Managing TPM and LDom States on SPARC Servers
|
Topics
|
Description
|
Links
|
Control the TPM state on a SPARC server
|
|
Manage Logical Domain (LDom) configurations on SPARC servers
|
|
Related Topics
|
|
|
For ILOM
|
Chapter or Section
|
Guide
|
|
- Remote Host Management Options
|
Oracle Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide (820-6410)
|
|
- Managing TPM and LDom States on SPARC Servers
|
Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide (820-6411)
|
The ILOM 3.0 Documentation Collection is available at: http://docs.sun.com/app/docs/prod/int.lights.mgr30#hic.
|
Controlling the TPM State on a SPARC Server
Topics
|
Description
|
Links
|
Platform Feature Support
|
Review the prerequisites
|
|
|
Control the TPM state on a SPARC server.
|
|
Before You Begin
- The Trusted Platform Module (TPM) feature in ILOM is available for SPARC servers only.
- The SPARC server should be running a version of the Oracle Solaris operating system that supports TPM.
For more information about configuring TPM support in Solaris, see the Solaris documentation or the platform documentation shipped with your server.
- You must be using ILOM 3.0.8 or a later version on the SPARC server SP.
- You need to have the Reset and Host Control (r) user account to modify the TPM settings in ILOM.
Control TPM State on a SPARC Server
|
1. Log in to the ILOM SP CLI.
2. Use the show command to display the TPM target, properties, and commands.
For example:
-> show /HOST/tpm
/HOST/tpm
Targets:
Properties:
activate = false
enable = false
forceclear = false
Commands:
cd
set
show
->
|
3. Use the help command to view details about the TPM target and properties.
For example:
-> help /HOST/tpm
/HOST/tpm : Host TPM (Trusted Platform Module) Knobs
Targets:
Properties:
activate : TPM Activate Property. If set to TRUE, then TPM will be activated if the 'enable' property is also set to TRUE.
activate : Possible values = true, false
activate : User role required for set = r
enable : TPM Enable Property. If not enabled, then TPM configuration changes can not be made.
enable : Possible values = true, false
enable : User role required for set = r
forceclear : TPM Forceclear Property. If set to TRUE, then TPM state will be purged on the next power on event if and only if the 'enable' property is set to TRUE.
forceclear : Possible values = true, false
forceclear : User role required for set = r
|
4. Use the set command to specify the TPM property values.
For example:
set [target] <property>=<value> [<property>=<value>]
- At the prompt, you would type the TPM target and one or more property values as follows:
-> set /host/tpm property=value
-> set /host/tpm property=value property=value
Where property and value can be any of the following parameters specified in the following table:
Property
|
Values
|
Example
|
enable
|
Accepts true or false.
Note - The default value for enable is false.
|
To enable the TPM state, you would type:
-> set /HOST/tpm enable=true
Note - To apply the enabled TPM state on the SPARC server the next time the server powers on, you must activate it. For more details, see activate property.
|
activate
|
Accepts true or false.
Note - The default value for activate is false.
|
To enable the TPM state and activate this enabled state on the SPARC server the next time the server powers on, you would type:
-> set /HOST/tpm enable=true activate=true
|
forceclear
|
Accepts true or false.
Note - The default value for forceclear is false.
|
To purge (disable) an enabled TPM state on the SPARC server the next time the server powers on, you would type:
-> set /HOST/tpm forceclear=true
Note - forceclear will only set to true, if enable and activate are also set to true.
|
Managing LDom Configurations on SPARC Servers
Topics
|
Description
|
Links
|
Platform Feature Support
|
Review the prerequisites
|
|
|
View and manage ILOM settings for stored LDom configurations.
|
|
Before You Begin
To view and manage the ILOM settings for stored Logical Domain (LDom) configurations, the following requirements must be met:
- You must access ILOM on a SPARC server that has the appropriate ILOM point release firmware installed (see Note below).
Note - ILOM 3.0.12 or later is required to view the LDom targets and properties from a SPARC T3 Series server. ILOM 2.0.0 or later is required to: (1) specify which LDom configuration is used on the host SPARC server, and (2) to manage the boot property values for the control domain from the host SPARC server.
|
- You must have the Oracle VM Server for SPARC (Logical Domains Manager) 2.0 or later software installed on your host SPARC server.
- The host SPARC server must have saved LDom configurations. For instructions on how to create and save LDom configurations on a host SPARC server, see the Logical Domains 1.3 Administration Guide (821-0406).
- You must have Remote Host Reset and Host Control (r) privileges in ILOM to set the:
- LDom bootmode target
- The bootmode property values for the primary or guests domain
View Targets and Properties for Stored LDom Configurations on SPARC T3 Series Server
|
To view the CLI targets and properties for saved LDom configurations on SPARC T3 Series server, follow these steps:
1. Log in to the ILOM CLI on a SPARC T3 Series server.
2. To view the names of saved LDom host configurations, type:
-> show /HOST/domain/configs
3. To view the property values for the creation date of the saved LDom configuration and the number of domains configured in the saved LDom configuration, you would type:
-> show /HOST/domain/configs/<name_of_stored_ configuration>
For example, the following example shows a sample CLI output for viewing the property values associated with a fictitious stored LDom configuration named ONEDOMAIN.
-> show
/HOST/domain/configs
Targets:
trimmed
ONEDOMAIN
Properties:
Commands:
cd
show
-> show ONEDOMAIN
/HOST/domain/configs/ONEDOMAIN
Targets:
Properties:
date_created = 2010-08-17 17:09:34
domains = 1
Commands:
cd
show
|
Note - ILOM stores the read-only properties in non-volatile memory and updates them each time an LDom configuration in LDom Manager is updated
|
Specify Host Power to a Stored LDom Configuration
|
To specify which stored LDom configuration is used when the host server is powered-on, follow these steps:
1. Log in to the ILOM CLI on a SPARC server.
2. Use the cd command to navigate to the /Host/bootmode target, then use the set config= command to specify the name of the stored LDom configuration.
For example:
The following example shows a sample CLI output for setting a fictitious stored LDom configuration named ONEDOMAIN as the bootmode target.
-> cd /HOST/bootmode
/HOST/bootmode
-> set config=ONEDOMAIN
Set ’config’ to ’ONEDOMAIN’
|
Note that changes made to the LDom configuration bootmode properties will take effect on the next host server reset or power-on.
Enable or Disable the Control Domain Property Values
|
To enable or disable the LDom Control Domain boot property values in ILOM, follow these steps:
1. Log in to the ILOM CLI on a SPARC server.
2. Use the cd command to navigate to the /Host/domain/control target, then use the ls command to view the auto-boot properties for the host control domain and guest domains.
For example:
-> cd /HOST/domain/control
-> ls
/HOST/domain/control
Targets:
Properties:
auto-boot = enabled
boot_guests = enabled
Commands:
cd
reset
set
show
|
3. Use the set command to specify the following auto-boot and boot-guests property values:
Property
|
Set Property Value
|
Description
|
auto-boot
|
set auto-boot=<value>
|
Type the set auto-boot= command followed by one of the following property values:
- enabled (default). Enabling the auto-boot property value will automatically reboot the control domain after the next power-on or reset.
- disabled. Disabling the auto-boot property value on the control domain will prevent automatic reboots and stop the control domain at the OpenBoot ok prompt after the next power-on or reset.
|
boot_guests
|
set boot_guests=<value>
|
Type the set boot_guests= command followed by one of the following property values:
- enabled (default). Enabling the boot_guests property enables the guest domain to boot after the next power-on or reset.
- disabled. Disabling the boot_guests property value for the guest domains will prevent the guest domains from booting after the next power-on or reset.
|
Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide
|
820-6412-12
|
|
Copyright © 2010, Oracle and/or its affiliates. All rights reserved.