Slide 1

Oracle

<Insert Picture Here>

Slide 2

<Insert Picture Here>

WZD-SSX86-403: Sun X86 Servers Configuration,

Administration and Diagnostics Using ILOM 3.x

Welcome to the System Configuration, Administration and Diagnostics Using ILOM 3.x
module. Oracles Integrated Lights Out Manager (ILOM) is a vital data center
management tool that can be used to integrate with other data center management
tools already installed on your systems.

Slide 3

Additional Resources
For additional information, refer to the following resources:
Accessing service mode and escalation mode on ILOM 3.x and later platforms (Doc ID
1019946.1)
https://support.us.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=1019946.1&h=Y
Integrated Lights Out Manager (ILOM) CLI Quick Reference (Doc ID 1009715.1)
https://support.us.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=1009715.1&h=Y
Collecting snapshot on ILOM 3.x and later platforms (Doc ID 1020204.1)
https://support.us.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=1020204.1&h=Y
Oracle Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide
http://docs.sun.com/app/docs/doc/820-6410-12
Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide
http://docs.sun.com/app/docs/doc/820-6411-12
Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide
http://docs.sun.com/app/docs/doc/820-6412-12

Click here to download a PDF copy of this module.

2010 Oracle Corporation Proprietary and Confidential

For more information related to ILOM 3.x, you can refer to the list of resources
displayed on the screen.
You can also download a PDF copy of this module by clicking on the link provided at the
bottom of the slide.

Slide 4

Objectives
Upon completion of this module, you will be able to:
Perform configuration tasks using ILOM 3.x
Perform administration tasks using ILOM 3.x
Diagnose and troubleshoot the resident system using ILOM 3.x

2010 Oracle Corporation Proprietary and Confidential

ILOM provides advanced Service Processor (SP) hardware and software that you can
use to manage and monitor your Oracle Sun servers. ILOMs dedicated hardware and
software is preinstalled on a variety of Oracle Sun server platforms, including x86-based
Sun Fire servers, Sun Blade modular chassis systems, Sun Blade server modules, as
well as on SPARC-based servers. This cross-platform portability and compatibility
enables users to experience a single, consistent, and standards-based SP across all
Oracle Sun server product lines.
Upon completion of this module, you should be able to:
Perform configuration tasks using ILOM 3.x
Perform administration tasks using ILOM 3.x
Diagnose and troubleshoot the resident system using ILOM 3.x

Slide 5

Introduction
ILOM is a Sun-designed FRU daughtercard, which is a

standalone system with no dependencies on the OS.

The ILOM SP runs its own embedded OS and has a

dedicated serial and Ethernet port, which together

provide out-of-band management capabilities.
ILOM allows you to do the following:

Learn about hardware errors and faults as they occur

Control the power state of your computer node remotely
View the graphical and non-graphical consoles for the host
View the current status of sensors and indicators on the system
Determine the hardware configuration of your system
Receive generated alerts about system events in advance

ILOM is a Sun-designed Field Replaceable Unit (FRU) daughtercard on some systems

and integrated on the motherboard on the newer systems. It is a standalone system
with no dependencies on the OS. The ILOM SP runs its own embedded OS and has a
dedicated serial and Ethernet port, which together provides out-of-band management
capabilities. This attribute allows you to remotely manage your computer node as if you
were using a locally attached keyboard, monitor, and mouse.
More generally, ILOM allows you to do the following:
Learn about hardware errors and faults as they occur
Control the power state of your computer node remotely
View the graphical and non-graphical consoles for the host
View the current status of sensors and indicators on the system
Determine the hardware configuration of your system
Receive generated alerts about system events in advance via traps or e-mail alerts

Slide 6

ILOM 3.x Features

Category
General
functionality

Features
DNS support
Timezone support
Configuration backup and restore
Restore to factory defaults

Enhanced LDAP and LDAP/SSl support

Java-based remote storage CLI
Power management capabilities
Ability to generate new SSH keys
Scalability and
Usability

User-configurable filtering of hardware monitoring information in CLI and web interface

Security

More granular user roles

Use host name to access other services by name, such as LDAP, Active Directory, LDAP/SSL

Predefined root and default accounts

User SSH key authentication
Ability to disable the network management port when you are using only the serial port
Ability to disable individual services, such as IPMI, SSH, and KVMS, so that the port is closed
Serviceability

Data collection utility to diagnose system problems

2010 Oracle Corporation Proprietary and Confidential

ILOM 3.x is enhanced with many new features and functions that were not available in
ILOM 2.x, including improved security, improved usability, and easier integration into
your data center environment. The table lists the new features supported by ILOM 3.x.

Slide 7

ILOM 3.x Components

ILOM consists of four components:
ILOM SP hardware
ILOM SP firmware
Remote console application
Client-side SSH application

Architecturally, ILOM consists of four components:

ILOM SP hardware
ILOM SP firmware
Remote console application
Client-side Secure Shell (SSH) application
While the first three of these components reside on the host server, the last one resides
on the client system that accesses the host server.
For more information about each of these components, click on the link displayed on the
screen.

Slide 8

ILOM 3.x Interfaces

ILOM supports the following multiple interfaces for

accessing its features and functions:

Browser-based interface (webGUI)

Command-line interface (CLI)
Remote console
IPMI
SNMP

2010 Oracle Corporation Proprietary and Confidential

ILOM supports multiple interfaces for accessing its features and functions. You can
choose between a browser-based web interface (webGUI), a command-line interface
(CLI), remote console or industry-standard protocols, such as Intelligent Platform
Management Interface (IPMI) and Simple Network Management Protocol (SNMP).
The web interface provides an easy-to-use browser interface that enables you to log in
to the SP and perform system management, monitoring and IPMI tasks.
The command-line interface enables you to operate ILOM using keyboard commands
and adheres to industry-standard DMTF-style CLI and scripting protocols. ILOM
supports SSH for secure access to the CLI. Using the CLI, you can reuse existing
scripts with Sun systems, and automate tasks using familiar interfaces.
The ILOM Remote Console (JavaRConsole) enables you to access your x64 or SPARC
servers console remotely. It redirects the keyboard, mouse, and video screen, and can
redirect input and output from the local machines CD or CD images and diskette drives
or floppy images.
IPMI and the IPMItool utility enables you to manage and configure devices using a CLI
to retrieve information from the systems baseboard management controller (BMC).
With IPMItool, you can monitor the status of hardware components remotely, monitor
system logs, receive reports about replaceable components, and redirect the server
console.

The SNMP interface supported by ILOM is meant for third-party applications such as HP
OpenView and IBM Tivoli.

Slide 9

Configuring ILOM for Network Access (1/2)

Before you can interface with ILOM, you need to

connect with the ILOM SP.
There are two SP management ports for use with the
Oracle ILOM SP, the SER MGT and NET MGT port.

2010 Oracle Corporation Proprietary and Confidential

ILOM initializes automatically as soon as power is applied to your computer node. However, before you can interface with ILOM,
you need to connect to the ILOM through a serial port.
There are two SP management ports for use with the Oracle ILOM SP, the serial management (SER MGT) port and the network
management (NET MGT) port. Note that the NET MGT is also called the ILOM port.
The SER MGMT port uses an RJ-45 cable and is always available. This port is the default connection to the SP. The serial

connection helps you perform initial configuration of ILOM. The NET MGT connection, on the other hand allows
you to access the full range of ILOM functionality such as the ILOM CLI, webGUI and IPMI. However, before you
can initiate these connections, you should have already completed the hardware setup of the server and applied
standby power to it.
The following steps help configure the SER MGMT port:

Establish a serial connection to the SP of a computer node by inserting a Category 5 cable from the SER MGT port to the
terminal device.

Next, configure the terminal or terminal emulator with the below settings.

8N1: Eight data bit, no parity, one stop bit

9600 Baud

Disable hardware control

Disable software control

Now, when AC power is connected to the system, the SP powers on, runs diagnostics, and initializes the ILOM firmware. After
a few minutes, the SP login prompt
appears on the terminal device. At the login prompt, enter root as the user name, and the default password changeme.

From your present working directory, use the cd command to move to the /SP/network directory.

Run the following commands at the command prompt:

set pendingipdiscovery=static
set pendingipaddress=<ip_address>
set pendingipnetmask=<ip_netmask>
set pendingipgateway=<ip_gateway>
set pendingmanagementport=/SYS/MB/NET0
set commitpending=true

Finally, test the configuration by connecting to the NET MGT port by pinging with the
new IP address and you should get a response.

Slide 10

Configuring ILOM for Network Access (2/2)

The NET MGT port provides optional connection to the SP

The NET MGT port can be activated by assigning either a
static IP address or DHCP one.

2010 Oracle Corporation Proprietary and Confidential

Note that the NET MGT port provides an optional connection to the SP, which becomes
available after you configure network settings for the SP through the SER MGMT
port. So, once you have serial access to ILOM, the NET MGT port can be
configured.
The NET MGT port can be activated by assigning either a static IP address or a
dynamic one through Domain Host Configuration Protocol (DHCP). The SP NET
MGT port is configured by default to retrieve network settings with Dynamic Host
Configuration Protocol (DHCP) and allow connections using Solaris Secure Shell
(SSH). However, assuming you do not want the default DHCP setting, you can set a
static IP address.
The following steps help configure the NET MGMT port:
Connect a Category 5 cable from the NET MGT port on the rear of the node to the
network switch or hub.
Next, configure the terminal or terminal emulator with the below settings.

8N1: Eight data bit, no parity, one stop bit

9600 Baud

Disable hardware control

Disable software control

At the login prompt, enter root as the user name, and changeme as the password.
From your present working directory, use the cd command to move to the
/SP/network directory.
Run the following commands at the command prompt:

set
set
set
set
set
set

pendingipdiscovery=static
pendingipaddress=<ip_address>
pendingipnetmask=<ip_netmask>
pendingipgateway=<ip_gateway>
pendingmanagementport=/SYS/MB/NET0
commitpending=true

Notice that you are not only setting the NET MGT ports IP address, but also configuring
the gateways IP address and the netmask of the network you are connected to.

Slide 11

Logging into ILOM 3.x

2010 Oracle Corporation Proprietary and Confidential

You can now access ILOM through the just configured NET MGT port using a web link
with the IP address you just established from a remote hosts browser. This link will
open a login window where you can enter the default root account name and its
current password, which by default is changeme unless it has been changed for
security reasons.
You can also use the CLI to access ILOM. Start your SSH client, such as PuTTY. In the
Host Name or IP address field, enter the just configured IP address. Ensure that
SSH is chosen as the Connection Type. Type the default user name, root and the
password, changeme when prompted. The CLI command prompt is displayed.

Slide 12

Launching the ILOM Remote Console

The remote console application allows you to control

your servers OS remotely.

The ILOM ships with the remote console application

pre-installed.
All you need to launch the ILOM remote console is a
compatible web browser and JRE 1.5 to operate the
remote console application.
You can also use the CLI to launch redirection and
redirect storage.

The remote console application, a graphic interface, allows you to control your servers
OS remotely, using the screen, mouse, and keyboard, and to redirect local CD and
diskette drives as if they were connected directly to the server. The screen, mouse,
and keyboard functionality allows you to use the OS and other GUI-based programs,
instead of restricting you to the command-line-based utilities provided by terminals
and emulators. The ability to redirect CD and diskette drives allows you to download
and upload software to and from the server as if you were accessing its own CD and
diskette drives.
The ILOM ships with the remote console application pre-installed. Therefore, you do not
need to install any software on the host system or the server. Also, you do not need
to install any OS-specific drivers or helper applications on client systems to run the
remote console application. All you need is a compatible web browser and JRE 1.5 to
operate the remote console application. When the SP network is set up, the remote
console is already configured.
To view how to launch the ILOM remote console, click on the link displayed on the
screen.

Slide 13

PROPERTIES
On passing, 'Finish' button:
On failing, 'Finish' button:
Allow user to leave quiz:
User may view slides after quiz:
User may attempt quiz:

Goes to Next Slide

Goes to Next Slide
At any time
At any time
Unlimited times

Slide 14

Creating and Modifying User Accounts

(1/2)
The root account is set by default and cannot be removed.
Apart from that you can configure 8 additional accounts.
Each user account consists of a user name, a password,

and a role. The roles include the following:

Administrator
Operator

The ILOM includes a user account called sunservice, which shares the ILOM root password in ILOM 2.x. Normally, it is used
exclusively by Oracle Service personnel. However, it can also be used to perform recovery procedures documented in the product
notes. Incorrect use of this account can corrupt the SP image or operations.

The root account in ILOM is set by default and cannot be removed. Apart from that you
can configure 8 additional accounts. Each user account consists of a user name, a
password, and a role. The roles include the administrator and the operator. While the
administrator role enables access to all ILOM features, functions, and commands, the
operator role allows limited access to ILOM features, functions, and commands. In
general, operators cannot change configuration settings. Also, operators cannot do
the following:

View or change LDAP settings

View or change RADIUS settings
Add or remove users
Change network settings (view only)
Change Network Time Protocol (NTP) settings (view only)
Change SNMP settings (view only)
Change HTTP settings (view only)

Caution: The ILOM includes a user account called sunservice, which shares the ILOM
root password in ILOM 2.x. Normally, it is used exclusively by Oracle Service
personnel. However, it can also be used to perform recovery procedures documented
in the product notes. Incorrect use of this account can corrupt the SP image or
operations.

Slide 15

Creating and Modifying User Accounts

(2/2)
User accounts can be created, modified and deleted

using both the CLI and WebGUI.

Only accounts with administrator privileges are

allowed to add, modify or delete user accounts.

However, operators can modify their own password.

User accounts can be created and modified using both the CLI and WebGUI. To view
how to how to add, modify and delete user accounts using the CLI or WebGUI, click
on the respective links displayed on the screen.
Note that only accounts with administrator privileges are allowed to add, modify, or
delete user accounts. However, operators can modify their own password.

Slide 16

Administering the Server Using ILOM 3.x

Administering a server using ILOM 3.0 involves a range

of activities.
Some of these activities involve the following:
Starting the SP console
To start: start /SP/console
To stop: Type Esc (

Setting the system clock

Configuring and enabling SSH
Saving and restoring the ILOM configuration

Administering a server using ILOM 3.x could involve a range of activities. For the
purpose of sampling some of these activities, we will go through a few tasks such as
starting the SP console, setting the system clock, configuring and enabling SSH and
also saving and restoring the ILOM configuration.
While starting the SP console is as simple as just issuing the start /SP/console
command, the other activities listed on the screen are a few steps away. For additional
information about any of the activities listed, click on the respective links.

Slide 17

Upgrading the ILOM Firmware

The following steps help upgrade to a new firmware:
1.Log in to the ILOM SP CLI or the CMM CLI.
2.Load the ILOM firmware image using the load command.
3.Type y to confirm loading.
4.Type y to save your existing ILOM configuration.

2010 Oracle Corporation Proprietary and Confidential

The firmware upgrade is performed by a script running on the management controller. The script accesses a web
server hosting a directory that contains the firmware upgrade. The firmware is provided as a compressed .tar file.
The file name contains the version number and is in the SUN_DCS_nm2_version.tar.gz format. Within the .tar
file are the upgrade script and necessary .rpm packages in a smaller .tar file.
The following steps help upgrade to a new firmware:

Log in to the ILOM SP CLI or the CMM CLI. Verify that you have network connectivity to update the
firmware by using the show /SP/network or show /CMM/network command.
Next, assuming you have already acquired the required firmware, load the ILOM firmware image
using the following command:
load -source <supported_protocol>://<server_ip>/<path_to_firmware_image>/<filename.xxx>
You will be prompted to confirm the loading. Type y for yes or n for no.
Next, you will be prompted for preserving the configuration. Type y to save your existing ILOM
configuration and to restore that configuration when the update process completes.

This completes the firmware updating operation. You can verify the new firmware version using the version
command after re-logging in to the ILOM SP or CMM.
Note: If during the firmware update process, a network failure occurs, ILOM will automatically time-out and reboot the
system.

Slide 18

PROPERTIES
On passing, 'Finish' button:
On failing, 'Finish' button:
Allow user to leave quiz:
User may view slides after quiz:
User may attempt quiz:

Goes to Next Slide

Goes to Next Slide
At any time
At any time
Unlimited times

Slide 19

Monitoring System Information

ILOM allows system monitoring using GUI and CLI:
Sensor readings
Indicators
Event logs

Click here to view the components you can navigate to and monitor.
2010 Oracle Corporation Proprietary and Confidential

In the event of diagnosing and troubleshooting issues, checking the system information could provide
useful clues. ILOM supports both the webGUI and CLI options to monitor systems. The webGUI provides
three options under the System Monitoring tab: Sensor Readings, Indicators and Event Logs.
The Sensor Readings option allows you to view the name, type and readings for system sensors, such as
fans.
The Indicators options allows you to manage the System Locator LEDs and view the name and status of
other LEDs from this page. The page shows both front-panel and internal LEDs. You can further modify
an indicator by selecting the radio button next to the indicator and selecting an option from the Action
drop down list.
The Event Log option displays information such as the ID, class, type, severity, date and time, and
description of every event for the SP.
If you wish to use the ILOM CLI prompt, navigate to the /SYS namespace. Next use the cd command to
navigate to the component concerned followed by the show command to display the relevant details of
the component.
For a list of components that you can navigate to and extract information, click on the link displayed on
the screen.

Slide 20

Troubleshooting With Diagnostics

ILOM supports various diagnostic tools and utilities:
Pc-Check
Fault Management
Alert Management
Snapshot

You require the Reset and Host Control (r) role enabled to configure and run diagnostics.

2010 Oracle Corporation Proprietary and Confidential

After the initial round of vetting through system information, the next degree of
diagnosing and troubleshooting would be to deploy the diagnostics tools and utilities.
ILOM 3.x provides a comprehensive suite of diagnostic capabilities through utilities such
as Pc-Check, fault management, alert management and snapshot.
Note: You require the Reset and Host Control (r) role enabled to configure and run
diagnostics.

Slide 21

Diagnostics: Pc-Check
PC-Check is independent of the OS.
Since ILOM 2.0, Pc-Check has been integrated into the

SP firmware enabling an on-site and on-system

diagnostic solution for your server.
Pc-Check is designed to detect and test all motherboard
components, ports, and slots.
Pc-Check can be activated both from the webGUI
and CLI.

2010 Oracle Corporation Proprietary and Confidential

Pc-Check is independent of the OS and therefore does not require a significant amount
of systems operations to diagnose problems. Since ILOM 2.0, Pc-Check has been
integrated into the SP firmware enabling an on-site and on-system diagnostic solution
for the server. The utility is designed to detect and test all motherboard components,
ports, and slots.
Pc-Check can be activated both from the webGUI and CLI. To learn more about it, click
on the respective links displayed on the screen.

Slide 22

Diagnostics: Fault Management

Fault Management is an ILOM capability that diagnoses

faults as they occur, where faults are defined as system

component failures or chassis problems.
There are three types of faults:
Self-correcting
Correctable
Uncorrectable

2010 Oracle Corporation Proprietary and Confidential

Fault Management is an ILOM capability that diagnoses faults as they occur, where
faults are defined as system component failures or chassis problems.
For more information on component failures and chassis problems, click on the link
displayed on the screen.
Note that there are three types of faults:
Self-correcting
Correctable
Uncorrectable.
When correctable and uncorrectable faults occur, the fault management utility does the
following:
Turns on the server nodes front-panel Service Action Required LED.
Turns on subsystem-specific Service LEDs (CPU, DIMMs) when applicable.
Creates an entry in the ILOMs Fault Management list.
Creates an entry in the ILOM System Event Log.

Slide 23

Diagnostics: Alert Management

Alerts provide advance warning of possible system failures.
ILOM automatically polls the sensors and posts any

events breaching a threshold to an ILOM event log, and

also generates alert message(s) to one or more customerspecified alert destinations.
ILOM supports both the webGUI and CLI to configure up
to 15 alert rules.

ILOM tags all events or actions with LocalTime=GMT (or UTC). Browser clients show these events in
LocalTime. This can cause apparent discrepancies in the event log. When an event occurs in ILOM, the
event log shows it in UTC, but a client would show it in LocalTime.

2010 Oracle Corporation Proprietary and Confidential

Alerts provide advance warning of possible system failures. The server platform is
equipped with a number of sensors that measure voltages, temperatures, and other
service-related attributes about the system. ILOM automatically polls these sensors and
posts any events crossing a threshold to a ILOM event log, and also generates alert
message(s) to one or more customer-specified alert destinations.
ILOM supports both the webGUI and CLI to configure up to 15 alert rules. To view how
to configure these alerts in either interface, click on the respective links.
Caution: ILOM tags all events or actions with LocalTime=GMT (or UTC). Browser
clients show these events in LocalTime. This can cause apparent discrepancies in the
event log. When an event occurs in ILOM, the event log shows it in UTC, but a client
would show it in LocalTime.

Slide 24

Diagnostics: Snapshot
Snapshot collects log files and command outputs.
The collected data is then sent as a downloaded file to a

user-defined location.
Snapshot can be run in both interfaces, webGUI and CLI.

2010 Oracle Corporation Proprietary and Confidential

Snapshot is a relatively new feature provided within ILOM that gathers SP state data for
use by Oracle services personnel to diagnose problems. The utility collects log files and
command outputs. The collected data is then sent as a downloaded file to a userdefined location.
Snapshot can be run in both interfaces, webGUI and CLI. To view how to generate
snapshots in the webGUI, click on the link displayed on the screen. In the CLI, you need
to run the following commands:
-> set /SP/diag/snapshot/dataset=data
-> set /SP/diag/snapshot/dump_uri=URI
A screen grab of the commands is displayed on the screen.

Slide 25

Escalation Password
Escalation mode is available for Oracle qualified service

personnel to troubleshoot and fix server problems.

Escalation mode can be activated through an escalation

for a 48 hour period.

Once the escalation mode is activated, the engineer can
get through to the service mode and perform the required
activities using the servicetool utility.
Click here to view how to acquire the escalation
password and reprogram the serial number

2010 Oracle Corporation Proprietary and Confidential

Consider a troubleshooting situation. An engineer might be required to change the

chassis serial number when the system motherboard is replaced.
ILOM 3.x provides an escalation mode that is available for Oracle qualified service
personnel to troubleshoot or reprogram system information. Escalation mode can be
activated through an escalation for a 48 hour period. Once activated, the engineer can
get through to the service mode and perform the required activities using the servicetool
utility.
To view how to acquire the escalation password and reprogram the serial number, click
on the link displayed on the screen.

Slide 26

PROPERTIES
On passing, 'Finish' button:
On failing, 'Finish' button:
Allow user to leave quiz:
User may view slides after quiz:
User may attempt quiz:

Goes to Next Slide

Goes to Next Slide
At any time
At any time
Unlimited times

Slide 27

Summary
In

this module, you were able to:

Perform configuration tasks using ILOM 3.x
Perform administration tasks using ILOM 3.x
Diagnose and troubleshoot the resident system using ILOM 3.x

2007 Oracle Corporation Proprietary and Confidential

In this module, you were able to:

Perform configuration tasks using ILOM 3.x
Perform administration tasks using ILOM 3.x
Diagnose and troubleshoot the resident system using ILOM 3.x

Slide 28

Oracle is the Information Company

Slide 29

Oracle