HP ProLiant Lights-Out 100 Remote Management User Guide for HP ProLiant ML110 G5 Servers Part Number 465225-001 November 2007 (First Edition)
© Copyright 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents Operational overview ................................................................................................................... 5 Server management................................................................................................................................... 5 Server management features....................................................................................................................... 5 LO100 standard features.........................................
Viewing sensors data from a web browser ....................................................................................... 25 Viewing sensors data from the BIOS Setup Utility............................................................................... 25 Platform event filtering configuration ................................................................................................ 26 Using the system event log.....................................................................................
Operational overview Server management HP ProLiant Lights-Out 100 delivers basic remote control of vital server resources, supports IPMI 2.0, and provides system administrators with access to the server at any time, even before an operating system is installed on the server. HP ProLiant Lights-Out 100 provides text mode console redirection, DMTF SMASH compliant command line interface, and browser access to many of the same system management functions.
LO100 standard features For HP ProLiant ML110 G5 Servers, LO100 standard features are in-band IPMI 2.0 elements available through the operating system. LO100 optional features For HP ProLiant ML110 G5 Servers, LO100 optional features are activated with installation of the HP Lights-Out 100c Remote Management Card and include the following: • Support for SSL, SSH, and IPMI 2.
Installation of the HP Lights-Out 100c Remote Management Card Remote management card kit contents For HP ProLiant ML110 G5 Servers, installation of the HP Lights-Out 100c Remote Management Card is required to activate the optional features. For more information, see "LO100 optional features (on page 6)".
Installing the remote management card 1. Remove the access panel. 2. Carefully lay the server on its unexposed side to gain access to the system board. 3. Locate the remote management card connectors on the system board. 4. Install the remote management card in the connectors on the system board. Post-installation procedures 1. Be sure all components are installed according to the installation procedures. 2. Be sure you have not left any loose tools or parts inside the server. 3.
Configuration Configuring network access Through your server network connection, you can access the remote management CLP, verify POST remotely, and access the BIOS Setup Utility remotely. To configure network access: 1. Connect a standard Ethernet cable from the NIC port on the LO100 to a network jack. 2. Press the F10 key during POST, and then obtain the IP address from BIOS Setup Utility under the Advanced/IPMI/LAN Setting.
You must configure the LO100 serial port hardware parameters to work with your respective serial port communications software. LO100 serial port configuration is controlled through the BIOS Setup Utility. Enabling serial access to the LO100 1. Power up the server. 2. When POST displays the message, ROM-Based Setup, press the F10 key. If the server has an administrator password configured, the system prompts you to enter the password.
2. When POST displays the message, ROM-Based Setup, press the F10 key. If the server has an administrator password configured, the system prompts you to enter the password. If the server does not have a password configured, the main screen of the BIOS Setup Utility appears. 3. Press the right arrow (→) key to navigate to the Advanced menu. 4. Press the down arrow (↓) key to scroll to IPMI Configuration. Press the Enter key. 5. Scroll to the Share NIC Mode option by pressing the down arrow (↓) key.
Enabling telnet and HTTP services On HP ProLiant ML110 G5 Servers, HTTP and telnet are enabled after installing the HP ProLiant Lights-Out 100c Remote Management Card. Updating the firmware To update the LO100 firmware, use the ROMPaq utility. Downloads for the ROMPaq utility are available on the HP website (http://www.hp.com/support). For more information about using the ROMPaq utility, refer to the HP website (http://www.hp.com/servers/manage).
2. Open the /etc/xinetd.d/tftp file and modify the parameter server_args to include -T 15000000. For example, server_args = -c -s /tftpboot -T 15000000. 3. If a firewall is enabled, disable it or modify the settings to allow the firewall to connect to the TFTP port. To change the firewall settings, navigate to Applications>System Settings>Security Level, and enter 69:udp in the parameter of the other port.
Using LO100 New features This release of LO100 adds support for the following: • Virtual DVD-R • Virtual media ISO images • DMTF SMASH Profiles • WS-Management • HP SIM License Manager support Using SSL SSL is a protocol used to transmit private documents through the Internet. SSL uses a private key or certificate to encrypt data transferred over the SSL connection.
LO100 supports the following protocols: • SSH protocol version 2 • PuTTY 0.54 or later. • OpenSSH LO100 comes preinstalled with a certificate. To install a user-specific certificate, see the one-time "Importing a certificate (on page 42)" setup procedure. Using the SSH utility When using a SSH utility to connect to a server for the first time, the utility prompts you to accept the server public key, sometimes referred to as a host key.
Using CLP HP has worked with key industry partners within Distributed Management Task Force, Inc. to define an industry-standard set of commands. The SMASH suite will standardize manageability interfaces for servers. The Lights-Out 100 remote management processor implements the command set defined in the Server Management Command Line Protocol Specification, 1.00 Draft. The CLP replaces the simple CLI that was released previously and is no longer supported.
If the commands on the CLP command span more than one line, you cannot navigate between different lines. Operating system-specific notes • The Microsoft® Windows® 2000 telnet client does not support the Functions keys F1 through F12, Insert, Home, and End keys. These keys will not work in a Lights-Out 100 command line session. • The Backspace key in the Lights-Out 100 CLP implementation is mapped to the value 0x8.
— /./-> cd system1 — /./system1/-> help map1 Management Service Processor Directory o Help for properties Calling help for a property or any other option for which there is no help information returns an Unsupported Command or Invalid command message. For example: /./system1/-> show /./system1 Targets log1 Properties name=Hewlett-Packard enabledstate=enabled Verbs cd version exit show reset start stop help /./system1/-> help name Unsupported Command /./system1/-> help enabledstate Unsupported Command /.
o The cd command changes the directory. o The cd .. command moves up the tree one directory. o The cd myfolder command moves to the myfolder folder assuming myfolder is in the current directory. To move to a directory not in the current directory, you must enter the full path. The root in the command line is forward slash, period, forward slash (/./). If you are in the system1 folder and want to move to the map1 folder, issue the command cd /./map1. Neither cd /map1 nor cd map1 works.
option is required in the command line every time the load command is executed unless -help is used. The file must be an uncompressed firmware image file that you create using the DOS ROMPAQ utility found on the Lights-Out 100 Firmware Upgrade Diskette Utility available for download from the HP website (http://www.hp.com/servers/lights-out).
help /./map1/firmware/-> show fwversion fwversion=0.59 /./map1/firmware/-> fwversion Invalid command /./map1/firmware/-> Specific commands CLP syntax for specific commands is found in the sections that also describe the functionality through the Web interface. IPMI 2.0 support LO100 supports the industry-standard IPMI 2.0. The IPMI specification defines standardized, abstracted interfaces that can be used for monitoring and control functions that are built in to the platform hardware.
Logging in through a web browser 1. Browse to the IP address of the remote management processor to access the login screen. 2. Enter your user name and password. The default user name for the Administrator account is admin, and the default password is admin. The default user name for the Operator account is Operator, and the default password is Operator. Logging in through the CLP 1. Establish a connection to the remote management processor by launching a telnet session or an SSH session. 2.
Browser main menu options Using a web browser, you can access all of the basic remote management capabilities of LO100. Not all of the features displayed and described in the guide are available on all systems. To verify which features are supported on your system, see "LO100 standard features (on page 6)" and "LO100 optional features (on page 6)" for more information.
Controlling server power remotely LO100 enables you to remotely operate the power button of a host server using a web browser or the CLP. LO100 virtual power support enables you to power on, power off, and power cycle the host server. This virtual power support operates independently of the state of the operating system. Controlling server power from a browser The Virtual Power screen displays current power status, how long the server has been powered on, and the reason for the last server restart.
/./system1/> start /system1 System1 started. 4. To power off the server, enter stop /system1. For example: /./system1/> stop /system1 System1 stopped. The -force option can also be used with the stop command. This option forces the implementation to stop the target, ignoring any policy that might cause the implementation to normally not execute the command. In remote management processor implementation, this process is equivalent to a hard power down. 5. To reset the server, enter reset /system1.
4. Scroll to Realtime Sensor Data by pressing the down arrow (↓) key. Press the Enter key. The Loading data. Please wait message appears. After this message disappears, the Temperature and Voltage sensor data appears. This data is real-time data and is updated on a periodic basis. Platform event filtering configuration The PEF Configuration screen enables you to configure LO100 to take selected actions on received or internally generated event messages.
o PEF Action enables you to select from Power Off, Power Cycle, Hard Reset, and Send Alert (requires a systems management console supporting IPMI 1.5 or later). o PEF Control enables or disables the sensor. o Alert Policy (dropdown list adjacent to the Add button) enables you to select an alert policy (if defined). Alert policies are defined on the PET Configuration screen. See "Platform event trap configuration (on page 42)" for more information.
4. Enter show record to display the details of a specific record. For example: /system1/log1/record1 Targets Properties number=1 date=12/20/2004 time=15:22:05 sensordescription= Backplane +12V eventdescription= Upper Critical-going high eventdirection=Assertion Verbs cd version exit show reset oemhp help Accessing the system event log from the BIOS Setup Utility 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced menu. 3.
The KVMS option (link) does not appear or function on HP ProLiant ML110 G5 Servers, if shared NIC mode is enabled through the BIOS Setup Utility. If the HP Lights-Out 100c Remote Management Card is installed, you must use the dedicated NIC port on the HP Lights-Out 100c Remote Management Card. The remote graphic console requires JVM version 1.4.2 or later on the client system. To download the recommended JVM for your system configuration, refer to the HP website (http://www.hp.com/servers/manage/jvm).
Using the remote graphic console The Control menu of the remote graphic console has several different options. • Virtual Media—Displays the Virtual Media Devices page. The Virtual Media Devices page displays all accessible media drives of the storage server. Supported devices are CD-ROM, DVD-ROM floppy disk, and mass storage devices. See "Using Virtual Media (on page 33)" for more information. • Virtual Keyboard—Opens a virtual keyboard enabling you to change the language of the virtual keyboard.
• Take Full Control—Enables you to take control of the remote console if you are currently in view-only mode. Only one remote console user can control the remote console at a time. Clicking Take Full Control displays a dialog box that prompts you to click OK to take full control of the system or click Cancel to access the system in a view-only mode. • Disconnect Session—Disconnects the selected user session. • Relinquish Full Control—Releases control of the session and remains in a view-only status.
Mouse synchronization To synchronize the local mouse pointer and the server mouse pointer, bring the local mouse to the top left corner to attract the server mouse pointer to the top left corner. Both pointers become synchronized when they overlap as one pointer. For mouse synchronization to work correctly, you must change the Enhance Mouse pointer and Hardware Acceleration options on the remote machine (server side) using the LO100 remote graphic console.
For example, when you press the Ctrl+Alt+Del keys on the physical keyboard, the Task Manager of your local machine appears in addition to the task manager on the server, or the key combination unlocks the server for login. To display the Task Manager of the remote server by pressing similar virtual keys, on the LO 100 remote graphic console window, click LCtrl click LAlt, and then press the Del key on your physical keyboard. Using this key combination displays the LO100 remote graphic console Task Manager.
Adding a virtual media device The LO100 virtual media option provides you with a virtual media drive, which can direct a remote host server to boot and use standard media from anywhere on the network. Virtual media devices are available while the host system boots. To add a new virtual media device, click Add on the Virtual Media Devices page. The Add Virtual Media Devices window appears. This window has the following options: • The Look In list enables you to change your directory or drive.
Shared virtual media devices You can share a virtual media device from the Storage Devices window. Only one device may be shared at a time. To share a virtual media device, do the following: 1. On the Virtual KVM menu, select Storage. The Storage Devices window appears. 2. Click Add. A dialog box appears, enabling you to specify which device you would like to share. 3. In the File Name field, enter either the file name or the drive you want to share.
4. Verify the following settings: o EMS Support (SPCR)—Enabled o Serial Port Address—COM A o Baud Rate—115.2k o Console Type—VT100/PC o Continue C.R. after POST—Off 5. To return to the previous screen, press the Esc key. 6. Scroll to the I/O Device Configuration option, and press the Enter key. 7. Verify that Serial Port is set to Shared. 8. To set or obtain a valid IP address, follow the instructions in the "Network settings (on page 40)" section. 9. Press the F10 key to save and exit.
o I/O Device Configuration—Configure IO Port — Serial Port 1 Address—3F8/IRQ4 2. In the /boot/grub/menu.lst file, append the following to the kernel startup line: console=ttyS0 115200 Comment out the line GRAPHICAL DISPLAY LINE # splashimage=(hd0,0)/grub/splash.xpm.gz 3. Add an entry to allow serial console login in /etc/inittab. For example: S0:12345:respawn:/sbin/agetty -L 115200 ttyS0 vt102 4. In /etc/securetty enable root access to ttyS0 by adding ttyS0. 5.
NOTE: If you encounter problems logging in to the remote console, be aware that some telnet programs might require you to enable their send line feed at end of line option. If the remote console does not respond to the Enter key, try setting this option in your telnet program. Hardware Inventory page The Hardware Inventory page enables you to remotely identify the presence of processors on a target server. To access this page from a web browser on the main menu navigation bar, click Hardware Inventory.
Option User Operator Application License Key No No Security Settings No No Changing user settings through a web browser The User Administration screen displays user information, enables you to modify user settings, and enable or disable user accounts. The first user is a FIXED NULL value. You cannot change the properties of the first user or use it to log in with. Only the first two users (after the fixed null value) are enabled for login by default.
3. Select a user by entering cd user1 or cd user#, where # is the user you want to modify and a whole number between 2 and 16. 4. To change the user name, enter set username=. For example: /./map1/accounts/user2/> set username=testuser2 5. To change the user password, enter set password= and enter the new password when prompted. For example: /./map1/accounts/user2/> set password=testpswd2 Passwords are case-sensitive and can contain up to 16 characters. 6.
3. Configure the network settings by entering the following: set =. Configurable valid network properties are: o networkaddress specifies the IP address for the NIC. This setting is dynamic. o oemhp_nonvol_networkaddress specifies the IP address stored in non-volatile memory. o oemhp_mask specifies the subnet mask for NIC. This setting is dynamic. o oemhp_nonvol_mask specifies the subnet mask stored in non-volatile memory.
Platform event trap configuration The IPMI PEF Configuration screen enables you to set an alarm or specified condition originating on the server to alert an IPMI 2.0-supported systems management console. To access this page from a browser, click IPMI PEF Configuration on the main menu navigation bar. The Global PEF Enable section enables you to set a global PEF action. To enable, select Enabled in the PEF Enable drop down box, select the PEF action, and click Apply.
LO100. For Microsoft® Windows®, if you do not have a TFTP software package, use TFTPD32.EXE, which is available on the Internet. Linux generally has a TFTP server installed with the operating system. If it is not, see your Linux documentation for more information. NOTE: When you use the CLP load command with TFTPD32, HP recommends using a 30second timeout and 6 retries. NOTE: When using the CLP load command in Linux set the timeout to 15000000.
Installing a certificate or private key through a web browser The Security Settings page enables you to install new keys and certificates for SSL and SSH connections. To install a certificate through the browser: 1. Log in to LO100 as an administrator. 2. Click Security Settings on the browser main menu navigation bar. 3. Enter the IP address of the TFTP server in the tftp server IP address field. 4. On the dropdown menu under File type, select Certificate. 5.
o Path is the path of the file relative to the TFTP server root. o filename is the file name of the certificate file (server_cacert.pem in this example). You can also find these commands in /map1/firmware directory. NOTE: After using the load command LO100 will reset ending your CLP interface session. You must reconnect to the CLP interface. To install a private key, log in to LO100 as administrator through the CLP interface and issue the load command to upload and install the certificate.
Technical support HP contact information For the name of the nearest HP authorized reseller: • In the United States, see the HP US service locator webpage (http://www.hp.com/service_locator). • In other locations, see the Contact HP worldwide (in English) webpage (http://welcome.hp.com/country/us/en/wwcontact.html). For HP technical support: • • In the United States, for contact options see the Contact HP United States webpage (http://welcome.hp.com/country/us/en/contact_us.html).
Acronyms and abbreviations BIOS Basic Input/Output System BMC baseboard management controller CLI Command Line Interface CLP command line protocol DHCP Dynamic Host Configuration Protocol DSA Digital Signature Algorithm EMS Emergency Management Services HTTP hypertext transfer protocol IP Internet Protocol IPMI Intelligent Platform Management Interface JVM Java Virtual Machine KVM keyboard, video, and mouse Acronyms and abbreviations 47
LO100 HP Lights-Out 100 Remote Management processors MAC Media Access Control NIC network interface card OS operating system PEF Platform Event Filtering PEM Privacy Enhanced Mail PET Platform Event Trap POST Power-On Self Test RBSU ROM-Based Setup Utility SLES SUSE Linux Enterprise Server SMASH System Management Architecture for Server Hardware SSH Secure Shell SSL Secure Sockets Layer TCP/IP Transmission Control Protocol/Internet Protocol Acronyms and abbreviations 48
TFTP Trivial File Transfer Protocol UID unit identification URL uniform resource locator VNC virtual network computing Acronyms and abbreviations 49
Index A D access options 21 accessing software, browser 22 administration 9 alert messages 42 authorized reseller 46 data protection methods 14 dedicated management port 10 defining hot keys 32 DHCP (Dynamic Host Configuration Protocol) 9, 10, 11, 21, 40, 41, 42 DHCP addresses 11 DHCP, disabling 11 DHCP, enabling 11 Digital Signature Algorithm (DSA) 43 DSA (Digital Signature Algorithm) 43 Dynamic Host Configuration Protocol (DHCP) 9, 10, 11, 21, 40, 41, 42 B base management controller (BMC) 9, 10, 11, 1
H hardware inventory 38 help resources 46 HP Systems Insight Manager, support 45 HP technical support 46 HP website 46 HP, contacting 46 HTTP (hypertext transfer protocol) 6, 9, 10, 12, 14, 41 hypertext transfer protocol (HTTP) 6, 9, 10, 12, 14, 41 I importing, certificates 42 installation instructions 7, 8 installation requirements 7 installation, management card 7, 8 installing management card 8 Intelligent Platform Management Interface (IPMI) 5, 9, 21, 26, 27, 42 Internet Protocol (IP) 9, 11, 23, 41 IP
R RBSU (ROM-Based Setup Utility) 27 remote console, applet settings 31 remote console, using 35 remote graphic console, applet 30 remote management card connectors 8 remote management processor, logging in through CLP 22 remote management, browser main menu 23 remote server power, controlling 24 required information 46 requirements, SSH 14 ROM-Based Setup Utility (RBSU) 27 ROMPaq utility 12 S safety considerations 7 Secure Shell (SSH) 5, 6, 14, 16, 22, 42, 44 Secure Sockets Layer (SSL) 5, 6, 14, 42, 43, 44
