HP ProLiant Lights Out-100 User Guide For HP ProLiant ML110 G6, ML150 G6, DL120 G6, DL160 G6, DL160se G6, DL170h G6, DL180 G6, SL160z G6, SL170z G6, and SL2x170z G6, SL2x170z G6, DL165 G7, and SL165z G7 servers Part Number 616302-001 March 2010 (First Edition)
© Copyright 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents Operational overview ................................................................................................................... 5 Overview .................................................................................................................................................... 5 New features ............................................................................................................................................... 5 Server management............................
Viewing sensor data from a web browser ........................................................................................... 31 Viewing sensor data from the BIOS Setup Utility .................................................................................. 31 Platform event filtering configuration................................................................................................... 32 Platform event trap configuration .....................................................................
Operational overview Overview This guide explains the standard and optional operational features of the HP Onboard Administrator Powered by Lights-Out 100 (LO100) available for the following HP ProLiant server models: • ML110 G6 server • ML150 G6 server • DL120 G6 server • DL160 G6 server • DL160se G6 server • DL170h G6 server • DL180 G6 server • SL160z G6 server • SL170z G6 server • SL2x170z G6 server • ML110 G6 server • DL120 G6 server New features This release of LO100 adds suppo
• Access a remote graphic console (Virtual KVM) • Access the serial console of the host operating system over the network using standards-based client utilities • Switch between serial console redirection or the LO100 command line interface • Communicate securely using SSL and SSH • Remotely control the power button of the server (power on and off the server), or perform warm or cold server reboots • Remotely monitor fan speed and system power state (S0 or S5) • Access the system event log •
LO100 optional (licensed) features LO100 optional features are activated with the purchase of the Lights-Out 100i Advanced Pack package.
Configuration Configuring LO100 with the LO100CFG utility The SmartStart Scripting Toolkit is a server deployment product that delivers unattended automated installation for high volume ProLiant server installations. Available in Win32 and Linux editions, the Toolkit supports ProLiant DL and ML 300, 500, 700 and ProLiant BL servers in both Windows and Linux environments and now includes limited ProLiant 100 series support.
o Look at the DHCP clients table. o Look at the DNS client records for an entry of LO100. (The default DNS host name for each LO100 is unique.) By default, LO100 has DHCP enabled and automatically negotiates an IP address. 4. With the DHCP IP address, use Telnet to log in to the remote management CLP, or use a web browser to access the HTML interface. To set up a static IP address, see "Setting up a static IP address from the BIOS Setup Utility".
Enabling serial access 1. Power up the server. 2. When POST displays the message, ROM-Based Setup, press the F10 key. If the server has an administrator password configured, the system prompts you to enter the password. If the server does not have a password configured, the main screen of the BIOS Setup Utility appears. 3. Press the right arrow (→) key to navigate to the Advanced menu. 4. Choose one of these options: NOTE: If you change the Serial Port Assignment, the BMC IP Address resets.
o Serial Port Mode—9600 8, n, 1 o Flow Control—None o Redirection after BIOS/POST—Enabled o Terminal Type—VT100 For DL 165 G7 and SL 165 G7 servers, from the Remote Access Configuration, configure the BIOS Serial Console as follows: 7. o BIOS Serial Console Port—Enabled o BIOS Serial Console Port Baud Rate—[115200 8, n, 1] o Redirection after BIOS POST—Always o Terminal Type—ANSI o VT-UTF8 Combo Key Support—Enabled 8.
7. To return to the previous screen, press the Esc key, or to save the changes and exit Setup, press the F10 key. The TCP/IP over Ethernet management port, whether dedicated or shared, is a standard Ethernet 10/100Mb interface that connects to the network using a standard Ethernet cable. Before using the dedicated management port, you must determine the DHCP IP address or set a static IP address.
NOTE: This requires DHCP and will not work with static IP addresses. To obtain the serial number, look at the pull-out tab usually located in the front panel of the server. You can change the server name through the Network Settings page of the LO100 web interface. You can also change the server name through the telnet interface. To do this, type the following in the telnet interface: cd map1/nic1 set oemhp_hostname= where where is the new DNS host name your server will have.
i. Press the down arrow (↓) key to scroll to IPMI Configuration. Press the Enter key. ii. Press the down arrow (↓) key to scroll to the LAN Configuration menu. Press the Enter key. iii. Press the down arrow (↓) key to scroll to the end, and then select DHCP IP Source. v. Select either of the following: — To set BMC NIC to Disabled, press the Enter key. o On DL165 G7 and And SL 165 G7 servers: i. Press the down arrow (↓) key to scroll to IPMI Configuration. Press the Enter key. ii.
7. Press the down arrow (↓) key to scroll to IPMI Configuration. Press the Enter key. 6. Press the down arrow (↓) key to scroll to Set LAN Configuration. Press the Enter key. 7. Scroll to LAN Protocol Control. Press the Enter key. 8. Press the Enable or Disable key to enable or disable the Telnet or HTTP as appropriate. TCP and UDP port numbers used by LO100 The following table lists the TCP and UDP port numbers used by the various LO100 network-accessible features.
where is the ROMPAQ firmware image file and is the file name for the uncompressed binary image file. For example: ROMPAQ /D cpqq0801.D14 ldrImage.bin ROMPAQ Firmware Upgrade Utility, Version 5.02 (R) Copyright (c) Hewlett-Packard Corporation, 1994-2006 Input file: CPQQ0801.D14 Output file: LDRIMAGE.BIN The load command is used to retrieve a binary image from a specific source location (specified as a URL) and place it at the specified target address.
o is the URL or IP address of the TFTP server containing the firmware. o is the file name of the image file (LdrImage.bin in this example). For example, enter load -source //10.141.38.157/LdrImage.bin -oemhpfiletype csr. Alternatively, you can also install the firmware through a browser. For more information, see "Installing firmware through a web browser (on page 17)".
After you click Apply, the BMC is reset. You must reconnect to the web browser.
Using LO100 Using SSL SSL is a protocol used to transmit private documents through the Internet and uses a private key or certificate to encrypt data transferred over the SSL connection. The Lights-Out 100 provides security for remote management in distributed IT environments by using an industry-standard encryption protocol for data traveling on unsecured networks. SSL is available by default. LO100 comes preinstalled with a certificate.
1. Open an SSH window. 2. When prompted, enter the IP address, login name, and password. Using the PuTTY utility PuTTY 0.54 is a terminal emulation product that includes support for telnet and the SSH protocol. PuTTY 0.54 is available for download from the Internet. • To start a PuTTY session, double-click the PuTTY icon in the directory in which PuTTY is installed. • To start a PuTTY session from the command line: o To start a connection to a server called host, enter: putty.
CLP syntax The general syntax of CLP command is:
Entering help displays all the supported commands. Entering help displays the help message specific to that command. o Help for verbs Calling help for a verb returns the general syntax and usage associated with issuing that verb. Calling help for a verb that is not present in the current directory returns an Unsupported Command message. The following examples are all valid ways to call help for a verb. — /./-> help show Usage: show [][][] — /.
name=Hewlett-Packard enabledstate=enabled Verbs cd version exit show reset start stop help /./system1/-> help name Unsupported Command /./system1/-> help enabledstate Unsupported Command /./system1/-> help properties Unsupported Command /./system1/-> name -h Invalid command /./system1/-> • The exit command terminates the CLP session. • The cd command sets the current default target. The context works similar to a directory path.
Properties Verbs cd version exit show help The first line of information returned by the show command is the current context. In the example, /. is the current context. Following the context is a list of subtargets (Targets) and properties (Properties) applicable to the current context. The verbs section (Verbs) shows which commands are available in this context. The show command can also be specified with an explicit or implicit context and a specific property.
Time elapsed: 53 seconds. Download Complete. • The reset command causes a target to cycle from enabled to disabled and then to enabled again. • The set command assigns a specific value to a property or group of properties. The standard syntax for the set command is set property=new value. • The set command is used to change any changeable property.
Specific commands CLP syntax for specific commands is found in the sections that also describe the functionality through the Web interface. DCMI 1.0 support LO100 supports Data Center Manageability Interface (DCMI). DCMI enables you to simplify platform management implementations while enhancing robustness. Specifications are derived from Intelligent Platform Management Interface (IPMI) 2.0, which has been widely adopted by the computing industry for server management and system-health monitoring.
Logging in to LO100 You can log in to the remote management processor through a web browser ("Logging in through a web browser" on page 27) or through the CLP ("Logging in through the CLP" on page 27). If you are unsure of your DHCP IP address, refer to the "Configuring network access" section. Logging in through a web browser 1. Browse to the IP address of the remote management processor to access the login screen. 2. Enter your user name and password.
Browser main menu options Using a web browser, you can access all basic remote management capabilities of LO100. Not all of the features displayed and described in the guide are available on all systems. To verify which features are supported on your system, see "LO100 optional (licensed) features" for more information. Option Description Summary Accesses or returns you to the main menu navigation bar. Virtual Power Accesses system power and UID control options.
NOTE: The Virtual KVM / Media option is an advanced feature available through license upgrade and not available on all G6 systems unless the license is purchased. This link may appear as Virtual Media or not at all depending on your system implementation. To verify which features are supported on your system, see "LO100 optional (licensed) features" for more information. Controlling server power remotely LO100 enables you to remotely operate the power button of a host server using a web browser or the CLP.
2. o Always power up—Powers on the server immediately after power is supplied. o Restore to powered state prior to power loss—Powers on the system if the system was in the powered on state before a loss of power. o Power pushbutton or command required to power on system—Causes the server to wait for external action before powering on the system. Click Set. The power restore policy becomes becomes active after a successful BIOS post. Controlling server power through the CLP 1.
Viewing sensor data from a web browser The Monitoring Sensors screen displays a snapshot of the temperature, fans, and voltage sensor data, including sensor type, name, status, and current reading. To access this page from a web browser, on the main menu navigation bar, click Monitoring Sensor. To update the display, click the Refresh button. To view or add a PEF action, click PEF. For more information, see "Platform Event Filtering configuration (on page 32).
The message Loading data. Please wait appears. After this message disappears, the Temperature and Voltage sensor data appears. This data is real-time data and is updated on a periodic basis. Platform event filtering configuration The PEF Configuration screen enables you to configure LO100 to take selected actions on received or internally generated event messages. These actions include powering down the system, resetting the system, and triggering the generation of an alert.
• Event Offsets—Are trip points (movements across thresholds) that define what type of sensor event triggers an action. The information in the Events Offsets section varies with the type of sensor. Not all options are available for all sensors. You can select any of the available options. • PEF Action—Displays the same information for all sensors: o Sensor Type—Displays the type of sensor selected. o Sensor Name—Displays the name of the sensor.
or a MAC address and then click Apply. If both the MAC and an IP address are entered, the IP address is used. To set a policy: 1. 2. Select the Policy Enable state and then enter the Policy Number and Destination Selector information. o Policy Enable—Enables you to selectively enable and disable trap forwarding. o Policy Number—Enables you to select a policy that will be used in PEF configuration.
Accessing the system event log from the CLP 1. Log in to the CLP as described in the "Logging in to LO100 (on page 27)" section. 2. Enter cd /./system1/log1 3. Enter show to display the total number of system event records. 4. Enter show record to display the details of a specific record. For example: /.
6. Press the Esc key to return to the previous screen, or press the F10 key to save the changes and exit Setup. Using Virtual KVM The Virtual KVM feature of LO100 is a remote graphic console that turns a supported browser into a virtual desktop and provides full control over the display, keyboard, and mouse of the host server. The operating system-independent console supports graphic modes that display remote host server activities, including shutdown and startup operations.
The Control menu of the remote graphic console has several different options. • Virtual Media—Displays the Virtual Media Devices page. The Virtual Media Devices page displays all accessible media drives of the storage server. Supported devices are CD-ROM, DVD-ROM, floppy disk, and mass storage devices. For more information, see "Using Virtual Media (on page 40)." • Virtual Keyboard—Opens a virtual keyboard enabling you to change the language of the virtual keyboard.
When using Hide Mode, the local mouse is inaccessible. To access the local mouse (normal mode), press Ctrl+Alt+0. • o Absolute Mode causes the LO100 remote graphic console to send raw x and y coordinates to the server. o Relative Mode sends the LO100 remote graphic console relative mouse position coordinates (+/previous mouse pointer position) to the server. This mode is the default for Linux and Windows®.
3. Select Pointer Options. 4. In the Pointer Options window: a. Set the Pointer speed bar in the middle. b. Be sure the Enhance pointer precision option is not selected. To change the Hardware Acceleration option: 1. Right-click the desktop screen 2. Select Properties. The Display Properties window appears. 3. Click Settings>Advanced. The video card and monitor properties window appears. 4. Click Troubleshoot. 5.
• Clicking Context is equivalent to right-clicking the LO100 remote graphic console window. Using Virtual Media LO100 Virtual Media enables you to add, browse, remove, and share media devices and refresh the displayed virtual media devices list. LO100 Virtual Media is available by purchasing the Lights-Out 100i Advanced Pack. For more information, see "LO100 optional (licensed) features." To access LO100 Virtual Media: 1. Click Virtual KVM / Media. The Virtual KVM screen appears. 2.
Adding a virtual media device The LO100 virtual media option provides you with a virtual media drive, which can direct a remote host server to boot and use standard media from anywhere on the network. Virtual media devices are available while the host system boots. To add a new virtual media device, click Add on the Virtual Media page. The Add Virtual Media Devices window appears. This window has the following options: • The Look In list enables you to change your directory or drive.
To share a virtual media device, do the following: 1. On the Virtual KVM menu, select Virtual Media from the Control menu. The Virtual Media window appears. 2. If the device you want to add is not in the list, click Refresh. 3. To add a device, see "Adding a virtual media device (on page 41)". 4. Select the device, and then click Connect. A message box appears, indicating either the device has been successfully connected or a problem has occurred. 5. Click OK to close the Virtual Media window. 6.
Redirecting BIOS console text through Telnet LO100 BIOS console text redirection enables you to view the entire boot process remotely and make changes in the BIOS Setup Utility from a remote computer. This utility helps you troubleshoot and manage servers remotely. To configure the BIOS Setup Utility on the target system: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced menu. 3.
8. Press the F10 key to save and exit. After completing the console redirection process, you can view the boot process remotely from a client PC through an established Telnet session to the IP address of LO100. See your operating system documentation for instructions on establishing telnet sessions. To redirect the console to the Telnet session and view the boot process, press the Esc+Q keys in the Telnet session during server boot.
— Base I/O address—3F8 — Interrupt—IRQ 4 o On DL160 G6, DL160se G6, DL170h G6, DL180 G6, SL160z G6, SL170z G6, and SL2x170z G6 servers, and SL165z G7 servers, verify the following settings: Remote Access Configuration — Remote Access—Enabled — EMS support(SPCR)—Enabled — Terminal Type—VT100 — Flow Control—None — Redirection after BIOS POST—Always SuperIO Configuration — Serial Port Address—3F8 — Serial Port IRQ—IRQ 4 2. In the /boot/grub/menu.
Verify the following settings: — Baud Serial Console Port—Enabled — Baud Rate—9600 o On ML150 G6 servers: i. Press the down arrow (↓) key to scroll down to the Remote Access Configuration option, and then press the Enter key. ii. Verify the following settings: — Remote Access—Enabled — EMS support (SPCR)—Enabled — Serial Port Mode—9600 8,n,1 — Flow Control—None — Console Type—VT100 — Continue C.R.
Hardware Inventory page The Hardware Inventory page enables you to remotely identify the presence of processors on a target server. To access this page from a web browser on the main menu navigation bar, click Hardware Inventory. User administration The User Administration option on the main menu navigation bar enables you (if authorized) to edit the user name and password for existing users. You cannot create a new user.
Option User Operator Application License Key No No Security Settings No No Changing user settings through a web browser The User Administration screen displays user information, enables you to modify user settings, and enable or disable user accounts. The first user account is a fixed null value. You cannot change the properties of the first user or use it to log in. Only the first two users (after the fixed null value) are enabled for login by default.
6. Log in to the CLP as described in the "Logging in to LO100 (on page 27)" section. 7. At the command prompt, enter cd map1/accounts. 8. Select a user by entering cd user1 or cd user#, where # is the user you want to modify and a whole number between 2 and 16. 9. To change the user name, enter set username=. For example: /./map1/accounts/user2/> set username=testuser2 10. To change the user password, enter set password=, and enter the new password when prompted.
To modify the network settings, from the browser main menu navigation bar, click Network Settings, enter the new settings, and then click Apply. The Network Settings page now lists the following information: • MAC AddressDisplays the MAC address. • IP AddressDisplays the current BMC IP address and enables you to set it to Static. • Subnet MaskDisplays the LO100 IP network subnet mask. If you are using DHCP, the subnet mask is automatically supplied. If not, enter the network subnet mask.
Configuring network settings using the BIOS Setup Utility To enable a static IP address: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced menu. 3. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. 4. To set your network BIOS settings, choose one of these options: o On ML110 G6 and DL120 G6 servers: i. Press the down arrow (↓) key to scroll to IPMI, and press the Enter key. ii.
8. To save and exit, press the F10 key, or to view the new IP Address, allow the server to reset and reenter the BIOS Setup Utility. Configuring network settings using the CLP 1. Log in to LO100 CLP as described in the "Logging in to LO100 (on page 27)" section. 9. At the command prompt, enter cd map1/nic1. 10. Configure the network settings by entering the following: set =.
3. Enter the license key in the spaces provided. To move between fields, click inside a field or press the Tab key. The Activation License Key field advances automatically as you enter data. 4. Click Apply. Importing a certificate If you do not want to use the preinstalled public key (certificate), create and install your own private key (certificate). Importing a key or certificate is a one-time procedure that supports both SSH and SSL.
2. Install and set up OpenSSL. 3. Using OpenSSL, generate a DSA parameters file: openssl dsaparam -out server_dsaparam.pem 1024 4. Generate the DSA private key file, called server_privkey.pem: openssl gendsa -out server_privkey.pem server_dsaparam.pem 5. Generate the DSA certificate (public key) file, called server cacert.pem: openssl req -new -x509 -key server_privkey.pem -out server_cacert.pem days 1095 6.
6. Click Apply. To install the private key through the browser: 1. Log in to LO100 as an administrator. 2. On the browser main menu navigation bar, click Security Settings. 3. In the TFTP server IP address field, enter the IP address of the TFTP server. 4. On the menu under File type, select Key. 5. Enter the file name of the key created (server_privkey.pem) in the File Name field. Include the path relative to the TFTP server root in the file name. 6. Click Apply.
After you issue the load command to upload and install the certificate, reset the BMC by entering the following command: reset map 1 LO100 checks the validity of the key/certificate pair after you reset the BMC. You can also find these commands in /map1/firmware directory.
b. Clear Return key sends Telnet New Line instead of ^M. LO100 has a default of 0x08 (input) and 0x03 (output) filter setting that must not be changed. If the default settings are changed, functionality issues might occur and you must restore the default settings. After the defaults are reset, you must log out and back in to the shell to restore normal functionality.
8. Set input default to 0x08 using the command: oemhp I 20 c0 20 18 00 29 01 00 00 02 00 08 b4 9. Set output default to 0x03 using the command: oemhp I 20 c0 20 18 00 29 01 00 00 02 01 03 b8 10. Log out.
Technical support Software technical support and update service HP LO100i Advanced Packs are available with Technical Support and Update licenses that provide for optional future upgrades. For more information about these options, see the HP website (http://www.hp.com/servers/lights-out). A license entitlement certificate is delivered in place of a license activation key.
• Third-party hardware or software • Operating system type and revision level Technical support 60
Acronyms and abbreviations BIOS Basic Input/Output System BMC baseboard management controller CLI Command Line Interface CLP command line protocol CMS central management server CR carriage return DCMI Data Center Manageability Interface DHCP Dynamic Host Configuration Protocol DSA Digital Signature Algorithm EMS Emergency Management Services HTTP hypertext transfer protocol IP Internet Protocol Acronyms and abbreviations 61
IPMI Intelligent Platform Management Interface JVM Java Virtual Machine KVM keyboard, video, and mouse LO100 HP Lights-Out 100 MAC Media Access Control NIC network interface card OS operating system PEF Platform Event Filtering PEM Privacy Enhanced Mail PET Platform Event Trap POST Power-On Self Test RBSU ROM-Based Setup Utility SLES SUSE Linux Enterprise Server SMASH System Management Architecture for Server Hardware Acronyms and abbreviations 62
SSH Secure Shell SSL Secure Sockets Layer TCP/IP Transmission Control Protocol/Internet Protocol TFTP Trivial File Transfer Protocol UID unit identification URL uniform resource locator VNC virtual network computing Acronyms and abbreviations 63
Index Dynamic Host Configuration Protocol (DHCP) 12, 49, 52 A accessing software, browser 27 administration 8 alert messages 33 authorized reseller 59 E B F base management controller (BMC) 12 BIOS configuration 12 BIOS Setup Utility 12, 15, 30 BIOS upgrade 15 BMC (base management controller) 12 browser-based setup 49 features, CLP 20 features, IPMI 2.
license key, installing 52 LO100, logging in through browser 27 logging in 27 requirements, SSH 19 ROM-Based Setup Utility (RBSU) 34, 36 ROMPaq utility 15 M S MAC (media access control) 33, 38, 39 main menu functions 28 medium access control (MAC) 33, 38, 39 monitoring sensors 30 mouse settings 38 Secure Shell (SSH) 5, 19, 20, 27, 53, 54 Secure Sockets Layer (SSL) 5, 19, 53, 54 sensor data 31, 32 serial port 9 settings, mouse 38 settings, network 49 settings, PEF 32 settings, power options 29, 30 share
user account, modifying 47, 48 user settings 47, 48 using, LO100 19 V virtual devices 40 virtual network computing (VNC) 37 virtual power 29 VNC (virtual network computing) 37 W website, HP 59 Index 66
