HP Matrix Operating Environment 7.2 Infrastructure Orchestration User Guide Abstract This document provides an overview of infrastructure orchestration, which delivers advanced template-driven design, provisioning, and ongoing operations for multi-node, multi-tier infrastructure services.
© Copyright 2009, 2013 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents 1 Introduction.............................................................................................11 Automated infrastructure design provisioning and management....................................................11 Matrix infrastructure orchestration and the Matrix Operating Environment solution...........................12 Matrix infrastructure orchestration users and groups.....................................................................
Insight Control virtual machine management templates............................................................42 Viewing VM templates with data disks.............................................................................43 Hyper-V virtual machine management templates................................................................44 Microsoft System Center Virtual Machine Manager (SCVMM) templates....................................44 Configuring ESX memory oversubscription...........................
Enabling telnet for 32-bit Firefox running on a 64-bit Windows operating system..............90 Matrix infrastructure orchestration organization administrator portal...............................................90 Accessing the infrastructure orchestration organization administrator portal................................90 Organization administrator portal interface overview..............................................................90 Customizing the organization administrator and self service portals..
5 Matrix infrastructure orchestration storage management...............................143 Static SAN volume automation through multi-initiator NPIV.........................................................145 Dynamic SAN volume automation...........................................................................................145 Manual storage provisioning..................................................................................................
Service creation fails for physical requests when Windows Server OS is selected.................178 Request with a future start date stays at 10% with status of Reserved...................................178 Physical server provisioning using Insight Control server deployment fails during the final personalization step....................................................................................................178 Server reservation and allocation fail even though servers exist in the assigned pool...
Add data disk request fails................................................................................................192 Deactivate, activate, power off, or power on operations.............................................................193 Messages displayed when a paused boot disk deployment is cancelled by an administrator......193 Console operations...............................................................................................................
Infrastructure orchestration does not send email notifications to users assigned to, or unassigned from, a server pool......................................................................................................202 Access error on infrastructure orchestration web pages from email notification using private network.....................................................................................................................202 Operations Orchestration...........................................
9 Documentation feedback.........................................................................227 Index.......................................................................................................
1 Introduction HP Matrix Operating Environment infrastructure orchestration extends HP Matrix Operating Environment to provide rapid provisioning and repurposing of infrastructure services from shared compute resource pools using a self service portal.
A self service user or a self service user in an organization selects an existing template and then requests infrastructure provisioning from it, against an assigned pool of resources. A service provider administrator or organization administrator can approve or deny this request and monitor its progress.
Matrix infrastructure orchestration users and groups Matrix infrastructure orchestration is integrated with Active Directory, which allows Windows users groups, as well as individual local users, to be given access to resources. When infrastructure orchestration is installed, three local user groups (HPIO_Administrators, HPIO_Architects, and HPIO_Users) are created.
Software deployment and service provisioning Matrix infrastructure orchestration supports a variety of mechanisms for operating system software deployment.
Workflows in the limited version of Operations Orchestration included with Matrix OE may only be triggered from the Matrix OE infrastructure orchestration interface in relation to preand post- provisioning tasks. An upgrade to the full version of Operations Orchestration allows the launch of workflows from outside of the Matrix OE interface. • The limited version of Operations Orchestration allows Matrix OE to be integrated with other management software.
2 Installation and configuration Installing infrastructure orchestration Matrix infrastructure orchestration is installed through the HP Insight Management Installer. When using the installer, be sure to select all the required software and have the HP Insight Control and SMTP parameters available to use during installation. For more information, see HP Insight Management Installation and Configuration Guide on the HP Insight Management DVD.
Configuring infrastructure orchestration users in Windows The Insight Management Installer adds the user who performed the installation to the HPIO_Administrators group. To integrate Active Directory with Insight Management: 1. Ensure that the server hosting the CMS belongs to the Active Directory domain (not a workgroup). 2. Create a non-administrator user in Active Directory that will be used to run all Insight Management services. 3. Give that Active Directory user Admin privileges on the CMS. 4.
• Organization Administrators Have the privileges of the _ Administrators group. Can initiate requests, create pools and assign users to them, approve or reject paused requests from organization users, and customize the look of the organization administrator portal and the self service portal. Can log in to infrastructure orchestration organization administrator portal (https://:51443/oap/). Can access the self service portal for that organization.
Matrix infrastructure orchestration access Group membership requirement1 Console HPIO_Administrators HPIO_Architects Designer HPIO_Administrators HPIO_Architects Self service portal HPIO_Administrators HPIO_Users Organization administrator portal HPIO_Administrators2 HPIO_Users 1 2 A user who is not a member of one of those groups is not authorized to use infrastructure orchestration regardless of the authorizations configured in Systems Insight Manager.
NOTE: When infrastructure orchestration is upgraded to a new version, administrator modifications to individual properties in hpio.properties are migrated to the new version of the file unless the default value of the property changed in the new version. In that case, the value of the property is overwritten by the new default value included in hpio.properties. For example, in an earlier version of infrastructure orchestration, the value of timeout.get.
This property takes effect only when allow.customize.template.network is set to true. For example, if the administrator sets: allow.customize.template.network = truecustomize.template.network.inclusion.list = Service Provider,orgA, orgB Then only users from Service Provider, orgA, and orgB are allowed to customize networks. All others are prevented from making changes. Values can be either organization names or IDs.
If you performed a new installation of Insight Management, and if federated CMS was not successfully enabled during the installation, configure a federated CMS environment. WARNING! Do not manually enable federated CMS if you are upgrading to Insight Management 7.2 from an earlier release. If your environment contains existing infrastructure orchestration services, enabling federated CMS after an upgrade will cause these existing services to fail.
the primary CMS as trusted on the secondary CMSs, and displays the newly added CMSs in Systems Insight Manager. a. On the primary CMS, in Systems Insight Manager, select Options→Federated CMS Configuration…. b. Click Add CMS…. c. In CMS name, enter the secondary CMS FQDN and then click Next. d. In Verify Remote CMS Certificate, verify the certificate, and then click Next. e. In Configure Remote CMS, enter the Systems Insight Manager user name and password, and then click Finish. f.
Support for a rolling upgrade of a CMS federation Matrix OE infrastructure orchestration 7.2 includes support for a rolling upgrade of a federated CMS environment. A rolling upgrade temporarily allows a federation containing CMSs running different versions of Matrix OE during the upgrade process. During a rolling upgrade, a CMS running Matrix OE 7.2 supports basic operations against a secondary CMS running 7.1. Not all 7.2 features are expected to work against a 7.1 CMS.
IMPORTANT: If you configured secondary CMSs for use in a federated CMS environment, ensure that each SAN storage volume is managed by only one HP Storage Provisioning Manager (SPM). A storage array can be shared by multiple SPMs. HP recommends that you select the HP Matrix Default Storage Templateand, optionally, define additional attributes when configuring physical storage in a service template.
• Password: the Insight Management service account password specified during the installation If the Insight Management service account password is subsequently changed using the Systems Insight Manager Reconfigure CMS Tools (mxreconfig), the changed Insight Management service account password is not reflected in Operations Orchestration Studio and database. Manually change the Operations Orchestration Studio and database passwords as described in the HP Systems Insight Manager User Guide at www.hp.
address. If you specify more than one address, use the semi-colon (;) as an address separator. Do not use a final semi-colon. For example, if you are configuring only one email address, specify email@address.com. If you configure more than one address, specify email1@address.com;email2@address.com. 6. 7. See “Specifying SMTP credentials and system properties” (page 27) for information about additional Operations Orchestration requirements.
Approval emails sent to the infrastructure orchestration administrator includes a URL to be followed for approval. The URL can be followed only once. However, to avoid running an Operations Orchestration workflow when approval is required, modify the ..\Program Files\HP\Matrix infrastructure orchestration\conf\hpio.properties file and change oo.service.approval.action.enabled=true to oo.service.approval.action.enabled=false.
Configuring a remote instance of Operations Orchestration Studio You can download Operations Orchestration Studio from a CMS where infrastructure orchestration and Operations Orchestration Central are installed, and then install Operations Orchestration Studio on another computer. NOTE: Only one instance of Operations Orchestration Studio can connect to the Operations Orchestration CMS at any time. Downloading Operations Orchestration Studio To download Operations Orchestration Studio: 1.
5. Specify Operations Orchestration information as described below, then click Next to complete the installation. • In the Host Name or IP Address field, enter the IP address of the Operations Orchestration CMS machine from which Operations Orchestration Studio was downloaded. • In the HTTP Port Number (usually 80 or 8080) field, change the value to 16080. • In the HTTPS Port Number (usually 443 or 8443) field, change the value to 16443.
Copying keystore file after upgrading Operations Orchestration After upgrading Operations Orchestration from version 7.51 to 9.0, Operations Orchestration Central and Studio have different certificate keys. Operations Orchestration Studio cannot access the URL https://:16443. 1. Make a backup of the rc_keystore file on the CMS. 2. Copy the rc_keystore file installed on the CMS (..
configured to use both deployment servers, but this configuration must be done after installation is complete. If you want to add a deployment server after infrastructure orchestration is installed, enter the following commands on the CMS. NOTE: If you copy and paste these commands, be sure to enter the dash (minus) key. In some cases, copying and pasting results in characters that appear to be the same but are incorrect.
5. 6. To create a job folder for each required operating system, repeat steps 1 through 4. To enable adding computers to the domain during provisioning, configure the Insight Control server deployment domain authorization using Tools→Options→Domain Accounts. Enclosures are discovered by Systems Insight Manager through the iLO IP address of the enclosure. Be sure to use the iLO credentials of the Onboard Administrator enclosure as the WBEM credentials. 7. 8.
a. 34 Right-click the Erase ProLiant Hardware job under the HP Deployment Toolbox→ Hardware Configuration folder, and then select Copy from the menu.
b. Right-click the HP Deployment Toolbox→Hardware Configuration folder, and then select Paste from the menu. 2. Delete tasks 1, 3, 4, and 6 from the default Erase job: a. Double-click the Erase ProLiant Hardware job. The Job Properties window appears. b. In the Job Properties window, press and hold the Ctrl key while selecting tasks 1, 3, 4, and 6 (the tasks become highlighted as shown), then click Delete. 3.
a. Select the Power Control task, and then click Modify. b. Select the Shut down (if available) option, and then click Finish.
c. In the Job Properties window, make sure that the modified Erase ProLiant Hardware job displays, then click OK to close the window. Configuring Ignite-UX Matrix infrastructure orchestration supports Ignite-UX version C.7.11.439 (HP-UX 11.31 1009) or later for HP-UX 11iv3 deployment. (HP-UX 11iv3 0709 or later is required for Integrity VM.) The Ignite server must have NFS configured and the tftp and bootps services enabled in /etc/ inetd.conf. a.
2. 3. 4. 5. 6. Create or edit a group (for example, Deployment Servers). In Ping inclusion ranges, system (hosts) names, and/or hosts files, enter the IP address or FQDN. In Credentials..., specify the user name and password, and then confirm the password. Click Save. In Discovery, click Run Now. Integrity VM Guest Kit installation The HP-UX vPars and Integrity VM Guest Kit must be set up on the Ignite-UX server to properly ignite an HP-UX guest.
Licensing and registration within Systems Insight Manager are not required for deployment servers, including SA. See “Registering deployment servers” (page 31) for more information about adding an SA deployment server after infrastructure orchestration is installed. Infrastructure orchestration requires the SA OS Build Plan Management permissions to be enabled. If these permissions are not set, IO will not retrieve the SA software list. Enable OS Build Plan permissions in SA: 1.
2. 3. 4. 5. Select a network from the list, and click Edit. From the Deployment Server list, select an SA satellite (for example, 10.0.0.10 (SA).) In Boot Network, select Yes, and save the configuration. In infrastructure orchestration designer, create or edit a template, and edit the network configuration to select the network from step 2. Default memory setting The default minimum memory setting for templates that use the SA server to deploy software is 512 MB. This value can be changed in the ..
1. Set the following line to true in the hpio.properties file located in ..\Program Files\ HP\Matrix infrastructure orchestration\conf. The property is set to false by default. skip.linux.on.hyperv.template.personalization=true 2. After provisioning, personalize the Linux VM. To do so, you can write Operations Orchestration workflows, or you can use open source PowerShell scripts.
Setting up an Integrity virtual machine network To create an Integrity VM vSwitch, use the hpvmnet command on the Integrity VM Host. NOTE: Matrix infrastructure orchestration uses only Accelerated Virtual I/O (AVIO) network devices for Integrity VM. An Integrity VM cannot be configured with a connection to a local virtual network through infrastructure orchestration. Only vSwitches connected to a physical NIC are recognized by infrastructure orchestration.
2. 3. 4. 5. 6. 7. 8. Click Deploy→Virtual Machine→Templates→Create Virtual Machine Template. The Step 1: Select Source Virtual Machine screen appears. Select a virtual machine from the list, and then click Next. The Step 2: Select VM Template Repository Host screen appears. Select the host for the new virtual machine management template, and then click Next. The Step 3: Specify the Template Name and select VM Template Repository Folder screen appears.
In a template in infrastructure orchestration designer, the notation boot+ is used to show that the disk includes one or more data disks. Hyper-V virtual machine management templates A Hyper-V VM template is not automatically discovered. Hyper-V templates must be imported into HP Insight Control virtual machine management before they appear in IO on the Software tab as VM templates.
◦ Multi-server (SCVMM service) templates are excluded. ◦ No explicit indication is given when a template is filtered from view. • When using SCVMM 2012 with a Windows 2012 template, you must add the CDKEY to the template. The CDKEY can be changed during the customization process if you add a new key in the sysprep file. If the SCVMM is registered as a VME, then Insight Management uses SCVMM only to deploy its templates.
Figure 1 Example of minimum required ESX VM Host free memory Using Sysprep to customize Windows systems Matrix infrastructure orchestration relies on Windows Sysprep to enable customization of Microsoft Windows systems. Customization includes operations such as changing the host name, applying the Windows license key on first boot, and setting the IP address. To automate Windows system deployments and apply the Windows license key automatically, you must edit the Matrix OE-supplied Sysprep.inf file.
in the Edit Network dialog box. After deployment completes, a domain administrator can manually join the system to the domain. When defining networks in IO, set the MS Domain Type to “Domain” in the Windows Settings tab of the infrastructure orchestration console Edit Network dialog box. Installing Microsoft Sysprep tools Install the Microsoft Sysprep tools only if you are provisioning Windows Server 2003 or earlier guests.
To configure a recoverable IO service, click to select the Recoverable check box in the IO service template in infrastructure orchestration designer.
Operations Orchestration workflows provide system administrators with automatic email notification when operations are performed on recoverable IO services. Set the HPIODRServiceActionRecipients property in Operations Orchestration Studio with the email address(es) of administrators who will receive this notification. See “Configuring Operations Orchestration system properties” (page 25) for more information.
Configuring an environment for cloud provisioning In addition to provisioning with on-premise resources, Matrix OE infrastructure orchestration supports provisioning virtual servers to an external cloud service, such as a supported CloudSystem bursting service provider, another CloudSystem, or HP Matrix KVM Private Cloud.. Public cloud bursting is a feature of Matrix infrastructure orchestration that enables enterprises to seamlessly provision public and private infrastructure resources.
default cloud firewall blocks all inbound traffic. To allow inbound traffic, you must create one or more rules on this page that describe that traffic. The Optional setting makes the template flexible for use with different cloud software images when using the Custom Attributes feature to customize the operating system at service creation time. For more information, see “Customizing template attributes when a service is created” (page 127).
To allow all incoming traffic, specify 0.0.0.0/0. To allow SSH connections to a server, select the TCP protocol, specify a Start Port of 22 and an End Port of 22 and IP Sources of 0.0.0.0/0. d. 3. Click Add. (Optional) To remove the firewall rule, click the Trash icon. Viewing the details of a firewall Details of a firewall associated with a template and service are shown on the Firewall Details pane at the bottom of the infrastructure orchestration console Templates and Services tabs.
Configuring a load balancer A load balancer distributes network traffic and enables optimal resource utilization across servers in a virtual or physical server group. Before beginning the configuration described in the following sections, the system administrator installs and configures a load balancer. A hardware load balancer is installed in an enclosure, and a software load balancer is installed on a physical server or virtual machine.
Optionally, a load balancer expert can customize the packaged Operations Orchestration workflows or develop new OO workflows for additional types of load balancers and add them to the OO repository. An administrator can then configure one or more of these load balancers and add them to the inventory (described in “Registering a load balancer” (page 54)).
and/or a certificate ID. These IDs are the keys to an actual password or certificate that is stored in IO. This allows more than one load balancer to use a common password or certificate. The IO administrator can manage passwords and certificates in IO using ioexec commands and the SOAP API. Typically, a load balancer has access to a private and a public network, and has an IP address on a management network.
At least one network must be selected. All networks in the server group are displayed. Only a load balancer that has access to the selected networks will be allocated. The attributes of a load balancer that you can select for a server group are as follows: High Availability Requests a load balancer in a redundant configuration. This means that there are two or more load balancers that back up and monitor each other.
Table 2 ioexec create and delete load balancer group commands ioexec command Description creategroup logicalloadbalancer Creates a group in a logical load balancer. A group describes a service to load balance deletegroup logicalloadbalancer Deletes a group from a logical load balancer, and removes all group members NOTE: The create logical load balancer operation using the SOAP API or the ioexec CLI requires administrator approval.
-s example-io-service IO service name in which to add the logical load balancer group -l LogicalLoadBalancer: Logical load balancer ID, located on the on the Services 00000000-0000-0000-0000-000000000000 tab. To view the ID, select a service and click Details, then select the Load Balance tab -g http-group Name of the group to be added to the load balancer. This is an arbitrary name specified by an administrator for easy recognition -P http Type of protocol the application service will use -a 10.1.
C:\> ioexec removegroupmember logicalloadbalancer -s example-io-service -l LogicalLoadBalancer:00000000-0000-0000-0000-000000000000 -g http-group -a 192.168.200.10 -u administrator Viewing details of a load balancer Details of a load balancer associated with a service are shown on the Services tab of the infrastructure orchestration console, self service portal, and organization administrator portal. Select a service and click Details, then select the Load Balance tab.
Table 4 Load Balance tab details (continued) Load Balance tab Description IP Address Virtual (external) IP address associated with the DNS name of the service. Members A comma separated list of IP address and port pairs. Each pair describes a server that serves the actual content of the service (website, ftp site, database, and so on). These are IP addresses of the servers in the server group.
http://www.hp.com/go/matrixoe/docs Configuring infrastructure orchestration resources in Systems Insight Manager After installing infrastructure orchestration, a member of the HPIO_Administrators Windows group can log in to the infrastructure orchestration console through Systems Insight Manager. HPIO_Administrators can then set up resources to allow provisioning. To log in to the infrastructure orchestration console, in Systems Insight Manager, select Tools→Infrastructure orchestration.
NOTE: When the Requests tab is first displayed, no requests are displayed until an administrator or user has submitted a request and the request is in-progress or completed. Before using infrastructure orchestration, set up server pools and networks, and verify the Users and Software tabs using the infrastructure orchestration console.
Add information about the network and available IP resources on the Edit Networks page. Depending on your configuration, not all fields are required. The user interface helps guide you through the process. NOTE: 3. Matrix infrastructure orchestration supports IPv6 with the following restrictions. • Physical or virtual servers can be automatically provisioned using DHCP address pools. Automatic IPv6 address configuration using static assignment or an address range is not supported.
4. 5. After adding the appropriate information to the tabbed areas of the Edit Networks screen, add the IP ranges for use by infrastructure orchestration. • To add DHCP address space, click the up arrow in the DHCP Addresses area, or enter the number of DHCP addresses to make available to infrastructure orchestration. • To add static address space, click New. A dialog appears for the range. Enter a Start and End address (inclusive), and then click OK. When finished setting up a network, click Save.
adding the NICs to a vSwitch). This is best accomplished through naming conventions and customized Operations Orchestration workflow scripts to configure the OS networking. • A VLAN is carried by one or more Virtual Connect tunnel networks or other trunk networks in the environment. A VLAN cannot be a trunk network.
Following is an example of a Virtual Connect tunnel trunk configuration. Physical networks discovered from Virtual Connect are represented as a subnet whether they are a single network or a tunneled trunk network carrying multiple subnets. Matrix infrastructure orchestration represents Virtual Connect networks based on the VC network configuration.
• Cannot be mapped to a multi-network VC profile NIC port • Cannot be part of a shared uplink set Virtual Connect mapped trunk configuration A Virtual Connect mapped trunk configuration enables VC to play a more active role managing traffic on the VLANs, including designating one of the VLANs to handle untagged packets from the VM Host. This constitutes hybrid support for both tagged and untagged networks on the VM Host.
While a request is paused, the administrator can make the necessary modifications to the environment to make the network available for allocation. When the request continues, another attempt is made to allocate the network. The service request continues only when the network resources are available. VLAN carving allows a single template definition to be used by multiple organizations, each having its own VLAN that may not yet be defined until the request is submitted.
3. Define the VLANs that can be carried by one physical network. a. In the infrastructure orchestration console Networks tab, click Create Network. b. Specify a VLAN ID, and set Network Address, Network Mask, Default Gateway, MS Domain, and WINS Servers for that VLAN ID by clicking the appropriate tab and filling in the information. In a multi-home scenario where there are multiple default gateway options, IO determines the default gateway from the network connected to the NIC that is declared as primary.
Configuring trunk and VLAN networks to enable support for Hyper-V VLAN tagging VLAN tagging is the practice of inserting a VLAN ID into network data to identify the VLAN to which the data belongs. CAUTION: Combining tagged and untagged Hyper-V virtual machines on the same virtual network results in network failures. HP recommends that you maintain a homogenous network environment among cooperating Hyper-V VM Hosts.
Non-disruptive (workaround) method The non-disruptive method is a workaround that does not disrupt your existing configuration or existing VM guests. You can continue to use existing vNics created with HP Network Configuration Utility (NCU). (This is intended as a temporary workaround until you can migrate your environment using the disruptive method below.) 1.
ESX resource pools and cloud capacity pools In addition to physical servers and VM Hosts, infrastructure orchestration includes the following types of provisionable resources: • ESX resource pools ESX resource pools are a type of compute resource created using VMware vCenter or the virtual machine management CLI, and are discovered by infrastructure orchestration. ESX resource pools are available for infrastructure orchestration to use to provision virtual machines on a standalone VM Host or in a cluster.
The following server pools are automatically generated and cannot be used for infrastructure service creation. • Unassigned pool contains all resources previously discovered by HP Matrix Operating Environment. You can move resources from the Unassigned pool to another pool only after the resource is licensed for use by infrastructure orchestration. Matrix infrastructure orchestration automatically populates the Unassigned pool after installation with the resources identified by Systems Insight Manager.
2. In New pool name, enter a descriptive name. Select servers from any pool. Remember, during initial infrastructure orchestration configuration, only the Unassigned pool displays resources. IMPORTANT: To be assigned to an organization, a compute resource must be in the service provider Unassigned pool, and cannot be in use.
3. To add a server to a pool, select a server in the list on the left, and then click the >> button. The server moves to the list on the right. NOTE: Unlicensed server blades or virtual machine hosts cannot be moved from the Unassigned pool. Resources can be moved to a pool only after the resource is licensed for use by infrastructure orchestration. For more information, see “Licensing infrastructure orchestration” (page 16). 4. After selecting the resources for the pool, click Save.
5. 76 Assign users to the pool so that infrastructure orchestration can use the new pool. To assign users, select the pool in the list, and then click Modify Users. The Modify Pool Users page appears.
6. Select the user in the Unassigned Users/Groups list and then click >>. Repeat this process for each user. Click Save. The Servers page reappears. To verify that the users are assigned to the pool, select the pool. A list of the assigned users and groups appears at the bottom of the screen. Verifying infrastructure orchestration users and groups The Users tab contains a list of all users and groups authorized to use infrastructure orchestration.
NOTE: The Operations Orchestration workflow authoring tool (OO Studio) may be used to extend the functionality of the reference workflow to support additional management processors as required. Configuring ESA password in Matrix OE visualization Modify ..\Program Files\HP\Virtual Server Environment\conf\esa.properties to include the Operations Orchestration 'Admin' password: esa.oo.admin.password= After making the changes to the esa.
The “inventoryList.xml” file is read from the file system and its contents are then sent directly to the ESA web service. The ESA web service processes the returned XML document and hands it back to logical server management (LSM), which functions as the upper level inventory manager. LSM then makes a second workflow call for each server. serverInfo.xml The file ..\Program Files\HP\Matrix infrastructure orchestration\ esa_extensions\server\serverInfo.
1 68 1 nic0 00:1E:0B:CC:61:B0 vlan84-dhcp-pxe-sa true ProLiant DL380 G5
For each server in the inventoryList.xml file, the “Get Server Info” workflow is invoked. The workflow extracts the detailed server definition from serverInfo.xml, and then uses the server’s management processor to determine the current power state. The server management processor operations are invoked through additional workflows. The persisted power state is updated if required and the resulting server record is returned as an XML document to the ESA web service.
makes use of the serverInfo.xml record to determine the server’s model so that the correct power operation is performed. The same call back pattern is used. At the completion of the workflow, the terminal state of the operation and status information is returned to the ESA web service. Configure management credentials for power control An additional step is required to configure the management credentials for power control. The reference implementation ships with built-in system accounts.
a. b. Edit ..\Program Files\HP\Matrix infrastructure orchestration\conf\ blade_models.properties file. Add the new server model. The server model string is the string entered in the serverInfo.xml file. After making the changes to the blade_models.properties file, restart the HP Matrix infrastructure orchestration Windows service for the changes to take effect.
3 Using Matrix infrastructure orchestration applications Overview Matrix infrastructure orchestration applications support the roles of architect, service provider administrator, organization administrator, and user. • The designer enables an architect to plan and design multi-server, multi-tier infrastructures using a drag-and-drop interface.
Matrix infrastructure orchestration designer maintains a secure cache in the browser of changes made during a design session. If a session times out or the browser is closed, changes are preserved and are available the next time the architect launches infrastructure orchestration designer. Importing and exporting templates Matrix infrastructure orchestration designer allows you to import and export service templates.
Designer interface overview The template editor window contains three major frames: • The Components frame displays the icons for the logical objects used to design a template. • The Existing Templates frame provides a list of available templates. • The right hand frame is a template design area used to build the template by dragging and dropping components on to it. When saving a template, specify a name using letters (A-Z, a-z), numbers (0-9), space, period, underscore, and hyphen.
• Create resource pools for hosting services based on standardized templates and the business forecast. • Collaborate with the business units to register user accounts for access to the infrastructure orchestration self service portal. • Create an organization before an organization administrator can log in to the infrastructure orchestration organization administrator portal.
Displays all the available templates and enables you to view the details of a template, edit a template, create a new template, delete a template, submit a template for provisioning, and assign users to a template. Displays the organizations to which the template has been assigned.
RDP and telnet access depend on network connectivity from the client to deployed servers. Servers deployed to non-routable networks cannot be accessed by RDP and telnet. In addition, for deployed servers that use DHCP, the server host name must be resolvable for a console connection to succeed. To change the screen size for all clients that initiate an RDP session through an instance of IO, change the defaults for desktopwidth and desktopheight in the file ..
3. 4. 5. Copy the 64-bit version of telnet.exe from %windir%\System32 to %windir%\ SysWOW64. Copy %windir%\system32\en-US\telnet.exe.mui to %windir%\SysWOW64\en-US. Restart IE if it is already running. Enabling telnet for Firefox Telnet console is supported for Firefox clients running on Linux and Windows 2008. Clicking the telnet link in Firefox may display a prompt to launch an external application.
• Templates View the templates available to the organization, both published and unpublished, and assign users to a template. Published templates can be used by all organization users. Submit create service requests using a template and the resources assigned to the organization. • Requests View a list of requests and the details of a request submitted by organization users. The organization administrator can cancel a request and approve or reject paused requests.
the ? button in the upper-right portion of the infrastructure orchestration organization administrator portal window. Customizing the organization administrator and self service portals The organization administrator can customize the organization administrator and self service portals from the Organization tab of the organization administrator portal. By default, both portals display the title “HP Matrix infrastructure orchestration” and the HP logo.
1. 2. 3. 4. Review the published templates and decide which template is appropriate for the current objectives. Review the assigned pools and select the resources to use for your service. Submit a request to provision the service. After the administrator approves the request, monitor the service provisioning execution.
The infrastructure orchestration self service portal displays the following tabs: • Home Displays an overview of infrastructure orchestration operations providing statistics, resource usage, and links. • Templates Displays a list of the available templates and enables you to view the details of a template and submit a template for provisioning. Architects and administrators can also use the Templates tab to launch infrastructure orchestration designer allowing them to create or edit templates.
4 Matrix infrastructure orchestration provisioning and allocation Matrix infrastructure orchestration lifecycle operations Matrix infrastructure orchestration covers the IT lifecycle, from the initial design of system configurations to the ultimate repurposing of assets. It enables IT resource requests to be handled in a systemic manner that leverages standard configurations, self service provisioning tools, and automated approval processes.
Delete service operation When deleting a service, the Delete operation automatically deprovisions an existing infrastructure and frees the resources for use in other services. IMPORTANT: Deleting a service deprovisions all servers in the service, and deletes the association of servers, disks, and networks with the service. Any users logged in to any server in the service will be logged off. To delete a service 1. 2. 3.
The following are limitations of the Import VM feature.
11. Click Submit to import the service. Click Cancel to cancel the action, or Back to return to the previous screen. Clicking Submit creates a request that can be viewed on the Requests tab. Add server to group operation To add a server 1. 2. 3. 4.
To remove a server 1. 2. 3. 4. 5. Open the infrastructure orchestration console, self service portal, or organization administrator portal Select the Services or My Services tab Select a service and click Details or View Details From the Actions or Server Actions list, select Remove servers Expand the tree and select the servers you want to remove from the server group NOTE: Reducing a server group to size 0 is not allowed.
When executing this operation, infrastructure orchestration: • Validates the request • Allocates the data disks • Obtains approval • Powers down servers • Makes the new disk visible to the servers • Powers up the servers • Executes custom actions • Sends notifications After successfully completing the operation, infrastructure orchestration provisions the additional disks in to the infrastructure orchestration infrastructure service.
To deactivate servers 1. 2. 3. 4. Open the infrastructure orchestration console, self service portal, or organization administrator portal Select the Services or My Services tab Select a service and click Details or View Details From the Actions or Server Actions list, select Deactivate servers.
• Executes custom actions • Sends notifications Power cycle servers To power cycle servers 1. 2. 3. 4.
When a lease on an infrastructure service expires, infrastructure orchestration deactivates the service. This action preserves all the logical servers in the service, and retains all resource allocations except for physical servers, which are freed for other uses. Deactivating a service is the default policy for handling a lease expiration.
The Total Reconfiguration Cost shows the total changed cost of the increased or decreased number of processors or amount of memory, based on the per unit cost specified on the Configure Server Group Config tab.
machine state. Optionally, you can include the contents of the virtual machine's memory. The state of a physical disk is not preserved when you create a snapshot. NOTE: This operation is supported only for ESX virtual machines. You can access the server snapshot feature from the Services tab in infrastructure orchestration console or on the My Services tab in infrastructure orchestration self service portal. Use server snapshots 1. 2. 3.
NOTE: Currently, you cannot attach physical disks to High Availability Hyper-V virtual machines. You can, however, attach physical disks to non-High Availability Hyper-V virtual machines. For more information, see HP Matrix Operating Environment Logical Server Management User Guide. Provisioning physical servers using local disk Matrix infrastructure orchestration includes support for Virtual Connect logical servers using a local disk for boot.
pool, then the request will fail. (If the IO template has two or more server groups, then IO can place each server group in different server pools.) • The server pool list governs where IO will target. If the server hosting the VM template is in pool B, but pool A is listed first in the provisioning request, then IO will try to find capacity in pool A. Only if there is insufficient capacity in pool A, will IO try pool B for capacity. Pool order overrides the affinity to the VM template.
Excluding disks on a VM Host from the storage pool For VM guests, use shared storage instead of storage that is only local to the host. This enables efficient movement when the VM guest is moved to another VM Host. It is also a best practice to isolate the backing storage for virtual machines on a separate drive from any storage containing hypervisor system files, which results in greater performance. Infrastructure orchestration services can be configured with the devices to be used for provisioning VMs.
The manual tasks are associated with paused states in the infrastructure orchestration automation and include: • Boot disk allocation When LUNs with the required attributes are not available for a Create Service or Add servers to group operation, disk allocation is blocked and the infrastructure orchestration administrator is notified. The operation pauses until the infrastructure orchestration administrator: ◦ Works with a SAN administrator to create the storage.
• ◦ Allocates the data disks ◦ Obtains approval ◦ Power down servers ◦ Makes the new disk visible to the servers ◦ Powers up the servers ◦ Executes custom actions ◦ Sends notifications Data disk scrubbing If a Create Service operation uses manual operating system deployment, the corresponding Delete service operation requires disks to be scrubbed manually.
2. Drag one of each of the Physical Server Group (which includes Physical Storage), and Network components onto the working area. 3. Connect the Physical Server Group to the Network.
4. 112 Set the attributes for each of the components. Right click on the Physical Server Group and select Edit Server Group Configuration. Note the Server Type is “Physical.” The Processor Architecture must match the storage pool entry.
5. Set the Networks attributes for the server group. Specify a Hostname. There are three parts to the physical server's host name. The first part is defined in this service template. The second part is specified by a user's service creation request. The third part is a numeric suffix based on the number of servers created for this server group. The "#" is used in this template as a replacement string indicating where to place the requestor's portion of the host name.
You can specify a network connection as requiring redundancy. When selected, IO automatically configures NICs to the same network. The VC Profile is constructed such that the NICs are distributed across alternate VC-Ethernet modules. IO only assigns auto/static IP addresses to the primary NIC of the redundant pair. The failover NIC will not have an IP address allocated or assigned.
The setting for Redundant SAN paths to disk depends on how you configured your logical server storage pool entries. At least one matching storage pool entry is required for each service provisioned. Those entries may or may not be fully configured with redundant paths. 9. Next, edit the Network component.
10. Select the appropriate network and (optional) specify a cost. Click Show All Network Details for more information about the selected network. 11. Click Customizable to allow certain attributes of the template to be changed. See “Customizing template attributes when a service is created” (page 127) for more information. (Note that the Recoverable check box is not supported for physical server groups.) 12. After you have completed these steps, note that the Validation Status is green.
13. Select the Published box, name the template, and then click Save. This template will now be available for deployment by authorized users. Creating a template with a physical VM Host or ESXi VM cluster The following figure shows the key features of a template that can be provisioned to a physical VM Host or ESXi VM cluster.
Creating a template with a ProLiant or Integrity virtual machine Creating a service template for deploying a VM is similar to the steps for a physical server. 1. Launch infrastructure orchestration designer at https://:51443/hpio/designer/ and click New to begin. 2. Enter a template name and drag a Virtual Server Group (which automatically includes Virtual Storage), and a Network component onto the area where the instructions are displayed. 3. Connect the Virtual Server Group to the Network.
Select Deploy as Linked Servers to deploy the servers in the server group as linked, and adjust the maximum number of servers as required. When this option is selected, the first logical server in a linked clone logical server group is provisioned with both a parent VM and a clone (child) VM. The remaining logical servers in the logical server group are provisioned with only a clone VM. For more information about linked clones, see the following website: www.vmware.com/support/ws55/doc/ws_clone_overview.
DHCP Indicates that IP addresses are allocated dynamically to servers connected to the subnet using DHCP. Static Indicates that the architect assigns the IP addresses used by each server connected to the subnet. Using static IP addresses creates a template that can be provisioned only one time. Automatic Indicates that IO automatically selects the static IP addresses to be allocated from the static IP address range set for the network. NOTE: 7. For HP Integrity VM deployment, use Automatic.
When you use a Windows template, you can also choose a Sysprep file. The Sysprep files for you to select must be located in ..\Program Files\HP\Matrix infrastructure orchestration\conf\sysprep. When you click the Change button, all of the Sysprep files in the directory are displayed. 8. (Optional) On the Load Balance tab, request a load balancer containing the specified attributes to distribute network traffic across servers in a virtual or physical server group.
9. Set the attributes for the Virtual Storage. Note that the Storage Type must be Virtual. Select Disk is bootable to denote that the disk is the boot disk for the server group. • For bootable disks, you can assign a Storage Volume Name to match mounted volume names on a VM Host. Storage Volume Name(s) is an optional feature for the boot disk. Storage volume names are used for every virtual disk attached to the virtual server group. Enter the VM Host storage volume names separated by commas.
11. Click Customizable to allow certain attributes of the template to be changed, and click Recoverable to mark the template for disaster recovery. See “Customizing template attributes when a service is created” (page 127) and “Configuring a disaster recovery (DR) service” (page 47) for more information. 12. After you have completed these steps, note that Validation Status is green. If it is not green, click Show Issues and resolve those items.
13. Select the Published box and then click Save. This template is now available for deployment by authorized users. Creating a template to provision at a cloud service provider In addition to provisioning with on-premise resources, Matrix OE infrastructure orchestration supports provisioning virtual servers to an external cloud service, such as a supported CloudSystem bursting service provider, another CloudSystem, or an HP Matrix KVM Private Cloud.
NOTE: When Systems Insight Manager runs the discovery task, it changes the logical server host name by prefixing the host name with the VM host name and the service template name. For example, if IO provisions a virtual machine named vm1 on a VM Host named VMhost1 using a template named mytemplate, after Systems Insight Manager runs the discovery, the virtual machine host name is changed to VMhost1_mytemplate_vm1.
8. Enter email address(es) to be notified of progress. Separate multiple e-mail addresses with commas or semicolons. Do not use a final semicolon after the last email address. If an email address is not specified, email notifications are sent to the default email account used when infrastructure orchestration was installed. 9. Specify a Hostname. There are three parts to the virtual machine's host name. The first part is defined in this service template.
Customizing template attributes when a service is created When you create a service, you can customize the following attributes: • selected networks • IP address assignment types • memory size • processor count • VM storage volume names NOTE: If volume names are defined in the template, then the customized set of volume names must be a subset of those names. If no volume names are defined, any customization is a subset.
NOTE: Trunk networks (mapped or tunnel) cannot be customized. A trunk network configured in a service template cannot be replaced with another network, nor can a trunk network be used to replace another network. If you specify a network by selecting “Specify desired attributes”, you cannot customize the network when the service is created. Network customization can be performed only on named networks. Customizations affect only the service being created. The template is not changed.
NOTE: Customizing the network assignment type of Integrity VMs to DHCP is not supported. Changes are highlighted in the “approve or reject” e-mail and in the Request Details pane. The Customizable attribute is shown on the Templates tab. You can also use the ioexec CLI or the SOAP API to customize attributes.
NOTE: Customization can be disabled, even if the Customizable option is selected in the template. To disable some customization options, edit settings in the hpio.properties file located in the default location at C:\Program Files\HP\Matrix infrastructure orchestration\conf\hpio.properties. For more information, see “Modifying settings for use with customizable templates” (page 20).
2. Select the Create request in the queue, and click Approve. After the job has been approved, it will automatically proceed to be built and deployed with no further interaction required. 3. As provisioning proceeds, the requesting user can monitor progress of the deployment in the infrastructure orchestration self service portal My Requests tab. When the job completes, the requester receives an e-mail notification.
The virtual machine current status and resources can also be seen in the HP Matrix OE visualization view. (From Systems Insight Manager, select Tools→HP Matrix OE visualization.) As an Administrator, you might want to complete the recognition of the new virtual machine by initiating an Systems Insight Manager discovery operation on the IP address now in use by the new guest (follow the steps in “Managing new logical servers” (page 132)).
3. Use the Insight managed system setup wizard (MSSW) to configure the system to be managed. From Systems Insight Manager, select Configure→Managed system setup wizard. For more information, see the Insight Managed System Setup Wizard Getting Started Guide located at the following website: http://www.hp.com/go/matrixoe/docs NOTE: Cross-technology logical servers are not supported by Matrix infrastructure orchestration.
A Virtual Connect Domain Group defines the boundaries for a set of resources, specifically servers, networks, and SAN volumes. Any resource within a VC Domain Group is visible to or connected to any other resource within the same VC Domain Group. However, connectivity between VC Domain Groups is uncertain.
Deploying an operating system to multi-path storage Matrix infrastructure orchestration can deploy an operating system to a multi-path storage volume. For Insight Control server deployment, Windows operating systems do not require any server deployment modifications. However, for Red Hat Enterprise Linux 5.4, 5.5, and 6.0, modify the default server deployment process by editing the Configure Boot Environment job. Edit the Configure Boot Environment job and add the export kernparm=mpath kernel parameter.
NOTE: The APIs and CLI command can retrieve data only for the last 365 days. Ensure that you save old data before it is more than one year old so that you can access the data, if needed. Specifying fixed costs for templates and services Matrix infrastructure orchestration allows a template architect to add a fixed cost to a template, in addition to server, network, and storage costs. Examples of fixed costs are power or setup costs.
Specifying per-unit costs for resources In infrastructure orchestration designer, right click on the server group to display the Config tab, where you can enter costs per number of servers in the server group, processors per server, and memory size. Costs for a server in an IO template is split into three values: Base Cost per Server Encompasses all of the costs for the server except CPU and memory cost. It may include availability characteristics and type characteristics (physical, virtual, cloud).
In infrastructure orchestration designer, right click on a virtual or physical disk to display the Config tab, where you can enter the cost per disk unit (MB or GB). Specifying costs for services deployed to public cloud providers A template that is deployed to a public cloud service provider can associate a cost value and a cost frequency to the external resources in the same way as for all other resources in a template.
NOTE: The billing code can be modified only on the console. It is read-only on the infrastructure orchestration self service portal and infrastructure orchestration organization administrator portal. Email messages sent for Paused for Approval, Add Servers, and Add Disks display billing code information. If the billing code is not supplied, None is shown.
Enter a value of 1 to convert the template to the global cost unit without changing the values. For example, if the global cost unit is euros and the information in the template contains the correct amounts in euros but is expressed as dollars, enter 1 to convert the template from dollars to euros. Chargeback metrics collected and reported The following table describes the report metrics and their values. Table 7 Chargeback reported metrics Metric Value Allocation time Measured in minutes.
Table 8 Chargeback CLI commands Operation Description get usage Returns usage and cost data for selected services. For daily infrastructure usage data, set the period.type flag to DAILY. To return summarized infrastructure for a period, set the period.type flag to PERIOD. Server, Disk and IP address data is consolidated per infrastructure. get detailedusage Returns detailed usage and cost data for selected services. For daily infrastructure usage data, set the period.type flag to DAILY.
c. Edit the output.xml file with information from a downloaded xsl file to create a report. Sample xsl files are available for download from HP Developer Resource Center for CloudSystem. Following is an example of the output using the downloaded xsl file to display getServiceUsageDetail.
5 Matrix infrastructure orchestration storage management Matrix infrastructure orchestration supports a range of storage provisioning capabilities to appropriately match the customer environment. Administrators can choose to manually define storage pool entries and manually provision storage, or can take advantage of the Matrix Operating Environment integration with HP Storage Provisioning Manager (SPM). SPM is automatically installed as part of Matrix OE.
NOTE: Storage pool entries can be created manually, or infrastructure orchestration can create storage pool entries automatically. In both cases, the storage pool entries can be fulfilled through SPM using pre-provisioned volumes or on-demand provisioning (based on customer need reflected in the storage templates defined in SPM).
◦ boot disks and other private disks are contained in separate storage pool entries Storage requests can be created manually by the user or automatically by Matrix infrastructure orchestration and submitted to SPM for storage service fulfillment. SPM can fulfill with either on-demand or pre-provisioned storage (allowing the user to select from returned candidates, or IO will choose the best candidate). See the HP Storage Provisioning Manager (SPM) User Guide at http://www.hp.
At service creation, infrastructure orchestration attempts to find a suitable storage pool entry. The storage pool entry must fully match the storage requirements for the logical server: number of SAN volumes, size, RAID level, OS type, redundancy, and optionally a set of one or more tags. Unlike the multi-initiator NPIV approach above, infrastructure orchestration is able to perform automatic LUN masking and host mode assignment through SPM.
3. Refresh Matrix OE, synchronizing it with VCEM. To refresh Matrix OE: a. Using Systems Insight Manager, select Tools→HP Matrix OE visualization. Then select Tools→Logical Servers→Refresh. The Refresh Server Resource Information page appears. b. 4. Select Virtual Connect Enterprise Manager (VCEM) and Storage Pool Entries, and then click Refresh. Click Modify→Logical Server Storage Pools.
5. Select the target Virtual Connect portability group from the Portability Group list. For detailed instructions about how to add or modify storage pool entries, see the help for the Manage Storage Pool screen or the HP Matrix Operating Environment Logical Server Management User Guide at the following website: http://www.hp.com/go/matrixoe/docs Predefining storage pool entries in Matrix OE visualization The following example illustrates the selection of a Linux SAN volume to build a storage pool entry.
being used, SPM can create the appropriate storage (and perform automated zoning in a Brocade SAN environment). For more detailed information on the use cases and how storage is managed in Matrix OE visualization, see the HP Storage Provisioning Manager (SPM) User Guide, HP Matrix Operating Environment Logical Server Management User Guide, and the Faster storage provisioning in an HP BladeSystem Matrix and Insight Dynamics environment white paper at the following website: http://www.hp.
Populating the Storage Provisioning Manager catalog To use dynamic SAN volume automation, configure SPM for access to one or more arrays. To start SPM, open an internet browser to https://localhost:8000, where “localhost” is the name of the primary CMS. NOTE: By default, Matrix OE finds and communicates with the SPM service using the host specification of “localhost”. If you want to use SPM from Matrix OE in a clustered environment, edit the C:\Program Files\HP\Virtual Server Environment\conf\lsa\ lsa.
A managed array enables SPM to perform certain storage operations such as gathering property information, changing the hostmode, performing LUN masking, or on-demand provisioning. Unmanaged arrays do not support the automated mechanism to change hostmode and LUN masking or perform on-demand provisioning.
From the left navigation bar, select Volumes, then select volumes to import and press Import Volumes.
information, and those for which the HP Matrix Default Storage Template was chosen. Enabling on-demand provisioning is typically done in conjunction with a capacity constraint (for example, no more than 256 GB) and that constraint applies to all requests using the default template. This allows the constraint to be applied to only on-demand provisioned volumes and not pre-provisioned volumes. • By creating a new template and enabling on-demand provisioning for that new template (with a capacity constraint).
6. Select the Resource Existence requirement in the Template read-only requirements. 7. 8. Click Edit. Change the level from Required to Recommended. Verify that Use existing volume is selected. 9. Click OK to exit the Edit Requirement – Resource Existence dialog. 10. Click OK (or Apply). Physical storage provisioning Matrix infrastructure orchestration displays the storage volumes available for provisioning on the infrastructure orchestration console Storage tab.
These storage templates can be viewed and selected in infrastructure orchestration designer when defining a logical disk in a service template, or you can define logical disk attributes manually. In either case, the storage fulfilling the request might be pre-provisioned or newly created on-demand through SPM. The selected storage template requirements are combined with any user modified or added requirements to formulate the goal that the provisioning process meets.
By default, “Resource Existence” is set to required in the HP Matrix Default Storage Template, so only existing volumes (pre-provisioned storage) are used to satisfy all manually defined storage requests. This includes specifying the logical disk information for a service template (by selecting Specify desired attributes) or manually creating a storage pool entry in Matrix OE visualization logical server management and fulfilling it through SPM.
Virtual storage provisioning The infrastructure orchestration designer Virtual Storage component Config tab allows you to configure a bootable disk or data disk for each server in the server group that is connected to the virtual storage. NOTE: All storage volumes for a virtual machine logical server must be part of the same datastore. File volumes are created on the same disk as the virtual machine's configuration file.
2. If the boot disk reservation cannot be satisfied with a single SPE and independent data volume entries, seek a single SPE that fully matches both the logical server's boot disk and private data disk requirements. (Shared data disks must be contained in their own storage pool entries.) Result: If rule 2 successfully finds an SPE, provision the server(s) with the matched SPE. 3.
b. 3.
6 Multi-tenancy in Matrix infrastructure orchestration Multi-tenancy allows data center resources to be dynamically and securely shared among separate tenants by providing each organization with a virtual infrastructure orchestration system. In Matrix infrastructure orchestration, tenants are known as organizations. For detailed information, see Multi-Tenancy in HP Matrix OE Infrastructure Orchestration and HP CloudSystem Matrix Step-by-Step Guide: Multi-tenancy at http://www.hp.com/go/matrixoe.
◦ Service provider user Can log into the infrastructure orchestration self service portal and initiate requests for provisioning using published templates • Organization The service provider administrator dynamically creates the organization and makes resources available to the organization using the infrastructure orchestration console. See “Creating an organization” (page 163) and “Adding resources to an organization” (page 165) for more information.
Table 9 Resources visible to service provider and organization administrators and users Service provider administrator controls Service provider user access Organization administrator access Organization user/group access Resource Origination Infrastructure orchestration templates Created by IO architect using infrastructure orchestration designer Assign to one or more organizations and/or restrict service provider user/group access Visible if published.
Table 10 Information visible to service provider and organization administrators and users Organization administrator using Organization Administrator Portal Service provider administrator using Console Service provider user using Self Service Portal Users1 Windows users and groups associated with each organization Not visible: Other users Users and groups assigned to the organization Not visible: Other organizations Not visible: Other users Request messages Unrestricted Messages from user’s reque
2. 3. 4. 5. 6. In Organization Name, enter a name for the new organization. Click Add. (Optional) Add organization administrators. Enter the name of a local user, Windows Active Directory (AD) user, or Windows AD group, and click Add User or Add Group as appropriate. (Optional) Add organization users. Enter the name of a local user, Windows AD user, or Windows AD group, and click Add User or Add Group as appropriate. Click Close.
Assigning users to an organization Using the infrastructure orchestration console, the service provider administrator populates the _Administrators and _Users groups by adding pre-existing local Windows users. If the CMS is part of a Windows domain, pre-existing Active Directory users and groups can also be added to the _Administrators and _Users groups.
• A set of infrastructure orchestration templates. An IO template can be assigned to multiple organizations and multiple users within an organization. To make a template accessible to a specific user within an organization, assign the template to both the organization and the user. Template access restrictions do not apply at the individual user level unless template.access.restricted=true is set in the hpio.properties file.
1. 2. On the infrastructure orchestration console tab, assign VLANs organization_1_Production and organization_2_Production to organization_1 and organization_2, respectively. In infrastructure orchestration designer, create a template, and specify the network as follows: a. In the Configure Network tab, select “Specify desired attributes” b. Specify the “Allocation Name Hint:” as “_Production” When a service is created for organization_1, the network will bind to organization_1_Production.
7 Troubleshooting Verifying the CMS configuration Matrix infrastructure orchestration uses the vseassist tool and the Systems Insight Manager Diagnose menu to help identify and resolve any CMS configuration issues. The Check CMS Configuration task performs configuration checks on the CMS. To run this task, from the Systems Insight Manager menu, select Diagnose→Troubleshoot Matrix OE→Check CMS Configuration.
Assign a valid user or user group to the HPIO_Users group. (...
Name Description Cloud Capacity Pool Configuration Verifies that there are cloud capacity pools configured, and displays the number of pools. Software Images Available in Cloud Capacity Pools Verifies that there are cloud software images available, and displays the number of images. Cloud Servers No Longer Managed Checks for cloud servers that appear to have been created by IO but are no longer managed by IO, and displays the names of these unknown cloud servers.
Warning — HP Matrix infrastructure orchestration was successfully installed but the federated CMS feature was not enabled. Refer to the HP Matrix infrastructure orchestration User Guide for information about how to enable federated CMS. Possible cause The CMS IP address cannot be correctly resolved to the CMS FQDN during installation, so the Installer adds the CMS IP address to the managed_cms_list property. However, the managed_cms_list must be configured with the CMS FQDN.
• At least one of the server blades in a referenced user server pool already has a profile assigned. Action • Verify that the infrastructure orchestration server pools referenced in the Create Request contain sufficient suitable servers taking into account all the server, storage and networking requirements of the template. • Check whether or not any servers were moved to the maintenance pool due to a previous provisioning failure. Check for “clean-me” logical servers.
Provisioning request for service has paused Failure message Provisioning request for has paused. Manual data disk allocation is required. Possible cause This error indicates that insufficient LUNs exist to provision the service. Action Create the LUNs and continue provisioning. Timeout occurs while provisioning storage in a multi-disk request Failure message Timeout occurred while provisioning storage.
4. In Matrix OE, refresh storage pool entries on the Tools→Logical Servers→Refresh or Modify→Logical Server Storage Pools screen. The status of the inoperable storage pool entry will change to “Presentation Completed – Available”. Auto-provisioning storage fails with “No matching storage found” error Issue Matrix OE logical server management requests storage from Storage Provisioning Manager that matches the requirements in the IO template.
Could not find server serial number or task for logical server failed Failure message • Could not find server with serial number . • Task for logical server has failed. Logical server job completed with a failure status. Failure: Exception creating connection to: 15.2.50.138; nested exception is: java.net.NoRouteToHostException: No route to host: connect. • Task for logical server has failed.
Provisioning request remains paused during manual storage allocation and a storage pool entry cannot be created Issue A provisioning request remains paused during a manual storage allocation (approximately 5%), and a storage pool entry cannot be created in Matrix OE because the VC Domain Group is not listed on the Storage Pools screen. Possible cause VCDG is using factory default MAC/WWN settings. Matrix OE and infrastructure orchestration do not support a VCDG with factory default MAC/WWN settings.
Cannot deploy Integrity VM guests when gWLM is controlling the host Issue If IO chooses a host controlled by gWLM for deploying an Integrity VM guest service template, the guest cannot start and the following messages appear in the /var/opt/hpvm/common/ command.log: 05/31/12 11:43:45|ERROR|Guest_number|root|Guest Guest_number has been marked as not startable. 05/31/12 11:43:45|ERROR|Guest_number|root|An external manager (gWLM) is managing VMs on this Host.
Service creation fails for physical requests when Windows Server OS is selected Issue Service creation fails when a physical template with Windows Server OS is selected. HP Insight Management WBEM provider installation on the target server hangs. Possible cause An infrastructure orchestration timeout waiting for Insight Control server deployment to complete installation of Insight Management Agentss.
The log file for the connector software that drives Insight Control server deployment (..\Program Files\HP\Systems Insight Manager\logs\Alc1_0.0.log), shows that the operations that perform the customizations are timing out. Action Do one of the following: • Configure Internet Explorer with an explicit proxy server address and appropriate exceptions instead of using an automatic configuration script. Check “Bypass proxy server for local addresses” if the server deployment server is on the CMS.
Virtual service creation Password is blank for Windows 2008 R2 and later provisioned VMs Issue If a VM is provisioned with Windows 2008 R2 OS or above from infrastructure orchestration without setting any password in the Sysprep file, the following occurs: • VM deployed on ESX and ESXi hosts boot up and can be logged in with a blank password. • VM deployed on Hyper-V boot up to prompt the user to set a password.
For ESX, the easiest way to accomplish this is to use the vCenter client to browse the ESX servers datastore, then navigate to the directory and delete the offending directory and directory contents. Unable or failed to delete Failure message • Unable to delete on , VM may still exist. Please clean up the directory manually. • Failed to delete VM from . Please clean up the directory manually.
“Could not retrieve mounted disk drive details” error when deploying a Hyper-V template Failure message When customizing a Hyper-V VM, the error Could not retrieve mounted diskdrive details is displayed. Possible cause Insight Control virtual machine management requires that the boot disk for a Hyper-V VM must be on the disk ide0:0.
The computer restarted unexpectedly or encountered an unexpected error. Windows installation cannot proceed. To install Windows, click OK to restart the computer, and then restart the installation. Possible cause • The environment is not completely configured. • The virtual machine used in the virtual machine management template was not powered off properly. • The vCenter or vSphere is not configured properly for successful customization.
Service creation fails with a virtual machine customization error Issue Create Request fails with a virtual machine customization error. Possible cause • The environment is not completely configured • The virtual machine used in the virtual machine management template was not powered off cleanly If the environment is not completely configured, requests might fail when executing the virtual machine customization step.
{vm_host} may have more than one local disk visible as a target data store. Select a VM host with a single local disk, or update the selected VM host to have just one local disk." Possible cause This error is displayed when the number of concurrent requests for the virtualization type is too high. Action 1. Edit the ..\Program Files\HP\Matrix infrastructure orchestration\conf\ hpio.properties file. 2. Set the values of esx.max.concurrent.requests and/or hyperv.max.concurrent.requests to 5. 3.
Error getting DHCP address during add server request Issue A user cannot allocate DHCP addresses from a particular subnet during an add server request Possible cause This problem occurs when the following conditions are met: • Matrix OE is running in a federated CMS environment • Simultaneous changes are made on subnets (requests allocating IP addresses while the subnet is being edited) • After error messages, a backup/restore process is initiated Action To avoid this issue: • Do not edit a subnet that
Provisioning virtual machine failed with a VM must be powered off for customization error message Issue Provisioning a virtual machine failed with a VM must be powered off for customization error message. Possible cause The Insight Control virtual machine management template that is being used was created when the virtual machine was in a suspended state.
Task for logical server has failed: Service console load average on the source server is greater than the threshold value Failure message Task for logical server has failed. Failure: Service console load average on the source server is greater than the threshold value. Retry the operation later. Possible cause The load average on the source or target VM Host may be too high. Verify this issue by examining the Insight Control virtual machine management log file at: ..
3. A failure in VM delete or other operation like Deactivate resulted in a VM with status “Missing” in SCVMM database. Action 1. Use a different name for VM as a part of service request. OR 2. Go to SCVMM UI and right click delete that particular VM and then trigger the service request again. OR 3. Use a different host for deploying the VM.
Two or more services have the same name in different Organizations. Service-ids are unique across organizations but service-names are not. Possible cause The service name is not unique across all organizations. Action Make sure that your service name is unique before trying to add the service to a Recovery Group. When creating recoverable services, prefix the service name with your organization name and a special character supported in service names to limit the possibility of non-unique service names.
NOTE: When using the mxnode command, enter the root/ for the provisioned server into the global credentials for Systems Insight Manager (Options→Security→Credential→Global Credentials).
Subnet2 is associated with VmHost2 and no others. Based on subnet allocation criteria, Subnet1 is the best choice for LogicalSubnetA. However, if VmHost1 is unsuitable for the LogicalServerGroups associated with LogicalSubnetA, the reservation will fail without Subnet2 being evaluated.
Deactivate, activate, power off, or power on operations Messages displayed when a paused boot disk deployment is cancelled by an administrator Issue What messages are displayed when a paused boot disk deployment is cancelled by an administrator? Possible cause — Action When an administrator cancels a boot disk allocation that is paused, infrastructure orchestration may display two messages on the Request page: • The first message indicates that the boot disk deployment was canceled by an administrator,
The Matrix infrastructure orchestration tool cannot be displayed due to service contact failure Issue When logging into infrastructure orchestration in Systems Insight Manager, an error page appears stating The Matrix infrastructure orchestration tool cannot be displayed. Cannot contact the infrastructure orchestration service running at: Possible cause The infrastructure orchestration service is not running on the CMS.
Networks tab does not retrieve network information Issue The Networks tab does not retrieve any network information, or IO allocation failure and provision failure occurs. Possible causes • VMware vCenter Server credentials are not configured or are lost during an Insight Control virtual machine management update. • VMware vCenter Server is unreachable. Action • Enter the VMware vCenter Server credentials in HP SIM. 1. 2.
Operation on servers under a VCDG did not complete the requested operation Issue An operation on servers under a VCDG did not complete the requested operation. Possible cause Server is not managed by Virtual Connect Enterprise Manager. Virtual Connect Domain Group status must display managed by Virtual Connect Enterprise Manager for infrastructure orchestration to correctly execute operations over its resources.
4. The VC domain group is deleted (verify via VCEM) If a blade is not expected to ever be available again for provisioning, it can be moved to another server pool created especially for unavailable servers (IO contains the built-in Maintenance pool). Moving servers to the Maintenance pool always deactivates the servers Issue Moving servers to the Maintenance pool always deactivates the servers. Possible cause When a server is moved to the Maintenance pool, that resource is deactivated.
get-vmmserver –ComputerName localhost get-template | select -Property Name get-template | select -Property Name, VirtualizationPlatform The templates returning the VirtualizationPlatform as “Hyper-V” will be listed in the infrastructure orchestration Software tab.
Servers “disappear” from server pools Issue Servers “disappear” from server pools. Possible cause Communication problem with one of infrastructure orchestration inventory providers (logical server management or virtual machine management), or a provider service is stopped. Action Matrix infrastructure orchestration periodically retrieves servers (blades and virtual machine hosts) in the managed environment to update the resources that are listed in the infrastructure orchestration server pools.
Reservation failed for logical network Issue Reservation failed for logical network . The IP address(es) xx.xx.xx.xxx must be included in the static IP address range set for the network. Possible cause Static IP addresses defined in a template must be inside in the selected network's static IP address range.
Some template XML hand-editing errors are not caught when importing to infrastructure orchestration designer Issue Some template XML hand-editing errors, for example, Duplicate Logical Server Group boot order, are not caught during infrastructure orchestration designer's Import of a template from XML.
Infrastructure orchestration notification email contains a URL that does not appear as a link in Microsoft Outlook Issue The infrastructure orchestration notification emails contain a URL that does not appear as a link in Microsoft Outlook. Possible cause — Action Manually copy and paste the URL link into a browser.
Editing ESA flows when Operations Orchestration is not installed in the default path Issue If infrastructure orchestration is installed other than in the default path (..\Program Files\HP\ Matrix infrastructure orchestration), the workflows operations must be edited to reference the path where IO is installed. Possible cause Action 1. Select Start→All Programs→Hewlett-Packard→Operations Orchestration→Operations Orchestration Studio. 2.
CMS crash recovery Create Service request does not complete successfully after CMS crash recovery Issue Create Service request does not complete successfully when resumed after CMS is recovered from a crash. Manual steps recommended by IO are inadequate to recover the logical server and re-issue the request successfully. Possible cause VCEM and Virtual Connect Manager (VCM) are out of sync due to a CMS crash that occurred while assigning a server profile. Action • Perform VC Domain maintenance.
Add Disk request for an ESX virtual server does not complete successfully after CMS crash recovery Issue Add Disk request for an ESX virtual server does not complete successfully when resumed after CMS is recovered from a crash. Possible cause A CMS crash occurred while vCenter was creating a virtual disk, causing an incomplete disk creation. Action • Remove the partially created virtual disk file from vCenter. • Refresh server resources from logical server management. • Re-issue the Add Disk request.
Corrective procedures Manually updating the chargeback database Chargeback server is not running Issue If the chargeback server is not running for any reason, the chargeback database will be out of date. Possible cause — Action Execute the Update_Chargeback_DB.py command to force chargeback database population for a given day or sequence of days. Run Update_Chargeback_DB.py located in the default location at ..\Program Files\HP\ Matrix infrastructure orchestration\chargeback.
• C:\Program Files\HP\Matrix infrastructure orchestration\logs\ hpio-controller.log • C:\Program Files\HP\Virtual Server Environment\logs\vselog.lsm.log Resources not displaying and increasing timeouts Issue One or more types of infrastructure orchestration resources (for example, virtual networks) are not displayed in infrastructure orchestration's user interfaces.
4. 5. Verify that the server blade is powered off after completing the above step. Manually power off the blade server, if needed. The server blade may exist in the Servers list, identified by its MAC address (switch to the Hardware or Network view to see the MAC address). Manually delete the server blade from the list. For Insight Control server deployment: 1. Power on the server blade. Cycle the power if the server blade is stuck. 2. 3. 4.
a. b. In the infrastructure orchestration console (accessed from Systems Insight Manager), select the original server blade pool and click Modify. Move the failed server from the infrastructure orchestration Maintenance Pool back to the server blade pool and then save the pool.
In this example, the storage pool entry name is “e5_win_BD_05”. The figure highlights the SAN which is being connected to, as well as the target, and the initiator WWNs. 2. 210 Go to the storage fabric and create the zone. In this example, a switch which exists in “san3” above is connected. The zone should have the same name as the storage pool entry, as is shown by the highlighted entry.
3. Go to the disk array management interface (in this case CommandView managing an EVA) and create a host entry and present the LUN. In the first figure, the host entry that is created on the EVA uses the same name as the storage pool entry. The host entry is assigned the initiator WWN identified in the storage pool entry: 4.
In this example, only a single vdisk is required by the storage pool entry. The names are kept the same across the storage pool entry, the FC zone, the host entry on the array, and the vdisk. This approach supports a strong correlation of the resources in the different tools. It is also possible to define a storage pool entry with multiple LUNs. In this case, the naming of the vdisk could follow a pattern of a common prefix (for example, e10_vc_w2k_1, 2, 3, 4, and so on).
1. To correct this issue, press the CTRL+Q keys to launch the HBA Fast!UTIL utility. The following screen appears: 2. On this screen, press the Enter key. Pressing Enter corrects NVRAM and generates a new checksum. During this process and server reboot, Virtual Connect continues to supply the HBA configuration parameters preventing data loss. After pressing Enter the following screen appears, indicating that the NVRAM has been corrected.
3. Press the ESC key to exit the utility. The following screen appears: 4. Press the Enter key to reboot the system. When the system reboots, all the HBA configuration parameters are resupplied by Virtual Connect and the server returns to normal operation. Increasing VMware Service console memory and CPU shares The memory and CPU shares that are allocated to the VMware Service console may be increased to obtain better performance on the VM Host.
g. Click OK. The changes do not take effect until the ESX host is rebooted. For more information on rebooting an ESX host, see the following VMware KB article: http:// kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC& externalId=1003501. 2. Increase the number of CPU shares assigned to the ESX 3.X or ESX 4.X Service console: a. Log in to vCenter from the Virtual Infrastructure Client with a user that has administrative rights. b.
j. Click OK to apply the values. NOTE: Increasing the reservation value for console may affect the available CPU cycles for the virtual machines on the host.
8 Support and other resources Information to collect before contacting HP Be sure to have the following information available before you contact HP: • Software product name • Hardware product model number • Operating system type and version • Applicable error message • Third-party hardware or software • Technical support registration number (if applicable) How to contact HP Use the following methods to contact HP technical support: • In the United States, see the Customer Service / Contact HP U
With this service, Insight Management software customers benefit from expedited problem resolution as well as proactive notification and delivery of software updates. For more information about this service, see the following website: http://www.hp.com/services/insight Registration for this service takes place following online redemption of the license certificate.
• Ignite-UX Documentation at http://www.hp.com/go/ignite-ux-docs • HP Server Automation (SA) Documentation at http://support.openview.hp.com/selfsolve/ documents Matrix infrastructure orchestration documentation For more information regarding HP Matrix Operating Environment infrastructure orchestration, see the following sources which are available for the current release on the following website: http://www.hp.
Glossary administrator A user who manages users, resource pools, and self service requests through Matrix OE infrastructure orchestration console. allocation A request is assigned server, storage, and network resources based on the criteria defined in the template, resource pools assigned to the user, and the current reservations or allocations of resources completed by HP Matrix Operating Environment infrastructure orchestration.
HP Insight Rapid Deployment software See See HP Insight Control server deployment. . HP SIM See HP Systems Insight Manager. HP Storage Provisioning Manager An optional software solution bundled with Matrix OE that provides a service-centric management interface to storage. HP Systems Insight Manager An HP systems and resources monitoring and management product. HP Virtual Connect Enterprise Manager HP's enclosure-spanning hardware virtualization management software product.
public A subnet that is accessible to the Internet and cannot contain IP addresses in the 192.x.x.x or 10.x.x.x address ranges. RDP See See HP Insight Control server deployment. Formerly HP Insight Rapid Deployment software.. recoverable Is the ability to restore your deployment to the point at which the failure occurred.
Virtual Connect HP's hardware virtualization product, primarily for blade servers. virtual interface An IP address that is used as the single network address to multiple clustered servers executing an application package. A virtual interface is also known as a service IP. Windows Internet Name Service Microsoft's name server and service (similar to DNS for domain names) - mapping between host names and network addresses. WINS See Windows Internet Name Service.
A HP Operations Orchestration communication security This appendix describes the security of the interaction between Matrix infrastructure orchestration and HP Operations Orchestration. Matrix infrastructure orchestration integrates with Operations Orchestration. Operations Orchestration provides customizable workflows that can be called at various points during the life of an infrastructure service.
• User Token – The security token to be used in calls back to infrastructure orchestration. • Date – Date and time at which the flow was triggered by infrastructure orchestration. NOTE: These parameters are required in the workflow definition even if the parameters are not used within the workflow.
• User Pool Notification • Service Lease Notification • Service Recovery • Service Fail Action Service actions Service actions are the stages of infrastructure service that may invoke an Operations Orchestration workflow.
9 Documentation feedback HP is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hp.com). Include the document title and part number, version number, or the URL when submitting your feedback.
Index A accessing infrastructure orchestration console, 87 infrastructure orchestration designer, 84 infrastructure orchestration organization administrator portal, 90 infrastructure orchestration self service portal, 93 Operations Orchestration, 28 Active Directory integration with Insight Management, 17 add disks, 99 add servers, 98 adding user accounts to groups, 18 administrator, 13 allocation, 109 allocation algorithm server, 106 storage, 107 allocation overview, 133 Amazon EC2 cloud provisioning, 50 A
delete service, 96 deployment, 109 Designer components, 86 disaster recovery protection for IO services, 47 disk array presentations configuring, 209 disk deletion, 110 disk scrubbing, 110 DR (disaster recovery protection) enabled services, 47 E edit virtual servers, 103 editing ESA flows, 203 ESA configuration, 77 ESA flows, referencing correct OO install path, 203 ESX cloud resources, 72 ESX resource pools, 72 ESXi cluster provisioning configuring, 60 resource pools, 72 ESXi support Insight Control serve
accessing, 90 customizing, 92 Home page, 90 Networks tab, 91 Organization tab, 91 Requests tab, 91 Servers tab, 91 Services tab, 91 Templates tab, 91 Users tab, 91 infrastructure orchestration self service portal access, 93 accessing, 93 Calendar tab, 94 customizing, 92 Home page, 94 My History tab, 94 My Pools tab, 94 My Requests tab, 94 My Services tab, 94 Templates tab, 94 inoperable storage pool entry, 173, 174 Insight Control, 11 Insight Control server deployment job folders, 33 Insight Control server
creating, 163 identifer, 161 network sharing, 165 users and groups, 161 OS Build Plan Management permissions, 38 overview administrator, 13 architect, 13 automation, 11 console interface, 87 designing, 11 infrastructure orchestration console, 86 infrastructure orchestration organization administrator portal, 160 infrastructure orchestration organization administrator portal interface, 90 infrastructure orchestration self service portal, 92 infrastructure orchestration self service portal interface, 93 integ
in a federated CMS environment, 24 on-demand storage provisioning, 152 storage tags creating in logical server management, 149 support, 218 Support Matrix, 16 supported versions of products to use with infrastructure orchestration, 16 sysprep, 46 system properties, 25 Systems Insight Manager settings, 61 T Telnet Firefox 32-bit running on Windows 64-bit, 90 IE 32-bit running on Windows 64-bit, 89 templates, 42 timeout value, 130 troubleshooting adding servers to services, 192 Console operations, 193 flexin
