Sun Microsystems Sun SPARC Enterprise M3000 Administration Manual
  1. Manuals
  2. Brands
  3. Sun Microsystems Manuals
  4. Server
  5. Sun SPARC Enterprise M3000
  6. Administration manual

Sun Microsystems Sun SPARC Enterprise M3000 Administration Manual

Hide thumbs Also See for Sun SPARC Enterprise M3000:
Table of Contents

Advertisement

Quick Links

See also: Reference Manual , User Manual
Sun SPARC Enterprise
M3000/M4000/M5000/M8000/M9000
Servers Administration Guide
Sun Microsystems, Inc.
www.sun.com
Part No. 819-3601-16
August 2009, Revision A
Submit comments about this document by clicking the Feedback[+] link at:
http://docs.sun.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Sun SPARC Enterprise M3000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Sun Microsystems Sun SPARC Enterprise M3000

Summary of Contents for Sun Microsystems Sun SPARC Enterprise M3000

  • Page 1 ™ Sun SPARC Enterprise M3000/M4000/M5000/M8000/M9000 Servers Administration Guide Sun Microsystems, Inc. www.sun.com Part No. 819-3601-16 August 2009, Revision A Submit comments about this document by clicking the Feedback[+] link at: http://docs.sun.com...
  • Page 2 Fujitsu Limited or Sun Microsystems, Inc., or any affiliate of either of them.
  • Page 3 Aucune partie de ce produit, de ces technologies ou de ce document ne peut être reproduite sous quelque forme que ce soit, par quelque moyen que ce soit, sans l’autorisation écrite préalable de Fujitsu Limited et de Sun Microsystems, Inc., et de leurs éventuels bailleurs de licence.

  • Page 5: Table Of Contents

    Contents Preface xiii Introduction to Server Software and Configuration 1 XSCF Firmware 2 Solaris OS Software 2 Software Services 3 Preparing for System Configuration 4 Information Needed 5 Initial Configuration Tasks 5 Related Information 6 Access Control 7 About Access Control 7 Logging in to the System 8 Lockout Period Between Login Attempts 8 XSCF User Accounts 9...
  • Page 6 XSCF Shell Procedures for Access Control 12 ▼ To Log in Initially to the XSCF Console 12 ▼ To Configure an XSCF Password Policy 15 ▼ To Add an XSCF User Account 16 ▼ To Create a Password for an XSCF User 16 ▼...
  • Page 7 ▼ To Display XSCF Network Configuration 34 ▼ To Set the Service Processor Host Name and DNS Domain Name 35 ▼ To Set the Service Processor’s DNS Name Server 35 ▼ To Enable or Disable Use of an LDAP Server for Authentication and Privilege Lookup 36 ▼...
  • Page 8 Domains and System Boards 50 SPARC64 VI and SPARC64 VII Processors and CPU Operational Modes 55 CPU Operational Modes 56 Domain Resource Assignment 58 Domain Component List and Logical System Boards 60 Overview of Steps for Domain Configuration 60 Domain Configuration Example 61 Domain Communication 63 DSCP Network 63 Accessing a Domain Console From the Service Processor 64...
  • Page 9 About Auditing 71 Audit Records 72 Audit Events 72 Audit Classes 73 Audit Policy 73 Audit File Tools 74 XSCF Shell Procedures for Auditing 74 ▼ To Enable or Disable Writing of Audit Records to the Audit Trail 74 ▼ To Configure an Auditing Policy 74 ▼...
  • Page 10 About Capacity on Demand 83 COD Boards 84 COD License Purchase 85 License Installation 85 License Allocation 86 Headroom Management 87 License Violations 87 XSCF Shell Procedures for Using COD 88 ▼ To Install a COD License 88 ▼ To Delete a COD License 89 ▼...
  • Page 11 Sample cfgadm Output 105 Entry-Level Server 105 Midrange Servers 106 High-End Servers 107 Index 109 Contents...
  • Page 12 SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 13: Preface

    Preface This manual contains initial system configuration instructions for system administrators of the Sun SPARC Enterprise M3000/M4000/M5000/M8000/M9000 servers. It is written for experienced system administrators with working knowledge of computer networks, and advanced knowledge of the Solaris Operating System. This manual documents entry-level (M3000), midrange (M4000 and M5000) and high-end (M8000 and M9000) servers.
  • Page 14 Application Title Software Sun SPARC Enterprise M3000/M4000/M5000/M8000/M9000 Servers Administration XSCF User’s Guide Software Sun SPARC Enterprise M3000/M4000/M5000/M8000/M9000 Servers Administration XSCF Reference Manual Software Sun SPARC Enterprise M4000/M5000/M8000/M9000 Servers Dynamic Administration Reconfiguration (DR) User’s Guide Capacity on Demand Sun SPARC Enterprise M4000/M5000/M8000/M9000 Servers Capacity Administration on Demand (COD) User’s Guide...

  • Page 15: Sun Welcomes Your Comments

    Sun is interested in improving its documentation and welcomes your comments and suggestions. You can submit your comments by going to: http://www.sun.com/hwdocs/feedback Please include the title and part number of your document with your feedback: Sun SPARC Enterprise M3000/M4000/5000/M8000/M9000 Servers Administration Guide, part number 819-3601-16. Preface...
  • Page 16 SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 17: Introduction To Server Software And Configuration

    C H A P T E R Introduction to Server Software and Configuration ™ This manual describes initial system configuration of the SPARC Enterprise M3000/M4000/M5000/M8000/M9000 servers. This product line has entry-level (M3000), midrange (M4000 and M5000) and high-end (M8000 and M9000) servers. Note –...

  • Page 18: Xscf Firmware

    XSCF Firmware Your server provides system management capabilities through eXtended System Controller Facility (XSCF) firmware, pre-installed at the factory on the Service Processor boards. The XSCF firmware consists of system management applications and two user interfaces to configure and control them: XSCF Web, a browser-based graphical user interface ■...

  • Page 19: Software Services

    Note – The XSCF firmware requires that all domains have the SUNWsckmr and SUNWsckmu.u packages. Since the Core System, Reduced Network, and Minimal System versions of the Solaris OS do not automatically install these packages, you must do so on any such domains that do not already have them. You can install applications on the domains.

  • Page 20: Preparing For System Configuration

    Software Services (Continued) TABLE 1-1 Service Description Capacity on demand Capacity on Demand is an option on that allows you to purchase spare processing (COD) capacity for your midrange or high-end (but not entry-level) server. The spare capacity is provided in the form of one or more CPUs on COD boards that are installed on your server.

  • Page 21: Information Needed

    Information Needed Before you configure the software, have the following available: Access to the Service Processor with the appropriate privileges for your tasks. ■ More information about access is contained in Chapter An unused range of IP addresses for the internal DSCP network between the ■...

  • Page 22: Related Information

    Related Information For additional information on this chapter’s topics, see: Resource Information man pages (see the Note following this table) fmdump(8), fmadm(8), fmstat(8), version(8), cfgadm(1M) Site Planning Guide Site planning SPARC Enterprise M3000/M4000/M5000/M8000/M9000 System configuration and administration Servers XSCF User’s Guide Solaris OS documentation collection at Solaris OS, including fault management.

  • Page 23: Access Control

    C H A P T E R Access Control Access control is a way of granting access to the system functions or components only to those users who have been authenticated by the system and who have appropriate privileges. Access control depends on the proper configuration of the general security services provided by the server.

  • Page 24: Logging In To The System

    Logging in to the System There are two entities that can be logged in to on the system, a Service Processor and a Solaris domain. You initially log in to the Service Processor using a serial connection from a terminal device.

  • Page 25: Xscf User Accounts

    XSCF User Accounts A user account is a record of an individual user that can be verified through a user name and password. When you initially log in to the system, add at least one user account with a minimum of one privilege, useradm. This user with useradm privileges can then create the rest of the user accounts.

  • Page 26: Privileges

    Privileges Privileges allow a user to perform a specific set of actions on a specific set of components. Those components can be physical components, domains, or physical components within a domain. The system provides the predefined privileges shown in . These are the TABLE 2-1 only privileges allowed in the server.

  • Page 27: Xscf Firmware Update

    User Privileges (Continued) TABLE 2-1 Privilege Capabilities Can configure auditing. auditadm Can delete audit trail. Can view all audit states and the audit trail. auditop Can perform all operations reserved for field engineers. fieldeng The domainadm, domainmgr, and domainop privileges must include the domain number, numbers, or range of numbers to associate with a particular user account.

  • Page 28: Saving And Restoring Xscf Configuration Information

    Saving and Restoring XSCF Configuration Information To save and restore XSCF configuration information, use the dumpconfig(8) and restoreconfig(8) commands in the XSCF shell. The commands permit you to specify the location where the information is to be stored and retrieved. For more information, see the SPARC Enterprise M3000/M4000/M5000/M8000/M9000 Servers XSCF User’s Guide and the dumpconfig(8) and restoreconfig(8) man pages.
  • Page 29 1. Log in to the XSCF console with the default login name from a terminal device connected to the Service Processor. You must have physical access to the system. serial port log-in prompt: default You are prompted to toggle the Operator Panel MODE switch (keyswitch) on the front of the system.
  • Page 30 Location of the Operator Panel MODE Switch on a Midrange Server FIGURE 2-2 Operator Panel on a High-end Server FIGURE 2-3 You must toggle the MODE switch within one minute of the login prompt or the login process times out. 2.

  • Page 31: To Configure An Xscf Password Policy

    If the switch is in the Locked position, turn it to the Service position, leave it there ■ for at least five seconds, and then turn it back to the Locked position. Press the Enter key. When the toggling is successful, you are logged in to the Service Processor shell as the account default.

  • Page 32: To Add An Xscf User Account

    ▼ To Add an XSCF User Account When you add a new user account, the account has no password, and cannot be used for logging in until the password is set or Secure Shell public key authentication is enabled for the user. 1.
  • Page 33 2. Type the setprivileges command: XSCF> setprivileges user privileges where user is the user name to assign privileges for, and privileges is one or more privileges, separated by a space, to assign to this user. The domainadm, domainmgr, and domainop privileges must include the domain number, numbers, or range of numbers to associate with a particular user account;...

  • Page 34: To Display The Version Of Installed Firmware

    ▼ To Display the Version of Installed Firmware 1. Log in to the XSCF console with platadm or fieldeng privileges. 2. Type the version command: XSCF> version -c xcp The XCP version number is displayed. Command output example is: XSCF> version -c xcp XSCF#0(Active) XCP0 (Current): 1080 Related Information...

  • Page 35: System Configuration

    C H A P T E R System Configuration This chapter describes how to initially configure system services and internal networks that enable communication between the components of your server. This chapter contains these sections: About System Services ■ XSCF Shell Procedures for System Configuration ■...

  • Page 36: Dscp Network Between A Service Processor And A Domain

    DSCP Network Between a Service Processor and a Domain The Domain to Service Processor Communications Protocol (DSCP) service provides a secure TCP/IP- and PPP-based communication link between the Service Processor and each domain. Without this link, the Service Processor cannot communicate with the domains.

  • Page 37: Xscf Network Interfaces

    DSCP includes its own security measures that prohibit a compromised domain from compromising other domains or the Service Processor. The DSCP should only be configured when there are no domains running. If you change the DSCP configuration while a domain is active, you have to power off the domain before the Service Processor can communicate with it.
  • Page 38 XSCF Network Interfaces TABLE 3-1 XSCF Unit Interface Name Description XSCF Unit 0 XSCF LAN#0 (external) xscf#0-lan#0 (entry-level, midrange, and high-end servers) XSCF LAN#1 (external) xscf#0-lan#1 Interface between XSCF Units (ISN: Inter xscf#0-if SCF Network); high-end server only XSCF Unit 1 XSCF LAN#0 (external) xscf#1-lan#0 (high-end server only)

  • Page 39: Domain Name Service

    Once you have configured the XSCF network, it requires no day-to-day management. Domain Name Service The Domain Name Service (DNS) allows computers on a network to communicate with each other by using centrally maintained DNS names instead of locally stored IP addresses.
  • Page 40 Optional: The IP address or hostname, and port, of up to two alternative LDAP ■ directories The distinguished name (DN) of the search base to use for lookup ■ Whether Transport Layer Security (TLS) is to be used ■ 3. Verifying that the LDAP service is working. On the LDAP server, you create an LDAP schema with privilege properties.

  • Page 41: Time Synchronization And Ntp Service

    deletes any local privilege data for that user. Subsequently, the user’s privileges will be looked up in LDAP, if LDAP privilege lookup is enabled. If you specify privilege as none, that user will have no privileges, regardless of privilege data in LDAP. These commands manage the Service Processor LDAP service: setlookup ■...

  • Page 42: Snmp Service

    If the domain and the Service Processor are using the same time source, one benefit is that events logged in the Solaris OS and on the Service Processor can be correlated based on their timestamp. If the domain and Service Processor use different NTP servers, their times may drift, and correlating log files could become difficult.
  • Page 43 Dynamic reconfiguration information, including which domain-configurable units ■ are assigned to which domains Domain status ■ Power status ■ Environmental status ■ The Service Processor SNMP agent can supply system information and fault event information using public MIBs. SNMP managers, for example, a third-party manager application, use any Service Processor network interface with the SNMP agent port to communicate with the agent.

  • Page 44: Additional Services

    Additional Services This section describes HTTPS, Telnet, SMTP, and SSH services, and altitude settings. This section does not cover all the optional services and settings for the Service Processor that you might want to set up and use at a later date. For example, you can set up mirrored memory mode using the setupfru command.

  • Page 45: Altitude Setting

    Altitude Setting The altitude for your server is set to 0 meters by default. To set it for the actual altitude of your server, use the setaltitude command. Executing this command causes the server to adjust the temperature thresholds it uses to protect the system so it can more accurately detect any abnormality in the intake air temperature.

  • Page 46: To Configure The Dscp Network

    To Create a VACM Group ■ To Create a VACM View ■ To Give a VACM Group Access to a VACM View ■ To Display VACM Information for the SNMP Agent ■ To Configure the SNMP Agent to Send Version 3 Traps to Hosts ■...

  • Page 47: To Display Dscp Network Configuration

    Use the setdscp command with no options (interactive mode). ■ You are prompted to enter all the DSCP IP addresses sequentially. A command output example of this interactive mode is: XSCF> setdscp DSCP network [0.0.0.0] > 10.1.1.0 DSCP netmask [255.0.0.0] > 255.255.255.0 XSCF address [10.1.1.1] >...

  • Page 48: To Configure The Xscf Network Interfaces

    2. Type the showdscp command: XSCF> showdscp Command output example for a DSCP network of 10.1.1.0 and a DSCP netmask of 255.255.255.0 is: XSCF> showdscp DSCP Configuration: Network: 10.1.1.0 Netmask: 255.255.255.0 Location Address XSCF 10.1.1.1 Domain #00 10.1.1.2 Domain #01 10.1.1.3 Domain #02 10.1.1.4...

  • Page 49: To Configure The Xscf Network Route Information

    b. To enable the specified network interface: XSCF> setnetwork -c [up|down] interface where -c specifies whether to enable or disable the specified network interface, and interface specifies the network interface to be enabled. Note – When the XSCF unit is configured with redundancy, ISN addresses must be in the same network subnet.

  • Page 50: To Set Or Reset The Xscf Network

    ▼ To Set Or Reset the XSCF Network When you set or change the Service Processor host name, DNS domain name, DNS server, IP address, netmask, or routing information, the settings must be applied to XSCF, and the Service Processor must be reset, before the settings become effective. 1.

  • Page 51: To Set The Service Processor Host Name And Dns Domain Name

    ▼ To Set the Service Processor Host Name and DNS Domain Name 1. Log in to the XSCF console with platadm privileges. 2. Type the sethostname command: a. To set the Service Processor host name: XSCF> sethostname xscfu hostname where xscfu can be xscf#0 (XSCF Unit 0) or xscf#1 (XSCF Unit 1 in a high- end server);...

  • Page 52: To Enable Or Disable Use Of An Ldap Server For Authentication And Privilege Lookup

    ▼ To Enable or Disable Use of an LDAP Server for Authentication and Privilege Lookup 1. Log in to the XSCF console with useradm privileges. 2. Type the setlookup command: XSCF> setlookup -a local|ldap XSCF> setlookup -p local|ldap The -a option sets the authentication lookup to either local or in LDAP; the -p option sets the privileges lookup to either local or in LDAP.

  • Page 53: To Configure The Xscf As An Ntp Client

    ▼ To Configure the XSCF as an NTP Client If you are using NTP, an ntp.conf file must be created on the domains. See “Time Synchronization and NTP Service” on page 25 for information. This section describes how to set the XSCF as an NTP client. 1.

  • Page 54: To Set The Timezone, Daylight Saving Time, Date, And Time Locally On The Service Processor

    4. To verify the operation, type the showntp command. XSCF> showntp -s ▼ To Display the NTP Configuration 1. Log in to the XSCF console. 2. Type the showntp command: XSCF> showntp {-a | -l | address | -s} where the -a option displays all the NTP servers configured for use, the -l option displays time synchronization information, address is the IP address of the NTP server for which information is to be displayed, and the -s option displays the stratum value of the NTP server.

  • Page 55: To Create A Usm User Known To The Snmp Agent

    4. Type the setdate command: XSCF> setdate -s date where date is the date and time you want to set. For more information on the setdate command, see the setdate(8) man page or to the Reference Manual. 5. After specifying the date, you are prompted to reset the Service Processor, so that the date and time become effective.

  • Page 56: To Display Usm Information For The Snmp Agent

    3. To verify the operation, type the showsnmpusm command. ▼ To Display USM Information for the SNMP Agent 1. Log in to the XSCF console with platadm or platop privileges. 2. Type the showsnmpusm command: XSCF> showsnmpusm Command output example is: XSCF>...

  • Page 57: To Give A Vacm Group Access To A Vacm View

    2. Type the setsnmpvacm command: createview -s OID_subtree [-m OID_Mask] viewname setsnmpvacm XSCF> where OID_subtree is the MIB OID subtree for the view (values start at .1 for the entire MIB tree, and can be limited to certain portions of the tree by using the optional OID_Mask ), and...

  • Page 58: To Configure The Snmp Agent To Send Version 3 Traps To Hosts

    2. Type the showsnmpvacm command: XSCF> showsnmpvacm Command output example is: XSCF> showsnmpvacm Groups Groupname Username ============= ============= admin jsmith, bob Views View Subtree Mask Type ============= ======= ====== ========= all_view include Access View Group ============= ============= all_view admin ▼ To Configure the SNMP Agent to Send Version 3 Traps to Hosts 1.

  • Page 59: To Enable The Snmp Agent

    encryption_password is the encryption password, trap_port is the listening port for the SNMP agent (the default is 161), and traphost is the host name where the SNMP manager application is running. If you do not specify the passwords, you are prompted to enter them. 3.

  • Page 60: To Enable Processor Disable The Service Processprocessor Https Service

    2. Type the showsnmp command: XSCF> showsnmp Command output example is: XSCF> showsnmp Agent Status: Enabled Agent Port: System Location: Unknown System Contact: Unknown System Description: Unknown Trap Hosts: Hostname Port Type Community String Username Auth Protocol -------- ---- ---- ---------------- -------- ------------ host1 user1...

  • Page 61: To Enable Or Disable The Service Processor Telnet Service

    ▼ To Enable or Disable the Service Processor Telnet Service 1. Log in to the XSCF console with platadm privileges. 2. Optionally, display the current status of the Service Processor Telnet Service: XSCF> showtelnet 3. Type the settelnet command: XSCF> settelnet -c function where function is either enable or disable.

  • Page 62: To Generate A Host Public Key For Ssh Service

    3. Type the setssh command: XSCF> setssh -c function where function is either enable or disable. You must generate a host public key to use SSH. ▼ To Generate a Host Public Key for SSH Service 1. Log in to the XSCF console with platadm privileges. 2.

  • Page 63: Related Information

    Related Information For additional information on this chapter’s topics, see: Resource Information man pages showdscp(8), setdscp(8), showloginlockout(8), setloginlockout(8), shownetwork(8), setnetwork(8), applynetwork(8), showhostname(8), sethostname(8), setroute(8), showroute(8), setdate(8), showdate(8), showntp(8), setntp(8), xntpd(1M), ntpq(1M), ntpdate(1M), setnameserver(8), shownameserver(8), sethostname(8), showhostname(8), showlookup(8), setlookup(8), showldap(8), setldap(8), showsnmp(8), setsnmp(8), setsnmpusm(8), setsnmpvacm(8), showsnmpusm(8), showsnmpvacm(8), showhttps(8), sethttps(8), showtelnet(8), settelnet(8), showssh(8),...
  • Page 64 SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 65: Domain Configuration

    C H A P T E R Domain Configuration This chapter describes how to set up and manage domains with XSCF firmware. On your server, by default from the factory, there is one domain with the Solaris OS installed, and its Domain Identification Number (DID) is 0 (zero). This chapter contains these sections: About Domains ■...

  • Page 66: Domains And System Boards

    Domains and System Boards A domain is an independent system resource that runs its own copy of the Solaris OS. Domains divide a system’s total resources into separate units that are not affected by each other’s operations. Domains can be used for different types of processing;...
  • Page 67 A Physical System Board in Uni-XSB Mode on an Entry-Level Server FIGURE 4-1 Uni-XSB 1 physical system board with 1 CPU, 8 DIMMs, and I/O) - 8 DIMMs A Physical System Board in Uni-XSB Mode on a Midrange Server FIGURE 4-2 Uni-XSB mode (1 physical system board with 4 CPUs, 32 DIMMs, and I/O)
  • Page 68 A Physical System Board in Uni-XSB Mode on a High-End Server FIGURE 4-3 Uni-XSB mode (1 physical system board with 4 CPUs, 32 DIMMs, and I/O) Memory - 8 DIMMs I/O device Memory - 8 DIMMs I/O device Memory - 8 DIMMs I/O device Memory - 8 DIMMs I/O device...
  • Page 69 A Physical System Board in Quad-XSB Mode on a Midrange Server FIGURE 4-4 Quad-XSB mode (1 physical system board divided into 2 domains, each with 1 CPU, 8 DIMMs, and I/O) XSB00-0 Memory - 8 DIMMs I/O device XSB00-1 Memory - 8 DIMMs I/O device Memory - 8 DIMMs XSB00-2...
  • Page 70 The number of domains allowed depends on server model. The default is one domain (the maximum for entry-level servers) and the maximum number of domains is 24. Each domain is identified with a domain ID number, with the default domain as #0. shows the maximum number of system boards, the maximum number of TABLE 4-1 domains, and the domain ID number range by server model.

  • Page 71: Sparc64 Vi And Sparc64 Vii Processors And Cpu Operational Modes

    Example of XSBs and Solaris Domains on a High-End Server FIGURE 4-6 Memory Memory I/O device I/O device 8 DIMMs 8 DIMMs Memory Memory I/O device I/O device 8 DIMMs 8 DIMMs Memory Memory I/O device I/O device 8 DIMMs 8 DIMMs Memory Memory...

  • Page 72: Cpu Operational Modes

    Note – On midrange and high-end servers, SPARC64 VII processors run only with certain versions the Solaris OS and XCP firmware (beginning with XCP 1070). For specific information about minimum OS and firmware requirements, see the Product Notes (no earlier than the XCP 1070 edition) for your server. The first firmware to support the newer entry-level server is the XCP 1080 firmware.
  • Page 73 SPARC64 VI Compatible Mode (for midrange and high-end servers only) – All ■ processors in the domain – which can be SPARC64 VI processors, SPARC64 VII processors, or any combination of them – behave like and are treated by the OS as SPARC64 VI processors.

  • Page 74: Domain Resource Assignment

    Note – Change the cpumode from auto to compatible for any domain that has or is expected to have a mix of processor types. If you leave the domain in auto mode and all the SPARC64 VI processors later fail, the OS will see only the SPARC64 VII processors –...
  • Page 75 Resource Assignment in Quad-XSB Mode on an M5000 Midrange Server TABLE 4-3 Memory Board 00-0 CPUM#0-CHIP#0 MEMB#0 Disks; GbE; IOU#0- PCI#0, IOU#0-PCI#1, IOU#0-PCI#2 00-1 CPUM#0-CHIP#1 MEMB#1 IOU#0-PCI#3, IOU#0- PCI#4 00-2 CPUM#1-CHIP#0 MEMB#2 None 00-3 CPUM#1-CHIP#1 MEMB#3 None 01-0 CPUM#2-CHIP#0 MEMB#4 Disks;...

  • Page 76: Domain Component List And Logical System Boards

    Resource Assignment in Quad-XSB Mode on a High-end Server (Continued) TABLE 4-4 DIMMs xx-1 CPUM#1 MEM#10A,B IOU#xx-PCI#2, IOU#xx-PCI#3 MEM#11A,B MEM#12A,B MEM#13A,B xx-2 CPUM#2 MEM#20A,B IOU#xx-PCI#4, IOU#xx-PCI#5 MEM#21A,B MEM#22A,B MEM#23A,B xx-3 CPUM#3 MEM#30A,B IOU#xx-PCI#6, IOU#xx-PCI#7 MEM#31A,B MEM#32A,B MEM#33A,B Domain Component List and Logical System Boards The domain component list (DCL) identifies the potential resources for a domain.

  • Page 77: Domain Configuration Example

    1. Logging in to the XSCF console with appropriate privileges. 2. Specifying the XSB mode, either Uni-XSB or Quad-XSB, using the setupfru command. 3. Setting up information for a domain (the DCL), using the setdcl command. The DCL identifies the potential resources for a domain. 4.
  • Page 78 Status No-Mem No-IO Float Cfg-policy Powered Off 00-0 False False False 00-2 False False False XSCF> poweron -d 0 DomainIDs to power on:0 Continue? [y|n] :y 00 :Powered on XSCF> setdcl -d 1 -a 0=00-1 XSCF> setdcl -d 1 -a 1=00-3 XSCF>...

  • Page 79: Domain Communication

    XSCF> poweron -d 1 DomainIDs to power on:1 Continue? [y|n] :y 01 :Powered on XSCF> showboards -a DID(LSB) Assignment Conn Conf Test Fault ---- -------- ----------- ---- ---- ---- ------- ------- 00-0 00(00) Assigned Passed Normal 00-1 01(00) Assigned Passed Normal 00-2 00(01) Assigned...

  • Page 80: Accessing A Domain Console From The Service Processor

    Accessing a Domain Console From the Service Processor You can log in to the Service Processor and use the console command to access a particular domain. Once you have access to the domain console, you will get the standard Solaris OS console with associated prompts, based on the configured shell.

  • Page 81: Backup And Restore Operations

    Backup and Restore Operations For domain backup and restore operations, see your backup software documentation for instructions. The Solaris OS documentation collection also contains information on backup and restore operations. Dynamic Reconfiguration Dynamic reconfiguration allows you to add PSBs to or remove them from midrange or high-end server domains without stopping the Solaris OS.

  • Page 82: To Set Cpu Operational Mode

    ▼ To Set CPU Operational Mode 1. Log in to the XSCF console with platadm or domainadm privileges. 2. Execute the setdomainmode command: XSCF> setdomainmode -d domain_id -m cpumode=mode where domain_id is the domain to which the CPU operational mode is to be specified, and is auto, to automatically determine the CPU operational mode...

  • Page 83: To Assign An Xsb To A Midrange Or High-End Server Domain

    2. Type the setdcl command: XSCF> setdcl -d domain_id -a lsb=xsb where domain_id is the domain you are setting the DCL for; lsb is the LSB number; and xcb is the XSB number 3. Verify the operation with the showdcl command. ▼...

  • Page 84: To Display System Board Status

    3. Verify the domain is powered on by opening a console to it, with the console command. “To Access a Domain From the XSCF Console” on page ▼ To Display System Board Status 1. Log in to the XSCF console with platadm, platop, or fieldeng privileges or domainadm, domainmgr, or domainop privileges for a specific domain.

  • Page 85: To Disconnect A Cd-Rw/Dvd-Rw Drive Or Tape Drive While The Solaris Os Is Running On A High-End Server

    3. Type the cfgdevice command: a. To check the status of current drives: XSCF> cfgdevice -l b. To attach a drive: XSCF> cfgdevice -c attach -p port_no where port_no is the port number in the specified domain where the device is to be attached.

  • Page 86: Related Information

    4. Type the cfgdevice command: a. To check the status of current drives: XSCF> cfgdevice -l b. To detach a drive: XSCF> cfgdevice -f -c detach -p port_no where port_no is the port number in the specified domain where the device is to be detached.

  • Page 87: Audit Configuration

    C H A P T E R Audit Configuration Entry-level servers can have a single domain, while midrange and high-end servers can run one or multiple domains. Those domains must be as secure as if they were running on physically separate servers. To help ensure that level of security, XSCF firmware provides the audit measures described in this chapter.

  • Page 88: Audit Records

    Audit Records Audit records are stored in audit files on a 4-megabyte file system on the Service Processor. You cannot change the size reserved for the audit files, but you can transfer the files manually to remote storage at any time. You can also configure auditing for automatic transfers.

  • Page 89: Audit Classes

    Changes to the time ■ The minimum data recorded for each event includes: Date and time of the event ■ Type of event ■ Who caused the event ■ Outcome of the event (success or failure) ■ Audit Classes Audit classes are categories for grouping and sorting audit events. The server provides a predefined set of audit classes, for example, log-in events and service- related events.

  • Page 90: Audit File Tools

    Audit File Tools You can manage audit files from the Service Processor, using a tool for viewing audit files. See the viewaudit(8) man page for details on this tool. XSCF Shell Procedures for Auditing This section describes these tasks: To Enable or Disable Writing of Audit Records to the Audit Trail ■...

  • Page 91: To Display Whether Auditing Is Enabled Or Disabled

    3. Verify the operation with the showaudit all command: XSCF> showaudit all ▼ To Display Whether Auditing is Enabled Or Disabled 1. Log in to the XSCF console with auditadm privileges. 2. Type the showaudit command: XSCF> showaudit Auditing: enabled ▼...
  • Page 92 SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 93: Log Archiving Facility

    C H A P T E R Log Archiving Facility You can set up the Service Processor to automatically archive its log data on a remote host. This chapter contains these sections: About Log Archiving ■ Solaris OS Procedures for Log Archiving ■...
  • Page 94 All connections established through log archiving are encrypted. The log archiving feature provides the ability to use an RSA public key to authenticate the archive host. You manage this public key on the Service Processor. By default, log archiving is disabled. To use log archiving, you set up an archive host, and then enable log archiving on the Service Processor.

  • Page 95: Archive Host Requirements

    As shown in FIGURE 6-1 (1) Before enabling log archiving, create an archive directory on the archive host. There should be a separate archive directory for each system that uses the archive host. The directory permissions should be set so that only authorized users can access its contents.

  • Page 96: Solaris Os Procedures For Log Archiving

    Solaris OS Procedures for Log Archiving ▼ To Configure the Log Archive Host 1. Select a user account on the server that will be used as the archive host that the Service Processor will use to log in. 2. Log in to the archive host and create an archive directory. 3.

  • Page 97: To Disable Log Archiving

    3. Type the setarchiving enable command: XSCF> setarchiving enable After tests indicate the archive host is set up correctly, log archiving is enabled effective immediately. If the tests fail, you receive an error message that log archiving was not enabled, and the reason why. ▼...

  • Page 98: Related Information

    Related Information For additional information on this chapter’s topics, see: Resource Information man pages setarchiving(8), showarchiving(8), showlogs(8), snapshot(8) SPARC Enterprise M3000/M4000/M5000/M8000/M9000 Logs; saving logs to a USB device Servers XSCF User’s Guide SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 99: Capacity On Demand

    C H A P T E R Capacity on Demand This chapter describes how to manage system resources with the Capacity on Demand (COD) feature of your server. Note – The COD feature is available only on high-end servers and those midrange servers designated as COD models.

  • Page 100: Cod Boards

    Note – The term COD board refers to a COD system board in a high-end server, and to a single-board COD model midrange server. These sections provide details: COD Boards ■ COD License Purchase ■ License Installation ■ License Allocation ■...

  • Page 101: Cod License Purchase

    COD License Purchase The purchase of a COD RTU license entitles you to receive a license key, which enables the appropriate number of COD processors. A license key can grant access to multiple RTUs. A COD license is assigned to a specific server, one license per processor (CPU). All the licenses assigned to a server are handled as a floating pool of licenses for all the COD processors installed on that server.

  • Page 102: License Allocation

    One way to preserve copies of your licenses and license keys is to save the output of the showcodlicense -v command. You can cut-and-paste the output to restore any lost license keys. For example: XSCF> showcodlicense -v Description Expiration Count Status ----------- ----------...

  • Page 103: Headroom Management

    You can reserve COD licenses for specific domains by using the setcod command. After power on, reserved licenses are first allocated to their domains, and then remaining licenses are allocated on a first-come, first-served basis to the remaining resources. When a domain is powered off, the reverse happens: first the unreserved licenses are released to the pool, then the reserved licenses are released.

  • Page 104: Xscf Shell Procedures For Using Cod

    The license database is lost or corrupted while the system is running. This state is ■ detected on the subsequent reboot. This situation can be remedied by reentering the missing license keys, using the addcodlicense command. You delete COD licenses with the force option (deletecodlicense -f) while ■...

  • Page 105: To Delete A Cod License

    2. Type the addcodlicense command: XSCF> addcodlicense license-signature where license-signature is the complete COD license key. For example: XSCF> addcodlicense \ 01:84000000:104:0301010100:3:00000000:xxxxxxxxxxxxxxx 3. Verify that the license key was added to the license database by typing the showcodlicense -r command. The COD RTU license key that you added should be listed in the showcodlicense output.

  • Page 106: To Reserve Licenses For Allocation

    ▼ To Reserve Licenses for Allocation You need to reserve licenses only if you want to make sure a specific number of COD licenses are allocated to a particular domain. 1. Log in to the XSCF console with platadm privileges. 2.

  • Page 107: To Increase Or Decrease Headroom

    ▼ To Increase or Decrease Headroom 1. Log in to the XSCF console with platadm privileges. 2. Type the setcod command. You can use one of two methods, as follows. Use setcod command with the headroom option: ■ XSCF> setcod headroom where headroom can be a number from 1 to 4.

  • Page 108: To Display Cod Information

    2. Type the setcod command and a headroom number of zero: XSCF> setcod 0 3. Verify that the headroom is disabled by typing the showcod command. For example: XSCF> setcod 0 XSCF> showcod Chassis HostID: 80d88800 PROC RTUs installed: 8 PROC Headroom Quantity: 0 ▼...
  • Page 109 2. Type the showcodlicense command. The output displays the resource description, license version number, expiration date, number of licenses, and license status. For example: XSCF> showcodlicense Description Expiration Count Status ----------- ---------- ----- ------ PROC NONE GOOD To display license information in raw key format, use the -r option. For example: XSCF>...

  • Page 110: To Display Usage Statistics For Cod Resources

    ▼ To Display Usage Statistics for COD Resources 1. Log in to the XSCF console with platadm or platop privileges, or domainadm, domainop, or domainmgr privileges for a specific domain. 2. Type the showcodusage command. The output displays a summary of license usage by resource type and for each domain.

  • Page 111: Related Information

    Related Information For additional information on this chapter’s topics, see: Resource Information man pages setcod(8), showboards(8), showcodusage(8), showcodlicense(8), showcod(8), addcodlicense(8), deletecodlicense(8) SPARC Enterprise M4000/M5000/M8000/M9000 Servers Ordering COD licenses; additional COD procedures Capacity On Demand (COD) User’s Guide Service Manual Physical component removal; FRUs Chapter 7 Capacity on Demand...
  • Page 112 SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 113: Mapping Device Path Names

    A P P E N D I X Mapping Device Path Names This appendix describes how to map device path names to physical system devices. It contains these sections: Device Mapping and Logical System Board Numbers ■ CPU Mapping ■ I/O Device Mapping ■...
  • Page 114 An LSB on a midrange or high-end server has up to four processors (when a Uni-XSB is assigned to the LSB); therefore, the LSB needs 32 processor IDs. An LSB on an entry-level server, which supports only a single processor, requires only eight processor IDs.

  • Page 115: Cpu Numbering Examples

    CPU Numbering Examples This section contains examples of CPU numbering, using the output of the showboards(8) command on the Service Processor, and the output of the prtdiag(1M) command on the domain. XSCF> showboards -a DID(LSB) Assignment Conn Conf Test Fault ---- -------- ----------- ---- ---- ---- ------- -------- 00-0 00(00) Assigned...

  • Page 116: I/O Device Mapping

    I/O Device Mapping I/O device paths are dictated by which LSB the I/O unit is assigned to. Entry-level servers have one I/O controller. The XSB is assigned four PCIe slots. Midrange servers have only one I/O controller on the I/O unit (IOU). For an XSB in Uni-XSB mode, all I/O is on XSB#xx-0.

  • Page 117: I/O Device Mapping On Entry-Level Servers

    I/O Device Mapping on Entry-Level Servers shows the device mapping on an entry-level server. TABLE A-3 I/O Device Mapping on an Entry-level Server TABLE A-3 PCIe Slot Host Bus Adapter Slot Type OpenBoot PROM Device Path Slot 0 PCIe /pci@0,600000/pci@0/pci@8 Slot 1 PCIe /pci@1,700000/pci@0/pci@0...

  • Page 118: I/O Device Mapping On Midrange Servers

    I/O Device Mapping on Midrange Servers shows the device mapping on a midrange server. In the device path, x is TABLE A-5 LSB-dependent, and is assigned a value as shown in TABLE A-2 I/O Device Mapping on a Midrange Server TABLE A-5 Slot Host Bus Adapter Slot Type...

  • Page 119: I/O Device Mapping On High-End Servers

    Internal Devices and Device Paths on the M5000 (but not M4000) Server, IOU#1 TABLE A-7 XSB 01-0/IOU 1 Accessible Internal Device (M5000) Device Physical Location OpenBoot PROM Device Path Network Port 0 IOU#1 /pci@x0,600000/pci@0/pci@8/pci@0/network@2 Network Port 1 IOU#1 /pci@x0,600000/pci@0/pci@8/pci@0/network@2,1 System /pci@x0,600000/pci@0/pci@8/pci@0/scsi@1/disk@0 System /pci@x0,600000/pci@0/pci@8/pci@0/scsi@1/disk@1...
  • Page 120 to storage located on the IOU, as well as platform CD-RW/DVD-RW drive or tape drive resources at the locations shown in . In the PCIe device path, x is LSB- TABLE A-9 dependent, and is assigned a value as shown in .

  • Page 121: Sample Cfgadm Output

    Internal Devices and Device Paths on a High-end Server (Continued) TABLE A-9 OpenBoot PROM Uni- Quad- PCIe Device OpenBoot PROM IOUA HBA On-board, IOU, and Platform Accessible † ‡ PCIe Slot Path Devices IOU Slot 5 xx-0 xx-2 pci@ 5,700000 IOU Slot 6 xx-0 xx-3...

  • Page 122: Midrange Servers

    Midrange Servers M4000 Server sample output: # cfgadm -s "select=class(pci)" Ap_Id Type Receptacle Occupant Condition iou#0-pci#0 unknown empty unconfigured unknown iou#0-pci#1 unknown empty unconfigured unknown iou#0-pci#2 unknown empty unconfigured unknown iou#0-pci#3 unknown empty unconfigured unknown iou#0-pci#4 unknown empty unconfigured unknown M5000 Server sample output: # cfgadm -s "select=class(pci)"...

  • Page 123: High-End Servers

    High-End Servers M8000 Server sample output: # cfgadm -s "select=class(pci)" Ap_Id Type Receptacle Occupant Condition iou#1-pci#0 unknown empty unconfigured unknown iou#1-pci#1 unknown empty unconfigured unknown iou#1-pci#4 unknown empty unconfigured unknown iou#1-pci#5 unknown empty unconfigured unknown iou#1-pci#6 unknown empty unconfigured unknown iou#1-pci#7 unknown empty...
  • Page 124 SPARC Enterprise Mx000 Servers Administration Guide • August 2009...

  • Page 125: Index

    Index console, 61, 64, 68 deletecodlicense, 88, 89 addboard command, 61, 67 password, 16 addcodlicense command, 88, 89 poweron, 61, 67 adduser command, 16 prtdiag, 98, 99 altitude, 29 rebootxscf, 37 applynetwork command, 22, 34 rlogin, 64 auditing, 71 to 75 rsh, 64 setaltitude, 29, 46 setarchiving, 80, 81...
  • Page 126 showarchiving, 79, 81 DCL, 60, 61, 66 showaudit, 75 DVD or DAT drive, 64 showboards, 67, 68, 94, 99 log in, 8, 64 showcod, 90, 91, 92 power on, 67 showcodlicense, 89, 93 resource assignment, 58 showcodusage, 94 DSCP network, 20 to 21, 63 showdate, 39 DVD drive, 64 showdscp, 21, 26, 31, 32...
  • Page 127 mapping SSH, 4, 8, 16, 79 CPU, 97 Telnet, 4 I/O device, 97 UNIX crypt, 25 memory, 28, 50, 58 Service Processor defined, 2 MIB, 27, 41 log in, 8 mirrored memory mode, 28 set date and time, 25, 37, 38 MODE switch, 13 setaltitude command, 29, 46 setarchiving command, 80, 81...
  • Page 128 showldap command, 36 showlookup command, 36 XCP image, 2, 11 shownetwork command, 33, 34 XSB, 50 to 67, 100 showntp command, 37, 38 XSCF firmware, defined, 2 showpasswordpolicy command, 15 XSCF network, 22 to 23 showsmtp command, 28, 45 showsnmp command, 43, 44 showsnmpusm command, 40 showsnmpvacm command, 40, 41, 42 showssh command, 45...

This manual is also suitable for:

Sun sparc enterprise m8000Sun sparc enterprise m4000Sun sparc enterprise m9000Sun sparc enterprise m5000

Table of Contents