Topics
|
Description
|
Links
|
Learn about ILOM features and functionality
|
|
Related Topics
|
For ILOM
|
Chapter or Section
|
Guide
|
|
- CLI Overview
- Logging In to and Out of ILOM
|
Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide
(820-6412)
|
|
- Web Interface Overview
- Logging In to and Out of ILOM
|
Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide (820-6411)
|
|
- SNMP Overview
- IPMI Overview
|
Oracle Integrated Lights Out Manager (ILOM) 3.0 Management Protocols Reference Guide (820-6413)
|
The ILOM 3.0 Documentation Collection is available at: http://docs.sun.com/app/docs/prod/int.lights.mgr30#hic
|
What Is ILOM?
Oracle’s Integrated Lights Out Manager (ILOM) provides advanced service processor hardware and software that you can use to manage and monitor your Oracle Sun servers. ILOM’s dedicated hardware and software is preinstalled on a variety of Oracle Sun server platforms, including x86-based Sun Fire servers, Sun Blade modular chassis systems, Sun Blade server modules, as well as on SPARC-based servers. ILOM is a vital management tool in the data center and can be used to integrate with other data center management tools already installed on your systems.
ILOM is supported on many Oracle systems enabling users to experience a single, consistent, and standards-based service processor (SP) across all Oracle Sun server product lines. This means you will have:
- Single, consistent system management interfaces for operators
- Rich protocol and standards support
- Broadening third-party management support
- System management functions integrated into Oracle’s Sun servers at no extra cost
What Does ILOM Do?
ILOM enables you to actively manage and monitor the server independently of the operating system state, providing you with a reliable Lights Out Management (LOM) system. With ILOM, you can proactively:
- Learn about hardware errors and faults as they occur
- Remotely control the power state of your server
- View the graphical and non-graphical consoles for the host
- View the current status of sensors and indicators on the system
- Determine the hardware configuration of your system
- Receive generated alerts about system events in advance via IPMI PETs, SNMP traps, or email alerts.
The ILOM service processor (SP) runs its own embedded operating system and has a dedicated Ethernet port, which together provide out-of-band management capability. In addition, you can access ILOM from the server’s host operating system (Solaris, Linux, and Windows). Using ILOM, you can remotely manage your server as if you were using a locally attached keyboard, monitor, and mouse.
ILOM automatically initializes as soon as power is applied to your server. It provides a full-featured, browser-based web interface and has an equivalent command-line interface (CLI). There is also an industry-standard SNMP interface and IPMI interface.
You can easily integrate these management interfaces with other management tools and processes that you might have working already with your servers, such as Oracle Enterprise Ops Center. This easy-to-use system management platform for Solaris and Linux provides the tools that you need to efficiently manage systems on your network. Oracle Enterprise Ops Center can discover new and existing systems on your network, update firmware and BIOS configurations, provision the operating environment with off-the-shelf distributions or Solaris images, manage updates and configuration changes, and remotely control key aspects of the service processor such as boot control, power status, and indicator lights. For more information about Oracle Enterprise Ops Center, go to:
http://www.oracle.com/us/products/enterprise-manager/opscenter/index.html
In addition, you can integrate ILOM with these third-party management tools:
- Oracle Hardware Management Connector 1.2 for Altiris Deployment Solution
- BMC PATROL 6.9
- CA Unicenter Network and Systems Management (NSM)
- HP OpenView Operations for UNIX
- HP OpenView Operations for Windows
- HP Systems Insight Manager
- IBM Director
- IBM Tivoli Enterprise Console
- IBM Tivoli Monitoring (ITM)
- IBM Tivoli Netcool/OMNIbus
- IPMItool 1.8.10.3 for Microsoft Windows 2003
- Microsoft Operations Manager 2005
- Microsoft System Management
- Microsoft Systems Center Operations Manager 2007
- Sun Deployment Pack 1.0 for Microsoft System Center Configuration Manager 2007
- Sun Update Catalog for Microsoft System Center Configuration Manager 2007
- Sun IPMI System Management Driver for Server 2003 prior to R2
- Sun ILOM Common SNMP MIBs
- Service Processor Error Injector 1.0
A description of these third-party system management tools and their support for Oracle’s Sun systems is available at:
http://www.sun.com/system-management/tools.jsp
ILOM Features and Functionality
ILOM offers a full set of features, functions, and protocols that will help you monitor and manage your server systems.
TABLE 1-1 ILOM Features and Functionality
ILOM Feature
|
What You Can Do
|
Dedicated service processor and resources
|
- Manage the server without consuming system resources
- Continue to manage the server using standby power even when the server is powered-off
|
Simple ILOM initial configuration
|
- Manual SP configuration, including IP address, through BIOS interface, serial or Ethernet SP ports, or host OS
|
Downloadable firmware updates
|
- Download firmware updates via browser-based web interface
|
Remote hardware monitoring
|
- Monitor system status and event logs
- Monitor customer-replaceable units (CRUs) and field-replaceable units (FRUs), including power supplies, fans, host bus adapters (HBAs), disks, CPUs, memory, and motherboard
- Monitor environmentals (component temperatures)
- Monitor sensors, including voltage and power
- Monitor indicators (LEDs)
|
Hardware and FRU inventory and presence
|
- Identify installed CRUs and FRUs and their status
- Identify part numbers, versions, and product serial numbers
- Identify NIC card MAC addresses
|
Remote Access
|
- Redirect the system serial console via serial port and LAN
- Access keyboard, video, and mouse (KVM) on remote x86 systems and on some SPARC systems
- Redirect the OS graphical console to a remote client browser
- Connect a remote CD/DVD/floppy to the system for remote storage
|
System power control and monitoring
|
- Power the system on or off, either locally or remotely
- Force power-off for emergency shutdown or perform a graceful shutdown to shut down the host operating system before power off
|
Configuration and management of user accounts
|
- Configure local user accounts
- Authenticate user accounts using LDAP, LDAP/SSL, RADIUS, and Active Directory
|
Error and fault management
|
- Monitor system BIOS, POST, and sensor messages
- Log events in a consistent method for all “service” data
- Monitor hardware and system-related errors, as well as ECC memory errors, reported into SP logs, syslog, and remote log-host
|
System alerts, including SNMP traps, IPMI PETs, remote syslog, and email alerts
|
- Monitor components using industry-standard SNMP commands and the IPMItool utility.
|
New Features in ILOM 3.0
ILOM 3.0 is enhanced with many new features and functions that were not available in ILOM 2.x, including improved security, improved usability, and easier integration into your data center environment. TABLE 1-2 lists new features for ILOM 3.0.
TABLE 1-2 ILOM 3.0 New Features
Category
|
Feature
|
General Functionality
|
|
DNS support
|
|
Timezone support
|
|
Configuration backup and restore
|
|
Restore to factory defaults
|
|
Enhanced LDAP and LDAP/SSL support
|
|
Java-based remote storage CLI
|
|
Power management capabilities
|
|
Ability to generate new SSH keys
|
Scalability and Usability
|
|
User-configurable filtering of hardware monitoring information in CLI and web interface
|
|
Use host name to access other services by name, such as LDAP, Active Directory, LDAP/SSL
|
Security
|
|
More granular user roles
|
|
Predefined root and default accounts
|
|
User SSH key authentication
|
|
Ability to disable the network management port when you are using only the serial port
|
|
Ability to disable individual services, such as IPMI, SSH, and KVMS, so that the port is closed
|
Serviceability
|
|
Data collection utility to diagnose system problems
|
Roles for ILOM User Accounts
For ILOM 3.0, user roles are implemented to control user privileges. However, for backward compatibility, ILOM 2.x style user accounts (which have either Administrator or Operator privileges) are still supported.
For more information about ILOM 3.0 user roles, see ILOM 3.0 User Account Roles.
Support for ILOM 2.x User Accounts
For backward compatibility, ILOM 3.0 supports ILOM 2.x user accounts such that users with ILOM 2.x Administrator or Operator privileges are granted ILOM 3.0 roles that match those privileges. TABLE 1-3 lists the roles assigned to users with Administrator and Operator privileges.
TABLE 1-3 ILOM 3.0 Roles Granted to ILOM 2.x User Accounts
2.x User Privileges
|
ILOM 3.0 User Roles Granted
|
Administrator
|
Admin (a), User Management (u), Console (c), Reset and Host Control (r), and Read Only (o)
|
Operator
|
Console (c), Reset and Host Control (r), and Read Only (o)
Note - To make the level of authorization granted to users with Operator privileges consistent with 2.x capabilities, the Console (c) role granted in this case is modified to prohibit the user from accessing the ILOM Remote Console (JavaRConsole).
|
ILOM Interfaces
To access all of ILOM’s features and functions, you can choose to use a browser-based web interface, a command-line interface, or industry-standard protocols. For more information on ILOM interfaces, see the Overview chapters in the ILOM 3.0 Procedures Guides.
ILOM supports multiple interfaces for accessing its features and functions. You can choose to use a browser-based web interface, a command-line interface, or industry-standard protocols.
- Web interface - The web interface provides an easy-to-use browser interface that enables you to log in to the SP, then to perform system management, monitoring, and ILOM configuration tasks.
- Command-line interface (CLI) - The command-line interface enables you to operate ILOM using keyboard commands and adheres to industry-standard DMTF-style CLI and scripting protocols. ILOM supports SSH v2.0 and v3.0 for secure access to the CLI. Using the CLI, you can reuse existing scripts with Oracle Sun systems, and automate tasks using familiar interfaces.
- Remote Console - The ILOM Remote Console (JavaRConsole) enables you to access your x64 or SPARC server’s console remotely. It redirects the keyboard, mouse, and video screen, and can redirect input and output from the local machine’s CD and diskette drives.
- Intelligent Platform Management Interface (IPMI) - IPMI is an open, industry-standard interface that was designed for the management of server systems over a number of different types of networks. IPMI functionality includes field-replaceable unit (FRU) inventory reporting, system monitoring, logging of system events, system recovery (including system resets and power on and power off capabilities), and alerting.
For more information about using IPMI to monitor or manage your Oracle Sun system, see the Oracle Integrated Lights Out Manager (ILOM) 3.0 Management Protocols Reference Guide.
- WS-Management/CIM - As of version 3.0.8, ILOM supports the use of the Distributed Management Task Force (DMTF) Web Services for Management (WS-Management) protocol and Common Information Model (CIM). The support for these DMTF standards in ILOM enables developers to build and deploy network management applications to monitor and manage information about Oracle’s Sun system hardware.
For more information about WS-Management/CIM, see the Oracle Integrated Lights Out Manager (ILOM) 3.0 Management Protocols Reference Guide.
- Simple Network Management Protocol (SNMP) interface - ILOM also provides an SNMP v3.0 interface for third-party applications such as HP OpenView and IBM Tivoli. Some of the MIBs supported by ILOM 3.0 include:
- SUN-PLATFORM-MIB
- SUN-ILOM-CONTROL-MIB
- SUN-HW-TRAP-MIB
- SUN-ILOM-PET-MIB
- SNMP-FRAMEWORK-MIB (9RFC2271.txt)
- SNMP-MPD-MIB (RFC2572)
- System and SNMP groups from SNMPv2-MIB (RFC1907)
- entPhysicalTable from ENTITY-MIB (RFC2737)
For a complete list of SNMP MIBs supported and used by ILOM, see the Oracle Integrated Lights Out Manager (ILOM) 3.0 Management Protocols Reference Guide.
ILOM on the Server and CMM
ILOM supports two ways of managing a system: using the SP directly or using the chassis monitoring module (CMM), if you are using a modular chassis system.
- Using the service processor directly - Communicating directly with the rackmounted server SP or server module SP enables you to manage individual server operations. This approach might be useful when troubleshooting a server module or rackmounted server, or controlling access to specific servers in your data center.
- Using the chassis monitoring module - If you are using a modular chassis system, managing the system from the CMM enables you to use ILOM to set up and manage components throughout the entire modular chassis system, or to drill down to manage an individual server module.
Access and Initial Login to ILOM
You can access ILOM 3.0 from a browser interface or Secure Shell (SSH) client using either an IPv4 address, IPv6 address, or a DNS hostname. For detailed information on logging in to ILOM for the first time using the root user account, see the following guides:
- Oracle Integrated Lights Out Manager (ILOM) 3.0 Getting Started Guide
- Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide
- Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide
root and default User Accounts
ILOM 3.0 provides two preconfigured accounts: the root user account and the default user account. You will use the root account for initial login to ILOM. This root user account will be familiar to users who are migrating from ILOM 2.x to ILOM 3.0 and who know how to log in using the root user account. The default user account is a new feature in ILOM 3.0 that is used for password recovery.
root User Account
The root user account is persistent and is available on all interfaces (web interface, CLI, SSH, serial console, and IPMI) unless you choose to delete the root account. The root account provides built-in administrative privileges (read and write) for all ILOM features, functions, and commands.
To log in to ILOM, use the following root account user name and password:
User name: root
Password: changeme
To prevent unauthorized access to your system, you should change the root password (changeme) on each service processor (SP) or chassis monitoring module (CMM) installed in your system. Alternatively, you can delete the root account to secure access to your system. However, before you delete the root account, you must set up a new user account or configure a directory service so that you will be able to log in to ILOM.
default User Account
The default user account is used for password recovery. The default user account is available through the serial console only and you must prove physical presence at the server to use the default user account. The default user account cannot be changed or deleted.
If you delete the root account before you have configured another user account to log in to ILOM, you can use the default account as an alternative way to log in and re-create the root account. To re-create the root user account, use the normal ILOM user commands to create a new account. For information about how to create a user account, see the section about Add User Account and Assign Privileges in either the web interface or CLI section of the Oracle Integrated Lights Out Manager (ILOM) 3.0 Getting Started Guide.
For password recovery, use the following user name and password to log in using the default account:
User name: default
Password: defaultpassword
root Factory Default Password Warning Message
As of ILOM 3.0.6, when the root password in ILOM is set to the factory default, a warning will appear on the ILOM CLI and web interface.
For example:
- In the ILOM web interface, a warning link will appear in the page header. Placing your mouse over the link will display the warning message or clicking the warning link will display the warning message in a dialog.
- In the ILOM CLI, the following factory default warning message appears after logging in to ILOM.
System Banner Messages
As of ILOM 3.0.8, system administrators can create banner messages and display them on the Login page or immediately after logging in to ILOM.
Creating and displaying banner messages in ILOM is optional. However, system administrators can use this capability whenever there is a need to share information about system updates, system policies, or other important announcements. Examples of where (Login page or after login) the banner message appear in ILOM after they have been created are shown in FIGURE 1-1, FIGURE 1-2, and FIGURE 1-3.
For instructions on how to create the banner messages in ILOM, see the following guides:
- Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide
- Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide
FIGURE 1-1 Login Page - Connect Banner Example - Web Interface
FIGURE 1-2 After Logging In - Banner Message Example - Web Interface
FIGURE 1-3 Banner Message Example - CLI
Oracle Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide
|
820-6410-12
|
|
Copyright © 2010, Oracle and/or its affiliates. All rights reserved.