- Preface
- Overview
- Installing the Server OS
- Managing Chassis and Dynamic Storage
- Managing the Server
- Viewing Server Properties
- Viewing Sensors
- Managing Remote Presence
- Managing User Accounts
- Configuring Network-Related Settings
- Managing Network Adapters
- Managing Storage Adapters
- Configuring Communication Services
- Managing Certificates
- Cisco IMC Firmware Management
- Viewing Faults and Logs
- Server Utilities
- BIOS Parameters by Server Model
- BIOS Token Name Comparison for Multiple Interfaces
- Index
Configuring Communication Services
This chapter includes the following sections:
Configuring HTTP
You must log in as a user with admin privileges to configure HTTP.
This example configures HTTP for the Cisco IMC:
Server# scope http
Server /http # set enabled yes
Server /http *# set http-port 80
Server /http *# set https-port 443
Server /http *# set http-redirect yes
Server /http *# set timeout 1800
Server /http *# commit
Server /http # show
HTTP Port HTTPS Port Timeout Active Sessions Enabled HTTP Redirected
---------- ---------- -------- --------------- ------- ----------------
80 443 1800 0 yes yes
Server /http #
Configuring SSH
You must log in as a user with admin privileges to configure SSH.
This example configures SSH for the Cisco IMC:
Server# scope ssh Server /ssh # set enabled yes Server /ssh *# set ssh-port 22 Server /ssh *# set timeout 600 Server /ssh *# commit Server /ssh # show SSH Port Timeout Active Sessions Enabled ---------- -------- --------------- ------- 22 600 1 yes Server /ssh #
Configuring XML API
XML API for Cisco IMC
The Cisco Cisco IMC XML application programming interface (API) is a programmatic interface to Cisco IMC for a C-Series Rack-Mount Server. The API accepts XML documents through HTTP or HTTPS.
For detailed information about the XML API, see Cisco UCS Rack-Mount Servers Cisco IMC XML API Programmer’s Guide.
Enabling XML API
You must log in as a user with admin privileges to perform this task.
| Command or Action | Purpose |
|---|
This example enables XML API control of Cisco IMC and commits the transaction:
Server# scope xmlapi
Server /xmlapi # set enabled yes
Server /xmlapi *# commit
Server /xmlapi # show detail
XMLAPI Settings:
Enabled: yes
Active Sessions: 0
Max Sessions: 4
Server /xmlapi #
Configuring IPMI
IPMI Over LAN
Intelligent Platform Management Interface (IPMI) defines the protocols for interfacing with a service processor embedded in a server platform. This service processor is called a Baseboard Management Controller (BMC) and resides on the server motherboard. The BMC links to a main processor and other on-board elements using a simple serial bus.
During normal operations, IPMI lets a server operating system obtain information about system health and control system hardware. For example, IPMI enables the monitoring of sensors, such as temperature, fan speeds and voltages, for proactive problem detection. If server temperature rises above specified levels, the server operating system can direct the BMC to increase fan speed or reduce processor speed to address the problem.
Configuring IPMI over LAN for Cisco IMC
Configure IPMI over LAN when you want to manage the Cisco IMC with IPMI messages.
You must log in with admin privileges to perform this task.
This example configures IPMI over LAN for the Cisco IMC:
Server # scope server 1 Server /server # scope ipmi Server /server/ipmi # set enabled yes Server /server/ipmi *# set privilege-level admin Server /server/ipmi *# set encryption-key abcdef01234567890abcdef01234567890abcdef Server /server/ipmi *# commit Server /server/ipmi *# show Enabled Encryption Key Privilege Level Limit ------- ---------------------------------------- --------------------- yes ABCDEF01234567890ABCDEF01234567890ABCDEF admin Server /server/ipmi # randomise-key This operation will change the IPMI Encryption Key to a random value Continue?[y|N]y Setting IPMI Encryption Key to a random value... Server /server/ipmi # show Enabled Encryption Key Privilege Level Limit ------- ---------------------------------------- --------------------- yes abcdef01234567890abcdef01234567890abcdef admin Server /server/ipmi #
Configuring IPMI over LAN for CMCs
Configure IPMI over LAN when you want to manage the CMC with IPMI messages.
You must log in with admin privileges to perform this task.
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 | Server # scope chassis |
Enters server command mode of server 1 or 2. | ||
| Step 2 | Server /chassis # scope cmc {1 | 2} |
Enters CMC command mode. | ||
| Step 3 | Server /server # scope ipmi |
Enters the IPMI command mode. | ||
| Step 4 | Server /chassis/cmc/ipmi # set enabled {yes | no} |
Enables or disables IPMI access on this server. | ||
| Step 5 | Server /chassis/cmc/ipmi # set privilege-level {readonly | user | admin} |
| ||
| Step 6 | Server /chassis/cmc/ipmi # set encryption-key key |
Sets the IPMI encryption key to use for IPMI communications. The key value must be 40 hexadecimal numbers. | ||
| Step 7 | Server /chassis/cmc/ipmi # commit |
Commits the transaction to the system configuration. | ||
| Step 8 | Server /chassis/cmc/ipmi # randomise-key |
| ||
| Step 9 | At the prompt, enter y to randomize the encryption key. |
Sets the IPMI encryption key to a random value. |
This example configures IPMI over LAN for the CMC 1:
Server # scope chassis Server # scope cmc 1 Server /chassis # scope ipmi Server /chassis/cmc/ipmi # set enabled yes Server /chassis/cmc/ipmi *# set privilege-level admin Server /chassis/cmc/ipmi *# set encryption-key abcdef01234567890abcdef01234567890abcdef Server /chassis/cmcipmi *# commit Server /chassis/cmc/ipmi *# show Enabled Encryption Key Privilege Level Limit ------- ---------------------------------------- --------------------- yes ABCDEF01234567890ABCDEF01234567890ABCDEF admin Server /chassis/cmc/ipmi # randomise-key This operation will change the IPMI Encryption Key to a random value Continue?[y|N]y Setting IPMI Encryption Key to a random value... Server /chassis/cmc/ipmi # show Enabled Encryption Key Privilege Level Limit ------- ---------------------------------------- --------------------- yes abcdef01234567890abcdef01234567890abcdef admin Server /chassis/cmc/ipmi #
Configuring SNMP
SNMP
The Cisco UCS C-Series Rack-Mount Servers support the Simple Network Management Protocol (SNMP) for viewing server configuration and status and for sending fault and alert information by SNMP traps. For information on Management Information Base (MIB) files supported by Cisco IMC, see the MIB Quick Reference for Cisco UCS at this URL: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/mib/b-series/b_UCS_MIBRef.html.
Configuring SNMP Properties
You must log in as a user with admin privileges to perform this task.
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 | Server# scope snmp |
Enters SNMP command mode. | ||
| Step 2 | Server /snmp # set enabled {yes | no} |
Enables or disables SNMP.
| ||
| Step 3 | Server /snmp # commit |
Commits the transaction to the system configuration. | ||
| Step 4 | Server /snmp # set enable-serial-num {yes | no} |
Prefixes the traps with the serial number of the server. | ||
| Step 5 | Server /snmp # set snmp-port port number |
Sets the port number on which the SNMP agent runs. You can choose a number within the range 1 to 65535. The default port number is 161.
| ||
| Step 6 | Server /snmp # set community-str community |
Specifies the default SNMP v1 or v2c community name that Cisco IMC includes on any trap messages it sends to the SNMP host. The name can be up to 18 characters. | ||
| Step 7 | Server /snmp # set community-access |
This can be one of the following : Disabled, Limited, or Full. | ||
| Step 8 | Server /snmp # set trap-community-str |
Specifies the SNMP community group to which trap information should be sent. The name can be up to 18 characters | ||
| Step 9 | Server /snmp # set sys-contact contact |
Specifies the system contact person responsible for the SNMP implementation. The contact information can be up to 254 characters, such as an email address or a name and telephone number. To enter a value that contains spaces, you must enclose the entry with quotation marks. | ||
| Step 10 | Server /snmp # set sys-location location |
Specifies the location of the host on which the SNMP agent (server) runs. The location information can be up to 254 characters. To enter a value that contains spaces, you must enclose the entry with quotation marks. | ||
| Step 11 | Server /snmp # commit |
Commits the transaction to the system configuration. |
This example configures the SNMP properties and commits the transaction:
Server# scope snmp
Server /snmp # set enabled yes
Server /snmp *# commit
Server /snmp *# set enable-serial-num yes
Server /snmp *# set snmp-port 20000
Server /snmp *# set community-str cimcpublic
Server /snmp *# set community-access Full
Server /snmp *# set trap-community-str public
Server /snmp *# set sys-contact "User Name <username@example.com> +1-408-555-1212"
Server /snmp *# set sys-location "San Jose, California"
Server /snmp *# commit
Server /snmp # show detail
SNMP Settings:
SNMP Port: 20000
System Contact: User Name <username@example.com> +1-408-555-1212
System Location: San Jose, California
SNMP Community: cimcpublic
SNMP Trap Community: public
SNMP Community access: Full
Enabled: yes
Serial Number Enabled: yes
Server /snmp #
Configure SNMP trap settings as described in Configuring SNMP Trap Settings.
Configuring SNMP Trap Settings
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 | Server# scope snmp |
Enters the SNMP command mode. | ||
| Step 2 | Server /snmp # scope trap-destinations number |
Enters the SNMP trap destination command mode for the specified destination. Four SNMP trap destinations are available. The destination number is an integer between 1 and 15. | ||
| Step 3 | Server /snmp/trap-destinations # set enabled {yes | no} |
Enables or disables the SNMP trap destination. | ||
| Step 4 | Server /snmp/trap-destinations # set version { | 2 | 3} |
Specify the desired SNMP version of the trap message.
| ||
| Step 5 | Server /snmp/trap-destinations # set type {trap | inform} |
Specifies whether SNMP notification messages are sent as simple traps or as inform requests requiring acknowledgment by the receiver.
| ||
| Step 6 | Server /snmp/trap-destinations # set user user | |||
| Step 7 | Server /snmp/trap-destination # set trap-addr trap destination address | Specifies the
trap destination address to which the trap information is sent. You can set an
IPv4 or IPv6 address or a domain name as the trap destination.
| ||
| Step 8 | Server /snmp/trap-destinations # set trap-port trap destination port | Sets the port number the server uses to communicate with the trap destination. You can choose a number within the range 1 to 65535. | ||
| Step 9 | Server /snmp/trap-destination # commit |
Commits the transaction to the system configuration. |
This example configures general SNMP trap settings and trap destination number 1 and commits the transaction:
Server# scope snmp Server /snmp # Scope trap-destinations 1 Server /snmp/trap-destination *# set enabled yes Server /snmp/trap-destination *# set version 2 Server /snmp/trap-destination *# set type inform Server /snmp/trap-destination *# set user user1 Server /snmp/trap-destination *# set trap-addr www.cisco.com Server /snmp/trap-destination *# set trap-port 10000 Server /snmp/trap-destination *# commit Server /snmp/trap-destination # show detail Trap Destination 1: Enabled: yes SNMP version: 2 Trap type: inform SNMP user: user1 Trap Address: www.cisco.com Trap Port: 10000 Delete Trap: no Server /snmp/trap-destination #
Sending a Test SNMP Trap Message
You must log in with admin privileges to perform this task.
| Command or Action | Purpose |
|---|
This example sends a test message to all the enabled SNMP trap destinations:
Server# scope snmp Server /snmp # send-test-trap SNMP Test Trap sent to the destination. Server /snmp #
Configuring SNMPv3 Users
| Command or Action | Purpose | |
|---|---|---|
| Step 1 | Server# scope snmp |
Enters the SNMP command mode. |
| Step 2 | Server /snmp # scope v3users number |
Enters the SNMPv3 users command mode for the specified user number. |
| Step 3 | Server /snmp/v3users # set v3add {yes | no} |
Adds or deletes an SNMPv3 user. This can be one of the following: |
| Step 4 | Server /snmp/v3users # set v3security-name security-name |
Enter an SNMP username for this user. |
| Step 5 | Server /snmp/v3users # set v3security-level {noauthnopriv | authnopriv | authpriv} |
Select a security level for this user. This can be one of the following:
|
| Step 6 | Server /snmp/v3users # set v3proto {MD5 | SHA} |
Select an authentication protocol for this user. |
| Step 7 | Server /snmp/v3users # set v3auth-key auth-key |
Enter an authorization password for this user. |
| Step 8 | Server /snmp/v3users # set v3priv-proto {DES | AES} |
Select an encryption protocol for this user. |
| Step 9 | Server /snmp/v3users # set v3priv-auth-key priv-auth-key |
Enter a private encryption key (privacy password) for this user. |
| Step 10 | Server /snmp/v3users # commit |
Commits the transaction to the system configuration. |
This example configures SNMPv3 user number 2 and commits the transaction:
Server# scope snmp
Server /snmp # scope v3users 2
Server /snmp/v3users # set v3add yes
Server /snmp/v3users *# set v3security-name ucsSNMPV3user
Server /snmp/v3users *# set v3security-level authpriv
Server /snmp/v3users *# set v3proto SHA
Server /snmp/v3users *# set v3auth-key
Please enter v3auth-key:ex4mp1ek3y
Please confirm v3auth-key:ex4mp1ek3y
Server /snmp/v3users *# set v3priv-proto AES
Server /snmp/v3users *# set v3priv-auth-key
Please enter v3priv-auth-key:!1@2#3$4%5^6&7*8
Please confirm v3priv-auth-key:!1@2#3$4%5^6&7*8
Server /snmp/v3users *# commit
Settings are being applied ... allow a few minutes for the process to complete
Server /snmp/v3users # show detail
User 2:
Add User: yes
Security Name: ucsSNMPV3user
Security Level: authpriv
Auth Type: SHA
Auth Key: ******
Encryption: AES
Private Key: ******
Server /snmp/v3users #
Feedback