Whitepaper Server Configuration Profiles: Reference Guide An end-to-end guide for DellEMC’s Server Configuration Profiles (SCP). Abstract The Server Configuration Profiles: Reference Guide covers all aspects of SCP’s template-based server configuration, updates and operating system deployment operations, along with a multitude of examples and tutorials.
Revisions Revisions Date Description September 2020 Initial release Acknowledgements This paper was produced by the following: Author: Charles ‘Danny’ Stracener Support: Texas Roemer, Doug Iler The information in this publication is provided “as is.” Dell Inc. makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose.
Table of contents Table of contents Revisions.............................................................................................................................................................................2 Acknowledgements .............................................................................................................................................................2 Table of contents .................................................................................................
Table of contents 3.6.2 racadm ..............................................................................................................................................................19 3.6.3 Redfish..............................................................................................................................................................19 4 SCP Import ....................................................................................................................................
Table of contents 10.1 Workload profiles ..............................................................................................................................................38 10.2 F1 / F2 Error Prompt .........................................................................................................................................38 10.3 Changing the Boot Order ..................................................................................................................................
Table of contents 19.1 Configuration results and LCL ..........................................................................................................................63 19.2 Known Limitations.............................................................................................................................................63 19.3 Common Issues ................................................................................................................................................
Executive summary Executive summary Managing all the various aspects of a server’s configuration can be complex. Making changes to a server’s configuration, firmware versions, or even repurposing the server with a new operating system usually requires multiple individual operations to reach the desired end state.
Server Configuration Profiles: User’s Guide 1 Getting Started 1.1 What are Server Configuration Profiles? 1.2 Server Configuration Profiles (SCP) are XML or JSON templates that contains configuration settings for an individual server. Each configurable setting is a simplified name-value pair. In addition to configuration settings, the SCP template is equipped with attributes that can trigger specific workflows like firmware updates and operating system deployment.
Server Configuration Profiles: User’s Guide 1.5 SCP Import SCP Import is the process in which the XML or JSON template is applied to the server. Any configuration settings available in the template will be applied. Any workflows (OSD and firmware update) triggered by the template will also be performed during this operation. SCP Import may restart the host system multiple times to apply all requests but will only restart the host if required.
Server Configuration Profiles: User’s Guide The LCL can be viewed or exported under Maintenance > Lifecycle Log in the iDRAC GUI. iDRAC CLI’s also provide methods for exporting the LCL. Please refer to the iDRAC User’s Guide for full details. 1.9 SCP Import / Preview Configuration Results SCP Import will generate LCL events as it progresses through the operation. When a configuration attribute is applied or failed to apply, an LCL event will be logged with details under a configuration results node.
Server Configuration Profiles: User’s Guide 1.10 Available Interfaces Server Configuration Profiles are available through multiple iDRAC interfaces. This document will provide examples for the iDRAC GUI, racadm, and Redfish. Refer to the user interface’s guide for all available options. Server Configuration Profiles can be located under the iDRAC GUI via Configuration > Server Configuration Profiles.
Server Configuration Profiles: User’s Guide 2 Template The template is the XML or JSON file generated by an SCP Export. This section will cover the difference between the two formats, as well as the overall structure of the template. 2.1 Structure At a high level, both formats follow a similar structure. SystemConfiguration - Components - Attributes 2.1.1 SystemConfiguration SystemConfiguration is the root node in both formats.
Server Configuration Profiles: User’s Guide The content between the Attribute nodes can be edited and applied via SCP Import. In the example below, changing the VirtMacAddr from F4:02:70:B4:13:AB to F4:02:70:B4:13:DB will trigger a set operation on NIC.Embedded.2-1-1 during an SCP Import. PAGE 14Server Configuration Profiles: User’s Guide 4. If not using RepositoryUpdate, confirm that the target servers have similar iDRAC and device firmware levels. 2.4.2 Active Directory Example Configuring Active Directory on many iDRACs is a great example of how a golden template can be utilized. There are a significant number of Active Directory settings and configuring them directly from the XML/JSON template could prove to be difficult.
Server Configuration Profiles: User’s Guide 3 SCP Export Server Configuration Profile Export will generate an XML or JSON template either locally or to a network share. The export operation will create a new job which can be monitored in the job queue. The template will be made available once the job has been marked as Completed. The available options used to customize the template generation are detailed in the following sections. 3.
Server Configuration Profiles: User’s Guide In the XML format these attributes are marked with ReadOnly in the comment section of the node. In the JSON format the Comment item will be set to ‘Always Read Only’. { "Name": "Info.1#Version", "Value": "4.40.00.00", "Set On Import": "False", "Comment": "Always Read Only" }, These attributes cannot be set during an SCP Import and are only available for informational purposes. 3.
Server Configuration Profiles: User’s Guide 3.4 Export Type - Clone and Replace SCP Export offers two optional modes that will alter the template generation by adjusting the number of commented items and changing some values. The default Normal export type will leave some attributes commented out and require the user to uncomment (or change Set On Import to True) them before they can be applied during an SCP Import.
Server Configuration Profiles: User’s Guide Clear Virtual Disk RAIDaction will be set to Create instead of Update, and all attributes needed for the create operation will be uncommented. PAGE 19Server Configuration Profiles: User’s Guide 3.6 Available Interfaces 3.6.1 iDRAC GUI 3.6.2 racadm SCP Export can be located on the iDRAC GUI under Configuration > Server Configuration Profiles > Export. All the available options detailed above can be found on this page. The racadm ‘get’ command using the ‘-t xml’ or ‘-t json’ parameters will invoke an SCP Export operation. The following options are also available: Racadm example: C:\>racadm -r 192.168.0.120 -u root -p calvin get -f R740_scp_file.
Server Configuration Profiles: User’s Guide The latest version of the Redfish API Guide can be found on Dell support site. Examples for Redfish scripting using Python and Powershell can be found here: https://github.
Server Configuration Profiles: User’s Guide 4 SCP Import SCP Import is a streamlined configuration, firmware, and OS deployment workflow that consumes the template generated by the SCP Export process. Import will validate the template and compare the current configuration to the requests made by the template. If changes are detected between the template and the current configuration, then the SCP Import operation will apply the new settings.
Server Configuration Profiles: User’s Guide racadm>>lclog viewconfigresult -j JID_898317921404 SeqNumber = 5008 FQDD = iDRAC.Embedded.1 Job Name = Import Configuration Operation Name = CHANGE DisplayValue = SSH Idle Timeout Name = SSH.1#Timeout OldValue = 1800 NewValue = 1805 Status = Success ErrCode = 0 Refer to the Event and Error Message Reference Guide to locate the Recommended Response Action to a specific error code. Error code lookup can also be performed using this tool: https://qrl.dell.
Server Configuration Profiles: User’s Guide Message SeqNumber Job Name FQDD 4.2 = = = = A system reboot is required to apply configuration changes. 10364 Preview Configuration BIOS.Setup.1-1 Shutdown Type If a host shutdown is required, then SCP Import will issue a graceful shutdown request to the host operating system.
Server Configuration Profiles: User’s Guide changes gated behind a power cycle, no other configuration operations are permitted. Only once the host has been rebooted and the SCP operation completes will other configuration operations be permitted. 4.3 End Host Power State The ‘End Host Power State’ optional flag can tell the host to power down after the SCP Import operation has completed. The default power state will be On.
Server Configuration Profiles: User’s Guide Most interfaces allow for both the full FQDD or a shorthand version to import all components of a given type. The shorthand ‘NIC’ would import NIC.Integrated.1-1-1, NIC.Integrated.2-1-1, etc, but the full FQDD ‘NIC.Integrated.1-1-1’ would only process the component for that specific device. Shorthand values can be used for both SCP Export and SCP Import. Please refer to the Available shorthand options table in the Selective Export section. 4.
Server Configuration Profiles: User’s Guide Body: Body: { 'ShareParameters': {'ShareType': 'NFS', 'ShareName': '/nfs', 'IPAddress': '192.168.0.130', 'Target': 'ALL', 'FileName': 'R740_scp_file.xml'}} For more details on the action, supported parameters and values, refer to schema “redfish/v1/Schemas/OemManager_v1.xml”. The latest version of the Redfish API Guide is available on Dell Support site. Examples for Redfish scripting using Python and Powershell can be found here: https://github.
Server Configuration Profiles: User’s Guide 5 SCP Import Preview SCP Import Preview will execute the validation portion of the SCP Import operation but will not apply any settings. Any errors detected during the validation process will be logged to the LCL as configuration results. The preview operation will not reboot the host. Before importing the SCP file, it is not required, but is recommended, that an Import Preview operation is executed.
Server Configuration Profiles: User’s Guide 6 iDRAC Configuration This section of the guide will focus exclusively on the attributes found under the iDRAC.Embedded.1 component within the template. There are too many iDRAC attributes to cover in this document, so it’s recommended that the iDRAC User’s Guide is reviewed for any features that might not be covered here. 6.1 Template Example The example below is of a snapshot of the iDRAC.Embedded.
Server Configuration Profiles: User’s Guide "Comment": "Read and Write" }, { "Name": "Users.3#Password", "Value": "password123", "Set On Import": "True", "Comment": "Read and Write" }, { "Name": "Users.3#Enable", "Value": "Enabled", "Set On Import": "True", "Comment": "Read and Write" }, Additional settings for the user can be applied via the same template. The example above uses a ‘plaintext’ password to configure the user instead of the password hashes.
Server Configuration Profiles: User’s Guide PAGE 31Server Configuration Profiles: User’s Guide OldValue = ****** NewValue = ****** Status = Success ErrCode = 0 DisplayValue = Certificate Type Name = SecurityCertificate.1#CertType OldValue = "" NewValue = KMS_SERVER_CA Status = Success ErrCode = 0 6.6 Password Settings With iDRAC9 version 4.40.00.00, new iDRAC user password security options are now available. The following settings can be Enabled or Disabled. PAGE 32Server Configuration Profiles: User’s Guide * * The AutoUpdate functionality must be enabled under the LifecycleController component to activate these settings. This feature can be enabled, and all associated settings applied in a single SCP Import operation. PAGE 33Server Configuration Profiles: User’s Guide 7 LifecycleController The LifecycleController component contains a variety of LifecycleController settings and the attribute template for OS deployment operations. The OS deployment operations are covered in more detail below. This section will focus on the LifecycleController specific settings. Enabled PAGE 34Server Configuration Profiles: User’s Guide 8 EventFilters EventFilter settings can be configured using SCP Import and are found under these six components: FQDD="EventFilters.Storage.1"> FQDD="EventFilters.Updates.1"> FQDD="EventFilters.Audit.1"> FQDD="EventFilters.Configuration.1"> FQDD="EventFilters.WorkNotes.1"/> The SCP template will contain many event filters.
Server Configuration Profiles: User’s Guide 9 RAID / Storage Configuration and Operations SCP can be used to perform a variety of RAID and storage operations. A few common activities have been included below and additional details can be found in the Creating and Managing XML Configuration Files by Using WS-Man whitepaper. NOTE: Storage Component elements can be nested inside of their parent Components. This is done to show the hierarchy of these devices. In the first example below, Disk.Virtual.
Server Configuration Profiles: User’s Guide NOTE: Because physical disk drives included in the VDs are selected automatically based on size and RAIDTypes, span parameters such as SpanLength and SpanDepth are also determined automatically. Hence, they also must not be specified in the input configuration XML file. When Size value is specified as “0”, the VD will be created with minimum number of disks required for the RAIDTypes. 9.
Server Configuration Profiles: User’s Guide A cryptographic erase of NVMe or SAS / SATA drives attached to a PERC can be performed by setting the ‘Cryptographic Erase’ attribute to True. PAGE 38Server Configuration Profiles: User’s Guide 10 BIOS Configuration SCP can be used to apply any BIOS setting. A few common activities have been included below and additional details can be found in the Creating and Managing XML Configuration Files by Using WS-Man whitepaper. 10.1 Workload profiles Workload profiles are collections of BIOS settings.
Server Configuration Profiles: User’s Guide RAID.Integrated.1-1 RAID.Slot.2-1 … Alternatively, the BiosBootSeq and UefiBootSeq attributes offer a comma delimited option. BiosBootSeq will be available when in legacy boot mode. UefiBootSeq will be available when in UEFI boot mode. HardDisk.List.
Server Configuration Profiles: User’s Guide Each password requires that the old password be provided along with the new password. The old password will be validated and if successful then the new password will be applied. NOTE: Passwords in SCP templates will always be commented out by default and populated with ‘******’ as their value. 10.6 PXE (Preboot Execution Environment) PXE attributes are available under the BIOS component while the BIOS is in Uefi BootMode.
Server Configuration Profiles: User’s Guide 11 NIC / FiberChannel / InfiniBand Configuration SCP supports a variety of network devices. The focus of this section will be on the unique behaviors available in SCP for these devices. The full feature set for these devices is outside the scope of this document. It’s recommended to review the network device’s documentation for all available features. 11.
Server Configuration Profiles: User’s Guide 11.3 InfiniBand modes InfiniBand network devices can transition between ‘Ethernet’ mode and ‘IB (InfiniBand)’ mode using the NetworkLinkType attribute. While in ‘Ethernet’ mode, the network device will present with an FQDD starting with NIC (e.g. NIC.Slot.4-1-1). While in ‘IB’ mode, the network device will present with an FQDD starting with InfiniBand (e.g. InfiniBand.Slot.4-1-1). Example of a device in ‘Ethernet’ mode: PAGE 43Server Configuration Profiles: User’s Guide NOTE: Switching modes and applying attributes on the new mode will require two separate SCP Import operations to complete.
Server Configuration Profiles: User’s Guide 12 SupportAssist Operations Available on later versions of iDRAC7, iDRAC8 and iDRAC9. DellEMC’s SupportAssist feature can be registered and configured via SCP. More information about SupportAssist can be found in the SupportAssist on Dell EMC’s 14th generation of PowerEdge servers whitepaper. 12.1 Registration An SCP Export will generate empty attributes under the SupportAssist component for easier registration.
Server Configuration Profiles: User’s Guide Name="SupportAssist.1#SupportAssistEULAAccepted">True Name="SupportAssist.1#SupportAssistEULAAcceptedByiDRACUser">root Name="SupportAssist.1#PrimaryContactFirstName">John Name="SupportAssist.1#PrimaryContactLastName">Doe Name="SupportAssist.
Server Configuration Profiles: User’s Guide SupportAssist.1#EventBasedAutoCollection - The EventBasedAutoCollection attribute should be set to Enabled for SupportAssist to receive critical events and request collections from the server. SupportAssist.1#SupportAssistEnableState - The SupportAssistEnableState attribute indicates whether the SupportAssist auto collection features are enabled on the server.
Server Configuration Profiles: User’s Guide 13 RepositoryUpdates Available on later versions of iDRAC7, iDRAC8 and iDRAC9. SCP Import can also perform firmware updates via Dell’s Repository Update feature using the SCP.1#RepositoryUpdate attribute. Dell Repository Manager can be used to construct an update repository. The tool set and more information about the feature is provided in the link below. https://www.dell.
Server Configuration Profiles: User’s Guide Job Name=Repository Update Status=New Scheduled Start Time=[Not Applicable] Expiration Time=[Not Applicable] Actual Start Time=[Not Applicable] Actual Completion Time=[Not Applicable] Message=[JCP000: New] Percent Complete=[NA] ---------------------------------------------------------- The first stage of the update operation will be to download the DUP (Dell Update Packages) to the iDRAC and prepare for updates.
Server Configuration Profiles: User’s Guide Percent Complete=[NA] ---------------------------------------------------------- The SCP Import job status will be a combination of all update jobs and configuration settings. A job status of ‘Completed with Errors’ or ‘Failed’ requires review of the configuration results or LCL for next steps.
Server Configuration Profiles: User’s Guide 14 iDRAC Direct (SCP via USB) On the 14th generation servers, a dedicated micro USB port is available to configure iDRAC. A server can be configured by using a SCP template stored on a USB drive. 14.1 Setup Create a directory in root of the USB device called System_Configuration_XML that contains both the SCP template and control files: • The SCP template must follow the following naming convention; -config.xml, -config.
Server Configuration Profiles: User’s Guide 14.2 Execution To import the server configuration profile from the USB device to iDRAC: 1. Configure the USB management port: a. Set USB Management Port Mode to Automatic or iDRAC. b. Set iDRAC Managed: USB XML Configuration to Enabled with default credentials or Enabled. 2. Insert the USB key (that has the configuration.xml and the control.xml file) to the iDRAC USB port. 3.
Server Configuration Profiles: User’s Guide 15 OS Deployment OS deployment support was added to SCP in iDRAC9 version 4.00.00.00. When paired with RepositoryUpdate and configuration, this enables an SCP Import operation to perform a full deployment using a single template. The benefits of utilizing SCP for OS deployment and all available workflows are covered in great detail in the ‘Using Server Configuration Profiles to Deploy Operating Systems to Dell EMC PowerEdge Servers’ whitepaper.
Server Configuration Profiles: User’s Guide 15.3 OS Deployment via USB OS Deployment operations can be performed via the iDRAC Direct / SCP via USB workflow assuming the iDRAC can access the network share containing the ISO. In the template file located on the USB key configure the following attributes to point to the networked ISO. Example: