0% found this document useful (0 votes)
205 views19 pages

ECS - ECS Miscellaneous How To Service Procedures-Access ECS UI Using Back-End Private Network

Uploaded by

ali2k2sec
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
205 views19 pages

ECS - ECS Miscellaneous How To Service Procedures-Access ECS UI Using Back-End Private Network

Uploaded by

ali2k2sec
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

ECS ™ Procedure Generator

Solution for Validating your engagement

Access ECS UI Using Back-End Private Network

Topic
ECS Miscellaneous 'How To' Service Procedures
Selections
Choose Activity: Access ECS UI Using Back-End Private Network

Generated: July 7, 2022 3:23 PM GMT

REPORT PROBLEMS

If you find any errors in this procedure or have comments regarding this application, send email to
[email protected]

Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. Dell Technologies, Dell, EMC, Dell
EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be
trademarks of their respective owners.

The information in this publication is provided “as is.” Dell Inc. makes no representations or warranties of
any kind with respect to the information in this publication, and specifically disclaims implied warranties of
merchantability or fitness for a particular purpose.

Use, copying, and distribution of any software described in this publication requires an applicable
software license.

This document may contain certain words that are not consistent with Dell's current language guidelines.
Dell plans to update the document over subsequent future releases to revise these words accordingly.

This document may contain language from third party content that is not under Dell's control and is not
consistent with Dell's current guidelines for Dell's own content. When such third party content is updated
by the relevant third parties, this document will be revised accordingly.

Publication Date: July, 2022

Dell Technologies Confidential Information version: 2.3.6.91

Page 1 of 19
Contents
Preliminary Activity Tasks .......................................................................................................3
Read, understand, and perform these tasks.................................................................................................3

Access ECS UI........................................................................................................................5

Dell Technologies Confidential Information version: 2.3.6.91

Page 2 of 19
Preliminary Activity Tasks
This section may contain tasks that you must complete before performing this procedure.

Read, understand, and perform these tasks


1. Table 1 lists tasks, cautions, warnings, notes, and/or knowledgebase (KB) solutions that you need to
be aware of before performing this activity. Read, understand, and when necessary perform any
tasks contained in this table and any tasks contained in any associated knowledgebase solution.

Table 1 List of cautions, warnings, notes, and/or KB solutions related to this activity

2. This is a link to the top trending service topics. These topics may or not be related to this activity.
This is merely a proactive attempt to make you aware of any KB articles that may be associated with
this product.

Note: There may not be any top trending service topics for this product at any given time.

ECS Top Service Topics

Dell Technologies Confidential Information version: 2.3.6.91

Page 3 of 19
Dell Technologies Confidential Information version: 2.3.6.91

Page 4 of 19
Access ECS UI

Note: The next section is an existing PDF document that is inserted into this procedure. You may see
two sets of page numbers because the existing PDF has its own page numbering. Page x of y on the
bottom will be the page number of the entire procedure.

Dell Technologies Confidential Information version: 2.3.6.91

Page 5 of 19
Access ECS UI Using Back-End, Private
Network
Starting from ECS 3.5

Nov 2020
Rev. 1.0

Page 6 of 19
Contents

Figures..........................................................................................................................................3

Tables........................................................................................................................................... 4

Chapter 1: Access ECS UI Using Back-End, Private Network......................................................... 6


Connect the service laptop to the ECS Gen2 Series appliance............................................................................... 6
Connect a service laptop to U or D series rack......................................................................................................6
Connect the service laptop to the ECS Gen3 EX Series appliance.........................................................................7
Install or Upgrade Service Console................................................................................................................................. 9
Generate the Cluster.ini file.............................................................................................................................................. 9
Use ECS Service Console to enable ECS UI access ................................................................................................. 11
Use ECS Service Console to disable ECS UI access................................................................................................. 12

2 Contents

Page 7 of 19
Figures

1 Locate port 24 on the private 1 GbE switch........................................................................................................7

Figures 3

Page 8 of 19
Tables

1 Fox Switch................................................................................................................................................................... 8

4 Tables

Page 9 of 19
Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid
the problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

© 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other
trademarks may be trademarks of their respective owners.

Page 10 of 19
1
Access ECS UI Using Back-End, Private
Network
This procedure is intended for Dell EMC Service Personnel who are assisting customers on an ECS appliance in a single or
multirack VDC, as they:
● Deploy SSD cache disks
● Replace SSD cache disks
● Replace HDD or NVMe data disks
This procedure supports access to the ECS UI using a back-end, private network on ECS Gen2 or Gen3 EX Series.
For Gen2, go to Connect the service laptop to the ECS Gen2 Series appliance on page 6.
For Gen3 EX Series, go to Connect the service laptop to the ECS Gen3 EX Series appliance on page 7.
Topics:
• Connect the service laptop to the ECS Gen2 Series appliance
• Connect the service laptop to the ECS Gen3 EX Series appliance
• Install or Upgrade Service Console
• Generate the Cluster.ini file
• Use ECS Service Console to enable ECS UI access
• Use ECS Service Console to disable ECS UI access

Connect the service laptop to the ECS Gen2 Series


appliance
Access an ECS Gen2 U or D series rack using the 192.168.219.x network from a laptop.

Connect a service laptop to U or D series rack


Access the ECS rack using the private (192.168.219.xxx) network from a laptop.

Prerequisites
● Access to private network IP addresses (192.168.219.1 to 24 and 192.168.219.101 to 124) are limited to the nodes connected
in the rack to the 1 GbE management switch.
● Private.4 (NAN) network IP addresses (169.254.x.x) of all nodes in all racks in the ECS VDC are accessible from any node.
Access is obtained once you SSH in to a node using a private IP address (192.168.219.x).
● If security lock down is not enabled, access to public network IP addresses for all ECS racks is available once you SSH in to
one of the ECS nodes.

Steps
1. If cabinet contains a service shelf, open the shelf and connect the network cable (red) to the service laptop.
2. From the rear of the rack, locate the 1 GbE private switch network ports by opening the rear door.
3. On the 1 GbE (turtle) switch, attach a network cable from the laptop to port 24 on the switch.
If port 24 is occupied, then disconnect port 50 network cable (white) temporarily and attach the network cable from the
service laptop.

6 Access ECS UI Using Back-End, Private Network

Page 11 of 19
Figure 1. Locate port 24 on the private 1 GbE switch

4. Set the network interface on the laptop to the static address 192.168.219.99, subnet mask 255.255.255.0, with no gateway
required.
5. Verify that the temporary network between the laptop and rack's private management network is functioning by using the
ping command.
NOTE: If 192.168.219.1 does not answer, try 192.168.219.2. If neither responds, verify the laptop IP/subnet mask,
network connection, and switch port connection. If the service laptop is connected to Dell's VPN, ping to 192.168.219.x
may not return a response.

C:\>ping 192.168.219.1
Pinging 192.168.219.1 with 32 bytes of data:
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.219.1:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

6. Establish an SSH session into 192.168.219.1 using any SSH tool such as PuTTY. Default credentials are admin/ChangeMe
#ssh 192.168.219.1

Results
You have established a connection to the installer node and can go ahead with the procedure.

Connect the service laptop to the ECS Gen3 EX Series


appliance
Access an ECS EX-Series rack using the 192.168.219.x network from a laptop.

Prerequisites
Before you begin

Access ECS UI Using Back-End, Private Network 7

Page 12 of 19
● Access to private network IP addresses (192.168.219.1 to 16 and 192.168.219.101 to 116) are limited to the nodes connected in
the rack backend 1/10/25GbE fox management switch.
● Private.4 (NAN) network IP addresses (169.254.x.x) of all nodes in all racks in the ECS Virtual Data Center (VDC) are
accessible from any node in the ECS VDC once you SSH in to a node using a private IP address (192.168.219.x).
● Access to public network IP addresses for all ECS racks are available once you SSH to one of the ECS nodes if security lock
down is not enabled.

About this task


Procedure
Connect your service laptop to the VDC

Option Description
If the cabinet contains a service shelf with a red network Open the service shelf and connect the red network cable to
cable... the service laptop. The red cable connects to port 34 on the
fox switch. The fox switch is the bottom back-end switch in a
dual switch configuration.
If the cabinet does not contain a service shelf with a red From the rear of the rack, connect directly to either port 34
network cable... or 36 on the fox switch, whichever port contains a 1GB SFP.
If you want to connect a service laptop to the rear of the Locate port 36 on the fox switch. The fox switch is the
rack... bottom back-end switch in a dual switch configuration.Port 36
will have a 1GB SFP that you can connect your service laptop
to with a Cat6 cable.

Table 1. Fox Switch


1 - Port 34 for service tray connection
2 - Port 36 for connection from rear

1. Set the network interface on the laptop to the static address 192.168.219.99, subnet mask 255.255.255.0, with no gateway
required.
2. Verify that the temporary network between the laptop and rack's private management network is functioning by using the
ping command.
NOTE: If 192.168.219.1 does not answer, try 192.168.219.2. If neither responds, verify the laptop IP/subnet mask,
network connection, and switch port connection. If the service laptop is connected to Dell's VPN, ping to 192.168.219.x
does not return a response.

C:\>ping 192.168.219.1
Pinging 192.168.219.1 with 32 bytes of data:
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Reply from 192.168.219.1: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.219.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

8 Access ECS UI Using Back-End, Private Network

Page 13 of 19
Install or Upgrade Service Console
Upgrade to the latest version of Service Console. The Service Console file name is service-console-4.5.0.0-
<build_number>.tgz.

Steps
1. Obtain the ECS Service Console installer .tgz file.
a. Browse to Online Support.
b. Click DRIVERS & DOWNLOADS.
c. Select Product Tool in the Category field.
d. Download the Service Console package.
NOTE: You can install this Service Console package in both encryption-enabled and nonencryption environments.

2. Open a secure shell (SSH) connection with the installer node, which is the first node in the first rack at the site. Based on
network that is connected use the private (192.168.219.1) or the public IP address of that node.
Username: admin
Password: ChangeMe

3. Check to see if the /tmp/service_console directory exists.


● If the directory exists, remove old files from the directory by running the following command:
# [ -d /tmp/service_console ] && rm -fr /tmp/service_console/*

● If the directory does not exist, create it by running the following command:
# mkdir /tmp/service_console

4. Change to the Service Console directory by running the following command:


# cd /tmp/service_console
5. Copy the Service Console installer .tgz file from the download directory to the /tmp/service_console directory using a
secure copy tool, such as pscp.exe.
For example, you would type a command similar to the following:

# pscp service-console.tgz admin@<ip_address>:/tmp/service_console/service-console-


<service_console_version><service_console_build_number>.tgz

6. Extract the Service Console package by running the following command:

# tar -xf service-console-<service_console_version><service_console_build_number>.tgz

7. Upgrade Service Console by running the following command:


# ./service-console upgrade
If Service Console is not installed, ECS installs it when you run this upgrade command.

Generate the Cluster.ini file


Generate the cluster.ini file on the installer node of Rack 1 of the VDC.

Prerequisites
This procedure will generate a cluster.ini file which will contain all VDC rack node IP information required for Service
Console utility.

Access ECS UI Using Back-End, Private Network 9

Page 14 of 19
Steps
1. On the installer node of Rack 1 of the VDC, run the following command to generate the cluster.ini file:

# service-console run Cluster_Config

The generated cluster.ini file is located on the installer node at /opt/emc/config/local/cluster.ini and
includes all rack and node information in the VDC.
2. Verify that the cluster.ini file does not contain any WARNING entries by running the following command:

# cat /opt/emc/config/local/cluster.ini

CAUTION: If there are WARNING entries, contact for assistance.

WARNING errors will display similar to the following:

######
# This file was automatically generated by the Service Console.
# Please verify that it reflects the actual cluster topology.
# Credentials (BMC, Mgmt API, etc) should be set in separate files.
# Use file group_vars/datanodes to set cluster-wide variables.
# Use file host_vars/HOST_IP to set node-specific variables.
######

[datanodes:children]
vdc_1

[vdc_1:children]
red

[red:vars]
rack_id=1
rack_name=red
rack_psnt=PSNT
rack_dns_server=8.8.8.8
rack_dns_search=ecs.test.com,test.com
rack_ntp_server=9.9.9.9,10.10.10.10
rack_ns_switch=files,mdns4_minimal,[NOTFOUND=return],dns,mdns4
sc_collected=True

[red:children]
node_169_254_1_1 # Installer / SC node
node_169_254_1_2
node_169_254_1_3
node_169_254_1_5

[node_169_254_1_1]
169.254.1.1

[node_169_254_1_1:vars]
bmc_ip=192.168.219.101
public_ip=10.10.200.50
public_fqdn=provo-red.ecs.test.com
public_subnet=255.255.255.0
public_gateway=10.10.200.1
public_vlan=None
public_interface=None
.
.
.
[node_169_254_1_5]
169.254.1.5

[node_169_254_1_5:vars]
bmc_ip=192.168.219.105
public_ip=10.10.200.66
public_layton-red.ecs.test.com
public_subnet=255.255.255.0
public_gateway=10.10.200.1

10 Access ECS UI Using Back-End, Private Network

Page 15 of 19
public_vlan=None
public_interface=None

#
# WARNING: The Service Console failed to find
# the corresponding rack(s) for nodes
# in the [vdc_1_unknown] section.
# Edit the cluster.ini file and map
# these nodes to rack(s) manually.
#
[vdc_1_unknown]
169.254.1.4

Use ECS Service Console to enable ECS UI access


The service-console run Enable_UI_Access command allows you to connect to the ECS UI using the ECS appliance
private network.

Prerequisites
Ensure that you enable access to the ECS UI portal using the backend private network on the rack before connecting to
https://192.168.219.254 in a browser.

Steps
1. From the ECS Service Console, run the following command to enable 192.168.219.254:443:
# service-console run Enable_UI_Access
Output such as the following appears:

Service console version: 4.5.0.0-20473.1283eada8


Debug log: /opt/emc/caspian/service-console/log/
20200224_201308_run_Enable_UI_Access/dbg_robot.log
================================================================================
Enable UI Access
20200224 20:13:21.804: Validate ECS UI availability
Private IP/Port 192.168.219.254:443 is disabled on installer rack 1
20200224 20:13:22.235: | PASS
20200224 20:13:22.244: Validate ssh config file
20200224 20:13:24.088: | PASS (1 sec)
20200224 20:13:24.090: Enable BE ECS UI availability
Private IP/Port 192.168.219.254:443 is enabled on installer rack 1
20200224 20:14:45.835: | PASS (1 min 21 sec)
================================================================================
Status: PASS
Time Elapsed: 1 min 40 sec
Debug log: /opt/emc/caspian/service-console/log/
20200224_201308_run_Enable_UI_Access/dbg_robot.log
HTML log: /opt/emc/caspian/service-console/log/20200224_201308_run_Enable_UI_Access/
log.html
===============================================================================

2. Verify that the backend 192.168.219.254:443 is open. Run the following command:
# service-console run Health_Check --specific-check "Validate BE ECS UI availability"
3. Look for "Private IP port 192.168.219.254:443 is enabled on installer rack 1" in the command output:

Service console version: 4.5.0.0-20473.1283eada8


Debug log: /opt/emc/caspian/service-console/log/20200224_204749_run_Health_Check/
dbg_robot.log
================================================================================
Health Check
20200224 20:48:03.685: Execute Specific Health Checks
20200224 20:48:03.691: | Validate BE ECS UI availability
20200224 20:48:12.373: | | FAIL (8 sec)
[WARN] 'Validate BE ECS UI availability' failed: WARNING: Private IP/Port

Access ECS UI Using Back-End, Private Network 11

Page 16 of 19
192.168.219.254:443 is enabled on installer rack 1. Please use 'service-console run
Disable_UI_Access' to disable it.
20200224 20:48:12.374: | PASS (8 sec)
================================================================================
Status: PASS
Time Elapsed: 26 sec
Debug log: /opt/emc/caspian/service-console/log/20200224_204749_run_Health_Check/
dbg_robot.log
HTML log: /opt/emc/caspian/service-console/log/20200224_204749_run_Health_Check/
log.html
================================================================================

4. Open a browser, and connect to the ECS UI using https://192.168.219.254.


The default ECS UI Service log-in credentials are:
Username: emcservice
Password: ChangeMe
If the default ECS UI Service credentials are disabled, use the customer-provided ECS UI Service user credentials.

Next steps
Go to SSD deployment or SSD or HDD replacement procedure as required.

Use ECS Service Console to disable ECS UI access


The service-console run Disable_UI_Access command disables access to the ECS UI from the ECS appliance using
a private network. Disable private network access to the ECS UI portal using this command once you complete service
engagement activity.

Prerequisites
Ensure that all SSD deployment or SSD or HDD replacement procedures are completed as required.

Steps
1. Logout of the ECS UI and close the browser to https://192.168.219.254.
2. From the ECS Service Console, run the following command to disable 192.168.219.254:443.
# service-console run Disable_UI_Access
Output such as the following appears:

Service console version: 4.5.0.0-20473.1283eada8


Debug log: /opt/emc/caspian/service-console/log/
20200224_205710_run_Disable_UI_Access/dbg_robot.log
================================================================================
Disable UI Access
20200224 20:57:23.216: Disable BE ECS UI availability
Private IP/Port 192.168.219.254:443 is disabled on installer rack 1
20200224 20:57:24.604: | PASS (1 sec)
================================================================================
Status: PASS
Time Elapsed: 17 sec
Debug log: /opt/emc/caspian/service-console/log/
20200224_205710_run_Disable_UI_Access/dbg_robot.log
HTML log: /opt/emc/caspian/service-console/log/
20200224_205710_run_Disable_UI_Access/log.html
================================================================================

3. Verify that the backend 192.168.219.254:443 is closed. Run the following command:
# service-console run Health_Check --specific-check "Validate BE ECS UI availability"

12 Access ECS UI Using Back-End, Private Network

Page 17 of 19
4. Look for "Private IP Port 192.168.219.254:443 is disabled on installer rack 1" in the command output, which shows that ECS
UI access is disabled.

Service console version: 4.5.0.0-20473.1283eada8


Debug log: /opt/emc/caspian/service-console/log/20200224_205807_run_Health_Check/
dbg_robot.log
================================================================================
Health Check
20200224 20:58:20.052: Execute Specific Health Checks
20200224 20:58:20.058: | Validate BE ECS UI availability
Private IP/Port 192.168.219.254:443 is disabled on installer rack 1
20200224 20:58:28.578: | | PASS (8 sec)
20200224 20:58:28.579: | PASS (8 sec)
================================================================================
Status: PASS
Time Elapsed: 24 sec
Debug log: /opt/emc/caspian/service-console/log/20200224_205807_run_Health_Check/
dbg_robot.log
HTML log: /opt/emc/caspian/service-console/log/20200224_205807_run_Health_Check/
log.html
================================================================================

5. Exit any browsers that may remain open, close ssh session, and physically disconnect the laptop.

Access ECS UI Using Back-End, Private Network 13

Page 18 of 19
Dell Technologies Confidential Information version: 2.3.6.91

Page 19 of 19

You might also like