Sun Integrated Lights Out Manager (ILOM) 2.0 is the system management firmware you can use to monitor, manage, and configure a variety of Sun server platforms.
This chapter includes the following sections:
What Is ILOM?
Sun’s Integrated Lights Out Manager (ILOM) provides advanced service processor hardware and software that you can use to manage and monitor your Sun servers. ILOM’s dedicated hardware and software is preinstalled on a variety of Sun x64-based Sun Fire servers, Sun Blade Modular Systems, and Sun Blade server modules, as well as on SPARC-based servers. ILOM is a vital management tool in the data center and can be used to integrate with other data center management tools already installed on your systems.
Sun is currently transitioning many systems to support ILOM so that customers will have a single, consistent, and standards-based service processor (SP) across Sun’s product lines. For customers, this means you will have:
- Single, consistent system management interfaces for operators
- Rich protocol and standards support
- Broadening third-party management support
- System management functions integrated into Sun servers at no extra cost
What Does ILOM Do?
ILOM enables you to actively manage and monitor the server independently of the operating system state, providing you with a reliable Lights Out Management (LOM) system. With ILOM, you can proactively:
- Learn about hardware errors and faults as they occur
- Remotely control the power state of your server
- View the graphical and non-graphical consoles for the host
- View the current status of sensors and indicators on the system
- Determine the hardware configuration of your system
- Receive generated alerts about system events in advance via IPMI PETs, SNMP Traps, or Email Alerts.
The ILOM SP runs its own embedded operating system and a dedicated Ethernet port, which together provide out-of-band management capability. In addition, you can access ILOM from the server’s host operating system that Sun supports (Solaris, Linux, and Windows). Using ILOM, you can remotely manage your server as if you were using a locally attached keyboard, monitor, and mouse.
ILOM automatically initializes as soon as power is applied to your server. It provides a full-featured, browser-based web interface and has an equivalent command-line interface. There is also an industry-standard SNMP interface and IPMI interface.
You can easily integrate these management interfaces with other management tools and processes that you may have working already with your servers, such Sun xVM Ops Center. This easy-to-use system management platform for Solaris and Linux provides the tools you need to efficiently manage systems on your network. Sun xVM Ops Center can discover new and existing systems on your network, update firmware and BIOS configurations, provision the operating environment with off the shelf distributions or Solaris images, manage updates and configuration changes, and remotely control key aspects of the service processor such as boot control, power status, and indicator lights. For more information about xVM Ops Center, go to:
http://www.sun.com/software/products/xvmopscenter/index.jsp
In addition, you can integrate ILOM with these third-party management tools:
- Altiris Deployment Server 6.8
- BMC Patrol
- CA Unicenter Network and Systems Management (NSM)
- HP OpenView Operations for UNIX
- HP OpenView Operations for Windows
- HP Systems Insight Manager
- IBM Director 1.0
- IBM Tivoli Enterprise Console
- IBM Tivoli Monitoring (ITM)
- IBM Tivoli Netcool/OMNIbus
- Microsoft System Management
- Scalent Virtual Operating Environment (V/OE)
- IPMItool 1.8.8 for Microsoft Windows 2003
A description of these third-party system management tools and their support for Sun systems is available at:
http://www.sun.com/system-management/tools.jsp
ILOM on the SP and CMM
ILOM is supported on a variety of Sun server platforms, including rackmounted servers and server modules (blades) enclosed in a modular chassis system. ILOM firmware is preinstalled on the service processor (SP) of your rackmounted server or server module, or on the Chassis Monitoring Module (CMM) that is part of the modular chassis system.
ILOM supports two ways to manage a system: using the SP directly or using the CMM, if you are using a modular chassis system.
- Using the service processor directly - Communicating directly with the rackmounted server SP or server module SP enables you to manage individual server operations. This approach may be useful in troubleshooting a server module or rackmounted server, or controlling access to specific servers in your data center.
- Using the Chassis Monitoring Module - If you are using a modular chassis system, managing the system from the CMM enables you to set up and manage components throughout the entire modular chassis system, or to drill down to manage the individual blade server SP.
ILOM Interfaces
ILOM is available through a variety of interfaces.
- Web interface - The web interface provides an easy-to-use browser interface that enables you to log in to the SP and to perform system management, monitoring, and IPMI tasks. For information about the ILOM web interface, see Chapter 4.
- Command-line interface (CLI) - The command-line interface enables you to operate ILOM using keyboard commands and adheres to industry-standard DMTF-style CLI and scripting protocols. You can connect a terminal or PC running terminal emulator software directly to the system serial port, or connect to the Ethernet network management port using a Secure Shell (SSH). For information about the CLI, see Chapter 3.
- Remote Console - The ILOM Remote Console (JavaRConsole) enables you to access your server’s console remotely. It redirects the keyboard, mouse, and video screen, and can redirect input and output from the local machine’s CD and diskette drives. For information about the Remote Console, see Chapter 12.
- Intelligent Platform Management Interface (IPMI) - Using IPMI v1.5 and v2.0 and the IPMItool utility, you can manage and configure devices using a CLI to retrieve information from the system’s Baseboard Management Controller (BMC). With IPMItool, you can monitor the status of hardware components remotely, monitor system logs, receive reports about replaceable components, and redirect the server console. For more information about IPMI, see Chapter 9.
- Simple Network Management Protocol (SNMP) interface - ILOM also provides an SNMP v3.0 interface (with limited support for SNMP v1 and SNMP v2c) for external data center management applications such as Sun Sun xVM Ops Center, or third-party applications such as Hewlett-Packard OpenView® and IBM Tivoli®. For more information about SNMP, see Chapter 10.
ILOM Management Network
Your Sun server platform comes with a network management port and a data port. These separate, physical Ethernet connections are for ILOM and the operating systems that run on the host hardware. You can choose to manage your server platform with ILOM by connecting to the dedicated network management port. If you choose to connect to ILOM through the network management port, traffic destined for ILOM is separate from any data transfers the operating system host makes. No data traffic passes through the network port. This allows management traffic to be completely isolated on a separate network, if desired.
The location and labeling of the network management port is specific to your system. In addition, the type of server platform determines how internal management communications are provided. For example, on a blade server system, the network port provides a connection to all CMMs and SPs in the chassis. Refer to your platform documentation to determine how your system provides its management communications.
If you choose not to use ILOM and the network management port to manage your server, many of the advanced features, such as environmental monitoring, IPMI management, and the web interface, will be unavailable. You can use the data port of the host operating system to access third-party network management applications, SNMP tools, or operating system utilities, however these solutions only have a limited view of the platform. You also can manage your server locally by connecting through the server’s serial port using a PC or terminal running terminal emulator software. Note that without some manner of direct connection to ILOM, you will be unable to remotely manage your Sun server platform.
ILOM Connection Methods
The way you connect to ILOM depends on your server platform.
The following table lists the different methods you can use to connect to ILOM.
TABLE 1-1 ILOM Connection Methods
Connection
Method
|
Rack
Mounted
|
Blade
|
Supported
Interface
|
Description
|
Ethernet network management connection
|
Yes
|
Yes
|
CLI and web interface
|
Connect to the Ethernet network management port. You must know ILOM’s IP address. This method supports a web interface and a command-line interface.
|
Serial connection, through server or blade
|
Yes
|
Yes
|
CLI only
|
Connect directly to the serial management port on the server or blade. If needed, use a serial adapter cable to connect to the serial port. This method supports only a command-line interface.
|
Serial connection, through CMM
|
No
|
Yes
|
CLI only
|
Connect to the serial port on the CMM. This method supports only a command-line interface.
|
Note - ILOM supports a maximum of 10 active sessions, including serial, Secure Shell (SSH), and web interface sessions.
|
To access the management network using the ILOM web interface or CLI, you need the IP address for the CMM or the SP you want to manage. Each CMM and SP is assigned a unique IP address during the initial system setup. To assign the initial IP addresses for SPs and CMMs, see Chapter 2.
Roles for ILOM User Accounts
ILOM user accounts have defined roles that determine ILOM user access and rights. Administrators can manage user accounts using the ILOM web interface or CLI.
The roles assigned to ILOM accounts are:
- Administrator - Enables access to all ILOM features, functions, and commands.
- Operator - Enables access to fully manage and monitor the host system, and also provides read-only access to ILOM configuration.
Preconfigured ILOM Administrator Account
ILOM is preinstalled with one preconfigured Administrator account:
- User name: root
- Password: changeme
The preconfigured Administrator account, known as root, cannot be deleted or changed, other than resetting its default password (changeme). This account provides built-in administrative privileges (read and write access) to all ILOM features, functions, and commands.
The first time you access ILOM, at the SP or CMM level, you will need to log in as root with the default changeme password. After you have logged in to ILOM and established network connectivity to the system, you should consider resetting the default changeme password that is associated with the ILOM root account. To prevent your system from unauthorized access, reset this password on each SP and CMM installed in your system. For information about resetting the ILOM root account password, see Reset ILOM SP.
ILOM Features
TABLE 1-2 shows the ILOM features and tasks that are common to Sun systems supporting ILOM. For information about whether the feature is supported on your system, consult the user documentation provided with your Sun server platform.
TABLE 1-2 ILOM Features
Feature
|
Customer Benefit
|
INTERFACES
|
Web interface
|
- Provides a browser-based user interface based on Sun standard.
|
Command-line interface
|
- Supports industry-standard CLIs and scripting protocols: DMTF “SMASH” CLP.
- Reuses existing scripts with Sun systems, automates tasks using familiar interfaces.
|
System management interfaces
|
- Supports industry-standard SNMP v1, v2c, v3 and IPMI v1.5 and v2.0. Platform MIB enables platform management using SNMP in addition to IPMI. Control MIB enables custom or third-party management applications to integrate with ILOM.
- Provides access to remote system using the ILOM Remote Console.
|
SECURITY
|
SSH 2.0 support
|
- Enables secure access to the CLI.
|
LDAP, MSFT Active Directory, RADIUS
|
- Supports industry-standard authentication and authorization protocols for easy integration into existing environments.
|
User management
|
- Supports Administrator and Operator roles with configurable access levels for greater security and control of systems.
|
Reset root password capability
|
- Prevents unauthorized access to the system. Password is reset to default using a push button or jumper.
|
SSL certificate
|
- Enables secure communications using default SSL certificate and self-signing key for HTTPS access.
|
LOCAL AND REMOTE ACCESS
|
Access to SP while host is powered down
|
- Enables continuous ILOM operation regardless of the state of the host operating system.
|
Dedicated network management port
|
- Separates network management traffic from data network traffic.
|
Remote Console
|
- Provides a simple web interface to access remote systems. No need to log in to the SP to start the Remote Console.
|
Editable hostname data field
|
- Allows Administrators to use the hostname data field in addition to the IP address for system identification.
|
Web interface turns on or off
|
- Restricts ILOM access and enables only CLI access.
|
MONITORING AND LOGGING
|
SNMP and IPMI monitoring and control
|
- Monitors components using industry-standard SNMP commands and the IPMI IPMItool utility.
|
Event logging
|
- Provides a consistent method for logging all “service” data.
|
Configurable alert thresholds
|
- Enables users to configure the SP to send an IPMI PET alert when system thresholds are crossed.
|
Email event notification
|
- Provides quick and convenient notification of events.
|
Hardware and system-related errors, as
well as ECC memory errors, reported into SP logs, Syslog, and remote log-host
|
- Enables faster fault diagnosis and isolation, reducing downtime.
|
POWER CONTROL
|
Forced power-off
|
- Enables emergency power off of the system.
|
Graceful shutdown and power cycling
|
- Enables users to shut down the host operating system before system power-off.
|
Remote power on and power off
|
- Enables users to control system power remotely.
|
FIRMWARE
|
Firmware versions identified from web interface
or CLI
|
- Provides a simple way to identify firmware versions.
|
Firmware updates using web interface or CLI
|
- Provides simple procedures to update firmware.
|
CONFIGURATION
|
Manual SP configuration, including IP address, through BIOS interface, serial or Ethernet SP ports,
or host OS
|
- Simplifies initial configuration.
|
SP IP address programmable from local keyboard and monitor
|
- Facilitates manual IP configuration for systems in a data center.
|
New Features in ILOM 2.0
- Active Directory
- Email alerts
- New updated Sun-specific MIBs
- SNMP Traps
- Internationalization of the Remote Console
Other Management Tools
Sun servers support a variety of system management tools that you can use to administer the system. In addition to ILOM, these system management tools include:
- Sun xVM Ops Center- Sun xVM Ops Center is a comprehensive system management tool that you can purchase separately. This tool offers flexible capabilities that simplify infrastructure management of SPARC, x64 Sun Fire servers, and Sun Blade Server Modules. With Sun xVM Ops Center, IT administrators can monitor, maintain, and provision multiple systems remotely from any Sun Sun xVM Ops Center. For more information about Sun xVM Ops Center, see the following site:
http://www.sun.com/software/products/xvmopscenter/
- Third-party system management tools - Sun systems support both SNMP (v1, v2c, v3) and IPMI (v1.5 and v2.0) to integrate third-party system management tools like HP Systems Insight Manager and IBM Tivoli. A listing of some of the key third-party system management tools and their support for Sun x64 systems is available at:
http://www.sun.com/x64/system-management/tools.jsp
Sun Integrated Lights Out Manager 2.0 User’s Guide
|
820-1188-12
|
|
Copyright © 2008 Sun Microsystems, Inc. All Rights Reserved.