CIMC 4.0 Basic Setup

Cisco - Data Centre

tl;dr

  1. Boot the server and press F8.
  2. Configure the NIC type/
  3. Configure the CIMC IP Address.
  4. Configure a hostname.
  5. Configure the NIC redundancy.
  6. Try SSH and or HTTPS to the CIMC
  7. Configure NTP and Serial Over LAN (SOL)

What's this for?

CIMC 4.0 Basic Setup is for when you have just got yourself your first Cisco UCS server and you're getting tired of standing at the crash cart in the data centre just looking at how cool it looks.

In this ramblings we will talk you through how to get the basic configuration into the CIMC so you can start doing your server admin from the comfort of your desk, or even better your hammock in the garden at home!

Demo Enviroment

The outputs below come from the following setup...

  • Hardware: Cisco WLC 5520
  • OS: CIMC
  • Version: 4.0(2g)
  • Date: 10-08-2019

CIMC 4.0 Basic Setup

So what we're going to do in this ramblings is run through the steps needed to get a basic CIMC configuration up and running. If you can't get into your CIMC you may want to start with this guide here.

Note: If the pictures in this guide look different to your CIMC you might be running a older version of the CIMC software. Try this guide here to get your CIMC updated.

We will start off by booting the server and going into the CIMC Configuration Utility by pressing F8

Note: My output below shows the CIMC as having an IP address, that's because I have already configured it to be able to get a good quality pictures of the screen for you!

After this you will be prompted to enter the current and a new password. The default password should be "password" however Cisco did go through a phase of shipping CIMC's with the password "Cisco1234". These units with the "Cisco1234" password were manufactured between 17 November 2015 and 6 January 2016.

Note: Sorry for taking a photo of the screen there was no other way I could capture this output.

Once you have reset the password you will go through to the CIMC configuration page 1/2.

There is an element of this will depend on how your company does things however I tend to use:

NIC mode: Dedicated, This means we use the NIC dedicated instead of putting it over the same NICs as all the data.

Pros
  1. Your management is completely out of band. I would normally take this NIC into a completely isolated network, this means if we really "done screwed up dat der production network" we can just move over onto the isolated network to get things back up and working. With things like ACI and SDA coming, I suspect, this is just going to become the norm.
  2. It kind of relates to the previous point but it means if we need to do any modifications on the links between the server and the switch it connects to I can do this in my pants at home with a fairly high confidence even if I lose access to the server I haven't just also lost access to the out of band capability too.
Cons
  1. We can't have redundant OOBM links. This is not perfect, however, the odds of the out of band switch going down half way through production network maintenance or at the same time as the production network is relatively slim. This means if the switch does go down my priority changes, operations should always come first. This means any plans I might have had to do project work go on hold until I have restored the OOBM service.

IP address: Static IPv4, This is core infrastructure, why would you give it an DHCP address? If you using IPv6 go you, you literally are the future, feel free to use that!

DNS: Self-explanatory, if you have a DNS server available let the CIMC know about it. I don't have one in this lab environment so I won't provide one.

NIC redundancy: None, as we have already touched on this is my only option with the NIC mode I tend to use.

VLAN: disabled, if I was doing this in-band I would not want the CIMC breaking out onto the native VLAN, so I would use this to specify the VLAN. However for a dedicated NIC there is no point i would just add to complexity and give you something else to troubleshoot.

Once your done Press "F10" to save your new settings followed by "F1" to move over onto the additional settings page. Here I normally just set the hostname. I normally make this the hostname of the main OS with a "-oobm" on the end. The reason I use "-oomb" and not cimc is because once you have an enviroment with some HP servers, dell servers, cisco servers etc you start having to play the guessing game at 3am of what hardware platform is that server on. The only thing I want to be doing at 3am is fixing the issue and getting back into bed. We can then save the configuration and try to access the CIMC over the network.

If thats all gone to plan we should be able to connect to the web interface and get something that looks a bit like this.

If we were to then login we would get a page that looks a bit like this.

So that is now most of the configuration done however there is still a couple more things I would configure. Start by SSH'ing into the CIMC. You could do this from the GUI and if that's your preference go for it! The reality for me is if I'm configuring a CIMC I'm probably doing a batch of servers that relate to a project. There is no way I'm configuring 10 servers using a GUI!

The first thing to get configured up is NTP. Without this looking through your log files will just be horrid and confusing. We can start by checking the current configuration.

wlc001-oobm# scope cimc 
swlc001-oobm /cimc # scope network
wlc001-oobm /cimc/network # scope ntp
wlc001-oobm /cimc/network/ntp # show detail
NTP Service Settings: 
    Enabled: no 
    Server 1: 
    Server 2: 
    Server 3: 
    Server 4: 
    Status: NTP service disabled 
wlc001-oobm /cimc/network/ntp

So as might be expected we have no NTP configuration so lets get some into the CIMC.

Note: After we enter the first command the prompt gets a '*' in it. This means we have uncommitted changes we need to commit to take effect 
wlc001-oobm /cimc/network/ntp # set enabled yes
Warning: IPMI Set SEL Time command will be disabled if NTP is enabled. 
Do you wish to continue? [y/N] 
y
wlc001-oobm /cimc/network/ntp *# set server-1 192.168.192.254 
wlc001-oobm /cimc/network/ntp *# set server-2 time.cisco.com

We cannot commit these changes and ensure they have taken effect

wlc001-oobm /cimc/network/ntp *# commit 
wlc001-oobm /cimc/network/ntp # show detail 
NTP Service Settings: 
    Enabled: yes 
    Server 1: 192.168.192.254 
    Server 2: time.cisco.com 
    Server 3: 
    Server 4: 
    Status: unsynchronised 
wlc001-oobm /cimc/network/ntp # exit
wlc001-oobm /cimc/network/ # exit
wlc001-oobm /cimc/ # exit
wlc001-oobm #

Finally if your servers main OS interface is CLI and is output to the comm port then its worth enabling Serial Over LAN (SOL). We can start by checking the current configuration.

wlc001-oobm# scope sol 
wlc001-oobm /sol # show detail 
Serial Over LAN: 
    Enabled: no 
    Baud Rate(bps): 115200 
    Com Port: com0 
    SOL SSH Port: 2400 
wlc001-oobm /sol #

So as might be expected we have no SOL configuration so let's get some into the CIMC.

wlc001-oobm /sol # set enabled yes 
wlc001-oobm /sol *# commit
wlc001-oobm /sol # show detail 
Serial Over LAN: 
    Enabled: no 
    Baud Rate(bps): 115200 
    Com Port: com0 
    SOL SSH Port: 2400 
wlc001-oobm /sol # exit
wlc001-oobm #

One way to use this is from the CIMC using the 'connect host' command.

wlc001-oobm# connect host
CISCO Serial Over LAN: 
Press Ctrl+x to Exit the session 
 
User:AdmPri 
Password:********** 
(Cisco Controller) > 
(Cisco Controller) > 
(Cisco Controller) >logout
The system has unsaved changes. 
Would you like to save them now? (y/N) n
 
Configuration Not Saved! 
(Cisco Controller) 
User: 
User: Ctrl+X 
CISCO Serial Over LAN exited 
wlc001-oobm#

Now you have the basics up and running why not try some of the more advanced features in this guide here.