HP/ILO troubles

The wonderful security updates in Firefox (and Chrome) will give you the dreaded SSL_ERROR_BAD_MAC_ALERT. So no more ILO for you ūüė¶

How to mitigate that?, well first do as told in the article above, go to about:config in firefox and set the security.tls.version.fallback-limit to 1.

How you can access the ILO and update the firmware to 2.29 for ILO2 (or higher), as instructed here, you can fetch the ILO2 firmware  Here

HP has a habit of only updating the Windoze firmware binaries, forgetting that most of the internet runs on Linux, but anyway just download the EXE and extract the ilo229.bin from the file.

If you don’t like the clickerdyclick web interface, or have more than 2 servers to update, it makes sense to put your binary on some web server¬† in your environment and just ssh into your ILO and update from there, the magic is done like so:

load -source /map1/firmware1

(…. is our internal web server of course, replace with your own)

O and don’t forget to set your FireFox security.tls.version.fallback-limit back to 3 ūüôā

Ces’t Ca..

Cacti script to get temperatures from an ILO device.

We wanted to experiment with different airflow scenarios in our DC and did not want to get in to expensive data center power management tools, so we decided to use a simple cacti server and the ILO temperature measurements from servers in certain spots in the racks to get a historic graph of inflow air temperatures, you get the idea.

But man!, Cacti can be a pain in the butt!, and so can be the HP/ILO SNMP implementation. As you might have noticed the SNMP/OID does not push out measured temperature sensors, sigh..¬†To get around this hurdle we had to hack up a quick script, and since it took me quite some time to google all components together i’d thought why not put them here for others to enjoy, saving the world some time here.

Our setup, a simple vanilla Ubuntu 12.04 LTS VM, ¬†with Cacti from the Ubuntu Repo (0.8.7i), I assume I don’t need to explain how to set this up. So to get stuff working, first we get the¬†HP Lights-Out XML PERL Scripting Sample (I¬†fetched this one) for Linux, untar and install.

Copy out the files Get_EmHealth.xml and locfg.pl to the /usr/share/cacti/site/scripts folder, chown them to root (as Cacti runs its scripts as root)

Add your ILO credentials to the¬†EmHealth.xml, I could go as far as parameterizing them for Cacti to provide, but since we use the same across all ILO’s in a separate management network, i did not bother

<LOGIN USER_LOGIN=”your user name” PASSWORD=”your password“>

Next, I created this little PERL script

$command = “/usr/bin/perl -X /usr/share/cacti/site/scripts/locfg.pl -s $ARGV[0] -f /usr/share/cacti/site/scripts/Get_EmHealth.xml”;

#$command = “/usr/bin/perl -X /usr/share/cacti/site/scripts/locfg.pl -s -f /usr/share/cacti/site/scripts/Get_EmHealth.xml”;

$output = `$command`;

@lines = split(/\n/,$output);

foreach $line(@lines){
if (index ($line ,”LOCATION VALUE”) != -1) {
$line =~ s/\s+/_/g;
if ($line =~ /”(.+?)”/) { print”$1:”;}}
if (index ($line ,”CURRENTREADING VALUE”) != -1) {
if ($line =~ /”(.+?)”/) { print”$1 “;}}

What this basically does is parse the XML (ish) output from locfg.pl, find the Location Value and CurrentReading Value (which are sensors and values) and write them out as a valid Cacti script return string for by DL385g5 this is:

CPU:62 CPU_1:50 CPU_2:44 Memory_a:57 Memory_b:46 System:62 Ambient:21

As you can see I also trip out all spaces and replace them by underscores to keep the output valid for Cacti. So now we can run this script in a Cacti Data Input Method, see this link on how to do that, and as long as we provide the EXACT output fields, we will get values back to push in to RDD. I am only interested in the Ambient sensors, but maybe you like to graph more..

Hope this helps someone save some time





Setting IOPS for HP/EVA devices, the dirty ESXCLI way.

Stumbled upon the “Best practices for HP EVA, vSphere 4 and Round Robin multi-pathing” by Ivo Beerens or the VMware community article “Very slow performance on EVA4400” and wondered how to hack this in to an ESXi box without a service console. (tried Ivo’s solution in the ‘Engineering SSH shell, but for some reason it failed on the grep command’. Of course you can use the horrid windows power(s)hell and fiddle around with that, or for dinosours like me that live in old DOS/Command line worlds, download the VMware ESXCLI package for windoze (or Linux, but then this script wont work) ¬†and copy and paste this script in to a .cmd file

@echo off
esxcli --server <hostname> --username=root --password=*** nmp device list | find "HP Fibre Channel Disk" >dev.lst
for /F "tokens=1,2 delims=()" %%G IN (dev.lst) DO esxcli --server <hostname> --username=root --password=Nipples@Sandpaper nmp roundrobin setconfig --type "iops" --iops=1 --device=%%H
del dev.lst

Remember to replace the obvious username,password and servername values and off you go!.

Of course you can get creative and make a loop around this to go through your servers automatically, but I had only 8 to worry about so I didn’t bother.

Good luck,

— Fault