HP OneView 1.0 User Guide Abstract This guide describes HP OneView features, interfaces, resource model design, and secure working environment. It describes up-front planning considerations and how to use the HP OneView appliance UI or REST APIs to configure, manage, monitor, and troubleshoot your data center infrastructure. It also includes information about the SCMB (State-Change Message Bus) and a step-by-step example that configures a sample data center from start to finish.
© Copyright 2013 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents I Learning about HP OneView.......................................................................13 1 Learning about HP OneView..................................................................15 1.1 HP OneView for converged infrastructure management......................................................15 1.2 Hardware and software provisioning features...................................................................16 1.2.1 Server profiles.........................................................
2.19.4 Unmanaged devices............................................................................................42 3 Understanding the security features of the appliance.................................45 3.1 Securing the appliance..................................................................................................45 3.2 Best practices for maintaining a secure appliance............................................................46 3.3 Creating a login session...............................
Using the REST APIs and other programmatic interfaces.............................71 5.1 Resource operations......................................................................................................71 5.2 Return codes...............................................................................................................72 5.3 URI format...................................................................................................................72 5.4 Resource model format..........
III Configuration quick starts..........................................................................89 9 Quick Start: Initial Configuration.............................................................91 9.1 Process overview..........................................................................................................91 9.2 Configure the environment for the first time......................................................................
15.4.3 About network sets............................................................................................119 15.5 Learning more..........................................................................................................120 16 Managing interconnects, logical interconnects, and logical interconnect groups.................................................................................................121 16.1 Managing enclosure interconnect hardware...................................
20.2 Tasks......................................................................................................................143 20.3 About user accounts.................................................................................................143 20.4 About user roles.......................................................................................................144 20.5 Action privileges for user roles...................................................................................144 20.
22.5.3.1 License types.............................................................................................159 22.5.3.2 License delivery.........................................................................................159 22.5.3.3 License reporting.......................................................................................159 22.5.3.4 View license status....................................................................................160 22.5.4 Server hardware licensing..........
26 Using the State-Change Message Bus (SCMB)......................................185 26.1 Connect to the SCMB................................................................................................185 26.2 Set up a queue to connect to the HP OneView SCMB exchange.....................................186 26.3 JSON structure of message received from the SCMB.....................................................187 26.4 .NET C# code example................................................................
27.12.3 Profile operations fail........................................................................................218 27.13 Troubleshooting user accounts...................................................................................218 27.13.1 Incorrect privileges............................................................................................218 27.13.2 Unauthenticated user or group...........................................................................218 27.13.
A.5.5 Creating an enclosure group for vSphere (ESXi) hosts...................................................248 A.5.6 Adding the enclosure..............................................................................................249 A.5.7 Viewing the server hardware types............................................................................249 A.5.8 Creating a server profile to use as a template.............................................................250 A.5.
Part I Learning about HP OneView This part describes HP OneView and its model for data center resources and introduces you to the terms and concepts used in this document and the appliance online help.
1 Learning about HP OneView 1.1 HP OneView for converged infrastructure management Optimized for collaboration, productivity, and reliability, the HP OneView appliance is designed to provide simple, single-pane-of-glass lifecycle management for the complex aspects of enterprise IT—servers, networking, software, power and cooling, and storage.
and server profiles established by your experts, you can enable system administrators to provision and manage thousands of servers without requiring that your experts be involved with every server deployment. One tool and one data set—one view HP OneView combines complex and interdependent data center provisioning and management into one simplified and unified interface.
1.2.1 Server profiles A server profile captures key aspects of a server configuration in one place, including firmware levels, BIOS settings, network connectivity, boot order configuration, iLO settings, and unique IDs. Server profiles are one of the features that enable you to provision converged infrastructure hardware quickly and consistently according to your best practices.
Types of groups and sets Group or set Description Enclosure group A group of enclosures that use the same configuration, such network connectivity and firmware versions for the Onboard Administrator and interconnect modules. All members of an enclosure group use the same logical interconnect group.
Flexibility in design and deployment HP OneView provides flexibility in the creation of groups, templates, and sets. For example, you can create a logical interconnect group in these ways: • Before you add an enclosure to the appliance, you can create a logical interconnect group that specifies how you want the interconnects to be configured, and an enclosure group that specifies how you want the enclosure to be configured.
1.3 Firmware and configuration change management features 1.3.1 Simplified firmware management The appliance provides fast, reliable, and simple firmware management across the data center. When you add a resource to the appliance, to ensure compatibility and seamless operation, the appliance automatically updates the resource firmware to the minimum version required to be managed by the appliance.
Isolated management network The appliance architecture is designed to separate the management traffic from the production network, which increases reliability of the overall solution. For example, your data center resources remain operational even in the unlikely event of an appliance outage. Automatic configuration for monitoring When you add resources to the appliance, they are automatically configured for monitoring, and the appliance is automatically registered to receive SNMP traps.
1.4.1 Data center environmental management HP OneView integrates these critical areas for environmental management of the data center: • Thermal data visualization in 3D • Power delivery infrastructure representation • Physical asset location in 3D Feature Description Thermal data visualization 3D data center thermal mapping provides a view of the thermal status of your entire data center.
• View alerts for a specific resource from the UI screen for that resource or using the REST API for that resource. • Automatically forward SNMP traps from managed resources to enterprise monitoring consoles or centralized SNMP trap collectors. 1.4.4 Hardware and firmware inventory information HP OneView provides detailed hardware and firmware inventory information about the resources it manages.
1.6 Security features CATA (Comprehensive Applications Threat Analysis) is a powerful HP security quality assessment tool designed to substantially reduce the number of latent security defects. The design of the HP OneView appliance employed CATA fundamentals and underwent CATA review.
1.8 Graphical and programmatic interfaces The HP OneView appliance was developed to use a single, consistent resource model embodied in a fast, modern, and scalable HTML5 user interface and industry-standard REST APIs for mobile, secure access and open integration with other management software.
1.9 Integration with other HP management software Onboard Administrator HP OneView interacts seamlessly with the Onboard Administrator to provide complete management of HP BladeSystem c7000 enclosures. A user’s Onboard Administrator privileges are determined by the role assigned to the user’s HP OneView appliance account. HP Integrated Lights-Out HP OneView interacts seamlessly with the iLO management processor to provide complete management of HP servers.
When you add hardware with an embedded license to the appliance, the appliance automatically applies the license. Your software license is also automatically registered for support when the hardware is registered. • You can also purchase and activate licenses separately, enabling you to add licenses for existing hardware. • If you already have an iLO Advanced license for a server, you can purchase an HP OneView license that does not include the iLO Advanced license.
Network sets You can define a collection of Ethernet data center networks to be identified by a single name, called a network set. You can specify a network set instead of an individual network when you define a connection from a server to the data center networks. By using network sets, you can make changes to networks that are members of a network set without having to make changes to each server profile that uses that network set.
2 Understanding the resource model The HP OneView appliance uses a resource model that reduces complexity and simplifies the management of your data center. This model provides logical resources, including templates, groups, and sets, that when applied to physical resources, provides a common structure across your data center.
The UI and REST APIs are organized by resource. The documentation for the UI and REST APIs are also organized by resource. To view the complete list of resources, see the HP OneView REST API Reference in the online help. The following sections introduce the resources shown in Figure 1 (page 29). 2.
Relationship to other resources A connection template resource is associated with zero or more connection resources. A connection resource is associated with the appropriate connection template for a type of network or network set.
Relationship to other resources A server hardware type resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more server profiles • Zero or more servers of the type defined by that server hardware type UI screens and REST API resources UI screen REST API resource Server Hardware Types server-hardware-types For more information about server hardware types, see the online help for the Server Hardware Types screen. 2.
UI screens and REST API resources UI screen REST API resource Notes Server Hardware server-hardware You use the server hardware resource, not the server profile resource, to perform actions such as powering off or powering on the server, resetting the server, and launching the HP iLO remote console. You can launch the HP iLO remote console through the UI only. The REST APIs do not include an API to launch the HP iLO remote console.
UI screens and REST API resources UI screen REST API resource Notes None None The UI does not refer to enclosure type, but the enclosure type is used by the appliance when you add an enclosure. The enclosures REST resource includes an enclosureType attribute. 2.9 Enclosures An enclosure is a physical structure that contains server blades, the Onboard Administrator, and interconnects. For information about the supported enclosure models, see the HP OneView Support Matrix.
Relationship to other resources An interconnect type resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more interconnects UI screens and REST API resources UI screen REST API resource Notes Interconnects interconnect-types The UI does not display or refer to the interconnect type resource specifically, but the information is used by the appliance when you add or manage an interconnect using the Interconnects screen. 2.
Relationship to other resources An interconnect resource is associated with the following resources in the resource summary diagram (page 29): • Exactly one enclosure • Exactly one logical interconnect, and, through that logical interconnect, exactly one logical interconnect group UI screens and REST API resources UI screen REST API resources Interconnects interconnects, interconnect-types, and logical-interconnects For more information about interconnects, see the online help for the Interconnects
Relationship to other resources A logical interconnect group resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more logical interconnects • Zero or more enclosure groups The uplink sets defined by a logical interconnect group specify the initial configuration of the uplink sets of each logical interconnect in the group.
The server administrator is not required to know the details about interconnect configurations Because a logical interconnect is managed as a single entity, the server administrator is isolated from the details of interconnect configurations.
The uplink sets defined by a logical interconnect group specify the configuration for uplink sets used by logical interconnects that are members of the group. If the uplink sets of a logical interconnect do not match the uplink sets of the logical interconnect group, the appliance notifies you that the logical interconnect is not consistent with its group.
Relationship to other resources A network set resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more connections, and, through those connections, zero or more server profiles • Zero or more Ethernet networks UI screens and REST API resources UI screen REST API resource Network Sets network-sets For more information about network sets, see the online help for the Network Sets screen. 2.
UI screens and REST API resources UI screen REST API resource Settings Several REST API resources are related to the appliance and appliance settings. See the resources in the following categories in the HP OneView REST API Reference in the online help: • Settings • Security For more information about various appliance configuration settings see the online help for the Settings screen. 2.19 Resources related data center facilities 2.19.
Relationship to other resources A rack resource is associated with the following resources in the resource summary diagram (page 29): • Zero or one data centers • Zero or more enclosures • Zero or more instances of server hardware (for HP ProLiant DL servers only) • Zero or more unmanaged devices • Zero or more power delivery devices UI screens and REST API resources UI screen REST API resource Racks racks For more information about racks, see the online help for the Racks screen. 2.19.
All devices connected to an HP Intelligent Power Distribution Unit (iPDU) using an HP Intelligent Power Discovery (IPD) connection are added to the appliance as unmanaged devices: • If a device is supported for management by the appliance, you can add that device to the appliance. • If a device is not supported for management by the appliance, you can include that device in power, cooling, and space planning by leaving it in the list of unsupported devices.
3 Understanding the security features of the appliance Most security policies and practices used in a traditional environment are applicable in a virtualized environment. However, in a virtualized environment, these policies might require modifications and additions. 3.1 Securing the appliance CATA (Comprehensive Applications Threat Analysis) is a powerful HP security quality assessment tool designed to substantially reduce the number of latent security defects.
• Operating-system-level users are not allowed to access the appliance, with the following exceptions: ◦ A special pwreset command used only if the Infrastructure administrator password is lost or forgotten. This command requires that you contact your authorized support representative to obtain a one-time password. For more information, see the online help.
◦ Maintain a zone of trust, for example, a DMZ (demilitarized zone) that is separate from production machines. ◦ Ensure proper access controls on Fibre Channel devices. ◦ Use LUN masking on both storage and compute hosts. ◦ Ensure that LUNs are defined in the host configuration, instead of being discovered. ◦ Use hard zoning (which restricts communication across a fabric) based on port WWNs (Worldwide Names), if possible.
3.5 Controlling access for authorized users Access to the appliance is controlled by roles, which describe what an authenticated user is permitted to do on the appliance. Each user must be associated with at least one role. 3.5.1 Specifying user accounts and roles User login accounts on the appliance must be assigned a role, which determines what the user has permission to do.
Monitor the audit logs because they are rolled over periodically to prevent them from getting too large. Download the audit logs periodically to maintain a long-term audit history. Each user has a unique logging ID per session, enabling you to follow a user’s trail in the audit log. Some actions are performed by the appliance and might not have a logging ID.
Example 1 Sample audit entries: user login and logout 2013-09-16 14:55:20.706 CST,Authentication,,,administrator,jrWI9ych,,, SUCCESS,LOGIN,INFO,CREDENTIAL,,Authentication SUCCESS . . . 2013-09-16 14:58:15.201 CST,Authentication,,,MISSING_UID,jrWI9ych,,, SUCCESS,LOGOUT,INFO,CREDENTIAL,,TERMINATING SESSION 3.8 Appliance access over SSL All access to the appliance is through HTTPS (HTTP over SSL), which encrypts data over the network and helps to ensure data integrity.
3.9.2.1 Verifying a certificate You can verify the authenticity of the certificate by viewing it with your browser. After logging in to the appliance, choose Settings→Security to view the certificate. Make note of these attributes for comparison: • Fingerprints (especially) • Names • Serial number • Validity dates Compare this information to the certificate displayed by the browser, that is, when browsing from outside the appliance. 3.9.2.
You can import a certificate signed by a CA, and using it instead of the self-signed certificate. The overall steps are as follows: 1. 2. 3. 4. 5. You generate a CSR (certificate signing request). You copy the CSR and submit it to the CA, as instructed by the CA. The CA authenticates the requestor. The CA sends the certificate to you, as stipulated by the CA. You import the certificate. For information on generating the CSR and importing the certificate, see the UI help. 3.
information on obtaining a certificate with a browser, see “Managing certificates from a browser” (page 50) 3.12 Ports needed for HP OneView HP OneView requires specific ports to be made available to the appliance to manage servers, enclosures, and interconnects. Table 1 Required ports Port number Protocol Usage Description 80 TCP Inbound Used for HTTP interface. Typically, this port redirects to port 443; this port provides the access that iLO requires.
3.13.1 Enabling or disabling authorized services access When you first start up the appliance, you can choose to enable or disable access by on-site authorized support representatives. By default, on-site authorized support representatives are allowed to access your system through the appliance console and diagnose issues that you have reported.
Table 2 Supported SSL cipher suites (continued) SSL cipher suite SSL version Kx Au Enc Mac DHE-RSA-AES128-SHA SSL v3 DH RSA AES (128) SHA1 AES128-SHA SSL v3 RSA RSA AES (128) SHA1 3.15 Downloads from the appliance You can download the following data files from the appliance: • Support dump By default, all data in the support dump is encrypted and accessible by an authorized support representative only. • Backup file All data in the backup file is in a proprietary format.
4 Navigating the graphical user interface 4.1 Browsers For general information about browser use, see the following topics: • “Supported browsers” (page 57) • “Required plug-ins and settings” (page 57) • “Browser best practices for a secure environment” (page 52) • “Commonly used browser features and settings” (page 57) 4.1.1 Supported browsers For information about the web browsers that are supported for use with HP OneView, see the HP OneView Support Matrix. 4.1.
Feature Description Open screens in a new tab or window Right-click a link to a resource or screen to open the link in a new tab or window. NOTE: If you right-click a link while in an edit screen, the actions you take on another screen do not automatically refresh the form in the first screen. For example, if the Add Network dialog box is open, but you do not have any networks to add, you can create networks in a new tab or window.
Figure 2 Screen topography 1 2 3 4 Networks 20 v All statuses v ? All types v Create network C1 net Overview Actions v v Name VLANID Type .............................................................
4.3 About the Activity sidebar The Activity sidebar shows activities (specifically, tasks) initiated during the current session. The most recent task is displayed first. Task notifications provide information (including in-progress, error, and completion messages) about tasks that were launched. The Activity sidebar differs from the Activity screen because it displays only recent activity. The Activity screen, in contrast, displays all activities and allows you to list, sort, and filter them.
Table 4 UI buttons Button Description Add and Add + Adds items from your current data center environment (such as enclosures, server hardware, and other physical items) and brings them under appliance management. • Add adds a single item and closes the screen or dialog box. • Add + enables you to add another item in the same session. Create and Create + Creates logical constructs used by the appliance (such as server profiles, logical interconnect templates, and network sets).
Figure 6 Help sidebar ? Help Help Documentation 1 Help on this page 2 Browse help License 3 End-User License agreement 4 Written Offer Community 5 1 2 HP OneView Forum Opens context-sensitive help for the current resource in a new browser window or tab. Opens the top of the help system in a new browser window, which enables you to navigate to the entire table of contents for the UI help and REST API documentation. 3 4 Displays the End-User License agreement (EULA).
4.8.1 Status and severity icons Large icon Small icon Resource Activity Task Critical Critical Failed/Interrupted Warning Warning Warning OK Informational Success Disabled Canceled Unknown An In progress rotating icon indicates that a change is being applied or a task is running. This icon can appear in combination with any of the resource states; for example: 4.8.
4.8.3 Informational icons Icon Name Description Map Provides a graphical representation of the relationships between the current resource and other resources Activity control Provides a recent history of user and appliance initiated tasks and alerts Session control Displays your login name, how long you are logged on, and provides a link that enables you to log out of the appliance You can use the Edit icon next to your login name to change your full name, password, and contact information.
Figure 7 Sample Map view 1Z34AB7890 Apr 30 10:17AM Map Actions v Add enclosure: 192.0.2.0 HPTC-RACK - 01 Racks ............................................................................................................................................................... Enclosure HPTC Groups ...............................................................................................................................................................
Figure 8 Notifications area ! A, Slot 1 Overview Actions v 1 The system A, Slot 1 is not configured for redundant power because it has 1 c... All 0 1 0 General > 2 Model ! Manag Location Power Maximum Serial A, Slot 1 Overview The system A, Slot 1 is notconfigured for redundant power because it has 1 connected power input(s). The system must have at least 2 connected power inputs(s) to have redundant power. Actions 0 All 1 v 0 The system A, Slot 1 is ...
4. 5. Enter a search term in the Search box. Note the following: • Search terms are case insensitive. • Cutting and pasting text into the search box is supported. • Wildcard characters, such as the asterisk (*), are not supported. • Enclosing a search phrase in double quotation marks is not supported. Press Enter or click List Topics to start the search process. Search results are presented as links to the sections in which the search term appears. 6.
When you find what you are looking for in the search results, which are organized by resource type, select the item to navigate to it. NOTE: The Smart Search feature does not search the help system. To search the UI and REST API help, see “Search help topics” (page 66). Search the current resource Search all resources 1. Click in the Smart Search box. 1. Click in the Smart Search box. Search 2. Enter your search text and press Enter. Search 2. Select Everything.
To filter that view based on a specific health status, select the health status you are interested in viewing from the Status menu. For more information about health status icons and what they mean, see “Icon descriptions” (page 62). Figure 10 Filter resource instances by their health status HP OneView Search Server Hardware 15 Status Reset All statuses + Add server hardware Name Critical Warning Model Server Profile .................................................................................
5 Using the REST APIs and other programmatic interfaces REST (Representational State Transfer) is a web service that uses basic CRUD (Create, Read, Update and Delete) operations performed on resources using HTTP POST, GET, PUT, and DELETE. To learn more about REST concepts, see http://en.wikipedia.org/wiki/Representational_state_transfer. The appliance has a resource-oriented architecture that provides a uniform REST interface.
5.2 Return codes Return code Description 2xx Successful operation 4xx Client-side error with error message returned 5xx Appliance error with error message returned NOTE: If an error occurs, indicated by a return code 4xx or 5xx, an ErrorMessage is returned. The expected resource model is not returned. 5.3 URI format All URIs point to resources. The client does not need to create or modify URIs.
determine the correct REST API version, perform /rest/version. This GET operation does not require an X-API-Version header. If multiple appliances are running in your environment, you need to determine the REST API version required by each appliance. The X-API-Version header for this release of HP OneView must always be 3 (X-API-Version:3). 5.7 Asynchronous versus synchronous operations A synchronous task returns a response after the REST API operation.
5.11 Querying resources using common REST API parameters You can use a set of common parameters to customize the results returned from a GET operation, such as sorting or filtering. Each REST API specification lists the set of available common parameters. 5.12 State Change Message Bus The State-Change Message Bus (SCMB) is an interface that uses asynchronous messaging to notify subscribers of changes to managed resources—both logical and physical.
6 Accessing documentation and help This chapter describes how to access help from the appliance, how to access the publicly available online information library, and where to find REST API help and reference documentation. 6.
• Planning information, including configuration decisions to make and tasks that you might need to perform before you install an appliance, add managed devices, or make configuration changes • Quick starts that provide high-level step-by-step instructions for selected tasks that might require that you configure multiple resources using the UI or REST APIs. • An illustrated example of using the UI to configure a sample data center 6.
Part II Planning tasks The chapters in this part describe data center configuration planning tasks that you might want to complete before you install the appliance or before you make configuration changes. By completing these planning tasks, you can create a data center configuration that takes full advantage of the appliance features and is easier for your administrators to monitor and manage.
7 Planning your data center resources In addition to ensuring that your environment meets the prerequisites for installation of the appliance, there are other planning tasks you might want to complete before adding data center resources. By completing these planning tasks, you can create a data center configuration that takes full advantage of the appliance features and is easier for your administrators to monitor and manage. 7.
The default SNMP read community string, public, is easily guessed. You can make your SNMP environment more secure by changing the SNMP read community string to use a strong password. If you use the appliance REST APIs, you can avoid manually refreshing managed devices by changing the SNMP read community string before you add devices to the appliance. For more information about changing the SNMP read community string, see “Managing the appliance settings” (page 155). 7.2.
7.2.10 Reviewing your firewall access The appliance maintains a firewall that allows traffic on specific ports and blocks all unused ports. For a list of the network ports used by the appliance to manage data center resources, see “Ports needed for HP OneView” (page 53). 7.
testUS_left • The appliance does not support the filtering of resources, such as server hardware, based on physical location (data center name). To enable filtering by data center name, choose a naming convention that includes the data center name in the resource name. • The appliance supports the filtering of resources by model, so you can search for server hardware without having to include the model number in the name. • The appliance provides default names for many resources.
• A connection to the management LAN. HP recommends that you have separate networks for management and data. • The clock on the VM host must be set to the correct time. If NTP (Network Time Protocol) is not used to synchronize the time on the VM host, HP recommends configuring the appliance to use NTP directly. 7.5.2 Planning for high availability To use HP OneView in an HA (high availability) configuration, verify that the VM is configured according to vSphere Hypervisor HA requirements.
8 Planning for configuration changes This chapter identifies configuration changes that might result in a resource being taken offline temporarily or that might require that you make changes to multiple resources. 8.1 Configuration changes that require or result in resource outages Appliance Taking an appliance offline does not affect the managed resources—they continue to operate while the appliance is offline. When you install an appliance update, the appliance is taken offline.
each server profile connection to reconfigure it to specify the network you added. Because you must edit the server profile to edit the connection, you must power off the server. • If you attempt to delete a network that is a member of a network set, the appliance warns you that the network is assigned to at least one network set.
• • Logical Interconnects and Logical Interconnect Groups. For a server connected to a logical interconnect to access a network, the logical interconnect must have an uplink set that includes a connection to that network: ◦ You might need to update multiple logical interconnects. ◦ You can make configuration changes to the logical interconnect group, and then update each logical interconnect from the group.
Part III Configuration quick starts The quick starts provided in this part describe the basic resource configuration tasks required to quickly bring the primary components of your hardware infrastructure under appliance management. Additional resource configuration and ongoing management tasks are documented in Part IV.
9 Quick Start: Initial Configuration This quick start describes the process to bring your data center resources under management of the appliance after you complete the appliance installation. This quick start recommends an order for adding resources to an appliance that has not previously been configured. 9.1 Process overview 1. 2. 3. Before you install the appliance, you might want to plan for your data center configuration.
Configure appliance resources and bring your environment under management of the appliance Configuration step Required action or input Related information Add users to the appliance Local authentication 1. Add users and define access permissions and authentication method. Do one or both of the following: • Login name The online help for the Users and Groups screen • Add a user with local authentication and assign a predefined role or create a specialized role.
Configuration step Required action or input Related information • Network set name • Networks to add to the network set • Indicate the untagged network (optional) • Define the logical interconnects in enclosures 5. Create a logical interconnect group to define the uplink configuration • Create uplink sets to connect for all ports. networks to uplink ports Create a logical interconnect group Create an enclosure group 6. Create an enclosure group to define how added enclosures will be configured.
Defining your power systems using the Power Delivery Devices resource enables you to monitor metrics such as consumption rates and power caps.
10 Quick Start: Adding a network to an existing appliance environment This quick start describes the process to add a network to an existing appliance environment and enable existing server blades to access the network you added. NOTE: If you are performing initial configuration steps after installing an appliance, HP recommends that you add networks and network sets before you add enclosures. See “Quick Start: Initial Configuration” (page 91).
Process When you add a network to the appliance, you might need to make configuration changes to the following resources: Resource Task Description Networks 1. Add the network. • Adding a network does not require that you take resources offline. • For more information about networks, see “Managing networks and network resources” (page 115), the online help for the Networks screen, or the REST API scripting help for networks and network sets. Logical Interconnect Groups 2.
Resource Task Description • Applies to Ethernet networks only. • Adding a network to a network set does not require that you take resources offline. Server profiles that have connections to the network set do not have to be updated when a network is added to the network set. • For more information about network sets, see “Managing networks and network resources” (page 115), the online help for the Network Sets screen, or the REST API scripting help for networks and network sets.
11 Quick Start: Adding an enclosure and connecting its server blades to networks This quick start describes the process to add an enclosure to an existing appliance environment and enable the server blades to access the existing data center networks.
Configuration requirement Why you need it Server profile must have at least one connection, which must specify a network or network set You do not have to know the hardware configuration, but you do have to choose an available network or network set to specify which networks the server is to use. If you specify a network set in a server profile connection, the network set must include at least 1 network You can think of a network set as an alias through which you can refer to many different networks.
Process Resource Task Description Enclosures 1. Add the enclosure. • When you add the enclosure, specify an existing enclosure group. • When you add an enclosure, you also must select a firmware baseline and a licensing option. • For more information about enclosures, see “Managing enclosures and enclosure groups” (page 131), the online help for the Enclosures screen, or the REST API scripting help for enclosures. Server Profiles 2.
Process Resource Task Description Logical Interconnect Groups 1. Create a logical interconnect group. • You must create a logical interconnect group before you can create an enclosure group. • You add uplink sets as part of creating a logical interconnect group. Ensure that at least one of the uplink sets you add includes an uplink port to the data center networks you want to access.
• The networks and network sets, if any, have been added to the appliance. To add networks or network sets, see “Quick Start: Adding a network to an existing appliance environment” (page 95) or “Managing networks and network resources” (page 115). • See “Prerequisites for bringing an enclosure under management” (page 131) for prerequisites and preparation you must complete before you add an enclosure.
12 Quick Start: Configuring an enclosure and server blade for Direct attach to an HP 3PAR Storage System This quick start describes the process for adding and configuring an enclosure so that its servers can connect to an HP 3PAR Storage System that is directly attached to the enclosure.
Process Resource Task Description Networks 1. Add the Fibre • If you add the networks from the Networks screen: Channel Direct attach networks. ◦ For Type, select Fibre Channel ◦ For Fabric type, select Direct attach • For more information about networks, see “Managing networks and network resources” (page 115), the online help for the Networks screen, or the REST API scripting help for networks and network sets. Logical Interconnect Groups 2.
13 Quick Start: Adding an HP ProLiant DL rack mount server This quick start describes the process for adding a rack mount server. The features supported by the appliance vary by server model. For information about the features supported for HP ProLiant DL servers, see “Server hardware features supported by the appliance” (page 111). For an illustrated example of this task, see “Step by step: Configuring an example data center using HP OneView” (page 231).
Part IV Configuration and management The chapters in this part describe the configuration and management tasks for the appliance and the resources it manages.
14 Managing servers and server profiles Managing servers with the appliance involves interacting with several different resources on the appliance: • A server profile captures the entire server configuration in one place, enabling you to consistently replicate new server profiles and to rapidly modify them to reflect changes in your data center environment. • A server profile enables management of your server hardware.
HP ProLiant BL G71 Feature HP ProLiant BL Gen8 HP ProLiant DL Gen82 SSO (single sign-on): The appliance enables SSO to iLO and OA without storing user-created iLO or OA credentials.
• Manage the boot order of a server profile. • Manage virtual or physical IDs for the server hardware. • Copy a server profile. • Delete a server profile. • Edit a server profile. • Move a server profile to another server. • Power on and off the server hardware to which the server profile is assigned. • Install a firmware bundle using a server profile. NOTE: Firmware will not be downgraded to the selected firmware baseline when applying a server profile.
NOTE: Health monitoring is not enabled on ProLiant G7 iLO3 server hardware until the HP management agents are installed on the OS and the SNMP service is configured with the same SNMP read community string shown on the Settings screen. • NTP is enabled and the appliance becomes the server hardware’s NTP time source. • An appliance certificate is installed to enable single sign-on operations. • iLO firmware is updated to the minimum versions listed in the HP OneView Support Matrix.
15 Managing networks and network resources This chapter describes configuring and managing networks and network resources for the enclosures and server blades managed by the appliance. For information about configuring the network settings for the appliance, see “Managing the appliance settings” (page 155). NOTE: The network features described in this chapter apply to enclosures and server blades only.
15.2.1 Roles • Minimum required privileges: Infrastructure administrator or Network administrator 15.2.2 Tasks The appliance online help provides information about using the UI or the REST APIs to: • Add a Fibre Channel SAN. • Delete a Fibre Channel SAN. • Edit a Fibre Channel SAN configuration. 15.3 Managing Ethernet networks When you add an Ethernet network to the appliance, you are adding a VLAN to the configuration. VLANs allow multiple networks to use the same physical connections.
having to replicate configuration changes across multiple servers.
Figure 11 Direct attach and Fabric attach Fibre Channel networks HP 3PAR Storage System Fabric-attached HP storage devices SAN uplink connections (Direct attach) SAN B SAN A 0 4 1 5 2 6 3 7 1 2 Vdc 8 12 9 13 10 14 11 15 16 20 17 21 18 22 19 23 24 28 25 29 26 30 27 31 0 1 2 Vdc HP StorageWorks 4/32B SAN Switch SAN Switch A 4 1 5 2 6 3 7 8 12 9 13 10 14 11 15 16 20 17 21 18 22 19 23 24 28 25 29 26 30 27 31 1 2 Vdc 1 2 Vdc HP StorageWork
IMPORTANT: When you move a server profile to a different enclosure, and the profile is configured to boot from a Direct attach storage device, you must manually update the boot connection of the profile to specify the WWPN (World Wide Port Name) used for the storage device that is directly attached to the enclosure. Each enclosure connects to a different port of the Direct attach storage device, so the WWPN for that storage device is different for each enclosure.
Network set details • Network sets are supported for use in server profiles only. • All networks in a network set must be Ethernet networks. • All networks in a network set must be configured in the same appliance. • A network can be a member of multiple network sets. • When a network is deleted, it is automatically deleted from all network sets to which it belonged. • A network set can be empty (contain no networks) or can contain one or more of the networks configured in the appliance.
16 Managing interconnects, logical interconnects, and logical interconnect groups A logical interconnect group acts as a recipe for creating a logical interconnect representing the available networks, uplink sets, stacking links, and interconnect settings for a set of physical interconnects in a single enclosure.
Interconnects are an integral part of an enclosure, and each interconnect is a member of a logical interconnect. Each logical interconnect is associated with a logical interconnect group, which is associated with an enclosure group. For more information about logical interconnects, see “About logical interconnects” (page 123).
16.2.1 Roles • Minimum required privileges: Infrastructure administrator or Network administrator 16.2.2 Tasks The appliance online help provides information about using the UI or the REST APIs to: • Update the logical interconnect firmware. • Add an uplink set. • Create a logical interconnect support dump file. • Enable and disable physical ports. • Manage SNMP (Simple Network Management Protocol) access and trap destinations.
Interconnect, Logical Interconnect, Networks Interconnect NIC Teaming Drivers Connections LOM1 LOM2 Optional Teaming: Load balancing and/or failover Server Blade Uplink Sets Network A (VLAN 100) Stacking Link Interconnect (Optional) Redundant uplinks ToR/ Aggregation Layer Network A (VLAN 100) Network A (VLAN 100) Logical Interconnect Uplink sets An uplink set defines a group of networks and physical ports on the interconnect in an enclosure.
Stacking modes Stacking modes and stacking links apply to Ethernet networks only. Interconnects that are connected to one another through stacking links create a stacking mode. Ethernet traffic from a server connected to an interconnect downlink can reach the data center networks through that interconnect or through a stacking link from that interconnect to another interconnect. The supported stacking mode is enclosure.
Deleting a logical interconnect To delete a logical interconnect, you must remove the enclosure from management. 16.2.4 About logical interconnect groups A logical interconnect group is associated with an enclosure group and is used to define the logical interconnect configuration for every enclosure that is added to that enclosure group. Logical interconnect configurations include the I/O bay occupancy, stacking mode, uplink ports and uplink sets, available networks, and downlinks.
Figure 12 Relationship of a logical interconnect group to a logical interconnect Logical Interconnect Group A Enclosure Group enclosure Type - c7000 Stocking Mode - enclosure LIG Domain Networks: Eth1, Eth2, SanA, SanB Uplink Sets - 1 - Blue Network, bay1.x1 & bay2.x1 I/O Bay Logical Interconnect Group 1 logicalInterconnectGroupA Location 2 logicalInterconnectGroupA Enc1. Bay1 638526821 Logical DownlinkA 3 logicalInterconnectGroupA Enc2. Bay2 638526821 Logical DownlinkA Enc3.
capture, and then designate the SNMP manager to which traps will be forwarded. By default, SNMP is enabled with no trap destinations set. When you create a logical interconnect, it inherits the SNMP settings from its logical interconnect group. To customize the SNMP settings at the logical interconnect level, use the Logical Interconnects screen or REST APIs. 16.2.
16.2.7 Configure a port to monitor network traffic Port monitoring enables you to send a copy of every Ethernet frame coming in and going out of a port to another port. By monitoring a port's network traffic, you can connect debugging equipment, such as a network analyzer, to monitor those server ports. This capability is important in a server blade environment where there is limited physical access to the network interfaces on the server blades.
17 Managing enclosures and enclosure groups An enclosure is a physical structure that can contain server blades, infrastructure hardware, and interconnects. An enclosure group specifies a standard configuration for all of its member enclosures. Enclosure groups enable administrators to provision multiple enclosures in a consistent, predictable manner in seconds. UI screens and REST API resources UI screen REST API resource Enclosures enclosures Enclosure Groups enclosure-groups 17.
17.2 Roles • Minimum required privileges: Infrastructure administrator or Server administrator 17.3 Tasks The appliance online help provides information about using the UI or the REST APIs to: • Add an enclosure to manage its contents. • Remove an enclosure from management. • Add a server blade to an existing enclosure. • Remove a server blade from an existing enclosure. • Bring an unmanaged enclosure under management. • Claim an enclosure currently being managed by another appliance.
NOTE: HP does not recommend using iLO or the OA to make changes to a device. Making changes to a device from its iLO or OA could cause it to become out of synchronization with the appliance. You can manually refresh the connection between the appliance and an enclosure from the Enclosures screen. Refreshing an enclosure will refresh all devices in it. See the online help for the Enclosures screen to learn more. 17.
18 Managing firmware for managed devices NOTE: This chapter describes how to manage the firmware for devices managed by the appliance. For information about updating the firmware for the appliance, see “Updating the appliance” (page 163). A firmware bundle, also known as an HP Service Pack for ProLiant (SPP), comprises a set of deliverables, a full-support ISO file, and six subset ISOs divided by HP ProLiant server family and operating system.
Unsupported firmware for enclosures When adding an enclosure, the appliance: • Generates an alert if the logical interconnect firmware for the interconnects is below the required minimum level or if the interconnect firmware levels do not match. You must update the logical interconnect firmware from the Logical Interconnects screen or REST APIs.
resources in the enclosure (OA, all member interconnects, and server hardware firmware including iLO). In the UI, select Enclosures→Actions→Update firmware, and then select from the following options: • • Option Device updated Enclosure OA firmware Enclosure + logical interconnect + server profiles OA, all member interconnects, and server hardware firmware including iLO You update a firmware bundle for a logical interconnect to apply the same firmware baseline to all member interconnects.
Best practice Description Verify the managed device setting Do not update the firmware on a managed device unless the firmware baseline is before updating the firmware. set to manage manually. If you choose to create custom HP recommends using HP SPPs. You can use HP SUM 6.0 or later to create custom SPPs, use HP SUM to create them. SPPs, which can be uploaded to the appliance repository.
19 Managing power and temperature You can manage the power and temperature of your IT hardware using the appliance. 19.1 Managing power To manage power, you describe your power delivery devices to the appliance using the Power Delivery Devices screen or the REST APIs. The appliance discovers HP Intelligent Power Delivery Devices (iPDUs) and their connections automatically.
• HP Intelligent Power Distribution Units (HP iPDUs), which the appliance can automatically discover and control. • Other power delivery devices that the appliance cannot discover. By manually adding these devices to the appliance, they become available for tracking, inventory, and power management purposes. Regardless of how power delivery devices are added to the appliance, the appliance automatically generates the same types of analysis (capacity, redundancy, and configuration).
19.2 Managing temperature To manage the temperature of your hardware, you must add your server hardware to racks, position it in the rack, and then add the racks to data center(s). UI screens and REST API resources UI screen REST API resource Data Centers datacenters Racks racks 19.2.1 Roles • Minimum required privileges: Infrastructure administrator or Server administrator 19.2.2 Tasks The appliance online help provides information about using the UI and REST APIs to: • Add a data center.
19.2.
20 Managing users and authentication The appliance requires users to log in with a valid user name and password, and security is maintained through user authentication and role based authorization. User accounts can be local, where the credentials are stored on the appliance or can be on a company or organizational directory (Microsoft Active Directory, for example) hosted elsewhere, where the appliance contacts the defined directory server to verify user credentials.
If you cannot see resource information or perform a resource task, your assigned role does not have the correct privileges. In this case, you should request a different role or an additional role. 20.4 About user roles User roles enable you to assign permissions and privileges to users based on their job responsibilities. You can assign full privileges to a user, or you can assign a subset of permissions to view, create, edit, or remove resources managed by the appliance.
Table 6 Action privileges for user roles (continued) Category Action privileges for user roles (C=Create, R=Read, U=Update, D=Delete, Use) Infrastructure administrator Server administrator Network administrator Backup administrator Read only backups CRUD — — CRD R debug logs CRUD CRU CRU — R events CRU CRU CRU — R global settings CRUD CRUD CRUD — R login sessions CRUD — — — R notifications CRUD CRD CRD — R organizations CRUD — — — R restores CRUD — — — R
Table 6 Action privileges for user roles (continued) Category Action privileges for user roles (C=Create, R=Read, U=Update, D=Delete, Use) Infrastructure administrator Server administrator Network administrator Backup administrator Read only server hardware types CRUD, Use CRUD, Use R — R server profiles CRUD, Use CRUD R — R server profile templates CRUD, Use CRUD, Use — — R interconnects CRUD CR CRUD — R interconnect domains CRUD — — — R interconnect groups CRUD R CRU
Any user in the group can log in to the appliance, and each member of the group is assigned the same role. On the login window, the user: • Enters their name (typically, the Common-Name attribute, CN). • Enters the password for the group. • Selects the authentication directory service. This box appears only if you have added an authentication directory service to the appliance. In the Session control, the user is identified by their name preceded by the authentication directory service.
20.9 Reset the administrator password If you lose or forget the administrator password, you can reset it by executing a command and contacting your authorized support representative by telephone. Prerequisites • You have access to the virtual appliance console. Resetting the administrator password 1. From the console's appliance login screen, switch to the pwreset login screen by pressing Ctrl+Alt+F1. To return to the console’s login screen, press Ctrl+Alt+F2.
21 Backing up an appliance This chapter describes how to use the UI, REST APIs, or a custom-written PowerShell script to save your appliance resource configuration settings and management data to a backup file. IMPORTANT: HP recommends backing up your appliance configuration on a regular basis, preferably daily, and especially after adding hardware or changing the appliance configuration in the unlikely event you need to restore the appliance. 21.
21.4 Guidelines for creating a backup file • HP recommends performing regular backups, preferably daily, and especially after adding hardware or changing the appliance configuration. If you added server hardware to the appliance after the backup file was created, that hardware is not in the appliance database when the restore operation completes.
• Non-data files: Static files that are installed as part of the execution environment, and are not specific to the appliance or managed environment configuration • Log files (except the Audit log file) • Appliance network configuration • First time setup configuration files • Firmware bundles Prerequisites • Minimum required privileges: Infrastructure administrator, Backup administrator Creating and downloading a backup file 1. From the Settings screen, select Actions→Create backup.
22 Managing the appliance 22.1 Managing appliance availability Managing and maintaining appliance availability starts with configuring the appliance virtual machine for high availability as described in “Planning for high availability” (page 83), and following the best practices described in “Best practices for managing a VM appliance” (page 153). In the event of an appliance shutdown, your managed resources continue to operate.
Appliance recovery operations When the appliance restarts, it performs the following operations: • Detects tasks that were in progress and resumes those tasks, if it is safe to do so. If the appliance cannot complete a task, it notifies you that the task has been interrupted or is in some other error state. • Attempts to detect differences between the current environment and the environment at the time the appliance shut down, and refreshes its database with the detected changes.
Restarting the appliance 1. From the Settings screen, select Actions→Restart. A dialog box opens to inform you that all users will be logged out and ongoing tasks will be canceled. 2. 3. Select Yes, restart in the dialog box. Log in when the login screen reappears. 22.2 Managing the appliance settings Appliance settings include the network settings, the clock settings, and the SNMP settings for your appliance in the data center.
1. 2. 3. 4. 5. Install the host operating system on the server. Install the SNMP subsystem on the server. Configure SNMP on the host to use the community string and trap destination of the appliance. Using the latest SPP, install the HP management agent set and associated drivers. You will be prompted for the SNMP community string and the trap destination. After the HP management agent set and associated drivers are installed and running, add the HP ProLiant G7 blade server to the appliance.
access will be controlled by a password generated by HP that will only be provided to the authorized support representative. You can disable access at any time while the system is running. UI screens and REST API resources UI screen REST API resource Settings appliance/settings 22.4.1.1 Roles • Minimum required privileges: Infrastructure administrator 22.4.1.2 Tasks The appliance online help provides information to enable or disable HP support access from either the Settings screen or the REST APIs.
22.4.3.1 Roles • Minimum required privileges: Infrastructure administrator 22.4.3.2 Tasks The appliance online help provides information about managing public keys from the Settings screen or by using the REST APIs to: • Acquire and install the HP public key. • View the HP public key. 22.4.4 Downloading audit logs The audit log helps the security administrator understand what security-related actions took place.
• Specify a license type as part of adding a rack mount server. • View licensing status information through license graphs. • View a list of server hardware that has been assigned a specific license type. 22.5.3 About licensing HP OneView requires a license for each server that it manages. You can purchase server hardware and enclosures with licenses embedded (integrated) on the hardware, or you can purchase licenses separately (nonintegrated) and add them to the appliance.
22.5.3.4 View license status You can view the status of your server hardware licenses using the license graphs from the Settings menu in the Licenses view. NOTE: You may have to refresh the Licenses screen in order for recent license assignments to show up in the license graphs. The license graphs indicate the number of licenses available and required, and the percentage of server hardware that is in compliance (licensed). A complete blue ring indicates 100% compliance.
server blades in the enclosure. When you add a rack mount server, you specify a license type for that server. Both policy and type refer to either of the two licenses: HP OneView or HP OneView w/o iLO. NOTE: The appliance applies embedded (integrated) licenses to the server hardware on which they reside, regardless of the license policy or type you choose.
22.5.4.2 Rack mount server licensing Rack mount server licensing is managed at the server level. When you add a rack mount server to the appliance, you must choose a license type. You cannot change the license type for a rack mount server unless you remove and re-add it. NOTE: Embedded licenses take precedent over the license type you choose. If you add a rack mount server with an embedded license, the appliance assigns the license to that rack mount server, regardless of the license type you choose.
Table 8 Licensing scenarios User action License policy or type Result Notes Add enclosure with embedded HP OneView or HP OneView w/o iLO license. The embedded license Embedded OA licenses are added to takes precedent over the the appliance pool and applied to enclosure license policy server hardware that is not licensed. you select. Add server hardware with embedded HP OneView or HP OneView w/o iLO license.
then verify if a newer version of an appliance update file is available to download from http:// www.hp.com/go/oneviewupdates. Before you install an appliance update, you can examine the release notes to determine new features, restrictions, and whether or not you must restart the appliance after you install the update. NOTE: The release notes for an update are not available after you install the update and should be printed off for future reference.
23 About unsupported and unmanaged hardware Unmanaged and unsupported devices are devices that the appliance does not manage. Adding unmanaged and unsupported devices to the appliance allow tracking, inventory, and power management. 23.1 How the appliance handles unsupported hardware Unsupported hardware is any device that the appliance cannot manage. Unsupported devices are similar to unmanaged devices in that all unsupported devices are not managed by the appliance.
Part V Monitoring The chapters in this part describe using the appliance to monitor your data center. You use the information in this part after the appliance has been configured and the data center resources have been added to the appliance.
24 Monitoring data center status, health, and performance This chapter describes the recommended best practices for monitoring data center status, health, and performance using HP OneView. 24.1 Daily monitoring As part of the daily monitoring of your data center, it is important to be able to quickly scan the appliance-managed resources to assess the overall health of your data center. By reviewing the UI screens, you are able to rapidly analyze the state and condition of your data center. 24.1.
To learn more about utilization graphs, see “Monitoring power and temperature” (page 179). 24.1.4 Monitor data center temperature The appliance provides detailed monitoring data that you can use to determine the power and cooling capabilities of the devices in your data center.
Server hardware health monitoring For server hardware with a Critical or Warning status, the associated server profile might be in failed state, so you need to verify it as well. Monitoring step Related information 1. Expand the server hardware alert to see more information. You can view alerts from the Server Hardware screen, Activity screen, or the Dashboard screen. See the UI help for Server Hardware and “About activities” (page 173). 2.
Monitoring step View the originating event(s) that caused a specific alert. 1. Select an alert. GET /rest/alerts/ 2. Get a specific alert using the alert ID. GET /rest/alerts/{id} 3. Get the associated event(s). GET /rest/events/{id} • Fix the problem. Use the recommended fix (perform a GET operation on the specific alert resource and view the correctiveAction attribute), or research the alert.
perform a GET operation on alerts and filter for alerts related to interconnects. To list states, you can perform a GET operation on interconnects and logical interconnects and filter for an OK state. Monitoring step View alerts for interconnects. 1. Select an interconnect alert. GET /rest/alerts?filter="physicalResourceType='{interconnect}'"&filter="severity='{WARNING, CRITICAL}'" 2. Get a specific alert using the alert ID.
You can assign alerts to the appropriate administrator for their timely resolution. When issues are investigated and resolved, you can clear them so they no longer require your attention. You can annotate alert messages to keep an historical record of issues and their resolutions, or you can note a decision that affected the alert resolution. 24.3.1.1 Activity types: alerts and tasks 24.3.1.1.1 About alerts The appliance uses alert messages to report issues with the resources it manages.
IMPORTANT: The appliance maintains a tasks database that holds information for approximately 6 month’s worth of tasks or 50,000 tasks. If the tasks database exceeds 50,000 tasks, blocks of 500 tasks are deleted until the count is fewer than 50,000. Tasks older than 6 months are removed from the database. The tasks database is different from the stored alerts. 24.3.1.
Status Description Unknown The status of the alert or task is unknown. The status of a task that is set to run at a later time is Unknown. Disabled A task was prevented from continuing or completing; for example, this could indicate a canceled file upload. 24.4 Using the Dashboard screen 24.4.1 About the Dashboard The Dashboard provides a graphical representation of the general health status of several managed resources in your data center.
Table 9 Dashboard graph colors (continued) Color Indication Red A critical condition that requires your immediate attention Blue The percentage of resource instances that match the data being measured (a solid blue graph indicates 100%) Light gray The remainder of resource instances that do not match the data being measured (used in combination with blue) Dark gray Resource instances reporting status other than OK, Warning, or Critical, that is, they are Disabled or Unknown Status icons To assist
The sample graph for the Server Hardware resource shows a total of ten instances of managed server hardware, of which half are either disabled or are unknown devices. Hover your pointing device on the dark gray slice to see a count of server hardware instances with a Disabled and Unknown status. Two instances of server hardware are in a Critical state, and two have a Warning associated with them.
25 Monitoring power and temperature HP OneView enables you to monitor the power and temperature of your hardware environment.
Prerequisites • Minimum required privileges: Server administrator. • You have created a data center and positioned your racks in it. • The placement of racks in your data center accurately depicts their physical locations. • You have specified a thermal limit for your rack using the Racks screen, if your policy dictates a limit (optional). Temperature collection and visualization details • The visualization displays peak rack temperature using a color-coded system.
Manipulating the view of the data center visualization To change the data center view, do one or more of the following: • Move the horizontal slider left to zoom in and right to zoom out. • Move the vertical slider up and down to change the vertical viewing angle. • Click and drag the rotation dial to change the horizontal viewing angle. 25.1.
Table 10 Utilization statistics gathered by resource Utilization metric Resource Power Temperature Custom Enclosures ✓ ✓ ✓ Power Delivery Devices ✓ ✓ ✓ Server Hardware CPU ✓ ✓ NOTE: You can use the Interconnects screen to view utilization graphs that display data transfer statistics for interconnect ports. See the online help for the Interconnects screen.
with the most recent interval data on the right. The minimum time interval is two minutes and the maximum is five days. different units of measurement have a second interval down the right side of the graph. The measurement value at the top of the graph represents the maximum utilization capacity for a given metric. See the online help for more information on creating a custom utilization graph and how to change the level of detail that the graph displays. 25.1.2.2.
25.2 REST API power and temperature monitoring 25.2.1 Update enclosure power capacity settings To update the enclosure capacity settings, perform a PUT operation that includes only the calibratedMaxPower attribute. View the enclosure capacity settings attributes by using a GET operation, edit the calibratedMaxPower attribute, and then perform a PUT operation that includes only the edited calibratedMaxPower attribute.
26 Using the State-Change Message Bus (SCMB) The State-Change Message Bus (SCMB) is an interface that uses asynchronous messaging to notify subscribers of changes to managed resources—both logical and physical. For example, you can program applications to receive notifications when new server hardware is added to the managed environment or when the health status of physical resources changes—without having to continuously poll the appliance for status using the REST APIs.
Figure 16 Connecting the client to the SCMB 1 2 The SCMB consumer requests a client certificate as part of the registration process. The appliance manages the client certificates in a JVK (Java KeyStore) file. 3 4 The appliance issues a client certificate to the SCMB consumer. The SCMB client provides an SSL client certificate to create a connection with the appliance. 5 6 The appliance can revoke the SCMB client certificate to deny access to the SCMB client.
NOTE: The task resources routing key syntax is scmb.resource-category and does not use change-type and resource-uri. To receive messages about all task resources: • scmb.# • scmb.tasks Sample queues Subscription Example Receive all SCMB messages for physical servers scmb.server-hardware.# NOTE: To match everything after a specific point in the routing key, use the pound sign (#). This example uses # in place of resource-uri. The message queue receives all server-hardware resource URIs.
ChangeType values ChangeType value Description Created The resource is created or is added to HP OneView. Updated The resource state, attributes, or both are updated. Deleted The resource is permanently removed from HP OneView.
Additional example-specific prerequisites Example 1 Convert the client certificate and private key to PKCS format for .Net. openssl.exe pkcs12 -passout pass:default -export -in scmb.crt -out scmb.p12 Example 2 Import the scmb.crt into your preferred Windows certificate store. 26.4 .
Examples Example 3 .Net C# code example 1 (directly referencing client certificate) public void Connect() { string exchangeName = "scmb"; string hostName = "OneView.domain"; string queueName = ""; string routingKey = "scmb.#"; ConnectionFactory factory = new ConnectionFactory(); factory.AuthMechanisms = new RabbitMQ.Client.AuthMechanismFactory[] { new ExternalMechanismFactory() }; factory.HostName = hostname; factory.Port = 5671; factory.Ssl.CertPath = @".\scmb.p12"; factory.Ssl.
NOTE: .Net C# code example 2 (Microsoft Windows certificate store) is referencing the Trusted Root Certificate Authorities store, located under Local Computer. • StoreName.Root = Trusted Root Certificate Authorities • StortLocation.LocalMachine = Local Computer 26.5 Java code example The Java code example shows how to connect and subscribe to the SCMB. Prerequisites 1. Download the client certificate and private key. GET /rest/certificates/client/rabbitmq/keypair/default 2.
Example 5 Java code example //c://MyKeyStore contains client certificate and private key. Load it into Java Keystore final char[] keyPassphrase = "MyKeyStorePassword".toCharArray(); final KeyStore ks = KeyStore.getInstance("jks"); ks.load(new FileInputStream("c://MyKeyStore"), keyPassphrase); final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, keyPassphrase); //c://MyTrustStore contains CA certificate.
Example 6 Python code example (pika) import pika, ssl from pika.credentials import ExternalCredentials import json import logging logging.basicConfig() ############################################### # Callback function that handles messages def callback(ch, method, properties, body): msg = json.
Example 7 Python code example (amqplib) #!/usr/bin/env python from optparse import OptionParser from functools import partial import amqp def callback(channel, msg): for key, val in msg.properties.items(): print ('%s: %s' % (key, str(val))) for key, val in msg.delivery_info.items(): print ('> %s: %s' % (key, str(val))) print ('') print (msg.body) print ('-------') print msg.delivery_tag channel.basic_ack(msg.delivery_tag) # # Cancel this callback # if msg.body == 'quit': channel.basic_cancel(msg.
ch.close() conn.close() if __name__ == '__main__': main() 26.7 Re-create the AMQP client certificate If you change the appliance name, you must re-create the AMQP client certificate. Prerequisites • Minimum required session ID privileges: Infrastructure administrator Re-creating and downloading the client certificate, private key, and root CA certificate using REST APIs 1. Revoke the certificate. DELETE /rest/certificates/ca/rabbitmq_readonly Request body is not required.
Part VI Troubleshooting The chapters in this part include information you can use when troubleshooting issues in your data center, and information about restoring the appliance from a backup file in the event of a catastrophic failure.
27 Troubleshooting HP OneView has a variety of troubleshooting tools you can use to resolve issues. By following a combined approach of examining screens and logs, you can obtain a history of activity and of the errors encountered along the way. For specific troubleshooting instructions, select a topic from the following list.
27.1 Basic troubleshooting techniques HP OneView has a variety of troubleshooting tools you can use to resolve issues. By following a combined approach of examining screens and logs, you can obtain a history of activity and the errors encountered along the way. • The Activity screen displays a log of all changes made on the appliance, whether user-initiated or appliance-initiated. It is similar to an audit log, but with finer detail and it is easier to access from the UI.
Recommendation Details When VM host is down or nonresponsive: 1. From the local computer, use the ping command to determine if you can reach the appliance. • If the ping command is successful, determine that the browser settings, especially the proxy server, are correct. Consider bypassing the proxy server. • If the ping command did not reach the appliance, ensure that the local computer is connected to the network. 2. Log onto hypervisor to verify that it (the hypervisor) is running. 3.
3. Click Yes, create. You can continue doing other tasks while the support dump file is created. The support dump file name has the following format: hostname-CI-timestamp.sdmp 4. 5. The support dump file is downloaded when this task is completed. If your browser settings specify a default download folder, the support dump file is placed in that folder. Otherwise, you are prompted to indicate where to download the file.
IMPORTANT: Unless you specify otherwise, the support dump file is encrypted so that only authorized support personnel can view its contents. In accordance with the HP data retention policy, support dump files sent to HP are deleted after use. 27.4 Troubleshooting the appliance 27.4.1 First time setup Symptoms Possible causes and recommendations Appliance cannot access network Appliance network settings are not properly configured 1. 2. 3. 4.
27.4.4 Appliance update is unsuccessful Any blocking or warning conditions affecting the appliance update are displayed prior to the update operation. Symptom Possible cause and recommendation Resource state or 1. Verify that all prerequisites are met. health status changes 2. Correct all degraded health and other blocking conditions that have been identified in notification messages before retrying the update. 27.4.
27.4.7 Backup file creation, download, or restore action fails Symptom Possible cause and recommendation Backup file not created Other related operations are in progress Only one backup file can be created at a time. A backup file cannot be created during a restore operation or while a previous backup file is being uploaded or downloaded. 1. Minimum required privileges: Infrastructure administrator 2. Verify that another backup or restore operation is running.
Symptom Possible cause and recommendation Duplicate GUIDs in the A profile operation was running during the backup network and a server 1. Minimum required privileges: Infrastructure administrator with settings from a 2. Identify the server affected. previous profile 3. Unassign the profile from the server. 4. Reassign the profile to the server. 5. Create a support dump file. 6. Report this issue to your authorized support representative. Error messages: 1.
27.4.9 VM does not restart when VM host time is manually set Symptom Possible cause and recommendation The appliance VM does not restart and the following error appears in the vSphere virtual console: The superblock last mount time is in the future UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY. You are not using NTP and the VM host’s time was incorrectly set to a time in the past. • Reset the time settings on the VM host to the correct time, and then restart the VM appliance.
27.5 Troubleshooting enclosures and enclosures groups 27.5.1 Add or remove enclosure is unsuccessful Symptom Possible cause and recommendation Unable to add an enclosure If the enclosure add fails, a notification panel provides the reason the add action failed and provides a solution to the problem. Often, the resolution is to click the add link that is embedded in the message; the add action rediscovers all components and updates its knowledge of the enclosure.
Symptom Possible cause and recommendation Unable to remove an enclosure You might be unable to remove an enclosure for the following reasons: • Lack of communication with the hardware during the remove action can prevent the appliance from being able to properly manage the interconnect, server hardware, and enclosure settings. To forcibly remove an enclosure from the appliance due to lack of communication, see the UI help for enclosures. • The enclosure is not removed from the appliance.
27.5.2 Add server blade is unsuccessful Symptom Possible cause and recommendation Add server blade failed If a server blade previously associated with this profile is re-inserted in a different place (different bay or enclosure), an error message is shown. The edit link within the expanded error message causes the new server blade location to be pre-populated in the edit profile dialog’s location field when it is displayed. Same server blade, different bay error 1.
27.6.2 Lost iLO connectivity Symptom Possible cause and recommendation Connection error Reset the server to restore network connectivity to the server's management processor and update the firmware again. 27.6.3 HP SUM errors Symptom Possible cause and recommendation Unable to remove the Restart the appliance and update the firmware again. firmware upgrade log files Unable to initiate the firmware update request Update the firmware again. 27.7 Troubleshooting interconnects 27.7.
NOTE: You need your entitlement certificate (physical or electronic document) to restore the license key. Symptom Possible cause and recommendation The license key The license key embedded on the OA has been erased embedded on the OA is not discovered when 1. Go to the HP Licensing for Software Portal at https://www.hp.com/software/licensing to activate, register, and download your license key(s). you add the enclosure 2. Add the key(s) to the appliance from the Settings screen. 27.8.
27.9.3 Physical interconnect warnings and errors Symptom Possible cause and recommendation Interconnect-level warnings or errors Interconnect warnings or errors due to: • Downlink with a deployed connection is not operational • Incorrect firmware version (different from firmware baseline version) • Configuration error • Hardware fault • Lost communication • Connection and redundancy status (no redundant paths) • Administratively disabled ports 27.10 Troubleshooting networks 27.10.
embedded in the message; the add action rediscovers all components and updates its knowledge of the server. Symptom Possible cause and recommendation Cannot add a server Server is already being managed by some other management software and is claimed by that software 1. Follow the instructions in the notification panel. Failures can occur during the add action if all information about a server cannot be acquired.
resource state accordingly, and updating the health status. The appliance creates a task queue for each task during a resynchronization operation. Symptom Possible cause and recommendation Connectivity to server Open the Server Hardware activities panel to determine if any server hardware has a critical is lost status, which might indicate a crash. For servers in that state, follow the troubleshooting recommendations in the alert. 27.12 Troubleshooting server profiles 27.12.
( ). The profile remains on the appliance, but you must to correct it. When you correct the server profile, the profile status changes to OK ( Symptom ). Possible cause and recommendation Server profile is not Prerequisites and conditions have not been met created or updated 1. Verify that the prerequisites listed in the online help have been met. correctly 2.
Symptom Possible cause and recommendation A profile operation timeout when applying BIOS settings The server hardware or its iLO are powered-off or reset • In most cases, retrying the operation resolves the problem The appliance cannot collect progress information from the iLO • In most cases, retrying the operation resolves the problem Auto-assignment for Invalid configuration FlexNIC fails while • Auto-assignment for FlexNIC connections does not validate the following: deploying connections ◦ Bandwid
27.12.3 Profile operations fail Symptom Possible cause and recommendation Message indicates that the server is managed by another management system The enclosure is no longer managed by the appliance To prevent losing all allocated virtual IDs, perform the following steps before forcibly deleting the server profile. 1. Use REST APIs to get the server profile. GET /rest/server-profiles 2. Force delete the profile using the UI or REST APIs. 3.
27.13.3 User public key is not accepted Symptom Possible cause and recommendation User public key does not work or is not accepted Hidden characters introduced during a copy/paste operation change the key code • Enter the key again, taking care to prevent special characters from being injected into the key when pasting it into the public key field 27.13.4 Directory service not available Symptom Possible cause and recommendation No connectivity Directory service server is down 1.
27.13.6 Cannot add server for a directory service Symptom Possible cause and recommendation Connectivity Lost connection with directory service host 1. 2. 3. 4. Verify that the settings for the directory service host are accurate. Verify that the correct port is used for the directory service. Verify that the port you are using for communication is not blocked by any firewalls. Locally run the ping command on the directory service host’s IP address or host name to determine if it is on-line. 5.
28 Restoring an appliance from a backup file This chapter describes how to use the UI, REST APIs, or a custom-written PowerShell script to restore a corrupted appliance from a backup file. A restore operation is required only to recover from catastrophic failures, not to fix minor problems that can be resolved in other ways.
28.3 Preparing to restore an appliance • Make sure that all users logged in to the appliance log out. Users who are logged in when the restore operation begins are automatically logged out, losing whatever work was in progress. All users are blocked from logging in during a restore operation. • Stop all automatically scheduled backups. Restart the automatically scheduled backups after the appliance is restored.
28.4 Restore an appliance from a backup file Before you restore an appliance from a backup file, note the following: • A restore operation should only be used to recover from catastrophic failures. Do not use it for minor problems that can be resolved in other ways. • The appliance is not operational during a restore operation. • A restore operation cannot be canceled or undone after it has started. • Use the latest backup file to restore the appliance.
Restoring an appliance from a backup file 1. 2. 3. From the Settings screen, select Actions→Restore from backup. Read the on-screen notification, then select the check box to confirm. From the dialog box that opens, do one of the following: • Drag the backup file from a local folder or directory and drop it into the indicated field. • Click Browse and select the backup file to upload. NOTE: 4. Not all browsers and browser versions offer the same capabilities. Click Upload file.
cleanup of hardware (servers, interconnects, and enclosures) if server profiles are forcibly unassigned or the hardware is forcibly removed without first being unconfigured. Preventing duplicate IDs on the network after a restore 1. After a restore operation is complete, re-add any enclosure or server hardware added since the selected backup.
29 Support and other resources To learn how to contact HP, obtain software updates, submit feedback on documentation, and locate links to HP OneView websites and other related HP products, see the following topics. 29.
After redeeming your license certificate activation key, you are prompted to register for software technical support and update services. Licenses that are embedded in the hardware are automatically registered. See http://www.hp.com/go/insightlicense for more information. 29.4.2 Using your software technical support and update service Once registered, you receive a service contract in the mail containing the customer service phone number and your Service Agreement Identifier (SAID).
• HP ProLiant education http://www.hp.com/learn/proliant • HP Storage products http://www.hp.com/go/storage • HP Virtual Connect http://www.hp.com/go/virtualconnect 29.6 Submit documentation feedback HP is committed to providing documentation that meets your needs. To help us improve our documentation, send errors, suggestions, and comments to: docsfeedback@hp.
A Step by step: Configuring an example data center using HP OneView This appendix contains an illustrated example of using the HP OneView appliance UI to configure and manage an example (fictional) data center. It demonstrates using the UI to: 1. Provision eight VMware vSphere ESXi host servers using the HP OneView appliance and vSphere Auto Deploy feature.
• Two HP BladeSystem c7000 Enclosures, each of which contain HP Virtual Connect FlexFabric modules and several different models of HP BladeServer server blades • A pair of SAN switches that connect to data center storage devices • A pair of Ethernet switches that connect to the data center networks • An HP 3PAR Storage System that connects directly to one of the enclosures (a Flat SAN configuration) All of the hardware is located in the same room.
Enclosure 2 Attribute Description Name Enclosure-1904 Primary Onboard Administrator IP address 172.18.1.13 Secondary Onboard Administrator IP 172.18.1.
Table 11 SAN A and SAN B Fibre Channel network configurations Configuration attribute Value Notes Type Fibre Channel Fabric type Fabric attach Choose Fabric attach for Fibre Channel networks that connect to SAN switches in the data center. Preferred bandwidth 2.5 Gb/s This is the default value displayed on the Create network screen. Maximum bandwidth 8 Gb/s This is the default value displayed on the Create network screen.
Figure 17 Sample data center: Fibre Channel network connections HP 3PAR Storage System Fabric-attached HP storage devices SAN uplink connections (Direct attach) SAN B SAN A 0 4 1 5 2 6 3 7 8 12 9 13 10 14 11 15 16 20 17 21 18 22 19 23 24 28 25 29 26 30 27 31 1 2 Vdc 0 1 2 Vdc 4 1 5 2 6 3 7 8 12 9 13 10 14 11 15 16 20 17 21 18 22 19 23 24 28 25 29 26 30 27 31 1 2 Vdc HP StorageWorks 4/32B SAN Switch 1 2 Vdc HP StorageWorks 4/32B SAN Swi
Table 15 Development networks Name VLAN ID dev 1105 1105 dev 1106 1106 dev 1107 1107 dev 1108 1108 Table 16 Test networks Name VLAN ID test 1111 1111 test 1112 1112 test 1113 1113 test 1114 1114 Table 17 Ethernet network configuration values Configuration attribute Value Notes Type Ethernet Preferred bandwidth 2.5 Gb/s This is the default value displayed on the Create network screen. Maximum bandwidth 10 Gb/s This is the default value displayed on the Create network screen.
Configuration attribute Value Gateway address 172.18.0.0 Preferred DNS server 172.18.0.0 Alternate DNS server 172.18.0.1 IPv6 address assignment Unassigned (do not use IPv6 addresses) A.3.
A.3.4 Planning resource names Searching and filtering in the appliance is based on a smart search model. By embedding information about the resource in the resource name, you can take advantage of the search and filter capability. In this example: • All uplink set names include the text US. Example: testUS • The names of Direct attach Fibre Channel networks include the text FlatSAN.
6. “Create an unassigned server profile for use as a template for ESXi servers” (page 250). This server profile includes a firmware baseline, the BIOS settings for the profile, and the network connections required for vSphere host servers in the sample data center. 7. “Copying the template server profile to eight servers” (page 255). A.5.
After the networks are added, when you select a network in the master pane, you can see details about that network in the details pane. For each of the networks you created: • The value for Uplink Set is none because you have not yet defined an uplink set that uses this network. You will define the logical interconnect and its uplink sets in “Creating a logical interconnect group and its uplink sets” (page 244). • The value for Used by is none because there are no server profiles using this network.
k. 3. Click Create + to create another network. The appliance creates the network and opens the Create network dialog box. This dialog box uses the configuration values you selected in the preceding steps, except for the name and VLAN ID. Create the production networks. For this procedure, you use the default values displayed on the Create network dialog box.
The following illustration shows the Networks screen after you add the Ethernet networks. A.5.3.3 Configuring the network sets You use network sets to create multiple networks per connection. During this task, you will use the smart search features of the appliance to quickly narrow down the list of networks to those networks you will add to the network set. 1. From the main menu, select Network Sets, and then click + Create network set in the master pane. The Create network set dialog box opens. 2. 3.
The Create network set dialog box shows the networks that you added to the network set. 4. d. Select a network in the network set to receive untagged traffic. i. On the Create network set dialog box, under Networks, locate the first network. ii. Select the check box under Untagged. The network you select as untagged receives untagged traffic in addition to traffic tagged with the VLAN ID for the network.
5. b. In the search box, enter dev to filter the list of networks. c. Select all of the dev networks listed and click Add. d. Select Untagged for the first network in the list of networks. e. Click Create +. Create the network set for the test networks: a. For Name, enter test networks and click Add networks. The Add Networks to dev networks dialog box opens. b. In the search box, enter test to filter the list of networks. c. Select all of the test networks listed and click Add. d.
3. 4. 5. In the top left box, click Add interconnect and select HP Virtual Connect FlexFabric 10Gb/24-Port Module. In the top right box, click Add interconnect and select HP Virtual Connect FlexFabric 10Gb/24-Port Module. Leave the dialog box open so that you can create the uplink sets. Creating the uplink sets for the Fibre Channel networks The uplink sets assign data center networks to physical interconnect ports. 1. Click Add uplink set. The Add uplink set dialog box opens. 2. 3.
5. Add the uplink set for the SAN B: a. For Name, enter SAN B. b. For Type, select Fibre Channel. c. For Network, select SAN B. d. Configure the uplink ports. For Interconnect under Uplink Ports, select Interconnect: 2 and then select ports X3 and X4. e. Click Create. The Create logical interconnect group dialog box opens. See the following illustration for an example. Creating the uplink sets for the Ethernet networks The uplink sets assign data center networks to physical interconnect ports.
e. Add the ESXi networks: i. In the search box, enter esx to display only the ESXi networks. ii. Select all of the EXSi networks listed. TIP: Select all networks listed by pressing and holding either Shift or Ctrl and then left-clicking the networks. Alternatively, select one of the networks and then use Ctrl+A to select all of the networks listed. 3. iii. Click Add. f. Add the uplink ports: i. Click Add uplink ports to open the Add Uplink Ports to esxUS dialog box. ii.
4. 5. Click Create to create the logical interconnect group. In the details pane of the Logical Interconnect Groups screen, you can use your pointing device to hover over an uplink set in the diagram to highlight the connections for that uplink set. A.5.5 Creating an enclosure group for vSphere (ESXi) hosts An enclosure group defines a set of enclosures that use the same configuration for network connectivity.
3. 4. For Logical interconnect group, select EsxFlexFabricLIG. Click Create. A.5.6 Adding the enclosure Adding an enclosure brings the rack, the enclosure, and the enclosure's contents—server hardware and interconnects—under managed control. You add an enclosure by providing its IP address or host name, along with the enclosure's Onboard Administrator credentials. In this procedure, you will also establish a firmware baseline for the enclosure.
Viewing server hardware types From the main menu, select Server Hardware Types. The Server Hardware Types screen lists server hardware types for each unique server hardware configuration added to the appliance. The default name assigned to each server hardware type starts with an abbreviated form of the server model name and ends with an enumerator. For example, BL460c Gen8 1 is an HP ProLiant BL460c server with a Flexible LOM and an HP FlexFabric 10Gb 2-port 554FLB Adapter.
1. From the main menu, select Server Profiles and then click + Create profile. The Create Server Profile dialog box opens. 2. Under General, enter the following information: • For Name, enter ESX TEMPLATE. • For Description, enter Standard server profile for stateless autodeploy. • For Server hardware, select unassigned. • For Server hardware type, select BL460c Gen8 EsxStandard. • For Enclosure group, select EsxFlexFabricGroup. • 3.
a. b. c. d. Add two connections to the esxi mgmt 1131 network. When you finish entering the information for a connection, click Add + to add this connection and reopen the dialog box so that you can add the connections in the next step. Attribute Value Device type Ethernet Network esxi mgmt 1131 Requested bandwidth 2.5 (the default value) FlexNIC Auto (the default value) Boot For the first connection, select Primary. For the second connection, select Secondary.
e. f. Add one connection to the SAN A network. Enter the information shown in the following table, and then click Add + to add the connection and reopen the dialog box for the next step. Attribute Value Device type Fibre Channel Network SAN A Requested bandwidth 2.5 (the default value) FlexNIC Auto (the default value) Boot Not bootable Add one connection to the SAN B network. Enter the information shown in the following table, and then click Add to add the connection and close the dialog box.
4. 5. Scroll down to see other items in the dialog box. Configure the boot order for this server profile. Manage boot order is selected by default. Drag and drop the items so that they are in this order: 1. PXE 2. HardDisk 3. CD 4. Floppy 5. USB Notice that the number next to each item is adjusted automatically when you use the drag-and-drop method to change the order. 6. Edit the BIOS settings: a. Select Manage BIOS. b. Click Edit BIOS Settings. The Edit BIOS Settings dialog box opens.
d. Click OK to save the edits and close the dialog box. The Create Server Profile dialog box displays the BIOS settings whose values differ from the default values. 7. Under Advanced, ensure that Virtual is selected for Serial Number/UUID, MAC addresses, and WWN addresses. Selecting Virtual for these settings provides flexibility because the appliance assigns these numbers and addresses.
4. (Optional) View the progress of the create profile action from the Server Profiles screen. Optionally, launch the iLO remote console to view the progress of the boot and firmware load operations for the server: a. From the main menu, select Server Hardware. b. In the master pane, select an instance of server hardware. c. Select Actions→Launch console. The appliance launches the remote console for the selected server. A.
8. In Name, enter FlatSAN B and click Create. The Networks screen opens. After the networks are added, when you select a network in the master pane, you can see the details about that network in the details pane. For each of the networks you created: • The value for Uplink Set is none because you have not yet defined a logical interconnect and uplink set that uses this network. • The value for Used by is none because there are no server profiles using this network.
3. Click Add to add the enclosure. The appliance discovers the interconnects in the enclosure, creates a logical interconnect group, and opens the Edit DirectAttachGroup logical interconnect group screen (see the following illustration). 4. Add the uplink sets for the Flat SAN networks: a. Click Add uplink set. The Add uplink set screen opens. b. c. 5. Configure the uplink set for the FlatSAN A Fibre Channel network. • For Name, enter FlatSAN A. • For Type, select Fibre Channel.
c. d. 6. For Network, select FlatSAN B. Configure the uplink ports. For Interconnect under Uplink Ports, select Interconnect: 2 and then select ports X3 and X4. e. Click Create + to add the FlatSAN B uplink set to the logical interconnect group and reopen the Add uplink set screen. Add the uplink set for the Ethernet production networks: a. For Name, enter prodUS. b. For Type, select Ethernet. The dialog box expands to include additional configuration items. c. For Connection Mode, select automatic.
7. Click OK and add enclosure. The appliance adds the enclosure, the enclosure group, the logical interconnect group, and the uplink sets: Enclosure name Encl2 Enclosure group name DirectAttachGroup Logical interconnect group name DirectAttachGroup interconnect group A.6.4 Creating the server profile 1. From the main menu, select Server Profiles and then click + Create profile. The Create Server Profile screen opens. 2. Enter the general information: • For Name, enter win2k12 boot from 3PAR.
3. 4. 5. • For Server hardware type, select BL460c Gen8 Standard. • For Enclosure Group, select DirectAttachGroup. • For Firmware Baseline, select Manage manually. Click Add Connection to open the Add Connection dialog box. Add two connections to the prod networks network set. Because the configuration is the same for both network sets, you can enter the information, and then click Add + twice to add both connections and reopen the dialog box for the next step.
6. Add one connection to the FlatSAN B network. Enter the information shown in the following table, and then click Add to add the connection and close the dialog box. Attribute Value Device type Fibre Channel Network FlatSAN B Requested bandwidth 2.5 (the default value) FlexNIC Auto (the default value) Boot Not bootable The following illustration shows the Connections panel for the server profile after you add the connections. 7. 8.
b. Click Edit BIOS Settings. The Edit BIOS Settings dialog box opens. The server hardware type that you selected for this profile determines the default values for the BIOS settings. c. Scroll to Power Management Options and for HP Power Profile, select Maximum Performance. Changing this setting results automatic changes to several other BIOS settings. d. Click OK to save the edits and close the dialog box.
1. In the master pane of the Server Profiles screen, select win2k12 boot from 3PAR. The appliance displays the details about the server profile in the details pane. 2. 3. In the Connections panel, scroll so that the two Fibre Channel connections are visible. Record the WWPN information for FlatSAN A and FlatSAN B. A.7 Bringing an HP ProLiant DL360p Gen8 rack mount server under management This example demonstrates bringing the following HP ProLiant DL360p Gen8 rack mount server under management.
A.7.2 Adding the server hardware 1. 2. From the main menu, select Server Hardware, and then click + Add server hardware. Enter the following information: • For iLO IP address, enter 172.18.6.15. • Enter the credentials for the iLO administrator account: User name iLOAdmin and password S&leP@ssw0rd. • 3. 4. For Licensing, select the default, OneView.
NOTE: To view utilization data or connect to the remote console, the server must have the appropriate licenses. See “Adding a license for the server” (page 267). 3. 4. Explore the links to additional information. Some items in the Hardware panel are links. The cursor changes when you use your pointing device to hover over a link. In this example: • If you click the IP address shown for iLO under Host name or IPv4, you launch the iLO remote console for the server.
In this example, the server is related to Rack-173 and the DL360p Gen 8 1 server hardware type. 5. Click Rack-173 to display the Map view for the rack. 6. To return to the Server Hardware screen, click the Server Hardware box. A.7.5 Adding a license for the server If you do not purchase licenses that are embedded in the enclosure or server hardware, you must add licenses to the appliance. The online help provides detailed information about licensing and how the appliance manages licenses. A.
To add an HP OneView license for the server you added in “Adding the server hardware” (page 265): 1. Do one of the following: • From the warning message for the server you just added, click the Add license key link. • From the main menu, select Settings, and then select Actions→Add license. The Add license dialog box opens. 2. Enter or paste your license key into the License Key box, and then click Add. The appliance adds the license to the license pool. 3. 4.
B Using the virtual appliance console B.1 Using the virtual appliance console The virtual appliance console has a restricted browser interface that supports the following: • Appliance networking configuration in non-DHCP environments • Password reset requests for the Administrator account • Advanced diagnostics for authorized support representatives Use the virtual appliance console to access the appliance and configure the appliance network for the first time.
C Backup and restore script examples C.1 Sample backup script As an alternative to using Settings→Actions→Create backup from the appliance UI, you can write and run a script to automatically create and download an appliance backup file. Example 8 “Sample backup.ps1 script” provides a sample PowerShell script that uses REST calls to create and download an appliance backup file. Cut and paste this sample script into a file on a Windows system that runs PowerShell version 3.
Example 8 Sample backup.ps1 script # (C) Copyright 2013 Hewlett-Packard Development Company, L.P. ########################################################################################################################### # Name: backup.ps1 # Usage: {directory}\backup.ps1 or {directory}\backup.ps1 filepath # Parameter: $filepath: optional, uses the file in that path as the login credentials.
} catch [System.Exception] { Write-Host $_.Exception.message if ($_.Exception.getType() -eq [System.IO.
##### getApiVersion: Get X_API_Version ##### function getApiVersion ([int32] $currentApiVersion,[string]$hostname) { <# .DESCRIPTION Sends a web request to the appliance to obtain the current Api version. Returns the lower of: Api version supported by the script and Api version supported by the appliance. .PARAMETER currentApiVersion Api version that the script is currently using .PARAMETER hostname The appliance address to send the request to (in https://{ipaddress} format) .
# create the request body as a hash table, then convert it to json format $body = @{ userName = $username; password = $password } | convertTo-json # use setup-request to issue the REST request to login and get the response try { $loginResponse = setup-request -Uri $fullLoginUri -method "POST" -accept "application/json" -contentType "application/json" -Body $body if ($loginResponse -ne $null) { $loginResponse | convertFrom-Json } } catch [System.
function waitFor-completion ([object]$taskResource,[string]$authValue,[string]$hostname) { <# .DESCRIPTION Checks the status of the backup every twenty seconds, stops when status changes from running to a different status .PARAMETER taskResource The response object from the backup-appliance method .PARAMETER authValue The authorized session ID .PARAMETER hostname The appliance to connect to (in https://{ipaddress} format) .INPUTS None, does not accept piping .
if ($global:interactiveMode -eq 1) { Write-Host "`n" Write-Host "Backup stopped abnormally" Write-Host $errorMessage } else { #log error message Write-EventLog -EventId 100 -LogName Application -Source backup.ps1 -Message "Backup stopped abnormally" Write-EventLog -EventId 100 -LogName Application -Source backup.
Write-EventLog -EventId 100 -LogName Application -Source backup.ps1 -Message $error[0].Exception.Message } } } ##### Function to download the backup file ##### function download-Backup ([PSCustomObject]$backupResource,[string]$authValue,[string]$hostname) { <# .DESCRIPTION Downloads the backup file from the appliance to the local system. Tries to use the curl command. The curl command has significantly better performance especially for large backups.
Write-Host "Backup download complete!" } } catch [System.Management.Automation.CommandNotFoundException] { return download-Backup-without-curl $backupResource $authValue $hostname } catch [System.Exception] { Write-Host "Not able to download backup" Write-Host $error[0].Exception return } return $filePath } ##### Function to download the Backup file without using the curl command ##### function download-Backup-without-curl ([PSCustomObject]$backupResource,[string]$authValue,[string]$hostname) { <# .
if (($errorObject.message.length -gt 0) -and ($errorObject.recommendedActions.length -gt 0)) { $errorMessage = $errorObject.message + " " + $errorObject.recommendedActions } } catch [System.Exception] { #Use exception message } if ($global:interactiveMode -eq 1) { Write-Host $errorMessage } else { Write-EventLog -EventId 100 -LogName Application -Source backup.
#Use exception message } if ($isSilent) { throw $errorMessage } elseif ($global:interactiveMode -eq 1) { Write-Host $errorMessage } else { Write-EventLog -EventId 100 -LogName Application -Source backup.
Write-Host "Could not initialize backup" } Write-EventLog -EventId 100 -LogName Application -Source backup.ps1 -Message "Could not initialize backup" return } #loops to keep checking how far the backup has gone $taskResource = waitFor-completion $taskResource $authValue.sessionID $hostname if ($taskResource -eq $null) { if ($global:interactiveMode -eq 1) { Write-Host "Could not fetch backup status" } Write-EventLog -EventId 100 -LogName Application -Source backup.
4. Calls start-restore() to start the restore. 5. Calls restore-status() to periodically check the restore status until the restore completes. If you pass the -status option to the script, the script verifies and reports the status of the last or an ongoing restore until the restore process is complete: 1. Calls recover-restoreID() to get the URI to verify the status of the last or an ongoing restore. 2. Calls restore-status() to periodically verify the restore status until the restore completes. C.
Example 9 Sample restore.ps1 script #(C) Copyright 2013 Hewlett-Packard Development Company, L.P. ########################################################################################################################### # Name: restore.ps1 # Usage: {directory}\restore.ps1 or {directory}\restore.
Write-Host "Enter user name" $secUsername = Read-Host -AsSecureString $username = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($secUsername)) Write-Host "Enter password" $secPassword = Read-Host -AsSecureString $password = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.
The correct password associated with username .PARAMETER hostname The appliance address to send the request to (in https://{ipaddress} format) .INPUTS None, does not accept piping .OUTPUTS Outputs the response body containing the needed session ID. .
{ return } $uploadResponse = $rawUploadResponse | convertFrom-Json if ($uploadResponse.status -eq "SUCCEEDED") { Write-Host "Upload complete." return $uploadResponse } else { Write-Host $uploadResponse return } } else { Write-Host "Version of curl must support SSL to get improved upload performance." return uploadTo-appliance-without-curl $filepath $authinfo $hostname $backupFile } } catch [System.Management.Automation.
$rs.write($contentDisp,0,$contentDisp.Length); [byte[]]$contentType = [System.Text.Encoding]::UTF8.GetBytes($conType + "`r`n`r`n"); $rs.write($contentType,0,$contentType.Length); $fs.CopyTo($rs,$bufferSize) $fs.close() [byte[]]$endBoundaryBytes = [System.Text.Encoding]::UTF8.GetBytes("`n`r`n--" + $boundary + "--`r`n"); $rs.write($endBoundaryBytes,0,$endBoundaryBytes.Length); $rs.close() } catch [System.Exception] { Write-Host "Not able to send backup" Write-Host $error[0].Exception } try { [net.
$rawRestoreResponse = setup-request -uri $fullRestoreUri -method "POST" -accept "application/json" -contentType "application/json" -authValue $authinfo -Body $body $restoreResponse = $rawRestoreResponse | convertFrom-Json return $restoreResponse } catch [Net.WebException] { Write-Host $_.Exception.message } } ##### Check for the status of ongoing restore ##### function restore-status ([string]$authinfo = "foo",[string]$hostname,[object]$restoreResponse,[string]$recoveredUri = "") { <# .
} if ($statusResponse.status -eq "FAILED") { Write-Host "`r`nRestore failed! System should now undergo a reset to factory defaults." } Start-Sleep 10 } while ($statusResponse.status -eq "IN_PROGRESS") return } ##### Recovers Uri to the restore resource if connection lost ##### function recover-restoreID ([string]$hostname) { <# .DESCRIPTION Uses GET requests to check the status of the restore process. .PARAMETER hostname The appliance to end the request to. .INPUTS None, does not accept piping .
if ($authValue -ne "0") { $request.Headers.Item("auth") = $authValue } $request.Headers.Add("X-API-Version: $global:scriptApiVersion") if ($body -ne $null) { #write-host $body $requestBodyStream = New-Object IO.StreamWriter $request.getRequestStream() $requestBodyStream.WriteLine($body) $requestBodyStream.flush() $requestBodyStream.close() } # attempt to connect to the Appliance and get a response [net.httpsWebResponse]$response = $request.
$loginVals = query-user if ($loginVals -eq $null) { Write-Host "Error passing user login vals from function query-host, closing program." return } #determines the active Api version $global:scriptApiVersion = getApiVersion $global:scriptApiVersion $loginVals.hostname if ($global:scriptApiVersion -eq $null) { Write-Host "Could not determine appliance Api version" return } $authinfo = login-appliance $loginVals.userName $loginvals.password $loginVals.
Index A Actions menu, 59 activity, 173 see also alert see also task states, 175 statuses, 175 types, 174 administrator password resetting, 148 agentless management, 21 aggregation switch see data center switch alert, 173, 174 auto-cleanup, 174 appliance backup and restore features, 23 backup file best practices, 149 backup script, 271 crash recovery, automated features, 154 crash recovery, data protection, 153 crash recovery, manual, 154 creating support dump file, 201 describing icons, 62 downloads from, 5
Information Library, 76 online help, 75 submit feedback to HP, 229 website, 76 downlink, 123 E enclosure adding, affected resources, 87 HP BladeSystem website, 228 managing, 132 environment initial configuration, 91 environmental management, 22 Ethernet networks VLAN range, 119 EULA how to view, 59 F Fibre Channel Direct attach, 117 Fabric attach, 117 flat SAN, 117 uplink set, 124 Fibre Channel Direct attach, 117 Fibre Channel Fabric attach, 117 Fibre Channel over Ethernet (FCoE) downlink from enclosure i
staged firmware and reboot actions, 85 unsupported hardware, 122 interconnect modification failure troubleshooting, 211 K key combinations virtual appliance console, 269 L LACP, 115 LAG, 115 license about, 159 compliance, 160 delivery, 159 enclosures, 161 hardware, 160 iLO Advanced license, 159 rack mount servers, 162 reporting, 159 servers, 160 utilization, 162 view, 160 Link Aggregation Control Protocol see LACP Link Aggregation Group see LAG log files, 201 logical interconnect adding, 125 compliance ch
search, 66, 67 security Administrator password, 79 allowing access by support personnel, 79 and DoS attacks, 24 and RBAC (role-based access control), 24, 80 appliance, 24 audit log policy, 80 audit logging, 24 best practices, 46 certificate, 50, 80 certificates, 24 data download restrictions, 24 directory service support, 24 firewall, 81 hypervisor client access policy, 80 management LAN, 24, 79 open ports, 81 overview of features, 24 passwords, 48 separation of data and management, 24 SNMP read community s
navigating screens, 58 screen topography, 58 user role, 80, 144 utilization iLO Advanced license requirement, 182 meters, 181 overview, 181 panel, 181 setting US or metric units of measure, 58 V view selector, 59 virtual appliance console, 269 Virtual Connect website, 229 VLAN ID matching uplink set to data center switch ports, 115 VM host requirements for, 82 vSphere client security access, 80 W web browser required plugins and settings, 57 supported features and settings, 57 supported types and version,