Exploring Cisco UCS Manager

Discussion:
This lab allows you to explore the various functionality of UCS Manager. You will explore all
of the physical components of UCS and examine the logical hierarchy used for configuring
servers in UCS.

This lab write-up does not include actual configuration, booting, or installation of a server.
Those topics are the subject of the subsequent self-paced lab in this series.

If you have extra time and want to explore server configuration on your own, please use only the
physical blade servers assigned to the server pool for your pod. You will view the contents of
that pool as part of this lab exercise, so that you will know what we are talking about.

Lab Topology

The following diagram is also presented in the web browser that you are using to access the lab:

1
 You will have the ability to view the entire configuration of the UCS, including shared fabric
interconnects, chassis, and blade servers that are both dedicated to your pod as well as all others.

You will not have direct access to any of the shared northbound infrastructure (N7K’s, MDS
switches, and EMC Clariion storage arrays). They are used in the subsequent labs, where the
servers that you configure will have access to SAN storage and to the Internet via the northbound
network configuration.

Accessing the Lab

Identify your pod number. This is a one-digit or two-digit number as shown. Later in this lab
this pod number is referred to as X (always in italics. Please do not literally substitute an X that
would be what is referred to as an “I, state your name” problem.)

Connect to the remote student desktop. You will be doing all of your work on this remote
desktop. In order to connect, left click on the Student Desktop icon on your lab web page and
select “RDP Client”, as shown:

Left-
click
here

2
An RDP configuration file is downloaded. Open it using your native RDP client (on Windows
clients you can just select “Open with” on the download dialogue, and you should not even have
to browse for an application.)

Remote Desktop User: administrator

Remote Desktop Password: C!sc0123

Do all your work on the remote desktop. The following are the UCS Manager addresses that you
will be accessing. Almost all work is usually done with the first (primary) address listed, which
connects you to whichever UCS fabric-interconnect happens to have the primary management
role.

Device Access Username Password

UCS1 10.2.8.4 USER-UCS-X C1sco1234

(primary
address)

UCS1-A 10.2.8.2 USER-UCS-X C1sco1234

UCS1-B 10.2.8.3 USER-UCS-X C1sco1234

3
Task 1: Access the UCS Manager GUI and Explore the General
Topology of UCS and of a Chassis
1. Access the student remote desktop using the access information in the previous section
(run the rest of the lab in the remote desktop; you will not be able to access the 10.2.X.X
addresses directly from your own local desktop)

2. Access the UCS Manager GUI launcher web-page by navigating to the primary UCS
address listed in the table above (10.2.8.4):

3. Click the Launch UCS Manager button to launch the GUI.

4. Log in using the credentials listed in the table in the previous section. Remember X
refers to the pod number (1 or 2 digits) you see on the labops web page. Use your own X,
not the “25” shown in the example:

4
5. On the GUI, the left pane is called the navigation pane (nav pane), and the right pane is
called the content pane. Select the Equipment tab in the nav pane if it is not selected
already, and select the Main Topology View in the content pane:

6. Note that the above picture presents a “rough topology” of the fabric interconnects and
the chassis. The lines between the fabric interconnect and chassis are not intended to
accurately point to any specific ports on the fabric interconnect.

7. In your mind, pick your favorite (any) chassis that you see. For that chassis, navigate on
the nav pane to that chassis, and then select the Hybrid Display tab in the content pane.
Note that the following example shows chassis 2, but you can try it for any chassis or try
a variety of chassis:

5
8. Note in this picture the IO modules (in the middle) are drawn as floating above the
chassis. These are actually the IO modules inserted in the chassis. The eight ports on the
bottom of each IO modules (indicated by red rectangles) above represent the midplane
connections to the blade adapters (so the lines going down from there are midplane
traces, not visible cables.

Note the ports connected to your chassis on the fabric interconnect do represent actual
physical port positions (indicated by the red arrows on fabric interconnect A above).

Can you figure out which fabric interconnect ports are connected to your chassis? Count
ports from left, with odds on top and evens on the bottom.

6
9. Open up the view of your chassis and IO Modules, as in the picture. Highlight (click on)
the work Fabric Ports for an IO module to confirm how the chassis are connected to
fabric interconnects. They should match what you observed in step 8. Note you need to
fiddle with the column sizes in the content pane to see the port numbers as demonstrated
by the red ovals. The “slot 1” listed just refers all the built-in ports on a fabric
interconnect. You may need to play with column widths in the content pane.

10. Examine the backplane ports on the same chassis. These are the midplane connections to
the blade server adapter slots. A “link-down” most likely means that the particular blade
in question is powered down:

Does every backplane port always connect to a different blade server?

(Answer: an odd/even pair of ports would connect to the same blade server if it
were a full-width blade).

7
Task 2: Explore Blade Server Equipment
1. Open up the “Servers” within your chassis (any chassis) and highlight (any) one of the
blade servers. Select (if it is not already), the General tab on the content pane. Note the
server location within the chassis, the product name and part ID, as indicated by the red
ovals. The example shows a half width-blade. Note that a full-width blade would always
be in an odd-numbered slot, and the next even-numbered server will not exist:

2. In the content pane, lock on the Inventory tab for the same server:
3. Answer the following questions by clicking on the inventory sub-tabs for your server:
a. Motherboard:
i. What is the BIOS firmware revision level?

ii. Under Bios Settings à Advanced à Processor: Is hyperthreading

enabled?

b. CIMC:
i. What is the management IP address for this blade? (this is an address that
can be used for some external management features for this particular
blade server. It is retrieved from a pool we will look at later in the lab).

8
 ii. What is the firmware revision level (running) of the CIMC? Note that the
backup firmware is an alternate copy of the firmware that can be used for
upgrades. It may be at the same, higher, or lower revision.

c. CPU
i. How many physical cpu modules (sockets) are there?

ii. What are the model numbers

iii. What is the number of cores per CPU and the total number of cores?

iv. What is the total number of threads (this is the number of virtual CPU’s
that will be seen by an OS installed on the blade server).

d. Memory
i. How many memory slots are populated? (If a slot as a red X and an
“unspecified” capacity it is not populated).

ii. What are the DIMM sizes?

iii. What is the total amount of RAM?

iv. Don't you love the picture underneath that shows exactly where your RAM
is?

e. Adapters (formerly known as "interface cards")

i. How many cards are there are and what are the models?

f. Storage
i. How many physical local hard disks are there? What are the sizes?

9
Task 3: Explore Blade Server Adapters
1. Open up the tree for all the interface card information for any server, and highlight the
Adapter 1 as shown:

2. Examine the card type. The example shows the Cisco UCS Virtual Interface Card. Note
the running firmware revision of the card.

3. Highlight and examine the DCE Interfaces for the card, as shown. Note that these
represent the physical interface from the card to the midplane connections back to the IO
module backplane ports. There will always be precisely two. These MAC addresses are
used for internal management of the card but are not visible to an OS running on the
blade server:

10
 4. Examine the HBAs (fibre channel HBAs) and NICs. If any exist, these are interfaces
that are visible to an OS running on the blade:
Note: the Cisco Virtual Interface card only has any HBAs or NICs when the
physical blade server is associated with a service profile. A card on a physical
blade that is not associated does not have any interfaces visible to the server
BIOS.

If you were looking at a non-virtualized interface card, such as M71KR Q-logic

CNA, you would see HBAs and NICs regardless of whether the blade server were
associated with a service profile. There would be physical MAC addresses and
World Wide Names that would likely be overridden once the blade server were
associated with a service profile.

Task 4: Examine Fabric Interconnects and their Ports

1. Highlight the fabric interconnects as shown. Which fabric interconnect is primary? Note
that the primary refers to the management role only. In terms of data connectivity, the
two fabric interconnects always represent a “live-live” configuration:

2. Examine the Fixed Module Ethernet ports of fabric interconnect A, as shown:

11
In the If Role column, Server ports connect from the fabric interconnect to the IO
module on the chassis, or starting in UCS 1.4, to individual rack-mounted (C-series)
servers and to fexes connected to management ports of rack-mount servers.

Network ports connect “northbound” outside of UCS to the rest of the data center.

Highlight an individual Server port in the table on the right. Right Click  Show
Navigator to see the physical port location and status.

Can you see what individual server ports are actually connected to?

(Answer: Doesn’t seem so, from this point of view. Earlier you looked at the IO
module fabric ports, and from that point of view could see which server ports they
connected to.)

12
Task 5: Examine LAN and SAN Tab Information
1. Navigate to the LAN tab on the nav pane, and examine port channels as shown.

These are “northbound” “uplink” port channels.

Port channels aggregate switch ports into a single logical port.

Port channels are optional but are typically used in the best-practice scenario.

Port channels are configured on each fabric interconnect independently.

From a single fabric interconnect, a single port channel may connect to a pair of
northbound devices in a “virtual port channel” (vPC) configuration. This is completely
transparent to the UCS. In this example, ports 19 and 20 on Fab. A happen to be
connected to a pair of N5K in a VPC, but there is no way to tell here that that is so:

13
2. Examine VLAN’s

Note it is possible to have separate VLAN’s on the separate fabric interconnects, but that
would be somewhat “missing the point” of the UCS network connectivity. Instead,
VLAN’s are almost always configured on the entire UCS (both fabric interconnects) as
shown, so that data connections can fail over or be load-balanced from A to B and vice
versa:

Typically no A
or B-specific
VLAN’s

Bunch o’ UCS-
wide VLAN’s

14
3. Highlight a specific VLAN in the nav pane on the left.. The "Sharing Type" feature
allows you to configure PVLANs (private VLANs). "Sharing Type: none" indicates a
traditional non-private VLAN.

Referring to a UCS VLAN by name is a concept that allows you to reconfigure a lot of
connectivity very quickly. You may have 100 server configurations within UCS that
refer to VLAN “ServerData" You could delete the name of the VLAN and add it back
with a different number but preserve all the references.

15
4. Move to the SAN tab in the nav pane, and open up the VSAN views underneath each
fabric interconnect as shown.

Note that typically VSAN’s are typically defined on a specific fabric interconnect. The
exception is the default VSAN 1 which is required to be configured on both fabric
interconnects:

16
5. Highlight one of the defined VSAN’s as shown.

VSAN’s have a UCS-defined name, which allow the same flexibility as named VLAN’s

VSAN’s run over a (typically dedicated) FCOE VLAN (circled). Starting in release 2.1,
UCS can communicate via FCOE to a northbound FCOE switch. If you do this then the
FCOE VLAN will have to be in agreement with a northbound switch.

6. Go back to the Equipment tab and highlight one of the fibre channel uplink ports, as
shown. Note that uplinks are members of a particular VSAN (that must have been
defined on the SAN tab on the appropriate fabric interconnect):

17
Task 6: Admin Tab Information
1. Examine the Management Interfaces on the Admin tab, as shown. If you had the full
administrative privileges you could change the management IP’s of each fabric
interconnect and the cluster IP address.

Remember that the cluster IP address is a “floating” IP address that takes you to
whichever fabric interconnect happens to be the management primary.

18
2. Still on the Admin tab, open up the User Services -> Roles and highlight the student
pod role as shown.

This is the role that has been assigned to your student login.

Scroll through the privileges as shown. You can imagine now why many actions on the
Equipment, LAN, and SAN tabs have been grayed out for your student login.

You will see that you will be able to do certain logical server configurations, but only on
a specific sub-tree of the logical configuration.

19
3. Now, highlight your own user name under User Services->Locally Authenticated
Users, as shown:

Note that your role (student-pod) had configuration privileges only over a single locale.

A locale is a collection of organizations.

4. Open up User Services -> Locales, highlight your locale and verify that it contains only
one organization.

20
Task 7: Management IP Pool

As server blades are discovered, they get an external management IP from this pool.
Starting in 1.4, pooled management IP’s can also be used by service profiles. The
external management IP for a server is used for KVM and other external management
functionality (IPMI, Serial-over-LAN) that is server-specific.

On the LAN tab, navigate to

Pools  root  IP Pools  IP Pool ext-mgmt as shown:

Can you see which management IP’s have been assigned to servers? Which servers?

21
Task 8: Examine Logical Server (Service Profile) Configuration
1. Navigate to the Server tab on the nav. pane.

Note this entire tab really refers to logical server configurations:

 Service profiles
 Templates
 Policies
 Server Pools

The logical configuration is organized in an organization tree. This is just for the
purpose of restricting logical configuration privileges to a part of the tree.

Note as in the example below (navigate around freely J) that the configured
organizations are listed in each section of this tab. Here, for example, we see the same
organizations under Service Profiles and Templates.

This presentation is really a little backwards (organizations contain service profiles,

templates, policies, and pools, not the other way around). There is only one organization
named ORG-UCS-X.

22
2. Right click on the name of your own organization ORG-UCS-X, where X is your
particular pod number. It doesn’t matter which “label copy” you click.

Note that you have a full range of privileges to create all sorts of objects under this
organization.

3. Now right click on the name of some other organization that is not your own. Notice that
you only have read privileges over this organization.

4. Examine the server pool assigned within your organization. This is near the bottom of the
Server tab, as shown:

There should be two servers in a pool within your organization.

Note that server pools are “advisory” (if your server inside the pool says it is not
assigned, as in this example, it can still be used by administrators of any organization).

If you have extra time at the end of this lab and want to do any experimentation with
physical servers, please use only the servers in your own pool.

23
5. Create the following organization sub-hierarchy beneath your organization. Note that
you have privileges over your organization and any other sub-organization within it:

Hint: to create a sub-organization, highlight the parent organization of which you want
your new organization to be a direct child, and right click.

6. Note that the greatest part of your time configuring servers using the UCS Manager GUI
will be spent on the logical configuration on this tab. You will become “at one” with all
of the functionality here on all of the subsequent labs in this series.

24