HP OneView 1.05 User Guide Abstract This guide describes HP OneView features, interfaces, resource model design, and secure working environment. It describes up-front planning considerations and how to use the HP OneView appliance UI or REST APIs to configure, manage, monitor, and troubleshoot your data center infrastructure. It also includes information about the SCMB (State-Change Message Bus) and a step-by-step example that configures a sample data center from start to finish.
© Copyright 2013-2014 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents I Learning about HP OneView.......................................................................13 1 Learning about HP OneView..................................................................15 1.1 HP OneView for converged infrastructure management......................................................15 1.2 Hardware and software provisioning features...................................................................16 1.2.1 Server profiles.........................................................
2.19.4 Unmanaged devices............................................................................................42 3 Understanding the security features of the appliance.................................45 3.1 Securing the appliance..................................................................................................45 3.2 Best practices for maintaining a secure appliance............................................................46 3.3 Creating a login session...............................
Using the REST APIs and other programmatic interfaces.............................71 5.1 Resource operations......................................................................................................71 5.2 Return codes...............................................................................................................72 5.3 URI format...................................................................................................................72 5.4 Resource model format..........
10 Quick Start: Adding a network to an existing appliance environment.........99 10.1 Process....................................................................................................................100 11 Quick Start: Adding an enclosure and connecting its server blades to networks...............................................................................................103 11.1 Checklist: connecting a server blade to a data center network.........................................103 11.
17.3 Tasks for licenses......................................................................................................129 17.4 About licensing........................................................................................................129 17.4.1 License types.....................................................................................................129 17.4.2 License delivery.................................................................................................130 17.4.
20 Managing enclosures and enclosure groups.........................................153 20.1 Prerequisites for bringing an enclosure under management............................................153 20.2 Roles......................................................................................................................154 20.3 Tasks for enclosures..................................................................................................154 20.4 About enclosures...................................
24.7 Creating a custom script to create and download an appliance backup file.....................174 25 Managing the appliance...................................................................175 25.1 Updating the appliance.............................................................................................175 25.1.1 About managing appliance updates.....................................................................175 25.1.2 Roles.................................................................
26.3.3 Activity states...................................................................................................192 26.3.4 Activity statuses................................................................................................192 26.4 Using the Dashboard screen......................................................................................193 26.4.1 About the Dashboard........................................................................................193 26.4.
29.6.3 HP SUM errors.................................................................................................230 29.7 Troubleshooting interconnects.....................................................................................230 29.7.1 Interconnect edit is unsuccessful...........................................................................230 29.7.2 Interconnect modules are in Maintenance state.....................................................230 29.8 Troubleshooting licensing..........
A Step by step: Configuring an example data center using HP OneView..........251 A.1 Tasks you can perform without data center hardware...........................................................251 A.2 Information about the sample data center..........................................................................251 A.2.1 Sample data center hardware...................................................................................251 A.2.2 Data center networks..............................................
Part I Learning about HP OneView This part describes HP OneView and its model for data center resources and introduces you to the terms and concepts used in this document and the appliance online help.
1 Learning about HP OneView 1.1 HP OneView for converged infrastructure management Optimized for collaboration, productivity, and reliability, the HP OneView appliance is designed to provide simple, single-pane-of-glass lifecycle management for the complex aspects of enterprise IT—servers, networking, software, power and cooling, and storage.
and server profiles established by your experts, you can enable system administrators to provision and manage thousands of servers without requiring that your experts be involved with every server deployment. One tool and one data set—one view HP OneView combines complex and interdependent data center provisioning and management into one simplified and unified interface.
• Streamlined process for bringing hardware under management (page 19) • Operating system deployment (page 19) 1.2.1 Server profiles A server profile captures key aspects of a server configuration in one place, including firmware levels, BIOS settings, network connectivity, boot order configuration, iLO settings, and unique IDs. Server profiles are one of the features that enable you to provision converged infrastructure hardware quickly and consistently according to your best practices.
Types of groups and sets Group or set Description Enclosure group A group of enclosures that use the same configuration, such network connectivity and firmware versions for the Onboard Administrator and interconnect modules. All members of an enclosure group use the same logical interconnect group.
Flexibility in design and deployment HP OneView provides flexibility in the creation of groups, templates, and sets. For example, you can create a logical interconnect group in these ways: • Before you add an enclosure to the appliance, you can create a logical interconnect group that specifies how you want the interconnects to be configured, and an enclosure group that specifies how you want the enclosure to be configured.
1.3 Firmware and configuration change management features 1.3.1 Simplified firmware management The appliance provides fast, reliable, and simple firmware management across the data center. When you add a resource to the appliance, to ensure compatibility and seamless operation, the appliance automatically updates the resource firmware to the minimum version required to be managed by the appliance.
Isolated management network The appliance architecture is designed to separate the management traffic from the production network, which increases reliability of the overall solution. For example, your data center resources remain operational even in the unlikely event of an appliance outage. Automatic configuration for monitoring When you add resources to the appliance, they are automatically configured for monitoring, and the appliance is automatically registered to receive SNMP traps.
1.4.1 Data center environmental management HP OneView integrates these critical areas for environmental management of the data center: • Thermal data visualization in 3D • Power delivery infrastructure representation • Physical asset location in 3D Feature Description Thermal data visualization 3D data center thermal mapping provides a view of the thermal status of your entire data center.
• View alerts for a specific resource from the UI screen for that resource or using the REST API for that resource. • Automatically forward SNMP traps from managed resources to enterprise monitoring consoles or centralized SNMP trap collectors. 1.4.4 Hardware and firmware inventory information HP OneView provides detailed hardware and firmware inventory information about the resources it manages.
1.6 Security features CATA (Comprehensive Applications Threat Analysis) is a powerful HP security quality assessment tool designed to substantially reduce the number of latent security defects. The design of the HP OneView appliance employed CATA fundamentals and underwent CATA review.
1.8 Graphical and programmatic interfaces The HP OneView appliance was developed to use a single, consistent resource model embodied in a fast, modern, and scalable HTML5 user interface and industry-standard REST APIs for mobile, secure access and open integration with other management software.
1.9 Integration with other HP management software Onboard Administrator HP OneView interacts seamlessly with the Onboard Administrator to provide complete management of HP BladeSystem c7000 enclosures. A user’s Onboard Administrator privileges are determined by the role assigned to the user’s HP OneView appliance account. HP Integrated Lights-Out HP OneView interacts seamlessly with the iLO management processor to provide complete management of HP servers.
When you add hardware with an embedded license to the appliance, the appliance automatically applies the license. Your software license is also automatically registered for support when the hardware is registered. • You can also purchase and activate licenses separately, enabling you to add licenses for existing hardware. • If you already have an iLO Advanced license for a server, you can purchase an HP OneView license that does not include the iLO Advanced license.
Network sets You can define a collection of Ethernet data center networks to be identified by a single name, called a network set. You can specify a network set instead of an individual network when you define a connection from a server to the data center networks. By using network sets, you can make changes to networks that are members of a network set without having to make changes to each server profile that uses that network set.
2 Understanding the resource model The HP OneView appliance uses a resource model that reduces complexity and simplifies the management of your data center. This model provides logical resources, including templates, groups, and sets, that when applied to physical resources, provides a common structure across your data center.
The UI and REST APIs are organized by resource. The documentation for the UI and REST APIs are also organized by resource. To view the complete list of resources, see the HP OneView REST API Reference in the online help. The following sections introduce the resources shown in Figure 1 (page 29). 2.
Relationship to other resources A connection template resource is associated with zero or more connection resources. A connection resource is associated with the appropriate connection template for a type of network or network set.
Relationship to other resources A server hardware type resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more server profiles • Zero or more servers of the type defined by that server hardware type UI screens and REST API resources UI screen REST API resource Server Hardware Types server-hardware-types For more information about server hardware types, see the online help for the Server Hardware Types screen. 2.
UI screens and REST API resources UI screen REST API resource Notes Server Hardware server-hardware You use the server hardware resource, not the server profile resource, to perform actions such as powering off or powering on the server, resetting the server, and launching the HP iLO remote console. You can launch the HP iLO remote console through the UI. The REST APIs do not include an API to launch the HP iLO remote console.
UI screens and REST API resources UI screen REST API resource Notes None None The UI does not refer to enclosure type, but the enclosure type is used by the appliance when you add an enclosure. The enclosures REST resource includes an enclosureType attribute. 2.9 Enclosures An enclosure is a physical structure that contains server blades, the Onboard Administrator, and interconnects. For information about the supported enclosure models, see the HP OneView Support Matrix.
Relationship to other resources An interconnect type resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more interconnects UI screens and REST API resources UI screen REST API resource Notes Interconnects interconnect-types The UI does not display or refer to the interconnect type resource specifically, but the information is used by the appliance when you add or manage an interconnect using the Interconnects screen. 2.
Relationship to other resources An interconnect resource is associated with the following resources in the resource summary diagram (page 29): • Exactly one enclosure • Exactly one logical interconnect, and, through that logical interconnect, exactly one logical interconnect group UI screens and REST API resources UI screen REST API resources Interconnects interconnects, interconnect-types, and logical-interconnects For more information about interconnects, see the online help for the Interconnects
Relationship to other resources A logical interconnect group resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more logical interconnects • Zero or more enclosure groups The uplink sets defined by a logical interconnect group specify the initial configuration of the uplink sets of each logical interconnect in the group.
The Server administrator is not required to know the details about interconnect configurations Because a logical interconnect is managed as a single entity, the server administrator is isolated from the details of interconnect configurations.
The uplink sets defined by a logical interconnect group specify the configuration for uplink sets used by logical interconnects that are members of the group. If the uplink sets of a logical interconnect do not match the uplink sets of the logical interconnect group, the appliance notifies you that the logical interconnect is not consistent with its group.
Relationship to other resources A network set resource is associated with the following resources in the resource summary diagram (page 29): • Zero or more connections, and, through those connections, zero or more server profiles • Zero or more Ethernet networks UI screens and REST API resources UI screen REST API resource Network Sets network-sets For more information about network sets, see the online help for the Network Sets screen. 2.
UI screens and REST API resources UI screen REST API resource Settings Several REST API resources are related to the appliance and appliance settings. See the resources in the following categories in the HP OneView REST API Reference in the online help: • Settings • Security For more information about various appliance configuration settings, see the online help for the Settings screen. 2.19 Resources related to data center facilities 2.19.
Relationship to other resources A rack resource is associated with the following resources in the resource summary diagram (page 29): • Zero or one data centers • Zero or more enclosures • Zero or more instances of server hardware (for HP ProLiant DL servers) • Zero or more unmanaged devices • Zero or more power delivery devices UI screens and REST API resources UI screen REST API resource Racks racks For more information about racks, see the online help for the Racks screen. 2.19.
All devices connected to an HP Intelligent Power Distribution Unit (iPDU) using an HP Intelligent Power Discovery (IPD) connection are added to the appliance as unmanaged devices: • If a device is supported for management by the appliance, you can add that device to the appliance. • If a device is not supported for management by the appliance, you can include that device in power, cooling, and space planning by leaving it in the list of unsupported devices.
3 Understanding the security features of the appliance Most security policies and practices used in a traditional environment are applicable in a virtualized environment. However, in a virtualized environment, these policies might require modifications and additions. 3.1 Securing the appliance CATA (Comprehensive Applications Threat Analysis) is a powerful HP security quality assessment tool designed to substantially reduce the number of latent security defects.
• Operating-system-level users are not allowed to access the appliance, with the following exceptions: ◦ A special pwreset command used only if the Infrastructure administrator password is lost or forgotten. This command requires that you contact your authorized support representative to obtain a one-time password. For more information, see the online help.
◦ Maintain a zone of trust, for example, a DMZ (demilitarized zone) that is separate from production machines. ◦ Ensure proper access controls on Fibre Channel devices. ◦ Use LUN masking on both storage and compute hosts. ◦ Ensure that LUNs are defined in the host configuration, instead of being discovered. ◦ Use hard zoning (which restricts communication across a fabric) based on port WWNs (Worldwide Names), if possible.
3.5 Controlling access for authorized users Access to the appliance is controlled by roles, which describe what an authenticated user is permitted to do on the appliance. Each user must be associated with at least one role. 3.5.1 Specifying user accounts and roles User login accounts on the appliance must be assigned a role, which determines what the user has permission to do.
You must have Infrastructure administrator privileges to download the audit log. Monitor the audit logs because they are rolled over periodically to prevent them from getting too large. Download the audit logs periodically to maintain a long-term audit history. Each user has a unique logging ID per session, enabling you to follow a user’s trail in the audit log. Some actions are performed by the appliance and might not have a logging ID.
Example 1 Sample audit entries: user login and logout 2013-09-16 14:55:20.706 CST,Authentication,,,administrator,jrWI9ych,,, SUCCESS,LOGIN,INFO,CREDENTIAL,,Authentication SUCCESS . . . 2013-09-16 14:58:15.201 CST,Authentication,,,MISSING_UID,jrWI9ych,,, SUCCESS,LOGOUT,INFO,CREDENTIAL,,TERMINATING SESSION 3.8 Choosing a policy for the audit log Choose a policy for downloading and examining the audit log.
3.10.2 Self-signed certificate The default certificate generated by the appliance is self-signed; it is not issued by a trusted certificate authority. By default, browsers do not trust self-signed certificates because they lack prior knowledge of them. The browser displays a warning dialog box; you can use it to examine the content of the self-signed certificate before accepting it. 3.10.2.1 Verifying a certificate You can verify the authenticity of the certificate by viewing it with your browser.
3.10.3 Using a certificate authority Use a trusted CA (certificate authority) to simplify certificate trust management; the CA issues certificates that you import. If the browser is configured to trust the CA, certificates signed by the CA are also trusted. A CA can be internal (operated and maintained by your organization) or external (operated and maintained by a third party). You can import a certificate signed by a CA, and using it instead of the self-signed certificate.
3.12.2 SSL connection The client should specify HTTPS as the protocol to ensure SSL is used on the network to protect sensitive data. If the client specifies HTTP, it will be redirected to HTTPS to ensure that SSL is used. The appliance certificate, which the client requires, allows the SSL connection to succeed.
3. 4. Press and release the space bar. Press and release F1 to select the non-graphical console or F2 to select the graphical console. 3.14.1 Enabling or disabling authorized services access When you first start up the appliance, you can choose to enable or disable access by on-site authorized support representatives. By default, on-site authorized support representatives are allowed to access your system through the appliance console and diagnose issues that you have reported.
Table 2 Supported SSL cipher suites (continued) SSL cipher suite SSL version Kx Au Enc Mac DES-CBC3-SHA SSL v3 RSA RSA 3DES (168) SHA1 DHE-RSA-AES128-SHA SSL v3 DH RSA AES (128) SHA1 AES128-SHA SSL v3 RSA RSA AES (128) SHA1 3.16 Downloads from the appliance You can download the following data files from the appliance: • Support dump By default, all data in the support dump is encrypted and accessible by an authorized support representative only.
4 Navigating the graphical user interface 4.1 Browsers For general information about browser use, see the following topics: • “Supported browsers” (page 57) • “Browser best practices for a secure environment” (page 52) • “Commonly used browser features and settings” (page 57) 4.1.1 Supported browsers For information about the web browsers that are supported for use with HP OneView, see the HP OneView Support Matrix. 4.1.
4.1.3 Set the browser for US or metric units of measurement To configure how units of measurement are displayed—either in United States (US) or metric units—change the region portion of the language setting in your browser. Metric units are used for all regions except the United States region. Specify the United States as your region code if you want United States customary units. Specify any other region code if you want metric units.
Figure 2 Screen topography 1 2 3 4 Networks 20 v All statuses v ? All types v Create network C1 net Overview Actions v v Name VLANID Type .............................................................
4.3 About the Activity sidebar The Activity sidebar shows tasks initiated during the current session. The most recent task is displayed first. Task notifications provide information (including in-progress, error, and completion messages) about tasks that were launched. The Activity sidebar differs from the Activity screen because it displays only recent activity. The Activity screen, in contrast, displays all activities and allows you to list, sort, and filter them.
Table 4 UI buttons Button Description Add and Add + Adds items from your current data center environment (such as enclosures, server hardware, and other physical items) and brings them under appliance management. • Add adds a single item and closes the screen or dialog box. • Add + enables you to add another item in the same session. Create and Create + Creates logical constructs used by the appliance (such as server profiles, logical interconnect templates, and network sets).
Figure 6 Help sidebar ? Help Documentation 1 Help on this page 2 Browse help 3 Browse REST API help 4 First time setup License 5 End-User License agreement 6 Written Offer Community 7 1 2 3 HP OneView Forum Opens context-sensitive help for the current screen in a new browser window or tab. Opens the top of the help contents in a new browser window, which enables you to navigate to the entire table of contents for the UI help.
Large icon Small icon Resource Activity Task OK Informational Success Disabled Canceled Unknown An In progress rotating icon indicates that a change is being applied or a task is running. This icon can appear in combination with any of the resource states. For example: 4.8.2 User control icons Icon Name Action Expand menu Expands a menu to show all options View details Identifies a title that has additional information. Clicking the title changes the view to display details.
Icon Name Description Session control Displays your login name and the duration of your current session. Also provides a link you can use to log out of the appliance. To change your full name, password, and contact information, click the Edit icon next to your login name Help control • When this icon is at the top of a dialog box, you can click it to open context-sensitive help for that topic in another window or tab.
Figure 7 Sample Map view 1Z34AB7890 Apr 30 10:17AM Map Actions v Add enclosure: 192.0.2.0 HPTC-RACK - 01 Racks ............................................................................................................................................................... Enclosure HPTC Groups ...............................................................................................................................................................
Figure 8 Notifications area ! A, Slot 1 Overview Actions v 1 The system A, Slot 1 is not configured for redundant power because it has 1 c... All 0 1 0 General > Model ! Manag Location Power Maximum Serial 2 A, Slot 1 Overview The system A, Slot 1 is notconfigured for redundant power because it has 1 connected power input(s). The system must have at least 2 connected power inputs(s) to have redundant power. Actions 0 All 1 v 0 The system A, Slot 1 is ...
5. • Wildcard characters, such as the asterisk (*), are not supported. • These search operators are not supported: ◦ Plus sign (+) ◦ Minus sign or hyphen (–) ◦ Double quotes (" ") ◦ Special characters (non-alphanumeric) Press Enter or click List Topics to start the search process. Search results are presented as links to the sections in which the search term appears. 6.
When you start typing, search suggestions are provided based on pattern matching and previously-entered search criteria. • Select a suggestion to change your filter to the suggestion and submit it (as if you had pressed Enter). • Press Enter to see the list of search matches. • If you are doing a resource match, the master pane is filtered to match your search input. TIP: Enter complete words or names as your search criteria. Partial words or names might not return the expected results.
Advanced searching and filtering with properties TIP: Enclosure a search value in double quotes if the value contains spaces. Enter complete values for the properties. Partial values do not return search results. Example of advanced filtering syntax Search results By model name: All hardware that matches the model number and name. model:"BladeSystem c7000 Enclosure G2" model:"ProLiant BL460c Gen8" model:"HP VC 8Gb 20-Port FC Module" By name: An enclosure with the name enclosure10.
Figure 10 Filter resource instances by their health status HP OneView Search Server Hardware 15 Status Reset All statuses + Add server hardware Name Critical Warning Model Server Profile ...................................................................................................... Unmanaged Server Dl 360P Ok Gen8 Unmanaged Server Dl 360P Gen8 Unknown Unmanaged Server Dl 360P Gen8 Disabled Unmanaged Server Dl 360P Gen8 none buta-ilo Dl 360P Gen8 none 4.14.
5 Using the REST APIs and other programmatic interfaces REST (Representational State Transfer) is a web service that uses basic CRUD (Create, Read, Update and Delete) operations performed on resources using HTTP POST, GET, PUT, and DELETE. To learn more about REST concepts, see http://en.wikipedia.org/wiki/Representational_state_transfer. The appliance has a resource-oriented architecture that provides a uniform REST interface.
5.2 Return codes Return code Description 2xx Successful operation 4xx Client-side error with error message returned 5xx Appliance error with error message returned NOTE: If an error occurs, indicated by a return code 4xx or 5xx, an ErrorMessage is returned. The expected resource model is not returned. 5.3 URI format All URIs point to resources. The client does not need to create or modify URIs.
5.6 REST API version and backward compatibility When you perform a REST API operation, an X-API-Version header is required. This version header corresponds to the REST API version of software currently running on the appliance. To determine the correct REST API version, perform /rest/version. This GET operation does not require an X-API-Version header. If multiple appliances are running in your environment, you need to determine the REST API version required by each appliance.
resource model. You can use the TaskResource resource model URI to list the current status of the operation. 5.8 Task resource When you make an asynchronous REST API operation, HTTP status 202 Accepted is returned and the URI of a TaskResource resource model is returned in the Location header of the response. You can then perform a GET on the TaskResource model URI to poll for the status of the asynchronous operation.
a query would return a large number of resources. The collection attributes (described below) provide information needed to determine whether the full set of resources were returned, or if additional queries are required to retrieve additional pages. For example, a collection object includes a next page and previous page URI. These URIs indicate whether additional pages are available, and can be retrieved via a GET operation on these URIs.
The simplest way to make sure that you have retrieved all resources in a specific collection is to always perform iterative GET requests using the returned nextPageUri until the value is null. See the following example in pseudo-code based on any filters/queries and sort order: currentCollection = doGet("/rest/server-hardware"); allResources = currentCollection.members; While (currentCollection.nextPageUri) { currentCollection = doGet(currentCollection.nextPageUri); allResources.Append(currentCollection.
To receive development discussions, sign up on the public mailing list at https://groups.google.com/ forum/#!forum/hp-oneview-python. 5.
6 Accessing documentation and help This chapter describes how to access help from the appliance, how to access the publicly available online information library, and where to find REST API help and reference documentation. 6.
• Planning information, including configuration decisions to make and tasks that you might need to perform before you install an appliance, add managed devices, or make configuration changes • Quick starts that provide high-level step-by-step instructions for selected tasks that might require that you configure multiple resources using the UI or REST APIs. • An illustrated example of using the UI to configure a sample data center 6.
4. 5. 6. Navigate to the hp-oneview-help/content or hp-oneview-restapi/content directory. Double-click the index.html file to open the HP OneView help system. If you are serving the files from a web server, communicate the full URL to the index.html file to your user community to enable them to browse to the UI and REST API help and reference information. 6.
Part II Planning tasks The chapters in this part describe data center configuration planning tasks that you might want to complete before you install the appliance or before you make configuration changes. By completing these planning tasks, you can create a data center configuration that takes full advantage of the appliance features and is easier for your administrators to monitor and manage.
7 Planning your data center resources In addition to ensuring that your environment meets the prerequisites for installation of the appliance, there are other planning tasks you might want to complete before adding data center resources. By completing these planning tasks, you can create a data center configuration that takes full advantage of the appliance features and is easier for your administrators to monitor and manage. 7.
1 and 2 ◦ Examples of network names that follow the recommended naming conventions include the following: dev_1105_A prod_1102_1 test_1111_left ◦ If you plan to use multi-network connections in server profiles, create network sets that contain all the networks to be used by a single profile connection.
For more information about the search capabilities of the appliance, see “Search resources” (page 67). 7.5 Planning the appliance configuration These topics cover appliance configuration. 7.5.1 Appliance VM and host requirements HP OneView is delivered as a virtual appliance running on a VMware vSphere Hypervisor VM (virtual machine).
7.5.6 IP addresses You must specify what type of IP addresses are in use and how they are assigned to the appliance, either manually by you or assigned by a DHCP (Dynamic Host Configuration Protocol) server: 88 • You must choose either IPv4 or IPv6 addresses. • The appliance IP address must be static. • If you use a DHCP address for the appliance it must have an infinite lifetime or permanent reservation.
8 Planning for configuration changes This chapter identifies configuration changes that might result in a resource being taken offline temporarily or that might require that you make changes to multiple resources. 8.1 Configuration changes that require or result in resource outages Appliance Taking an appliance offline does not affect the managed resources—they continue to operate while the appliance is offline. When you install an appliance update, the appliance is taken offline.
each server profile connection to reconfigure it to specify the network you added. Because you must edit the server profile to edit the connection, you must power off the server. • If you attempt to delete a network that is a member of a network set, the appliance warns you that the network is assigned to at least one network set.
• • Logical Interconnects and Logical Interconnect Groups. For a server connected to a logical interconnect to access a network, the logical interconnect must have an uplink set that includes a connection to that network: ◦ You might need to update multiple logical interconnects. ◦ You can make configuration changes to the logical interconnect group, and then update each logical interconnect from the group.
Part III Configuration quick starts The quick starts provided in this part describe the basic resource configuration tasks required to quickly bring the primary components of your hardware infrastructure under appliance management. Additional resource configuration and ongoing management tasks are documented in Part IV.
9 Quick Start: Initial Configuration This quick start describes the process to bring your data center resources under management of the appliance after you complete the appliance installation. This quick start recommends an order for adding resources to an appliance that has not previously been configured. 9.1 Process overview 1. 2. 3. Before you install the appliance, you might want to plan for your data center configuration.
To use REST APIs to configure the appliance and bring your environment under management for the first time, see the REST API help, which is available from the Help Sidebar. Table 5 First time setup: initial configuration tasks Configuration task Add users to the appliance 1. Create user accounts assigned with predefined or specialized privileges with local or directory-based authentication. See the Users and Groups online help for more information.
connections, thus enabling the appliance to provide powerful monitoring and management functionality: • The Data Centers screen generates a 3D model of your IT environment, which you can use for planning and organization purposes. • The Data Centers screen displays power and temperature data to enable you to monitor power consumption rates. The appliance monitors and reports peak temperatures for racks and their components to identify and alert you about potential cooling issues.
10 Quick Start: Adding a network to an existing appliance environment This quick start describes the process to add a network to an existing appliance environment and enable existing server blades to access the network you added. NOTE: If you are performing initial configuration steps after installing an appliance, HP recommends that you add networks and network sets before you add enclosures. See “Quick Start: Initial Configuration” (page 95).
10.1 Process When you add a network to the appliance, you might need to make configuration changes to the following resources: Resource Task Description Networks 1. Add the network. • Adding a network does not require that you take resources offline. • For more information about networks, see “Managing networks and network resources” (page 135), the online help for the Networks screen, or the REST API scripting help for networks and network sets. Logical Interconnect Groups 2.
Resource Task Description Server Profiles and Server Hardware 5. Power off the server before • When you add a network to an appliance, it is immediately available. you edit the server profile. However, for a server blade to connect to that network the server 6. Edit the server profile to profile for the server blade must include a connection to either the add a connection to the network or a network set that includes the network. network.
11 Quick Start: Adding an enclosure and connecting its server blades to networks This quick start describes the process to add an enclosure to an existing appliance environment and enable the server blades to access the existing data center networks.
Configuration requirement Why you need it Server profile must have at least one connection, which must specify a network or network set You do not have to know the hardware configuration, but you do have to choose an available network or network set to specify which networks the server is to use. If you specify a network set in a server profile connection, the network set must include at least 1 network You can think of a network set as an alias through which you can refer to many different networks.
Process Resource Task Description Enclosures 1. Add the enclosure. • When you add the enclosure, specify an existing enclosure group. • When you add an enclosure, you also must select a firmware baseline and a licensing option. • For more information about enclosures, see “Managing enclosures and enclosure groups” (page 153), the online help for the Enclosures screen, or the REST API scripting help for enclosures. Server Profiles 2.
Process Resource Task Description Logical Interconnect Groups 1. Create a logical interconnect group. • You must create a logical interconnect group before you can create an enclosure group. • You add uplink sets as part of creating a logical interconnect group. Ensure that at least one of the uplink sets you add includes an uplink port to the data center networks you want to access.
• The networks and network sets, if any, have been added to the appliance. To add networks or network sets, see “Quick Start: Adding a network to an existing appliance environment” (page 99) or “Managing networks and network resources” (page 135). • See “Prerequisites for bringing an enclosure under management” (page 153) for prerequisites and preparation you must complete before you add an enclosure.
12 Quick Start: Configuring an enclosure and server blade for Direct attach to an HP 3PAR Storage System This quick start describes the process for adding and configuring an enclosure so that its servers can connect to an HP 3PAR Storage System that is directly attached to the enclosure.
12.1 Process Resource Task Description Networks 1. Add the Fibre • If you add the networks from the Networks screen: Channel Direct attach networks. ◦ For Type, select Fibre Channel ◦ For Fabric type, select Direct attach • For more information about networks, see “Managing networks and network resources” (page 135), the online help for the Networks screen, or the REST API scripting help for networks and network sets. Logical Interconnect Groups 2.
13 Quick Start: Adding an HP ProLiant DL rack mount server This quick start describes the process for adding a rack mount server. The features supported by the appliance vary by server model. For information about the features supported for HP ProLiant DL servers, see “Server hardware features supported by the appliance” (page 122). For an illustrated example of this task, see “Step by step: Configuring an example data center using HP OneView” (page 251).
14 Quick Start: Adding an active/active network configuration This quick start describes the process to add an active/active configuration for an enclosure. Prerequisites • Minimum required privileges: Infrastructure administrator or Network administrator for adding networks. • Minimum required privileges: Infrastructure administrator or Server administrator for changing the server profile configurations.
14.1 Process For each VC interconnect module you want to set up as an active/active configuration in the appliance, make configuration changes to the following resources: Resource Task Description Networks 1. Add a pair of Ethernet networks for each VLAN you want to connect: one network for the first interconnect module and another for the second interconnect module using the same VLAN ID. For example, create Dev101_A and Dev101_B for VLAN ID 101.
Resource Task Description 4. Edit the server profile to add two connections: assign one port for the networks or network sets on one module and a different port for the networks or network sets on the other module. Make sure the networks associated with the uplink ports in the uplink set match the networks assigned to the profile connections in the downlink ports. For example, Connection1 is LOM1:1-a for DevSet_A and Connection2 is LOM1:1–b for DevSet_B. 5. Power on the server. 14.
15 Quick Start: Migrating from an active/standby to an active/active network configuration This quick start describes the process of migrating from an existing active/standby configuration to an active/active configuration for an enclosure. Prerequisites • Minimum required privileges: Infrastructure administrator or Network administrator for adding networks. • Minimum required privileges: Infrastructure administrator or Server administrator for changing the server profile configurations.
Resource Task Description Network Sets 9. (Optional) Add network sets for the • Adding a network to a network set does not require that you networks created in step 3. take resources offline. Server profiles that have connections to the network set do not have to be updated when a network is added to the network set. • Duplicate VLAN IDs are not allowed in the same network set.
Part IV Configuration and management The chapters in this part describe the configuration and management tasks for the appliance and the resources it manages.
16 Managing server hardware and server profiles Managing servers with the appliance involves interacting with several different resources on the appliance: • A server profile captures the entire server configuration in one place, enabling you to consistently replicate new server profiles and to rapidly modify them to reflect changes in your data center environment. • A server profile enables management of your server hardware.
16.1.1 Roles • Minimum required privileges: Infrastructure administrator or Server administrator 16.1.2 Tasks for server hardware The appliance online help provides information about using the UI or the REST APIs to: • Get information about the server hardware. • Power on and power off a server. • Reset a server. • Launch the iLO remote console to manage servers remotely. • Add a rack mount server. • Add a server blade to an existing enclosure.
16.1.4 Prerequisites for bringing server hardware under management Server hardware must meet the following prerequisites for the appliance to manage it. Prerequisites Item Requirement Server hardware model The server hardware must be a supported model listed in the HP OneView Support Matrix. iLO firmware The iLO3 and iLO4 (Integrated Lights-Out) firmware version must meet the minimum requirement listed in the HP OneView Support Matrix. The server hardware is connected to a live power source.
16.1.5.1 How the appliance handles unsupported hardware Unsupported hardware is any device that the appliance cannot manage. Unsupported devices are similar to unmanaged devices in that all unsupported devices are not managed by the appliance. The difference is that you can bring unmanaged devices under management of the appliance if you take the appropriate actions or properly configure them. Unsupported hardware can never be managed by the appliance.
16.1.6 Tasks for server hardware types The appliance online help provides information about using the UI or the REST APIs to: • Edit the name or description of the server hardware type. • Delete a server hardware type. 16.1.7 About server hardware types A server hardware type defines the physical configuration for server hardware and defines the settings that are available to server profiles to be assigned to that type of server hardware.
16.2.1 Roles • Minimum required privileges: Infrastructure administrator or Server administrator 16.2.2 Tasks for server profiles The appliance online help provides information about using the UI or the REST APIs to: • Get information about a server profile. • Create and apply a server profile. • Specify identifiers and addresses when creating a server profile. • Connect the server to data center networks by adding a connection to a server profile. • Edit the BIOS settings of a server profile.
unapplied sections are reapplied. For example, if a firmware update succeeds but the subsequent BIOS portion of the apply operation fails, the firmware is not applied a second time when the profile is reapplied. This helps to prevent unnecessary and time-consuming updates for the profile. NOTE: For best performance, perform server profile management tasks on one enclosure at a time.
17 Managing licenses You manage licenses from the Settings screen or by using the REST APIs. 17.1 UI screens and REST API resources UI screen REST API resource Settings licenses 17.2 Roles • Minimum required privileges: Infrastructure administrator 17.3 Tasks for licenses The appliance online help provides information about using the UI or the REST APIs to: • Add a license key to the appliance license pool. • Specify a license policy as part of adding an enclosure.
When you add an enclosure or rack mount server to the appliance, you must specify one of these licenses. After a 60-day trial period, the appliance displays an alert if you do not have enough licenses to support the existing servers. The alert appears on the Dashboard and in the Settings view after login and does not clear until you add enough licenses. 17.4.2 License delivery License delivery depends on how the license is purchased.
Figure 11 Sample license graphs HP OneView w/o iLO 0% 1 2 Compliance 14 Licenses required 0 Licenses available 0 Servers licensed 1 The license type for which status information is being reported. HP OneView 100% Compliance 3 2 100 Licenses available 1000 Servers licensed The license graph indicates the percentage of servers that are licensed. 3 The number of licenses required (if any), the number of licenses available, and the number of servers with licenses.
When you add an enclosure to the appliance, you must choose a server hardware license policy. This sets the licensing policy for all server hardware in the enclosure. You cannot change the policy for an enclosure unless you remove and re-add the enclosure. For more information on how the appliance handles enclosure licenses, see “About licensing” (page 129). NOTE: A license embedded on a server blade will override the enclosure license policy.
• If the server hardware has an existing permanent iLO Advanced license, the appliance assigns an HP OneView w/o iLO license, regardless of the license type you choose. • If the rack mount server does not have an embedded license, the appliance attempts to assign a license from the license pool. • If there are not enough licenses available, a notification is displayed that instructs you on how to address the issue.
Table 8 Licensing scenarios (continued) User action License policy or type Result Add enclosure or server hardware with no embedded license. Any Licenses available in the pool Remove server hardware. HP OneView The license remains assigned to the server hardware. (applied to server hardware). Notes After the 60-day trial period, The appliance assigns a license to the a message notifies you when there are not enough licenses server hardware.
18 Managing networks and network resources This chapter describes configuring and managing networks and network resources for the enclosures and server blades managed by the appliance. For information about configuring the network settings for the appliance, see “Managing the appliance settings” (page 178). NOTE: The network features described in this chapter apply to enclosures and server blades only.
Instead of assigning a single network to a connection in a server profile, you can assign a network set to that connection. • • You can create a network set for your production networks and one for your development networks. • You can configure a hypervisor with a vSwitch to access multiple VLANs by creating a network set as a trunk that includes these networks. Network set details • Network sets are supported for use in server profiles.
18.3.1 Fibre Channel network types The Virtual Connect interconnect modules in enclosures support two types of Fibre Channel connections to storage devices: • Fabric attach connections—The enclosure interconnects connect to data center SAN fabric switches. • Direct attach connections—Also called Flat SAN, in which the enclosure interconnects connect directly to a supported storage device, such as an HP 3PAR StoreServ Storage system.
Servers connecting to a Direct attach Fibre Channel network have access to all devices connected on the uplink ports defined for that network. If there is more than one connection from a FlexFabric module to the storage system, each server can access as many paths to the storage LUN (logical unit number) as there are connections to the storage system. For Direct attach Fibre Channel networks, the enclosure interconnect does not distribute server logins evenly across uplink ports.
When defined on this appliance, Ethernet networks connected to enclosure interconnects require a VLAN ID. • You can add multiple Ethernet networks that use the same VLAN ID. This capability is required for logical interconnects that use an active/active configuration. • Each network name in the appliance must be unique. • The number of networks supported on an appliance is limited by the number of networks added, not the number of VLAN IDs that are used. 18.4.
2 of Enclosure 1, then the data center switch ports that connect to those X2 ports must be configured to support VLAN IDs 1101, 1102, 1103, and 1104. • If multiple uplinks in an uplink set connect the same interconnect to the same data center switch, to ensure that all the uplinks in the uplink set are active, you must configure the data center switch ports for LACP (Link Aggregation Control Protocol) in the same LAG (Link Aggregation Group).
19 Managing interconnects, logical interconnects, and logical interconnect groups A logical interconnect group acts as a recipe for creating a logical interconnect representing the available networks, uplink sets, stacking links, and interconnect settings for a set of physical interconnects in a single enclosure.
Connectivity and synchronization with the appliance The appliance monitors the health status of interconnects and issues alerts when there is a change in status of an interconnect or port. The appliance maintains the configuration that you specify on the interconnects that it manages. The appliance also monitors the connectivity status of interconnects. If the appliance loses connectivity with an interconnect, an alert is displayed until connectivity is restored.
• Configure a port to monitor network traffic. • Change Ethernet settings such as: ◦ Fast MAC cache failover ◦ MAC refresh interval ◦ IGMP (Internet Group Management Protocol) snooping and idle timeout interval ◦ Loop protection 19.2.3 About logical interconnects A logical interconnect is a single administrative entity that consists of the configuration for the interconnects in an enclosure, which includes: • The uplink sets, which connect to data center networks.
For Ethernet networks, an uplink set enables you to identify interconnect uplinks that carry multiple networks over the same cable. For Fibre Channel connections, you can add one network to an uplink set. Fibre Channel does allow virtual networks or VLANs. An uplink set is part of a logical interconnect.
Redundantly Connected There are at least two independent paths between any pair of interconnects in the logical interconnect, and there are at least two independent paths from any downlink port on any interconnect in the logical interconnect to any other port (uplink or downlink) in the logical interconnect.
logical interconnect group. If you change the uplink sets for an existing logical interconnect group, only enclosures that you add after the configuration change are configured with the new uplink set configuration. When you add an enclosure and assign an enclosure group, the appliance creates a logical interconnect for that enclosure. The logical interconnect it creates matches the configuration specified by the logical interconnect group that is associated with the enclosure group.
19.2.5 About active/active and active/standby configurations When choosing which HP Virtual Connect network configuration to use (active/active or active/standby), consider the type of network traffic an enclosure must support. For example, will there be much server to server traffic (east/west) needed within the enclosure, or is the traffic flow mainly in and out bound (north/south) of the enclosure.
19.2.5.2.1 Requirements and best practices for an active/active configuration To have a functioning active/active configuration in HP OneView, you must have two HP Virtual Connect modules and set up the resources according to the following requirements. For an example of an active/active configuration, see “Sample active/active configuration” (page 149).
19.2.5.2.2 Sample active/active configuration Physical server 1 NIC TEAM Port 1 Port 2 d1 IO Bay 1 Network vNet 101A -Internal VLAN 3 -External VLAN 101 d1 SL1 SL1 SL2 SL2 Network vNet 101B -Internal VLAN 5 -External VLAN 101 Uplink Set U1 Uplink Set U2 X1 X1 X2 IO Bay 2 X2 VLAN 101 ToR Switch 19.2.6 About SNMP settings Network management systems use SNMP (Simple Network Management Protocol) to monitor network-attached devices for conditions that require administrative attention.
interconnect and logical interconnect group, comparing the two, and checking the following for consistency: Items Compliance checking Ethernet interconnect settings Are there differences in the following logical interconnect settings from the expected configuration defined by the logical interconnect group? • Enabling Fast MAC cache failover • MAC refresh intervals • Enabling IGMP snooping • IGMP idle timeout intervals • Loop and pause flood protection Uplink sets Are there differences in port assignme
19.2.9 Learning more • “Logical interconnect groups” (page 36) • “Logical interconnects” (page 37) • “Uplink sets” (page 38) 19.
20 Managing enclosures and enclosure groups An enclosure is a physical structure that can contain server blades, infrastructure hardware, and interconnects. An enclosure group specifies a standard configuration for all of its member enclosures. Enclosure groups enable administrators to provision multiple enclosures in a consistent, predictable manner in seconds. UI screens and REST API resources UI screen REST API resource Enclosures enclosures Enclosure Groups enclosure-groups 20.
20.2 Roles • Minimum required privileges: Infrastructure administrator or Server administrator 20.3 Tasks for enclosures The appliance online help provides information about using the UI or the REST APIs to: • Add an enclosure to manage its contents. • Remove an enclosure from management. • Add a server blade to an existing enclosure. • Remove a server blade from an existing enclosure. • Bring an unmanaged enclosure under management.
NOTE: HP does not recommend using iLO or the OA to make changes to a device. Making changes to a device from its iLO or OA could cause it to become out of synchronization with the appliance. You can manually refresh the connection between the appliance and an enclosure from the Enclosures screen. Refreshing an enclosure will refresh all devices in it. See the online help for the Enclosures screen to learn more. 20.4.
• The OA firmware is updated to minimum firmware levels, listed in the HP OneView Support Matrix. • The server hardware iLO time zone is set to Atlantic/Reykjavik as recommended in the iLO documentation. The time zone setting determines how the server hardware iLO adjusts UTC (Coordinated Universal Time) time to obtain the local time, and how it adjusts for daylight saving time (summer time).
21 Managing firmware for managed devices NOTE: This chapter describes how to manage the firmware for devices managed by the appliance. For information about updating the firmware for the appliance, see “Updating the appliance” (page 175). A firmware bundle, also known as an HP Service Pack for ProLiant (SPP), comprises a set of deliverables, a full-support ISO file, and six subset ISOs divided by HP ProLiant server family and operating system.
Unsupported firmware for enclosures When adding an enclosure, the appliance: • Generates an alert if the logical interconnect firmware for the interconnects is below the required minimum level or if the interconnect firmware levels do not match. You must update the logical interconnect firmware from the Logical Interconnects screen or REST APIs.
resources in the enclosure (OA, all member interconnects, and server hardware firmware including iLO). In the UI, select Enclosures→Actions→Update firmware, and then select from the following options: • • Option Device updated Enclosure OA firmware Enclosure + logical interconnect + server profiles OA, all member interconnects, and server hardware firmware including iLO You update a firmware bundle for a logical interconnect to apply the same firmware baseline to all member interconnects.
Best practice Description Verify the managed device setting Do not update the firmware on a managed device unless the firmware baseline is before updating the firmware. set to manage manually. If you choose to create custom HP recommends using HP SPPs. You can use HP SUM 6.0 or later to create custom SPPs, use HP SUM to create them. SPPs, which can be uploaded to the appliance repository.
22 Managing power and temperature You can use the appliance to manage the power and temperature of your IT hardware. 22.1 Managing power To manage power, you describe your power delivery devices to the appliance using the Power Delivery Devices screen or the REST APIs. The appliance discovers HP Intelligent Power Delivery Devices (iPDUs) and their connections automatically.
The Power Delivery Devices screen describes the following classes of devices: • HP Intelligent Power Distribution Units (HP iPDUs), which the appliance can automatically discover and control. • Other power delivery devices that the appliance cannot discover. By manually adding these devices to the appliance, they become available for tracking, inventory, and power management purposes.
data center as a whole. The appliance enables you to bring power and cooling management of your servers, enclosures, and power delivery devices together in a single management system. The Layout view of the data center is color-coded to depict the peak temperature recorded in the last 24 hours. Default data center: Datacenter 1 When you initialize the appliance for the first time, it creates a data center named Datacenter 1. The appliance provides this data center as a place to visualize your racks.
rack PDUs that provide power to the rack, and their physical position in the rack or on either side. You can also describe how the devices in the rack are connected to those PDUs. NOTE: The default rack height is 42U. When the appliance discovers an HP Intelligent Series Rack, it sets the rack height to 42U if there is no managed server hardware above slot 42.
23 Managing users and authentication The appliance requires users to log in with a valid user name and password, and security is maintained through user authentication and role based authorization. User accounts can be local, where the credentials are stored on the appliance or can be on a company or organizational directory (Microsoft Active Directory, for example) hosted elsewhere, where the appliance contacts the defined directory server to verify user credentials.
23.4 About user roles User roles enable you to assign permissions and privileges to users based on their job responsibilities. You can assign full privileges to a user, or you can assign a subset of permissions to view, create, edit, or remove resources managed by the appliance.
Table 11 Action privileges for user roles (continued) Category Action privileges for user roles (C=Create, R=Read, U=Update, D=Delete, Use) Infrastructure administrator Server administrator Network administrator Backup administrator Read only connections CRUD R CR — R connection templates CRUD, Use R, Use CRUD R R data centers CRUD CRUD — R R debug logs CRUD CRU CRU — R enclosures CRUD CRUD R R R enclosure groups CRUD, Use CRUD, Use R R R Ethernet networks CRUD R
Table 11 Action privileges for user roles (continued) Category Action privileges for user roles (C=Create, R=Read, U=Update, D=Delete, Use) Infrastructure administrator Server administrator Network administrator Backup administrator Read only roles CRUD — — — R server hardware CRUD, Use CRUD, Use R R R server hardware types CRUD, Use CRUD, Use R R R server profiles CRUD CRUD R R R unmanaged devices CRUD CRUD — R R uplink sets CRUD R CRUD R R users CRUD — — — R
When you add an authentication directory service to the appliance, you provide search criteria so that the appliance can find the group by its DN (Distinguished Name). For example, the following attribute values identify a group of administrators in a Microsoft Active Directory: distinguishedName CN=Administrator,CN=Users,DC=example,DC=com If you replicate the authentication directory service for high availability or disaster tolerance, add the replicated directory service as a separate directory service.
The authorized support representative uses the challenge code to generate a short-lived, one-time password based on the challenge key. It will be an easy-to-type, space-separated set of strings. For example: VET ROME DUE HESS FAR GAS 4. 5. 6. The appliance generates a new password. Note the new password for the administrator account, and then press Enter to log out. Use the UI or REST API to log in as administrator with the new password. 23.
24 Backing up an appliance This chapter describes how to use the UI, REST APIs, or a custom-written PowerShell script to save your appliance resource configuration settings and management data to a backup file. 24.1 About backing up the appliance HP OneView provides the ability to save your configuration settings and management data to a backup file and enables you to use that backup to restore a corrupted appliance in the event of a catastrophic failure.
REST APIs let you to: • Schedule a backup process from outside the appliance. • Collect backup files according to your site policies. • Integrate with enterprise backup and restore products. UI screens and REST API resources UI screen REST API resource Settings→Actions backups 24.2 Roles Users with Infrastructure administrator and Backup administrator privileges can create and download backup files, however, only the Infrastructure administrator can restore an appliance from a backup file.
the backup script to run automatically in interactive or batch mode on a regular basis. Only a user with Backup administrator or Infrastructure administrator privileges can run the script interactively. For more information, see “Sample backup script” (page 291). 24.5 Back up an appliance A backup file saves the configuration settings and management data for your appliance. You can recover from a catastrophic failure by restoring your appliance from the backup file.
24.7 Creating a custom script to create and download an appliance backup file If you prefer to write a customized script to create and download your appliance backup file, and schedule that script to run on a schedule according to your IT policies, see “Sample backup script” (page 291) for a sample PowerShell script.
25 Managing the appliance 25.1 Updating the appliance The appliance runs a combination of software and firmware. Keeping the appliance up to date fixes problems, improves performance, and adds any new features to the appliance. The appliance does not check for updates automatically.
25.1.2 Roles • Minimum required privileges: Infrastructure administrator 25.1.3 Tasks Updating the appliance requires a single user accessing the appliance and causes the appliance to restart. This does not disrupt the operation of the devices under management, but does result in an outage of the appliance. The appliance online help provides information about using the UI or the REST APIs to: • Determine if a newer appliance update is available.
25.2.2 Shut down the appliance Use this procedure to perform a graceful shutdown of the appliance. Prerequisites • Minimum required privileges: Infrastructure administrator. • Ensure that all tasks have been completed or stopped, and that all other users are logged off. Shutting down the appliance 1. From the Settings screen, select Actions→Shut down. A dialog box opens to inform you that all users will be logged out and ongoing tasks will be canceled. 2. Select Yes, shut down in the dialog box. 25.
What to do when an appliance restarts The online help provides information about using the user interface or the REST APIs to: • Check for critical alerts or failed tasks and follow the provided resolution instructions • Manually refresh a resource if the resource information displayed appears to be incorrect or inconsistent • Create a support dump (recommended for unexpected crashes to help support personnel to troubleshoot a problem) • Update firmware for a resource, if a firmware update task was i
Install SNMP OS host agents for HP ProLiant G7 blade servers For the appliance to monitor the health of HP ProLiant G7 blade servers, you need to configure the SNMP settings for the server and iLO3. 1. 2. 3. 4. 5. Install the host operating system on the server. Install the SNMP subsystem on the server. Configure SNMP on the host to use the community string and trap destination of the appliance. Using the latest SPP, install the HP management agent set and associated drivers.
25.6 Enabling or disabling HP support access to the appliance This product contains a technical feature that will allow an on-site authorized support representative to access your system, through the system console, to assess problems that you have reported. This access will be controlled by a password generated by HP that will only be provided to the authorized support representative. You can disable access at any time while the system is running.
25.8 Managing the HP public key The HP public key verifies that: • HP created its software packages (RPMs) and updates. • The code was not modified after it was signed. 25.8.1 Roles • Minimum required privileges: Infrastructure administrator 25.8.2 Tasks The appliance online help provides information about managing public keys from the Settings screen or by using the REST APIs to: • Acquire and install the HP public key. • View the HP public key. 25.
Part V Monitoring The chapters in this part describe using the appliance to monitor your data center. You use the information in this part after the appliance has been configured and the data center resources have been added to the appliance.
26 Monitoring data center status, health, and performance This chapter describes the recommended best practices for monitoring data center status, health, and performance using HP OneView. 26.1 Daily monitoring As part of the daily monitoring of your data center, it is important to be able to quickly scan the appliance-managed resources to assess the overall health of your data center. By reviewing the UI screens, you are able to rapidly analyze the state and condition of your data center. 26.1.
26.1.4 Monitor data center temperature The appliance provides detailed monitoring data that you can use to determine the power and cooling capabilities of the devices in your data center. The overall cooling in your data center might be sufficient; however, there might be areas that are insufficiently cooled due to conditions such as poor airflow, concentration of excessive heat output, or wrap-around airflow at the ends of aisles.
Server hardware health monitoring For server hardware with a Critical or Warning status, the associated server profile might be in failed state, so you need to verify it as well. Monitoring step Related information 1. Expand the server hardware alert to see more information. You can view alerts from the Server Hardware screen, Activity screen, or the Dashboard screen. See the UI help for Server Hardware and “About Activity” (page 189). 2.
Monitoring step View the originating event(s) that caused a specific alert. 1. Select an alert. GET /rest/alerts/ 2. Get a specific alert using the alert ID. GET /rest/alerts/{id} 3. Get the associated event(s). GET /rest/events/{id} • Fix the problem. Use the recommended fix (perform a GET operation on the specific alert resource and view the correctiveAction attribute), or research the alert.
perform a GET operation on alerts and filter for alerts related to interconnects. To list states, you can perform a GET operation on interconnects and logical interconnects and filter for an OK state. Monitoring step View alerts for interconnects. 1. Select an interconnect alert. GET /rest/alerts?filter="physicalResourceType='{interconnect}'"&filter="severity='{WARNING, CRITICAL}'" 2. Get a specific alert using the alert ID.
Activity screen components The image shown here illustrates the important areas on the screen that you can use to monitor, resolve, and manage activity.
While alerts have an active or locked state, they contribute to a resource’s overall displayed status. After you change their state to Cleared, they no longer affect the displayed status. IMPORTANT: The appliance keeps a running count of incoming alerts. At intervals of 500 alert messages, the appliance determines if the number of alerts has reached 75,000. When it does, an auto-cleanup occurs, which deletes alert messages until the total number is fewer than 74,200.
26.3.3 Activity states Activity State Description Alert Active The alert has not been cleared or resolved. A resource’s active alerts are considered in the resource’s overall health status. Active alerts contribute to the alert count summary. Locked An Active alert that was set (locked) by an internal resource manager. You cannot manually clear a Locked alert. Examine the corrective action associated with an alert to determine how to fix the problem.
26.4 Using the Dashboard screen 26.4.1 About the Dashboard The Dashboard provides a graphical representation of the general health and status of several managed resources in your data center. From the Dashboard, you can immediately see resources that need your attention. For direct access to resources needing your attention, select the resource name. Each time you log in to the appliance, the Dashboard is the first screen you see.
Table 12 Dashboard graph colors (continued) Color Indication Light gray The remainder of resource instances that do not match the data being measured (used in combination with blue) Dark gray Resource instances reporting status other than OK, Warning, or Critical, that is, they are Disabled or Unknown Status icons To assist you in identifying resources that are not in a healthy state, status icons indicate the number of resources with a status of OK ( ), Warning ( ), or Critical ( ).
The sample graph for the Server Hardware resource shows a total of ten instances of managed server hardware, of which half are either disabled or are unknown devices. Hover your pointing device on the dark gray slice to see a count of server hardware instances with a Disabled and Unknown status. Two instances of server hardware are in a Critical state, and two have a Warning associated with them.
27 Monitoring power and temperature HP OneView enables you to monitor the power and temperature of your hardware environment.
Prerequisites • Minimum required privileges: Server administrator. • You have created a data center and positioned your racks in it. • The placement of racks in your data center accurately depicts their physical locations. • You have specified a thermal limit for your rack using the Racks screen, if your policy dictates a limit (optional). Temperature collection and visualization details • The visualization displays peak rack temperature using a color-coded system.
• Move the horizontal slider left to zoom in and right to zoom out. • Move the vertical slider up and down to change the vertical viewing angle. • Click and drag the rotation dial to change the horizontal viewing angle. 27.1.2 Monitoring power and temperature utilization Utilization statistics for power and temperature are displayed on: • The Utilization panel • Utilization graphs in the Utilization view ◦ Power utilization metrics ◦ Temperature utilization metrics 27.1.2.
Table 13 Utilization statistics gathered by resource Utilization metric Resource Power Temperature Custom Enclosures ✓ ✓ ✓ Power Delivery Devices ✓ ✓ ✓ Server Hardware CPU ✓ ✓ NOTE: You can use the Interconnects screen to view utilization graphs that display data transfer statistics for interconnect ports. See the online help for the Interconnects screen.
with the most recent interval data on the right. The minimum time interval is two minutes and the maximum is five days. different units of measurement have a second interval down the right side of the graph. The measurement value at the top of the graph represents the maximum utilization capacity for a given metric. See the online help for more information on creating a custom utilization graph and how to change the level of detail that the graph displays. 27.1.2.2.
27.2 REST API power and temperature monitoring 27.2.1 Update enclosure power capacity settings To update the enclosure capacity settings, perform a PUT operation that includes only the calibratedMaxPower attribute. View the enclosure capacity settings attributes by using a GET operation, edit the calibratedMaxPower attribute, and then perform a PUT operation that includes only the edited calibratedMaxPower attribute.
28 Using the State-Change Message Bus (SCMB) The State-Change Message Bus (SCMB) is an interface that uses asynchronous messaging to notify subscribers of changes to managed resources—both logical and physical. For example, you can program applications to receive notifications when new server hardware is added to the managed environment or when the health status of physical resources changes—without having to continuously poll the appliance for status using the REST APIs.
Figure 16 Connecting the client to the SCMB 1 2 The SCMB consumer requests a client certificate as part of the registration process. The appliance manages the client certificates in a JVK (Java KeyStore) file. 3 4 The appliance issues a client certificate to the SCMB consumer. The SCMB client provides an SSL client certificate to create a connection with the appliance. 5 6 The appliance can revoke the SCMB client certificate to deny access to the SCMB client.
NOTE: The task resources routing key syntax is scmb.resource-category and does not use change-type and resource-uri. To receive messages about all task resources: • scmb.# • scmb.tasks Sample queues Subscription Example Receive all SCMB messages for physical servers scmb.server-hardware.# NOTE: To match everything after a specific point in the routing key, use the # character. This example uses # in place of resource-uri. The message queue receives all server-hardware resource URIs.
ChangeType values ChangeType value Description Created The resource is created or is added to HP OneView. Updated The resource state, attributes, or both are updated. Deleted The resource is permanently removed from HP OneView.
Additional example-specific prerequisites Example 1 Convert the client certificate and private key to PKCS format for .Net. openssl.exe pkcs12 -passout pass:default -export -in scmb.crt -out scmb.p12 Example 2 Import the scmb.crt into your preferred Windows certificate store. 28.4 .
Examples Example 3 .Net C# code example 1 (directly referencing client certificate) public void Connect() { string exchangeName = "scmb"; string hostName = "OneView.domain"; string queueName = ""; string routingKey = "scmb.#"; ConnectionFactory factory = new ConnectionFactory(); factory.AuthMechanisms = new RabbitMQ.Client.AuthMechanismFactory[] { new ExternalMechanismFactory() }; factory.HostName = hostname; factory.Port = 5671; factory.Ssl.CertPath = @".\scmb.p12"; factory.Ssl.
NOTE: .Net C# code example 2 (Microsoft Windows certificate store) is referencing the Trusted Root Certificate Authorities store, located under Local Computer. • StoreName.Root = Trusted Root Certificate Authorities • StortLocation.LocalMachine = Local Computer 28.5 Java code example The Java code example shows how to connect and subscribe to the SCMB. Prerequisites 1. Download the client certificate and private key. GET /rest/certificates/client/rabbitmq/keypair/default 2.
Example 5 Java code example //c://MyKeyStore contains client certificate and private key. Load it into Java Keystore final char[] keyPassphrase = "MyKeyStorePassword".toCharArray(); final KeyStore ks = KeyStore.getInstance("jks"); ks.load(new FileInputStream("c://MyKeyStore"), keyPassphrase); final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, keyPassphrase); //c://MyTrustStore contains CA certificate.
Example 6 Python code example (pika) import pika, ssl from pika.credentials import ExternalCredentials import json import logging logging.basicConfig() ############################################### # Callback function that handles messages def callback(ch, method, properties, body): msg = json.
Example 7 Python code example (amqplib) #!/usr/bin/env python from optparse import OptionParser from functools import partial import amqp def callback(channel, msg): for key, val in msg.properties.items(): print ('%s: %s' % (key, str(val))) for key, val in msg.delivery_info.items(): print ('> %s: %s' % (key, str(val))) print ('') print (msg.body) print ('-------') print msg.delivery_tag channel.basic_ack(msg.delivery_tag) # # Cancel this callback # if msg.body == 'quit': channel.basic_cancel(msg.
ch.close() conn.close() if __name__ == '__main__': main() 28.7 Re-create the AMQP client certificate If you change the appliance name, you must re-create the AMQP client certificate. Prerequisites • Minimum required session ID privileges: Infrastructure administrator Re-creating and downloading the client certificate, private key, and root CA certificate 1. Revoke the certificate. DELETE /rest/certificates/ca/rabbitmq_readonly Request body is not required.
Part VI Troubleshooting The chapters in this part include information you can use when troubleshooting issues in your data center, and information about restoring the appliance from a backup file in the event of a catastrophic failure.
29 Troubleshooting HP OneView has a variety of troubleshooting tools you can use to resolve issues. By following a combined approach of examining screens and logs, you can obtain a history of activity and of the errors encountered along the way. For specific troubleshooting instructions, select a topic from the following list.
29.1 Basic troubleshooting techniques HP OneView has a variety of troubleshooting tools you can use to resolve issues. By following a combined approach of examining screens and logs, you can obtain a history of activity and the errors encountered. • The Activity screen displays a log of all changes made on the appliance, whether user-initiated or appliance-initiated. It is similar to an audit log, but with finer detail and it is easier to access from the UI.
29.2 Create a support dump file Some error messages recommend that you create a support dump of the appliance and send it to an authorized support representative for analysis. The support dump process performs the following functions: • Deletes any existing support dump file • Gathers logs and other information required for debugging • Creates a compressed file with a name in the following format: hostname-CI-timestamp.
29.3 Create a support dump for authorized technical support using REST API scripting Some error messages recommend that you create a support dump of the appliance to send to an authorized support representative for analysis.
29.4 Troubleshooting the appliance 29.4.1 First-time setup Symptoms Possible causes and recommendations Appliance cannot access network Appliance network settings are not properly configured Minimum required privileges: Infrastructure administrator 1. Access the appliance console. 2. Examine the alerts on the Activity screen to help diagnose the problem. 3.
29.4.4 Appliance update is unsuccessful Any blocking or warning conditions affecting the appliance update are displayed prior to the update operation. Symptom Possible cause and recommendation Resource state or 1. Verify that all prerequisites are met. health status changes 2. Correct all degraded health and other blocking conditions that have been identified in notification messages before retrying the update. 29.4.
29.4.7 Backup file creation or download action fails Symptom Possible cause and recommendation Backup file not created Other related operations are in progress Only one backup file can be created at a time. A backup file cannot be created during the restore process or while a previous backup file is being uploaded or downloaded. Minimum required privileges: Infrastructure administrator 1. Verify that another backup or restore process is not running.
Symptom Possible cause and recommendation Duplicate GUIDs in the A profile operation was running during the backup network and a server Minimum required privileges: Infrastructure administrator with settings from a previous profile 1. Identify the server affected. 2. Unassign the profile from the server. 3. Reassign the profile to the server. 4. Create a support dump file. 5. Report this issue to your authorized support representative. Error messages: 1.
29.4.9 Restart or shutdown failure Symptom Possible cause and recommendation The appliance did not shut down Internal server error Minimum required privileges: Infrastructure administrator 1. Retry the shutdown action. 2. If the problem persists, create a support dump. 3. Contact your authorized support representative and provide them with the support dump. For information on contacting HP, see “How to contact HP” (page 247).
29.4.10 VM does not restart when VM host time is manually set Symptom Possible cause and recommendation The appliance VM does not restart and the following error appears in the vSphere virtual console: The superblock last mount time is in the future UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY. You are not using NTP and the VM host’s time was incorrectly set to a time in the past. • Reset the time settings on the VM host to the correct time, and then restart the VM appliance.
29.5 Troubleshooting enclosures and enclosures groups 29.5.1 Add or remove enclosure is unsuccessful Symptom Possible cause and recommendation Unable to add an enclosure If the enclosure add fails, a notification panel provides the reason the add action failed and provides a solution to the problem. Often, the resolution is to click the add link that is embedded in the message; the add action rediscovers all components and updates its knowledge of the enclosure.
Symptom Possible cause and recommendation Unable to remove an enclosure You might be unable to remove an enclosure for the following reasons: • Lack of communication with the hardware during the remove action can prevent the appliance from being able to properly manage the interconnect, server hardware, and enclosure settings. To forcibly remove an enclosure from the appliance due to lack of communication, see the UI help for enclosures. • The enclosure is not removed from the appliance.
29.5.2 Add server blade is unsuccessful Symptom Possible cause and recommendation Add server blade failed If a server blade previously associated with this profile is re-inserted in a different place (different bay or enclosure), an error message is shown. The edit link within the expanded error message causes the new server blade location to be pre-populated in the edit profile dialog’s location field when it is displayed. Same server blade, different bay error 1.
29.6.2 Lost iLO connectivity Symptom Possible cause and recommendation Connection error Reset the server to restore network connectivity to the server's management processor and update the firmware again. 29.6.3 HP SUM errors Symptom Possible cause and recommendation Unable to remove the Restart the appliance and update the firmware again. firmware upgrade log files Unable to initiate the firmware update request Update the firmware again. 29.7 Troubleshooting interconnects 29.7.
NOTE: You need your entitlement certificate (physical or electronic document) to restore the license key. Symptom Possible cause and recommendation The license key The license key embedded on the OA has been erased embedded on the OA is not discovered when 1. Go to the HP Licensing for Software Portal at https://www.hp.com/software/licensing to activate, register, and download your license key(s). you add the enclosure 2. Add the key(s) to the appliance from the Settings screen. 29.8.
29.9.3 Physical interconnect warnings and errors Symptom Possible cause and recommendation Interconnect-level warnings or errors Interconnect warnings or errors due to: • Downlink with a deployed connection is not operational • Incorrect firmware version (different from firmware baseline version) • Configuration error • Hardware fault • Lost communication • Connection and redundancy status (no redundant paths) • Administratively disabled ports 29.10 Troubleshooting networks 29.10.
embedded in the message; the add action rediscovers all components and updates its knowledge of the server. Symptom Possible cause and recommendation Cannot add a server Server is already being managed by some other management software and is claimed by that software 1. Follow the instructions in the notification panel. Failures can occur during the add action if all information about a server cannot be acquired.
resource state accordingly, and updating the health status. The appliance creates a task queue for each task during a resynchronization operation. Symptom Possible cause and recommendation Connectivity to server Open the Server Hardware activities panel to determine if any server hardware is in a critical is lost status, which might indicate a crash. For servers in that state, follow the troubleshooting recommendations in the alert. 29.12 Troubleshooting server profiles 29.12.
( ). The profile remains on the appliance, but you must to correct it. When you correct the server profile, the profile status changes to OK ( Symptom ). Possible cause and recommendation Server profile is not Prerequisites and conditions have not been met created or updated 1. Verify that the prerequisites listed in the online help have been met. correctly 2.
Symptom Possible cause and recommendation A profile operation timeout when applying BIOS settings The server hardware or its iLO are powered-off or reset • In most cases, retrying the operation resolves the problem The appliance cannot collect progress information from the iLO • In most cases, retrying the operation resolves the problem Auto-assignment for Invalid configuration FlexNIC fails while • Auto-assignment for FlexNIC connections does not validate the following: deploying connections ◦ Bandwid
29.12.3 Profile operations fail Symptom Possible cause and recommendation Message indicates that the server is managed by another management system The enclosure is no longer managed by the appliance To prevent losing all allocated virtual IDs, perform the following steps before forcibly deleting the server profile. 1. Use REST APIs to get the server profile. GET /rest/server-profiles 2. Force delete the profile using the UI or REST APIs. 3.
29.13.3 User public key is not accepted Symptom Possible cause and recommendation User public key does not work or is not accepted Hidden characters introduced during a copy/paste operation change the key code • Enter the key again, taking care to prevent special characters from being injected into the key when pasting it into the public key field 29.13.
29.13.6 Cannot add server for a directory service Symptom Possible cause and recommendation Connectivity Lost connection with directory service host 1. 2. 3. 4. Verify that the settings for the directory service host are accurate. Verify that the correct port is used for the directory service. Verify that the port you are using for communication is not blocked by any firewalls. Locally run the ping command on the directory service host’s IP address or host name to determine if it is on-line. 5.
30 Restoring an appliance from a backup file This chapter describes how to use the UI, REST APIs, or a custom-written PowerShell script to restore a corrupted appliance from a backup file. A restore operation is required only to recover from catastrophic failures, not to fix minor problems that can be resolved in other ways.
case, the backup file must have been created from an appliance running the same version of HP OneView. Actions during the restore operation Validates the resource inventory Description During a restore operation, the appliance firmware validates the resource inventory (enclosures, servers, interconnects) and reconciles the data in the backup file with the current state of the managed environment.
30.3 Best practices for restoring an appliance Best Practice Description Before you begin 1. Note the passwords you use. Maintain a list of the current user accounts on the appliance. The restore operation resets the user names and passwords to those that were in effect when the backup file was created. 2. Create a support dump. Use the support dump to diagnose failures that occurred before the restore operation. 3. Download the existing audit logs, and store them for safekeeping.
IMPORTANT: If you are using a backup file created on another appliance to restore a new or replacement appliance: 1. Install HP OneView on the new or replacement appliance. For instructions, see the HP OneView Installation guide. 2. Configure the new appliance with the same network settings as the appliance on which the backup file was created. Thus, you can use the network to upload the backup file to the new appliance.
30.5 Using REST APIs to restore an appliance from a backup file Prerequisites • Minimum required session ID privileges: Infrastructure administrator • You have uploaded a backup file to the appliance. Restoring the appliance from a backup file using REST APIs 1. Initiate the restore process. POST /rest/restores The {restore URI} is returned. 2. List the status of the restore process. GET /rest/restores 30.
31 Support and other resources The information provided here describes how to contact HP, obtain software updates, submit feedback on documentation, and locate links to HP OneView websites and other related HP products. 31.
See http://www.hp.com/go/insightlicense for more information. 31.4.2 Using your software technical support and update service Once registered, you receive a service contract in the mail containing the customer service phone number and your Service Agreement Identifier (SAID). You need the SAID when you phone for technical support. 31.4.3 Obtaining HP OneView software and firmware updates See http://www.hp.com/go/oneviewupdates to obtain HP OneView software updates and product-specific firmware bundles.
31.6 Submit documentation feedback HP is committed to providing documentation that meets your needs. To help us improve our documentation, send errors, suggestions, and comments to: docsfeedback@hp.com For UI and REST API help In your email message, include the section title where the content is located along with the product name, product version, help edition, and publication date located on the legal notices page.
A Step by step: Configuring an example data center using HP OneView This appendix contains an illustrated example of using the HP OneView appliance UI to configure and manage an example (fictional) data center. It demonstrates using the UI to: 1. Provision eight VMware vSphere ESXi host servers using the HP OneView appliance and vSphere Auto Deploy feature.
• Two HP BladeSystem c7000 Enclosures, each of which contain HP Virtual Connect FlexFabric modules and several different models of HP BladeServer server blades • A pair of SAN switches that connect to data center storage devices • A pair of Ethernet switches that connect to the data center networks • An HP 3PAR Storage System that connects directly to one of the enclosures (a Flat SAN configuration) All of the hardware is located in the same room.
Enclosure 2 Attribute Description Name Enclosure-1904 Primary Onboard Administrator IP address 172.18.1.13 Secondary Onboard Administrator IP 172.18.1.
Table 14 SAN A and SAN B Fibre Channel network configurations Configuration attribute Value Notes Type Fibre Channel Fabric type Fabric attach Choose Fabric attach for Fibre Channel networks that connect to SAN switches in the data center. Preferred bandwidth 2.5 Gb/s This is the default value displayed on the Create network screen. Maximum bandwidth 8 Gb/s This is the default value displayed on the Create network screen.
Figure 17 Sample data center: Fibre Channel network connections HP 3PAR Storage System Fabric-attached HP storage devices SAN uplink connections (Direct attach) SAN B SAN A 0 4 1 5 2 6 3 7 8 12 9 13 10 14 11 15 16 20 17 21 18 22 19 23 24 28 25 29 26 30 27 31 1 2 Vdc 0 1 2 Vdc 4 1 5 2 6 3 7 8 12 9 13 10 14 11 15 16 20 17 21 18 22 19 23 24 28 25 29 26 30 27 31 1 2 Vdc HP StorageWorks 4/32B SAN Switch 1 2 Vdc HP StorageWorks 4/32B SAN Swi
Table 18 Development networks Name VLAN ID dev 1105 1105 dev 1106 1106 dev 1107 1107 dev 1108 1108 Table 19 Test networks Name VLAN ID test 1111 1111 test 1112 1112 test 1113 1113 test 1114 1114 Table 20 Ethernet network configuration values Configuration attribute Value Notes Type Ethernet Preferred bandwidth 2.5 Gb/s This is the default value displayed on the Create network screen. Maximum bandwidth 10 Gb/s This is the default value displayed on the Create network screen.
Configuration attribute Value Gateway address 172.18.0.0 Preferred DNS server 172.18.0.0 Alternate DNS server 172.18.0.1 IPv6 address assignment Unassigned (do not use IPv6 addresses) A.3.
A.3.4 Planning resource names Searching and filtering in the appliance is based on a smart search model. By embedding information about the resource in the resource name, you can take advantage of the search and filter capability. In this example: • All uplink set names include the text US. Example: testUS • The names of Direct attach Fibre Channel networks include the text FlatSAN.
6. “Create an unassigned server profile for use as a template for ESXi servers” (page 270). This server profile includes a firmware baseline, the BIOS settings for the profile, and the network connections required for vSphere host servers in the sample data center. 7. “Copying the template server profile to eight servers” (page 275). A.5.
After the networks are added, when you select a network in the master pane, you can see details about that network in the details pane. For each of the networks you created: • The value for Uplink Set is none because you have not yet defined an uplink set that uses this network. You will define the logical interconnect and its uplink sets in “Creating a logical interconnect group and its uplink sets” (page 264). • The value for Used by is none because there are no server profiles using this network.
k. 3. Click Create + to create another network. The appliance creates the network and opens the Create network dialog box. This dialog box uses the configuration values you selected in the preceding steps, except for the name and VLAN ID. Create the production networks. For this procedure, you use the default values displayed on the Create network dialog box.
The following illustration shows the Networks screen after you add the Ethernet networks. A.5.3.3 Configuring the network sets You use network sets to create multiple networks per connection. During this task, you will use the smart search features of the appliance to quickly narrow down the list of networks to those networks you will add to the network set. 1. From the main menu, select Network Sets, and then click + Create network set in the master pane. The Create network set dialog box opens. 2. 3.
The Create network set dialog box shows the networks that you added to the network set. 4. d. Select a network in the network set to receive untagged traffic. i. On the Create network set dialog box, under Networks, locate the first network. ii. Select the check box under Untagged. The network you select as untagged receives untagged traffic in addition to traffic tagged with the VLAN ID for the network.
5. b. In the search box, enter dev to filter the list of networks. c. Select all of the dev networks listed and click Add. d. Select Untagged for the first network in the list of networks. e. Click Create +. Create the network set for the test networks: a. For Name, enter test networks and click Add networks. The Add Networks to test networks dialog box opens. b. In the search box, enter test to filter the list of networks. c. Select all of the test networks listed and click Add. d.
3. 4. 5. In the top left box, click Add interconnect and select HP Virtual Connect FlexFabric 10Gb/24-Port Module. In the top right box, click Add interconnect and select HP Virtual Connect FlexFabric 10Gb/24-Port Module. Leave the dialog box open so that you can create the uplink sets. Creating the uplink sets for the Fibre Channel networks The uplink sets assign data center networks to physical interconnect ports. 1. Click Add uplink set. The Add uplink set dialog box opens. 2. 3.
5. Add the uplink set for the SAN B: a. For Name, enter SAN B. b. For Type, select Fibre Channel. c. For Network, select SAN B. d. Configure the uplink ports. For Interconnect under Uplink Ports, select Interconnect: 2 and then select ports X3 and X4. e. Click Create. The Create logical interconnect group dialog box opens. See the following illustration for an example. Creating the uplink sets for the Ethernet networks The uplink sets assign data center networks to physical interconnect ports.
e. Add the ESXi networks: i. In the search box, enter esx to display only the ESXi networks. ii. Select all of the EXSi networks listed. TIP: Select all networks listed by pressing and holding either Shift or Ctrl and then left-clicking the networks. Alternatively, select one of the networks and then use Ctrl+A to select all of the networks listed. 3. iii. Click Add. f. Add the uplink ports: i. Click Add uplink ports to open the Add Uplink Ports to esxUS dialog box. ii.
4. 5. Click Create to create the logical interconnect group. In the details pane of the Logical Interconnect Groups screen, you can use your pointing device to hover over an uplink set in the diagram to highlight the connections for that uplink set. A.5.5 Creating an enclosure group for vSphere (ESXi) hosts An enclosure group defines a set of enclosures that use the same configuration for network connectivity.
3. 4. For Logical interconnect group, select EsxFlexFabricLIG. Click Create. A.5.6 Adding the enclosure Adding an enclosure brings the rack, the enclosure, and the enclosure's contents—server hardware and interconnects—under managed control. You add an enclosure by providing its IP address or host name, along with the enclosure's Onboard Administrator credentials. In this procedure, you will also establish a firmware baseline for the enclosure.
Viewing server hardware types From the main menu, select Server Hardware Types. The Server Hardware Types screen lists server hardware types for each unique server hardware configuration added to the appliance. The default name assigned to each server hardware type starts with an abbreviated form of the server model name and ends with an enumerator. For example, BL460c Gen8 1 is an HP ProLiant BL460c server with a Flexible LOM and an HP FlexFabric 10Gb 2-port 554FLB Adapter.
1. From the main menu, select Server Profiles and then click + Create profile. The Create Server Profile dialog box opens. 2. Under General, enter the following information: • For Name, enter ESX TEMPLATE. • For Description, enter Standard server profile for stateless autodeploy. • For Server hardware, select unassigned. • For Server hardware type, select BL460c Gen8 EsxStandard. • For Enclosure group, select EsxFlexFabricGroup. • 3.
a. b. c. d. Add two connections to the esxi mgmt 1131 network. When you finish entering the information for a connection, click Add + to add this connection and reopen the dialog box so that you can add the connections in the next step. Attribute Value Device type Ethernet Network esxi mgmt 1131 Requested bandwidth 2.5 (the default value) FlexNIC Auto (the default value) Boot For the first connection, select Primary. For the second connection, select Secondary.
e. f. Add one connection to the SAN A network. Enter the information shown in the following table, and then click Add + to add the connection and reopen the dialog box for the next step. Attribute Value Device type Fibre Channel Network SAN A Requested bandwidth 2.5 (the default value) FlexNIC Auto (the default value) Boot Not bootable Add one connection to the SAN B network. Enter the information shown in the following table, and then click Add to add the connection and close the dialog box.
4. 5. Scroll down to see other items in the dialog box. Configure the boot order for this server profile. Manage boot order is selected by default. Drag and drop the items so that they are in this order: 1. PXE 2. HardDisk 3. CD 4. Floppy 5. USB Notice that the number next to each item is adjusted automatically when you use the drag-and-drop method to change the order. 6. Edit the BIOS settings: a. Select Manage BIOS. b. Click Edit BIOS Settings. The Edit BIOS Settings dialog box opens.
d. Click OK to save the edits and close the dialog box. The Create Server Profile dialog box displays the BIOS settings whose values differ from the default values. 7. Under Advanced, ensure that Virtual is selected for Serial Number/UUID, MAC addresses, and WWN addresses. Selecting Virtual for these settings provides flexibility because the appliance assigns these numbers and addresses.
4. (Optional) View the progress of the create profile action from the Server Profiles screen. Optionally, launch the iLO remote console to view the progress of the boot and firmware load operations for the server: a. From the main menu, select Server Hardware. b. In the master pane, select an instance of server hardware. c. Select Actions→Launch console. The appliance launches the remote console for the selected server. A.
8. In Name, enter FlatSAN B and click Create. The Networks screen opens. After the networks are added, when you select a network in the master pane, you can see the details about that network in the details pane. For each of the networks you created: • The value for Uplink Set is none because you have not yet defined a logical interconnect and uplink set that uses this network. • The value for Used by is none because there are no server profiles using this network.
3. Click Add to add the enclosure. The appliance discovers the interconnects in the enclosure, creates a logical interconnect group, and opens the Edit DirectAttachGroup logical interconnect group screen (see the following illustration). 4. Add the uplink sets for the Flat SAN networks: a. Click Add uplink set. The Add uplink set screen opens. b. c. 5. Configure the uplink set for the FlatSAN A Fibre Channel network. • For Name, enter FlatSAN A. • For Type, select Fibre Channel.
c. d. 6. For Network, select FlatSAN B. Configure the uplink ports. For Interconnect under Uplink Ports, select Interconnect: 2 and then select ports X3 and X4. e. Click Create + to add the FlatSAN B uplink set to the logical interconnect group and reopen the Add uplink set screen. Add the uplink set for the Ethernet production networks: a. For Name, enter prodUS. b. For Type, select Ethernet. The dialog box expands to include additional configuration items. c. For Connection Mode, select automatic.
7. Click OK and add enclosure. The appliance adds the enclosure, the enclosure group, the logical interconnect group, and the uplink sets: Enclosure name Encl2 Enclosure group name DirectAttachGroup Logical interconnect group name DirectAttachGroup interconnect group A.6.4 Creating the server profile 1. From the main menu, select Server Profiles and then click + Create profile. The Create Server Profile screen opens. 2. Enter the general information: • For Name, enter win2k12 boot from 3PAR.
3. 4. 5. • For Server hardware type, select BL460c Gen8 Standard. • For Enclosure Group, select DirectAttachGroup. • For Firmware Baseline, select Manage manually. Click Add Connection to open the Add Connection dialog box. Add two connections to the prod networks network set. Because the configuration is the same for both network sets, you can enter the information, and then click Add + twice to add both connections and reopen the dialog box for the next step.
6. Add one connection to the FlatSAN B network. Enter the information shown in the following table, and then click Add to add the connection and close the dialog box. Attribute Value Device type Fibre Channel Network FlatSAN B Requested bandwidth 2.5 (the default value) FlexNIC Auto (the default value) Boot Not bootable The following illustration shows the Connections panel for the server profile after you add the connections. 7. 8.
b. Click Edit BIOS Settings. The Edit BIOS Settings dialog box opens. The server hardware type that you selected for this profile determines the default values for the BIOS settings. c. Scroll to Power Management Options and for HP Power Profile, select Maximum Performance. Changing this setting results automatic changes to several other BIOS settings. d. Click OK to save the edits and close the dialog box.
1. In the master pane of the Server Profiles screen, select win2k12 boot from 3PAR. The appliance displays the details about the server profile in the details pane. 2. 3. In the Connections panel, scroll so that the two Fibre Channel connections are visible. Record the WWPN information for FlatSAN A and FlatSAN B. A.7 Bringing an HP ProLiant DL360p Gen8 rack mount server under management This example demonstrates bringing the following HP ProLiant DL360p Gen8 rack mount server under management.
A.7.2 Adding the server hardware 1. 2. From the main menu, select Server Hardware, and then click + Add server hardware. Enter the following information: • For iLO IP address, enter 172.18.6.15. • Enter the credentials for the iLO administrator account: User name iLOAdmin and password S&leP@ssw0rd. • 3. 4. For Licensing, select the default, OneView.
NOTE: To view utilization data or connect to the remote console, the server must have the appropriate licenses. See “Adding a license for the server” (page 287). 3. 4. Explore the links to additional information. Some items in the Hardware panel are links. The cursor changes when you use your pointing device to hover over a link. In this example: • If you click the IP address shown for iLO under Host name or IPv4, you launch the iLO remote console for the server.
In this example, the server is related to Rack-173 and the DL360p Gen 8 1 server hardware type. 5. Click Rack-173 to display the Map view for the rack. 6. To return to the Server Hardware screen, click the Server Hardware box. A.7.5 Adding a license for the server If you do not purchase licenses that are embedded in the enclosure or server hardware, you must add licenses to the appliance. The online help provides detailed information about licensing and how the appliance manages licenses. A.
To add an HP OneView license for the server you added in “Adding the server hardware” (page 285): 1. Do one of the following: • From the warning message for the server you just added, click the Add license key link. • From the main menu, select Settings, and then select Actions→Add license. The Add license dialog box opens. 2. Enter or paste your license key into the License Key box, and then click Add. The appliance adds the license to the license pool. 3. 4.
B Using the virtual appliance console B.1 Using the virtual appliance console The virtual appliance console has a restricted browser interface that supports the following: • Appliance networking configuration in non-DHCP environments • Password reset requests for the Administrator account • Advanced diagnostics for authorized support representatives Use the virtual appliance console to access the appliance and configure the appliance network for the first time.
C Backup and restore script examples C.1 Sample backup script As an alternative to using Settings→Actions→Create backup from the appliance UI, you can write and run a script to automatically create and download an appliance backup file. Example 8 “Sample backup.ps1 script” provides a sample PowerShell script that uses REST calls to create and download an appliance backup file. Cut and paste this sample script into a file on a Windows system that runs PowerShell version 3.
Example 8 Sample backup.ps1 script # (C) Copyright 2013 Hewlett-Packard Development Company, L.P. ########################################################################################################################### # Name: backup.ps1 # Usage: {directory}\backup.ps1 or {directory}\backup.ps1 filepath # Parameter: $filepath: optional, uses the file in that path as the login credentials.
} catch [System.Exception] { Write-Host $_.Exception.message if ($_.Exception.getType() -eq [System.IO.
##### getApiVersion: Get X_API_Version ##### function getApiVersion ([int32] $currentApiVersion,[string]$hostname) { <# .DESCRIPTION Sends a web request to the appliance to obtain the current Api version. Returns the lower of: Api version supported by the script and Api version supported by the appliance. .PARAMETER currentApiVersion Api version that the script is currently using .PARAMETER hostname The appliance address to send the request to (in https://{ipaddress} format) .
# create the request body as a hash table, then convert it to json format $body = @{ userName = $username; password = $password } | convertTo-json # use setup-request to issue the REST request to login and get the response try { $loginResponse = setup-request -Uri $fullLoginUri -method "POST" -accept "application/json" -contentType "application/json" -Body $body if ($loginResponse -ne $null) { $loginResponse | convertFrom-Json } } catch [System.
function waitFor-completion ([object]$taskResource,[string]$authValue,[string]$hostname) { <# .DESCRIPTION Checks the status of the backup every twenty seconds, stops when status changes from running to a different status .PARAMETER taskResource The response object from the backup-appliance method .PARAMETER authValue The authorized session ID .PARAMETER hostname The appliance to connect to (in https://{ipaddress} format) .INPUTS None, does not accept piping .
if ($global:interactiveMode -eq 1) { Write-Host "`n" Write-Host "Backup stopped abnormally" Write-Host $errorMessage } else { #log error message Write-EventLog -EventId 100 -LogName Application -Source backup.ps1 -Message "Backup stopped abnormally" Write-EventLog -EventId 100 -LogName Application -Source backup.
Write-EventLog -EventId 100 -LogName Application -Source backup.ps1 -Message $error[0].Exception.Message } } } ##### Function to download the backup file ##### function download-Backup ([PSCustomObject]$backupResource,[string]$authValue,[string]$hostname) { <# .DESCRIPTION Downloads the backup file from the appliance to the local system. Tries to use the curl command. The curl command has significantly better performance especially for large backups.
Write-Host "Backup download complete!" } } catch [System.Management.Automation.CommandNotFoundException] { return download-Backup-without-curl $backupResource $authValue $hostname } catch [System.Exception] { Write-Host "Not able to download backup" Write-Host $error[0].Exception return } return $filePath } ##### Function to download the Backup file without using the curl command ##### function download-Backup-without-curl ([PSCustomObject]$backupResource,[string]$authValue,[string]$hostname) { <# .
if (($errorObject.message.length -gt 0) -and ($errorObject.recommendedActions.length -gt 0)) { $errorMessage = $errorObject.message + " " + $errorObject.recommendedActions } } catch [System.Exception] { #Use exception message } if ($global:interactiveMode -eq 1) { Write-Host $errorMessage } else { Write-EventLog -EventId 100 -LogName Application -Source backup.
#Use exception message } if ($isSilent) { throw $errorMessage } elseif ($global:interactiveMode -eq 1) { Write-Host $errorMessage } else { Write-EventLog -EventId 100 -LogName Application -Source backup.
Write-Host "Could not initialize backup" } Write-EventLog -EventId 100 -LogName Application -Source backup.ps1 -Message "Could not initialize backup" return } #loops to keep checking how far the backup has gone $taskResource = waitFor-completion $taskResource $authValue.sessionID $hostname if ($taskResource -eq $null) { if ($global:interactiveMode -eq 1) { Write-Host "Could not fetch backup status" } Write-EventLog -EventId 100 -LogName Application -Source backup.
4. Calls start-restore() to start the restore. 5. Calls restore-status() to periodically check the restore status until the restore completes. If you pass the -status option to the script, the script verifies and reports the status of the last or an ongoing restore until the restore process is complete: 1. Calls recover-restoreID() to get the URI to verify the status of the last or an ongoing restore. 2. Calls restore-status() to periodically verify the restore status until the restore completes. C.
Example 9 Sample restore.ps1 script #(C) Copyright 2013 Hewlett-Packard Development Company, L.P. ########################################################################################################################### # Name: restore.ps1 # Usage: {directory}\restore.ps1 or {directory}\restore.
Write-Host "Enter user name" $secUsername = Read-Host -AsSecureString $username = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($secUsername)) Write-Host "Enter password" $secPassword = Read-Host -AsSecureString $password = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.
The correct password associated with username .PARAMETER hostname The appliance address to send the request to (in https://{ipaddress} format) .INPUTS None, does not accept piping .OUTPUTS Outputs the response body containing the needed session ID. .
{ return } $uploadResponse = $rawUploadResponse | convertFrom-Json if ($uploadResponse.status -eq "SUCCEEDED") { Write-Host "Upload complete." return $uploadResponse } else { Write-Host $uploadResponse return } } else { Write-Host "Version of curl must support SSL to get improved upload performance." return uploadTo-appliance-without-curl $filepath $authinfo $hostname $backupFile } } catch [System.Management.Automation.
$rs.write($contentDisp,0,$contentDisp.Length); [byte[]]$contentType = [System.Text.Encoding]::UTF8.GetBytes($conType + "`r`n`r`n"); $rs.write($contentType,0,$contentType.Length); $fs.CopyTo($rs,$bufferSize) $fs.close() [byte[]]$endBoundaryBytes = [System.Text.Encoding]::UTF8.GetBytes("`n`r`n--" + $boundary + "--`r`n"); $rs.write($endBoundaryBytes,0,$endBoundaryBytes.Length); $rs.close() } catch [System.Exception] { Write-Host "Not able to send backup" Write-Host $error[0].Exception } try { [net.
$rawRestoreResponse = setup-request -uri $fullRestoreUri -method "POST" -accept "application/json" -contentType "application/json" -authValue $authinfo -Body $body $restoreResponse = $rawRestoreResponse | convertFrom-Json return $restoreResponse } catch [Net.WebException] { Write-Host $_.Exception.message } } ##### Check for the status of ongoing restore ##### function restore-status ([string]$authinfo = "foo",[string]$hostname,[object]$restoreResponse,[string]$recoveredUri = "") { <# .
} if ($statusResponse.status -eq "FAILED") { Write-Host "`r`nRestore failed! System should now undergo a reset to factory defaults." } Start-Sleep 10 } while ($statusResponse.status -eq "IN_PROGRESS") return } ##### Recovers Uri to the restore resource if connection lost ##### function recover-restoreID ([string]$hostname) { <# .DESCRIPTION Uses GET requests to check the status of the restore process. .PARAMETER hostname The appliance to end the request to. .INPUTS None, does not accept piping .
if ($authValue -ne "0") { $request.Headers.Item("auth") = $authValue } $request.Headers.Add("X-API-Version: $global:scriptApiVersion") if ($body -ne $null) { #write-host $body $requestBodyStream = New-Object IO.StreamWriter $request.getRequestStream() $requestBodyStream.WriteLine($body) $requestBodyStream.flush() $requestBodyStream.close() } # attempt to connect to the Appliance and get a response [net.httpsWebResponse]$response = $request.
$loginVals = query-user if ($loginVals -eq $null) { Write-Host "Error passing user login vals from function query-host, closing program." return } #determines the active Api version $global:scriptApiVersion = getApiVersion $global:scriptApiVersion $loginVals.hostname if ($global:scriptApiVersion -eq $null) { Write-Host "Could not determine appliance Api version" return } $authinfo = login-appliance $loginVals.userName $loginvals.password $loginVals.
Index A Accessing help sidebar, 63 Actions menu, 59 active uplink, 147 active active see active/active active-active see active/active active-standby see active/standby active/active network configuration, 147 active/active configuration, 139, 147, 148 active/standby network configuration, 147 active/standby configuration, 147 activity states, 192 statuses, 192 types, 190 Activity control icon, 63 Activity sidebar, 60 administrator password resetting, 169 agentless management, 21 aggregation switch see data
details pane, 59 directory server troubleshooting, 239 directory service configuring, 165 troubleshooting, 238 discovery, hardware, 19 documentation download and serve HTML UI help files, 80 download and serve REST API documentation, 80 enabling off-appliance browsing, 80 help delivered on appliance, 80 online help, 79 submit feedback to HP, 249 website, 80 where to find, 80 downlink, 143 E Edit icon, 63 enclosure adding, affected resources, 91 editing unmanaged, 155 editing unsupported, 155 HP BladeSystem
SCMB, 26 server profile, overview, 17 sets, overview, 17 SNMP trap configuration, 21 user interface, 25 naming convention, 145 outage during firmware activation, 89 preventing loss of network connectivity during firmware update, 89 removing, 145 stacking health, defined, 144 stacking mode, enclosure, 144 I icon description, 62 icons informational, 63 severity, 62 status, 62 user control, 63 iLO management processor accessing using HP OneView, 122 configuration by HP OneView, 125 HP OneView user roles, 26
Pin icon, 63 planning considerations data center, 85 data center resources, 85 security, 85 PowerShell library, 76 ProLiant server hardware, 248 public key troubleshooting, 238 Python library, 76 R RBAC effect on UI, 24 Release Notes, 80 requirements VM host, 87 resetting administrator password, 169 resource naming conventions, 85 relationships, 64 resource model, 29 REST API documentation, 80 online help, 79, 80 PowerShell library, 76 Python library, 76 REST API documentation enabling off-appliance browsi
tagging, network see VLAN ID task, 22, 190, 191 see also activity appliance, 191 background, 191 completed, 192 interrupted, 192 number initiated during current session, 60 pending, 192 running, 192 user, 191 thermal hot spots, 197 top of rack switch see data center switch ToR switch see data center switch troubleshoot adding enclosure, 227 adding server blade, 229 adding server hardware, 232 creating network, 232 network access, 221 powering off a server, 233 powering on a server, 233 removing enclosure, 2