Sei sulla pagina 1di 499

CONTENTS

1 HPE and the Future of Compute


Prelearning check
Activity: Navigating the HPE Certification and Learning Portal
Learning check
HPE Data Center Infrastructure Group
Demand for data center infrastructure is growing
The market is changing profoundly and innovation is required
Innovation to help customers progress toward the future
The HPE strategy is to build specialized solutions for target customer segments
Innovation to address evolving consumption patterns
Activity: Navigating the DCIG portfolio at the HPE website
Learning check
The Idea Economy
The Idea Economy creates disruptive waves of new demands and opportunities
Faster application development enables accelerated innovation
Long time to value is costly
Activity: Introducing customer scenario: Alpha Centauri Drones Company
Learning check
Applications and data fuel the digital enterprise
HPE Transformation Solutions
Accelerating time to value
Hybrid IT
Learning check
Composable Infrastructure
Why is Composable Infrastructure important?
Infrastructure category powering the Idea Economy
Moving to Composable Infrastructure
The way infrastructure should work
Deployment comparison
Change the approach
Optimizing the infrastructure for apps
What is Composable Infrastructure?
Learning check
HPE Gen10 servers
Introducing a new generation compute experience from HPE
Activity: Top 5 HPE Gen10 Innovations CTOs (Chief Technology Officers) must see
Learning check
HPE position and market share
HPE’s data center architecture and partner ecosystem
SMB
Enterprise servers
Mission-critical computing
HPC
Selecting an HPE server platform
HPE server market share
Learning check
HPE Pointnext
HPE Pointnext: Portfolio
Advisory & Transformation Services
Professional Services
Operational Services
Hewlett Packard Enterprise
Activity: Unboxing Your Next with HPE Pointnext
Learning check
Summary
2 Security: Why Customers Should Pay Attention
Prelearning check
Understanding security risks
Cyber attacks are becoming more sophisticated
Do not be in the headlines!
Happening more often than you might think
Cyber security
Learning check
Gen10 servers—Addressing security concerns
New protection for the entire digital enterprise
A new experience in server security and protection
A new experience in accelerating compliance
HPE Secure Server options for Gen10
Gen10 Trusted Platform Module support
HPE iLO 5
HPE NIST 800-53 Infrastructure
Security technologies and procedures are a major focus of Gen10
Learning check
Security: Login to iLO
Changing the security mode
Other iLO security features
Learning check
Secure start
UEFI Secure Boot
Learning check
Security: During normal operation
Optional server intrusion detection
Secure recovery
iLO 5 runtime scan
HPE Smart Array Secure Encryption
Secure decommissioning
Learning check
Security: Maintain firmware health
Learning check
How to enable enhanced security in Gen10
Unmatched security
Lab exercise
Activity: Security threats and possible solutions: Alpha Centauri Drones Company
Learning check
Summary
3 HPE Converged Management: On System
Prelearning check
HPE Converged Management
Server management
Learning check
Unified Extensible Firmware Interface (UEFI)
UEFI benefits
UEFI System Utilities
UEFI System Utilities GUI
UEFI Shell management environment
BIOS/Platform Configuration screen
Smart Array preboot configuration
Activity: Performing basic shell operations in UEFI
Activity debrief
Learning check
HPE iLO
HPE iLO management technologies
iLO 5 focus
Connecting to iLO
iLO Configuration Utility
Firmware update technology
Direct connection to HPE Support Center
Email alerting
iLO Federation
New iLO Service Port
iLO Server Health Summary
Learning check
HPE RESTful API
REST communication
Addressing challenges by using the HPE RESTful API
HPE RESTful API for iLO
HPE RESTful Interface Tool
Activity: iLO RESTful API Explorer
Activity debrief
Learning check
Other HPE scripting tools
Industry-standard Redfish
Learning check
HPE Intelligent Provisioning
Accessing Intelligent Provisioning
Intelligent Provisioning setup
Intelligent Provisioning—Installing the operating system
Perform Maintenance
Postinstallation tasks
Learning check
HPE Smart Storage Administrator
SSA home page
SSA Controller actions screen
SSA Configure screen
SSA Diagnostics screen
SSA Array Details screen
Creating a logical drive
Learning check
HPE Smart Update solution
Smart Update
HPE Smart Update Manager
HPE SUM and iLO Federation
HPE Service Pack for ProLiant
iLO Repository
Server update frequency
SPP custom download
Activity: HPE Management and benefits for the customer
HPE BladeSystem
Onboard Administrator
Using the OA GUI interface
Using the OA CLI interface
Insight Display
Learning check
Summary
4 HPE Converged Management: On-Premises and On-Cloud
Prelearning check
HPE server management
HPE Converged Management
iLO, iLO Amplifier Pack, and HPE OneView
Maintaining the infrastructure through remote support
Reducing time to resolution with HPE support
On-cloud management with HPE Insight Online
Insight Online
Getting started with Insight Online and Insight Remote Support
Registering for remote support
Insight Online: My IT Environment (customer view)
Insight Online: My Customer (partner view)
Learning check
Introducing iLO Amplifier Pack
Get more out of iLO Advanced license
iLO Amplifier Pack feature segmentation
Learning check
HPE ICsp
Learning check
On-premises management with HPE OneView
HPE OneView
HPE OneView—Automation engine
Synergy Composer and VM appliance
Consumer-inspired user experience
OneView Tutorial and Guided Setup
Health monitoring
Server profile
Server profile templates
HPE OneView storage management
HPE OneView network management with HPE Virtual Connect
Enclosure and frame management
Change management with driver and firmware updates
Inventorying power and physical infrastructure
Selecting a management solution
Learning check
Summary
5 HPE Server Technologies
Prelearning check
ProLiant Gen10 features
Strategic focus areas for relevant and differentiating innovations
Gen10 servers—Security
Gen10 servers—Productivity
Gen10 servers—Velocity
Gen10 servers—Efficiency
Gen10 servers—Flexibility
Gen10 servers—Simplicity
ProLiant Gen10 subsystems
ProLiant Gen9 features
Learning check
Intel® Xeon® processor scalable family
Intel® Tick-Tock development model
Intel® platform (Skylake/Platform Controller Hub) features
Intel® Processor for the 300/500 series
Gen10 new socket design
Intel® Xeon® Processor Scalable Family—New brand
Select the Intel® Xeon® processor
Learning check
Efficiency
HPE Intelligent System Tuning
Increased performance delivered through iLO Advanced
Intelligent System Tuning—Processor Jitter Control
Sources of jitter within the processor
What is jitter?
Jitter smoothing—Processor Jitter Control
Workload profiles
Core Boosting: Performance and TCO illustration
HPE Intelligent System Tuning—Requirements
Learning check
HPE ProLiant servers: Storage features
Customer storage challenges
Implementing storage
Drive array basics
RAID levels
Memory/Storage hierarchy
Storage tiering on HPE ProLiant servers—With Persistent Memory
Selecting storage components
HPE server storage portfolio
Smart Array Controllers: Gen9 vs. Gen10
Gen10 Mixed Smart Array
RAID configuration through UEFI—Overview
HPE Smart Storage Administrator
HPE SmartCache
HPE Smart Storage Battery
HPE Smart Array SR Secure Encryption
HPE SSD Smart Path
Ultra-fast HPE Persistent Memory at speed of compute
HPE Scalable Persistent Memory
BIOS/Platform Configuration (RBSU)
Activity: HPE Persistent Memory
Activity debrief
Activity: Cost and performance benefits of deploying MS SQL on Persistent Memory
Activity: Choosing a storage technology to fit a workload
Customer profile
Questions
Activity debrief
Learning check
Memory for ProLiant servers
Comparing RDIMMs and LRDIMMs
DDR4 SmartMemory
Gen9 vs. Gen10 memory
Learning check
Networking features of ProLiant servers
Advanced networking technologies in ProLiant servers and use cases
What is RDMA?
Activity: RoCE design guide
What are overlay networks?
Boost server efficiency for overlay networking
HPE Virtual Connect and flex adapter hardware
Secure networking flexibility at the speed of compute
Learning check
HPE rack and power
G2 rack product portfolio
G2 Power Distribution product portfolio
HPE Uninterruptible Power Systems
HPE ProLiant power supplies
Power and cooling features of ProLiant servers
Increasing availability through power protection
Elevated temperature support
Activity: Benefits of HPE racks and PDUs: Alpha Centauri Drones Company
Learning check
Summary
6 HPE Rack and Tower Server Solutions
Prelearning check
HPE ProLiant Gen10 rack and tower servers
HPE rack servers: Picking the right platform
Activity: Alpha Centauri Drone Company
HPE Gen10 servers—Relevant and differentiating innovations
HPE ProLiant DL360 Gen10 Server
HPE ProLiant DL380 Gen10 Server
HPE ProLiant DL560 Gen10 Server
HPE ProLiant DL580 Gen10 Server
HPE ProLiant DL385 Gen10 Server
HPE ProLiant MicroServer
HPE ProLiant ML350 Gen10 Server
Gen10 servers—Relevant and differentiating innovation
HPE ProLiant Gen10 workload-based positioning
Selecting a Gen10 DL server
Activity: Case study: Choosing a rack server
Customer scenario
Learning check
Using HPE QuickSpecs
Learning check
Reference Architectures
Aligning RAs with business outcomes
Two core deliverables: Reference Configurations and Reference Architectures
How do today’s IT customers buy—Buyer’s journey
Learning check
Summary
7 HPE BladeSystem Server Solutions
Prelearning check
The path to Composable Infrastructure
Transforming business economics by accelerating service delivery
End-to-end performance for hybrid IT
Learning check
HPE BladeSystem solutions in the compute era
HPE BladeSystem enclosure
The ProLiant BL server portfolio
Learning check
Building a BladeSystem solution
Steps to building a BladeSystem
Step 1: Select the operating environment
Activity: Verify operating system support
Step 2: Select the BladeSystem enclosure and power infrastructure
Select the power and cooling options
Step 3: Select the interconnects and adapters
Virtual Connect
Key components of Virtual Connect solutions
Other interconnect options
Active optical cables
Step 4: Select the blades
ProLiant server blade family—BL400 series
ProLiant server blade family—BL600 series
HPE storage blades and Direct Connect SAS Storage
HPE Ultrium tape blades
HPE BladeSystem PCI Expansion Blade
HPE ProLiant WS460c Gen9 Graphics Server Blade
Select mezzanine cards
Step 5: Select the storage infrastructure
Converged and collapsed infrastructure with Flat SAN
Step 6: Select the infrastructure management
Onboard Administrator
Insight Display
Converged management with HPE OneView
Insight Online
Step 7: Select the services
Activity: Introducing customer scenario
Learning check
Summary
8 HPE Density-Optimized Solutions
Prelearning check
HPC is key to continued business success
HPE purpose-built portfolio for HPC
Learning check
The data landscape is changing radically
Yesterday’s “data-driven” landscape
Data-driven in the Idea Economy
Deep Learning
Deliver Automated Intelligence in real-time for Deep Learning
Learning check
HPE Apollo systems
Flexible configurations, IT expertise, and lower cost solutions
HPE Apollo kl20 Server with Intel® Xeon® Phi Processors
HPE Apollo 40—Flexibility, expertise, and lower costs
HPE Apollo 2000—Enterprise bridge to HPC
HPE Apollo 4000: Early innovation to market leadership
Activity: Technical University of Denmark case study
Activity debrief
HPE Apollo 6000
HPE SGI 8600 Gen10 System
Learning check
Managing Apollo systems
Activity: Recommending Apollo solutions for customers
Customer profile
Activity debrief
HPE HPC Software
HPE HPC Software Portfolio
Activity: Improving products with HPC solutions
Selecting density-optimized platform
Learning check
HPE HyperConverged solutions: HPE SimpliVity
The HPE SimpliVity Data Virtualization Platform
Deduplication with HPE SimpliVity
Top use cases for SimpliVity
HPE SimpliVity 380 and HPE SimpliVity 380 Gen10
HPE SimpliVity 380 configuration workflow
Activity: SimpliVity introduction
Reference Architectures
Learning check
Summary
9 HPE Synergy
Prelearning check
Reference Configurations and Architectures
Why offer a Synergy solution?
Configuring a Synergy system
Step 1: Configure the infrastructure
HPE Synergy 12000 frame
Learning check
Synergy management subsystem
Configure the management ring
Step 2: Compute choices to run any workload better
HPE Synergy 660 Compute technical comparison
Learning check
Step 3: Configure the Composable Infrastructure fabric
Composable fabric architecture
Rack-scale fabric architecture
Composing a rack-scale fabric
Learning check
Composing a two-frame rack-scale fabric
Composing a three-frame rack-scale fabric
Learning check
Synergy fabric layout
Synergy fabric portfolio
Fabric considerations with Image Streamer
Step 4: Configure storage
Configure direct attached, composable storage
Synergy required modules for DAS storage
Synergy storage configurations
Activity: Synergy Reference Configuration
SDS solution general requirements
Learning check
Summary
10 Planning and Designing HPE Server Solutions
Prelearning check
Understanding the scope and constraints of the design
Assessing the customer’s requirements and environment
Conducting a needs analysis
Matching customers to the best platform
Evaluating the business requirements
Conducting a site survey
Learning check
Designing a solution
SLAs drive the solution
Solution design considerations
BTO and CTO product SKUs
Physical or virtual servers?
Virtual machines design goals
VM design guidelines
Highly available designs
Learning check
Activity: Designing customer solutions
Case study
Activity debrief
Learning check
HPE tools for selecting solution components
HPE Partner Ready Portal
HPE Proposal Web
HPE configuration tools
HPE One Configuration Advanced
Using TCO and ROI tools
Total cost of ownership
Return on investment
Alinean ROI and TCO analysis
Learning check
Developing the proposal
Matching the challenge with the opportunity
Writing a scope of work
Learning check
Summary
Learner survey and course feedback

Learning Check Answers


HPE and the future of compute
Security: Why customers should pay attention
HPE Converged Management: On System
HPE Converged Management: On Premise and On Cloud
Server technologies
HPE rack and tower server solutions
HPE BladeSystem server solutions
Density-optimized solutions
HPE Synergy
Planning and designing HPE server solutions
11 Practice Test
Introduction
Ideal candidate for this exam
Exam details
HPE0-S54 testing objectives
Test preparation questions and answers
Questions
Answers
1 HPE and the Future of Compute
LEARNING OBJECTIVES
After completing this chapter, you should be able to:
✓Introduce HPE Data Center Infrastructure Group and their strategy.
✓Explain the changing economy and the role of IT.
✓Describe Hewlett Packard Enterprise (HPE) Transformation Solutions.
✓Explain what a Composable Infrastructure is and how it helps customers.
✓Provide a high-level overview of HPE ProLiant Gen10 server innovations.
✓Provide a high-level overview of the HPE server portfolio and market share.
✓Position HPE Pointnext services in the new compute era.

Prelearning check
1.You are approached by a customer at a trade show and they challenge you with the statement
“Composable Infrastructure is just a new marketing name for converged infrastructure and is
intended to get customers to buy into upgrading their server, storage, and networking hardware.”
How should you respond?

Activity: Navigating the HPE Certification and Learning Portal


Verify you have valid credentials and login to HPE Partner Ready Portal. Answer the following questions:
1.Which menu option contains a link to the learning center?

2.How many certifications do you currently hold?

3.What are the requirements for achieving the Accredited Solution Expert (ASE) Architect
certification?
Note
To access the HPE Certification and Learning Portal, go to:
http://certification-learning.hpe.com/tr/index.html

Learning check
1.Name at least two recommend resources for exam preparation.

HPE Data Center Infrastructure Group

Figure 1-1 Data from 1CQ16 IDC Disk Storage System Tracker

HPE is the number one data center infrastructure vendor based on internal data collection and data
provided by IDC (International Data Corporation), as shown in Figure 1-1, including:
•More than 1 million customers over the last 25 years
•100,000 trusted partners in HPE ecosystem
•Five servers sold per minute
•Thirty percent x86 server market share
•Forty million servers sold to date (as of 1Q 2017)
•Number one position in total disk storage and only major vendor to gain share two years (as of
2016)
Demand for data center infrastructure is growing
There are various reasons for the increased demand for data center infrastructure components.
•Massive data explosion
•Need for analytics expanding
•Compute endpoints exploding
•Technology and consumption shift

The market is changing profoundly and innovation is required

Figure 1-2 Innovation is required

As shown in Figure 1-2, the market is changing profoundly and innovation is required. New products,
new technologies, and new procedures are continuing to impact customers.
•Cloud service providers have different needs for their infrastructure—hybrid infrastructure
•Hyper-converged and integrated solutions—solutions capable of a software-defined approach
(abstraction of hardware and config) and previously complicated solutions, built many hardware
and software components, are being sold under a single part number (commoditized)
•Workload-optimized and customer-segment specialized
•All-flash, security
•Object storage
•High-performance, software-defined networking

Innovation to help customers progress toward the future


Figure 1-3 Innovations to help customers progress toward the future

HPE is pioneering many innovations to help customers progress toward the future. As shown in Figure 1-
3, innovation areas include:
•On-premises data center
–Multi-purpose and secure computing
–Mission-critical computing
•Cloud
–Workload specialized
–Software defined
–Composable Infrastructure
–Hyper-converged systems
•Internet of Things (IoT)
–Edge computing
–Campus infrastructure

The HPE strategy is to build specialized solutions for target customer


segments
Table 1-1 Target customer segments
Customer needs Segment Technology

Simplicity, subscription pricing SMB and branch IaaS, appliances

Hybrid, versatile, secure Core enterprise X86 and composable

Always on availability Mission critical Shift to X86 MC


Customer needs Segment Technology

Massive parallel computing HPC Supercomputing

Accelerate insight, data protection Storage and Big Data All-flash, SDS object, analytics

Extreme scale and customization Service providers Tier 2/3 service providers

Network agility and virtualization Data center networking Software-defined networking

Carrier grade, standardized Communications NFV, services

Table 1-1 presents a high-level mapping between customer needs in specific market segments and
technology requirements.

Note
High-performance computing (HPC) clusters can be composed of large numbers of servers,
where the total physical size, energy use or heat output of the computing cluster might become
a serious issue. Furthermore, there are requirements for dedicated communications among the
servers that are somewhat unique to clusters. Because small design differences amount to large
benefits when multiplied by the number of servers in the clusters, we are seeing the emergence
of server designs that are optimized for HPC. Sometimes these are designs targeted at large,
public Web operators, such as search engine firms, that deliver similar benefits in HPC clusters,
but they can also offer features only appropriate for HPC users. For example, if the system were
designed to provide the cluster interconnect differently, there might be a significant cabling
reductions possible. (Gartner IT Glossary, January 2018)
Innovation to address evolving consumption patterns

Figure 1-4 Innovation to address evolving consumption patterns

HPE offerings are based on evolving consumption patterns. Figure 1-4 shows a high-level mapping
between customer consumption patterns and data center management choices.
Mapping of HPE offerings to data center management choices.
•IoT, Networking
–Aruba, Edgeline
•Specialized
–Apollo, HPC
–Object storage mission critical (SAP HANA)
–Flash storage
–SimpliVity/HC 380/HC 250 (virtualization)
•Generic
–ProLiant rack, ProLiant tower, BladeSystem
–Cloudline
–DC networking
–3PAR
•Composable
–Synergy
•Outsourced
–Partnership with Microsoft Azure
–HPE “Sell to”

Note
The Internet of Things (IoT) is the network of physical objects that contain embedded
technology to communicate and sense or interact with their internal states or the external
environment. (Gartner IT Glossary, January 2018)

Activity: Navigating the DCIG portfolio at the HPE website


Open the DCIG (HPE Data Center Infrastructure Group) portfolio in a web browser and answer following
questions:
1.How many product families and how many product categories are presented at the website?
2.What is the difference between the categories and product families?

3.Are there any new products on the website that are missing in this course?

Note
To navigate the DCIG portfolio, go to:
https://www.hpe.com/us/en/products.html

Learning check
2.Which HPE solution would you recommend for a customer requiring Composable Infrastructure?
The Idea Economy

Figure 1-5 Exponential access, data, and connections drive exponential innovation

Ideas have always fueled business success. Ideas have built companies, markets, and industries; however,
there is a difference today.
Businesses operate in the Idea Economy, which is also called the digital, application, or mobile economy.
As shown in Figure 1-5, doing business in the Idea Economy means turning an idea into a new product,
capability, business, or industry. This has never been easier or more accessible—for you and for your
competitors. Today, an entrepreneur with a good idea has access to the infrastructure and resources that a
traditional Fortune 1000 company would have. That entrepreneur can rent compute capacity on demand,
implement a Software as a Service (SaaS) enterprise resource planning (ERP) system, use PayPal or
Square for transactions, market products and services using Facebook or Google, and have FedEx or UPS
run the supply chain.
Companies such as Vimeo, One Kings Lane, Dock to Dish, Uber, Pandora, Salesforce, and Airbnb used
their ideas to change the world with very little start-up capital. Uber had a dramatic impact after launching
its application connecting riders and drivers in 2009. Three years after its founding, the company expanded
internationally. Without owning a single car, Uber now serves more than 630 cities worldwide (as of
August 30th, 2017).
In a technology-driven world, it takes more than just ideas to be successful. Success is defined by how
quickly ideas can be turned into value.
The Idea Economy creates disruptive waves of new demands and
opportunities

Figure 1-6 Thriving in the Idea Economy requires speed

The Idea Economy presents an opportunity and a challenge for most enterprises. On one hand, cloud,
mobile, Big Data, and analytics give businesses the tools to accelerate time to value. This increased speed
allows organizations to combine applications and data to create dramatically new experiences and even
new markets.
On the other hand, most organizations were built with rigid IT infrastructures that are costly to maintain.
This rigidity makes it difficult, if not impossible, to implement new ideas quickly.
Creating and delivering new business models, solutions, and experiences require harnessing new types of
applications, data, and risks. It also requires implementing new ways to build, operate, and consume
technology. This new way of doing business no longer just supports the company—it becomes the core
of the company.

Faster application development enables accelerated innovation


From 2010 to 2017, much changed from an application development perspective, as shown in Figure 1-
6. In 2010, the average application release cycle was four releases per year, per application. In 2015, this
number went up to 36 releases per year, per application. It is projected that by 2020, there will be 120
releases per year, per application (30 times more releases than in 2010).
Considerations from the Forrester Thought Leader Paper commissioned by HPE, “Better Outcomes,
Faster Results: Continuous Delivery and the Race for Better Business Performance,” helps summarize
this trend.
•Agility is paramount.
•“Even when delivering at cadences of less than a week, 20% of organizations want to go even
faster.”
•Developers need flexibility.
•Companies want open, flexible architectures for application portability and lock-in prevention.
Long time to value is costly

Figure 1-7 An organization must be able to alter its digital DNA continuously

Success today is defined by how quickly an enterprise can turn ideas into value—how quickly a business
can experiment, learn, test, tune, and make things better.
Uber did not invent a new technology. Instead, the company took advantage of the explosion of
smartphones and mobile applications to design a compelling customer experience, ultimately creating a
new way of doing business.
This example is not only about Uber executing a good idea; it is also about the taxicab industry’s inability
to act quickly to transform its business models to compete. Examples such as Uber serve as a warning.
Every Fortune 1000 company is at risk of missing a market opportunity, failing to secure its enterprise,
and being disrupted by a new idea or business model.
Timelines for IT projects and new applications used to be planned over years and months. Today, these
projects take weeks or days. As shown in Figure 1-7, increasingly, it is shrinking to hours. Now is the
time for a company to ask:
•How quickly can the company capitalize on a new idea?
•How rapidly can the company seize a new opportunity?
•How fast can the company respond to a new competitor that threatens the business?
The good news is that any company can use these technologies to adapt quickly to changing business
models and achieve faster time to value. However, many established companies are working with a rigid
IT infrastructure that may present significant challenges. Changing a data center strategy is a costly,
lengthy, and complex process.
Thriving in the Idea Economy requires enterprises to adopt a New Style of Business. This new style:
•Is experience and outcome driven—Rapidly compose new services from any source to meet the
evolving needs of customers and citizens.
•Proactively manages risks—Remain safe and compliant within a rapidly changing threat
landscape.
•Is contextually aware and predictive—Harness 100% of data to generate real-time instant insights
for continuous improvement, innovation, and learning.
•Is hyper-connected to customers, employees, and the ecosystem—Deliver experiences that enable
employees and engage customers in a persistent, personalized way.
In the Idea Economy, applications and information are the products.
To respond to the disruptions created by the Idea Economy, IT must transform from a cost center to a
value creator. In order to evolve, IT must shift focus:
•From efficiently hosting workloads and services to continuously creating and delivering new
services
•From simply providing hardened systems and networks to proactively managing and mitigating
risks
•From just storing and managing data to providing real-time insight and understanding
•From using software to automate business systems to differentiating products and services
Customers need to make IT environments more efficient, productive, and secure as they transition to the
New Style of Business. They need to enable their organizations to act rapidly on ideas by creating,
consuming, and reconfiguring new solutions, experiences, and business models.
One of the first steps in achieving this kind of agility is to break down the old infrastructure silos that
make enterprises resistant to new ideas internally and vulnerable to new ideas externally. Designing
compelling new experiences and services does not work if the infrastructure cannot support them.
The right compute platform can make a significant impact on business outcomes and performance.
Examples include storage that “thinks” as much as it stores; networking that moves information faster and
more securely than ever before; and orchestration and management software that provides predictive
capabilities.
Each company is on a unique journey to the cloud, custom-made for the way it consumes and allocates
resources, transforms to the changing landscape, implements financial models, and achieves desired
outcomes.

Activity: Introducing customer scenario: Alpha Centauri Drones


Company
Alpha Centauri Drones Company will be used as a storyline through the class for various scenarios. In
this chapter, we introduce the company using an interview.
•What is your primary business?
–Design and development of six large-scale, state-of-the-art drones for industrial purposes in a
year.
•How many employees do you currently have?
–Small high-tech company with three employees.
•How does your selling and delivery channel look like?
–Government customer and two large construction companies, no marketing, no sales force
other than the owner.
•Where are you currently storing files and how do you access them?
–Desktop and notebook hard drives, file server, single ML server (designed by an ATP certified
architect from an HPE channel partner company).
•What does your network infrastructure look like?
–1x router with wireless serving as a switch also, 1 Gb/s, 3 internal, 1 WAN port.
•How much data do you currently have on servers and workstations?
–6 TB
•Do you have an IT department?
–No, we have an external IT administrator visiting us every Wednesday and when necessary.
The owner/CEO can do most IT operational tasks on his own.
•What are your current plans?
–Considering expansion, we are afraid that our current infrastructure is not sufficient.

Learning check
3.The Idea Economy presents an opportunity and a challenge for most enterprises.
True
False

Applications and data fuel the digital enterprise

Figure 1-8 Apps are the digital products driving innovation and causing market disruption

We are living in an Idea Economy, where the ability to turn an idea into a new product or service has
never been easier.
In today’s hyper-connected world, applications are the mechanism for delivering innovative ideas, and
we use apps for everything from our day-to-day life to business, as shown in Figure 1-8.
Apps make life easy, but they also make it easy to switch suppliers in an instant, so maintaining customer
loyalty requires providing a better customer experience through continuously delivering new app features.
Every business is now a digital business, and apps are the digital products driving innovation and causing
market disruption.
HPE Transformation Solutions

Figure 1-9 HPE Transformation Solutions

The HPE strategy represents a logical transition from the Transformation Areas Transform, Protect,
Empower, and Enable (the what) to Transformation Solutions (the how). The strategy is designed to help
customers harness the right mix of hybrid IT to accelerate service delivery, build next-generation data
foundations to accelerate time to insight, and power a new generation of digital experiences to create
business value. Figure 1-9 shows an overview of HPE Transformation Solutions.
First, the world is going to be hybrid and HPE makes hybrid IT simple. This is achieved through offerings
in the traditional data center, software-defined infrastructure, systems software, private cloud, and through
public cloud partnerships.
Second, HPE powers the Intelligent Edge through offerings in campus and branch networking via Aruba
products and the Industrial IoT with products like Edgeline Converged Systems.
Third, services are going to be more critical than ever. HPE has the expertise to make it happen and can
accelerate our customers’ journey through our 22,000 Technology Services professionals. HPE can build
customer solutions from the ground up, and deliver world-class support, advisory, and consumption
models.
HPE also has a Financial Services organization. This is strategically important to customers as they
increasingly look for financial flexibility and consumption models.

Note
HPE Synergy plays a key role in allowing customers to transform to a hybrid environment.
Consequently, the material in this course focuses on this Transformation Solution.
Accelerating time to value

Figure 1-10 Speeding time to value across a hybrid world

HPE believes speeding time to value across a hybrid world is the number one priority, and to do this, the
new generation of apps and data demand a vision that provides the flexibility to operate seamlessly across
these environments, as shown in Figure 1-10.
The vision is based on three core beliefs.
1.The world will be hybrid.
2.The Intelligent Edge is going to unleash an industrial IoT revolution.
3.Data and a new breed of apps is the digital fuel that will drive the future.
Whether your apps and data are in your data center, private and public clouds, multi-clouds, hybrid IT, or
at the edge of the network—the Intelligent Edge—where enterprises touch customers, employees, and the
outside world, and where new experiences, new value, and new data is being created, it is critical that data
collection and analytics be built-in to provide context and insights that drive value.
HPE believes that enterprises must unify apps old and new with data—wherever it lives in this hybrid IT
context.
HPE has broken up infrastructure, software, and services into separate businesses to enable each to focus
on excelling in this digital reality. HPE is focused on infrastructure and sells complete solutions to solve
customers’ business problems.
Hybrid IT

Figure 1-11 The solution continuum

Digital enterprises must manage apps and services using a single as-a-service IT model and optimize
workload placement across hybrid IT to balance workload service-level agreement (SLA) needs.
As shown in Figure 1-11, digital transformation requires:
•Standardization, consolidation, and virtualization across the data center to reduce cost and improve
utilization
•Automation to orchestrate IT processes and tasks to improve operational efficiencies
•Transformation to a DevOps delivery model to accelerate application and service delivery for
business agility
The HPE portfolio of solutions and services enables organizations to meet this challenge and deliver
business outcomes. HPE makes hybrid IT simple.

Note
DevOps (a clipped compound of "development" and "operations") is a software engineering
culture and practice that aims at unifying software development (Dev) and software operation
(Ops). The main characteristic of the DevOps movement is to strongly advocate automation
and monitoring at all steps of software construction, from integration, testing, releasing to
deployment and infrastructure management. DevOps aims at shorter development cycles,
increased deployment frequency, more dependable releases, in close alignment with business
objectives. (Wikipedia.org, January 2018)

Learning check
4.Which three principles form the basis of HPE Transformation Solutions?

Composable Infrastructure
HPE introduced the concept of a converged infrastructure because businesses that were trying to compete
in the applications-driven economy found their traditional business infrastructure struggling. Traditional
infrastructure is stable and allows organizations to slowly (over longer, planned periods of time) roll out
applications that support the business, such as online transaction processing (OLTP) applications, and
databases. However, maintaining a traditional infrastructure in an application-driven economy is a
challenge for which there is a solution.

Why is Composable Infrastructure important?


Many CIOs (Chief Information Officers) and data center system administrators feel challenged to deliver
traditional business applications while at the same time standing up new applications such as mobile and
cloud-native apps that drive revenue. Operations-driven and cost-focused, traditional IT environments
make it difficult to deliver value to the business—IT cannot move fast enough for today’s application
delivery goals.
Traditional applications are designed to support and automate existing business processes such as
collaboration, data processing and analytics, supply chain, and web infrastructure. They include
applications such as ERP and other large databases that have been prepackaged and pretested. These
applications and services typically go through one or two release cycles per year. IT has been built around
these for the last 20–30 years.
New apps-driven and agility-focused IT environments deliver apps and services that drive revenue and
enhanced customer experiences through mobility, Big Data, and cloud-native technologies. These apps
challenge IT to maintain a digital enterprise in a digital economy alongside traditional applications. But
maintaining two different sets of infrastructure, one designed for traditional apps and another designed
for cloud-native apps, increases costs and complexity. This approach is not sustainable.
Gartner gives the name "bi-modal computing” to the strategy of maintaining an existing infrastructure for
traditional applications while transitioning to infrastructure and tools for emerging applications. The HPE
vision is to pull both together with one infrastructure that provides the agility of on-premise cloud
infrastructure.
Infrastructure category powering the Idea Economy

Figure 1-12 A Composable Infrastructure meets traditional and Idea Economy demands

Figure 1-12 shows the different categories of infrastructure. In addition to its focus on stability, reliability,
and scalability, the traditional infrastructure is often siloed and burdened with complex processes. It can
take IT months to stand up environments for traditional applications—regardless of whether these
environments are meant to support physical, virtual, or containerized workloads.
HPE followed its converged infrastructure with hyper-converged solutions that only require minutes to
deploy. These workload-specific offerings deliver fluid virtual IT and software-defined storage (SDS) in
a single appliance.
HPE converged infrastructure and hyper-converged appliances help organizations succeed in the Idea
Economy. Doing business in the Idea Economy—which is also called the digital, application, or mobile
economy—means turning an idea into a new product, capability, business, or industry. To stay
competitive, organizations need to develop new IT capabilities, create new outcomes, proactively manage
risk, be predictive, and create a hyper-connected workplace. HPE converged infrastructure, software-
defined management, and hyper-converged systems reduce costs and increase operational efficiency by
eliminating silos and freeing available compute, storage, and networking resources.
However, most organizations must still maintain their traditional infrastructure, which can involve using
a different set of tools and application programming interfaces (APIs). Businesses need a single, fluid
infrastructure that is optimized to deliver infrastructure for both traditional and new applications in
seconds. This infrastructure must be agile and flexible enough to change personalities dynamically so that
it can meet traditional and Idea Economy workload demands without overprovisioning resources for
either. This architectural approach is a Composable Infrastructure.

Moving to Composable Infrastructure


Figure 1-13 HPE offers several solutions that provide customers with a bridge to Composable
Infrastructure

Building on a converged infrastructure, HPE has designed the Composable Infrastructure around three
core principles.
•Fluid resource pools meet each application’s changing needs by allowing for the composition and
recomposition of single blocks of disaggregated compute, storage, and fabric resources needed to
run applications in sizes at the appropriate scale. This allows new applications to be quickly
provisioned.
•Software-defined intelligence provides a single management interface to integrate operational silos
and eliminate complexity. Workload templates speed deployment and frictionless change
eliminates unnecessary downtime.
•The unified API provides a single interface to discover, search, inventory, configure, provision,
update, and diagnose the Composable Infrastructure. A single line of code enables full infrastructure
programmability and can provision the infrastructure required for an application.
A Composable Infrastructure facilitates the move to a continuous services and application delivery model
and enables applications to be updated as needed, rather than just once or twice a year. IT operates in a
manner similar to how a cloud provider handles lines of business and the extended enterprise. This type
of framework consistently meets SLAs and provides the predictable performance needed to support core
workloads.
As shown in Figure 1-13, HPE offers several solutions that provide customers with a bridge to
Composable Infrastructure. For example, HPE developed ConvergedSystem and hyper-converged
solutions to help customers respond more quickly to their demands.
With the release of Synergy, customers can move to a fully Composable Infrastructure. Synergy greatly
reduces the operational complexity of managing infrastructure and enables customers to accelerate
application deployment. It is designed for today and architected to anticipate the evolution of technologies
in the future.
Note
HPE ConvergedSystem integrates compute, storage, and networking resources. Moving to a
converged infrastructure ties virtualization, automation, and unified infrastructure management
software together into pre-built, tested, and workload-optimized systems. These systems are
software-defined for easy integration into existing infrastructure and quick transition to hybrid
cloud delivery models.

HPE Synergy—The first platform architected for composability


HPE Synergy combines hardware infrastructure, software, and services to deliver a single Composable
Infrastructure platform that enables customers to be well-positioned for the cloud. The Synergy platform
reduces operational complexity for traditional workloads and increases operational speed for emerging
applications and services. Using a single interface, Synergy composes physical and virtual compute,
storage, and fabric pools into any configuration for any application. The extensible platform easily enables
a broad range of applications and operational models such as virtualization, hybrid cloud, and DevOps.
Synergy offers the following benefits of a Composable Infrastructure:
•Composable compute provides performance, scalability, density optimization, storage simplicity,
and configuration flexibility.
•HPE Synergy Composer uses integrated, software-defined intelligence to self-discover, auto-
integrate, provision, and scale from racks to rows.
•Its composable frame provides everything needed to run applications and allows IT to be quickly
set up and consumed.
•Rack-scale, multi-fabric connectivity eliminates stand-alone top-of-rack (ToR) switches.
•High-density, integrated storage can be used to compose any compute with any storage pool (SDS,
direct-attached storage [DAS], and Storage Area Network — SAN).

Management innovations that enable a Composable Infrastructure


Synergy is a single management interface that allows IT to instantly assemble and reassemble resources
in any configuration. Through its single interface, Synergy composes physical and virtual compute,
storage, and fabric pools into any configuration for any application.
Synergy eliminates hardware and operational complexity so IT can deliver infrastructure to applications
faster with greater precision and flexibility. Synergy eliminates the high costs of overprovisioning and
stranding of resources with built-in infrastructure intelligence, dramatically reducing capital expenditures
(CapEx). With improved economics, businesses can drive continuous service delivery during workload
peak times and significantly reduce risk.
Synergy is built on unique innovations that provide a bare-metal cloud that is ready to run any application
and delivers infrastructure as code (IaC).
•Single management interface—Synergy offers a single management interface that is used to
discover, compose, update, and troubleshoot the Synergy solution.
•HPE Synergy Image Streamer—This Synergy component allows you to create and maintain a
repository of images for different workloads. Using these images, you can instantly provision
operating system images or hypervisors on stateless infrastructure, significantly simplifying and
speeding deployments.
•Template-based composition—You can configure a template for a specific workload. These
templates allow Synergy to seamlessly request the use of the correct resources for a specific
workload and return those resources when they are no longer needed, making them available for
other workloads.
•Frictionless change—You can maintain and update the infrastructure while it is up and running.
The updated firmware (FW) and driver packages are delivered seamlessly as one pretested package
in a manner that minimizes the impact on services and operations.
•Unified API—Built into the infrastructure, the unified API abstracts infrastructure complexity so
changes can be automated easily and developers can program the IaC.
•Developer portal—Developers can readily obtain IaC to rapidly deploy their applications.

One infrastructure across traditional and cloud-native applications


Synergy gives customers a single infrastructure that is ready for any workload—whether physical, virtual,
or containerized, including both enterprise and cloud-native applications.
The Synergy platform enables customers to create a completely stateless infrastructure and deploys
stateless resources in seconds. This includes the configuration and provisioning of compute, fabric,
storage, and hypervisor and operating system images as part of a single server profile template. These
features enable you to configure all of the pieces in one place without changing between multiple tools. It
also enables the infrastructure to be provisioned and reprovisioned as needed based on the requirements
of workloads that it is hosting.
A Synergy converged infrastructure allows customers to cut the time it takes to stand up a new
environment, essentially reducing time to value. Synergy supports targeted workloads, solves some
complexities of the traditional infrastructure, and delivers preconfigured physical IT.

The way infrastructure should work

Figure 1-14 IT must support both traditional and new apps

With the emergence of cloud and other technologies, customers need faster operations to drive more
profitability. HPE customers want to be relevant to and succeed on both ends of the applications spectrum,
shown in Figure 1-14. IT needs a more efficient approach that can create and deliver new value instantly
and continuously.
With HPE Synergy, IT can become not only the internal service provider but also the business partner
needed to rapidly launch new applications. The platform allows IT to continuously:
•Run anything—Optimize any application and store all data on a single infrastructure with fluid
pools of physical and virtual compute, storage, and fabric.
•Move faster—Accelerate application and service delivery through a single interface that precisely
composes logical infrastructures at near-instant speeds.
•Work efficiently—Reduce operational effort and cost through internal software-defined
intelligence with template-driven, frictionless operations.
•Unlock value—Increase productivity and control across the data center by integrating and
automating infrastructure operations and applications through a unified API.
HPE Synergy allows customers to:
•Dramatically reduce overprovisioning, CapEx, and stranded resources.
–Compose any compute with any storage pool (including non-SAN simplicity).
–Quickly recompose within a frame, across racks and rows in seconds.
–Optimize SDS, DAS, and SAN.
•Deploy at cloud-like speed.
–Stand up the infrastructure in minutes, not months.
–Auto-assemble all resources.
–Quickly deploy the configuration, drivers, FW, and operating system through workload-based
templates (catalog of images).
•Develop apps and program infrastructure based on their preferences.
–Program all resources using a single line of code.
–Program infrastructure at near run-time.
–Store images for fast iteration and repeatable scale.

Deployment comparison

Figure 1-15 Deployment comparison

Figure 1-15 compares the right-sized enterprise model of procurement and provisioning to that of current
cloud service providers and typical enterprise environments.
Cloud service providers (also known as cloud giants) are two orders of magnitude larger than traditional
enterprise data centers and often must scale to millions of servers. Traditional data centers cannot match
the efficiency of cloud giants’ custom server environments while maintaining a traditional infrastructure.
Cloud giants have the luxury of buying thousands of servers and the associated networking and storage at
one time at deep discounts. They provision everything in advance to meet the specifications of a handful
of unique applications. Then they simply turn on preconfigured, predefined, and prewired equipment and
provisioning for the application they want to run.
By comparison, the traditional enterprise hardware implementation process usually takes much longer
because a large majority of their applications carry unique requirements. Unlike cloud giants, enterprise
IT cannot choose the infrastructure it needs until the applications are selected. Also, server, network, and
storage equipment are often purchased by separate IT teams and then brought together for provisioning—
a process that can take weeks or even months to coordinate and complete.

Change the approach

Figure 1-16 Comparing approaches to infrastructure

If customers want to gain the efficiencies of cloud giants, they need to adapt their approaches, strategies,
and business tactics. Figure 1-16 shows a comparison of the flexible enterprise model of hardware and
application interaction to that of current cloud service providers and typical enterprise environments.
How can IT manage both traditional and cloud-native applications while gaining the speed, agility, and
efficiency of cloud giants? The Synergy Composable Infrastructure integrates compute, storage, and
fabric in one solution so enterprises can easily implement the right-size infrastructure to run their
applications. This enables transformational capabilities:
•Compute, storage, and fabric are brought together—Preconfigured, more flexible, and ready to
run, a Composable Infrastructure can be provisioned on demand as applications require. This
dramatically cuts the time needed for setup and deployment of new infrastructure to run a new
application or IT service. IT can optimize operations and meet business demands while still
effectively managing efficiency and scale.
•Flexible and composable hardware runs all applications—Synergy has both resiliency and
flexibility at the hardware level so it can adapt to the needs of virtually any application. It has the
unique ability to run without being limited to any one computing paradigm because it can run virtual
machines, bare-metal deployments, containers, and cloud-native applications.
Synergy allocates fluid pools of resources, which allows the Composable Infrastructure to run and
store virtually anything. Synergy can disaggregate and re-aggregate underlying blocks of resources
with physical, virtual, and container resource pools. To meet application requirements, storage can
be directly attached, network-attached, or software-defined and be configured to present data
services in block, file, or object storage formats. This provides the flexibility to respond effortlessly
to unpredictable demands, regardless of data type, connectivity protocol, or service-level
requirement.
•Maintenance is simplified—Synergy simplifies maintenance by using software-defined
intelligence with template-driven, single-touch provisioning and operations management. With a
self-discovering, self-securing, self-orchestrating, and self-diagnosing nature, it minimizes manual
intervention. This flexible architecture uses a single pane of glass and a unified API to simplify
automation of operations and maintenance tasks.

Optimizing the infrastructure for apps

Figure 1-17 Optimizing the infrastructure

Many customers recognize that time-to-market is critical for delivering value faster and better than the
competition. Synergy allows businesses to spend less time managing and maintaining infrastructure.
Implementing a Composable Infrastructure allows customers to improve processes such as running apps.
Figure 1-17 compares the flexible enterprise model of hardware and application interaction to that of
current cloud service providers and typical enterprise environments. With traditional approaches, each
app runs on infrastructure optimized for the app. Cloud giants use one infrastructure for all apps, and their
apps flex to the infrastructure. Composable Infrastructure also uses one infrastructure for all apps, but the
infrastructure flexes to the app.

What is Composable Infrastructure?


Figure 1-18 A breakdown of Composable Infrastructure

Composable Infrastructure is the ability to deploy, provision, and maintain compute, fabric, and storage
infrastructure resources using a unified API.
HPE is delivering composability through an architecture that has three key elements to it, as shown in
Figure 1-18. Composable Infrastructure starts with fluid resource pools. These pools are a single structure
that boots up prepared for workloads with fluid pools of compute, storage, and fabric that can be instantly
turned on and flexed.
Second, HPE OneView is software-defined intelligence, which means embedding intelligence into the
infrastructure and using workload templates to tell it how to compose, recompose, and update on the fly
in a very repeatable, frictionless manner.
Finally, taking all these capabilities and exposing them through a unified API enables infrastructure to
be programmed like code so it can become Infrastructure as a Service (IaaS). As such, it can be served up
to people who just want to write existing apps or code new apps and be able to derive infrastructure
directly as code.

Learning check
5.You are approached by a customer at a trade show and they challenge you with the statement
“Composable Infrastructure is just a new marketing name for converged infrastructure and is
intended to get customers to buy into upgrading their server, storage, and networking hardware.”
How should you respond?

6.HPE BladeSystem, HPE 3PAR StoreServ, and HPE OneView provide customers a bridge to
Composable Infrastructure.
True
False
7.HPE Synergy is an example of fully Composable Infrastructure.
True
False

HPE Gen10 servers


HPE Gen10 servers are effectively solving customer requirements in the following areas:
•Security—Need for operating the most secure data center and IT services
•Productivity—Need reliable high-speed access to data for all business applications
•Velocity—Need for top-tier performance across several business-critical applications in multiple
vertical segments
•Efficiency and flexibility
–Need to reduce IT operational cost
–Need cloud-like agility and simplicity for deploying, managing, and scaling out new
applications
–Need to reduce IT acquisition cost
–Need infrastructure for bi-modal IT
•Simplicity—Need simple tool/interface/process for system deploy, update, and management

Introducing a new generation compute experience from HPE

Figure 1-19 New IT experience

Only Hewlett Packard Enterprise is uniquely able to deliver on this new IT experience not only because
of the incredible innovation already brought to market such as Composable Infrastructure, but also now
enhancing the whole experience with a new generation of capabilities powered by Gen 10 that offer
customers the ability to accelerate applications and business insights.
Figure 1-19 shows the three key areas of this new IT experience.
Provide a new experience in business and IT agility.
•Enhance customer service with advanced application performance and reliability.
•Accelerate business innovation through agile IT advancements.
•Enable customers to define the right mix of hybrid IT based on their business needs, not on IT
limitations.
Provide superior security for business resilience and protection.
•Protect the business from malicious threats, such as denial of service attacks.
•Have confidence that IT security capabilities will address evolving threats.
•Allow SaaS providers who are the experts in their application/industry to ensure compliance (such
as healthcare).
Gain a new level of economic control over IT consumption.
•Customers have the flexibility to pay for IT as they use it, across their entire mix of hybrid
infrastructure.
•Meet unpredictable customer demands without the need to overprovision on-premises IT.
•As the business grows, scale the infrastructure without incurring exponential costs.
HPE is delivering a cloud-like experience with the security and economic control of the data center—the
best of both worlds for the future of hybrid IT.
Gen10 technology pillars include:
•Security—The World’s Most Secure Industry-Standard Servers
–Unmatched threat protection through hardware root of trust, extensive standards compliance,
and supply chain attack detection
–Unparalleled ability to recover FW and OS after denial of service attempt or detection of
compromised code
•Productivity—Unprecedented high-speed memory capacity with persistence
–High capacity data acceleration with flash-backed Persistent Memory at TB-scale capacity for
large data-intensive workloads
–Second generation of memory-centric compute innovation on the path to The Machine
•Velocity—Intelligent System Tuning
–Performance tuning to enable more workloads on more cores at a given CPU frequency for
greater application licensing efficiency
–Predictable latency reduction and balanced workload optimization
•Efficiency—New levels of compute
–Next-generation industry-standard CPUs with faster processing, higher-speed memory access,
enhanced software-defined management, and security
–Enhanced graphics processing unit (GPU) levels of performance and choice
•Flexibility—Increased in-server storage density
–Substantially greater NVM Express (NVMe) capacity for large write-intensive workloads
needing advanced caching/tiering
–Enhanced storage density in servers with more small form factor (SFF) and large form factor
(LFF) drives for collaboration and database workloads
•Simplicity—More efficient and easier server management
–Enables large-scale FW deployment
–Improved graphical user interface (GUI) to simplify management with industry-standard APIs
–Easy system debug access
–Convenient warranty entitlement validation

Note
NVM Express (NVMe) or Non-Volatile Memory Host Controller Interface Specification
(NVMHCIS) is an open logical device interface specification for accessing non-volatile storage
media attached via a PCI Express (PCIe) bus. The acronym NVM stands for non-volatile
memory, which is commonly flash memory that comes in the form of solid-state drives (SSDs).
(Wikipedia.org, January 2018)
Activity: Top 5 HPE Gen10 Innovations CTOs (Chief
Technology Officers) must see
Watch the interview with the Chief Technologist of HPE Data Center Infrastructure Security and answer
following questions:
1.What are the top HPE Gen10 innovations according to the Chief Technologist?

2.How does HPE protect FW against attackers?

3.How can the customer be assured that server FW is not compromised?

Note
To watch the “Top 5 HPE Gen10 Innovations CTOs must see” video, go to:
https://www.youtube.com/watch?v=BKgJfC_gY14

Learning check
8.Name at least three strategic focus areas of HPE Gen10 servers.

HPE position and market share


HPE is one of the world’s largest providers of IT infrastructure, software, services, and solutions. In
addition to offering the broadest server portfolio in the industry, HPE offers a full lifecycle of services,
including consulting services to maximize ROI (Return On Investment) and support services to prevent
and solve problems. Customers receive assistance from a deep pool of expertise and a personalized
experience on a global scale.
HPE’s data center architecture and partner ecosystem

Figure 1-20 HPE’s software-defined data center architecture and partner ecosystem

As shown in Figure 1-20, HPE leverages a rich ecosystem of best-in-class business partners who provide
optimized independent software vendor (ISV) applications, integrated solutions, and a breadth of original
equipment manufacturer (OEM) offerings. HPE was the first manufacturer to offer:
•Integration of management for server, storage, and networking infrastructure within management
tools from many vendors
•Number one position in servers shipped running VMware vSphere and Microsoft Hyper-V
•More server and storage models certified for key partners than any other vendor
•Broad partner-certified professional designations for field technical resources
HPE’s Data Center Infrastructure products fit all environments.
•Small and midsize business (SMB)
–Easy Connect Appliance
–ProLiant racks
–ProLiant towers
–ProLiant Easy Connect
•Enterprise servers
–ProLiant racks
–Synergy
–BladeSystem
–Hyper Converged
•Mission critical
–Integrity
–NonStop X
–SuperDome X
–HP-UX
•Storage and Big Data
–3PAR flash
–StoreVirtual/MSA
–StoreOnce
–Apollo object and analytics
•Data center networking
–Altoline
–Openwatch
–FlexFabric
–DCN
•Communications solutions
–NFV
–Helion carrier grade
–ContactNETV9DN
–Network and digital services
•HPC
–Apollo systems
•Service provider and OEM
–Cloudline
–Custom systems
–OEM solutions

SMB

Figure 1-21 HPE SMB portfolio

As shown in Figure 1-21, the HPE SMB portfolio includes:


•HPE ProLiant 10 servers
•HPE ProLiant 100 servers
•HPE ProLiant 300 servers
Recommended use cases include:
•Collaboration (SharePoint/Messaging)
•Virtualization
•File and print sharing
•Cloud computing and storage
All customers have different needs, and there is no substitute for completing a full needs analysis.
However, this graphic provides useful high-level guidance regarding which HPE servers might be suitable
for SMBs. The enterprise column is included here for comparison.
Security, versatility, performance, and quality make HPE ProLiant servers ideal for SMB workloads as
well as for software-specific solutions such as HPE Flex Solutions for virtualization, analytics, and unified
communications and collaboration solutions.
HPE ProLiant rack and tower servers redefine compute economics by delivering more compute and
storage capacity, right-sized compute with flexible choices, and lower compute energy and floor space
consumption. With ProLiant rack and tower servers, customers can accelerate business results with faster
compute, memory, and I/O performance, coupled with increased storage and networking performance—
including lower latency.
ProLiant rack and tower servers are available in these families:
•HPE ProLiant MicroServer
•HPE ProLiant ML
•HPE ProLiant DL

Enterprise servers

Figure 1-22 The data center standard: Versatile compute to meet a wide range of needs

As shown in Figure 1-22, core enterprise portfolio includes:


•HPE ProLiant 300 servers
•HPE ProLiant 500 servers
•HPE Synergy
•HPE ProLiant BladeSystem
•HPE Hyper Converged/HPE SimpliVity
Typical use cases for enterprise servers include:
•Dynamic workloads
•Virtualization, Big Data, storage-centric apps, collaboration, data warehousing/analytics, CRM
(Customer Relationship Management), ERP, VDI (Virtual Desktop Infrastructure), SAP
•Composable Infrastructure
BladeSystem solutions provide multiple IT elements in one optimized package that is managed as a single
platform. Blades are available as composable blocks of compute, storage, and network fabric. The
building block approach makes it simple to scale infrastructure by reducing the typical complexity of
configuring and separately scaling compute, storage, and networking piecemeal in traditional
infrastructure. BladeSystems use optimized and preselected server profiles for optimal workload matching
and performance.
BladeSystems are ideal for:
•VDI
•Consolidation
Although ProLiant DL and ML solutions and ProLiant BL servers are viable resources in a variety of
situations, the differences between them are significant. Rack-mounted servers typically are viewed as a
stand-alone resource, whereas a BladeSystem has many shared components and is aggregated to function
as a larger resource.
HPE Synergy is a single infrastructure of physical and virtual pools of compute, storage, and fabric
resources and a single management interface that allows IT to instantly assemble and reassemble resources
in any configuration. Synergy eliminates hardware and operational complexity so IT can deliver
infrastructure to applications faster with greater precision and flexibility. Synergy solutions support
emerging applications in the areas of mobility, Big Data, and cloud-native technologies.
Synergy is ideal for a single infrastructure running multiple applications simultaneously.
•SQL on bare-metal compute
•Virtualized hypervisor clusters
•Client virtualization with HPE StoreVirtual VSA
•Unified communications such as Skype for Business

Mission-critical computing

Figure 1-23 Become a real-time business: Modernize with HPE mission-critical solutions

As shown in Figure 1-23, mission-critical solutions portfolio includes:


•HPE Integrity NonStop X
•HPE Integrity Superdome X
•HPE Superdome Flex
•HPE Integrity MC990 X
•HPE ConvergedSystems 500/900 for SAP HANA
•HPE Integrity NonStop, HPE Integrity with HP-UX, OpenVMS
Recommended use cases:
•Empower real-time analytics
•Modernize business processing for Oracle, SAP, and SQL Server
•Achieve business continuity for vital applications
Mission-critical solutions provide a dynamic digital core for the real-time business of today—where time
and data are the new currency and business continuity is expected.

What is a digital core?


A digital core is the result of converging core transactions and analytics in today’s digital economy.
The digital core components are:
•A set of critical business processes, for example, ERP for a Manufacturer or a Billing process for
a Telecommunications company
•A collection of key data, for example, customer purchasing history for a retailer or credit card
payments history for a bank
•A group of applications as services, for example, a Customer Relationship Management as a
service to all the relevant users in the value chain
The main use cases for mission-critical solutions are:
•Modernize Business Processing is about helping customers who are running critical business
processing workloads in older, proprietary infrastructures move to modern, open systems that are
specifically designed to provide the highest levels of uptime. These include Oracle, SAP, SQL
Server stacks, as well as other processing applications such as core banking, ERP, telco billing and
others. The platforms aligned with this use case are our flagship mission-critical x86 servers,
Superdome X, and NonStop X, as well as the new eight-socket platform the MC990 X. This is
aligned to the Transform to hybrid infrastructure transformation area (TA).
•Achieve business continuity for vital apps is about protecting those workloads that have zero
tolerance for downtime, for example, payment applications, telco network workloads, critical
healthcare applications that literally deal with life and death situations, and others. Our platforms
aligned with this use case are the traditional lines of UNIX servers and NonStop servers based on
Itanium. We continue to innovate to serve the needs of our large installed base that depends on these
platforms for their most vital processes. This is aligned to Protect digital enterprise TA.
•Empower real-time analytics is all about helping customers to turn all of their data into insight
so they can make actionable decisions in real-time. Here, we are talking about SAP HANA, SQL
Server (especially the upcoming SQL Server 2016 version), and other in-memory database
deployments. We also have Superdome X as the main platform aligned with this area, as well as
the MC990 X, our new eight-socket server. This is aligned to Empower the data-driven
organization.
HPE sells solutions not just products, so the lineup of systems is complemented with scalable and resilient
storage and networking, a range of proven and extensive Pointnext services, a set of committed and broad
partnerships with leading software providers such as SAP and Microsoft, as well as partnerships with
consulting firms and others that augment the value of the total solution.
HPC

Figure 1-24 Deliver automated intelligence, real-time insights, and optimized performance

As shown in Figure 1-24, the HPE HPC portfolio, optimized for extreme performance, scale, and
efficiency includes:
•HPE Apollo 2000
•HPE Apollo 6000
•HPE Apollo 6500
•SGI 8600
•HPE Apollo 4520
Recommended use cases include:
•Simulation and modeling for science, research, and business
•Analysis of high volume machine data
•Managing unstructured data, images, audio, and video
•Back up, archive, and recovery to manage risk and compliance

Selecting an HPE server platform


Figure 1-25 Questions to consider when selecting an HPE server

When working with customers to understand their business needs, many questions need to be answered
before the most appropriate solution can be proposed. Figure 1-25 provides a high-level mapping of
customer business need to server platform, and can serve as a starting point for further discussion.

HPE server market share


Hewlett Packard Enterprise is the industry-leading hybrid IT provider with many achievements in the
following areas:
•Cloud
–#1 (tied) total worldwide cloud infrastructure revenue
Source: Synergy Research Group, Cloud Infrastructure Market Share, 1Q17
•Servers
–#1 worldwide total server revenue
–15 straight quarters of leadership—WW total server revenue
–84 straight quarters of leadership—WW x86 server revenue
–ProLiant DL380 #1—server by unit volume
Source: IDC Worldwide Quarterly Server Tracker 1Q17, June 2017. Market share on a global
level for HPE includes New H3C Group.
•HPC
–#1 HPC server revenue
Source: Hyperion Research Worldwide High-Performance Technical Server QView for 1Q17
June 2017
–#1 TOP500 server count by vendor
Source: TOP500 List of Supercomputer sites, June 2017
•Storage
–#2 worldwide total enterprise storage systems market
–#1 worldwide internal storage
–#3 worldwide external storage
–3PAR StoreServ #1 (tied)—storage product brand by revenue
Source: Worldwide Quarterly Enterprise Storage Systems Tracker 1Q17, June 2017. Market
share on a global level for HPE includes New H3C Group.
•Converged
–#2 worldwide integrated platforms revenue
–#3 worldwide integrated infrastructure + certified reference systems revenue
–#3 worldwide hyper-converged infrastructure revenue
Source: IDC Worldwide Quarterly Converged Systems Tracker 1Q 2017. June 2017,
SimpliVity is included
•Networking
–#2 worldwide enterprise WLAN
–#2 worldwide campus switching
Source: Dell’Oro 1Q17, June 2017

Learning check
9.Name at least three products suitable for mission- and business-critical environments.

HPE Pointnext
HPE believes that the challenges of today call for a new approach to services. HPE is uniquely positioned
with the expertise to help customers address these challenges of today and tomorrow.
Therefore, HPE has built a services organization, HPE Pointnext, for the future to help customers optimize
and build the ideal technology, partner, and operational foundations needed to accelerate the digital
journey of their enterprise.
Building on the HPE heritage of services leadership, HPE Pointnext services help customers to:
•Build for speed to help accelerate innovation and time to value.
–HPE’s scalable approach is designed to deliver faster time to value for customers, focusing on
helping them build solid foundations in technology, process, and people to enable them to learn
quickly and continuously improve.
–In the new compute era, HPE offers IT consulting services and support to architect, deploy,
and optimize an enterprise’s technology assets. The HPE expertise in the new generation of
technology enables IT organizations to remain relevant. With specialized departments in critical
aspects of IT—such as hybrid infrastructure, data science, information security, and hyper-
connected architectures—HPE Pointnext can enhance business outcomes and maximize returns
on technology investments.
–Customers have many options when determining the right way for IT to support business
requirements. HPE Pointnext supports customers as they transform existing IT systems. After
a plan has been designed, the next step is to integrate new technology into existing processes
without losing momentum or interrupting business. HPE implementation and deployment teams
execute the plans and help customers get started quickly. This includes education services where
needed to refresh technical skills and to help systems administrators learn new ways to do
things.
–After the new infrastructure is in place, it must meet changing needs and increasing demands.
As the rate of change accelerates, IT staff should focus on simplifying operations and providing
a stable, well-performing IT infrastructure. HPE Services connects the customer’s IT systems
to HPE support technology to automate and streamline the process of making changes. These
services provide assistance with identifying, diagnosing, and resolving problems. The HPE
support portfolio also enables customers to prevent problems, receive enhanced access to
technical resources, and reduce risk to the business.
–These steps typically are on a continuous cycle to manage an ever-changing environment. HPE
Pointnext provides innovative ways to consume compute capacity and ensure that business
needs are met, giving customers more choice, options, and flexibility.
•Curate and aggregate a best-in-class partner ecosystem to deliver the best solutions.
HPE Pointnext finds which technologies and partners can best solve unique problem and how to
bring them together—to speed adoption of emerging technologies and to scale with the current
environment, without creating new complexities and risk.
•Remove complexity across the IT lifecycle.
HPE Pointnext goes beyond the technology problem of digital transformation and addresses other
aspects across culture, measurement, skills, change management as well as new approaches to
funding and IT consumption options.
•Optimize infrastructure for current and new generations of apps and data.
HPE Pointnext establishes the right mix of optimized infrastructure solutions, edge to core, for
current and future apps and data with advisory and design services, from implementation through
daily support.

HPE Pointnext: Portfolio


Figure 1-26 HPE Pointnext: Services portfolio

As part of the HPE Pointnext portfolio, there are three types of services across the different stages of your
customer’s transformation journey, as shown in Figure 1-26: Advisory & Transformation, Professional,
and Operational.

Advisory & Transformation Services


HPE Advisory & Transformation Services group is at the forefront, where HPE focuses on your
customer’s business outcomes and goals. HPE designs their transformation and builds a roadmap tuned
to their unique challenges to help them digitize the core, innovate offerings, and drive better experiences
for their customers.

Professional Services
HPE Professional Services team specializes in flawless and on-time implementation, on-budget execution,
and creative configurations that get the most out of software and hardware alike.

Operational Services
HPE Operational Services team understands that success means being accountable for the whole solution,
accountable across your customer’s ecosystem, and accountable across their old and new infrastructure
and apps.

Advisory & Transformation Services


Figure 1-27 Accelerating what’s next for your enterprise

As shown in Figure 1-27, Advisory & Transformation Services group focuses on three key practices:
Hybrid IT, Big Data, and Intelligent Edge.
•Hybrid IT practice defines the right-mix strategy and roadmap for hybrid-IT delivery, covering
hybrid-IT platform, hybrid-IT operations, and hybrid-IT brokering. We hear again and again the
need to harness the right mix of hybrid—including dedicated, workload-optimized solutions as well
as building foundations to develop and deliver a new generation of apps and workloads and
managing the complexity of multiple clouds. We bring the benefit of our substantial expertise,
purpose-built IP, and deep technical knowledge to your customer’s hybrid IT digital transformation.
A key growth area within our hybrid IT practice addresses new challenges for DevOps and AppDev.
Our hybrid IT applications modernization practice focuses on cutting-edge transformations to
modernize application infrastructures and development through application migration, cloud-native
development, and DevOps/agile development. In every industry, today, customers face a significant
challenge to rapidly support the modernization, migration, and development of modern-day apps
and AppDev methodologies, truly transforming the apps of today and tomorrow.
•Big Data practice works to monetize the value of data through Big Data framework data
management and actionable analytics. We see an increasing need to build optimized platforms for
the most demanding data and analytics, to drive real-time decision making, and accelerate predictive
insights.
•Intelligent Edge practice helps build out the Intelligent Edge to enhance user experiences, drive
business value from mobility and IoT, and transform workspaces through intelligent spaces and
intelligent venues. Compute at the edge is exploding today, and we increasingly hear from our
customers the desire to capture opportunities they see around harnessing the data, connectivity, and
real-time engaging going on at the edge.
Finally, the need for security and risk mitigation is integrated into each of these practices and applied to
IT, data, apps, and the mobile edge network. Protection will be built in and interwoven as part of the
solution to each use case.

Professional Services
Figure 1-28 Converting ideas into reality at the speed of business

As shown in Figure 1-28, Professional Services team specializes in flawless and on-time implementation,
on-budget execution, and creative configurations that get the most out of software and hardware alike.
Since we are top-stack agnostic, we work with your customer’s preferred technologies, and they get the
right solution for their needs, and not a one-size-fits-all model. We bring the IP and experience of
thousands of implementations and deployments around the global to de-risk their transformation and get
it done on time, on budget, and on target.
Professional Services takes a strategic plan and functional design and moves it into production, with a
focus on hybrid IT and Intelligent Edge, through a series of tactical transitions, the developed roadmap,
functional requirements, and functional design. HPE works in tandem with your customer’s teams from
technical design to implementation, build to migration, distribution, and finally to operational consulting
and service.
HPE Pointnext provides a wide range of professional services from deployment to implementation and
on-going education.

Operational Services
Digital transformation is not an event in time but rather a continuous evolution and adaptation for any
global organization. IT needs to adapt continuously to remain relevant in a changing market and defining
the best way to enable business to deliver its products, services, and solutions to its customers.
HPE’s Operational Services team understands that success means being accountable for the whole
solution, accountable across your ecosystem, and accountable across your customer’s old and new
infrastructure and apps.
HPE has redefined the concept of “operational efficiency.” We aim to create new IT experiences for your
customer’s business, from the core to the edge. Our innovative services, such as Flexible Capacity,
Datacenter Care, and Campus Care, offer new ways of delivering IT by managing and optimizing
workloads, resources, and capacity—on-premises and in the cloud—to simplify the experience and offer
choice in where to land their workloads and what to self-manage or out-task. Your customer’s benefit by
being able to move to consumption-based IT model, leveraging an agile, developer-centric architecture,
and making IT easier to free up resources.
We have thousands of operational experts working closely with customers on a daily basis to make sure
they get the most out of their digital transformation, as well as support services specialists to keep their
business operating at peak performance.

HPE Flexible Capacity


One of key Operational Services is HPE Flexible Capacity. Continuous innovation, as well as market
disruptions, are redefining the ways that businesses design their IT strategies to respond to and support
change. Rapid time to market is a competitive necessity, and organizations are under constant pressure to
respond to those influences and innovate quickly.
HPE has led the way to simplify the end-to-end lifecycle with break-through financial services and IT
consumption services such as Flexible Capacity. It gives organizations the ability to change at the speed
of business with just the right mix of traditional and cloud-based IT to deliver all of your customer’s
workloads. Critical workloads remain on-premise for control while the public cloud can be leveraged for
added capacity, flexibility, and economies when appropriate.
As a result, you have the flexibility to handle fluctuations in demand and changing market conditions.

Hewlett Packard Enterprise


This is who we are and why HPE exists—to enable enterprises to accelerate innovation and time to value
with the new apps and data, as well as to help your customers optimize their current environments by:
•Making Hybrid IT simple—To power your right mix to accelerate innovations for your unique
enterprise
•Powering the Intelligent Edge—To create the next generation of digital experiences and services
•Providing the expertise to make it happen—To advise, integrate, and accelerate the outcomes for
your customer’s enterprise

Activity: Unboxing Your Next with HPE Pointnext


Watch the overview of HPE Pointnext and answer following questions:
1.From which countries are IT experts available providing HPE Pointnext services?

2.On how many projects were HPE Pointnext IT experts collaborating?

3.What is the benefit of advisory services?


Note
To watch the “Unboxing Your Next with HPE Pointnext” video, go to:
https://www.youtube.com/watch?v=wx2kYqclqUI

Learning check
10.List all three types of HPE Pointnext services.

11.Write a summary of the key concepts presented in this chapter.

Summary
•HPE is the #1 data center infrastructure vendor.
•An HPE Composable Infrastructure is designed around fluid resource pools, software-defined
intelligence, and a unified API.
•ProLiant Gen10 servers are answering key customer requirements for security, productivity,
velocity, efficiency, flexibility, and simplicity.
•The HPE Transformation Solutions strategy is designed to help customers harness the right mix of
hybrid IT to accelerate service delivery, build next-generation data foundations to accelerate time
to insight, and power a new generation of digital experiences to create business value.
•HPE continues to lead the worldwide server market by revenue.
•HPE offers the HPE Pointnext, service organization, offering Advisory & Transformation
Services, Professional Services, and Operational Services.
2 Security: Why Customers Should Pay
Attention
LEARNING OBJECTIVES
After completing this chapter, you should be able to:
✓Describe security risks.
✓Discuss Gen10 high-level security strategy.
✓Describe Gen10 security features.
✓Explain the iLO (integrated Lights-Out) role in HPE ProLiant server security.

Prelearning check
1.You are attending a meeting with a banking customer to discuss their future data center
modernization plans. They have been alarmed by reports of firmware-level security breaches, and
they tell you that such an event in their infrastructure would cost them millions of dollars in fines.
They tell you that they require Federal Information Processing Standard (FIPS)-level security or
higher, and ask you if HPE servers can deliver this level of security. They also ask what HPE offers
in the Gen10 platform for protecting against firmware-level attack. How should you respond?

Understanding security risks


Figure 2-1 Cyber attacks are becoming more sophisticated

As IT architecture evolves to public cloud and hybrid cloud-based infrastructures, it not only brings many
benefits around developer agility and economics but also creates new challenges for protecting critical
data in the cloud. Not long ago, organizations deployed security strategies focused on blocking and
securing the perimeter, locking down users, access, and data. In a hybrid world, the perimeter has
dissolved. Users are interacting with data and applications in the cloud, on mobile devices, and within the
network.
To protect the digital enterprise, interactions between business-critical digital assets must be protected,
along with securing the free-flow of information throughout the enterprise across customers, employees,
partners, and suppliers.

Cyber attacks are becoming more sophisticated


Cybercriminals are not standing still; they are always inventing new levels of sophistication that place any
data center under constant threat.
As shown in Figure 2-1, attacks can take a number of forms.
•Distributed denial of service (DDoS)
•DoS
•Permanent DoS (PDoS)
•Data or information theft
•Application-level attacks
Firmware security risks must be part of your risk assessment, according to the National Institute of
Standards and Technology (NIST): “as cyber attacks become more sophisticated, the potential for BIOS
or other firmware attacks is growing.”
Note
References for Figure 2-1:
1) Gemalto Research, The 2016 Global Cloud Data Security Study, 2016.
http://www2.gemalto.com/cloud-security-research/
2) Mandiant M-Trends, Trends from the Year’s Breaches and Cyber Attacks, 2016.
https://www.fireeye.com/current-threats/annual-threat-report/mtrends.html
3) National Institute of Standards and Technology (NIST) Special Publication 800-147b,
created October 29, 2014, Updated February 19, 2017.
http://csrc.nist.gov/publications/drafts/800-147b/draft-sp800-147b_july2012.pdf
4) Ponemon, 2016 Cost of Cyber Crime Study & the Risk of Business Innovation, 2016.
http://www.ponemon.org/library/2016-cost-of-cyber-crime-study-the-risk-of-business-
innovation

Do not be in the headlines!

Figure 2-2 Security breaches in the headlines

Security breaches make headlines almost daily, as shown in Figure 2-2. This makes security a top-of-
mind worry for businesses of every size. Concerns used to center on protecting data and apps. Those
concerns remain, but there is now the recognition that interactions, no matter where they happen, have to
be protected as well.
John Hinshaw, chief customer officer at HPE says, “Every single day we see thousands of customers and
where they’re vulnerable. We pull that knowledge to help you find where you’re vulnerable…to help you
remediate your vulnerabilities.”
Note
Review an example of a security breach:
https://www.usatoday.com/story/tech/news/2017/10/03/equifax-ex-ceo-faces-questions-
why-its-internal-controls-failed/725756001/

Happening more often than you might think


Attacks are happening all around the globe. Every 24 hours, over 700 million attacks are conducted against
IT infrastructures, hundreds of thousands of attacks in every major city. The amount of attacks is
increasing exponentially, in both severity and destructiveness, it is cyber warfare. Everyone is a target
today.

Cyber security
There are several types of cyber crime, some examples include:
•DDoS—Flooding the network with queries, resulting in a DoS to legitimate users, is DDoS, as
exemplified by the October 2016 Myra Virus. In that case, the Myra virus converted hundreds of
intelligent devices like cell phones, to iBOTs. This, in-turn, pinged the domain name server with an
overwhelming number of queries, thus flooding the network and servers, making them inaccessible
to legitimate users. Although in this case, services like Twitter were off-line for hours, this was not
a permanent issue. All services were restored in approximately four hours.
•DoS—Conversely, DoS typically occurs in the server by attacking the firmware. Compromised
firmware code can be inserted in the server, rendering it unusable to legitimate users for an extended
period of time. A good example of DoS was the Stuxnet virus that let the compute process continue
but in an altered state. The result was uranium centrifuges spinning several times faster than they
should, exploding from the pressure, but continuing to report to the user administrators that the
systems were operating within normal tolerances.
•PDoS—There is also PDoS, also called bricking a server, that completely disables the server. In
this case, malware or compromised code is inserted in the server firmware, rendering it completely
useless—more commonly referred to as a brick. Examples of PDoS attacks are botnet BrickerBot
and BrickerBot 2.
•Data theft—Data theft, or information theft, is the final category of security breaches. This was
exemplified by Target and Equifax, which had thousands of account data stolen. Data or
information theft is generally the most publicized and gets the most visibility.

Learning check
1.Name three typical types of cyber crime.

Gen10 servers—Addressing security concerns


Figure 2-3 Staying one step ahead of increasingly sophisticated attacks

While the job of CIO (Chief Information Officer) has always been split between introducing new
technologies to improve the business while keeping it all running and secure at the right cost, never before
have we seen such tension between the desire for organizations to seamlessly as possible reinvent
themselves digitally while maintaining strict business continuity with the highest degrees of security
against threats, both within and without.
Worries about cybersecurity, including a potentially career-ending public hack, have become a top
concern to the extent that some IT management surveys put it at the very top of the spending list. Security
is pulling focus away from other digital priorities, with not much to show for in terms of new value
creation, making today’s relatively flat IT budgets an even greater challenge. CIOs are seeking creative
ways to manage security and looking for IT security breakthroughs to help them spend more time leading
other top-level priorities.
Hewlett Packard Enterprise is resolute to stay one step ahead, as shown in Figure 2-3. Products are
engineered based on the belief that infrastructure should be the strongest defense, armed with the latest
innovations to prevent, detect, and recover from security attacks. Just as customers expect and deserve
high-quality and reliable products, HPE also believes customers should expect the most secure
infrastructure in the industry—which is why security is embedded into all products. Poor quality and
reliability can slow down business, and security vulnerabilities can harm your customer’s business and
their brand.
HPE view the supply chain as an essential element of cybersecurity because of the possibility that products
could be compromised at their source. HPE reduces the risk of exposing the supply chain to threats such
as counterfeit materials, malicious software embedded in products, and other untrustworthy components
by vetting component vendors and sourcing from Trade Agreements Act (TAA) designated countries.
Because of the unique and privileged position within the IT infrastructure, HPE chooses to reduce security
concerns and threats to Basic Input/Output System (BIOS) firmware by developing BIOS firmware and
ASICs (Application-Specific Integrated Circuits) in-house.

New protection for the entire digital enterprise


Figure 2-4 Minimizing the impacts of all forms of risk begins at the infrastructure level

As shown in Figure 2-4, HPE provides various technologies, products, and solutions to protect the entire
digital enterprise.
•HPE Secure Compute: The World’s Most Secure Industry-Standard Servers
–Silicon Root of Trust to remove vulnerabilities that expose infrastructure firmware to
malicious attacks
–Runtime firmware verification to monitor for attacks and generate audit logs for security
information and event management (SIEM) software
–Quickly restore firmware and OS to the factory settings or the last known authenticated safe
setting
–Commercial National Security Algorithm (CNSA) certified suite of algorithms for operations
up to and including Top Secret
–HPE NIST 800-53 Certification is the most secure private cloud stack
–HPE ProLiant Gen10 servers, HPE 3PAR storage, Arista networking, Microsoft, and RedHat
operating systems
–Endorsed by the US Department of Defense, Intelligence Community, and Civil agencies
–The most broad-based and comprehensive set of safeguards and countermeasures ever
developed for information systems
•Ensuring end-to-end data integrity HPE 3PAR and StoreOnce
–Automated data integrity verification from servers through to storage, this is a critical data
integrity feature as more data is consolidated onto larger Solid State Drives (SSDs) and more
workloads are consolidated into less physical infrastructure
–Uncompromising application availability and business continuity with non-disruptive
movement of storage volumes between storage arrays, seamlessly coordinated across servers
and host operating systems
–Protecting and recovering application data at the speed of flash with the end-to-end availability
and backup that flash-enabled applications demand via seamless, application-managed
snapshots, and data movement from primary to secondary storage
•Improved network security Arista EOS, CloudVision, and DANZ Platform
–Since the network is the primary medium that bridges the physical, virtual, and cloud
environments, network traffic is becoming increasingly important for its role in providing the
window to the enterprise for malware and threats. Many security vendors are doing just this, by
analyzing network traffic for threats, anomalies, and lateral movement of malware. However,
no matter how sophisticated these security solutions become, they are only as good as the
network traffic they see.
–Security monitoring and network traffic analysis without band monitoring of any cloud
workflow to cost-effectively scan for vulnerabilities while watching for signs of attack at up to
100 Gbps per link
–Seamless and consolidated view of the entire network infrastructure providing the foundation
for automating the integration of next-generation firewalls, security monitoring tools, and
application delivery controllers
–Automated insertion of security services for both physical and virtualized workloads anywhere
on the network with leading ecosystem of service and security partners including Check Point
Software, F5 Networks, Fortinet, and Palo Alto Networks
HPE ProLiant Gen10 servers are considered “The World’s Most Secure Industry-Standard Servers,” based
on external firm, CTO InfusionPoints, conducting cyber security penetration testing on the HPE ProLiant
DL380 Gen10 vs. competitors currently shipping products, May 2017 (requires iLO 5 and HPE ProLiant
DL, ML Gen10 server, or HPE Apollo Gen10 servers.
Jason Shropshire, CTO InfusionPoints, says, “Innovation in the server hardware industry has traditionally
prioritized functionality and accessibility of platform management features with a limited focus on
security. Hardware and platform firmware have been an accepted area of weakness, relying on external
physical and logical countermeasures to provide security. As advances have been made in application and
operating system security, attackers have been increasingly focused on hardware and platform firmware
weaknesses as viable attack vectors to gain long-term persistent access. 
Seeking to address these threats head-on, HPE engaged InfusionPoints to conduct an independent,
comparative assessment of the security of the Gen10 server line hardware and platform firmware against
HPE’s industry competitors. Our team conducted time-boxed testing included attacks against physical
interfaces, platform firmware, and network interfaces. Initial test results show that the HPE Gen10 server
takes a significant step ahead of its competitors.
HPE’s commitment to innovation and ongoing testing will serve to continuously improve platform
security and maintain its lead position. Specifically, we believe that HPE’s introduction of Silicon Root
of Trust will set a new standard in providing auditable control of the integrity of platform firmware. HPE’s
overall forward-leaning security culture touches all phases of the Gen10 platform lifecycle including
design, implementation, and maintenance.”

A new experience in server security and protection


Figure 2-5 Introducing the World’s Most Secure Industry-Standard Servers

As a result of new HPE innovations, HPE has introduced “The World’s Most Secure Industry-Standard
Servers.” The Silicon Root of Trust starts protecting HPE servers early in the production process and all
the way through the product lifecycle, which has been branded the HPE Secure Compute Lifecycle.

Silicon to supply chain


As shown in Figure 2-5, our customers want HPE to deliver an end-to-end security solution, starting at
the very inception of the product with our Silicon Root of Trust. HPE is in a very unique position here
because we develop our own custom iLO 5 chipset in the fabrication facility, even before the server goes
into production. We tie the server essential firmware (iLO 5, Unified Extensible Firmware Interface
[UEFI], Complex Programmable Logic Device [CPLD], IE [Innovation Engine], and ME [Management
Engine]) into our custom silicon with an unbreakable link, which anchors our firmware into concrete.
That immutable connection between the silicon and firmware protects the server through the production
process, through our supply chain shipping and distribution, right to the customer’s final location. From
factory to floor, HPE provides protection.
After the server arrives safely to our customer’s location, we continue with our HPE Secure Compute
Lifecycle, by providing not only protection during operation, but also unparalleled detection and recovery
capabilities. From boot to business, our Silicon Root of Trust provides protection because as soon as the
server is booted and iLO firmware comes alive, it looks into the silicon for the immutable fingerprint that
verifies all the firmware code is valid and uncompromised. Over a million lines of firmware code run
before the operating system starts, making it essential to confirm that all server essential firmware is free
from malware or compromised code.

Ongoing operations
During operation of the server, HPE has a new technology that conducts run-time firmware validation that
checks the firmware stored in the server. At any point, if compromised code or malware is inserted in any
of the critical firmware, an iLO audit log alert is created to notify the customer that a compromise has
occurred.

Note
The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software
interface between an operating system and platform firmware. UEFI replaces the Basic
Input/Output System (BIOS) firmware interface. (Wikipedia.org, January 2018)
Note
A Complex Programmable Logic Device (CPLD) is a combination of a fully programmable
AND/OR array and a bank of macrocells. The AND/OR array is reprogrammable and can
perform a multitude of logic functions. Macrocells are functional blocks that perform
combinatorial or sequential logic, and also have the added flexibility for true or complement,
along with varied feedback paths. (Xilinx.com, January 2018)

Rogue employees
In the unlikely event of a breach into the HPE server firmware, after detection has been completed, the
customer may then securely recover the firmware automatically to a previous known good state. HPE
provides this function through a new HPE license called HPE iLO Advanced Premium Security Edition.
Although a breach is highly unlikely, there may be a case where customers have disgruntled employees
who get access to the data center and insert bad code.
This step in the lifecycle process provides security to and through the network. Aruba ClearPass creates
a strong networking security clearance protocol for clearing anyone requesting access to the network.
ClearPass creates a profile of potential users and clears access of users into our Aruba networks. Our
recently acquired company, Niara, will be responsible for monitoring activity of users inside the network.
After ClearPass vets and clears users into networks, Niara takes over, and using machine learning, works
to predict any nefarious behavior before any serious damage can be done. If Niara identifies abnormal
activity resembling potential malicious behavior, it communicates to ClearPass, temporarily terminating
the suspected user’s access to the network until more thorough vetting can be conducted. In the case of a
rogue employee, this predictive capability can block potential bad actors from the network, before any
damage is done.

A new experience in accelerating compliance

Figure 2-6 A new experience in accelerating compliance

Data flow
Following the lifecycle approach, the next step is protecting data and communication to and from the
server and inside the server. As shown in Figure 2-6, HPE is the first industry server manufacturer to
provide support for the CNSAs, or CNSA suite. This is the very highest level of security, typically used
for the most Top Secret and Confidential information. HPE also has FIPS validation on firmware and
offers that as another level of protection during the operation phase of the server’s life.
Scalable encryption is another differentiated offering from HPE that protects data stored in the server.
Unlike competitor servers, who use self-encrypting drives that require management of separate keys in
each and every drive, HPE offers secure encryption through our smart array controller cards that contain
all encryption cards and manage those at scale. Going one step further, the HPE Atalla Enterprise Secure
Key Manager (ESKM) is also qualified with our controller cards that takes key management to a higher
level. Through this technology, we are saving customers the agony of tracking an unmanageable number
of encryption keys—sometimes on spreadsheets.

Compliance planning
Closely related to security, are the numerous government regulations that customers must comply with.
To aid our customers, HPE applies the NIST 800-53 security controls to a solution stack of storage,
networking, servers, and software, creating a secure baseline. This secure baseline provides customers
with the comfort to issue an authority to operate (ATO) before putting an IT infrastructure into operation.

End of life
The final part of HPE Secure Compute Lifecycle comes after the servers and other equipment have
reached their full use and entered end of life. HPE Pointnext security and protection services provide final
disposal of customers’ equipment, ensuring the data is properly disposed of according to NIST standards.

HPE Secure Server options for Gen10

Figure 2-7 Memory, Network, and SSDs

As shown in Figures 2-7 and 2-8, the portfolio of HPE Secure Server options for Gen10 includes:
•Memory
–Genuine HPE memory ensures no counterfeits using authentication process and algorithms
•Network
–Certifying trusted and digitally signed firmware for initial configuration and update
–Ethernet 10/25G 2-port Adapter blocks installation of rogue or corrupted firmware with the
Hardware Root of Trust
•SSDs
–Protects against firmware attacks using digitally signed firmware
•Smart Array Controller
–Data-at-rest Encryption using HPE Smart Array Secure Encryption License
•Rack and power
–Three-factor ID authentication
–G2 Advanced and Enterprise Racks provide physical security with doors support electronic
and biometric locking solutions
•Server options
–Securely store platforms passwords, certificates, and encryption keys
–Intrusion Detection Kits prevent unauthorized access using tamper-resistant server
environment

Figure 2-8 Smart Array Controller, rack and power, server options

Gen10 Trusted Platform Module support


The Trusted Platform Module (TPM) is a hardware-based system security feature that can securely store
information, such as passwords, certificates, and encryption keys, which can be used to authenticate the
platform. You can also use a TPM to store platform measurements to make sure that the platform remains
trustworthy. TPM enables the firmware and operating system to take measurements of all phases of the
boot process. For information on installing and enabling the TPM module option, see the user
documentation for your server model.
Gen10 supports Embedded firmware-based TPM 2.0 and optional Discrete TPM Module configurable for
TPM 1.2 or TPM 2.0. TPM (1.2) works with Microsoft Windows BitLocker, which is a data protection
feature available in Microsoft Windows Server 2008 R2 SP1 and later operating systems. BitLocker helps
protect user data and helps ensure that a server running Windows Server has not been tampered with while
the system was offline.
HPE Gen10 and later hardware supports TPM 2.0 only with Windows Server 2016. To prevent possible
damage to the TPM or to the system board, the TPM cannot be removed from the board after it has been
installed.
Embedded firmware-based TPM 2.0 called Platform Trust Technology (PTT) is fully functional as TPM
2.0 but is not certified. Embedded firmware-based TPM does not support Command Response Buffer
(CRB) and supports FIFO (First-In, First-Out). Embedded TPM is disabled by default.
Optional Discrete TPM supports TPM 1.2 or TPM 2.0 mode and can be configured for FIPS mode. The
iLO Overview page displays the following TPM status information:
•Not Supported—A TPM or TM (Trusted Module) is not supported.
•Not Present—A TPM or TM is not installed.
•Present-Enabled—A TPM is installed and enabled.
If a TPM or TM module is present on the server, Module Type is added to the display. Module Type
displays one of the following statuses:
•TPM 1.2
•TPM 2.0
•TM 1.0
•TPM Module 2.0 (Intel PTT)
•Not Specified
•Not Supported

HPE iLO 5

Figure 2-9 iLO 5 chipset, supported on most Gen10 ProLiant, Apollo, and Synergy servers.

New features and benefits of the iLO 5 chipset, shown in Figure 2-9, target the following areas:
•Security—Raising our industry-leading bar even higher
•Firmware update technology—Update everything through iLO network
•Agentless management—Retiring OS-based agents
•RESTful everything—Redfish
•At Server Management—New innovation
•Performance—Everything faster
HPE iLO 5 includes the following security features:
•Unauthorized access prevention—Access through an iLO portal involves a multi-layer security
process that includes authentication, authorization, data integrity, and security keys. iLO firmware
is digitally signed with a private key that prohibits unauthorized code from executing.
•Phlashing protection—Phlashing is a PDoS attack. A PDoS attack could theoretically take
advantage of vulnerabilities during updates of network-based firmware. Rogue firmware installed
through a PDoS attack could lead to unauthorized server access or permanent hardware damage.
iLO offers following protections:
–Authorized firmware updates—iLO firmware images are digitally signed with a 4096-bit
private key. The boot block checks the digital signature every time iLO is reset. iLO checks the
digital signature before allowing a firmware update to proceed. Remote flashing requires login
authentication and authorization, including optional two-factor authentication.
–Unencrypted ports—iLO clearly defines the port encryption status. You can disable access to
any nonencrypted ports (such as Intelligent Platform Management Interface [IPMI]). Access to
iLO requires a password unless you decide to disable the password.
–Authentication and audit trails—iLO creates a log of authentication failures and successes
across every interface. Secure Shell (SSH)-key authentication makes successful brute force
attacks even less likely. For additional protection, iLO 5 uses 2048-bit DSA or Rivest–Shamir–
Adleman (RSA) keys.
–Unsuccessful login delays—iLO captures all login activity. It uses a progressive time delay
during unsuccessful login attempts to impede brute force and dictionary attacks.
–Restricted access and modification of critical security parameters—iLO logs many security
parameter changes such as user accounts, log changes, and certificates. This allows tracing
potential unauthorized information access attempts.
•Protected management ROM—There are two types of signature checking of the iLO firmware
image. There is the validation of a new image before it is programed into iLO’s flash device and
there is the integrity check of this image as iLO boots. The entire image is hashed with SHA512
and signed using HPE’s RSA 4096-bit private key. This signature block is prepended to the
firmware binary image. When performing a firmware update, the hash is decrypted by the currently
executing iLO firmware with HPE’s public key. This hash is compared with a hash of the entire
image. If they match, the firmware update is allowed to proceed, and the signature block is
discarded. At boot time, each piece has its signature validated before it is allowed to execute.
Subsequent pieces are checked by the previous ones until iLO is fully booted. If an image becomes
corrupt to the point that it will not boot, iLO automatically recovers from a backup image in the
system recovery set. Individual parts, such as the kernel, of the iLO firmware image are also signed.
These integrity signatures are not discarded during the flash process.
•Protected PCI bus—iLO shields keys and data stored in memory and firmware and does not allow
direct access to keys via the PCI bus.
•Host Access Configuration Lock—When the iLO 5 security state is set to HighSecurity or better,
iLO access from the host operating system prevents configuration changes with a Host Access
Configuration Lock. When using Remote Insight Board Command Language (RIBCL) or IPMI, the
system will respond with an insufficient privilege level error for commands while the lock is
enabled.

Note
For IPMI, any commands require a session login, and it is possible to set the maximum privilege
level that can be accepted when the lock is enabled.
•Network and management port control—iLO’s firewall and bridge logic prevent any connection
between the iLO management port and the server Ethernet port. Even by using the shared network
port (SNP), iLO cannot bridge traffic between its 10/100 Ethernet port and the server Ethernet port.
Therefore, attacks on the server network cannot compromise iLO and vice versa.
•Security Override switch—You can disable all of iLO’s security authorization checks by turning
on the Security Override switch. This gives you access to the following tasks:
–Reconfigure iLO through ROM-Based Setup (RBSU) even if RBSU is disabled.
–Log into iLO without credentials.

Important
The Security Override switch does not allow login to iLO without credentials when the iLO is
in HighSecurity mode or above.

•TPM and Trusted Modules—TPMs and Trusted Modules are computer chips that securely store
artifacts used to authenticate the platform.
•Compliant with Demilitarized Zone (DMZ) zones—An internet-connected architecture typically
has a more secure, DMZ. The DMZ zone lies between the corporate servers and the internet. It
usually has firewalls that restrict traffic flow between the corporate/internet areas. This architecture
lets you access servers that provide publicly available internet services through a firewall, but you
cannot access these services on the internal network.
This more secure zone provides an area isolated from the internal network and hardened against
external attack. The security challenges in the DMZ require a careful balance between critical
security requirements and the need to effectively manage and maintain the systems. Servers inside
the DMZ and on the internal network can use iLO processors. There is no possibility for data to
flow between the DMZ network and the iLO network because the network connection to iLO is
completely isolated from the network ports on the server. Even if the DMZ network were
compromised, the iLO network would remain secure. This lets you use iLO on servers located in
the DMZ or in the internal network without compromising sensitive data. Administrators create this
separation by using a dedicated network interface card (NIC) or the SNP with its VLAN.
•Secure communication between iLO and server blades—The HPE BladeSystem architecture uses
a single enclosure to hold multiple servers. A separate power subsystem provides power to all
servers in that enclosure. ProLiant c-Class server blades and Synergy systems use iLO to send alerts
and management information throughout the server blade infrastructure. There is a strict
communication hierarchy among server or system components.
The Onboard Administrator (OA) management module (or FLM, Frame Link Module for Synergy)
communicates with the iLO processor on each server blade or Synergy system. The OA module or
FLM provides independent IP addresses. The iLO device also maintains an independent IP address.
The iLO firmware exclusively controls any communication from iLO to the OA module or FLM.
There is no connection from the iLO processor or OA module/FLM to the server NICs. The iLO
processor only has information about the presence of other server blades/systems in the
infrastructure and whether enough amperage is available from the power subsystem to boot. A
single, physical port on the rear of the enclosure provides access to the iLO network connections
on the server blade or Synergy system. This simplifies and reduces cabling.
•Extensive logging to enable efficient security audits—A company’s policy may mandate periodic
security audits. iLO maintains an event log containing date- and time-stamped information
pertaining to events that occurred in the iLO configuration and operation. You can manually access
this log through the System Status tab of the iLO browser interface. You can also use the HPE
RESTful API and RESTful commands to set up an automated examination and extraction process
that parses the event log by date/time and by authenticated user for accessing information about
security events.

HPE NIST 800-53 Infrastructure

Figure 2-10 HPE NIST penetration testing and security controls can be mapped to customer’s
requirements

Closely related to security are the numerous government regulations with which customers must comply.
To aid our customers, HPE applies the NIST 800-53 security controls to a solution stack of storage,
networking, servers, and software creating a secure baseline. This secure baseline provides customers
with the comfort to issue an ATO before putting IT infrastructure into operation. Additionally, this NIST
800-53 control set will assist customers with certifications like FedRAMP, HIPAA, and ISO 207001, as
shown in Figure 2-10. In May 2017, the President of the United States issued an executive order mandating
all federal agencies follow NIST guidelines for cybersecurity protections. The private sector is also
beginning to use the same NIST controls as standards when preventing cyber crime.
Security technologies and procedures are a major focus of Gen10

Figure 2-11 Gen10 server lifecycle

Security technologies and procedures are a major focus of Gen10. As shown in Figure 2-11, the whole
server lifecycle is affected.
•Deploy
–Connectivity and login procedures
–Server booting
•Operate
–Data encryption
–Secure dispose
•Maintain
–Updates
–Digital signatures and verification

Learning check
2.HPE ProLiant Gen10 servers support Embedded firmware-based TPM 2.0.
True
False
Security: Login to iLO

Figure 2-12 HPE Secure Compute Lifecycle: Security mode in iLO 5

The capabilities of HPE iLO Standard that comes with every ProLiant Gen10 server gives customers the
ability to configure your server in one of three security states. With the iLO Advanced Premium Security
Edition license, customers that need the highest-level encryption capabilities of CNSA have a fourth
security state available to them.
As shown in Figure 2-12, as you move up the scale in security, the server enforces stronger encryption
rules for web pages, SSH, and network communications. Note that both ends of each network connection
must support the encryption rules, or they cannot communicate, and some interfaces are shut down to
limit potential security threats.
The security states include:
•Production
•HighSecurity
•FIPS
•SuiteB/CNSA
iLO has historically had full FIPS validation (iLO3, iLO4).
•FIPS-approved ciphers
•Security officer documented procedures
•No back-door accounts
•Interfaces that do not meet FIPS requirements are disabled
•Audit of supply chain security
•Audit of iLO source code physical security
•Audit of iLO source code digital security

Note
To access more information about NIST Cryptographic Module Validation Program, go to:
https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program
Changing the security mode

Figure 2-13 iLO 5 security settings screen

The security settings screen shown in Figure 2-13 allows you to change the security state. iLO 5 supports
the following security states:
•Production (default)—When set to this security state:
–iLO uses the factory default encryption settings.
–The system maintenance switch setting to bypass iLO security (sometimes called the iLO
Security Override switch) disables the password requirement for logging in to iLO.
•HighSecurity—When iLO is set to this security state:
–iLO enforces the use of AES (Advanced Encryption Standard) ciphers over the secure
channels, including secure HTTP transmissions through the browser, SSH port, iLO RESTful
API, and RIBCL. When HighSecurity is enabled, you must use a supported cipher to connect
to iLO through these secure channels. This security state does not affect communications and
connections over less-secure channels.
–Username and password restrictions for iLO RESTful API and RIBCL commands executed
from the host system are enforced when iLO is configured to use this security state.
–Remote Console data uses AES-128 bidirectional encryption.
–The HPQLOCFG utility negotiates an SSL (Secure Socket Layer) connection to iLO and then
uses the strongest available cipher to send RIBCL scripts to iLO over the network.
–You cannot use Smart Update Manager (SUM) to directly install iLO Secure Flash
components, TPM components, or NVDIMM (Non-Volatile Dual In-line Memory Module)
components. To install these component types, use SUM to add files or install sets to the iLO
installation queue, or install each update individually by using the iLO Firmware or Group
Firmware Update pages.
–You cannot connect to the server with network-based tools that do not support Transport Layer
Security (TLS) 1.2.
–The system maintenance switch setting to bypass iLO security (sometimes called the iLO
Security Override switch) does not disable the password requirement for logging in to iLO.
•FIPS—When iLO is set to this security state:
–iLO operates in a mode intended to comply with the requirements of FIPS 140-2 level 1. FIPS
is a set of computer security standards mandated for use by US government agencies and
contractors. The FIPS security state is not the same as FIPS validated. FIPS validated refers to
software that received validation by completing the Cryptographic Module Validation Program.
–iLO enforces the use of AES ciphers over the secure channels, including secure HTTP
transmissions through the browser, SSH port, iLO RESTful API, and RIBCL. When FIPS is
enabled, you must use a supported cipher to connect to iLO through these secure channels. This
security state does not affect communications and connections over less-secure channels.
–Username and password restrictions for iLO RESTful API and RIBCL commands executed
from the host system are enforced when iLO is configured to use this security state.
–Remote Console data uses AES-128 bidirectional encryption.
–The HPQLOCFG utility negotiates an SSL connection to iLO and then uses the strongest
available cipher to send RIBCL scripts to iLO over the network.
–You cannot use SUM to install iLO Secure Flash components, TPM components, or
NVDIMM components. Use the iLO Firmware or Group Firmware Update pages to install these
components.
–You cannot use SUM to directly install iLO Secure Flash components, TPM components, or
NVDIMM components. To install these component types, use SUM to add files or install sets
to the iLO installation queue, or install each update individually by using the iLO Firmware or
Group Firmware Update pages.
–You cannot connect to the server with network-based tools that do not support TLS 1.2.
–The system maintenance switch setting to bypass iLO security (sometimes called the iLO
Security Override switch) does not disable the password requirement for logging in to iLO.
•SuiteB—When set to this security state:
–iLO operates in a mode intended to comply with the SuiteB requirements defined by the NSA
(National Security Agency), and intended to secure systems used to hold US government Top
Secret classified data.
–You cannot use HPE SUM to directly install iLO Secure Flash components, TPM components,
or NVDIMM components. To install these component types, use SUM to add files or install
sets to the iLO installation queue, or install each update individually by using the iLO Firmware
or Group Firmware Update pages.
–You cannot connect to the server with network-based tools that do not support TLS 1.2.
–The system maintenance switch setting to bypass iLO security (sometimes called the iLO
Security Override switch) does not disable the password requirement for logging in to iLO.

Note
The SuiteB security state (also called CNSA mode) is available only when the FIPS security
state is enabled.

Other iLO security features


•Common Access Card (CAC)/Smartcard support
–Two-factor authentication
–Important government requirement
–Support Certificate Revocation List (CRL)
•Full control of all user interfaces
•OpenLDAP
Learning check
3.You are attending a meeting with a banking customer to discuss their future data center
modernization plans. They have been alarmed by reports of firmware-level security breaches, and
they tell you that such an event in their infrastructure would cost them millions of dollars in fines.
They tell you that they require FIPS-level security or higher, and ask you if HPE servers can deliver
this level of security. They also ask what HPE offers in the Gen10 platform for protecting against
firmware-level attack. How should you respond?
Secure start

Figure 2-14 iLO and BIOS team up for a secure start feature

With HPE Gen10 servers, HPE offers the first industry-standard servers to include a Silicon Root of Trust
built in to the hardware. The Silicon Root of Trust provides a series of trusted handshakes from the lowest
level firmware to BIOS and software to ensure a known good state, as shown in Figure 2-14. From this
Silicon Root of Trust-server design to specific networking and storage options, HPE has built-in security
features that help you prevent, detect, and recover from cyber attacks.
The iLO 5 chipset provides an unprecedented level of hardware security with its Silicon Root of Trust.
The Silicon Root of Trust:
•Is based on the silicon chip hardware itself
•Is virtually impossible to alter
•Enables firmware to be authenticated as far back as the supply chain
•Provides a secure startup process
The iLO 5 chipset acts as a Silicon Root of Trust and includes an encrypted hash embedded in silicon
hardware at the chip fabrication facility. This makes it virtually impossible to insert any malware, virus,
or compromised code that would corrupt the boot process. Rather than the iLO firmware checking the
integrity of the firmware every time it boots, the iLO 5 hardware determines whether to execute the iLO
firmware, based on whether it matches the encryption hash that is permanently stored in the iLO chipset
silicon. These improvements help ensure that, if iLO 5 is running, your server is trusted.
Option ROMs and OS Bootloader are not executed if they fail authentication.

UEFI Secure Boot


Secure Boot based on UEFI is a feature supported in ProLiant Gen9 and Gen10 servers in which the
system firmware, option card firmware, operating systems, and software collaborate to greatly enhance
platform security.
Secure Boot minimizes the legacy threat and provides software identity checking at every step of the boot
process, including platform firmware, option cards, and operating system boot loader. After the operating
system boot loader has run (securely), the responsibility for security is passed on to the operating system
itself—it is not within the scope of UEFI to cover operating system security.
Without UEFI Secure Boot, malware developers can take advantage of several potential vulnerabilities in
the preboot environment, including the system-embedded firmware itself, as well as the time between the
initialization of the firmware and the booting of the operating system. Malware introduced at this point
can provide an environment in which an operating system—no matter how secure—cannot run safely.
Secure Boot is completely implemented in the BIOS and does not require special hardware such as TPM,
although it can work with TPM if required.
Secure Boot ensures that each component launched during the boot process is digitally signed and that the
signature is validated against a set of trusted certificates embedded in the UEFI BIOS. It validates the
software identity of the following components in the boot process:
•UEFI drivers loaded from PCIe cards
•UEFI drivers loaded from mass storage devices
•Preboot UEFI shell applications
•Operating system UEFI boot loaders
Only firmware components and operating systems with boot loaders that have an appropriate digital
signature can execute during the boot process. Only operating systems that support Secure Boot and have
a UEFI boot loader signed with one of the authorized keys can boot when Secure Boot is enabled.
A physically present user can customize the certificates embedded in the UEFI BIOS by adding or
removing their own certificates. This can also be performed by remotely connecting to the server using
the iLO4 Remote Console.
The HPE RESTful API provides a secure, programmatic method to configure Secure Boot.

Note
All ProLiant Gen8 and later servers are fully compliant with the NIST 800-147B—BIOS
Protection Guidelines for Servers.
UEFI Secure Boot is industry standard and works with HPE and third-party cards and major operating
systems, such as Windows 8/Server 2012+, SLES 11SP3+, RHEL7+, Ubuntu 12.10+, Fedora 18+,
vSphere 6.5+, and more.

Secure Boot verification

Figure 2-15 Secure Boot verification

Figure 2-15 shows an overview of the signing and verification process. The creator of the driver or
program is required to create a signature and certificate, and embed it into the program image to produce
a digitally signed program. When these programs are loaded into the system during the boot process, the
system firmware checks the signed images and compares them to the certificates stored in the local
databases (these are loaded into the system during the manufacturing process).
If the certificate is found and not revoked, the image is executed. If the certificate is not found or has been
revoked, the image will not execute and the boot process comes to a halt.
HTTP/HTTPS Boot

Figure 2-16 HTTP/HTTPS Boot

HTTP/HTTPS Boot, shown in Figure 2-16, is a new standard driven by HPE and Intel to replace Preboot
Execution Environment (PXE). This feature refers to the use of HTTP boot over a TLS session. This type
of booting allows you to enter a specific HTTPS Uniform Resource Identifier (URI) from which to boot
a server. This gives an alternative, more secure alternative to PXE booting.
HTTP/HTTPS boot can be configured from System Configuration screen (under System Utilities).
•Addresses short-comings of PXE, such as security, Trivial File Transfer Protocol (TFTP) timeouts,
User Datagram Protocol (UDP) packet loss and high download time
•Works similar to PXE (uses Dynamic Host Configuration Protocol [DHCP] server) using HTTP
instead of TFTP
•TLS certificate management via RESTful API, UEFI Shell, and RBSU

Learning check
4.PXE is replacing older HTTP/HTTPS network booting standard.
True
False

Security: During normal operation


The whole server lifecycle is affected by new security technologies and procedures, including operating
the server. Security technologies related to operating the server include:
•Data encryption
•Secure recovery

Optional server intrusion detection


HPE ProLiant Gen10 servers can optionally add a system intrusion detection switch to the chassis access
cover. After installation, whenever the chassis access cover is physically opened or removed when server
is powered on or on auxiliary (AUX) power an event is recorded by iLO 5 firmware monitoring the sensors
in the iLO Integrated Management Log (IML). An alert is also sent to the BIOS whenever a chassis
intrusion is detected. The switch and the iLO reporting occur as long as the server is plugged in, regardless
of whether the server is powered on or off. You can enable or disable system intrusion detection in UEFI
settings.

Secure recovery
If a problem is detected for a supported firmware type, iLO checks for the affected firmware type in a
protected install set. By default, this set is the Recovery Set. If a firmware image is available, iLO flashes
that firmware image to complete the repair.
Both ROM and iLO have built-in redundancy. Factory-installed recovery set on non-volatile storage and
recovery administrator can setup new recovery set. iLO can automatically recover iLO (iLO Standard
feature) and iLO can automatically recover ROM (iLO Premium feature). iLO can also recover CPLD,
IE, ME.
Run-time firmware authentication is performed via background scans by iLO and results are accessible
via event logs, alerts, or web user interface. Run-time scan (verification) can also be initiated manually
by administrator.

iLO 5 runtime scan


In addition to checking the integrity of the firmware at boot time, iLO also has the ability to scan the
firmware on a daily, weekly, and monthly basis. You can decide if you want iLO to only log/report on
failed firmware scans or if you want iLO to automatically repair the firmware from the known good
Recovery Set.
HPE Smart Array Secure Encryption

Figure 2-17 Data is encrypted at the controller level including write cache

iLO 5 supports ESKM 3.1 and later, which can be used in conjunction with HPE Smart Array Secure
Encryption. ESKM 5.0 or later is required when the FIPS security state is enabled. ESKM is not supported
when the SuiteB security state is enabled.
HPE Smart Array Secure Encryption supports HPE Smart Array controllers, as shown in Figure 2-17, and
provides data-at-rest encryption for direct-attached HDD (Hard Disk Drive) or SSD storage connected to
Hewlett Packard Enterprise servers. It provides an integrated solution to encrypting HDD or SSD volumes
by using 256-bit XTS-AES (XEX-based tweaked-codebook mode with ciphertext stealing) algorithms.
XEX stands for “XOR Encrypt XOR”, where XOR stands for “Exclusive or” or “exclusive disjunction”.
ESKM generates, stores, serves, controls, and audits access to data encryption keys. It enables you to
protect and preserve access to business-critical, sensitive, data-at-rest encryption keys.
iLO manages the key exchange between the ESKM and the Smart Array controller. iLO uses a unique
user account based on its own MAC address for communicating with the ESKM. For the initial creation
of this account, iLO uses a deployment user account that pre-exists on the ESKM with administrator
privileges.
Local mode (without using ESKM) is also available. Feature is offered on HPE Gen8, Gen9, and Gen10
ProLiant servers, one license per server is needed.

Note
For more information about the deployment user account, see the HPE Smart Array Secure
Encryption installation and user guide. For information about HPE Smart Array Secure
Encryption and ESKM, see the HPE Smart Array Secure Encryption installation and user guide.
Secure decommissioning
Intelligent Provisioning provides secure erase functionality for the internal system storage and hard disks
following the guidelines outlined in DoD 5220.22-M. Secure erase overwrites all block devices attached
to the system through applying random patterns in a three-pass process. These block devices include hard
disks, storage systems attached to the server, as well as the internal storage used by iLO. Depending on
the amount of storage installed on a system, the secure erase process can take many hours or even days to
complete.

Note
The National Industrial Security Program, or NISP, is the nominal authority (in the United
States) for managing the needs of private industry to access classified information. A major
component of the NISP is the NISP Operating Manual, also called NISPOM, or DoD 5220.22-
M. The NISPOM establishes the standard procedures and requirements for all government
contractors, with regards to classified information. (Wikipedia.org, January 2018)

Access Intelligent Provisioning in one of two ways:


•Press F10 during the server POST (Power On Self Test).
•In iLO 5, click Intelligent Provisioning, and then click Always On.

Important
Secure Erase should be used with extreme caution and only when a system is being
decommissioned. The secure erase process resets iLO and deletes all licenses stored there,
resets BIOS settings in many cases, and deletes all Active Health System log (AHS) and
warranty data stored on the system. The secure erase process also deletes any deployment
settings profiles. iLO reboots multiple times after the process is complete.
Disconnect any FCoE (Fibre Channel over Ethernet), iSCSI (internet Small Computer Systems
Interface), external SAS (Serial Attached SCSI, Serial Small Computer Systems Interface), and
Fibre Channel storage before using secure erase, unless they should also be erased.

Options:
•Erase all hard drives.
•Wipe all hard drives with a data pattern.
•Secure erase of non-volatile storage.
–Requires iLO Advanced Secure License
–Takes up to 24 hours
•Clear Intelligent Provisioning preferences.

Learning check
5.Describe two modes of operation of Smart Array encryption.
Security: Maintain firmware health
HPE Gen10 ProLiant server firmware can be updated from:
•iLO web interface—Recommended for smaller updates, such as for a single system.
•Intelligent Provisioning—Ideal for initial firmware updates when provisioning new systems.
•SUM—Recommend for one-to-many updates, such as updating groups of servers in a data center.
HPE recommends the use of SUM for all firmware updates.
Updated firmware installation requires specific procedures, based on the firmware type, when you use the
HPE iLO 5 web interface to set a security state that is higher than production mode.
As shown in Figure 2-18, firmwares are digitally signed.
•Assures the firmware comes from a trusted source
•HDD, SSD, network cards, iLO, system BIOS, and so forth
HPE recommends that you update all firmware before raising the iLO security state. While the iLO 5
security state HighSecurity can be rolled back to Production state to facilitate embedded firmware updates
(other states require resetting iLO to defaults), firmware updates when iLO 5 security is set to a state
higher than Production or HighSecurity require some planning. The first step is separating single-system
updates (one to one) from multi-system updates (one to many).
•For single component updates, load the smart component files into the iLO 5 repository and apply
them using the tools available in the iLO 5 web interface.
•For one to many iLO updates, use a Service Pack for ProLiant (SPP) and SUM.

Note
The Service Pack for ProLiant (SPP) is a comprehensive systems software and firmware update
solution, which is delivered as a single ISO image. This solution uses SUM as the deployment
tool and is tested on all HPE ProLiant Gen9 and Gen10 servers as defined in the SPP Server
Support Guide found at www.hpe.com/servers/spp/documentation.

You cannot use iLO 5 to update operating system device drivers and other OS software when iLO 5 is set
to a higher security state than Production. While iLO 5 security states higher than Production do not block
OS updates, neither does it support them. All OS device driver and software updates must be done
separately from the tools available in iLO 5.
Note that CAC/Smartcard mode runs optionally in addition to other security modes. SUM does not support
local or remote OS driver and software updates when smartcard mode is enabled, regardless of the iLO 5
security state.
Figure 2-18 All firmware/software updates are signed using an HPE production key

Learning check
6.Why does HPE digitally sign firmware?

How to enable enhanced security in Gen10


HPE iLO is available at three license levels, each offering increasingly sophisticated capabilities.
•iLO Standard—The default no-cost license available for all installations of iLO includes industry-
standard security features. Servers are also protected by the new Hardware Root of Trust, standard
on all Gen10 servers that use iLO.
•iLO Advanced—This license offers advanced security features, with secure remote management.
Also includes directory integration, CAC support, and Kerberos authentication to a directory
service.
•iLO Advanced Premium Security Edition—This license includes high-security capabilities, such
as automatic firmware recovery, runtime firmware verification, and support for the CNSA suite.
The CNSA is a suite of algorithms defined by NIST and approved by the NSA.
iLO Advanced Premium Security Edition is ideal for prompt detection of security breaches required for
sensitive data or regulatory compliance and workloads where server uptime is essential. iLO with this
license allows secure redeployment of servers and uses Top Secret-level data encryption.
Key features:
•Based on HPE Silicon Root of Trust and built on the World’s Most Secure Industry-Standard
Servers
•Run-time firmware validation periodically checks your iLO and UEFI firmware for compromised
code
•Automatic firmware recovery in the unlikely event compromised code is detected
•Secure Erase of NAND to securely erase your NAND flash data
•CNSA mode for Top Secret-level encryption algorithms

Note
For more information, see the HPE iLO Licensing Guide at:
http://www.hpe.com/support/iLOLicenseGuide-en or visit:
http://www.hpe.com/servers/iloadvanced

Unmatched security

Figure 2-19 HPE Secure Compute summary

At this point, it is important to note that we have solid security in our Gen9 servers that meet the current
threats. However, as threats increase, HPE servers are increasing our security posture. We evolve our
security protection to meet new challenges in the world, and with Gen10, we will do more than our
competitors—putting HPE in a differentiated position. Figure 2-19 summarizes the HPE Secure Compute
strategy.
•Protect—By building it in. Organizations must stop treating security as an after-thought and ensure
that security is built into the very fabric of their business. Designing a resilient operating model
requires an integrated security architecture that spans users, infrastructure, data, applications, and
end-to-end processes. By understanding your risk posture and assessing and enhancing your cyber
capability maturity—in line with your business priorities—security risk and IT teams can safeguard
their operations and ensure they do not fall foul of compliance, data protection, and privacy
regulations. Every enterprise needs to become a digital enterprise and every digital enterprise needs
cyber resilience and must identify their business-critical information and assets and focus on
protecting them against known and unknown threats.
Hardware Root of Trust will be our key differentiator in Gen10. We currently have Silicon Root of
Trust, but unlike any competitor, HPE will be embedding the first encryption key in the iLO silicon
at the factory. By doing this, we ensure there is no opportunity to breach our firmware at any point
in development or during server operation.
CAC Two-Factor Authentication allows servers to read the DOD ID card that has a chip with the
individual personal password.
•Detect—To effectively respond to today’s advanced threats organizations must establish and
maintain the best possible preemptive protection capabilities. This not only requires monitoring
security operations 24 × 7 × 365, but proven success in hunting and shutting down threats before
they wreak havoc as well. The best security organizations today take advantage of integrated
powerful analytics tools to ensure rapid detection, like ArcSight, our industry-leading SIEM
solution, combined with Threat Central, our threat intelligence platform, together detect known and
unknown threats allowing teams to preempt the latest threats and respond instantly and effectively
at scale to mitigate identified risk.
Detecting compromised firmware is made possible through Hardware Root of Trust. Basically,
Hardware Root of Trust is the enabler of not only our detection capability but also our recovery
ability. Because crypto keys are embedded in the silicon at the factory, we have a very good
opportunity to notify customers if an attempt has been made to compromise either the firmware, the
UEFI, or to a lesser degree, the operating system.
The ArcSight team is building a unique connector to our iLO 5 firmware. This unique connector
will deliver up significantly more data and logs from iLO than our competitors can deliver. With a
huge volume of data logs, ArcSight will be better equipped to conduct scans and look for anomalies
that might be security breaches.
•Recover—If the worst happens, it is paramount you ensure business continuity which today
requires the constant availability of IT environments, critical systems, and applications in the event
of a natural disaster, cyber attack, or system failure. Organizations must be able to perform flawless
system recovery and restoration to ensure users, data, and applications experience minimum
downtime, no damage, or loss.
Recovering to authentic settings is a feature that is unique to HPE with our Gen10 ProLiant servers.
Based on Hardware Root of Trust, this technology verifies the crypto keys and code through the
boot process. If a compromise to the code is recognized, the recovery process is started.
Recovering the operating system is also a feature that is available in Gen10. For remote sites, this
enables a server to recover and restart, without have to dispatch a technician for a manual
restoration.

Lab exercise
Please open your lab guide and complete Lab 1 – Exploring iLO 5 security options.

Activity: Security threats and possible solutions: Alpha Centauri


Drones Company
•What are the possible security threats that can affect the Alpha Centauri Drones Company in the
future?
–Related to customer and partners interaction?
–Related to business?
–Related to security of drone operating?
–Any others?
•What are the possible solutions for these threats?

Learning check
7.iLO Advanced Premium Security Edition contains all the features of iLO Advanced.
True
False
8.Write a summary of the key concepts presented in this chapter.
Summary
•Security threats are increasing every year.
•HPE ProLiant Gen10 servers are addressing known and unknown security risks.
•Most internal components of HPE ProLiant Gen10 are tuned to bring higher level of security.
•iLO 5 is HPE’s key to Gen10 security.
3 HPE Converged Management: On System
WHAT IS IN THIS CHAPTER FOR YOU?
After completing this chapter, you should be able to:
✓Explain the HPE approach to converged management for the infrastructure lifecycle.
✓Name the on-system tools used to manage an HPE ProLiant system:
✓Unified Extensible Firmware Interface (UEFI)
✓iLO 5
✓RESTful API, HPE RESTful Interface Tool, and other HPE scripting tools
✓Intelligent Provisioning
✓Smart Storage Administrator
✓HPE Smart Update and Service Pack for ProLiant (SPP)
✓BladeSystem management

Prelearning check
1.What are the three benefits of using the UEFI compared to BIOS?

2.What are the three possibilities for connecting to iLO?

3.iLO Service Port can be disabled if needed.


True
False
4.Which tool can be used to modify the RAID level of an existing array?

5.You are at a customer briefing session and an infrastructure manager raises the question “We
require a scalable, highly available solution that we can manage easily and with no unplanned
downtime during firmware updates. We have struggled with this in the past and we need to know
if HPE Gen10 servers will cause us similar issues.” How should you respond?
HPE Converged Management
Whether in an SMB or an enterprise environment, customers need management tools targeted for their
business needs. The HPE approach to infrastructure management includes a complete portfolio of server
management solutions that address the challenges of ever-increasing business demands and complexity
in today’s data center.
HPE server management capabilities are specifically designed to manage the entire HPE server portfolio,
from towers to racks to blades. With HPE converged management, IT staff can gain precise control of
their infrastructure through built-in intelligence that can be easily accessed remotely. HPE Converged
Infrastructure management covers the lifecycle of critical operations: configuration and provisioning for
rapid deployment, system health monitoring with proactive failure notification, firmware updates, and
automated simplified support management.

Server management

Figure 3-1 HPE OneView Global Dashboard

HPE ProLiant management innovations target three segments to ensure that customers have complete
lifecycle management, for their current environment and in the future as their business grows.
•Managing single system (On-System)—Built-in intelligence and automation for increased server
admin productivity. It provides on-system management to provision, monitor, and troubleshoot
servers, as well as remote and out-of-band management. The on-system management tools available
for ProLiant servers include:
–Intelligence on every HPE server enabling setup, health and alerting, and firmware
maintenance
–UEFI
–iLO 5
–RESTful API, HPE RESTful Interface Tool, and other HPE scripting tools
–Intelligent Provisioning
–Smart Storage Administrator
–HPE Smart Update and SPP
–HPE BladeSystem management
•Managing multiple systems—Installed at customer site (On Premises)
–HPE OneView
–HPE OneView Global Dashboard (shown in Figure 3-1)
–iLO Amplifier Pack
•Managing multiple systems—Cloud-based management for service ticket and warranty
tracking, health, and alerting (On-Cloud)
–Remote Support and Insight Online

Learning check
1.Name five on-system tools for HPE ProLiant server management.

Unified Extensible Firmware Interface (UEFI)

Figure 3-2 Server boot process

UEFI is an industry-standard specification that defines the model for the interface between the operating
system and system firmware during the startup process, as illustrated by Figure 3-2. Developed by a
consortium of more than 100 technology companies, including HPE and Microsoft, UEFI is processor
architecture agnostic, supporting x86, x64, ARM, and Itanium processors.
Note
UEFI defines the interface between the operating system and platform firmware during the boot
or the start-up process. Compared to BIOS, UEFI supports advanced preboot user interfaces.
The UEFI network stack enables implementation on a richer network-based OS deployment
environment while still supporting traditional Preboot Execution Environment (PXE)
deployments. UEFI supports both IPv4 and IPv6 networks. In addition, features such as Secure
Boot enable platform vendors to implement an OS-agnostic approach to secure systems in the
preboot environment. The ROM-Based Setup Utility (RBSU) functionality is available from
the UEFI interface along with additional configuration options.

UEFI standardizes interfaces within the platform initialization firmware and within the preboot UEFI
environment/shell. It provides a preboot graphical user interface (GUI) that standardizes the environment
for booting an operating system and preboot applications (boot loaders, diagnostics, setup scripts, and so
forth). UEFI also provides a preoperating system network stack, Secure Boot, and expanded storage.
The goal for implementing UEFI in ProLiant servers is to modernize platform firmware and provide an
interface that is not architecture-specific. ProLiant Gen9 servers introduce UEFI as the default BIOS
firmware interface, although they continue to support legacy BIOS settings. HPE recommends that the
UEFI default be used with all ProLiant Gen9 and Gen10 servers.

Note
Many option cards are only supported in the UEFI mode and need UEFI compliant option
ROMs. One example is the HPE Smart Array S100i controller.

UEFI benefits
UEFI benefits for the ProLiant Gen9 and Gen10 server family include the ability to:
•Use drives larger than 2.2 TB—Hard drives in UEFI use Global Unique Identifier Partition Table
(GPT), which provides far greater boot drive capacities, allowing the use of high-capacity drives
for storage and system booting. UEFI offers complete access to the system hardware and resources,
allowing UEFI diagnostics and troubleshooting applications to be run before loading an operating
system.
•Configure UEFI with standard boot methods for enhanced flexibility—UEFI supports PXE
boot for IPv6 networks, allowing a unified network stack to PXE boot from any network controller
while maintaining backward compatibility and continued support for IPv4 PXE. UEFI allows PXE
multicast boot support for image deployment to multiple servers at the same time. Servers with an
Embedded User Partition (a general-purpose disk partition on nonvolatile flash memory, which is
embedded on the system board) can be configured using iLO. After the partition is formatted, it can
be used for read and write access from the server operating system.
•Enable Secure Boot to improve security measures—UEFI protects against unauthorized
operating systems and malware rootkit attacks, validating that the system only runs authenticated
option ROMs, applications, and operating system boot loaders that have been digitally signed. UEFI
uses a public key to verify UEFI drivers loaded from PCIe cards, drivers loaded from mass storage
devices, preboot UEFI shell applications including firmware updates, and operating system UEFI
boot loaders.
•Take advantage of the UEFI shell and HPE RESTful API for scalable configuration
deployment—UEFI includes the UEFI shell, a command line interface (CLI) application that
allows scripting, file manipulation, obtaining system information, and running other UEFI
applications. The UEFI shell is based on the UEFI Shell Specification 2.0, but is enhanced with an
extended command set for additional functionality. The UEFI shell includes a programming API
that can be used to create custom UEFI applications. UEFI supports the HPE RESTful API, an
industry-recognized architectural style, for server-standardized interaction to configure at scale
using an HTTPS Web protocol.
•Perform industry-standard server configurations with fewer reboots—Testing in HPE Labs
found that configuring BIOS, iLO, and network interface cards (NICs) on a ProLiant DL380 server
with UEFI BIOS required two system reboots, compared to a ProLiant DL380 server with legacy
BIOS, which required four system reboots.
UEFI in Gen10 supports:
•USB 3.0 stack
•Trusted Platform Module (TPM) 2.0
•Non-Volatile Memory Express (NVMe) boot
•Internet Small Computer Systems Interface (iSCSI) Software Initiator support
•HTTP/HTTPs boot as a PXE alternative
Operating systems that support UEFI include (always verify support for the specific server):
•Windows Server 2012 R2 (most recent version)
•Windows Server 2016 (most recent version)
•VMware ESXi 6.0 U3
•VMware ESXi 6.5 and U1 upon release
•Red Hat Enterprise Linux (RHEL) 6.9 and 7.3
•SUSE Linux Enterprise Server (SLES) 11 SP4 and 12 SP2
•ClearOS
UEFI System Utilities

Figure 3-3 UEFI System Utilities

The System Utilities screen, shown in Figure 3-3, is the main screen in the UEFI menu-driven interface.
Press the up or down arrow keys to select a menu option. A selected option changes color from white to
yellow. Press Enter to display submenus and other configuration options for your selection. The System
Utilities screen displays menu options for the following configuration tasks:
•System configuration—Displays options for viewing and configuring the BIOS/Platform
Configuration (RBSU) menu and the iLO Configuration Utility.
•One-time boot menu—Displays options for selecting a boot override option and running a UEFI
application from a file system.
•Embedded applications—Display options for viewing and configuring embedded applications,
including Intelligent Provisioning and firmware updates.
•System information—Displays options for viewing the server name and generation, serial
number, product ID, BIOS version and date, power management controller, backup BIOS version
and date, system memory, and processors.
•System health—Displays options for viewing the current health status of all devices in the system.
•Exit and resume system boot—Exits the system and continues the normal booting process.
•Reboot the system—Exits the system and reboots it by going through the UEFI Boot Order list
and launching the first bootable option in the system. For example, you can launch the UEFI Shell,
if enabled and listed as the first bootable option in the list.
•Select language—Enables you to select a language to use in the user interface. English is the
default language.
•Setup Browser Selection—Enables administrator to select graphical or text-based browser
selecting the system utilities.
To access UEFI System Utilities:
1.Reboot the server. The server starts up and the ProLiant POST screen appears.
2.Press F9 in the ProLiant POST screen. The System Utilities screen appears.
3.Use the up and down arrows to change a selection.
4.Press Enter to select an entry.
5.Press Escape to go back to the previous screen.
To exit the System Utilities screen and reboot the server, press Esc until the main menu is displayed and
then select one of the following options:
•Exit and resume system boot—Exits the system and continues the normal boot process. The
system continues through the boot order list and launches the first bootable option in the system.
•Reboot the system—Exits the system and reboots the system without continuing the normal boot
process.
Use F12 to save settings and exit from System Utilities on Gen10 servers.

Note
Enter the following URL into your browser for documentation. Select UEFI System Utilities
in the products and solutions section.
http://h17007.www1.hpe.com/us/en/enterprise/servers/solutions/info-library

Note
A power-on self-test (POST) is a process performed by firmware or software routines
immediately after a computer or other digital electronic device is powered on. (Wikipedia.org,
January 2018)

UEFI System Utilities GUI


HPE ProLiant Gen10 and HPE Synergy compute modules support a UEFI System Utilities GUI. Both
mouse and keyboard devices are supported on the UEFI System Utilities GUI.
The System Utilities GUI has the following regions:
•Caption bar—This region shows the UEFI form title and the system buttons. The form title shows
the name of the form that you are currently navigating.
•Navigation history—This region shows the forms to which you navigated previously. A
Navigation History node is added to the navigation history each time you visit a new system utility
form.
•Server information—This region shows server information and function key information.
•System utilities form—This region shows the menu options of the current form.
•Activity bar—This region shows the system-wide functions, such as function keys and the system
status indicator.
The GUI has support for basic keys to navigate the system utilities form. The TAB key is used to change
the focus on the different regions of the form. Supported keys include:
•Up and Down arrows
•Enter
•Function keys
•Esc key
Navigation History shows system utility forms that user navigated previously. A Navigation History node
is added to the Navigation History each time you visit a new form. You can Click a Navigation History
node to return to the utility form that you previously visited.
If there are too many Navigation History nodes to fit on the Navigation History bar, the Home node is
collapsed. To view a pop-up list of the navigation history node that you visited, you can select the Home
node. To return to a previously accessed form, you can Click a Navigation History node from the list.
To move through the Navigation History region, you use the:
•Tab key to change focus in the Navigation History region.
•Enter key to get in to the Navigation History node selection mode and to select a node.
•Arrow keys to move to the node you want to select.
•Esc key to exit the Navigation History node selection mode.

UEFI Shell management environment

Figure 3-4 Embedded UEFI shell

The system BIOS in all ProLiant Gen9 and Gen10 servers includes an embedded UEFI shell in the ROM,
as shown in Figure 3-4.
Based on the UEFI shell specification, the shell environment provides an API and CLI that allow scripting,
file manipulation, and obtaining system information. The shell also runs other UEFI applications. These
features enhance the capabilities of the UEFI System Utilities.
From the System Utilities screen, select Embedded Applications → Embedded UEFI Shell and the
Embedded UEFI Shell screen appears. Press any key to acknowledge that you are physically present.
This step ensures that certain features, such as disabling Secure Boot or managing the Secure Boot
certificates using third-party UEFI tools, are not restricted. If an administrator password is set, enter it at
the prompt and press Enter. The Shell>prompt appears. Enter the commands required to complete your
task and enter the exit command to exit the Shell.
Built-in commands:
•Standard commands—File manipulations, driver management, device access, scripting control,
system information, and basic network operations
•Extensible—Original equipment manufacturers (OEMs) can provide value-add commands

Embedded UEFI shell commands


The UEFI shell is a minioperating system and includes many commands to assist in the management of
the preboot environment. These commands include:
•Shell> help –b—The help command can be used with the –b option to display one page at a
time. Press Enter to continue or q to exit help.
•alias—Displays, creates, or deletes UEFI Shell aliases.
•attrib—Displays or changes the attributes of files or directories.
•cd—Displays or changes the current directory.
•cls—Clears standard output and optionally changes background color.
•comp—Compares the contents of two files on a byte for byte basis.
•cp—Copies one or more files or directories to another location.
•date—Displays and sets the current date for the system.
•devices—Displays the list of devices managed by UEFI drivers.
•Devtree—Displays the UEFI Driver Model compliant device tree.
•dh—Displays the device handles in the UEFI environment.
•dmem—Displays the contents of system or device memory.
•drivers—Displays the UEFI driver list.
•echo—Controls script file command echoing or displays a message.
•edit—Full screen editor for ASCII or UCS-2 files.
•eficompress—Compresses a file using UEFI compression algorithm.
•efidecompress—Decompresses a file using UEFI decompression algorithm.
•else—Identifies the code executed when “if” is false.
•endfor—Ends a “for” loop.
•endif—Ends the block of a script controlled by an “if” statement.
•exit—Exits the UEFI Shell or the current script.
•for—Starts a loop based on “for” syntax.
•fwupdate—Invokes an HPE UEFI Shell utility to update system BIOS firmware.
•getmtc—Gets the monotonic counter (MTC) from BootServices and displays it.
BIOS/Platform Configuration screen

Figure 3-5 BIOS/Platform Configuration screen

The BIOS/Platform Configuration menu replaces the RBSU on ProLiant Gen9 and Gen10 servers. Use
this menu to access and use both UEFI and legacy BIOS options. As shown in Figure 3-5, you can
configure system BIOS settings from the BIOS/Platform Configuration screen through the various menus.

Workload Profiles and performance options


Workload Profiles are a configuration option to deploy BIOS settings based on the workload customer
intends to run on the server. Workload Profiles are a configuration option to deploy BIOS settings to
accommodate the intended application of the server. Workload Profiles is one of the HPE Intelligent
System Tuning (IST) features.
The system provides these Workload Profiles:
•General power efficient compute
–This profile is the default profile for most ProLiant servers and HPE Synergy compute
modules.
–This profile applies the most common performance settings that benefit most application
workloads while also enabling power management settings that have minimal impact to overall
performance. The settings that are applied heavily favor a balanced approach between general
application performances versus power efficiency.
–This profile is recommended for customers that do not typically tune their BIOS for their
workload.
•General peak frequency compute
–This profile is intended for workloads that generally benefit from processors or memory that
must achieve the maximum frequency possible, for any individual core, at any time. Power
management settings are applied when they ensure that any component frequency upside can
be readily achieved. Processing speed is favored over any latencies that might occur. This
profile is a general-purpose profile so that optimizations are done generically to increase
processor core and memory speed.
–This profile benefits workloads that typically benefit from faster compute time.
•General throughput compute
–This profile is intended to be used for workloads where the total maximum sustained workload
throughput is needed. Increased throughput does not always occur when the processor runs at
the highest individual core speed. Increased throughput can occur when the processor is able to
perform sustained work across all available cores during maximum utilization. Power
management settings are disabled when they are known to have an impact on maximum
achievable bandwidth.
–Best throughput is achieved when the workload is also a nonuniform memory access (NUMA)
aware and optimized so that settings that benefit NUMA awareness are applied.

Note
NUMA is a computer memory design used in multiprocessing, where the memory access time
depends on the memory location relative to the processor. Under NUMA, a processor can
access its own local memory faster than nonlocal memory (memory local to another processor
or memory shared between processors). The benefits of NUMA are limited to particular
workloads, notably on servers where the data is often associated strongly with certain tasks or
users. (Wikipedia.org, January 2018)
•Virtualization—power efficient—This profile is intended to be used for virtualization
environments. The profile ensures that all available virtualization options are enabled. Certain
virtualization technologies can have possible performance impacts to nonvirtualized environments
and can be disabled in other profiles. Power management settings can have an impact on
performance when running virtualization operating systems, and this profile applies power
management settings that are virtualization friendly.
•Virtualization—maximum performance—This profile is intended to be used for virtualization
environments. The profile ensures that all available virtualization options are enabled. Power
management settings are disabled in favor of delivering maximum performance.
•Low Latency
–This profile is intended to be used by customers who desire the least amount of computational
latency for their workloads. This profile follows the most common best practices that are
documented in the “HPE Low Latency” whitepaper. Maximum speed and throughput are often
sacrificed to lower overall computational latency. Power management and other management
features that might introduce computational latency are also disabled.
–The profile benefits customers running Real-Time Operating Systems (RTOS) or other
transactional latency sensitive workloads.
•Mission critical—This profile is intended to be used by customers who trade off performance for
server reliability above the basic server defaults. The profile enables advanced memory reliability,
availability, and serviceability (RAS) features that are known to have more than a measurable
impact on computational performance. Enabling this profile will have an impact on maximum
memory bandwidth and will increase memory latency.
•Transactional application processing—This profile is intended to be used for business
processing environments, such as online transaction processing (OLTP) applications that require a
database back-end, for example, workloads typically comprised of a high number of user-based,
transactional applications running on a single server with cohosted database component. The profile
balances the requirement of managing both peak frequency and throughput.
•High-performance compute (HPC)—This profile is intended for customers running in a
traditional HPC environment. Typically, these environments are clustered environments where each
node performs at maximum utilization for extended periods of time to solve large-scale scientific
and engineering workloads. The default for our Apollo series servers, power management is
typically disabled in favor of sustained available bandwidth and processor compute capacity. This
profile is similar to the Low Latency profile except that some latency is accepted to achieve
maximum throughput.
•Decision support—This profile is intended for Enterprise Business Database (Business
Intelligence) workloads that are focused on operating and/or accessing data warehouses, such as
data mining or online analytical processing (OLAP).
•Graphic processing—This profile is intended for workloads that are run on server configurations
that utilize Graphics Processing Units (GPUs). GPUs typically depend on maximum bandwidth
between I/O and memory. Power management features that have impact on the links between I/O
and memory are disabled. Peer-to-Peer traffic is also critical and, therefore, virtualization is also
disabled.
•I/O throughput—This profile is intended to be used for configurations that depend on maximum
throughput between I/O and memory. Processor utilization-driven power management features that
have performance impact to the links between I/O and memory are disabled.
•Custom
–This option on the Workload Profiles menu disables Workload Profiles. Use this option if you
want to set specific BIOS options for your deployment manually. When you select Custom, all
the settings for the previously selected profile are carried forward. You can edit all or some of
the options.
–Custom is not a profile, and settings that you specify are not saved as a template.

Default profiles for servers


Workload Profile options support a variety of power and performance requirements. For most HPE
ProLiant Gen10 servers and HPE Synergy compute modules, Workload Profile is set to General Power
Efficient Compute by default. This Workload Profile provides common performance and power settings
suitable for most application workloads. For ProLiant XL servers in an HPE Apollo system, the Workload
Profile is set to HPC by default. Selecting a Workload Profile other than the Custom profile affects other
setting options. For example, selecting the General Peak Frequency Compute profile automatically sets
Power Regulator mode to Static High Performance. This setting cannot be changed and is grayed out.

Workload Profiles dependencies


There are multiple options that are available for BIOS configuration. Not all profiles set the same options
to specific settings. Each profile is designed to obtain specific performance results and sets different
options to meet those results. The options that a profile sets are called dependencies. All other options are
unaffected by the Workload Profile and are referred to as nondependent settings.

Applying a Workload Profile


You apply a Workload Profile to have the system manage your workload according to predefined settings
provided with the system. Dependent options cannot be changed and are grayed out. You can change any
nondependent options in a profile.
There may be one or more dependent options that you want to change in your Workload Profile.
Dependent options cannot be changed for a predefined profile. You can change the dependent options in
Custom mode. When you are in Custom mode, your deployment is no longer in profile mode and you can
manually adjust option settings. When you enter Custom mode, all the settings from the previously applied
profile are shown. The easiest way to change dependent settings is to modify an applied profile. First,
apply a Workload Profile that has most of the settings that you want to use then change to Custom mode.
Then change only the settings you want to have new values.

System options
From the System Options menu, you can configure system settings such as the following:
•Serial port options—Assign COM port number and associated resources to the selected physical
serial port.
•USB options
–Configure how USB ports and embedded devices operate at startup (USB Enabled [default],
External USB Port Disabled).
–Configure USB Boot Support to prevent the system from booting any connected USB devices
and disable booting the iLO virtual media.
–Select whether the system should attempt to boot external USB drive keys, internal USB drive
keys, or the internal SD card slot first.
–Control the Virtual Install Disk, which contains server-specific drivers that an operating
system can use during installation. If this option is enabled, Windows Server automatically
locates required drivers and installs them.
–Control the Embedded User Partition, which is a general-purpose disk partition on nonvolatile
flash memory embedded on the system board. After it is enabled, the partition can be formatted
using the server operating system or by using the HPE RESTful Interface tool. After the
partition is formatted, it can be accessed for read and write access from the server operating
system.
–Set the operating mode of USB 3.0 ports.
•Processor options—Configure processor options such as configuring Intel Hyperthreading,
processor core enablement, and x2APIC support.
•SATA Controller options—Configure options such as selecting the Embedded Serial Advanced
Technology Attachment (SATA) configuration and configuring SATA Secure Erase.
•Virtualization options—Configure virtualization options such as Virtualization Technology, Intel
VT-d, and SR-IOV.
•Boot Time Optimization—Configure Boot Time Optimizations such as Dynamic Power Capping
and Extended Memory Test.
•Advanced Memory Protection—Configure Advanced ECC Support (default), or Online Spare
with Advanced ECC Support.

Boot options
From the Boot Options menu, you can configure settings such as the following:
•Boot Mode—Set either UEFI Boot Mode (default on ProLiant Gen9 and newer servers) or
Legacy BIOS Boot Mode. The boot mode must match the operating system installation.
•UEFI Optimized Boot—Must be set to Disabled for compatibility with Windows Server 2008
and Windows 2008 R2 if the system is configured for UEFI Boot Mode. If enabled, the system
BIOS boots using native UEFI graphics drivers. If disabled, the system BIOS boots using INT10
legacy video support. This option must be enabled for VMware ESXi and for Secure Boot to operate
properly.
•Boot Order Policy—Control system behavior when attempting to boot devices per the Boot Order
and no bootable device is found.
•UEFI boot order list—Change the order of the UEFI boot list.
•Advanced UEFI Boot Maintenance options—Configure advanced UEFI boot order options,
such as manually adding or deleting boot options.
•Setting the Legacy BIOS Boot Mode order—If a server is configured in Legacy BIOS Boot
Mode, the order for those settings can be changed. This setting defines how the server looks for
operating system boot firmware.

Embedded UEFI Shell


•Setting the Embedded UEFI Shell—Enable or disable the Embedded UEFI Shell. The Embedded
UEFI Shell is a preboot command line environment for scripting and running UEFI applications,
including UEFI boot loaders.
•Adding Embedded UEFI Shell to the boot order—Add the Embedded UEFI Shell as an entry
in the boot order list. This option is only accessible when the Embedded UEFI Shell is enabled and
boot mode is set as UEFI.
•Enabling the UEFI Shell Script Auto Start—Enable or disable automatic execution of the
default UEFI shell startup script during shell startup. When enabled, the shell looks for the
startup.nsh (similar concept to autoexec.bat) file in any of the FAT16 or FAT32 file systems
available.

Power management
•HPE Power Profile—Select a profile based on power and performance characteristics.
•HPE Power Regulator—Configure only when the power profile is set to Custom. Select from
HPE Dynamic Power Savings Mode (default), which automatically varies processor speed and
power usage based on processor utilization, which allows reduced overall power consumption with
little or no impact on performance and does not require operating system support.
•Minimum processor idle power core C-State—Select the processor’s lowest idle power (C-
State) that the operating system uses. The higher the C-State, the lower the power usage of that idle
state. This option can be configured only if the HPE Power Profile is set to Custom.
•Minimum processor idle power package C-State—Configure the lowest processor idle power
state. The processor automatically transitions into package C-States based on the core C-States, in
which cores on the processor have transitioned.
•Advanced power management options—Access advanced power options to enable such features
as Channel Interleaving and Collaborative Power Control. You can set the QPI link frequency to a
lower speed and set the processor idle power state.

Performance options
•Intel turbo boost technology—Set the processor to a higher frequency than its rated speed if it
has available power and is within temperature specifications. The default is Enabled.
•Setting ACPI SLIT technology—This describes the relative access times between processors,
memory subsystems, and I/O subsystems. Operating systems that support the System Locality
Information Table use this to allocate resources and workloads more efficiently. The default is
Disabled.
•Accessing Advanced Performance Tuning Options—Access the Advanced Performance
Tuning options menu where you can configure options for performance tuning.

Server security
•Setting the Power On Password—Set a password for accessing the server during the boot
process.
•Setting an Administrator Password—Set an administrator password to protect server
configuration.
•Setting the F11 One-Time Boot Menu—Specify a boot override option for this boot only. This
option does not modify normal boot order settings.
•Disabling Intelligent Provisioning (F10 Prompt)—Disable access to Intelligent Provisioning
from the ProLiant POST screen.
•Setting Embedded Diagnostics—Enable or disable Embedded Diagnostics, which is available
from the Boot menu. Embedded diagnostics include System Health, System Tests, Component
Tests, Test Logs, and Integrated Management Log (IML)Log.
•Configuring the Embedded Diagnostics mode—Configure Embedded Diagnostics to display in
graphical Auto mode (default) or Text Console mode.
•Protecting a System from Viruses—Protect a system against malicious code and viruses by
marking memory as nonexecutable unless the location contains executable code. This option
requires operating support.
•Accessing Secure Boot options—Ensure that each component launched during the boot process
is digitally signed and the signature is validated against trusted certificates embedded in the UEFI
BIOS.
•Accessing the TPM—Allow the firmware and operating system to take measurements of all
phases of the booting process.
•Advanced Secure Boot Options
–Enrolling a Secure Boot certificate key or database signature
–Deleting a Secure Boot certificate key or database signature
–Deleting all keys
–Exporting a Secure Boot certificate key or database signature
–Exporting all Secure Boot certificate keys Procedure
•TLS (HTTPS) options
–Viewing Transport Layer Security (TLS) certificate details
–Enrolling a TLS certificate
–Deleting a TLS certificate
–Configuring advanced TLS security settings
•Enabling or disabling Intel TXT support—Use the Intel Trusted Execution Technology (TXT)
support option to enable or disable Intel TXT support for servers with Intel processors.
•Enabling or disabling processor AES-NI support—Use the Processor AES-NI option to enable
or disable the Advanced Encryption Standard Instruction Set in the processor.
•Enabling or disabling backup ROM image authentication—Use the Backup ROM Image
Authentication option to enable or disable cryptographic authentication of the backup ROM image
on startup.
•Enabling or disabling system intrusion detection—Setting allows the administrator to enable or
disable intrusion detection.

Additional options
Other options configurable from the BIOS/Platform Configuration screen are:
•PCI Device Enable/Disable—Enable or disable embedded and add-in devices. Disabling devices
reallocates the resources that are normally allocated to the device. By default, all devices are
enabled.
•Server availability—Enable the automatic server recovery (ASR) status and timeout, configure
POST, and set the power button mode and power-on delay.
•BIOS Serial Console and EMS—View POST error messages and run RBSU remotely through a
serial connection to the server COM port or the iLO virtual serial port. The remote server does not
require a keyboard or mouse.
•Server Asset Information—Modify server information, administrator contact information,
service contact information, and the system startup message.
•Advanced options—Access Advanced options to configure ROM selection, Video options,
Embedded Video connection, Fan and Thermal options, and Advanced System ROM options.

Note
More details can be located in the UEFI System Utilities User Guide for HPE ProLiant Gen10
Servers and HPE Synergy.

Secure Boot on ProLiant servers


Secure Boot based on UEFI is a feature supported in ProLiant servers in which the system firmware,
option card firmware, operating systems, and software collaborate to greatly enhance platform security.
Secure Boot minimizes the legacy threat and provides software identity checking at every step of the boot
process, including platform firmware, option cards, and operating system boot loader. After the operating
system boot loader has run (securely), the responsibility for security is passed on to the operating system
itself—it is not within the scope of UEFI to cover operating system security.
Without UEFI Secure Boot, malware developers can take advantage of several potential vulnerabilities in
the preboot environment, including the system-embedded firmware itself, as well as the time between the
initialization of the firmware and the booting of the operating system. Malware introduced at this point
can provide an environment in which an operating system—no matter how secure—cannot run safely.
Secure Boot is completely implemented in the BIOS and does not require special hardware such as TPM,
although it can work with TPM if required.
Secure Boot ensures that each component launched during the boot process is digitally signed and that the
signature is validated against a set of trusted certificates embedded in the UEFI BIOS. It validates the
software identity of the following components in the boot process:
•UEFI drivers loaded from PCI Express (PCIe) cards
•UEFI drivers loaded from mass storage devices
•Preboot UEFI shell applications
•Operating system UEFI boot loaders
Only firmware components and operating systems with boot loaders that have an appropriate digital
signature can execute during the boot process. Only operating systems that support Secure Boot and have
a UEFI boot loader signed with one of the authorized keys can boot when Secure Boot is enabled.
Smart Array preboot configuration

Figure 3-6 New for Gen10: Smart Array preboot configuration

Gen10 Smart Array (HPE’s enterprise-class RAID controllers) supports preboot configuration from the
System Configuration screen, as shown in Figure 3-6:
•Configure controller settings
•Create and manage arrays
–Create array
–View configuration
–Configure spare drive
–Edit logical drives
–Set a bootable logical volume

Boot time improvements in Gen 10

Figure 3-7 Decreasing deployment time by significantly reducing boot time

The HPE Gen9 ProLiant server with two CPUs, DDR, and Smart array controller boots in about 2 minutes
30 seconds. As illustrated by Figure 3-7, with Gen10, a server with a similar configuration boots much
faster—in 50 seconds. This translates to a 67% improvement and reduction in boot time. The boot time
of a Gen10 server with high security mode is a bit slower as you raise your level of security.

Embedded Applications screen


Options available from the Embedded Applications screen include:
•Embedded UEFI Shell—Use this option to access the Embedded UEFI Shell screen.
•IML—The IML provides a record of historical events that have occurred on the server. Entries in
the IML can help with diagnosing issues or identify potential issues. The IML timestamps each
event with one-minute granularity.
•Firmware Update—Use this option to update firmware components in the system. Other
components can be updated, such as Smart Array controller and NIC using a binary ROM (or NIC
or Smart Array) update file obtained from HPE.
•Active Health System Log—Use this option to download an Active Health System Log. By
default, the system downloads logs from the previous seven days.
•Intelligent Provisioning—Intelligent Provisioning is an essential single-server deployment tool
embedded in most ProLiant servers that simplifies ProLiant server setup, providing a reliable and
consistent way to deploy ProLiant server configurations. This option lets you select the Intelligent
Provisioning host override option for this boot only and does not modify the normal boot order or
boot mode settings.

System Information screen


The System Information menu displays server details and can be used to check that the firmware version
was updated after applying an update.
Information displayed includes:
•System name and generation
•Serial number
•Product ID
•User defaults
•BIOS version
•Backup BIOS version and date
•System memory (GB)
•Processor 1 to 4
•iLO IP address
•Embedded network devices
•PCI Device Information
•Firmware Information

Note
You can also view firmware information by using the HPE RESTful Interface Tool.

Preboot Health Summary


If a ProLiant server does not start up, you can use iLO to display diagnostic information on an external
monitor. This feature is supported on servers that support external video and have a Unit Identification
(UID) button or a Serial USB VGA (SUV) connector. When the server is off and power is available, iLO
runs on auxiliary power and can take control of the server video adapter to show the Preboot Health
Summary.
To view the Preboot Health Summary:
1.Verify that the server is off and power is available.
2.Do one of the following:
–Press the UID button on the server.

Caution
To use this feature, press and release the UID button. Holding it down at any time for more than
five seconds initiates a graceful iLO reboot or a hardware iLO reboot. Data loss or nonvolatile
random-access memory (NVRAM) corruption might occur during a hardware iLO reboot.

–Log in to the iLO web interface. Change the UID state to UID ON by clicking the UID icon
at the bottom right corner of any iLO web interface window.
–Plug in a SUV connector.
The ProLiant Preboot Health Summary screen is displayed on the server monitor and remains on until the
server is powered on, the UID state is changed to UID OFF, an SUV connector is removed, or an iLO
reboot completes. The following information is listed:
•Server model number
•Server serial number
•Product ID
•iLO IP address (IPv4 and IPv6)

Note
The IP address information is displayed only if Show iLO IP during POST is set to Enabled
on the Administration → Access Settings page in iLO.

•iLO hostname
•iLO firmware version
•ProLiant System ROM version
•ProLiant System ROM backup version
•iLO complex programmable logic device (CPLD) version
•System CPLD version
•Embedded Smart Array version number

Note
This value is displayed only if server POST has successfully completed since the last auxiliary
power cycle.

•Critical events

Note
The most recent critical events from the IML are displayed with the most recent event displayed
first.
A physically present user can customize the certificates embedded in the UEFI BIOS by adding or
removing their own certificates. This can also be performed by remotely connecting to the server using
the iLO Remote Console.
The HPE RESTful API provides a secure, programmatic method to configure Secure Boot.

One-Time Boot Menu screen


Through the iLO Remote Console, you can select a UEFI boot option for a one-time boot override. This
option does not modify predefined boot order settings. If you use a USB key or a virtual media through
the iLO Remote Console, you must refresh this menu so the devices appear. To do so, exit by pressing
Esc and then re-enter the One-Time Boot Menu selection from System Utilities menu. This causes the
One-Time Boot Menu to refresh the content.
Options include:
•Generic USB Boot—This option provides a placeholder for any USB device that is bootable in
UEFI. You can set the boot priority of this option and retain this priority for use with USB devices
you might install in the future. Setting this priority does not affect priorities set for individual USB
devices in the UEFI Boot Order list. Newly added USB devices appear at the bottom of the list by
default, and you can move those entries in the list and boot from them as well.

Note
This option is available in UEFI Mode only. The system attempts to boot all UEFI bootable
USB devices in the order you specify in the Generic USB Boot entry, even if installed
individual USB devices are configured lower in the boot order.
•Run a UEFI application from a file system—Select this option to a run a UEFI application from
a file system. Browse all FAT file systems that are available in the system. It is also possible to
select an X64 UEFI application (with an EFI extension) to execute. It can be an operating system
boot loader or any other UEFI application.
•Legacy BIOS One-Time Boot Menu—Choose a specific override option for this boot only. This
option does not modify boot order mode settings. The server needs to be rebooted for this change
to take effect.

Activity: Performing basic shell operations in UEFI


Watch a YouTube video about using UEFI shell commands.

Note
To access this video, enter the following URL into your browser.
https://www.youtube.com/watch?v=cekq7bDZw14

Be prepared to pause the video as needed to answer these questions:


1.How do you enable or disable the embedded UEFI boot order?
2.Which command should be used to retrieve a list of available commands?

3.In general, which types of tasks can be accomplished using commands available in the UEFI
shell?

4.How can the help reset command be used?

Activity debrief
1.Which menus or options in the system configuration process will be most useful to your role?

2.Which of these tools do you know the most about? Which one are you least familiar with?

3.Which specific commands do you think you might use most often?

4.What is the most interesting feature included in the video?

Learning check
2.What are three benefits of using UEFI compared to legacy BIOS?
3.Name three workload profiles configurable in Gen10 RBSU.

4.A customer is running Microsoft Windows Server 2016 on a ProLiant Gen10 server and needs to
access the UEFI System Utilities.
What must the customer do?
A.Press Control B and select HPE UEFI System Utilities.
B.Reboot the server and press F9 when the POST screen appears.
C.Select HPE UEFI System Utilities from the Server Management Page.
D.Reboot from the SmartStart media, and select HPE UEFI System Utilities.

HPE iLO

Figure 3-8 HPE iLO functions

The HPE Integrated Lights-Out (iLO) subsystem is a standard component of ProLiant servers that
simplifies initial server setup, server health monitoring, power and thermal optimization, and remote
server administration. The iLO subsystem includes an intelligent microprocessor, secure memory, and a
dedicated network interface. This design makes iLO independent of the host server and its operating
system.
iLO enables you to monitor and manage servers and other network equipment remotely even when the
server is off and regardless of whether the operating system is installed or functional. It allows access to
BIOS settings and the reinstallation of the operating system.
As illustrated by Figure 3-8, iLO enables you to:
•Provision—Inventory and deploy servers using virtual media and iLO Federation remotely with
the iLO web interface, remote console, CLI, or mobile app.
•Monitor—iLO provides health and performance protection with advanced power and thermal
control for maximum power efficiency. Agentless Management monitors core hardware and related
alerts without installation of agents or providers on the host operating system.
•Optimize—iLO provides an Integrated Remote Console for remote administration so you can
control your server from any location through the iLO web interface, remote console, CLI, or
mobile app. Integrated Remote Console capabilities include Keyboard, Virtual Media, Global Team
Collaboration, Video Record/Playback. To remotely manage groups of servers at scale, iLO
Federation offers built-in rapid discovery of all iLOs, group configurations, group health status, and
the ability to determine which servers have iLO licenses. With an iLO Advanced license, you can
enable the full implementation of iLO Federation management for features such as Group Firmware
Updates, Group Virtual Media, Group Power Control, Group Power Capping, and Group License
Activation.
•Support—iLO provides core instrumentation that operates whether the operating system is up or
down. Should something go wrong, you can view the Integrated Management Log through the iLO
web interface or download Active Health System logs and send them to HPE Support for faster
problem identification.

HPE iLO management technologies

Figure 3-9 iLO has built-in features for instant availability

HPE iLO provides the core foundation and intelligence for all ProLiant servers. iLO is ready to run and
does not require additional software installation. As illustrated by Figure 3-9, iLO management
technologies simplify server setup, enable health monitoring, provide power and thermal control, and
promote remote administration. iLO management technologies support the complete lifecycle of all
ProLiant servers, from initial deployment through ongoing management and service alerting. The iLO
capabilities that ship as standard on all ProLiant Gen8/Gen9/Gen10 servers include:
•Server health monitoring—iLO monitors temperatures in the server and sends corrective signals
to the fans to maintain proper server cooling. iLO also monitors installed firmware and software
versions and the status of fans, memory, the network, processors, power supplies, storage, and
devices installed on the system board.
•Agentless Management—With Agentless Management, the management software (Simple
Network Management Protocol, or SNMP, operates within the iLO firmware instead of the host
OS. This configuration frees memory and processor resources on the host OS for use by server
applications. iLO monitors all key internal subsystems and can send SNMP alerts directly to a
central management server, even with no host OS installed.
•Integrated Management Log—View server events and configure notifications through SNMP
alerts, remote syslogs, and email alerts.
•Learn more links—Troubleshooting information for supported events is available on the
Integrated Management Log page.
•Active Health System Log—Download the Active Health System log. You can send the log file
to Hewlett Packard Enterprise (HPE) when you have an open support case or upload the log to the
Active Health System Viewer.
•iLO Federation management—Use the iLO Federation features to discover and manage multiple
servers at a time.
•Integrated Remote Console—If you have a network connection to the server, you can access a
secure high-performance console to manage the server from any location.
•Virtual Media—Remotely mount high-performance Virtual Media devices to the server.
•Power management—Securely and remotely control the power state of the managed server.
•Deployment and provisioning—Use Virtual Power and Virtual Media for tasks such as the
automation of deployment and provisioning.
•Power consumption and power settings—Monitor the server power consumption, configure
server power settings, and configure power capping on supported servers.
•Embedded remote support—Register a supported server for HPE remote support.
•User access—Use local or directory-based user accounts to log in to iLO. You can use Common
Access Card (CAC) smartcard authentication with local or directory-based accounts.
•Two-factor authentication—Two-factor authentication is supported with Kerberos and CAC
smartcard authentication.
•Secure Recovery—Validates the iLO firmware when power is applied. If the firmware is invalid,
the iLO firmware is flashed automatically (iLO Standard license). Validates the system ROM
during server startup. If valid system ROM is not detected, the server is prevented from booting.
Recovery options include swapping the active and redundant ROM, and initiating a firmware
verification scan and recovery action (the iLO Advanced Premium Security Edition license is
required for scheduling and automated recovery).
•Firmware verification and recovery—Run scheduled or on-demand firmware verification scans
and configure recovery actions to implement when an issue is detected.
•iLO security states—Configure a security state that fits your environment. iLO supports the
Production security state (default) and high security states such as HighSecurity, Federal
Information Processing Standard (FIPS), and SuiteB.
•iLO interface controls—For enhanced security, enable or disable selected iLO interfaces and
features.
•Firmware management—Save components to the iLO Repository and use Smart Update
Manager (SUM) to configure install sets and manage the installation queue.
•iLO Service Port—Use a supported USB Ethernet adapter to connect a client to the iLO Service
Port to access the server directly. HPE recommends the HPE USB to Ethernet Adapter (part number
Q7Y55A). You can also connect a USB key to download the Active Health System Log.
•Intelligent Platform Management Interface (IPMI)—The iLO firmware provides server
management based on the IPMI version 2.0 specification.
•iLO RESTful API and RESTful Interface Tool (iLOrest)—iLO 5 includes the iLO RESTful
API, which is Redfish API conformant.

iLO 5 focus
The most important enhancements present in iLO 5 are
•Security—Raising our industry-leading bar even higher
•Firmware update technology—Update everything through iLO network
•Agentless management—Retiring OS-based agents
•RESTful everything—Redfish
•At Server Management—iLO Service Port
•Performance—Everything faster

Connecting to iLO

Figure 3-10 iLO 5 overview screen

iLO can be accessed through several user interfaces:


•Web-based interface—The iLO web interface, shown in Figure 3-10, groups similar tasks for
easy navigation and workflow. The interface is organized in a navigational tree view located on the
left side of the page. To access the iLO web interface, use local user accounts or domain user
accounts. Local user accounts are stored inside iLO memory when the default user administrator is
enabled.
•Secure Shell (SSH)—With the SSH interface, you can use the most important iLO features from
a text-based console.
•ROM-based configuration utility—Initial setup from UEFI System Utilities.
•iLO scripting and command line—You can use the iLO scripting tools to configure multiple iLO
systems to incorporate a standard configuration into the deployment process and to control servers
and subsystems.
•HPE RESTful API—iLO 4 2.00 on Gen9 and later includes the HPE RESTful API, which is a
management interface that server management tools can use to perform configuration, inventory,
and monitoring of a ProLiant server via iLO. A REST client such as the HPE RESTful Interface
Tool sends HTTPS operations to the iLO web server to GET and PATCH JSON-formatted data and
to configure supported iLO and server settings, such as the UEFI BIOS settings. iLO 4 2.30 and
iLO 5 are Redfish-conformant and remain backward compatible with the existing HPE RESTful
API.

Note
JavaScript Object Notation (JSON) is a lightweight data-interchange format. It is easy for
humans to read and write. It is easy for machines to parse and generate. It is based on a subset
of the JavaScript Programming Language, Standard ECMA-262 3rd Edition—December 1999.
JSON is a text format that is completely language-independent but uses conventions that are
familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript,
Perl, Python, and many others. These properties make JSON an ideal data-interchange
language. (json.org, January 2018)
•iLO mobile app—The HPE iLO mobile app provides access to the remote console of a ProLiant
server from an iOS or Android device. The mobile app interacts directly with the iLO processor on
ProLiant servers, providing total control of the server at all times as long as the server is plugged
in. For example, you can access the server when it is in a healthy state, or when it is powered off
with a blank hard drive. IT administrators can troubleshoot problems and perform software
deployments from almost anywhere.

Note
HPE iLO mobile is the name of the application in the HPE app store. Enter the following URL
to visit the iTunes HPE app store.
https://itunes.apple.com/us/developer/hewlett-packard-enterprise-
company/id1039583030

Controlling and monitoring power

Figure 3-11 Virtual Power Button, power settings, and Power Meter in iLO 5

As shown in Figure 3-11, Power meter graphs display recent server power usage. Power history
information is not collected when the server is powered off. When you view a graph that includes periods
in which the server was powered off, the graph displays a gap to indicate that data was not collected.
The graph data is cleared when iLO is reset or the server is power cycled. For example, the data is cleared
when you use the Virtual Power Button Reset or Cold Boot actions, but it is not cleared when you use the
Momentary Press or Press and Hold actions.
The Power Settings page enables administrators to view and control the power management features of
the server. The power management features on this page vary based on the server configuration.
The Virtual Power Button section on the Server Power page displays the current power state of the server,
as well as options for remotely controlling server power. System Power indicates the state of the server
power when the page is first opened. The server power state can be ON, OFF, or Reset. Use the browser
refresh feature to view the current server power state. The server is rarely in the Reset state.
Virtual Power Button options:
•Momentary Press—The same as pressing the physical power button. If the server is powered off,
a momentary press will turn on the server power. Some operating systems might be configured to
initiate a graceful shutdown after a momentary press or to ignore this event. HPE recommends using
system commands to complete a graceful operating system shutdown before you attempt to shut
down by using the Virtual Power button.
•Press and Hold—The same as pressing the physical power button for five seconds and then
releasing it. The server is powered off as a result of this operation. Using this option might
circumvent the graceful shutdown features of the operating system. This option provides the
Advanced Configuration and Power Interface (ACPI) functionality that some operating systems
implement. These operating systems behave differently depending on a short press or a long press.
•Reset—Forces the server to warm-boot, and CPUs and I/O resources are reset. Using this option
circumvents the graceful shutdown features of the operating system.
•Cold Boot—Immediately removes power from the server. Processors, memory, and I/O resources
lose main power. The server will restart after approximately six seconds. Using this option
circumvents the graceful shutdown features of the operating system.
The System Power Restore Settings section enables you to control system behavior after power is lost.
You can also configure these settings by using the UEFI System Utilities during POST.

Using the Integrated Remote Console


The iLO Integrated Remote Console is a graphical remote console that turns a supported browser into a
virtual desktop, allowing full control over the display, keyboard, and mouse of the host server. Using the
Remote Console also provides access to the remote file system and network drives.
With Integrated Remote Console access, you can observe POST boot messages as the remote host server
restarts and initiate ROM-based setup routines to configure the remote host server hardware. When you
are installing operating systems remotely, the Integrated Remote Console (if licensed) enables you to view
and control the host server monitor throughout the installation process.
iLO provides the following Integrated Remote Console access options:
•.NET Internet Relay Chat (IRC)—Provides access to the system Kernel-based Virtual Machine
(KVM), allowing control of Virtual Power and Virtual Media from a single console through a
supported browser on a Windows client. In addition to the standard features, the .NET IRC supports
Console Capture, Shared Console, Virtual Folder, and Scripted Media.
•Java IRC and Java Web Start—Provides access to the system KVM, allowing control of Virtual
Power and Virtual Media from a Java-based console. In addition to the standard features, the Java
IRC includes the iLO disk image tool and Scripted Media.
•Stand-alone IRC (HPLOCONS)—Provides full iLO Integrated Remote Console functionality
directly from a Windows desktop, without going through the iLO web interface. HPE Lights-Out
Console (HPLOCONS) has the same functionality and requirements as the .NET IRC application
that is launched from the iLO web interface.
•iLO Mobile Application for iOS and Android devices—Provides Integrated Remote Console
access from a supported mobile phone or tablet.
•SSH console—Offers textcons command to display the remote console in the terminal as far
as the server is in text video mode.

iLO Configuration Utility

Figure 3-12 iLO ROM-based Configuration Utility

You can use the iLO 5 Configuration Utility in the UEFI System Utilities to configure network parameters,
global settings, and user accounts. The iLO 5 Configuration Utility is designed for the initial iLO setup
and is not intended for continued iLO administration. You can start the utility when the server is booted,
and you can run it remotely with the Remote Console.
You can configure iLO to require users to log in when they access the iLO 5 Configuration Utility, or you
can disable the utility for all users. These settings can be configured on the Access Settings page, as shown
in Figure 3-12.
Disabling the iLO 5 Configuration Utility prevents reconfiguration from the host unless the system
maintenance switch is set to disable iLO security.
To access the iLO 5 Configuration Utility, press F9 during POST to start the UEFI System Utilities. Click
System Configuration, and then click iLO 5 Configuration Utility. Options include:
•Network Options—Configure basic iLO network options such as IP address, subnet mask,
gateway IP address, DNS name, DHCP Enable, among others.
•Advanced Network Options—Configure advanced iLO network options such as Gateway from
DHCP, DHCP Routes, DNS from DHCP, DNS Servers, WINS from DHCP, Domain Name, among
others.
•User Management—Add, edit, and remove iLO user accounts.
•Setting Options—Configure iLO access settings including iLO Functionality, iLO Configuration
Utility, Require Login for iLO Configuration, Show iLO IP Address during POST, and Local Users.
•About—View firmware date, firmware version, iLO CPLD version, and serial number, among
other information.
•Set to Factory Defaults—Reset iLO to the factory default settings.

Caution
This operation clears all user and license data.

•Reset iLO—You can reset iLO if it is slow to respond. Resetting iLO does not make any
configuration changes, but it ends all active connections to iLO.

Firmware update technology

Figure 3-13 iLO Firmware screen

Firmware updates enhance server and iLO functionality with new features, improvements, and security
updates. You can update firmware by using an online or offline firmware update method. The iLO
Firmware overview screen is shown in Figure 3-13.
Firmware updates are sent to the system through the iLO network:
•Uses iLO authentication and authorization
•iLO checks digital signature and integrity of all firmware images
SUM orchestrates delivery:
•Dependency checking
•Sequencing of updates
Images are staged to the 4 GB nonvolatile flash partition and updates can be immediate or scheduled
(REST API). RESTful API is supported for firmware updates.

Online firmware update


When you use an online method to update firmware, you can perform the update without shutting down
the server operating system. Online firmware updates can be performed in-band or out-of-band.

In-band firmware updates


Firmware is sent to iLO from the server host operating system. The iLO 5 Channel Interface Driver is
required for in-band firmware updates. During a host-based firmware update, if iLO is set to the
Production security state, it does not verify user credentials or privileges because the host-based utilities
require a root (Linux and VMware) or Administrator (Windows) login.
When iLO is configured to use the High Security, FIPS, or SuiteB security states, user credentials are
required.
The iLO Online ROM Flash Component and HPONCFG are examples of online in-band firmware update
methods.

Out-of-band firmware update


Firmware is sent to iLO over a network connection. Users with the Configure iLO Settings privilege can
update firmware by using an out-of-band method. If the system maintenance switch is set to disable iLO
security, any user can update firmware with an out-of-band method. The iLO web interface, HPQLOCFG,
HPLOMIG, the iLO RESTful API, LOCFG.PL, and SMASH CLP are examples of online out-of-band
firmware update methods.

Online firmware update methods

In-band firmware updates


•Online ROM Flash Component—Use an executable file to update firmware while the server is
running. The executable file contains the installer and the firmware package.

Note
You can download online ROM flash components for iLO and server firmware at the following
website:
http://www.hpe.com/support/ilo5

This option is supported when iLO is configured to use the Production security state.
•HPONCFG—Use this utility to update firmware by using XML scripts. Download the iLO or
server firmware image and the Update_Firmware.xml sample script. Edit the sample script with
your setup details, and then run the script.
Note
Sample scripts are available at http://www.hpe.com/support/ilo5. For more information about
scripting, see the iLO scripting and CLI guide.

When iLO is configured to use the HighSecurity, FIPS, or SuiteB security states, only HPONCFG for
Linux is supported.

Out-of-band firmware updates


•iLO web interface—Download a supported firmware file and install it by using the iLO web
interface. You can update firmware for a single server or an iLO Federation group.
•iLO RESTful API—Use the iLO RESTful API and a REST client such as the RESTful Interface
Tool to update firmware.

Note
For more information, see: http://www.hpe.com/info/restfulinterface/docs

•HPQLOCFG—Use this utility to update firmware by using XML scripts. Download the iLO or
server firmware image and the Update_Firmware.xmlsample script. Edit the sample script with your
setup details, and then run the script.
•HPLOMIG—You do not need to use directory integration to take advantage of the firmware
update capabilities in HPLOMIG (also called Directories Support for ProLiant Management
Processors). This utility can be used to discover multiple iLO processors and update their firmware
in one step.
•SMASH CLP—Access SMASH CLP through the SSH port, and use standard commands to view
firmware information and update firmware. For more information about SMASH CLP, see the iLO
scripting and CLI guide.

Offline firmware update


When you use an offline method to update the firmware, you must reboot the server by using an offline
utility. The SPP, SUM, the Scripting Toolkit for Windows, and the Scripting Toolkit for Linux are
examples of offline firmware update methods.

Offline firmware update methods


You can use the following offline firmware update methods:
•SPP—Use the SPP to install firmware.

Note
For more information, see the following website:
http://www.hpe.com/info/spp/documentation
•SUM—SUM is a tool for firmware, driver, and software maintenance on supported servers and
other nodes. You can use SUM together with iLO to access the iLO repository and manage install
sets and the installation queue.
•Scripting Toolkit—Use the Scripting Toolkit to configure several settings within the server and
update firmware. This method is useful for deploying to multiple servers. For instructions, see the
Scripting Toolkit user guide for Windows or Linux.

Direct connection to HPE Support Center

Figure 3-14 Remote Support registration form in iLO 5

HPE iLO 5 includes the embedded remote support feature, which allows you to register HPE ProLiant
Gen10 servers for HPE remote support, as shown in Figure 3-14. You can also use iLO to monitor service
events and remote support data collections.
Connecting a device to HPE allows it to be remotely supported and to send diagnostic, configuration,
telemetry, and contact information to HPE. No other business information is collected, and the data is
managed according to the HPE privacy statement.

Note
The HPE privacy statement can be reviewed at the following website:
http://www.hpe.com/info/privacy

When you use the embedded remote support feature, choose from the following configuration options:
•Insight Online direct connect
•Insight Remote Support central connect.
Insight Online direct connect
Register a supported device directly with Insight Online without the need to set up an Insight Remote
Support centralized host server in your local environment. Insight Online will be your primary interface
for remote support information. Insight Online is a HPE Support Center feature that enables you to view
your remotely monitored devices anywhere, anytime. It provides a personalized dashboard for simplified
tracking of IT operations and support information, including a mobile dashboard for monitoring when you
are on the go.

Insight Remote Support central connect


Register a supported device with HPE through an Insight Remote Support centralized host server in your
local environment. All configuration and service event information is routed through the host server. This
information can be viewed by using the local Insight RS Console or the web-based view in Insight Online
(if it is enabled in Insight RS).

Email alerting

Figure 3-15 AlertMail configuration screen

iLO AlertMail enables you to configure iLO to send alert conditions detected independently of the host
operating system to a specified email address. The AlertMail configuration screen is shown in Figure 3-
15. iLO mail alerts include major host system events. Some email service providers establish filters and
rules to block problem emails such as spam, commercial content, and unwanted volume. These tools might
block the receipt of messages generated by iLO. These email services are not suitable for receiving iLO
AlertMail messages.
iLO Federation

Figure 3-16 iLO Federation features

Today’s enterprise IT administrators face management problems directly related to scale-out


environments that continue to be managed with existing tools not designed for these environments. These
problems include how to communicate with thousands of servers to discover and manage these systems
in a timely manner, using server data that is current and relevant. Traditional management environments
are based on outdated hierarchical models and present a single point of failure.
Monitoring and managing server status in large data center environments with traditional methods, such
as the use of host files or ping sweeps (using direct interrogation), are time-consuming. Server status
information can be inaccurate by the time it is reported. Ping sweep approaches to iLO discovery and
software updates take between one and two minutes per server. This means that in large server farms,
essential management tasks can take days. In addition, direct interrogation is used to discover additional
devices, which might not be on the same subnet. These conditions allow many existing solutions to cross
network boundaries. This IT infrastructure discovery solution does not scale well.
Administrators have typically managed large infrastructures by using scripts and Dynamic Host
Configuration Protocol (DHCP). Current approaches also use trust systems that typically employ back
doors or impose the burden of a public key infrastructure (PKI) to configure secure communication. These
approaches are limited in their ability to scale and deployment complexity.
As illustrated by Figure 3-16, iLO Federation eliminates the need for adjusting scripts during server
migration and data center rearchitecture efforts. It also removes reliance on tools for external
communication. iLO Federation standardizes several fields within the protocol so that a ping sweep
approach is still possible and adds extra information to support direct interrogation of responders.
In the past, iLO operated on a one-to-one approach, meaning that administrators could only look at one
iLO at a time. iLO Federation is a fully distributed method for performing discovery of multiple systems,
self-organizing those systems into groups, establishing trust, and securely communicating between
systems.
iLO Federation uses the industry-standard multicast approach and provides multicast methods, allowing
other systems to discover iLOs. iLO uses a peer-to-peer management system, in which the iLOs
communicate with each other and share the workload of managing all the systems. The closest iLO
neighbor is identified as a peer. The local iLO identifies its peers through multicast discovery.
iLO Federation also standardizes several fields within the protocol so that a ping sweep approach is still
possible and adds extra information to support direct interrogation of responders. These core technologies
provide reliability and interoperability, and include the following capabilities:
•On-system intelligence—Robust scalability, self-healing, with no single points of failure.
•Real-time self-discovery—With multicast discovery of any bare metal server, iLOs can be
discovered after the server receives auxiliary power.

Important
iLO Federation discovery is a standard feature that allows for queries of data and viewing of
iLO information without a license. However, iLO Federation management requires an iLO
Advanced or iLO Scale-Out license in order to push data and define security groups. Licensing
provides additional iLO functionality, such as graphical remote console, multiuser
collaboration, and video record/playback along with many more advanced features. There are
multiple levels of licensing depending on business needs.
•Group membership—iLOs can be configured with Federation settings and configured to be a
member of a group. iLOs that are members of the same group will discover each other on the
network and begin reporting data/distributing commands.
•Security—iLO Federation uses shared key encryption to implement trust requirements and ensure
high levels of security.

Note
Any user can view information on iLO Federation pages, but some features require a license.
Enter the following URL for more information on iLO licensing.
https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html

Using iLO Federation


iLOs can be grouped, and then activities can be directed to the group of iLOs. When iLO systems are in
the same iLO Federation management group, the iLO web interface on one system can be used to manage
all of the iLO systems in the group.
iLO Federation provides the following functionality in the GUI:
•Multi-System View—Get a summary of the status of multiple systems at one time.
•Multi-System Map—Display information about the iLO systems in a selected group.
•Group Virtual Media—Provide an ISO image to the systems in the group.
•Group Power—Power the systems up and down and display power status.
•Group Power Settings—Configure Automatic Group Power Capping for multiple servers.
•Group Firmware Update—Update the firmware of multiple servers.
•Group Configuration—Add, delete, and modify federation group membership.

Important
iLO systems in the same iLO Federation group must use the same version of iLO firmware.
Group Health Status

Figure 3-17 Viewing Group Health Status

With iLO Federation, using the Multi-System View shown in Figure 3-17 enables you to drill into various
displays. Clicking a server name filters by that server. Clicking the iLO hostname or IP address launches
the iLO web interface.
Group Health Status provides an overview that shows system summary information. To view the status
for a configured group of servers:
•Navigate to the iLO Federation → Multi-System View page.
•From the Selected Group menu, select a group.
The page displays the following information for the servers in the selected group:
•Health information—The number of servers in each listed health status (OK, Degraded, Critical).
The percentage of the total number of servers that is in the listed health status is also displayed. The
health status value can be clicked to select a subset of systems matching that health status.
•Model information—The list of servers, grouped by ProLiant model number. The percentage of
the total number of servers for each model number is also displayed. The model number can be
clicked to select a subset of systems matching that model.
•Critical and Degraded Systems—The list of servers with a Critical or Degraded status.
Filtering and target selecting available on most iLO Federation subpages:
•Click links in Health, Model, Firmware, and so forth, sections.
•Use Group for filtering.

Group Health Status—Critical and Degraded Systems


The Critical and Degraded Systems view displays additional details for systems that are not OK,
including:
•System Name, System Health, and System ROM version
•Server Power and UID Indicator
•iLO Hostname and IP Address
From the Critical and Degraded Systems view, you can determine the severity of the issue:
•A status of Degraded means that a system component has changed to a less robust state (single fan
failure, single points of failure, and so forth).
•A status of Critical indicates that a condition has occurred that might cause a system to fail
(overheating, all fans fail, and so forth).

Group Virtual Media

Figure 3-18 Viewing Group Virtual Media in iLO Federation

The Group Virtual Media feature, shown in Figure 3-18, enables you to connect scripted media that can
be accessed by the servers in an iLO Federation group. Scripted media refers to connecting images hosted
on a web server by using a URL. iLO will accept URLs in HTTP or HTTPS format. FTP is not supported.
When there is a requirement for mass deployment of an operating system, the traditional one-to-one media
installation consumes a tremendous amount of time and manual effort. Using Group Virtual Media, a
single operating system image can be deployed over thousands of servers.
When using Group Virtual Media, note the following:
•Scripted media can be connected to the iLO systems in an iLO Federation Management group.
Scripted media supports only 1.44 MB floppy images (.img) and CD/DVD-ROM images (.iso). The
image must be located on a web server on the same network as iLO.
•To use the Group Virtual Media feature with an iLO Federation group, ensure that each member
of the group has the Virtual Media privilege.
•Only one of each type of media can be connected to a group at the same time.
•You can view, connect, eject, or boot from scripted media.
The Group Virtual Media screens provide fields for entering a URL representing an ISO image or a
CD/DVD-ROM image. iLO also supports mounting a .img file of a USB key; it does not need to be a
floppy .img image.
Group Power Control

Figure 3-19 Group Power Control in iLO Federation

iLO Federation provides a way to control the power on all systems in a group or in multiple groups, as
shown in figure 3-19. It is possible to control power to individual systems as well.
The Group Power feature enables you to manage the power of multiple servers from a system running the
iLO web interface. You can:
•Power off, reset, or power cycle a group of servers that are in the On or Reset state.
•Power on a group of servers that are Off.

Group Power Capping

Figure 3-20 Group Power Capping

The Group Power Control within iLO Federation provides a view of the systems that will be affected by
pushing the Virtual Power Button. This provides a bail-out mechanism before the actions are taken.
With iLO Federation, you can set dynamic power caps for grouped servers. Group Power Capping enables
you to conserve energy costs by controlling power to idling systems.
As shown in Figure 3-20, a separate power cap can be set for every group. With Group Power Capping,
the power caps that are set for a group operate concurrently with the power caps that can be set on the
Power Settings page for an individual server.
To configure power capping settings for an iLO Federation Management group, ensure that each member
of the group has granted the Configure iLO Settings privilege to the group. When a group power cap is
set, the grouped systems share power to stay below the power cap. More power is allocated to busy servers
and less power is allocated to servers that are idle. When a power cap is set, the average power reading of
the grouped servers must be at or below the power cap value.

Group Power Capping Settings


The Automatic Group Power Capping Settings section enables you to view measured power values, set a
power cap, and disable power capping.
The Measured Power Values section lists the following:
•Maximum Available Power—The total power supply capacity for all servers in a group.
•Peak Observed Power—The maximum observed power for the servers in a group.
•Minimum Observed Power—The minimum observed power for the servers in a group.
•Power Cap Value—The value of the power cap that has been set for the servers in a group.
During POST, the ROM runs two power tests that determine the peak and minimum observed power
values.
The Power Capping Settings section allows you to configure the power capping settings. The Current
State section shows the current power consumption.
•Present Power Reading—The current power reading for all servers in a group
•Present Power Cap—The configured power cap for all servers in a group. This value is 0 if the
power cap is not configured.

Group Firmware Update


This feature adds value to the task of upgrading the firmware on multiple systems. Rather than having to
spend several days upgrading individual systems, you can use the Group Firmware Update feature to
update the firmware of multiple servers from a system running the iLO web interface.
Firmware types supported for update are:
•iLO firmware
•System ROM (BIOS)
•Chassis firmware (Power Management)
•Power Management Controller
•System Complex Programmable Logic Device (CPLD)
•NVMe Backplane Firmware
•Language packs

Note
The firmware images (raw .bin or .flash files) must be hosted on a web server on the same
network as the iLO, similar to virtual media, and entered as a URL on the Group Firmware
Update page.
Group Firmware Update views

Figure 3-21 Viewing Group Firmware Update in iLO Federation

When the firmware is being updated, the iLO Federation Group Firmware Update screen reports on the
progress in real-time, as shown in Figure 3-21.
The Group Firmware Update feature enables you to:
•View the number of severs with each firmware version. The percentage of the total number of
servers with the listed firmware version is also displayed.
•View the flash status for the grouped servers. The percentage of the total number of servers with
the listed flash status is also displayed.
•View the TPM status for the grouped servers. The percentage of total servers with the listed TPM
status is also displayed.

Note
A TPM is a computer chip that securely stores artifacts used to authenticate the platform. These
artifacts can include passwords, certificates, or encryption keys. TPM can also be used to store
platform measurements to ensure that the platform remains trustworthy. On a supported system,
iLO decodes the TPM record and passes the configuration status to iLO. The iLO Overview
page displays the following TPM status information:
•Not Supported—A TPM is not supported.
•Not Present—A TPM is not installed.
•Present—This indicates one of the following statuses:
–A TPM is installed but is disabled.
–A TPM is installed and enabled.
–A TPM is installed and enabled, and Expansion ROM measuring is enabled.
New iLO Service Port

Figure 3-22 iLO Service Port before plugging in

iLO Service Port is a new feature in iLO 5, where a laptop can become a full-service workstation.
iLO Service Port uses a dedicated USB port for iLO, as shown in Figure 3-22. Plug in the cable (USB 2.0
to Ethernet dongle required) for all iLO functionality direct to your laptop (169.254.1.2) and perform all
iLO operations, such as:
•Troubleshooting
•Health information
•Logs
•Remote console and virtual media
•LED blinks when in use

iLO Service Port configuration

Figure 3-23 iLO Service Port configuration

Plug in a USB key with a script for super easy AHS download. The LED blinks when the service port is
in use, and full control over devices and security can be configured, as shown in Figure 3-23.
iLO Server Health Summary

Figure 3-24 Server Health Summary

As shown in Figure 3-24, you can use iLO to display the Server Health Summary on an external monitor
when the server is powered on or off. This feature is useful for troubleshooting when the server will not
start up and can also be used to view the server IP address and other health information. It is accessed at
the server using the UID button, available anytime in Gen10 (not just on Aux power). A thumbnail of the
live screen is displayed in upper left corner.

Notice
Press and release the UID button. Holding it down at any time for more than five seconds
initiates a graceful iLO reboot or a hardware iLO reboot. Data loss or NVRAM corruption
might occur during a hardware iLO reboot.

iLO 5 licensing

Figure 3-25 iLO 5 licensing

iLO standard features are included with every server to simplify server setup, perform health monitoring,
monitor power and thermal control, and facilitate remote administration. iLO licenses activate
functionality such as graphical Remote Console with multiuser collaboration, video record/playback, and
many more features. Figure 3-25 shows the iLO licensing screen.
iLO 5 is available with the following licensing editions:
•iLO Standard and iLO Standard for BladeSystem
•iLO Essentials
•iLO Scale-Out
•iLO Advanced and iLO Advanced for BladeSystem
•iLO Advanced Premium Security Edition. Includes all functionality of iLO Advanced plus:
–Secure Start with Automatic Recovery
–CNSA Encryption
–Secure Erase of NAND (initiate in Intelligent Provisioning)
–Runtime Firmware Verification scan

Note
The HPE iLO Licensing Guide provides information about purchasing, registering, and
activating HPE iLO licenses:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=c04951959

Learning check
5.What are three possibilities for connecting to iLO?

6.iLO Service Port can be disabled if needed.


True
False

HPE RESTful API

Figure 3-26 Standard architecture with HPE RESTful API

The HPE RESTful API is a management interface that server management tools can use to configure,
inventory, and monitor a ProLiant server (supported on Gen9 and Gen10 servers; prerequirements apply
to firmware version). It is an architectural style consisting of a coordinated set of architectural constraints
applied to components, connectors, and data elements within a distributed hypermedia system.
The open, industry-standard HPE RESTful API provides a programmable interface and lightweight data
model specification that is simple, remote, secure, and extensible, as illustrated by Figure 3-26. REST has
become a popular communication protocol on service-oriented architecture styles. It enables IT staff to
quickly and securely customize server configuration and provisioning, and at the same time, provide a
common interface for integration to HPE Helion and cloud ecosystems such as OpenStack.
HPE provides two options for RESTful API programming:
•Use the HPE RESTful API for direct programming with total tool-less access to do scripting or
write integration tools with open programming options.
•Use the HPE RESTful Interface Tool for simple scripting with command shells.

REST communication

Figure 3-27 REST communication architecture

REST is a web service that uses basic CRUD (Create, Read, Update, Delete, and Patch) operations
performed on resources using HTTP Post, Get, Put, Delete, and Patch. REST is a set of conventions
describing a way to create, read, update, or delete information on a server using simple HTTP calls. It is
an alternative to more complex programming mechanisms such as SOAP, CORBA, and RPC. Simply put,
a REST call is an HTTP request to the server.
Figure 3-27 gives an overview of how REST is used. A REST client sends HTTPS operations to the iLO
web server to GET and PATCH JSON-formatted data and to configure supported iLO and server settings,
such as UEFI BIOS settings.
The REST architecture generally runs over HTTP, although other transports can be used. What the HPE
OneView user interface allows you to do graphically, the RESTful API enables you to do
programmatically. For example, you can use a scripting language such as Microsoft PowerShell to
perform tasks by using RESTful API calls that you might otherwise complete through the web-based UI.
Addressing challenges by using the HPE RESTful API

Figure 3-28 Reduces complexity to optimize the interactions

Today, many available tools for server management via scripting bring with them limitations around
automation, orchestration, and management. Because scripting interfaces are not common across HPE
management tools, HPE is using the HPE RESTful API as a standardized scripting solution to address
key challenges around:
•Unsecure remote capabilities—Remote scripting is often not secure, triggering the need for
another mechanism to transport scripts to target nodes.
•Learning and deployment—This can be time-consuming because a single command utility does
not work across server components with existing scripting tools. The learning curve increases
because administrators are required to learn different types of interfaces across the data center.
•Scripting efficiency—Using different tools creates complexity. Running the server through PXE
for updates also delays scripting. Running scripts on too many servers is not readily scalable.
Figure 3-28 shows a web browser plugin used to access iLO over HPE RESTful API.
Designed for ProLiant Gen9 and Gen10 servers, the HPE RESTful API directly addresses scripting
challenges in a way that is:
•Simple—Easier access to information eliminating multiple tools to run scripts and provision server
•Remote and secure—Capabilities leveraging industry-proven HTTPS protocol
•Extensible—Ability to script and expose new functionality with few or no firmware upgrade
dependencies
HPE RESTful API for iLO

Figure 3-29 The main management API for iLO based HPE servers

The HPE RESTful API for iLO is designed using the Hypermedia as the Engine of Application State
(HATEOAS) REST architecture. This architecture allows the client to interact with iLO through a simple
fixed URL—rest/v1. This has the advantage of the client not needing to know a set of fixed URLs. When
creating a script to automate tasks using the HPE RESTful API for iLO, you only need to hardcode this
simple URL, and design the script to discover the RESTful API URLs that are needed to complete a task.

Note
Enter the following URL into your browser for more information on HATEOAS.
http://en.wikipedia.org/wiki/HATEOAS

As shown in Figure 3-29, the HPE RESTful API for iLO is the main management API for iLO-based HPE
servers. Using this API, it is possible to take full inventory of the server, control power and reset, configure
BIOS and iLO settings, and fetch event logs, in addition to performing many other functions.
This API follows the Internet trend in moving to a common pattern for new software interfaces. Many
web services in a variety of industries use RESTful APIs because they are easy to implement and easy to
consume, and they offer scalability advantages over previous technologies. HPE OneView, OpenStack,
and many other server management APIs are now RESTful APIs. Most HPE management software
offerings, as well as the entire software-defined data center (SDDC) architecture, are built upon RESTful
APIs.
The HPE RESTful API for iLO has the additional advantage of consistency across all present and
projected server architectures. The same data model works for traditional rack-mount servers and blades
as well as newer types of systems such as Moonshot. The HPE RESTful API for iLO provides this
advantage because the data model is designed to self-describe the service’s capabilities to the client and
has room for flexibility designed in from the start.

Note
Enter the following URL into your browser for more information on the HPE RESTful API.
https://hewlettpackard.github.io/ilo-rest-api-docs/ilo5/

HPE RESTful Interface Tool

Figure 3-30 HPE RESTful Interface Tool

The HPE RESTful Interface Tool, as shown in Figure 3-30, simplifies server configuration by using
industry-recognized RESTful APIs, enabling you script provisioning on ProLiant Gen9 and Gen10
servers. The RESTful Interface Tool offers a single command-line interface to configure various server
components, plus document-allowed server configurations and dependencies. The HPE RESTful API for
UEFI can be used to configure settings through this CLI.
The RESTful Interface Tool is key to enabling software-defined computing for the new Idea Economy.
Benefits include:
•Easy customization—A single command line to simplify customizing workflows and scripts by
standardizing a set of commands that interacts with all server components
•Reduced travel costs—Capability to remotely manage servers
•Reduced deployment complexity—Enablement of any of the three modes—interactive,
scriptable, or file-based—to program and execute scripts easily
•Simplified scripting—Self-descriptive tool to reduce the learning curve adoption

Activity: iLO RESTful API Explorer

Figure 3-31 iLO RESTful API Explorer

To explore the API with iLO RESTful API Explorer shown in Figure 3-31, even without accessing the
server, use the link below.

Note
Enter the following URL into your browser for more information on the HPE RESTful API.
https://ilorestfulapiexplorer.ext.hpe.com/

Activity debrief
Answer following questions:
1.What is the URI of the endpoint displaying current BIOS Settings?

2.What is the payload definition for request asking for momentary power button press?

3.What is the correct URI to display IML?


Learning check
7.What is the HPE RESTful API?

8.What information do you need for connecting to a REST service?

Other HPE scripting tools

Figure 3-32 Powershell cmdlets

Two additional scripting tools are available:


•Scripting Tool for Windows PowerShell—A powerful set of utilities that you can use to perform
various configuration tasks on ProLiant servers, the Scripting Tool for Windows PowerShell, is
designed for customers familiar with Windows PowerShell. It is the Microsoft task automation
framework, consisting of a command-line shell and associated scripting language built on Microsoft
.NET Framework. It follows the standard PowerShell syntax and scripting model, making it easy
for customers to incorporate these functions into their administrative scripts.
As shown in Figure 3-32, the HPE Scripting Tool for Windows PowerShell uses lightweight
commands (cmdlets) that better enable integration with the current IT ecosystem, allowing retrieval
of firmware versions from multiple enclosures and servers. PowerShell Onboard Administrator
cmdlets enable retrieval of firmware versions from multiple BladeSystem enclosures and servers,
and pipe information to cmdlets that update enclosures, blade, and enclosure options.
Ideal for enterprises looking for fast and effective HPE hardware configuration using the standard
PowerShell architecture and scripting model, the Scripting Tool for Windows PowerShell is
available for free download. Cmdlets support iLO3, iLO4, and iLO5.
•Scripting Toolkit (STK) for Windows and Linux—A server deployment product that allows
customers to automate the configuration and installation for high-volume ProLiant server and
BladeSystem infrastructure deployments. It includes command line utilities for configuring and
deploying servers in a customized, predictable, and unattended manner. STK automates firmware,
drivers, and server maintenance. It uses industry-recognized APIs, enabling you to script
provisioning across generations of servers. It enables customers to duplicate the configuration of a
source server on target servers with minimal user interaction.

Industry-standard Redfish
Scalability in today’s data center is increasingly achieved with horizontal, scale-out solutions, which often
include large quantities of simple servers. The usage model of scale-out hardware is drastically different
than that of traditional enterprise platforms and requires a new approach to management.
Designed to meet the expectations of end users for simple and secure management of modern scalable
platform hardware, DMTF’s Redfish is an open-industry standard specification and schema that specifies
a RESTful interface and utilizes JSON and OData to help customers integrate solutions within their
existing tool chains. An aggressive development schedule is quickly advancing Redfish toward its goal of
addressing all the components in the data center with a consistent API.
DMTF welcomes extensions to Redfish and works with its Alliance Partners and OEMs to leverage and
expand Redfish. For example, the Storage Networking Industry Association (SNIA) is developing
Swordfish, which builds upon Redfish’s local storage management capabilities to address enterprise
storage services.
BIOS RESTful API is introduced in Gen9 ProLiant, is supported on Gen10 servers, and provides the
ability to configure ALL BIOS configuration settings. Standardization of BIOS configuration via Redfish
is led by HPE and BIOS schema definitions moved to Redfish standard. ProLiant Gen10 will be
deprecating the HPE version of these schema objects, and Gen10 will only support Redfish industry
standard. BIOS schemas attribute registry definitions changed in Redfish. These changes are relatively
minor to customer scripts using the RESTful API directly. HPE REST Tool will abstract most changes
and most scripts using the HPE REST Tool will not require modification.

Note
Enter the following URL into your browser for more information and documentation on
Redfish. https://www.dmtf.org/standards/redfish

Learning check
9.HPE server cmdlets for Windows PowerShell support iLO 5 and Gen10 ProLiant servers.
True
False

HPE Intelligent Provisioning


Figure 3-33 Advantages of HPE Intelligent Provisioning

Intelligent Provisioning enables out-of-the box single-server deployment and configuration without the
need for media. It addresses the complexity of server maintenance and offers improved, embedded server
configuration and operating system deployment, as illustrated by Figure 3-33. It eliminates much of the
complexity required to deploy a bare-metal server and allows a system to be deployed faster than
conventional methods. New features for ProLiant Gen9 servers include a refreshed GUI and the ability to
access 1 TB of HPE StoreVirtual Virtual Storage Appliance (VSA) storage through Intelligent
Provisioning at no additional cost.
Intelligent Provisioning is a single-server deployment tool embedded in ProLiant Gen8 and Gen9 servers
that replaces the SmartStart CDs and Smart Update Firmware DVD used with previous generations of
ProLiant servers. It simplifies ProLiant server setup by providing a reliable and consistent way to deploy
ProLiant servers.
Intelligent Provisioning uses iLO Federation for discovery and reporting activities. When iLO Federation
management is configured on the network, you can store Intelligent Provisioning server profiles on the
network. If a profile is stored by an iLO Federation management group member on the network on one
server, the same profile can be installed on any other server in the group by selecting it from the drop-
down menu on the Deployment Settings page. Advantages of Intelligent Provisioning include the
following:
•Eliminates many of the steps it takes to deploy a bare-metal server
•Allows a system to be deployed and online much faster
•Clones server installation setup and transfers files from one server to another simultaneously across
numerous servers at once instead of updating them independently of one another
•Uses features within iLO Federation for rapid discovery of new devices
Accessing Intelligent Provisioning

Figure 3-34 Intelligent Provisioning

To access Intelligent Provisioning, power on or reboot the server and press F10 when prompted during
the server POST. When you access Intelligent Provisioning, one of the following happens:
•If this is the first time you are using Intelligent Provisioning, on-screen prompts provide guidance
through initial configuration and registration tasks.
•If Intelligent Provisioning was previously accessed and the initial configuration and registration
tasks are complete, the Intelligent Provisioning home page is displayed, as shown in Figure 3-34.
On the home screen, select one of the following menus to use Intelligent Provisioning:
–Express OS install
–Perform maintenance
To exit Intelligent Provisioning, reboot the server by clicking the power icon at the top right of the page.
Intelligent Provisioning with limited features can be also accessed directly from iLO 5.

Intelligent Provisioning setup


The Set Preferences screen appears automatically the first time Intelligent Provisioning runs on a server.
To set up the software, you must perform the following steps:
1.Choose the interface language and keyboard language.
2.Confirm that the system date and time are accurate. To change the date or time, click the displayed
date or time, and use the displayed calendar or clock to select the new values.
3.Read and accept the end user license agreement (EULA).
4.Enter network settings.
5.Select the active NIC from the list, and then choose from one of the following IP addressing
schemes:
–DHCP Auto-Configuration—HPE recommends selecting DHCP to have IP addresses
assigned automatically to servers.
–IPv4 Static—Selecting IPv4 adds four new fields: the static IPv4 address, network mask,
gateway address, and DNS address.
–IPv6 Static—Selecting IPv6 adds two fields: the static IP address and the gateway address.
6.Specify whether a proxy is being used. If there is a proxy on the network, it might need to be
configured for use with features that communicate across the network. If Use Proxy is chosen, enter
a proxy address and port.

Important
When entering the proxy address, make sure to include the appropriate protocol (FTP, HTTP,
or HTTPS). If the protocol is not included, the installation of VSA may fail.

7.Enter the iLO network settings. Select one of the following iLO network IP addressing schemes:
–DHCP Auto-Configuration—HPE recommends selecting DHCP to have IP addresses
assigned automatically to servers.
–Off—Selecting Off makes this server unavailable through iLO.
8.Select a delivery option for System Software Updates for Intelligent Provisioning.
–HPE website—HPE recommends selecting this option to be prompted when updates are
available and download all software updates for the server from hp.com.
–HTTP/FTP—When prompted, enter an address in the URL field.
–Disable—Select this to disable automatic updates if it is planned to update system software
manually.
Intelligent Provisioning—Installing the operating system

Figure 3-35 Express OS install

To use Intelligent Provisioning to configure the hardware and install an operating system on a ProLiant
server, follow the on-screen prompts in the Express OS Install menu, shown in Figure 3-35:
1.Configure RAID:
–Recommended settings
–Keep current settings
2.Select Controller and Disk.
3.Select Installation source:
–DVD-ROM
–File on a USB drive
–CMB/CIFS
–FTP server
4.Update Firmware:
–Skip or Update
5.Select install method:
–Assisted (Only option when accessing from iLO web page—Always on)
–Manual
6.Select OS.
7.Review settings.
8.Start the installation.
Perform Maintenance

Figure 3-36 Performing maintenance

The Intelligent Provisioning Perform Maintenance screen provides access to numerous maintenance-
related tasks:
•Active Health System download—Download Active Health System telemetry data from the
server onto a USB key in the form of an Active Health System log file. After you download the
Active Health System log, the log file can be sent to HPE when support cases are opened to assist
with troubleshooting. HPE support uses the log file for problem resolution.
•Firmware Update—ProLiant servers and their installed hardware options are preloaded with the
latest firmware, but updated firmware might be available. Use the Firmware Update utility to find
and apply the latest firmware for ProLiant server and installed options.
•Intelligent Provisioning Preferences—Change basic preferences, including the interface and
keyboard languages, network and share setting, system date and time, and software update settings.
In addition, the EULA is accessible from this screen.
•Deployment Settings—Create a server configuration package that can be deployed to one or more
ProLiant Gen9 servers and server blades using a USB key and iLO scripting. Using the deployment
settings is an alternative to using the HPE Scripting Toolkit.
•Smart Storage Administrator—These utilities provide high-availability configuration,
management, and diagnostic capabilities for all HPE Smart Array products.
•BIOS Configuration (RBSU) utility—Access BIOS Configuration utility directly from
Intelligent Provisioning without the need to reboot, as shown in Figure 3-36.
•iLO configuration—View and change iLO settings through Intelligent Provisioning, instead of
through the iLO web interface.
•Erase Utility—Clear hard drives and the Active Health System logs and reset the RBSU settings
in the UEFI System Utilities.
Postinstallation tasks

Figure 3-37 NIC teaming configuration

After the installation completes, perform postinstallation tasks, such as:


•Update drivers and management components from Service Pack for ProLiant.
•Configure additional storage.
•Configure teaming/bonding, as shown in Figure 3-37.
•Set up update procedures.
•Verify logs.

Learning check
10.Intelligent Provisioning allows administrators to perform assisted installation of an HPE
ProLiant server.
True
False

HPE Smart Storage Administrator


The Smart Storage Administrator (SSA) is a web-based application that helps you configure, manage,
diagnose, and monitor Smart Array controllers and host bus adapters (HBAs).
Additional features of SSA include:
•GUI, CLI, and scripting interfaces
•English, French, German, Italian, Japanese, Simplified Chinese, and Spanish languages
•The ability to run on any machine that uses a supported browser
All formats provide support for standard configuration tasks. SSA also supports advanced configuration
tasks, but some of its advanced tasks are available in only one format. The diagnostic features in SSA are
also available in the stand-alone software HPE Smart Storage Administrator Diagnostics Utility CLI.
Additional SSA features and functions include:
•Support for HPE Secure Encryption—Is a data encryption solution for ProLiant Gen8 and Gen9
servers that protects data at rest on any bulk storage attached to a Smart Array controller.
•SSD Over Provisioning Optimization—Optimizes solid-state drives (SSDs) by deallocating all
used blocks before data is written to the drive. The optimization process is performed when the first
logical drive in an array is created and when a failed drive is replaced with a physical drive.
•Rapid Rebuild Priority—Determines the urgency with which a controller treats an internal
command to rebuild a failed logical drive. SSA offers four settings: low, medium, medium high,
and high.
•Auto RAID 0—Creates a single RAID 0 volume on each physical drive specified, enabling the
user to select multiple drives and configure as RAID 0 simultaneously.

SSA home page

Figure 3-38 SSA home page

Figure 3-38 shows the SSA home screen. The Smart Storage Administrator quick navigation menu is in
the top, left-hand corner of the screen. Clicking the down arrow displays the available devices, and
clicking one of the available devices displays additional information and options for the device. Return to
a server home screen, or choose Configuration or Diagnostics for a device listed.
Available devices are listed on the left-hand side of the screen. Clicking a server or an array controller
displays the available actions, alerts, and summary for that device. Point to the status alerts to see details
on an alert. The “What’s New?” section summarizes the changes since the HPE Array Configuration
Utility became HPE Smart Storage Administrator and since the previous versions of HPE SSA.
The Refresh button is near the top right of the screen. After adding or removing devices, click Refresh to
update the list of available devices. The Help button is near the top right of the screen.
SSA Controller actions screen

Figure 3-39 SSA Controller actions screen

Selecting a controller from the left-hand pane displays the actions page for that controller, as shown in
Figure 3-39. Available actions include:
•Configure—Modify Controller Settings, Advanced Controller Settings, Modify Spare Activation
Mode, Clear Configuration, among others
•Diagnose—Array diagnostic report and SmartSSD Wear Gauge Report

SSA Configure screen

Figure 3-40 SSA Configure screen

Figure 3-40 shows the SSA configuration screen. To access this screen, either click a device under
Configuration in the quick navigation menu, or select an available device from the Home screen, and then
click Configure under the available options.
The Configure screen displays the GUI elements from the Welcome screen and lists available actions,
status messages, more detailed information, and a controller configuration summary for a selected
controller. When a controller is selected, the following elements appear:
•Selected Controller, Controller Devices, and Tools—This panel, at the left, displays systems,
controllers, arrays, physical drives, logical drives, and a cache and license manager.
•Actions—This panel, in the middle, provides the following information:
–Tasks that are available for the selected device based on its current status and configuration
–Options and information pertinent to the task, after a task is selected
•Status Messages—This panel provides:
–Status icons with the number of individual alerts for each category
–A view all status messages link that displays device-specific alerts
•Controller Configuration Summary—This panel provides a summary of the following elements:
–Data arrays
–Data drives and logical drives
–Unassigned drives

SSA Diagnostics screen

Figure 3-41 SSA Diagnostics screen

When you select either the Array Diagnostic Report or the SmartSSD Wear Gauge Report on the SSA
Diagnostics page, the available actions on the Actions panel include viewing the report or saving the
report, as shown in Figure 3-41.

Note
The SSA Diagnostics feature replaces the Array Diagnostic Utility supported by SmartStart
v8.20 and earlier.

SSA generates the following reports and logs:


•Array diagnostic report—This report contains information about all devices, such as array
controllers, storage enclosures, drive cages, as well as logical, physical, and tape drives. For
supported SSDs, this report also contains SmartSSD Wear Gauge information.
•SmartSSD Wear Gauge report—This report contains information about the current usage level
and remaining expected lifetime of SSDs attached to the system.
•Serial output logs—This log details the serial output for the selected controller.
For each controller, or for all of them, the following tasks can be selected:
•View Diagnostic Report
•Save Diagnostic Report
•View SmartSSD Wear Gauge Report
•Save SmartSSD Wear Gauge Report
For the view tasks, SSA generates and displays the report or log. For the save tasks, SSA generates a
report without the graphical display.
For either task, the report can be saved. In online and offline environments, SSA saves the diagnostic
report to a compressed folder, which contains an XML report, a plain text report, and a viewer file so the
report can be displayed and navigated using a web browser.
Each SSA Diagnostics report contains a consolidated view of any error or warning conditions
encountered. It also provides detailed information for every storage device, including the following:
•Device status
•Configuration flags
•Firmware version numbers
•Physical drive error logs
SSA Diagnostics never collects information about the data content of logical drives. The diagnostic report
does not collect or include the following:
•File system types, contents, or status
•Partition types, sizes, or layout
•Software RAID information
•Operating system device names or mount points

SSA Array Details screen

Figure 3-42 SSA Array Details screen

The array details page, shown in Figure 3-42, displays logical drives and their member physical drives.
Actions include:
•Manage data drives
•Manage spare drives
•Split mirrored array
•Delete array
•Create split mirror backup
Creating a logical drive

Figure 3-43 Selecting physical drives for the new array

To create a new logical drive (array):


1.Select a controller and click Create Array.
2.Select the physical drives for the new logical drive, as shown in Figure 3-43.
3.Make selections for RAID Level, Strip Size/Full Stripe Size, Sectors/Track, and Size.
4.Click Create Logical Drive.

Learning check
11.Which tool can be used to modify the RAID level of an existing array?

12.The SSA Diagnostics screen provides access to which functions? (Select two.)
A.Storage RAID Report
B.DDR4 ECC Report
C.Power Consumption Report
D.SmartSSD Wear Gauge report
E.Array Diagnostic Report

HPE Smart Update solution


Figure 3-44 HPE Smart Update benefits

Figure 3-44 outlines the benefits of HPE Smart Update. In developing the Smart Update solution, HPE
addressed the primary issues IT departments encounter with system management, including:
•Consistent, integrated, and fully supported update sets (service packs) for system firmware and
software
•Simple and powerful system update technology that can update systems while they are online and
does not require management agents installed on target systems
•Scalable system maintenance updates that can reach thousands of target systems through
integration with system management platforms such as HPE Systems Insight Manager (HPE SIM)
and others
Smart Update

Figure 3-45 Smart Update—Taking the pain out of firmware and driver maintenance

Smart Update is a re-engineering of the system maintenance process for HPE servers and infrastructure
that solves these and other challenges and provides an extensible platform for system maintenance going
forward. There are several distinct elements to the Smart Update solution as illustrated by Figure 3-45:
•Smart Update Tools (SUT)— This is the SUM extension that enables server management
products (such as OneView, iLO Amplifier, SUM) to stage and apply updates on the OS through
iLO.
•HPE Smart Update Manager (SUM)—This is the installer that guides the user through the
necessary steps to install a new set of updates. It is easy to use with a browser-based GUI, as well
as command line and scripting capabilities. A deployment screen provides details on components
that need updates, including estimated deployment time. HPE SUM can perform updates
immediately or on a schedule and can reboot immediately after update, drive the operating system
to delay the reboot by up to an hour, or wait for a reboot that is part of a regularly scheduled
maintenance protocol.
•SPP Custom Download—This is a free web service for creating custom SPPs to reduce the size
by including only the Smart Components you need and include hot fixes, OS supplements, and
Maintenance Supplement Bundles (MSBs).
•Service Pack for ProLiant (SPP) and firmware bundles—These are collections of Smart
Components bonded by XML files and HPE SUM. Each downloadable set is heavily tested for
coherency and interdependencies in the HPE labs. These convenient bundles are released two to
four times per year as new products are introduced that are tested as a set and available for download
from the web. The results of the interdependency testing are coded into HPE SUM.
•Smart Components—Each firmware or driver update is a self-contained executable that takes
care of updating the existing firmware or driver with a newer release, and double checks that it is
indeed executing against the right hardware. The Smart Components contain the intelligence to
perform the update when the operating system (Windows, Linux, or VMware) is up and running.
HPE Server Update Tool Spectrum
Below are a list of customer needs and the corresponding HPE Server Update Tool that they would use to
resolve those needs:
•Smart Update Manager—“I have a few HPE servers that are monitored using iLO and need a
tool for periodic updates.”
Dependable updates of servers
Sequencing and rule checking
Updates small number of servers at a time
Can be scripted for automation
•iLO Amplifier Pack (new)—“I have many HPE servers and need a vendor-specific update
management tool.”
Scales to 1000s of servers
Leverages iLO Federation for speed
Provides inventory reporting and basic fault notifications
Smart Update firmware and driver updates
•HPE OneView Advanced—“I have a lot of HPE infrastructure and need unified management
platform.”
Full infrastructure management—provisioning, monitoring, and remote support
Manages HPE servers, storage, and networking
Enables composability
Composable API

HPE Smart Update Manager

Figure 3-46 HPE SUM provides a single interface for firmware driver and software updates

HPE SUM keeps firmware, drivers, and agents up to date, while taking into account all interdependencies,
with a minimum impact on system uptime and productivity. HPE SUM allows you to provision multiple
systems based on user-defined templates, ultimately reducing deployment time. Only required updates are
deployed.
As illustrated by Figure 3-46, HPE SUM provides a single interface for firmware driver and software
updates across the HPE server portfolio. It is preloaded with all relevant interdependency information
from extensive HPE testing before each SPP release. It does not require an agent for remote installations,
because it copies a replica of itself to each of the target servers only for the duration of the installation.
HPE SUM has an integrated hardware and software discovery engine that finds the installed hardware and
current versions of firmware and software on target servers and identifies associated targets that should
be updated together, to avoid interdependency issues. HPE SUM installs updates in the correct order and
ensures that all dependencies are met before deploying an update, including updates for Onboard
Administrator and Virtual Connect. It prevents an installation if there are version-based dependencies that
it cannot resolve.
HPE SUM supports online updates of all ProLiant firmware, drivers, agents, and tools (for Windows and
Linux targets; some firmware can be updated online in VMware vSphere). Reboots can be “forced
always,” “as needed,” “delayed,” (operating system-controlled, up to 60 minutes), or “not” (assuming a
manual reboot at a later time).
Features of HPE SUM include:
•Baseline enhancements
–Validation
–Assignment of baselines in guided mode
–Dynamic filtering and filtering by server model
–Ability to download baselines from an HTTP server
•Deployment enhancements
–Live logs providing detailed information of target update process
–Drive firmware for selected hard disk drives (HDDs)
–Low disk space warning (HP-UX)
•Deployment of VMware vSphere Installation Bundles (VIBs) and Linux firmware RPM Package
Managers (RPMs)

HPE SUM features


HPE SUM increases the ease of server management through these features:
•Easy discovery of all supported devices
•Integrated acquisition of the latest updates
•Scalability to 50 nodes
HPE SUM deployment capabilities include:
•The ability to deploy firmware and software from a Windows workstation/server to Linux servers
•The ability to deploy firmware from a Windows or Linux workstation/server to VMware servers
•Local offline firmware updates using the HPE SUM or SPP bootable-ISO image
•Remote offline deployment using the HPE Scripting Toolkit or iLO Virtual Media
•Enhanced deployment experience by viewing deployment logs during the deployment process
(also known as live logs)
•Enhanced HDD firmware deployment for selective HDD update (limited to firmware packages
that support this)
Note
Enter the following URL into your browser for more information and documentation on HPE
SUM.
https://www.hpe.com/info/hpsum

HPE SUM and iLO Federation

Figure 3-47 How SUM works with iLO Federation

Figure 3-47 illustrates how SUM works with iLO Federation. When you log in to HPE SUM, it
automatically searches for iLO Federation groups on connected networks. HPE SUM searches each group
and displays the nodes that respond to the HPE SUM search. The Edit scalable update group screen is
used to enter the IP address and user credentials for one node in the iLO Federation group that HPE SUM
uses as the interface for inventory and deployment to the nodes in the group.
When you select a group, HPE SUM displays information about the group, including a description, server
types, number of servers, and installed firmware versions. HPE SUM displays the PMC, CPLD, System
ROM, and iLO firmware. HPE SUM only deploys system ROM and iLO firmware to iLO Federation
group nodes.
The HPE SUM iLO Federation feature relies on proper configuration of iLO Federation groups before
launching HPE SUM. Having multiple iLO Federation groups with the same name or fragmented iLO
Federation groups result in HPE SUM only working with a portion of the expected systems.
Other systems ask iLOs for data on a periodic basis and store that data in a database. They might request
server data such as temperatures, profiles, or firmware versions from iLO once an hour and store that in
the server’s database or HPE OneView appliance. This is less scalable than the iLO Federation approach,
which includes virtual real-time updates.
iLO Federation management provides scalability enhancements when used with HPE SUM:
•Automatically discover iLO Federation groups on the management network.
•Update the iLO and ROM firmware online on ProLiant servers in the iLO Federation Group
through the iLO
•Update all applicable firmware on ProLiant servers in the iLO Federation Group through the iLO
using offline firmware deployment
•Ability to apply updates to all members of an iLO Federation group (Advanced iLO license
required)

HPE Service Pack for ProLiant

Figure 3-48 HPE Service Pack for ProLiant benefits

SPP is a comprehensive package that includes firmware, drivers, and tools across ProLiant servers and
infrastructure including many generations of ProLiant BL/DL/ML/SL series servers.
Figure 3-48 illustrates the benefits of HPE Service Pack for ProLiant.
SPP provides this consolidated set of solution-tested ProLiant system software available as a single
download. You spend less time on maintenance with resulting confidence in the update’s stability.
SPP is available for customers to download and use on products that are under an active warranty or an
HPE Support Agreement. All SPPs can be installed by the customers. On occasion, a component might
be dropped from the SPP. For latest component updates, check the server product-specific webpage. SPP
will, in general, carry the current generation of an operating system plus one generation back. The
operating system might still be supported by HPE, but it would not be part of the SPP package. SPP is
pretested for component dependencies, customizable for the environment, and supported for one year.
In between each full SPP release, you might need to apply hot fixes as necessary to address specific issues.
Hot fixes are supported as part of the SPP because each hot fix component is tested individually against
the latest SPP and all other SPPs released within the last 12 months.
MSBs are used together with an associated SPP and are released in April and October. This includes any
supplements or hot fixes that have been issued since the associated SPP was issued. Applying an MSB
extends the support period of the SPP. SPP supplements and other (nonhot fix) components might also be
needed to support new operating system releases or new functionalities. These types of releases can be
combined with a full SPP release to create a custom solution.
iLO Repository

Figure 3-49 An on-system location for saving updates

As illustrated by Figure 3-49, the iLO Repository is a secure storage area in the nonvolatile flash memory
embedded on the system board. This flash memory is called the iLO NAND. Use SUM or iLO to manage
signed software and firmware components in the iLO Repository. Factory default firmware install set is
preloaded to the repository.
iLO, the UEFI BIOS, SUM, and other client software can retrieve these components and apply them to
supported servers. Use SUM to organize the stored components into install sets and SUM or iLO to
manage the installation queue. SUM can also be used to save updates from each SPP, only applicable
components to that server are saved. Repository is also available for rollback later without needing to go
off server.
To learn more about how iLO, SUM, and the BIOS work together to manage software and firmware, see
the SUM documentation.

Server update frequency


The SPP is changing in response to customer feedback to reduce the frequency of server updates. Server
generations will be separated into two categories:
•Production—Currently for sale, and HPE is actively adding support for new options and
OS/hypervisor versions.
•Post-production—No longer for sale, and HPE is no longer adding support for new options and
OS/hypervisor versions
Firmware and driver updates for postproduction server generations are rare, and yearly updates are no
longer required. The SPP server lifecycle terminology is also changing. The current baselined and dropped
terminology has negative connotations, which customers associate with end of support for a server. At
this time, yearly updates continue to be the recommended update frequency for production server
generations.

SPP custom download


Figure 3-50 SPP custom download—Home page

HPE recommends using the SPP custom download feature, as shown in Figure 3-50. Download
customized, smaller SPPs to best suit the environment. For example, you can apply environment–specific
filters, like the server model filter or operating system filter and download a smaller SPP for a specific
environment.
HPE sometimes releases component hotfixes between main SPP releases. Use custom SPPs to install these
firmware hotfixes. Upload the custom SPP into HPE OneView, and assign the custom SPP to a logical
enclosure, logical interconnect, server profile template, or a server profile.
Different mechanisms are available for applying a hotfix in OneView:
•Use SPP custom download to create a new SPP with the hotfix.
•Use SUM to create a new SPP with the hotfix.
•Upload the hotfix and create a custom SPP using HPE OneView.

Note
Enter the following URL into your browser for more information and documentation on HPE
SUM.
https://www.hpe.com/servers/spp/custom

Activity: HPE Management and benefits for the customer


1.What are the benefits of HPE Management tools for single server management, that Alpha
Centauri Drones Company can benefit from?

2.Which tools are suitable for the Alpha Centauri Drones Company customer scenario?
HPE BladeSystem
BladeSystem infrastructure management is delivered through a complete portfolio of ProLiant server
lifecycle management capabilities that can flexibly operate from embedded on-system utilities, on-
premise software-defined data centers, and from the cloud. The HPE software-defined approach to
infrastructure provisioning leverages a template-based, profile-driven approach that dramatically
improves the speed with which customers deploy servers, storage, and network infrastructure.
Managing ProLiant servers with HPE infrastructure management results in increased efficiency and
precise control of server infrastructure resources. With a rich set of capabilities that are easy to access and
simple to use, HPE infrastructure management covers critical areas such as server deployment and
configuration, health and alerting, power and remote management, automated support, warranty and
contract status, and control through a cloud-based portal. The core components of HPE infrastructure
management are HPE OneView, iLO, and Insight Online.

Onboard Administrator

Figure 3-51 Onboard Administrator for BladeSystem

The Onboard Administrator for BladeSystem enclosures, shown in Figure 3-51, is the intelligence of the
BladeSystem infrastructure. Together with the enclosure’s Insight Display, the Onboard Administrator
has been designed for both local and remote administration of BladeSystem enclosures.This BladeSystem
feature provides wizards for:
•Simple, fast setup and configuration
•Highly available and secure access to the BladeSystem infrastructure
•Security roles for server, network, and storage administrators
•Agentless device health and status
•Thermal Logic power and cooling information and control
Each enclosure ships with one Onboard Administrator module. A customer can order a second redundant
Onboard Administrator module for each enclosure.
When two Onboard Administrator modules are present in a BladeSystem enclosure, they work in an
active/standby mode, assuring full redundancy with integrated management. Either module can be the
active module. The other becomes the standby module. Configuration data is constantly replicated from
the active Onboard Administrator module to the standby Onboard Administrator module, regardless of
the bay in which the active module currently resides.
Using the OA GUI interface

Figure 3-52 OA GUI interface

All the management tasks can be done via the OA web-based GUI interface, shown in Figure 3-52. To
use the OA GUI, you must connect the OA modules to the network through a management or enclosure
uplink port, an Ethernet port, or an enclosure uplink port.
Then, complete the Insight Display installation wizard. At a minimum, configure the active OA IP address.
Next, open a browser and connect to the active HP BladeSystem Onboard Administrator using the IP
address that was configured during the Insight Display installation wizard process. Enter the user name
and initial administration password for your OA account, which can be found on the tag attached to the
Onboard Administrator module.
The first time you sign in, the OA automatically runs the First Time Setup Wizard.
Using the OA CLI interface

Figure 3-53 OA CLI interface

The CLI can be used as an alternative method for managing the OA. Figure 3-53 shows the OA CLI
interface. The CLI can be useful in the following scenarios:
•For HPE management applications to query the OA for information needed to present a complete
management view of HP BladeSystem enclosures and the devices contained within them. This
interface is also used by the management tools to execute provisioning and configuration tasks to
devices within the enclosure.
•When users need to develop tools that use OA functions for data collection and for executing
provisioning and configuration tasks.
•When no browser is available or you prefer to use a Linux CLI to access management data and
perform configuration tasks.
•To serially access the server iLOs.
•To serially access the interconnect modules.

Insight Display
Figure 3-54 Insight Display Enclosure Settings menu

The LCD panel on the front of the BladeSystem enclosure houses the Insight Display for initial
configuration of the enclosure. After the initial configuration has been performed, the Onboard
Administrator can be used for ongoing monitoring and management of the enclosure and its components.
As shown in Figure 3-54, the BladeSystem Insight Display panel is designed for local configuring and
troubleshooting. It provides a quick visual view of enclosure settings and at-a-glance health status. Green
indicates that everything in the enclosure is properly configured and running within specification. It has a
keyboard-video-mouse (KVM) option for local system setup and management.
From the Insight Display Main Menu, users can navigate to the submenus, which include:
•Health Summary
•Enclosure Settings
•Enclosure Info
•Blade or Port Info
•Turn Enclosure UID on
•View User Note

Learning check
13.HPE BladeSystem c-class system can accommodate up to three Onboard Administrators.
True
False
14.You are at a customer briefing session and an infrastructure manager raises the question “We
require a scalable, highly available solution that we can manage easily and with no unplanned
downtime during firmware updates. We have struggled with this in the past and we need to know
if HPE Gen10 servers will cause us similar issues.” How should you respond?
15.Write a summary of the key concepts presented in this chapter.

Summary
•There are three fundamentally different approaches to manage HPE ProLiant servers:
–Using single server management tools (“on-system”)
–Aggregated tools installed within customer datacenter (“on-premise”)
–Cloud-based management interface (“on-cloud”)
•HPE server management capabilities are designed to manage the entire HPE server portfolio.
•Tools for managing single system (“On-System”) include:
–UEFI
–iLO 5
–RESTful API, HPE RESTful Interface Tool, and other HPE scripting tools
–Intelligent Provisioning
–Smart Storage Administrator
–HPE Smart Update and Service Pack for ProLiant
–HPE BladeSystem management
4 HPE Converged Management: On-
Premises and On-Cloud
WHAT IS IN THIS CHAPTER FOR YOU?
After completing this chapter, you should be able to describe the on-premise and on-cloud tools used to
manage HPE ProLiant systems.
✓HPE OneView
✓iLO Amplifier Pack
✓HPE Insight Control server provisioning (ICsp)
✓Remote Support
✓Insight Online

Prelearning check
1.Which generations of HPE ProLiant servers are supported by iLO Amplifier Pack?

2.Which configuration object can be used in HPE OneView to help with creating consistent server
configurations and automate change management?
A.Server Profile Template
B.Server Profile Report
C.Server Profile Consistency Report
D.Virtual Connect Migration
3.A customer challenges you with the statement “Competitive offerings provide a single, unified
tool for infrastructure administration and provisioning, but it seems that HPE offerings require
multiple different tools and interfaces.” How should you respond?

HPE server management


As previously discussed, HPE ProLiant management innovations target three segments to ensure that
customers have complete lifecycle management, for their current environment and in the future as their
business grows.
•Managing single system (On-System)—Built-in intelligence and automation for increased server
admin productivity. It provides on-system management to provision, monitor, and troubleshoot
servers, as well as remote and out-of-band management. The on-system management tools available
for ProLiant servers include:
–Intelligence on every HPE server enabling setup, health and alerting, and firmware
maintenance
–UEFI
–iLO 5
–RESTful API, HPE RESTful Interface Tool, and other HPE scripting tools
–Intelligent Provisioning
–Smart Storage Administrator
–HPE Smart Update and Service Pack for ProLiant (SPP)
–HPE BladeSystem management
•Managing multiple systems—Installed at customer site (On-Premises)
–HPE OneView
–HPE OneView Global Dashboard
–iLO Amplifier Pack
•Managing multiple systems—Cloud-based management for service ticket and warranty tracking,
health, and alerting (On-Cloud)
–Remote Support and Insight Online

Note
Representational state transfer (REST) or RESTful web services are a way of providing
interoperability between computer systems on the Internet. REST-compliant Web services
allow requesting systems to access and manipulate textual representations of Web resources
using a uniform and predefined set of stateless operations. (Wikipedia.org, January 2018)

HPE Converged Management


Infrastructure complexity slows down responses to ever-evolving business needs. Success means lowering
the relative cost of “keeping the lights on.” To do that, you need server management that delivers new
levels of automation, simplicity, and security—freeing resources to focus on revenue-generating
activities. Software-defined intelligence through template-based automation allows customers to simplify
operations, increase agility, and respond rapidly to new business requirements.

iLO, iLO Amplifier Pack, and HPE OneView


Figure 4-1 HPE Converged Management

Figure 4-1 shows the four main components of HPE Converged Management.
HPE OneView Advanced:
•Full infrastructure management—provisioning, monitoring, remote support, and updates using
Smart Update Manager (SUM)
•Manages HPE servers, storage, and networking
•Enables composability
•Composable application program interface (API)
SUM:
•Dependable updates of servers
•Sequencing and rule checking
•Updates small number of servers at a time
•Can be scripted for automation
iLO Amplifier Pack:
•Scales to 1000s of servers
•Leverages iLO Federation for speed
•Provides inventory reporting and basic fault notifications
•Firmware and driver updates using SUM
iLO:
•Single server management
•Updates firmware of individual server
•OneView and Amplifier Pack relies on iLO functionality
•HPE SUM can use iLO
Maintaining the infrastructure through remote support

Figure 4-2 Maintaining the infrastructure through remote support

Remote Support is secure. No business data is collected, only device-specific configuration and fault data.
All communications are outbound only and use industry-standard Transport Layer Security (TLS)
encryption to ensure the confidentiality and integrity of the information.
Enabling Remote Support gives access to configuration and contract warranty reports in Insight Online in
the HPE Support Center. Enabling Insight Online is optional and is typically done in enterprise data
centers for quick and efficient cloud-based management and to share information with HPE authorized
partners for support and proactive planning.
HPE strongly recommends that customers register their devices for remote support to enable enhanced
delivery of an HPE warranty, support services, or contractual support agreement. Insight Remote Support
supplements on-premise, continuous monitoring to ensure maximum system availability. It provides
intelligent event diagnosis and automatic, secure submission of hardware event notifications to HPE,
which initiates a fast and accurate resolution based on the product’s service level, as shown in Figure 4-
2. Notifications can be sent to an authorized HPE channel partner for onsite service, if configured and
available in that country. Insight Remote Support is available as part of an HPE warranty, support services,
or contractual support agreement.
Reducing time to resolution with HPE support

Figure 4-3 The advantages of HPE remote support

In the first (top) scenario shown in Figure 4-3, an IT issue triggered by traditional failure detection
involves a minimum sequence of six steps and as long as five hours to reach the point when the faulty part
is identified and dispatched.
In the second (bottom) scenario, leveraging standard internet security protocols and principles, each
customer has a process that includes detecting the fault and alerting an operator (Short Message Service
[SMS] and other messaging services are often used). HPE remote support technology automatically
forwards all actionable events to HPE or an HPE partner and a case is logged. This reduces the sequence
to three steps and enables the part to be identified and dispatched in approximately two hours.
When using HPE remote support technology, it is not unusual for HPE or an HPE partner to know about
an IT event and begin addressing the issue before the customer IT staff is aware that the event occurred.
Target users for remote support

Figure 4-4 How direct connect supports various customer needs

Direct connect for remote support provides automated support, faster resolution, simplified contract, and
warranty management. As shown in Figure 4-4, it is ideal for the following types of customers:
•Small business—Insight Online direct connect
–Simple deployment and automated support
–Little or no maintenance (no host server required)
–Partner or non-tech IT support
–ProLiant Gen8 and newer servers as far as covered by warranty or contract
•IT data center and remote sites—Insight Remote Support and direct connect methods with one
Insight Online dashboard
–Automated support for remote sites + data center in heterogeneous environment
–Consolidated anywhere, anytime view for all sites
–Easy warranty and contract management
•High-Performance Computing (HPC)—Insight Online direct connect
–Automated parts replacement for ProLiant Gen8 and newer servers as far as covered by
warranty or contract
–Low overhead for performance-sensitive customers
–Operating system independent solution

Data collected by Insight Remote Support


By registering for Insight Remote Support, you agree to send registration, service events, configuration,
and Active Health System data to HPE.
During server registration, iLO collects data (including server model, serial number, and iLO NIC address)
to uniquely identify the server hardware. When service events are recorded, iLO collects data to uniquely
identify the relevant hardware component and to enable proactive advice and consulting.
This data is sent to the Insight Remote Support hosting device (Insight Remote Support central connect)
or directly to HPE (Insight Online direct connect). iLO or the Insight Remote Support hosting device
sends Active Health System information to HPE every seven days and sends configuration information
every 30 days. All data collected and sent to HPE is used to provide remote support and quality
improvement.

On-cloud management with HPE Insight Online

Figure 4-5 Save time and reduce downtime through automation and increased efficiency

HPE Insight Online is a cloud-based infrastructure management and support portal available through the
HPE Support Center, as shown in Figure 4-5. Powered by HPE remote support technology, it provides a
personalized dashboard to simplify tracking of IT operations and to view support information from
anywhere at any time. Use the Insight Online dashboard to track service events and support cases, view
device configurations, and proactively monitor HPE contracts and warranties as well as HPE Proactive
service credit balances. It is an addition to the HPE Support Center portal for IT staff who deploy, manage,
and support systems, plus HPE Authorized Channel partners who support an IT Infrastructure.
HPE Insight Online is complementary to HPE OneView. Insight Online provides access to device and
support information in a cloud-based personalized dashboard, so you can stay informed while in the office
or on the go. Use the Insight Online dashboard to track service events and support cases, view device
configurations, and proactively monitor HPE contracts and warranties for all devices monitored by HPE
remote support tools.
No installation is required to use Insight Online. HPE Passport username and password for secure access
can be created without a fee. Accessing Insight Online is possible through the HPE Support Center and
the Insight Online My IT Environment tab, Insight Online can also be viewed from any PC, tablet, or
mobile phone browser.
HPE Insight Online automatically populated with devices from OneView Remote Support, iLO, and
Insight Remote Support in a single cloud-based view. Access is open 24 × 7 to:
•IT and support information, track contract and warranty status, service events, and support case
status, including parts shipping status
•Reports related to service events, contract and warranty, and firmware levels
Insight Online

Figure 4-6 Insight Online tabs

As shown in Figure 4-6, Insight Online adds two sections to HPE Support Center.
•My IT Environment—A custom view of the IT environment. Within My IT Environment, users
can view the following:
–Personalized dashboard
–Device status, configurations
–Contracts and warranty status
–Auto-generated events tracking
–Support cases
–Check service credit balance
–Proactive reports
•My Customers—Where one or multiple HPE authorized partners may be allowed to see or manage
designated remote support devices, as the customer chooses from Insight Remote Support. In this
view, they will see:
–Customer grid
–Customer dashboard
–Contracts and warranty status
–Monitor service events
–Proactive reports

Getting started with Insight Online and Insight Remote Support


To get started with Insight Online and Insight Remote Support, first make sure that the following steps
have been taken:
1.The preparation for registration steps is complete.
2.The server you want to register is not in use as an Insight Remote Support hosting device—HPE
does not support Insight Online direct connect registration of a server that is used as an Insight
Remote Support hosting device. If you register an active hosting device for Insight Online direct
connect, all of the devices that are monitored by that hosting device will be unable to communicate
with HPE to receive remote support.
3.The device you want to register meets the Insight Online direct connect network requirements.
After you have confirmed that the previous steps have been completed, there are two configuration options
available.
•Insight Online direct connect—Register a server or enclosure to communicate directly with Insight
Online without the need to set up an Insight Remote Support centralized hosting device in your
local environment. Insight Online is your primary interface for remote support information.
Insight Online direct connect relies on communication between the environment and HPE to deliver
support services. Be sure that the network meets the port requirements.

Note
For information about port requirements, refer to the “HPE Insight Remote Support and Insight
Online Setup Guide for HPE ProLiant servers and HPE BladeSystem c-Class Enclosures.” To
access the guide, enter the following URL into your browser:
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=c03508827&lang=en-
us&cc=us
•Insight Remote Support central connect—Register a server or enclosure to communicate with HPE
through an Insight Remote Support centralized hosting device in your local environment. All
configuration and service event information is routed through the hosting device. This information
can be viewed using the local Insight Remote Support Console or the web-based view in Insight
Online (if it is enabled in Insight Remote Support).
If you do not want to use the embedded remote support feature to register your servers or enclosures, you
can register them in the Insight Remote Support Console. If you have many servers or enclosures to
register, it is faster to discover them from the Insight Remote Support Console.

Note
To access additional Insight Remote Support documentation, enter the following URL into your
browser: http://www.hpe.com/info/insightremotesupport/docs

Registering for remote support


Remote support is available at no additional cost as part of your warranty or contractual support agreement
with HPE. You can configure automatic integration into the HPE Insight Online portal when installing
Insight Remote Support or subsequently by entering your HPE Passport ID and password. On login to
HPE Support Center, within the My IT Environment view, you will automatically see all devices that are
registered with HPE Insight Remote Support 7.x.
If all HPE Insight Remote Support registered devices do not appear automatically in HPE Insight Online,
it might be possible that the device was already registered to another person in your company. To see this
device in your view, you need them to share or transfer ownership to yourself.

Important
When you disable your connection to Insight Online or change to a different HPE Passport
account, the change takes time to be reflected in Insight Online. Wait until all of your devices
have been removed from your current Insight Online account before connecting to a new
account. For details and prerequisites, see the “Getting Started with HPE Insight Online Guide”
for details. To access the guide, enter the following URL into your browser:
http://www.hpe.com/info/insightremotesupport
There are two ways to register a ProLiant server for remote support—directly with HPE or through an
Insight Remote Support hosting device.
•When you register a server to communicate directly with Insight Online, you do not need to set up
an Insight Remote Support centralized hosting device in the local environment. Insight Online will
be the primary interface for remote support information.
•When you register a server to communicate with HPE through an Insight Remote Support
centralized hosting device in a local environment, all configuration and service event information
is routed through the hosting device. This information can be viewed by using the local Insight
Remote Support Console or the web-based view in Insight Online (if it is enabled in Insight Remote
Support). Insight Remote Support central connect shows the central connect configuration with a
ProLiant server.

Insight Online: My IT Environment (customer view)

Figure 4-7 Insight Online: My IT Environment

Insight Online is an offering in the HPE Support Center portal for IT staff who deploy, manage, and
support systems, as well as HPE Authorized Resellers who support IT infrastructure. Insight Online
provides IT staff with the option of viewing device configuration and hardware event information in the
Support Center to better support IT infrastructure.
Through the Support Center, Insight Online can automatically display devices remotely monitored by
HPE, as shown in Figure 4-7. It enables IT staff to track service events and support cases easily, view
device configurations, and proactively monitor HPE contracts and warranties—from anywhere at any
time.
The main functional areas in Insight Online: My IT Environment are:
•The personalized dashboard to monitor device health, hardware events, and contract and warranty
status. Even without remote support, the dashboard can be used to view support contract status and
navigate to support details.
•The devices feature, which provides a visual status of individual devices and device groups.
Devices can be organized for easier management and information can be shared with other IT
administrators.
•The contracts and warranties, support cases, and service credit feature areas, where HPE support
can be proactively managed. Contract and warranty status can be monitored by device as well as by
user, and HPE Proactive Select contract customers can view their service credit balances online.

Managing and organizing devices

Figure 4-8 Devices dashboard

When you first sign in to My IT Environment, the dashboard shown in Figure 4-8 is the initial display.
The personalized device dashboard provides status and details on a specific device.
Click Devices on the left, or select Devices from the main menu. The All Devices view is a mixed view,
containing:
•Device groups shared with you by other users. These device groups may be top-level groups, child
groups, or lowest-level groups, in the environment of the user who shared the group with you
•Second-level (child) device groups you created
•Individual devices registered using the direct connect method, whose registration must be
completed
•Individual devices in your default device group that you have not put into a child group
•Individual devices that you have put into a child group that you have not removed from your default
device group
•Solutions
Hover your cursor over an object to display summary information. Click a summary to view details. For
a device whose registration is complete, click the device to go to its individual screen.
To simplify what you see in the All Devices view, you can create child device groups, put devices into
those child groups, and then remove the devices from the default device group. Then only groups
consisting of child groups and groups shared with you by other users appear in this view.
Benefits include:
•Personalized, secure device information
•Easy navigation to details
•Rich configuration and service event details for devices remotely monitored by HPE
•Contract and warranty details by device
•Information about support cases
•Integrated product and support view
Managing contracts and warranties

Figure 4-9 Contracts & warranties menu in My IT Environment

Managing and tracking warranties and support agreements for the IT environment are often time-
consuming tasks, especially as devices are added. With Insight Online, customers and HPE partners can
more easily and efficiently manage HPE warranty and support agreements, monitor support status, view
contract and service-level details, share entitlements, and change ownership. Figure 4-9 shows the
Contracts & warranties menu.
Contracts and warranties for devices monitored by HPE remote support are automatically added to Insight
Online through remote support registration. In addition, contracts and warranties can be manually added
individually or in a bulk upload from a spreadsheet.
Linking a contract or warranty
To enable devices to be registered for remote support in Insight Online, you must link a contract or a
warranty that covers those devices to your HPE Passport ID. If you sign in to Insight Online using the
same HPE Passport ID used to register the device, you do not have to link your ID to the contracts and
warranties that cover the remote support devices. They are linked to your ID automatically and appear as
a derived contract and warranty share.
Because contracts and warranties are associated with the devices they cover, the link between your HPE
Passport ID and a contract or warranty provides access to information about the devices covered by the
contract or warranty. This information is available to you from the Insight Online devices area in the
graphical user interface (GUI).
When you sign in to Insight Online using your HPE Passport ID, devices that you registered remotely
using that ID and their associated contracts and warranties are visible to you. These contracts and
warranties were derived and linked to your HPE Passport ID automatically.

Note
Contracts and warranties include support agreements, HPE Care Packs, and warranties. They are
managed through the HPE Support Case Manager (SCM) website. To access the website, enter
the following URL into your browser:
http://h20566.www2.hpe.com/portal/site/hpsc/public/scm/home?ac.admitted=1458963893
801.125225703.1938120508
Automated case management and parts replacement

Figure 4-10 Support Cases menu

Support cases are associated with devices and with your HPE Passport Account. You can take the
following actions by accessing the Cases menu shown in Figure 4-10:
•View support cases—Sign in to Insight Online to view support cases from several places. You can
search for an active case with its case ID.
•View a case details page—Click a Case ID in the list to reach the case details page, which is part
of the SCM. A case details page lists a description of each detail of the case, including:
–Case ID
–Case Title
–HPE Support Contract
–Source
–Type
–Case Status
–Submitted
–Customer Tracking Number
–Schedule and Parts Information

Note
On the case details page, you can find information by clicking the case details and history or
service and parts tabs.

•Update a case—From the list of support cases, click the ID of the case you want to update to bring
up the case details page. Click the Case details and history tab. You can add comments, email
attachments, or request to close the case. Click Update after you have made your changes. A request
to close a case does not automatically close the case. An HPE support agent will close the case upon
review of the request.
•Submit a case—Submit a new case using the Submit case button in the case section of the
dashboard. If not already populated, enter a serial number or contract ID in the contract or warranty
field. If the serial number is valid and the warranty is active, a case details page appears. (The serial
number does not have to be linked to your profile.) Enter the case information and submit.
If you submit a case within the contract’s coverage hours, the first available support agent will
respond. For support outside of the contract’s coverage hours, submit the case by phone and say
that you need an “uplift” to your support contract. This will result in an additional charge. Uplift is
not available in some countries. For onsite support, contract type determines onsite response time.
Onsite response time refers to the time when an engineer will be onsite to address the problem, not
problem resolution time.
Contract IDs (HPE Support Agreement ID (SAID), Service Agreement ID, Support Account Reference,
and nickname) might be used. If the contract identifier is valid, a list of products associated with the
contract appears. Select the product, and submit to reach the case details page.
Additional actions you can take regarding a support case are:
•Provide case information
•Provide troubleshooting information
•Add comments to a case
•Close a case
•View case report

Service events
The service events feature provides online monitoring and management of devices using Insight Remote
Support. Users can view all key hardware event information such as severity, problem description, date
and time generated, status, and related support case ID.
This feature lets IT staff monitor hardware service events and related support case details from anywhere,
anytime. Hardware service events and support cases are automatically generated and sent to HPE or an
HPE authorized partner for faster problem resolution. The service event remains in an active state until
the corresponding support case is closed or is closed if a support case is not required.
Insight Online reports

Figure 4-11 Insight Online New report screen

You can click the Reports icon on any page in the My IT Environment. The reporting feature in Insight
Online allows you to:
•Create new reports and save templates for reuse.
•Save the selections you made when creating the reports into a template for reuse.
•View and download generated reports.
•Maintain a list of your existing reports.
Figures 4-11 and 4-13 show the New report screen. Report types in Insight Online My IT Environment
include:
•HPE Care Pack–Proactive Care (available with a Proactive Care Service contract)
•Contract
•Contracts and warranties
•Device configuration
•Firmware
•Packaged support report
•Service event
•Support case

Viewing reports
Figure 4-12 Viewing reports

Click the Reports icon on any My IT Environment page to access the Generated reports tab which lists
your reports, as shown in Figure 4-12. The reports list consists of these fields:
•Report name
•Status: In Progress, Completed, Failed, or Retry
•Submitted (date and time you generated the report)
•Remove check box
Use the buttons on the page to refresh the report status or remove all checked reports from the list. Sort
the list by clicking any of the headings. Click the heading again to sort in reverse order.
Click a report name to view the report. You can view the report directly or download it. You can only
view completed reports.
You can also access reports from your email. When creating a report, enter your email address to receive
a notification when the report completes, then click the link in the email notification.

Important
Report data is not in real-time and has a 24-hour lag to complete. Report data might appear
blank due to daily updates to the database.

For best results, use PDF format for printing.


1.Click the report name in the list. The File Download message box appears.
2.Click Open to view the report.
3.In the PDF viewer, click Print.
To remove a report, complete the following steps:
1.Click Generated reports.
2.In the “All generated reports” section, locate the report you want to remove.
3.In the Remove column, select the check box for the report.
4.Click Remove all checked.
The report is permanently removed from the “All generated reports” section.
Proactive Care reports

Figure 4-13 New HPE Care Pack report entry

HPE Proactive Care is a flexible, comprehensive, and cost-effective service that combines smart
technology and support to boost performance. HPE works in partnership with the customer to provide
proactive consultation, recommendations, and reporting from HPE technology experts—as well as rapid
expert support if needed.
Gain access to advanced HPE technical experts and get connected to anticipate change and increase
agility. The HPE support solution is structured on three guiding principles for service delivery.
•Personalized—Customers have access to advanced technical expertise for rapid problem diagnosis
and resolution with a premium call experience, where a Technical Solution Specialist acts as a
single point of contact for end-to-end case ownership.
•Proactive—Proactive Care leverages industry-leading remote support technology for real-time
monitoring, alerts to diagnose and fix issues early, and call logging for reactive support—all of
which help avoid downtime. This also facilitates analysis, which HPE uses to deliver proactive
reports with firmware and patch analysis and recommendations, as well as proactive scan health
check reporting on the customer’s infrastructure.
•Simplified—Proactive Care offers a single point of contact to manage support cases from end to
end and an integrated set of support deliverables at one of three service support levels selected by
the customer. Proactive Care can be purchased at any time (when customer purchases HPE products
or contractually afterwards) and can cover the entire stack.
HPE Proactive Care helps prevent problems and stabilize IT, by using products connected to HPE, for
secure, real-time, analytics, tailored reports with analysis and recommendations.
My IT Environment mobile dashboard

Figure 4-14 HPE Support Center Mobile App

As shown in Figure 4-14, Insight Online provides a mobile dashboard for monitoring when you are on the
go. The HPE Support Center Mobile App is geared toward consuming or providing information that
requires attention. The app is:
•Simplified—Easy to install and use while on the go, anytime, anywhere, in a secure manner
•Personalized—Dashboard with click-down details for Contracts, Warranties, Configuration and
Support Case status, and Customizable IT hardware configuration views
•Connected—24 × 7 remote monitoring with proactive notification; automated fault detection, case
status, and break-fix service (with Proactive Care Service). Includes automated case creation and
problem resolution for HPE servers, storage, and networking
•Available—For Apple iOS (version 6.1 or later) and Google Android (version 2.3 or later) devices
•Available—From iTunes and Android Play Store

Insight Online: My Customer (partner view)

Figure 4-15 Personalized partner dashboard

HPE Authorized Channel partners can view asset information shared to them by their customer in a
separate “My Customers” section in Insight Online. As shown in Figure 4-15, the My Customer view of
Insight Online for HPE authorized partners provides:
•A personalized dashboard to monitor device health, hardware events, and contract and warranty
status for customer’s devices, with easy-to-use navigation to detailed information
•The devices feature, which presents a visual status of individual devices and device groups.
Devices can be organized for easier management, and information can be shared with colleagues
•The service event, which includes details regarding hardware failure and part replacement
information for faster and accurate problem resolution
•A reporting feature for device lifecycle management to assist with identifying product and support
upsell opportunities within the customer account
The My Customer dashboard enables you to save time and resources with automation and simplified
information access. Benefits of the My Customer dashboard include:
•Round-the-clock monitoring
•Easy all-in-one access and a secure, personalized dashboard
•Automated cases and spare parts sent to the site
•Simplified warranty, contract, and case management

Learning check
1.How can devices be added to Insight Online?
Introducing iLO Amplifier Pack

Figure 4-16 iLO Amplifier Pack dashboard

iLO Amplifier Pack is the HPE deployment engine for updating firmware, drivers, agents, and
configuration tools for Gen8, Gen9, and Gen10 HPE ProLiant servers (rack and tower), HPE BladeSystem
servers, and HPE Apollo servers. iLO Amplifier Pack provides a browser-based GUI, shown in Figure 4-
16, as well as a command-line interface (CLI). iLO Amplifier Pack discovers supported servers and gets
detailed inventory from the iLO management processor.
iLO Amplifier is a fast, massively scalable inventory and update management tool for iLO customers.
iLO Amplifier Pack is new inventory and firmware and software update management tool from HPE. It
can discover and inventory up to 10,000 servers providing you with detailed server inventory and
downloadable reports. The massive scale enables you to view your complete inventory and keep your
servers up to date from a single dashboard.
The inventory includes firmware, software, and hardware details which can be viewed and downloaded
from the GUI. iLO Amplifier Pack has an integrated hardware and software discovery engine that finds
the installed hardware and current versions of firmware and software in use on target servers. iLO
Amplifier Pack installs updates in the correct order and ensures that all dependencies are met before
deploying an update. It also minimizes downtime by deploying all updates while the target servers are
online, limiting the downtime to a single reboot in most cases.
iLO Amplifier Pack supports both online and offline modes for updates. It leverages HPE Smart Update
Tools (SUT) for online firmware and driver updates while allowing the servers to be rebooted
independently. It can also be used for offline firmware updates which involve powering off the servers
before updates.
Other features of iLO Amplifier Pack:
•HPE validated solution available to download as an OVA and use without any development and
test effort
•Built on iLO REST API and existing HPE tools like SUM, SUT, and Agentless Management
Service (AMS)
Get more out of iLO Advanced license

Figure 4-17 iLO Amplifier Pack menu

Figure 4-17 shows the iLO Amplifier Pack menu. iLO Amplifier Pack leverages the iLO REST API. No
additional iLO Amplifier Pack license is needed, complete functionality is available with an iLO
Advanced license. Dashboard status view for all discovered supported HPE servers and iLO Amplifier
Pack can be used to access inventory data from thousands of HPE servers or downloaded via Reports—
task inventory, toggling power, or launching remote console is all possible through the iLO Amplifier
Pack GUI.
Note
To access additional information about iLO Amplifier Pack and download, enter the following
URL into your browser: https://www.hpe.com/downloads/iloamplifierpack

iLO Amplifier Pack feature segmentation


Table 4-1 Complete functionality available with iLO Advanced license

Functionality of iLO Amplifier Pack depends on the functionality of iLO and its license. As presented in
Table 4-1, all features are available with iLO Advanced, firmware updates are limited without iLO
Advanced. Some features depend on supported iLO firmware.
iLO Amplifier Pack: Summary of key features

Figure 4-18 iLO Amplifier Pack provides discovery and basic inventory of 1000s of servers in minutes

A summary of the key features of iLO Amplifier Pack includes:


•Easy and rapid server inventory
–Discovery and basic inventory of 1000s of servers in minutes, as shown in Figure 4-18
–Discover HPE servers using IP addresses or via iLO Federation Groups
–Create new iLO Federation groups or add servers to existing iLO Federation groups
–Downloadable hardware, firmware, and iLO license reports
–Intuitive dashboard with a view of the status of servers
•Hassle free server updates at scale
–Online and offline firmware and driver updates
–Update multiple servers in one task—updates get batched automatically
–Configurable alerts in user interface (UI) or via email or If This, Then That (IFTTT) on update
task status and errors
–Power cycle or reset servers remotely to activate updates
–Integrates SUM for interdependency checking and requires SUT and AMS installed for
updates

Note
IFTTT, short for “If This, Then That,” is an easy way to automate tasks that might otherwise
be repetitive or unable to talk to each other. It works like this: users are guided through a process
to make simple scripts, aka “recipes,” where some type of event in one device or service
automatically triggers an action in another. (DigitalTrends.com, January 2018)

Learning check
2.Which generations of HPE ProLiant servers are supported by iLO Amplifier Pack?

HPE ICsp
ICsp supports ProLiant Gen9, Gen8, G7, and G6 servers, and features server provisioning capabilities
designed to help customers to reduce the time associated with server provisioning tasks.

Note
HPE Insight Control server deployment has been replaced by ICsp. For support information,
enter the following URL into your browser: http://hpe.com/info/insightcontrol/docs

ICsp is a complete provisioning solution for HPE servers with capabilities for multi-server operating
system and firmware provisioning to rack-mount and BladeSystem servers. ICsp automates the process
of deploying and provisioning server software, enabling an IT team to adapt to changing business demands
quickly and easily. It increases server provisioning speed by 12× (20 minutes compared to four hours),
reduces unplanned downtime by 83%, optimizes data center capacity by up to 3×, and reduces system
admin expenses and travel costs with complete remote control.
ICsp is optimized for Windows, Red Hat and SUSE Linux, VMware ESXi, and Microsoft Hyper-V on
ProLiant Gen8 and Gen9 servers (server blades and rack-mount servers). With ICsp, you can:
•Install Windows, Linux, and VMware ESXi on supported ProLiant servers; no virtual machine
(VM) support
•Capture and then install a supported Windows or Linux server operating system image
•Update drivers, utilities, and firmware on ProLiant servers using SPPs
•Perform hardware provisioning, including configuring BIOS, iLO, and HPE Smart Arrays as well
as firmware updates
•Deploy to target servers without using Preboot Execution Environment (PXE) (HPE ProLiant
Gen8 and Gen9)
•Run deployment OS Build Plans on multiple servers simultaneously
•Customize ProLiant provisioning with an easy-to-use browser-based interface

Notice
ICsp does not provide support for ProLiant Gen10.

The ICsp appliance is a virtual appliance residing on the VMware ESXi hypervisor. The appliance is
accessed through a web browser. ICsp includes the following components:
•The appliance is the ICsp product that is delivered as a VM optimized to run the application.
•The ICsp appliance ships with an embedded DHCP server. Depending on your environment, you
might configure this server for use or disable it using the appliance UI Settings screen.
•The appliance IP address is the IP address assigned to the appliance. Use this IP address to browse
to the appliance using a supported browser or when making REST calls to perform specialized
functions.
•The deployment IP address is the IP address used for all deployment operations and target server
communications. If you are using ICsp with the Matrix Operating Environment, this is also the IP
address with which the HPE SIM will communicate.
When configuring the appliance, you have the option to have the appliance IP and the deployment
IP addresses sharing one network interface (single NIC), or to use a separate network interface for
each IP address (multi-NIC). For details, see the section on “Appliance networking considerations”
in the “HPE Insight Control Server Provisioning Installation Guide.”
•The target server represents a server managed by IC server provisioning. Each managed server
runs an agent, which is software used to make changes to the server. The agent is used for software
installation and removal, software and hardware configuration, and server status reporting.
•The media server contains vendor-supplied operating system media used during provisioning of
the operating system. It might also contain media for other purposes, such as firmware and driver
updates, and it is also where captured images are stored. The media server is a separate server from
the ICsp appliance and is not included as part of the appliance backup and restore actions that you
set up and configure.

Note
For more information, refer to the “HPE Insight Control Server Provisioning Installation
Guide.” To access the guide, enter the following URL into your browser:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr–na-c05305733
Right to use Insight Control
The purchase of HPE OneView Advanced licenses provides integrated license capability with the right to
use Insight Control and aids users in their transition to HPE OneView. License keys for both HPE
OneView Advanced and Insight Control are provided for use on the same system, in the same purchased
quantity, but not for use at the same time. For example, Insight Control can be licensed for use for a year,
and HPE OneView Advanced can be licensed for use afterward on the same system.
This integrated license capability applies to all HPE OneView Advanced license purchases except for
upgrades. It is also available retroactively to previous purchasers of HPE OneView. New customers must
take their entitlement order number to the HPE software licensing portal to receive their license keys.
Existing HPE OneView customers will receive an email when their licenses are ready, and then they can
take their SAID to the HPE software updates portal to receive their license keys. An HPE Passport account
is required, but a new account can be created when using the portal.
Features of ICsp include:
•Physical operating system provisioning, as well as server firmware, BIOS, iLO, and Smart Array
configuration
•Supports ProLiant Gen9, Gen8, G7, and G6 servers (no support for VM provisioning)
•Optimized for ProLiant Gen8/Gen 9 PXE-free installation with Intelligent Provisioning
•Can manage up to 2500 ProLiant servers
•Installs as a VM appliance straightforward migration path from Rapid Deployment Pack (RDP),
including documented best practices and utilities
•Included with HPE Insight Control 7.5 and 7.6

Notice
ICsp does not support for ProLiant Gen10.

Learning check
3.HPE ProLiant Gen10 servers are supported by ICsp.
True
False
On-premises management with HPE OneView

Figure 4-19 Converged management for the software-defined data center

Figure 4-19 outlines the benefits of On-premises management with HPE OneView. HPE OneView
provides a simple, efficient, and unified view of the health of servers, profiles, and enclosures across
multiple virtual and physical appliances through the Global Dashboard. It proactively monitors the health
of the entire infrastructure at scale, alerting customers of problems before they result in downtime.
Managing up to 6400 nodes today and more in the future, the HPE OneView Global Dashboard helps IT
staff troubleshoot alerts and view core inventory data across the OneView managed environment. This
means better infrastructure visibility and more informed, faster decision-making. Single sign-on (SSO)
puts customers one click away from powerful, device-level lifecycle management, and removes the need
to navigate between appliances.
OneView keeps the infrastructure running at peak performance with minimal workload disruption.
Infrastructure device drivers and firmware updates can be automated with the least possible impact on the
production environment. Server profile templates, used in combination with HPE SUT, enable updates to
be staged, scheduled, and installed without rebooting the system. Changes to the templates are
immediately reflected in profile compliance status, allowing customers to quickly pinpoint systems that
need attention and efficiently roll out updates. In addition, OneView enables 24 × 7 monitoring, prefailure
alerts, automatic call logging, and automatic parts dispatch through integrated remote support. HPE
Proactive Care Services are available to provide a personalized and proactive hands-on approach to
maintaining an agile, healthy, and reliable infrastructure.

HPE OneView
HPE OneView is the infrastructure automation engine to simplify operations, increasing the speed of IT
delivery for new applications and services. Through software-defined intelligence, HPE OneView brings
a new level of automation to infrastructure management by taking a template-driven approach to
provisioning, updating, and integrating compute, storage, and networking infrastructure. Designed with a
modern, standards-based API and supported by a large and growing partner ecosystem, HPE OneView
also makes it easy to integrate powerful infrastructure automation into existing IT tools and processes.
Take command with HPE OneView to:
•Deploy infrastructure faster—Template-based automation enables IT generalists to rapidly and
reliably provision resources in response to application owner requirements.
•Simplify operations—Agentless monitoring, online firmware updates, and a new Global
Dashboard deliver streamline lifecycle operations at scale.
•Increase productivity—The unified API allows developers and independent software vendors
(ISVs) to harness the power of HPE OneView to unify infrastructure automation with application
and IT service delivery.
HPE OneView innovations provide the industry’s best infrastructure management experience, simplifying
operations for HPE BladeSystem, HPE ProLiant servers, 3PAR storage, HPE Networking, and HPE
ConvergedSystems. It is an essential ingredient in the HPE Hyperconverged 380 VM vending
environment and powers management for the industry’s first Composable Infrastructure, HPE Synergy.
By deploying HPE OneView today, you place your IT operations firmly on the path toward a composable
future.

HPE OneView—Automation engine

Figure 4-20 Your infrastructure automation engine built with software-defined intelligence

As shown in Figure 4-20, built with software-defined intelligence and a unified API, HPE OneView
enables your customer to increase agility, lower cost, and move toward a Composable Infrastructure.
To stay ahead of the competition, your customer needs to move quickly. Yet all too often, they are held
back by a data center with complex, manual, and siloed processes. To accelerate IT service delivery, it is
time to demand a simpler and more efficient IT infrastructure that can be managed with greater
automation.
HPE OneView is your customer’s infrastructure automation engine, enabling them to work faster and
more simply by automating and streamlining IT processes across compute, storage, and fabric resources.
Designed for the way people work—not how devices are managed—HPE OneView helps them deploy
infrastructure faster, simplify operations, increase productivity, and accelerate time to value.
Software-defined Intelligence sits at the heart of HPE OneView, giving subject matter experts (SMEs) the
power to deploy and update infrastructure rapidly and reliably using reusable infrastructure templates.
Templates define detailed compute, storage, and fabric configurations and ensure that the correct
configuration is rolled out consistently every time. With the HPE OneView unified API, HPE and partner
applications can provision, update, and learn about infrastructure without requiring detailed knowledge
of the underlying hardware platforms. This capability improves productivity by allowing IT organizations
to monitor and control infrastructure through the management application of their choice.
Synergy Composer and VM appliance

Figure 4-21 Synergy Composer and VM appliance

OneView functionality can be delivered as:


•Synergy Composer, as shown in Figure 4-21
–Hardware appliance
–Managing and monitoring Synergy environment
•VM
–Requires Kernel-based VM (KVM), Hyper-V, or ESXi
–Managing and monitoring BladeSystem, HyperConverged, ProLiant, Apollo, and SuperDome
X servers (not all features available for all platforms)
–Up to 740 physical server profiles in Managed Mode with Advanced license
–Up to 1024 physical servers in Monitored Mode with Standard license
–Standard and advanced functionality:
• Standard: No license needed, monitoring only
• Advanced: License, monitoring and management, Virtual Connect management, server
profiles, and firmware updates
An aggregated view to resources from multiple VM appliances and Synergy Composer can be done with
Global Dashboard.
Consumer-inspired user experience

Figure 4-22 Simplify common tasks to accelerate IT processes and manage the entire lifecycle

The HPE OneView application was developed to ensure that each step in the customer’s experience runs
efficiently, even when they are scaling to a very large number of systems.
Corresponding to the five key data center tasks as shown in Figure 4-22, HPE OneView has key features
that help with those tasks. These include:
•Dashboard—Provides a variety of capacity and health status information that is well organized and
easily accessible. The dashboard offers a high-level overview of the status of the converged
infrastructure components. Clicking on an object’s status gives you an at-a-glance perspective of
the event.
•Smart Search—Enables the administrator to quickly locate configured objects and device
information. For instance, you can locate or search for devices based on physical media access
control (MAC) addresses and World Wide Names (WWNs).
•Map View—Allows the administrator to visualize the relationship between devices and the related
objects representing them. Using a “follow the red” status methodology bridges the logical objects
to the physical systems, which is especially useful for support calls.
•Templates—Used to design boilerplates for the underlying network, server, and storage objects
that manage systems in a converged infrastructure. In general, a template is used to define the best
practices. Templates imply a many-to-one relationship such as for an enclosure group to its
constituent logical interconnect groups. This part of the architecture helps to support the needs for
documentation and compliance through consistency.
•Activity Feed—Allows the administrator to quickly receive alerts and other messages as conditions
arise. The concepts behind the Activity Feed can be thought of something along the lines of a
Twitter feed in that it provides the means for collaboration. Think in terms of adding notations to
events and assigning them to an appropriate management user.
All of these HPE OneView elements are designed from the ground up to change the management approach
from how devices are managed to how teams work together to get tasks done.
OneView Tutorial and Guided Setup

Figure 4-23 HPE OneView 3.1: OneView Tutorial

A great example of simplicity and ease of use in HPE OneView is the Tutorial and Guided Setup that
helps administrators to get started with the OneView GUI, as shown in Figure 4-23.
A tutorial is provided when you first log in to HPE OneView to introduce you to the HPE OneView GUI.
This tutorial is also available by clicking Tutorial in the Help sidebar. The tutorial shows the location of
basic screen functions and briefly describes their purpose.
Figure 4-24 HPE OneView 3.1: Guided setup

A guided setup is available to help you configure the appliance, as shown in Figure 4-24. To open the
guided setup introduction, click the Guided setup icon (top right corner). By following the steps in the
setup guide, your customer will be able to configure their appliance. They can get started with the first
step or select to view the list of steps involved.
Health monitoring

Figure 4-25 Managing the health of ProLiant servers

The HPE OneView appliance is capable of monitoring the health status of various data center components
as shown in Figure 4-25.
Efficient data views and effective control enable your customer to respond to issues when managing the
health of ProLiant servers. When managed resources are added to the appliance, they are automatically
set up for monitoring, including the automatic registration of Simple Network Management Protocol
(SNMP) traps and scheduling of health data collection. ProLiant Gen8, Gen9, and Gen10 servers are
monitored immediately without requiring your customer to invoke additional configuration or discovery
steps.
All monitoring and management of data center devices is agentless and out-of-band for increased security
and reliability. Operating system software is not required, open SNMP ports on the host operating system
are not required (for Gen8, Gen9, and Gen10), and zero downtime updates can be performed for these
embedded agents. ProLiant Gen8, Gen9, and Gen10 servers support agentless monitoring by iLO. HPE
OneView uses SNMP in read-only mode to the iLO only, not to the host operating system. ProLiant G6
and G7 servers require host operating system SNMP agents. Read-only mode means SNMP uses gets and
traps, but not sets.
HPE OneView provides proactive alert notifications by email (instead of using SNMP trap forwarding)
and automated alert forwarding. Your customer can view, filter, and search your alerts using Smart Search.
Alerts can be assigned to specific users and annotated with notes from administrators. Notifications or
traps can be automatically forwarded to enterprise monitoring consoles or centralized SNMP trap
collectors. The customized dashboard capability allows you to select and display important inventory,
health, or configuration information and to define custom queries for new dashboard displays. The single
UI provides additional summary views of firmware revisions and of the hardware inventory for servers,
storage, and networks. Other data and inventory elements are visible through the UI and REST API and
can be found using Smart Search.
Using HPE 3PAR StoreServ storage within HPE OneView is as simple as selecting a storage template
and a server profile. HPE OneView automation carves out the storage volume, zones the Fibre Channel
storage area network (SAN), and attaches the storage to the server profile. After they are rolled out, the
SAN resources are immediately exposed in the topology map. This includes multi-hop Fibre Channel and
Fibre Channel over Ethernet (FCoE) architectures. In HPE OneView, proactive alerts are provided when
the expected and actual connectivity and states differ or when SAN health issues are immediately visible
in the topology map. HPE OneView provides SAN configuration reports, which include guidance for
SAN efficiency and help in resolving potential SAN issues before there is a business impact.
The HPE OneView appliance monitors the health status of storage systems and issues alerts when there
is a change in status. The appliance also monitors the connectivity status of storage systems. If the
appliance loses connectivity with a storage system, an alert is displayed until connectivity is restored. The
appliance attempts to resolve connectivity issues and clear the alert. If it cannot, you must use the Storage
Systems screen to refresh the storage system manually and synchronize it with the appliance. The
appliance also monitors storage systems to ensure that they are synchronized with changes to hardware
and configuration settings. However, changes to storage systems made outside the appliance (such as
changing credentials) might cause the storage system to lose synchronization with the appliance, in which
case you must manually refresh the storage system.
Server profile

Figure 4-26 Connection settings in a OneView server profile

Server profiles and server profile templates enable you to provision hardware quickly and consistently
according to your best practices. Store your best practice configuration in a server profile template and
then use the server profile template to create and deploy server profiles.
Figure 4-26 shows the connection settings screen in a server profile. A server profile captures key aspects
of a server configuration in one place, including:
•Firmware update selection and scheduling (optionally including drivers/software)
–Method of updating
•BIOS settings
•Local RAID configuration and direct-attached storage (DAS) configuration on Synergy (D3940)
•Network connectivity
–Leveraging Virtual Connect
–Selecting FlexNIC and FlexHBA assignments
•Boot order configuration
•SAN storage
–3PAR StoreServ
–StoreVirtual
•Unique IDs
–MAC
–WWN
–Serial number
•OS Deployment Settings for Synergy compute modules
As long as similar hardware has been discovered, server profiles enable your customer’s experts to specify
a server configuration before the server arrives. When the server hardware is installed, their administrators
can quickly bring the new server under management. For example, they can create an unassigned server
profile from a template that specifies all the configuration aspects—such as BIOS settings, network
connections, and boot order—to use for a type of server hardware.
Before the server is installed in an enclosure bay, they can do one of the following:
•Assign the server profile at the time of creation to an empty bay in an enclosure where the server
will eventually reside.
•Create an unassigned profile, and assign it after the hardware arrives.
Your customer can move a server profile that has been assigned to hardware in an enclosure bay. They
can copy server profiles to multiple servers with or without using server profile templates. They can
control the server profile behavior. For example, they can assign a server profile to an empty bay and
when an appropriate server is inserted into that bay, the server profile is automatically applied to the server
hardware. The server profile can also be associated with a specific server to ensure that the profile is not
applied if the wrong type of server is accidentally inserted into the bay.
The ability to edit existing server profiles and change the server hardware type and enclosure group allows
them to perform tasks such as:
•Add or remove a mezzanine card to or from a server.
•Move server hardware from one enclosure to another enclosure with a different configuration.
•Move server profiles to servers with different adapters, generations of hardware, or hardware
models.
•Move workloads to different servers or enclosure configurations.
In an existing server profile, click the Change link adjacent to the Server hardware type or Enclosure
group settings to make changes to these values. Your customer can edit a server profile or a server profile
template any time after it has been created. When you edit a server profile, the state of the server changes.
The appliance analyzes the changes and determines the actions needed to update the server. For example,
if they change the BIOS settings but not the firmware baseline, the firmware is not updated. Only the
requested changes are applied.
When they edit a server profile template, the appliance analyzes the changes and updates the template
configuration. Then all the server profiles created from the template are evaluated for compliance and a
notification indicates the number of profiles that will be affected by the change. The profiles are marked
as non-compliant. Your customer can use the Update from template option in Server Profiles to accept all
the changes from the template.
If they change the server hardware type or enclosure group, other settings within a server profile can be
affected. For most of the following attributes, settings remain unchanged so long as the selected server
hardware type or enclosure group supports the existing settings. If the settings are not supported by the
selected server hardware type or enclosure group, the settings are removed. Exceptions are noted as
follows.
Server profile templates

Figure 4-27 Server profile templates

Server profile templates allow users to define configurations once, and then provision or update the
configuration many times—consistently and reliably with no repetitive tasks—across compute, storage
and networking resources. This way, profile mobility is not limited to migrations across the same server
hardware type and enclosure groups. The Server Profile Templates screen is shown in Figure 4-27. HPE
OneView provides profile mobility across different:
•Adapters
•Generations
•Server blade models
The HPE OneView appliance monitors both the server profile and server profile template. It compares
both elements and ensures the server profile matches the configuration of its parent server profile template.
The profile mobility feature enables you to modify enclosure groups and server hardware templates.
However, the resources must be detached from the server profile template before changes are made or
you will receive an error. Instead of detaching the server profile template, you can change the server
profile template itself, but all servers attached to that template will be affected.
Server profile templates provide automated change management across multiple systems and are at the
center of software-defined policies and solutions. Templates enable administrators to drill down into
dashboard panels to identify issues or troubleshoot problems connected to inconsistencies.
Editing templates is very similar to editing profiles in that templates do not have identifiers and cannot be
assigned to the hardware. Easily move from the high-level status down to the connections summary and
individual connections can be expanded to reveal complete connection configuration details.
Consistency checking is validating a server profile to ensure that it matches the configuration of its parent
server profile template. The appliance monitors both the server profile and server profile template,
compares the two, and checks them for consistency.
HPE OneView storage management

Figure 4-28 HPE OneView storage management

HPE OneView provides automated, policy-driven provisioning of supported storage resources, as shown
in Figure 4-28. It is fully integrated with server profiles so that your customer can manage their new or
existing storage infrastructure. With HPE OneView they can view and manage their storage system and
storage pools. They can add existing volumes and create new volumes, and then they can create volume
templates to provision multiple volumes with the same configuration.
Switched fabric, direct attach, vSAN SAN topologies, and iSCSI connections are supported. Storage
system and storage pools are added to the appliance followed by volumes, which are associated with
networks.
The volumes can then be attached to server profiles. Your customer can also add SAN managers to make
their managed SANs available to the appliance. Managed SANs can be associated with Fibre Channel or
FCoE networks on the appliance to enable automated zoning and automatic detection of connectivity.
HPE OneView allows administrators to:
•Automate HPE 3PAR StoreServ volume creation and SAN zoning.
•Automate StoreVirtual volume provisioning.
•Attach the storage volumes to server profiles.
For example, a 32-server cluster can be automatically created in hours rather than manually configured in
days. After deployment, storage and servers are monitored in HPE OneView, and the storage topology is
visible in Map View.
HPE OneView discovers the SAN paths and provides connectivity services for the following
infrastructures:
•HPE 3PAR StoreServ storage systems connected directly to an enclosure using Fibre Channel
•HPE 3PAR StoreServ storage systems connected to an HPE B-series Fibre Channel SAN
configuration (SANs managed through the HPE B-series SAN Network Advisor software)
•HPE 3PAR StoreServ storage systems connected to a Brocade Fibre Channel SAN configuration
(SANs managed through Brocade Network Advisor software)
•HPE FlexFabric 5900 AF/CP switches, Cisco MDS series switches, Cisco Nexus 5000 and 6000
series switches, and Brocade switches
With HPE OneView, advanced automation enables an IT generalist to define and provision storage
volumes, automatically zone the SAN as part of the provisioning process, and attach the volumes to server
profiles.
HPE OneView storage automation makes businesses more responsive, secure, and efficient. HPE 3PAR
StoreServ storage is fully integrated with HPE OneView server profiles for automated, policy-driven
rollout of enterprise-class storage resources. After the storage has been rolled out, your customer can
select an HPE 3PAR StoreServ volume in HPE OneView and create a snapshot from that volume.
Snapshots in OneView allow copy and provisioning access to non-storage professionals such as database
administrators, software developers, and test engineers working with systems. Users can restore their own
copies of test data safely and quickly without relying on a storage administrator. They can easily replace
and restore copies of their volumes by copying, promoting, and attaching their volumes to server profiles.
This enables users to update specific snapshots with more recent snapshots, resulting in faster turnaround
times for developers who need refreshed snapshots. This also alleviates the workload for storage
administrators.
Using HPE 3PAR StoreServ storage within HPE OneView is as simple as selecting a storage template
and a server profile. HPE OneView automation carves out the storage volume, zones the Fibre Channel
SAN, and attaches the storage to the server profile.
After they are rolled out, the SAN resources are immediately exposed in the topology map. This includes
multi-hop Fibre Channel and FCoE architectures. In HPE OneView, proactive alerts are provided when
the expected and actual connectivity and states differ or when SAN health issues are immediately visible
in the topology map. HPE OneView provides SAN configuration reports, which include guidance for
SAN efficiency and help in resolving potential SAN issues before there is a business impact.
HPE OneView network management with HPE Virtual Connect

Figure 4-29 Port monitoring with HPE OneView

OneView replaces legacy Virtual Connect management applications on BladeSystem c-Class


environments and manages connectivity of composable interconnects on Synergy.
HPE OneView provides several networking features to streamline the provisioning of networking
resources for server hardware and to manage configuration changes, including firmware updates, to
Virtual Connect interconnect modules. Figure 4-29 shows port monitoring.

Supported networks
The Virtual Connect interconnect modules in enclosures support the following types of data center
networks:
•Ethernet for data networks, including tagged, untagged, or tunnel networks
•Fibre Channel for storage networks, including Fibre Channel fabric attach (SAN switch)
connections
•Fibre Channel direct attach (Flat SAN) connections to supported 3PAR storage systems
•FCoE for storage networks where storage traffic is carried over a dedicated Ethernet VLAN
Virtual Connect features in HPE OneView:
•Configures uplinks and VLANs
•Configures downlinks via profiles (allows multiple networks per single server port)
•Virtual Connect dual-hop FCoE support and Virtual Connect quality of service (QoS) priority
queuing
•Supports master/satellite architecture on Synergy
•Per port statistics
•Enhanced monitoring support for Cisco Nexus 5000/6000 and B22HP FEX switches

Note
In the field of computer networking and other packet-switched telecommunication networks,
QoS (quality of service) refers to traffic prioritization and resource reservation control
mechanisms. Quality of service is the ability to provide different priority to different
applications, users, or data flows, or to guarantee a certain level of performance to a data flow.
(Wikipedia.org, January 2018)

Enclosure and frame management

Figure 4-30 Health monitoring at the enclosure and frame level in HPE OneView

•Health monitoring at the enclosure and frame level, as shown in Figure 4-30
–Power supplies
•Automatically adds all components under HPE OneView management
–Compute modules/server blades
–Interconnect modules
–Management infrastructure components
•Configures according to template/group settings
–c-Class—Runs SSH script on OA
–Synergy—Configures iLO and ICM IP addresses
Change management with driver and firmware updates

Figure 4-31 Firmware bundle upload and firmware report at the server level

HPE OneView provides fast, reliable, and simple firmware management across the appliance. When you
add a resource to the appliance to be managed, the appliance automatically updates the resource firmware
to the minimum version required by the appliance. As shown in Figure 4-31, a firmware bundle must be
uploaded to the appliance for the automation to occur.
HPE OneView manages updates for:
•Infrastructure components:
–Onboard Administrator
–Frame Link Modules (FLM)
–Virtual Connect modules
•Server hardware:
–Using Intelligent Provisioning
–Using HPE SUT: firmware and drives support
Scheduled firmware and OS drivers update is supported since OneView 3.1 as well as external firmware
repository—provides unlimited storage space for SPPs and supports multi-appliance environments with
single external appliance.

Inventorying power and physical infrastructure

Figure 4-32 Datacenter view in OneView

In HPE OneView, a data center represents a physically contiguous area in which racks containing IT
equipment—such as servers, enclosures, and devices—are located. Your customer creates a data center
to describe a portion of a computer room, summarizing their environment and its power and thermal
requirements. A data center resource is often a subset of their entire data center and can include equipment
that is not managed by HPE OneView. By representing the physical layout of their data center equipment,
including unmanaged devices, they can use detailed monitoring information for space planning and
determining power and cooling requirements.
In HPE OneView, customers can:
•View a 3D model of the data center layout that includes a color-coding scheme to help them
identify areas that are too hot or too cold, as shown in Figure 4-32.
•View temperature history data.
•More easily locate specific devices for hands-on servicing.
HPE OneView collects and reports processor utilization and power and temperature history for your
customer’s data center hardware. The appliance monitors power, automatically detects and reports power
delivery errors and provides precise power requirement information for HPE ProLiant Gen8 (or later)
servers and HPE Blade System enclosures that the customer can use for planning rack and power usage.
Power Discovery Services enable automatic discovery and visualization of the power delivery topology
for the data center. HPE Intelligent Power Distribution Units (iPDUs) enable the appliance to map the
rack power topology automatically. The appliance detects wiring errors—such as lack of redundancy—
and updates electrical inventory automatically when new servers are installed. The appliance also supports
per-outlet power control for remote power cycling of each iPDU outlet. Your customer can manually
define the power requirements and power topology for devices that do not support Power Discovery
Services.
A rack is a physical structure that contains IT equipment such as enclosures, servers, power delivery
devices, and unmanaged devices in a data center. By describing the physical location, size, and thermal
limit of equipment in the racks, your customer enables space and power planning and power analysis
features for their data center.
An unmanaged device is a physical resource that is located in a rack or consumes power but is not
currently managed by HPE OneView. Some unmanaged devices are unsupported devices that cannot be
managed by HPE OneView.
All devices connected to an iPDU using an Intelligent Power Discovery (IPD) connection are added to
HPE OneView as unmanaged devices. Other devices that do not support IPD—such as KVM switches,
routers, and in-rack monitors and keyboards—are not added to the list of unmanaged devices
automatically. To include these devices in HPE OneView, customers can add them manually and describe
their names, rack positions, and power requirements.

Selecting a management solution

Figure 4-33 Selecting an HPE management solution

Many questions need to be answered before being able to promote the most appropriate management
solution. Figure 4-33 shows which HPE management solution to lead with given certain customer
requirements.
Learning check
4.Which configuration object can be used in HPE OneView to help with creating consistent server
configurations and automate change management?
a.Server Profile Template
b.Server Profile Report
c.Server Profile Consistency Report
d.Virtual Connect Migration
5.What does HPE OneView use to manage network traffic flows and guarantee a certain level of
performance?
a.Virtual Connect dual-hop FCoE support
b.Enhanced migration from VCM domains
c.Partially stacked Virtual Connect domains
d.Virtual Connect QoS priority queuing
6.How can be HPE OneView implemented?

7.A customer challenges you with the statement “Competitive offerings provide a single, unified
tool for infrastructure administration and provisioning, but it seems that HPE offerings require
multiple different tools and interfaces.” How should you respond?

8.Write a summary of the key concepts presented in this chapter.

Summary
•HPE tools that can be used for managing multiple HPE ProLiant systems include:
–HPE OneView
–iLO Amplifier Pack
–HPE ICsp
–Remote Support
–Insight Online
–These tools differ in functionality and supported devices.
•HPE OneView is infrastructure automation engine to simplify operations, increasing the speed of
IT delivery for new applications and services.
5 HPE Server Technologies
WHAT IS IN THIS CHAPTER FOR YOU?
After completing this chapter, you should be able to:
✓Provide a high-level overview of technologies within the HPE ProLiant server portfolio.
✓Describe the features of HPE servers in the following areas:
–Processors
–Storage
–Networking
–Rack and power

Prelearning check
1.Provide an example of a technology in HPE Gen10 servers that increases the performance when
compared to Gen9.

2.Match the processor family with benefits.

3.Memory controllers in HPE Gen10 ProLiant servers support a maximum of four memory channels
per CPU.
True
False

ProLiant Gen10 features


Overview of relevant and differentiating innovations in HPE ProLiant Gen10 servers:
•The World’s Most Secure Industry Standard Servers
•Unprecedented high-speed memory capacity with persistence
•Intelligent System Tuning (IST)
•New levels of compute
•Increased in-server storage density
•More efficient and easier server management

Strategic focus areas for relevant and differentiating innovations


Strategic focus areas in ProLiant Gen10 servers are:
•Security
–Unmatched threat protection
–Extensive standards compliance
–Supply chain attack detection
–Unparalleled ability to recover firmware and OS after attack
•Productivity
–High capacity—data acceleration with flash-backed Persistent Memory up to 3.0 TB (4S)
–Second generation of memory-driven compute innovation on the path to the machine
•Velocity
–Enhanced Graphics Processing Unit (GPU), Peripheral Component Interconnect Express
(PCIe) solid-state drive (SSD) and Non-Volatile Memory Express (NVMe) drive performance
and choice
–Higher speed memory access
–Next-generation industry standard CPUs
•Efficiency
–Processor performance tuning
–Predictable latency reduction
–Balanced workload optimization
•Flexibility
–Substantially greater NVMe capacity
–Enhanced in-server storage density and drive count
•Simplicity
–Large-scale FW deployment
–Improved graphical user interface (GUI) and industry standard application program interfaces
(APIs)
–Easy system debug access
–Convenient warranty entitlement validation

Note
A graphics-processing unit (GPU) is a specialized electronic circuit designed to rapidly
manipulate and alter memory to accelerate the creation of images in a frame buffer intended
for output to a display device. GPUs are used in embedded systems, mobile phones, personal
computers, workstations, and game consoles. Modern GPUs are very efficient at manipulating
computer graphics and image processing, and their highly parallel structure makes them more
efficient than general-purpose CPUs for algorithms where the processing of large blocks of
data is done in parallel. In a personal computer, a GPU can be present on a video card, or it can
be embedded on the motherboard or—in certain CPUs—on the CPU die. (Wikipedia.org,
January 2018)
Gen10 servers—Security
Security-related functions of Gen10 servers:
•Authenticate key server lifecycle management activities such as configuring and updating the
server
•Allow recovery to authenticated former known functional state upon detection of malware
•Support key industry standard security protocols and certifications
•Have chassis intrusion detection and iLO integration to ArcSight
Benefits:
•Prevent downtime due to malware sprawl and avoid loss to business
•Fast isolation of problem areas
HPE is leading the industry with offering Hardware Root of Trust that allows ProLiant to have the most
secure firmware supply chain and reduce negative impact on business and workforce productivity.

Gen10 servers—Productivity
Productivity-related benefits and features of Gen10 servers:
•Industry’s first platforms to deliver Persistent Memory support providing 7x performance
improvement for write-intensive workloads (demanding database applications like online
transaction processing [OLTP], in-memory database workloads)
•Battery-backed protection for transactional data
•Reduced Oracle/SQL database licensing cost by delivering same level of performance with less
number of processor cores
•High endurance at near-memory speeds for caching applications
HPE is leading the industry with offering Persistent Memory at Gen10 launch and will outperform
competition in all caching/logging write intensive applications. Value of high-performing platform is
clear—superior business productivity achieved based on real-time analytics on transactional customer
data and high return on investment (ROI) with accelerated database performance leading to using less
processor cores.

Note
Operational, or online transaction processing (OLTP), workloads are characterized by small,
interactive transactions that generally require subsecond response times. It is common for
OLTP systems to have high concurrency requirements, with a read/write ratio ranging from
60/40 to as low as 98/2. Modifications are predominantly singleton statements, and most
queries are constrained to simple joins. While limiting joins to as few tables as possible is
desirable, a significant number of application systems do join many tables. Standard practices
call for indexing strategies in OLTP systems to target an increase in concurrency versus query
support; however, more indexes have to be created than is desired to reach acceptable query
performance. The lower the proportion of write operations is in the system, the higher the level
of indexing that can be tolerated, unless the timing of specific write operations is critical.
(Microsoft TechNet, January 2018)

Gen10 servers—Velocity
HPE ProLiant Gen10 servers outperform Tier 1 competition in several performance-driven workloads due
to increased NVMe, GPU, PCIe accelerator count per server, and choice of CPU brand and performance
characteristics to better meet varying workload types. ProLiant Gen10 servers have broader support for
graphics rendering, remote visualization, high-resolution 3D, and virtual desktop infrastructure
(VDI)/computer-aided design (CAD) simulation workloads.
Velocity related features of Gen10 servers:
•Support for a wide variety of PCIe accelerators (PCIe SSDs, GPUs) across the entire DL portfolio
•Have the capability to support multiple write-intensive workloads using low latency and higher
Input/Output Operations Per Second (IOPS) NVMe drives
•Have new x86 processors from Intel® and AMD
•Provide enhanced GPU performance and choice benefiting compute workloads such as
engineering, seismic analysis, and weather prediction
Benefits:
•Execute transactions faster for both structured and nonstructured databases
•Peak performance for parallel and distributed computing (High-Performance Computing [HPC]
and analytics applications)
•Deliver highest level of service-level agreements (SLAs) for cloud services and VDI applications
•New levels of CPU performance, core count, greater memory bandwidth, and enhanced security

Gen10 servers—Efficiency
HPE ProLiant servers will outperform competition with similar Intel® CPU Stock Keeping Units (SKUs),
and HPE ProLiant servers can automatically operate at lower power states and temps during workload
downtime. HPE ProLiant have high-deterministic/reliable performance in turbo mode and dynamic
workload optimization using telemetric data allows HPE ProLiant DL servers to utilize compute resources
effectively. These lower licensing costs for core-based application licensing decrease power and cooling
costs automatically during downtime (lower TCO). For high frequency trading (HFT), small
(milliseconds) latency reduction is directly proportional millions of dollars and this deterministic
performance is a competitive advantage.
Efficiency-related features of Gen10 servers:
•Maintain (more than Intel® algorithm) active cores as CPU frequency is adjusted up in turbo mode
•Automatically lower core p-states during downtime to save energy
•Jitter Smoothing to reduce variance when CPU frequency is increased (for example, turbo mode)
•Individual platforms capable of self-tuning themselves to deliver the best possible workload
performance
Benefits:
•Improves performance of compute environment by having more active cores at a given frequency
in turbo mode
•Reduce energy needs as workloads decrease
•Improve deterministic and predictable performance

Gen10 servers—Flexibility
HPE ProLiant Gen10 servers increase in-server storage across the portfolio to support high-performance
storage-driven applications and hyperconvergence.
HPE offers industry-leading storage density across premium and value offerings and ProLiant Gen10
deliver best-in-class performance by reducing latency related to external storage for demanding
applications. Efficient rack space utilization leads to increased data center efficiency and better TCO.
Flexibility-related benefits of Gen10 servers:
•Support more users and applications in a smaller server footprint
•Capability to support hybrid and all flash configurations across portfolio to match the price
performance requirement (distributed database applications, software-defined storage)
•Reduce $/GB for storage capacity-sensitive workloads (cold storage, back-up, and Microsoft
Exchange)

Gen10 servers—Simplicity
Table 5-1 Benefits of new functions of Gen10

HPE has added many new functions to Gen10 servers to simplify provisioning and operations. The
benefits of these new functions are listed in Table 5-1.
ProLiant Gen10 subsystems

Figure 5-1 ProLiant Gen10 subsystems

HPE ProLiant Gen10 servers consist of various subsystems and components, as shown in Figure 5-1,
which are covered in this chapter:
•Processor and processor control (Intelligent System Tuning)
•Storage—disks, controller, Persistent Memory
•Memory
•Networking
•Power and rack

ProLiant Gen9 features


ProLiant Gen9 servers advance convergence with storage virtualization enhancements such as HPE
StoreVirtual VSA, HPE Smart Storage, and HPE SmartMemory solutions. They deliver improved
workload-optimization capabilities with HPE PCIe Workload Accelerators.
The ProLiant Gen9 solution stack includes a common modular architecture, form factors, management
software, services, storage, and networking. These solutions can help customers shift from a server-
centered past to a workload-optimized future.
Customers choose ProLiant servers for a variety of reasons. HPE has the broadest server portfolio in the
market. Each ProLiant server—from the entry-level server to the most scalable server—is engineered to
provide meaningful, cutting-edge benefits to customers for their increasingly complex environments.
ProLiant servers provide the right compute resources, for the right workload, at the right economics.
The ProLiant Gen9 server portfolio offers:
•Compute
–Intel® Xeon® processors
•Networking
–Tunnel offload
–Remote direct memory access (RDMA) over Converged Ethernet
–Virtual extensible LAN (VXLAN)/Network Virtualization using Generic Routing
Encapsulation (NVGRE)
–1 GB/10 GB/40 GB Ethernet Fourteen Data Rate (FDR) InfiniBand
–20 GB FlexFabric adapters on BL servers
–Embedded LAN on motherboard (LOM) on DL servers
•Security
–Unified Extensible Firmware Interface (UEFI) Secure Boot
–HPE Secure Encryption
•Memory
–HPE DDR4 SmartMemory registered dual in-line memory module [DIMM] (RDIMM)/load-
reduced DIMM (LRDIMM)
•Storage
–12 Gb/s Smart Array controllers
–12 Gb/s Smart host bus adapters (HBAs) on blades
–12 Gb/s Serial Attached SCSI (SAS) Expander Card
–12 Gb/s SAS hard disk drives (HDDs)/SSDs
–PCIe Workload Accelerators
–HPE SmartCache with SSD
–HPE StoreVirtual VSA
–HPE Smart Storage Battery
•Embedded and converged management
–UEFI
–HPE RESTful Interface Tool
–HPE Smart Update Manager (SUM) 7.1.0 and HPE integrated Lights-Out (iLO) powered by
iLO Federation
–Location Discovery Services
–HPE OneView
–HPE Insight Online
–Remote access mobile apps
•Flexibility
–Universal Media Bay
–Embedded/Flexible LOM
•Services
–HPE Technology Services
–HPE Care Pack Services
–HPE Proactive Care Services

Processor support in ProLiant Gen9 servers


Designed to support up to 22 cores and memory speeds of up to 2400MT/s, the Xeon E5-2600 v4
processor offers up to 25% performance gains for ProLiant Gen9 servers. The Xeon E5-2600 v4
processors include virtualization enhancements, added security, and improved orchestration capabilities
to help customers better manage shared platform resources. With these new processors, HPE has achieved
several new #1 server benchmark performance positions in multiple categories, including results with:
•Industry-First Big Data TPC Express Benchmark Big Bench (TPCx-BB)
•SPECjbb2015-Composite
•SPECjbb2015-Distributed
•TPC-H.
Processors supported in ProLiant Gen9 servers are:
•The Xeon processor E5 family is designed to deliver agile services for cloud and traditional
applications and workloads with versatility across diverse workloads, including:
–Cloud deployments that require scalability, agility, and orchestration capabilities across
compute, network, and storage
–Improved bandwidth and reduced latency for the most demanding HPC workloads and
applications
–Cloud-based network architectures supporting high throughput, low latency, and agile delivery
of network services such as network functions virtualization and software-defined networking
–Intelligent and complex storage systems requiring high performance, increased memory, and
greater I/O bandwidth
•The Xeon processor E7 family is designed for the scalable performance demands of complex, data-
demanding workloads such as in-memory databases and real-time business analytics. These
solutions accelerate performance across the data center to deliver real-time, business-critical
services for the largest workloads. Target workloads include:
–In-memory analytics applications
–Traditional databases, enterprise resource planning (ERP), data warehousing, and OLTP
applications
HPE recommends the following Intel® processors when low-latency is required in a ProLiant Gen9
server:
•Xeon E5-2637 v3 (4c 3.5 GHz), E5-2643 v3 (6c 3.4 GHz), E5-2667 v3 (8c 3.2 GHz), and E5-2687
v3 (10c 2.7 GHz) in ProLiant DL and BL servers and select Apollo System servers
•Xeon E5-2690 v3 (12c 2.6 GHz) in select Apollo System servers that do not support the higher-
wattage processors

Learning check
1.Provide an example of a technology in HPE Gen10 servers that provides increased performance
compared to Gen9.

Intel® Xeon® processor scalable family


HPE ProLiant Gen10 servers are equipped by Intel® Xeon® processor scalable family and EPYC, AMD’s
x86 server processor line, implementing Zen microarchitecture, introduced in 2017.
Intel® Tick-Tock development model

Figure 5-2 Intel® Tick-Tock development model

New microarchitecture released by Intel® (“Tock”) is usually connected to a release of a new generation
of our ProLiant servers, as illustrated by Figure 5-2, and requires HPE to design new system boards,
chassis, risers, and backplanes. Processor refresh (“Tick”) usually requires only lighter changes and
require a few firmware changes, such as complex programmable logic device (CPLD) and management
engine (ME).

Note
The Tick-Tock development model will be not used in the future.

Intel® platform (Skylake/Platform Controller Hub) features


Features of new Intel® Xeon® processors scalable family (Skylake platform) and its Platform Controller
Hub (PCH):
Processors:
•CPU Thermal Design Power (TDP)—70 to 205W
•Socket—Socket P
•Scalability—2 sockets (2S), 4 sockets (4S), 8 sockets (8S)
Memory:
•Six channels, DDR4
•RDIMM, LRDIMM
•2133, 2400, 2666
•2 DIMMs per channel
UPI:
•Two to three channels per CPU
•9.6, 10.4 GT/s
PCIe:
•Bifurcation (splitting the PCIe signal) x16, x8, x4
•48 Lanes per CPU
•PCIe 3.0 (2.5, 5.0, 8.0 GT/s)
PCH:
•Lewisburg (new platform core-logic) DMI3 (chipset-bus)—four physical PCIe 3.0 lanes
•Up to 10x USB3
•14x SATA3
•20x PCIe 3.0

Intel® Processor for the 300/500 series


The new Intel® Xeon® Processor Scalable Family is used in ProLiant Gen10 servers.
•DL300/BL400/SY400 series Gen10:
–CPU count—2
–Max wattage—Up to 205W (up to 150W for BL servers)
–Core counts—4 to 28 (up to 26 for BL servers)
–CPU frequency—Up to 3.6 GHz
•DL500/BL600/SY600 series Gen10:
–CPU count—4
–Max wattage—Up to 205W
–Core counts—4 to 28
–CPU frequency—Up to 3.6 GHz

Note
Numbers above can change over time, so always verify latest information in QuickSpecs.

Gen10 new socket design


ProLiant Gen10 servers are using the LGA 3647 socket. The socket supports six-channel memory
controllers, and Intel UltraPath Interconnect (UPI). Figure 5-3 shows the socket design.
Figure 5-3 Gen10 Intel® socket design

Intel® Xeon® Processor Scalable Family—New brand

Figure 5-4 Intel® Xeon® Processor Scalable Family—Entry processor up to high-performance


processor

Five new model families are introduced with Intel® Xeon® Processor Scalable Family replacing former
Intel® Xeon® E7 (4/8S+) and E5 (2S, 4S) families, as shown in Figure 5-4:
•Platinum
•Gold (6xxx)
•Gold (5xxx)
•Silver
•Bronze
Figure 5-5 Product numbering convention for Intel® Xeon® Processor Scalable Family

Figure 5-5 explains the Skylake platform numbering convention:


•First number represents the SKU level.
•Second number the generation.
•Third and fourth numbers are representing the SKU.
•The last character is used to distinguish integration:
–F—Fabric
–P—FPGA
–T—High Tcase/Extended reliability
–M—1.5 TB per socket memory
There are major differentiators between processor families:
•Platinum (81xx)
–2S-2UPI, 2S-3UPI, 4S-2UPI, 4S-3UPI, 8S-3UPI capability
–6-ch DDR4 @ 2666
–3 UPI links @ 10.4GT/s
–Intel® Turbo Boost Technology
–Intel® HT Technology
–Intel® AVX-512 (two 512-bit fused multiply-add [FMA])
–48 lanes PCIe Gen3
–Node Controller Support
–Advanced RAS
•Gold (61xx)
–2S-2UPI, 2S-3UPI, 4S-2UPI, 4S-3UPI capability
–6-ch DDR4 @ 2666
–3 UPI links @ 10.4GT/s
–Intel® Turbo Boost Technology
–Intel® HT Technology
–Intel® AVX-512 (two 512-bit FMA)
–48 lanes PCIe Gen3
–Node controller support
•Gold (51xx)
–2S-2UPI, 4S-2UPI capability
–6-ch DDR4 @ 2400
–2 UPI links @ 10.4GT/s
–Intel® Turbo Boost Technology
–Intel® HT Technology
–Intel® AVX-512 (one 512-bit FMA)
–48 lanes PCIe Gen3
–Advanced RAS
•Silver (41xx)
–2S-2UPI
–6-ch DDR4 @ 2400
–2 UPI links @ 9.6GT/s
–Intel® Turbo Boost Technology
–Intel® HT Technology
–Intel® AVX-512 (one 512-bit FMA)
–48 lanes PCIe Gen3
–Standard RAS
•Advanced RASBronze (31xx)
–2S-2UPI
–6-ch DDR4 @ 2133
–2 UPI links @ 9.6GT/s
–Intel® AVX-512 (one 512-bit FMA)
–48 lanes PCIe Gen3
–Standard RAS

Note
Numbers above can change over time, so always verify latest information in QuickSpecs.
Select the Intel® Xeon® processor

Figure 5-6 Selecting a processor

Select the processor based on customer and business requirements using the information in Figure 5-6.

Note
Numbers above can change over time, so always verify latest information in QuickSpecs. U.S.
ILP are subject to change without notice. Support must be verified for specific model as well.
Not all variants are available for all models.

Learning check
2.Match the processor family with benefits.

Efficiency
For the past several years, server-class customers have seen processor-based performance increase
generation over generation. This is due in a large part to increases in core counts and more efficient
instruction set architectures. Unlike the preceding decades, the base frequency of the CPU has stayed
rather stable and only the number of cores has increased. Processor vendors, realizing that not all
workloads benefit from increased core counts, introduced features that allow the processor to run
opportunistically at higher frequencies when these extra cores or the power to run them are not being
utilized.
Although these opportunistic frequency upsides can increase performance, they also introduce an
unwanted side effect. Frequency shifting itself introduces computation jitter, or nondeterminism, and
undesirable latency. Jitter and the latency associated with it create problems for several customer
segments. For example, high-frequency traders, who rely on time-sensitive transactions, cannot tolerate
the microseconds of delay that can be added randomly to a trade caused by a frequency shift. These delays
over time can cost a trader upward of millions of dollars. Servers running real-time operating systems
(RTOS) to control critical functionality also cannot tolerate random latencies that happen when
opportunistic-frequency features are left enabled.
The current trend for latency-sensitive customers is to disable the features that normally would result in
increased application performance. A trade executes faster if the processor runs faster, but if it comes at
the cost of random delay, the benefit of increased performance is lost.
Starting with Gen10 servers using Intel® Xeon® Scalable Processors and iLO 5, HPE has introduced a
new feature that allows customers to achieve both frequency upside and low latency. Processor Jitter
Control allows the customer to remove or reduce the jitter caused by opportunistic frequency management
resulting in better latency response and higher throughput performance.

Note
Gen10 servers using AMD processors are not supported. An iLO Advanced license is required
to use this feature.

HPE Intelligent System Tuning


Dynamically configure server resources to match specific workloads and achieve higher levels of
performance, efficiency, and control in your server environment. Intelligent System Tuning (IST), a new
set of server tuning technologies developed in partnership with Intel®, dynamically tunes your servers to
align with the unique needs of each workload.
IST leverages exclusive technology developed through close partnership with Intel®. It includes three
innovative capabilities—Jitter Smoothing, Workload Matching, and Core Boosting—that together can
deliver double-digit boosts in performance.
•Jitter Smoothing
–Smooths fluctuations in processor frequency as customers increase performance
–For multiple segments, particularly financial institutions and live streaming applications
•Core Boosting
–Unique ability to dynamically modulate frequency and performance
–Reduce application core charges through greater performance with fewer processor cores
•Workload Matching—Custom profiles on ProLiant Server systems match the more common
customer workloads, automatically matching internal resources to those typical needs
Note
For more information on IST, enter the following URL into your browser.
http://hpe.com/info/ist

Increased performance delivered through iLO Advanced

Figure 5-7 HPE Intelligent System Tuning

Increased performance using IST requires iLO Advanced for some features, such as Jitter Smoothing and
Core Boosting. New Gen10 technologies suite customers that need:
•Maximum processor throughput even in workloads sensitive to processor latency
•Ability to easily tune server parameters without needing years of experience or trial-and-error
Key new features, as illustrated by Figure 5-7:
•Leverage HPE-developed processor control technology and performance engineering experience
•Jitter Smoothing mitigates processor frequency fluctuation to improve overall workload
throughput above turbo mode.1
•Workload Matching allows you to leverage preconfigured profiles that automatically tune internal
server resources and deliver up to a 9% performance improvement over server default settings
(based on HPE internal benchmarking).
•Core Boosting enables higher performance across fewer processors that can save customers up to
100K in annual core-based licensing fees or $500K over five years (based on HPE internal
benchmarking).
Some features may be available only in future releases.

Intelligent System Tuning—Processor Jitter Control


IST—Processor Jitter Control is primarily targeted at the Financial Services Industry (FSI). For this
market, maximum worst-case latency is more important than overall bandwidth. Processor frequency
changes (including Turbo Mode transitions) introduce latency and FSI customers typically disable Turbo
Mode due to frequency jitter. This HPE unique innovation removes all processor frequency transitions
while allowing the processor to run above its base frequency.
IST requires iLO Advanced license.
The processor introduces jitter any time it executes changes in operating frequency. Several possible
reasons exist for a processor to dynamically change frequencies during run time. Some of the sources that
request frequency changes are driven by software, while others are driven by the processor itself.

Sources of jitter within the processor


Sources of jitter within the processor include:
•P-states and power management
•Turbo Boost
•C-states
•Power and thermal events
•Special instructions (AVX)

P-states and power management


P-states are predefined performance states that are made available by the processor for software to control
how much performance the processor is capable of delivering so that it can manage the power-
performance efficiency of the platform. Performance states are mapped to a specific frequency at which
the processor is capable of operating. Power management software instructs the processor to change P-
states (frequency) to save power when processor utilization (demand) is low. A processor often offers
several different P-states over a range of operating frequencies.

Turbo Boost
Intel’s® Turbo Boost allows the processor to run at higher frequencies than the base frequency guaranteed
by its specification, assuming it follows certain conditions. The conditions include the amount of heat
being dissipated, the temperature of the part, and the number of cores active (enabled and not idle). When
a workload is run on these processors while Turbo Boost is enabled, the processor will opportunistically
switch between frequencies in an attempt to achieve the highest possible performance. But as the demands
of the workload change, so can the frequencies. When frequencies change, we get frequency jitter as well
as a small amount of latency that occurs, which is required to electrically change frequencies. The net
effect of having Turbo Boost enabled is that while the processor attempts to provide the maximum amount
of performance within its limits, it often does so by changing frequency often.

C-states
C-states are predefined power-saving states that the processor offers to power management software to
use when the operating system idles a processor core. The operating system puts the processor into one
of a number of C-states that are made available. The deeper the C-state, the more power that is saved, but
at the cost of longer exit latencies to return to the operating state. In an attempt to save power, C-states on
Intel® processors also lower the frequency of the processor. Upon exiting a C-state, the processor, running
at the lowest frequency available to the C-state, must perform an additional frequency shift to return to
the previously requested P-state by power management software. C-states are useful in saving power when
the processor is not being utilized. However, entering and exiting these states introduce a large amount of
jitter.
Power and thermal events
The processor, in an attempt to run within the constraints of its design, employs the use of frequency
throttling in order to protect itself from thermal or overcurrent conditions. Frequency throttling allows the
processor to control how much the workload that is running on the host can introduce the stress that results
in higher heat and current draw. Several factors can lead to high operating temperature or overcurrent
events. Server ambient temperature, airflow, and other factors all play an important role in processor
temperature. An overcurrent can occur when the processor executes workloads that are capable of driving
very high–demand, power-hungry resources within the processor itself. Overcurrent can also occur if
Turbo Boost is enabled and the processor attempts to maximize the amount of performance when a
particularly aggressive workload executes and the power that is available to be consumed is driven very
high.

Special instructions (AVX)


Server processors offer special instructions that are capable of performing complex math at the cost of
utilizing logic that is capable of driving very high power usage inside the processor itself. If left
unchecked, overcurrent throttling is required when these instructions eventually drive the processor to
consume higher power. Instead of reactively throttling, processors typically proactively force cores to run
at a lower frequency to limit the chances of extreme power excursions whenever those instructions are
executed. On Intel® processors, the use of Advanced Vector Extensions (AVX) instructions cause the
processor to limit the processor frequency automatically. Because these instructions cause the processor
to automatically limit and potentially lower the frequency, their usage often introduces jitter.
What is jitter?

Figure 5-8 What is jitter?

Enabling Intel’s® Turbo Boost can increase processor frequency dramatically (for example, from 3.2 GHz
to 3.7 GHz). At high/turbo frequencies, changes in workloads require the processor to change frequency.
Each change in processor frequency requires the processor to stop execution and then execute at the new
frequency. Processor downtime during frequency changes can be 10us to 20us, as illustrated by Figure 5-
8.
Jitter is:
•Frequency fluctuation
•Processor downtime during each frequency change
Jitter is bad, it impacts latency, it impacts overall workload performance, and is happening even when you
are running in Turbo Boost Mode.

Jitter and latency


Jitter and latency are directly related. Jitter induced by processor frequency changes introduces latency
observed by a workload. When a processor executes a change in frequency, it goes through a process that
causes thread execution to stop entirely before the processor is capable of running at the new chosen
frequency. This process occurs regardless of whether the processor will shift to a faster or a slower
frequency. The amount of time that the processor is stopped can vary, but is typically between 10 and 15
microseconds. For a workload that depends on processor execution, a change in frequency will then
always introduce and additional 10 to 15 μs of latency. Because frequency shifts are often asynchronous
to application tasks running on the server, these latencies are random and thus nondeterministic from an
application standpoint. Also, it is important to note that a processor that varies its frequency also creates
a nondeterministic level of performance for the running applications. Software will execute slower as the
frequency is lowered and vice versa. The difference in frequency itself also means that there is a variable
amount of latency involved if an application depends on a certain amount of execution time. Latency
introduced by frequency changes can be illustrated by measuring latency when the processor is configured
to allow for frequency shifts (that is, Turbo Boost is enabled).

Jitter smoothing—Processor Jitter Control


Processor Jitter Control is a feature that is hosted by platform firmware within HPE ProLiant Gen10
servers. It allows the user to tune servers to reduce or remove processor jitter either automatically or
manually. Jitter Control has three modes and can be configured via the ROM Based Setup Utility (RBSU)
or via the RESTful interface. Jitter Control can be disabled, or configured for auto-tuned or manual-tuned
mode.

Figure 5-9 Enabling HPE Jitter Smoothing

Auto-tuned mode
When Processor Jitter Control is configured to run in auto-tuned mode, HPE Server firmware disables the
impact of power management and dynamically makes adjustments to the processor during run time in
order to eliminate the occurrence of frequency shift induced jitter, as illustrated by Figure 5-9. The result
of running in auto-tuned mode is that the processor will eventually run at the highest frequency that can
be achieved where the processor stops making frequency changes in order to stay within its thermal,
power, and core usage constraints.
Auto-tuned mode lowers the frequency upon detection of frequency changes caused by the following
sources:
•C-state transitions
•AVX induced transitions
•Turbo transitions (due to power, thermal, and core usage)
•Thermal throttling
When selecting auto-tuned mode via RBSU, C-state settings are also set to disabled. Most operating
systems rely on BIOS reporting of support of C-states via the Advanced Power and Configuration
Interface (ACPI). However, certain Linux distributions that load the intel_idle driver will ignore the ACPI
reporting of C-state support. For Auto-tuned to function properly, the intel_idle driver must be disabled
by adding intel_idle.max_cstate=0 in the kernel line parameters.

Manual-tuned mode
When Processor Jitter Control is configured to run in Manual-mode, the processor is configured to run at
a user selectable frequency. In this mode, firmware does not lower the frequency dynamically even if
processor frequency changes are detected. This mode is useful for users who desire to manually tune for
jitter reduction and for those who wish to set a maximum operational frequency. Unlike in auto-tune mode,
if a frequency change occurs below the programmed frequency, the server will not reduce the operating
frequency permanently and the processor is allowed to return to the maximum frequency when the limiting
constraints no longer exist.

Configuring processor Jitter Control via System Utilities


The Processor Jitter Control option has three modes: Disabled, Auto-tuned, or Manual-tuned. Selecting
Auto-tuned or Manual-tuned mode allows the user to also edit the Processor Jitter Control Frequency
input option, which allows the user to select the desired target frequency for manual-tuned mode or the
starting maximum frequency for auto-tuned mode. Frequency is entered in units of megahertz (MHz) and
the system firmware rounds up to the nearest frequency interval allowed by the processor. For example,
Intel® Xeon® Server processors support frequency programming in intervals of 100 MHz. If a user inputs
2050 MHz, the resulting frequency will be 2100 MHz if supported by the installed processor.

Note
For more information about configuring and tuning HPE ProLiant Servers for low-latency
applications, enter the following URL into your browser:
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c01804533

Workload profiles
Workload profiles are a configuration option to deploy BIOS settings based on the workload customer
intends to run on the server. Workload profiles are a configuration option to deploy BIOS settings to
accommodate the intended application of the server. Workload profiles is one of the HPE IST features.
There are dozens of server tuning variables to optimize performance and efficiency, such as:
•Intel® Turbo Boost Technology
•Energy Performance Bias
•Adjacent Sector Prefetch
•Sub-NUMA Clustering
•Intel® Hyper Threading
•SR-IOV
•VT-x
•VT-D
•DCU IP Prefetcher
•Channel Interleaving
•DCU Stream Prefetcher
•Intel® DMI Link Frequency
•Collaborative Power Control
•Intel® NIV DMA Channels (IOAT)
•Minimum Processor Idle Power Core C-states
•NUMA Group Size Optimization
•Uncore Frequency Shifting
•Thermal Configuration
•Memory Refresh Rate
•Power Regulator
•A3DC
•x2APIC
•HW Prefetcher
•Energy Efficient Turbo
•Memory Bus Frequency
•Memory Patrol Scrubbing
•UPI Link Power Management
•Minimum Processor Idle Power Package C-states
To leverage the experience of HPE’s Performance Engineering Team rather than trial/error method, use
workload profiles.

Intelligent System Tuning—Workload Matching


The system provides these Workload Profiles:
•General Power Efficient Compute
–This profile is the default profile for most ProLiant servers and HPE Synergy compute
modules.
–This profile applies to the most common performance settings that benefit most application
workloads while also enabling power management settings that have minimal impact to overall
performance. The settings that are applied heavily favor a balanced approach between general
application performances versus power efficiency.
–This profile is recommended for customers that do not typically tune their BIOS for their
workload.
•General Peak Frequency Compute
–This profile is intended for workloads that generally benefit from processors or memory that
must achieve the maximum frequency possible, for any individual core, at any time. Power
management settings are applied when they ensure that any component frequency upside can
be readily achieved. Processing speed is favored over any latencies that might occur. This
profile is a general-purpose profile, so optimizations are done generically to increase processor
core and memory speed.
–This profile benefits workloads that typically benefit from faster compute time.
•General Throughput Compute
–This profile is intended to be used for workloads where the total maximum sustained workload
throughput is needed. Increased throughput does not always occur when the processor runs at
the highest individual core speed. Increased throughput can occur when the processor is able to
perform sustained work across all available cores during maximum utilization. Power
management settings are disabled when they are known to have impact on maximum achievable
bandwidth.
–Best throughput is achieved when the workload is also nonuniform memory access (NUMA)
aware and optimized so settings that benefit NUMA awareness are applied.
•Virtualization—Power Efficient—This profile is intended to be used for virtualization
environments. The profile ensures that all available virtualization options are enabled. Certain
virtualization technologies can have possible performance impacts to nonvirtualized environments
and can be disabled in other profiles. Power management settings can have an impact on
performance when running virtualization operating systems, and this profile applies power
management settings that are virtualization friendly.
•Virtualization—Max Performance—This profile is intended to be used for virtualization
environments. The profile ensures that all available virtualization options are enabled. Power
management settings are disabled in favor of delivering maximum performance.
•Low latency
–This profile is intended to be used by customers who desire the least amount of computational
latency for their workloads. This profile follows the most common best practices that are
documented in the “Configuring and tuning HPE ProLiant Servers for low-latency applications”
whitepaper. Maximum speed and throughput are often sacrificed to lower overall computational
latency. Power management and other management features that might introduce computational
latency are also disabled.
–The profile benefits customers running RTOS or other transactional latency sensitive
workloads.
•Mission Critical—This profile is intended to be used by customers who trade off performance for
server reliability above the basic server defaults. The profile enables advanced memory RAS
features that are known to have more than a measurable impact to computational performance.
Enabling this profile will have an impact to maximum memory bandwidth and will increase
memory latency.
•Transactional Application Processing—This profile is intended to be used for business
processing environments, such as OLTP applications that require a database back-end. For example,
workloads typically comprised of a high number of user-based, transactional applications running
on a single server with a cohosted database component. The profile balances the requirement of
managing both peak frequency and throughput.
•High-Performance Computing—This profile is intended for customers running in a traditional
HPC environment. Typically, these environments are clustered environments where each node
performs at maximum utilization for extended periods of time to solve large-scale scientific and
engineering workloads. The default for our Apollo series servers, power management is typically
disabled in favor of sustained available bandwidth and processor compute capacity. This profile is
similar to the Low Latency profile except that some latency is accepted to achieve maximum
throughput.
•Decision Support—This profile is intended for Enterprise Business Database (Business
Intelligence) workloads that are focused on operating and/or accessing data warehouses, such as
data mining or online analytical processing (OLAP).
•Graphic Processing—This profile is intended for workloads that are run on server configurations
which utilize GPUs. GPUs typically depend on maximum bandwidth between I/O and memory.
Power management features that have impact on the links between I/O and memory are disabled.
Peer-to-Peer traffic is also critical, and therefore, virtualization is also disabled.
•I/O Throughput—This profile is intended to be used for configurations that depend on maximum
throughput between I/O and memory. Processor utilization-driven power management features that
have performance impact to the links between I/O and memory are disabled.
•Custom
–This option on the Workload Profiles menu disables Workload Profiles. Use this option if you
want to set specific BIOS options for your deployment manually. When you select Custom, all
the settings for the previously selected profile are carried forward. You can edit all or some of
the options.
–Custom is not a profile, and settings that you specify are not saved as a template.
•Default profiles for servers—Workload Profile options support a variety of power and
performance requirements. For most HPE ProLiant Gen10 servers and HPE Synergy compute
modules, the Workload Profile is set to General Power Efficient Compute by default. This
Workload Profile provides common performance and power settings suitable for most application
workloads. For ProLiant XL servers in an HPE Apollo system, the Workload Profile is set to High
Performance Compute by default. Selecting a Workload Profile other than the Custom profile
affects other setting options. For example, selecting the General Peak Frequency Compute profile
automatically sets Power Regulator mode to Static High Performance. This setting cannot be
changed and is grayed out.

Workload Profiles dependencies


There are multiple options that are available for BIOS configuration. Not all profiles set the same options
to specific settings. Each profile is designed to obtain specific performance results and sets different
options to meet those results. The options that a profile sets are called dependencies. All other options are
unaffected by the Workload Profile and are referred to as nondependent settings.

Applying a Workload Profile


You apply a Workload Profile to have the system manage your workload according to predefined settings
provided with the system. Dependent options cannot be changed and are grayed out. You can change any
nondependent options in a profile.
There may be one or more dependent options that you want to change in your Workload Profile.
Dependent options cannot be changed for a predefined profile. You can change the dependent options in
Custom mode. When you are in Custom mode, your deployment is no longer in profile mode, and you
can manually adjust option settings. When you enter Custom mode, all the settings from the previously
applied profile are shown. The easiest way to change dependent settings is to modify an applied profile.
First, apply a Workload Profile that has most of the settings that you want to use then change to Custom
mode. Then change only the settings you want to have new values.
Core Boosting: Performance and TCO illustration

Figure 5-10 Core Boosting TCO illustration

Core Boosting maximizes the performance of all processor cores while lowering core-based licensing
costs—ideal for virtualized environments, HPC, and Big Data—and is available on select ProLiant DL380
Gen10 and Apollo XL230K Gen10 server configurations. Figure 5-10 shows an example of Core Boosting
lowering TCO. Core Boosting is available on select Gen10 server platforms when paired with an Intel®
6143 16-core processor, high-performance heatsinks and fans, and an iLO Advanced License or an iLO
Advanced Premium Security Edition License.

HPE Intelligent System Tuning—Requirements


HPE IST requires power supplies based on power needs for processors and options (see Power Advisor)
and for specific features:
•Jitter Smoothing—HPE Gen10 Platform w/iLO 5 and iLO Advanced Premium Security Edition
or iLO Advanced license
•Workload Profiles—All Gen10 w/iLO 5
•Core Boosting—HPE Gen10 Platform w/iLO 5 and iLO Advanced Premium Security Edition or
iLO Advanced license
–Select Gen10 Platforms
–One of the following special HPE processor SKUs: 8c/155W, 16c/205W, 24c/205W
–Standard high-performance processor heat sink
–Standard high-performance fans
Learning check
3.Name three components of HPE Intelligent System Tuning.

HPE ProLiant servers: Storage features


As data storage and accessibility requirements grow, customers need solutions that can help overcome
performance bottlenecks. Storage options for ProLiant Gen10 servers include HDDs, SSDs, NVMe, and
Smart Array controllers. These offerings provide customers hassle-free performance, outstanding
reliability, and exceptional quality. Backed by more than 2.4 million hours of the industry’s most rigorous
testing and qualification programs, there is a solution to fit any application workload.

Customer storage challenges


Making IT a strategic enabler of the business has never been more challenging. Data storage requirements
are growing exponentially, along with government regulations for protecting sensitive data. This means
that storage solutions need to meet a variety of needs. As an example, every minute:
•217 new mobile users are online.
•More than 168 million emails are sent.
•1879 TB data is created.
•698,455 Google searches are performed.
•11 million instant messages are sent.
It is currently predicted that IT systems will create a new yottabyte (1024 bytes) of data a year by 2020. It
is predicted that systems will create a new brontobyte (1000 yottabytes) of data a year by 2025.
Customers have several requirements regarding how to manage their complex and expanding storage
infrastructure. They need to:
•Manage growing storage with fixed IT resources.
•Proactively identify and resolve storage bottlenecks.
•Have a single console for deployment, configuration, performance monitoring, and maintenance.

Note
For many years, the capacity of storage devices has been described using megabytes (MB),
gigabytes (GB), and terabytes (TB). Similarly, throughput has been historically measured in
megabits (Mb) and gigibits (Gb) per second.
As the scale of devices expands, the difference between the generally used terms (MB, GB,
TB) and their engineering equivalents mebibyte (MiB), gibibyte (GiB), and tebibyte (TiB)
grows at an alarming pace.
To more accurately represent throughput and storage capacity, the use of mibibit (Mib), gibibit
(Gib), MiB, GiB, and TiB is accepted.

Implementing storage
There are three principal and complementary ways to implement storage solutions.
•Direct-attached storage (DAS) storage solutions—The most straightforward storage solutions
are either internal in a single server (usually using SAS protocol) or directly attached external
storage. However, DAS storage cannot be shared among multiple servers, and the one-to-one
connection between device and server can add management complexity.
•Network-attached storage (NAS) devices—Primarily used for unstructured data and file sharing,
NAS storage adds increased storage management functionality, increased data protection,
performance enhancements, and the ability to share data using industry-standard protocols across
an Ethernet network. NAS devices can usually be easily and quickly installed and can be accessed
by both servers and nonserver devices.
•Storage area network (SAN) storage—SAN is a solution rather than a product, using shared
network components. SAN brings a dedicated network of storage systems accessible by multiple
servers. In contrast to NAS delivering data using file systems, SAN allows block-level access and
delivers even better levels of performance, management, and resilience. SANs offer business
continuity with redundant components, automated failover, and centralized management. Common
protocols used in SANs are Fibre Channel (FC), iSCSI, FCoE, and InfiniBand.

Direct-attached storage

Figure 5-11 HPE D3700 Enclosure

DAS consists of an open-system server running any application with dedicated internal or external storage
subsystems using a SAS protocol. DAS provides dedicated storage for multiple clients with a one-to-one
server-to-storage ratio. DAS offers the easiest way to deploy incremental amounts of storage as needed
without extensive planning. As RAID inside the server has become less expensive, DAS has grown in
popularity. A high percentage of deployed storage is now DAS.
The traditional approach involves DAS solutions such as the HPE D3700 shown in Figure 5-11, which
attach RAID arrays or hard drives directly to a server. DAS is familiar, works well, and is less costly than
initial SAN investments.
Using a direct-attached strategy, many of the customers today have separate storage systems and storage
management software products connected to individual servers.
Advantages of DAS include:
•Ease of deployment
•Scalability
•Relatively inexpensive to acquire, maintain, and expand
•High performance and reliability
•Fast server-to-storage data transfer
DAS disadvantages include:
•Inefficient resources—Storage space exists in isolated pools
•Unplanned redundancy—Duplicate copies of the same file might reside on different servers
•Increased management—Server-based management means that islands of data are difficult to
bridge and require a significant amount of labor to manage
•Decreased access—If the server becomes unavailable, access to data is disrupted for clients

Networked attached storage

Figure 5-12 HPE StoreEasy 1650 Storage

Networked attached storage (NAS) solutions consist of a specialized server-storage device that connects
directly to the network, such as the HPE StoreEasy 1650 shown in Figure 5-12. A file system is located
and managed on the NAS device. Data is transferred to servers and other devices through the LAN and to
clients using industry-standard file-sharing protocols, such as Common Internet File System
(CIFS)/Server Message Block (SMB) and Network File System (NFS). The intelligent NAS device
enables data sharing among heterogeneous network clients.
NAS storage devices require storage cabinets providing specialized file access, security, and network
connectivity. A network interface controller (NIC) on the server is a requirement to access the storage.
NAS provides file-to-disk block mapping and client access at the file level using network protocols.
NAS technology simplifies manageability and improves data access to clients and applications. A NAS
solution generally works with a mix of clients and servers running different operating systems.
The dedicated NAS appliance can provide shared storage between heterogeneous clients. Disk arrays and
other storage devices connect to the network through a traditional local area network (LAN) interface
such as Ethernet. Storage devices attach to network hubs similarly to the way servers and other network
devices do. All network users have equal access to the stored data and do not have to go through the
server. NAS makes storage resources more readily available and helps to alleviate the server bottlenecks
commonly associated with accessing storage devices.
Advantages of NAS include:
•Installs easily
•Is affordable
•Incorporates mature technologies
•Offers a scalable solution
•Increases network performance
•Supports remote management
Disadvantages of NAS include:
•Limited performance and storage capacity
•Increased management costs
•Inaccessible data stored on a central server if system shuts down
•Increased network bottlenecks

Storage area network

Figure 5-13 Typical SAN components: Fibre Channel Switch, server HBA, and array

The SAN is a separate network that provides a storage repository that is attached to multiple host servers.
SANs enable external storage to be shared by the servers without impacting system performance or the
primary network.
A SAN solution supplies open-system servers running applications on an open operating system. As
shown in Figure 5-13, the solution includes shared external storage resources, network infrastructure
components (such as Fibre Channel switches), and value added software for enhanced storage and data
management. This technology provides consolidated and virtualized storage with massive scalability and
fault tolerance.
Storage interfaces include:
•Internet Small Computer Systems Interface (iSCSI)
•FC
•FCoE
The basic purpose of a SAN is to transfer data between computer systems and storage elements and among
storage elements.
SAN benefits include:
•Centralized storage management
•Data replication
•Easy expansion and storage reallocation
•Disaster recovery
•Scalability
•Facilitation of backup and disaster recovery
SAN disadvantages include:
•Designing solution can be complex
•Compatibility
•Price level

Drive array basics


An array is a set of physical disk drives that can be combined into a single logical drive or subdivided into
multiple logical drives that are distributed across all disks in the set.
Having several physical hard drives enables the controller to divide the data across multiple drives. A file
is divided into a selected number of sectors, and then the file data is written concurrently across a series
of drives in an array.
This approach of combining drives brings several advantages:
•Performance—Because multiple drives are accessed simultaneously, the process of writing (or
reading) a file across multiple drives is much faster than writing to or reading from a single drive.
•Redundancy—If configured properly, one or more drives can fail without affecting the data
accessibility on the array.
•Capacity—Combining multiple drives together allows you to create logical unit numbers (LUNs)
that are bigger than individual drives.
•Management—Centralized management of all drivers in the system.

RAID levels
Storage solutions usually support a subset from the following different RAID levels.

RAID 0—Disk striping


A file is divided into stripes and then written across multiple disks. Data is striped across all drives.
This greatly decreases disk latency (the amount of time a disk head has to wait for the target sector to
move under the head).
•All of the disk space is available for data.
•RAID 0 is the least costly.
•Overall disk performance is improved, especially the speeding up of operations that retrieve data
from disk storage.
•Read and write performance is excellent.
•RAID 0 is not fault tolerant and provides no redundancy (and therefore has no hot-plug capability).
•All data is lost if one of the drives fails.
•By definition, RAID 0 requires two or more drives for a true stripe set. However, with some array
controllers, a RAID 0 logical volume can be created with a single drive.

Important
Data striping is faster than conventional file writing to a single disk; however, there is no fault
tolerance if any single drive fails. If one disk should fail, all data on the array would be lost.
RAID 1—Disk mirroring
With disk mirroring, data is written twice to two separate mirrored drives. If one drive fails, the mirrored
drive is the backup. A RAID 1 implementation requires an even number of disks, mirrors the entire data
structure on different drives, and allows split seeks. The drives with the requested data nearest to the
read/write heads are used for the read, which slightly improves read performance. Additionally, drives
must be added in pairs to achieve a RAID 1 expansion.
This viable, fault-tolerant solution is considered expensive because it requires twice as much drive storage.
Only 50% of the total disk space is available for data storage.

RAID 1+0—Mirroring of stripe sets


RAID 1+0 is mirroring with more than two drives. A stripe set (RAID 0) is created across each half of the
mirrored drives (RAID 1), thereby both mirroring and striping the data. RAID 1+0 requires an even
number of drives.
Multiple disks can fail without data loss if the disks are not in the same mirror pair. In the example in the
preceding graphic, Disks 0 and 1 could fail and all data would be intact on Disks 2 and 3. However, if two
disks in the same mirrored pair fail, the data is lost. RAID 1+0 cannot guarantee protection against a two-
disk failure.
In a RAID 1+0 configuration, array controllers can:
•Sustain an entire bus failure if the drives are equally distributed across the buses
•Service I/O requests to all operational drives in a degraded condition
•Survive n/2 drive failures, where n is the number of drives in the array, as long as one member of
each mirrored pair survives
This solution is fault-tolerant but is considered expensive. It requires double the disk space because only
50% of the total disk space is available for data storage.
RAID 1+0 has good performance and redundancy, but also has write penalties (two physical write requests
for one logical write request).

Note
RAID 1+0 is sometimes referred to as RAID 10 by some manufacturers.

RAID 5—Distributed Data Guarding (data striping and error correction)


Concurrent access and distributed parity are properties of RAID 5. Data is striped across multiple drives
and then its parity sum is calculated, which is also striped across multiple drives. Performance increases
because parity is spread across all drives, and there is no need to access a single parity drive after every
write command.
RAID 5 is best suited for I/O-intensive applications and transaction processing, thereby making it an ideal
solution for high-performance, fault-tolerant servers. RAID 5 requires four physical IOs from controller
to disk per single logical IO from operating system to controller:
•Read old data
•Read old parity
•Write new data
•Write new parity
Any single drive can fail and the information from the lost drive can be recovered from the parity data
stored on other drives. A minimum of three drives is required, and n+1 drives are needed, where n is the
number of drives used for data.
The biggest limitation of RAID 5 is the increased read time in a failure. In RAID 5, regardless of which
disk fails, data must be recalculated on each read from the remaining disks.

RAID 6—Advanced Data Guarding


RAID 6, also known as Advanced Data Guarding (ADG), provides high fault tolerance. It distributes two
sets of parity data protecting against two drive failures (XOR parity and Reed-Solomon code). Parity (P)
is written twice for each piece of data (D). These two sets are different, and each set occupies a capacity
equivalent to that of one of the constituent drives.
RAID 6 provides high read performance and high data availability. Any two drives can fail without loss
of critical data.
RAID 6 provides:
•Higher fault tolerance than RAID 5
•Lower implementation costs than RAID 1+0
•Greater usable capacity per U than RAID 1
RAID 6 requires a minimum of four hard drives, and n+2 drives, where n is the number of drives used for
data. Because of the two sets of parity data, RAID 6 provides a relatively low write performance as
compared to RAID 5 with its one set of parity data.

RAID 50 (RAID 5+0)


RAID 50 (RAID 5+0) is a nested RAID method that uses RAID 0 block-level striping across RAID 5
arrays with distributed parity. RAID 50 tolerates one drive failure in each spanned array without loss of
data. RAID 50 configurations require a minimum of six drives and require less rebuild time than single
RAID 5 arrays.

RAID 60 (RAID 6+0)


RAID 60 (RAID 6+0) is a nested RAID method that uses RAID 0 block-level striping across multiple
RAID 6 arrays with dual distributed parity. With the inclusion of dual parity, RAID 60 tolerates the failure
of two disks in each spanned array without loss of data. RAID 60 configurations require a minimum of
eight drives.
Hardware-based RAID

Figure 5-14 Hardware-based RAID controller

The advantages of a hardware-based RAID controller, such as the one shown in Figure 5-14, when
compared to software RAID implemented either as a part of the operating system or using a driver include:
•Faster, more reliable performance
•Decreased processor load
•User-friendly configuration utilities
•No operating system interface for rebuild
•Safe write caching
Memory/Storage hierarchy

Figure 5-15 Memory/Storage hierarchy

Figure 5-15 illustrates the Memory/Storage hierarchy. Technologies at the top of the pyramid have the
shortest latency (best performance) but come at a higher cost relative to the items at the bottom of the
pyramid. These layers are comprised of DRAM (memory), CPU cache(s), and CPU registers. All of these
components are accessed directly by the application (CPU)—that is, byte-addressable access. These layers
are also volatile in that their contents are lost when power is removed.
Technologies at the bottom of the pyramid—represented by magnetic media (HDDs and tape) and NAND
flash (represented by SSDs and PCIe Workload Accelerators) have longer latency and lower costs relative
to the technologies at the top of the pyramid. Data stored on these technologies are nonvolatile, even when
power is removed. Applications access data on these layers indirectly typically using Block I/O and/or
File I/O.
The new Persistent Memory technology layer sits between NAND flash and DRAM. It provides faster
performance relative to NAND Flash while also providing the non-volatility not typically found in
traditional memory. This technology layer provides the performance of memory with the persistence of
traditional storage.

Storage tiering on HPE ProLiant servers—With Persistent Memory


Figure 5-16 looks at emerging storage technologies including Persistent Memory, compared with the view
on the preceding page. Nonvolatile dual in-line memory modules (NVDIMMs) are an example of the type
of product in the Persistent Memory product category. The storage tier hierarchy in Figure 5-16 is
represented as follows:
Figure 5-16 Emerging storage technologies including Persistent Memory

•Tier 0—NVDIMMs; ns of latency


•Tier 1—PCIe SSDs and PCIe workload accelerators (NAND flash on the SAS/Serial ATA
(SATA) or PCIe bus); 100s of μs of latency
•Tier 2—SAS HDDs (highest-performing rotational media with lower capacities and greater cost
per GB relative to SATA); 10s of ms of latency
•Tier 3—SATA HDDs (higher-capacity relative to SAS and lower cost per GB but lower
performance relative to SAS); 100s of ms of latency
NVDIMMs do not replace NAND flash. NVDIMMs replaced PCIe NAND flash as the fastest storage
tier. In addition, although tape dropped off from this example, you could have another tier for archiving
data onto tape. NVDIMMs is emerging as the fastest storage tier available in the market and part of an
overall tiering strategy that includes HPE PCIe Workload Accelerators, SSDs, HDDs, and tape.

Selecting storage components


Whenever storage system or drives are evaluated, the following parameters can be used to describe the
product:
•Request for storage
–Capacity, latency, IOPS
•Used protocol
–SAS
–SATA
–FC
–NVMe
–Protocol generation (such as SAS-1, SAS-2, SATA revision 3.2, and so on)
•Type
–Flash or rotating drives
–Performance
–Entry, midline, enterprise
•Capacity and number of drives
•Rotational speed
–7.2 K, 10 K, and 15 K
•Form
–LFF
–SFF
–uFF

Note
The list above contains only the most common characteristics.

HPE server storage portfolio

Figure 5-17 HPE server storage portfolio includes HDDs, SDDs, and Smart Array Controllers

With some storage requirements escalating and others becoming more complex, factors such as flexibility,
performance, increased reliability, greater density, security, scalability, and accessibility are more critical
than ever. Today’s organizations consist of different kinds of environments. Enterprise data centers must
be online 24x7, fulfill requests from numerous users simultaneously, and allow for constant growth and
expansion while in operation. Other customer environments require high capacity storage and high data
availability for low I/O environments. The HPE portfolio of drives meets these demands.
All HPE drives pass a rigorous qualification process, which certify that every HPE drive is proven to
perform in a ProLiant server environment.
As illustrated by Figure 5-17, Internal drive options and selected storage solutions for ProLiant servers
include:
•HDDs—HPE SAS and SATA hard drives are available in both 3.5-inch large form factor (LFF)
and 2.5-inch small form factor (SFF) and ship with a standard one-year warranty.
–SATA HDDs—HPE SATA hard drives are built for reliability and larger capacity needs for
today’s non mission-critical server applications and storage environments. These high-capacity
drives provide the lowest cost per GB, and the best price advantage for nonmission-critical
applications with low workloads of 40% or less.
–SAS HDDs—HPE SAS drives satisfy the data center requirements of scalability, performance,
reliability, and manageability. They also provide a storage infrastructure for both enterprise
SAS drives and SATA disk drives. SAS midline drives provide the lowest dollars per gigabyte
and economical reliability and performance. The SAS interface is compatible with SATA
devices. This compatibility provides users with unprecedented choices for server and storage
subsystem deployment.
•SSDs—HPE SSDs deliver exceptional performance and endurance and reduce power consumption
for customers with applications requiring high random read and write IOPs performance. HPE SSDs
are categorized as read intensive, mixed use, and write intensive so you can choose the right SSD
that tailors to the demands of the workload. Available as SFF and LFF hot-plug devices, non-hot
plug SFF devices, and SFF quick release devices, these drives deliver better performance, better
latency, and more power-efficient solutions when compared with traditional rotating media.
–Write intensive solid-state drives—HPE write intensive 12 G SAS and 6 G SATA SSDs
provide high write performance and endurance. They are best suited for mission-critical
enterprise environments with workloads high in both reads and writes. Workloads best suited
for these write intensive SSDs include OLTP, VDI, Business Intelligence, and Big Data
analytics.
–Mixed use solid-state drives—HPE mixed use 12 G SAS and 6 G SATA SSDs are best suited
for high I/O applications with workloads balanced between reads and writes. The SAS and
SATA SSDs provide the workload-optimized performance required for demanding I/O-
intensive applications. When paired with ProLiant servers, these SSDs help meet the challenges
of Big Data. They achieve twice the performance and endurance of previous HPE SAS and
SATA SSDs.
–Read intensive solid-state drives—HPE read intensive 12 G SAS and 6 G SATA SSDs
deliver enterprise features for a low price in ProLiant server systems. This entry-level pricing
is fueling rapid SSD adoption for read-intensive workloads because the cost per IOPS compares
very favorably to HDDs. Read intensive SSDs deliver great performance for workloads high in
reads such as boot/swap, web servers, and read caching, just to name a few.
•NVMe—NVMe is an industry standard for using NAND Flash memory in an SSD. NVMe
standardizes the interface from the storage driver to the SSD, including command set and features
such as power management. The standard enables native OS drivers in Windows, Linux, and
VMware to provide a seamless user experience. The standard was defined from the ground up for
NVMe, so it is capable of much higher IOPS and lower latency than legacy storage standards, such
as SATA and SAS, which were designed for hard drives.
•M.2— Storage technology with NAND media is outgrowing the bandwidth limitations of the
SATA bus. New high-performance storage solutions will connect directly to the PCIe bus for
revolutionary performance improvements. These components will be available in a variety of form
factors and performance levels, designed specifically for certain market segments, and ultimately
the costs will continue to decline as the technology evolves.
•HPE Smart Array controllers—HPE offers a complete portfolio of enterprise-class RAID
controllers with fault tolerance for ProLiant-attached storage. Designed to enhance server uptime
and maintain flexibility for future growth, Smart Array controllers blend the reliability of SCSI with
the performance advantages of serial architecture. Providing industry-leading performance with
unmatched data protection, these controllers are ideal for companies with direct-attached SAS
storage. Smart Array controllers can help customers meet the requirements of a broad range of
applications. Moreover, by providing extensive choices for server and storage deployment, these
controllers provide high levels of flexibility and ROI.
•HPE Smart HBAs—Perfect for environments that require fast access, Smart HBAs provide cost-
effective and reliable high-performance SAS connectivity to DAS, shared storage, and tape drives
for ProLiant servers running Hadoop, Database Availability Group, and VMware vSAN. Smart
HBAs provide a conduit for deploying software-defined storage as a means to manage the IT storage
pool. For greater flexibility, Smart HBAs are capable of running in either HBA or simple RAID
mode.
•HPE Dynamic Smart Array—The Dynamic Smart Array controller provides an embedded
SATA RAID solution for ProLiant Gen9 and Gen10 servers. The common metadata format on the
drives allows disks to migrate from Dynamic Smart Array to Smart Array or Smart HBA (when
running in RAID mode) if needed. This capability helps to achieve higher performance, capacity,
and availability. This controller is ideal for supporting boot device and applications that do not
require significant I/O workload.
•Flash media drives—HPE offers high-performance flash media kits for customers requiring boot-
from-flash for integrated hypervisors and first tier operating systems. With high data retention and
read write cycles, HPE flash media devices are available in both SD and MicroSD form factors.
•Optical drives—Optical drives for ProLiant servers feature an industry-standard SATA interface
and are supported on most major operating systems.
–SATA DVD ROM optical drives—The DVD ROM drive is designed to read not only CD
ROM and CD R/RW discs but also DVD ROM, DVD RAM, DVD +R/RW and DVD R/RW
discs. HPE optical drives are available in half-height, slim, and super slim form factors.
–SATA DVD RW optical drives—The DVD RW drive can read DVD 4.7 GB through 8.5 GB
media, as well as standard stamped, CD-R, and CD-RW media. This drive supports writing to
CD-R, CD-RW, DVD +R/RW, and DVD-R/RW media via software utilities. For Microsoft
operating systems, this is available by installing the included Roxio software disk. For other
operating systems, an operating system-specific software utility is required for writing to media.
•HPE PCIe Workload Accelerators—PCIe Workload Accelerators for ProLiant servers are PCIe
card-based, direct-attach solutions. PCIe storage devices provide performance, reliability, and very
low latency. With enterprise-class endurance and capacity points up to 3.0 TB these solutions are
ideal for applications and workloads requiring maximized performance.
•HPE 12 GB SAS Expander Card—The SAS expander card allows supported ProLiant Gen9 and
Gen10 servers to be configured with their maximum number of drives. The expander card is ideal
for users who want to configure RAID for more than eight internal HDDs or add an additional
internal drive cage and configure RAID across all the internal drives.
•HPE Smart Storage Battery—In ProLiant Gen9 and Gen10 servers, a single Smart Storage
Battery connected to the system board provides the backup battery power to all of the Smart Array
controllers in the system that use flash-backed write cache (FBWC). Each 96-watt Smart Storage
Battery in ProLiant ML/DL servers is capable of providing enough power to back up the larger
cache sizes (4 GB) found in Smart Array controllers.

Note
The FBWC uses flash devices to retain cache data and super-capacitors (Super-caps) instead
of batteries to provide power during a power loss. A BBWC must provide power during the
entire power loss, while a FBWC only needs to provide power during the time to backup from
DRAM to flash. The FBWC offers significant advantages over the HP Battery-backed write-
cache (BBWC) system. Since the FBWC writes the contents of memory to flash devices, there
is no longer a 48-hour battery life limitation, and the data posts to the disk drive on the next
power up.
•HPE Smart Storage Administrator (SSA)—SSA is the comprehensive management and
configuration application for Smart Storage products and solutions. Available as a stand-alone
application or as a command-line interface (CLI), this utility provides advanced scripting and
diagnostics capability to simplify and streamline array configuration and management.
•HPE Smart Storage Power Management—Optimizes controller power consumption based on
both array configuration and workload. Smart Storage Power Management can save several watts
on storage controller power consumption without greatly impacting overall storage performance.
•HPE SSD Smart Path—With SSD Smart Path, the Smart Storage device drivers analyze each I/O
request to decide whether it can be executed more quickly through the driver itself or whether it
should be passed to the Smart Array firmware for execution as normal I/O. It is designed specifically
to deliver performance gains for logical drives using SSDs on Smart Array controllers.
•HPE SmartCache—In DAS environments, SmartCache uses one or more SSDs as dedicated
caching devices for other volumes, increasing storage performance by copying the most frequently
accessed data to the low latency SSDs for quicker access that is completely transparent to host
applications.

HPE Hard Disk Drives

Figure 5-18 HPE HDDs

HPE Hard Disk Drives, as shown in Figure 5-18, are ideal for core compute workloads from SMB to large
enterprise—email, customer relationship management (CRM), archive, and backup.
HDDs offer lowest $/GB than flash and increased SFF Capacity: 15 K up to 900 GB; 10 K up to 2.4 TB.
HPE Hard Disk Drives have rigorous testing/qualification program, backed by 3.35 million test hours
(internal HPE Lab Testing).
Note
Verify capacities in latest HPE QuickSpecs.

Key features/benefits:
•All HDDs include Digitally Signed Firmware and Best in Class (BIC) firmware security features.
•Support Non-Disruptive Updates (NDUs) firmware updates do not interrupt access to data or
system service.
•Prevent unexpected data loss with a “Do Not Remove” button on HPE Smart Carriers.
•Supported on: HPE ProLiant Rack and Tower servers, HPE BladeSystem, HPE Apollo, HPE
Integrity, and HPE Synergy Compute Modules.

HPE Solid-State Drives

Figure 5-19 HPE SSDs

HPE Solid-State Drives, as shown in Figure 5-19, are ideal for demanding workloads requiring fast
processing—OLTP, Business Intelligence, Big Data analytics, web servers, boot/swap, virtualization, data
warehousing, ERP, and cloud computing.
SSDs offer best IOPs/dollar and low latency: 2.5-inch NVMe SSDs enables faster data access. Additional
benefit is reduced latency and higher performance per server with up to 474,000 IOPs for core enterprise
workloads.

Note
Verify capacities and performance numbers in latest HPE QuickSpecs.
Key features/benefits:
•All SSDs include Digitally Signed Firmware and BIC firmware security features.
•Prevent unexpected data loss with the HPE Smart Carrier featuring a “do not remove” button and
intuitive icons that report drive activity at-a-glance.
•Monitor lifespan of SSD with HPE SmartSSD WearGauge management tools.
•Rigorous testing/qualification program, backed by 3.35 million test hours.
•Broad support: HPE ProLiant rack and tower servers, HPE BladeSystem, HPE Apollo, HPE
Integrity, and HPE Synergy Compute Modules.

HPE Smart Array Controllers


HPE Smart Array Controllers, as shown in Figure 5-20, are ideal for maximizing performance of
enterprise DAS.

Figure 5-20 HPE Smart Array Controller

Key features/benefits:
•Free up a PCIe slot with Mixed Mode for Smart Array Controllers, offering flexibility to use both
HBA and RAID modes simultaneously.
•Increased productivity with New UEFI Configuration Tool that reduces time to configure simple
RAID volumes.
•Save time for newly created RAID 5 or RAID 6 volumes that require parity initialization with
Rapid Parity Initialization (RPI).
•Enhanced protection for data at rest on all SAS/SATA drives and data security to comply with
regulations for sensitive data (such as HIPPA) using HPE Smart Array SR Secure Encryption that
is a FIPS 140-2 Level 1, validated enterprise class controller-based encryption solution.
Note
The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2) is
a US government computer security standard used to approve cryptographic modules. The title
is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001,
and was last updated December 3, 2002. (Wikipedia.org, January 2018)

Gen9 Smart Storage Controller families

Figure 5-21 P-Series Smart Array Controllers

P-Series Smart Array Controllers, as shown in Figure 5-21:


•Smart Array RAID or HBA mode
•Supports FBWC
•Supports 12 G SAS, 6 G SATA
•External SAS just a bunch of disks (JBODs), shared storage or tape drives
•Supports up to 16 SAS lanes

Figure 5-22 H-Series Smart Host Bus Adapters

H-Series Smart Host Bus Adapters, as shown in Figure 5-22:


•HBA or Simple RAID Mode (0, 1, and 5)
•No FBWC Support and limited RAID 5 Performance
•Supports 12 G SAS, 6 G SATA
•External SAS JBODs, shared storage or tape drives
•Supports up to 8 SAS lanes

Figure 5-23 Dynamic Smart Array B140i

B-Series Dynamic Smart Array, as shown in Figure 5-23:


•Driver Based Software RAID (0, 1, and 5)
•No FBWC Support
•Supports 6 G SATA only
•Supports up to (10) 6 G SATA lanes

HPE Smart Array Gen10 Highlights

Figure 5-24 Differences between Gen9 and Gen10 Smart Array Controllers

HPE Smart Array Gen10 controllers offers higher capacities (up to 1 PB comparing to 500 TB in Gen9)
and higher IOPS (1.6 million compared to 930 thousand in Gen9), as illustrated by Figure 5-24. Disk
protocol is identical to Gen9, SAS 3.0, and host interface is also identical, PCIe 3.
Key HPE Smart Array Gen10 controller features include:
•65% more IOPS compared to Gen9 (1.6 M 4 K Random Read IOPS)
•47% less power compared to Gen9
•Mixed Mode (Simultaneous HBA/RAID)
•UEFI RAID Config Tool
•Common x4 Mini-SAS Ports
•Smart Drive Bay (NVMe/SAS/SATA/Dual Flash SSD)
•Shingled Magnetic Recording (SMR) Ready
Gen10 Smart Array portfolio

Figure 5-25 Gen10 comparison of S-Class, E-Class, and P-Class Smart Array controllers

As illustrated by Figure 5-25, Gen10 Smart Array controllers are divided to three different classes:
•S-Class
•E-Class
•P-Class
Smart Array Controllers: Gen9 vs. Gen10

Figure 5-26 Gen9 to Gen10 Smart Array Controller replacements

Figure 5-26 illustrates how the new Gen10 products replace the Gen9 ones:
•Controller class
–P = Performance RAID
–E = Essential RAID (no cache)
–S = Software RAID
•Series
–200 = Lowest cost
–400 = Higher performance, medium cost
–800 = Highest performance, highest cost
•Controller type
–-p = Type-p Plug-in controller
–-a = Type-a modular controller
–-b = Type-b modular controller
–-c = Type-c modular controller
–-m = Mezzanine controller
•Port type
–i = Internal ports
–e = External ports
–ie = Internal and external ports

Gen10 Mixed Smart Array


Figure 5-27 Gen 9 vs. Gen10 RAID and HBA modes

Smart Array controllers in HPE ProLiant Gen9 servers can be used in either RAID or HBA mode. Default
mode is RAID, therefore, changes require a reboot to change. Unconfigured drives are offline in RAID
mode. It is necessary to create a single drive array with a logical drive in RAID0 to see them in the OS in
RAID mode.
As illustrated by Figure 5-27, Smart Array controllers in HPE ProLiant Gen10 servers can be used in
mixed mode, both HBA and RAID. Unconfigured drives are visible as connected to HBA. This solution
is ideal for Hadoop, virtual storage area network (VSAN), or Object Storage scenarios.

RAID configuration through UEFI—Overview


RAID configuration can be done through UEFI preboot environment in Gen10 servers. UEFI System
Utilities is embedded in the system ROM, under the System Configuration option. Select F9 during boot
to access the UEFI System Utilities, and use the menu-based application with the following options
available:
•Array Configuration/Management
•Logical Drive Configuration
•Spare Management
•Disk Utilities
•Advanced Controller Settings
Press the F1 key for Help at any time.
Advantages:
•PCIe device configuration utilities are integrated with the UEFI System Utility menus.
•Only UEFI applications and certified services can operate on the machine, therefore preventing
malware from being introduced into the boot process.
•RAID configuration through UEFI:
–Faster than booting to Intelligent Provisioning and provides a better startup experience
–Offers robust reliability and fault management

HPE Smart Storage Administrator


HPE Smart Storage Administrator can be used for comprehensive configuration and management for of
Smart Storage components, such as Smart Array controllers. UEFI configuration offers only basic
operations.
Key features of the SSA include:
•Array diagnostics
•Support for the HPE SmartSSD Wear Gauge across all storage controllers
•Configuration and management of advanced Smart Storage functionality
•Comprehensive management for Smart Storage products
•Simplified and intuitive interface and functionality
HPE Smart Storage Administrator can be used by customers who need to:
•Manage and configure their RAID technology and arrays
•Deploy and manage advanced features such as SmartCache
•Implement advanced scripting and diagnostic features

Advanced operations in HPE Smart Storage Administrator


Smart Array controllers provide several additional functions:
•Capacity expansion
•Volume/logical drive extension
•RAID-level migration
•Stripe size migration
•Removing physical drive from an array
•Healing an array
•Moving an array

HPE SmartCache

Figure 5-28 HPE SmartCache components

SSDs have much lower latency and higher performance when compared to traditional rotational hard
drives, but the historical prices of these drives have prevented widespread adoption. As solid-state
technology has dropped in price, customers have started investing more into this technology. However,
the prospect of an all-SSD solution is still too big an investment for many customers. SmartCache is the
ideal solution for customers looking to invest in SSD technology at a controlled pace to get the benefits
of lower latency SSDs without moving to all SSDs. Figure 5-28 shows the components in a SmartCache
solution.
SmartCache enables SSDs to be used as caching devices for hard drive media. SmartCache offers the
following benefits:
•Accelerates application performance
•Provides lower latency for transactions in applications
•Supports all operating systems where Smart Array Gen9/Gen10 controllers are supported, without
the need for changes to the operating system, driver, or applications
•Offers a choice of write-through or write-back cache
•Provides seamless integration into a data center
•Increases utilization and provides more efficient usage of investment into ProLiant technology
•Simplifies deployment and management using SSA, the same management and configuration
application used to manage HPE storage arrays
The ideal environment for SmartCache is a ProLiant Gen8, Gen9, or Gen10 server running a read-
intensive workload with repetitive data requests. One example is a database application that frequently
accesses specific files such as page files. That type of data is tagged as hot data and sent over to the SSD
so that the application can read from the faster-performing SSD drive instead of rotational hard drives.
The amount of data tagged as hot data and sent over to the SSD is called the cache hit rate. A cache hit
rate of 80% means that 80% of the workload is being read off the SSD. The higher the cache hit rate, the
better the performance.

HPE Smart Storage Battery


In ProLiant Gen9 and Gen10 servers, a single HPE Smart Storage Battery connected to the system board
provides the backup battery power to all of the Smart Array controllers in the system that use FBWC. As
shown in Figure 5-29, the Smart Storage Battery for ProLiant ML/DL/SL servers is a single lithium-ion
battery pack capable of supporting multiple devices. This battery replaces the individual supercaps used
with each controller in previous systems.

Figure 5-29 HPE Smart Storage Battery

This approach for supporting FBWC has several advantages over the use of individual supercaps. The
Smart Storage Battery delivers more power for backups. Each 96-watt Smart Storage Battery in ML/DL
servers can provide enough power to support backing up the larger cache sizes (4 GB) found in HPE
Smart Array controllers. Backing up 4 GB of cache to the flash modules can take up to one minute, which
is too close to the maximum capabilities of supercaps used with each controller in Gen8 systems. The
Smart Storage Battery can also support up to 24 separate devices in the system.
The Smart Storage Battery also simplifies cabling by delivering its power to the system board using a
single connection. Daughterboard-based Smart Array controllers that use FBWC draw their battery power
directly though their connection to the system board. For P-Series controllers, a single cable from the riser
card to the controller provides connection to the battery.
Figure 5-30 Smart Storage Battery monitoring in iLO

The Smart Storage battery carries a longer life expectancy than earlier solutions. HPE positioned the
battery pack in an area of the server that will keep it at a temperature below 50º Celsius, ultimately
maximizing the lifespan of the Smart Storage Battery. As shown in Figure 5-30, you can monitor the
status of the Smart Storage Battery in iLO.

Note
For more information on the Smart Storage Battery, enter the following URL into your browser
and watch the Coffee Coaching video: https://www.youtube.com/watch?v=wQzu7s-hFU4

HPE Smart Array SR Secure Encryption


Today, good business practices and industry regulations require organizations to protect sensitive and
private information from unauthorized disclosure or theft. HPE Secure Encryption with HPE Enterprise
Secure Key Manager (ESKM) is a simple, controller-based disk data encryption solution that protects
sensitive data at rest onany bulk storage attached to a P-Series controller or Smart HBA H-Series Adapter.
It supports any HDD or SSD in the HPE SmartDrive portfolio for ProLiant Gen8, Gen9, and Gen10
servers or supported storage enclosures. The solution is available for both local and remote key
management deployments.
This helps customers comply with government regulations like the Health Insurance Portability and
Accountability Act of 1996 (HIPAA) and Sarbanes-Oxley Act of 2002, which both have data privacy
requirements.
Local key management provides the simplest approach to implementing Secure Encryption and is
intended for a limited number of servers. Remote key management deployment includes:
•High-availability clustering and failover with Federal Information Processing Standards (FIPS)-
compliant key server appliances that include a separate, secure key database
•Key generation and retrieval services
•Identity and access management for administrators and for data encryption devices
•Secure backup and recovery
•A local certificate authority
•Strong audit logging for compliance validation
The remote key management deployment requires HPE iLO4/iLO5 and HPE ESKM 3.1 or later release.
HPE ESKM provides a complete solution for unifying and automating an organization’s encryption
controls by securely creating, protecting, serving, controlling, and auditing access to business- and
compliance-critical encryption keys. ESKM supports a growing range of HPE server and storage products,
partners, and solutions for data protection. ESKM manages all encryption deployments from just a few
servers to thousands of servers and two million keys per ESKM cluster.

HPE SSD Smart Path


The SSD Smart Path feature included in the Smart Array software stack improves SSD read performance.
As illustrated by Figure 5-31, SSD Smart Path enables an optimized data path to high-performance SSDs.
The optimized path bypasses the controller’s RAID processing components and sends I/O directly to the
drives.

Figure 5-31 Enables an optimized data path to high performance SSDs

With up to 3.5 times better SSD read performance, SSD Smart Path chooses the optimum path to the SSD
and accelerates reads for all RAID levels and RAID 0 writes. SSD Smart Path is ideal for read-intensive
workloads using more than six SSDs and is included with Smart Array P-Series controllers.
Major operating systems are supported by SSD Smart Path.
Ultra-fast HPE Persistent Memory at speed of compute

Figure 5-32 New Gen10 Persistent Memory products

As shown in Figure 5-32, HPE Persistent Memory is divided into two product series: HPE NVDIMMs
and HPE Scalable Persistent Memory. The HPE 8 GB NVDIMM is first NVDIMM developed for a server
platform was introduced in March 2016. The new 16 GB NVDIMM is the second addition to the
NVDIMM product series. Our newest product series is the new groundbreaking HPE Scalable Persistent,
which is available in terabyte capacity up to 1 TB in 2 socket.
HPE Persistent Memory helps enhance your customer’s competitive edge, identify areas to cut costs, and
uncover new ways to drive revenue. HPE broke ground in the industry with a massive Persistent Memory
breakthrough and leads the industry with a server platform offering Persistent Memory in an NVDIMM
form factor.
HPE Persistent Memory provides:
•Breakthrough performance—Unlocking new levels of performance, HPE Persistent Memory is
a game-changer for intensive database and analytic workloads.
•Resilient technology—HPE Persistent Memory delivers reliable technology that keeps business
data safe.
•Software ecosystem—HPE is driving Persistent Memory optimization around performance and
fault-tolerance domains with operating system and application partners.
Database workloads and preferred solutions:
•HPE NVDIMMs
–Smaller database, 100s of GB
–Solves database storage bottlenecks
–Software licensing reduction
–Caching

HPE Scalable Persistent Memory


An integrated storage solution, HPE Scalable Persistent Memory runs at memory speeds with terabyte
capacity using resilient technology currently deployed in data centers. It includes a DRAM layer to
accelerate applications, a dedicated flash tier for persistency, and backup power to facilitate moving data
from DRAM to Flash. HPE Scalable Persistent Memory enables larger in-memory compute with
persistence—up to 27x faster checkpoints operations and a 20x database restart time reduction (compared
to traditional storage technologies). HPE Gen10 servers are the only servers in the world to offer Scalable
Persistent Memory. Ideal use cases include:
•Large databases with terabytes of data
•Large in-memory compute
•Checkpoints and restores
•Hybrid transaction/analytical processing (HTAP)—real time analytics
•Large databases
•VSAN and storage spaces direct
•Big Data, service providers, performance tier, and virtualizations

HPE Scalable Persistent Memory use cases

Figure 5-33 Use cases for HPE Scalable Persistent Memory

Some use cases for HPE Scalable Persistent Memory are illustrated by Figure 5-33:
•Reducing database storage bottlenecks. Database performance can be vastly improved using
low-latency DRAM to reduce or eliminate storage bottlenecks in lieu of using higher-latency block
storage devices.
Many databases have separate operations for the transactional portion of the database and the
analytics portions that use data tables from the transactional portion. Customers can utilize TB-
scale HPE Scalable Persistent Memory to enable real-time analytics—known as HTAP—where
they do the transactions and analytics simultaneously.
•Software-defined storage implementations can also benefit from HPE Scalable Persistent
Memory. From commercial applications such as FlashSoft or AutoCache to HPE StoreVirtual VSA
and Microsoft Storage Spaces, HPE Scalable Persistent Memory can be used to eliminate storage
bottlenecks in those implementations as well as be used as a fast caching tier.
•Restores using HPE Scalable Persistent Memory can also be a source of latency as you restore
from HDDs or SSDs. When you restore from HPE Scalable Persistent Memory, you are restoring
from DRAM with nanoseconds of latency on the memory bus.
Anywhere your customers have storage bottlenecks today, where they are writing to block storage devices
and are using a layer of Persistent Memory in place, they can see huge benefits.

Note
These are just a few of the many use cases for HPE Scalable Persistent Memory. Enter the
following URL into your browser for the latest technical papers on emerging use cases.
http://www.hpe.com/info/persistentmemory
Checkpoint-Restore performance

Figure 5-34 Significant speedup of checkpointing with Persistent Memory

The concept of checkpointing is when an application is running in-memory and data in-flight needs to be
periodically checkpointed to nonvolatile media like HDDs or SSDs. This operation typically is a
bottleneck for an application and can impact application performance. What if you did that checkpoint to
HPE Scalable Persistent Memory—using DRAM on the nanosecond latency memory bus?
In the example shown in Figure 5-34, we took a Docker container and ran MySQL. We did both
checkpoint operations as well as restore operations comparing three technologies: HDDs, SSDs, and HPE
Scalable Persistent Memory. What we found is HPE Scalable Persistent Memory outperformed HDDs by
27x and SSDs by 3x during checkpoint operations. In this case, we reduced the latency significantly which
helped overall application performance and response time—especially during checkpoint operations.
From a restore perspective, HPE Scalable Persistent Memory was 13x faster than HDDs and 5x faster
than SSDs.
In this specific example, we used MySQL using a Docker container. But this use case has broad
implications across both commercial and proprietary software as most of these types of applications
periodically checkpoint to non-volatile media to create restore points. With HPE Scalable Persistent
Memory, your customers can dramatically reduce their overall latency and improve their application
performance compared to using higher-latency block storage devices using spinning or flash-based media.
MySQL performance with Checkpoint

Figure 5-35 Significant reduction of performance impact with Persistent Memory

The graph in Figure 5-35 tells a better story of checkpointing. The lowest dips that you see here, is when
the application checkpoints. In this example, when the hard drive checkpoints the application, throughput
basically drops to zero TPS. The SSDs checkpoint performance is better than HDDs (middle dipping line)
but still sees dramatic impacts to TPS in the application. With HPE Scalable Persistent Memory, notice
how the overall performance stays relatively predictable even during checkpoint operations. This is a
bottleneck that many customers do not even realize they have today. With HPE Scalable Persistent
Memory, your customers can dramatically improve their overall performance during checkpoint
operations for virtually any application in their data center.
Faster restores with HPE Scalable Persistent Memory

Figure 5-36 HPE Scalable Persistent Memory: Up to 20x reduction in restore time

HPE Scalable Persistent Memory is also an excellent solution for faster restores. The reality is that
applications sometimes do go down, and the ability to get back up and running is key.
In the example in Figure 5-36, we have a 200 GB Microsoft SQL Server Hekaton in-memory database
operating at about 500,0000 TPS. That is 30 million transactions in one minute. So you can imagine how
important it is to get this workload back up and running. HPE restored using SSDs in a respectable 20
minutes. Then we restored using HPE Scalable Persistent Memory and it went from 20 minutes to 45
seconds. That is an over 20x improvement in restore time.
HPE Scalable Persistent Memory can help your customers get their business back up and running with
low-latency DRAM performance.

Hardware and OS requirements


The following requirements needs to be fulfilled to use Scalable Persistent Memory:
•Supported HPE Gen10 server
–ProLiant DL380, other servers to follow later
–All CPU sockets must be populated
–NVMe enablement kit (backplane and riser) required
•HPE SmartMemory DIMMs—128 GB DIMMs are not supported
•Supported HPE NVMe SSDs
–HP 400 GB NVMe PCIe RI SFF SC2 SSD (764904-B21)
–HP 800 GB NVMe PCIe WI SFF SC2 SSD (835955-B21)
•HPE Scalable Persistent Memory 800W Flex Slot PSU and 400W BBU 2-pack kit
–1 kit required for DL380
•Linux Support—only specific versions of RHEL and SLES
–Red Hat Enterprise Linux
–SUSE SLES
•Microsoft Windows Support
–Windows Server 2016
–Windows Server 2012 R2 (requires HPE drivers)
•Software that works with HPE 8 GB NVDIMMs should work with Scalable Persistent Memory
logical NVDIMMs

Important
Always verify QuickSpecs and latest white papers to verify hardware and software
requirements for Scalable Persistent Memory. These can change without notice. Some features
will be available in future.

BIOS/Platform Configuration (RBSU)

Figure 5-37 Memory options in RBSU

Memory options can be configured in BIOS/Platform Configuration (RBSU), as shown in Figure 5-37,
accessible from UEFI System Utilities on Gen10 ProLiant servers.

Activity: HPE Persistent Memory


Watch the HPE Persistent Memory video and take notes about the types of workloads that Persistent
Memory is designed to benefit.

Note
To view this video, enter the following URL into your browser and open the hyperlink for
documentation. https://www.hpe.com/us/en/servers/persistent-memory.html
Activity debrief
Answer the following questions:
1.In addition to databases and analytics, can you think of other workloads that would benefit from
Persistent Memory?

2.Do you have any customers with these types of workloads? How would you explain to these
customers how Persistent Memory would benefit them?

Activity: Cost and performance benefits of deploying MS SQL on


Persistent Memory
Download the “Cost and performance benefits of deploying MS SQL on Persistent Memory” whitepaper.

Note
To download the whitepaper, enter the following URL into your browser:
https://h20195.www2.hpe.com/V2/getpdf.aspx/a00006977enw.pdf

Answer the following questions:


1.What are the best practices BIOS settings and configuration guidance for the SQL Server
databases using HPE NVDIMMs?

2.What are the Physical NVDIMM configuration best practices for the SQL Server databases using
HPE NVDIMMs?

Activity: Choosing a storage technology to fit a workload


Consider the following case study that represents challenges faced by many companies. To complete this
activity, read the case study and answer the questions that follow.
Customer profile
Derwent Ltd. manufactures and distributes components for the automotive industry. Their compute
environment consists of HPE ProLiant DL360 Gen9 and HPE ProLiant DL380 Gen10 servers with
internal HDD storage. To achieve acceptable levels of performance from their core business applications,
they have had to overprovision the storage. They are now running into capacity and performance
limitations. They use many applications to support their business, and the two mission-critical applications
that need immediate attention are:
•OLTP for product and order management
•Web-based distribution management system (web servers)
The general manager Jim McDonald has expressed the need to improve performance and address the
capacity limitations of the existing storage solution. He wants to reduce power consumption and has asked
for your advice. His immediate need is to refresh the internal storage, and in the near future, he wants to
investigate an entry-level, low-cost, easy-to-manage shared storage solution so that storage can be
consolidated. There is no Fibre Channel network in place, and Jim considers that to install and manage a
Fibre Channel solution would be outside of the company’s budget and skill levels.

Questions
Use the information at these websites to answer the following questions:
https://www.hpe.com/h20195/v2/getpdf.aspx/a00001288enw.pdf
• https://www.hpe.com/h20195/v2/getpdf.aspx/4AA3-0132ENW.pdf
• https://www.hpe.com/uk/en/storage/entry-level.html
• https://www.hpe.com/us/en/servers/server-storage.html
1.Which devices would you recommend for the OLTP systems, and why did you choose these?
What is the approximate guideline cost per device?

2.Which devices would you recommend for the web servers, and why did you choose these? What
is the approximate guideline cost per device?

3.Which shared storage solution would you recommend, and why did you choose it?

Activity debrief
1.Do you have any customers with these types of challenges? How would you explain to these
customers how a shared storage system would benefit them?

2.Do you have any questions about this storage solution and how it fits the needs of this customer?

Learning check
3.Match the controller family with available RAID levels

Memory for ProLiant servers


IT trends such as server virtualization, cloud computing, and high-performance computing are placing
significant demands on server memory speed, capacity, and availability. An IT system’s reliability,
performance, and overall power consumption drive companies toward business outcomes. Choosing the
right memory is crucial to ensuring high reliability and delivering a faster return on IT investment.
Many businesses need a faster tier of technology to help them deal with current real-world issues such as
Big Data, analytics and search workloads, medical sciences such as human genome mapping, and financial
data analysis. Traditional data storage technologies are being augmented by new innovations in the
hierarchy of data storage.
Comparing RDIMMs and LRDIMMs

Figure 5-38 Comparing RDIMMs and LRDIMMs

Figure 5-38 compares RDIMMs and LRDIMMs. RDIMMs improve signal integrity by having a register
on the DIMM to buffer the address and command signals between the DRAMs and the memory controller.
This allows each memory channel to support up to three dual-rank DIMMs, increasing the amount of
memory that a server can support. With RDIMMs, the partial buffering slightly increases both power
consumption and memory latency.
LRDIMMs use memory buffers to consolidate the electrical loads of the ranks on the LRDIMM to a single
electrical load, allowing them to have up to eight ranks on a single DIMM module. The LRDIMM memory
buffer reduces the electrical load to the memory controller and allows higher capacity memory to run at
three DIMMs per channel. Using LRDIMMs, you can configure systems with the largest possible
memory.
LRDIMMs also use more power and have longer latencies compared to the lower capacity RDIMMs.
Similar to RDIMMs, LRDIMMs buffer the address and control signals. Unlike RDIMMs, LRDIMMs also
buffer the data lines. In RDIMMs, data signals are driven by a controller-limiting performance. Not only
do LRDIMMs improve performance, but they also reduce problems associated with heat and power
dissipation.
The LRDIMM memory buffer reduces the electrical load to the memory controller and allows higher
capacity memory to run at three DIMMs per channel. LRDIMM is ideal for customers who require the
maximum memory capacity.

Note
There is a trade-off between the advantages of Persistent Memory and total RAM size, as a
result of some of the physical space on the memory module being taken up by SSD, rather than
RAM.

Note
Although unbuffered DIMMs (UDIMMs) are defined for the DDR4 standard, they no longer
offer any performance advantage (in terms of lower latencies) over RDIMMs and LRDIMMs.
DDR4 SmartMemory
SmartMemory verifies whether DIMMs have passed the HPE qualification and testing processes and
determines if the memory has been optimized to run on ProLiant Gen9 and Gen10 servers. Key technology
enhancements offered by DDR4 include:
•Increased bandwidth—DDR4 SmartMemory provides up to 2666 MT/s better data rate. The
DDR4 specification defines eventual data rates of up to 3200 MT/s, more than 70% faster than the
1866 MT/s of DDR3 memory speed.
•1.2-volt operation—All DDR4 memory operates at 1.2 volts, compared to 1.35 or 1.5 volts for
DDR3 memory. This delivers significant system power savings, particularly in larger memory
configurations.
•16 banks of memory per rank—Internally, the DRAMs used in DIMMs are organized into arrays
of cells defined by banks, rows, and columns. DDR4 memory has 16 banks of memory in a DRAM
chip compared to the eight banks in DDR3. This allows an increased number of memory requests
that can be queued by the memory controller. It is one of the contributors to the lower latency of
DDR4 memory.
•Encoded Rank Selection—DDR4 eliminates the work-around known as rank multiplication that
DDR3 employed to enable four ranks of memory on LRDIMMs using the traditional chip select
lines. When there are eight or fewer total ranks installed on a memory channel, DDR4 uses the
direct chip select mode to address the correct rank. When more than eight ranks are installed, DDR4
uses a 4-bit encoded chip select value for rank selection. This encoded value is interpreted by the
registers on the DIMMs to determine the correct rank to enable for the memory operation. This new
encoded chip select scheme allows DDR4 memory to address up to 24 memory ranks on a memory
channel.
•Retry on error—DDR4 memory and new memory controllers will retry a memory request
whenever a memory error or address parity error occurs. This reduces the number of system halts
that may have occurred due to transient errors in previous generations of memory subsystems.

Note
DDR4 and DDR3 memory are not interchangeable.

HPE Advanced Memory Error Detection


As memory capacities increase, increases in memory errors are unavoidable. Fortunately, most memory
errors are both transient and correctable. Current memory subsystems can correct up to a 4-bit memory
error in the 64 bits of data that are transferred in each memory cycle.
Instead of simply counting each correctable memory error, HPE Advanced Memory Error Detection
analyzes all correctable errors to determine which ones are likely to lead to uncorrectable errors in the
future. This approach is able to better monitor the memory subsystem and increase the effectiveness of
the Pre-Failure Alert notification. All ProLiant Gen9 and Gen10 servers feature Advanced Memory Error
Detection.
Gen9 vs. Gen10 memory

Figure 5-39 Gen9 memory

Characteristics of HPE ProLiant Gen9 servers’ memory subsystem are illustrated by Figure 5-39:
•4 memory channels per CPU
•Up to three slots per channel on some systems
•Max memory throughput is 2400 MT/s
•RDIMM, LRDIMM, LRDIMM 3D TSV, and NVDIMM-N
•Support of PC4-2133/PC4-2400

Figure 5-40 Gen10 memory

Characteristics of HPE ProLiant Gen10 servers’ memory subsystem are illustrated by Figure 5-40:
•6 memory channels per CPU
•Up to 2 slots per channel
•Max memory throughput is 2666 MT/s
•RDIMM, LRDIMM, LRDIMM 3D TSV, and NVDIMM-N
•Support of PC4-2666 (no support of PC4-2133/ PC4-2400)

Learning check
4.Memory controllers in HPE Gen10 ProLiant servers support up to four memory channels per
CPU.
True
False

Networking features of ProLiant servers


The combination of ProLiant servers and HPE server networking brings new levels of network
performance, reliability, and efficiency in the data center:
•Performance—Engineered to improve networking bandwidth and lower latency across the HPE
server networking portfolio
•Reliability—Rigorous qualification and testing that eliminates down time and works seamlessly
with HPE servers
•Efficiency—Workload optimized with HPE software defined features, from virtualization to
network partitioning to meet application requirements

Advanced networking technologies in ProLiant servers and use cases


•RDMA over Converged Ethernet (RoCE)—Useful in use cases such as cloud computing, data
storage (Microsoft SMB Direct), Microsoft SQL, Oracle RAC, Financial services, and Big Data
(Hadoop, memcached)
•FCoE—Converged network and storage traffic
•NVGRE/VXLAN
–Network overlays for increased amount of separated Layer 2 segments
–Cloud providers, data center consolidation
•Data Plane Development Kit (DPDK)
–Linux environments requiring fast packet processing
–OpenStack, network function virtualization
What is RDMA?

Figure 5-41 RDMA architecture

The latest networking technologies can help businesses boost reliability and productivity, eliminate silos
and complexity, and provide better services faster. HPE advancements in networking technologies can
address typical data center and server challenges.
Windows Server 2012 R2 and later include SMB Direct and support the use of network adapters that have
RDMA capability. RDMA network adapters can function at full speed with very low latency and use very
little CPU, as shown in Figure 5-41. For workloads such as Microsoft Hyper-V or SQL Server, this enables
a remote file server to resemble local storage. SMB Direct provides:
•Increased throughput—Leverages the full throughput of high-speed networks where the network
adapters coordinate the transfer of large amounts of data at line speed
•Low latency—Provides extremely fast responses to network requests, and as a result, makes
remote file storage assume that it directly attached block storage
•Low CPU utilization—Uses fewer CPU cycles when transferring data over the network, which
leaves more power available to server applications
RDMA and RoCE

Figure 5-42 InfiniBand, RoCE and TCP/IP stacks comparison

RDMA allows data to move between application memory in different servers without any CPU
involvement. RDMA over Converged Ethernet (RoCE) provides this data transfer with very low latencies
on lossless Ethernet networks and is ideal for live migration and Microsoft SMB Direct environments.
RoCE is an accelerated I/O delivery mechanism that allows data to be transferred directly from the
memory of the source server to the memory of the destination server, bypassing the operating system
kernel. RoCE benefits from improved I/O performance and improved application CPU efficiency when
compared to TCP/IP, as illustrated by Figure 5-42.
Data center bridging (DCB) is a set of IEEE standards that create a lossless fabric on top of Ethernet.
RDMA works best when the underlying wires implement a lossless fabric. DCB requires switches and
NICs to implement important IEEE specs.
Increase virtualization performance with RoCE

Figure 5-43 Reduce overall latency to deliver accelerated performance over Ethernet

Application and user growth are impacting network traffic and driving increased virtual machine (VM)
deployment, straining system I/O and CPU resources. Customers need agile and efficient infrastructure to
maximize use of virtualized workloads throughout their lifecycle.
Converged LAN and SAN can provide cost savings in infrastructure and simplified management.
However, low latency and higher efficiency are extremely important and need further improvement in
clustered, grid, and utility computing. Every microsecond delay in data transfer, algorithmic execution,
or transaction derivation can result in millions of dollars in losses. RoCE reduces CPU utilization and
helps maximize host VM density and server efficiency.
With RoCE, the RDMA data transfer is performed by the direct memory access engine on the adapter’s
network processor, as illustrated by Figure 5-43. This means the CPU is not used for the data movement,
freeing it to perform other tasks such has hosting more virtual workloads (increased VM density).
Workloads that would benefit from more CPU processing power include data mining and computational
databases.
RDMA also bypasses the host TCP/IP stack in favor of upper-layer InfiniBand protocols implemented in
the adapter’s network processor. Bypassing the TCP/IP stack and removing a data copy step reduce overall
latency to deliver accelerated performance for applications such as Hyper-V Live Migration, Microsoft
SQL, and Microsoft SharePoint with SMB Direct. For example, Hyper-V Live Migration is much faster
using SMB Direct with RoCE than using TCP/IP. Additional workloads that would benefit from low-
latency include clusters with app-to-app RDMA transfers from one node to another.
RoCE is a key feature of some server network cards and converted network adapters, such HPE FlexFabric
556 (for HPE rack servers) and FlexFabric 650 series (for HPE server blades) adapters. The adapters
provide tunnel offload for efficient overlay networking to increase VM migration flexibility and network
scale with minimal impact to server performance.
Activity: RoCE design guide
Download the RDMA over Converged Ethernet (RoCE) design guide.

Note
To download the design guide, enter the following URL into your browser:
https://www.hpe.com/h20195/v2/getpdf.aspx/a00007858enw.pdf?ver=1.0

Answer the following questions:


1.What are the main transport types for transporting RDMA over network?

2.What are the typical RoCE use cases?

3.What is the purpose of Quantized Congestion Notification (QCN)?

What are overlay networks?

Figure 5-44 Traditional vs. overlay networks

The evolution to cloud data centers requires deployment at scale of tens of thousands of secure, private
networks for tenants. Traditional technologies limit these data centers in the areas of speed, scalability,
and manageability of application deployments. As illustrated by Figure 5-44, current virtual LAN (VLAN)
technology is limited to 4096 VLAN IDs, allowing for a very small number of isolated private networks.
Two overlay networking technologies address these challenges: NVGRE (which is supported by
Microsoft) and VXLAN (which is supported by VMware). A network overlay is a virtual network that
runs independently on top of another one. Interconnected nodes share an underlying physical network,
allowing applications that require specific network topologies to be deployed without needing to modify
the underlying network.
In both NVGRE and VXLAN, a virtual Layer 2 overlay network (tunnel) is automatically created on top
of a Layer 3 network. VM-to-VM communications traffic traverses this virtual network, and a VM can
now be freely migrated across the data center over an overlay network without reconfiguration, saving
time.
Overlay networks can be used in data centers to support the following use cases:
•Multitenancy at scale—Provide scalable Layer 2 networks for a multitenant cloud that extends
beyond current limitations. VXLAN uses an identifier that is 24 bits long, compared to the 12-bit
VLAN ID that provides for only 4094 usable segments. As a result, potentially more than 16 million
VXLAN segments can be used to support network segmentation at the scale required by cloud
builders with large numbers of tenants.
•Simplified traffic management—Shift the network complexity from the physical network to the
overlay network with software and provide network resources from a single management point
without changing the physical network.
•Hybrid cloud capabilities—Incorporate bare-metal servers anywhere and move the workload as
needed, with public and private cloud working in sync.

Boost server efficiency for overlay networking

Figure 5-45 Increase VM security and network scale with minimal impact on performance

Overlay network tunneling technologies (VXLAN and NVGRE) help address the issues of traditional
Layer 2 networks. However, these technologies can significantly impact performance of data center
compute resources. More specifically, they cause significant increases of CPU utilization, reduction in
network throughput, and more power consumption.
Note
Inserting the VXLAN/NVGRE header on an Ethernet frame, as well as calculating the new
checksum value, creates a tremendous burden on throughput, host CPU utilization, and power
consumption. This limits the number of VMs per physical server platform.

The FlexFabric 556 series (for ProLiant ML and DL servers) and FlexFabric 650 series (for ProLiant BL
servers) adapters minimize the impact of overlay networking on host performance with tunnel offload
support for VXLAN and NVGRE. As illustrated by Figure 5-45, by offloading packet processing to
adapters, customers can use overlay networking to increase VM migration flexibility and network scale
with minimal impact to performance. Tunnel offloading increases I/O throughput up to 129%, reduces
CPU utilization up to 46%, and lowers power consumption up to 122%. These adapters are the first in the
industry to support VXLAN, NVGRE, and RoCE.

HPE Virtual Connect and flex adapter hardware

Figure 5-46 1x20 Gb adapter equals 1x10 Gb adapter +1x8 Gb HBA + extra 2 Gb

HPE 20 GB FlexFabric for BladeSystems (Figure 5-46) and converged network adapters (CNAs) for
Synergy remove the 10 GB bandwidth restrictions imposed by previous generations of adapters. HPE
delivers native 20 Gb performance per port or aggregate 40 Gb performance in a dual-port adapter.
Industry-available solutions deliver performance through aggregate or multiple 1/10 Gb ports on single
or multiple adapters in a teamed fashion. HPE adapters stream converged 10 GbE and 8 Gb storage
simultaneously over a 20 Gb port.
Previously, 10 Gb FlexNIC (CNA) implementations were limited to partitioning 10 Gb into one 8/4 Gb
Fibre Channel and multiple GbE physical functions or as a single 10 GbE (no Fibre Channel or bandwidth
for other physical functions). Additionally, 20 Gb ports can be partitioned into a full-rate 10 Gb Ethernet
and a full-rate 8 Gb FCoE, with increased additional bandwidth remaining for other functions, provisioned
in 100 Mbps increments.
Secure networking flexibility at the speed of compute

Figure 5-47 HPE Network adapters

NICs, or Network Adapters for HPE server options, are divided into three product series, as shown in
Figure 5-47:
•Standard—Enables a cost-effective Ethernet solution to your customer’s everyday applications.
The Economic Scalability of these adapters feature functionality like Single Root I/O virtualization
(SR-IOV) for increased performance via direct access to hardware from a virtual environment.
Network Partitioning (NPAR) enables users to “right size” data paths.
The series offers two and four port choices and a broad selection of features at the lowest power
and cost per port. The SR-IOV feature enables basic virtualization for expanding network fabric
and increasing performance.
•Advanced—Simplifies network and storage topology to build the new hybrid server infrastructure
using the CNA FlexFabric technology. The Configurable Flexibility of these adapters reduces the
number of network interface cards required to connect disparate storage and IP networks, reduces
the number of cables and switches, and reduces power and cooling costs.
One of the Advanced Series features is FCoE, which reduces the hardware complexity required
connect to disparate storage and IP networks by 50% or more. It also eliminates network sprawl at
the server edge and saves up to 47% on upstream Top of Rack (ToR) switch cable connection.
•Performance—Delivers higher bandwidth at a lower latency. Expressly Fast adapters can
maximize packet throughput and workload performance with the DPDK.
All of HPE Network Adapter Options are based on IEEE networking standard Ethernet protocols to ensure
industry standard compatibility and are easy to configure on the PCIe bus, or as a FlexLOM form factor.
HPE is only vendor with a 25/100 GbE end-end branded solution (ToR switch, transceiver, cable and
NIC). Based on a TCO analysis done in May 2016, a 25 GbE enabled server in 25/100 GbE solution gives
you 27% lower TCO, 31% power reduction, and 30% less cabling, when compared to a 10/40 GbE
System.

Note
For more information on HPE server networking, enter the following URL into your browser
and watch this video. You might need to scroll down to find the video.
https://www.hpe.com/us/en/product-catalog/servers/server-adapters.hits-12.html

Learning check
6.Match the technology with typical use case.
HPE rack and power
Flexible and robust infrastructure solutions—the HPE Data Center Infrastructure family includes a wide
range of small and medium business (SMB) to enterprise products:
•Racks and rack accessories
•Keyboard, video, mouse (KVM) switch/consoles
•Power distribution units (PDU)
•Uninterruptable power systems (UPS)

G2 rack product portfolio

Figure 5-48 Flexible and robust infrastructure solutions

As shown in Figure 5-48, G2 rack portfolio includes two lines: Advanced and Enterprise.
G2 Advanced Racks are suitable for any load from a server room to a data center:
•Midrange to small enterprise
•Entry-level blade/Density optimized
•Enhanced rack configuration
G2 Enterprise Racks are primarily targeted to enterprise data centers:
•Density optimized HPC
•Enhanced rack configuration
•Enhanced weight capacity

HPE G2 Advanced Rack Series


HPE G2 Advanced Rack Series are ideal for midrange to small enterprise rack environments, entry-level
up to blade/density optimized computing, server rooms to data centers.
HPE G2 Advanced Series Racks are designed for low-to-medium density IT configurations deployed in
a diverse set of environments—from the data closet to the data center. Following EIA-310 specifications
for 19-inch racks, G2 Advanced Racks are designed specifically to support a wide range of HPE IT
equipment (servers, storage, and networking), as well as the entire portfolio HPE Rack and Power
Infrastructure solutions (PDU, UPS, and KVM).
All HPE G2 Advanced Series Racks are supported with a 10-year limited warranty that provides either
repair or complete replacement of the rack. Offering this industry-leading warranty requires a highly
reliable and durable design that includes features such as a fully-welded, roll-form rack design, heavy-
gauge rails, and heavy-duty castors that can support a static load of up to 3000 lbs. Additionally, select
shock pallet models include packaging specifically designed to support the shipment of preconfigured
racks with up to 2250 lbs. of IT equipment.
The G2 Advanced Series Rack portfolio includes a wide range of rack models covering a variety of
heights, widths, and depths. To simplify purchasing and installation, all rack models include locking side
panels and baying kits. Additionally, HPE offers a large portfolio of rack accessories that support airflow
management, cable management, and added rack stability.
Key features/benefits of HPE G2 Advanced Rack Series:
•Supports higher-density computing using enhanced airflow and thermal management
•Flexible configuration installations with enhanced flexible cable management
•Enhanced security using advanced electronic and biometric lock security solutions
•Put power where you need it in the rack with Flexible PDU mounting options
•Flexible options—22U, 36U, 42U, and 48U options; 600 and 800 mm wide, 1075 and 1200 mm
deep
•HPE warranty—10 years

G2 Power Distribution product portfolio

Figure 5-49 G2 Power Distribution product portfolio

HPE PDUs provide power to multiple objects from a single source, as shown in Figure 5-49. In a rack,
the PDU distributes power to the servers, storage units, and other peripherals.
PDU systems:
•Address issues of power distribution to components within the computer cabinet.
•Reduce the number of power cables coming into the cabinet.
•Provide a level of power protection through a series of circuit breakers.

Note
Enter the following URL into your browser for more information on the HPE power distribution
unit (PDU) portfolio. https://www.hpe.com/us/en/product-catalog/servers/power-
distribution-units.hits-12.html

G2 Power Distribution Unit portfolio include four types of products:


•G2 Standard—Noncritical / SMB (G2 Basic Models)
–High-operating temperatures up to 60o C
–IEC Locking Power Cord Support
–Flexible Mounting Options including True 0U configurations
–Optional dual-locking power cords
–No metering or switching
–Up to 48 Outlets
•G2 Advanced—Server room to data center (G2 Switched and G2 Metered Models)
–Metered and switched models
–Load segment metering (Metered models) and outlet switching (Switched Models)
–High-operating temperatures up to 60° C
–IEC Locking Power Cord Support
–Flexible mounting options including True 0U configurations
–1 GB Ethernet, Up to 48 Outlets
–Single Phase only (Switched models)
•G2 Enterprise—Enterprise data centers (G2 Metered and Switched Models, Intelligent Models)
–Outlet metering and outlet switching
–High-operating temperatures up to 60° C
–IEC Locking Power Cord Support
–Flexible mounting options including True 0U configurations
–1 GB Ethernet, Up to 48 Outlets
•iPDU—iPDU is a power distribution unit with full remote outlet control, outlet-by-outlet power
tracking, and automated documentation of power configuration.

HPE iPDUs

Figure 5-50 HPE Intelligent Power Distribution Unit (iPDU)

The key element of Power Discovery Services is the iPDU, shown in Figure 5-50, which is a PDU with
full remote outlet control, outlet-by-outlet power tracking, and automated documentation of power
configuration. HPE iPDUs track outlet power usage at 99% accuracy, showing system-by-system power
usage and available power. The iPDU records server ID information by outlet and forward this
information to HPE Insight Control, saving hours of manual spreadsheet data-entry time and eliminating
human wiring and documentation errors.
When combined with the HPE line of platinum-level high-efficiency power supplies, the iPDU actually
communicates with the attached servers to collect asset information for the automatic mapping of the
power topology inside a rack. This capability greatly reduces the risk of human errors that can cause power
outages.
Using the popular core-and-stick architecture of the HPE modular PDU line, the iPDU monitors power
consumption at the core, load segment, stick, and outlet level, with unmatched precision and accuracy.
Remote management is built into the PDU core for power cycle ability of individual outlet on the
extension bars and high-precision monitoring of current, voltage, wattage, and power that is 99% accurate
across the C19 outlets.
The iPDU can help users track and control power other PDUs cannot monitor. Information is gathered
from all monitoring points at half-second intervals to ensure the highest precision. The iPDU can detect a
new server even before it is powered on.
An iPDU is ideal for enterprise customers who want to speed power configuration, improve monitoring
to reclaim stranded power, and extend data center life. An iPDU enables you to:
•Determine the exact power consumption for every component in the rack with less than 1%
variation in accuracy
•Monitor and control outlets individually for the ultimate control of power distribution within the
rack
•Save valuable space in the rack with dense rack-mountable form factors
HPE iPDUs have a patented modular architecture that improves their flexibility. This building block
concept consists of two main parts: the iPDU core unit and extension bars. The iPDUs ship with one core
unit, the mountable LED display, and mounting hardware. The six-outlet core unit is zero-U or 1U rack
mountable. The 12-outlet core unit is 2U rack-mountable.
This architecture:
•Communicates with the attached servers to collect asset information for the automatic mapping of
the power topology inside a rack
•Speeds implementation time
•Greatly reduces the risk of human errors that can cause power outages
HPE Uninterruptible Power Systems

Figure 5-51 HPE Uninterruptible Power Systems (UPS)

HPE UPSs, shown in Figure 5-51, are supported on ProLiant Gen9 and Gen10 servers. They provide high-
efficiency power protection for all environments—from workstation to data center.
Features include:
•Agility
–Highest wattage per U space saves valuable room in the rack
–True sine wave output protects valuable equipment
•Efficiency
–More than 97% efficiency prevents wasted power
–Enhanced battery management (EBM) yields up to two times the usable battery life
–Hot-swappable batteries save time
•Reliability
–There is a standard three-year warranty, even on the batteries
–Prefailure battery notification prevents outages

HPE ProLiant power supplies


The ProLiant power supplies for Gen9 and Gen10 are smaller by volume than the supplies of previous
server generations. The large reduction in volume and improvement in power density provide more server
power in a smaller space, enabling the HPE server design teams to add more internal devices.
HPE Flexible Slot (Flex Slot) Power Supplies share a common electrical and physical design that allows
for hot-plug, tool-less installation into ProLiant servers. Flex Slot Power Supplies are rated for Platinum-
level certification with efficiency of up to 94% and Titanium-level certification with efficiency of up to
96%. Support for Power Discovery Services, through embedded power line communication (PLC)
technology, is available with the 800W Titanium and 1400W Platinum Plus models. This feature enables
each server to communicate identification, location, and power-related data to the iPDU in the rack; this
information can then be shared with HPE Insight Control to manage power usage and efficiency in the
data center.
These power supplies support the HPE portfolio of AC, DC, and high voltage (HVAC/HVDC) power
supply options. Flex Slot Power Supplies are certified for high-efficiency operation and offer multiple
power output options, allowing users to "right-size" a power supply for specific server configurations.
They support both low-line and high-line AC input voltages providing additional flexibility to operate in
multiple IT environments (500W and 800W Platinum only). Input voltages of –48VDC, 277VAC, and
380VDC are also available. This flexibility helps to reduce power waste, lower overall energy costs, and
avoid "trapped" power capacity in the data center.

Secure data with Power Supply/Battery backup combo

Figure 5-52 HPE 800W Flex Slot Power Supply

The HPE 800W Flex Slot Platinum Plus Hot Plug Low Halogen Power Supply Kit, shown in Figure 5-
52, is ideal for core enterprise, HPC, and Big Data customers looking for higher availability of nodes, and
data centers seeking new infrastructure designs for greater efficiency vis-à-vis new HVDC.
The power supply kit secures data with:
•New 800W Flex Slot power supply
•New 400W Lithium Ion battery backup for Persistent Memory
Key features/benefits:
•Enables Scalable Persistent Memory Solution with Power Supply/Battery Backup
•Compatible with HPE ProLiant Gen10 rack and tower servers, HPE Apollo servers
•Up to 94% efficiency with 80PLUS Platinum Certification
•Hot swappable
New HPE Power Supply pushing the bounds of physics

Figure 5-53 HPE Scalable Persistent Memory 1800W Flex Slot PSU

The HPE 1800W Flex Slot Platinum Power Supply, shown in Figure 5-53, is ideal for today’s modern
enterprise data centers requiring higher power capacity. The new 1800W Flex Slot power supply brings a
greater than 10% increase in power capacity versus the prior generation (1600 W) in the same form factor.
Key features/benefits:
•Compatible with HPE ProLiant Gen10 rack and tower servers, HPE Apollo servers
•Up to 96% efficiency with 80PLUS Platinum Certification
•Hot swappable

Power and cooling features of ProLiant servers


Customers who are building new data center facilities or upgrading existing facilities must be aware of
the constantly changing power and cooling requirements of computer hardware. To keep pace with the
growing demands for power and cooling, base data center infrastructure designs should consider the most
current practices. Power distribution practices that support older equipment do not deliver the power
density necessary for the newest enterprise IT equipment.
Recently, commissioned data centers were designed for 50 W to 75 W per square foot (500 W–750 W per
square meter), but loads are reaching 150 W to 200 W per square foot (1500 W to 2000 W per square
meter). Design criteria based on average wattage per square foot (or square meter) and British Thermal
Units per hour (BTU/hr) assumed that power and cooling requirements were equal across the entire data
center. Data centers are populated by racks of scalable computing systems that require enormous amounts
of electricity and produce tremendous amounts of heat. Average (per unit area) design criteria do not
encompass the specific power and cooling requirements of high-density solutions. Consequently, data
centers can no longer be designed by using average wattage and BTU criteria.
Additionally, cooling patterns that support older equipment styles are not compatible with the most current
enterprise IT equipment. Although the actual power and heat densities that customers should plan for
depend on the equipment specification and IT strategy and hardware adoption rates, HPE best practices
maximize effectiveness in high-density data centers.
Thermal management
For HPE servers, managing thermal output is an internal and external process. Internally, HPE server fans
draw cool air over the heated components. HPE engineers carefully consider airflow when they determine
where to place components within a server. Many designs include baffles and heat sinks to help keep
components cool.
Thermal management in the data center is expressed in tons of cooling. Many heating, ventilation, and air
conditioning (HVAC) units meet cooling tonnage requirements, but it is essential to get cool air where it
is needed in the data center.

Important
Whether designing a new data center or retrofitting an existing one, you should work with
knowledgeable HVAC engineers to ensure adequate cooling.

Increasing availability through power protection


Businesses cannot rely on utility power as a source of continuous power for critical equipment. HPE has
developed a full line of power management products that protect and manage computer service systems
ranging from individual workstations to distributed enterprises:
•Automated energy optimization with HPE Intelligent Power Discovery
•HPE Flex Slot Power Supplies
•HPE iPDUs
•HPE UPSs
•HPE Intelligent Power Discovery Services
•HPE Thermal Discovery Services
Intelligent Power Discovery Services combine an iPDU and Platinum/Platinum Plus Power Supplies with
HPE OneView software to create an automated, energy-aware network between IT systems and facilities.
Intelligent Power Discovery Services with iPDUs automatically track power usage and document
configurations to increase system uptime and reduce the risk of outages.
Intelligent Power Discovery provides automated server discovery on a network through PLC technology
that is embedded in Platinum Power Supplies. PLC is a feature that allows the power supply to
communicate with the iPDU. The communication between the power supply and iPDU helps:
•Automatically discover the server when it is plugged into a power source
•Map the server to the individual outlet on the iPDU
Thermal Discovery Services increase compute capacity by intelligently placing the workload where
customers have the most power and cooling capacity. This feature helps businesses both reduce energy
consumption and maximize usage of data center power and cooling capacity.

Note
Enter the following URL into your browser for more information on rack, power, and cooling
solutions from HPE. https://www.hpe.com/us/en/integrated-systems/rack-power-
cooling.html
Elevated temperature support
The ASHRAE guidelines for data center operation suggest thermal ranges of operation for IT equipment
that are commonly accepted by many data center administrators and facility managers. ProLiant Gen9 and
Gen10 products support A3 and A4 guidelines, which means that ProLiant Gen9 and Gen10 servers can
operate at higher temperatures than previous generations. This provides more choices for air-cooled
solutions and the potential to reduce cooling costs.
The allowable ranges for classes A3 and A4 are intended to remove obstacles to data center cooling
strategies such as free-cooling methods. Free-cooling takes advantage of a facility’s local climate by using
outside air to cool IT equipment directly—without the use of mechanical refrigeration (chillers or air
conditioners) whenever possible.
A variety of implementations for free-cooling are possible. For example, filtered outside air can be drawn
directly into the data center. Other techniques keep the outside air isolated from the data center but still
transfer the data center heat directly to the outside air without refrigerating it. Careful application of the
new ASHRAE guidelines might enable free-cooling in more climates or allow for the data center to be
cooled without refrigeration more days of the year. Reducing the use of refrigerated cooling lowers the
operating expenses for the data center. In some cases, the refrigeration equipment can be eliminated or
significantly reduced in size, saving capital investment expense as well.
The traditional maximum server inlet air temperature is 35°C. For ProLiant Gen9 and Gen10 servers,
40°C (ASHRAE A3) support is available on most platforms with configuration limitations. For select
ProLiant Gen9 and Gen10 platforms, 45°C (ASHRAE A4) support is available with configuration
limitations.

Note
Check the QuickSpecs for specific servers to find ASHRAE support information.

Activity: Benefits of HPE racks and PDUs: Alpha Centauri


Drones Company
1.How can the Alpha Centauri Drones Company benefit from HPE infrastructure components?

2.What are the benefits of the following?


•HPE Racks

•HPE PDUs
•HPE UPS

Learning check
7.HPE G2 Enterprise Rack Series support up to 3000 lbs. dynamic load.
True
False

Summary
•ProLiant Gen10 rack servers deliver the world’s most secure software-defined compute and
converged infrastructure to run diverse workloads and applications across traditional and
multicloud environments.
•Gen10 ProLiant servers are using Intel® Xeon® Scalable Family processors deliver increased
performance with HPE Intelligent System Tuning.
•HPE Smart Storage solutions for ProLiant Gen10 servers are boosting storage performance,
scalability, security, and resiliency.
•Networking features of ProLiant servers include RDMA, RoCE, FCoE, DPDK, and overlay
network capabilities.
•HPE rack and power portfolio include rack products, power distribution units, uninterruptible
power systems, and power supplies.
6 HPE Rack and Tower Server Solutions
WHAT IS IN THIS CHAPTER FOR YOU?
After completing this chapter, you should be able to:
✓Describe HPE ProLiant rack-mounted and tower server families and the workloads they target.
✓Explain how to use QuickSpecs.

Prelearning check
1.Which HPE ProLiant Gen10 series should you recommend to a customer requiring multiple,
general purpose servers with traditional 1U/2U/4U form factors?
A.DL servers
B.Apollo servers
C.ML servers
D.CL servers
2.Match the number of processor sockets to the HPE ProLiant Gen10 server.

3.HPE QuickSpecs can be accessed offline with HPE Product Bulletin.


True
False

HPE ProLiant Gen10 rack and tower servers


HPE ProLiant tower and rack-mounted servers provide a complete infrastructure that supports both
business objectives and business growth. With the broadest server portfolio in the industry, HPE offers
ProLiant servers that focus on the needs of all customer segments, including small and medium business
(SMB), enterprise, and High-Performance Computing (HPC).
The ProLiant rack and tower portfolio delivers flexible, reliable, secure, and performance-optimized
server solutions for a range of workloads and budgets. It features versatile and flexible designs along with
improved energy efficiencies to help to reduce total cost of ownership (TCO).
The ProLiant rack portfolio is performance optimized for multi-application workloads to significantly
increase the speed of IT operations and enable IT to respond to business needs faster. Integrated with a
simplified yet comprehensive management suite and industry-leading support, the ProLiant Gen10 rack
server portfolio enables customers to accelerate business results with faster compute, memory, and I/O
performance, coupled with increased storage and networking performance—including lower latency.

HPE rack servers: Picking the right platform

Figure 6-1 Choosing the right HPE rack platform

Figure 6-1 outlines the differences between HPE rack server platforms. DL servers are the preferred
platform for general purpose solutions, while Apollo servers are more workload specific.
•DL servers
–Multiple general purpose workloads across segments
–Standard scalability, efficiency, and density suited for most applications
–Traditional 1U/2U/4U form factors
–Maximum density: 2P/1U compute, 30 spindles/2U storage
•Apollo servers
–Specific use cases: Big Data, HPC, and object storage workloads
–Extreme scale-out/up capabilities for highly distributed applications
–Dense multi-node form factors
–Maximum density: 8P/2U compute, 50 spindles/2U storage
•DL servers
–HPE value adds: Smart Components (drives, memory, controllers, sockets, and so forth)
–Traditional SMB, enterprise, and SP deployment models
–Standard parts/labor/onsite warranty
–Built-in server firmware/SW management framework
•CL servers
–Open compute compliance (network/storage controllers, nodes)
–Very large SP deployments
–Minimal labor/onsite warranty
–Do-it-yourself (DIY)/open firmware and SW management framework
From the deployment scale prospective, CL servers are more suitable for large deployments, when open
infrastructure is required. DL servers are suitable for any deployment scale, even for low numbers of
servers, when flexible, full-featured infrastructure is needed.
Note
A rack unit (abbreviated U or RU) is a unit of measure defined as 44.50 millimetres (1.75 in).
It is most frequently used as a measurement of the overall height of 19-inch and 23-inch rack
frames, as well as the height of equipment that mounts in these frames, whereby the height of
the frame or equipment is expressed as multiples of rack units. For example, a typical full-size
rack cage is 42U high, while equipment is typically 1U, 2U, 3U, or 4U high. (Wikipedia.org,
January 2018)

Activity: Alpha Centauri Drone Company


Alpha Centauri Drone Company is planning an infrastructure consolidation and wants to replace a current
single tower server used for storing accounting and development files. Increased production of drones is
planned as well as hiring more people and reasonable infrastructure is needed for:
•Email
•File sharing
•Web
What type of server would you suggest for these services?

HPE Gen10 servers—Relevant and differentiating innovations

Figure 6-2 Trusted servers built for today and tomorrow

Gen10 servers are key to infrastructure modernization, accelerating business insights across a hybrid
world of traditional IT, public cloud, and private cloud.
We are living in an era of digital disruption, where the accessibility and adoption of Big Data, mobility,
Internet of Things, and cloud-native technologies are enabling companies to transform their businesses in
exciting new ways. At the heart of these technologies are applications and data, and this has placed IT at
the center of business innovation. IT needs to operate at the speed of today’s business, to be an accelerator
of new ideas, products, and services. For IT to be successful in speeding time to value, a Hybrid IT
infrastructure is needed to deliver the Right Mix of infrastructure and services to develop and deploy
applications on a continuous basis and draw insights and make decisions from data. For IT decision
makers who must define their Right Mix of Hybrid IT across on-premises dedicated and cloud
environments as well as hosted cloud, a new compute experience is required to obtain cloud economics
and agility with the security of an on-premises data center.
ProLiant servers provide:
•Agility—A better way to deliver business results with a software-defined infrastructure that
delivers intelligent automation and high performance reducing operational complexity for
traditional applications while increasing velocity for the new breed of applications
•Security—A better way to protect business and data with an infrastructure that has security
designed in from the start
•Economic control—A better way to consume IT that allows customers to pay for only what they
use, scaling on demand without overprovisioning or incurring exponentially escalating costs
As shown in Figure 6-2, differentiating innovations in HPE Gen10 servers include:
•The World’s Most Secure Industry-Standard Servers
–Unmatched threat protection through Hardware Root of Trust, extensive standards
compliance, and supply chain attack detection
–Unparalleled ability to recover firmware and OS after denial of service attempt or detection of
compromised code
•Unprecedented high-speed memory capacity with persistence
–High-capacity data acceleration with flash-backed Persistent Memory at multi-terabyte
capacities for large data-intensive workloads
–Second generation of memory-centric compute innovation on the path to the machine
•Intelligent System Tuning (IST)
–Performance tuning to enable more workloads on more cores at a given CPU frequency for
greater application licensing efficiency
–Predictable latency reduction and balanced workload optimization
•New levels of compute
–Next-generation industry-standard CPUs with faster processing, higher-speed memory access,
enhanced software-defined management, and security
–Enhanced graphics processing unit (GPU) levels of performance and choice
•Increased in-server storage density
–Substantially greater non-volatile memory express (NVMe) capacity for large write-intensive
workloads needing advanced caching/tiering
–Enhanced storage density in servers with more small form factor (SFF) and large form factor
(LFF) drives for collaboration and database workloads
•More efficient and easier server management
–Enables large-scale firmware deployment
–Improved GUI to simply management with industry-standard application program interfaces
(APIs)
–Easy system debug access
–Convenient warranty entitlement validation
HPE ProLiant DL360 Gen10 Server

Figure 6-3 HPE ProLiant DL360, the dense compute standard for multi-workload environments

Does your customer’s data center need a secure, performance-driven dense server that they can
confidently deploy for virtualization, database, or HPC? The powerful 2P HPE ProLiant DL360 Gen10,
shown in Figure 6-3, is redefining dense compute by delivering security, agility, and unmatched
expandability that businesses want all packed in a dense 1U rack design.
The HPE ProLiant DL360 Gen10 Server supports the Intel Xeon Processor Scalable Family with up to 28
cores, plus 2666 MT/s HPE DDR4 SmartMemory supporting up to 3.0 TB max. With the added
performance that 12 NVDIMMs and 10 NVMe brings, the HPE ProLiant DL360 Gen10 means business.
Customers can deploy this dense platform for diverse workloads in space-constrained environments and
maintain it with ease by automating the most essential server lifecycle management tasks with HPE
OneView and HPE iLO 5.
HPE ProLiant DL360 Gen10 offers:
•Industry-leading performance
–Double the capacity of NVDIMMs compared to previous generation
–Up to 12 NVDIMMs supporting up to 192 GB per system
–Improved speed with up to two Intel Xeon Processor Scalable Family, up to 28 cores
–Faster memory with 24 HPE Smart Memory DDR4 2666 MHz (3.0 TB max)
–IST to dynamically tune server performance
–HPE Dynamic Smart Array to improve performance with next-generation array controller
•Flexible design
–Unmatched expandability packed in a dense 1U rack design
–Ability to mix and match storage within the same chassis
–Universal backplane supporting Serial Attached SCSI (SAS)/Serial ATA (SATA) or 10
NVMe Peripheral Component Interconnect Express (PCIe) solid-state drive (SSD) option
–Choice of storage (eight + two) SFF/four LFF/10 NVMe PCIe SSD plus new rear drive option
and new storage types
–HPE Dynamic Smart Array S100i
–Choice of HPE Flexible Smart Array or HPE Smart host bus adapter (HBA) Controllers for
performance or additional features
–Networking options 4 × 1 GbE embedded + choice of FlexibleLOM or Standup
–I/O options with three PCIe 3.0 slots (for 10 NVMe chassis, only two PCIe slots available)
•Agile, secure infrastructure
–Reduced risk of cyber or physical attacks with asset and data protection
–Up to 1.3× more NVMe storage capacity and M.2 support on riser (compared to previous
generation)
–Enhanced security with HPE Secure Encryption, Trusted Platform Module (TPM) option,
Digitally Signed Firmware, tamper-proof secure preboot environment with SecureStart,
Hardware Root of Trust, HTTPS boot, and Intrusion detection
–Advanced System Management with HPE iLO 5
–Persistent Memory up to 12 NVDIMM options supporting up to 192 GB per system
–Boot options supporting Unified Extensible Firmware Interface (UEFI) and legacy boot modes

Dense performance for multi-workload compute in the data center


Key selling points of the DL360 Gen10 Server include:
•Leading energy efficient dense server for better return on investment (ROI)
•Supports improved ambient temperature ASHRAE A3 and A4 standards, helping reduce cooling
expenses
•Higher performance with IST, Persistent Memory, and greater NVMe capability
•Increased flexible storage options to support various workloads
•PCIe expansion with HPE FlexLOM and HPE Flexible Smart Array
•Converging management for automation simplicity across servers, storage, and networking with
HPE OneView
Ideal workloads include:
•Hypervisor
•Dynamic workloads in dense virtualized environments
•Compute-intensive applications (web caching, data analytics)
•Low latency and transactional applications (warehouse and database)
•HPC focus on Financial Services Industry (FSI)

Gen10 vs. Gen9 quick compare


Table 6-1 Comparing HPE ProLiant DL360 Gen 10 to Gen9
Specifications Gen9 Gen10

Processor Intel® Xeon® E5-2600 v3 Intel® Xeon® Processor Scalable


product familyIntel® Xeon® Family (8100, 6100, 5100, 4100 and
E5-2600 v4 product family 3100 series)

Processors/cores One or two processors; 22, 20, One or two processors; 28, 26, 24, 22,
18, 16, 14, 12, 10, 8, 6, and 4 20, 18, 16, 14, 12, 10, 8, 6, and 4 cores;
cores; 3.5 GHz 3.6 GHz

Memory (type, Support up to 2400 MT/s Supports up to 2666 MT/s DDR4


max, slots) DDR4 SmartMemory, 3 TB SmartMemory, 3 TB Max, 24 DIMM
Max, 24 DIMM slots slots
Specifications Gen9 Gen10

Persistent Memory Up to (16) 8 GB 2400 MT/s Up to (12) 16 GB 2666 MT/s


NVDIMM option (128 GB NVDIMMs (192 GB max)
max)

Drive Bays (Four) LFF SAS/SATA/SSD, (Four) LFF + (One) SFF


or (eight + two) SFF SAS/SATA/SSD or (eight + two + one)
SAS/SATA/SSD or (Six) SFF SFF SAS/SATA/SSD or (10) SFF
NVMe (optional), m.2 NVMe, m.2 enablement
enablement

Network 4 × 1 GbE embedded with 4 × 1 GbE embedded with optional


controller* optional FlexibleLOM and FlexibleLOM and Standup
Standup

GPU support Two single-wide and active Two single-wide and active 9.5” in
9.5” in length, up to 150W each length, up to 150W each

Infrastructure HPE iLO 4 Management HPE iLO 5 Management (standard),


management (standard), Intelligent Intelligent Provisioning (standard),
Provisioning (standard), iLO iLO Advanced (optional), iLO
Advanced (optional), HP Advanced Premium Security Edition
Insight Control (optional) (optional), HPE OneView Advanced
(optional)

Power supply HPE 500W Flex Slot Platinum; HPE 500W Flex Slot Platinum; HPE
HPE 800W Flex Slot Platinum; 800W Flex Slot Platinum; HPE 1600W
HPE 1400W Flex Slot Flex Slot Platinum Plus
Platinum Plus

Storage controller* Embedded HPE Dynamic Embedded HPE Dynamic Smart Array
Smart Array B140i optional S100i optional HPE Flexible Smart
HPE Flexible Smart Array and Array and Smart Array PCIe card
Smart Array PCIe card
Specifications Gen9 Gen10

Warranty (parts, 3/3/3 3/3/3


labor, onsite
support)

* Depending on model.

Table 6-1 presents a quick comparison between the HPE ProLiant DL360 Gen10 and Gen9.

HPE ProLiant DL380 Gen10 Server

Figure 6-4 HPE ProLiant DL380, the industry-leading server for multi-workload compute

Adaptable for diverse workloads and environments, the secure 2P 2U HPE ProLiant DL380 Gen10, shown
in Figure 6-4, delivers world-class performance with the right balance of expandability and scalability.
Designed for supreme versatility and resiliency while being backed by a comprehensive warranty make it
ideal for multiple environments from containers to cloud to Big Data.
HPE ProLiant DL380 Gen10 offers:
•Flexible design
–Optimized performance for highly parallel workloads— image processing, app dev/test, and
cloud computing
–Greater NVMe capacity—all NVMe drive options allowing up to 20 PCIe SSDs (128 TB max.
capacity) direct connect drives per system
–More LFF capacity—New modular LFF chassis supporting up to 19 LFF and two SFF drives
–Enhanced SSD support—New M.2 backplane option supporting up to 30 SATA SSD drives
in 2U
–Greater I/O with eight PCIe 3.0 slots and expanded GPU support
–Choice of HPE Flexible Smart Array or HPE Smart HBA Controllers for performance or
additional features
•Industry-leading performance
–Up to 27× faster checkpoint operations enabling significantly faster business operations,
compared checkpoint on Persistent Memory vs. SSD
–Up to 20× reduction in database recovery time preserving maximum system uptime,
comparing Scalable Persistent Memory vs. SSD and disk drives
–Improved speed with up to two Intel Xeon Processor Scalable Family, up to 28 cores and
enhanced GPU support
–Faster memory with 24 HPE Smart Memory DDR4 2666 MHz (3.0 TB max)
–Persistent Memory—Double the capacity of NVDIMMs over prior generation, delivers fastest
storage tier supporting up to 192 GB per system
–Persistent Memory up to 12 NVDIMM options
–Dynamically tune server performance using with IST
–Improve performance with next generation of HPE Dynamic Smart Array S100i
•Agile, secure infrastructure
–Reducing risk of cyber or physical attacks with asset and data protection
–Up to 58% more storage capacity making it ideal for Big Data, bulk storage, email analytics,
and NoSQL databases, compared to previous generation
–Enhanced security with HPE Secure Encryption, TPM option, Digitally Signed Firmware,
tamper-proof secure preboot environment with SecureStart, Hardware Root of Trust, HTTPS
boot, and Intrusion detection
–Advanced System Management with HPE iLO 5
–Boot options supporting UEFI and legacy boot modes
–Standard 3-3-3 warranty
Key selling points of the DL380 Gen10 include:
•Increased performance with IST, Persistent Memory, and greater NVMe capability
•"Future proof" design keeps up with business needs
•Huge storage footprint for large storage workloads
•PCIe expansion with HPE FlexLOM and HPE Flexible Smart Array
Ideal workloads include:
•Enterprise customers
•Virtualization and containers
•Big Data, storage-centric applications, and data warehousing
•Analytics, customer relationship management (CRM), enterprise resource planning (ERP), virtual
desktop infrastructure (VDI), and SAP
•Large storage capacity, such as Microsoft Exchange

Note
Virtual Desktop Infrastructure, or VDI, refers to the process of running a user desktop inside a
virtual machine that lives on a server in the datacenter. It’s a powerful form of desktop
virtualization because it enables fully personalized desktops for each user with all the security
and simplicity of centralized management. (http://www.citrix.com/glossary/vdi.html,
January 2018)
HPE ProLiant DL560 Gen10 Server

Figure 6-5 HPE ProLiant DL560, the high-density scale-up server for business-critical workloads

The HPE ProLiant DL560 Gen10 Server, shown in Figure 6-5, is a high-density, four-socket (4S) server
with high performance, scalability, and reliability, all in a 2U chassis. Supporting the latest Intel Xeon
Scalable processors, the HPE ProLiant DL560 Gen10 Server offers greater processing power, up to 6 TB
of faster memory, IO of up to eight PCIe 3.0 slots, plus the intelligence and simplicity of automated
management with HPE OneView and HPE iLO 5.
The HPE ProLiant DL560 Gen10 Server is the ideal server for:
•Business-critical workloads
•Virtualization and server consolidation
•Database, business processing, and general 4P data-intensive applications where data center space
and the right performance are paramount
HPE ProLiant DL560 Gen10 offers:
•Scalable performance
–Secure compute with up to four processors
–High-performance options with IST, Persistent Memory, and expanded NVMe capacity
–Scale from four to 112 cores with up to four Intel Xeon Processor Scalable Family
–Up to 24 NVDIMMs for performance improvement to accelerate data management
–Faster memory with 48 HPE Smart Memory DDR4 2666 MHz (6.0 TB)
–Dynamically tune server performance using with IST
•Impressive density
–Unique design enables scale-up performance and I/O expandability with large storage and
memory footprint in 2U
–Flex Slot power supplies with slot design to accommodate extra I/O
–2× more NVMe drives and up to 64 TB delivering direct connect performance compared to
previous generation
–High storage density 24 SFF max, HDD/SSD, M.2 enablement kit, and 12 NVMe PCIe SSD
option
–Support up to two GPUs, eight available I/O slots + FlexibleLOM for analytics and HPC
applications
–Up to four 96% efficient Flex Slot power supplies with redundant configurations, efficiency
based on certification testing
•Flexibility and security
–Flexible drive bay supports multiple combinations of SFF drives
–Silicon Root of Trust powered by iLO 5
–Modular two + two processor design—scale as needed
–Flexible drive bay supporting multiple combinations of NVMe and SAS SFF drives
–Secure system management with iLO 5 and UEFI to protect assets and data from attack
–Enhanced reliability, availability, and serviceability (RAS) features for high availability

HPE ProLiant DL580 Gen10 Server

Figure 6-6 HPE ProLiant DL580, the resilient, highly expandable, scale-up server for business-critical
workloads

The HPE ProLiant DL580 Gen10 Server, shown in Figure 6-6, is a high-density, four-socket server with
high performance, scalability, and reliability, all in a 4U chassis. Supporting the latest Intel Xeon Scalable
processors, the HPE ProLiant DL580 Gen10 Server offers greater processing power, up to 6 TB of faster
memory, IO of up to 16 PCIe 3.0 slots, plus the intelligence and simplicity of automated management
with HPE OneView and HPE iLO 5.
HPE ProLiant DL580 Gen10 is an ideal server for:
•Business-critical workloads (ERP, CRM, and supply chain management [SCM])
•Virtualization and server consolidation
•Database and business processing
•VDI and Virtual Reality (VR)
•General 4P data-intensive applications where data center space and the right performance are
paramount
The secure HPE ProLiant DL580 Gen10 Server is the 4P enterprise standard delivering high performance
and expandability for business-critical applications.
Specifications:
•Intel Xeon Processor Scalable Family (8100, 6100, and 5100 series)
•One, two, three, or four processors; 28, 26, 24, 22, 20, 18, 16, 14, 12, 10, 8, 6, or 4 cores; 3.6 GHz
•Supports up to 2666 MT/s DDR4 SmartMemory in 48 slots
•Up to (24) 16 GB 2666 MT/s NVDIMMs (382 GB max)
•48 SFF SAS/SATA, 20 NVMe SSD Optional
•Up to 16 PCIe slots (up to four FL/FH DW cards [×16 PCIe width])
•Up to four HPE 800W Flex Slot Platinum; HPE 1600W Flex Slot Platinum Plus
HPE ProLiant DL385 Gen10 Server

Figure 6-7 HPE ProLiant DL385, the right-sized enterprise-grade server ideal for virtualized workloads

HPE supports the AMD Secure Root of Trust that is comprised of AMD secure processor and AMD
secure boot. The AMD technology ties with the HPE Silicon Root of Trust at the UEFI or BIOS level as
an added validation of the BIOS during the boot process. The HPE Silicon Root of Trust is more
comprehensive and ties into the HPE iLO 5 silicon chip, thus substantiating there is no compromised code
or malware in the server firmware. The AMD secure processor validates with the BIOS, upon boot up
(and only during boot up), that there are no anomalies or compromised code present. After this
confirmation, the server boot process is allowed to continue. If any compromised code if found, either by
the AMD secure processor or the HPE Silicon Root of Trust, the iLO Advanced Premium Security Edition
license will initiate an automatic recovery of the server firmware to a known good state.
HPE also supports the AMD Secure Run technology, which consists of the Secure Memory Encryption
(SME) and the Secure Encrypted Virtualization (SEV) technologies. The SME technology provides
encryption of all data transmitted to and stored on the HPE random access memory. If those memory
modules are ever removed from the HPE server, any information or data on the memory is unusable,
because it is encrypted. The SEV technology creates encryption of the virtual machines (VMs) on an HPE
server and will prevent a user of one VM from tunneling into and viewing or retrieving data from an
adjacent VM.
The final AMD security technology is the AMD Secure Move, which relies on the establishment of a
secure channel between two SEV-enabled platforms so the hypervisor can implement migration and
snapshot functions securely. This capability is only available as the operating system vendors provide
support for the SEV technology itself. Currently, no OS vendors support SEV, and therefore the AMD
Secure Move will only be available as such support becomes available.
The DL385 Gen10, shown in Figure 6-7, uses EPYC, AMD’s x86 server processor line, implementing
Zen microarchitecture. EPYC’s large memory capacity delivers excellent performance for applications
such as Apache Spark and VoltDB in-memory applications that require high-memory bandwidth and/or
capacity, are highly parallel, or require extensive I/O. Zen is the codename for AMD’s computer processor
microarchitecture introduced in 2017.
HPE ProLiant DL385 Gen10 is an ideal server for:
•Virtualized workloads—hosting and VDI
–EPYC‘s memory bandwidth, capacity, and massive I/O allow for greater VM density
–VMs can be aligned to specific non-uniform memory access (NUMA) domains, providing
local access to memory, cores, and I/O
•General purpose compute
•Memory-centric workloads
–NUMA-aware applications
–EPYC large memory capacity
•Highly parallel workloads, HPC workloads, GPU compute, and machine learning
–EPYC large memory bandwidth and capacity provide excellent performance for HPC
workloads such as weather modeling, seismic analysis, CFD, Bioinformatics, and so forth
–EPYC delivers a massive number of PCI-e lanes allowing multiple GPUs without adding a
PCIe switch as well as higher memory bandwidth keeps cores and/or GPUs fed
•SharePoint/storage
–NVMe storage, software-defined storage
–Up to 24/32 NVMe/SATA devices without the added latency or cost of a PCI-e switch or HBA
•Any other enterprise workload
Specifications:
•CPU—Up to 64 cores (dual socket system) and 128 threads
•Memory—32 DIMMs (up to 4 TB)
•Storage
–Integrated S100i and flexible Smart Array
–Up to 30 SFF or 19 LFF + two SFF or 18 NVMe
–Embedded M.2, USB, and MicroSD
•Networking—4 × 1 GbE, FlexibleLOM, Standup PCIe network cards
•Management—iLO 5
•Power—Redundant Flex Slot

HPE ProLiant MicroServer

Figure 6-8 HPE ProLiant MicroServer, the compact server to make your own

The HPE ProLiant MicroServer Gen10, shown in Figure 6-8, is a compact and uniquely designed server
that is ideal for small and home offices looking to build their first IT server environment with a form
factor that is easy to use.
The HPE MicroServer Gen10 helps businesses to provide better and easy access to data, more efficiency
in operations, while driving down their operating expenses.
The HPE ProLiant MicroServer is ideal for:
•Network Attached Storage (NAS)—small office, home office (SOHO) and media storage
•Media classroom
•Digital signage
•Closed-circuit television (CCTV)/surveillance server
•File and print
•Gaming server
Specifications:
•CPU—AMD Opteron
•Memory—Two Unbuffered DIMMs
•Storage
–Software controller
–Up to four LFF drives
•Networking—2 × 1 GbE
•Management—No iLO
•Power—Non-redundant
•Additional—Optical Disk Drive (optional)

HPE ProLiant ML350 Gen10 Server

Figure 6-9 HPE ProLiant ML350, expandability, manageability, and reliability

Driving a wide range of workloads with a flexible, shorter, and rackable chassis design that can fit in
different physical environments, the secure 2P HPE ProLiant ML350 Gen10 Server, shown in Figure 6-
9, delivers the ideal set of performance and expandability for changing business needs making it the choice
for growing SMBs, remote/branch offices of large enterprises, and data centers. This 2P tower grows with
your customer in the digital economy.
Key selling points of the ML350 Gen10 include:
•Performance with unmatched capacity and reliability—all in a much smaller form factor
•Availability, expandability, and serviceability—a winning combination
•Agile infrastructure management for essential administration
HPE ProLiant ML350 Gen10 Server is ideal for:
•Workloads and applications such as CRM/ERP, VDI, and SAP
•Demanding workloads where storage performance, CPU and RAM size are at a premium
Specifications:
•Up to two Intel Xeon Skylake E5-2600 v5 Series, up to 28 cores
•24 DDR4 2666 MT/s (3 TB max)
•Persistent Memory up to 12 NVDIMM options
•Up to 24 SFF/12 LFF HP max, HDD/SSD, 12 LFF NHP
•M.2 Enablement Kit and eight NVMe PCIe SSD options
•HPE Dynamic Smart Array S100i as standard
•Choice of HPE Flexible Smart Array or HPE Smart HBA Controllers for performance or additional
features
•4 × 1 GbE embedded + Standup (1/10/25 GbE)
•Eight PCIe 3.0 slots
•HPE iLO 5, UEFI, and legacy boot mode
•Up to 96% efficiency (Titanium)
•Flexible Slot RPS 500W/800W/1600W and Battery Backup Unit
•500W non-RPS
•Standard 3-3-3 warranty
•HPE Secure Encryption and TPM option
•Replaces ML350 Gen9 and ML350p Gen8

Gen10 servers—Relevant and differentiating innovation

Figure 6-10 Comparison of different HPE ProLiant Gen10 server series

Figure 6-10 shows how strongly Gen10 innovations apply to HPE ProLiant Gen10 server series.
HPE ProLiant Gen10 workload-based positioning

Figure 6-11 HPE ProLiant Gen10 workload-based positioning

Figure 6-11 shows the positioning of various ProLiant series to different workloads.

Selecting a Gen10 DL server

Figure 6-12 Selecting a Gen10 DL server based on workload

Figure 6-12 shows the decision tree for choosing a DL server based on workload.
Based on performance and memory requirements

Figure 6-13 Selecting a Gen10 DL server based on performance and memory requirements

Figure 6-13 shows the decision tree for choosing an HPE ProLiant Gen10 DL server based on
requirements for performance (number of processors) and memory requirements.

Based on internal storage requirements and PCIe expansion

Figure 6-14 Selecting a Gen10 DL server based on internal storage requirements and PCIe expansion

Figure 6-14 shows the decision tree for choosing an HPE ProLiant Gen10 DL server based on
requirements for internal storage capacity and PCI expansion.
Selecting Smart Array controllers

Figure 6-15 Selecting Smart Array controllers

Figure 6-15 shows the decision tree for choosing a Smart Array controller based on requirements.

Network cards—Type of the network card

Figure 6-16 Selecting the type of network cards

Figure 6-16 shows the decision tree for choosing converged network cards.

Network cards—Ethernet cards

Figure 6-17 Selecting the type of Ethernet cards

Figure 6-17 shows the decision tree for choosing Ethernet cards.
PCIe riser for DL360 Gen10

Figure 6-18 Primary riser options

Figure 6-18 shows the decision tree for PCIe riser cards. If more cards are needed, a secondary riser is
available. Full-height support in the secondary riser is optional; it disables one slot on the primary riser.
Other limitations and prerequisites apply. Consult QuickSpecs for additional information.
If more SAS, SATA, or uFF drives are needed, consider the rear drive options; however, it occupies space
for PCIe devices. Support must be verified for the specific model, and not all options are available for all
models.

PCIe riser for DL38x/DL560 Gen10

Figure 6-19 Primary and secondary riser options

Figure 6-19 shows the decision tree for PCIe riser cards.
Figure 6-20 Tertiary riser

Figure 6-20 shows the decision tree for PCIe tertiary riser cards.
If more SAS, SATA, or uFF drives are needed, consider the SAS/SATA riser kit; however, it occupies
space for PCIe devices. Support must be verified for the specific model, and not all options are available
for all models. Other limitations and prerequisites apply. Consult QuickSpecs for additional information.

Activity: Case study: Choosing a rack server


Consider the following customer profile that represents challenges faced by a fictional customer. Read
the profile and answer the questions that follow.

Customer scenario
Alpha Centauri Drone Company is a small, high-tech company located in Germany producing a few large-
scale industrial drones a year with three employees. They are planning an expansion and producing higher
amount of drones for new customers. Based on demand from trade fair this year, the owner believes they
are able to sell 10 times more drones in Germany itself. Expansion plans movement to new premises and
12 more employees.
Customer plans are to replace the current tower server, externally provided email addresses, and the
second-level website domain. There will be a dedicated room for IT equipment in the new premises.
Requirements:
•File server and print server
–16 TB of space
–Monitoring application installed on the printserver, minimum two cores, Nehalem or higher,
minimum 4 GB of memory
•Web server and database
–At least 12 CPU cores
–At least 512 GB RAM
–At least two PCIe expansion slots
–6 TB internal storage
•Application server for information system
–At least four CPU cores
–At least 16 GB RAM
–500 GB internal storage
•Collaboration and communication server
–15 users, 2 GB mailbox, Outlook Web Access (OWA)
•Application server for simulations (airfoil, induced drag)
–Unfortunately, no scale-out for this application
–At least 60 cores or 40 cores and hyperthreading
–2 TB of memory
–300 GB for application, 2 TB fast storage (NVMe, SSD), and 4 TB for storing data (MDL)
No shared storage and networking is being discussed with different presales personnel.
The customer has experienced several power outages over the last few months and has lost sensitive
business data as a result.

Questions
Use the course material and online resources to identify an HPE product that would satisfy the customer’s
immediate and future server needs.
Name specific HPE products or solutions that might address this customer’s challenges.
1.What else do you need to know before you can recommend the most appropriate solution?

2.What are the customer’s key business and technology challenges?

3.What products and services should you promote to the customer?

Learning check
1.Which HPE ProLiant Gen10 series should you recommend to a customer requiring multiple,
general purpose servers with traditional 1U/2U/4U form factors?
A.DL servers
B.Apollo servers
C.ML servers
D.CL servers
2.Which HPE ProLiant Gen10 series should you recommend to a customer requiring 6 TB of RAM
and 10 PCIe 3.0 slots?
A.MicroServer
B.DL380 Gen10
C.DL385 Gen10
D.DL580 Gen10
3.Which parameters can be used to select a network card for Gen10 DL server?

4.Match the number of processor sockets to the HPE ProLiant Gen10 server.

Using HPE QuickSpecs


Figure 6-21 HPE QuickSpecs

As shown in Figure 6-21, QuickSpecs is a convenient resource of overviews and technical specifications
of HPE hardware and software. It can be accessed through the HPE Marketing Document Library. The
library provides an enhanced online and mobile experience for QuickSpecs by offering full-text search,
faceted navigation, and search results sorted by most popular documents.
QuickSpecs can also be accessed offline by using the HPE Product Bulletin.

Note
Enter the following URL into your browser for more information on QuickSpecs:
http://www.hpe.com/info/qs

Learning check
5.HPE QuickSpecs can be accessed offline with HPE Product Bulletin.
True
False

Reference Architectures
Figure 6-22 Reference Architecture can significantly shorten the time to build and implement the
solution

Based on HPE Core Enterprise Vertical Workload Research, 98% of IT decision makers use Reference
Architectures for their infrastructure projects. The value of Reference Architecture includes risk
mitigation, shorter time to value, TCO reduction, and improving business outcomes, as shown in Figure
6-22.

Note
Enter the following URL into your browser for more information on Reference Architectures:
https://www.hpe.com/info/RA

Aligning RAs with business outcomes


Figure 6-23 Reference Architectures solve business needs

As shown in Figure 6-23, reference configurations/architectures are aligned with business outcomes,
taking vertical industries and aligning them to application workloads. Reference Configurations and
Architectures help to solve business needs.

Two core deliverables: Reference Configurations and Reference Architectures


HPE provides two core deliverables: Reference Configurations and Reference Architectures.
A Reference Configuration is a 10- to 15-page document that addresses the business problem and HPE’s
solution to the problem. It covers a high-level functional solution, with compelling use cases for the
customer to consider the solution and covers infrastructure for new products, corner cases, and where Tier
1 coverage is not available. Limited or focused engineering testing may be required to create the paper.
When to use Reference Configurations:
•Breadth of workload coverage for new product launches
•New/smaller independent software vendors (ISVs)—Start small and validate use case
•Use cases/platform combinations where technical validation is not difficult
•Rapid response to competitive situations or field identified solutions
Reference Configurations are primarily written for business decision makers and high-level technical
decision makers (less technical content).
A Reference Architecture is a 30- to 50-page document that covers the business problem, HPE’s solution
to the problem and proof with validation of test results. It covers a functional and technical solution, with
capacity sizing and limits of the configuration and targets use cases where more than one part of stack in
play (compute, storage, networking, converged system, and so forth). It also contains guidance and best
practices for the workloads that covers all the layers of the workload and is often wrapped with automation
scripts for services enablement.
When to use Reference Architectures:
•Tier 1 workloads that maximize revenue impact
•Customer problems with viable and proven solutions that can be implemented using HPE Pointnext
or partners
•Difficult technical challenges that require clear articulation of configuration needs
Reference Architectures are primarily written for technical decision makers (highly technical content).

How do today’s IT customers buy—Buyer’s journey

Figure 6-24 Steps of a buyer’s journey

Typical customer’s stages along the buying journey are shown in Figure 6-24.:
•Earned attention
•Engage and persuade
•Commit to purchase
•Acquire and deploy
Reference Configurations are useful when customers are searching for solutions, seeking, evaluating and
justifying vendors.

Note
Enter the following URL into your browser for “Reference Configuration for VMware Horizon
7 on HPE ProLiant Gen10 servers”:
http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00018552enw

Note
Enter the following URL into your browser for “Reference Configuration for Exchange 2016,
SharePoint 2016, Skype for Business 2015, and Windows Server 2016 on HPE ProLiant DL380
Gen10”: http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00022804enw

Note
Enter the following URL into your browser for “Reference Configuration for building a
VMware AlwaysOn Digital Workspace with HPE ProLiant DL380 Gen10 servers”:
http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00019928enw

Learning check
6.HPE Reference Configurations are primarily targeted to business decision makers.
True
False
7.Write a summary of the key concepts presented in this module.

Summary
•HPE provides a wide portfolio of rack- and tower-based servers. Server can be selected based on:
–Target workload
–Performance and memory requirements
–Internal storage and PCIe requirements
•Optional components for HPE ProLiant servers include network cards and Smart Array controllers.
–QuickSpecs is a convenient online and offline resource of overviews and technical
specifications of HPE hardware and software.
–HPE Reference Configurations and Architectures can be used during the buyer’s journey.

7 HPE BladeSystem Server Solutions


WHAT IS IN THIS CHAPTER FOR YOU?
After completing this chapter, you should be able to:
✓Explain how the HPE BladeSystem portfolio provides solutions in the compute era.
✓List the steps to build a BladeSystem solution:
1Select the operating environment.
2.Select the BladeSystem enclosure and power infrastructure.
3.Select the interconnects and adapters.
4.Select the server blades.
5.Select the storage infrastructure.
6.Select the infrastructure management.
7.Select the services.

Prelearning check
1.Which network types can be connected through HPE Virtual Connect?

2.c-class server blades are equipped with HPE integrated Lights-Out (iLO).
True
False

The path to Composable Infrastructure

Figure 7-1 The path to Composable Infrastructure

The journey to Composable Infrastructure can begin today. The path to Composable Infrastructure is
through HPE BladeSystem with HPE OneView. HPE BladeSystem with ProLiant Gen9 and Gen10
servers already take advantage of some of the attributes of composability through HPE OneView, as
shown in Figure 7-1. With HPE OneView you can already start to treat resources as blocks of compute
storage and fabric. We can use the software-defined intelligence through HPE OneView for templates.
We can leverage the unified application program interface (API) ecosystem today and carry forward those
partnerships through Composable Infrastructure. Customers who are using HPE 3PAR or leveraging HPE
StoreVirtual VSA, or other data center components such as HPE OneView, can begin to experience some
of the Composable attributes. There are capabilities today with products that are already deployed in your
customer’s data center that they can begin this journey to Composable Infrastructure with continuity,
protection of investment, consistency of tools, and consistency of integration.

Transforming business economics by accelerating service delivery


Figure 7-2 Architectural design principles for converged infrastructure

The journey to Composable starts with a robust, trusted architecture and lifecycle management. If your
customer has HPE BladeSystem and OneView, these are the key principles that they can leverage to get
there.
How do we deliver the path to Composable starting from BladeSystem and OneView? These four
principles help deliver significant benefits to your organization from a converged infrastructure.
As shown in Figure 7-2, the path to Composable includes:
•Simplifying IT operations through innovations from infrastructure operations and a management
view enabling a global view of not just converged infrastructures but also other HPE solutions
•Helping customers deploy their infrastructure faster, using template-based deployments that act
like rinse-and-repeat cycles. No need for downtime or wasted time setting up servers and fabrics
•Increasing productivity by allowing your customers to manage their infrastructure more efficiently,
thanks to a number of new feature innovations that enable them to unlock more benefit from their
investment
•Developing and enabling applications and tools, faster and with a robust ecosystem of partner
solutions that make your customer’s infrastructure more agile and responsive to business needs

End-to-end performance for hybrid IT


Figure 7-3 Gen10 technology and HPE Innovation enable better business outcomes

Over the past year, we made some significant performance advancements across HPE BladeSystem with
the advent of Gen9 and Gen10 technology and HPE Innovation, as shown in Figure 7-3, to enable much
better business outcomes going forward. In the area of servers, we are really driving hugely improved
economics for agile businesses including higher workflow density and better user capability and user
experience. With the storage aspect, we are actually increasing the input/output operations per second
(IOPs) and delivering flexible solutions to enable an I/O performance and reliability at a much lower cost.
With networking, we made some significant innovations by bringing on more products with Flex-20 20
Gb technology and boosted performance for the SAN with 16 Gb Fibre Channel. And lastly, but not least,
management has taken a huge step with the new HPE OneView, enabling server profile templates,
automated lifecycle management, and significant innovation. All of these aspects of the HPE ProLiant
portfolio really delivered a huge performance increase for a variety of workloads and applications
including virtualization, business processing, collaboration, and scale-up applications.
Within our servers, our blade servers include the newest workstation blade the WS460c Gen9 which now
delivers the highest user density for virtual desktop infrastructure (VDI) accelerated graphics with the new
NVIDIA Tesla M6 MXM-style card. Also, our newest HPE ProLiant BL 660c Gen10 Server delivers a
lot of innovation and scale-up performance for the workloads that are really going to help customers drive
business transformation. Virtual Connect FlexFabric 20/40 and the 16 Gb Fibre Channel Virtual Connect
delivers the I/O needed to power these workloads through transformation. Additionally, HPE networking
also enables a new switch with 20 Gb capability for network virtualization. Our HPE Converged Systems
deliver unmatched user experience with new offerings and Big Data Reference Architectures. HPE storage
continues to support Gen10 enhancements and innovations for BladeSystem as well.

Note
A Mobile PCI Express Module (MXM) is an interconnect standard for GPUs (MXM Graphics
Modules) using PCI Express. The goal was to create a non-proprietary, industry standard
socket, so one could easily upgrade the graphics processor, without having to buy a whole new
system or relying on proprietary vendor upgrades. (Wikipedia.org, January 2018)

HPE OneView has expanded its automation capabilities to server change management and storage
resources. New server profile templates make it easy to define firmware and driver baselines as well as
server, LAN, and SAN settings in one place and consistently provision or update those settings multiple
times. Changes made in the profile template are automatically detected by child profiles, which can then
be updated on an individual or group basis. Automated firmware and device driver updates distribute,
stage, and install components for Windows, Linux, or ESXi servers using the out-of-band iLO
management network to minimize any impact on production traffic. In addition, new profile mobility
makes it possible to migrate and recover workloads across server platform types, configurations, and
generations.
HPE 3PAR StoreServ Storage and HPE StoreVirtual VSA are now fully integrated with HPE OneView
server profiles for automated, policy-driven rollout of enterprise-class storage resources. Using 3PAR
StoreServ Storage within HPE OneView is as simple as selecting a storage template and a server profile.
HPE OneView automation carves out the storage volume, zones the Fibre Channel SAN, and attaches the
storage to the server profile. You can attach private or shared storage volumes automatically to enable
automated boot target configuration and create, manage, and modify attached volumes automatically
without downtime. All storage and SAN resources can be automatically viewed in HPE OneView Map
View as part of automated provisioning.
Storage automation for 3PAR StoreServ now includes Fibre Channel over Ethernet (FCoE) in addition to
Virtual Connect and Fibre Channel to make businesses more responsive, secure, and efficient. Proactive
alerts identify broken paths, zoning errors, and orphaned volumes across the entire SAN and configuration
reports include guidance to make the SANs more efficient.

Learning check
1.Which components can be used together with BladeSystem on the path to Composable
Infrastructure?
HPE BladeSystem solutions in the compute era

Figure 7-4 HPE BladeSystem

With the growth of data fueling in today’s global environment, the ability of a business to adapt to change
quickly is becoming critical for survival. IT managers are under enormous pressure to deliver applications
and services that innovate and transform the business at a lower cost.
Rather than adding more technology silos, IT organizations need an agile and reliable converged
infrastructure platform that is purpose-built for enterprise workloads such as virtualization and cloud
computing, ready to deliver industry-leading total cost of ownership (TCO), and able to increase IT staff
productivity.
To help address these ever-changing business needs, BladeSystem enables customers to shift investment
from routine maintenance to innovation, maximize availability by reducing downtime, and accelerate
enterprise workload deployment (such as virtualization and cloud computing) much faster.
As shown in Figure 7-4, BladeSystem is a modular infrastructure platform that converges servers, storage,
and network fabrics to accelerate operations and speed delivery of applications and services running in
physical, virtual, and cloud-computing environments. Because the core infrastructure is shared, capital
costs can be significantly lower. Blades share power, cooling, network, and storage infrastructure at the
BladeSystem enclosure level, resulting in a dramatic reduction in power distribution units, power cables,
LAN and SAN switches, connectors, adapters, and cables.
BladeSystem is founded on the principles of having one management platform and a single infrastructure.
BladeSystem with HPE OneView delivers a new experience for IT—one infrastructure, one management
platform to speed the delivery of services. BladeSystem helps your customers to lower data center costs
by 68%1 so they can shift investment from routine maintenance to innovation, maximize availability by
reducing downtime up to 90%1, and accelerate enterprise workload deployment such as virtualization and
cloud computing up to 66× faster.
Note
1. IDC white paper sponsored by HPE, “Business Value of Blade Infrastructures,” #227508R2.

HPE BladeSystem enclosure

Figure 7-5 The world’s most advanced blade architecture

Unlike traditional rack-based infrastructure, HPE BladeSystem utilizes a modular design to share power,
network, and storage infrastructure at the enclosure level, reducing hardware cost by 58%. The new HPE
BladeSystem c7000 Platinum enclosure, shown in Figure 7-5, integrates next-generation technologies to
deliver the most advanced architecture with latest end-to-end performance advancements compared to
previous technologies.
•56 Gb Fourteen Data Rate (FDR) InfiniBand for 40% more performance
•40 Gb Ethernet for four times throughput for low-latency networking
•16 Gb Fibre Channel-ready for twice the storage bandwidth

Note
InfiniBand (abbreviated IB) is a computer-networking communications standard used in high-
performance computing that features very high throughput and very low latency. It is used for
data interconnect both among and within computers. InfiniBand is also used as either a direct
or switched interconnect between servers and storage systems, as well as an interconnect
between storage systems. (Wikipedia.org, January 2018)

Take control of limited power resources with HPE Intelligent Infrastructure and Thermal Logic
technology inside HPE BladeSystem. In fact, your customers can increase the capacity of their data center
without adding power infrastructure and reduce power costs by 36% versus a traditional environment.
HPE BladeSystem, with built-in intelligence, provides unprecedented insight into their data center. HPE
Thermal Logic technology lets administrators dynamically track and control power, based on workload
demand within the BladeSystem enclosure, so they can reclaim over-provisioned power and cooling
capacity without impacting performance. Industry-first Location and Power Discovery is next-generation
sensor technology that automates power configuration and tracking to reduce unplanned downtime and
allows customers to pinpoint server and enclosure location. This combined intelligence provides location
with real-time, auto-populated power and thermal data, fully integrated with HPE Insight Control, to
automate many manual processes all from a central console.
The HPE BladeSystem c-Class Platinum enclosure supports all of the current BladeSystem products
across servers including Gen10, storage, networking, and management.

The ProLiant BL server portfolio

Figure 7-6 ProLiant blades deliver the best value across workloads with Intel® Scalable Family
processors and Intel® Xeon® processors

ProLiant blades deliver the best value across workloads, and your customers can support all of their
applications—from business infrastructure to mission-critical—on a single platform, with the broadest
portfolio, as shown in Figure 7-6.
Only HPE ProLiant Gen9/Gen10 builds intelligence and automation in every server and across the data
center with innovation that redefines the expectations and economics of IT. ProLiant Gen9/Gen10 servers
continuously analyze thousands of system parameters to optimize application performance, proactively
improve uptime, and give insight into every aspect of the IT infrastructure.
Server virtualization continues to provide a significant return for businesses, and as virtual machine (VM)
workloads increase, it is critical that the infrastructure can scale to meet these demands. HPE BladeSystem
and HPE ProLiant as the world leader for server virtualization provide the ideal platform for virtualization.
HPE server blades are designed for virtualization from the ground up, delivering more memory and
superior networking capability for virtualized environments and compute-intensive application
workloads.
IDC research shows that organizations migrating to BladeSystem from traditional rack servers or
upgrading their BladeSystem servers make substantial user productivity gains and reduce the cost of
delivering computer services by an average of 56%1.

Note
1. IDC white paper sponsored by HPE, “Business Value of Blade Infrastructures,” #227508R2.

Other key benefits of HPE BladeSystems that IDC identified include:


•BladeSystems enhance user productivity and support the business—HPE customers told IDC that
users are more productive with BladeSystem thanks to improved performance and availability of
important business applications. IDC projects that employee productivity gains are worth an
average of $469 per year per user over three years.
•BladeSystems deliver IT infrastructure cost savings—HPE customers reported that they have
consolidated their server footprints and deployed more VMs, which has helped them reduce related
costs, including server hardware, network infrastructure, power, and facilities-related costs. Over
three years, IDC calculates that these cost savings have an average value of $424 per user.
•BladeSystems enable IT staff efficiencies—HPE customers explained that their IT staffs have
become more efficient by saving time and making productivity gains thanks to the integrated nature
of the blade platform. IT staff spends less time monitoring and managing server environments and
needs substantially less time to deploy a server blade. IDC puts the value of these efficiencies and
time savings at an average of $307 per user per year over three years.
The cumulative result of these efficiencies is that these organizations are able to provide improved IT
services at a substantially lower cost to their users with BladeSystems.

BladeSystem converged architecture


The converged architecture in BladeSystem provides several key advantages, including simplified IT
operations, workload optimization, and an optimized infrastructure.
•Simplified IT operations
–Unified management—One console manages compute, networking, and storage.
–Seamless server configuration—Readily provisioned templates enable mobility for rapid
scalability and failover operations.
–Change-ready networking—Virtual Connect and FlexFabric connections can be provisioned
in HPE OneView.
–Managed data services—Shared experience for device and data service management with HPE
3PAR and StoreVirtual VSA storage systems.
•Workload-optimized
–Seamlessly virtualized—VMware vMotion with a VDI and virtual volumes (VVols) provides
the entire infrastructure to transform business operations and productivity.
–Data-driven-optimized—Better-together innovation reduces costs and consolidates
operational and application silos.
•Optimized infrastructure
–Wire-once, simplified connectivity—Converge I/O fabrics to reduce sprawl while virtualizing
the edge including Flat SAN connectivity to HPE 3PAR StoreServ storage systems.
–Flash-optimized storage—Tier-1 HPE 3PAR delivers quality of service (QoS), extreme
performance, and built-in protection.

Learning check
2.Name at least three different c-class server blades.
Building a BladeSystem solution
The HPE global community of business technology experts and partners is committed to helping build
solutions and support plans that are right for a customer’s business needs. HPE integrates the infrastructure
essentials inside the BladeSystem so that it arrives at the customer site ready to deliver the best business
results.

Steps to building a BladeSystem


Building a BladeSystem infrastructure solution begins with seven steps:
1.Select the operating environment.
2.Select the BladeSystem enclosure and power infrastructure.
3.Select the interconnects and adapters.
4.Select the server blades.
5.Select the storage infrastructure.
6.Select the infrastructure management.
7.Select the services.

Note
These seven steps are a connected sequence, rather than a linear, one-time progression. It might
be necessary to repeat the process to arrive at the most appropriate solution to meet the
customer’s business needs. For example, if the BladeSystem c3000 enclosure is selected during
the first iteration and it later becomes evident that more than eight server blades are required,
it will be necessary to review the enclosure selection and either add another c3000 enclosure
or select the larger c7000 enclosure.

Step 1: Select the operating environment


Supported operating system and virtualization software:
•Canonical Ubuntu
•CentOS
•ClearOS
•Citrix
•Microsoft Windows
•Oracle Linux and Oracle VM
•Oracle Solaris
•Red Hat Enterprise Linux (RHEL)
•SAP Linux
•SUSE Linux Enterprise Server (SLES)
•Wind River Linux
•VMware

Activity: Verify operating system support


Verify operating system support for server blades by navigating to: http://www.hpe.com/info/ossupport.
Answer the following questions:
1.Which flavors of Linux does BL460c Gen10 support?

2.Is Windows Server 2016 certified for BL660c Gen10 or only verified?

3.Is WS460c Gen9 certified to run Windows 7?

Note
Support of each ProLiant server and operating system needs to be verified, go to support and
certification matrices.
http://www.hpe.com/info/ossupport
Step 2: Select the BladeSystem enclosure and power
infrastructure

Figure 7-7 BladeSystem c7000 enclosure

Both the BladeSystem c3000 and the c7000 enclosures provide all the power, cooling, and IO
infrastructure needed to support modular server, storage, interconnect, and power management
components. It consolidates the components into a single solution that can be managed as a unified
environment.
The BladeSystem c7000 enclosure, shown in Figure 7-7, includes a shared multi-terabit high-speed
midplane for wire-once connectivity of server blades to network and shared storage. Power is delivered
through a pooled-power backplane that ensures the full capacity of the power supplies is available to all
blades.
With demanding workloads, the increased power supply wattage and midplane bandwidth aligned with
intelligent infrastructure technologies such as Platinum Power Supplies, Intelligent Power Module, and
Location Discovery Services enhanced the foundation for a converged infrastructure. HPE Thermal Logic
technology helps to minimize power consumption and reduce cooling.
The Onboard Administrator module provides a single point of control for intelligent management of the
entire enclosure. An optional Onboard Administrator system management module provides redundancy.
Insight Display, which is powered by the Onboard Administrator, provides local management through an
LCD display conveniently sited on the front of the system.
The BladeSystem c7000 enclosure is 10U high and supports the following components:
•Up to 16 half-height server blades, eight full-height server blades, and eight expansion blades per
enclosure (not to exceed 16 total blades)
•Up to four redundant interconnect I/O fabrics (Ethernet, Fibre Channel, InfiniBand, iSCSI, and
serial attached SCSI [SAS]) supported simultaneously within the enclosure
•Choice of single-phase AC input, three-phase AC input, –48V DC input, or high-voltage DC input
for power input flexibility
•Up to six hot-plug, high-efficiency power supplies per enclosure
•A minimum of four hot-plug HPE Active Cool 200 Fans. For redundancy, additional capacity, and
improved power consumption and acoustics, Active Cool 200 Fan kits can be added for a maximum
of 10 fans

Caution
When connecting directly to wall outlets, determine the maximum amperage of the wall outlet
circuit to prevent a power overload.

•Redundant hot-plug cooling, redundant hot-plug power supplies, redundant connections,


redundant interconnect modules, and optional redundant BladeSystem Onboard Administrator
management module

Note
Enter the following URL into your browser for more information on BladeSystem and its
components:
https://www.hpe.com/us/en/integrated-systems/bladesystem.html

Select the power and cooling options

Figure 7-8 Active Cool 200 Fan and BladeSystem c7000 enclosure

Power is delivered through a pooled-power backplane, and power input flexibility is provided with a
choice of single-phase high-line AC, three-phase high-line AC, single-phase high-voltage AC, –48V DC,
or high-voltage DC. The power supplies are designed to be highly efficient and self-cooling. Single- or
three-phase enclosures and N + N or N + 1 redundancy yield the best performance per watt.
HPE Power Regulator gives you a tool to increase server efficiency and free up cooling and power
resources. This lets you use power/cooling resources where you need them the most. It lets you manage
processor power consumption and system performance to meet business needs. Power-state decisions
made in Dynamic Power Savings mode take into account all processor activity. Power Regulator
determines CPU utilization by reading a performance event counter residing within the processor.
HPE Thermal Logic technology minimizes power consumption and reduces cooling. HPE Intelligent
Infrastructure technology combines energy-efficient design with accurate measurement and control—all
without sacrificing performance.
The capacity of the server blades in the data center can be doubled with Dynamic Power Capping delivered
through HPE OneView. HPE ProLiant servers enable Dynamic Power Savings mode by default to provide
significant, out-of-the-box power savings.
Cooling is provided by a minimum of four Active Cool 200 Fans. For additional capacity, up to six more
fans can be added, as shown in Figure 7-8. These fans provide adaptive flow for maximum power
efficiency, air movement, and acoustics. The enclosure architecture is designed to draw air through the
interconnect bays. This allows the interconnect modules to be smaller and less complex.
HPE Intelligent Series Racks with the Location Discovery option installed provide detailed location
information to supported ProLiant servers and the BladeSystem c7000 Platinum enclosure to track new
installations and equipment moves. Upon installation, the server’s iLO queries and records the rack
identifier as well as the exact location of the server in the rack.

Step 3: Select the interconnects and adapters

Figure 7-9 Industry-leading flexibility and performance

HPE has a broad networking portfolio for BladeSystem servers that provide industry-leading flexibility
and performance.
Virtual Connect is an essential building block for any virtualized or cloud-ready environment. This
innovative, wire-once connection management technology simplifies server connectivity, making it
possible to add, move, and change servers in minutes instead of hours or days. Virtual Connect is the
simplest way to connect servers to any network and reduces network sprawl at the edge of the network.
As shown in Figure 7-9, HPE delivers end-to-end products for both wired and wireless networks that
include enterprise-class network blade switches that can be easily managed by one management tool,
Intelligent Management Center (IMC), compared to legacy network vendors who require up to 30+ tools.
HPE helps customers to future-proof their business by integrating the latest technologies such as the low-
latency Mellanox SX1018HP Ethernet Switch, an industry first, delivering 40 Gb downlinks to each blade
server enabling InfiniBand-like performance in an Ethernet blade switch. BladeSystem, with its open
architecture, eliminates vendor lock-in by providing the industry’s most flexible, multi-vendor framework
for investment protection. HPE provides superior choice and flexibility based on industry standards,
ensuring interoperability.
Virtual Connect

Figure 7-10 Virtual Connect is the simplest way to connect servers to networks and storage

As shown in Figure 7-10, HPE Virtual Connect converges server edge connections, making server
changes transparent to storage and networks, and delivering four times the number of connections per
physical network link than possible with traditional networking technology. Virtual Connect enables
server administrators to dynamically optimize and control bandwidth using fewer physical ports for the
same performance and reduces server edge infrastructure (switches, host bus adapters [HBAs], network
interface cards [NICs], and cables) and costs.
Virtual Connect enables routine infrastructure changes in less time with wire-once connectivity so server
administrators can add, replace, and recover server resources from a centralized console and without
involving storage and networking administrators.
Additional cost savings are achieved by consolidating switch connectivity with dual-hop FCoE.
Virtualization network traffic demands low-latency server-to-server and server-to-storage connectivity.
Together with the HPE Intelligent Resilient Framework (IRF), Virtual Connect enables flatter low-latency
networks. With more than 10 million ports shipped, Virtual Connect continues to deliver proven
simplification of operations.

Note
Enter the following URL into your browser for more information on the Virtual Connect
portfolio:
https://www.hpe.com/info/virtualconnect

Switch and Virtual Connect interconnect solutions comparison


Figure 7-11 Switch and Virtual Connect interconnect solutions compared

Figure 7-11 compares Switch and Virtual Connect interconnect solutions. In a BladeSystem solution, a
Virtual Connect interconnect module forms a Layer 2 bridge between the server blades and the Ethernet
and storage networks.
Typically, the Virtual Connect module is managed as part of the overall server system by the server
administrator, who makes use of storage and networking resources that have been provided by the storage
and networking administrators. Managing a Virtual Connect module is relatively simple because it is not
as complicated as a switch. Therefore, the server administrator can easily handle the configuration tasks
without detailed networking knowledge.
The Virtual Connect module pools and shares network connections for the servers within the BladeSystem
so that server administrators can upgrade, replace, or move server blades without changes being visible to
the external LAN and SAN environments and, therefore, without requiring intervention by LAN and SAN
administrators.
Essentially, Virtual Connect is an edge port aggregator that provides Layer 2 networking capabilities. It
is not configured, deployed, or managed like a traditional switch, and its uplink ports are termination
ports, not transit ports. In other words, Virtual Connect presents itself to the network as an endpoint—like
a server instead of a switch—which means it is managed as part of the server system rather than as part
of the network.
One of the major technical benefits of using the Virtual Connect modules is that they enable any server
NIC to be connected to any data center switch.

Virtual Connect—Performance for virtualized, cloud-ready data centers


Analysts predict that soon more than 80% of data center traffic will flow between servers. A significant
amount already occurs today among virtualized servers. VMware vMotion is a key driver of this trend. In
these situations, it is not necessary—or ideal in most cases—to push all traffic to network core switches
as typically practiced in traditional switched networks.
Virtual Connect is optimized for east–west (server-to-server) traffic within a Virtual Connect domain.
Workloads on up to 64 servers within a four-enclosure domain can communicate with each other without
leaving the domain, thereby minimizing network latency. This unique east–west traffic-flow capability
extends to allow traffic between any servers connected to the same Virtual Connect module to
communicate over an internal link without oversubscription. By planning server deployment within
BladeSystem enclosures, networking can be simplified, and performance can be improved.

Validated vMotion acceleration


Support for Virtual Connect east–west traffic can be combined with IRF to improve server-to-server
performance significantly. IRF is an innovative switch platform virtualization technology that allows
customers to simplify the design and operations of their data center and campus Ethernet networks. With
IRF, multiple physical switches are combined into one virtualized switch known as an IRF domain, which
is managed and maintained as a single entity. The resulting IRF domain virtualizes switching platforms
to dramatically simplify the design and operations of the network fabric. It also enables networks to be
flattened by eliminating the need for a dedicated aggregation layer. IRF provides more direct, larger
capacity connections between users and network resources.
For virtualized environments, having flat network infrastructure enabled by IRF in core switches and
Virtual Connect at the access layer provides a converged data center architecture, which is a key benefit
of the Virtual Connect FlexFabric architecture. FlexFabric connects servers and VMs to data and storage
networks over Ethernet, Fibre Channel, and iSCSI protocols.
The preceding graphic illustrates this concept. On the left is a legacy architecture. Traffic travels in a
north–south direction traversing multiple layers, each introducing latency. With FlexFabric, traffic travels
in an east–west direction (server-to-server) and does not need to pass through the core switches.

Key components of Virtual Connect solutions

Figure 7-12 Virtual Connect key components

As shown in Figure 7-12, the key components of Virtual Connect solutions are:
•BladeSystem servers with FlexFabric LAN-on-motherboard (LOM) or FlexibleLOM Blade (FLB)
adapters
Note
LOM architecture refers to servers with a NIC embedded on the system board. FlexibleLOM
technology is a variation of LOM architecture that allows you to select ProLiant
Gen8/Gen9/Gen10 servers with the NIC that best meets your needs without having to embed
the NIC on the system board. FlexFabric provides seamless interoperability with existing data
center networks and enables HPE networking and security devices to be managed within a
single framework.
•Virtual Connect FlexFabric, Ethernet, and Fibre Channel modules
•FlexFabric mezzanine cards
Converged network adapters (CNAs):
•Consolidate networking capabilities of a 10/20 Gb NIC with storage capabilities of a Fibre Channel
HBA into a single adapter
•Present dual-purpose communication interfaces to the server—an Ethernet LAN function or Fibre
Channel SAN function
A FlexFabric adapter is more than just a CNA. It also enables support of interface virtualization (multiple
FlexNICs, FlexHBA-FCoE, and FlexHBA-iSCSI). FlexFabric adapters optionally present physical
function (PF) 2 as an FCoE or iSCSI HBA. Bandwidth for each FlexNIC is configurable from 100 MB to
10/20 Gb such that the sum is a total of 10/20 Gb, or 10/20 Gb—PF2 requirements.
Each PF is recognized as an individual NIC or HBA with its own driver by the server operating system.

Virtual Connect FlexFabric 20/40 F8 module


The HPE Virtual Connect FlexFabric 20/40 F8 module provides 20 Gb server downlinks, 40/10 Gb
uplinks to the data center network, and eight Flex ports.
The Virtual Connect FlexFabric 20/40 F8 Module works with HPE FlexFabric Flex-20 adapters to
eliminate network sprawl at the server edge. This device converges traffic inside enclosures and directly
connects to external LANs and SANs. Flex-20 technology provides high-speed 20 Gb connections to
servers and can achieve a total bandwidth of up to 240 Gb/s to a LAN and SAN—a 3× improvement over
legacy 10 Gb Virtual Connect modules.
The Virtual Connect FlexFabric 20/40 F8 module reduces the amount of hardware needed to connect
servers to networks. Using only two of these modules to connect an enclosure of server blades to both
data and storage networks can reduce multiple switches, cards, and cables and provide a 4:1 consolidation
of interconnect equipment.
Each Virtual Connect FlexFabric 20/40 module can replace up to three 10 GbE based switches and one 8
Gb Fibre Channel switch in a BladeSystem enclosure. It reduces networking TCO at the server edge by
saving on equipment.
Flex-20 technology enables HPE 20 Gb adapters to stream converged 10 Gb Ethernet and 8 Gb storage
simultaneously over a 20 Gb port. Earlier 10 Gb FlexNIC (CNA) implementations were limited to
partitioning 10 Gb into one 8/4 Gb Fibre Channel and multiple GbE PFs or as a single 10 GbE (no Fibre
Channel or bandwidth for other PFs). Twenty gigabit ports can be partitioned into a full-rate 10 Gb
Ethernet and a full-rate 8 Gb FCoE, with increased additional bandwidth remaining for other functions,
provisioned in 100 Mbps increments.
Virtual Connect FlexFabric 10 Gb/24-port module
HPE Virtual Connect FlexFabric 10 Gb/24-port modules provide a simple, flexible way to connect server
blades to data or storage networks. Virtual Connect FlexFabric modules eliminate network sprawl at the
server edge with one device that converges traffic inside enclosures and directly connects to external
LANs and SANs.
A FlexFabric adapter encapsulates Fibre Channel packets as FCoE and consolidates the Fibre Channel
and IP traffic into one 10 Gb data stream. The FlexFabric interconnect module separates the converged
traffic. Fibre Channel and IP traffic continue beyond the server-network edge using the existing native
Ethernet and Fibre Channel infrastructure. Using Flex-10 technology with FCoE and accelerated iSCSI,
these modules converge traffic over 10 Gb connections to servers with FlexFabric adapters.
Each redundant pair of Virtual Connect FlexFabric modules provides eight adjustable downlink
connections (six Ethernet and two Fibre Channel, or six Ethernet and two iSCSI, or eight Ethernet) to
dual-port 10 Gb FlexFabric adapters on servers. Up to eight uplinks are available for connection to
upstream Ethernet and Fibre Channel switches. Virtual Connect FlexFabric modules avoid the confusion
of traditional and other converged network solutions by eliminating the need for multiple Ethernet and
Fibre Channel switches, extension modules, cables, and software licenses.
Uplinks support Ethernet, iSCSI, and Fibre Channel (native and FCoE on ports X1 through X4 only).

Virtual Connect Flex-10/10D module


HPE Virtual Connect Flex-10 technology is a hardware-based solution that lets you split a 10 Gb/s server-
network connection into four variable partitions. It lets you replace multiple lower bandwidth physical
NIC ports with a single Flex-10 port. This reduces management requirements, the number of NICs and
interconnect modules needed, and power and operational costs.
Flex-10/10D and FlexFabric server ports are subdivided into multiple PCI Express (PCIe) PFs called
FlexNICs. A FlexNIC is a PCIe function that appears to the system ROM, operating system, or hypervisor
as a discrete physical NIC with its own driver instance. It is not a virtual NIC contained in a software
layer.
Flex-10/10D supports four PFs per adapter port. This provides operating system transparency because
each PF is recognized as an individual NIC or HBA with its own driver by the server operating system.
PF2 can be configured as Ethernet, iSCSI, or FCoE. When configured with an iSCSI or FCoE personality
it is referred to as a FlexHBA.
Virtual Connect supports dynamic bandwidth reallocation among the FlexNICs and FlexHBAs of each
FlexFabric adapter port of a server blade. The key benefit of this feature is that it can improve bandwidth
utilization and throughput performance of a given server blade’s physical adapter port. This feature affects
the transmission rates of the egress server port (from the server to the Virtual Connect module). The
administrator can control bandwidth utilization and traffic performance from the server blades to the Flex-
10/10D or FlexFabric modules.
The Virtual Connect Flex-10/10D module uplinks support Ethernet, iSCSI, and FCoE. The Flex-10/10D
module does not support native Fibre Channel. The Flex-10/10D module supports direct-attach copper
(DAC) cables and short reach (SR), long reach (LR), and LR multi-mode (LRM) optical fibre transceiver
modules.

Virtual Connect Fibre Channel modules


The HPE Virtual Connect Fibre Channel modules for c-Class BladeSystem is a new class of blade
interconnect that simplifies server connections by cleanly separating the server enclosure from the SAN.
It simplifies the process of connecting servers to Fibre Channel networks by reducing cables and the SAN
switch management domain.
The Virtual Connect Fibre Channel modules offer enhanced Virtual Connect capabilities, allowing a large
number of VMs running on the same physical server to access separate storage resources. Provisioned
storage resource is associated directly to a specific VM, even if the virtual server is relocated within the
BladeSystem. Storage management of VMs is no longer limited by the single physical HBA on a server
blade. SAN administrators can manage virtual HBAs with the same methods and viewpoint of physical
HBAs.
You can reduce costs and simplify connections to SANs, consolidate your network connections, and
enable administrators to add, replace, and recover server resources on-the-fly. Being standards-based, it
looks like a pass-thru device to the Fibre Channel network, yet provides all the key benefits of integrated
switching including high-performance 8 or 16 Gb uplinks to the SAN. Versions of the module provide 10
or 16 Gb server downlinks and either 20 or 24 ports.
The integrated design frees up rack space and reduces power and cooling requirements, while reducing
cables and using small form factor (SFF) pluggable transmitters.

Active/standby and active/active configurations

Figure 7-13 Comparing active/standby and active/active configurations

In an active/standby configuration, as shown on the left side of Figure 7-13, a single Virtual Connect
network is created using ports from two different Virtual Connect FlexFabric modules. Virtual Connect
uses the ports from one module or the other but not both simultaneously. If the active Virtual Connect
module fails, the standby module takes over.
In an active/active configuration, as shown on the right side, two different Virtual Connect networks are
created, with each network using uplink ports from a single FlexFabric module. Both of these networks
can be used simultaneously, but if NIC teaming is set to active/passive or failover, only one NIC receives
and transmits, so traffic is limited to the uplinks from the IO slot for that NIC. If one of the active Virtual
Connect modules fails, the remaining module continues to operate.
In an active/active configuration, failure of an upstream switch or uplink is communicated all the way to
the server operating system or hypervisor, and the traffic would be sent through the other NIC in the team
instead. In active/standby, Virtual Connect would route the traffic through the other module using
stacking links and would use the uplinks from the other module. The operating system/hypervisor would
not need to know about the upstream switch failure; the failover is handled at the Virtual Connect level.
High levels of north–south traffic are well served by an active/active design because all uplinks are active.
High levels of east–west (server-to-server) traffic, like traffic in multi-tier applications, are well served
by an active/standby design because this minimizes the amount of server-to-server traffic leaving the
enclosure.

Dual-hop FCoE support in Virtual Connect

Figure 7-14 BladeSystem c7000 enclosure with FlexFabric or Flex-10/10D

Virtual Connect supports dual-hop FCoE configurations when Virtual Connect FlexFabric or Virtual
Connect Flex-10/10D modules are installed in a BladeSystem c7000 enclosure, as shown in Figure 7-14.
The “D” in “10D” in the Virtual Connect Flex-10/10D module product name stands for “data center
bridging,” which enables dual-hop FCoE. There are two FCoE hops between the server and the storage.
One goes from the server blade HBA to the Flex-10/10D module. The other goes from the Flex-10/10D
module to the external upstream switch that converts the FCoE traffic to Fibre Channel traffic.
The dual-hop FCoE feature in Virtual Connect employs a technology known as FCoE Initialization
Protocol (FIP) snooping. Virtual Connect uses this protocol on the external uplinks connected to
upstream FCoE switches. FIP snooping enables a device that might not have a native Fibre Channel
interface (for example, Flex-10/10D modules) to transfer FCoE traffic to the FCoE upstream switch and
thereby provide an FCoE path to storage devices.

HPE 6125/7 Switch Series

Figure 7-15 Providing an end-to-end solution for SMB to large enterprise customers

Additional interconnect options for BladeSystem include the HPE 6125 Switch Series, shown in Figure
7-15.
•HPE 6127XLG
The HPE 6127XLG Ethernet Blade Switch is designed to support virtualized server environments
with an exceptional bandwidth of 20 GbE to each server and provides a mix of 40 GbE and 10 GbE
links to the core network. It can provide an aggregate 240 Gb uplink bandwidth and 320 Gb
available server-side bandwidth. It supports 16 × 1/10/20 Gb downlink ports, 8 × 1/10 Gb uplink
ports, and 4 × 40 Gb uplink ports. The 6127XLG uses Comware OS and supports Layer 2/3 features
such as TRILL, VEPA, and FCoE. Combined with hardware support for native virtual extensible
LAN (VXLAN) encapsulation, the HPE 6127XLG is an ideal switch for data center and cloud
applications.
The HPE 6127XLG provides a converged fabric solution that supports Ethernet, iSCSI, FCoE, and
Fibre Channel Forwarder (FCF) protocols that enables connectivity for multiple storage topologies.
The 6127XLG supports the HPE software-defined network (SDN) ecosystem that delivers simple,
open, and enterprise-ready benefits to automate the data center network. Using HPE IRF, multiple
switches can be virtualized and managed as a single entity with the HPE IMC.
Features include:
–Enhanced bandwidth and VXLAN virtualization capabilities
–High performance 20/40 G with advanced support for VXLAN/NGVRE and integrated
management
–HPE 6125XLG delivers high bandwidth uplinks to the network
–High performance L2/L3
–Dual hop networking
–Advanced networking with simple management
–Full Layer 2/3 features with edge to core management
–Investment protection
–Future-proof with advanced networking upgrades including OpenFlow
•HPE 6125XLG Ethernet Blade Switch—Designed for the enterprise data center, this switch is built
to deliver 880 Gb of switching performance for the most demanding applications. The HPE
6125XLG provides flexibility, versatility, and resiliency, making it the optimal choice for any blade
switching environment.
•HPE 6125G/XG—With sixteen 1 Gb downlink (server) ports, a combination of 1 Gb and 10 Gb
uplink ports, and a 10 Gb cross-link port, the HPE 6125G/XG reduces cost and increases data center
efficiency and capability. Switches can be combined at the enclosure, rack, or data center level into
a single virtual switch and managed through a single IP address. It delivers excellent investment
protection, flexibility, and scalability for mixed bandwidth applications.
•HPE 6125G Ethernet Blade Switch—This switch is ideal for remote office applications or
wherever IPv6, full Layer 3 routing, and distributed trunking are required for 1 Gb applications. It
appeals to budget-conscious data centers that need 1 Gb switching and routing with the resiliency
of IRF, stacking, and the stability of the HPE Comware v7 network operating system.

Capabilities and compatibilities


Table 7-1 Comparison of c-class modules and switches

Table 7-1 presents the features of the Virtual Connect FlexFabric 20/40 F8 module, the Virtual Connect
Flex-10/10D module, and the 6125XLG/6127XLG Ethernet Blade Switches.
The Virtual Connect FlexFabric 20/40 F8 module has three licensing options:
•BladeSystem c-Class
•BladeSystem c-Class for Trade Agreements Act (TAA)

Note
TAA compliance is a US federal government requirement for North American partners.

•Enterprise Edition for BLc7000

Note
The FlexFabric 20/40 F8 module must have Virtual Connect firmware 4.20 or later to support
the features in the table.

The Virtual Connect Flex 10/10D module has two licensing options:
•BladeSystem c-Class
•Enterprise Edition for BLc7000

Other interconnect options


There are several additional interconnect options for ProLiant server blades.
•Ethernet blade switches
–Mellanox SX1018HP Ethernet Switch—The highest-performing Ethernet fabric solution in a
blade switch form factor, it delivers up to 1.36 Tb/s of non-blocking throughput perfect for
High-Performance Computing (HPC), storage/Hadoop, telecommunications/carrier, oil/gas,
service provider, financial services, and cloud/hyperscale environments. The SX1018HP is an
ultra-low latency switch that is ideally suited as an access switch providing InfiniBand-like
performance, making this switch the perfect solution for any high-performance Ethernet
network.
–Cisco Catalyst Blade Switch 3120 Series Switch—Specifically designed for a server blade
based application infrastructure, this switch enables customers to stack up to nine switches into
a single virtual switch. Emulating a redundant top-of-rack (TOR) switch provides an integrated
switching solution that optimizes uplinks per rack, reduces the number of switches managed,
and decreases network complexity.
–Cisco Fabric Extender for HPE BladeSystem—Logically, this switch behaves like a remote
line card to a parent Cisco switch, forming a distributed modular system. It forwards traffic to
the parent switch over eight 10 Gigabit Ethernet uplinks. Downlinks to each server are auto-
negotiating and work with all HPE Ethernet and CNA modules, allowing a choice of Ethernet,
FCoE, or iSCSI connections.
•SAS switches
–HPE 6 Gb SAS BL Switch for HPE BladeSystem c-Class enclosures—An integral part of HPE
Direct Connect SAS Storage, is enabling a shared SAS storage solution. The SAS architecture
combines an HPE Smart Array Controller in each server and the 6 Gb SAS BL switches
connected to supported HPE storage enclosures for SAS storage. It features an embedded
Virtual SAS Manager GUI and command line interface (CLI) used to zone, monitor, and update
SAS fabric devices.
•Fibre Channel switches
–Brocade 16 Gb SAN Switch for HPE BladeSystem c-Class—An easy-to-manage embedded
Fibre Channel switch with 16 Gb/s Fibre Channel performance, it hot plugs into the back of the
BladeSystem enclosure. Its integrated design frees up rack space, enables shared power and
cooling, and reduces cabling. Enhanced trunking support with external switches enhances
bandwidth. The switch significantly simplifies the SAN environment, enables easier
deployment and management, and delivers the performance required for greater-throughput
applications.
–Brocade 8 Gb SAN Switch for HPE BladeSystem c-Class—Similar to the Brocade 16 Gb SAN
Switch for HPE BladeSystem c-Class, this switch delivers 8 Gb/s performance.
•InfiniBand switches
–HPE BLc 4X QDR InfiniBand Switch—This Quad Data Rate (QDR) switch has 16 downlink
ports to connect up to 16 server blades in a c7000 enclosure, and 16 QSFP uplink ports for inter-
switch links or to connect to external servers. All ports are capable of supporting 40 Gb/s
bandwidth; a subnet manager is required.
–HPE BLc 4X FDR InfiniBand G2 Switch—This FDR switch provides up to 56 Gb/s full
bidirectional bandwidth per port in a blade switch. It doubles server throughput, providing 4
Tb/s of non-blocking bandwidth with 165 ns port-to-port latency. Available as an unmanaged
or managed switch, it is backward-compatible with QDR InfiniBand and reduces power
consumption over previous generations.
•Pass-thru modules
–HPE 10 GbE Pass-Thru Module—This module is designed for BladeSystem customers who
require a non-blocking, one-to-one connection between each server and the network. The pass-
thru module provides 16 uplink ports that accept both SFP and SFP+ connectors. It can support
1 Gb and 10 Gb connections on a port-by-port basis. Optical as well as DAC cables are
supported. Standard Ethernet and Converged Enhanced Ethernet (CCE) traffic to an FCoE
capable switch is possible when using the appropriate NIC or adapter. This solution tends to be
the most expensive and cumbersome method of connection, so it is not recommended for
common usage.
•HCA mezzanine cards
–HPE 4X QDR InfiniBand Dual-Port Mezzanine HCA—This mezzanine card delivers low-
latency and up to 40 Gb/s bandwidth for performance-driven server and storage clustering
applications in HPC and enterprise data centers. It is designed for PCIe 2.0 ×8 connectors on
BladeSystem server blades.
–HPE 4X DDR InfiniBand Dual-Port Mezzanine HCA—This mezzanine card delivers low-
latency and up to 20 Gb/s bandwidth. Like the QDR HCA, it is based on the Mellanox ConnectX
InfiniBand technology. Parallel or distributed applications running on multi-processor multi-
core servers benefit from the reliable transport connections and advanced multicast support
offered by ConnectX InfiniBand. End-to-end QoS enables partitioning and guaranteed service
levels. Hardware-based congestion control prevents hot spots from degrading the effective
throughput.

Active optical cables

Figure 7-16 Active optical cables have many benefits

With the need for ever-increasing data throughput and increased cable lengths coupled with cost
sensitivity, traditional copper cables become less suitable. Active optical cables (AOCs), as shown in
Figure 7-16, supported with the FlexFabric-20/40 F8 module, provide the solution by supporting increased
cable lengths, greater bandwidths, more immunity to electromagnetic interference (EMI), and lower cost.
Another advantage is that AOCs are physically smaller than traditional copper cables and are therefore
less likely to disrupt airflow in densely packed IT environments. AOCs are a fraction of the cost of buying
transceivers and optical cables separately.
The AOCs available from HPE include:
•HPE BladeSystem c-Class 40G QSFP+ to QSFP+ 7m AOC
•HPE BladeSystem c-Class 40G QSFP+ to QSFP+ 10m AOC
•HPE BladeSystem c-Class 40G QSFP+ to QSFP+ 15m AOC

Step 4: Select the blades

Figure 7-17 BladeSystem ProLiant server blades are mapped to customer segments, applications, and
workloads

Compared with the previous generation, ProLiant Gen9 and Gen10 server blades present these key
features:
•Intel® Xeon® E5 and E7 processors (Gen9), Intel® Xeon® Scalable Family processors
•HPE Smart Storage—workload-optimized, flexible, embedded storage with 12 Gb SAS controllers
–Intel® Serial Advanced Technology Attachment (SATA) B140i (Gen9) or S100i (Gen10)
–Alternatively, HPE Smart HBAs SATA/SAS
–Optional HPE Smart Array P244br and Smart Array H244br controllers (Gen9)
–Optional Smart Array P204i-b 12G with 1 G Flash-Backed Write Cache (FBWC) on Gen10

Note
On the ProLiant BL460c Gen9 server, support for the array controller moved from an
embedded RAID controller to the optional Smart Array daughter card.

•Boot devices
–Slot for two M.2 storage devices
–Optional redundant microSD card
•Support for NVMe and uFF drives (Gen10)
•HPE SmartMemory DDR4 and support for non-volatile dual in-line memory module (DIMM), or
NVDIMM
•Improved storage options with support for USB 3.0
•Smart Storage Battery with 12W shared backup power
•System management—HPE OneView
BladeSystem ProLiant server blades mapping to customer segments, applications, and workloads can be
seen in Figure 7-17.
ProLiant server blade family—BL400 series

Figure 7-18 HPE ProLiant BL460c is the standard for dense data center computing

As shown in Figure 7-18, the ProLiant BL400 Series server blade family includes HPE ProLiant 460c
Gen9 and HPE ProLiant 460c Gen10. HPE ProLiant BL460c delivers the ideal balance of performance,
scalability, and expandability, making it the standard for dense data center computing.

Note
The number of applications, VMs, and users determines the number of server blades needed.
Together with HPE channel partners, HPE can help with the choice of the right number of
blades with solution-sizing tools and expertise.

Note
Enter the following URL into your browser for more information on the HPE ProLiant BL400
series servers:
https://www.hpe.com/us/en/integrated-systems/bladesystem.html
HPE ProLiant BL460c Gen9 Server Blade

Figure 7-19 Ideal balance of performance, scalability, and expandability

The HPE ProLiant BL460c Gen9 server, powered by Intel® Xeon® E5-2600 v3 series processors,
delivers performance, scalability, and economics for the converged data center. Figure 7-19 shows some
of the benefits of the ProLiant BL460c Gen9. The Xeon® E5-2600 v3 processors provide:
•Up to 70% better performance over previous generations
•Up to 18 cores
Flexible internal storage controller options help customers strike the right balance between performance
and price, helping to reduce overall TCO. Customers can choose among the following controllers:
•Standard HPE Dynamic Smart Array B140i, which provides low-cost chipset SATA
•Performance-optimized HPE Smart HBA H244br
•HPE Smart Array P244br for additional performance features including a 1 GB FBWC
Additional features of the H244br and P244br controllers include:
•Improved ease of use with HPE Smart Storage Administrator (SSA), which provides a simple
comprehensive utility to manage, configure, and diagnose the attached storage.
•Increased IO speeds with 12 Gb/s SAS allowing internal storage scalability while protecting data.
•Maximum reliability with controller-based encryption through HPE Secure Encryption. Data at
rest is protected on any bulk storage attached to a Smart Array controller.
•HPE OneView provides a single comprehensive view of the data center, managing hardware,
software, firmware, and drivers. HPE iLO software features server lifecycle management
advancements including iLO Federation, which remotely manages groups of servers at scale with
built-in rapid discovery of all iLOs, group configurations, group health status, and ability to
determine iLO licenses.
Designed for a wide range of configuration and deployment options, the ProLiant BL460c Gen9 Server
Blade provides customers with the flexibility to enhance core IT applications with right-sized storage for
the right workload, which results in lower TCO. The BL460c Gen9 adapts too many demanding blade
environments, including virtualization, IT and web infrastructure, collaborative systems, cloud, and HPC.

HPE ProLiant BL460c Gen10 Server


Figure 7-20 The standard to securely accelerate services delivery for converged workloads

Deliver increased agility and performance to your customer’s business with the HPE ProLiant BL460c
Gen10 Blade Server, which streamlines converged operations, boosts business performance, and increases
ROI through centralized deployment and management. Figure 7-20 shows some of the benefits of the
ProLiant BL460c Gen10. From virtualization through unified communications & collaboration (UC&C)
and cloud environments, boost workload performance and resource utilization for optimal services
delivery service-level agreements (SLAs), with the standard for converged data center architectures.
HPE ProLiant BL460c Gen10 Server, compared to Gen9, supports:
•Up to Two Intel® SkyLake Bronze, Silver, Gold, and Platinum (150W and below)
•HPE Smart Memory (16) DDR4, up to 2666 MT/s (1 TB max)
•Support for two 16 GB NVDIMMs (Type 1)
•Standard HPE Dynamic Smart Array S100i
•Optional HPE Smart Array P204i-b or NVMe pass through
•uFF HPE SmartDrives
•Two NVMe PCIe Solid State Drive (SSD) option
•Optional M.2 Support (80 mm/110 mm)
•HPE iLO 5

HPE ProLiant BL460c Gen10 to BL460c Gen9 comparison


Table 7-2 Full HPE ProLiant BL460c Gen10 to BL460c Gen9 comparison
ProLiant BL460c Gen10 ProLiant BL460c Gen9

Compute Up to Two Intel® SkyLake Up to Two Intel® Xeon® E5-2600


Bronze, Silver, Gold, and v3/2600 v4 Series,
Platinum (150W and below) 4/6/8/10/12/14/16/18/20/22 Cores
PCIe 3.0, Two available PCIe 3.0, Two available mezzanine slot
mezzanine slot

Memory HPE Smart Memory (16) DDR4, HPE Smart Memory (16) DDR4, up to
up to 2666 MT/s (1 TB max) 2400MT/s (2 TB max)
ProLiant BL460c Gen10 ProLiant BL460c Gen9

Persistent Support for (Two) 16 GB


Memory NVDIMMs (Type 1)

Storage Standard HPE Dynamic Smart Standard HPE Dynamic Smart Array
Array S100i B140i
optional HPE Smart Array P204i- Choice of HPE Smart HBA H244br or
b or NVMe pass through HPE Smart Array P244br or NVMe pass
through

FBWC 1 GB DDR3-1866 MT/s, 72-bit 1 GB DDR3-1866 MT/s, 72-bit wide bus


wide bus at 14.9 Gb/s on P204i-b at 14.9 Gb/s on P244br

Battery HPE BLc 12W Smart Storage HPE BLc 12W Smart Storage Battery
Battery

HPE Two SFF max, HDD/SSD/uFF, Two SFF max, HDD/SSD, M.2
SmartDrives Two NVMe PCIe SSD option Enablement Kit, Two NVMe PCIe SSD
option

Networking Choice of 2 × 10 GbE, FlexFabric Choice of 2 × 10 GbE, FlexFabric 10 Gb,


10 Gb, FlexFabric 10/20 Gb, FlexFabric 10/20 Gb, RoCE, VXLAN
RoCE, VXLAN

USB/SD/M.2 1 × USB 3.0, 1 × Micro-SD, 1 × USB 3.0, 1 × Micro-SD, Optional


Optional Dual Micro Dual Micro SD/Optional M.2 Support
SD/Optional M.2 Support (80 (42 mm)
mm/110 mm)

GPU Support Graphics expansion WS460c

Management
ProLiant BL460c Gen10 ProLiant BL460c Gen9

Converged HPE OneView and HPE iLO HPE OneView and HPE iLO Advanced
Advanced

Support HPE Insight Online with HPE Insight Online with enhanced
enhanced mobile appl mobile appl

Embedded HPE iLO 5, SUM, RESTful HPE iLO 4, SUM, RESTful Interface
Interface Tool, UEFI Tool, UEFI

Table 7-2 provides a comparison of ProLiant BL460c Gen10 to Gen9.

ProLiant server blade family—BL600 series

Figure 7-21 ProLiant BL660c Gen 8 and Gen 9 Servers

As shown in Figure 7-21, the ProLiant BL600 Series server blade family includes:
•HPE ProLiant BL660c Gen8—Offers a four-socket dense form factor without compromising on
performance, scalability, or expandability.
•HPE ProLiant BL660c Gen9—Provides flexibility, more storage options, faster IO, and more
powerful processing to meet any workload needs.
HPE ProLiant BL660c Gen9 Server Blade

Figure 7-22 Ideal for virtualization, database, business processing, and other four-processor
applications

The HPE ProLiant BL660c Gen9 server, powered by Intel® Xeon® E5-4600 v3 series processors,
redefines density-optimized four-socket blade technology without compromising on performance. Figure
7-22 shows some of the benefits of the BL660c Gen9. The ProLiant BL660c Gen9 Server Blade is ideal
for virtualization, database, business processing, and other four-processor applications where fine-tuning
of data center space and price/performance is critically important.
HPE DDR4 SmartMemory offers a significant performance increase from the previous generation.
Additional support includes tiered storage controller options, 12 Gb/s SAS, 20 Gb FlexibleLOM NICs,
additional SFF drives, and support for M.2 and USB 3.0. Both Unified Extensible Firmware Interface
(UEFI) and Legacy BIOS modes are available for increased configuration and deployment versatility.
Flexible internal storage controller options with HPE OneView features help customers strike the right
balance between performance and price, helping to reduce overall TCO. Customers can choose between
the following controllers:
•Standard HPE Dynamic Smart Array B140i, which provides low-cost chipset SATA
•HPE Smart Array P244br for additional performance features including a 1 GB FBWC

Selecting a blade server by workload

Figure 7-23 Selecting a blade server by workload

Figure 7-23 shows which blade server may be appropriate for specific workloads.
HPE storage blades and Direct Connect SAS Storage

Figure 7-24 HPE D2220sb Storage Blade

HPE offers flexible storage solutions designed to fit inside the BladeSystem enclosure, as well as external
expansion for virtually unlimited storage capacity. HPE storage blade models include:
•HPE D2220sb Storage Blade—Delivers direct-attached storage for ProLiant server blades with
support for up to 12 hot-plug SFF SAS or SATA midline hard disk drives (HDDs) or SAS/SATA
SSDs. The enclosure backplane provides a PCIe connection to an adjacent server blade and enables
high-performance storage access without any additional cables. The D2220sb, shown in Figure 7-
24, features an onboard Smart Array P420i controller with 2 GB FBWC for increased performance
and data protection. Up to eight D2220sb storage devices can be supported in a single BladeSystem
c7000 enclosure for 115.2 TB of maximum capacity.

Note
D2200 and D2220sb Storage Blades are not compatible with BL460c Gen10 (as of September
2017).

•HPE X3800sb G2 Network Storage Gateway Blade and HPE StoreEasy 3850 Gateway Blade
Storage—Is used to access Fibre Channel, SAS, or iSCSI SAN storage, translating file data from
the server into blocks for storage to provide consolidated file, print, and management hosting
services in a package that can be clustered. Built on the ProLiant BL460c server blade, the Storage
Gateway Blade is a ready-to-deploy SAN gateway solution and ships with Microsoft Storage Server
preinstalled. The HPE Rapid Start-up Wizard accelerates new deployments by walking IT through
basic system settings step-by-step. The Storage Gateway Blade also includes a Microsoft Cluster
Server license and Microsoft iSCSI Software Target.
•HPE Direct Connect SAS Storage for HPE BladeSystem—Extends and redefines direct-attached
storage for BladeSystem servers. Local storage can be built with zoned storage, or low-cost shared
storage can be enabled within the rack using high-performance 6 Gb/s SAS architecture. By
combining the simplicity and cost-effectiveness of direct-attached storage with the flexibility and
resource utilization of a SAN, Direct Connect SAS Storage gives server administrators a simple in-
rack zoned direct-attach SAS storage solution that is ideal for growing capacity requirements. The
SAS architecture consists of a Smart Array P741m/P408e-m controller in each server, and 6 Gb
SAS BL switches connected to D3600/3700/6000/6020 Disk Enclosures. The simplicity of SAS
results in a very low-cost per Gb, enabling low-cost zoned or shared storage. Solution described
above works with Gen9 servers; older generations are using different products to achieve similar
functionality.

Creating an iSCSI SAN with HPE StoreVirtual VSA on a D2220sb


HPE StoreVirtual VSA turns the D2220sb into a scalable and robust iSCSI SAN for use by all servers in
the enclosure and any server on the network. It features storage clustering for scalability, network RAID
for storage failover, thin provisioning, snapshots, remote replication, and cloning.
Customers can expand capacity within the same enclosure or to other BladeSystem enclosures by adding
more D2220sb storage blades and StoreVirtual VSA licenses. A cost-effective bundle of the D2220sb
storage blade and a StoreVirtual VSA license makes purchasing convenient. If storage needs to be
increased, customers can add StoreVirtual storage systems externally and manage everything through a
single console.

HPE Ultrium tape blades

Figure 7-25 Ultrium SB3000c Tape Blade

HPE Ultrium tape blades, as shown in Figure 7-25 are ideal for BladeSystem customers who need a
complete data protection, disaster recovery, and archiving solution. These half-height tape blades provide
direct-attach data protection for the adjacent server and network backup protection for all data residing
within the enclosure.
Each Ultrium tape blade solution ships standard with HPE Data Protector Express Software Single Server
Edition software. In addition, each tape blade supports HPE One-Button Disaster Recovery (OBDR),
which allows quick recovery of the operating system, applications, and data from the latest full backup
set. Ultrium tape blades are the industry’s first tape blades and are developed exclusively for BladeSystem
enclosures.
The following models are available:
•HPE SB3000c Tape Blade
•HPE SB1760c Tape Blade

LTO Ultrium tape drives


Designed for midrange markets, the HPE LTO Ultrium tape drives set the standards for capacity,
performance, manageability, and security. HPE LTO Ultrium tape drives represent five generations of
LTO tape drive technology and are capable of storing up to 3 TB per cartridge.

HPE BladeSystem PCI Expansion Blade

Figure 7-26 HPE BladeSystem PCI Expansion Blade

The BladeSystem PCI Expansion Blade, shown in Figure 7-26, fits into a half-height device bay and
provides PCI card expansion slots to an adjacent server blade. This blade expansion unit uses the midplane
to pass standard PCI signals between adjacent enclosure bays, so customers can add up to two off-the-
shelf PCI-X or PCIe cards. The PCI Expansion Blade and its PCI boards are managed by the adjacent
server blade and its operating system.
Customers need one PCI Expansion Blade for each server blade that requires PCI card expansion. Any
third-party PCI card that works in ProLiant ML and ProLiant DL servers should work in this PCI
Expansion Blade.

Note
HPE does not offer any warranty or support for third-party PCI manufactured products.
HPE ProLiant WS460c Gen9 Graphics Server Blade

Figure 7-27 HPE ProLiant WS460c Gen9 Graphics Server Blade

The HPE ProLiant WS460c Gen9 Graphics Server Blade, shown in Figure 7-27, allows the customer to
centralize its organization’s workstations at a lower cost per seat and with the performance users expect.
Locating the graphics server blade in the data center makes it more easily, securely, and economically
managed. The results are improved uptime and business continuity, enhanced data center security, and
reduced IT costs.
This graphics server blade has comprehensive graphics acceleration capabilities for VDI and provides
cost reduction compared to previous generation configurations. It is ideal for high-end graphics users with
computing environments that require the use of high-performance graphics applications, including
financial trading, computer-aided design (CAD), web design, education, public sector, oil and gas, and
healthcare.
The WS460c Gen9 Graphics Server Blade has two options for the base blade configuration: the single-
width base blade or double-width blade with graphics expansion. The base blade supports up to two MXM
style graphics cards installed on the blade mezzanine slots. The expansion blade allows full-size high-end
graphics cards to be installed.
The WS460c Gen9 Graphics Server Blade base workstation blade provides a high-performance PC
experience to users over the network using one of the industry-standard remote protocols such as Citrix
HDX 3D, VMware PCoIP, and Microsoft RemoteFX.
The WS460c Gen9 Graphics Server Blade offers support for:
•Multiple operating systems (including client and server operating systems)
•Intel® Xeon® E5-2600 v4 processors (Broadwell)
–Up to 22 cores, 3.5 GHz, 55 MB L3 cache, 145W
–Up to 21% bin to bin performance gains (comparing v3 to v4)
•DDR4 2400 MT/s DIMMs for up to 1 TB total memory
•HPE MultiGPU Carrier with NVIDIA Tesla M6 or AMD FirePro S7100X graphics
–Up to Four NVIDIA Tesla M6 or AMD FirePro S7100X graphics in single-blade for up to 512
vGPU users per 10U
–Workstation-class 3D graphics for VDI graphics acceleration
•NVMe technologies for caching and workload acceleration
•HPE Dual 64 GB/120 GB M.2 flash media kits
•HPE Smart Array P741m 12 Gb/s SAS mezzanine card

Select mezzanine cards


All common connectivity technologies, such as SAS, FC, iSCSI, and Ethernet are available. HPE
Converged Network Adaptors provide Ethernet, iSCSI, and FC connectivity over 10 GbE using both
FCoE and CEE standards. Only a subset of these cards is listed in the book, always consult QuickSpecs
and verify supported server blades for each card.

FlexFabric Gen9/Gen10 adapter innovations improve performance and


efficiency

Figure 7-28 HPE FlexFabric 20 Gb 630 Series Adapters

HPE 20 Gb FlexFabric CNAs for BladeSystem, shown in Figure 7-28, remove the 10 Gb bandwidth
restrictions. One FlexFabric 20 Gb adapter equals one 10 Gb adapter plus one 8 Gb HBA and one extra 2
Gb. It is possible to carve out 8 Gb Fibre Channel bandwidth and have 12 Gb bandwidth available for
other FlexNICs. FlexFabric adapters simplify, consolidate, and virtualize the server edge for BladeSystem
customers. They provide:
•Lower cost—FlexFabric adapters can save up to 98% on adapter cards, switch ports, and cables
needed to support network and storage traffic.
•Support for converged networks with Virtual Connect—Virtual Connect provisions LAN and SAN
connectivity for BladeSystem server blades through administration of media access control (MAC)
and worldwide port names (WWPN) addresses. This allows server administrators to independently
manage server blades and their connectivity, maintaining high availability connections, and
securely administering MAC addresses and WWPNs for each server.
•Support for FlexFabric and Flex-10—FlexFabric adapters support network convergence with
Virtual Connect FlexFabric. Each physical port is virtualized as three NIC ports and one FCoE or
iSCSI port. They also support Flex-10, which allows each 10 Gb port to be divided into four
physical NICs to optimize bandwidth allocation for virtualized servers.
The advantages are:
•Improved performance
–Greater server efficiency with VMware and Hyper-V by offloading host packet processing
–High-performance Ethernet networking and FCoE/iSCSI storage I/O
–Balanced system matching networking performance with server CPU performance
–Advanced storage offload processing, freeing up the server CPU cycles that can be allocated
to other application requirements
•Reduced CapEX and OpEX
–Twice the performance without doubling the budget
–FCoE or remote direct memory access (RDMA) converged with Ethernet on a single wire
–More VMs on one link
•Reduced complexity
–Converged fabric and reduced cabling
–10 Gb bandwidth restrictions between server blades and their storage removed

HPE FlexFabric 20 Gb 2-port 650 adapter

Figure 7-29 FlexFabric 650FLB and FlexFabric 650M adapters

HPE FlexFabric 650 adapters, shown in Figure 7-29, were introduced with ProLiant Gen9 server blades
and support ProLiant Gen10. They offer a rich set of offload technologies including overlay network
tunneling and storage as well as RDMA over Converged Ethernet (RoCE) capabilities that increase host
efficiency and virtualization performance.
In addition to supporting the features of current FlexFabric 20 Gb 2-port 630 adapters, FlexFabric 650
series adapters converge FCoE or RoCE traffic with data center LAN traffic. These adapters also support
VXLAN/network virtualization using Generic Routing Encapsulation (NVGRE) tunnel offload to reduce
the CPU load on the server and improve IT service delivery, reduce costs, and deliver greater data center
efficiency.
The FlexFabric 650 adapters can be used for both 10 Gb and 20 Gb connections.
Customers choose FlexFabric 650 adapters because the adapters:
•Simplify the infrastructure—FlexFabric 650 adapters deliver faster services by converging FCoE
or RoCE with LAN traffic on a single Ethernet wire. Infrastructure can be simplified through
eliminating hardware, reducing operational and acquisition costs.
•Improve performance of overlay networking with tunnel offload on a 20 GbE adapter (VXLAN
and NVGRE)—FlexFabric 650 adapters use tunnel offload to take full advantage of overlay
networking investment. They increase the scale of virtual LANs (VLANs) beyond the traditional
limit of 4096 and simplify network services provisioning. Using RoCE with Hyper-V Live
Migration, customers can reduce migration times and improve server utilization, giving them
flexibility to address dynamic workloads. In addition, these adapters offer improvements in IOPS
and small packet performance.
•Deliver IT services efficiently—CPU and power consumption can be reduced using tunnel offload.
In addition, RoCE allows faster data transfer and low latency.
HPE Ethernet 20 Gb 2-port 650 Series Adapters are supported on:
•ProLiant BL460c Gen9 Server Blade
•Virtual Connect FlexFabric-20/40 F8 module
•Virtual Connect Flex-10/10D module
•HPE 6125XLG Ethernet Blade Switch

FlexFabric adapters

Figure 7-30 FlexFabric PFs

As shown in Figure 7-30, a FlexFabric adapter presents up to four PFs to an operating system or hypervisor
in a Virtual Connect environment. The adapters allow flexible personality definition for networking and
storage protocols. All four connections can have their hardware personalities defined as FlexNICs to
support only Ethernet traffic. One of the PFs can also be defined as an FCoE or iSCSI adapter for iSCSI
boot protocol support. However, only one storage protocol offload can be used at a time. The same
protocol must be used on both ports of the adapter.
A single lane (downlink) of 20 GbE for each adapter port serves one to four FlexNICs, or one to three
FlexNICs and one FlexHBA. Each server port connects to a different interconnect bay (odd, even) based
on the hard-wired BladeSystem design.

FlexNICs and FlexHBA traffic


Figure 7-31 FlexNIC and Virtual Connect module keep traffic separated

Although FlexNICs share the same physical port, traffic flow for each is isolated with its own MAC
address and FlexNIC VLAN tags. As shown in Figure 7-31, each FlexNIC can be mapped to one or more
Virtual Connect networks (VLANs) and isolate data traffic by using VLAN tags.
The operating system sees each PF on the FlexFabric adapter as a conventional hardware NIC, Fibre
Channel HBA, or iSCSI HBA device. Each PF advertises its VLAN assignment as designated by the
server profile. The advertised device type and VLAN assignment steer individual traffic classes to the
appropriate PF (PF1, PF2, PF3, or PF4) on the FlexFabric adapter.

Step 5: Select the storage infrastructure

Figure 7-32 Storage options

Connect to external HPE SAN, NAS, and backup solutions, or put storage solutions inside the
BladeSystem enclosure, side by side with server blades, to quickly expand storage and extend data
protection without adding a single cable.
ProLiant server and BladeSystem technology are foundational elements of the HPE Converged Storage
architecture. As shown in Figure 7-32, storage infrastructure options include:
•D2220sb storage blade for on-system storage
•HPE P4800 SAN for HPE BladeSystem for on-network storage
•HPE 3PAR StoreServ storage for on-cloud storage
Other storage options include:
•StoreVirtual Storage
•StoreOnce Backup
•StoreAll Storage
Built on modular, industry-standard hardware, scale-out federated software, and integrated management,
HPE Converged Storage delivers the simplicity, efficiency, and agility needed to support virtualization,
the cloud, and today’s proliferation of data. Add further efficiency and IT agility with streamlined storage
and networking solutions. Many HPE 3PAR storage solutions can be directly connected to Virtual
Connect FlexFabric modules with HPE Flat SAN direct-attach technology to help reduce infrastructure
and multi-tier storage solution complexity.

Converged and collapsed infrastructure with Flat SAN

Figure 7-33 Virtual Connect Flat SAN technology and HPE 3PAR StoreServ storage

Virtual Connect Flat SAN technology provides the industry’s first direct-attach connection to Fibre
Channel storage that does not require dedicated Fibre Channel switches. With Flat SAN, you can connect
HPE 3PAR StoreServ storage systems, as shown in Figure 7-33, directly to the Virtual Connect FlexFabric
module without an intermediate SAN fabric. The SAN is not eliminated, but is created by the switch-on-
a-chip technology inside the FlexFabric module and is managed through Virtual Connect Manager.
Storage solutions usually include components such as server HBAs, SAN switches and directors, optical
transceivers and cables, and storage systems. The number of components causes concern among
customers about management and efficiency. Moreover, different components require different tools, such
as SAN fabric management, storage management (for each type of storage), and HBA management.
Because the Flat SAN solution allows you to connect directly to HPE 3PAR storage, it reduces the number
of components, lowers latency, and speeds provisioning. It also simplifies connection management by
enabling you to wire once, and then add, move, and change network connections to thousands of servers
in minutes instead of days from one console without affecting your LAN and SAN.
Flat SAN technology minimizes latency between servers and storage by eliminating the need for multi-
tier SANs. Designed for virtual and cloud workloads, this solution reduces storage networking costs and
enables faster provisioning compared to competitive offerings.
It also simplifies management by enabling you to use Virtual Connect Manager and HPE OneView
through a single console.

Step 6: Select the infrastructure management

Figure 7-34 Selecting the infrastructure management

As shown in Figure 7-34, BladeSystem infrastructure management is delivered through a complete


portfolio of ProLiant server lifecycle management capabilities that can flexibly operate from embedded
on-system utilities, on-premise software-defined data centers, and from the cloud. The HPE software-
defined approach to infrastructure provisioning leverages a template-based, profile-driven approach that
dramatically improves the speed with which customers deploy servers, storage, and network
infrastructure.
Managing ProLiant servers with HPE infrastructure management results in increased efficiency and
precise control of server infrastructure resources. With a rich set of capabilities that are easy to access and
simple to use, HPE infrastructure management covers critical areas such as server deployment and
configuration, health and alerting, power and remote management, automated support, and warranty and
contract status and control through a cloud-based portal. The core components of HPE infrastructure
management are HPE OneView, iLO, and Insight Online.

Onboard Administrator

Figure 7-35 Onboard Administrator: designed for both local and remote administration of BladeSystem
enclosures

The Onboard Administrator for BladeSystem enclosures, shown in Figure 7-35, is the intelligence of the
BladeSystem infrastructure. Together with the enclosure’s Insight Display, the Onboard Administrator
has been designed for both local and remote administration of BladeSystem enclosures.
This BladeSystem feature provides wizards for:
•Simple, fast setup and configuration
•Highly available and secure access to the BladeSystem infrastructure
•Security roles for server, network, and storage administrators
•Agentless device health and status
•Thermal Logic power and cooling information and control
Each enclosure ships with one Onboard Administrator module. A customer can order a second redundant
Onboard Administrator module for each enclosure.
When two Onboard Administrator modules are present in a BladeSystem enclosure, they work in an
active/standby mode, assuring full redundancy with integrated management. Either module can be the
active module. The other becomes the standby module. Configuration data is constantly replicated from
the active Onboard Administrator module to the standby Onboard Administrator module, regardless of
the bay in which the active module currently resides.

Insight Display

Figure 7-36 Insight Display Health Summary

The LCD panel on the front of the BladeSystem enclosure houses the Insight Display for initial
configuration of the enclosure. After the initial configuration has been performed, the Onboard
Administrator can be used for ongoing monitoring and management of the enclosure and its components.
The BladeSystem Insight Display panel is designed for local configuring and troubleshooting. It provides
a quick visual view of enclosure settings and at-a-glance health status, as shown in Figure 7-36. Green
indicates that everything in the enclosure is properly configured and running within specification. It has a
keyboard-video-mouse option for local system setup and management.

Main Menu
From the Insight Display Main Menu, users can navigate to the submenus, which include:
•Health Summary
•Enclosure Settings
•Enclosure Info
•Blade or Port Info
•Turn Enclosure UID on
•View User Note

Converged management with HPE OneView

Figure 7-37 Enclosure groups in HPE OneView

To manage an IT infrastructure effectively, customers need one management platform with one approach
to the entire infrastructure, including compute, storage, and the network. HPE OneView provides this
single management platform.
HPE OneView can be used to automate the deployment and ongoing management of BladeSystem
environments as shown in Figure 7-37. The HPE OneView dashboard provides an easy-to-understand
status summary of servers, storage pools, and enclosures. Color-coded icons indicate which systems are
functioning properly and which ones need help. Features include:
•One platform manages BladeSystem and supported storage solutions.
•Customizable templates that define infrastructure services, enabling the delivery of IT services in
a fast, repeatable, and reliable manner, at lower cost and with fewer errors.
•Profiles and groups capture best practices and policies. Profiles and groups can be created once
and rolled out to as many enclosures, servers, and storage arrays as needed to increase productivity
and ensure compliance and consistency.
•Visualized connections between infrastructure elements enable IT staff to better understand the
impact of hardware faults or performance bottlenecks.
HPE OneView creates a closed-loop automation hub with consistent, industry-standard APIs, a uniform
data model, and a state-change message bus. IT staff can automate deployment of multiple enclosures,
blades, storage, and networking programmatically—using the industry-standard REST API or a choice of
PowerShell and Python language bindings. With HPE OneView automation capabilities, it is possible to:
•Inform multiple management tools or systems administrators of changes to the infrastructure
managed by HPE OneView.
•Quickly react to environmental changes by deploying or updating resources, updating asset
management records, or automatically creating service tickets.
•Enable virtualization administrators to automate control of all HPE resources—with no detailed
knowledge of each device—through integration with VMware vCenter, VMware vCenter
Operations, and Microsoft System Center.

Orchestration across the infrastructure

Figure 7-38 HPE OneView provides orchestration across the infrastructure

HPE OneView improves operational efficiency by taking the personality of a server and putting it in
software. As shown in Figure 7-38, the resulting server profile contains all of the configuration
information necessary to instantiate the server, including connections to storage and associated addresses,
and connections to networking devices and associated addresses.
HPE OneView provides orchestration across the infrastructure by enabling you to:
•Visualize the data center for planning
•Manage and provision hardware, software, and firmware
•Implement changes faster
Insight Online

Figure 7-39 Save time and resources with automation and simplified information access

HPE Insight Online is a cloud-based infrastructure management and support portal available through the
HPE Support Center and powered by HPE remote support technology, including Insight Online direct
connect and Insight Remote Support 7.x.
The management capabilities built into HPE BladeSystem Onboard Administrator, shown in Figure 7-39,
ProLiant Gen8, Gen9, and Gen10 servers seamlessly integrate with Insight Online direct connect and
Insight Remote Support 7.x and later.
Insight Online is designed for IT staff who deploy, manage, and support systems, as well as for HPE
Authorized Partners who support IT Infrastructure. Using the Insight Online portal saves time, reduces
complexity, and helps ensure uptime.
Through the HPE Support Center, Insight Online can automatically display devices remotely monitored
by HPE. Insight Online provides a personalized dashboard for simplified tracking of IT operations and
support information from anywhere, at any time, on any device. Customers can use the Insight Online
dashboard to track service events and support cases, view device configurations, and proactively monitor
HPE contracts, warranties, and HPE Proactive service credit balances.
Insight Online provides all-in-one secure access to the information needed to support devices in the IT
environment with standard warranty and contract services.
After you install HPE remote support tools and register with Insight Online, HPE Proactive Care service
assists in proactively supporting infrastructure, providing quick access to support experts, and preventing
problems before they occur.

Step 7: Select the services


HPE consulting and support can help customers achieve maximum benefits from their server technology.
HPE services deliver confidence by helping customers prevent problems, reduce risk, solve problems
faster, and realize agility and stability as they deploy and operate new technology.
•HPE offers two versions of HPE Proactive Care Services for BladeSystem servers, each with
flexible hardware and software coverage windows and response times.
–Proactive Care leverages innovative HPE remote support technology to help prevent problems
and provide rapid access to expertise to stabilize IT.
–Proactive Care Advanced is designed to support servers running business-critical IT. This
service expands on the Proactive Care service by providing localized account managers who
work with the customer’s IT staff to keep systems in peak performance, manage critical events,
and quickly address complex issues
•HPE Foundation Care is an economical alternative that provides hardware and software support
with a simplified choice of coverage windows and response times. This support coverage includes
collaborative call management for assistance with leading x86 operating system software.
•HPE Datacenter Care offers the most flexible service. It supports the entire IT environment to
provide the right mix of enhanced call management, proactive services, and hardware and software
assistance to manage a solution holistically for maximum control, performance, and simplicity.
•HPE Education Services helps address the challenge of managing costs and resources while
keeping up with the latest technology. HPE Education Services provides IT professionals, enterprise
businesses, and end users with the highest quality, most comprehensive technical and business
education services and expertise using advanced technologies.

Activity: Introducing customer scenario


Alpha Centauri Drones Company is used as a storyline through the class for various scenarios. In this
chapter, we introduce the company’s intention to expand their IT infrastructure using an interview.
•What are your current plans?
–We want to further expand our IT infrastructure to support better our users.
•Are you planning a virtualization solution?
–Yes, we are considering a virtualization solution, based on our current findings we are talking
about five to eight hypervisors.
•What other server functions you may need?
–We are considering a communication sever cluster, external highly available database for our
accounting system and CRM.
•What type of management tools are you looking for?
–We want to use identical tools that we are currently using with our DL servers. We are not
looking for a server-defined architecture or cloud environment.

Learning check
3.HPE BladeSystem HPE 6127XLG switch can be managed by Virtual Connect Manager.
True
False
4.HPE ProLiant BL660c Gen10 Server Blade is a full-height blade.
True
False
5.Which network types can be connected through HPE Virtual Connect?

6.c-class server blades are equipped with HPE iLO.


True
False
7.Write a summary of the key concepts presented in this chapter.

Summary
BladeSystem is a modular infrastructure platform that converges servers, storage, and network fabrics to
accelerate operations and speed delivery of applications and services running in physical, virtual, and
cloud-computing environments.
Building a BladeSystem infrastructure solution begins with seven steps:
1.Select the operating environment.
2.Select the BladeSystem enclosure and power infrastructure.
3.Select the interconnects and adapters.
4.Select the server blades.
5.Select the storage infrastructure.
6.Select the infrastructure management.
7.Select the services.
8 HPE Density-Optimized Solutions
WHAT IS IN THIS CHAPTER FOR YOU?
After completing this chapter, you should be able to:
✓Explain why High-Performance Computing (HPC) and Big Data are important.
✓Describe the features and functions of HPE Apollo systems.
✓Discuss the management options available for HPE Apollo solutions.
✓Describe HPE SimpliVity solutions.
✓Describe HPE SGI solutions.

Prelearning check
1.Which HPE solution is most suitable as in-memory HPC solution?
A.HPE Apollo kl20
B.HPE MC990 X
C.HPE ProLiant ML350 Gen10 servers
D.HPE Apollo 4510 Gen10
2.Match the Apollo platform with features.

3.Which component of HPE SimpliVity performs deduplication and compression? What are the
benefits of these features?

HPC is key to continued business success


HPC customers use IT differently from corporate IT organizations. An HPC customer’s expenditure on
IT often approaches 90% of the total cost of the business, 10 times that of a corporate IT organization.
Additionally, the IT growth rates for a service provider can be many times the IT growth rate of a
corporation. For service providers, IT is the business.
HPC customers are focused on how to get the best performance possible with limited resources. HPC is
firmly linked to economic competitiveness as well as scientific advances. Governments, academia, and
enterprises use HPC to drive advances in their respective fields.
•Governments and academia leverage IT to solve the world’s greatest problems (such as curing
genetic illnesses, solving climate change, or determining the origin of the universe).
•Researchers are continually trying to solve more and increasingly complex problems in the life and
materials sciences industries. HPC solutions increase research agility, lower costs, and allow
researchers to process, store, and interpret petabytes of data. HPC enables simulation and analytical
solutions to some of the most vexing problems in areas such as nanotechnology, climate change,
renewable energy, neuroscience, bioinformatics, computational biology, and astrophysics.
•HPC solutions for upstream oil and gas exploration and production enable the industry to meet the
increasing global demand for petroleum products.
•Financial Services companies face the most challenging analytics and trading environments in the
industry. From risk management to high-frequency trading, IT solutions need to deliver the
performance, efficiency, and agility to maximize the ability to add or adapt services quickly as
market conditions change.
At one time, HPC was regarded as a specialist area. Today, it is becoming essential to the continued
success of businesses requiring optimal computational performance, unprecedented reliability, memory,
and storage scalability. Examples of such applications include:
•Computer-aided engineering (CAE)
•Electronic design automation (EDA)
•Research and development
•Life sciences
•Pharmaceutical
•Geophysical sciences
•Energy research and production
•Meteorological sciences
•Entertainment
•Media production
•Visualization and rendering
•Government
•Academia
•Financial Services
•Automotive and aerospace design
HPE purpose-built portfolio for HPC

Figure 8-1 HPE industry solutions for HPC

The HPE Apollo family is a set of purpose-built Compute offerings designed to address the needs of HPC
workloads as well as Big Data Analytics, object storage, and enterprise service provider needs. The
emerging scale-out type of architectures driven by the cloud for Big Data Analytics and object storage
require simple storage at massive scale, substantial configuration flexibility, and a high degree of density
optimization. The HPC type of workloads require significant parallel processing performance in
combination with increased data center infrastructure efficiency maximize the performance per unit of
data center resource consumption (power/cooling/space/admins). As the need for HPC moves beyond the
traditional domain of academia and research institutions to mainstream enterprise applications to drive
business innovation, customers need the capability to shift from traditional platforms to scale-out solutions
and HPC solutions in a nondisruptive manner to become enterprise service providers.
As shown in Figure 8-1, the Apollo family supports a broad range of HPC deployments from small, entry
configurations in the enterprise with Apollo 2000 to the most complex supercomputing applications with
SGI 8600.
•The Apollo 2000 is the ideal enterprise bridge for customers who are embarking on the scale-out
journey for the enterprise and need a solution for small deployments of HPC as well as general-
purpose workloads in a nondisruptive manner. The Apollo 6000 is a more powerful solution that
delivers rack-scale efficiencies and designed for midsize to large HPC deployments with a higher
level of infrastructure efficiency.
•The Apollo 4200 is the enterprise bridge to Big Data Analytics and object storage and is designed
for smaller deployments with substantial configuration flexibility across processing and storage.
The Apollo 4530 is purpose-built for Hadoop Analytics and combines substantially more processing
power than the 4200 with three server cartridges and is ideal for complex Hadoop Analytics
deployments.
•The Apollo 4510 is the ideal storage server and is purpose-built for object storage with substantial
storage capacity and a single server cartridge. It is optimized for storage-intensive workloads and
is optimized to work with leading object storage software solutions like Cleversafe and Scality as
well as HPE software solutions.
•The Apollo 6000 delivers HPC capabilities for the next level of processing requirements in midsize
and large enterprise with rack-scale efficiencies in terms of power, cooling, and space together with
targeted workload optimization to enhance performance. HPE Apollo 6000 Gen10 is a
performance-optimized, air-cooled system that offers outstanding configuration flexibility,
redundant power, simplified administration, and rack-scale efficiency to lower the total cost of
ownership (TCO) needed for mass scale HPC deployments.
•The HPE SGI 8600 System is a liquid-cooled, tray-based, scalable, high-density clustered
computer system designed from the ground up to run complex HPC workloads at petaflop speeds,
scale seamlessly to thousands of nodes and deliver leading energy efficiency.
•HPE Integrity MC990 X Solve complex, data-intensive HPC problems at unparalleled scale by
leveraging four to 32 sockets and one to 48 TB of in-memory computing capacity in a single system.
•HPE Integrity Superdome X equips enterprise HPC environments with high-volume, in-memory
computing and single-system simplicity delivered in two to 16 sockets and up to 48 TB memory.
•HPE Apollo 10 Systems offers mixed workload HPC for even the smallest department, running on
industry-standard accelerated compute servers.

Note
Big data is data sets that are so voluminous and complex that traditional data processing
application software is inadequate to deal with them. Big data challenges include capturing
data, data storage, data analysis, search, sharing, transfer, visualization, querying, updating, and
information privacy. There are three dimensions to big data known as Volume, Variety, and
Velocity. (Wikipedia.org, January 2018)

Learning check
1.Which HPE solution is most suitable as in-memory HPC solution?
A.HPE Apollo kl20
B.HPE MC990 X
C.HPE ProLiant ML350 Gen10 servers
D.HPE Apollo 4510 Gen10
The data landscape is changing radically

Figure 8-2 More connected people, apps, and things generating more data in many forms

The data landscape is radically changing. In yesterday’s data-driven analytics and insights (and the
technologies used to store/manage/analyze them) were limited to (and for) traditional business data—the
data generated from business-process applications like customer relationship management (CRM),
enterprise resource planning (ERP) Human Resource Management (HRM), and supply chain. But as we
have all seen, the data landscape has been radically changing over the past few years—90% of the data
available today was created in the last two years—and the landscape will continue to change due to the
fastest growing segments of human data and machine data, as shown in Figure 8-2.
Human data includes all the content we create—some of which is highly regulated for compliance
purposes (contracts, legal docs) and social media, emails, call logs, and other images, audio, and video.
Machine data is the complete opposite of human data. It is the high-velocity information generated by the
computers, networks, and sensors embedded in just about everything—the Internet of Things (IoT).
Together, human data and machine data are growing 10× faster than traditional business data, and
organizations that are data-driven are not only able to leverage this data to create new value, but they are
also able to bridge the interconnection of data across the silos and repositories for integrated intelligence.
For example, in retail, retailers can maximize customer loyalty across multiple channels by integrating
data from real-time inventory, in-store location positioning sensors, radio-frequency identification
(RFID), and social media.

Yesterday’s “data-driven” landscape


Figure 8-3 Lack of business benefit from data

The term data-driven is not actually new, it has been around for 20+ years since Business Intelligence
(BI). However, the concept of being data-driven has changed—from what it can and could not do
yesterday to what it can do for your customer’s business today.
As shown in Figure 8-3, if you look across three dimensions—data, people, and insights—yesterday,
being data-driven meant:
•Utilizing limited business data in siloed departments and applications
•Empowering a few people, typically business analysts, often from a top-down approach, who do
not even know the right questions to ask of the data to extract the value
•Delivering insights via monolithic BI reports to the limited few without regarding time sensitivity
•Analytics were only available to the analysts reactively (in hindsight), with limited actionable value
Infrastructure was not designed to monetize the value of data and create insights but rather designed
around supporting application workloads. In yesterday’s architecture, analytics was an afterthought and
was separated from the compute resources, making it difficult to analyze and complex to manage.
Although it was the right intent, the business benefit was marginal impact with a ton of room for
improvement.
Data-driven in the Idea Economy

Figure 8-4 Utilizing data in the Idea Economy

Figure 8-4 shows what being data-driven today in the Idea Economy is about:
•Harnessing all the relevant data (business/human/machine) available today and in the future
•Empowering and delivering insights for all stakeholders (collaboratively) in the organization (from
line of business (LOB) leadership, operations, line workers, and so forth) irrespective of level or
function—in real-time, at the moments that matter
•Operationalizing analytics through many apps, resulting in better results across the entire
business/operations
•Achieving greater value through insight and foresight analytics—answering why did something
happen or what will happen instead of just answering reactively what happened, so you can take
action and be proactive
At the end of the day, it is about quickly and iteratively turning ideas into insights to better outcomes.

Deep Learning
Jeremy Howard, Enlitic founder, said in a 2014 TED.com talk: “Deep Learning is an algorithm inspired
by how the brain works, and as a result it is an algorithm which has no theoretical limitations. The more
data you give it, and the more computation time you give it, the better it becomes.”

Deliver Automated Intelligence in real-time for Deep Learning


Deep Learning use cases include:
•Video, image, text, audio, time series pattern recognition
•Large, highly complex, unstructured simulation and modeling
•Real-time, near real-time analytics
Customer benefits when using unprecedented performance and scale with HPE high-density graphic
processing unit (GPU) solutions.
•HPE Apollo 6500 and SGI C1102-GP8 are ideal HPC and Deep Learning platforms, providing
unprecedented performance with up to eight GPUs, high-bandwidth fabric, and GPU topologies
designed to match Deep Learning workloads
•Up to eight high-powered GPUs per tray (node) configurable system topologies
•Choice of high-speed, low-latency fabrics
•Enterprise management: HPE integrated Lights-Out (iLO), HPE OneView, HPE Apollo Platform
Manager (APM), or the SGI Management Suite

Learning check
2.Traditional business data is growing 10× faster than human and machine data (content created by
humans and automatically by computers, networks, sensors, and so forth).
True
False

HPE Apollo systems


HPE Apollo systems provide rack-scale solutions with high density, optimal performance, power
efficiency, and low TCO. The demand for more compute performance for applications used by EDA, risk
modeling, or life sciences is relentless. For customers working with single-threaded application workloads
like these, success depends on optimizing performance with maximum efficiency and cost-effectiveness,
along with easy management for large-scale deployments.
HPE Apollo systems are designed to deliver compute, storage, networking, power, and cooling solutions
for Big Data, analytics, object storage, and HPC workloads. With rack-scale efficiency, Apollo systems
deliver excellent business benefits. These systems:
•Apply just the right amount of scalability, performance, and efficiency with systems that are
optimized for specific workloads
•Reduce implementation time from months to days
•Provide architectural flexibility with both scale-up and scale-out solutions
•Provide significant capital and operating expenditure savings
•Leverage complete service and support offerings from HPE
The Apollo portfolio includes:
•Apollo 10 series that includes HPE Apollo 20 and 40 systems for emerging HPC environments
•HPE Apollo 2000 systems provide a bridge to scale-out architecture for traditional rack-server data
centers and deliver hyperscale and general-purpose scale-out computing.
•HPE Apollo 4000 systems allow customers to analyze growing volumes of data in order to turn
information into insight and enable faster strategic decision-making. The Apollo 4000 series is ideal
for Big Data Analytics and object storage needs.
•The air-cooled HPE Apollo 6000 system optimizes rack-scale performance for any budget and
makes HPC capabilities accessible to a wide range of enterprise customers.
•The HPE SGI 8600 system is a supercomputer that combines high levels of processing power with
a warm water-cooled design for ultra-low energy usage and recycling.
This complete range of offerings makes highly dense server storage, management, and rack-scale
efficiency available to organizations of all sizes. Its tiered approach provides a logical starting point for
data-driven organizations that want to implement Big Data, object storage, and HPC solutions.

Flexible configurations, IT expertise, and lower cost solutions


HPE Apollo 10 series makes HPC and Deep Learning affordable. Low entry costs combine with a flexible
industry-standard platform, custom solutions, and a choice of components. Apollo 10 series servers
readily integrate into standard cluster environments.
We devised the Apollo 10 series based on our extensive expertise in HPC, data management, visualization,
systems management, and High Performance Data Analysis (HPDA). From this foundation, you can
implement optimal HPC and Deep Learning solutions that take advantage of responsive and flexible
support along with committed account and technical resource teams.
Enable Deep Learning and HPC adoption with HPE Apollo 20 family and Intel® Phi, optimized industry-
standard servers supporting latest technology for Deep Learning and HPC Workloads. Optimized for Deep
Learning, life sciences, and weather simulation, the 2U HPE Apollo kl20 platform offers greater than12
x86 TFLOPS and up to 272 cores.

Note
TFLOP is a bit of shorthand for “teraflop,” which is a way of measuring the power of a
computer based more on mathematical capability than GHz. A teraflop refers to the capability
of a processor to calculate one trillion floating-point operations per second. Saying something
has “6 TFLOPS,” for example, means that its processor setup is capable of handling 6 trillion
floating-point calculations every second, on average. (Digital Trends, January 2018—
https://www.digitaltrends.com/computing/what-is-a-teraflop/)

Benefits of Apollo 20 family:


•Flexible configurations tailored to HPC/Deep Learning
–Choice of CPU, memory, and drives
–Multiple network topologies: Fat Tree, Hypercube, and Enhanced Hypercube
–Comprehensive factory integration
–Readily integrated into standard cluster environment
•Expertise and resources for operational efficiency
–Expertise in HPC, data management, visualization, systems management, and HPDA
–Responsive and flexible support
–Custom solutions—one size does not fit all
–Committed account and technical resource teams
•Right-sized compute for infrastructure efficiency
–Air cooling for standard server environments
–Energy efficiency with dual high-efficiency power supplies
–Select the right-sized network topology for cost model
–Integrated Intelligent Platform Management Interface (IPMI) 2.0 Management

Note
Hypercube networks are a type of network topology used to connect multiple processors with
memory modules and accurately route data. Hypercube networks consist of 2 m nodes. These
nodes form the vertices of squares to create an internetwork connection. A hypercube is
basically a multidimensional mesh network with two nodes in each dimension. Due to
similarity, such topologies are usually grouped into a k-ary d-dimensional mesh topology
family, where d represents the number of dimensions and k represents the number of nodes in
each dimension. (Wikipedia.org, January 2018)
A hypercube with extra connections added between pairs of nodes through otherwise unused
links is investigated. The extra connections are made in a way that maximizes the improvement
of the performance measure of interest under various traffic distributions. The resulting
hypercube, called the enhanced hypercube, requires a simple routing algorithm and is
guaranteed not to create any traffic-congested points or links. The enhanced hypercube
achieves noticeable improvement in diameter, mean internode distance, and traffic density, and
it also is more cost effective than a regular hypercube. An efficient broadcast algorithm that
can considerably speed up the broadcast process in enhanced hypercubes is provided.
(Enhanced hypercubes, N.-F.Tzeng, S.Wei—http://ieeexplore.ieee.org/document/76405/)

HPE Apollo kl20 Server with Intel® Xeon® Phi Processors

Figure 8-5 HPE Apollo kl20 Server

Specifications of the HPE Apollo kl20 Server with Intel® Xeon® Phi Processors, shown in Figure 8-5,
include:
•Processor—Four Intel® Xeon® Phi Processor (one per server) (up to 230 watts), supports up to
two integrated Omni Path with –F processor
•Memory—24 DDR4 DIMMs, 2400 MHz (six per server)
•Network—Dual-port GigE controller (Intel® I350)
•Storage—12 × large form factor (LFF) drives (three per server)
•I/O options—Eight Peripheral Component Interconnect Express (PCIe) 3.0 x16 low-profile (two
per server)
•Management—Integrated IPMI 2.0

HPE Apollo 40—Flexibility, expertise, and lower costs


HPE Apollo 40 family brings optimized industry-standard servers supporting latest technology for Deep
Learning and HPC Workloads. HPE Apollo 40 family consists of two products:
•HPE Apollo sx40—A 1U rackmount dual-socket Intel® Xeon® server with support for up to four
NVIDIA Tesla SXM2 GPUs with NVLink. This configuration allows for up to 14,336 NVIDIA
CUDA cores and 42.4 TFLOPS single precision floating-point performance.
•HPE Apollo pc40—A cost-effective 1U dual-socket Intel® Xeon® server that is optimal for mixed
workload GPI-accelerated HPC. With support for up to four PCIe GPU cards, Apollo pc40 provides
up to 37.2 TFLOPS of single precision performance per server.
Features of HPE Apollo 40 family:
•Flexibility
–Choice of CPU, memory, drives, and GPU form factor
–Multiple network topologies: Fat Tree, Hypercube, and Enhanced Hypercube
–Comprehensive factory integration
–Readily integrated into standard cluster environment
•Expertise
–Expertise in HPC, data management, visualization, systems management, and HPDA
–Responsive and flexible support
–Custom solutions—one size does not fit all
–Committed account and technical resource teams
•Lower entry costs
–Air cooling for standard server environments
–Energy efficiency—dual high-efficiency power supplies
–Select the right-sized network topology for cost model
–Integrated IPMI 2.0 Management
–Choice of GPU form factor

Note
NVLink is a wire-based communications protocol serial multi-lane near-range communication
link developed by Nvidia. Unlike PCI express, a device has multiple NVLinks and devices are
not using a central Hub to communicate, but a Mesh. (Wikipedia.org, January 2018). SXM2 is
a form factor.

HPE Apollo pc40 Server

Figure 8-6 HPE Apollo pc40 Server

The HPE Apollo pc40 system’s use of the latest GPU technologies enables breakthrough density, scale,
and efficiency.
Using NVIDIA GPUs with PCIe enables your customer to choose the best GPU for their workload,
whether that is Tesla P100 or Tesla M40.
The HPE Apollo pc40 Server, shown in Figure 8-6, is a 1U dual-socket server featuring up to four
NVIDIA Tesla GPUs and based on the Intel® Xeon® Processor Scalable Family. The HPE Apollo pc40
Server is an optimized, industry-standard server for Deep Learning and HPC workloads that uses the PCIe
form factor for greater choice in GPU selection. Your customers can enjoy quicker and easier deployments
with systems configured, integrated, and tested by HPE. Using industry-standard IPMI 2.0 system
management and the HPE Performance Software Suite, the server is easy to use and manage. The HPE
Apollo pc40 Server delivers cost-effective Deep Learning and HPC performance with high-compute
density (up to four GPUs per 1U rack space), helping to turn data into insights and insights into actions.
Your customers can optimize the server for required workloads by choosing from the available CPUs in
the Intel® Xeon® Processor Scalable Family, up to twelve 2666 MHz DDR4 DIMMs, optional network
adapters, and up to two small form factor (SFF) hard drives or solid state drives (SSDs).
Fully integrated and factory-tested clusters are delivered with a complete cluster management software
stack to simplify deployment and management and can be custom-configured for perfect right-sizing.
Multiple network topologies are supported in cluster builds: Fat Tree, Hypercube, and Enhanced
Hypercube for increased flexibility. The server is readily integrated into a standard cluster environment.
Specifications of HPE Apollo pc40 Server:
•Chassis profile: 1U standard-depth
•Servers/System: One dual-socket
•Max. processors: Two Intel® XPSF processors
•Max. CPU TDP: 165W
•Memory slots: 12 dual in-line memory module (DIMM) slots
•Memory type: 2666 MHz DDR4 ECC reg.
•Max. hard disk drives (HDDs): 2 × 2.5” drives, 1 × M.2
•Expansion slot: Includes five PCIe slots:
–1 × PCIe 3.0 x16, Low Profile
–1 × PCIe 3.0 x16, FH/FL
–3 × PCIe 3.0 x16, FH/FL, Internal Only
•Networking (Onboard): Dual-port GigE controller (Intel® I350)
•IPMI Remote Management: Integrated IPMI 2.0
•Power supply: 2000W Redundant Platinum Level
•Max. GPUs: 4× Tesla
•GPU support:
–HPE NVIDIA Tesla P100 PCIe 12 GB Module
–HPE NVIDIA Tesla P100 PCIe 16 GB Module
–HPE NVIDIA Tesla P40 PCIe 24 GB Module

HPE Apollo sx40 Server

Figure 8-7 HPE Apollo sx40 Server

The HPE Apollo sx40, shown in Figure 8-7, is a purpose-built, dense, and flexible 1U GPU server for the
most demanding HPC and Deep Learning workloads. This server brings cost-effective, industry-standard
GPU-accelerated computing into even the smallest HPC department.
The HPE Apollo sx40 Server is a 1U dual-socket server featuring up to four NVIDIA Tesla GPUs in
SXM2 form factor and based on the Intel® Xeon® Processor Scalable Family. The HPE Apollo sx40
Server is an optimized industry-standard server supporting Deep Learning and HPC workloads, using the
SXM2 form factor to provide increased available GPU memory bandwidth and performance. Your
customers can enjoy quicker and easier deployments with systems configured, integrated, and tested by
HPE. Using industry-standard IPMI 2.0 system management and the HPE Performance Software Suite,
the server is easy to use and manage. The HPE Apollo sx40 Server delivers cost-effective Deep Learning
and HPC performance with high-compute density (four GPUs per 1U rack space), helping to turn data
into insights and insights into actions.
The HPE Apollo sx40 Server features up to four NVIDIA Tesla GPUs with the high-bandwidth, energy-
efficient interconnect NVIDIA NVLink to accelerate mixed-application HPC computing as well as Deep
Learning workloads. NVLink enables increased GPU performance for Deep Learning workloads.
Your customers can optimize the server for required workloads by choosing from the available CPUs in
the Intel® Xeon® Processor Scalable Family, up to twelve 2666 MHz DDR4 DIMMs, optional network
adapters, and up to two SFF hard drives or SSDs.
Fully integrated and factory-tested clusters are delivered with a complete cluster management software
stack to simplify deployment and management and can be custom-configured for perfect right-sizing.
Multiple network topologies are supported in cluster builds: Fat Tree, Hypercube, and Enhanced
Hypercube.
Specifications of HPE Apollo sx40 Server:
•Chassis profile: 1U standard-depth
•Servers/System: One dual-socket
•Max. processors: Two Intel® XPSF processors
•Max. CPU TDP: 165W
•Memory slots: 12 DIMM slots
•Memory type: 2666 MHz DDR4 ECC reg.
•Max. HDDs: 2 × 2.5" drives
•Expansion slot
–Includes three PCIe 3.0 x16, Low Profile slots
–Includes four SXM 2.0 slots (Two slots are already occupied by two SXM GPUs)
•Networking (Onboard): Dual-port GigE controller (Intel® I350)
•IPMI Remote Management: Integrated IPMI 2.0
•Power supply: 2000W Redundant Power Supplies Titanium Level (96%)
•Max. GPUs: Four Tesla P100 SXM2

HPE Apollo 2000—Enterprise bridge to HPC

Figure 8-8 Apollo r2200 chassis

The HPE Apollo 2000 offers all the features of traditional enterprise servers and provides twice the amount
of density than standard 1U rack servers. This system increases available data center floor space, improves
performance while lowering energy consumption, and provides flexible configurations that fit into
industry-standard racks. The Apollo r2200 chassis is shown in Figure 8-8.
Apollo 2000 systems offer a dense solution with up to four HPE ProLiant XL170r Gen9/Gen10, shown
in Figure 8-9, or up to two HPE ProLiant XL190r Gen9/Gen10 server nodes in a standard 2U chassis.
Each server node can be serviced individually without impacting the operation of other nodes sharing the
same chassis, providing increased server uptime. The ability to combine ProLiant XL170r servers and
ProLiant XL190r servers in the same chassis and the unique drive-mapping flexibility lends itself to
optimizing server configurations for many applications. Chassis, or groups of chassis, can be custom-
configured to act as affordable, modular, 2U building blocks for specific implementations at scale—and
for future growth.
Figure 8-9 ProLiant XL170r Gen10 and ProLiant XL190r Gen10

The Apollo 2000 is also compatible with the HPE APM, which enables aggregate and detailed level of
power measurement and control of groups of servers. It also provides static and dynamic capping of power
across the nodes.

HPE Apollo 2000 features and benefits


Features of the Apollo 2000 include:
•Redundant fans and power infrastructure with up to two 1400W power supplies
•Increased storage flexibility with options that support serial-attached SCSI (SAS)/serial advanced
technology attachment (SATA)/SSDs
•Up to four independent, hot-pluggable server nodes in one chassis, delivering twice the compute
density than 1U rack-mount servers
•Front hot-pluggable drives and rear serviceable nodes
•Cost-effective configurations for various workloads
•1U and 2U servers that can be mixed and matched for workload optimization, allowing customers
to partially populate the chassis and scale-out as they grow
•HPC performance with accelerators, top bin processors, and broad range of I/O options
•12 LFF or 24 SFF drive cage options, including an option for an SAS expander to enable flexible
allocation of drives per server node

HPE Gen9 compute nodes and options for Apollo 2000


Table 8-1 Differences between the ProLiant Apollo XL170r and XL190r
ProLiant Apollo XL170r: Gen9 1U ProLiant Apollo XL190r: Gen9 2U
node node

Maximum 1U half width—up to four per chassis 2U half width—up to two per chassis
number

Processor Dual Intel® Xeon® E5-2600 v3 series processors with options for four to 18 cores,
1.6 GHz to 3.5 GHz CPU speed, and 85 to 145 watts

Memory 16× DDR4 up to 2133 MHz, 512 GB maximum

Network 2× 1 GB Ethernet, Serial RJ45 connector, SUV connector (one serial/two


module USB/one video), and optional FlexibleLOM

PCIe 3.0 slots Two externally accessible I/O options Three externally accessible and one
that allow you to choose how the PCIe internally accessible I/O options
lanes are utilized

•Up to 24 drives per node


Storage
•Dual SATA host based M.2 2242 NGFF SSDs (internal)
•Hot-plug HDD support
•Internal USB port
•Hard drive-mapping feature on r2800 chassis

Storage •Integrated Smart Array B140i storage controller


controller •Optional PCIe host bus adapters (HBAs) and Smart Array Controllers with
advanced array features such as HPE SmartCache and RAID 10 advanced
data mirroring

Supported N/A Support for up to two per server:


accelerators NVIDIA Tesla K40 GPUs or Intel®
Xeon® Phi 5110P coprocessors
Management •HPE iLO 4
•Advanced Power Manager (optional rack-level management)

Common •HPC •HPC (with GPUs or


workloads •Cloud server coprocessors)
•Density-optimized general- •Density-optimized general-
purpose server purpose server
•Computing/storage all-in-one •Computing/storage all-in-one
server for small to midsize server for SMB, Financial
ProLiant Apollo XL170r: Gen9 1U ProLiant Apollo XL190r: Gen9 2U
node node

businesses (SMBs), financial risk Services Industry (FSI), and


modeling, and engineering design EDA
automation •Server storage gateway
controller for Storage Area
Network (SAN), EDA, and
HPC cloud server for online
gaming

Table 8-1 highlights the differences between the two server models that are compatible with Apollo 2000
systems. The key differences are in bold.

HPE ProLiant XL170r and XL190r server—Gen 10


Table 8-2 Gen10 specifications overview
Chassis r2200, r2600, and r2800 chassis—new Non-Volatile Memory Express
(NVMe) Backplane for r2800 chassis (four per 1U node)

Power Two 800W/1400W (277V AC)/1600W

Processor Intel® Xeon® Scalable Family (up to 150W); – F support on CPU0

Memory 16 DDR4 DIMMs, 2666 MHz, support for 2× non-volatile DIMM (NVDIMM)
per socket (Type 1 and 4)

Network Embedded dual 10 GB network interface card (NIC) w/ Flexible Interface (2 ×


SFP or 2 × 10 GBT or 2 × 1 GBT)

IO slots XL170r—One x16 LP PCIe; one x16 LP or one x16 FlexibleLOM


XL190r—One x16 LP PCIe; one x16 LP or one x16 FlexibleLOM; and two
x16 FHFLDW

Storage Dual SATA host based M.2 2280 SSDs-internal


Storage S100i, E208i-p, E208e-p, P408i-p, and P408e-p
controllers

Management HPE iLO 5 (Each server will have its own dedicated iLO)
HPE APM (rack-level management)

Table 8-2 outlines the specifications of the HPE ProLiant XL170r and XL190r Gen10 models.

Apollo 2000 System offerings (Gen9 → Gen10)

Figure 8-10 Apollo 2000 System offerings (Gen9 and Gen10)

Figure 8-10 shows the differences between Gen9 and Gen10 versions of the Apollo 2000 series.
Table 8-3 highlights the differences between the Apollo 2000 system chassis options.
Table 8-3 Apollo 2000 system chassis options
Note
To access the QuickSpecs for Apollo 2000, enter the following URL into your browser:
https://www.hpe.com/h20195/V2/Getdocument.aspx?docname=c04542552

HPE Apollo 4000: Early innovation to market leadership

Figure 8-11 HPE Apollo 4000 Family

Big Data is growing at an exponential rate and enterprises are seeking to translate Big Data Analytics into
a competitive business advantage. Today’s general-purpose infrastructure runs into problems when Big
Data workloads move to petabyte scale. The data center can experience capacity constraints, spiraling
energy costs, infrastructure complexity, and inefficiencies. To maximize the value of Big Data, businesses
require systems that are purpose-built for Big Data workloads.
HPE Apollo 4000 systems, as shown in Figure 8-11, are designed specifically for Hadoop and other Big
Data Analytics and object storage systems. These systems allow customers to manage, monitor, and
maintain increasing data volumes at petabyte scale. Businesses can use Apollo 4000 to address data center
challenges of space, energy, and time to results.

HPE Apollo 4200 Gen9 server


Figure 8-12 Apollo 4200 Gen9 servers

The HPE Apollo 4200 Gen9 server, shown in Figure 8-12, is a density-optimized server storage solution
designed for traditional enterprise and rack-server data centers. This versatile 2U Big Data server
integrates seamlessly into traditional data centers with the same rack dimensions, cabling, and
serviceability, as well as the same administration procedures and tools. It is the ideal bridge system for
implementing purpose-built Big Data server infrastructure, with the capability to scale in affordable
increments in the future.
This server is available in LFF and SFF versions.
•The LFF server features up to 224 TB of direct-attached storage (DAS) per server and 4.48 PB
storage capacity per rack1. It supports up to 28 hot-swappable LFF SAS or SATA HDDs/SSDs.
•The SFF system features up to 90 TB of DAS per server and supports up to 50 hot-swappable SFF
SAS or SATA HDDs/SSDs. The SFF HDD model supports SAS and SSD drives with 12 G output
and 15 K RPMs to speed data transfer for analytics workloads.

Note
1Based on 8 TB LFF drives.

Key features and benefits of the Apollo 4200 Gen9 server include:
•Offers a standard size rack, front/side hot-plug disk serviceable, rear aisle cabling, and standard
rack-server system administration
•Fits in traditional data centers with the same racks, cabling, and servicing accessibility
•Allows enterprises to start and grow object storage solutions in cost-effective 2U increments
•Provides two-processor server configuration options, including:
–Xeon® E5-2600 v3 and v4 series processors with choices from four to 18 cores, 1.6 GHz to
3.5 GHz CPU speed, and power ratings between 55 and 145 watts
–16 DIMM slots with up to 512 GB DDR4 memory at up to 2133/2400 MHz, which is ideal for
object stores needing fast performance with small objects or in-memory data processing for
near real-time analytics software
–Up to five PCIe Gen3 slots to meet networking and cluster performance needs in applications
requiring higher speed I/O
Note
Enter the following URL into your browser to access the Apollo 4200 Gen9 server QuickSpecs:
https://www.hpe.com/h20195/v2/getpdf.aspx/c04616497.pdf

HPE Apollo 4500 systems

Figure 8-13 Apollo 4500 systems

As shown in Figure 8-13, HPE Apollo 4500 systems include two purpose-built systems to address specific
needs: the HPE Apollo 4510 for object storage workloads and the HPE Apollo 4530 for Hadoop and Big
Data Analytics workloads. These systems provide the following features:
•Apollo 4510—This system is ideal for object storage solutions at any scale including collaboration
and content distribution, content repositories and active archives, and backup repositories and cold
storage. This ultra-dense system includes one server in a 4U chassis. It also includes up to 68 hot-
plug SAS or SATA HDDs/SSDs with up to 544 terabytes storage capacity per server and up to 5.44
PB of storage per 42U rack.
•Apollo 4530—This system is purpose-built for the wide variety of Big Data Analytics solutions
based on parallel Hadoop-based data mining, as well as NoSQL-based Big Data Analytics solutions.
It offers three servers per chassis, allowing businesses to house three copies of data in a single
system. It provides the performance and storage density needed to develop a complete view of
customers to improve marketing cost-effectiveness, boost online sales, and enhance customer
retention and satisfaction.
–This 4U, three-server system has three two-processor ProLiant servers, each with 15 LFF hot-
plug SAS or SATA HDDs/SSDs per server and up to 45 drives per chassis.
–Each server has up to 120 TB of capacity—providing economical building blocks for efficient
implementations at scale with up to 30 servers and 3.6 PB of capacity in a 42U rack. 1
Note
1Based on 10 Apollo 4530 systems with 8 TB HDDs.

HPE Apollo 4510 Gen10 System configuration options

Figure 8-14 HPE Apollo 4510 Gen10 System

The HPE Apollo 4510 Gen10 is shown in Figure 8-14.


Table 8-4 Apollo 4510 Gen10 specifications
Feature Apollo 4510 Gen10 details

Processors Up to two Intel® Xeon® Scalable Family Processors, up to 150W*

Memory 16 DIMM slots, up to two NVDIMMs per processor (Type-N)

Drive support Apollo 4510: 60 LFF, side loaded


PMC Belmont SAS expander
Dual PCIe M.2 drives on node PCA for boot
2× SFF HDD/SSD/NVMe for node or 2× UFF Dual SATA M.2 Kit
Micro SD Flash Media

Network Dual-Port 1 GbE from PCH


Feature Apollo 4510 Gen10 details

Expansion Up to one FlexibleLOM (x8), one x16 LP and two x16 FHHL PCIe slots with
two processors

Display SUV port, Video, Power/Health/UID Buttons, and LEDs

Management iLO 5 + dedicated iLO NIC port + iLO USB port


OneView support
HPE Advanced Power Management support

Other 4U chassis height; fits in HPE Standard 1075 mm rack


features Hot-plug rear serviceable N + 1 redundant fans
HPE Gen10 Flex Slot power supplies (AC and DC versions) up to 1600W

Table 8-4 highlights the specifications of the Apollo 4510 Gen10.

Activity: Technical University of Denmark case study


Watch a video about how Apollo systems helped the Technical University of Denmark (DTU) meet the
HPC needs of life sciences researchers.

Note
To access the video, enter the following URL into your browser:
https://www.youtube.com/watch?v=IjceCDNC4z0

Be prepared to pause the video as needed to answer these questions:


1.What prevented the DTU from using a traditional HPC system?

2.What types of data does the DTU manage?

3.How did DTU use HPE Apollo and other Big Data systems to drive innovation in medicine?
Activity debrief
1.What other benefits might DTU experience, aside from those featured in the video?

2.How could Apollo systems be useful in similar ways within other industries?

HPE Apollo 6000

Figure 8-15 Apollo 6000 systems

The Apollo 6000 system, shown in Figure 8-15, was designed at rack scale to provide power, cooling, and
I/O infrastructure to support ProLiant XL servers. Each standard rack chassis is 5U, with up to 10
independent server trays. The innovation zone in the back of the chassis holds up to 10 I/O modules, with
dual FlexibleLOMs supporting 1 GbE or 10 GbE. Power is delivered through an external 1.5U power
shelf (14.4 kW or 15.9 kW) supporting up to six chassis depending on power load. Customers can choose
from single- or three-phase AC input. An APM module helps optimize rack, chassis, and server power.
Benefits of an Apollo 6000 system include:
•Leading performance per watt and per dollar
–Twenty percent more performance for single-threaded applications1
–Forty-six percent less energy at the system2
–Four times better performance per dollar per watt3
•Rack-scale efficiency
–Sixty percent less space than a competing blade2
–Simplified, rack-scale administration efficiencies
•Flexibility to tailor the solutions to the workload
–Innovation zone allows for choice of NIC, FlexibleLOM options to fit workload needs while
increasing cost savings
–Capability to scale by chassis or rack with a single modular infrastructure and a selection of
compute, storage, and GPU/accelerator trays

Note
1 This percentage was documented using benchmarks from Synopsys, presented at the

Synopsys Users Group (SNUG) conference in 2014.


2 This data is based on HPE internal analysis comparing an Apollo 6000 system to a Dell M620.
3 Based on HPE internal calculations.

HPE Apollo a6000 chassis

Figure 8-16 Apollo 6000 chassis

The Apollo a6000 chassis and the servers it supports are designed for scalability and efficiency at rack
scale with projected TCO savings over three years. The Apollo a6000 chassis, shown in Figure 8-16, is
designed to help enterprises to manage and scale their business computing demands. It holds various
compute servers or accelerator trays to fit specific workloads. Each chassis can hold up to 10 single slot
trays or up to 20 servers. Five dual-rotor fans share a cooling zone, and power can be managed using an
APM option at the server, chassis, or power shelf level.
The 5U Apollo a6000 chassis:
•Accommodates up to 10 hot-swap server trays
•Fits standard racks with rear-cabled, cold-aisle servicing
•Offers rack-level management, networking, and cabling consolidation with chassis-level iLO port
aggregation and chassis-to-chassis serial iLO connections
After choosing chassis and power shelf configurations, customers can select a server tray. Options include:
•HPE ProLiant XL220a Gen8 v2 server tray—Offers two 1P servers per tray with Xeon® E3-1200
v3 series processors with up to four cores. This server tray increases performance per core up to
35% for single-threaded applications over a 2P blade.
•HPE ProLiant XL230a Gen9 server tray—Includes one 2P server per tray with Xeon® E5-2600
v3 series processors. This option provides up to 70% more processor performance and up to 36%
more efficiency than the previous generation.1
•HPE ProLiant XL250a Gen9 server tray—Provides one 2P server per tray with up to two
accelerator cards. This server tray delivers better performance than CPU alone.

Note
1This percentage is based on: http://www.intel.com/performance.

HPE Apollo 6000 Power Shelf

Figure 8-17 Apollo 6000 Power Shelf

The Apollo 6000 Power Shelf, shown in Figure 8-17, optimizes power and efficiency at the rack to
accommodate dynamic workload needs. Depending on the power configurations of the trays within a
chassis, the power shelf can support two to four fully populated Apollo a6000 chassis with a maximum
DC power up to 15.9 kW. With redundant hot-plug power supplies, the Apollo 6000 Power Shelf can also
be configured for single- or three-phase input. The 1.5U external power shelf is unique to the Apollo 6000
system.
Customers can use the Apollo 6000 Power Shelf to:
•Simplify their environment with fewer power distribution unit (PDU) ports and cables
•Deploy in half to full rack increments for maximum energy efficiency
Additional features include:
•Efficient pooled or shared power infrastructure
•Capacity for a maximum of six power supplies
•Support for N, N + 1, or N + N redundancy
Note
Enter the following URL into your browser to access the Apollo 6000 QuickSpecs:
https://www.hpe.com/h20195/V2/Getdocument.aspx?docname=c04293373

HPE Apollo 6000 Gen10 System

Figure 8-18 HPE Apollo 6000 Gen10 System (k6000 Chassis)

The HPE Apollo k6000 Chassis, shown in Figure 8-18, is designed with density optimization and HPC
solution integration in mind to help your customers manage and scale to their HPC computing demands.
The new modular HPE Apollo k6000 Chassis is designed to hold the next generation of compute servers
to fit your customer’s specific HPC workloads. 
The new modular, fully integrated, and highly flexible HPE Apollo k6000 Chassis accommodates up to
24 XL230k server trays, redundant power and cooling, Ethernet, and high-speed fabric switches to address
various HPC workload needs. The Apollo k6000 System is a performance-optimized, air-cooled solution
that fits in customer’s space limitations. This solution offers outstanding configuration flexibility,
simplified administration, and rack-scale efficiency that lowers the TCO needed for mass scale HPC
deployments.
Cooling concerns are reduced by 12 hot-pluggable dual-rotor fans while the chassis power can be managed
by either HPE Chassis Controller or enhanced (simplified) with optional HPE APM which allows granular
power control at the rack level.
Features:
•Performance-optimized, air-cooled solution
•Outstanding configuration flexibility
•Fully redundant power system
•Simplified administration efficiencies
•Ideal for highly parallel applications
•Leading edge technology and performance
–206 TFLOPS per rack with next-generation processors
–Single or dual plane fabric
–Integrated, purpose-built HPC system
–Up to 205W 28c 2.8 GHz processor
–100 Gbps node to node connectivity
–Lower latency and higher input/output operations per second (IOPS) with NVMe storage
–Increased performance and future proofing with 3D Xpoint storage on memory bus
•Rack-scale efficiency
–Improved rack-level reliability, availability, serviceability, and manageability (RASM)
features through integration
–Fast and simpler deployment
–Quickly deploy, service, and manage with cold aisle front accessible nodes
–Improved reliability with choice of Ethernet, Omni Path Architecture, and EDR InfiniBand
switches
–Enhanced security with Trusted Platform Module (TPM), secure firmware updates, iLO, and
secure encryption
•Optimized for best TCO
–Optimized architectural integrated design
–Purpose-built solution aligned to fabric radix without stranded ports; for example, architecture
uses all the switch ports
–Reduce IT deployment, maintenance time, and support costs through minimized cabling
–Rapidly install and deploy using consolidated ILO port
–Minimize power consumption and reduce cooling costs when nodes are not fully utilized using
advanced thermal technology
HPE Apollo 6000 Gen10 System is a purpose-built for large-scale HPC deployments, fast, secure, and
resilient compute, storage, and fabric technologies built with rack-level efficiencies to deliver exceptional
price per performance.

HPE Apollo k6000—Quieter, lower power, and more efficient chassis


Figure 8-19 Back of the k6000 chassis

HPE Apollo k6000 chassis brings the flexibility to use PCIe slots or quad-rotor fans. The back of the
chassis is shown in Figure 8-19. On the left-hand side, we have 12 dual-rotor fans that at 100 percent duty
cycle will generate 1500 cubic feet per minute (CFM). The advantage on the left side is the flexibility to
support a PCIe card. The IO option can be a workload accelerator, a network card such as the 25 GbE
Ethernet if the bandwidth of the integrated solution is insufficient, or a Smart Array card that allows
external storage connectivity.
On the right-hand side, we have the efficient quad-rotor fans that consume lower power and lower
acoustics. These powerful fans can generate more CFM than the dual-rotor fans.

HPE SGI 8600 Gen10 System

Figure 8-20 HPE SGI 8600 Gen10 System—Addressing key requirements for large-scale distributed
computing

The HPE SGI 8600, shown in Figure 8-20, is a liquid-cooled, tray-based, high-density clustered computer
system designed from the ground up to deliver the utmost in performance, scale, and density. The basic
building block of the HPE SGI 8600 system is the E-cell. The E-cell consists of two 42U-high E-racks
which are separated by a cooling rack. The E-cell is a sealed unit, uses closed-loop cooling technology,
and does not exhaust heated air into the data center. A direct-attached liquid-cooled “cold sink” provides
for efficient heat removal from high power devices including processors, GPUs, and switches via an
auxiliary cooling distribution unit (CDU).
A single E-rack can accommodate up to 36 compute tray slots within four compute enclosures. The E-
rack is not configured with any cooling fans. All the cooling needs for the E-rack are provided by the
cooling rack. This approach to cooling provides greater efficiency for the rack-level cooling, decreases
power costs associated with cooling (fewer blowers), and utilizes a single water source for two racks. The
custom-designed 42U-high E-rack supports both indirect and direct cooling methods. The indirect method
is where the conditioned air supplied by the cooling rack provides the cooling to the components in the
E-rack. This method can be used for configurations that require a lower level of heat removal. The direct
method is the addition of liquid-cooled cold sinks to the processors in the compute trays. This method is
used in parallel with the indirect cooling when the indirect cooling method is not sufficient to remove all
of the heat from the E-rack.
One 42U-high, 60cm wide E-rack supports the following:
•Maximum of four 10.5U compute enclosures
•Maximum of 36 quad-node compute trays (up to 288 sockets)
•Maximum of 16 IB switchblades
•Maximum of nine power supplies per compute enclosure—36 total 3000W power supplies
•One AC input power raceway
•Maximum of two PDUs
•Maximum 221.184 TB of memory (36 trays × 4 nodes/tray × 2 sockets × 6 channels × 128 GB)
Designed to solve the world’s most complex problems in areas ranging from life, earth, and space sciences
to engineering and manufacturing to national security, the HPE SGI 8600 offers leading performance,
density, scale, and efficiency coupled with robust system tools for quickest times to solutions.
Features of SGI 8600 Gen10, addressing key requirements for large-scale distributed computing.
•Leading performance
–Greater than 1/2 petaflop of pure x86 compute TFLOPS per rack with Intel® Xeon® Processor
Scalable Family
–Clustered solution supports most powerful processors and interconnect technology
–World record performance for major message passing benchmarks using the latest, most
performant interconnect technologies coupled with leading HPE Message Passing Interface
(MPI) software
•More compute options—choice of three server trays
–Four dual-socket next-generation node tray—up to 288 nodes/512 CPUS per E-cell
–One dual-socket next-generation node supports up to 165W and up to four NVIDIA Tesla
P100 with NVLink tray (SXM2)
–Four single socket with Intel® Xeon® Phi node tray
•Ease of use
–Robust system and cluster management tools
–Off-the-shelf OS and applications for quick time to solution
•Density/Scale/Efficiency
–Designed to scale to meet any customer’s requirements
–Liquid cooling for maximum density and power efficiency
–Runs complex HPC workloads at petaflop speed with liquid-cooled, tray-based, scalable, high-
density clustered computer system
–Designed to efficiently scale to thousands of nodes through superior power and cooling
efficiency coupled with Advanced Power Management

Learning check
3.Match the Apollo platform with features.

Managing Apollo systems


In addition to iLO, HPE also offers additional management options that are ideal for managing Apollo
solutions at scale.
•HPE APM—The APM is an optional rack-level solution for Apollo systems. HPE APM
automatically discovers hardware components and enables bay-level power on and off, server
metering, aggregate dynamic power capping, configurable power-up dependencies and sequencing,
consolidated Ethernet access to all resident iLOs, and asset management capabilities.
The APM does not replace rack PDUs, but it is designed to enable the utilization of basic, low-cost
rack PDUs while providing the functionality of switched PDUs. Switched PDUs provide hardware
power on and off of individual servers by turning off the AC power to the power supplies of a given
server. Because the servers share power supplies to optimize power efficiency, using switched
PDUs to turn off all the power supplies in the chassis results in the loss of all server nodes in that
chassis. The APM solves this by allowing server node-level hardware power on and off of the DC
power to the individual server node motherboards.
Additional features include:
–Rack-level event logging
–Remote Authentication Dial-In User Service (RADIUS) authentication
–Integrated serial concentrator
–Up to 11 local user accounts
–Read-only service port
–Supports Simple Network Management Protocol (SNMP), Secure Shell (SSH), Syslogd, and
Telnet
•HPE Insight Cluster Management Utility (CMU)—The Insight CMU is a hyperscale-optimized
management framework that includes software for the provisioning, control, performance, and
monitoring of groups of nodes and infrastructure. This collection of tools helps customers manage,
install, and monitor a large group of compute nodes, specifically HPC and large Linux clusters.
This framework is optional for Apollo 4000 systems. Businesses can use Insight CMU to lower the
TCO of this architecture. Insight CMU is scalable and can be used for any size cluster. Users can
access this utility through a graphical user interface (GUI) or a command-line interface (CLI).
–The Insight CMU GUI:
♦Monitors all the nodes of the cluster at a glance
♦Configures Insight CMU according to the actual cluster
♦Manages the cluster by sending commands to any number of compute nodes
♦Replicates the disk of a compute node on any number of compute nodes
–The Insight CMU CLI:
♦Manages the cluster by sending commands to any number of compute nodes
♦Replicates the disk of a compute node on any number of compute nodes
♦Saves and restores the Insight CMU database

Note
Enter the following URL into your browser to access the Insight CMU user guide:
http://h20565.www2.hpe.com/hpsc/doc/public/display?sp4ts.oid=3296361&docLocale=en
_US&docId=emr_na-c05083084

Activity: Recommending Apollo solutions for customers


Develop HPE solution recommendations based on a specific customer’s needs. Consider the
circumstances of the customer profile provided below. Use the QuickSpecs links provided in this book
and additional content from the HPE website to support your recommendation.

Customer profile
This university located in the United States is searching for an IT solution to drive the future of research
within their institution. They are seeking a highly flexible environment to accommodate a broad range of
research fields while boosting performance.
The ideal solution:
•Integrates with existing storage and networking infrastructures
•Enables broad adoption by traditional and nontraditional research groups
•Minimizes technology footprint
•Makes it easy to share information between thousands of users worldwide
•Manages large amounts of scientific data
•Supports a variety of HPC workloads spanning aerospace, engineering, biology, and life sciences
Which Apollo products would most benefit this customer? Describe your solution in the space provided.
Activity debrief
1.Did any other questions about the customer requirements come up during the solution developing?
What were they?

2.Does your recommended solution provide options for the university to scale as its needs change?
If so, how?

HPE HPC Software


The HPE HPC Software supports Linux software in the areas of open source software, HPE-developed
software, and commercial HPC software that has been validated, integrated, and performance-optimized
by HPE. In addition, HPE offers support (HPE or third-party vendor support) for many of the components.
For community-developed open source software like CentOS, HPE provides the software for systems and
validates HPE-developed software on CentOS, but does not offer support for CentOS.
Figure 8-21 Building the # 1 HPC software environment

As shown in Figure 8-21, with HPE’s acquisition of SGI, there is a full portfolio of the best-of-breed HPC
software being made available for the HPE HPC systems: Apollo, ProLiant, and HPE SGI 8600 (SGI ICE
XA).
If you were to offer support for community developed open source software, there is a chance that
patching/changing the code would create a derivative work that would make it difficult to offer customer
support for long-term. Community-developed open source software needs to remain a community
distribution.

HPE HPC Software Portfolio


Figure 8-22 HPE HPC Software Portfolio

The combined HPE software assets since the acquisition of SGI are shown in Figure 8-22. The software
assets span HPE developed software, open source software, and commercial HPC software. All support
standard Linux x86-64 operating systems from Red Hat, SUSE, and CentOS.
While HPE focused on HPE-developed Core Software stack and CMU, the third-party software was not
offered for sale with the HPE Apollo and ProLiant systems. SGI, however, did provide one-stop shopping
of the portfolio of HPC software. Combined, HPE now offers the best-of-breed third-party software in
each category along with the HPE value-added HPE Core HPC Software Stack providing:
•Easy to install HPC software for Apollo and ProLiant
•HPE CMU for cluster management for Apollo and ProLiant
•HPE SGI Management Suite which provides cluster management for the HPE SGI 8600 aka ICE
XA
•HPE Performance MPI formerly known as SGI Performance Suite which provides a performance-
optimized MPI and SHMEM development environment for HPE SGI 8600, Apollo, and ProLiant.
Data Management software is also listed and SGI’s DMF, XFS, and CXFS will continue to be offered
with storage hardware. Lustre is one of the popular clustered file system for HPC customers and HPE
offers Intel’s® version IEEL for sale.

Activity: Improving products with HPC solutions


Alpha Centauri Drones Company is considering storing and analyzing data generated by drones, such as
operational statistics from engines and gyro stabilization decisions.
1.Which solution can you recommend for storing the data, when 460 TB of raw SSD capacity
needed and Hadoop jobs for initial data storing requires 40 cores?

2.Which solution can you recommend for analyzing the data, when 24 servers with two Skylake
processors are required?

3.What type of management tools can you recommend?

Selecting density-optimized platform


Figure 8-23 Choosing Apollo and SGI servers based on workload

Figure 8-23 shows how to choose Apollo and SGI servers based on customer business and technology
needs.

Learning check
4.Describe APM.

HPE HyperConverged solutions: HPE SimpliVity


SimpliVity is a software-defined hyper-converged infrastructure leader founded in 2009.
•6000 shipped systems
•About 1300 customers
SimpliVity’s portfolio:
•Software-defined hyper-converged infrastructure platform simplifies IT operations; give
developers a rich set of data management services
•Can be deployed as preintegrated appliance or as software on servers
•Offered through global reseller network of partners in over 40 countries

The HPE SimpliVity Data Virtualization Platform


The OmniStack Data Virtualization Platform provides three key benefits to end-users.
•Guaranteed data efficiency—Only SimpliVity deduplicates, compresses, and optimizes all data at
inception globally, eliminating unnecessary data processing, improving application performance,
while guaranteeing 90% capacity savings across storage and backup.
•Built-in resiliency, backup, and disaster recovery—Only SimpliVity delivers the resilience, built-
in backup, and bandwidth-efficient replication needed to ensure the highest levels of data integrity
and availability, eliminating the need for legacy data protection. Additional features include:
–Full logical backups with near zero overhead
–Guaranteed 60-second restore of 1 TB VM
–Granular recovery time objectives (RTOs) and recovery point objectives (RPOs) from hours
to seconds
–Simple, affordable offsite disaster recovery
–Redundant Array of Independent Nodes (RAIN) + RAID protection of data
•Global VM-centric management and mobility—Only SimpliVity delivers policy-based, VM-
centric management abstracted from the underlying hardware that simplifies day-to-day operations
and enables seamless data mobility, making development teams and end-users more productive.

Deduplication with HPE SimpliVity

Figure 8-24 Deduplication with HPE SimpliVity

The HPE SimpliVity Data Virtualization Platform delivers inline deduplication, but without a
performance penalty, as shown in Figure 8-24. That is because the HPE OmniStack Accelerator Card
allows offloads deduplication and compression from the host CPUs. This leaves as much CPU as possible
available to run the business applications. The HPE OmniStack Accelerator Card also delivers extremely
predictable performance, which allows an HPE SimpliVity hyper-converged infrastructure to deliver
predictable performance to business applications.
By deduplicating and compressing all data inline with a hardware accelerator/offload engine, HPE
SimpliVity can provide significant advantages in terms of performance without compromising the
performance of the application VMs running on the same hardware platform.
Top use cases for SimpliVity

Figure 8-25 Top use cases for SimpliVity

What can HPE SimpliVity hyperconvergence do for you?


•Reduce IT costs and streamline operations
–73% TCO savings compared to traditional IT infrastructure (Forrester Consulting)
–10:1 device reduction (Forrester Consulting)
–Up to 49% TCO savings compared to Amazon Web Services (Evaluator Group)
•Improve agility and time to production
–81% increase in time spent on new projects (IDC)
–Rapid scaling to 1000 VMs with peak and predictable performance (Enterprise Strategy
Group)
–One hour to provision eight-node cluster (Enterprise Strategy Group)
•Maximize uptime and prevent data loss
–Fifty-seven percent of customers reduced recovery time from days or hours to minutes
(TechValidate)
–Seventy percent improvement in backup/recovery and DR (IDC)
–A majority of customers using HPE SimpliVity data protection retired existing third-party
backup and/or replication solutions (IDC)
SimpliVity is useful in many situations, typical use cases are shown in Figure 8-25, including:
•Data center consolidation
•Remote Office/Branch Office (ROBO)
•Virtual desktop infrastructure (VDI)
•Cloud computing
•Tier-1 applications
•Data protection
•Test/Dev
HPE SimpliVity 380 and HPE SimpliVity 380 Gen10

Figure 8-26 HPE SimpliVity 380 and HPE SimpliVity 380 Gen10

For IT leaders struggling to achieve the agility and economics of the cloud, with the control and
governance of on-premises IT, HPE SimpliVity 380 delivers a powerhouse hyper-converged solution—
running some of the world’s most efficient and resilient data centers. A market and customer satisfaction
leader, the solution dramatically simplifies IT by combining all infrastructure and advanced data services
for virtualized workloads onto the bestselling server platform in the market.
HPE SimpliVity 380, available on HPE ProLiant DL380 Gen9 and Gen10 servers shown in Figure 8-26,
is a compact, scalable 2U rack-mounted building block that delivers server, storage, and storage
networking services. It also delivers a complete set of advanced functionality that enables dramatic
improvements to the efficiency, management, protection, and performance of virtualized workloads—at
a fraction of the cost and complexity of today’s traditional infrastructure stack.
Features:
•Scalable and configurable
•Expandable in one node increments up to 32 total nodes
•Simplified, configurable appliance with multiple storage choice points:
–Extra small: 5x 960 GB SSD Kit (Gen10)
–Small all SSD: Small business and remote offices—5x 1.92 TB SSD
–Medium all SDD: Mid-size enterprise data centers—9x 1.92 TB SSD (not yet in Gen10)
–Large all SSD: Large enterprise data centers—12x 1.92 TB SSD (not yet in Gen10)
•Processor: Choice of Intel® Xeon® E5 v4 processors and Intel® Xeon® Scalable Processors
(Gen10)
•Memory: 256 GB to 1536 GB (per node)
•Network: 10 GB, 1 GB
•Power: Redundancy
•Virtualization software and licensing

Note
To access more information about SimpliVity platform, enter the following URL into your
browser:
https://www.hpe.com/info/simplivity

HPE SimpliVity 380 configuration workflow


The workflow for configuring HPE SimpliVity systems includes:
1.Select base node
–HPE SimpliVity 380 Gen9 Node
–HPE SimpliVity 380 Gen10 Node
2.Select hardware options to add to the base node
–Processors
–Memory
–Storage
–Networking
–Power
–HW options
3.Select software options
–HPE OmniStack
–iLO Advanced
–VMware vSphere
4.Select service and support

Activity: SimpliVity introduction


Watch the SimpliVity introduction video below, and pause as needed to answer the questions below:

Note
To access the video, enter the following URL into your browser:
https://www.youtube.com/watch?v=ZGakvT3CLow

1.Which components do Integrated systems integrate?

2.Which ProLiant server is used in HPE SimpliVity 380?

3.How much time does SimpliVity need for 1 TB VM backup?

Reference Architectures

Note
Right-click below and open the hyperlink for “HPE Reference Architecture for Microsoft SQL
Server 2014 on HPE SimpliVity 380”
http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00021464enw
Learning check
5.Which component of HPE SimpliVity performs deduplication and compression? What are the
benefits of the selected design?

6.Write a summary of the key concepts presented in this chapter.

Summary
•HPC and Big Data is essential to the continued success of businesses requiring optimal
computational performance, unprecedented reliability, memory, and storage scalability.
•HPE Apollo systems are designed to deliver compute, storage, networking, power, and cooling
solutions for Big Data, analytics, object storage, and HPC workloads.
•The HPE SimpliVity delivers inline deduplication without a performance penalty. Deduplication
and compression are provided by the HPE OmniStack Accelerator Card.
9 HPE Synergy
WHAT IS IN THIS CHAPTER FOR YOU
After completing this chapter, you should be able to:
✓Describe Hewlett Packard Enterprise (HPE) Synergy in the context of current Composable
Infrastructure challenges.
✓List the steps to configure a Synergy solution.

Prelearning check
1.How many servers can fit into one Synergy 12000 frame?

2.Synergy compute modules are equipped with HPE integrated Lights-Out (iLO).
True
False
3.Match the HPE Synergy management subsystem component with its function.

Reference Configurations and Architectures


Figure 9-1 Reference Architecture

The Synergy platform can run any server workload traditional ProLiant DL or BL servers can run. Many
use cases and typical installations are described by reference architectures and configurations. Figure 9-1
shows an example reference architecture. Other use cases include:
•Oracle VM and Oracle Linux (SY480, SY620, SY680)
•Seventeen world records in SPECjbb®2015
•Oracle 12c and Oracle 12c In-Memory
•NVIDIA GPUs with Citrix Xen Desktop
•Docker Enterprise Edition (EE) Standard
•Microsoft SharePoint and Exchange Server 2016
•Microsoft SQL Server 2016
•Microsoft Exchange Server 2013

Note
To access more information about Synergy and Oracle, go to:
http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00008435enw

Note
To see more information about SPECjbb records, go to:
http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00008437enw

Why offer a Synergy solution?


Gen10 c-class server blades are great products for current BladeSystem customers with empty slots, but
new projects should be started with Synergy. Advantages of Synergy solutions include:
•Requirements beyond capacity of BladeSystem servers
•Future-proof architecture
•Simplified lifecycle management
•Easier expansion
•Composable DAS storage
•Cloud-like speed for provisioning
•Expandability with rack-scale fabric

Configuring a Synergy system


A Synergy solution allows customers to select the right ratios of fabric, storage, and compute to compose
the infrastructure necessary for their particular workloads.
The process you follow to building a Synergy solution for a customer involves four loosely defined main
steps:
1.First, configure the infrastructure by determining the number of frames the customer requires and
the associated Composers, frame link modules, and compute modules.
2.Determine how the Composers and frame link modules will be connected in a management ring.
The Synergy system via the Synergy Composer will automatically discover all of the compute,
fabric, and storage resources that have been added to the management ring.
3.Consider how to configure fabric elements (the data network) as part of a Composable
Infrastructure. Determine whether the Image Streamer is appropriate for the customer’s
configuration. If you are adding an Image Streamer to the customer’s configuration, determine how
it fits into the fabric and the management ring.
4.Lastly, build out storage modules based on the customer’s requirements.

Step 1: Configure the infrastructure


Configuring the infrastructure involves making decisions about the frames and the management
subsystem.

HPE Synergy 12000 frame


Figure 9-2 HPE Synergy 12000 front view

Figure 9-3 HPE Synergy 12000 rear view

The Synergy frame reduces complexity through an intelligent autodiscovery infrastructure and delivers
performance and to accelerate workload deployment. As the building block for a Synergy infrastructure,
a Synergy frame offers substantial expansion and scalability.
Every frame offers dual hot plug integrated appliance bays for redundancy. They have 10 Gb network
direct connected to frame link module for inter- or intraframe management communications.
A Synergy frame’s unique design physically embeds Synergy Composer with HPE OneView management
software to compose compute, storage, and fabric resources in any configuration. HPE Synergy frames
may be linked into larger groups or domains of frames to form a dedicated management network,
increasing resources available to the business and IT efficiency as the size of the infrastructure grows—
achieving both capital expenditure (CapEx) and operational expenditure (OpEx) economies of scale.
The HPE Synergy 12000 frame, shown in Figure 9-2, accommodates compute, storage, fabric, and
management in a single infrastructure to significantly reduce cost and complexity while delivering
significant performance gains to accelerate workload deployment. It provides the base for an intelligent
infrastructure with embedded management and scalable links for expansion as business demand requires.
The HPE Synergy 12000 frame physically embeds management as code into an intelligent infrastructure
to offer management and composability of integrated compute, storage, and fabric resources. Whether
resources are in a single frame or multiple linked frames, the system offers composability of all resources.
The Synergy frame takes the same 10U of rack space as a BladeSystem c7000 enclosure. Synergy is
slightly deeper, and there are some significant considerations in placing a Synergy frame in a 1m deep
rack.

Note
An operating expense, operating expenditure, operational expense, operational expenditure or
OpEx is an ongoing cost for running a product, business, or system. Its counterpart, a capital
expenditure (CapEx), is the cost of developing or providing nonconsumable parts for the
product or the system. For example, the purchase of a photocopier involves CapEx, and the
annual paper, toner, power, and maintenance costs represent OpEx. For larger systems like
businesses, OpEx may also include the cost of workers and facility expenses such as rent and
utilities. (Wikipedia.org, January 2018)

The Synergy 12000 frame eases installation by using the standard power feeds of BladeSystems. Synergy
supports up to six 96% Titanium Efficient, 2650 Watt power supplies that offer redundant N+N, N+1
power setup. Figure 9-3 shows the rear view of the Synergy frame, which provides an efficient cooling
system and has 10 built-in fans in every frame. It delivers the frame link topology (the ring architecture)
through 10 Gbase-T RJ-45 jacks and CAT6 cables, providing resource discovery and status, management
commands, and inventory reporting.
The Synergy 12000 frame provides walk up diagnostic and configuration link through display port and
USB connections either at the rear or at the front panel of the frame.

Learning check
1.How many servers can fit into a Synergy 12000 frame?

Synergy management subsystem


Figure 9-4 Synergy management subsystem components

As shown in Figure 9-4, the Synergy management subsystem comprises the following components:
•Composer—A management appliance that directly integrates into the frame of the system and
provides a single interface for assembling and reassembling flexible compute, storage, and fabric
resources in any configuration. Its infrastructure-as-code capability accelerates transformation to a
hybrid infrastructure and provides on-demand delivery and support of applications and services
with consistent governance, compliance, and integration.
•Image Streamer—A new approach to deployment and updates for a Composable Infrastructure.
This management appliance works with Composer for fast software-defined control over physical
compute modules with operating system provisioning. Image Streamer enables true stateless
computing combined with instant-on capability for deployment and updates. This management
appliance deploys and updates infrastructure at extreme speed.
•Frame link modules—The integrated resource information control point. Frame link modules
report asset and inventory information about all the devices in the frame. As resource controllers,
they provide functions such as inventory and configuration checking. They also provide the
management uplinks to the customer’s network.

Note
An uplink port (or link aggregation group) is used to expand a network by connecting to another
network or a device such as a router, a switch, or a server. A downlink port is used to receive
data from another (often larger) network.

A single Synergy Composer manages one frame or multiple racks of frames linked through the frame link
modules. The Synergy Composer option that you select determines the number of frames linked and
managed. HPE recommends using two Synergy Composer modules for redundancy and high availability.

HPE Synergy Composer


Figure 9-5 Synergy embedded management appliance

Composer is a physical appliance integrated within the Synergy frame. It plugs in to an appliance bay in
the side of the Synergy frame, as shown in Figure 9-5.

Note
Composer does not use a compute module slot.

Composer embeds the HPE OneView management solution to manage compute modules, fabrics, and
storage, which is the essence of software-defined intelligence in Synergy.
Composer deploys, monitors, and updates the infrastructure from one interface and one unified application
programming interface (API). It allows IT departments to deploy infrastructure for traditional, virtualized,
and cloud environments in a single step, in just a few minutes. Resources can be updated, flexed, and
redeployed without service interruptions. This allows infrastructure to be deployed and consistently
updated with the right configuration parameters and firmware versions, streamlining the delivery of IT
services and the transition to a hybrid cloud. Its reduced complexity and faster service delivery times
ultimately enable IT to better respond to changing business needs.
Server templates are a powerful new way to quickly and reliably update and maintain an existing
infrastructure. Composer uses templates to simplify one-to-many updates and manage compute module
profiles. This feature adds inheritance to the process, meaning updates can be made once, in the template,
and then propagated out to the profiles created from that template. Elements that can be updated via a
template include firmware, BIOS settings, local RAID settings, boot order, network configuration, shared
storage configuration, and many others.
Composer templates also provide monitor and flag capabilities with remediation. Profiles created from
the template are monitored for configuration compliance. When inconsistencies are detected, an alert is
generated indicating that the profile is out of compliance with its template. When a new update is made
at the template level, all profiles derived from that template will be flagged as inconsistent. From there,
the user has complete control over the remediation process for bringing individual modules or multiple
systems back into compliance.

HPE Synergy frame link modules

Figure 9-6 Synergy frame link modules

The frame link module is the intelligence behind the frame and the management architecture. It provides
shared frame services such as power, cooling, auto-discovery and inventory of all installed components
on the management interface. For example, they report, in real-time, the power each module uses and the
total power used per frame. Figure 9-6 shows the frame link modules in the rear of the Synergy 12000
frame.
A frame link module enables you to take one composable element or frame and connect multiples of them
together to allow them to automatically scale together. You can start off with one element and add more
infrastructure as needed. As you add elements, they auto-assemble together into one larger infrastructure
that can still be managed as a single infrastructure. You can start up to a rack or even a row scale
deployment and have it all managed as a single element. Appliance bays link directly to the frame link
modules in the rear of the frame to provide detailed information of compute, storage, and fabric resources
for management of the Composer with HPE OneView.
Frame link modules have a plug-and-play system assembly, which means the installation technician can
cable the modules and then automatically assemble the system. Two frame link modules per frame are
used to provide fault tolerance.
Frame link modules link to the management appliances and provide control points for providing resource
and health information of the frame to the management appliances. A management port on each frame
link module provides access to the management appliance and link ports for linking modules for multi-
frame linking and setup.

HPE Synergy Image Streamer

Figure 9-7 Image Streamer

To accelerate workload deployment, Synergy uses the Image Streamer, shown in Figure 9-7, a physical
appliance repository of bootable (golden) images that can be streamed across multiple compute modules
in a matter of seconds. This unique capability enables Synergy to set up and update infrastructure quickly
and consistently. This is significantly faster than the traditional, sequential process of building compute
modules—physical provisioning followed by operating system or hypervisor installation. It is ideal for
situations such as web-scale deployments where IT needs to provision an operating environment across a
large number infrastructure blocks.
Traditional server deployment is a sequential process of provisioning the physical hardware, followed by
provisioning an operating system, and then by provisioning a hypervisor installation. Traditional memory-
based server deployments use general deployment/provisioning tools for service operating system
deployment, which uses a RAM-based operating system, and is also known as a preboot (pre-install)
environment.
Image Streamer enables true stateless operation by integrating server profiles with golden images
(operating environment and I/O driver) and personalities (operating system and application) for rapid
implementation onto available hardware. The fast deployment and compliance management capabilities
leverage software-defined intelligence and are accessible via the unified API. These capabilities set HPE
Image Streamer apart from traditional approaches.
Updates to highly replicated physical compute nodes with their operating environments at extreme speeds
enables Image Streamer to deliver fast virtualized image changeovers (for use in Test and Dev, DevOps,
multiple PaaS) or secure boot and image compliance (for use in defense, government, or financial services
institutions). These capabilities are ideal for web-scale deployments where IT needs to provision an
operating environment across a large number infrastructure blocks.
Image Streamer ensures high availability by providing redundant repositories of bootable images, which
are used in a secure manner. These golden images can be rapidly cloned to create unique bootable images
for compute nodes. It enables HPE Synergy to quickly deploy a new compute module or update an existing
one. This is far faster than the traditional, sequential process of building servers—physical provisioning
followed by operating system, hypervisor installation, I/O drivers, and application stacks.
Administrators using Image Streamer can design bootable images for compute nodes, with the operating
system and application stacks included, for ready-to-run environments.

Important
Image Streamer requires a minimum of three Synergy frames with redundant Composers for
operation and must be implemented as redundant pairs. This minimal system requires four
cables, two transceivers, and one interconnect module (ICM) for complete operation.

Configure the management ring

Figure 9-8 HPE Synergy management topologies with Streamers

A Synergy management ring is formed by using frame link modules across multiple frames. Figure 9-8
shows Synergy management topology with Streamers and with secure management network that has been
automatically discovered and can automatically detect changes (such as frame removals or additions).
Adding two Composer appliances to manage the network makes this a high-availability configuration.
This management architecture prevents oversubscription issues on the production network because the
management (control) plane is separated from the fabric (data) plane. This also helps prevent malicious
takeover of control from denial of service (DoS) attacks.
For simplicity, the graphic shows all the fabric domains to be the same size (four frames each).
Technically, better terms for these fabric domains are logical enclosures. It is important to note that for
high availability, each fabric domain has:
•Two Synergy Virtual Connect master interconnect modules
•Two Image Streamer appliances (only the Image Streamer appliances are shown in the graphic)
Although this is a simplified example, it shows how the different management elements in HPE Synergy
work together to produce a Composable Infrastructure with:
•Fluid pools of resources
•Software-defined intelligence
•Unified API access

HPE Synergy management ring—Single frame

Figure 9-9 Single frame management ring

Even in a single-frame configuration, as a best practice, you should design a redundant solution with two
Composers and two frame link modules, as illustrated by Figure 9-9. Although there is a 10 GbE
connection between the two frame link modules across the midplane of the Synergy 12000 frame, you
must cable the two modules together using the link port to complete the full management ring. In addition
to being connected to each other, the frame link modules are also connected to the management network
using the uplink port as shown in the preceding graphic.
This redundant design ensures that you maintain operational use of the Synergy management network,
eliminating a single point of failure. This design also allows you to update the frame link module firmware
without disrupting the entire system.
Connection locations in a single-frame management ring are:
•Frame link connection location
–Frame 1 frame link module (FLM) 1 Link Port to Frame 1 FLM 2 Link Port
•Management network connection locations
–Frame 1 FLM 1 management port to management network
–Frame 1 FLM 2 management port to management network
Synergy management ring—Two frames

Figure 9-10 Scaling the management fabric from one to two frames

To scale this one-frame configuration to a two frame configuration, you must disconnect the existing
management ring and then cable the frame link module in the first frame to the frame link modules in the
second frame, creating a management ring across frames, as illustrated by Figure 9-10. The frame link
modules then autodiscover all the devices within the additional frame.
As a best practice, you should move one of the Composers to the second frame. You should also move
one of uplinks to a frame link module in the second frame. This creates a highly redundant management
ring, which spans the physical architecture and creates one logical unit, from which the IT staff can
compose resources.
A benefit to the newly configured ring is that new frames are automatically discovered and inventoried.

Synergy management ring—Three frames

Figure 9-11 Scaling the management fabric from two to three frames
To move to a three-frame configuration, you need to change the cabling that connects the frame link

modules so that you can add the additional frame. As shown in Figure 9-11, the frame link modules are
connected as follows.
•Frame 1 FLM 2 Link Port to Frame 2 FLM 1 Link Port
•Frame 2 FLM 2 Link Port to Frame 3 FLM 1 Link Port
•Frame 3 FLM 2 Link Port to Frame 1 FLM 1 Link Port
The frame link modules autodiscover components in the third frame, dynamically adding resources into
the same pool. This configuration is highly available because Composers spread across the Composable
Infrastructure and multiple uplinks connected to the management data center.
Whether the environment is configured with two frames per rack or three, customers can expand their
infrastructure without adding management complexity. They can simply move frame link cables to
provide a single, redundant management ring across enclosures and then manage the solution through a
single pair of Composers.

Step 2: Compute choices to run any workload better

Figure 9-12 HPE Synergy Gen9 and Gen10 compute module portfolio

The Synergy Gen9 and Gen10 compute modules deliver general purpose to mission-critical x86 levels of
availability with real-time performance enabled by Intel® Xeon® EP and EX class processors (Gen9) or
Intel® Xeon® Scalable Family processors and a variety of memory, storage, and fabric choices. Synergy
supports both two-socket and four-socket x86 compute modules, which provide the performance,
scalability, density optimization, and storage simplicity.
Note
Human capital management (HCM) is the comprehensive set of practices for recruiting,
managing, developing, and optimizing the human resources of an organization.
HCM suites are sold either as components of enterprise resource planning (ERP) systems or as
separate products that are typically integrated with ERP. (TechTarget, January 2018)

As shown in Figure 9-12, available Synergy compute modules are:


•HPE Synergy 480 Gen10 Compute Module—Has increased memory capacity (up to 3 TB) and
24 dual in-line memory module (DIMM) slots. It supports the entire Xeon® Scalable Family
processors without any DIMM slot restrictions. Greater consolidation and efficiency are achieved
through an increase in virtual machine (VM) density per compute module.
•HPE Synergy 660 Gen10 Compute Module—Handles data-intensive workloads with
uncompromised performance and exceptional value. The HPE Synergy 660 Gen10 Compute
Module is a full-height, high-performance module with Intel® Xeon® scalable family processors,
48 DIMM slots providing up to 6 TB of available memory, flexible I/O fabric connectivity, and
right-sized storage options. Its HPE DDR4 SmartMemory offers up to a 30% performance increase
over the previous generation.
•HPE Synergy 620 Gen9 Compute Module—Delivers mission-critical availability and
performance, as well as flexible memory, storage and fabric options in a full-height, two-socket
form factor. With 48 DIMM slots, it supports up to 6 TB of HPE DDR4 memory and has five I/O
PCIe 3.0connectors (2 x16 and 3 x8).
HPE Synergy 680 Gen9 Compute Modules—Is a four-socket, full-height, double-wide compute module
with 96 DIMM slots for up to 12 TB of HPE DDR4 memory. It features 10 PCIe 3.0 I/O connectors (4
x16 and 6 x8).

Ideal workloads for Synergy composable computing


Table 9-1 Types of workloads suitable for Synergy compute modules.
Synergy compute modules have the configuration flexibility to power a variety of workloads, including
business processing, IT infrastructure, web infrastructure, collaborative, and high-performance
computing. Ideal workloads are shown in Table 9-1:
•HPE Synergy 480 Gen10 Compute Module—Delivers superior capacity, efficiency, and
flexibility to power more demanding workloads and increase VM density by providing a full range
of processor choices, right-sized storage options, and a simplified I/O architecture. It is designed to
optimize general-purpose enterprise workload performance including business processing, IT and
web infrastructures, collaborative applications, and High Performance Computing (HPC) in
physical and virtualized environments while lowering costs within a Composable Infrastructure.
•HPE Synergy 660 Gen10 Compute Module—Supports demanding workloads such as in-
memory and structured databases. It is also ideal for enterprise IT consolidation and virtualization.
•HPE Synergy 620 and HPE Synergy 680 Gen9 Compute Modules—Are designed to meet the
needs of almost any enterprise IT tier and workload. These two-socket and four-socket x86 compute
modules are ideal for financial, insurance, healthcare, manufacturing, and retail enterprises that
require mission-critical levels of availability, extended versatility, and real-time performance. They
are also designed for HPC applications with large memory demands.

Note
Enter the following URL into your browser for more information on Synergy compute
modules:
https://www.hpe.com/us/en/product-catalog/synergy/synergy-compute.hits-12.html

HPE Synergy 480 compute technical comparison


Table 9-2 Comparison of Synergy 480 Gen10 and Gen9 specifications
Synergy 480 Gen10 Synergy 480 Gen9

Compute 1 or 2 Intel® Xeon® Scalable Family 1 or 2 Intel® Xeon® Broadwell


processors processors

Memory 3 TB max: HPE Smart Memory (24) 3 TB max: HPE Smart Memory (24)
DDR4, up to 2666 MT/s DDR4, up to 2400 MT/s

Persistent 16 GB NVDIMM, (