HP ProLiant Lights-Out 100 Remote Management User Guide for HP ProLiant DL140 G2, DL145 G2, ML110 G3, and ML150 G2 Servers Part Number 436853-001 January 2007 (First Edition)
© Copyright 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents Operational overview ................................................................................................................... 5 User guide overview .................................................................................................................................. 5 Server management................................................................................................................................... 5 Server management features.................................
Monitoring sensors .................................................................................................................................. 32 Viewing sensors data from a web browser ....................................................................................... 32 Viewing sensors data from the BIOS Setup Utility............................................................................... 32 Platform event filtering configuration ..........................................................
Operational overview In this section User guide overview................................................................................................................................. 5 Server management.................................................................................................................................. 5 Server management features......................................................................................................................
• Access command-line help • Manage the server with IPMI 2.
Installation In this section Remote management card kit contents ........................................................................................................ 7 Pre-installation procedures ......................................................................................................................... 7 Installing the remote management card on ProLiant ML110 G3 servers...........................................................
2. Shut down the operating system as outlined in the operation system instructions. 3. Power off the server and all the peripherals connected to it. 4. Unplug all cables from the power outlets to avoid exposure to high energy levels that can cause burns when parts are short-circuited by metal objects such as tools or jewelry. 5. Label each cable, if not already labeled, to expedite reassembly. 6. Disconnect telecommunication cables to avoid exposure to shock hazard from ringing voltages. 7.
Installing the remote management card on ProLiant ML150 G2 servers 1. Remove the access panel. 2. Lay the server on its unexposed side to access the system board. 3. Locate the remote management card connectors on the system board. 4. Install the remote management card in the connectors on the system board. 5. Reinstall the system covers following the "Post-installation procedures (on page 9)". 6. Verify BIOS version and switch settings for the card.
6. Press the power button on the front panel to turn on the server.
Configuration In this section Configuring network access..................................................................................................................... 11 Establishing user accounts ....................................................................................................................... 11 Using the serial port ...............................................................................................................................
Using the serial port The server serial port provides basic serial port functionality and serves as an interface to LO100. You can configure the system serial port for exclusive use with LO100. CAUTION: After enabling the serial port for use with LO100, legacy serial devices might not function correctly if attached to the serial port. You must configure the LO100 serial port hardware parameters to work with your respective serial port communications software.
f. Press the down arrow (↓) key to scroll to the LAN Interface submenu. Press the Enter key. g. Confirm the following settings: BMC Telnet Service: [Enabled] BMC Ping Response: [Enabled] BMC HTTP Service: [Enabled] 6. Press the F10 key to save and exit. LO100 serial port configuration 1. Power on the server by pressing the Power On/Off button on the front panel. 2. When POST displays the message, ROM-Based Setup, press the F10 key.
Selecting an Ethernet management port The Ethernet management port is only available on ProLiant ML150 G2 and ML110 G3 servers. To select either the LO100 or side-band connection: 1. Power on the server by pressing the Power On/Off button on the front panel. 2. When POST displays the message, ROM-Based Setup, press the F10 key. If the server has an administrator password configured, the system prompts you to enter the password.
Setting up a static IP address from the BIOS Setup Utility By default, LO100 has DHCP enabled and automatically negotiates an IP address. To disable DHCP and enable a static IP address: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced menu. 3. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. 4. On the ProLiant ML150 G2 server: a. Press the down arrow (↓) key to scroll to the LAN Interface submenu.
4. Press the down arrow (↓) key to scroll to the LAN Interface submenu. Press the Enter key. 5. Press the down arrow (↓) key to scroll to the following settings, and set the parameters as needed (the following example shows configuring for LO100 access using telnet and a web page): o BMC Telnet Service: [Enabled] o BMC Ping Response: [Enabled] o BMC HTTP Service: [Enabled] To enable HTTP and telnet on ProLiant ML150 G2 servers: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2.
ROMPAQ /D cpqq0801.D14 ldrImage.bin ROMPAQ Firmware Upgrade Utility, Version 5.02 (R) Copyright (c) Hewlett-Packard Corporation, 1994-2006 Input file: CPQQ0801.D14 Output file: LDRIMAGE.BIN The load command is used to take a binary image from a specific source location (specified as a URL) and place it at the specified target address. The load command can download and flash a ldr firmware image file using TFTP from the specified location.
2. Open the file /etc/xinetd.d/tftp and modify the parameter server_args to include -T 15000000. For example, server_args = -c -s /tftpboot -T 15000000 3. The firewall that is built into some Linux systems might not allow the TFTP server to send and receive information. You might first have to disable the firewall to allow these connections. If you are experiencing firewall issues, change the firewall settings to allow connections on port 69 (the default port for TFTP servers).
Using LO100 In this section SSL overview ......................................................................................................................................... 19 SSH overview ........................................................................................................................................ 20 Importing a certificate ............................................................................................................................. 21 CLP overview ..........
SSH overview SSH is an advanced feature that is available on ProLiant ML150 G2 and ProLiant ML110 G3 servers by installing the Lights-Out 100 Remote Management Card, or on ProLiant DL140 G2 servers and ProLiant DL145 G2 servers by purchasing the Lights-Out 100i Select Pack or the Lights-Out 100i Advanced Pack. SSH is a telnet-like program for logging in to and executing commands on a remote machine, which includes security with authentication, encryption, and data-integrity features.
o putty.exe -load "session name" Importing a certificate If you do not want to use the preinstalled public key (certificate), create and install your own private key (certificate). Importing a key or certificate is a one-time procedure that supports both SSH and SSL. The key must be generated using external third-party software, placed on a TFTP server, and uploaded to the LO100. For Microsoft® Windows®, if you do not have a TFTP software package, use TFTPD32.EXE, which is available on the Internet.
o is the //tftpserver IP/path/filename to be downloaded. o tftpserver is the URL or IP address of the TFTP server containing the certificate. o Path is the path of the file relative to the TFTP server root. o filename is the name of the certificate (server_privkey.pem in this example). You can also find these commands in /map1/firmware directory.
o show o start o stop o exit o version • Target—The default target is the /. The target can be changed by the cd command or by specifying a target on the command line. • Options—The following options are valid: o -help/-h o -all/-a • Properties are the attributes of the target that can be modified. • Output—The output syntax is text. The valid Boolean values for any command are true and false.
/./-> show -help Usage: show [][][] /./-> o Help for targets Calling help for a target returns any information about the target and what it contains. You can call help for any target that is not contained in the current directory (help map1 can be called from system1). /./-> system1 -h Invalid command /./-> system1 -help Invalid command /./-> help system1 Host System Directory /./-> help map1 Management Service Processor Directory /./-> cd system1 /.
stop help /./system1/-> help name Unsupported Command /./system1/-> help enabledstate Unsupported Command /./system1/-> help properties Unsupported Command /./system1/-> name -h Invalid command /./system1/-> • The exit command terminates the CLP session. • The cd command sets the current default target. The context works like a directory path. The root context for the server is /. which is the starting point for a CLP system. By changing the context, you can shorten commands.
The first line of information returned by the show command is the current context. In the example, / is the current context. Following the context is a list of subtargets (Targets) and properties (Properties) applicable to the current context. The verbs (Verbs) section shows what commands are available in this context. The show command can also be specified with an explicit or implicit context and a specific property. An explicit context is /map1/firmware and is not dependent on the current context.
• The start command causes a target to change state to a higher run level. • The stop command causes a target to change state to a lower run level. • The version command queries the version of the CLP implementation or other CLP elements. For example: /./map1/-> version Version 1.00 /./map1/-> cd firmware /./map1/firmware/-> version Version 1.00 /./map1/firmware/-> show /./map1/firmware Targets Properties fwversion=0.59 Verbs cd version exit show reset load help /.
• • • • Payload types o IPMI Message o RMCP+ Open Session Request/Response o RAKP Message 1 / 2 o RAKP Message 3 / 4 Authentication algorithms o RAKP-none o RAKP-HMAC-SHA1 Integrity algorithms o None o HMAC-SHA1-96 Confidentiality algorithms o None o AES-CBC-128 Logging in to LO100 You can log in to the remote management processor through a web browser ("Logging in through a web browser" on page 28) or through the CLP ("Logging in through the CLP" on page 29).
Logging in through the CLP To log in to the remote management processor through the CLP and enter Terminal mode: 1. Establish a connection to the remote management processor by launching a telnet session or an SSH session. 2. Enter the user name at the login: prompt. The default user name for the Administrator account is admin. The default user name for the Operator account is Operator. 3. Enter the password at the password: prompt. The default password for the Administrator account is admin.
Option Description IPMI PET Configuration Accesses the PET destinations and alert policy table Hardware Inventory page The Hardware Inventory page enables you to remotely identify the presence of processors on a target server. To access this page from a web browser, click Hardware Inventory on the main menu navigation bar. Controlling server power remotely LO100 enables you to remotely operate the power button of a host server using a web browser or the CLP.
Controlling server power from a browser The Virtual Power screen displays current power status, how long the server has been powered up, and reason for the last server restart. To display the Virtual Power screen, click Virtual Power on the main menu navigation bar. To modify Chassis Actions, select the desired Power Control Option in the Chassis Actions section, and click Apply to initiate the action.
Controlling server power through the BIOS Setup Utility To control how the system responds after a power failure through the BIOS Setup Utility: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Power Tab of the BIOS Setup Utility. 3. Press the down arrow (↓) key to scroll down to After Power Failure. Press the Enter key. 4.
2. On ProLiant ML150 G2 servers: a. To navigate to the Monitor menu, press the right arrow (→) key. b. Scroll down to view the different sensors. Data is real-time and updated periodically. 3. On ProLiant DL140 G2 and ProLiant DL145 G2 servers: a. Press the right arrow (→) key to navigate to the Advanced menu. b. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. c. Press the down arrow (↓) key to scroll to Realtime Sensor Data. Press the Enter key. The Loading data.
To configure an action (PEF entry) select the desired Event Offsets and PEF Action settings and click Add. • Event Offsets are trip points (movements across thresholds) that define what type of sensor event triggers an action. The information in the Events Offsets section varies with the type of sensor. Not all options are available for all sensors. You can select any of the available options.
To access the System Event Log from a web browser, click System Event Log on the main menu navigation bar. To clear the system event log, click Clear Event Log. Accessing the system event log from the CLP 1. Log in to the CLP as described in the "Logging in to LO100 (on page 28)" section. 2. Enter cd /./system1/log1 3. Enter show to display the total number of system event records. 4. Enter show record to display the details of a specific record.
a. Press the down arrow (↓) key to scroll to the View BMC System Event Log submenu. Press the Enter key. b. Use the plus (+) or minus (-) keys to scroll through the events. 7. Press the Esc key to return to the previous screen, or press the F10 key to save the changes and exit Setup. Network settings You can view and modify network settings for LO100 using a web browser, CLP, or the BIOS Setup Utility. If you change the IP address, the connection to the server terminates.
o oemhp_nonvol_mask specifies the subnet mask stored in non-volatile memory. o oemhp_gateway specifies the gateway IP address for the NIC. This setting is dynamic. o oemhp_nonvol_gateway specifies the gateway IP address stored in non-volatile memory. o oemhp_dhcp_enable specifies whether DHCP is enabled for the NIC. Boolean values are accepted o oemhp_nonvol_dhcp_enable specifies whether DHCP is enabled for the NIC and address stored in non-volatile memory.
2. Press the right arrow (→) key to navigate to the Advanced menu. 3. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. 4. On the ProLiant ML150 G2 server: a. Press the down arrow (↓) key to scroll to the Set LAN Interface submenu. Press the Enter key. b. Select DHCP IP Source, and press the Enter key to toggle between Enable and Disabled. Select Enabled. 5. On the ProLiant ML110 G3 server: a. Press the down arrow (↓) key to scroll to the Set LAN Configuration submenu.
2. 3. Configure the virtual floppy on the server using one of the following methods: o BIOS Setup ("Configuring the virtual floppy from the BIOS setup" on page 40) o Web browser ("Configuring virtual floppy from a Web browser" on page 39) o CLP ("Configuring virtual floppy from the CLP" on page 40) Reboot the server ("Rebooting the server" on page 41). Configuring the TFTP Server The virtual floppy feature enables you to boot the server with a boot image residing on a remote server.
5. Click the Apply button. Configuring the virtual floppy from the BIOS setup 1. On the target server, press the F10 key during POST to enter BIOS setup. 2. In the BIOS Setup Utility, press the right arrow (→) key to navigate to the Advanced menu. 3. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. 4. Press the down arrow (↓) key to scroll to VSI configuration. Press the Enter key. 5. Select Virtual Floppy, and press the Enter key. 6. Select Enabled. 7.
set oemhp_vsi_path=rboot 4. Configure the remote file permission by entering the following: set oemhp_vsi_permission=, where is the file permission default RW (Read Write.) For example: set oemhp_vsi_permission=rw Rebooting the server After the TFTP server and the virtual floppy are properly configured, the server can be rebooted using the remote floppy boot image that resides on the TFTP server.
To set a policy, do the following: 1. 2. Select the Policy Enable state and enter the Policy Number and Destination Selector information. o The Policy Enable field enables you to selectively enable and disable trap forwarding. o The Policy Number field enables you to select a policy that will be used in PEF configuration. o The Destination Selector field specifies where to send the PET trap from the destinations defined in the PET Destination section. Click Apply.
Changing user settings through the CLP 1. Log in to the CLP as described in the "Logging in to LO100 (on page 28)" section. 2. At the command prompt, enter cd map1/accounts. 3. Select a user by entering cd user1 or cd user2. 4. To change the user name, enter set username=. For example: /./map1/accounts/user1/> set username=testuser1 5. To change the user password, enter set password= and enter the new password when prompted. For example: /.
5. o Flow Control: None o Redirection After BIOS POST: On On HP ProLiant ML150 G2 servers, press the down arrow (↓) key to scroll down to the Console Redirection option, and press the Enter key to access the submenu. Verify the following settings: o Baud Rate: 9600 o Console Type: VT100+ o Flow Control: None o Continue C.R. after POST: On 6. Press the Esc key to return to the previous screen. 7. Scroll to the I/O Device Configuration option, and press the Enter key. 8.
o Console Type: VT100+ o Flow Control: None o Continue C.R. after POST: On o Serial Port: BMC COM PORT (on the ProLiant DL140 G2 and ProLiant DL145 G2 servers only) NOTE: To customize the examples for your server, do the following: • On DL140 G2 servers, replace ttyS0 with ttyS3 • On DL145 G2 servers, replace ttyS0 with ttyS2 2. In the /boot/grub/menu.
— Console Redirection: Enabled — Baud Rate: 9600 — Terminal Type: VT100+ — Flow Control: None — Redirection After BIOS POST: On 4. Press the Esc key to return to the previous screen, or press the F10 key to save the changes and exit Setup. After enabling Windows® EMS management, you can view the Windows® EMS management console remotely from a client computer through an established telnet session to the IP address of the target server by pressing the Esc+Q keys. To end an EMS session press the Esc+( keys.
Acronyms and abbreviations BIOS Basic Input/Output System BMC baseboard management controller CLI Command Line Interface CLP command line protocol DHCP Dynamic Host Configuration Protocol DSA Digital Signature Algorithm EMS Emergency Management Services HP SIM HP Systems Insight Manager HTTP hypertext transfer protocol IP Internet Protocol IPMI Intelligent Platform Management Interface JVM Java Virtual Machine Acronyms and abbreviations 47
KCS Keyboard Controller Style KVM keyboard, video, and mouse LO100 HP Lights-Out 100 Remote Management processors MAC medium access control NIC network interface controller OS operating system PEF Platform Event Filtering PEM Privacy Enhanced Mail PET Platform Event Trap POST Power-On Self Test RBSU ROM-Based Setup Utility SLES SUSE LINUX Enterprise Server SMASH System Management Architecture for Server Hardware SSH Secure Shell Acronyms and abbreviations 48
SSL Secure Sockets Layer TCP/IP Transmission Control Protocol/Internet Protocol TFTP Trivial File Transfer Protocol URL uniform resource locator VNC virtual network computing Acronyms and abbreviations 49
Index A access options 28 accessing software, browser 28 administration 11 alert messages 41 B base management controller (BMC) 11 Basic Input/Output System (BIOS) 16, 32 BIOS (Basic Input/Output System) 16, 32 BIOS console, text redirection 43 BIOS upgrade 16 BMC (base management controller) 11 browser-based setup 36 C certificates, generating 21 certificates, installing 21 CLP (Command Line Protocol) 5, 11, 14, 16, 21, 22, 23, 27, 28, 29, 30, 31, 34, 35, 36, 38, 40, 42, 43 CLP overview 22 CLP, base comm
Internet Protocol (IP) 11 IP (Internet Protocol) 11 IP address assignment 15 IPMI (Intelligent Platform Management Interface) 5, 11, 27, 29, 33, 34, 40, 41, 42 IPMI support 27 K key, public 21 kit contents 7 L Linux, console redirection 44 LO100 settings 19 LO100, logging in through browser 28 LO100, remote management 19 LO100c connectors 8, 9 logging in 28, 29 logging in, through a browser 28 logging in, through the CLP 29 M main menu functions 29 manangement card, installing 8, 9 medium access control
SSL, importing key and certificate 21 SSL, overview 19 SSL, using 19 static IP addresses 15 support, HP Systems Insight Manager 46 support, IPMI 27 system event log, access through the BIOS 35 system event log, access through the CLP 35 system event log, using 34 System Management Architecture for Server Hardware (SMASH) 5, 22 T telnet 15, 43 TFTP (Trivial File Transfer Protocol) 16, 17, 21, 23, 38, 39, 40, 41 TFTP, configuration 17, 39 Trivial File Transfer Protocol (TFTP) 16, 17, 21, 23, 38, 39, 40, 41