapter Policies Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization where you want to create the policy. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click Fibre Channel Policies and choose Create Fibre Channel Adapter Policy.
Configuring Fibre Channel Adapter Policies Name Description SCSI I/O Queues field The number of SCSI IO queue resources the system should allocate. Enter an integer between 1 and 8. The default is 1. Note Ring Size field At this time, the Cisco UCS M81KR Virtual Interface Card adapter supports only one SCSI I/O queue. The number of descriptors in each SCSI I/O queue. Enter an integer between 64 and 512. The default is 512.
Configuring Fibre Channel Adapter Policies Name Description Plogi Retries field The number of times that the system tries to log into a port after the first failure. Enter an integer between 0 and 255. The default is 8. We recommend you consult your storage array documentation for the optimal value for this parameter. Note Plogi Timeout field This parameter only applies to a server with a VIC adapter. The number of milliseconds that the system waits before it tries to log in again.
Configuring Fibre Channel Adapter Policies Name Description Link Down Timeout field The number of milliseconds the uplink port should be offline before it informs the system that the uplink port is down and fabric connectivity has been lost. Enter an integer between 0 and 240000. The default is 30,000. We recommend you consult your storage array documentation for the optimal value for this parameter.
Configuring Fibre Channel Adapter Policies Name Description Interrupt Mode field The method used to send interrupts to the operating system from the driver. This can be one of the following: • MSI-X—Message Signaled Interrupts (MSI) with the optional extension. We recommend that you select this option if the operating system on the server supports it. • MSI—MSI only. • INTx—PCI INTx interrupts.
PART V Server Configuration • Configuring Server-Related Pools, page 367 • Setting the Management IP Address, page 373 • Configuring Server-Related Policies, page 381 • Configuring Server Boot, page 439 • Deferring Deployment of Service Profile Updates, page 469 • Configuring Service Profiles, page 487 • Managing Power in Cisco UCS, page 563
CHAPTER 27 Configuring Server-Related Pools This chapter includes the following sections: • Configuring Server Pools, page 367 • Configuring UUID Suffix Pools, page 369 Configuring Server Pools Server Pools A server pool contains a set of servers. These servers typically share the same characteristics. Those characteristics can be their location in the chassis, or an attribute such as server type, amount of memory, local storage, type of CPU, or local drive configuration.
Configuring Server Pools Step 4 Step 5 Right-click the Server Pools node and select Create Server Pool. On the Set Name and Description page of the Create Server Pool wizard, complete the following fields: Name Description Name field The name of the server pool. This name can be between 1 and 32 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved.
Configuring UUID Suffix Pools Adding Servers to a Server Pool Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 On the Servers tab, expand Servers > Pools > Organization_Name. Right-click the pool to which you want to add one or more servers and select Add Servers to Server Pool. In the Add Servers to Server Pool dialog box, do the following: a) In the Servers table, select the servers that you want to add to the server pool.
Configuring UUID Suffix Pools Creating a UUID Suffix Pool Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Pools. Expand the node for the organization where you want to create the pool. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click UUID Suffix Pools and select Create UUID Suffix Pool.
Configuring UUID Suffix Pools Deleting a UUID Suffix Pool If you delete a pool, Cisco UCS Manager does not reallocate any addresses from that pool that have been assigned to vNICs or vHBAs. All assigned addresses from a deleted pool remain with the vNIC or vHBA to which they are assigned until one of the following occurs: • The associated service profiles are deleted. • The vNIC or vHBA to which the address is assigned is deleted. • The vNIC or vHBA is assigned to a different pool.
Configuring UUID Suffix Pools Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 28 Setting the Management IP Address This chapter includes the following sections: • Management IP Address, page 373 • Configuring the Management IP Address on a Blade Server, page 374 • Configuring the Management IP Address on a Rack Server, page 375 • Setting the Management IP Address on a Service Profile, page 376 • Setting the Management IP Address on a Service Profile Template, page 377 • Configuring the Management IP Pool, page 377 Management IP Address Each server in a Cisco UCS domain mus
Configuring the Management IP Address on a Blade Server Note You cannot assign a static IP address to a server or service profile if that IP address has already been assigned to a server or service profile in the Cisco UCS domain. If you attempt to do so, Cisco UCS Manager warns you that the IP address is already in use and rejects the configuration. A management IP address that is assigned to a service profile moves with the service profile.
Configuring the Management IP Address on a Rack Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Click the server that you want to configure to use the management IP pool. In the Work pane, click the Inventory tab. Step 5 Step 6 Step 7 Step 8 Click the CIMC subtab. In the Actions area, click Use Pooled Management IP.
Setting the Management IP Address on a Service Profile Configuring a Rack Server to Use the Management IP Pool If this action is greyed out, the server is already configured to use the management IP pool. Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Rack Mounts > Servers. Click the server that you want to configure to use the management IP pool. In the Work pane, click the Inventory tab.
Setting the Management IP Address on a Service Profile Template Step 9 Field Description IP Address The static IPv4 address to be assigned to the service profile Subnet Mask The subnet mask for the IP address. Default Gateway The default gateway that the IP address should use. Click Save Changes. Setting the Management IP Address on a Service Profile Template Procedure Step 1 In the Navigation pane, click the Servers tab.
Configuring the Management IP Pool You can configure service profiles and service profile templates to use IP addresses from the management IP pool. You cannot configure servers to use the management IP pool. All IP addresses in the management IP pool must be in the same subnet as the IP address of the fabric interconnect. Note The management IP pool must not contain any IP addresses that have been assigned as static IP addresses for a server or service profile.
Configuring the Management IP Pool Deleting an IP Address Block from the Management IP Pool Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 In the Admin tab, expand All > Communication Services > Management IP Pool (ext-mgmt). Right-click the IP address block that you want to delete and select Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Cisco UCS Manager GUI Configuration Guide, Release 2.
Configuring the Management IP Pool Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 29 Configuring Server-Related Policies This chapter includes the following sections: • Configuring BIOS Settings, page 381 • Configuring IPMI Access Profiles, page 405 • Configuring Local Disk Configuration Policies, page 407 • Configuring Scrub Policies, page 413 • Configuring Serial over LAN Policies, page 415 • Configuring Server Autoconfiguration Policies, page 417 • Configuring Server Discovery Policies, page 419 • Configuring Server Inheritance Policies, page 420 • Configuring Server Pool Po
Configuring BIOS Settings Note Cisco UCS Manager pushes BIOS configuration changes through a BIOS policy or default BIOS settings to the Cisco Integrated Management Controller (CIMC) buffer. These changes remain in the buffer and do not take effect until the server is rebooted. We recommend that you verify the support for BIOS settings in the server that you want to configure. Some settings, such as Mirroring Mode and Sparing Mode for RAS Memory, are not supported by all Cisco UCS servers.
Configuring BIOS Settings Name Description Post Error Pause What happens when the server encounters a critical error during POST. This can be one of the following: • disabled—The BIOS continues to attempt to boot the server. • enabled—The BIOS pauses the attempt to boot the server and opens the Error Manager when a critical error occurs during POST. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor.
Configuring BIOS Settings Name Description ACPI10 Support Whether the BIOS publishes the ACPI 1.0 version of FADT in the Root System Description table. This version may be required for compatibility with OS versions that only support ACPI 1.0. This can be one of the following: • disabled—ACPI 1.0 version is not published. • enabled—ACPI 1.0 version is published. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor.
Configuring BIOS Settings Name Description Enhanced Intel Speedstep Whether the processor uses Enhanced Intel SpeedStep Technology, which allows the system to dynamically adjust processor voltage and core frequency. This technology can result in decreased average power consumption and decreased average heat production. This can be one of the following: • disabled—The processor never dynamically adjusts its voltage or frequency.
Configuring BIOS Settings Name Description Core Multi Processing Sets the state of logical processor cores in a package. If you disable this setting, Hyper Threading is also disabled. This can be one of the following: • all—Enables multi processing on all logical processor cores. • 1 through 10—Specifies the number of logical processor cores that can run on the server. To disable multi processing and have only one logical processor core running on the server, select 1.
Configuring BIOS Settings Name Description Direct Cache Access Allows processors to increase I/O performance by placing data from I/O devices directly into the processor cache. This setting helps to reduce cache misses. This can be one of the following: • disabled—Data from I/O devices is not placed directly into the processor cache. • enabled—Data from I/O devices is placed directly into the processor cache.
Configuring BIOS Settings Name Description Processor C3 Report Whether the processor sends the C3 report to the operating system. This can be one of the following: • disabled—The processor does not send the C3 report. • acpi-c2—The processor sends the C3 report using the ACPI C2 format. • acpi-c3—The processor sends the C3 report using the ACPI C3 format. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor.
Configuring BIOS Settings Name Description CPU Performance Sets the CPU performance profile for the server. This can be one of the following: • enterprise—All prefetchers and data reuse are disabled. • high-throughput—All prefetchers are enabled, and data reuse is disabled. • hpc—All prefetchers and data reuse are enabled. This setting is also known as high performance computing. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor.
Configuring BIOS Settings Name Description Package C State Limit The amount of power available to the server components when they are idle. This can be one of the following: • c0—The server provides all server components with full power at all times. This option maintains the highest level of performance and requires the greatest amount of power. • c1—When the CPU is idle, the system slightly reduces the power consumption.
Configuring BIOS Settings Name Description Interrupt Remap Whether the processor supports Intel VT-d Interrupt Remapping. This can be one of the following: • disabled—The processor does not support remapping. • enabled—The processor uses VT-d Interrupt Remapping as required. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor. Coherency Support Whether the processor supports Intel VT-d Coherency.
Configuring BIOS Settings RAS Memory BIOS Settings The following table lists the RAS memory BIOS settings that you can configure through a BIOS policy or the default BIOS settings: Name Description Memory RAS Config How the memory reliability, availability, and serviceability (RAS) is configured for the server. This can be one of the following: • maximum performance—System performance is optimized. • mirroring—System reliability is optimized by using half the system memory as backup.
Configuring BIOS Settings Name Description Mirroring Mode Memory mirroring enhances system reliability by keeping two identical data images in memory. This option is only available if you choose the mirroring option for Memory RAS Config. It can be one of the following: • inter-socket—Memory is mirrored between two Integrated Memory Controllers (IMCs) across CPU sockets. • intra-socket—One IMC is mirrored with another IMC in the same socket.
Configuring BIOS Settings Serial Port BIOS Settings The following table lists the serial port BIOS settings that you can configure through a BIOS policy or the default BIOS settings: Name Description Serial Port A Whether serial port A is enabled or disabled. This can be one of the following: • disabled—The serial port is disabled. • enabled—The serial port is enabled. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor.
Configuring BIOS Settings Name Description USB System Idle Power Optimizing Setting Whether the USB System Idle Power Optimizing setting is used to reduce USB EHCI idle power consumption. Depending upon the value you choose, this setting can have an impact on performance. This can be one of the following: • high-performance—The USB System Idle Power Optimizing setting is disabled, because optimal performance is preferred over power savings. Selecting this option can significantly improve performance.
Configuring BIOS Settings Name Description Max Memory Below 4G Whether the BIOS maximizes memory usage below 4GB for an operating system without PAE support, depending on the system configuration. This can be one of the following: • disabled—Does not maximize memory usage. Choose this option for all operating systems with PAE support. • enabled—Maximizes memory usage below 4GB for an operating system without PAE support.
Configuring BIOS Settings Name Description Intel Entry SAS RAID Whether the Intel SAS Entry RAID Module is enabled. This can be one of the following: • disabled—The Intel SAS Entry RAID Module is disabled. • enabled—The Intel SAS Entry RAID Module is enabled. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor. Intel Entry SAS RAID Module How the Intel SAS Entry RAID Module is configured.
Configuring BIOS Settings General Settings Name Description Assert Nmi on Serr Whether the BIOS generates a non-maskable interrupt (NMI) and logs an error when a system error (SERR) occurs. This can be one of the following: • disabled—The BIOS does not generate an NMI or log an error when a SERR occurs. • enabled—The BIOS generates an NMI and logs an error when a SERR occurs. You must enable this setting if you want to enable Assert Nmi on Perr.
Configuring BIOS Settings Name Description OS Boot Watchdog Timer Timeout Policy What action the system takes if the watchdog timer expires. This can be one of the following: • power-off—The server is powered off if the watchdog timer expires during OS boot. • reset—The server is reset if the watchdog timer expires during OS boot. • Platform Default—The BIOS uses the value for this attribute contained in the BIOS defaults for the server type and vendor.
Configuring BIOS Settings Console Redirection Settings Name Description Console Redirection Allows a serial port to be used for console redirection during POST and BIOS booting. After the BIOS has booted and the operating system is responsible for the server, console redirection is irrelevant and has no effect. This can be one of the following: • disabled—No console redirection occurs during POST. • serial-port-a—Enables serial port A for console redirection during POST.
Configuring BIOS Settings Name Description BAUD Rate What BAUD rate is used for the serial port transmission speed. If you disable Console Redirection, this option is not available. This can be one of the following: • 9600—A 9600 BAUD rate is used. • 19200—A 19200 BAUD rate is used. • 38400—A 38400 BAUD rate is used. • 57600—A 57600 BAUD rate is used. • 115200—A 115200 BAUD rate is used.
Configuring BIOS Settings BIOS Policy The BIOS policy is a policy that automates the configuration of BIOS settings for a server or group of servers. You can create global BIOS policies available to all servers in the root organization, or you can create BIOS policies in sub-organizations that are only available to that hierarchy. To use a BIOS policy, do the following: 1 Create the BIOS policy in Cisco UCS Manager. 2 Assign the BIOS policy to one or more service profiles.
Configuring BIOS Settings Creating a BIOS Policy Note Cisco UCS Manager pushes BIOS configuration changes through a BIOS policy or default BIOS settings to the Cisco Integrated Management Controller (CIMC) buffer. These changes remain in the buffer and do not take effect until the server is rebooted. We recommend that you verify the support for BIOS settings in the server that you want to configure.
Configuring BIOS Settings Modifying the BIOS Defaults We recommend that you verify the support for BIOS settings in the server that you want to configure. Some settings, such as Mirroring Mode and Sparing Mode for RAS Memory, are not supported by all Cisco UCS servers. Unless a Cisco UCS implementation has specific needs that are not met by the server-specific settings, we recommend that you use the default BIOS settings that are designed for each type of server in the Cisco UCS domain.
Configuring IPMI Access Profiles Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server for which you want to view the actual BIOS settings. On the Work pane, click the Inventory tab. Step 5 Step 6 Click the Motherboard subtab. In the BIOS Settings area, click the Expand icon to the right of the heading to open that area.
Configuring IPMI Access Profiles a) Enter a unique name and description for the profile. b) Click OK. Step 6 Step 7 In the IPMI Profile Users area of the navigator, click +. In the User Properties dialog box: a) Complete the following fields: Name Description Name field The username to associate with this IPMI profile. Enter 1 to 16 alphanumeric characters. You can also use @ (at sign), _ (underscore), and - (hyphen). You cannot change this name once the profile has been saved.
Configuring Local Disk Configuration Policies Configuring Local Disk Configuration Policies Local Disk Configuration Policy This policy configures any optional SAS local drives that have been installed on a server through the onboard RAID controller of the local drive. This policy enables you to set a local disk mode for all servers that are associated with a service profile that includes the local disk configuration policy.
Configuring Local Disk Configuration Policies Impact of Upgrade from a Release Prior to Release 1.3(1i) An upgrade from an earlier Cisco UCS firmware release to release 1.
Configuring Local Disk Configuration Policies To avoid this issue, ensure that the service profile you associate with the server contains the identical local disk configuration policy as the original service profile before the migration and does not include the Any Configuration mode.
Configuring Local Disk Configuration Policies Creating a Local Disk Configuration Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization where you want to create the policy. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click Local Disk Config Policies and choose Create Local Disk Configuration Policy.
Configuring Local Disk Configuration Policies Name Description Mode drop-down list This can be one of the following local disk policy modes: • No Local Storage—For a diskless server or a SAN only configuration. If you select this option, you cannot associate any service profile which uses this policy with a server that has a local disk. • RAID 0 Striped—Data is striped across all disks in the array, providing fast throughput. There is no data redundancy, and all data is lost if any disk fails.
Configuring Local Disk Configuration Policies Name Description Protect Configuration check box If checked, the server retains the configuration in the local disk configuration policy even if the server is disassociated from the service profile. Protect Configuration becomes non-functional if one or more disks in the server are defective or faulty. This property is checked by default.
Configuring Scrub Policies Step 8 Step 9 Option Description Create a Local Disk Policy Enables you to create a local disk configuration policy that can only be accessed by the selected service profile. No Disk Policy Does not use a local disk configuration policy for the selected service profile. Click OK. (Optional) Expand the Local Disk Configuration Policy area to confirm that the change has been made.
Configuring Scrub Policies BIOS Settings Scrub One of the following occurs to the BIOS settings when a service profile containing the scrub policy is disassociated from a server: • If enabled, erases all BIOS settings for the server and and resets them to the BIOS defaults for that server type and vendor • If disabled, preserves the existing BIOS settings on the server Creating a Scrub Policy Procedure Step 1 In the Navigation pane, click the Servers tab.
Configuring Serial over LAN Policies Step 6 Click OK. Deleting a Scrub Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 On the Servers tab, expand Servers > Policies > Organization_Name. Expand the Scrub Policies node. Right-click the policy you want to delete and select Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring Serial over LAN Policies Name Description Name field The name of the policy. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Description field A description of the policy. We recommend that you include information about where and when the policy should be used. Enter up to 256 characters.
Configuring Server Autoconfiguration Policies Configuring Server Autoconfiguration Policies Server Autoconfiguration Policy Cisco UCS Manager uses this policy to determine how to configure a new server. If you create a server autoconfiguration policy, the following occurs when a new server starts: 1 The qualification in the server autoconfiguration policy is executed against the server.
Configuring Server Autoconfiguration Policies Name Description Description field A description of the policy. We recommend that you include information about where and when the policy should be used. Enter up to 256 characters. You can use any characters or spaces except ^ (carat), \ (backslash), > (greater than), < (less than), ' (single quote), " (double quote), ` (accent mark), or = (equal sign).
Configuring Server Discovery Policies Configuring Server Discovery Policies Server Discovery Policy This discovery policy determines how the system reacts when you add a new server. If you create a server discovery policy, you can control whether the system conducts a deep discovery when a server is added to a chassis, or whether a user must first acknowledge the new server. By default, the system conducts a full discovery.
Configuring Server Inheritance Policies What to Do Next Include the server discovery policy in a service profile and/or template. Deleting a Server Discovery Policy Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Policies tab. Step 4 Step 5 Step 6 Click the Server Discovery Policies subtab. Right-click the server discover policy that you want to delete and choose Delete.
Configuring Server Inheritance Policies Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Policies tab. Step 4 Step 5 Click the Server Inheritance Policies subtab. On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it.
Configuring Server Pool Policies Configuring Server Pool Policies Server Pool Policy This policy is invoked during the server discovery process. It determines what happens if server pool policy qualifications match a server to the target pool specified in the policy. If a server qualifies for more than one pool and those pools have server pool policies, the server is added to all those pools.
Configuring Server Pool Policy Qualifications Step 6 Name Description Qualification drop-down list If you want to associate this policy with one or more specific server pools, choose the server pool qualification policy that identifies these pools from the drop-down list. Click OK. Deleting a Server Pool Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 On the Servers tab, expand Servers > Policies > Organization_Name.
Configuring Server Pool Policy Qualifications • Server model Depending upon the implementation, you may configure several policies with server pool policy qualifications including the following: • Autoconfiguration policy • Chassis discovery policy • Server discovery policy • Server inheritance policy • Server pool policy Creating Server Pool Policy Qualifications Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies.
Configuring Server Pool Policy Qualifications b) In the Chassis Qualifications area of the Create Chassis and Server Qualifications dialog box, complete the following fields to specify the range of chassis you want to use: • First Chassis ID field—The first chassis ID from which server pools associated with this policy can draw. • Number of Chassis field—The total number of chassis to include in the pool, starting with the chassis identified in the First Chassis ID field.
Configuring Server Pool Policy Qualifications Name Description Min Cap field The minimum memory capacity required, in megabytes. Max Cap field The maximum memory capacity allowed, in megabytes. Width field The minimum width of the data bus. Units field The unit of measure to associate with the value in the Width field. c) Click OK. Step 10 (Optional) To use this policy to qualify servers according to their CPU/Cores configuration, do the following: a) Click Create CPU/Cores Qualifications.
Configuring Server Pool Policy Qualifications c) Click OK. Step 11 (Optional) To use this policy to qualify servers according to their storage configuration and capacity, do the following: a) Click Create Storage Qualifications. b) In the Create Storage Qualifications dialog box, complete the following fields: Name Description Diskless field Whether the available storage must be diskless. This can be one of the following: • Unspecified—Either storage type is acceptable.
Configuring Server Pool Policy Qualifications a) Click Create Power Group Qualifications. b) In the Create Power Group Qualifications dialog box, choose a power gruup from the Power Group drop-down list. c) Click OK. Step 14 (Optional) To use this policy to qualify the rack-mount servers that can be added to the associated server pool, do the following: a) Click Create Rack Qualifications.
Configuring vNIC/vHBA Placement Policies Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 On the Servers tab, expand Servers > Policies > Organization_Name. Expand the Server Pool Policy Qualifications node. Choose the policy you want to modify. In the Work pane, choose the Qualifications tab. Step 6 To delete a set of qualifications: a) In the table, choose the row that represents the set of qualifications. b) Right-click the row and select Delete.
Configuring vNIC/vHBA Placement Policies vCon to Adapter Placement Cisco UCS Manager maps every vCon in a service profile to a physical adapter on the server. How that mapping occurs and how the vCons are assigned to a specific adapter in a server with two adapters depends upon the type of server. You must consider this placement when you configure the vNIC/vHBA placement policy to assign vNICs and vHBAs to vCons. Note vCon to adapter placement is not dependent upon the PCIE slot number of the adapter.
Configuring vNIC/vHBA Placement Policies To configure a vCon and the associated vNICs and vHBAs for explicit assignment, do the following: • Set the vCon configuration to any of the available options. You can configure the vCons through a vNIC/vHBA placement policy or in the service profile associated with the server. If a vCon is configured for All, you can still explicitly assign a vNIC or vHBA to that vCon. • Assign the vNICs and vHBAs to a vCon.
Configuring vNIC/vHBA Placement Policies Implicit Assignment of vNICs in a Mixed Adapter Environment The implicit assignment of vNICs functions differently for a server that has mixed adapters, as follows: • A dual slot server that has one VIC adapter and one non-VIC adapter, which have different capabilities. For example, a server that contains a Cisco UCS M81KR Virtual Interface Card and a Cisco UCS CNA M71KR-E adapter. • A configuration that includes both dynamic vNICs and static vNICs.
Configuring vNIC/vHBA Placement Policies dynamic vNICs and static vNICs, at least one static vNIC is assigned to the adapter that does not support dynamic vNICs. Creating a vNIC/vHBA Placement Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization where you want to create the policy. If the system does not include multitenancy, expand the root node.
Configuring vNIC/vHBA Placement Policies Deleting a vNIC/vHBA Placement Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 On the Servers tab, expand Servers > Policies > Organization_Name. Expand the vNIC/vHBA Placement Policies node. Right-click the policy you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Configuring vNIC/vHBA Placement Policies Name Description Desired Placement drop-down list The user-specified virtual network interface connection (vCon) placement for the vNIC. This can be one of the following: • Any—Allows Cisco UCS Manager to determine the vCon to which the vNIC is assigned. • 1—Explicitly assigns the vNIC to vCon1. • 2—Explicitly assigns the vNIC to vCon2. • 3—Explicitly assigns the vNIC to vCon3. • 4—Explicitly assigns the vNIC to vCon4.
Configuring vNIC/vHBA Placement Policies Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization which contains the service profile whose vHBAs you want to explicitly assign to a vCon. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Step 6 Expand Service_Profile_Name > vHBAs. Click on the vHBA that you want to explicitly assign to a vCon.
Configuring vNIC/vHBA Placement Policies Cisco UCS Manager GUI Configuration Guide, Release 2.
Configuring vNIC/vHBA Placement Policies Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 30 Configuring Server Boot This chapter includes the following sections: • Boot Policy, page 439 • Creating a Boot Policy, page 440 • SAN Boot, page 441 • iSCSI Boot, page 443 • LAN Boot, page 465 • Local Disk Boot, page 465 • Virtual Media Boot, page 466 • Deleting a Boot Policy, page 467 Boot Policy The boot policy determines the following: • Configuration of the boot device • Location from which the server boots • Order in which boot devices are invoked For example, you can choose to have asso
Creating a Boot Policy Creating a Boot Policy You can also create a local boot policy that is restricted to a service profile or service profile template. However, except for iSCSI boot, we recommend that you create a global boot policy that can be included in multiple service profiles or service profile templates. Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies.
SAN Boot • Virtual Media Boot —To boot from virtual media that mimics the insertion of a physical CD or floppy drive into a server, continue with Configuring a Virtual Media Boot for a Boot Policy, on page 466. What to Do Next Include the boot policy in a service profile and/or template. After a server is associated with a service profile that includes this boot policy, you can verify the actual boot order in the Boot Order Details area on the General tab for the server.
SAN Boot Before You Begin Note If you are creating a boot policy that boots the server from a SAN LUN and you require reliable SAN boot operations, we recommend that you first remove all local disks from servers associated with a service profile that includes the boot policy. Procedure Step 1 Step 2 Step 3 Click the down arrows to expand the vHBAs area. Click the Add SAN Boot link.
iSCSI Boot Name Description Type field This can be one of the following: • Primary—The first address defined for the associated boot device class. A boot policy can only have one primary LAN, SAN, or iSCSI boot location. • Secondary—The second address defined for the associated boot device class. Each boot policy can have only one secondary LAN or SAN boot location. The use of the terms primary or secondary boot devices does not imply a boot order.
iSCSI Boot iSCSI Boot Process The Cisco UCS Manager iSCSI vNIC and iSCSI boot information created for the service profile is used in the association process to program the mezzanine adapter, located on the blade server. After the adapter is programmed, the blade server reboots with the latest service profile values. After the power on self-test (POST), the adapter attempts to initialize using these service profile values.
iSCSI Boot ◦ Blades that use iSCSI boot must contain the Cisco UCS M51KR-B Broadcom BCM57711 network adapter. For information on installing or replacing an adapter card, see the Cisco UCS B250 Extended Memory Blade Server Installation and Service Note. The service note is accessible from the Cisco UCS B-Series Servers Documentation Roadmap at http://www.cisco.com/go/ unifiedcomputing/b-series-doc. ◦ Set the MAC addresses on the iSCSI device.
iSCSI Boot Enabling MPIO on Windows Note If you change the networking hardware, Windows may fail to boot from an iSCSI drive. For more information, see Microsoft support Article ID: 976042. Before You Begin The server on which you enable MPIO must have a Cisco VIC driver. Procedure Step 1 In the service profile associated with the server, configure the primary and secondary iSCSI vNICs. For more information, see Creating an iSCSI vNIC for a Service Profile, on page 452.
iSCSI Boot Command or Action Purpose Step 4 Create a boot policy that can be used in any For more information about creating a boot policy service profile. Alternatively, you can create that can be used in any service profile, see a local boot policy only for the specific service Creating an iSCSI Boot Policy, on page 451. policy. However, we recommend that you create a boot policy that can be shared with multiple service profiles.
iSCSI Boot Name Description Name field The name of the policy. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Connection Timeout field The number of seconds to wait until Cisco UCS assumes that the initial login has failed and the iSCSI adapter is unavailable. Enter an integer between 0 and 255.
iSCSI Boot Deleting an iSCSI Adapter Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Expand the node for the organization where you want to create the policy. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Step 6 Expand the Adapter Policies node. Right-click the adapter policy and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
iSCSI Boot Step 6 Click OK. What to Do Next Include the authentication profile in a service profile and/or template. Deleting an Authentication Profile Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Policies. Step 4 Step 5 Step 6 Expand the Authentication Profiles node. Right-click the IP pool you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
iSCSI Boot Name Description Subnet Mask field The subnet mask associated with the IP addresses in the block. All IP addresses in the management IP pool must be in the same subnet as the IP address of the fabric interconnect. Default Gateway field Step 6 The default gateway associated with the IP addresses in the block. Click OK. What to Do Next Configure one or more service profiles or service profile templates to obtain the iSCSI initiator IP address from the iSCSI initiator IP pool.
iSCSI Boot This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Step 6 (Optional) To reboot all servers that use this boot policy after you make changes to the boot order, check the Reboot on Boot Order Change check box.
iSCSI Boot Name Description Name field The name of the iSCSI vNIC. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Overlay vNIC drop-down list The LAN vNIC associated with this iSCSI vNIC, if any. iSCSI Adapter Policy drop-down The iSCSI adapter policy associated with this iSCSI vNIC, if any.
iSCSI Boot For more information, see Creating a MAC Pool, on page 295. Deleting an iSCSI vNIC from a Service Profile Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile from which you want to delete an iSCSI vNIC. Step 4 Step 5 Step 6 Step 7 Expand the service profile from which you want to delete an iSCSI vNIC. Expand the iSCSI vNICs node.
iSCSI Boot Name Description Authentication Profile drop-down The name of the associated authentication profile. list Create Authentication Profile link Click this link to create a new authentication profile policy that will be available to all iSCSI vNICs. Step 10 In the Initiator Name area, complete the following fields: Name Description Initiator Name Assignment drop-down list Select how the iSCSI boot initiator name is assigned.
iSCSI Boot Option Description Pool An IPv4 address is assigned to the iSCSI boot vNIC from the management IP address pool. Proceed to Step 13. Step 12 If you chose Static from the Initiator IP Address Policy drop-down list, complete the following fields: Name Description IPv4 Address field The IPv4 address assigned to the iSCSI boot vNIC. If you want to specify this address, you must select Static in the Initiator IP Address Policy drop-down list.
iSCSI Boot Name Description iSCSI Target Name field A regular expression that defines the iSCSI Qualified Name (IQN) or Extended Unique Identifier (EUI) name of the iSCSI target. You can enter any alphanumeric characters as well as the following special characters: • . (period) • : (colon) • - (dash) This name must be properly formatted using standard IQN or EUI guidelines. The following examples show properly formatted iSCSI target names: Important • iqn.2001-04.com.example • iqn.2001-04.com.
iSCSI Boot Modifying iSCSI Boot Parameters You can modify iSCSI boot parameters, including the boot order, boot policy, authentication profile, initiator interface, and target interface for an iSCSI vNIC. Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile for which you want to modify iSCSI boot parameters.
iSCSI Boot Name Description Initiator Name Assignment drop-down list Select how the iSCSI boot initiator name is assigned. Choose one of the following methods: • Manual—You will enter a name in the Initiator Name field. The initiator name can contain up to 223 characters. • Pools—Choose an IQN suffix pool from which the name will be assigned. Create IQN Suffix Pool link Click this link to create a new IQN suffix pool that will be available to all iSCSI vNICs.
iSCSI Boot Name Description Default Gateway field The default gateway associated with the IPv4 address. Primary DNS field The primary DNS server address. Secondary DNS field The secondary DNS server address. Step 13 For the iSCSI target interface, choose one of the following radio buttons: Option Description iSCSI Static Target Interface The system creates a static target interface that you need to configure. Proceed to Step 14.
iSCSI Boot Name Description Priority field The system-assigned priority for the iSCSI target. Port field The port associated with the iSCSI target. Enter an integer between 1 and 65535. The default is 3260. Authentication Profile drop-down list The name of the associated authentication profile. Create Authentication Profile link Click this link to create a new authentication profile policy that will be available to all iSCSI vNICs.
iSCSI Boot Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 On the SAN tab, expand SAN > Pools. Expand the node for the organization where you want to create the pool. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click IQN Pools and select Create IQN Suffix Pool.
iSCSI Boot Step 9 Click OK. Step 10 Click Finish to complete the wizard. What to Do Next • (Optional) Add additional blocks of IQN suffixes to the IQN pool. • Include the IQN suffix pool in a service profile and/or template. Adding a Block to an IQN Pool Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 On the SAN tab, expand SAN > Pools. Expand the node for the organization containing the pool. If the system does not include multitenancy, expand the root node.
iSCSI Boot • The vNIC or vHBA is assigned to a different pool. Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 On the SAN tab, expand SAN > Pools. Expand the node for the organization containing the pool. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Step 6 Expand the IQN Pools node. Choose the IQN pool for which you want to delete a block of IQN suffixes. In the Work pane, click the IQN Blocks tab.
LAN Boot LAN Boot You can configure a boot policy to boot one or more servers from a centralized provisioning server on the LAN. A LAN (or PXE) boot is frequently used to install operating systems on a server from that LAN server. You can add more than one type of boot device to a LAN boot policy. For example, you could add a local disk or virtual media boot as a secondary boot device.
Virtual Media Boot Configuring a Local Disk Boot for a Boot Policy You can also create a local boot policy that is restricted to a service profile or service profile template. However, except for iSCSI boot, we recommend that you create a global boot policy that can be included in multiple service profiles or service profile templates. You can add more than one type of boot device to a boot policy. For example, you could add a virtual media boot as a secondary boot device.
Deleting a Boot Policy Note Virtual Media requires the USB to be enabled. If you modify the BIOS settings that affect the USB functionality, you also affect the Virtual Media. Therefore, we recommend that you leave the following USB BIOS defaults for best performance: • Make Device Non Bootable—set to disabled • USB Idle Power Optimizing Setting—set to high-performance This procedure continues directly from Creating a Boot Policy, on page 440.
Deleting a Boot Policy Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 31 Deferring Deployment of Service Profile Updates This chapter includes the following sections: • Deferred Deployment of Service Profiles, page 469 • Configuring Schedules, page 472 • Configuring Maintenance Policies, page 482 • Managing Pending Activities, page 484 Deferred Deployment of Service Profiles Some modifications to a service profile or to an updating service profile template can be disruptive and require a reboot of the server.
Deferred Deployment of Service Profiles If you want to defer the deployment of service profile changes, you must configure one or more maintenance policies and configure each service profile with a maintenance policy. If you want to define the time period when the deployment should occur, you also need to create at least one schedule with one or more recurring occurrences or one time occurrences, and include that schedule in a maintenance policy.
Deferred Deployment of Service Profiles Pending Activities If you configure deferred deployment in a Cisco UCS domain, Cisco UCS Manager enables you to view all pending activities. You can see activities that are waiting for user acknowledgement and those that have been scheduled. If a Cisco UCS domain has pending activities, Cisco UCS Manager GUI notifies users with admin privileges when they log in.
Configuring Schedules Cannot Perform Partial Deployment of Pending Activity Cisco UCS Manager applies all changes made to a service profile in the scheduled maintenance window. You cannot make several changes to a service profile at the same time and then have those changes be spread across several maintenance windows. When Cisco UCS Manager deploys the service profile changes, it updates the service profile to match the most recent configuration in the database.
Configuring Schedules a) Complete the following fields: Name Description Name field The name of the one time occurrence of this schedule. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Start Time field The date and time that the occurrence will run.
Configuring Schedules Name Description Max Number of Concurrent Tasks field The maximum number of tasks that can run concurrently during this occurrence. This can be one of the following: • Unlimited—Cisco UCS runs as many concurrent tasks as the system can handle. • other—Cisco UCS Manager GUI displays a text field allowing you to specify the maximum number of concurrent tasks that can be run during this occurrence. Enter an integer between 1 and 65535.
Configuring Schedules Name Description Day field The day on which Cisco UCS runs an occurrence of this schedule. This can be one of the following: • every day • Monday • Tuesday • Wednesday • Thursday • Friday • Saturday • Sunday • odd days • even days Hour field The hour of the specified day at which this occurrence of the schedule starts. This can be an integer between 0 and 24, where 0 and 24 are both equivalent to midnight.
Configuring Schedules Name Description Max Number of Tasks field The maximum number of scheduled tasks that can be run during each occurrence. This can be one of the following: • Unlimited—Cisco UCS runs all scheduled tasks unless those tasks exceed the maximum time specified in the Max Duration field. If Max Duration is set to none and you select this option, the maintenance window continues until all pending activities are completed.
Configuring Schedules Creating a One Time Occurrence for a Schedule Note By default, the maximum duration and the maximum number of tasks are set to none. If you do not change either of these defaults, Cisco UCS Manager does not impose any limit to the length of time that the maintenance window lasts.
Configuring Schedules Name Description Max Number of Tasks field The maximum number of scheduled tasks that can be run during this occurrence. This can be one of the following: • Unlimited—Cisco UCS runs all scheduled tasks unless those tasks exceed the maximum time specified in the Max Duration field. If Max Duration is set to none and you select this option, the maintenance window continues until all pending activities are completed.
Configuring Schedules Creating a Recurring Occurrence for a Schedule Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 On the Servers tab, expand Schedules. Right-click the schedule to which you want to add an occurrence and choose Create a Recurring Occurrence. In the Create a Recurring Occurrence dialog box, complete the following fields: Name Description Name field The name of the recurring occurrence of this schedule.
Configuring Schedules Step 5 Step 6 Name Description Minute field The minute of the hour at which the schedule occurrence starts. This can be an integer between 0 and 60. Click the down arrows to expand the Options area. In the Options area, complete the following fields: Name Description Max Duration field The maximum length of time that each occurrence of this schedule can run. This can be one of the following: • None—The occurrence runs until all tasks are completed.
Configuring Schedules Name Description Minimum Interval Between Tasks field The minimum length of time that the system should wait before starting a new task. This setting is meaningful only if the maximum number of concurrent tasks is set to a value other than none. This can be one of the following: • None—Cisco UCS runs the next task as soon as possible.
Configuring Maintenance Policies Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 On the Servers tab, expand Schedules > Schedule_Name. Expand Recurring Occurrences. Right-click the occurrence you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. Deleting a Schedule If this schedule is included in a maintenance policy, the policy is reconfigured with no schedule.
Configuring Maintenance Policies Name Description Name field The name of the policy. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Description field A description of the policy. We recommend that you include information about where and when the policy should be used. Enter up to 256 characters.
Managing Pending Activities Deleting a Maintenance Policy Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 On the Servers tab, expand Servers > Policies > Organization_Name. Expand Maintenance Policies. Right-click the maintenance policy you want to delete and choose Delete. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Managing Pending Activities Procedure Step 1 Step 2 On the toolbar, click Pending Activities. In the Pending Activities dialog box, click the User Acknowledged Activities tab. Step 3 In the Reboot Now column of the table, check the Acknowledge All check box for the pending activity you want to deploy immediately. Click OK. Cisco UCS Manager immediately reboots the server affected by the pending activity.
Managing Pending Activities Procedure Step 1 Step 2 On the toolbar, click Pending Activities. In the Pending Activities dialog box, click the Scheduled Activities tab. Step 3 In the Reboot Now column of the table, check the Acknowledge All check box for the pending activity you want to deploy immediately. Click OK. Cisco UCS Manager immediately reboots the server affected by the pending activity.
CHAPTER 32 Configuring Service Profiles This chapter includes the following sections: • Service Profiles that Override Server Identity, page 487 • Service Profiles that Inherit Server Identity, page 488 • Service Profile Templates, page 488 • Guidelines and Recommendations for Service Profiles, page 489 • Creating Service Profiles, page 489 • Working with Service Profile Templates, page 518 • Managing Service Profiles, page 544 Service Profiles that Override Server Identity This type of service profile p
Service Profiles that Inherit Server Identity Unless the service profile contains power management policies, a server pool qualification policy, or another policy that requires a specific hardware configuration, the profile can be used for any type of server in the Cisco UCS domain. You can associate these service profiles with either a rack-mount server or a blade server. The ability to migrate the service profile depends upon whether you choose to restrict migration of the service profile.
Guidelines and Recommendations for Service Profiles Initial template Service profiles created from an initial template inherit all the properties of the template. However, after you create the profile, it is no longer connected to the template. If you need to make changes to one or more profiles created from this template, you must change each profile individually.
Creating Service Profiles • Page 5: Setting the Server Boot Order, on page 504 • Page 6: Adding the Maintenance Policy, on page 507 • Page 7: Specifying the Server Assignment, on page 509 • Page 8: Adding Operational Policies, on page 511 Page 1: Identifying the Service Profile This procedure directly follows the steps in Creating a Service Profile with the Expert Wizard, on page 489.
Creating Service Profiles Option Description Pools Pool_Name Assigns a UUID from the UUID Suffix pool that you select from the list at the bottom of the drop-down list. Each pool name is followed by two numbers in parentheses that show the number of UUIDs still available in the pool and the total number of UUIDs in the pool. If you do not want use any of the existing pools, but instead want to create a pool that all serivce profiles can access, continue with Step 4. Otherwise, continue with Step 5.
Creating Service Profiles Option Description Select Local Storage Policy to use Assigns the default local disk storage policy to this service profile. Continue with Step 4. Create a Specific Storage Policy Enables you to create a local disk policy that can only be accessed by this service profile. Continue with Step 2. Storage Policies Policy_Name Select an existing local disk policy from the list at the bottom of the drop-down list. Cisco UCS Manager assigns this policy to the service profile.
Creating Service Profiles Note If you choose No RAID and you apply this policy to a server that already has an operating system with RAID storage configured, the system does not remove the disk contents. Therefore, there may be no visible differences on the server after you apply the No RAID mode. This can lead to a mismatch between the RAID configuration in the policy and the actual disk configuration shown in the Inventory > Storage tab for the server.
Creating Service Profiles • Choose Select (pool default used by default) to use the default WWN pool. • Choose one of the options listed under Manual Using OUI and then enter the WWN in the World Wide Node Name field. You can specify a WWNN in the range from 20:00:00:00:00:00:00:00 to 20:FF:FF:FF:FF:FF:FF:FF or from 50:00:00:00:00:00:00:00 to 5F:FF:FF:FF:FF:FF:FF:FF. You can click the here link to verify that the WWNN you specified is available.
Creating Service Profiles Name Description Use SAN Connectivity Template Check this check box if you want to use a template to create the check box vHBA. Cisco UCS Manager GUI displays the vHBA Template drop-down list from which you can select the appropriate template, and the Adapter Performance Profile area from which you can select an adapter profile. Note Create vHBA Template link You can only select this option if one or more SAN connectivity templates exist in the system.
Creating Service Profiles Name Description Persistent Binding field This can be one of the following: • Disabled • Enabled Max Data Field Size field The maximum size of the Fibre Channel frame payload bytes that the vHBA supports. Enter an integer between 256 and 2112. The default is 2048. Operational Parameters Section Stats Threshold Policy drop-down list box The threshold policy with which this vHBA is associated.
Creating Service Profiles Procedure Step 1 (Optional) If you plan to assign this service profile to a server with an adapter that supports dynamic vNICs, choose one of the following options from the Dynamic vNIC Connection drop-down list: Option Description Select a Policy to use Enables you to create a service profile without a dynamic vNIC connection policy for a server with an adapter that does not support dynamic vNICs.
Creating Service Profiles e) Continue with Step 4. Step 4 In the How would you like to configure LAN connectivity? field, click one of the following options: Option Description Simple Allows you to create a maximum of two vNICs, in dual fabric mode, for this service profile. Continue with Step 5. Expert Allows you to create an unlimited number of vNICs for this service profile. If you are configuring this service profile/template for iSCSI boot, choose this option.
Creating Service Profiles Name Description Use LAN Connectivity Template check box Check this check box if you want to use a template to create the vNIC. Cisco UCS Manager GUI displays the vNIC Template drop-down list from which you can select the appropriate template, and the Adapter Performance Profile area from which you can select an adapter profile. Note You can only select this option if one or more LAN connectivity templates exist in the system.
Creating Service Profiles Name Description VLANs table This table lists the VLANs that can be associated with this vNIC. The columns are: • Select—Check the check box in this column for each VLAN you want to use. • Name—The name of the VLAN. • Native VLAN—To designate one of the VLANs as the native VLAN, click the radio button in this column. Create VLAN link Click this link if you want to create a VLAN. MTU field The maximum transmission unit, or packet size, that this vNIC accepts.
Creating Service Profiles Name Description Create Network Control Policy Click this link if you want to create a network control policy. Policy link e) Click OK. Step 7 If you chose the expert LAN connectivity option and are configuring this service profile for iSCSI boot, do the following: a) Click the down arrows to expand the iSCSI vNICs bar. b) Click Add on the icon bar of the table to open the Create iSCSI vNIC dialog box.
Creating Service Profiles e) Repeat steps b through d to configure additional iSCSI vNICs. Step 8 Click Next. What to Do Next Complete Page 4: Setting the vNIC/vHBA Placement, on page 502. Page 4: Setting the vNIC/vHBA Placement This procedure directly follows Page 3: Configuring the Networking Options, on page 496. It describes how to set the vNIC and vHBA placement options on the vNIC/vHBA Placement page of the Create Service Profile (expert) wizard.
Creating Service Profiles Name Description Move Up button Moves the selected vNIC or VHBA to a higher priority in the list. Move Down button Moves the selected vNIC or vHBA to a lower priority in the list. Delete button Deletes the selected vNIC or vHBA. Reorder button Returns all vNICs and vHBAs to their original order. Modify button Enables you to modify the currently-selected vNIC or vHBA. Note You can change any options for the vNIC or vHBA except its name. b) Continue with Step 5.
Creating Service Profiles • All—All configured vNICs and vHBAs can be assigned to the vCon, whether they are explicitly assigned to it, unassigned, or dynamic. • Assigned Only—vNICs and vHBAs must be explicitly assigned to the vCon. You can assign them explicitly through the service profile or the properties of the vNIC or vHBA. • Exclude Dynamic—Dynamic vNICs and vHBAs cannot be assigned to the vCon.
Creating Service Profiles Option Description Create a Specific Boot Policy Enables you to create a local boot policy that can only be accessed by this service profile. Continue with Step 3. Boot Policies Policy_Name Assigns an existing boot policy to the service profile. If you choose this option, Cisco UCS Manager displays the details of the policy.
Creating Service Profiles b) Click the Add LAN Boot link. c) In the Add LAN Boot dialog box, enter the name of the vNIC that you want to use for the LAN boot in the vNIC field, then click OK. d) Add another device to the Boot Order table, or click OK to finish. Step 7 To add a SAN boot to the boot order, do the following: a) Click the down arrows to expand the vHBAs area. b) Click the Add SAN Boot link.
Creating Service Profiles Name Description Type field This can be one of the following: • Primary—The first address defined for the associated boot device class. A boot policy can only have one primary LAN, SAN, or iSCSI boot location. • Secondary—The second address defined for the associated boot device class. Each boot policy can have only one secondary LAN or SAN boot location. The use of the terms primary or secondary boot devices does not imply a boot order.
Creating Service Profiles Procedure Step 1 From the Maintenance Policy drop-down list, choose one of the following: Option Description Select a Maintenance Policy to Assigns the default maintenance policy to this service profile. Use (default policy shown) Continue with Step 4. Maintenance Policies Policy_Name Assigns an existing maintenance policy to the service profile. If you choose this option, Cisco UCS Manager displays the details of the policy.
Creating Service Profiles Name Description Reboot Policy field When a service profile is associated with a server, or when changes are made to a service profile that is already associated with a server, the server needs to be rebooted to complete the process. The Reboot Policy field determines when the reboot occurs for servers associated with any service profiles that include this maintenance policy.
Creating Service Profiles Option Description Assign Later Allows you to assign a server after you have created and configured the service profile. Continue with Step 6. Pre-provision a slot Specifies the chassis and slot that contains the server which will be assigned to the service profile. If the server is not in the slot or is otherwise unavailable, the service profile will be associated with the server when it becomes available. Continue with Step 2.
Creating Service Profiles Name Description Host Firmware drop-down list To associate a host firmware package with this service profile, choose its name from the drop-down list. Create Host Firmware Package Click this link if you want to create a host firmware package. link Management Firmware drop-down list To associate a management firmware package with this service profile, choose its name from the drop-down list.
Creating Service Profiles For more information about how to create an IPMI profile, see Creating an IPMI Access Profile, on page 405. Step 4 To add a Serial over LAN policy to the service profile, do one of the following: • To add an existing policy, select the desired Serial over LAN policy from the SoL Configuration Profile drop-down list.
Creating Service Profiles Step 7 To associate a power control policy with the service profile, click the down arrows to expand the Power Control Policy Configuration bar and do one of the following: • To add an existing policy, select the desired power control policy from the Power Control Policy drop-down list.
Creating Service Profiles Name Description Primary vNIC check box Check this check box if you want to create a vNIC for this service profile. If you check this box, Cisco UCS Manager GUI displays the rest of the fields in this section. Name field The name of the vNIC. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved.
Creating Service Profiles Name Description Fabric field The fabric interconnect that this vHBA is associated with. Do not associate the primary vHBA with the same fabric as the secondary vHBA. Secondary vHBA Section Secondary vHBA check box Check this check box if you want to create a second vHBA for this service profile. If you check this box, Cisco UCS Manager GUI displays the rest of the fields in this section. Name field The name of the vHBA.
Creating Service Profiles Name Description SAN area If Type is set to san, this area contains the following fields: • vHBA—The vHBA used to access the SAN boot image • LUN—The LUN that corresponds to the location of the boot image • WWN—The WWN that corresponds to the location of the boot image Network (PXE) area If Type is set to lan, this area contains the vNIC drop-down list from which you can choose the vNIC from which the server should boot.
Creating Service Profiles Creating a Hardware Based Service Profile for a Blade Server You cannot move a hardware based service profile to another server. Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server for which you want to create a hardware based service profile. In the Work pane, click the General tab. Step 5 In the Actions area, click Create Service Profile.
Working with Service Profile Templates a) From the Create Service Profile in Organization drop-down list, select the organization in which you want to create the service profile. b) Click the Hardware Based Service Profile radio button. c) In the Name field, enter a unique name for the service profile. This name can be between 2 and 32 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and .
Working with Service Profile Templates Page 1: Identifying the Service Profile Template This procedure directly follows the steps in Creating a Service Profile Template, on page 518. It describes how to set the identity of a service profile template on the Identify Service Profile Template page of the Create Service Profile Template wizard. Procedure Step 1 In the Name field, enter a unique name that you can use to identify this service profile template.
Working with Service Profile Templates What to Do Next Complete the steps in Page 2: Specifying the Storage Options, on page 520. Page 2: Specifying the Storage Options This procedure directly follows Page 1: Identifying the Service Profile Template, on page 519. It describes how to configure the storage options for a service profile template on the Storage page of the Create Service Profile Template wizard.
Working with Service Profile Templates • RAID 5 Striped Parity—Data is striped across all disks in the array. Part of the capacity of each disk stores parity information that can be used to reconstruct data if a disk fails. RAID 5 provides good data throughput for applications with high read request rates. • RAID 6 Striped Dual Parity—Data is striped across all disks in the array and two parity disks are used to provide protection against the failure of up to two physical disks.
Working with Service Profile Templates Option Description No vHBAs Does not include any vHBAs for connections to a Fibre Channel SAN in a service profile created from this template. If you are configuring this service profile/template for iSCSI boot, choose this option. Continue with Step 7.
Working with Service Profile Templates Name Description Name field The name of this vHBA. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Use SAN Connectivity Template Check this check box if you want to use a template to create the check box vHBA.
Working with Service Profile Templates Name Description Create SAN Pin Group link Click this link if you want to create a pin group. Persistent Binding field This can be one of the following: • Disabled • Enabled Max Data Field Size field The maximum size of the Fibre Channel frame payload bytes that the vHBA supports. Enter an integer between 256 and 2112. The default is 2048.
Working with Service Profile Templates Procedure Step 1 (Optional) If you plan to assign service profiles created from this template to a server with an adapter that supports dynamic vNICs, choose one of the following options from the Dynamic vNIC Connection drop-down list: Option Description Select a Policy to use Enables you to create a service profile template without a dynamic vNIC connection policy for a server with an adapter that does not support dynamic vNICs.
Working with Service Profile Templates e) Continue with Step 4. Step 4 In the How would you like to configure LAN connectivity? field, click one of the following options: Option Description Simple Allows you to create a maximum of two vNICs, in dual fabric mode, for every service profile created from this template. Continue with Step 5. Expert Allows you to create an unlimited number of vNICs for every service profile created from this template.
Working with Service Profile Templates Name Description Use LAN Connectivity Template check box Check this check box if you want to use a template to create the vNIC. Cisco UCS Manager GUI displays the vNIC Template drop-down list from which you can select the appropriate template, and the Adapter Performance Profile area from which you can select an adapter profile. Note You can only select this option if one or more LAN connectivity templates exist in the system.
Working with Service Profile Templates Name Description VLANs table This table lists the VLANs that can be associated with this vNIC. The columns are: • Select—Check the check box in this column for each VLAN you want to use. • Name—The name of the VLAN. • Native VLAN—To designate one of the VLANs as the native VLAN, click the radio button in this column. Create VLAN link Click this link if you want to create a VLAN. MTU field The maximum transmission unit, or packet size, that this vNIC accepts.
Working with Service Profile Templates Name Description Create Network Control Policy Click this link if you want to create a network control policy. Policy link e) Click OK. Step 7 If you chose the expert LAN connectivity option and are configuring this service profile for iSCSI boot, do the following: a) Click the down arrows to expand the iSCSI vNICs bar. b) Click Add on the icon bar of the table to open the Create iSCSI vNIC dialog box.
Working with Service Profile Templates e) Repeat steps b through d to create additional iSCSI vNICs. Step 8 Click Next. What to Do Next Complete Page 4: Setting the vNIC/vHBA Placement, on page 530. Page 4: Setting the vNIC/vHBA Placement This procedure directly follows Page 3: Specifying the Networking Options, on page 524. It describes how to set the vNIC and vHBA placement options on the vNIC/vHBA Placement page of the Create Service Profile Template wizard.
Working with Service Profile Templates a) Use one or more of the following buttons to adjust the order of the vNICs and vHBAs: Name Description Move Up button Moves the selected vNIC or VHBA to a higher priority in the list. Move Down button Moves the selected vNIC or vHBA to a lower priority in the list. Delete button Deletes the selected vNIC or vHBA. Reorder button Returns all vNICs and vHBAs to their original order. Modify button Enables you to modify the currently-selected vNIC or vHBA.
Working with Service Profile Templates b) In the Selection Preference column for each Virtual Slot, choose one of the following from the drop-down list: • All—All configured vNICs and vHBAs can be assigned to the vCon, whether they are explicitly assigned to it, unassigned, or dynamic. • Assigned Only—vNICs and vHBAs must be explicitly assigned to the vCon. You can assign them explicitly through the service profile or the properties of the vNIC or vHBA.
Working with Service Profile Templates Option Description Create a Specific Boot Policy Enables you to create a local boot policy that can only be accessed by a service profile created from this template. Continue with Step 3. Boot Policies Policy_Name Assigns an existing boot policy to every service profile created from this template. If you choose this option, Cisco UCS Manager displays the details of the policy.
Working with Service Profile Templates b) Click the Add LAN Boot link. c) In the Add LAN Boot dialog box, enter the name of the vNIC that you want to use for the LAN boot in the vNIC field, then click OK. d) Add another device to the Boot Order table, or click OK to finish. Step 7 To add a SAN boot to the boot order, do the following: a) Click the down arrows to expand the vHBAs area. b) Click the Add SAN Boot link.
Working with Service Profile Templates Name Description Type field This can be one of the following: • Primary—The first address defined for the associated boot device class. A boot policy can only have one primary LAN, SAN, or iSCSI boot location. • Secondary—The second address defined for the associated boot device class. Each boot policy can have only one secondary LAN or SAN boot location. The use of the terms primary or secondary boot devices does not imply a boot order.
Working with Service Profile Templates Procedure Step 1 From the Maintenance Policy drop-down list, choose one of the following: Option Description Select a Maintenance Policy to Assigns the default maintenance policy to this service profile. Use (default policy shown) Continue with Step 4. Maintenance Policies Policy_Name Assigns an existing maintenance policy to the service profile. If you choose this option, Cisco UCS Manager displays the details of the policy.
Working with Service Profile Templates Name Description Reboot Policy field When a service profile is associated with a server, or when changes are made to a service profile that is already associated with a server, the server needs to be rebooted to complete the process. The Reboot Policy field determines when the reboot occurs for servers associated with any service profiles that include this maintenance policy.
Working with Service Profile Templates Procedure Step 1 From the Pool Assignment drop-down list, choose one of the following: Option Description Assign Later Allows you to assign a server after you have created and configured the service profile template. Continue with Step 2. Select from a Pool Pool_Name Select a server pool from the list at the bottom of the drop-down list. Cisco UCS Manager assigns a server from this pool to a service profile created from this template. Continue with Step 2.
Working with Service Profile Templates Step 5 Click Next. What to Do Next Complete Page 8: Adding Operational Policies, on page 539. Page 8: Adding Operational Policies This procedure directly follows Page 7: Specifying the Server Assignment Options, on page 537. It describes how to add operational policies to the service profile template on the Operational Policies page of the Create Service Profile Template wizard. These policies are optional.
Working with Service Profile Templates For more information about how to create a serial over LAN policy, see Creating a Serial over LAN Policy, on page 415. Step 5 To configure the management IP required for external access to the CIMC on the server, click the down arrows to expand the Management IP Address bar and click one of the following radio buttons: • None—No management IP address is assigned to the service profile.
Working with Service Profile Templates Creating One or More Service Profiles from a Service Profile Template Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profile Templates. Expand the node for the organization that contains the service profile template that you want to use as the basis for your service profiles. If the system does not include multitenancy, expand the root node.
Working with Service Profile Templates Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server for which you want to create a template based service profile. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Create Service Profile.
Working with Service Profile Templates Creating a Service Profile Template from a Service Profile Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile that you want to use as the basis for your template. If the system does not include multitenancy, expand the root node.
Managing Service Profiles Managing Service Profiles Cloning a Service Profile Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization where you want to create the service profile. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Right-click the service profile you want to clone and select Create a Clone.
Managing Service Profiles Option Description Server Pool Select a server pool from the drop-down list. Cisco UCS Manager assigns a server from this pool to the service profile. Continue with Step 7. Server Navigate to the desired available server in the navigation tree and select the server which will be assigned to the service profile. Continue with Step 7. Custom Server Specifies the chassis and slot that contains the server that will be assigned to the service profile.
Managing Service Profiles Step 4 Step 5 Step 6 Right-click the service profile you want to disassociate from a server and select Disassociate Service Profile. In the Disassociate Service Profile dialog box, click Yes to confirm that you want to disassociate the service profile. (Optional) Monitor the status and FSM for the server to confirm that the disassociation completed.
Managing Service Profiles Disassociating a Service Profile Template from its Server Pool Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profile Templates. Expand the node for the organization that contains the service profile that you want to disassociate from its server pool. If the system does not include multitenancy, expand the root node.
Managing Service Profiles Option Description Hardware Default Uses the UUID assigned to the server by the manufacturer. If you choose this option, the UUID remains unassigned until the service profile is associated with a server. At that point, the UUID is set to the UUID value assigned to the server by the manufacturer. If the service profile is later moved to a different server, the UUID is changed to match the new server. Continue with Step 9.
Managing Service Profiles Step 4 Step 5 Choose the service profile template whose UUID assignment you want to change. In the Work pane, click the General tab. Step 6 Step 7 In the Actions area, click Change UUID. From the UUID Assignment drop-down list, choose one of the following: Option Description Select (pool default used by default) Assigns a UUID from the default UUID Suffix pool. Hardware Default Uses the UUID assigned to the server by the manufacturer.
Managing Service Profiles Step 4 Step 5 Choose the service profile that requires the UUID for the associated server to be reset to a different UUID suffix pool. In the Work pane, click the General tab. Step 6 In the Actions area, click Reset UUID. If this action is not visible, then the UUID configuration in the service profile does not meet the requirements for resetting a UUID. Step 7 Step 8 If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes.
Managing Service Profiles This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Step 9 (Optional) To reboot all servers that use this boot policy after you make changes to the boot order, check the Reboot on Boot Order Change check box.
Managing Service Profiles Name Description Type field This can be one of the following: • Primary—The first address defined for the associated boot device class. A boot policy can only have one primary LAN, SAN, or iSCSI boot location. • Secondary—The second address defined for the associated boot device class. Each boot policy can have only one secondary LAN or SAN boot location. The use of the terms primary or secondary boot devices does not imply a boot order.
Managing Service Profiles Creating a vNIC for a Service Profile Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 Step 6 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile for which you want to create a vNIC. Expand the service profile for which you want to create a vNIC. Right-click the vNICs node and choose Create vNICs.
Managing Service Profiles b) Complete the following fields to specify the fabric connection information: Name Description Fabric ID field The fabric interconnect associated with the component. If you want this vNIC to be able to access the second fabric interconnect if the default one is unavailable, check the Enable Failover check box. Note Do not enable fabric failover for the vNIC under the following circumstances: • If the Cisco UCS domain is running in Ethernet Switch Mode.
Managing Service Profiles Name Description Stats Threshold Policy drop-down list The statistics collection policy with which this vNIC is associated. c) In the Adapter Performance Profile area, complete the following fields: Name Description Adapter Policy drop-down list The Ethernet adapter policy with which this vNIC is associated. Create Ethernet Adapter Policy Click this link if you want to create an Ethernet adapter policy.
Managing Service Profiles Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile for which you want to reset the MAC address. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Step 6 Expand Service_Profile_Name > vNICs. Click the vNIC for which you want to reset the MAC address. In the Work pane, click the General tab.
Managing Service Profiles a) Complete the following fields to specify the identity information for the vHBA: Name Description Name field The name of this vHBA. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved.
Managing Service Profiles Name Description Pin Group drop-down list box The pin group with which this vHBA is associated. Create SAN Pin Group link Click this link if you want to create a pin group. Persistent Binding field This can be one of the following: • Disabled • Enabled Max Data Field Size field The maximum size of the Fibre Channel frame payload bytes that the vHBA supports. Enter an integer between 256 and 2112. The default is 2048.
Managing Service Profiles Changing the WWPN for a vHBA Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile for which you want to change the WWPN. Expand Service_Profile_Name > vHBAs. Click the vHBA for which you want to change the WWPN. In the Work pane, click the General tab.
Managing Service Profiles Resetting the WWPN Assigned to a vHBA from a Pool in a Service Profile Template If you change the WWPN pool assigned to an updating service profile template, Cisco UCS Manager does not change the WWPN assigned to a service profile created with that template. If you want Cisco UCS Manager to assign a WWPN from the newly assigned pool to the service profile, and therefore to the associated server, you must reset the WWPN.
Managing Service Profiles Deleting a vHBA from a Service Profile Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that contains the service profile from which you want to delete a vHBA. Expand the service profile from which you want to delete a vHBA. Expand the vHBAs node. Right-click the vHBA you want to delete and choose Delete.
Managing Service Profiles Unbinding a Service Profile from a Service Profile Template Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization that includes the service profile you want to unbind. If the system does not include multi-tenancy, expand the root node. Step 4 Step 5 Click the service profile you want to unbind. In the Work pane, click the General tab.
CHAPTER 33 Managing Power in Cisco UCS This chapter includes the following sections: • Power Management in Cisco UCS , page 563 • Rack Server Power Management, page 563 • Power Management Precautions, page 563 • Configuring the Power Policy, page 564 • Configuring the Global Cap Policy, page 564 • Configuring Policy-Driven Chassis Group Power Capping, page 565 • Configuring Manual Blade-Level Power Capping, page 570 Power Management in Cisco UCS You can manage power through Cisco UCS Manager by configuri
Configuring the Power Policy Configuring the Power Policy Power Policy The power policy is a global policy that specifies the redundancy for power supplies in all chassis in the Cisco UCS domain. This policy is also known as the PSU policy. For more information about power supply redundancy, see Cisco UCS 5108 Server Chassis Hardware Installation Guide. Configuring the Power Policy Procedure Step 1 In the Navigation pane, click the Equipment tab.
Configuring Policy-Driven Chassis Group Power Capping Important Any change to the manual blade-level power cap configuration will result in the loss of any groups or configuration options set for policy-driven chassis group power capping. Configuring the Global Cap Policy Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Policies tab. Step 4 Step 5 Click the Global Policies subtab.
Configuring Policy-Driven Chassis Group Power Capping Note The system reserves enough power to boot a server in each slot, even if that slot is empty. This reserved power cannot be leveraged by servers requiring more power. Blades that fail to comply with the power cap are penalized or shut down. Configuring Power Groups Power Groups A power group is a set of chassis that all draw power from the same power distribution unit (PDU).
Configuring Policy-Driven Chassis Group Power Capping Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Policies tab. Step 4 Step 5 Click the Power Groups subtab. On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it.
Configuring Policy-Driven Chassis Group Power Capping Adding a Chassis to a Power Group Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Equipment node. In the Work pane, click the Power Groups tab. Step 4 Step 5 Right-click the power group to which you want to add a chassis and choose Add Chassis Members.
Configuring Policy-Driven Chassis Group Power Capping Configuring Power Control Policies Power Control Policy Cisco UCS uses the priority set in the power control policy, along with the blade type and configuration, to calculate the initial power allocation for each blade within a chassis. During normal operation, the active blades within a chassis can borrow power from idle blades within the same chassis.
Configuring Manual Blade-Level Power Capping Name Description Power Capping field What happens to a server when the demand for power within a power group exceeds the power supply. This can be one of the following: • No Cap—The server runs at full capacity regardless of the power requirements of the other servers in its power group. • cap—The server is allocated a minimum amount of power capacity based on the the server's priority relative to the other servers in its server group.
Configuring Manual Blade-Level Power Capping The following configuration options are available: Enabled You can specify the maximum amount of power that the server can consume at one time. This maximum can be any amount between 0 watts and 1100 watts. Disabled No power usage limitations are imposed upon the server. The server can use as much power as it requires.
Configuring Manual Blade-Level Power Capping Step 6 Click Save Changes. Viewing the Blade-Level Power Cap Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis. Choose the chassis for which you want to view the server power usage. Do one of the following: • To view the power usage for all servers in the chassis, click the Power tab in the Work pane.
PART VI System Management • Managing Time Zones, page 575 • Managing the Chassis, page 577 • Managing Blade Servers, page 585 • Managing Rack-Mount Servers, page 599 • Starting the KVM Console, page 611 • Managing the I/O Modules, page 617 • Backing Up and Restoring the Configuration, page 619 • Recovering a Lost Password, page 633
CHAPTER 34 Managing Time Zones This chapter includes the following sections: • Time Zones, page 575 • Setting the Time Zone, page 575 • Adding an NTP Server, page 576 • Deleting an NTP Server, page 576 Time Zones Cisco UCS requires a domain-specific time zone setting and an NTP server to ensure the correct time display in Cisco UCS Manager. If you do not configure both of these settings in a Cisco UCS domain, the time does not display correctly.
Adding an NTP Server Adding an NTP Server Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 In the Admin tab, expand All. Click Timezone Management. In the Work pane, click the General tab. Step 5 Step 6 In the NTP Servers area, click the + button on the table icon bar. In the Add NTP Server dialog box, do the following: a) In the NTP Server field, enter the IP address or hostname of the NTP server you want to use for this Cisco UCS domain. b) Click OK.
CHAPTER 35 Managing the Chassis This chapter includes the following sections: • Chassis Management in Cisco UCS Manager GUI , page 577 • Guidelines for Removing and Decommissioning Chassis, page 577 • Acknowledging a Chassis, page 578 • Decommissioning a Chassis, page 579 • Removing a Chassis, page 579 • Recommissioning a Single Chassis, page 579 • Recommissioning Multiple Chassis, page 580 • Renumbering a Chassis, page 581 • Toggling the Locator LED, page 582 • Viewing the POST Results for a Chassis, pag
Acknowledging a Chassis Removing a Chassis Removing is performed when you physically remove a chassis from the system. Once the physical removal of the chassis is completed, the configuration for that chassis can be removed in Cisco UCS Manager. Note You cannot remove a chassis from Cisco UCS Manager if it is physically present and connected. If you need to add a removed chassis back to the configuration, it must be reconnected and then rediscovered.
Decommissioning a Chassis Decommissioning a Chassis Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis. Choose the chassis that you want to decommission. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Decommission Chassis. If Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. The decommission may take several minutes to complete.
Recommissioning Multiple Chassis Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 In the Equipment tab, expand the Equipment node. Click the Chassis node. In the Work pane, click the Decommissioned tab. Step 5 For the chassis that you want to recommission, do the following: a) Right-click the chassis and choose Re-commission Chassis.
Renumbering a Chassis Renumbering a Chassis Note You cannot renumber a blade server through Cisco UCS Manager. The ID assigned to a blade server is determined by its physical slot in the chassis. To renumber a blade server, you must physically move the server to a different slot in the chassis. Before You Begin If you are swapping IDs between chassis, you must first decommission both chassis and then wait for the chassis decommission FSM to complete before proceeding with the renumbering steps.
Toggling the Locator LED Toggling the Locator LED Turning on the Locator LED for a Chassis Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis. Click the chassis that you need to locate. In the Work pane, click the General tab. Step 5 In the Actions area, click Turn on Locator LED. This action is not available if the locator LED is already turned on. The LED on the chassis starts flashing.
Viewing the POST Results for a Chassis Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis. Choose the chassis for which you want to view the POST results. In the Work pane, click the General tab. Step 5 In the Actions area, click View POST Results. The POST Results dialog box lists the POST results for each server in the chassis and its adapters.
Viewing the POST Results for a Chassis Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 36 Managing Blade Servers This chapter includes the following sections: • Blade Server Management, page 585 • Guidelines for Removing and Decommissioning Blade Servers, page 586 • Booting Blade Servers, page 586 • Shutting Down Blade Servers, page 588 • Resetting a Blade Server, page 589 • Avoiding Unexpected Server Power Changes, page 590 • Reacknowledging a Blade Server, page 591 • Removing a Server from a Chassis, page 591 • Decommissioning a Blade Server, page 592 • Recommissioning a Blade Ser
Guidelines for Removing and Decommissioning Blade Servers The remaining management tasks can only be performed on the server. If a blade server slot in a chassis is empty, Cisco UCS Manager provides information, errors, and faults for that slot. You can also reacknowledge the slot to resolve server mismatch errors and to have Cisco UCS Manager rediscover the blade server in the slot.
Booting Blade Servers Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server that you want to boot. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Boot Server. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. After the server has booted, the Overall Status field on the General tab displays an OK status.
Shutting Down Blade Servers Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Click the server for which you want to determine the boot order. In the Work pane, click the General tab. Step 5 Step 6 Step 7 If the Boot Order Details area is not expanded, click the Expand icon to the right of the heading. To view the boot order assigned to the server, click the Configured Boot Order tab.
Resetting a Blade Server Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization where you want to create the service profile. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Choose the service profile that requires the associated server to be shut down. In the Work pane, click the General tab. Step 6 Step 7 In the Actions area, click Shutdown Server.
Avoiding Unexpected Server Power Changes The reset may take several minutes to complete. After the server has been reset, the Overall Status field on the General tab displays an ok status. Avoiding Unexpected Server Power Changes If a server is not associated with a service profile, you can use any available means to change the server power state, including the physical Power or Reset buttons on the server.
Reacknowledging a Blade Server Desired Power State in Service Profile Current Server Power State Server Power State After Communication Is Disrupted Down Powered On Powered On Note Running servers are not shut down regardless of the desired power state in the service profile. Reacknowledging a Blade Server Perform the following procedure if you need to have Cisco UCS Manager rediscover the server and all endpoints in the server.
Decommissioning a Blade Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server that you want to remove from the chassis. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Server Maintenance. In the Maintenance dialog box, do the following: a) Click Decommission. b) Click OK. The server is removed from the Cisco UCS configuration.
Recommissioning a Blade Server For more information, see Reacknowledging a Server Slot in a Chassis, on page 593. Recommissioning a Blade Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Chassis node. In the Work pane, click the Decommissioned tab. Step 4 On the row for each blade server that you want to recommission, do the following: a) In the Recommission column, check the check box.
Removing a Non-Existent Blade Server from the Configuration Database Removing a Non-Existent Blade Server from the Configuration Database Perform the following procedure if you physically removed the server hardware without first decommissioning the server. You cannot perform this procedure if the server is physically present. If you want to physically remove a server, see Removing a Server from a Chassis, on page 591. Procedure Step 1 In the Navigation pane, click the Equipment tab.
Resetting the CIMC for a Blade Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server for which you want to reset the CMOS. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Recover Server. In the Recover Server dialog box, do the following: a) Click Reset CMOS. b) Click OK.
Viewing the POST Results for a Blade Server Before You Begin Important Remove all attached or mapped USB storage from a server before you attempt to recover the corrupt BIOS on that server. If an external USB drive is attached or mapped from vMedia to the server, BIOS recovery fails. Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers.
Issuing an NMI from a Blade Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server for which you want to view the POST results. In the Work pane, click the General tab. Step 5 In the Actions area, click View POST Results. The POST Results dialog box lists the POST results for the server and its adapters.
Issuing an NMI from a Blade Server Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 37 Managing Rack-Mount Servers This chapter includes the following sections: • Rack-Mount Server Management, page 599 • Guidelines for Removing and Decommissioning Rack-Mount Servers, page 600 • Booting Rack-Mount Servers, page 600 • Shutting Down Rack-Mount Servers, page 602 • Resetting a Rack-Mount Server, page 603 • Avoiding Unexpected Server Power Changes, page 604 • Reacknowledging a Rack-Mount Server, page 605 • Decommissioning a Rack-Mount Server, page 605 • Recommissioning a Rack-Mount Ser
Guidelines for Removing and Decommissioning Rack-Mount Servers be performed from both the server and service profile. The remaining management tasks can only be performed on the server. Cisco UCS Manager provides information, errors, and faults for each rack-mount server that it has discovered. Tip For information about how to integrate a supported Cisco UCS rack-mount server with Cisco UCS Manager, see the hardware installation guide for that server.
Booting Rack-Mount Servers Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Rack Mounts > Servers. Choose the server that you want to boot. In the Work pane, click the General tab. Step 5 Step 6 In the Actions area, click Boot Server. If the Cisco UCS Manager GUI displays a confirmation dialog box, click Yes. After the server has booted, the Overall Status field on the General tab displays an OK status.
Shutting Down Rack-Mount Servers Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Rack Mounts > Servers. Click the server for which you want to determine the boot order. In the Work pane, click the General tab. Step 5 Step 6 Step 7 If the Boot Order Details area is not expanded, click the Expand icon to the right of the heading. To view the boot order assigned to the server, click the Configured Boot Order tab.
Resetting a Rack-Mount Server Procedure Step 1 In the Navigation pane, click the Servers tab. Step 2 Step 3 On the Servers tab, expand Servers > Service Profiles. Expand the node for the organization where you want to create the service profile. If the system does not include multitenancy, expand the root node. Step 4 Step 5 Choose the service profile that requires the associated server to be shut down. In the Work pane, click the General tab.
Avoiding Unexpected Server Power Changes The reset may take several minutes to complete. After the server has been reset, the Overall Status field on the General tab displays an ok status. Avoiding Unexpected Server Power Changes If a server is not associated with a service profile, you can use any available means to change the server power state, including the physical Power or Reset buttons on the server.
Reacknowledging a Rack-Mount Server Desired Power State in Service Profile Current Server Power State Server Power State After Communication Is Disrupted Down Powered On Powered On Note Running servers are not shut down regardless of the desired power state in the service profile. Reacknowledging a Rack-Mount Server Perform the following procedure if you need to have Cisco UCS Manager rediscover the server and all endpoints in the server.
Recommissioning a Rack-Mount Server a) Click Decommission. b) Click OK. The server is removed from the Cisco UCS configuration. Recommissioning a Rack-Mount Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 On the Equipment tab, click the Rack-Mounts node. Step 4 On the row for each rack-mount server that you want to recommission, do the following: a) In the Recommission column, check the check box.
Removing a Non-Existent Rack-Mount Server from the Configuration Database Step 4 Step 5 Step 6 Choose the rack-mount server that you want to renumber. On the Equipment tab, click the Rack-Mounts node. In the Work pane, click the Decommissioned tab. Step 7 On the row for each rack-mount server that you want to renumber, do the following: a) Double-click in the ID field, and enter the new number that you want to assign to the rack-mount server. b) In the Recommission column, check the check box.
Resetting the CMOS for a Rack-Mount Server • Turn on Locator LED • Turn off Locator LED Resetting the CMOS for a Rack-Mount Server On rare occasions, troubleshooting a server may require you to reset the CMOS. This procedure is not part of the normal maintenance of a server. Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Rack Mounts > Servers. Choose the server for which you want to reset the CMOS.
Recovering the Corrupt BIOS on a Rack-Mount Server Recovering the Corrupt BIOS on a Rack-Mount Server On rare occasions, an issue with a server may require you to recover the corrupted BIOS. This procedure is not part of the normal maintenance of a server. After you recover the BIOS, the server boots with the running version of the firmware for that server. This radio button may be dimmed if the BIOS does not require recovery or the option is not available for a particular server.
Viewing the POST Results for a Rack-Mount Server Viewing the POST Results for a Rack-Mount Server You can view any errors collected during the Power On Self-Test process for a server and its adapters. Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Rack Mounts > Servers. Choose the server for which you want to view the POST results. In the Work pane, click the General tab.
CHAPTER 38 Starting the KVM Console This chapter includes the following sections: • KVM Console, page 611 • Starting the KVM Console from a Server, page 615 • Starting the KVM Console from a Service Profile , page 615 • Starting the KVM Console from the KVM Launch Manager, page 615 KVM Console The KVM console is an interface accessible from the Cisco UCS Manager GUI or the KVM Launch Manager that emulates a direct KVM connection.
KVM Console network share to a virtual drive, the installation may be even slower because the installation files must be downloaded from the network to the KVM console (your computer) and then from the KVM console to the server. When using this installation method, we recommend that you have the installation media as close as possible to the system with the KVM console.
KVM Console Name Description Create Image button Opens the Open dialog box that lets you navigate to the local folder that you want to map on the server. After the system has created the image, it saves the IMG file on your desktop and adds it to the Client View table. Check the check box in the Mapped column to complete the mapping process. Add Image button Opens the Open dialog box that lets you navigate to the ISO or IMG file you want to the server to access.
KVM Console Menu Item Description Fit Resizes the console window to the minimum size needed to display the video image from the server. This option is only available if the console is in Windowed mode. Macros Menu on the KVM Tab Select the keyboard shortcut you want to execute on the remote system.
Starting the KVM Console from a Server Starting the KVM Console from a Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Choose the server that you want to access through the KVM console. In the Work pane, click the General tab. Step 5 In the Actions area, click KVM Console. The KVM console opens in a separate window.
Starting the KVM Console from the KVM Launch Manager Before You Begin To access the KVM console for a server through the KVM Launch Manager, you need the following: • Cisco UCS username and password. • Name of the service profile associated with the server for which you want KVM access. Procedure Step 1 In your web browser, type or select the web link for Cisco UCS Manager GUI. Example: The default web link is http://UCSManager_IP or https://UCSManager_IP .
CHAPTER 39 Managing the I/O Modules This chapter includes the following sections: • I/O Module Management in Cisco UCS Manager GUI , page 617 • Resetting an I/O Module, page 617 • Viewing the POST Results for an I/O Module, page 617 I/O Module Management in Cisco UCS Manager GUI You can manage and monitor all I/O modules in a Cisco UCS domain through Cisco UCS Manager GUI. Resetting an I/O Module Procedure Step 1 In the Navigation pane, click the Equipment tab.
Viewing the POST Results for an I/O Module Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > IO Modules. Choose the I/O module for which you want to view the POST results. In the Work pane, click the General tab. Step 5 In the Actions area, click View POST Results. The POST Results dialog box lists the POST results for the I/O module. Step 6 Click OK to close the POST Results dialog box.
CHAPTER 40 Backing Up and Restoring the Configuration This chapter includes the following sections: • Backup and Export Configuration, page 619 • Backup Types, page 619 • Considerations and Recommendations for Backup Operations, page 620 • Import Configuration, page 621 • Import Methods, page 621 • System Restore, page 621 • Required User Role for Backup and Import Operations, page 621 • Backup Operations, page 622 • Import Operations, page 626 • Restoring the Configuration for a Fabric Interconnect, page
Considerations and Recommendations for Backup Operations • All configuration—An XML file that includes all system and logical configuration settings. You can use the file generated from this backup to import these configuration settings to the original fabric interconnect or to a different fabric interconnect. You cannot use this file for a system restore. This file does not include passwords for locally authenticated users.
Import Configuration Import Configuration You can import any configuration file that was exported from Cisco UCS Manager. The file does not need to have been exported from the same Cisco UCS Manager. The import function is available for all configuration, system configuration, and logical configuration files. You can perform an import while the system is up and running. An import operation modifies information on the management plane only.
Backup Operations Backup Operations Creating a Backup Operation Before You Begin Obtain the backup server IP address and authentication credentials. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Click the All node. In the Work pane, click the General tab. Step 4 Step 5 Step 6 In the Actions area, click Backup. In the Backup Configuration dialog box, click Create Backup Operation.
Backup Operations Name Description Type field The information saved in the backup configuration file. This can be one of the following: • Full state—A binary file that includes a snapshot of the entire system. You can use the file generated from this backup to restore the system during disaster recovery. This file can restore or rebuild the configuration on the original fabric interconnect, or recreate the configuration on a different fabric interconnect. You cannot use this file for an import.
Backup Operations Name Description Protocol field The protocol to use when communicating with the remote server. This can be one of the following: • FTP • TFTP • SCP • SFTP Hostname field The hostname or IP address of the location where the backup file is stored. This can be a server, storage array, local drive, or any read/write media that the fabric interconnect can access through the network.
Backup Operations Running a Backup Operation Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Click the All node. In the Work pane, click the General tab. Step 4 Step 5 In the Actions area, click Backup. In the Backup Operations table of the Backup Configuration dialog box, click the backup operation that you want to run. The details of the selected backup operation display in the Properties area.
Import Operations The details of the selected backup operation display in the Properties area. If the backup operation is in a disabled state, the fields are dimmed. Step 6 Step 7 In the Admin State field, click the enabled radio button. Modify the appropriate fields. You do not have to enter the password unless you want to run the backup operation immediately. Step 8 (Optional) If you do not want to run the backup operation immediately, click the disabled radio button in the Admin State field.
Import Operations • Logical configuration Before You Begin Collect the following information that you will need to import a configuration file: • Backup server IP address and authentication credentials • Fully qualified name of a backup file Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Click the All node. In the Work pane, click the General tab. Step 4 Step 5 Step 6 In the Actions area, click Import Configuration.
Import Operations Name Description Location of the Import File field Where the backup file that you want to import is located. This can be one of the following: • Remote File System—The backup XML file is stored on a remote server. Cisco UCS Manager GUI displays the fields described below that allow you to specify the protocol, host, filename, username, and password for the remote system. • Local File System—The backup XML file is stored locally.
Import Operations a) If the operation does not automatically display in the Properties area, click the operation in the Import Operations table. b) In the Properties area, click the down arrows on the FSM Details bar. The FSM Details area expands and displays the operation status. Step 10 Click OK to close the Import Configuration dialog box. The import operation continues to run until it is completed. To view the progress, re-open the Import Configuration dialog box.
Import Operations Modifying an Import Operation Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Click the All node. In the Work pane, click the General tab. Step 4 Step 5 In the Actions area, click Import Configuration. In the Import Operations area of the Import Configuration dialog box, click the import operation that you want to modify. The details of the selected import operation display in the Properties area.
Restoring the Configuration for a Fabric Interconnect Option Description OK Deletes the selected import operations and closes the dialog box.
Restoring the Configuration for a Fabric Interconnect • FTP • SFTP Step 9 In the Server Information area, complete the following fields: Name Description Server IP The IP address of the computer where the full state backup file is located. This can be a server, storage array, local drive, or any read/write media that the fabric interconnect can access through the network. Backup File Path The file path where the full state backup file is located, including the folder names and filename.
CHAPTER 41 Recovering a Lost Password This chapter includes the following sections: • Recovering a Lost Password, page 633 Recovering a Lost Password Password Recovery for the Admin Account The admin account is the system administrator or superuser account. If an administrator loses the password to this account, you can have a serious security issue. As a result, the procedure to recover the password for the admin account requires you to power cycle all fabric interconnects in a Cisco UCS domain.
Recovering a Lost Password Determining the Leadership Role of a Fabric Interconnect Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 In the Equipment tab, expand Equipment > Fabric Interconnects. Click the fabric interconnect for which you want to identify the role. In the Work pane, click the General tab. Step 5 Step 6 In the General tab, click the down arrows on the High Availability Details bar to expand that area.
Recovering a Lost Password • The firmware system version Tip To find this information, you can log in with any user account on the Cisco UCS domain. Procedure Step 1 Step 2 Connect to the console port. Power cycle the fabric interconnect: a) Turn off the power to the fabric interconnect. b) Turn on the power to the fabric interconnect.
Recovering a Lost Password Example: Fabric(boot)# Step 9 load /installables/switch/ucs-6100-k9-system.4.1.3.N2.1.0.211.bin After the system image loads, log in to Cisco UCS Manager. Recovering the Admin Account Password in a Cluster Configuration This procedure will help you to recover the password that you set for the admin account when you performed an initial system setup on the fabric interconnects. The admin account is the system administrator or superuser account.
Recovering a Lost Password • Ctrl+l • Ctrl+Shift+r You may need to press the selected key combination multiple times before your screen displays the loader prompt. Step 5 Boot the kernel firmware version on the primary fabric interconnect. loader > boot /installables/switch/ kernel_firmware_version Example: loader > boot /installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin Step 6 Enter config terminal mode. Fabric(boot)# config terminal Step 7 Reset the admin password.
Recovering a Lost Password Cisco UCS Manager GUI Configuration Guide, Release 2.
PART VII System Monitoring • Monitoring Traffic, page 641 • Monitoring Hardware, page 647 • Configuring Statistics-Related Policies, page 663 • Configuring Call Home, page 675 • Managing the System Event Log, page 695 • Configuring Settings for Faults, Events, and Logs, page 701
CHAPTER 42 Monitoring Traffic This chapter includes the following sections: • Traffic Monitoring, page 641 • Guidelines and Recommendations for Traffic Monitoring, page 642 • Creating an Ethernet Traffic Monitoring Session, page 643 • Creating a Fibre Channel Traffic Monitoring Session, page 644 • Adding Traffic Sources to a Monitoring Session, page 645 • Activating a Traffic Monitoring Session, page 646 • Deleting a Traffic Monitoring Session, page 646 Traffic Monitoring Traffic monitoring copies traffi
Guidelines and Recommendations for Traffic Monitoring • Service profile vHBA • FCoE port • Port channels • Server port A Fibre Channel traffic monitoring session can monitor any of the following traffic sources: • Uplink Fibre Channel port • SAN port channel • VSAN • Service profile vHBA • Fibre Channel storage port Guidelines and Recommendations for Traffic Monitoring When configuring or activating traffic monitoring, consider the following guidelines: • You can create and store up to 16 traffic monitori
Creating an Ethernet Traffic Monitoring Session • If a traffic monitoring session was configured on a dynamic vNIC under a release earlier than Cisco UCS Manager Release 2.0, you must reconfigure the traffic monitoring session after upgrading. Note Traffic monitoring can impose a significant load on your system resources. To minimize the load, select sources that carry as little unwanted traffic as possible and disable traffic monitoring when it is not needed.
Creating a Fibre Channel Traffic Monitoring Session Step 5 Click OK. What to Do Next • Add traffic sources to the traffic monitoring session. • Activate the traffic monitoring session. Creating a Fibre Channel Traffic Monitoring Session Procedure Step 1 In the Navigation pane, click the SAN tab. Step 2 Step 3 Step 4 On the LAN tab, expand SAN > Traffic Monitoring Sessions > Fabric_Interconnect_Name. Right-click Fabric_Interconnect_Name and choose Create Traffic Monitoring Session.
Adding Traffic Sources to a Monitoring Session Step 5 Click OK. What to Do Next • Add traffic sources to the traffic monitoring session. • Activate the traffic monitoring session. Adding Traffic Sources to a Monitoring Session You can choose multiple sources from more than one source type to be monitored by a traffic monitoring session. The available sources depend on the components configured in the Cisco UCS domain.
Activating a Traffic Monitoring Session Activating a Traffic Monitoring Session Note This procedure describes how to activate an Ethernet traffic monitoring session. To activate a Fibre Channel monitoring session, select the SAN tab instead of the LAN tab in Step 2. Before You Begin A traffic monitoring session must be created. Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 On the LAN tab, expand LAN > Traffic Monitoring Sessions > Fabric_Interconnect_Name.
CHAPTER 43 Monitoring Hardware This chapter includes the following sections: • Monitoring a Fabric Interconnect, page 647 • Monitoring a Chassis, page 648 • Monitoring a Blade Server, page 650 • Monitoring a Rack-Mount Server, page 652 • Monitoring an I/O Module, page 654 • Monitoring Management Interfaces, page 655 • Server Disk Drive Monitoring, page 658 Monitoring a Fabric Interconnect Procedure Step 1 In the Navigation pane, click the Equipment tab.
Monitoring a Chassis Option Description Physical Ports tab Displays the status of all ports on the fabric interconnect. This tab includes the following subtabs: • Uplink Ports tab • Server Ports tab • Fibre Channel Ports tab • Unconfigured Ports tab Fans tab Displays the status of all fan modules in the fabric interconnect. PSUs tab Displays the status of all power supply units in the fabric interconnect.
Monitoring a Chassis Option Description Servers tab Displays the status and selected properties of all servers in the chassis. Service Profiles tab Displays the status of the service profiles associated with servers in the chassis. IO Modules tab Displays the status and selected properties of all IO modules in the chassis. Fans tab Displays the status of all fan modules in the chassis. PSUs Displays the status of all power supply units in the chassis.
Monitoring a Blade Server Monitoring a Blade Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Click the server that you want to monitor.
Monitoring a Blade Server Option Description Inventory tab Provides details about the properties and status of the components of the server on the following subtabs: • Motherboard—Information about the motherboard and information about the server BIOS settings. You can also recover corrupt BIOS firmware from this subtab. • CIMC—Information about the CIMC and its firmware, and provides access to the SEL for the server.
Monitoring a Rack-Mount Server Option Description Events tab Displays an overview of the events generated by the server. You can click any event to view additional information. FSM tab Provides details about the current FSM task running on the server, including the status of that task. You can use this information to diagnose errors with those tasks. Statistics tab Displays statistics about the server and its components. You can view these statistics in tabular or chart format.
Monitoring a Rack-Mount Server Option Description Inventory tab Provides details about the properties and status of the components of the server on the following subtabs: • Motherboard—Information about the motherboard and information about the server BIOS settings. You can also recover corrupt BIOS firmware from this subtab. • CIMC—Information about the CIMC and its firmware, and provides access to the SEL for the server.
Monitoring an I/O Module Option Description Events tab Displays an overview of the events generated by the server. You can click any event to view additional information. FSM tab Provides details about the current FSM task running on the server, including the status of that task. You can use this information to diagnose errors with those tasks. Statistics tab Displays statistics about the server and its components. You can view these statistics in tabular or chart format.
Monitoring Management Interfaces Option Description Fabric Ports tab Displays the status and selected properties of all fabric ports in the I/O module. Backplane Ports tab Displays the status and selected properties of all backplane ports in the I/O module. Faults tab Provides details of faults generated by the I/O module. Events tab Provides details of events generated by the I/O module. FSM tab Provides details about and the status of FSM tasks related to the I/O module.
Monitoring Management Interfaces Important In the event of a management interface failure on a fabric interconnect, the managing instance may not change if one of the following occurs: • A path to the end-point through the subordinate fabric interconnect does not exist. • The management interface for the subordinate fabric interconnect has failed. • The path to the end-point through the subordinate fabric interconnect has failed.
Monitoring Management Interfaces Name Description Monitoring Mechanism field The type of monitoring you want the system to use. This can be one of the following: • Mii Status—The system monitors the availability of the Media Independent Interface (MII). If you select this option, Cisco UCS Manager GUI displays the Media Independent Interface Monitoring area. • Ping Arp Targets—The system pings designated targets using the Address Resolution Protocol (ARP).
Server Disk Drive Monitoring Name Description Max Deadline Timeout field The number of seconds to wait for responses from the ARP targets until the system assumes they are unavailable. Enter an integer between 5 and 15. Type 0.0.0.0 to remove the ARP target. Step 8 If you chose Ping Gateway for the monitoring mechanism, complete the following fields in the Gateway Ping Monitoring area: Name Description Number of Ping Requests field The number of times the system should ping the gateway.
Server Disk Drive Monitoring Supported Cisco UCS Servers Through Cisco UCS Manager, you can monitor disk drives for the following servers: • B-200 blade server • B-230 blade server • B-250 blade server • B-440 blade server Cisco UCS Manager cannot monitor disk drives in any other blade server or rack-mount server. Storage Controller Firmware Level The storage controller on a supported server must have LSI 1064E firmware.
Server Disk Drive Monitoring Name Description Operability field The operational state of the disk drive. This can be the following: • Operable—The disk drive is operable. • Inoperable—The disk drive is inoperable, possibly due to a hardware issue such as bad blocks. • N/A—The operability of the disk drive cannot be determined. This could be due to the server or firmware not being support for disk drive monitoring, or because the server is powered off.
Server Disk Drive Monitoring Operability Status Presence Status Interpretation Inoperable Equipped Fault condition. The disk drive is in the server, but one of the following could be causing an operability problem: • The disk drive is unusable due to a hardware issue such as bad blocks. • There is a problem with the IPMI link to the storage controller. N/A Missing Fault condition. The server drive bay does not contain a disk drive. N/A Equipped Fault condition.
Server Disk Drive Monitoring Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 44 Configuring Statistics-Related Policies This chapter includes the following sections: • Configuring Statistics Collection Policies, page 663 • Configuring Statistics Threshold Policies, page 666 Configuring Statistics Collection Policies Statistics Collection Policy A statistics collection policy defines how frequently statistics are to be collected (collection interval) and how frequently the statistics are to be reported (reporting interval).
Configuring Statistics Collection Policies Modifying a Statistics Collection Policy Note Cisco UCS Manager has one default statistics collection policy for each of the five functional areas. You cannot create additional statistics collection policies and you cannot delete the existing default policies. You can only modify the default policies. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 In the Admin tab, expand All > Stats Management > Stats.
Configuring Statistics Collection Policies Name Description Reporting Interval field The length of time the fabric interconnect should wait before sending any data collected for the counter to Cisco UCS Manager.
Configuring Statistics Threshold Policies Configuring Statistics Threshold Policies Statistics Threshold Policy A statistics threshold policy monitors statistics about certain aspects of the system and generates an event if the threshold is crossed. You can set both minimum and maximum thresholds. For example, you can configure the policy to raise an alarm if the CPU temperature exceeds a certain value, or if a server is overutilized or underutilized.
Configuring Statistics Threshold Policies Name Description Name field The name of the policy. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or any special characters other than - (hyphen), _ (underscore), : (colon), and . (period), and you cannot change this name after the object has been saved. Description field A description of the policy. We recommend that you include information about where and when the policy should be used. Enter up to 256 characters.
Configuring Statistics Threshold Policies • Critical g) In the Up and Down fields, enter the range of values that should trigger the alarm. h) Click Finish Stage. i) Do one of the following: • To define another threshold property for the class, repeat Step 7. • If you have defined all required properties for the class, click Finish Stage.
Configuring Statistics Threshold Policies • Major • Minor • Warning • Condition • Info e) In the Up and Down fields, enter the range of values that should trigger the alarm. f) In the Alarm Triggers (Below Normal Value) field, check one or more of the following check boxes: • Info • Condition • Warning • Minor • Major • Critical g) In the Up and Down fields, enter the range of values that should trigger the alarm. h) Click Finish Stage.
Configuring Statistics Threshold Policies Adding a Threshold Class to the Uplink Ethernet Port Threshold Policy Tip You cannot create an uplink Ethernet port threshold policy. You can only modify or delete the default policy. Procedure Step 1 In the Navigation pane, click the LAN tab. Step 2 Step 3 Step 4 Step 5 On the LAN tab, expand LAN > LAN Cloud. Expand the Threshold Policies node. Right-click Thr-policy-default and choose the Create Threshold Class.
Configuring Statistics Threshold Policies • Critical g) In the Up and Down fields, enter the range of values that should trigger the alarm. h) Click Finish Stage. i) Do one of the following: • To define another threshold property for the class, repeat Step 6. • If you have defined all required properties for the class, click Finish Stage.
Configuring Statistics Threshold Policies • Minor • Warning • Condition • Info e) In the Up and Down fields, enter the range of values that should trigger the alarm. f) In the Alarm Triggers (Below Normal Value) field, check one or more of the following check boxes: • Info • Condition • Warning • Minor • Major • Critical g) In the Up and Down fields, enter the range of values that should trigger the alarm. h) Click Finish Stage.
Configuring Statistics Threshold Policies b) Click Next. Step 6 In the Threshold Definitions page, do the following: a) Click Add. The Create Threshold Definition dialog box opens. b) From the Property Type field, choose the threshold property that you want to define for the class. c) In the Normal Value field, enter the desired value for the property type.
Configuring Statistics Threshold Policies Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 45 Configuring Call Home This chapter includes the following sections: • Call Home, page 675 • Call Home Considerations and Guidelines, page 677 • Cisco UCS Faults and Call Home Severity Levels, page 678 • Cisco Smart Call Home, page 679 • Configuring Call Home, page 680 • Disabling Call Home, page 683 • Enabling Call Home, page 683 • Configuring System Inventory Messages, page 684 • Configuring Call Home Profiles, page 685 • Configuring Call Home Policies, page 688 • Example: Configuring Call Hom
Call Home • Short text format which provides a one or two line description of the fault that is suitable for pagers or printed reports. • Full text format which provides fully formatted message with detailed information that is suitable for human reading. • XML machine readable format that uses Extensible Markup Language (XML) and Adaptive Messaging Language (AML) XML schema definition (XSD). The AML XSD is published on the Cisco.com website.
Call Home Considerations and Guidelines The following figure shows the flow of events after a Cisco UCS fault is triggered in a system with Call Home configured: Figure 2: Flow of Events after a Fault is Triggered Call Home Considerations and Guidelines How you configure Call Home depends on how you intend to use the feature. The information you need to consider before you configure Call Home includes the following: Cisco UCS Manager GUI Configuration Guide, Release 2.
Cisco UCS Faults and Call Home Severity Levels Destination Profile You must configure at least one destination profile. The destination profile or profiles that you use depend upon whether the receiving entity is a pager, email, or automated service such as Cisco Smart Call Home. If the destination profile uses email message delivery, you must specify a Simple Mail Transfer Protocol (SMTP) server when you configure Call Home.
Cisco Smart Call Home Call Home Severity Cisco UCS Fault Call Home Meaning (6) Critical Critical Critical conditions, immediate attention needed. (5) Major Major Major conditions. (4) Minor Minor Minor conditions. (3) Warning Warning Warning conditions. (2) Notification Info Basic notifications and informational messages. Possibly independently insignificant. (1) Normal Clear Normal event, signifying a return to normal state. (0) debug N/A Debugging messages.
Configuring Call Home • Configure the contact information. • Configure the email information. • Configure the SMTP server information. • Configure the default CiscoTAC-1 profile. • Send a Smart Call Home inventory message to start the registration process. • Ensure that the CCO ID you plan to use as the Call Home Customer ID for the Cisco UCS domain has the contract numbers from the registration added to its entitlements.
Configuring Call Home Name Description Throttling field Whether the system limits the number of duplicate messages received for the same event. This can be one of the following: • On—If the number of duplicate messages sent exceeds 30 messages within a 2-hour time frame, then the system discards further messages for that alert type. • Off—The system sends all duplicate messages, regardless of how many are encountered. a) In the State field, click on.
Configuring Call Home Name Description Email field The email address for the main contact. Cisco Smart Call Home sends the registration email to this email address. Note Address field If an email address includes special characters, such as # (hash), spaces, or & (ampersand), the email server may not be able to deliver email messages to that address. Cisco recommends that you use email addresses which comply with RFC2821 and RFC2822 and include only 7bit ASCII characters.
Disabling Call Home Name Description Host field The IP address or hostname of the SMTP server. Note Port field If you use a hostname rather than an IP address, you must configure a DNS server in Cisco UCS Manager. The port number the system should use to talk to the SMTP server. Enter an integer between 1 and 65535. The default is 25. Step 9 Click Save Changes. Disabling Call Home Procedure Step 1 In the Navigation pane, click the Admin tab.
Configuring System Inventory Messages What to Do Next Ensure that Call Home is fully configured. Configuring System Inventory Messages Configuring System Inventory Messages Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. Step 4 In the Properties area, complete the following fields: In the Work pane, click the System Inventory tab.
Configuring Call Home Profiles Note The system inventory message is sent only to those recipients defined in CiscoTAC-1 profile. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. In the Work pane, click the System Inventory tab. Step 4 In the Actions area, click Send System Inventory Now. Cisco UCS Manager immediately sends a system inventory message to the recipient configured for Call Home.
Configuring Call Home Profiles Creating a Call Home Profile By default, you must configure the Cisco TAC-1 profile. However, you can also create additional profiles to send email alerts to one or more specified groups when events occur at the level that you specify. Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. In the Work pane, click the Profiles tab.
Configuring Call Home Profiles Name Description Alert Groups field The group or groups that are alerted based on this Call Home profile.
Configuring Call Home Policies Step 7 In the Recipients area, do the following to add one or more email recipients for the email alerts: a) On the icon bar to the right of the table, click +. b) In the Add Email Recipients dialog box, enter the email address to which Call Home alerts should be sent in the Email field. After you save this email address, it can be deleted but it cannot be changed. c) Click OK. Step 8 Click OK.
Configuring Call Home Policies Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. In the Work pane, click the Policies tab. Step 4 On the icon bar to the right of the table, click +. If the + icon is disabled, click an entry in the table to enable it.
Example: Configuring Call Home for Smart Call Home Enabling a Call Home Policy Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. In the Work pane, click the Policies tab. Step 4 Step 5 Step 6 Click the policy that you want to enable and choose Show Navigator. In the State field, click Enabled. Click OK. Deleting a Call Home Policy Procedure Step 1 In the Navigation pane, click the Admin tab.
Example: Configuring Call Home for Smart Call Home • Alerts • Critical • Debugging • Emergencies • Errors • Information • Notifications • Warnings Step 5 In the Contact Information area, complete the following fields with the required contact information: Name Description Contact field The main Call Home contact person. Enter up to 255 ASCII characters. Phone field The telephone number for the main contact. Enter the number in international format, starting with a + (plus sign) and a country code.
Example: Configuring Call Home for Smart Call Home Step 7 Step 8 In the Email Addresses area, complete the following fields with the email information for Smart Call Home alert messages: Name Description From field The email address that should appear in the From field on Call Home alert messages sent by the system. Reply To field The return email address that should appear in the From field on Call Home alert messages sent by the system.
Example: Configuring Call Home for Smart Call Home Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. In the Work pane, click the Profiles tab. Step 4 Step 5 Right-click the Cisco TAC-1 profile and choose Recipient. In the Add Email Recipients dialog box, do the following: a) In the Email field, enter the email address to which Call Home alerts should be sent. For example, enter callhome@cisco.com.
Example: Configuring Call Home for Smart Call Home Name Description Next Scheduled field The date and time for the upcoming data collection. Note Step 5 This field is displayed after the first inventory has been sent. Click Save Changes. Registering Smart Call Home Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 On the Admin tab, expand All > Communication Management > Call Home. In the Work pane, click the System Inventory tab.
CHAPTER 46 Managing the System Event Log This chapter includes the following sections: • System Event Log, page 695 • Viewing the System Event Log for an Individual Server, page 696 • Viewing the System Event Log for the Servers in a Chassis, page 696 • Configuring the SEL Policy, page 696 • Managing the System Event Log for a Server, page 698 System Event Log The system event log (SEL) resides on the CIMC in NVRAM.
Viewing the System Event Log for an Individual Server Viewing the System Event Log for an Individual Server Procedure Step 1 In the Navigation pane, click the Equipment tab. Step 2 Step 3 Step 4 On the Equipment tab, expand Equipment > Chassis > Chassis Number > Servers. Click the server for which you want to view the system event log. In the Work pane, click the SEL Logs tab. Cisco UCS Manager retrieves the system event log for the server and displays the list of events.
Configuring the SEL Policy Name Description Protocol field The protocol to use when communicating with the remote server. This can be one of the following: • FTP • TFTP • SCP • SFTP Hostname field The hostname or IP address of the server on which the backup configuration resides. If you use a hostname rather than an IP address, you must configure a DNS server in Cisco UCS Manager. Note The name of the backup file is generated by Cisco UCS.
Managing the System Event Log for a Server Name Description User field The username the system should use to log in to the remote server. This field does not apply if the protocol is TFTP. Password field The password for the remote server username. This field does not apply if the protocol is TFTP. Action option box For each box that is checked, then the system creates a SEL backup when that event is encountered: • Log Full—The log reaches the maximum size allowed.
Managing the System Event Log for a Server Printing the System Event Log This task assumes that you are viewing the system event log for a server from the SEL Logs tab for a server or a chassis. Procedure Step 1 Step 2 After Cisco UCS Manager GUI displays the system event log in the SEL Logs tab, click Print. In the Print dialog box, do the following: a) (Optional) Modify the default printer or any other fields or options. b) Click Print.
Managing the System Event Log for a Server Procedure After Cisco UCS Manager GUI displays the system event log in the SEL Logs tab, click Clear. Note This action triggers an automatic backup if Clear is enabled in the SEL policy Action option box. Cisco UCS Manager GUI Configuration Guide, Release 2.
CHAPTER 47 Configuring Settings for Faults, Events, and Logs This chapter includes the following sections: • Configuring Settings for the Fault Collection Policy, page 701 • Configuring Settings for the Core File Exporter, page 703 • Configuring the Syslog, page 704 Configuring Settings for the Fault Collection Policy Fault Collection Policy The fault collection policy controls the lifecycle of a fault in a Cisco UCS domain, including when faults are cleared, the flapping interval (the length of time bet
Configuring Settings for the Fault Collection Policy Configuring the Fault Collection Policy Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Faults, Events, and Audit Log. Click Settings. In the Work pane, complete the following fields in the Fault Collection Policy area: Name Description Flapping Interval field Flapping occurs when a fault is raised and cleared several times in rapid succession.
Configuring Settings for the Core File Exporter Configuring Settings for the Core File Exporter Core File Exporter Cisco UCS Manager uses the Core File Exporter to export core files as soon as they occur to a specified location on the network through TFTP. This functionality allows you to export the tar file with the contents of the core file. Configuring the Core File Exporter Procedure Step 1 In the Navigation pane, click the Admin tab.
Configuring the Syslog Disabling the Core File Exporter Procedure Step 1 In the Navigation pane, click the Admin tab. Step 2 Step 3 Step 4 On the Admin tab, expand All > Faults, Events, and Audit Log. Click Settings. In the Work pane, click the Settings tab. Step 5 Step 6 In the TFTP Core Exporter area, click the disabled radio button in the Admin State field. Click Save Changes. Configuring the Syslog Procedure Step 1 In the Navigation pane, click the Admin tab.
Configuring the Syslog Name Description Admin State field This can be one of the following: • Enabled • Disabled If Admin State is enabled, Cisco UCS Manager GUI displays the rest of the fields in this section. Level drop-down list If the Admin State field is enabled, select the lowest message level that you want displayed. The system displays that level and above on the monitor.
Configuring the Syslog Name Description Level drop-down list Select the lowest message level that you want the system to store. The system stores that level and above in a file on the fabric interconnect. This can be one of the following: • Emergencies • Alerts • Critical • Errors • Warnings • Notifications • Information • Debugging Name field The name of the file in which the messages are logged. This name can be between 1 and 16 alphanumeric characters. You cannot use spaces or special characters.
Configuring the Syslog Name Description Level drop-down list Select the lowest message level that you want the system to store. The system stores that level and above in the remote file. This can be one of the following: • Emergencies • Alerts • Critical • Errors • Warnings • Notifications • Information • Debugging Hostname field The hostname or IP address on which the remote log file resides.
Configuring the Syslog Cisco UCS Manager GUI Configuration Guide, Release 2.
INDEX A accounts 159, 160, 162, 171, 176, 177, 179, 180 admin 160 creating user 171 deleting local 177 disabling 176 enabling 176 expiration 160 locally authenticated 160, 177, 179, 180 remotely authenticated 160 user 159, 162 username guidelines 160 acknowledging 578, 591, 605 blade servers 591 chassis 578 rack-mount servers 605 activate firmware 186 activating 213, 214, 215, 217, 218, 219, 220, 221, 232, 236 adapter firmware 213 BIOS firmware 214 board controller firmware 218 capability catalog 232 CIMC
Index autoconfiguration policy 25, 417, 418 about 25, 417 creating 417 deleting 418 Automatically Reconnect 57 B backing up 200, 619, 620, 621, 622, 625, 626, 696, 699 about 619 considerations 620 creating operations 200, 622 deleting operation 626 modifying operations 625 running operations 200, 625 system event log 696, 699 manual 699 scheduled 696 types 619 user role 621 backup operations 200, 622, 625, 626 creating 200, 622 deleting 626 modifying 625 running 200, 625 banner 56, 57 pre-login 56, 57 bea
Index boot policies (continued) LAN boot 465 local disk boot 465, 466 SAN boot 441 virtual media boot 466 boot process 444 iSCSI 444 bootflash, available space 209 booting 586, 587, 600, 601 blade servers 586 determining boot order 587, 601 rack-mount servers 600 servers from service profile 587, 601 bronze system class 37, 298 bundles, firmware 184 burned in values 14, 488 C Cabling Considerations for Port Channel Mode} 109 About 109 Call Home 675, 677, 678, 679, 680, 683, 684, 685, 686, 688, 689, 690, 6
Index CIMC (continued) Management IP (continued) service profiles 376 resetting 595, 608 updating firmware 215 Cisco Discovery Protocol 23, 317, 318 Cisco TAC-1 profile, configuring 692 Cisco UCS Manager 43, 47, 196 about 43 GUI 47 impact of firmware upgrade 196 Cisco VM-FEX 41 cisco-av-pair 132 CiscoAVPair 132 clearing licenses 256 clearing system event log 699 cloning service profiles 544 cluster configuration 69, 71, 202 high availability status 202 primary fabric interconnect 69 subordinate fabric inte
Index disabling (continued) communication services 129 Core File Exporter 704 port channels 269 ports 88, 112 server ports 266 uplink Ethernet port channels 99 uplinkEthernet ports 267 disassociating servers 545 disaster recovery 619, 621 discovery policy 16, 25, 239, 242, 244, 419, 420 chassis 16, 239, 242 rack server 25, 244 server 25, 419, 420 disjoint L2 networks 321, 322, 323, 324, 327, 328, 329 about 321 configuring 324 guidelines 322 pinning considerations 323 VLANs 327, 328, 329 assigning ports and
Index exporting (continued) user role 621 external applications 59 F fabric 108 port channels 108 fabric failover 318 fabric interconnects 46, 65, 66, 67, 69, 71, 72, 73, 74, 75, 76, 86, 87, 88, 89, 196, 202, 209, 219, 220, 221, 247, 248, 252, 253, 255, 256, 334, 341, 631, 633, 634, 636, 647 admin password recover 634, 636 admin password recovery 633 available space 209 changing 75 subnets 75 virtual IP address 75 changing ports 86 determining leadership role 76, 634 disabling ports 88 enabling ports 87 e
Index Fibre Channel adapter policies 19, 312, 358, 359, 364 about 19, 312, 358 creating 359 deleting 364 Fibre Channel switching 95 default zoning 95 Fibre Channel switching mode 74 about 74 Fibre Channel system class 37, 298 fields, acceptable range 60 filtering tables 51 finding acceptable range 60 firmware 21, 22, 183, 184, 185, 186, 187, 188, 190, 192, 193, 194, 195, 196, 197, 198, 199, 204, 206, 207, 208, 209, 210, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 226, 227, 228, 230, 235, 63
Index H hard reset 589, 603 blade servers 589 rack-mount servers 603 hardware based service profiles 517 hardware-based service profiles 14, 488 hardware, stateless 38 headers, images 185 high availability 10, 46, 66, 69, 71, 202 about 46 fabric interconnect failover 66 initial setup 69, 71 verifying status 202 high availability configuration 46 about 46 history, passwords 178 host firmware package 21, 197, 222 about 21, 197, 222 host firmware packages 226, 227, 229 adding to service profile 229 creating 2
Index IP addresses (continued) management IP pool 33, 377 management port 66 IP pools 33, 377, 378, 450 creating IP address block 378 creating iSCSI initiator address block 450 management 33, 377 IPMI access profiles 21, 405, 406 about 21, 405 creating 405 deleting 406 IQN pools 461, 463, 464 about 461 adding a block 463 creating 461 deleting 464 deleting a block 463 iSCSI 450 authentication profile 450 deleting 450 iSCSI adapter policies 447, 449 creating 447 deleting 449 iSCSI boot 443, 444, 446, 449 aut
Index LAN Uplinks Manager (continued) named VLANs (continued) deleting 274 pin groups 270, 271 creating 270 deleting 271 port channels 267, 268, 269, 270 adding ports 269 creating 267 deleting 270 disabling 269 enabling 268 removing ports 270 system classes, configuring 274 unconfiguring server ports 266 unconfiguring uplink Ethernet ports 267 lanes, virtual 37, 297 Launch Manager, KVM 611, 615 launching 53, 54, 111, 264 GUI, HTTP 54 GUI, HTTPS 53 Internal Fabric Manager 111 LAN Uplinks Manager 264 LDAP 14
Index M MAC address table 245 aging time, about 245 configuring aging time 245 MAC addresses 31, 295, 296 creating pools 295 deleting pools 296 pools 31, 295 MAC pools 295, 296 creating 295 deleting 296 MAC sync 66 main, BIOS settings 382 maintenance policies 29, 470, 472, 482, 484 about 29, 470 creating 482 deleting 484 schedules 472, 482 management 577, 585, 599, 617 blade servers 585 chassis 577 I/O modules 617 rack-mount servers 599 management extensions 235, 236 about 235 activating 236 management fir
Index network (continued) named VSANs 96, 97, 333, 335, 337, 339 deleting 339 disabling default zoning 97 enabling default zoning 96 private VLANs 278 network control policy 23, 317, 318, 320 creating 318 deleting 320 networks, disjoint L2 321 NIC adapters 41 virtualization 41 NMI 597, 610 blade servers 597 rack-mount servers 610 noAuthNoPriv 122 NTP servers 575, 576 about 575 adding 576 deleting 576 O obtaining 204, 233 capability catalog updates 233 firmware image bundles 204 occurrences 470, 477, 479,
Index PCI configuration, BIOS settings 395 pending activities 471, 484, 485, 486 about 471 deploying 484, 485, 486 viewing 484 persistent binding, clearing 560 PFC 11 pin groups 35, 270, 271, 293, 294, 343, 344 about 35 LAN 270, 271, 293, 294 SAN 343, 344 pinning 35, 36, 323 about 35 disjoint L2 networks 323 guidelines 36 servers to server ports 35 PKI 115 platinum system class 37, 298 polices 60 where used 60 policies 15, 16, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 38, 153, 154, 197, 198, 222, 223
Index port channels (continued) Ethernet 99, 100 adding ports 99 deleting 100 disabling 99 removing ports 99 fabric 108, 110 Fibre Channel 104, 105, 106, 107 adding ports 106 creating 104, 105 deleting 107 disabling 106 modifying 106 removing ports 106 removing from VLANs 328 removing ports 270 uplink Ethernet 97, 98, 99 creating 98 enabling 99 viewing VLAN assignment 329 port modes 78, 81 about 78 impact on data traffic 81 port types 79 ports 35, 66, 77, 78, 80, 82, 83, 84, 85, 86, 87, 88, 89, 92, 94, 95,
Index primary authentication (continued) RADIUS provider 142, 144 remote 131 selecting console 151 selecting default 152 TACACS provider 146 TACACS+ provider 145 primary VLAN 285 printing system event log 699 priority flow control 11 private VLANs 278, 285, 288 about 278 creating primary 285 creating secondary 288 privileges 164, 168 about 164 adding 168 removing 168 processor, BIOS settings 384 profiles 12, 177, 685 Call Home alert groups 685 password 177 properties 57, 58, 59, 75 confirmation messages 58
Index RADIUS provider (continued) creating 142 deleting 144 groups 148 creating 148 deleting 148 user attribute 132 RAID configurations, local disk configuration policies 408 range restrictions, VSAN IDs 334 range, acceptable 60 RAS memory, BIOS settings 392 reacknowledging 591, 593, 605 blade servers 591 rack-mount servers 605 server slots 593 rebooting 589, 603 blade servers 589 rack-mount servers 603 recommendations 620 backup operations 620 recommissioning 593, 606 blade servers 593 rack-mount servers
Index SAN boot (continued) configuring 441 SAN pin groups 343, 344 creating 343 deleting 344 scalability 10 schedules 470, 472, 477, 479, 481, 482 about 470 creating 472 deleting 482 one time occurrences 477, 481 creating 477 deleting 481 recurring occurrences 479, 481 creating 479 deleting 481 scrub policy 29, 413, 414, 415 about 29, 413 creating 414 deleting 415 secondary VLAN 288 SEL 695 about 695 SEL policy 696 configuring 696 selecting 151, 152 console authentication service 151 default authentication
Index servers (continued) changing UUID 547 cloning service profiles 544 configuration 12 creating service profile templates 518, 519 creating service profiles 489, 490, 513 decommissioning 592, 605 disassociating from service profiles 545 discovery policy 25, 419, 420 disk drive monitoring 658, 659 disk drive status 659, 660 disk drive support 658 DNS 237, 238 hard reset 589, 603 hardware based service profiles 517 inheritance policy 26, 420 IPMI access 21, 405, 406 iSCSI adapter policies 447, 449 iSCSI b
Index service profiles (continued) adding firmware packages 229 associating 544 binding to template 561 changing UUID 547 cloning 544 configuration 12 creating from template 541 creating hardware based 517 blade servers 517 rack-mount servers 517 creating template based 541, 542 blade servers 541 rack-mount servers 542 creating template from 543 creating with inherited values 513 creating with wizard 489, 490, 491, 496, 502, 504, 507, 509, 511 identity 490 maintenance policy 507 networking 496 policies 511
Index stateless computing 38, 39 about 38 opt-in 39 opt-out 39 statelessness 38 statistics 30, 666, 668, 669, 670, 671, 672 threshold policies 30, 666, 668, 669, 670, 671, 672 Ethernet server port 671 Fibre Channel port 672 server and server component 666, 668, 669 uplink Ethernet port 670 statistics collection policies 30, 663, 664 about 30, 663 modifying 664 status 202, 203, 204 adapters 204 fabric interconnects 202 I/O modules 203 servers 203 status bar 50 stopping servers 588, 602 storage VSANs 337, 33
Index traffic management (continued) quality of service 37, 297 system classes 37, 297 virtual lanes 37, 297 traffic monitoring 641, 642, 643, 644, 645, 646 about 641 activating a session 646 adding sources 645 deleting a session 646 Ethernet session 643 Fibre Channel session 644 guidelines 642 traps 122, 126, 127 about 122 creating 126 deleting 127 trunking 334, 341 Fibre Channel 334, 341 uplink 334, 341 trunking, named VSANs 334, 341 trusted points 115, 118, 121 about 115 creating 118 deleting 121 turnin
Index uplink port channels (continued) Ethernet (continued) enabling 99 removing ports 270 uplink ports 29, 38, 77, 85, 97, 270, 271, 293, 294, 304, 343, 344 about 77 Ethernet 85 flow control policies 29, 38, 304 pin groups 270, 271, 293, 294, 343, 344 creating 270, 293 deleting 271, 294 port channels 97 uplink Ethernet 97 uplink trunking 334, 341 Fibre Channel 334, 341 about 334 disabling 341 enabling 341 uplinks, Manager for LAN 52, 263 upstream disjoint L2 networks, See disjoint L2 networks USB, BIOS se
Index vHBA templates (continued) deleting 357 unbinding vHBAs 358 vHBAs 357, 358, 430, 435, 556, 559, 560, 561 assignment to vCon 430, 435 binding to vHBA template 357 changing WWPN 559 clearing persistent binding 560 creating for service profiles 556 deleting from service profiles 561 resetting WWPN 560 unbinding from vHBA template 358 VIC adapters 41 virtualization 41 viewing 572, 696 blade-level power cap 572 system event log 696 VIF status 652, 654 virtual IP address, changing 75 Virtual KVM console 61
Index WWN (continued) deleting (continued) WWPN pools 353 WWN block 347, 351 adding to WWNN pool 347 adding to WWPN pool 351 deleting from WWNN pool 347 deleting from WWPN pool 351 WWN pools 32, 345 about 32, 345 WWNN initiators 348, 349 adding to WWNN pool 348 deleting 349 WWNN pools 32, 345, 346, 347, 348, 349 about 32, 345 adding WWN block 347 adding WWNN initiator 348 creating 346 deleting 349 deleting WWN block 347 deleting WWNN initiator 349 WWPN initiators 352, 353 adding to WWPN pool 352 WWPN init
