Platform-specific documentation/Dell PowerEdge RN20 Gen8
- Lights Out Manager: Dell iDRAC7
- We always purchase the enterprise version and license, allowing for a dedicated network port, rather than using the ports on the primary Ethernet interfaces.
- Model(s): Dell Poweredge RN20 series servers
- Dell PowerEdge R320
- Dell PowerEdge R420
- Dell PowerEdge R620
- Dell PowerEdge R720
- Dell PowerEdge R730xd
Lights Out Management
The iDRAC/7 is very similar to iDRAC/6. The initial command line prompt is identical:
racadm getsel racadm lclog view
Reboot and boot from network then console
racadm config -g cfgServerInfo -o cfgServerBootOnce 1 racadm config -g cfgServerInfo -o cfgServerFirstBootDevice PXE racadm serveraction powercycle console com2
on newer systems (DRAC 7 or later)
racadm set iDRAC.serverboot.BootOnce Enabled racadm set iDRAC.serverboot.FirstBootDevice PXE racadm serveraction powercycle console com2
Note: If having trouble with PXE boots, try Ctrl+S to enter the card-level setup for Broadcom (if applicable), and set the boot protocol to PXE instead of NONE inside the card settings. This worked for some new 10G cards in R620's (BCM578xx).
Reboot and boot into BIOS then console
racadm config -g cfgServerInfo -o cfgServerBootOnce 1 racadm config -g cfgServerInfo -o cfgServerFirstBootDevice BIOS racadm serveraction powercycle console com2
Connecting to mgmt interface
- Via SSH
- ssh email@example.com
- Example: ssh firstname.lastname@example.org
- Via Browser
- Sometimes userful in troubleshooting, but you must have set up some kind of http(s) proxy into the mgmt network, demonstrated here
- Please note you will have to override an unknown (self signed) certificate, you won't want to save it permanently, as a few of these saved tends to result in errors connecting to other Dell DRAC interfaces via HTTPS.
Connecting to Serial Console
- Attach to the serial console: console com2
- Detach from serial console: ctrl+\
- Console Redirection Key Mappings:
Use the <ESC><0> key sequence for <F10> Use the <ESC><!> key sequence for <F11> Use the <ESC><@> key sequence for <F12> Use the <ESC><Ctrl><M> key sequence for <Ctrl><M> Use the <ESC><Ctrl><H> key sequence for <Ctrl><H> Use the <ESC><Ctrl><I> key sequence for <Ctrl><I> Use the <ESC><Ctrl><J> key sequence for <Ctrl><J> Use the <ESC><X><X> key sequence for <Alt><x>, where x is any letter key, and X is the upper case of that key Use the <ESC><R><ESC><r><ESC><R> key sequence for <Ctrl><Alt><Del>
If you get locked out of the console or the console shows garbage but serial settings are correct, you can reset racadm:
This can happen if your network connection dies while you are logged into a console session.
Log in with SSH on the mgmt interface:
racadm serveraction action
- Where action is one of the following:
- powerdown - power server off
- powerup - power server on
- powercycle - perform server power cycle
- hardreset - force hard server power reset
- powerstatus - display current power status of server
- Alternatively, use the SM CLP shell, after logging in, use the following commands:
reset /system1 stop /system1 start /system1
Polling for MAC Address
- SSH into iDRAC interface.
- Info command:
- The MAC address is usually the first NIC listed:
/admin1-> racadm getsysinfo ... Embedded NIC MAC Addresses: NIC1 Ethernet = 78:2b:cb:08:a1:68 iSCSI = 00:00:00:00:00:00 NIC2 Ethernet = 78:2b:cb:08:a1:69 iSCSI = 00:00:00:00:00:00 NIC3 Ethernet = N/A iSCSI = N/A NIC4 Ethernet = N/A iSCSI = N/A
Changing iDRAC User Password
- SSH into iDRAC interface.
- Change command:
racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 <newpassword>
iDRAC SSH Key Based Authentication
- This is not yet standard on all hosts. RobH is working on it, and merely listing the commands here for posterity.
- On Dell systems, the root user is userid # 2. (#1 is given to the disabled anon access user.)
- We only assign a single ssh key per user, though up to 4 can be assigned.
- SSH into iDRAC interface.
- List all keys assigned to a user
- Specific key:
racadm sshpkauth -i <2 to 16> -v -k <1 to 4>
- All keys:
racadm sshpkauth -i <2 to 16> -v -k all
- List root user keys:
racadm sshpkauth -i 2 -v -k all
- Add key:
racadm sshpkauth -i <2 to 16> -k <1 to 4> -t <key-text>
- Add key to slot one for root user:
racadm sshpkauth -i 2 -k 1 -t "contents of the public key file line"
- Delete key:
- Specific Key:
racadm sshpkauth -i <2 to 16> -d -k <1 to 4>
- All Keys:
racadm sshpkauth -i <2 to 16> -d -k all
- Delete all root user keys:
racadm sshpkauth -i 2 -d -k all
Changing the iDRAC Network IP Settings
racadm setniccfg -s <ipaddres> <subnetmask> <gateway>
Enable / Disable IPMI over DRAC
racadm config -g cfgIpmiLan -o cfgIpmiLanEnable <0 or 1>
- 0 is off, 1 is on.
Setting a one-time boot option
Sometimes you want the server to reboot into a network boot, or into bios directly. You can set one-time boot options with the following on the mgmt SSH command line:
racadm config -g cfgServerInfo -o cfgServerBootOnce 1 racadm config -g cfgServerInfo -o cfgServerFirstBootDevice <BOOT OPTION>
- Valid boot option targets: No-Override, PXE, HDD, DIAG, CD-DVD, BIOS, vFDD, VCD-DVD, iSCSI, VFLASH partition label, FDD, SDe, RFS (Remote File Share)
- We most commonly just make use of PXE & BIOS
Changing the User Defied String for the front LCD
- Please note only models with LCD have this set: R620, R720
- Checking the string:
racadm get System.LCD.LCDUserString
- Setting new string:
racadm set System.LCD.LCDUserString newstring
- We need to test this on a new system out of box. Rather than set the display User specified string and string in DRAC setup, skip that, and attempt to set with this single command afterwards. Ideally populating this via the iDrac command line will force it to also be set to display on LCD (rather than default service tag.) Please let RobH know the result of this test (or just put it in here!) --RobH (talk)
- 10Gb NIC systems will occasionally need to have the legacy PXE boot option specifically set in the NIC bios. If you have it hitting the PXE boot step, and simply halting, this setting is not correct.
- If you get
No more sessions are available for this type of connection!when trying ipmi over ssh, the drac is likely hosed. This can be fixed by issuing a reset via remote IPMI native interface. Note it can take some minutes for the drac to fully come back.
ipmitool -I lanplus -H <mgmt name> -U root mc reset cold
Initial System Setup
We need to change a number of options in the bios and mgmt configuration to our own specifications. Some of these items MUST be done locally by the on-site technician racking the systems. As such, all of the following steps should be done by the on-site before completing a new server in the racked state.
- Rack server according to directions on how to do so. (Rob will add a link to this procedure later, once it is written.)
- Attach physical console to system (keyboard & monitor).
- Boot system, and enter BIOS by pressing F2 during POST.
- System POSTS and enters BIOS with screen listing: System Bios, iDRAC Settings, & Device Settings.
- Please note the first boot, this will be in a GUI that can be driven with keyboard only. AFTER the serial redirection is setup, this menu will no longer display on the physical console with the GUI, but a non-graphical command-line type menu system.
- Enter System Bios.
- We will be changing the entries for a number of items. If an item is not listed, it doesn't need to change from defaults.
- Processor Settings
- Logical Processor set to enable - This is hyperthreading, and sometimes we don't need it. If unsure, ask some application-specific expert. HHVM and Elasticsearch greatly benefit from it.
- Virtualization Technology set to disabled - leaving this on when not using system for virtual machines leaves a potential security vector.
- Serial Communication
- Serial Communication set to: On with console redirection via COM2
- Serial Port Address set to Serial Device1=COM1,Serial Device2=COM2
- External Serial Connector: Serial Device 1
- Failsafe Baud Rage: 115200
- Remote Terminal Type: VT100/VT200
- Redirection after boot set to disabled - newer ubuntu versions prefer this during boot, though you may swap it back when troubleshooting PXE boot issues.
- System Profile Settings
- System Profile set to Performance Per Watt (OS) - the default dell setting causes power_saving/watchdog kernel threads to spawn and inordinately consume CPU cycles, this setting fixes it.
- Miscellaneous Settings
- Asset Tag set to the Asset Tag assigned when system was received into stock.
- Hit ESC to exit out, when prompted saving your changes. Do not exit the BIOS screen entirely, just go back to main settings screen (System Bios, iDRAC Settings, & Device Settings)
- Select iDRAC Settings
- Confirm the following setttings:
- Enable NIC is set to Enabled - should already be set to this, just a double-check
- Nic Selection is set to Dedicated (iDRAC7 Enterprise only) - should be set to this already, if it won't change, it means the DRAC Enterprise License did not apply correctly during purchase. Please contact RobH if this occurs so we can get it fixed.
- Set the Static IP, Static Gateway, & Static Subnet Mask.
- We don't assign DNS servers to mgmt interfaces.
- Enable IPMI Over LAN set to enabled - this will allow us to use IPMI commands & scripting in the future.
- Front Panel Security (Only for systems with front LCD)
- Set LCD message set to User-Defined String
- User-defined string set to system name if available, otherwise input asset tag again.
- User Configuration
- Set password to the mgmt password
- ESC and save when prompted until back out of BIOS entirely, all settings are now in place.
- All systems must be tested for DRAC and console redirection before the racking and on-site work is complete.
- Connect to DRAC via SSH
- Test powercycling, powering down, and powering up.
- Test console redirection, ensure you can watch system POST via SSH mgmt session.
- Once testing has passed, system is ready for operations allocation.