HP ProLiant Lights-Out 100 Remote Management User Guide for the HP ProLiant DL180 Server Part Number 457578-001 July 2007 (First Edition)
© Copyright 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents Operational overview ................................................................................................................... 5 Overview ................................................................................................................................................. 5 Server management features....................................................................................................................... 5 Installation ............................................
Platform event filtering configuration ................................................................................................ 27 Using the system event log........................................................................................................................ 28 Accessing the system event log from a web browser .......................................................................... 28 Accessing the system event log from the CLP ...................................................
Operational overview In this section Overview ................................................................................................................................................ 5 Server management features...................................................................................................................... 5 Overview This guide discusses the standard and optional operational features of the HP ProLiant Lights-Out 100 Remote Management used in HP ProLiant DL180 servers.
• LO 100 Virtual Media access • Remote graphic console (Virtual KVM) access Operational overview 6
Installation In this section Remote management card kit contents ........................................................................................................ 7 Preinstallation procedures.......................................................................................................................... 7 Installing the remote management card....................................................................................................... 8 Post-installation procedures.................
7. Open the server according to the instructions described in your server manual. Installing the remote management card 1. Remove the access panel. 2. Carefully lay the server on its unexposed side to gain access to the system board. 3. Locate the remote management card connectors on the system board. 4. Install the remote management card in the connectors on the system board. Post-installation procedures 1. Be sure all components are installed according to the installation procedures. 2.
Configuration In this section Configuring network access....................................................................................................................... 9 Configuring user accounts ......................................................................................................................... 9 Using the serial port ...............................................................................................................................
Using the serial port The server serial port provides basic serial port functionality and serves as an interface to LO 100. You can configure the system serial port for exclusive use with LO 100. CAUTION: After enabling the serial port for use with LO 100, legacy serial devices might not function correctly if attached to the serial port. You must configure the LO 100 serial port hardware parameters to work with your respective serial port communications software.
8. Press the Esc key to return to the previous screen, or press the F10 key to save the changes and exit Setup. Using TCP/IP over Ethernet management port You can configure LO 100 LAN port access using two different Ethernet ports: the dedicated 10/100 LO 100 management port or through a side-band connection using the server NIC.
6. Press the Esc key to return to the previous screen, or press the F10 key to save the changes and exit Setup. To configure or change your network settings, see "Network settings (on page 41)" for more information. Setting up a static IP address from the BIOS Setup Utility By default, LO 100 has DHCP enabled and automatically negotiates an IP address. To disable DHCP and enable a static IP address: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2.
where is the ROMPAQ firmware image file and is the file name for the uncompressed binary image file. For example: ROMPAQ /D cpqq0801.D14 ldrImage.bin ROMPAQ Firmware Upgrade Utility, Version 5.02 (R) Copyright (c) Hewlett-Packard Corporation, 1994-2006 Input file: CPQQ0801.D14 Output file: LDRIMAGE.BIN The load command is used to retrieve a binary image from a specific source location (specified as a URL) and place it at the specified target address.
takes several minutes. After the firmware upgrade process is complete, verify that the new version of the firmware is active. If the firmware upgrade process fails after sufficient time (at least 5 minutes), reboot the server, and verify that the previous version of the firmware is still active. Always reboot the server before retrying the firmware upgrade process. After installing the firmware, the IP address of the server might reset to the default value.
Using LO 100 In this section New features ......................................................................................................................................... 15 Using SSL .............................................................................................................................................. 15 Using SSH ............................................................................................................................................. 16 Using CLP........
If you cannot access the login page, you must verify the SSL encryption level of your browser is set to 128 bits. The SSL encryption level within the management processor is set to 128 bits and cannot be changed. The browser and management processor encryption levels must be the same. To use the preinstalled certificate, enter https://ipaddress in the address line of the browser, which uses SSL-encrypted communication. Enter http://ipaddress to use non-SSL encrypted communication.
o To start an existing saved session called session name, enter: putty.exe -load "session name" When you press Enter using PuTTY versions earlier than 0.54, two line feeds might appear on a single line feed. To avoid this issue and for best results, HP recommends using version 0.54 or later. Using the OpenSSH utility OpenSSH is a free version of the SSH protocol available for download on the Internet.
• Target—The default target is the /. The target can be changed by the cd command or by specifying a target on the command line. • Options—The following options are valid: o -help/-h o -all/-a • Properties are the attributes of the target that can be modified. • Output—The output syntax is text. The valid Boolean values for any command are true and false. General notes If the commands on the CLP command span more than one line, you cannot navigate between different lines.
Calling help for a target returns any information about the target and what it contains. You can call help for any target that is not contained in the current directory (help map1 can be called from system1). — /./-> system1 -h Invalid command — /./-> system1 -help Invalid command — /./-> help system1 Host System Directory — /./-> help map1 Management Service Processor Directory — /./-> cd system1 — /.
Unsupported Command /./system1/-> name -h Invalid command /./system1/-> • The exit command terminates the CLP session. • The cd command sets the current default target. The context works like a directory path. The root context for the server is /., which is the starting point for a CLP system. By changing the context, you can shorten commands. For example: o cd changes the directory. o cd .. moves up the tree one directory.
target address. In a remote management processor implementation, the firmware downloads a full image file using TFTP from the specified location and programs flash with the image. In a remote management processor implementation, /map1/firmware is a valid target. The load command supports usage only with the following options. o -source —This option must be specified.
Targets Properties fwversion=0.59 Verbs cd version exit show reset load help /./map1/firmware/-> show fwversion fwversion=0.59 /./map1/firmware/-> fwversion Invalid command /./map1/firmware/-> Specific commands CLP syntax for specific commands is found in the sections that also describe the functionality through the Web interface. IPMI 2.0 support LO 100 supports the industry-standard IPMI 2.0.
o • HMAC-SHA1-96 Confidentiality algorithms o None o AES-CBC-128 Logging in to LO 100 You can log in to the remote management processor through a web browser ("Logging in through a web browser" on page 23) or through the CLP ("Logging in through the CLP" on page 23). If you are unsure of your DHCP IP address, refer to the "Configuring network access (on page 9)" section. Logging in through a web browser 1. Browse to the IP address of the remote management processor to access the login screen. 2.
Browser main menu options Using a web browser, you can access all of the basic remote management capabilities of LO 100.
Controlling server power from a browser The Virtual Power screen displays current power status, how long the server has been powered on, and the reason for the last server restart. To display the Virtual Power screen, click Virtual Power on the main menu navigation bar. To modify Chassis Actions, select the desired Power Control Option in the Chassis Actions section, and click Apply to initiate the action. A restore policy controls how the system responds when power is connected to the server.
5. To reset the server, enter reset /system1. For example: /./system1/> reset System1 reset. Monitoring sensors LO 100 provides operating system-independent remote monitoring of the current status of major sensors of a target server including system temperature, fans, and voltage. You can view the data for this feature on the Monitoring Sensors Page through a web browser or through the BIOS Setup Utility.
Platform event filtering configuration The PEF Configuration screen enables you to configure LO 100 to take selected actions on received or internally generated event messages. These actions include powering down the system, system reset, and triggering the generation of an alert.
o Alert Policy (dropdown list adjacent to the Add button) enables you to select an alert policy (if defined). Alert policies are defined on the PET Configuration screen. See "Platform event trap configuration (on page 43)" for more information. If alert policies are not defined (default), the Alert Policy dropdown list displays No Alert Policy. The Alert Policy dropdown list populates after alert policies are defined and configured.
Properties number=1 date=12/20/2004 time=15:22:05 sensordescription= Backplane +12V eventdescription= Upper Critical-going high eventdirection=Assertion Verbs cd version exit show reset oemhp help Accessing the system event log from the BIOS Setup Utility 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced menu. 3. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. 4.
2. Click Virtual KVM / Media. The LO 100 remote graphic console window appears. 3. Click OK to take full control of the system, or click Cancel to access the system in a view-only mode. Before using the mouse in LO 100 remote graphic console, HP recommends synchronizing your local and remote mouse pointers. See "Mouse synchronization (on page 33)" for more information. There are three menus in the remote graphic console menu bar: Virtual KVM, Preferences, and Help.
• Keyboard opens a virtual keyboard enabling you to change the language of the virtual keyboard. To change keyboard settings, see "Remote graphic console preference settings ("Remote graphic console settings" on page 31)" for more information. o Lock is a special button that is added to each language virtual keyboard. o If you click the Lock button, special keys, such as shift, Alt, Ctrl, context, and windows that you press remain in a pressed status.
o • Absolute Mode causes the LO 100 remote graphic console to send raw x and y coordinates to the server. The Keyboard tab enables you to set the language of the virtual keyboard and the type of connection you are using. English is the default language. You can change the language of the virtual keyboard by selecting one of the 12 languages. The remote side server and local side server (the LO 100 remote graphic console) must use the same language for the virtual keyboard to function properly.
To record all log messages to the console, select Console from the Logging list. To check log messages in the Java™ console window, select Sun Java Console from the list on the Tools menu of Internet Explorer menu bar. To record all log messages to a file, select Log File from the Logging list, enabling the Console Log File textbox. Click the Browse button to select a file in which log messages will be stored, or enter the fully qualified file name of the selected file in the textbox.
d. Set the acceleration parameters. For example: xset m 1/1 1 • For Red Hat Enterprise Linux, set the acceleration parameters using: xset m 1/1 1 System buttons On the virtual keyboard, there are eight different system buttons: LCtrl, LWin, LAlt, RAlt, RWin, RCtrl, Context, and [Lock]. These buttons can be used as virtual keys and are similar to the keys the physical keyboard of your local machine.
Adding a virtual media device The LO 100 Virtual Media option provides you with a virtual floppy disk drive and CD-ROM drive, which can direct a remote host server to boot and use standard media from anywhere on the network. Virtual devices are available when the host system is booting. To add a new virtual device, click Add on the storage devices page. The Add Storage Device window appears. This window has the following options: • The Look In list enables you to change your directory or drive.
4. In the Storage Type dropdown list, select the storage type that matches the selected resource and click Select. You must have valid media in the drive if a removable media device type is selected. The selected device displays in the dialog box. 5. Select the device and click Connect. A message box appears, indicating either the device has been successfully connected or a problem has occurred. 6. Click OK to close the Storage Device window.
After completing the console redirection process, you can view the boot process remotely from a client PC through an established telnet session to the IP address of LO 100. See your operating system documentation for instructions on establishing telnet sessions. To redirect the console to the telnet session and view the boot process, press the Esc+Q keys in the telnet session during server boot.
enabled, displays the processes that are running and enables administrators to halt processes. This capability is important in cases in which video, device drivers, or other operating system features have prevented normal operation and normal corrective actions. To enable Windows® EMS management on the target system: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced>Console Redirection menu. 3.
User administration The User Administration option on the main menu navigation bar enables you (if authorized) to edit the user name and password for existing users. You cannot create a new user. The user password is stored in nonvolatile memory and can be changed through a web browser ("Changing user settings through a web browser" on page 39) or through the CLP ("Changing user settings through the CLP" on page 40).
To modify user settings: 1. Click User Administration on the main menu navigation bar. 2. Enter the password in the Password and Confirm Password fields. 3. Select the User Privilege level from the dropdown list. See "User administration (on page 39)" for more information on user privileges and access rights. 4. Change the user name, if needed. 5. Click the Set button to save the changes. Changing user settings through the CLP The first user is a fixed null value.
Network settings You can view and modify network settings for LO 100 using a web browser, CLP, or the BIOS Setup Utility. If you change the IP address, the connection to the server terminates. You must reconnect to the server using the new IP address. Configuring network settings using a web browser The Network Settings screen displays IP address, subnet mask, and other TCP/IP-related settings.
o oemhp_nonvol_dhcp_enable specifies whether DHCP is enabled for the NIC and address stored in non-volatile memory. Configuring network settings using the BIOS Setup Utility To enable a static IP address: 1. Press the F10 key during POST to enter the BIOS Setup Utility. 2. Press the right arrow (→) key to navigate to the Advanced menu. 3. Press the down arrow (↓) key to scroll to IPMI. Press the Enter key. 4. Press the down arrow (↓) key to scroll to the LAN Configuration menu. Press the Enter key.
Platform event trap configuration The IPMI PEF Configuration screen enables you to set an alarm or specified condition originating on the server to alert an IPMI 2.0-supported systems management console. To access this page from a browser, click IPMI PEF Configuration on the main menu navigation bar. The Global PEF Enable section enables you to set a global PEF action. To enable, select Enabled in the PEF Enable drop down box, select the PEF action, and click Apply.
LO 100. For Microsoft® Windows®, if you do not have a TFTP software package, use TFTPD32.EXE, which is available on the Internet. Linux generally has a TFTP server installed with the operating system. If it is not, see your Linux documentation for more information. NOTE: When you use the CLP load command with TFTPD32, HP recommends using a 30second timeout and 6 retries. NOTE: When using the CLP load command in Linux set the timeout to 15000000.
Installing a certificate or private key through a web browser The Security Settings page enables you to install new keys and certificates for SSL and SSH connections. To install a certificate through the browser: 1. Log in to LO 100 as an administrator. 2. Click Security Settings on the browser main menu navigation bar. 3. Enter the IP address of the TFTP server in the tftp server IP address field. 4. On the dropdown menu under File type, select Certificate. 5.
o Path is the path of the file relative to the TFTP server root. o filename is the file name of the certificate file (server_cacert.pem in this example). You can also find these commands in /map1/firmware directory. NOTE: After using the load command LO 100 will reset ending your CLP interface session. You must reconnect to the CLP interface. To install a private key, log in to LO 100 as administrator through the CLP interface and issue the load command to upload and install the certificate.
Acronyms and abbreviations BIOS Basic Input/Output System BMC baseboard management controller CLI Command Line Interface CLP command line protocol DHCP Dynamic Host Configuration Protocol DSA Digital Signature Algorithm EMS Emergency Management Services HTTP hypertext transfer protocol IP Internet Protocol IPMI Intelligent Platform Management Interface JVM Java Virtual Machine KVM keyboard, video, and mouse Acronyms and abbreviations 47
LO100 HP Lights-Out 100 Remote Management processors MAC Media Access Control NIC network interface card OS operating system PEF Platform Event Filtering PEM Privacy Enhanced Mail PET Platform Event Trap POST Power-On Self Test RBSU ROM-Based Setup Utility SLES SUSE Linux Enterprise Server SMASH System Management Architecture for Server Hardware SSH Secure Shell SSL Secure Sockets Layer TCP/IP Transmission Control Protocol/Internet Protocol Acronyms and abbreviations 48
TFTP Trivial File Transfer Protocol UID unit identification URL uniform resource locator VNC virtual network computing Acronyms and abbreviations 49
Index A D access options 23 accessing software, browser 23 administration 9 alert messages 43 data protection methods 15 dedicated management port 11 defining hot keys 34 DHCP (Dynamic Host Configuration Protocol) 9, 11, 12, 23, 41, 42, 43 DHCP addresses 11 DHCP, disabling 12 DHCP, enabling 11 Digital Signature Algorithm (DSA) 44 DSA (Digital Signature Algorithm) 44 Dynamic Host Configuration Protocol (DHCP) 9, 11, 12, 23, 41, 42 B base management controller (BMC) 9, 10, 11, 12, 29, 37, 42 Basic Input/O
H N hardware inventory 38 HP Systems Insight Manager, support 46 HTTP (hypertext transfer protocol) 10, 12, 42 hypertext transfer protocol (HTTP) 9, 10, 12, 15, 42 network access 9 network access, configuring 9 network interface card (NIC) 7, 9, 10, 11, 41 network settings 9, 41 network settings, configuring through a browser 41 network settings, configuring through the BIOS setup 42 network settings, configuring through the CLP 41 NIC (network interface card) 7, 9, 10, 11, 41 I importing, certificates
remote console, using 36 remote graphic console, applet 30 remote management card connectors 8 remote management processor, logging in through CLP 23 remote management, browser main menu 24 remote server power, controlling 24 requirements, SSH 16 ROM-Based Setup Utility (RBSU) 28 ROMPaq utility 12 S safety considerations 7 Secure Shell (SSH) 16, 17, 23, 43, 45 Secure Sockets Layer (SSL) 15, 43, 44, 45 sensor data, BIOS access 26 sensor data, browser access 26 sensor data, viewing 26 serial port 10 serial p
