C H A P T E R  1

Introduction to ILOM

Suntrademark Integrated Lights Out Manager (ILOM) 2.0 is the system management firmware you can use to monitor, manage, and configure a variety of Sun server platforms.

This chapter includes the following sections:


What Is ILOM?

Sun’s Integrated Lights Out Manager (ILOM) provides advanced service processor hardware and software that you can use to manage and monitor your Sun servers. ILOM’s dedicated hardware and software is preinstalled on a variety of Sun x64-based Sun Fire servers, Sun Blade Modular Systems, and Sun Blade server modules, as well as on SPARC-based servers. ILOM is a vital management tool in the data center and can be used to integrate with other data center management tools already installed on your systems.

Sun is currently transitioning many systems to support ILOM so that customers will have a single, consistent, and standards-based service processor (SP) across Sun’s product lines. For customers, this means you will have:


What Does ILOM Do?

ILOM enables you to actively manage and monitor the server independently of the operating system state, providing you with a reliable Lights Out Management (LOM) system. With ILOM, you can proactively:

The ILOM SP runs its own embedded operating system and a dedicated Ethernet port, which together provide out-of-band management capability. In addition, you can access ILOM from the server’s host operating system that Sun supports (Solaris, Linux, and Windows). Using ILOM, you can remotely manage your server as if you were using a locally attached keyboard, monitor, and mouse.

ILOM automatically initializes as soon as power is applied to your server. It provides a full-featured, browser-based web interface and has an equivalent command-line interface. There is also an industry-standard SNMP interface and IPMI interface.

You can easily integrate these management interfaces with other management tools and processes that you may have working already with your servers, such Sun xVM Ops Center. This easy-to-use system management platform for Solaris and Linux provides the tools you need to efficiently manage systems on your network. Sun xVM Ops Center can discover new and existing systems on your network, update firmware and BIOS configurations, provision the operating environment with off the shelf distributions or Solaris images, manage updates and configuration changes, and remotely control key aspects of the service processor such as boot control, power status, and indicator lights. For more information about xVM Ops Center, go to:

http://www.sun.com/software/products/xvmopscenter/index.jsp

In addition, you can integrate ILOM with these third-party management tools:

A description of these third-party system management tools and their support for Sun systems is available at:

http://www.sun.com/system-management/tools.jsp


ILOM on the SP and CMM

ILOM is supported on a variety of Sun server platforms, including rackmounted servers and server modules (blades) enclosed in a modular chassis system. ILOM firmware is preinstalled on the service processor (SP) of your rackmounted server or server module, or on the Chassis Monitoring Module (CMM) that is part of the modular chassis system.

ILOM supports two ways to manage a system: using the SP directly or using the CMM, if you are using a modular chassis system.


ILOM Interfaces

ILOM is available through a variety of interfaces.


ILOM Management Network

Your Sun server platform comes with a network management port and a data port. These separate, physical Ethernet connections are for ILOM and the operating systems that run on the host hardware. You can choose to manage your server platform with ILOM by connecting to the dedicated network management port. If you choose to connect to ILOM through the network management port, traffic destined for ILOM is separate from any data transfers the operating system host makes. No data traffic passes through the network port. This allows management traffic to be completely isolated on a separate network, if desired.

The location and labeling of the network management port is specific to your system. In addition, the type of server platform determines how internal management communications are provided. For example, on a blade server system, the network port provides a connection to all CMMs and SPs in the chassis. Refer to your platform documentation to determine how your system provides its management communications.

If you choose not to use ILOM and the network management port to manage your server, many of the advanced features, such as environmental monitoring, IPMI management, and the web interface, will be unavailable. You can use the data port of the host operating system to access third-party network management applications, SNMP tools, or operating system utilities, however these solutions only have a limited view of the platform. You also can manage your server locally by connecting through the server’s serial port using a PC or terminal running terminal emulator software. Note that without some manner of direct connection to ILOM, you will be unable to remotely manage your Sun server platform.


ILOM Connection Methods

The way you connect to ILOM depends on your server platform.

The following table lists the different methods you can use to connect to ILOM.


TABLE 1-1 ILOM Connection Methods

Connection
Method

Rack
Mounted

Blade

Supported
Interface

Description

Ethernet network management connection

Yes

Yes

CLI and web interface

Connect to the Ethernet network management port. You must know ILOM’s IP address. This method supports a web interface and a command-line interface.

Serial connection, through server or blade

Yes

Yes

CLI only

Connect directly to the serial management port on the server or blade. If needed, use a serial adapter cable to connect to the serial port. This method supports only a command-line interface.

Serial connection, through CMM

No

Yes

CLI only

Connect to the serial port on the CMM. This method supports only a command-line interface.




Note - ILOM supports a maximum of 10 active sessions, including serial, Secure Shell (SSH), and web interface sessions.


To access the management network using the ILOM web interface or CLI, you need the IP address for the CMM or the SP you want to manage. Each CMM and SP is assigned a unique IP address during the initial system setup. To assign the initial IP addresses for SPs and CMMs, see Chapter 2.


Roles for ILOM User Accounts

ILOM user accounts have defined roles that determine ILOM user access and rights. Administrators can manage user accounts using the ILOM web interface or CLI.
The roles assigned to ILOM accounts are:


Preconfigured ILOM Administrator Account

ILOM is preinstalled with one preconfigured Administrator account:

The preconfigured Administrator account, known as root, cannot be deleted or changed, other than resetting its default password (changeme). This account provides built-in administrative privileges (read and write access) to all ILOM features, functions, and commands.

The first time you access ILOM, at the SP or CMM level, you will need to log in as root with the default changeme password. After you have logged in to ILOM and established network connectivity to the system, you should consider resetting the default changeme password that is associated with the ILOM root account. To prevent your system from unauthorized access, reset this password on each SP and CMM installed in your system. For information about resetting the ILOM root account password, see Reset ILOM SP.


ILOM Features

TABLE 1-2 shows the ILOM features and tasks that are common to Sun systems supporting ILOM. For information about whether the feature is supported on your system, consult the user documentation provided with your Sun server platform.


TABLE 1-2 ILOM Features

Feature

Customer Benefit

INTERFACES

Web interface

  • Provides a browser-based user interface based on Sun standard.

Command-line interface

  • Supports industry-standard CLIs and scripting protocols: DMTF “SMASH” CLP.
  • Reuses existing scripts with Sun systems, automates tasks using familiar interfaces.

System management interfaces

  • Supports industry-standard SNMP v1, v2c, v3 and IPMI v1.5 and v2.0. Platform MIB enables platform management using SNMP in addition to IPMI. Control MIB enables custom or third-party management applications to integrate with ILOM.
  • Provides access to remote system using the ILOM Remote Console.

SECURITY

SSH 2.0 support

  • Enables secure access to the CLI.

LDAP, MSFT Active Directory, RADIUS

  • Supports industry-standard authentication and authorization protocols for easy integration into existing environments.

User management

  • Supports Administrator and Operator roles with configurable access levels for greater security and control of systems.

Reset root password capability

  • Prevents unauthorized access to the system. Password is reset to default using a push button or jumper.

SSL certificate

  • Enables secure communications using default SSL certificate and self-signing key for HTTPS access.

LOCAL AND REMOTE ACCESS

Access to SP while host is powered down

  • Enables continuous ILOM operation regardless of the state of the host operating system.

Dedicated network management port

  • Separates network management traffic from data network traffic.

Remote Console

  • Provides a simple web interface to access remote systems. No need to log in to the SP to start the Remote Console.

Editable hostname data field

  • Allows Administrators to use the hostname data field in addition to the IP address for system identification.

Web interface turns on or off

  • Restricts ILOM access and enables only CLI access.

MONITORING AND LOGGING

SNMP and IPMI monitoring and control

  • Monitors components using industry-standard SNMP commands and the IPMI IPMItool utility.

Event logging

  • Provides a consistent method for logging all “service” data.

Configurable alert thresholds

  • Enables users to configure the SP to send an IPMI PET alert when system thresholds are crossed.

Email event notification

  • Provides quick and convenient notification of events.

Hardware and system-related errors, as
well as ECC memory errors, reported into SP logs, Syslog, and remote log-host

  • Enables faster fault diagnosis and isolation, reducing downtime.

POWER CONTROL

Forced power-off

  • Enables emergency power off of the system.

Graceful shutdown and power cycling

  • Enables users to shut down the host operating system before system power-off.

Remote power on and power off

  • Enables users to control system power remotely.

FIRMWARE

Firmware versions identified from web interface
or CLI

  • Provides a simple way to identify firmware versions.

Firmware updates using web interface or CLI

  • Provides simple procedures to update firmware.

CONFIGURATION

Manual SP configuration, including IP address, through BIOS interface, serial or Ethernet SP ports,
or host OS

  • Simplifies initial configuration.

SP IP address programmable from local keyboard and monitor

  • Facilitates manual IP configuration for systems in a data center.


New Features in ILOM 2.0


Other Management Tools

Sun servers support a variety of system management tools that you can use to administer the system. In addition to ILOM, these system management tools include:

http://www.sun.com/software/products/xvmopscenter/

http://www.sun.com/x64/system-management/tools.jsp