Intro to HMC and Console Options for i5 Servers

Download Report

Transcript Intro to HMC and Console Options for i5 Servers 

IBM Advanced Technical Support
Introduction to HMC on i5 Servers
Allyn Walsh,
IBM Partner World for Developers Technical Support
© IBM Corporation 2004
Agenda
• IBM eServer i5 LPAR Changes
• Hardware Management Console Overview
– Hardware overview
– Connection options
– Features and functions
• LPAR
• Operations Console options on i5
©
2004 IBM Corporation
PAGE 2
Power5
LPAR
CUoD
and
Hardware Management Console
©
2004 IBM Corporation
PAGE 3
Hardware Management Console (HMC)
• Single console for POWER5 servers
– Pre-installed embedded OS
– Supports local consoles, including 5250
– Web-based System Manager enables local or remote
management for HMC control and status
• LPAR and CUoD
– Now configured and managed via HMC
• May 2004 - announce HMC Limits
– One HMC can manage a maximum of two i5 Servers
– One i5 server can be managed by only one HMC
– 40 partitions per HMC
• July 2004 - announce HMC Limits
– One HMC can manage a maximum of 16 Power5
Servers (any mix of i5 or p5 servers)
– A single Power5 Server can be managed by two
HMCs (providing redundancy)
– Maximum of 64 partitions per HMC
• Replaces primary partition and improves system
resiliency
©
2004 IBM Corporation
PAGE 4
i5/OS V5R3 Logical Partitioning
• Interface on pre-POWER5 systems remains
(Service Tools, iSeries Navigator)
• POWER5: IBM Virtualization Engine systems
technologies
include POWER Hypervisor™
– Supports i5/OS, AIX 5L* and Linux and up to
254* partitions
• Improve server utilization rates across
multiple workloads
– Automatic processor balancing
with uncapped partitions
• Improve fault tolerance and lower partition
management costs
– Primary partition replaced by
Hardware Management Console
(HMC)
©
2004 IBM Corporation
PAGE 5
IBM eServer i5 LPAR Changes
Partitioned Servers no longer require a Primary Partition
All i5 Partitioned servers must have HMC
All OS/400 partitions must be at V5R3
Simple migration process
©
2004 IBM Corporation
PAGE 6
Multiple Operating Systems – more details
And underneath the operating systems ...
Applications, ....
I5/OS
Applications, ....
AIX 5L
Applications, ....
POWER5 Linux
SF / RTAS
SF / RTAS
TIMI
i5 SLIC
POWER5 Hypervisor
POWER5 64-bit RISC Hardware
TIMI = Technology Independent Machine Interface
SLIC = System Licensed Internal Code
SF = System Firmware
RTAS = Run-Time Abstraction Services
©
2004 IBM Corporation
PAGE 7
New LPAR System Layout
Hardware Management
Console
I5/OS
AIX
LINUX
I5/OS
Service
Partition
SLIC
SLIC
Firmware
Private
Network
OR
OR
Public
Network
©
2004 IBM Corporation
PAGE 8
PHYP
Perm | Temp
Why a Hardware Management Console (HMC)?
•
©
Servers are becoming more virtualized
– Operating systems will continue to have less direct visibility
and control over “real” server hardware
– A place for hosting advanced platform management
applications, outside of the operating systems, to do:
 Server configuration prior to operating system deployment
 Service when operating systems are unavailable
 Coordination of platform-related operations across
multiple operating system images, in an independent
security model
 Presentation of virtual operating system consoles
– These functions should have common user and programming
interfaces, independent of any one operating system
 Supporting both local and remote operation
 A common delivery vehicle, which enables IBM to deliver
more function, more quickly
2004 IBM Corporation
PAGE 9
When is an HMC Required on i5 System?
• Systems with multiple Partitions (LPAR)
• Systems with Capacity on Demand
• Systems with redundant service processors
• Systems yet to be announced (High-end)
©
2004 IBM Corporation
PAGE 10
What is an HMC
• Based on xSeries server technology, built upon pSeries
HMC device
• Runs an IBM-provided GUI console application
7310-C03
(desktop)
– Not to be used with customer applications
– Helps ensure a more stable console environment
• Required
– To create/modify partition – not to run it
– For Capacity on Demand functions
• 5250 interface for optional i5/OS console is provided
• Remote console by other workstations through HMC
– 5250 interface via Telnet5250 client
7310-CR2
(rack)
– Windows/Linux/AIX Client interface for HMC interface
• At August 2004 iSeries GA, one HMC can support a
maximum of 64 partitions across up to 16 servers.
http://www-1.ibm.com/servers/eserver/iseries/literature/index.html
©
2004 IBM Corporation
PAGE 11
HMC – More Details
• Based on xSeries server technology
– Minimum HMC configuration includes: 1 GB memory, 40 GB disk, DVDRAM, 10/100/1000 Mbps Ethernet port, diskette drive, etc.
– Selectable options for HMC’s display, keyboard, etc. (ordered separately)
– HMC connects to POWER5 service processor, which has two dedicated
HMC ports. The ports are Ethernet ports. (Different from the two generic
10/100/1000Mbps Ethernet LANs.)
• Standard HMC maintenance support is CRU. Suggest upgrading
support to IBM On-Site Repair to be more consistent with POWER5
server’s support agreement.
• HMC not used on earlier iSeries servers
• Non-HMC i5/OS consoles are still supported
• High availability suggestion: attached two redundant HMCs to critical
Power5 servers.
* Product preview
©
2004 IBM Corporation
PAGE 12
Hardware Management Console (HMC)
7310-CR2
(rack)
7310-C03
(desktop)
• HMC is dedicated to console functions (installing 3rd applications is not
allowed)
• Required on POWER5 servers to create/change partitions or to use
Capacity on Demand
• Not required to operate the partition
• Saves the cost of typical primary partition
©
2004 IBM Corporation
PAGE 13
Hardware Management Console (HMC)
• Single console for POWER5 servers
– Pre-installed embedded OS
– Desktop or rack mount
– Supports local consoles, including
5250 console
– Web-based System Manager enables
local or remote management for HMC
control and status
• Required on POWER5 servers to
create/change partitions (LPAR) or
to use Capacity on Demand
– Replaces primary partition and
improves system resiliency
– Can co-exist with 5250 twinax,
Operations Console direct attach,
Operations Console for the LAN
– Not required to operate the partition
©
2004 IBM Corporation
PAGE 14
HMC User Interfaces and Access
• Local GUI
– Starts automatically whenever the HMC is started
– Requires user login prior to access
• Remote GUI
– Uses an installable standalone remote client application (WebSM Client)
• Windows (NT,XP) or Linux
• Downloadable as an installable application directly from the HMC, using a
Web browser
– Also supported from one HMC to another, or from AIX 5L
– Can be SSL-secured through public/private key files
• Generate on the HMC and transfer to client systems
• Local Command Line
– Launched from a right-click menu option on the HMC desktop
– Restricted to a set of supported HMC commands
• Remote Command Line
– Accessed through encryption-protected Secure Shell (SSH)
– Key files can be set up and exchanged to avoid password prompts
• Very useful for automation and scripting without human intervention
©
2004 IBM Corporation
PAGE 15
Advanced System Management User Interface
• Service Processor Menus
(SP is part of the Power5
server)
– Accessed by Web browser
– Secure (HTTPS) access
– Password authentication
– Basic server operations
 No partition functions
• Remotely manage some
system functions (VPD,
logs, dumps, etc.)
• Many of these functions
are also on the HMC
– A few less common ones
only in ASMI
– Browser interface can be
launched on the HMC
©
2004 IBM Corporation
PAGE 16
Web-based System Manager Remote Client
• Two remote clients install options available:
– Web-based System Manager Remote Client
– Web-based System Manager Remote Client for Java Web Start
– Either client works the same after installation
• You can access your HMC remotely by installing this remote client on your
PC workstation
• The remote client provides flexibility by allowing you to manage your
system from virtually anywhere you have a PC. Up to 5 remote clients can
be logged in simultaneously
• Uses SSL security
• Some tasks not performed using the remote client
– These tasks include determining the level of HMC code, restarting the HMC
interface, and configuring System Manager Security for certificate authority or
viewing overview and status information.
• For more information: eServer Information Center....
©
2004 IBM Corporation
PAGE 17
HMC Security
• Restricted Shell
– Provides access to supported HMC command line functions
– Accessible remotely through SSH enabled client
– Also accessible as a command prompt window on the HMC itself
• Granular User Access Controls
– Define Task and Resource Roles that define accessible lists of user
tasks and resources (systems, partitions, etc.)
– Assign roles to users to define their access rights
– For example, access could be limited to a single partition
• Network Security Firewall Controls
– Define which HMC network services should be accessible on which
physical network interfaces
– For example, limit remote WebSM or SSH access to a single interface,
or none
©
2004 IBM Corporation
PAGE 18
Defining Customized User Roles
By Specific Objects (Systems, LPARs)
By Specific
Tasks
(GUI and
Commands)
©
2004 IBM Corporation
PAGE 19
HMC “network” possibilities
• Local HMC: any physical HMC that is directly connected to the system it
manages via a private network. Usually the first or only local HMC in your
private network is a DHCP server in your private network and a DHCP
client in your open network.
• Remote HMC: any HMC used to remotely access another HMC or
managed system. Remote HMCs are usually present in an open network
Remote HMCs can also be local HMCs.
• Web-based System Manager Remote Client: usually a PC installed with
“Web-based System Manager” software. Use this PC to access other
HMCs remotely. Web-based System Manager Remote Clients can be
present in private and open networks. You can perform most management
tasks using the Web-based System Manager Remote Client
©
2004 IBM Corporation
PAGE 20
HMC Communications
Service processor
HMC SSL communication
Power control
Error event handling
Licensed Internal Code updates
M = Memory P = Processor
A = PCI Adapter
Part#1
i5 OS
Part#2
i5 OS
Part#3
Part#4
Linux
AIX 5L
PPPP
PPP
MMMMM
P
M
PPP
Hypervisor (pass-through)
PPP
PP
MMMM
AAAAAAA
AAAAA
AAA
AAAA
System configuration data
Partitioning control
Virtual I/O definition
Capacity on Demand
Concurrent Service
maintenance
SLIC
SLIC
Linux Kernel
AIX Kernel
MM
Hypervisor
Service Processor
Operating Systems
Gather hardware error events Ethernet
Gather hardware inventory
Shutdown/reboot (AIX/Linux)
Dynamic LPAR (AIX/Linux)
Use of i5 OS VPN connections
©
2004 IBM Corporation
PAGE 21
HMC
Ethernet
HMC Network Topology for i5 Systems
IBM
LAN to Partitions
Admin
LAN
Network
(Opt.)
Internal PCI modem
IBM
Rack mount HMC
option
©
2004 IBM Corporation
PAGE 22
Network
(Opt)
Ethernet
Service
Network
Private
Network
Ethernet connections to
service processors, HMC
provides DHCP services
“Private” and “Open” Network Options
HMC can automatically
assign IP address and
connects to systems
HMC
DHCP
Server
Open
Network
Other network
devices
Service Processors request IP
addresses from HMC
Remote HTTPS
connection from
Web browser
©
2004 IBM Corporation
PAGE 23
Manually enter IP address or
range on HMC; HMC finds and
connects to systems
IBM
Manual setup of
Service Processor IP
parameters
HMC Functions
• Configuration Management
–
–
–
–
Server and partition configuration
Virtual I/O configuration
Capacity on Demand management
HMC setup and configuration
• Operations Management
–
–
–
–
–
GUI or command line, local or remote
Virtual operating system consoles
Server and partition controls
Dynamic LPAR resource movement
Scheduled operations
• Change Management
– Add/remove server hardware
– Check and update Licensed Internal
Code on servers, and on HMC itself
©
2004 IBM Corporation
PAGE 24
• Problem Management
– Hardware error event collection,
analysis, and correlation
– Gathering of extended debug data
– Transmission of problems to IBM
• Service Management
– Guided concurrent repair procedures
– Hardware inventory collection
– Service utilities
HMC GUI top-level navigation
Manage HMC
configuration, users,
services, ...
Guide setup wizard
and online documents
Update your Licensed
Internal Code
Manage your servers
and partitions
Service tools to
analyze and repair
Set up security for
remote GUI access
©
2004 IBM Corporation
PAGE 25
HMC Profile-based Partition Management
• Partition Profiles
– Users can create multiple, named profiles for each partition
• Provides the ability to predefine multiple partition configurations
• Useful, for example, for predefining “on demand” server images for
different workloads
– Users activate a partition by selecting a profile
– For POWER5 systems, profiles define:
•
•
•
•
•
•
•
Partition type (AIX/Linux or OS/400)
Processor allocation type (dedicated or shared)
Resource requirements (processors, memory, physical I/O, virtual I/O)
Resource max/min boundaries
Boot mode
Workload Management partition groups
Partition policies (service authority, monitoring, etc.)
• System Profiles
– User can create multiple, named system profiles
– System profiles list one or more LPAR profiles to activate
– Validation tools are available to make sure the profiles don’t conflict
©
2004 IBM Corporation
PAGE 26
LPAR Setup with HMC
I5/OS
Linux
Partition 1
Partition 2
Unassigned
Resources
Status
Command/Response
Virtual Consoles
Non-Volatile RAM
POWER5 Hypervisor
©
Processors
LPAR
Mem Regions Allocation
I/O Slots
Tables
2004 IBM Corporation
PAGE 27
Service
Processor
Server
Ethernet
HMC
Scheduling Automatic Operations
©
2004 IBM Corporation
PAGE 28
HMC Service Functions
• Guided setup
– Leads users through all the tasks needed to set up an HMC
• Service Focal Point
– Collection of hardware and LIC serviceable events
• Licensed Internal Code updates from the HMC
– For initial release, requires system to be shut down
– Concurrent firmware update capability is in plan
• System dump captures to the HMC
– Hardware scan dump or hypervisor dump sent to HMC
– Automatic capture for remote support
• Guided Hardware Service Procedures
– More concurrent maintenance functions are in plan
• Service Utilities
– LED controls, monitoring policies, partition operations
©
2004 IBM Corporation
PAGE 29
HMC Guided Setup Wizard
©
2004 IBM Corporation
PAGE 30
HMC Electronic Connections to IBM
1. Local Modem
– This option enables you to send problem information and system data to
your service provider using the modem on your HMC. You may want to
select this option if the following are true:
•
•
Your HMC does not have access to a high-speed Internet connection.
You do not have any I5/OS logical partitions with high-speed Internet
connections
2. Internet VPN
– This option enables you to send problem information to your service
provider using a high-speed Internet connection on your HMC.
– This is the fastest connection option available on the HMC, but some
environments restrict this type of connectivity for security reasons. Before
you select this option, be sure your company's security policy permits this
type of connection.
©
2004 IBM Corporation
PAGE 31
HMC Electronic connections to IBM (cont’d)
3. Connecting through other systems or logical partitions
– This option enables you to send problem information to your service
provider through a pass-through system. This pass-through system can
be another HMC or a logical partition on your server that supports the
Layer 2 Tunneling Protocol (L2TP).
– Currently, only logical partitions with the V5R3 level of I5/OS can support
L2TP, so they are the only logical partitions that can be used as passthrough systems.
– You may want to select this option if the following are true:
•
•
©
2004 IBM Corporation
PAGE 32
Your HMC does not have access to a high-speed Internet connection
You have an I5/OS logical partition with high-speed Internet connections,
running V5R3
Customizing Connectivity Settings
©
2004 IBM Corporation
PAGE 33
Electronic connections to IBM
• LIC Fix Strategy— The HMC connection type that you select here also
dictates how you will install your server LIC fixes.
– For example, if you choose to connect to your service provider through
your HMC, you will install server LIC fixes through your HMC.
• For I5/OS logical partitions, use the normal I5/OS PTF install functions
on your service partition for installing fixes, rather than using the HMC.
©
2004 IBM Corporation
PAGE 34
LPAR, HMC, Service Partition
• Existing iSeries LPAR environments (non-POWER5) already have
procedures for handling service and support functions among partitions
– Reporting all hardware and software problems
– Receiving fixes (PTFs), distributing and applying fixes to the affected partitions
– Other services
• On POWER5 HMC is used for primary hardware service and support
• Service tools run in each logical partition and work with the (HMC) as part
of the total service environment
• iSeries Consideration:
– One (any) active logical partition on your IBM eServer i5 system be designated
as a service partition
– Consider the partition running applications or a small configuration partition only
active for operating service functions
– Provides traditional service functions such as reporting software problems,
receiving operating system-based fixes, .... or “backup” your HMC.
– Can complement HMC service and support functions
©
2004 IBM Corporation
PAGE 35
Service/Problem Flows
• Service information and problems flow from each logical partition to
the service provider using a VPN connection, as follows:
– Linux logical partition > HMC > OS/400 service partition > Service and support
– AIX logical partition > HMC > OS/400 service partition > Service and support
– OS/400 logical partition > HMC (for service information) > OS/400 service partition > Service and
support
– OS/400 logical partition > OS/400 service partition (for problems) > Service and support
– OS/400 service partition > Service and support
©
2004 IBM Corporation
PAGE 36
LPAR Service and Support Configuration Examples
Basic set up
http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/index.htm
©
2004 IBM Corporation
PAGE 37
LPAR Creation Wizard – Default Type
Partition type
default is now
based on
system type
(iSeries,
pSeries or
Linux)
©
2004 IBM Corporation
PAGE 38
LPAR Creation Wizard – Virtual Processors
HMC
automatically
establishes
appropriate
defaults for
virtual processor
amounts, but
these can be
modified through
advanced
settings
©
2004 IBM Corporation
PAGE 39
LPAR Creation Wizard – Memory Information
The memory
panel for profile
creation now
shows both the
installed
memory, and
the amount of
memory
available for
use by
partitions
©
2004 IBM Corporation
PAGE 40
LPAR Creation Wizard – I/O Information
I/O
Configuration
panels provide
additional
detailed
information on
each adapter
slot, accessed
through a
“Properties”
button
©
2004 IBM Corporation
PAGE 41
LPAR Creation Wizard – Required I/O
I/O Devices
marked as
“Required” will
be reserved for
the exclusive
use of this
partition and
cannot be
accidentally
moved through
dynamic LPAR
©
2004 IBM Corporation
PAGE 42
System Profile Verification
System Profile
Validation can
be used to
ensure that
there are
sufficient
resources and
no resource
conflicts when
activating a set
of partitions
©
2004 IBM Corporation
PAGE 43
System and Partition State Names
State names
have been
changed. A
running system
is now shown
as “Operating”
state, and
inactive
partitions are
now shown as
“Not Activated”
state
©
2004 IBM Corporation
PAGE 44
System Properties – I/O View
Overall list of
I/O resources
and their
partition
ownerships can
be seen by
selecting the
“Properties”
task on a
managed
system
©
2004 IBM Corporation
PAGE 45
i5/OS Console Choices
• Starting in V5R3, the types of consoles that can be used
to control i5/OS are:
1. Twinax terminal
2. Operations Console direct-connect
3. Operations Console LAN-connect
4. Hardware Management Console (HMC)
©
2004 IBM Corporation
PAGE 46
i5/OS Console Choices
©
2004 IBM Corporation
PAGE 47
i5/OS Console Choices
©
2004 IBM Corporation
PAGE 48
HMC Education
• 1. Go to http://www.ibm.com/servers/resourcelink
• 2. On the Home page select "Register for a user ID and
password
• 3. On the Register for Access page, select the type of userid
requested
• 4. On the Self-registration page, fill in your email address and a
preferred ID, then click Submit
©
2004 IBM Corporation
PAGE 49
HMC Education
©
2004 IBM Corporation
PAGE 50
HMC Education
©
2004 IBM Corporation
PAGE 51
Information Centers
• The eServer Hardware Info Center contains information on the POWER5
models...everything from planning for the hardware, installing the hardware
(and the consoles), setting up partitioning and CoD, to servicing the
hardware
– http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/index.htm
– http://www.ibm.com/eserver/iseries/infocenter. Select eServer Information
Center in the left navigation bar.
• iSeries pre POWER5 and OS/400 V5R3 (i5/OS)
– http://publib.boulder.ibm.com/infocenter/iseries/v5r3/ic2924/index.htm
©
2004 IBM Corporation
PAGE 52
IBM
i5 Hardware Planning Site
http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/index.htm
©
2004 IBM Corporation
PAGE 53
IBM
i5 Hardware Planning Site
http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/index.htm
©
2004 IBM Corporation
PAGE 54
Trademarks and Disclaimers
© IBM Corporation 1994-2004. All rights reserved.
References in this document to IBM products or services do not imply that IBM intends to make them available in every country.
The following terms are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both:
AIX
DB2 Universal
eServer
Lotus
Power Architecture
RS/6000
z/OS
AIX/L
DB2 OLAP Server
Enterprise Storage Server
MQSeries
Power Everywhere
S/390
zSeries
AIX 5L
DataPropagator
Hipersockets
Notes
POWER Hypervisor
ThinkPad
400
AIX 5L (logo)
Domino
IBM
OS/400
POWER6
Tivoli
i5/OS
AS/400
e business(logo)
IBM Virtualization Engine
POWER
pSeries
TotalStorage
AS/400e
e(logo)business
IBM(logo)
POWER4
Quickplace
WebSphere
DB2
e(logo)server
iSeries
POWER5
Rational
xSeries
Lotus, Freelance Graphics, and Word Pro are registered trademarks of Lotus Development Corporation and/or IBM Corporation.
Domino is a trademark of Lotus Development Corporation and/or IBM Corporation.
C-bus is a trademark of Corollary, Inc. in the United States, other countries, or both.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
ActionMedia, LANDesk, MMX, Pentium and ProShare are trademarks of Intel Corporation in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
SET and the SET Logo are trademarks owned by SET Secure Electronic Transaction LLC.
Other company, product and service names may be trademarks or service marks of others.
Information is provided "AS IS" without warranty of any kind.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and
performance characteristics may vary by customer.
Information in this presentation concerning non-IBM products was obtained from a supplier of these products, published announcement material, or other publicly available sources and
does not constitute an endorsement of such products by IBM. Sources for non-IBM list prices and performance numbers are taken from publicly available information, including vendor
announcements and vendor worldwide homepages. IBM has not tested these products and cannot confirm the accuracy of performance, capability, or any other claims related to non-IBM
products. Questions on the capability of non-IBM products should be addressed to the supplier of those products.
All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. Contact your local IBM office or IBM
authorized reseller for the full text of the specific Statement of Direction.
Some information in this presentation addresses anticipated future capabilities. Such information is not intended as a definitive statement of a commitment to specific levels of performance,
function or delivery schedules with respect to any future products. Such commitments are only made in IBM product announcements. The information is presented here to communicate
IBM's current investment and development activities as a good faith effort to help with our customers' future planning.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience
will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed.
Therefore, no assurance can be given that an individual user will achieve throughput or performance improvements equivalent to the ratios stated here.
Photographs shown are of engineering prototypes. Changes may be incorporated in production models.
©
2004 IBM Corporation
PAGE 55
Audience Questions
• Allyn will be taking audience questions on this topic following the event.
You can submit your specific questions for Allyn by clicking the Ask a
Question button in the lower left corner of your presentation screen.
• Answers to your questions will be posted shortly after the webcast in a
featured tip on the Search400.com site.
• Visit the Search400.com tip section often, as new tips are posted daily.
http://search400.techtarget.com/tips/0,289484,sid3,00.html
©
2004 IBM Corporation
PAGE 56
Thank You
• Thank you for participating in a Search400.com
webcast.
• For more information on upcoming Search400.com
webcasts or to pre-register for an event, go to
http://search400.techtarget.com/webcasts/
• To submit your comments or suggestions for future
webcasts, send an e-mail to the Search400.com site
editor at [email protected].
©
2004 IBM Corporation
PAGE 57