I-Fabric Operation Overview
You can add or remove resources (chassis and server blades) that were not part of your original I-Fabric design. Similarly, you can remove resources that are in your current I-Fabric design.
Applying Role-Based Access Control
Role-based access control (RBAC) is a security methodology used to assign root account and superuser account capabilities to specific accounts or roles based on specific task requirements. This section provides the procedure for RBAC security to the N1 Provisioning Server software and file systems.
This section does not cover general RBAC tasks, commands, and procedures. For more information on how to use RBAC see http://docs.eng.sun.com/db/doc/817-0365/6mg5vpmbd?q=Role-Based+Access+Control.
To Apply RBAC Security
Steps
-
Log in as root on the control plane server.
-
Back up the /etc/security attribute files.
Create a subdirectory and copy the attribute files to the subdirectory. Use the cp command option -p to preserve file permissions and ownership.
Example:
cd /etc/security ls -l *attr -rw-r--r-- 1 root sys 42871 Nov 8 2002 audit_record_attr -rw-r--r-- 1 root sys 5907 Nov 8 2002 auth_attr -rw-r--r-- 1 root sys 12672 Nov 8 2002 exec_attr -rw-r--r-- 1 root sys 4715 Nov 8 2002 prof_attr mkdir attr-backup cp -p *attr attr-backupls -l attr-backup total 136 drwxr-xr-x 2 root other 512 Jan 7 18:00 . drwxr-xr-x 7 root sys 512 Jan 7 18:00 .. -rw-r--r-- 1 root sys 42871 Nov 8 2002 audit_record_attr -rw-r--r-- 1 root sys 5907 Nov 8 2002 auth_attr -rw-r--r-- 1 root sys 12672 Nov 8 2002 exec_attr -rw-r--r-- 1 root sys 4715 Nov 8 2002 prof_attr
-
Type the following commands to append the predefined N1 Provisioning Server security attributes to the /etc/security files.
cd /opt/terraspring/lib/rbac/
cat n1_auth_attr >> /etc/security/auth_attr
cat n1_exec_attr >> /etc/security/exec_attr
cat n1_prof_attr >> /etc/security/prof_attr
-
Create the /n1admin directory by typing:
mkdir n1admin
-
Add the n1admin role account.
roleadd -d /n1admin -P"N1ADMIN" n1admin
For further information about the roleadd command, see the roleadd man page roleadd(1M).
-
Change the n1admin account password.
passwd n1admin
You are prompted for the new password. Type the password and press Enter.
You are prompted to reenter the new password.
Retype the new password and press Enter.
-
Assign user accounts to the n1admin security role.
Type the command /opt/terraspring/lib/rbac]# usermod -R "n1admin" user01 where user01is a valid UNIX user account.
Note –The user account must exist. For further information about RBAC commands, see the http://docs.eng.sun.com/db/doc/817-0365/6mg5vpmbd?q=Role-Based+Access+Control.
-
Log on to the Control Plane server using the user account.
-
Type roles to list the security roles.
Example:
roles n1admin
-
Verify that the user account cannot run N1 Provisioning Server commands.
Type /opt/terraspring/sbin/image —l. The response should be image: cannot execute. If a listing of available N1 Provisioning Server images appears, then /opt/terraspring/sbin file permissions have not been set correctly. Set and validate the file permissions as directed by step 2.
-
Type su n1admin to log in as the n1adminsuperuser.
-
Verify that the user account can run N1 Provisioning Server administration commands using the n1admin role.
Note –To run any administration command, you must either specify the full path for the command or be in the directory that contains the command and prefix the command with ./.
You can do this using either of the following two methods:
-
Log in as superuser n1admin, and type /opt/terraspring/sbin/image —l to list the available N1 Provisioning Server images. For example:
su - n1admin /opt/terraspring/sbin/image —l
-
Log in as superuser n1admin and use the su command -c option to run the image —l command. For example:
su - n1admin -c "/opt/terraspring/sbin/image -l"
A list of N1 images is displayed. For example:
$ image -l IMAGE_ID IMAGE_NAME CUSTOMER SIZE OS TYPE STATE 1 solaris9u5-sun4ublade-flash __grid__ 3004789248 solaris flash READY LOCATION: nfs://3001//images/master-images/solaris9u5-sun4ublade-flash 2 solaris9u5-sun4ublade-disk-image __grid__ 30000000000 solaris disk_image READY LOCATION:nfs://3001//images/master-images/solaris9u5-sun4ublade-disk-image
-
-
Verify the user ID (uid) and group ID (gid).
Type id to display the uid and gid. The uid should be 50004(n1admin), and the gid should be 1(other). For example:
id uid=50004(n1admin) gid=1(other)
Understanding I-Fabric Component IDs
Addition and removal of I-Fabric components is based on a device ID scheme. Understanding the ID scheme will help you to effectively add and remove components within the I-Fabric. Execute the device -l command to obtain a typical listing of components and their IDs:
/opt/terraspring/sbin/device -l |
Example output:
DEVICE_ID PARENT_ID STATUS FARM_ID TYPE
2 - USED - rf:cisco-rf (cisco RouterFabric)
3002 - USED - cpu:sun-svr-420R-idb (Sun 420R)
50001 - USED - sf:stiletto-sf (Sun StilettoSwitchFabric)
50100 - USED 103 cpu:sun-svr-blade (- -)
50101 - USED 102 cpu:sun-svr-blade (- -)
50102 - USED 101 cpu:sun-svr-blade (- -)
50113 - NEW - cpu:sun-svr-blade (- -)
50115 - FREE - cpu:sun-svr-blade (- -)
50150 50001 USED - sw:stiletto-sw (- -)
50160 - USED - pwr:stiletto-pwr (- -)
10 devices found.
|
The IDs of the chassis components define the chassis to which they belong. Chassis component IDs have five digits. The second and third digits represent the chassis ID. The fourth and fifth digits represent the chassis component's ID. For example, all devices with the ID 503xx belong to a chassis with the ID 50300.
For each chassis , the IDs 5yy00 through 5yy15 are reserved for server blades, IDs 5yy50 and 5yy51 are reserved for switches, and ID 5yy60 is reserved for the system and switch controller (SSC). For example, for the fifth chassis the IDs in the following table would be assigned:
|
ID |
Device |
|---|---|
|
50500 - 50515 |
Blades |
|
50550 and 50551 |
Switch |
|
50560 |
System and switch controller |
Caution – IDs 50000 through 59999 are reserved for chassis components. Do not assign any other devices to those IDs.
Note –
The chassis itself is not listed in the CPDB as a device. In that sense, a chassis has a “virtual” ID that is the same as the ID of the S0 blade if one exists.
Changing the System Password
For security reasons, reset the default N1 Provisioning Server system password. The default password for access to the N1 Provisioning Server is
u8 (!xq] [~be4
To change the system password, run the resetpasswd -s command at the N1 Provisioning Server command line.
Configuring Load Balancers in High Availability Pairs
The N1 Provisioning Server software supports high availability (HA) load balancer pairs. Configuring load balancers for high availability mode involves two steps:
-
Creating a new device type
-
Creating a load balancer high availability pair
How to create a new device type
Steps
-
Type devtype -l |grep lb to get the ID of the device type.
Example
6 lb - - 0 7 halb - - 0 -
To create a device type for a high availability load balancer pair run:
devtype -c -n SFB10LB-ha-pair "SFB10LB HA Pair" -b -q none
Output example:
Added SFB10LB ha pair, id 25013
-
Set the HAL class for the device type you just created by running
devtype -s SFB10LB ha pair ID-H com.terraspring.drivers.sun.HighAvailabilitySFB10LB
How to create a high availability load balancer device
Steps
-
To create an instance of a high availability load balancer device run
device -c SFB10LB ha pair ID-t SFB10LB ha pair
-
To get a list of available load balancers run
device -l | grep lb
Example output:
50103 - FREE - lb:sunfireb10n-299-blade (sunw sunfireb10n) 50115 - FREE - lb:sunfireb10n-299-blade (sunw sunfireb10n) -
Set the parent for two available load balancer device IDs by running
device -s -P SFB10LB ha pair ID SFB10LB device ID
Example:
device -s -P 50103
device -s -P SFB10LB ha pair ID lSFB10LB ha pair device ID
Example:
device -s -P 50115
-
Set the the HA load balancer pair to a state of FREE by typing
device -s -F SFB10LB ha pair device ID
Configuring Sun Fire B1600 Blade Chassis Switch Connections
The blade system chassis switch may have physical connections to the following:
-
External router or switch
-
External L2 switch ports
-
Switch ports of other chassis
-
VLAN-aware NIC of provisioning servers
The presence or absence of these connections and the number of ports used depends on the network topology implemented. Ensure that the duplex and speed on both ends of the connection is properly auto-negotiated. Otherwise, network performance might be adversely affected. Also, if multiple ports are used for improving bandwidth between switches or switch—router connections, enable link aggregation on these ports.
Before setting VLAN rules to ports, VLANs need to exist in the switch database. To do this, execute the following sequence of commands:
Vty-0# configure Vty-0(config)# vlan database Vty-0(config-vlan)# vlan 1 name DefaultVlan media ethernet state active Vty-0(config-vlan)# vlan 2 name MgtVlan media ethernet state active Vty-0(config-vlan)# vlan 4 name IdleVlan media ethernet state active Vty-0(config-vlan)# vlan 8 name ImageVlan media ethernet state active Vty-0(config-vlan)# vlan 9 name ControlVlan media ethernet state active Vty-0(config-vlan)# vlan 10 name VLAN10 media ethernet state active Vty-0(config-vlan)# vlan 11 name VLAN11 media ethernet state active |
When done creating all VLANs, press Ctrl Z or end to leave the configuration mode.
The following describes the configuration steps for ports involved in these connections.
To Configure Chassis Switch Ports
Steps
-
Connect ports to the external router.
Configure these ports as trunk ports that allow tagged packets. The blade system chassis switches require explicit enabling of VLANs allowed on trunk connections. Configure all VLANs except the switch management VLAN (factory default set to VLAN 2) to pass through.
On the blade system chassis switch, the set of commands used to achieve this is as follows:
Vty-0(config)#interface ethernet NETP0 Vty-0(config-if)# description External RJ-45 connector NETP0 Vty-0(config-if)# switchport allowed vlan add 1 untagged Vty-0(config-if)# switchport native vlan 1 Vty-0(config-if)# switchport mode trunk Vty-0(config-if)# switchport allowed vlan add 10-1024 tagged Vty-0(config-if)# switchport forbidden vlan add 2 Vty-0(config-if)#
In the above example VLANs 10-1024 are allowed on tagged port NETP0. All other VLANs are forbidden.
-
Connect ports to the external switch ports.
These connections may be of two types: trunk connections to the external switch using the NetP7 port and control plane connections using the NetMgt port.
For trunk connections using the NetP7 port, the configuration requirements and commands to do this are the same as in the previous step.
For control plane connections using the NetMgmt port, the NetMgmt port must be in the management VLAN of the switch (by default, VLAN 2). This is a factory default setting, but verify this during the configuration phase.
interface ethernet NETMGT
switchport allowed vlan add 2 untagged
switchport native vlan 2
switchport allowed vlan remove 1
switchport forbidden vlan add 1
-
When done creating all VLANs, press Ctrl Z or end to leave the configuration mode.
-
For ports connected to switch ports of other chassis, the requirements and commands are the same as in step 1.
-
For ports connected to VLAN-aware NIC of the provisioning server, the requirements and commands are the same as in step 3.
Configuring a Router for External Access to a Farm
After a farm is activated, you might want to configure an external router to enable external access to a farm and its components. Because the external router is considered external to the I-Fabric, you need to configure it manually.
After the farm is activated, execute the command fmrouter -i farm_ID to get the VLAN and IP address information for the farm. Three IP addresses are allocated for the external router configuration: one as the gateway IP address and the other two for up to two routers you can use. The VLAN for the farm on its external network is also displayed. For the farm to be accessible from an external network, enable a route to the gateway IP address on the specified VLAN.
Adding and Deleting Chassis
Depending on your computing needs, you might want to add and remove chassis.
To Add a Chassis
This section describes how to add and remove chassis dynamically within an I-Fabric.
Steps
-
Type /opt/terraspring/sbin/discoversfb1600
Running this tool launches a command-line UI that prompts you for chassis information.
-
When prompted for the IP address of the SSC of the chassis to be discovered, type each address on a separate r line.
-
When prompted to accept the list of IP addresses, type Yes to accept or No to edit the values.
-
At the prompt, type your system controller username.
-
At the prompt, type your system controller password.
You are then asked whether your system controller username and password are the same as your switch username and password.
-
Indicate whether the user names and passwords are the same.
-
Continue to provide the information as prompted by the UI.
The discoversfb1600 command then attempts to discover the specified chassis. Thediscoversfb1600 command automatically adds the chassis's components, such as the server blades, SSCs, and their interconnections. The discovery process takes a few minutes to execute for each shelf.
Example:
/opt/terraspring/sbin/discoversfb1600 SFB1600 Discovery Please enter a list of SFB1600 System Controller IP Addresses End the list with an empty line IP Address of Blade System Controller #1: 10.5.132.65 IP Address of Blade System Controller #2: Checking Blade System Chassis... 1: 10.5.132.65 : OK Checking Blade System Chassis entries in database.... 1: 10.5.132.65 : OK Using the following IP addresses: 1: 10.5.132.65 Do you want to configure this shelf [yes/no]? yes Enter common user name: admin Enter common password: Are the switch user name and password the same as the management user name and password? [yY/nN]y Configuring devices...... Enter default gateway: 10.5.132.1 Enter netmask: 255.255.255.0 Please enter VLAN ranges. Enter VLAN range lower bound (Press ENTER if done) : 10 Enter VLAN range upper bound (Press ENTER if done) : 255 Enter VLAN range lower bound (Press ENTER if done) : How many switches has the shelf with controller 10.5.132.65 got? 2 Enter switch IP for switch 1: 10.5.132.68 Enter the SSC number corresponding to this switch [ssc0/ssc1]: ssc0 Configuring switch with IP 10.5.132.68... done! Enter switch IP for switch 2: 10.5.132.69 Enter the SSC number corresponding to this switch [ssc0/ssc1]: ssc1 Configuring switch with IP 10.5.132.69... done! Configuring blades with controller IP 10.5.132.65... Warning: assuming SC and Switch have same login username. Warning: assuming SC and Switch have same login password. Discovering shelf with IP: 10.5.132.65. Please Wait... Done! Connected to jdbc:oracle:thin:@idb:1521:tsprdb as XCF Processing WML file /var/tmp/devices.20031125.201509.wml ... Segment name: Adding device type: sunfireb100x-238-blade Adding port: p0 Adding port: s0 Adding port: ide Adding adapter: eth type: ge Adding port: eth0 Adding port: eth1 Adding local disk: local1 size: 30000000000 Adding disk address, port: ide target: 0 lun: 0 **WARNING** Skipping device type 'sun-b1600-shelf'. It is already defined. Adding device sun-b1600-shelf:50299 with attributes: {} **WARNING** Updating device '50001'. It is already defined. Adding device sun-b1600-sw:50250 with attributes: {rack-id=50299, netmask=255.255.255.0, ipaddress=10.5.132.68, gateway=10.5.132.1} Adding device sun-b1600-sw:50251 with attributes: {rack-id=50299, netmask=255.255.255.0, ipaddress=10.5.132.69, gateway=10.5.132.1} Adding device sun-b1600-pwr:50260 with attributes: {rack-id=50299, netmask=255.255.255.0, ipaddress=10.5.132.65, gateway=10.5.132.1}Adding device sunfireb100s-95-blade:50200 with attributes: {rack-id=50299, slot-num=0, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50201 with attributes: {rack-id=50299, slot-num=1, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50211 with attributes: {rack-id=50299, slot-num=11, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50202 with attributes: {rack-id=50299, slot-num=2, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50203 with attributes: {rack-id=50299, slot-num=3, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50204 with attributes: {rack-id=50299, slot-num=4, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50205 with attributes: {rack-id=50299, slot-num=5, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50206 with attributes: {rack-id=50299, slot-num=6, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50207 with attributes: {rack-id=50299, slot-num=7, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100s-95-blade:50208 with attributes: {rack-id=50299, slot-num=8, role=PES} Adding device port: eth0 Adding device port: eth1 Adding device sunfireb100x-238-blade:50209 with attributes: {rack-id=50299, slot-num=9, role=PES} Adding device port: eth0 Adding device port: eth1Adding connection from 50250/snp0 to 50200/eth0 Adding connection from 50251/snp0 to 50200/eth1 Adding connection from 50260/0 to 50200/p0 Adding connection from 50260/s0 to 50200/s0 Adding connection from 50250/snp1 to 50201/eth0 Adding connection from 50251/snp1 to 50201/eth1 Adding connection from 50260/1 to 50201/p0 Adding connection from 50260/s1 to 50201/s0 Adding connection from 50250/snp11 to 50211/eth0 Adding connection from 50251/snp11 to 50211/eth1 Adding connection from 50260/11 to 50211/p0 Adding connection from 50260/s11 to 50211/s0 Adding connection from 50250/snp2 to 50202/eth0 Adding connection from 50251/snp2 to 50202/eth1 Adding connection from 50260/2 to 50202/p0 Adding connection from 50260/s2 to 50202/s0 Adding connection from 50250/snp3 to 50203/eth0 Adding connection from 50251/snp3 to 50203/eth1 Adding connection from 50260/3 to 50203/p0 Adding connection from 50260/s3 to 50203/s0 Adding connection from 50250/snp4 to 50204/eth0 Adding connection from 50251/snp4 to 50204/eth1 Adding connection from 50260/4 to 50204/p0 Adding connection from 50260/s4 to 50204/s0 Adding connection from 50250/snp5 to 50205/eth0 Adding connection from 50251/snp5 to 50205/eth1 Adding connection from 50260/5 to 50205/p0 Adding connection from 50260/s5 to 50205/s0 Adding connection from 50250/snp6 to 50206/eth0 Adding connection from 50251/snp6 to 50206/eth1 Adding connection from 50260/6 to 50206/p0 Adding connection from 50260/s6 to 50206/s0 Adding connection from 50250/snp7 to 50207/eth0 Adding connection from 50251/snp7 to 50207/eth1 Adding connection from 50260/7 to 50207/p0 Adding connection from 50260/s7 to 50207/s0 Adding connection from 50250/snp8 to 50208/eth0 Adding connection from 50251/snp8 to 50208/eth1 Adding connection from 50260/8 to 50208/p0 Adding connection from 50260/s8 to 50208/s0 Adding connection from 50250/snp9 to 50209/eth0 Adding connection from 50251/snp9 to 50209/eth1 Adding connection from 50260/9 to 50209/p0 Adding connection from 50260/s9 to 50209/s0Marking device '50200' as free. Marking device '50201' as free. Marking device '50202' as free. Marking device '50203' as free. Marking device '50204' as free. Marking device '50205' as free. Marking device '50206' as free. Marking device '50207' as free. Marking device '50208' as free. Marking device '50209' as free. Marking device '50211' as free. Marking device '50250' as used. Marking device '50251' as used. Marking device '50260' as used. Marking device '50299' as used. File '/var/tmp/devices.20031125.201509.wml' processed successfully Clz6pK2b6qw= 50260 Password set : 50250 Password set : 50251 Password set : 50260 Validating the blades. This may take upto 30 minutes. You can choose to skip this step. Do you want to continue [yes/no]? no -
Type the device -l command to verify that the chassis has been added. See the example inUnderstanding I-Fabric Component IDs for details on how to use this command.
See the example inUnderstanding I-Fabric Component IDs for details on how to use this command.
To Delete Chassis
This procedure describes how to dynamically delete chassis from an I-Fabric.
Before You Begin
All server blade components of the chassis to be deleted must be in FREE or NEW state. You can change device states by using the device command. See the deletesfb1600 man page for details on how to use that command.
Steps
-
Type the command:
/opt/terraspring/sbin/deletesfb1600 -d chassis-ID
-
If the chassis is in a valid state for deletion, you are prompted to confirm deletion of the chassis and all its subcomponents. Type y to delete the chassis an its subcomponents.
-
Type the device -l command to verify that the chassis has been deleted.
See the example in Understanding I-Fabric Component IDs for details on how to use this command.
Example 2–1 Sample Actions for Deleting a Chassis
/opt/terraspring/sbin/deletesfb1600 -d 50900
Chassis id 50900 components are:
DEVICE_ID STATUS FARM_ID TYPE
50902 FREE - cpu:sun-svr-blade
50951 USED - sw:stiletto-sw
Chassis id 50900is in a valid state for DELETION.
Delete chassis id 50900 and its subcomponents from the database (Yy/Nn)?y
Deleted chassis id 50900 and all its subcomponents from the database.
|
Adding, Moving, and Deleting Chassis Components
Depending on your computing needs, you might want to add, move, or delete chassis components, such as server blades. This section describes how to add, move and delete chassis components dynamically within an I-Fabric.
Synchronizing the Physical and Database Environment
After you have made changes to the physical state of the chassis, for example, removing or adding a blade, use the /opt/terraspring/sbin/shelfsync command to synchronize the CPDB with the physical state of the chassis. Synchronization is preceded by the task of discovering the device to be synchronized. This task is common to adding, removing, moving, and exchanging server blades. Therefore the discovery process and the related example is only shown once in the Adding, Moving, and Deleting Chassis Components section. Subsequent synchronization sections show only the recommended action and synchronization processes and related examples.
To Add Server Blades and Switch and System Controllers
Steps
-
Begin synchronization of the CPDB with the discovery of the chassis's physical state by entering the server blade's IP address or device ID when prompted to do so.
-
At the prompt, type your system controller username.
-
At the prompt, type your system controller password.
You are asked whether the system controller user name and password are the same as the switch user name and password.
-
Indicate whether the user names and passwords are the same.
When the discovery process has completed successfully, the actual synchronization process begins.
-
-
When prompted to either type q for exiting or the line number for the recommended action, enter the line number.
-
When asked whether to add the device, type y
-
When all recommended actions are completed or you do not want to complete the remaining recommended actions, type q to exit.
-
When prompted to either resynchronize the shelf with its saved state, to synchronize another chassis, or to exit, make the appropriate selection for synchronizing all the chassis you want to have synchronized.
-
Type 3 at the prompt to exit.
Example 2–2 Sample Actions for Adding Server Blades and SSCs
/opt/terraspring/sbin/shelfsync
Begining synchronization of the I-Fabric's database with an SFB1600's
physical state.
Enter SFB1600 management IP address or the device ID: 10.5.132.65
Database query in progress. Please wait.
Found: ipaddr="10.5.132.65" shelfid="50200" powerid="50260"
Checking network connectivity to 10.5.132.65....Done. Network connectivity:
OK
Attempting discovery of the specified SFB1600 device.
Management interface user name: admin
Password:
Are the switch user name and password the same as the management user name
and password? [yY/nN]y
Is there any new switch added to the shelf that you want to bench
configure? [yY/nN]n
Device discovery for 10.5.132.65 in progress. Please wait.
Writing WML output to /var/tmp/deviceWML.29789
Device discovery succeeded.
Fetching database state.....Please Wait.....Done!!
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0 Discovered ADD 50211 00:03:BA:26:91:AD
1 Discovered ADD 50251 sw_50251_SSC1
* = action has been run, entering -y will suppress acknowledgement prompts
Enter line number(s) from above or q for quit: 1
ADD device 50251 (Identification: sw_50251_SSC1)? [y/n] y
Adding device 50251 by running /var/tmp/add.withtype.50251:
<segment>
<device-type name="sun-b1600-shelf" parent="bls" desc="Sun B1600 Shelf">
</device-type>
...
Processing WML file /var/tmp/add.withtype.50251 ...
**WARNING** Skipping device type 'sun-b1600-shelf'. It is already defined.
**WARNING** Updating device '50001'. It is already defined.
File '/var/tmp/add.withtype.50251' processed successfully
Password set : 50251
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0 Discovered ADD 50250 sw_50250_SSC0
1 Discovered *ADD 50251 sw_50251_SSC1
* = action has been run, entering -y will suppress acknowledgement prompts
Enter line number(s) from above or q for quit: 0
ADD device 50211 (Identification: 00:03:BA:26:91:AD? [y/n] y
Adding device 50211 by running /var/tmp/add.withtype.50211:
<segment>
<device-type name="sun-b1600-shelf" parent="bls" desc="Sun B1600 Shelf">
</device-type> ...
Processing WML file /var/tmp/add.withtype.50211 ...
**WARNING** Skipping device type 'sun-b1600-shelf'. It is already defined.
File '/var/tmp/add.withtype.50211' processed successfully
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0 Discovered *ADD 50211 00:03:BA:26:91:AD
1 Discovered *ADD 50251 sw_50251_SSC1
* = action has been run, entering -y will suppress acknowledgement prompts
Enter line number(s) from above or q for quit: q
What do you want to do next:
#1. Re-sync the current SFB1600 device with its saved state.
#2. Synchronize another SFB1600 device with its saved state.
#3. Exit.
Make selection (1-3): 3
bash-2.03#
|
To Delete Server Blades and Switch and System Controllers
The following steps describe how to delete server blades and SSCs in an I-Fabric that are not being used in a farm.
Before You Begin
Before physically removing server blades and SSCs, run the removefru blade command from the system controller. See the Sun Fire™ B1600 Blade System Chassis documentation for details on how to use this command.
All blades to be deleted must be in FREE or NEW state. You can change device states by executing the device command. See the device man page for details on how to use that command.
Caution – Do not remove the SSC0 component, otherwise N1 Provisioning Server software will fail.
Steps
-
When prompted to either type q for exiting or type the line number for the recommended action, type the line number to delete the device.
-
When prompted whether to delete the device, type y.
You are prompted to confirm the deletion.
-
Type y again.
-
When all recommended actions are completed or you do not want to complete the remaining recommended actions, type q to exit.
You are asked whether you want to resynchronize the chassis with its saved state, synchronize another chassis, or exit.
-
Make the appropriate selection for synchronizing all the chassis you want to have synchronized.
-
Type 3 at the prompt to exit.
Example 2–3 Sample Actions for Deleting server Blades and SSCs
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: Removed DELETE 50110 00:03:BA:26:91:AD
1: Removed DELETE 50151 sw_50151_SSC1
* = action has been run
Enter line number from above or q for quit: 0
DELETE device 50110 (Identification 00:03:BA:26:91:AD)? [y/n] y
/opt/terraspring/sbin/device -d 50110
Are you sure to delete (y/n)? y
Deleted device 50110
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: Removed *DELETE 50110 00:03:BA:26:91:AD
1: Removed DELETE 50151 sw_50151_SSC1
* = action has been run
Enter line number from above or q for quit: 1
DELETE device 50151 (Identification sw_50151_SSC1)? [y/n] y
/opt/terraspring/sbin/device -d 50151
Are you sure to delete (y/n)? y
Deleted device 50151
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0 Removed *DELETE 50110 00:03:BA:2A:14:4A
0 Removed *DELETE 50151 sw_50151_SSC1
* = action has been run, entering -y will suppress acknowledgement prompts
Enter line number(s) from above or q for quit: q
What do you want to do next:
#1. Re-sync the current SFB1600 device with its saved state.
#2. Synchronize another SFB1600 device with its saved state.
#3. Exit.
Make selection (1-3): 3
[root@idb1:2]#
|
To Move a Server Blade From One Slot to Another
This scenario describes moving a server blade from one slot to another one within a chassis.
Caution – In this procedure, the order in which tasks are performed is important, otherwise a conflict might occur if the server blade removed from the chassis is still in the CPDB. Ensure that you delete the server blade first from its current slot, then add it to the new one. See the example following the steps for details.
Before You Begin
Before physically removing server blades, execute the removefru blade command from the system controller. See the Sun Fire B1600 Blade System Chassis documentation for details on how to use this command.
All server blades to be deleted must be in FREE or NEW state. You can change device states by executing the device command. See the device man page for details on how to use that command.
Steps
-
When prompted to either type q for exiting or the line number for the recommended action, type the line number.
-
When prompted whether to delete or add a device, type y.
You are prompted to confirm the deletion.
-
Type y again.
Note –Do delete operations first to avoid getting error messages.
Example 2–4 Sample Actions for Moving a Blade Between Slots
In the following example, a server blade was physically moved from slot S10 to S14 of a shelf. The shelfsync discovery process recommended two actions: an addition to slot S14 (device ID 50114) and a deletion from slot S10 (device ID 50110).
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT ADD 50114 00:03:BA:26:91:F5 50110
1: CONFLICT DELETE 50110 00:03:BA:26:91:F5 50114
* = action has been run
Enter line number from above or q for quit: 1
DELETE device 50110 (Identification 00:03:BA:26:91:F5)? [y/n] y
/opt/terraspring/sbin/device -d 50110
Are you sure to delete (y/n)? y
Deleted device 50110
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT ADD 50114 00:03:BA:26:91:F5 50110
1: CONFLICT *DELETE 50110 00:03:BA:26:91:F5 50114
* = action has been run
Enter line number from above or q for quit: 0
ADD device 50114 (Identification=oo:03:BA:26:91:F5) [y/n] y
Adding device 50114 by running /var/tmp/add.withtype.50114:
<segment>
,device-type name="sun-b1600-shelf" parent="bls" desc="Sun B1600 Shelf">
</device-type>
...
Processing WML file /var/tmp/add.withtype.50114
**WARNING** Skipping device type 'sun-b1600-shelf'. It is already defined.
File '/var/tmp/add.withtype.50114' processed successfully
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT *ADD 50114 00:03:BA:26:91:F5 50110
1: CONFLICT *DELETE 50110 00:03:BA:26:91:F5 50114
* = action has been run
Enter line number from above or q for quit: q
What do you want to do next:
#1. Re-sync the current SFB1600 device with its saved state.
#2. Synchronize another SFB1600 device with its saved state.
#3. Exit.
Make selection (1-3): 3
[root@idb1:2]#
|
To Exchange Server Blades Within a Chassis
The following scenario describes the exchange of two server blades within a chassis.
Caution – In this procedure, the order in which tasks are performed is important, otherwise a conflict may occur if the server blade removed from the chassis is still in the CPDB. Ensure that you delete the server blade first from its current slot, then add it to the new one. See the example following the steps for details.
Before You Begin
Before physically removing server blades, execute the removefru blade command from the power controller. See the Sun Fire B1600 Blade System Chassis documentation for details on how to use this command.
All server blades to be deleted must be in FREE or NEW state. You can change device states by executing the device command. See the delete man page for details on how to use that command.
Steps
-
When prompted to either type q for exiting or the line number for the recommended action, type the line number.
-
When prompted whether to delete the device, type y.
You are prompted to confirm the deletion.
-
Type y again.
Example 2–5 Sample Action for Exchanging Server Blades in a Chassis
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT DELETE 50114 00:03:BA:26:91:F5 50110
1: CONFLICT ADD 50110 00:03:BA:26:91:F5 50114
2: CONFLICT ADD 50114 00:03:BA:26:91:AD 50110
3: CONFLICT DELETE 50110 00:03:BA:26:91:AD 50114
* = action has been run
Enter line number from above or q for quit: 0
DELETE device 50114 (MAC address 00:03:BA:26:91:F5)? [y/n] y
/opt/terraspring/sbin/device -d 50114
Are you sure to delete (y/n)? y
Deleted device 50114
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT *DELETE 50114 00:03:BA:26:91:F5 50110
1: CONFLICT ADD 50110 00:03:BA:26:91:F5 50114
2: CONFLICT ADD 50114 00:03:BA:26:91:AD 50110
3: CONFLICT DELETE 50110 00:03:BA:26:91:AD 50114
* = action has been run
Enter line number from above or q for quit: 3
DELETE device 50110 (Identification 00:03:BA:26:91:AD)? [y/n] y
/opt/terraspring/sbin/device -d 50114
Are you sure to delete (y/n)? y
Deleted device 50110
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT *DELETE 50114 00:03:BA:26:91:F5 50110
1: CONFLICT ADD 50110 00:03:BA:26:91:F5 50114
2: CONFLICT ADD 50114 00:03:BA:26:91:AD 50110
3: CONFLICT *DELETE 50110 00:03:BA:26:91:AD 50114
* = action has been run
Enter line number from above or q for quit: 1
ADD device 50110 (Identification=00:03:BA:26:91:F5)? [y/n] y
Adding device 50110 by running /var/tmp/add.withtype.50110:
<segment>
,device-type name="sun-b1600-shelf" parent="bls" desc="Sun B1600 Shelf">
</device-type>
...
Processing WML file /var/tmp/add.withtype.50110...
File '/var/tmp/add.withtype.50110' processed successfully
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT *DELETE 50114 00:03:BA:26:91:F5 50110
1: CONFLICT *ADD 50110 00:03:BA:26:91:F5 50114
2: CONFLICT ADD 50114 00:03:BA:26:91:AD 50110
3: CONFLICT *DELETE 50110 00:03:BA:26:91:AD 50114
* = action has been run
Enter line number from above or q for quit: 2
ADD device 50114 (Identification=00:03:BA:26:91:AD)? [y/n] y
Adding device 50114 by running /var/tmp/add.withtype.50114:
<segment>
,device-type name="sun-b1600-shelf" parent="bls" desc="Sun B1600 Shelf">
</device-type>
...
Processing WML file /var/tmp/add.withtype.50114...
File '/var/tmp/add.withtype.50114' processed successfully
Recommended actions:
Recommended
# Cause Action Identification Conflicting IDs
-- ----------- ------- ----------------------- ---------------
0: CONFLICT *DELETE 50114 00:03:BA:26:91:F5 50110
1: CONFLICT *ADD 50110 00:03:BA:26:91:F5 50114
2: CONFLICT *ADD 50114 00:03:BA:26:91:AD 50110
3: CONFLICT *DELETE 50110 00:03:BA:26:91:AD 50114
* = action has been run
Enter line number from above or q for quit: q
What do you want to do next:
#1. Re-sync the current SFB1600 device with its saved state.
#2. Synchronize another SFB1600 device with its saved state.
#3. Exit.
Make selection (1-3): 3
[root@idb1:2]#
|
Adding a Replacement Server Blade to a Farm
If you exchanged a server blade that was assigned to a farm and you want the newly placed server blade to be assigned to that farm, you need to add the new blade to the farm.
To Add a Replacement Server Blade to a Farm
Steps
-
Delete the replaceFailedDevice request in the database queue.
-
Replace the failed server blade with a new one.
-
Get the media access control (MAC) address for the new blade and update the CPDB by typing:
device -s device-ID -o port-name mac-address
-
Type replacedevice -i
-
Logon to the Control Center and submit a request for an update using the Control Center Editor.
See the N1 Provisioning Server 3.1, Blades Edition, Control Center Management Guide for details.
Replacing Switch and System Controllers
You can have dual SSCs in a chassis and configure them for automatic failover. For details on how to configure SSCs, see the N1 Provisioning Server 3.1, Blades Edition, Installation Guide.
The naming convention for dual SSCs is SSC0 and SSC1.
Note –
An SSC0 must always be present for N1 Provisioning Server software to function properly. Therefore, if SSC0 fails, replace it immediately.
To Replace an SSC
Before You Begin
Before replacing, removing, or adding an SSC, be sure to deactivate all farms associated with that SSC. You can do so either from the Control Center or by running the farm -d farm-ID command from the N1 Provisioning Server command line.
Steps
-
Before physically removing the SSC1, type removefru SSC1 from the power controller.
See the Sun Fire B1600 Blade System Chassis documentation for details on how to use this command.
-
Replace the physical component.
-
Type the shelfsync command on the control plane server to synchronize the physical state of the chassis with the database. See Synchronizing the Physical and Database Environment for details.
-
Type the switchsync command to synchronize the configuration of the switch with the configuration stored in the database for that switch.
Example 2–6 switchsync Command
bash-2.03# switchsync -d 50151 Bench configuring the switch...It may take some time... done. Loading switch configuration... done. bash-2.03# |
Adding and Removing SSCs
If you started with one SSC and want to add another SSC, use the same procedure as described in Synchronizing the Physical and Database Environment.
If you started with dual SSCs and want to remove one, remove the SSC1 component.
Caution – Do not remove the SSC0 component, otherwise the N1 Provisioning Server software will fail.
To Remove SSC1
Steps
-
Before physically removing the SSC1, typeremovefru SSC1 from the power controller.
See the Sun Fire B1600 Blade System Chassis documentation for details on how to use this command.
-
Remove the physical component.
-
At the SC prompt, type the command show SC to see which SSC is active.
-
If SSC1 is active, run the setfailover command to make SSC0 active.
-
Type shelfsync to synchronize the physical state of the chassis with the database.
See Synchronizing the Physical and Database Environmentfor details.
-
Type switchsync to synchronize the configuration of the switch with the configuration stored in the database for that switch.
Replacing Failed Resources in the Resource Pool
This section describes the procedures for replacing failed resource pool servers.
To Replace Failed Resource Pool Servers
This procedure describes how to replace failed resource pool servers.
Steps
-
Verify that the device is in a FAILED state in the CPDB by typing :
/opt/terraspring/sbin/device -l device-ID
-
If the device is not in a FAILED state, manually fail it by typing:
/opt/terraspring/sbin/device -sB device-ID
-
Configure an identical replacement device.
-
Collect the interface and port address information, such as Media Access Control (MAC) address for Ethernet ports.
-
Configure the device.
-
For details on how to configure the device see the N1 Provisioning Server 3.1, Blades Edition, Installation Guide.
Verify that the firmware is the supported version.
-
-
Remove the failed device from the I-Fabric.
-
Install the replacement or repaired device into the I-Fabric using existing cables and connectors.
-
Label the device to match the failed device.
-
Update the CPDB with the information collected in step 3, replacing the old port address information with the new one.
-
Change the state of the replacement device in the CPDB to FREE by typing:
/opt/terraspring/sbin/device -sF device-ID
To Scrub Disks
Scrubbing disks before using them in an I-Fabric is optional. However, doing so helps to speed up snapshot time and reduces the size of the compressed image. Scrubbing disks also provides additional security. Perform the following steps to scrub all disks before using them in an I-Fabric:
Steps
- © 2010, Oracle Corporation and/or its affiliates