Preface

The purpose of this document is to describe the basic steps required to minimally configure Cisco’s Unified Computing System (UCS). Additional references to detailed Configuration Examples and TechNotes are provided within each section. Comprehensive configuration guides can be found at the following location:

http://www.cisco.com/en/US/products/ps10281/products_installation_and_configuration_guides_list.html

This document assumes basic knowledge of the various UCS components, including:

UCS 6100 series Fabric Interconnects
UCS 2100 series Fabric Extenders
UCS 5100 series Blade Chassis
UCS B-Series Blade Servers
UCS Network Adapters

An elementary understanding of Local Area Network (LAN) and Storage Area Network (SAN) technologies is also assumed.

Introduction

Cisco UCS is a next-generation data center platform that:

Unites computing, networking, storage access, and virtualization into a cohesive system
Integrates a low-latency, lossless 10 Gb Ethernet unified network fabric with enterprise-class, x86-architecture servers

Information about UCS features and functionality can be found at http://www.cisco.com/go/ucs/.

Prerequisites

The following tasks should be completed, and all information collected prior to beginning:

Physical installation of the UCS components, including Blade Server Chassis and Fabric Interconnects. Detailed information is available within the following guides:
Physical connectivity directly between the Fabric Interconnect L1/L2 ports (for clustering purposes)
Physical connectivity between the Fabric Interconnects and Fabric Extenders
- Document port assignments for Server and Uplink ports
IP address assignments for each Fabric Interconnect, and cluster IP address (must all be on the same subnet)
Management IP Addressing Scheme for individual server blades
MAC Address Scheme
WWNN and WWPN Scheme (if connected to a SAN)
VLAN Numbering Scheme
VSAN Numbering Scheme (if applicable)
Management Systems Information (Optional)
- TACACS hosts and keys
- RADIUS hosts and keys
- SNMP hosts and community strings
- DNS domain suffix and server IP address
- NTP hosts
- Syslog hosts

Sample Topology

Below is an example of a typical UCS topology:

Managing UCS

Cisco UCS Manager is the management service for all components in a Cisco UCS instance. Cisco UCS Manager runs within the Fabric Interconnects. You can use any of the interfaces available within this management service to access, configure, administer, and monitor the network and server resources for each chassis connected to the Fabric Interconnects.

Cisco UCS Manager includes the following interfaces you can use to manage a Cisco UCS instance:

Cisco UCS Manager GUI (Accessible via HTTP and HTTPS)
Cisco UCS Manager CLI (Accessible via Telnet, SSH, or Console)
XML API

Almost all tasks can be performed in any of the interfaces, and the results of tasks performed in one interface are automatically displayed in another.

Console Connection

The console port is an RS-232 port with an RJ-45 interface. The console port is an asynchronous (async) serial port; any device connected to this port must be capable of asynchronous transmission. The following figure shows how to connect to the console port on the Cisco UCS 6100 Fabric Interconnect.

The console port parameters on the computer terminal (or console server) attached to the console port are as follows:

9600 baud
8 data bits
No parity
1 stop bit

UCS Manager GUI

Cisco UCS Manager GUI is the Java application that provides a GUI interface to Cisco UCS Manager. You can launch and access Cisco UCS Manager GUI from any computer that runs a supported operating system and has HTTP or HTTPS access to the UCS 6100 series Fabric Interconnect.

Overview of Cisco UCS Manager GUI

This section provides a brief overview of the Cisco UCS Manager GUI. The most commonly used areas include:

Navigation Pane—The Navigation pane provides a centralized navigation point for all components in the Cisco UCS system. When you choose a component in the Navigation pane, the object displays in the Work Pane.

Navigation Pane

The Navigation Pane has six tabs; Equipment, Servers, LAN, SAN, VM, and Admin. Each tab includes these elements:

A Filter list of values that you can use to restrict the Navigation Pane display to a certain type of objects.
An expandable navigation tree that you can use to access all of the objects on that tab. An plus (+) icon next to an object indicates that the object has subcomponents.

Work Pane—The Work Pane displays details about the object selected in the Navigation Pane.

Work Pane

The Work Pane includes these elements:

A navigation bar that displays the path from the main object of the tab in the Navigation Pane to the selected object. You can click on any object in this path in order to display that object in the Work Pane.
A content area that displays tabs with information related to the object selected in the Navigation Pane. The tabs displayed in the content area depend upon the selected object. You can use these tabs in order to view information about the object, create new objects, modify properties of the objects, and examine the chosen object.

While performing configuration steps in the UCS Manager GUI, you will find that there are often multiple ways to perform the same task. For example, you can right-click on an object in the Navigation Pane and select an action or you may be able to select that same action from the corresponding view in the Work Pane. In many cases, you may also have the ability to drag and drop objects within the Navigation Pane. As you get comfortable with the UCS Manager GUI, you can choose the method that best suits your work habits.

If you would like additional information on the UCS Manager GUI, see the document entitled “Use UCS Manager GUI to Manage Cisco UCS” on CCO.

UCS Manager CLI

The UCS Manager CLI is organized into a hierarchy of command modes, which often correspond to managed objects. Managed objects represent physical and logical components within UCS, such as servers, processors, Service Profiles, and policies.

The create, enter, scope, and exit commands are used to navigate the object hierarchy.

More detailed information on navigating the UCS Manager CLI can be found in the Cisco UCS Manager CLI Configuration Guide, Release 1.x.

Initial Setup Steps

The first time that you access a Fabric Interconnect in a Cisco UCS instance, a setup wizard prompts you for the following information required to configure the system:

Installation method (GUI or CLI)
Setup mode (restore from full system backup or initial setup)
System configuration type (standalone or cluster configuration)
System name
Admin password
Management port IP address and subnet mask
Default gateway IP address
DNS Server IP address
Default domain name
Setup Mode
System Configuration Type
Management Port IP Address

Setup Wizard (Management IP), etc.

Performing an Initial System Setup for the First Fabric Interconnect

The following procedure is used for the initial setup of the first Cisco UCS 6100 Fabric Interconnect.

Connect to the console port.
Power on the Fabric Interconnect. You will see the power on self test messages as the Fabric Interconnect boots.
When the unconfigured system boots, it prompts you for the setup method to be used. Enter console to continue the initial setup using the console CLI.
Enter setup to continue as an initial system setup.
Enter y to confirm that you want to continue the initial setup.
Enter the password for the admin account.
To confirm, re-enter the password for the admin account.
Enter yes to continue the initial setup for a cluster configuration.
Enter the Fabric Interconnect fabric (either A or B).
Enter the system name.
Enter the IP address for the management port on the Fabric Interconnect.
Enter the subnet mask for the management port on the Fabric Interconnect.
Enter the IP address for the default gateway.
Enter the virtual IP address.
Enter yes if you want to specify the IP address for the DNS server, or no if you do not.
(Optional) Enter the IP address for the DNS server.
Enter yes if you want to specify the default domain name, or no if you do not.
(Optional) Enter the default domain name.
Review the setup summary and enter yes to save and apply the settings, or enter no to go through the setup wizard again to change some of the settings.

If you choose to go through the setup wizard again, it will automatically provide the values you previously entered, and the values will appear in brackets. To accept previously-entered values, press the Enter key.

Performing an Initial System Setup for the Second Fabric Interconnect

The following procedure is used for the initial setup of the second Cisco UCS 6100 Fabric Interconnect.

Connect to the console port.
Power on the Fabric Interconnect. You will see the power on self test messages as the Fabric Interconnect boots.
When the unconfigured system boots, it prompts you for the setup method to be used. Enter console to continue the initial setup using the console CLI.

Note: The Fabric Interconnect should detect the peer Fabric Interconnect in the cluster. If it does not, check the physical connections between the L1 and L2 ports, and verify that the peer Fabric Interconnect has been enabled for a cluster configuration.

Enter y to add the subordinate Fabric Interconnect to the cluster.
Enter the admin password of the peer Fabric Interconnect.
Enter the IP address for the management port on the subordinate Fabric Interconnect.
Review the setup summary and enter yes to save and apply the settings, or enter no to go through the setup wizard again to change some of the settings.

If you choose to go through the setup wizard again, it will automatically provide the values you previously entered, and the values will appear in brackets. To accept previously-entered values, press the Enter key.

Login to UCS Manager GUI through HTTPS

Complete the following steps to access the UCS Manager GUI through HTTPS:

In your web browser, type or choose the web link for Cisco UCS Manager GUI.
The default web link is https://UCSManager_IP.
1. If a Security Alert dialog box displays, click Yes in order to accept the security certificate and continue.
On the Cisco UCS Manager page, click Launch. You can be prompted to download or save the .JNLP file, depending on your browser configuration.

If a Security dialog box displays, click Yes in order to accept the certificate and continue. If desired, you can check the box in order to accept all content from Cisco.

In the Login dialog box, enter your User Name and Password.
Click Login.

Configure Network Connectivity

After launching UCS Manager for the first time, you will see the Fabric Interconnects appear in the Navigation Pane. In order to have a view into the chassis, you will need to properly configure the Server Ports. Once you have properly configured the Server Ports using the information in this document, the next step is configuring your VLANs and VSANs, and finally the Uplink Ports to the rest of your LAN.

The type of network connectivity that is supported is dependent on the adaptor that is installed on your individual blade servers. Table 1 describes the available adaptors and their capabilities.

Table 1: UCS Network Adaptors and Capabilities

Adaptor	Maximum vNICs	Maximum vHBAs	Failover Supported
82598KR	2	-	No
M71KR-E/M71KR-Q	2	2	Yes
M81KR	15 * (min. acknowledged links between Fabric Extender and Fabric Interconnect) – 2 Mix and match of Ethernet and Fibre Channel		Yes

Chassis Discovery Policy

With respect to the initial setup, the Chassis Discovery Policy serves one main purpose, which is to tell the system how many active links between the Fabric Extenders and Fabric Interconnects should be connected upon initial discovery of a chassis. For example, if the Chassis Discovery Policy is set to “4-link” and a newly discovered chassis has anything other than four links, the chassis will be visible with the "unsupported-connectivity" configuration, and otherwise unusable until the correct number of links are added, or the policy is changed.

This is a mandatory step in the initial UCS configuration.

Configuration using UCS Manager GUI

To configure the Chassis Discovery Policy through the UCS Manager GUI:

Select the Equipment tab in the Navigation Pane
Select the Equipment object
In the Work Pane, select the Policies tab
Under Chassis Discovery Policy, select the number of links to be used by the chassis
Under Power Policy, select one of the following options:
- non-redundant
- n+1
- grid
Click Save Changes

Configuration using UCS Manager CLI

To configure the Chassis Discovery Policy through the UCS Manager CLI:

FabricInterconnect-A# scope org

FabricInterconnect-A /org # scope chassis-disc-policy

FabricInterconnect-A /org/chassis-disc-policy # set action 4-link

FabricInterconnect-A /org/chassis-disc-policy* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /org/chassis-disc-policy # show

Chassis Discovery Policy:

Description Qualifier Action Rebalance

----------- ---------- ----------------- ---------

none 4 Link User Acknowledged

FabricInterconnect-A /org/chassis-disc-policy #

Server Ports

The Fabric Interconnect has two types of ports: Server and Uplink Ports. The Server Ports are what connect to the Fabric Extender on the chassis, and the Uplink ports are what connect to the upstream switch (the LAN). For more detailed information on establishing this connectivity, please see the CCO TechNote entitled “Set up Connectivity between Fabric Extender and Fabric Interconnect in UCS”.

Configuration using UCS Manager GUI

To configure Server Ports through the UCS Manager GUI:

Select the Equipment tab in the Navigation Pane
Expand Fabric Interconnects > Fabric Interconnect A > Fixed Module > Unconfigured Ports
Right click on the desired port object
Select Configure as Server Port or select Configure as Server Port under Actions in the Work Pane

Repeat for each port you want configured as a Server Port
Repeat for Fabric Interconnect B

Configuration using UCS Manager CLI

To configure Server Ports through the UCS Manager CLI:

FabricInterconnect-A# scope eth-server

FabricInterconnect-A /eth-server # scope fabric a

FabricInterconnect-A /eth-server/fabric # create interface 1 12

FabricInterconnect-A /eth-server/fabric/interface* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /eth-server/fabric # show interface

Interface:

Slot Id Port Id Admin State Oper State State Reason Chassis

------- ------- ------------ ------------ ----------------------- -------

1 1 Enabled Up 3

1 12 Enabled Up 1

1 2 Enabled Up 3

1 3 Enabled Up 3

1 4 Enabled Up 3

1 5 Enabled Up 1

1 6 Enabled Up 1

1 7 Enabled Up 1

1 8 Enabled Up 1

FabricInterconnect-A /eth-server/fabric #

LAN

In order for a blade server to pass Ethernet traffic over a particular VLAN, that VLAN must be created within UCS Manager, and then later associated with a vNIC. It is possible to create VLANs that are unique to either Fabric Interconnect. However, for the purposes of this document, we will create a Global VLAN, which is a VLAN that resides on both Fabric Interconnects.

A unique VLAN ID is required for each named VLAN. Note that VLANs with IDs from 3968 to 4048 are reserved.

Configuration using UCS Manager GUI

To configure VLANs through the UCS Manager GUI:

Select the LAN tab in the Navigation Pane
Expand LAN > LAN Cloud
In the Work Pane, select the VLANs tab
Click the + in order to begin the VLAN creation
Enter the following information in the Create VLAN dialog box:
- In the Name field, enter a unique name for the VLAN
- In the ID field enter the network ID assigned to the VLAN
Click OK

Configuration using UCS Manager CLI

To configure VLANs through the UCS Manager CLI:

FabricInterconnect-A# scope eth-uplink

FabricInterconnect-A /eth-uplink # create vlan PerfEngineering 199

FabricInterconnect-A /eth-uplink/vlan* # commit-buffer

FabricInterconnect-A /eth-uplink/vlan #

To verify after the change has been made:

FabricInterconnect-A /eth-uplink/vlan # show

VLAN:

Name VLAN ID Fabric ID Native VLAN

---------- ---------- --------- -----------

PerfEngineering

199 Dual No

FabricInterconnect-A /eth-uplink/vlan #

For additional information on VLAN configuration with UCS Manager, see the document entitled “VLAN Configuration for Cisco UCS” on CCO.

SAN

If you are utilizing VSANs within your Storage Area Network, you must create a VSAN in UCS Manager, and later associate it to a vHBA. Similar to a VLAN, a VSAN can either be Global or individual to a Fabric Interconnect. VLANs and VSANs differ in that each fiber uplink from UCS to its upstream SAN switch supports only one VSAN. This is specified as a property of the Uplink FC Port. While vNICs can support multiple VLANs, each vHBA can support only one VSAN.

Configuration using UCS Manager GUI

To configure a global VSAN through the UCS Manager GUI:

Select the SAN tab in the Navigation Pane
Expand SAN > SAN Cloud
In the Work Pane, select the VSANs tab
Click the + in order to begin the VSAN creation
Enter the following information in the Create VSAN dialog box:
- In the Name field, enter a unique name for the VSAN
- In the ID field enter a valid VSAN ID. This needs to match an ID in your Core SAN.
- Add a VLAN ID that is used internally in order to carry FCoE
Click OK

Configuration using UCS Manager CLI

To configure a global VSAN through the UCS Manager CLI:

FabricInterconnect-A# scope fc-uplink

FabricInterconnect-A /fc-uplink # create vsan PerfEngineering 199 299

FabricInterconnect-A /fc-uplink/vsan* # commit-buffer

FabricInterconnect-A /fc-uplink/vsan #

To verify after the change has been made:

FabricInterconnect-A /fc-uplink/vsan # show

VSAN:

Name Id FCoE VLAN Fabric ID

---------- ---------- ---------- ---------

PerfEngineering

199 299 Dual

FabricInterconnect-A /fc-uplink/vsan #

Please see the TechNote entitled “LAN and SAN Connectivity for a Cisco UCS Blade” on CCO for additional information on configuring SAN connectivity in UCS.

Uplink Ports

Uplink Ethernet ports connect your Fabric Interconnects to the upstream LAN switches. Uplink Fibre Channel ports connect your Fabric Interconnects to the upstream SAN switches. The procedure to configure Uplink Ports is similar to configuring Server Ports.

Configuring Uplink Ethernet Ports using UCS Manager GUI

To configure Uplink Ethernet Ports through the UCS Manager GUI:

Select the Equipment tab in the Navigation Pane
Expand Fabric Interconnects > Fabric Interconnect A > Fixed Module > Unconfigured Ports
Drag the ports you want configured as Uplink Ports to the Uplink Ethernet Ports object
Click OK
Repeat for Fabric Interconnect B

Configuring Uplink Ethernet Ports using UCS Manager CLI

To configure Uplink Ethernet Ports through the UCS Manager CLI:

FabricInterconnect-A# scope eth-uplink

FabricInterconnect-A /eth-uplink # scope fabric a

FabricInterconnect-A /eth-uplink/fabric # create interface 1 20

FabricInterconnect-A /eth-uplink/fabric/interface* # commit-buffer

FabricInterconnect-A /eth-uplink/fabric/interface #

FabricInterconnect-A /eth-uplink/fabric/interface # exit

To verify after the change has been made:

FabricInterconnect-A /eth-uplink/fabric # show interface

Interface:

Slot Id Port Id Admin State Oper State State Reason

---------- ---------- ----------- ---------------- ------------

1 19 Enabled Up

1 20 Enabled Up

FabricInterconnect-A /eth-uplink/fabric #

For additional information on configuring Uplink Ports in a UCS environment, see the document entitled “UCS Uplink Ethernet Connection Configuration Example” on CCO.

Configuring Uplink FC Ports using UCS Manager GUI

To configure Uplink FC Ports through the UCS Manager GUI:

Select the Equipment tab in the Navigation Pane
Expand Fabric Interconnects > Fabric Interconnect A > Expansion Module 2 > Uplink FC Ports
Select the FC port you want configured as an Uplink FC Port
In the Work Pane, under Actions, click Enable Port
Under Properties, set the VSAN to the proper VSAN for the uplink port
Click Save Changes
Repeat for Fabric Interconnect B

Configuring Uplink FC Ports using UCS Manager CLI

To configure Uplink Ethernet Ports through the UCS Manager CLI:

cae-ucs-rtp-B# scope fc-uplink

cae-ucs-rtp-B /fc-uplink # enter vsan VSAN100 100 100

cae-ucs-rtp-B /fc-uplink/vsan # create member-port a 2 8

cae-ucs-rtp-B /fc-uplink/vsan/member-port* #

cae-ucs-rtp-B /fc-uplink/vsan/member-port* # commit-buffer

cae-ucs-rtp-B /fc-uplink/vsan/member-port #

To verify after the change has been made:

cae-ucs-rtp-B /fc-uplink/vsan/member-port # show

Member Port:

Fabric ID Slot ID Port ID Oper State State Reason Oper Speed

--------- ---------- ---------- ---------------- ------------ ----------

A 2 8 Sfp Not Present SFP not present

Indeterminate

For additional information on configuring Uplink Ports in a UCS environment, see the document entitled “UCS Uplink Ethernet Connection Configuration Example” on CCO.

Perform Initial System Validation

Once you have configured Server and Uplink ports, it is a good idea to validate the hardware has been properly discovered and that you are running the desired version of firmware.

Validate Hardware

The Hybrid Display provides an excellent visual depiction of the components within your UCS deployment, including the connected ports.

Validation using UCS Manager GUI

To validate the system hardware through the UCS Manager GUI:

Select the Equipment tab in the Navigation Pane
Expand Equipment > Chassis
Select the appropriate Chassis object
In the Work Pane, select the Hybrid Display tab

Chassis

Fabric Interconnect

Fabric Extender

Blade Server

To view the hardware details of a blade server through the UCS Manager GUI:

Expand Servers
Select the blade server object you want to view
In the Work Pane, select the Inventory tab

Look at the Inventory tab to see what type of hardware is installed in your system. Make note of the Adaptor.

Validate Software

While not mandatory, it may be desirable to note the firmware versions that are running on the various components within UCS.

Validation using UCS Manager GUI

To validate system software through the UCS Manager GUI:

Select the Equipment tab in the Navigation Pane
Select the Equipment object
In the Work Pane, select the Firmware Management

Validation using UCS Manager CLI

To validate the system software through the UCS Manager CLI:

FabricInterconnect-A # scope firmware

FabricInterconnect-A /firmware # show image

Name Type Version State

----------------------------------- -------------------- --------------- -----

diag-nuova-or-4.0.0.062.bin Unspecified 4.0(1a) Active

ucs-2100.1.0.1.6.gbin Iom 1.0(1.6) Active

ucs-2100.1.1.0.158i.gbin Iom 1.1(0.158i) Active

ucs-2100.1.1.0.215.bin Iom 1.1(0.215) Active

ucs-2100.1.1.0.217a.bin Iom 1.1(0.217a) Active

ucs-2100.1.1.0.282.bin Iom 1.1(0.282) Active

ucs-2100.1.1.0.89c.gbin Iom 1.1(0.89c) Active

...

FabricInterconnect-A /firmware #

For additional information on software management and validation in UCS, see the following documents on Cisco.com:

Create Pools

One of the key benefits of UCS is stateless computing. Stateless computing refers to the ability to move the “identity” of one server to another using the concept of Service Profiles. In order to take advantage of stateless computing, traditionally derived (burned-in) addresses would need to be individually assigned to each Service Profile, which functions as a type of abstraction layer between the hardware and the Operating System. This assignment can either be done on a per-Service Profile basis or by creating a Pool of addresses and allowing UCS to decide which address to assign.

Examples of resources that can be pooled include Management IP Addresses, MAC Addresses, WWNN, WWPN, and UUID values. Additional information about pools can be found in the CCO TechNote entitled “Create Pools to Simplify Blade Management in Cisco UCS”.

Management IP Address Pools

The Management IP Address pool facilities the assignment of a management IP address to an individual blade server. The Management IP Address is used for Serial Over LAN (SOL) or IPMI access. Note that the Management IP Address pool currently has to be on the same subnet as the Management interface of the UCS Manager.

Configuration using UCS Manager GUI

To configure Management IP Address Pools through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > Communication Management
Select the Management IP Pool (ext-mgmt)
In the Work Pane, under Actions, click Create Block of IP Addresses
Enter the requested information to create the block of management IP addresses
Click OK

Configuration using UCS Manager CLI

To configure Management IP Address Pools through the UCS Manager CLI:

FabricInterconnect-A# scope org

FabricInterconnect-A /org # scope ip-pool ext-mgmt

FabricInterconnect-A /org/ip-pool # create block 172.18.100.10 172.18.100.60 172.18.100.1 255.255.255.0

FabricInterconnect-A /org/ip-pool # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /org/ip-pool # show

IP Pool:

Name Size Assigned

-------------------- ---------- --------

ext-mgmt 50 10

FabricInterconnect-A /org/ip-pool #

MAC Address Pools

A MAC Address Pool eases the administrative burden of assigning individual MAC addresses to each Service Profile.

Configuration using UCS Manager GUI

To configure MAC Address Pools through the UCS Manager GUI:

Select the LAN tab in the Navigation Pane
Expand LAN > Pools > root
Right click the MAC Pools object and select Create MAC Pool
Give the pool and Name and Description, then click Next
Click Add to add a range of MAC addresses
Specify the First MAC Address and the Size of the pool
Click OK
Click Finish

Configuration using UCS Manager CLI

To configure MAC Address Pools through the UCS Manager CLI:

FabricInterconnect-A# scope org

FabricInterconnect-A /org # create mac-pool MyMACPool

FabricInterconnect-A /org/mac-pool* # create block 00:25:B5:40:00:00 00:25:B5:40:00:31

FabricInterconnect-A /org/mac-pool/block* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /org/mac-pool # show

MAC Pool:

Name Size Assigned

-------------------- ---------- --------

MyMACPool 50 1

FabricInterconnect-A /org/mac-pool #

WWN Pools

WWNN and WWPN Pools ease the administrative burden of assigning individual WWNN and WWPN addresses to each Service Profile. In a typical UCS deployment, you would create fairly large WWN pools. After they are assigned to a Service Profile, which is then assigned to a blade server, you would note the WWN assignment and configure your SAN accordingly.

Configuration using UCS Manager GUI

To configure WWN Pools through the UCS Manager GUI:

Select the SAN tab in the Navigation Pane
Expand SAN > Pools > root
Right click the WWNN Pools object and select Create WWNN Pool
Give the pool and Name and Description, then click Next
Click Add to add a block of WWN addresses
Specify the First WWN Address and the Size of the pool
Click OK
Click Finish

Configuration using UCS Manager CLI

To configure WWN Pools through the UCS Manager CLI:

FabricInterconnect-A# scope org

FabricInterconnect-A /org # create wwn-pool WWNTEST node-wwn-assignment

FabricInterconnect-A /org/wwn-pool* # create block 20:00:00:25:b5:00:00:00 20:00:00:25:b5:00:00:31

FabricInterconnect-A /org/wwn-pool/block* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /org/wwn-pool # show

WWN Pool:

Name Purpose Size Assigned

-------------------- ------------------- ---------- --------

MyWWNNPool Node Wwn Assignment 50 0

FabricInterconnect-A /org/wwn-pool #

UUID Suffix Pools

The utilization of UUID Suffix Pools within a Service Profile eliminates the need to manually configure the UUID of the server associated with the Service Profile.

Configuration using UCS Manager GUI

To configure UUID Suffix Pools through the UCS Manager GUI:

Select the Servers tab in the Navigation Pane
Expand Servers > Pools > root
Right click the UUID Suffix Pools object and select Create UUID Suffix Pool
Give the pool and Name and Description, then click Next
Click Add to add a block of UUID Suffixes
Specify the First UUID Suffix and the Size of the pool
Click OK
Click Finish

Configuration using UCS Manager CLI

To configure UUID Suffix Pools through the UCS Manager CLI:

FabricInterconnect-A# scope org

FabricInterconnect-A /org # create uuid-suffix-pool MyUUIDPool

FabricInterconnect-A /org/uuid-suffix-pool* # create block 0000-000300000001 0000-000300000032

FabricInterconnect-A /org/uuid-suffix-pool/block* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /org/uuid-suffix-pool # show

UUID Suffix Pool:

Name UUID Prefix Size Assigned

-------------------- ------------------ -------- --------

MyUUIDPool 8C1D5178-8C02-11D9 50 1

FabricInterconnect-A /org/uuid-suffix-pool #

Policies

The use of Policies is not mandatory during the initial UCS configuration. However, it is important to be aware that there are various Policies that can be created and applied to Service Profiles. For detailed information about this feature, please see the CCO TechNote entitled “Configure Chassis and Server Discovery Policies for Cisco UCS”.

Create & Associate Service Profiles

You should be somewhat familiar with the concept of Service Profiles from the previous sections. The Service Profile, or logical server, is the fundamental backbone of the stateless capabilities within UCS. The Service Profile represents a logical view of a single blade server, without the detailed knowledge of the underlying hardware. The profile object contains the server personality, for example, the values contained in the pools that were created in the previous steps.

Service Profiles can be created manually, cloned from an existing Service Profile, or created in batch using a Service Profile Template. This guide will focus on the manual creation of a Service Profile. For more detailed information on Service Profiles, please see the following CCO TechNotes:

This document will guide you through the creation and association of a single Service Profile to a blade server. Please note that this process should be repeated for each blade server in the chassis.

Create a Service Profile using the Expert Wizard

While a Service Profile can exist that inherits the identity of the blade server, we will focus on creating a Service Profile that overrides the server’s identity, which is required for stateless computing.

In this procedure, we will use the Expert Wizard to create a new Service Profile:

Select the Servers tab In the Navigation Pane
Expand Servers > Service Profiles
Select the root object
In the Work Pane, under Actions, click Create Service Profile (expert)
In the Name field, enter a unique name that you can use to identify the Service Profile
If applicable, choose the UUID Pool you created in the previous step from the from the UUID Assignment drop-down list
In the Description field, enter a description of this Service Profile
Click Next

Storage vHBA Definition

From the Local Storage drop-down list, choose one of the RAID options. This applies to the local disks (if applicable)
Leave the Scrub Policy as <not set>
If applicable, choose the WWNN Pool you created in the previous step from the WWNN Pool drop-down list
If applicable, name your vHBAs and select the VSANs that were created in the previous step
Click Next

Networking vNIC Definition

Select the Expert option as shown
Click Add

Create exactly one vNIC in the profile for each port you would like to make accessible to your blade server’s operating system.

Use Table 1 in the Configure Network Connectivity section of this document to determine the maximum number of vNICs that are supported with your exact hardware configuration.

Once you click Add, the “Create vNICs” pop-up window appears

Name the vNIC accordingly
If applicable, choose the MAC Address Pool you created in the previous step from the from the MAC Address Assignment drop-down list
Select the VLAN you created in the previous step from the drop-down list
Choose whether this will be the Native VLAN

Once it is completed, click OK, then Next

vNIC/vHBA Placement

vNIC/vHBA Placement specifies the mezzanine card on which the vNICs and vHBAs are placed. This step of the setup wizard is only applicable on the B250 full width blade server, which has multiple mezzanine cards.

Define Boot Policy/Order

You can either choose from the Boot Policy drop-down list or choose Create Boot Policy

Select order of the boot sequence as shown below in the Create Boot Policy pop-up window.
You can choose to boot first from CD Rom, Local Disk, or your SAN.

On the Server Assignment screen, leave Server Assignment set to Assign Later
Click Next
Leave the settings on the Operational Policies page set to their default
Click Finish to create the Service Profile.

Associate Service Profiles to Server Blade

A 1:1 mapping of Service Profiles to blade servers can exist. You cannot assign a Service Profile to more than one blade server at any given time.

Configuration using UCS Manager GUI

To bind a Service Profile through the UCS Manager GUI:

Select the Servers tab in the Navigation Pane
Expand Servers > Service Profiles > root
Right click the Service Profile you want to bind with a blade server and select Change Service Profile Association
Under Server Assignment in the dialog box that appears, choose Select existing Server
In the list of available servers, select the blade server you want to bind the Service Profile with
Click OK

Configuration using UCS Manager CLI

To bind a Service Profile through the UCS Manager CLI:

FabricInterconnect-A# scope org

FabricInterconnect-A /org # scope service-profile MyServiceProfile

FabricInterconnect-A /org/service-profile # associate server 1/1

FabricInterconnect-A /org/service-profile* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /org/service-profile # show

Service Profile:

Service Profile Name Type Server Assignment Association

-------------------- ----------------- ------- ---------- -----------

MyServiceProfile Instance 1/1 Assigned Associating

FabricInterconnect-A /org/service-profile #

Additional UCS Management Configuration (Optional)

The items listed below are optional, but common configuration settings that would normally be configured as part of an initial UCS deployment.

DNS

Configure a DNS server that will be used to resolve hostnames to IP addresses within UCS.

More detailed information on configuring DNS can be found in the following CCO TechNote: Configure the DNS Server for Cisco UCS.

Configuration using UCS Manager GUI

To configure DNS through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > Communication Management
Select the DNS Management object
In the Work Pane, under Actions, click Specify DNS Server
Enter the IP address of the DNS server and click OK.

Configuration using UCS Manager CLI

To configure your UCS to utilize a DNS Server with address 192.168.1.1:

FabricInterconnect-A# scope system

FabricInterconnect-A /system # scope services

FabricInterconnect-A /system/services # create dns 192.168.1.1

FabricInterconnect-A /system/services* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /system/services # show dns

Domain Name Servers:

IP Address: 192.168.1.1

SNMP

Use this section to help you configure SNMP for both polling and sending Traps. UCS supports SNMP Version 2c and Version 3, but this document will guide you through configuring Version 2c.

For detailed information on the information that can be gathered via SNMP from UCS, please see the following link on CCO: MIB Quick Reference for Cisco UCS Manager, Release 1.x.

Configuration using UCS Manager GUI

To configure SNMP through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > Communication Management
Select the Communication Services object
In the Work Pane, under SNMP, change the Admin State to enabled
Set the Community value
Under SNMP Traps, click +
Enter the IP Address and Community for the trap destination
Click OK

Configuration using UCS Manager CLI

To set the SNMP community to ‘public’ (Note: It is recommended that you choose a different community other than ‘public’ for both SNMP and SNMP Traps), execute the following:

FabricInterconnect-A# scope monitoring

FabricInterconnect-A /monitoring # set snmp community public

To verify after the change has been made:

FabricInterconnect-A /monitoring # show snmp

Name: snmp

Admin State: Disabled

Port: 161

Community: public

To set the SNMP-Trap community to ‘public’, execute the following

FabricInterconnect-A# scope monitoring

FabricInterconnect-A /monitoring # create snmp-trap 192.168.1.1

FabricInterconnect-A /monitoring/snmp-trap* # set community public

FabricInterconnect-A /monitoring/snmp-trap* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /monitoring/snmp-trap # show detail

SNMP Trap:

Hostname: 192.168.1.1

Port: 162

Community: public

Version: V2c

V3 Privilege: Noauth

To enable SNMP after the settings have been configured:

FabricInterconnect-A /monitoring # enable snmp

To verify after the change has been made:

FabricInterconnect-A /monitoring # show snmp

Name: snmp

Admin State: Enabled

Port: 161

Community: public

Syslog

UCS has standard syslogging capabilities and can write to a local and remote facility. More detailed information on configuring Syslog can be found in the following CCO TechNote:

Set up Syslog for Cisco UCS.

Configuration using UCS Manager GUI

To configure Syslog through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > Faults, Events and Audit Log
Select the Syslog object
In the Work Pane, under Local Destinations, enable or disable logging to the Console, Monitor, and File
Under Remote Destinations, configure up to 3 syslog servers by clicking enabled under Admin State for each server
Specify the logging Level, Hostname (or IP Address), and Facility
Click Save Changes

Configuration using UCS Manager CLI

To configure Syslog through the UCS Manager GUI:

FabricInterconnect-A# scope monitoring

FabricInterconnect-A /monitoring # set syslog remote-destination server-1 hostname syslog1.cisco.com state enabled

FabricInterconnect-A /monitoring* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /monitoring # show syslog

console

state: Disabled

level: Critical

monitor

state: Disabled

level: Critical

file

state: Enabled

level: Critical

name: messages

size: 4194304

remote destinations

Name Hostname State Level Facility

-------- -------------------- -------- ------------- --------

Server 1 syslog1.cisco.com Enabled Critical Local7

Server 2 none Disabled Critical Local7

Server 3 none Disabled Critical Local7

FabricInterconnect-A /monitoring #

NTP

UCS can synchronize its clock with an NTP server on your network. Use the following procedure to configure this feature.

Configuration using UCS Manager GUI

To configure NTP through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > Timezone Management
In the Work Pane, under Actions, click Add NTP Server
Enter the hostname (or IP address) of the NTP server
Click OK

Configuration using UCS Manager CLI

To configure your UCS to utilize an NTP Server with address 192.168.1.1:

FabricInterconnect-A# scope system

FabricInterconnect-A /system # scope services

FabricInterconnect-A /system/services # create ntp 192.168.1.1

FabricInterconnect-A /system/services* # commit-buffer

To verify after the change has been made:

FabricInterconnect-A /system/services # show ntp

NTP Servers:

IP Address: 192.168.1.1

TACACS

Before configuring UCS for TACACS support, please ensure that your TACACS Server has been pre-configured with the appropriate key and that the individual IP addresses of each Fabric Interconnect have been added accordingly. Note that the TACACS request will be sourced from the individual IP address of each Fabric Interconnect.

For more details on configuring UCS for TACACS authentication, as well as the corresponding configuration required on the CiscoSecure ACS Server (if applicable), see the CCO TechNote entitled Setup TACACS Authentication for Cisco UCS.

Configuration using UCS Manager GUI

To configure TACACS through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > User Management
Select the TACACS+ object
In the Work Pane, under Actions, click Create TACACS+ Provider
Enter the Hostname (or IP address), Order, and Key of the TACACS+ server
Click OK.

Once a TACACS+ server has been configured, enable TACACS authentication using the following steps:

Select the Admin tab in the Navigation Pane
Expand All > User Management
Select the Authorization object
In the Work Pane, set Default to tacacs
Click Save Changes

Configuration using UCS Manager CLI

Set the TACACS Server IP address to 192.168.1.1:

FabricInterconnect-A# scope security

FabricInterconnect-A /security #

FabricInterconnect-A /security/tacacs # create server 192.168.1.1

FabricInterconnect-A /security/tacacs/server* # set key

Enter the key: <enter the key here – it will not display on the screen>

Confirm the key: <confirm>

FabricInterconnect-A /security/tacacs/server* #

FabricInterconnect-A /security/tacacs/server* # set port 49

FabricInterconnect-A /security/tacacs/server* # commit-buffer

FabricInterconnect-A /security/tacacs/server #

To verify after the change has been made:

FabricInterconnect-A /security/tacacs/server # show detail

AAA server:

Hostname or IP address: 192.168.1.1

Order: 1

Port: 49

Key: ****

FabricInterconnect-A /security/tacacs/server #

Verify and change Authentication settings:

To verify current settings:

FabricInterconnect-A# scope security

FabricInterconnect-A /security #

FabricInterconnect-A /security # show authentication

Console authentication: Local

Default authentication: Local

Role Policy For Remote Users: Assign Default Role

Set the default authentication method to TACACS for remote connections (SSH, Telnet, HTTP, HTTPS):

FabricInterconnect-A /security # set authentication default tacacs

FabricInterconnect-A /security* #commit-buffer

To verify after the change has been made:

FabricInterconnect-A /security # show authentication

Console authentication: Local

Default authentication: Tacacs

Role Policy For Remote Users: Assign Default Role

Radius

Before configuring UCS for RADIUS support, please ensure that your RADIUS Server has been pre-configured with the appropriate key and that the individual IP addresses of each Fabric Interconnect have been added accordingly. Note that the RADIUS request will be sourced from the individual IP address of each Fabric Interconnect.

For more details on configuring UCS for RADIUS authentication, as well as the corresponding configuration required on the CiscoSecure ACS Server (if applicable), see the CCO TechNote entitled Set up RADIUS Authentication for Cisco UCS.

Configuration using UCS Manager GUI

To configure RADIUS through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Expand All > User Management
Select the RADIUS object
In the Work Pane, under Actions, click Create RADIUS Provider
Enter the Hostname (or IP address), Order, and Key of the RADIUS server
Click OK

Once a RADIUS server has been configured, enable RADIUS authentication using the following steps:

Select the Admin tab in the Navigation Pane
Expand All > User Management
Select the Authorization object
In the Work Pane, set Default to radius
Click Save Changes

Configuration using UCS Manager CLI

To configure RADIUS through the UCS Manager CLI:

FabricInterconnect-A# scope security

FabricInterconnect-A /security # scope radius

FabricInterconnect-A /security/radius # create server 192.168.1.1

FabricInterconnect-A /security/radius/server* # set key

Enter the key:

Confirm the key:

FabricInterconnect-A /security/radius/server* #

FabricInterconnect-A /security/radius/server* # commit-buffer

FabricInterconnect-A /security/radius/server#

To verify after the change has been made:

FabricInterconnect-A /security/radius/server # show detail

AAA server:

Hostname or IP address: 192.168.1.1

Order: 1

Port: 1812

Key: ****

FabricInterconnect-A /security/radius/server #

Verify and change Authentication settings:

To verify current settings:

FabricInterconnect-A# scope security

FabricInterconnect-A /security #

FabricInterconnect-A /security # show authentication

Console authentication: Local

Default authentication: Local

Role Policy For Remote Users: Assign Default Role

Set the default authentication method to RADIUS for remote connections (SSH, Telnet, HTTP, HTTPS):

FabricInterconnect-A /security # set authentication default radius

FabricInterconnect-A /security* #commit-buffer

To verify after the change has been made:

FabricInterconnect-A /security # show authentication

Console authentication: Local

Default authentication: Radius

Role Policy For Remote Users: Assign Default Role

Backup Configuration

A UCS configuration backup takes a snapshot of all or part of the system configuration and exports the backup file to a location on your network. The backup can be performed while the system is up and running. The backup operation only saves information from the management plane. It does not have any impact on the server or network traffic.

Configuration using UCS Manager GUI

To create a backup operation through the UCS Manager GUI:

Select the Admin tab in the Navigation Pane
Select the All object
In the Work Pane, under Actions, click Backup

In the Backup dialog box, under Actions, click Create Backup Operation
Set the Admin State to enabled
Enter the Protocol, Hostname, Remote File, User, and Password information

Click OK

Click OK

Configuration using UCS Manager CLI

To create a backup operation through the UCS Manager CLI:

cae-ucs-rtp-B# scope system

cae-ucs-rtp-B /system # create backup sftp://admin@backup.cisco.com///admin@backup.cisco.com/ all-configuration enabled

cae-ucs-rtp-B /system/backup* # set remote-file MyUCSBackup

cae-ucs-rtp-B /system/backup* # set password

Password:

cae-ucs-rtp-B /system/backup* # commit-buffer

To verify after the change has been made:

cae-ucs-rtp-B /system/backup # show

Backup:

Hostname Type User Protocol Administrative State Description

---------- --------------------- ---------- -------- -------------------- -----------

backup.cisco.com

All Configuration admin Sftp Enabled

cae-ucs-rtp-B /system/backup #

Install an Operating System on a Blade

Installing an operating system is the last step in the initial configuration of UCS. This step is not covered in this document, but great detail on this topic can be found in the following in the chapter entitled “Installing an OS on a Server” within the Cisco UCS Manager GUI Configuration Guide, Release 1.x on CCO.