HP OneView 1.05 User Guide
Abstract
This guide describes HP OneView features, interfaces, resource model design, and secure working environment. It describes
up-front planning considerations and how to use the HP OneView appliance UI or REST APIs to configure, manage, monitor,
and troubleshoot your data center infrastructure. It also includes information about the SCMB (State-Change Message Bus) and
a step-by-step example that configures a sample data center from start to finish. It is intended for infrastructure administrators,
network administrators, and server administrators that plan, configure, and manage data center hardware and software
throughout its lifecycle, and for backup administrators and operations personnel that monitor and troubleshoot data center
hardware and software.
HP Part Number: 5900-3730
Published: March 2014
Edition: 1
© Copyright 2013-2014 Hewlett-Packard Development Company, L.P.
Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial
Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under
vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products
and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as
constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Acknowledgments
Google™ is a trademark of Google Inc. Java is a trademark of Oracle or its affiliates. Microsoft® is a US registered trademark of Microsoft
Corporation.
Warranty
HP will replace defective delivery media for a period of 90 days from the date of purchase.
Contents
I Learning about HP OneView.......................................................................13
1 Learning about HP OneView..................................................................15
1.1 HP OneView for converged infrastructure management......................................................15
1.2 Hardware and software provisioning features...................................................................16
1.2.1 Server profiles.......................................................................................................17
1.2.2 Groups, templates, and sets...................................................................................17
1.2.3 Streamlined process for bringing hardware under management..................................19
1.2.4 Operating system deployment.................................................................................19
1.3 Firmware and configuration change management features.................................................20
1.3.1 Simplified firmware management.............................................................................20
1.3.2 Simplified configuration change management...........................................................20
1.4 Monitoring and response features...................................................................................20
1.4.1 Data center environmental management...................................................................22
1.4.2 Resource utilization monitoring...............................................................................22
1.4.3 Activity and health management ............................................................................22
1.4.4 Hardware and firmware inventory information..........................................................23
1.5 Backup and restore features...........................................................................................23
1.6 Security features...........................................................................................................24
1.7 Availability features......................................................................................................24
1.8 Graphical and programmatic interfaces..........................................................................25
1.9 Integration with other HP management software...............................................................26
1.10 Open integration.........................................................................................................26
1.11 Convenient licensing model...........................................................................................26
1.12 Networking features....................................................................................................27
2 Understanding the resource model..........................................................29
2.1 Resource model summary diagram..................................................................................29
2.2 Server profiles.............................................................................................................30
2.3 Connection templates...................................................................................................30
2.4 Connections................................................................................................................31
2.5 Server hardware types..................................................................................................31
2.6 Server hardware..........................................................................................................32
2.7 Enclosure groups..........................................................................................................33
2.8 Enclosure types............................................................................................................33
2.9 Enclosures...................................................................................................................34
2.10 Interconnect types.......................................................................................................34
2.11 Interconnects...............................................................................................................35
2.12 Logical interconnect groups..........................................................................................36
2.13 Logical interconnects....................................................................................................37
2.14 Uplink sets.................................................................................................................38
2.15 Networks...................................................................................................................39
2.16 Network sets..............................................................................................................39
2.17 Domains....................................................................................................................40
2.18 Appliance..................................................................................................................40
2.19 Resources related to data center facilities........................................................................41
2.19.1 Data centers........................................................................................................41
2.19.2 Racks.................................................................................................................41
2.19.3 Power delivery devices..........................................................................................42
Contents 3
2.19.4 Unmanaged devices............................................................................................42
3 Understanding the security features of the appliance.................................45
3.1 Securing the appliance..................................................................................................45
3.2 Best practices for maintaining a secure appliance............................................................46
3.3 Creating a login session...............................................................................................47
3.4 Authentication for appliance access...............................................................................47
3.5 Controlling access for authorized users............................................................................48
3.5.1 Specifying user accounts and roles..........................................................................48
3.6 Protecting credentials....................................................................................................48
3.7 Understanding the audit log..........................................................................................48
3.8 Choosing a policy for the audit log................................................................................50
3.9 Appliance access over SSL............................................................................................50
3.10 Managing certificates from a browser............................................................................50
3.10.1 Overview............................................................................................................50
3.10.2 Self-signed certificate...........................................................................................51
3.10.2.1 Verifying a certificate....................................................................................51
3.10.2.2 Downloading and importing a self-signed certificate........................................51
3.10.3 Using a certificate authority..................................................................................52
3.11 Browser best practices for a secure environment...............................................................52
3.12 Nonbrowser clients......................................................................................................52
3.12.1 Passwords...........................................................................................................52
3.12.2 SSL connection....................................................................................................53
3.13 Ports needed for HP OneView.......................................................................................53
3.14 Access to the appliance console...................................................................................53
3.14.1 Enabling or disabling authorized services access.....................................................54
3.14.2 Restricting console access.....................................................................................54
3.15 Algorithms for securing the appliance............................................................................54
3.16 Downloads from the appliance.....................................................................................55
4 Navigating the graphical user interface...................................................57
4.1 Browsers.....................................................................................................................57
4.1.1 Supported browsers...............................................................................................57
4.1.2 Commonly used browser features and settings...........................................................57
4.1.3 Set the browser for US or metric units of measurement................................................58
4.2 About the graphical user interface..................................................................................58
4.3 About the Activity sidebar.............................................................................................60
4.4 Banner and main menu................................................................................................60
4.5 Button functions...........................................................................................................60
4.6 Filters sidebar..............................................................................................................61
4.7 Help sidebar...............................................................................................................61
4.8 Icon descriptions..........................................................................................................62
4.8.1 Status and severity icons........................................................................................62
4.8.2 User control icons.................................................................................................63
4.8.3 Informational icons...............................................................................................63
4.9 Map view screen details...............................................................................................64
4.10 Notifications area.......................................................................................................65
4.11 Log out of the appliance...............................................................................................66
4.12 Search help topics.......................................................................................................66
4.12.1 About help system search results............................................................................67
4.13 Search resources.........................................................................................................67
4.14 View resources according to their health status................................................................69
4.14.1 Reset the health status view...................................................................................70
4 Contents
5 Using the REST APIs and other programmatic interfaces.............................71
5.1 Resource operations......................................................................................................71
5.2 Return codes...............................................................................................................72
5.3 URI format...................................................................................................................72
5.4 Resource model format.................................................................................................72
5.5 Log in to the appliance using REST APIs..........................................................................72
5.6 REST API version and backward compatibility..................................................................73
5.7 Asynchronous versus synchronous operations...................................................................73
5.8 Task resource...............................................................................................................74
5.9 Error handling.............................................................................................................74
5.10 Concurrency control using etags...................................................................................74
5.11 Querying resources and pagination using common REST API parameters............................74
5.12 State Change Message Bus..........................................................................................76
5.13 Developer tools in a web browser.................................................................................76
5.14 PowerShell and Python code sample libraries..................................................................76
6 Accessing documentation and help.........................................................79
6.1 Online help—conceptual and task information as you need it............................................79
6.2 This user guide supplements the online help.....................................................................79
6.3 Where to find HP OneView documentation......................................................................80
6.4 Enabling off-appliance browsing of UI HTML help and REST API HTML help.........................80
II Planning tasks..........................................................................................83
7 Planning your data center resources........................................................85
7.1 How many data centers?...............................................................................................85
7.2 Security planning.........................................................................................................85
7.3 Preparing your data center network switches....................................................................85
7.4 Planning your resource names........................................................................................85
7.5 Planning the appliance configuration..............................................................................87
7.5.1 Appliance VM and host requirements.......................................................................87
7.5.2 Planning for high availability..................................................................................87
7.5.3 Location of the appliance.......................................................................................87
7.5.4 Separate networks for data and management...........................................................87
7.5.5 Time clocks and NTP.............................................................................................87
7.5.6 IP addresses.........................................................................................................88
8 Planning for configuration changes.........................................................89
8.1 Configuration changes that require or result in resource outages.........................................89
8.2 Configuration changes that might require changes to multiple resources..............................90
8.2.1 Adding a network.................................................................................................90
8.2.2 Adding an enclosure............................................................................................91
III Configuration quick starts..........................................................................93
9 Quick Start: Initial Configuration.............................................................95
9.1 Process overview..........................................................................................................95
9.2 First time setup: configuration tasks.................................................................................95
Contents 5
10 Quick Start: Adding a network to an existing appliance environment.........99
10.1 Process....................................................................................................................100
11 Quick Start: Adding an enclosure and connecting its server blades to
networks...............................................................................................103
11.1 Checklist: connecting a server blade to a data center network.........................................103
11.2 Scenario 1: Adding the enclosure to an existing enclosure group.....................................104
11.3 Scenario 2: Defining network connectivity before the enclosure is added..........................105
11.4 Scenario 3: Defining network connectivity as you add the enclosure................................106
12 Quick Start: Configuring an enclosure and server blade for Direct attach to
an HP 3PAR Storage System....................................................................109
12.1 Process....................................................................................................................110
13 Quick Start: Adding an HP ProLiant DL rack mount server.......................111
13.1 Process....................................................................................................................111
14 Quick Start: Adding an active/active network configuration....................113
14.1 Process....................................................................................................................114
15 Quick Start: Migrating from an active/standby to an active/active network
configuration.........................................................................................117
15.1 Process....................................................................................................................117
IV Configuration and management..............................................................119
16 Managing server hardware and server profiles.....................................121
16.1 Managing server hardware........................................................................................121
16.1.1 Roles................................................................................................................122
16.1.2 Tasks for server hardware...................................................................................122
16.1.3 Server hardware features supported by the appliance.............................................122
16.1.4 Prerequisites for bringing server hardware under management.................................123
16.1.5 About server hardware.......................................................................................123
16.1.5.1 How the appliance handles unsupported hardware.........................................124
16.1.5.2 About unsupported server hardware.............................................................124
16.1.5.3 About unmanaged devices..........................................................................124
16.1.6 Tasks for server hardware types...........................................................................125
16.1.7 About server hardware types...............................................................................125
16.1.8 Effects of managing server hardware iLOs.............................................................125
16.2 Managing server profiles...........................................................................................125
16.2.1 Roles...............................................................................................................126
16.2.2 Tasks for server profiles......................................................................................126
16.2.3 About server profiles..........................................................................................126
16.3 Learning more..........................................................................................................127
17 Managing licenses............................................................................129
17.1 UI screens and REST API resources...............................................................................129
17.2 Roles.......................................................................................................................129
6 Contents
17.3 Tasks for licenses......................................................................................................129
17.4 About licensing........................................................................................................129
17.4.1 License types.....................................................................................................129
17.4.2 License delivery.................................................................................................130
17.4.3 License reporting...............................................................................................130
17.4.4 View license status............................................................................................130
17.5 Server hardware licensing..........................................................................................131
17.5.1 Server blade licensing at the enclosure level..........................................................131
17.5.2 Rack mount server licensing................................................................................132
17.5.3 Licensing and utilization statistics.........................................................................133
17.5.4 Licensing scenarios............................................................................................133
18 Managing networks and network resources..........................................135
18.1 About network connectivity.........................................................................................135
18.2 About network sets...................................................................................................135
18.3 About Fibre Channel networks...................................................................................136
18.3.1 Fibre Channel network types...............................................................................137
18.3.2 Fabric attach Fibre Channel networks..................................................................137
18.3.3 Direct attach Fibre Channel networks...................................................................137
18.3.4 Fibre Channel networks and FCoE......................................................................138
18.3.5 Managing Fibre Channel networks (SANs)...........................................................138
18.3.5.1 Roles........................................................................................................138
18.3.5.2 Tasks for Fibre Channel networks.................................................................138
18.4 About Ethernet networks............................................................................................138
18.4.1 Ethernet networks and VLAN IDs.........................................................................138
18.4.2 Managing Ethernet networks..............................................................................139
18.4.2.1 Roles........................................................................................................139
18.4.2.2 Tasks for Ethernet networks.........................................................................139
18.5 Data center switch port requirements...........................................................................139
18.6 Learning more..........................................................................................................140
19 Managing interconnects, logical interconnects, and logical interconnect
groups.................................................................................................141
19.1 Managing enclosure interconnect hardware..................................................................141
19.1.1 Roles.................................................................................................................141
19.1.2 Tasks for interconnects........................................................................................141
19.1.3 About interconnects............................................................................................141
19.1.4 Learning more...................................................................................................142
19.2 Managing logical interconnects and logical interconnect groups.....................................142
19.2.1 Roles................................................................................................................142
19.2.2 Tasks for logical interconnects.............................................................................142
19.2.3 About logical interconnects.................................................................................143
19.2.4 About logical interconnect groups.......................................................................145
19.2.5 About active/active and active/standby configurations..........................................147
19.2.5.1 About active/standby configurations.............................................................147
19.2.5.2 About active/active configurations...............................................................147
19.2.6 About SNMP settings.........................................................................................149
19.2.7 Update the logical interconnect configuration from the logical interconnect group......149
19.2.8 Configure a port to monitor network traffic...........................................................150
19.2.9 Learning more..................................................................................................151
Contents 7
20 Managing enclosures and enclosure groups.........................................153
20.1 Prerequisites for bringing an enclosure under management............................................153
20.2 Roles......................................................................................................................154
20.3 Tasks for enclosures..................................................................................................154
20.4 About enclosures.....................................................................................................154
20.4.1 About unmanaged and unsupported enclosures....................................................155
20.5 About enclosure groups............................................................................................155
20.6 Effects of managing an enclosure...............................................................................155
20.7 Learning more.........................................................................................................156
21 Managing firmware for managed devices............................................157
21.1 About the appliance firmware repository......................................................................157
21.2 About unsupported firmware......................................................................................157
21.3 Tasks for firmware.....................................................................................................158
21.4 The firmware update process......................................................................................158
21.5 Best practices for firmware.........................................................................................159
21.6 Learning more..........................................................................................................160
22 Managing power and temperature......................................................161
22.1 Managing power......................................................................................................161
22.1.1 Roles................................................................................................................161
22.1.2 Tasks for managing power..................................................................................161
22.1.3 About power delivery devices..............................................................................161
22.2 Managing temperature in your data center..................................................................162
22.2.1 Roles...............................................................................................................162
22.2.2 Tasks for data centers........................................................................................162
22.2.3 About data centers............................................................................................162
22.3 Managing racks.......................................................................................................163
22.3.1 Roles...............................................................................................................163
22.3.2 Tasks for racks..................................................................................................163
22.3.3 About racks.....................................................................................................163
22.3.4 Learning more..................................................................................................164
23 Managing users and authentication.....................................................165
23.1 Roles.......................................................................................................................165
23.2 Tasks for managing users and groups.........................................................................165
23.3 About user accounts.................................................................................................165
23.4 About user roles.......................................................................................................166
23.5 Action privileges for user roles....................................................................................166
23.6 About authentication settings.....................................................................................168
23.7 About directory service authentication.........................................................................168
23.8 Managing user passwords........................................................................................169
23.9 Reset the administrator password................................................................................169
23.10 Learning more........................................................................................................170
24 Backing up an appliance...................................................................171
24.1 About backing up the appliance.................................................................................171
24.2 Roles......................................................................................................................172
24.3 Best practices for backing up an appliance.................................................................172
24.4 Determining your backup policy.................................................................................172
24.5 Back up an appliance...............................................................................................173
24.6 Using REST APIs to create and download an appliance backup file................................173
8 Contents
24.7 Creating a custom script to create and download an appliance backup file.....................174
25 Managing the appliance...................................................................175
25.1 Updating the appliance.............................................................................................175
25.1.1 About managing appliance updates.....................................................................175
25.1.2 Roles...............................................................................................................176
25.1.3 Tasks...............................................................................................................176
25.1.4 Learning more...................................................................................................176
25.2 Managing appliance availability...............................................................................176
25.2.1 Best practices for managing a VM appliance........................................................176
25.2.2 Shut down the appliance...................................................................................177
25.2.3 Restart the appliance.........................................................................................177
25.2.4 How the appliance handles an unexpected shutdown............................................177
25.3 Managing the appliance settings...............................................................................178
25.3.1 Roles...............................................................................................................178
25.3.2 Tasks for appliance settings................................................................................178
25.3.3 About appliance SNMP settings.........................................................................178
25.3.4 Learning more..................................................................................................179
25.4 Managing addresses and ID pools.............................................................................179
25.4.1 Roles...............................................................................................................179
25.4.2 Tasks for addresses and identifiers......................................................................179
25.5 Managing the security features of the appliance...........................................................179
25.6 Enabling or disabling HP support access to the appliance.............................................180
25.6.1 Roles...............................................................................................................180
25.6.2 Tasks..............................................................................................................180
25.7 Managing SSL certificates.........................................................................................180
25.7.1 Roles...............................................................................................................180
25.7.2 Tasks...............................................................................................................180
25.7.3 Learning more..................................................................................................180
25.8 Managing the HP public key.....................................................................................181
25.8.1 Roles...............................................................................................................181
25.8.2 Tasks..............................................................................................................181
25.9 Downloading audit logs............................................................................................181
25.9.1 Roles...............................................................................................................181
25.9.2 Tasks...............................................................................................................181
25.9.3 Learning more..................................................................................................181
V Monitoring............................................................................................183
26 Monitoring data center status, health, and performance.........................185
26.1 Daily monitoring.......................................................................................................185
26.1.1 Initial check: the Dashboard................................................................................185
26.1.2 Activities...........................................................................................................185
26.1.3 Utilization graphs..............................................................................................185
26.1.4 Monitor data center temperature..........................................................................186
26.2 Best practices for monitoring data centers....................................................................186
26.2.1 Best practices for monitoring health with the appliance UI.......................................186
26.2.2 Best practices for monitoring health using REST APIs..............................................187
26.3 Managing activities..................................................................................................189
26.3.1 About Activity...................................................................................................189
26.3.2 Activity types: alerts and tasks............................................................................190
26.3.2.1 About alerts..............................................................................................190
26.3.2.2 About tasks..............................................................................................191
Contents 9
26.3.3 Activity states...................................................................................................192
26.3.4 Activity statuses................................................................................................192
26.4 Using the Dashboard screen......................................................................................193
26.4.1 About the Dashboard........................................................................................193
26.4.2 Dashboard screen details..................................................................................193
26.4.3 How to interpret the Dashboard graphs...............................................................193
27 Monitoring power and temperature.....................................................197
27.1 UI power and temperature monitoring..........................................................................197
27.1.1 Monitoring data center temperature......................................................................197
27.1.1.1 Manipulating the view of the data center visualization......................................198
27.1.2 Monitoring power and temperature utilization........................................................199
27.1.2.1 About the Utilization panel...........................................................................199
27.1.2.2 About utilization graphs and meters..............................................................199
27.2 REST API power and temperature monitoring................................................................202
27.2.1 Update enclosure power capacity settings.............................................................202
27.2.2 Update server hardware power capacity settings...................................................202
28 Using the State-Change Message Bus (SCMB)......................................203
28.1 Connect to the SCMB................................................................................................203
28.2 Set up a queue to connect to the HP OneView SCMB exchange.....................................204
28.3 JSON structure of message received from the SCMB.....................................................205
28.4 .NET C# code example............................................................................................206
28.5 Java code example..................................................................................................209
28.6 Python code example...............................................................................................210
28.7 Re-create the AMQP client certificate..........................................................................213
VI Troubleshooting.....................................................................................215
29 Troubleshooting................................................................................217
29.1 Basic troubleshooting techniques.................................................................................218
29.2 Create a support dump file........................................................................................219
29.3 Create a support dump for authorized technical support using REST API scripting..............220
29.4 Troubleshooting the appliance...................................................................................221
29.4.1 First-time setup..................................................................................................221
29.4.2 Appliance cannot access the network..................................................................221
29.4.3 Unexpected appliance shutdown........................................................................221
29.4.4 Appliance update is unsuccessful........................................................................222
29.4.5 Support dump file creation action fails.................................................................222
29.4.6 Certificate action fails.......................................................................................222
29.4.7 Backup file creation or download action fails.......................................................223
29.4.8 Restore action fails............................................................................................224
29.4.9 Restart or shutdown failure.................................................................................225
29.4.10 VM does not restart when VM host time is manually set........................................226
29.4.11 Reinstall the remote console...............................................................................226
29.5 Troubleshooting enclosures and enclosures groups........................................................227
29.5.1 Add or remove enclosure is unsuccessful...............................................................227
29.5.2 Add server blade is unsuccessful.........................................................................229
29.5.3 Certificate Error................................................................................................229
29.6 Troubleshooting firmware bundles...............................................................................229
29.6.1 Incorrect credentials...........................................................................................229
29.6.2 Lost iLO connectivity..........................................................................................230
10 Contents
29.6.3 HP SUM errors.................................................................................................230
29.7 Troubleshooting interconnects.....................................................................................230
29.7.1 Interconnect edit is unsuccessful...........................................................................230
29.7.2 Interconnect modules are in Maintenance state.....................................................230
29.8 Troubleshooting licensing..........................................................................................230
29.8.1 Restore a license key that has been erased from an enclosure OA............................230
29.8.2 The license assigned does not match the type specified.........................................231
29.9 Troubleshooting logical interconnects..........................................................................231
29.9.1 I/O bay occupancy errors..................................................................................231
29.9.2 Uplink set warnings or errors..............................................................................231
29.9.3 Physical interconnect warnings and errors............................................................232
29.10 Troubleshooting networks.........................................................................................232
29.10.1 Network create operation is unsuccessful.............................................................232
29.11 Troubleshooting server hardware...............................................................................232
29.11.1 Server add or remove is unsuccessful...................................................................232
29.11.2 Cannot control power on server blade.................................................................233
29.11.3 Lost connectivity to server hardware after appliance restarts...................................233
29.12 Troubleshooting server profiles..................................................................................234
29.12.1 Server profile is not created or updated correctly..................................................234
29.12.2 What to do when you cannot apply the server profile...........................................236
29.12.3 Profile operations fail........................................................................................237
29.13 Troubleshooting user accounts...................................................................................237
29.13.1 Incorrect privileges............................................................................................237
29.13.2 Unauthenticated user or group...........................................................................237
29.13.3 User public key is not accepted.........................................................................238
29.13.4 Directory service not available...........................................................................238
29.13.5 Cannot add directory service.............................................................................238
29.13.6 Cannot add server for a directory service............................................................239
29.13.7 Cannot add directory group..............................................................................239
30 Restoring an appliance from a backup file...........................................241
30.1 Roles......................................................................................................................241
30.2 About restoring the appliance....................................................................................241
30.3 Best practices for restoring an appliance.....................................................................243
30.4 Restore an appliance from a backup file.....................................................................243
30.5 Using REST APIs to restore an appliance from a backup file...........................................245
30.6 Creating a custom script to restore an appliance..........................................................245
30.7 Post-restoration tasks.................................................................................................245
31 Support and other resources...................................................................247
31.1 Gather information before contacting an authorized support representative............................247
31.2 How to contact HP.........................................................................................................247
31.3 Get connected to the HP OneView online user forum..........................................................247
31.4 Software technical support and software updates...............................................................247
31.4.1 Registering for software technical support..................................................................247
31.4.2 Using your software technical support and update service...........................................248
31.4.3 Obtaining HP OneView software and firmware updates..............................................248
31.4.4 Obtaining software and drivers for HP ProLiant products.............................................248
31.4.5 Warranty..............................................................................................................248
31.5 Related information........................................................................................................248
31.6 Submit documentation feedback......................................................................................249
Contents 11
A Step by step: Configuring an example data center using HP OneView..........251
A.1 Tasks you can perform without data center hardware...........................................................251
A.2 Information about the sample data center..........................................................................251
A.2.1 Sample data center hardware...................................................................................251
A.2.2 Data center networks...............................................................................................253
A.2.2.1 Fibre Channel networks....................................................................................253
A.2.2.2 Ethernet Networks...........................................................................................255
A.3 Planning the configuration...............................................................................................256
A.3.1 Planning for installation of the appliance....................................................................256
A.3.2 Planning for network sets.........................................................................................257
A.3.3 Planning for users and roles.....................................................................................257
A.3.4 Planning resource names.........................................................................................258
A.4 Installing the appliance...................................................................................................258
A.5 Provisioning eight host servers for VMware vSphere Auto Deploy..........................................258
A.5.1 Workflow...............................................................................................................258
A.5.2 Downloading the latest firmware bundle and adding it to the appliance........................259
A.5.3 Configuring the networks and network sets.................................................................259
A.5.3.1 Configuring the Fibre Channel SAN networks......................................................259
A.5.3.2 Configuring the Ethernet networks......................................................................260
A.5.3.3 Configuring the network sets.............................................................................262
A.5.4 Creating a logical interconnect group and its uplink sets..............................................264
A.5.5 Creating an enclosure group for vSphere (ESXi) hosts...................................................268
A.5.6 Adding the enclosure..............................................................................................269
A.5.7 Viewing the server hardware types............................................................................269
A.5.8 Creating a server profile to use as a template.............................................................270
A.5.9 Copying the template server profile to eight servers.....................................................275
A.6 Configuring a server blade to boot from the attached HP 3PAR Storage System......................276
A.6.1 Workflow...............................................................................................................276
A.6.2 Creating the Flat SAN networks................................................................................276
A.6.3 Adding the enclosure that is connected to the HP 3PAR Storage System.........................277
A.6.4 Creating the server profile........................................................................................280
A.6.5 Collecting the WWPNs to use when configuring the HP 3PAR Storage System................283
A.7 Bringing an HP ProLiant DL360p Gen8 rack mount server under management........................284
A.7.1 Workflow...............................................................................................................284
A.7.2 Adding the server hardware.....................................................................................285
A.7.3 Powering on the server.............................................................................................285
A.7.4 Viewing information about the server.........................................................................285
A.7.5 Adding a license for the server..................................................................................287
B Using the virtual appliance console...........................................................289
B.1 Using the virtual appliance console....................................................................................289
C Backup and restore script examples..........................................................291
C.1 Sample backup script......................................................................................................291
C.2 Sample restore script.......................................................................................................302
Index.......................................................................................................313
12 Contents
Part I Learning about HP OneView
This part describes HP OneView and its model for data center resources and introduces you to the terms
and concepts used in this document and the appliance online help.
14
1 Learning about HP OneView
Management
software
Servers
Storage
Network
Power and cooling
HP Converged
Infrastructure
1.1 HP OneView for converged infrastructure management
Optimized for collaboration, productivity, and reliability, the HP OneView appliance is designed
to provide simple, single-pane-of-glass lifecycle management for the complex aspects of enterprise
IT—servers, networking, software, power and cooling, and storage.
HP OneView is purpose-built to manage your converged infrastructure and support key scenarios
such as deploying bare-metal servers, deploying hypervisor clusters from bare metal, performing
ongoing hardware maintenance, and responding to alerts and outages. It is designed for the
physical infrastructure needed to support virtualization, cloud computing, big data, and mixed
computing environments.
Architecture
HP OneView is delivered as a virtual appliance running in a VMware vSphere virtual machine.
In contrast to management environments that require predefined serialized workflows and different
tools for different tasks, HP OneView is a scalable resource-oriented solution focused on the entire
life cycle—from initial configuration to on-going monitoring and maintenance—of both logical and
physical resources:
• Logical resources are items such as networks, server profiles, and connections.
• Physical resources are items you can touch, such as server hardware, interconnects, and
enclosures.
Software-defined flexibility—your experts design configurations for efficient
and consistent deployment
The appliance provides several software-defined resources, such as groups and server profiles, to
enable you to capture the best practices of your experts across a variety of disciplines, including
networking, storage, hardware configuration, and operating system build and configuration. By
having your experts define the server profiles and the networking groups and resources, you can
eliminate cross-silo disconnects. By using RBAC (role-based access control) and the groups, sets,
1.1 HP OneView for converged infrastructure management 15
and server profiles established by your experts, you can enable system administrators to provision
and manage thousands of servers without requiring that your experts be involved with every server
deployment.
One tool and one data set—one view
HP OneView combines complex and interdependent data center provisioning and management
into one simplified and unified interface. You use one tool and one model to:
• Provision the data center (page 16)
• Manage and maintain firmware and configuration changes (page 20)
• Monitor the data center and respond to issues (page 20)
The solution also provides core enterprise management capabilities, including:
• Availability features (page 24)
• Security features (page 24)
• Graphical and programmatic interfaces (page 25)
• Integration with other HP management software (page 26)
The appliance manages servers and enclosure networking resources, supports connections from
enclosures to storage, and provides information to help you manage data center power and
cooling:
• Servers are represented and managed through their server profiles. For a brief overview of
server profiles, see “Server profiles” (page 17). For detailed information about server profiles,
see the online help for the Server Profiles screen.
• Storage devices connect to the enclosures using either Fibre Channel Fabric attach (SAN
switch) connections or Fibre Channel Direct attach (flat SAN) connections. For more information
about Fibre Channel network connections for storage, see “About network connectivity”
(page 135).
• Networking is an essential component to provisioning and managing data center servers. For
an overview of the networking features of the appliance, see “Networking features” (page 27).
For detailed information about networking and the resource model, see “Understanding the
resource model” (page 29). If you are migrating a Virtual Connect configuration to HP
OneView, see the white paper in the Enterprise Information Library.
• Environmental management—such as power, cooling, and space planning—requires that you
consider all the equipment in the entire data center, including equipment not managed by HP
OneView. HP OneView consolidates data center power and cooling information into one
interface view. For an overview of the power and cooling management features, see “Data
center environmental management” (page 22).
For an example of using the appliance to manage a data center, see “Step by step: Configuring
an example data center using HP OneView” (page 251).
1.2 Hardware and software provisioning features
After you install the HP OneView appliance and perform the initial configuration tasks, you can
quickly bring existing hardware under management and, using server profiles and other resource
templates, groups, and sets, prepare for and deploy hardware to be added to your data center.
Features for provisioning hardware and bringing resources under management include:
• Server profiles (page 17)
• Groups, templates, and sets (page 17)
16 Learning about HP OneView
• Streamlined process for bringing hardware under management (page 19)
• Operating system deployment (page 19)
1.2.1 Server profiles
A server profile captures key aspects of a server configuration in one place, including firmware
levels, BIOS settings, network connectivity, boot order configuration, iLO settings, and unique IDs.
Server profiles are one of the features that enable you to provision converged infrastructure hardware
quickly and consistently according to your best practices. Server profiles enable your experts to
specify a server configuration before the server arrives, enabling your administrators to quickly
bring a new server under management when the server hardware is installed.
For example, you can create a server profile that is not assigned to a particular server, but specifies
all the configuration aspects—such as BIOS settings, network connections, and boot order—to use
for a type of server hardware. After the server is installed in an enclosure bay, you can do one of
the following:
• Directly assign the server profile to the enclosure bay.
• Copy the server profile and assign the copy to the enclosure bay.
You can also copy or move a server profile that has been assigned to hardware in an enclosure
bay. If you copy a server profile, you can save it for future use by not assigning the copy to an
enclosure bay.
1.2.2 Groups, templates, and sets
Software-defined infrastructure—such as server profiles, groups, templates, and sets—enable you
to:
• Use your experts to define server and networking configurations for specific environments
before you install data center hardware.
• Provision hundreds of servers quickly and consistently without requiring that your experts take
action for every server you deploy.
• Simplify the distribution of configuration changes across your data center.
Expert design with consistent deployment
Your experts in different technical areas can create templates, groups, and sets with their
configuration best practices built in. Using these resources and server profiles, you can ensure that
the infrastructure for thousands of workloads is provisioned consistently, regardless of who does
the provisioning.
Server profiles capture the server configuration in once place. You can use unassigned server
profiles to rapidly deploy multiple servers with the same configuration. For more information about
server profiles, see “Server profiles” (page 17).
1.2 Hardware and software provisioning features 17
Types of groups and sets
DescriptionGroup or set
Enclosure group
Logical interconnect
group
Uplink set
A group of enclosures that use the same configuration, such network connectivity and firmware
versions for the Onboard Administrator and interconnect modules. All members of an enclosure
group use the same logical interconnect group. When you add an enclosure to the appliance
and assign an enclosure group, the interconnects in the enclosure are configured automatically
according to the logical interconnect group associated with the enclosure group. Enclosure
groups enable administrators to provision multiple enclosures in a consistent, predictable
manner in seconds.
A group of logical interconnects that share the same configuration for network connectivity. A
logical interconnect is the set of physical interconnects and their links, including the following:
• Uplinks to data center networks as mapped by their uplink sets
• Downlinks to the servers
• Stacking links (connections to each other)
When you or your experts define configurations using logical interconnect groups and enclosure
groups:
• Administrators can provision multiple enclosures with consistent network configurations in
seconds
• Network administrators are not required to take action every time an enclosure is installed
because the network configuration is defined by the enclosure group.
A set of physical uplink ports in a logical interconnect that connect to a common set of networks.
All member interconnects of a logical interconnect can contribute physical uplinks to an uplink
set.
Uplink sets can be defined as part of a logical interconnect or a logical interconnect group.
When uplink sets are defined as part of a logical interconnect group, they act as the template
for the uplink sets that are configured automatically when a logical interconnect is added to
the logical interconnect group.
Network set
A set of Ethernet networks, designated by a single name. You can specify a network set instead
of an individual network when you define a connection to data center Ethernet networks in a
server profile. When you specify a network set in a connection, the server can access any of
the networks in that set, including any networks that are subsequently added to that network
set.
Define configurations for specific environments
Groups and templates enable you to define configurations that are specific to the environment you
want to build, such as VMware vSphere virtual hosts, Microsoft Exchange environments, external
or internal web servers, or financial database servers.
For example, to build multiple external web servers:
1. Your networking expert can create logical interconnect groups, uplink sets, networks, and
network sets to establish all of the connection policies between data center networks and the
interconnects managed by the appliance.
2. Your server expert can create enclosure groups, add enclosures, and create server profiles to
establish all of the settings required by an external web server.
3. Your server operators can copy server profiles whenever they need to deploy this type of
server.
18 Learning about HP OneView
Flexibility in design and deployment
HP OneView provides flexibility in the creation of groups, templates, and sets. For example, you
can create a logical interconnect group in these ways:
• Before you add an enclosure to the appliance, you can create a logical interconnect group
that specifies how you want the interconnects to be configured, and an enclosure group that
specifies how you want the enclosure to be configured.
• You can add an enclosure to the appliance and, after the appliance discovers and adds the
interconnect hardware in the enclosure, you can use or modify the default logical interconnect
group that the appliance creates.
Groups, templates, and sets also simplify the distribution of configuration changes across your
data center. For more information about configuration changes, see “Simplified configuration
change management” (page 20).
For more information about resources, including groups, templates, and sets, see “Understanding
the resource model” (page 29).
1.2.3 Streamlined process for bringing hardware under management
HP OneView simplifies the process of bringing the enclosures, interconnects, and server hardware
under management.
For example:
• When you add an enclosure, the appliance automatically detects all of the hardware seated
in the enclosure and prepares it for you to bring under management. For example, the
appliance:
◦ Updates the enclosure Onboard Administrator, Virtual Connect interconnect module, and
server iLO firmware to the minimum version required
◦ Configures each Virtual Connect interconnect module
◦ Configures the Onboard Administrator, which includes configuring NTP (Network Time
Protocol) and configuring an SSO (single sign-on) certificate for UI access
◦ Configures each server iLO, which includes configuring an SSO certificate for UI access
◦ Configures the hardware for monitoring, which includes configuring the automatic
registration of SNMP (Simple Network Management Protocol) traps
• When you add an HP Intelligent Power Distribution Unit (iPDU) power device, the appliance
automatically detects and presents the connected devices so that you can bring the devices
under management.
1.2.4 Operating system deployment
Server profiles and enclosure groups make it easier to prepare a bare-metal server for operating
system deployment.
For example, you can use server profiles in conjunction with deployment tools such as:
• HP Insight Control server provisioning to install an operating system on the server
• VMware vSphere Autodeploy to deploy hypervisors from bare metal and add them to existing
clusters automatically
1.2 Hardware and software provisioning features 19
1.3 Firmware and configuration change management features
1.3.1 Simplified firmware management
The appliance provides fast, reliable, and simple firmware management across the data center.
When you add a resource to the appliance, to ensure compatibility and seamless operation, the
appliance automatically updates the resource firmware to the minimum version required to be
managed by the appliance.
An HP firmware bundle, also known as an SPP (Service Pack for ProLiant), is a tested update
package of firmware, drivers, and utilities. Firmware bundles enable you to update firmware on
server blades, and infrastructure (enclosures and interconnects).
An on-appliance firmware repository enables you to upload SPP firmware bundles and deploy
them across your environment according to your best practices. For example you can:
• View the versions and contents of firmware bundles stored in the firmware repository.
• View the settings of the enclosures and interconnects, if any, that have a specific firmware
bundle installed.
• Set a firmware baseline—a desired state for firmware versions—on a resource, such as a
server profile, or on a group of resources, such as all of the interconnects in a logical
interconnect group.
• Detect when a resource does not comply with the firmware baseline.
• Identify firmware compatibility issues.
• Update firmware for an entire enclosure in minutes.
• Update firmware for individual resources or for groups of resources, such as logical interconnect
groups.
1
1.3.2 Simplified configuration change management
Templates and groups simplify the distribution of configuration changes across your data center.
For example:
• If you add a network to a network set, the network is available for immediate use by all of
the server profiles that have a connection to the network set. You do not need to change or
reapply a server profile.
• You can reduce errors by making multiple and complex changes to a group. Then, for each
member of the group, you can use a single action to update the configuration to match the
configuration of the group.
• The appliance notifies you when it detects that a device does not comply with the current
template or group. You control when and if a device configuration is updated.
• The firmware for physical interconnects is managed using the logical interconnects, ensuring
that the member interconnects have compatible firmware.
1.4 Monitoring and response features
One user interface
You use the same interface you use to provision resources. There are no additional tools or interfaces
to learn.
1. Enclosure groups do not include a firmware baseline; therefore, updates to enclosure firmware are managed on a
per-enclosure basis.
20 Learning about HP OneView
Isolated management network
The appliance architecture is designed to separate the management traffic from the production
network, which increases reliability of the overall solution. For example, your data center resources
remain operational even in the unlikely event of an appliance outage.
Automatic configuration for monitoring
When you add resources to the appliance, they are automatically configured for monitoring, and
the appliance is automatically registered to receive SNMP traps. You can monitor resources
immediately without performing additional configuration or discovery steps.
Agentless and out-of-band management
All monitoring and management of HP ProLiant Gen8 (or later) servers is agentless and out-of-band
for increased security and reliability. For these servers:
• There are no agents to monitor or update.
• The appliance does not require open SNMP ports on the host operating system.
• The appliance does not require an operating system on the host, which frees memory and
processor resources on the host for use by server applications, and enables you to manage
servers that have no host operating system installed.
Management from other platforms using the REST APIs and the SCMB
The REST APIs and the SCMB (State-Change Message Bus) also enable you to monitor the HP
OneView environment from other management platforms. For more information about the SCMB,
see “Using the State-Change Message Bus (SCMB)” (page 203).
Monitoring the environment and responding to issues
Features for monitoring the environment and responding to issues include the following:
• The “Dashboard screen” (page 193), which displays a summary view of data center capacity
and health information
• The “Activity screen” (page 189), which displays and enables you to filter all system tasks and
alerts
• Data center environmental management (page 22)
• Resource utilization monitoring (page 22)
• Activity and health management (page 22)
• Hardware and firmware inventory information (page 23)
1.4 Monitoring and response features 21
1.4.1 Data center environmental management
HP OneView integrates these critical areas for environmental management of the data center:
• Thermal data visualization in 3D
• Power delivery infrastructure representation
• Physical asset location in 3D
DescriptionFeature
Thermal data visualization
Power delivery
infrastructure
representation
Physical asset location
3D data center thermal mapping provides a view of the thermal status of your entire data
center. The appliance collects thermal data from the managed resources in each data center
rack and presents the data graphically, enabling easy identification of hot spots in a rack.
HP OneView collects and reports processor utilization and power and temperature history
for your data center hardware. The appliance monitors power, automatically detects and
reports power delivery errors, and provides precise power requirement information for HP
ProLiant Gen8 servers and HP BladeSystem enclosures that you can use for planning rack
and power usage.
Power Discovery Services enable automatic discovery and visualization of the power
delivery topology for your data center. HP iPDUs enable the appliance to map the rack
power topology automatically. The appliance detects wiring errors—such as lack of
redundancy—and updates electrical inventory automatically when new servers are installed.
The appliance also supports per-outlet power control for remote power cycling of each
iPDU outlet.
You can manually define the power requirements and power topology for devices that do
not support Power Discovery Services.
Location Discovery Services enable the appliance to automatically display the exact 3D
location of HP ProLiant Gen8 servers in HP Intelligent Series Racks, reducing labor time,
lowering operational costs, and eliminating human errors associated with inventory and
asset management.
You can manually define the positions of racks and devices that do not support Location
Discovery Services.
1.4.2 Resource utilization monitoring
HP OneView periodically collects and maintains CPU utilization information for all of the servers
it manages. HP OneView also collects port-level statistics for networking, including transmit, receive,
and error counters. HP OneView displays all of this data using rich UIs and makes the data available
through the REST APIs.
1.4.3 Activity and health management
HP OneView provides streamlined activity monitoring and management. The appliance automatically
registers to receive SNMP traps from all managed resources, and resources added to the appliance
are immediately available for monitoring and management. When the appliance notifies you of
a problem, when possible, it suggests a way to correct the problem.
Using the UI and REST APIs, you can:
• View all activities (alerts and tasks) by description or source, and filter activities using multiple
filter criteria.
• Assign alerts to specific users.
• Annotate activities with notes from administrators, enabling the administrators of the data
center to collaborate through the appliance instead of through outside tools such as email.
22 Learning about HP OneView
• View alerts for a specific resource from the UI screen for that resource or using the REST API
for that resource.
• Automatically forward SNMP traps from managed resources to enterprise monitoring consoles
or centralized SNMP trap collectors.
1.4.4 Hardware and firmware inventory information
HP OneView provides detailed hardware and firmware inventory information about the resources
it manages. You can access the following data through the UI and the REST APIs:
• Summary and detailed views of managed hardware, such as servers, enclosures, and
interconnects.
• Summary and detailed views of firmware bundle contents.
You can use the Smart Search feature of the UI to find specific items in the inventory.
1.5 Backup and restore features
HP OneView provides services to backup an appliance to a backup file, and to restore an appliance
from a backup file.
One encrypted backup file for both the appliance and its database
Backup files are encrypted and contain configuration settings and management data—there is no
need to create separate backup files for the appliance and its database.
Flexible scheduling and an open interface for backup operations
You can create backup files while the appliance is online. Also, you can use REST APIs to:
• Schedule a backup process from outside the appliance.
• Collect backup files according to your site policies.
• Integrate with enterprise backup and restore products.
A backup file is a snapshot of the appliance configuration and management data at the time the
backup file was created. HP recommends that you create regular backups, preferably once a day
and after you make hardware or software configuration changes in the managed environment.
Specialized user role for creating backup files
HP OneView provides a user role specifically for backing up the appliance by permitting access
to other resource views without permitting actions on those resources, or other tasks.
Recovery from catastrophic failures
You can recover from a catastrophic failure by restoring your appliance from the backup file.
When you restore an appliance from a backup file, all management data and most configuration
settings on the appliance are replaced with the data and settings in the backup file, including
things like user names and passwords, audit logs, and available networks.
The state of the managed environment is likely to be different from the state of that environment at
the time the backup file was created. During a restore operation, the appliance reconciles the data
in the backup file with the current state of the managed environment. After the restore operation,
the appliance uses alerts to report any discrepancies that it cannot resolve automatically.
For more information about backing up and restoring an appliance, see “Backing up an appliance”
(page 171).
1.5 Backup and restore features 23
1.6 Security features
CATA (Comprehensive Applications Threat Analysis) is a powerful HP security quality assessment
tool designed to substantially reduce the number of latent security defects. The design of the HP
OneView appliance employed CATA fundamentals and underwent CATA review. To ensure a
secure platform for data center management, the appliance includes feature such as the following:
• Separation of the data and management environments, which is critical to avoid takeover in
DoS (Denial of Service) attacks. For example, the appliance is designed to operate entirely
on an isolated management LAN; access to the production LAN is not required. The managed
devices remain online in the event of an appliance outage.
• RBAC (role-based access control), which enables an administrator to quickly establish
authentication and authorization for users based on their responsibilities for specific resources.
RBAC also simplifies what is shown in the UI:
◦ Users can only view the resources for which they are authorized. For example, the
appliance does not display screens that do not apply to users with the role of Network
administrator, such as the Server Profiles and Server Hardware screens.
◦ Users can initiate actions only for the resources for which they are authorized. For example
users with the role of Network administrator can initiate actions for the network resources
only, and users with the role of Server administrator can initiate actions for the server
resources only.
◦ Users with the role of Infrastructure administrator have full access to all screens and
actions.
• Single sign-on to iLO and Onboard Administrator without storing user-created iLO or Onboard
Administrator credentials.
• Audit logging for all user actions.
• Support for authentication and authorization using an optional directory service such as
Microsoft Active Directory.
• Use of certificates for authentication over SSL (Secure Sockets Layer).
• A firewall that allows traffic on specific ports and blocks all unused ports.
• A UI that restricts access from host operating system users.
• Data downloads that are restricted to support dump files (encrypted by default), encrypted
backup files, audit logs, and certificates.
For detailed security information, see “Understanding the security features of the appliance”
(page 45).
1.7 Availability features
HP OneView separates the management appliance from the managed resources. In the unlikely
event that the appliance experiences an outage, the managed resources continue to run.
HP OneView is delivered as a virtual appliance running in a VMware vSphere virtual machine.
The VMware vSphere Hypervisor provides the virtual machine with high-availability and recovery
capabilities that allow the virtual machine to be restarted on another host in the cluster and to
resume management without disruption to the managed resources.
Configuring the appliance for availability is described in “Managing appliance availability”
(page 176).
24 Learning about HP OneView
1.8 Graphical and programmatic interfaces
The HP OneView appliance was developed to use a single, consistent resource model embodied
in a fast, modern, and scalable HTML5 user interface and industry-standard REST APIs for mobile,
secure access and open integration with other management software.
User interface—efficiency and simplicity by design
The UI is designed for the way you work, providing powerful, easy-to use tools, including the
following:
DescriptionFeature
Dashboard screen
Map view
Smart Search box
Activity feed
Resource-specific
management screens
Provides a graphical representation of the general health and capacity of the resources
in your data center. From the Dashboard you can immediately see the areas that need
your attention
Available from each resource, the Map view enables you to examine the configuration
and understand the relationships between logical and physical resources in your data
center.
The banner of every screen includes the Smart Search feature, which enables you to find
resource-specific information such as specific instances of resource names, serial numbers,
WWNs, and IP and MAC addresses.
The Activity feed gives you a unique perspective into the health of your environment by
interleaving the tasks, alerts, and administrator's notes into a single view. The Activity
feed simplifies the correlation of user activity with system health, allowing for timely
resolution of issues.
These screens enable you to focus on the resources you are authorized to view and
manage. Resource group screens enhance scalability by enabling you to manage multiple
resources as one
The UI provides on-screen hints and tips to help you avoid and correct errors, and provides links
to learn more about the tasks. At the top of each screen, the help icon gives you access to the
entire help system.
For more information about the UI, see “Navigating the graphical user interface” (page 57).
REST APIs—automation and integration
HP OneView has a resource-oriented architecture that provides a uniform REST interface.
The REST APIs:
• Provide an industry-standard interface for open integration with other management platforms.
• Are designed to be ubiquitous—every resource has one URI (Uniform Resource Identifier) and
represents a physical device or logical construct.
• Enable you to automate anything you can do from the UI using your favorite scripting or
programming language.
• Are designed to be highly scalable.
For more information about the REST APIs, see the REST API scripting online help.
For more information about finding online help and other documentation, see “Accessing
documentation and help” (page 79).
1.8 Graphical and programmatic interfaces 25
1.9 Integration with other HP management software
Onboard Administrator
HP OneView interacts seamlessly with the Onboard Administrator to provide complete management
of HP BladeSystem c7000 enclosures. A user’s Onboard Administrator privileges are determined
by the role assigned to the user’s HP OneView appliance account.
HP Integrated Lights-Out
HP OneView interacts seamlessly with the iLO management processor to provide complete
management of HP servers. HP OneView automatically configures the iLO according to the settings
specified by the server profile. HP OneView configures seamless access to the iLO graphical remote
console, enabling you to launch the iLO remote console from the HP OneView UI in a single click.
Your iLO privileges are determined by the role assigned to your HP OneView appliance account.
HP Insight Control server provisioning
HP OneView server profiles enable you to configure servers for PXE boot. Insight Control server
provisioning, an optional product, can then install an operating system on the server using either
scripted installation or captured image deployment.
1.10 Open integration
The single, consistent resource model, REST APIs, and SCMB (State-Change Message Bus) enable
you to use scripting to integrate HP OneView with other enterprise applications to address user
needs and perform tasks such as:
• Automating standard workflows and troubleshooting steps
• Automating integrations with other software, such as a CMDB (content management database)
• Connecting to service desks
• Monitoring resources, collecting data, and mapping and modeling systems
• Exporting data to formats that suit your needs
• Attaching custom databases, data warehouses, or third-party business intelligence tools
• Integrating in-house user customizations
The SCMB is an interface that uses asynchronous messaging to notify subscribers of changes to
managed resources—both logical and physical. For example, you can program applications to
receive notifications when new server hardware is added to the managed environment or when
the health status of physical resources changes—without having to continuously poll the appliance
for status using the REST APIs.
For more information about the SCMB, see “Using the State-Change Message Bus (SCMB)”
(page 203).
1.11 Convenient licensing model
HP OneView provides a convenient and flexible licensing model:
• Purchasing HP OneView integrated with your hardware provides the best experience—a fully
automatic approach to license redemption and registration. Your software license for HP
OneView and iLO Advanced is delivered embedded in the hardware you purchase, including
these options:
◦ A license bundle for 16 servers embedded in the enclosure Onboard Administrator.
◦ A license for a single server embedded in the server iLO.
26 Learning about HP OneView
When you add hardware with an embedded license to the appliance, the appliance
automatically applies the license. Your software license is also automatically registered for
support when the hardware is registered.
• You can also purchase and activate licenses separately, enabling you to add licenses for
existing hardware.
• If you already have an iLO Advanced license for a server, you can purchase an HP OneView
license that does not include the iLO Advanced license.
The appliance stores licenses in a pool and applies licenses to server hardware as needed. You
can view information about the number of licenses available, the number of licensed servers, and
the number of servers that require a license.
1.12 Networking features
The HP OneView appliance provides several networking features to streamline the provisioning
of networking resources for server blades and to manage configuration changes, including firmware
updates, to Virtual Connect interconnect modules.
Supported networks
The Virtual Connect interconnect modules in enclosures support the following types of data center
networks:
• Ethernet for data networks
• Fibre Channel for storage networks, including Fibre Channel Fabric attach (SAN switch)
connections, and Fibre Channel Direct attach (Flat SAN) connections to supported HP 3PAR
storage systems.
Logical interconnects
The appliance enables you to define multiple enclosure interconnect modules as a single
administrative entity called a logical interconnect, which provides universal access to data center
Ethernet networks from all servers connected to any member interconnect. A logical interconnect
is the set of physical interconnects and their links, including the following:
• Uplinks to data center networks as mapped by their uplink sets
• Downlinks to the servers
• Stacking links (connections to each other)
Logical interconnect groups
A logical interconnect group is a collection of logical interconnects that have the same configuration
for features such as the following:
• Stacking domain
• Firmware
• Uplink sets
• Uplink port redundancy and fault tolerance
When you add an enclosure and associate it with an enclosure group, the enclosure is automatically
configured according to the logical interconnect group associated with the enclosure group. This
feature enables you to provision hundreds of enclosures consistently and efficiently.
After you create a logical interconnect, it continues to be associated with the logical interconnect
group and reports if its configuration differs from the group.
1.12 Networking features 27
Network sets
You can define a collection of Ethernet data center networks to be identified by a single name,
called a network set. You can specify a network set instead of an individual network when you
define a connection from a server to the data center networks. By using network sets, you can
make changes to networks that are members of a network set without having to make changes to
each server profile that uses that network set.
Network sets are useful in virtual machine environments where each server profile connection must
access multiple networks. For example, you can configure a hypervisor with a vSwitch to access
multiple network VLAN IDs by creating a network set as a trunk that includes the networks that
have these VLAN IDs.
For more information about networking resources, see “Understanding the resource model”
(page 29).
For detailed information about the networking model for the HP OneView appliance, see “About
network connectivity” (page 135).
28 Learning about HP OneView
2 Understanding the resource model
Connection
Templates
Network
Sets
or
Domains
Appliance
Networks
Interconnect
Types
Logical
Interconnects
Logical
Interconnect
Groups
Uplink Sets
Uplink Sets
Server
Hardware
Server
Hardware
Types
Power
Delivery
Devices
Racks
Data
Centers
Enclosures
Enclosure
Groups
Enclosure
Types
I/O
Bay
I/O
Bay
Device
Bay
Device
Bay
Interconnects
Connections
Server
Profiles
The HP OneView appliance uses a resource model that reduces complexity and simplifies the
management of your data center. This model provides logical resources, including templates,
groups, and sets, that when applied to physical resources, provides a common structure across
your data center.
High-level overview
• Resource model summary diagram (page 29)
Server resources
• Server profiles (page 30)
• Connections (page 31)
• Connection templates (page 30)
• Server hardware (page 32)
• Server hardware types (page 31)
Network provisioning resources
• Enclosure groups (page 33)
• Enclosure types (page 33)
• Enclosures (page 34)
• Interconnect types (page 34)
• Interconnects (page 35)
• Logical interconnect groups (page 36)
• Logical interconnects (page 37)
• Uplink sets (page 38)
Network resources
• Networks (page 39)
• Network sets (page 39)
Appliance resources
• Appliance (page 40)
• Domains (page 40)
Data center power and cooling management resources
• Data centers (page 41)
• Racks (page 41)
• Power delivery devices (page 42)
• Unmanaged devices (page 42)
Learn more
• For a complete list of resources, see the HP OneView REST API
Reference in the online help.
• For information about using this appliance, see the other chapters
in this guide and the online help.
2.1 Resource model summary diagram
The following figure summarizes some of the most frequently used resources and shows the
relationships between them.
Figure 1 Resource model summary diagram
2.1 Resource model summary diagram 29
The UI and REST APIs are organized by resource. The documentation for the UI and REST APIs are
also organized by resource.
To view the complete list of resources, see the HP OneView REST API Reference in the online help.
The following sections introduce the resources shown in Figure 1 (page 29).
2.2 Server profiles
Server profiles capture key aspects of the server configuration in one place, enabling you to
provision converged infrastructure hardware quickly and consistently according to your best
practices.
A server profile can contain the following configuration information about the server hardware:
• Basic server identification information
• Connections to Ethernet networks, Ethernet network sets, and Fibre Channel networks
• Firmware versions
• BIOS settings
• Boot order
• Physical or virtual UUIDs (universally unique identifiers), MAC (media access control) addresses
and WWN (World Wide Name) addresses
Relationship to other resources
A server profile is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more connection resources. You use a connection resource to specify connection from
the server to a network or network set. If you do not specify at least one connection, the server
cannot connect to data center networks. The networks and network sets that are available to
a server profile connection depend on the configuration of the logical interconnect of the
enclosure that contains the server hardware.
• Exactly one server hardware resource, which can be either unassigned or can be located
in a specific enclosure and enclosure bay.
• Exactly one server hardware type resource.
• Exactly one enclosure group resource.
To enable portability of server profiles, a server profile is associated with an enclosure group
resource instead of an enclosure resource. Because enclosures in the enclosure group are
configured identically, you can assign a server profile to any appropriate server hardware,
regardless of which enclosure and bay in the enclosure group contains that server hardware.
UI screens and REST API resources
REST API resourceUI screen
server-profilesServer Profiles
For more information about server profiles, see the online help for the Server Profiles screen.
2.3 Connection templates
A connection template defines default configuration characteristics, such as the preferred bandwidth
and maximum bandwidth, for a network or network set. When you create a network or network
set, the appliance creates a default connection template for the network or network set.
30 Understanding the resource model
Relationship to other resources
A connection template resource is associated with zero or more connection resources. A connection
resource is associated with the appropriate connection template for a type of network or network
set.
UI screens and REST API resources
NotesREST API resourceUI screen
2.4 Connections
A connection is the logical representation of a connection between a server and a network or
network set. Connections are part of server profiles. A connection specifies the following:
• The network or network set to which the server is to be connected
• Configuration overrides (such as a change to the preferred bandwidth) to be made to the
default configuration for the specified network or network set
• Boot order
Relationship to other resources
A connection resource is associated with the following resources in the resource summary
diagram (page 29):
• Exactly one server profile resource.
• Exactly one connection template resource.
• Exactly one network or network set resource. The resources that are available to the connection
depend on the configuration of the logical interconnect of the enclosure that contains the server
hardware.
connection-templatesNone
The UI does not display or refer to connection
templates, but connection templates determine
the default values displayed for the connection
when you select a network or network set.
UI screens and REST API resources
For more information about connections, see the online help for the Server Profiles screen.
2.5 Server hardware types
A server hardware type captures details about the physical configuration of server hardware, and
defines which settings are available to the server profiles assigned to that type of server hardware.
For example, the server hardware type for the HP ProLiant BL460c Gen8 Server Blade includes a
complete set of default BIOS settings for that server blade hardware configuration.
When you add an enclosure to the appliance, the appliance detects the servers installed in the
enclosure and creates a server hardware type for each unique server configuration it discovers.
When you add a unique rack mount server model, the appliance creates a new server hardware
type for that server configuration.
REST API resourcesUI screen
connections and server-profilesServer Profiles
2.4 Connections 31
Relationship to other resources
A server hardware type resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more server profiles
• Zero or more servers of the type defined by that server hardware type
UI screens and REST API resources
For more information about server hardware types, see the online help for the Server Hardware
Types screen.
2.6 Server hardware
Server hardware represents an instance of server hardware, such as a physical HP ProLiant BL460c
Gen8 Server Blade installed in an enclosure, or a physical HP ProLiant DL380p rack server.
For information about the supported server hardware, see the HP OneView Support Matrix.
Relationship to other resources
REST API resourceUI screen
server-hardware-typesServer Hardware Types
A server hardware resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or one server profile. If a server does not have a server profile assigned, you cannot
perform actions that require the server profile resource, such as managing firmware or
connecting to data center networks. However, you can:
◦ Add the server hardware to the appliance, including automatically updating the server
firmware to the minimum version required for management by the appliance.
◦ View inventory data.
◦ Power on or power off the server.
◦ Launch the iLO remote console.
◦ Monitor power, cooling, and utilization.
◦ Monitor health and alerts.
• If the server hardware is a server blade, exactly one device bay of an enclosure. This
association also applies to full-height server blades, which occupy two device bays but are
associated with the top bay only.
• If the server hardware is a rack mount server, zero or one rack resource and zero or more
power delivery devices.
• If the appliance discovers an instance of supported server hardware for which it does not
have a matching server hardware type, the appliance creates a server hardware type for that
server hardware configuration.
32 Understanding the resource model
UI screens and REST API resources
NotesREST API resourceUI screen
For more information about server hardware, see the online help for the Server Hardware screen.
2.7 Enclosure groups
An enclosure group is a logical resource that defines a set of enclosures that use the same
configuration for network connectivity. The same logical interconnect group is used for every
enclosure that is a member of the enclosure group, resulting in identically configured enclosures
and uplinks to data center networks.
By creating enclosure groups and adding enclosures to the group, you can quickly add and manage
many identically configured enclosures.
Relationship to other resources
An enclosure group resource is associated with the following resources in the resource summary
diagram (page 29):
server-hardwareServer Hardware
You use the server hardware resource,
not the server profile resource, to
perform actions such as powering off
or powering on the server, resetting the
server, and launching the HP iLO
remote console. You can launch the HP
iLO remote console through the UI. The
REST APIs do not include an API to
launch the HP iLO remote console.
• Zero or more enclosures
• Zero or more server profiles
• Exactly one logical interconnect group
UI screens and REST API resources
For more information about enclosure groups, see the online help for the Enclosure Groups screen.
2.8 Enclosure types
An enclosure type defines characteristics of a specific HP enclosure hardware model, such as an
HP BladeSystem c7000 Enclosure.
Relationship to other resources
An enclosure type resource is associated with zero or more enclosures.
REST API resourceUI screen
enclosure-groupsEnclosure Groups
2.7 Enclosure groups 33
UI screens and REST API resources
NotesREST API resourceUI screen
2.9 Enclosures
An enclosure is a physical structure that contains server blades, the Onboard Administrator, and
interconnects.
For information about the supported enclosure models, see the HP OneView Support Matrix.
The enclosure provides the hardware connections between the interconnect downlinks and the
installed server blades.
The enclosure interconnects provide the physical uplinks to the data center networks.
When you add an enclosure, the appliance discovers and adds all of the components within the
enclosure, including any installed server blades and any installed interconnects.
Relationship to other resources
An enclosure resource is associated with the following resources in the resource summary
diagram (page 29):
• Exactly one enclosure group
NoneNone
The UI does not refer to enclosure type,
but the enclosure type is used by the
appliance when you add an enclosure.
The enclosures REST resource
includes an enclosureType attribute.
• Zero or more physical interconnects
• One logical interconnect and one logical interconnect group (through the enclosure’s association
with enclosure groups and interconnects)
• Zero or one rack resource
• Zero or more power delivery devices
UI screens and REST API resources
For more information about enclosures, see the online help for the Enclosures screen.
2.10 Interconnect types
The interconnect type resource defines the characteristics of a model of interconnect, such as the
following:
• Downlink capabilities and the number of downlink ports
• Uplink port capabilities and the number of uplink ports
• Supported firmware versions
REST API resourceUI screen
enclosuresEnclosures
34 Understanding the resource model
Relationship to other resources
An interconnect type resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more interconnects
UI screens and REST API resources
NotesREST API resourceUI screen
2.11 Interconnects
An interconnect is a physical resource that enables communication between hardware in the
enclosure and the data center Ethernet LANs and Fibre Channel SANs. The HP Virtual Connect
FlexFabric 10Gb/24-port Module is an example of a supported interconnect. For a list of supported
interconnects, see the HP OneView Support Matrix.
An interconnect has the following types of ports:
Uplinks
Downlinks
Stacking links
interconnect-typesInterconnects
DescriptionPort type
Uplinks are physical ports that connect the interconnect to the data center networks. For example,
the X2 port of an HP Virtual Connect FlexFabric 10Gb/24-port Module is an uplink.
Downlinks are physical ports that connect the interconnect to the server hardware through the
enclosure midplane.
Stacking links are internal or external physical ports that join interconnects to provide redundant
paths for Ethernet traffic from servers to the data center networks.
The UI does not display or refer to the
interconnect type resource specifically,
but the information is used by the
appliance when you add or manage
an interconnect using the Interconnects
screen.
In the resource model:
• Interconnects are an integral part of enclosures and enclosure groups. The interconnects
installed in an enclosure are added automatically when the enclosure is added to the appliance.
To remove an interconnect from the appliance, you must remove the enclosure from the
appliance.
• Interconnects can also be defined by a logical interconnect group, which in turn defines the
logical interconnect configuration to be used for an enclosure. When you associate an enclosure
with an enclosure group during an add operation, the appliance uses the interconnect
configuration defined by the logical interconnect group that is associated with the enclosure
group. The physical interconnect configuration in the enclosure must match the logical
interconnect group configuration before an interconnect can be managed.
• An interconnect must be a member of a logical interconnect. For an interconnect to be usable,
it must be installed in an enclosure and must be defined as part of a logical interconnect. Each
physical interconnect can contribute physical uplink ports to an uplink set.
• Firmware baselines and firmware updates for physical interconnects are managed by the
logical interconnect.
2.11 Interconnects 35
Relationship to other resources
An interconnect resource is associated with the following resources in the resource summary
diagram (page 29):
• Exactly one enclosure
• Exactly one logical interconnect, and, through that logical interconnect, exactly one logical
interconnect group
UI screens and REST API resources
REST API resourcesUI screen
Interconnects
For more information about interconnects, see the online help for the Interconnects screen.
2.12 Logical interconnect groups
The logical interconnect group represents the physical and logical configuration of connections to
data center networks for each logical interconnect in the group. This configuration includes the
following:
• The interconnect types, interconnect configurations, and interconnect downlink capabilities
• The stacking mode, which reserves the interconnect ports to be used for stacking links
• The uplink sets, which map uplink ports to Ethernet or Fibre Channel networks
• The available networks
In the resource model:
• A logical interconnect group is associated with an enclosure group instead of an individual
enclosure.
• Every enclosure that is a member of an enclosure group has the same network connectivity
as all other enclosures in the enclosure group because their logical interconnects are identically
configured.
interconnects, interconnect-types, and
logical-interconnects
• You can create a logical interconnect group either automatically during an enclosure add
operation, or independently of enclosure add operations. If you add an enclosure without
specifying an existing enclosure group, the appliance creates both an enclosure group and
a logical interconnect group based on the physical interconnects in that enclosure. You can
then edit that enclosure group and that logical interconnect group.
• The uplink sets defined by the logical interconnect group establish the initial configuration of
the uplink sets of each logical interconnect associated with the logical interconnect group. If
you change uplink sets for an existing logical interconnect group:
◦ The updated uplink sets are applied to any new logical interconnects that are added to
the existing logical interconnect group.
◦ Existing logical interconnects are reported as not being consistent with the logical
interconnect group. You can then request that those existing logical interconnects be
updated with the new configuration.
After a logical interconnect has been created and associated with a logical interconnect group, it
continues to be associated with that group and reports if its configuration differs from the group.
You can then change the configuration of the logical interconnect to match the group.
36 Understanding the resource model
Relationship to other resources
A logical interconnect group resource is associated with the following resources in the resource
summary diagram (page 29):
• Zero or more logical interconnects
• Zero or more enclosure groups
The uplink sets defined by a logical interconnect group specify the initial configuration of the uplink
sets of each logical interconnect in the group.
UI screens and REST API resources
For more information about logical interconnect groups, see the online help for the Logical
Interconnect Groups screen.
2.13 Logical interconnects
A logical interconnect is a single entity for multiple physical interconnects
A logical interconnect is a single administrative entity that consists of the configuration of the
interconnects in an enclosure. This configuration includes:
REST API resourceUI screen
logical-interconnect-groupsLogical Interconnect Groups
• Interconnects, which are required for the enclosure to connect to data center networks.
• Uplink sets, which map data center networks to physical uplink ports. If no uplink sets are
defined, the logical interconnect cannot connect to data center networks, and the servers
attached to the downlinks of the logical interconnect cannot connect to data center networks.
• Downlink ports, which connect through the enclosure midplane to the servers in the enclosure.
A logical interconnect includes all of the physical downlinks of all of the member interconnects.
The downlinks connect the interconnects to physical servers. The set of downlinks that share
access to a common set of networks is called logical downlinks.
• Stacking links, which join interconnects either through connections inside the enclosure or
external cables between the stacking ports of the interconnects.
• The firmware baseline, which specifies the firmware version to be used by all of the member
interconnects. The firmware baseline for physical interconnects is managed by the logical
interconnect.
The Network administrator configures multiple paths from server bays to
networks
The Network administrator can ensure that every server bay of an enclosure has two independent
paths to an Ethernet data center network by creating a logical interconnect for which the following
conditions are true:
• The logical interconnect has at least two interconnects that are joined by stacking links.
• The logical interconnect has at least one uplink set that includes uplinks to the network from
at least two physical interconnects.
The appliance detects and reports a configuration or state in which there is only one path (no
redundant paths) to a network or in which there are no paths to a network.
2.13 Logical interconnects 37
The Server administrator is not required to know the details about interconnect
configurations
Because a logical interconnect is managed as a single entity, the server administrator is isolated
from the details of interconnect configurations. For example, if the network administrator configures
the logical interconnect to ensure redundant access from each server bay in the enclosure to each
Ethernet data center network, the server administrator must only ensure that a server profile includes
two connections to a network or to a network set that includes that network.
Relationship to other resources
A logical interconnect resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more interconnects. For a logical interconnect to be usable, it must include at least
one interconnect. If there are zero interconnects, the enclosure and its contents do not have
any uplinks to the data center networks.
• Exactly one logical interconnect group, which defines the initial configuration of the logical
interconnect, including its uplink sets. Using logical interconnect groups, you can easily and
quickly replicate the same logical interconnect configuration across multiple enclosures. After
a logical interconnect is created and associated with a logical interconnect group, it continues
to be associated with that group and reports if its configuration differs from the configuration
of the group. This feature enables you to manage any number of logical interconnects as
though they were one by making all the configuration changes to the logical interconnect
group, and then, for each logical interconnect, using a single action to update the configuration
from the group.
• Zero or more uplink sets, which associate zero or more uplink ports and zero or more networks.
UI screens and REST API resources
Logical Interconnects
For more information about logical interconnects, see the online help for the Logical Interconnects
screen.
2.14 Uplink sets
An uplink set assigns data center networks to uplink ports of interconnects. The uplinks must be
from physical interconnects that are members of the logical interconnect to which the uplink set
belongs. An uplink set is part of a logical interconnect. For each logical interconnect:
• An uplink set cannot include a network set.
• A network can be a member of one uplink set.
• An uplink set can contain one Fibre Channel network.
logical-interconnects and
logical-downlinks
NotesREST API resourceUI screen
You use the logical-downlinks REST
API to obtain information about the common
set of networks and capabilities available
to a downlink.
• An uplink set can contain multiple Ethernet networks.
• You cannot assign two instances of the same network to the same physical port.
Relationship to other resources
An uplink set is part of a logical interconnect or a logical interconnect group.
38 Understanding the resource model
The uplink sets defined by a logical interconnect group specify the configuration for uplink sets
used by logical interconnects that are members of the group. If the uplink sets of a logical
interconnect do not match the uplink sets of the logical interconnect group, the appliance notifies
you that the logical interconnect is not consistent with its group.
UI screens and REST API resources
For more information about uplink sets, see the online help for the Logical Interconnects and Logical
Interconnect Groups screens.
2.15 Networks
A network represents a Fibre Channel or Ethernet network in the data center.
Relationship to other resources
A network resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more connections
REST API resourceUI screen
uplink-setsLogical Interconnects or Logical Interconnect Groups
• Zero or one uplink set per logical interconnect
• For Ethernet networks, zero or more network sets
UI screens and REST API resources
For more information about networks, see the online help for the Networks screen.
2.16 Network sets
A network set represents a group of Ethernet networks identified by a single name. Network sets
are used to simplify server profile configuration. When a connection in a server profile specifies
a network set, it can access any of the member networks. Additionally, if networks are added to
or deleted from a network set, server profiles that specify the network set are isolated from the
change. One common use for network sets is as a trunk for multiple VLANs to a vSwitch.
In the resource model:
• A network set can contain zero or more Ethernet networks.
• An Ethernet network can be a member of zero or more network sets.
REST API resourceUI screen
fc-networks or ethernet-networksNetworks
• A connection in a server profile can specify either a network or a network set.
• A network set cannot be a member of an uplink set.
Other configuration rules apply. For more information about network sets, including specifying the
network to handle untagged traffic, see “About network sets” (page 135).
2.15 Networks 39
Relationship to other resources
A network set resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more connections, and, through those connections, zero or more server profiles
• Zero or more Ethernet networks
UI screens and REST API resources
For more information about network sets, see the online help for the Network Sets screen.
2.17 Domains
The domain resource describes the management domain for the appliance. All resources managed
by the appliance are part of a single management domain.
Relationship to other resources
A domain resource is associated with the following resources in the resource summary
diagram (page 29):
REST API resourceUI screen
network-setsNetwork Sets
• Exactly one appliance
• Zero or more instances of the other resources in the summary diagram (page 29)
UI screens and REST API resources
2.18 Appliance
The appliance resource defines configuration details specific to the appliance (as distinct from the
resources the appliance manages).
Relationship to other resources
An appliance resource is associated with the following resources in the resource summary
diagram (page 29):
• Exactly one domain
• Zero or more instances of the other resources in the summary diagram (page 29)
NotesREST API resourceUI screen
domainsNone
The UI does not display or refer to domains, but the domain resource
provides information about limits such as the total number of networks
that you can add to the appliance. You can use the domains REST
API to obtain information about the domain.
40 Understanding the resource model
UI screens and REST API resources
REST API resourceUI screen
Settings
Several REST API resources are related to the appliance and appliance settings. See the
resources in the following categories in the HP OneView REST API Reference in the online
help:
• Settings
• Security
For more information about various appliance configuration settings, see the online help for the
Settings screen.
2.19 Resources related to data center facilities
2.19.1 Data centers
In the appliance, a data center represents a physically contiguous area in which racks containing
IT equipment—such as servers, enclosures, and devices—are located. You create a data center to
describe a portion of a computer room that provides a useful grouping to summarize your
environment and its power and thermal requirements. A data center resource is often a subset of
your entire data center and can include equipment that is not managed by the appliance. By
representing the physical layout of your data center equipment, including unmanaged devices,
you can use detailed monitoring information provided by the appliance for space planning and
determining power and cooling requirements.
In the appliance, you can:
• View a 3D model of the data center layout that includes a color-coding scheme to help you
identify areas that are too hot or too cold.
• View temperature history data.
• More easily locate specific devices for hands-on servicing.
Relationship to other resources
A data center resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more racks
UI screens and REST API resources
For more information about data centers, see the online help for the Data Centers screen.
2.19.2 Racks
A rack is a physical structure that contains IT equipment such as enclosures, servers, power delivery
devices, and unmanaged devices in a data center. By describing the physical location, size, and
thermal limit of equipment in the racks, you enable space and power planning and power analysis
features for your data center.
REST API resourceUI screen
datacentersData Centers
2.19 Resources related to data center facilities 41
Relationship to other resources
A rack resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or one data centers
• Zero or more enclosures
• Zero or more instances of server hardware (for HP ProLiant DL servers)
• Zero or more unmanaged devices
• Zero or more power delivery devices
UI screens and REST API resources
For more information about racks, see the online help for the Racks screen.
2.19.3 Power delivery devices
A power delivery device is a physical resource that delivers power from the data center service
entrance to the rack components. You create the power distribution device objects to describe the
power source for one or more components in the rack. Power delivery devices can include power
feeds, breaker panels, branch circuits, PDUs, outlet bars, outlets, and UPS devices.
For a complete list of power delivery devices, see the screen details online help for the Power
Delivery Devices screen.
REST API resourceUI screen
racksRacks
Relationship to other resources
A power delivery device resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more racks
• Zero or more unmanaged devices
UI screens and REST API resources
For more information about power delivery devices, see the online help for the Power Delivery
Devices screen.
2.19.4 Unmanaged devices
An unmanaged device is a physical resource that is located in a rack or consumes power but is
not currently managed by the appliance. Some unmanaged devices are unsupported devices that
cannot be managed by the appliance.
By adding unmanaged devices to racks, you can obtain a more complete analysis of space, power,
and cooling in the data center, and you can use the appliance to view hardware inventory
information about these devices.
REST API resourceUI screen
power-devicesPower Delivery Devices
42 Understanding the resource model
All devices connected to an HP Intelligent Power Distribution Unit (iPDU) using an HP Intelligent
Power Discovery (IPD) connection are added to the appliance as unmanaged devices:
• If a device is supported for management by the appliance, you can add that device to the
appliance.
• If a device is not supported for management by the appliance, you can include that device
in power, cooling, and space planning by leaving it in the list of unsupported devices.
Other devices that do not support IPD—such as KVM switches, routers, in-rack monitors and
keyboards—are not added to the list of unmanaged devices automatically. To include these devices
in the appliance, you can add them manually and describe their names, rack positions, and power
requirements.
Relationship to other resources
An unmanaged device resource is associated with the following resources in the resource summary
diagram (page 29):
• Zero or more racks
• Zero or more power delivery devices
UI screens and REST API resources
NotesREST API resourceUI screen
unmanaged-devicesUnmanaged Devices
You can view, add, or edit the properties of
unmanaged devices using either the UI or the REST
APIs. To delete an unmanaged device, you must use
the REST APIs.
For more information about unmanaged devices, see the online help for the Unmanaged Devices
screen.
2.19 Resources related to data center facilities 43
44
3 Understanding the security features of the appliance
Most security policies and practices used in a traditional environment are applicable in a virtualized
environment. However, in a virtualized environment, these policies might require modifications
and additions.
3.1 Securing the appliance
CATA (Comprehensive Applications Threat Analysis) is a powerful HP security quality assessment
tool designed to substantially reduce the number of latent security defects. The design of the
appliance employed CATA fundamentals and underwent CATA review.
The following factors secured (hardened) the appliance and its operating system:
• Best practice operating system security guidelines were followed.
The appliance operating system minimizes its vulnerability by running only the services required
to provide functionality. The appliance operating system enforces mandatory access controls
internally.
◦ The appliance maintains a firewall that allows traffic on specific ports and blocks all
unused ports. See “Ports needed for HP OneView” (page 53) for the list of network ports
used.
◦ Key appliance services run only with the required privileges; they do not run as privileged
users.
◦ The operating system bootloader is password protected. The appliance cannot be
compromised by someone attempting to boot in single-user mode.
• The appliance is designed to operate entirely on an isolated management LAN. Access to the
production LAN is not required.
• The appliance enforces a password change at first login. The default password cannot be
used again.
• The appliance supports self-signed certificates and certificates issued by a certificate authority.
The appliance is initially configured with a self-signed certificate. As the Infrastructure
administrator, you can generate a CSR (certificate signing request) and, upon receipt, upload
the certificate to the appliance. This ensures the integrity and authenticity of your HTTPS
connection to the appliance.
• All browser operations and REST API calls use HTTPS. All weak SSL (Secure Sockets Layer)
ciphers are disabled.
• The appliance supports secure updating. HP digitally signs all updates to ensure integrity and
authenticity.
• Backup files and transaction logs are encrypted.
• Support dumps are encrypted by default, but you have the option to not encrypt them.
3.1 Securing the appliance 45
• Operating-system-level users are not allowed to access the appliance, with the following
exceptions:
◦ A special pwreset command used only if the Infrastructure administrator password is
lost or forgotten. This command requires that you contact your authorized support
representative to obtain a one-time password. For more information, see the online help.
◦ A setting that enables an authorized support representative to obtain a one-time password
so that they can log in to the appliance console (and only the console) to perform advanced
diagnostics.
You can either enable or disable access with this setting.
• HP closely monitors security bulletins for threats to appliance software components and, if
necessary, issues software updates.
3.2 Best practices for maintaining a secure appliance
The following is a partial list of security best practices that HP recommends in both physical and
virtual environments. Differing security policies and implementation practices make it difficult to
provide a complete and definitive list.
• HP recommends a strict separation of the management LAN and production LAN, using VLAN
or firewall technology (or both) to maintain the separation:
◦ Management LAN
All management processor devices (including Onboard Administrators and virtual
connections through an Onboard Administrator, iLOs, and iPDUs) are connected to the
management LAN.
Grant management LAN access to authorized personnel only: Infrastructure administrators,
Network administrators, and Server administrators.
◦ Production LAN
All NICs for managed devices are on the production LAN.
• The appliance is preconfigured so that nonessential services are removed or disabled in its
management environment. Ensure that you continue to minimize services when you configure
host systems, management systems, network devices (including network ports not in use) to
significantly reduce the number of ways your environment could be attacked.
• Ensure that a process is in place to determine if software and firmware updates are available,
and to install updates for all components in your environment on a regular basis.
• Ensure that the security policies and processes address the virtual environment:
Educate administrators about changes to their roles and responsibilities in a virtual
◦
environment.
◦ Restrict access to the appliance console to authorized users. For more information, see
“Restricting console access” (page 54).
◦ If you use an Intrusion Detection System (IDS) solution in your environment, ensure that
the solution has visibility into network traffic in the virtual switch.
◦ Turn off promiscuous mode in the hypervisor and encrypt traffic flowing over the VLAN
to lessen the effect on any VLAN traffic sniffing.
NOTE: In most cases, if promiscuous mode is disabled in the hypervisor, it cannot be
used on a VM (Virtual Machine) guest. The VM guest can enable promiscuous mode, but
it will not be functional.
46 Understanding the security features of the appliance
◦ Maintain a zone of trust, for example, a DMZ (demilitarized zone) that is separate from
production machines.
◦ Ensure proper access controls on Fibre Channel devices.
◦ Use LUN masking on both storage and compute hosts.
◦ Ensure that LUNs are defined in the host configuration, instead of being discovered.
◦ Use hard zoning (which restricts communication across a fabric) based on port WWNs
(Worldwide Names), if possible.
◦ Ensure that communication with the WWNs is enforced at the switch-port level.
• Clearly define and use administrative roles and responsibilities; for example, the Infrastructure
administrator performs most administrative tasks.
• Replace self-signed certificates with your organization's CA-issued certificates. To achieve a
higher level of security for components that are delivered with certificates, populate them with
trusted certificates at deployment time.
• For local accounts on the appliance, change the passwords periodically according to your
password policies. Follow these guidelines:
◦ Limit the number of local accounts. Integrate the appliance with an enterprise directory
solution such as Microsoft Active Directory or OpenLDAP.
◦ Ensure that passwords include at least three of these types of characters:
– Numeric character
– Lowercase alphabetic character
– Uppercase alphabetic character
– Special character
• Do not connect management systems (for example, the appliance, the iLO card, and Onboard
Administrator) directly to the Internet.
If you require access to the Internet, use a corporate VPN (virtual private network) that provides
firewall protection.
• For service management, consider using the practices and procedures, such as those defined
by the Information Technology Infrastructure Library (ITIL). For more information, see the
following website:
http://www.itil-officialsite.com/home/home.aspx
3.3 Creating a login session
You create a login session when you log in to the appliance through the browser or some other
client (for example, using the REST API). Additional requests to the appliance use the session ID,
which must be protected because it represents the authenticated user.
A session remains valid until you log out or the session times out (for example, if a session is idle
for a longer period of time than the session idle timeout value).
3.4 Authentication for appliance access
Access to the appliance requires authentication using a user name and password. User accounts
are configured on the appliance or in an enterprise directory. All access (browser and REST APIs),
including authentication, occurs over SSL to protect the credentials during transmission over the
network.
3.3 Creating a login session 47
3.5 Controlling access for authorized users
Access to the appliance is controlled by roles, which describe what an authenticated user is
permitted to do on the appliance. Each user must be associated with at least one role.
3.5.1 Specifying user accounts and roles
User login accounts on the appliance must be assigned a role, which determines what the user
has permission to do.
The appliance provides the following roles:
• The Infrastructure administrator has full access to view, create, edit, or remove any resources
managed by the appliance, including management of the appliance itself.
The Infrastructure administrator can also manage information provided by the appliance in
the form of activities, events, notifications, and logs.
All privileges are granted to this role so that the Infrastructure administrator can perform any
action on the appliance, including management of deployment content (operating system
build plans and scripts).
• The Server administrator can manage server profiles and templates, enclosures, firmware
drivers, and interconnects; access the Onboard Administrator, physical servers, and vSphere
vCenter registration; and view connections, networks, racks, power, activities, logs, and
notifications.
The Server administrator cannot manage user accounts.
• The Network administrator manages networks, network sets, connections, uplinks, and firmware
drivers; and views activities, logs, and notifications.
The Network administrator cannot manage user accounts.
• The Backup administrator role is provided for scripts using REST APIs to log in to the appliance.
By using this role for backup scripts, you do not expose the Infrastructure administrator
credentials for backup operations.
The Backup administrator cannot restore the appliance from a backup file.
• Users with the Read only role can only view appliance information, such as network settings.
For information on how to add, delete, and edit user accounts, see the online help.
3.6 Protecting credentials
Local user account passwords are stored using a salted hash; that is, they are combined with a
random string, and then the combined value is stored as a hash. A hash is a one-way algorithm
that maps a string to a unique value so that the original string cannot be retrieved from the hash.
Passwords are masked in the browser. When transmitted between appliance and the browser over
the network, passwords are protected by SSL.
Local user account passwords must be a minimum of eight characters, with at least one uppercase
character. The appliance does not enforce additional password complexity rules. Password strength
and expiration are dictated by the site security policy (see “Best practices for maintaining a secure
appliance” (page 46)). If you integrate an external authentication directory service (also known
as an enterprise directory) with the appliance, the directory service enforces password strength
and expiration.
3.7 Understanding the audit log
The audit log contains a record of actions performed on the appliance, which you can use for
individual accountability.
48 Understanding the security features of the appliance
You must have Infrastructure administrator privileges to download the audit log.
Monitor the audit logs because they are rolled over periodically to prevent them from getting too
large. Download the audit logs periodically to maintain a long-term audit history.
Each user has a unique logging ID per session, enabling you to follow a user’s trail in the audit
log. Some actions are performed by the appliance and might not have a logging ID.
A breakdown of an audit entry follows:
DescriptionToken
The date and time of the eventDate/time
The unique identifier of an internal componentInternal component
ID
The organization ID. Reserved for internal useReserved
The login domain name of the userUser domain
The user nameUser name/ID
The user session ID associated with the messageSession ID
The URI of the task resource associated with the messageTask ID
The client (browser) IP address identifies the client machine that initiated the requestClient host/IP
Result
Action
Severity
The result of the action, which can be one of the following values:
• SUCCESS
• FAILURE
• SOME_FAILURES
• CANCELED
• KILLED
A description of the action, which can be one of the following values:
•••• CANCELEDUNSETUPLISTADD
• •••MODIFY LOGINDEPLOYENABLE
•• ••DISABLEDELETE LOGOUTSTART
••• •DONESAVEACCESS DOWNLOAD_START
••• KILLEDSETUPRUN
A description of the severity of the event, which can be one of the following values, listed in
descending order of importance:
• INFO
• NOTICE
• WARNING
• ERROR
• ALERT
• CRITICAL
For REST API category information, see the HP OneView REST API Reference in the online help.Resource category
The resource URI/name associated with the taskResource URI/name
The output message that appears in the audit logMessage
3.7 Understanding the audit log 49
Example 1 Sample audit entries: user login and logout
2013-09-16 14:55:20.706 CST,Authentication,,,administrator,jrWI9ych,,,
SUCCESS,LOGIN,INFO,CREDENTIAL,,Authentication SUCCESS
.
.
.
2013-09-16 14:58:15.201 CST,Authentication,,,MISSING_UID,jrWI9ych,,,
SUCCESS,LOGOUT,INFO,CREDENTIAL,,TERMINATING SESSION
3.8 Choosing a policy for the audit log
Choose a policy for downloading and examining the audit log.
The audit log contains a record of actions performed on the appliance, which you can use for
individual accountability. As the audit log gets larger, older information is deleted. To maintain a
long-term audit history, you must periodically download and save the audit log.
For more information about the audit log, see “Understanding the audit log” (page 48).
3.9 Appliance access over SSL
All access to the appliance is through HTTPS (HTTP over SSL), which encrypts data over the network
and helps to ensure data integrity. For a list of supported cipher suites, see “Algorithms for securing
the appliance” (page 54).
3.10 Managing certificates from a browser
3.10.1 Overview
A certificate authenticates the appliance over SSL. The certificate contains a public key, and the
appliance maintains the corresponding private key, which is uniquely tied to the public key.
NOTE: This section discusses certificate management from the perspective of the browser. For
information on how a non-browser client (such as cURL) uses the certificate, see the documentation
for that client.
The certificate also contains the name of the appliance, which the SSL client uses to identify the
appliance.
The certificate has the following boxes:
• Common Name (CN)
This name is required. By default it contains the fully qualified host name of the appliance.
• Alternative Name
The name is optional, but HP recommends supplying it because it supports multiple names
(including IP addresses) to minimize name-mismatch warnings from the browser.
By default, this name is populated with the fully qualified host name (if DNS is in use), a short
host name, and the appliance IP address.
NOTE: If you enter Alternative Names, one of them must be your entry for the Common
Name.
These names can be changed when you manually create a self-signed certificate or a certificate
signing request.
50 Understanding the security features of the appliance
3.10.2 Self-signed certificate
The default certificate generated by the appliance is self-signed; it is not issued by a trusted certificate
authority.
By default, browsers do not trust self-signed certificates because they lack prior knowledge of them.
The browser displays a warning dialog box; you can use it to examine the content of the self-signed
certificate before accepting it.
3.10.2.1 Verifying a certificate
You can verify the authenticity of the certificate by viewing it with your browser.
After logging in to the appliance, choose Settings→Security to view the certificate. Make note of
these attributes for comparison:
• Fingerprints (especially)
• Names
• Serial number
• Validity dates
Compare this information to the certificate displayed by the browser, that is, when browsing from
outside the appliance.
3.10.2.2 Downloading and importing a self-signed certificate
The advantage of downloading and importing a self-signed certificate is to circumvent the browser
warning.
In a secure environment, it is never appropriate to download and import a self-signed certificate,
unless you have validated the certificate and know and trust the specific appliance.
In a lower security environment, it might be acceptable to download and import the appliance
certificate if you know and trust the certificate originator. However, HP does not recommend this
practice.
Microsoft Internet Explorer and Google Chrome share a common certificate store. A certificate
downloaded with Internet Explorer can be imported with Google Chrome as well as Internet
Explorer. Likewise, a certificate downloaded with Google Chrome can also be imported by both
browsers. Mozilla Firefox has its own certificate store, and must be downloaded and imported
with that browser only.
The procedures for downloading and importing a self-signed certificate differ with each browser.
Downloading a self-signed certificate with Microsoft Internet Explorer 9
1. Click in the Certificate error area.
2. Click View certificate.
3. Click the Details tab.
4. Verify the certificate.
5. Select Copy to File...
6. Use the Certificate Export Wizard to save the certificate as Base-64 encoded X.509 file.
Importing a self-signed certificate with Microsoft Internet Explorer 9
1. Select Tools→Internet Options.
2. Click the Content tab.
3. Click Certificates.
4. Click Import.
5. Use the Certificate Import Wizard.
a. When it prompts you for the certificate store, select Place….
b. Select the Trusted Root Certification Authorities store.
3.10 Managing certificates from a browser 51
3.10.3 Using a certificate authority
Use a trusted CA (certificate authority) to simplify certificate trust management; the CA issues
certificates that you import. If the browser is configured to trust the CA, certificates signed by the
CA are also trusted. A CA can be internal (operated and maintained by your organization) or
external (operated and maintained by a third party).
You can import a certificate signed by a CA, and using it instead of the self-signed certificate. The
overall steps are as follows:
1. You generate a CSR (certificate signing request).
2. You copy the CSR and submit it to the CA, as instructed by the CA.
3. The CA authenticates the requestor.
4. The CA sends the certificate to you, as stipulated by the CA.
5. You import the certificate.
For information on generating the CSR and importing the certificate, see the UI help.
3.11 Browser best practices for a secure environment
DescriptionBest practice
Use supported browsers
Log out of the appliance
before you close the browser
Avoid linking to or from sites
outside of the appliance UI
Use a different browser to
access sites outside the
appliance
3.12 Nonbrowser clients
The appliance supports an extensive number of REST APIs. Any client, not just a browser, can issue
requests for REST APIs. The caller must ensure that they take appropriate security measures regarding
the confidentiality of credentials, including:
• The session token, which is used for data requests.
• Responses beyond the encryption of the credentials on the wire using HTTPS.
See the HP OneView Support Matrix to ensure that your browser and browser version
are supported and the appropriate browser plug-ins and settings are configured.
In the browser, a cookie stores the session ID of the authenticated user. Although the
cookie is deleted when you close the browser, the session is valid on the appliance until
you log out. Logging out ensures that the session on the appliance is invalidated.
When you are logged in to the appliance, avoid clicking links to or from sites outside
the appliance UI, such as links sent to you in email or instant messages. Content outside
the appliance UI might contain malicious code.
When you are logged in to the appliance, avoid browsing to other sites using the same
browser instance (for example, via a separate tab in the same browser).
For example, to ensure a separate browsing environment, use Firefox for the appliance
UI, and use Chrome for non-appliance browsing.
3.12.1 Passwords
Passwords are likely displayed and stored in clear text by a client like cURL. You can download
cURL at the following web address:
http://curl.haxx.se/download.html
Take care to prevent unauthorized users from:
• Viewing displayed passwords
• Viewing session identifiers
• Having access to saved data
52 Understanding the security features of the appliance
3.12.2 SSL connection
The client should specify HTTPS as the protocol to ensure SSL is used on the network to protect
sensitive data. If the client specifies HTTP, it will be redirected to HTTPS to ensure that SSL is used.
The appliance certificate, which the client requires, allows the SSL connection to succeed. A
convenient way to obtain a certificate is to use a browser pointed at the appliance; for more
information on obtaining a certificate with a browser, see “Managing certificates from a browser”
(page 50)
3.13 Ports needed for HP OneView
HP OneView requires specific ports to be made available to the appliance to manage servers,
enclosures, and interconnects.
Table 1 Required ports
DescriptionUsageProtocolPort number
InboundTCP80
InboundUDP123
OutboundUDP123
OutboundUDP161
InboundUDP162
OutboundTCP443
InboundTCP5671
Used for HTTP interface. Typically, this port redirects to port
443; this port provides the access that iLO requires.
HP OneView acts as an NTP server, both iLO and Onboard
Administrator require access.
The appliance uses this port as an NTP client to synchronize
the appliance time.
Supports SNMP GET calls to obtain status data from a server
through iLO. Also used for iPDU.
Used for SNMP trap support from the iLO, Onboard
Administrator, and iPDU devices.
Used for the HTTPS interface to user interface and APIs.InboundTCP443
Used for secure SSL access to the iLO and Onboard
Administrator. Used for RIBCL, SOAP, and iPDU
communication.
Used as an alternative SNMP trap port.InboundUDP2162
Used to allow external scripts or applications to connect to
and monitor messages from the SCMB (State Change Message
Bus).
Provides browser access to the remote console.Browser to iLOTCP17988
Provides remote console access to iLO virtual media.Browser to iLOTCP17990
3.14 Access to the appliance console
Use the hypervisor management software to restrict access to the appliance, which prevents
unauthorized users from accessing the password reset and service access features. See “Restricting
console access” (page 54).
Typical legitimate uses for access to the console are:
• Troubleshooting network configuration issues.
• Enabling service access by an on-site authorized support representative.
The virtual appliance console is displayed in a graphical console; password reset and HP Services
access use a non-graphical console.
Switching from one console to another (VMware vSphere)
1. Open the virtual appliance console from vSphere.
2. Press and hold Ctrl+Alt.
3.13 Ports needed for HP OneView 53
3. Press and release the space bar.
4. Press and release F1 to select the non-graphical console or F2 to select the graphical console.
3.14.1 Enabling or disabling authorized services access
When you first start up the appliance, you can choose to enable or disable access by on-site
authorized support representatives. By default, on-site authorized support representatives are
allowed to access your system through the appliance console and diagnose issues that you have
reported.
Support access is a root-level shell, which enables the on-site authorized support representative to
debug any problems on the appliance and obtain a one-time password using a challenge/response
mechanism similar to the one for a password reset.
Any time after the initial configuration of the appliance, you can enable or disable services access
through the UI by selecting Actions→Edit services access on the Settings window.
You can also use an appliance/settings REST API to enable or disable services access.
NOTE: HP recommends that you enable access. Otherwise, the authorized support representative
might be unable to access the appliance to correct a problem.
3.14.2 Restricting console access
For the virtual appliance, you can restrict console access through secure management practices
of the hypervisor itself.
This information is available from the VMware website:
http://www.vmware.com/support/pubs
In particular, search for topics related to vSphere's Console Interaction privilege and best practices
for managing VMware's roles and permissions.
3.15 Algorithms for securing the appliance
• SSL (see Table 2 (page 54))
• SHA-256 for hashing local user account passwords
• Other passwords are encrypted using 128-bit Blowfish
• Support dumps:
Encryption: 128-bit AES◦
◦ Hash: SHA-256
◦ The AES key is encrypted separately using 2,048-bit RSA.
• Updates:
◦ Not encrypted; digitally signed using SHA-256 and 2,048-bit RSA
The following SSL cipher suites are enabled on the HP OneView appliance web server. The cipher
suites support the connection among the browser, other clients, and the appliance.
Table 2 Supported SSL cipher suites
MacEncAuKxSSL versionSSL cipher suite
SHA1AES (256)RSADHSSL v3DHE-RSA-AES256-SHA
54 Understanding the security features of the appliance
SHA1AES (256)RSARSASSL v3AES256-SHA
SHA13DES (168)RSADHSSL v3EDH-RSA-DES-CBC3-SHA
Table 2 Supported SSL cipher suites (continued)
3.16 Downloads from the appliance
You can download the following data files from the appliance:
• Support dump
By default, all data in the support dump is encrypted and accessible by an authorized support
representative only.
• Backup file
All data in the backup file is in a proprietary format. HP recommends that you encrypt the file
according to your organization's security policy.
• Audit logs
Session IDs are not logged, only the corresponding logging IDs are logged. Passwords and
other sensitive data are not logged.
MacEncAuKxSSL versionSSL cipher suite
SHA13DES (168)RSARSASSL v3DES-CBC3-SHA
SHA1AES (128)RSADHSSL v3DHE-RSA-AES128-SHA
SHA1AES (128)RSARSASSL v3AES128-SHA
3.16 Downloads from the appliance 55
56
4 Navigating the graphical user interface
4.1 Browsers
For general information about browser use, see the following topics:
• “Supported browsers” (page 57)
• “Browser best practices for a secure environment” (page 52)
• “Commonly used browser features and settings” (page 57)
4.1.1 Supported browsers
For information about the web browsers that are supported for use with HP OneView, see the HP
OneView Support Matrix.
4.1.2 Commonly used browser features and settings
DescriptionFeature
Screen resolution
Close window
Copy and paste
Local history
Back and forward buttons
Bookmarks
For optimum performance, the minimum screen size is 1280 × 1024 pixels for desktop
monitors and 1280 × 800 for laptop displays. The minimum supported screen size is
1024 × 768 pixels.
US English is the supported language.Language
You can close browser windows at any time. Closing the window while you are logged
in terminates your session.
You can select and copy most text, with the exception of text in images. You can paste
text into text entry boxes.
Press Ctrl+F to search for text in the current screen.Search in a screen
Right-click the browser back button to view the history of the active tab. Use this feature
to determine how you arrived at the current screen.
You can use the browser back and forward buttons to navigate the UI.
NOTE: Pop-up dialog boxes are not considered screens. If you click the back button
while a pop-up dialog box is displayed, you return to the previous screen.
If you click the forward button to go to a pop-up dialog box, you go instead to the screen
with the link to the pop-up dialog box.
The exceptions are screens that you access directly from the Actions menu. If you use the
browser navigation buttons with these screens, you lose any unsaved changes you made
on the screens.
You can create bookmarks for commonly-used screens. You can email these links to other
users, who must log in and have the appropriate authorization for the screen.
Open screens in a new tab
or window
Browser refresh
Right-click a link to a resource or screen to open the link in a new tab or window.
NOTE: If you right-click a link while in an edit screen, the actions you take on another
screen do not automatically refresh the form in the first screen.
For example, if the Add Network dialog box is open, but you do not have any networks
to add, you can create networks in a new tab or window. However, the first Add Network
dialog box does not recognize the new networks automatically.
If you click the browser refresh button to refresh a screen on which you have added but
not saved information, you lose the information.
Use the zoom in or zoom out feature to increase or decrease the text size, respectively.Zoom in/zoom out
4.1 Browsers 57
4.1.3 Set the browser for US or metric units of measurement
To configure how units of measurement are displayed—either in United States (US) or metric
units—change the region portion of the language setting in your browser.
Metric units are used for all regions except the United States region. Specify the United States as
your region code if you want United States customary units. Specify any other region code if you
want metric units.
Table 3 Set US or metric units of measurement
ProcedureBrowser
Google Chrome
Microsoft Internet Explorer
Mozilla Firefox
1. Click the Google menu icon.
2. Select Settings→Show advanced settings...
3. Scroll down to Languages and click Language and input settings...
4. Click Add and then select the language you want to use.
5. Restart the browser to apply your changes.
The browser locale and regions locale are derived from your Windows settings.
1. Select Tools+Internet Options+General (tab)+Languages→Language Preference.
2. Specify your own language tags. Click Add button in the Language Preferences
dialog box, and then enter your language tag in the User-defined box.
3. Click OK.
4. Restart the browser to apply your changes.
The browser locale and regions locale are derived from the version of Firefox you
are running.
1. Select Tools→Options→Content→Languages→Choose.
2. Select your preferred language and then click OK.
3. Restart the browser to apply your changes.
4.2 About the graphical user interface
To learn the names of common areas, icons, and controls on a UI screen, see the numbered
descriptions that appear after the image.
58 Navigating the graphical user interface
Figure 2 Screen topography
HP OneView
Overview
Create
Create
General
Activity
Type
VLAN ID
Purpose
Ethernet
c1 net
2015
General
Preferred bandwidth 2.5Gb/s
Maximum bandwidth 10Gb/s
Smart link Yes
Private network No
Uplink Set none
Used by none
Member of none
Administrator Today 12:27 pm
Search
?
Create network
C1 net
Name
C1net 2015 Ethernet
VLANID Type
corp net 2013 Ethernet
dev1105 1105 Ethernet
dev1106 1106 Ethernet
dev1107 1107 Ethernet
dev1108 1108 Ethernet
esxi mgmt 1131 1131 Ethernet
esxi vmotion 1132 1132 Ethernet
prod 1101 1101 Ethernet
prod 1102 1102 Ethernet
prod 1103 1103 Ethernet
prod 1104 1104 Ethernet
SAN A FC
v
v
vv
Actions
v
Delete
corp2 net
Create
corp2 net
20
All statuses All types
Networks
v v
.............................................................
1
5
6 72 3 4
10 9 8
1
2
3
4
5
In addition to the screen components shown in Figure 2 (page 59), every UI screen has a
notifications area that notifies you when an event or activity requires your attention.
Some screens also have a filters sidebar that enables you to control the amount and type of
information displayed in the details pane.
HP OneView main menu: The primary
menu for navigating to resources. Click the
icon to expand the menu.
View selector: Enables you to control the
information displayed about a resource so
that you can focus only on what you are
interested in.
Map view icon: Provides a graphical
representation of the relationships between
the current resource and other resources.
To see these relationships, select the Map
view selector or the icon.
Actions menu: Provides the actions that are
available to run on the current resource.
Actions include, but are not limited to:
adding, creating, deleting, removing, and
editing a resource instance. If you do not
have the appropriate permissions to
perform an action, the action does not
appear on the Actions menu.
Activity control: Expands (or hides) a
sidebar of recent appliance, resource, or
user activity (from the current login
session).
6
7
8
9
10
Session control: Tracks who is currently
logged in to the appliance and the duration
of each login session. Also enables you to
and edit some user account information,
depending on your user credentials.
Help control: Expands (or hides) a sidebar
which provides access to UI and REST API
help, the EULA and Written Offer, and the
HP OneView online user forum.
Activity sidebar: Shows recent alerts and
task activity for the current resource. Use
the Activity control icon to open (or close)
this sidebar.
Details pane: Provides all information known
about a selected resource instance. To see
details about a particular resource instance,
click its name in the master pane.
Master pane: Lists all resource instances that
have been configured on the appliance. In
some cases, a status icon indicates general
health of the resource.
4.2 About the graphical user interface 59
4.3 About the Activity sidebar
Enclosures 2
All Statuses Reset
HP OneView
Search
?
HP OneView
SERVERS
GENERAL
Server Proles Logical Interconnect Groups
Logical Interconnect s
Networks
Network Sets
Interconnects
Dashboard
Activity
Firmware Bundles
Server Hardware
Server Hardware Types
Data Centers Settings
Users and GroupsRacks
Power Delivery Devices
Unmanaged Devices
Enclosure Groups
Enclosures
NETWORKING
FACILITIES
The Activity sidebar shows tasks initiated during the current session. The most recent task is displayed
first.
Task notifications provide information (including in-progress, error, and completion messages)
about tasks that were launched.
The Activity sidebar differs from the Activity screen because it displays only recent activity. The
Activity screen, in contrast, displays all activities and allows you to list, sort, and filter them. For
more information, see “About Activity” (page 189).
Click an activity to show more details.
4.4 Banner and main menu
The main menu is the primary method for navigating to resources and the actions that can be
performed on them.
To expand the main menu, click inside the main menu area of the banner.
Figure 3 Banner
The main menu provides access to resources; each resource screen contains an Actions menu.
• If you are not authorized to view a resource, that resource does not appear in the main menu.
• If you do not have the appropriate permissions to perform an action, the action does not
appear on the Actions menu.
Figure 4 Expanded main menu
4.5 Button functions
UI buttons function the same, whether they appear on screens or dialog boxes.
60 Navigating the graphical user interface
Table 4 UI buttons
HP OneView
Search
Name
Create PhotoProle2Test Today
4:30 pm
Completed administrator
Resource Date State Owner
Actions
v
..................................................................................................................................
v
?
110
Activity
Filters
Filter
All
Needs attention
Reset
Type
All types
Alerts
Tasks
Status
All statuses
Critical
Warning
Ok
Unknown
Disabled
Create
Activity
ProtoProle2Test
Create
ProtoProle
Kroner added
1s
Create PhotoProle Today
4:28 pm
Completed administrator
1s
Create c1 net Today
12:27 pm
Completed Administrator
3s
Create corp2 net Today
12:27 pm
Completed Administrator
1s
Create corp2 net Today
12:25 pm
Completed Administrator
Create Testing2 Today
10:37 am
Completed Administrator
3s
Create Genetic Enclosue Group Today
10:34 am
Completed Administrator
1
2
DescriptionButton
Add and Add +
Create and Create +
Cancel
4.6 Filters sidebar
Some resource screens have a Filters sidebar that enables you to control the amount and type of
information displayed in the details pane.
Figure 5 Filters sidebar
Adds items from your current data center environment (such as enclosures, server hardware,
and other physical items) and brings them under appliance management.
• Add adds a single item and closes the screen or dialog box.
• Add + enables you to add another item in the same session.
Creates logical constructs used by the appliance (such as server profiles, logical
interconnect templates, and network sets).
• Create creates a single item and closes the screen or dialog box.
• Create + enables you to create another item in the same session.
Closes a screen or dialog box. If you made changes to the screen, unsaved changes are
discarded.
Confirms and saves your edits and closes the screen or dialog box.OK
21
Pin control: Expands or hides the Filters
sidebar.
Sorting and filtering criteria enables you to
refine the information displayed for a resource
in the details pane.
4.7 Help sidebar
Select the help icon in the banner to open the help sidebar, which provides hyperlinks to the help
system, license agreement, open source code used in the product, and access to the online user
community.
4.6 Filters sidebar 61
Figure 6 Help sidebar
Help
Documentation
Help on this page
Browse REST API help
First time setup
Browse help
License
End-User License agreement
Community
HP OneView Forum
Written Offer
1
2
3
4
5
6
7
?
1
Opens context-sensitive help
for the current screen in a
new browser window or tab. source products used by HP
2
Opens the top of the help
contents in a new browser tasks to make your data
to navigate to the entire
table of contents for the UI
help.
3
Opens the top of the REST
API help contents in a new HP OneView and pose or
enables you to navigate to
the entire table of contents
for the REST API help.
4.8 Icon descriptions
HP OneView uses icons to represent the current status of resources and alerts and to control the
display.
• “Status and severity icons” (page 62)
• “User control icons” (page 63)
4
Opens the first-time setup
help in a new browser
6
Displays the Written offer,
which describes the open
window, which guides you
through initial configuration
OneView.
7
Opens a new browser
window to the http://center resources known towindow, which enables you
www.hp.com/go/the appliance and bring
them under management.
5
Displays the End-User
oneviewcommunity online
user forum where you can
License agreement (EULA). share your experiences using
answer questions.browser window, which
• “Informational icons” (page 63)
4.8.1 Status and severity icons
62 Navigating the graphical user interface
TaskActivityResourceSmall iconLarge icon
Failed/InterruptedCriticalCritical
WarningWarningWarning
4.8.2 User control icons
menu
TaskActivityResourceSmall iconLarge icon
SuccessInformationalOK
CanceledDisabled
Unknown
An In progress rotating icon indicates that a change is being applied or a task is running.
This icon can appear in combination with any of the resource states. For example:
ActionNameIcon
Expands a menu to show all optionsExpand
View details
remove
Search
Pin
4.8.3 Informational icons
Identifies a title that has additional information. Clicking the title changes the view to
display details.
Expands a collapsed list itemExpand
Collapses an expanded list itemCollapse
Enables editingEdit
Deletes the current entryDelete or
Searches for the text you enter in the Search box. This is especially useful for finding types
of resources or specific resources by name
The left pin expands or collapses the Filters sidebar
The right pin expands or collapses the Activity sidebar or Help sidebar
Determines whether items are displayed in ascending or descending orderSort
Map
control
DescriptionNameIcon
Provides a graphical representation of the relationships between the current resource and
other resources
Provides a recent history of user and appliance initiated tasks and alertsActivity
4.8 Icon descriptions 63
DescriptionNameIcon
Session
control
Help control
Displays your login name and the duration of your current session. Also provides a link
you can use to log out of the appliance.
To change your full name, password, and contact information, click the Edit icon next to
your login name
• When this icon is at the top of a dialog box, you can click it to open context-sensitive
help for that topic in another window or tab.
• In the banner, this icon expands or collapses the Help sidebar, where you can browse
the help documentation or find help on the screen currently displayed. The help sidebar
provides the following:
◦ A Help on this page hyperlink to access context-sensitive help for the current screen
◦ A Browse help hyperlink to access the entire help system
◦ Links that you can use to display the EULA and the Written Offer.
◦ A link to the HP OneView Forum, an online forum for customers and partners to
share their experiences and pose questions related to using HP OneView. Community
members as well as HP representatives are welcome to assist with answering
questions.
4.9 Map view screen details
The Map view enables you to examine the configuration and understand the relationships between
logical and physical resources in your data center. This view gives you immediate visibility into
your resources from the individual Ethernet and Fibre Channel networks all the way up to the
enclosure, rack, and top-level physical data center.
The Map view was designed to be highly interactive and useful even at scale.
To open the relationship view for a resource, do one of the following:
• Select Map from the view selector.
• Select the icon.
Providing context for a resource can be helpful when troubleshooting problems with the resource.
By looking at the Map view, you can determine if anything related to the resource is also having
a problem.
A status icon indicates the general health of the resource and provides a quick path to track errors.
64 Navigating the graphical user interface
Figure 7 Sample Map view
Add enclosure: 192.0.2.0Apr 30 10:17AM
Map
1Z34AB7890
Actions
v
HPTC-RACK - 01
1Z34AB7890, interconnect 1
1Z34AB7890
BladeSystem c7000 Enclosure G2
HPTC
Racks
Enclosure
Groups
Enclosures
1Z34AB7890-LS
1Z34AB7890 Bay 8
device-bays
Server
Hardware
Interconnects
Logical
Interconnects
HP VC FlexFabric 10Gb/24-Port Module
1Z34AB7890, interconnect 2
HP VC FlexFabric 10Gb/24-Port Module
...............................................................................................................................................................
...............................................................................................................................................................
...............................................................................................................................................................
...............................................................................................................................................................
...............................................................................................................................................................
...............................................................................................................................................................
1Z34AB7890 Bay 8
1Z34AB7890, bay 2
Proliant BL 685c G7
1Z34AB7890, bay 1
Proliant BL 620c G7
The selected resource is located at the center of the Map view. Everything above the resource is
an ancestor; everything below the resource is a descendant.
A connecting line between boxes indicates a direct relationship, such as blade servers in an
enclosure. Use your pointing device to hover over any resource to see its direct relationships to
other resources. Other items can be indirectly related to the resource, such as logical interconnect
groups and server profiles.
Click any resource that appears in a relationship view to open its specific Map view.
4.10 Notifications area
The notifications area on a resource UI screen appears when an activity (an alert or task) has
affected the resource, which might require your attention.
By default, one line of information appears in the notifications area. Click anywhere in the yellow
box to expand the notifications area and view more information associated with the activity. Click
again to collapse the notifications area.
4.10 Notifications area 65
Figure 8 Notifications area
Model
Manag
Location
Power
Maximum
Serial
General
Overview
A, Slot 1
!
The system A, Slot 1 is not configured for redundant power because it has 1 c...
>
A, Slot 1
All
All
0 01
0 01
The system A, Slot 1 is ...
The system A, Slot 1 is notconfigured for redundant power because it has 1
connected power input(s). The system must have at least 2 connected power
inputs(s) to have redundant power.
Resolution: Configure the system with 1 more redundant power delivery
device(s) or verify that the configuration matches the target system
Powered by
Maximum power
Serial number
parentLS1
280 Watts
a963fdec-ebfb-4ba4
Actions
v
Actions
v
Overview
!
1
2
administrator
Logout
Logged in 6 minutes ago
1
A collapsed notifications area (the default). Select All to view all activity associated with the
resource.
2
An expanded notifications area, which provides resolutions for critical or warning alerts that
require your attention, with links to Details, when they are available.
4.11 Log out of the appliance
1. Click the Session control icon in the banner.
2. Select Logout.
4.12 Search help topics
1. On any screen, click the icon in the banner to open the help sidebar.
2. In the Help sidebar, select Help on this page.
Context-specific help appears in a separate browser window.
3. In the new browser window where the help is displayed, click Search at the top of the left
navigation pane, next to the Contents and Index links.
66 Navigating the graphical user interface
Figure 9 UI help search box
4. Enter a search term in the Search box. Note the following:
• Search terms are case insensitive.
• Cutting and pasting text into the search box is supported.
• Wildcard characters, such as the asterisk (*), are not supported.
• These search operators are not supported:
◦ Plus sign (+)
◦ Minus sign or hyphen (–)
◦ Double quotes (" ")
◦ Special characters (non-alphanumeric)
5. Press Enter or click List Topics to start the search process.
Search results are presented as links to the sections in which the search term appears.
6. Scan the search results for the section title or titles that best match what you are looking for,
and click the link to view the content. Each instance of your search term is highlighted in yellow
for easy identification.
4.12.1 About help system search results
Note the following about how the help system search feature operates:
• Searches are based on stem words. For example, if you type the word restore, the search
returns restoring as well as restore.
• Searches sometime return the stem word rather than the search term. For example, searching
for Orchestration stems to orchestr and thus returns no results. This is expected behavior.
• Unrelated partial terms are not found. For example, a search for cat:
Finds cat and cats.◦
◦ Does not find category because it does not provide enough of the stem word for the
search operation to return complete results.
• Sometimes searches return results based on the metadata matching the stem word rather than
a match in the actual help content. In this case, you will not see highlighted terms on the page.
4.13 Search resources
The banner of every screen includes the Smart Search feature, which enables you to find
resource-specific information such as specific instances of resource names, serial numbers, WWNs,
and IP and MAC addresses. In general, anything that appears in a resource is searchable.
Smart Search makes locating resources by model as simple as typing the model string (for example
BL660), enabling you to inventory or take action on a desired set of devices.
Perhaps you are looking for all resources in a given enclosure or need to find one server using a
certain MAC address. Smart Search instantly gives you the information you are seeking.
The default search behavior is to focus on the resource you are currently viewing. But, to broaden
the scope of your search across all resources, you have the option to search Everything, which
searches all resources.
Some resources might not include the option to choose between the current resource or everything,
in which case the default search is for everything.
4.13 Search resources 67
When you start typing, search suggestions are provided based on pattern matching and
Search
Scope Ser ver Profiles Everything
..................................................................................
Search
previously-entered search criteria.
• Select a suggestion to change your filter to the suggestion and submit it (as if you had pressed
Enter).
• Press Enter to see the list of search matches.
• If you are doing a resource match, the master pane is filtered to match your search input.
TIP: Enter complete words or names as your search criteria. Partial words or names might not
return the expected results.
If you enter a multi-word search term, results show matches for all words you enter.
When you find what you are looking for in the search results, which are organized by resource
type, select the item to navigate to it.
NOTE:
Search all resourcesSearch the current resource
1. Click in the Smart Search box.
2. Enter your search text and press Enter.
The search results are focused in your current location
in the UI.
1. Click in the Smart Search box.
2. Select Everything.
3. Enter your search text and press Enter.
68 Navigating the graphical user interface
Advanced searching and filtering with properties
TIP: Enclosure a search value in double quotes if the value contains spaces.
Enter complete values for the properties. Partial values do not return search results.
Search resultsExample of advanced filtering syntax
All hardware that matches the model number and name.By model name:
model:"BladeSystem c7000 Enclosure G2"
model:"ProLiant BL460c Gen8"
model:"HP VC 8Gb 20-Port FC Module"
By name:
name:enclosure10
name:"192.0.2.0, PDU 1"
By health status:
status:Critical
An enclosure with the name enclosure10.
A power delivery device with the name 192.0.2.0, PDU
1.
All resources that are in a critical state.
Other health status values are:
• Error
• Warning
• OK
• Unknown
• Disabled
4.14 View resources according to their health status
On most screens, you can filter the view of resource instances based on their health status, which
might be useful for troubleshooting or maintenance purposes.
The default filtering is All statuses, which means that all resource members are shown, regardless
of their health status.
To filter that view based on a specific health status, select the health status you are interested in
viewing from the Status menu.
For more information about health status icons and what they mean, see “Icon descriptions” (page
62).
4.14 View resources according to their health status 69
Figure 10 Filter resource instances by their health status
Server Hardware
15
Add server hardware
+
Unmanaged Server Dl 360P Gen8
Unmanaged Server Dl 360P Gen8
Unmanaged Server Dl 360P Gen8
Unmanaged Server Dl 360P Gen8
none
Name Model Server Prole
......................................................................................................
Reset
Status
Critical
Warning
Ok
Unknown
Disabled
All statusesAll statuses
Search
HP OneView
Dl 360P Gen8buta-ilo
none
Reset
Server Hardware
4
Disabled
Name Model Server Prole
Status:Disabled
Add server hardware
+
Encl1, bay 3 BL460c Gen8
none
Encl1, bay 4 BL460c Gen8
none
Encl1, bay 1 BL660c Gen8
none
Encl1, bay 1 BL660c Gen8
none
HP OneView
1
......................................................................................................
4.14.1 Reset the health status view
1
To return to the default view, All statuses, click the Reset link.
70 Navigating the graphical user interface
5 Using the REST APIs and other programmatic interfaces
REST (Representational State Transfer) is a web service that uses basic CRUD (Create, Read, Update
and Delete) operations performed on resources using HTTP POST, GET, PUT, and DELETE. To
learn more about REST concepts, see http://en.wikipedia.org/wiki/Representational_state_transfer.
The appliance has a resource-oriented architecture that provides a uniform REST interface. Every
resource has one URI (Uniform Resource Identifier) and represents a physical device or logical
construct. You can use REST APIs to manipulate resources.
For general information about REST APIs, see the following topics:
• “Resource operations” (page 71)
• “Return codes” (page 72)
• “URI format” (page 72)
• “Resource model format” (page 72)
• “Log in to the appliance using REST APIs” (page 72)
• “REST API version and backward compatibility” (page 73)
• “Asynchronous versus synchronous operations” (page 73)
• “Task resource” (page 74)
• “Error handling” (page 74)
• “Concurrency control using etags” (page 74)
• “Querying resources and pagination using common REST API parameters” (page 74)
• “State Change Message Bus” (page 76)
• “Developer tools in a web browser” (page 76)
• “PowerShell and Python code sample libraries” (page 76)
5.1 Resource operations
RESTful APIs are stateless. The resource manager maintains the resource state that is reported as
the resource representation. The client maintains the application state and the client might manipulate
the resource locally, but until a PUT or POST is made, the resource as known by the resource
manager is not changed.
Create
Update
POST resource URI (payload =
resource data)
update data)
DescriptionHTTP VerbOperation
Creates new resources. A synchronous POST returns the newly created
resource. An asynchronous POST returns a TaskResource URI in the
Location header. This URI tracks the progress of the POST operation.
Returns the requested resource representation(s)GET resource URIRead
Updates an existing resourcePUT resource URI (payload =
Deletes the specified resourceDELETE resource URIDelete
5.1 Resource operations 71
5.2 Return codes
NOTE: If an error occurs, indicated by a return code 4xx or 5xx, an ErrorMessage is returned.
The expected resource model is not returned.
5.3 URI format
All URIs point to resources. The client does not need to create or modify URIs. The URI for a resource
is static and uses the format https://{appl}/rest/resource category/resource ID
where:
https://{appl} The appliance address
/rest The type of URI
/resource category The category of the resource (for example,
DescriptionReturn code
Successful operation2xx
Client-side error with error message returned4xx
Appliance error with error message returned5xx
server-profiles)
/resource instance ID The specific resource instance identifier (optional)
5.4 Resource model format
The resources support JSON (JavaScript Object Notation) for exchanging data using a REST API.
If not otherwise specified in the REST API operation, the default is JSON.
5.5 Log in to the appliance using REST APIs
When you log in to the appliance using the login-sessions REST API, a session ID is returned.
You use the session ID in all subsequent REST API operations in the auth header, except as noted
in REST API Request Headers. The session ID is valid for 24 hours.
Log outLog in
Operation
POST
API
/rest/login-sessions
Request headers
REST API Request Headers
Request body
{"userName":"YourUserName","password":"YourPassword"}
NOTE: This is an example of a local log in on the appliance.
If you are using a directory service, you must add the following
attributes: authnHost and authLoginDomain.
Response
The LoginSessionIdDTO that includes the session ID
Operation
DELETE
API
/rest/login-sessions
Request headers
auth:{YourSessionID}
REST API Request Headers
Request body
None
Response
204 No Content
72 Using the REST APIs and other programmatic interfaces
5.6 REST API version and backward compatibility
When you perform a REST API operation, an X-API-Version header is required. This version
header corresponds to the REST API version of software currently running on the appliance. To
determine the correct REST API version, perform /rest/version. This GET operation does not
require an X-API-Version header. If multiple appliances are running in your environment, you
need to determine the REST API version required by each appliance.
The requests documented in the HP OneView 1.05 REST API scripting help correspond to a
versionNumber of 4. Requests specifying API version 4 always provide the behavior documented
here. Future API changes will introduce higher version numbers.
Supported REST API versions
This release of HP OneView supports the new REST API version 4 in addition to supporting the
REST API version 3 (minimum) that was supported in previous releases of HP OneView.
The HP OneView REST API documentation for older REST API versions is available online at http://
www.hp.com/go/oneview/docs, and the documentation for the current version of supported REST
APIs is included with the online help for this release as well as online.
Backward compatibility
The following list explains how to preserve your existing scripts when upgrading to a new version
of HP OneView, take advantage of new functionality, and find the current and previous versions
of the HP OneView REST API documentation.
• Prevent scripts from breaking
To prevent your existing scripts from breaking that were written for a specific API version, use
the same X-API-Version value for that specific REST API. This ensures that the same set of
data is sent and returned in the response body during PUT and POST operations.
NOTE: The set of possible enumerated values that may be returned in a given resource
attribute may be extended from release to release (independent of the API version). Clients
should ignore any values that they do not expect.
To maintain backward compatibility, the set of enumerated values will not be reduced and
the meaning of these values will not change for a given API version.
• Use new functionality
To take advantage of new functionality, you must move to the new X-API-Version value.
If the X-API-Version value is set globally in your scripts, moving to a new X-API-Version
will likely impact multiple REST APIs. To view a list of REST APIs that have changed, see the
HP OneView Release Notes.
If you do not need to use the new functionality, you can use a previous X-API-Version and
avoid impacting your existing scripts. HP recommends that you move to the new
X-API-Version, because backward compatibility is not guaranteed from release to release,
and older functionality will be deprecated.
The current version of the REST APIs are documented in the HP OneView REST API Reference
that is included on the appliance. To view previous versions of the REST API reference, go to
http://www.hp.com/go/oneview/docs.
5.7 Asynchronous versus synchronous operations
A synchronous task returns a response after the REST API operation. For example, POST
/rest/server-profiles returns a newly created server profile in the response body. An
asynchronous task, such as creating an appliance backup returns the URI of a TaskResource
5.6 REST API version and backward compatibility 73
resource model. You can use the TaskResource resource model URI to list the current status of
the operation.
5.8 Task resource
When you make an asynchronous REST API operation, HTTP status 202 Accepted is returned
and the URI of a TaskResource resource model is returned in the Location header of the
response.
You can then perform a GET on the TaskResource model URI to poll for the status of the
asynchronous operation. The TaskResource model also contains the name and URI of the resource
that is affected by the task in the associatedResource attribute.
Creating an appliance backup example
1. Create an appliance backup.
/rest/backups
The URI of a TaskResource in the Location header is returned in the response.
2. Poll for status of the backup using the TaskResource URI returned in step 1.
/rest/tasks/{id}
3. When the task reaches the Completed state, use the associatedResource URI in the TaskResource to
download the backup file.
GET {associatedResource URI}
5.9 Error handling
If an error occurs during a REST API operation, a 4xx (client-side) or 5xx (appliance) error is
returned along with an error message (ErrorMessage resource model). The error message
contains a description and might contain recommended actions to correct the error.
A successful REST API POST operation returns the newly created resource (synchronous) or a
TaskResource URI in the Location header (asynchronous).
5.10 Concurrency control using etags
A client uses etags to verify the version of the resource model. This prevents the client from modifying
(PUT) a version of the resource model that is not current. For example, if a client performs a GET
on a server profile and receives an etag in the response header, modifies the server profile, and
then updates (PUT) the resource model, the etag in the PUT request header must match the resource
model etag. If the etags do not match, the client PUT request will not complete and a 412
PRECONDITION FAILED error is returned.
5.11 Querying resources and pagination using common REST API parameters
Querying resources
You can use a set of common parameters to customize the results returned from a GET operation,
such as sorting or filtering. Each REST API specification lists the set of available common parameters.
Pagination when querying for a collection of resources
When you perform a GET operation to retrieve multiple resources (that is, a GET on a collection
URI, such as /rest/server-profiles), the resources are returned in a collection object that
includes an array of resources along with information about the set of resources returned. This
collection of resources may be automatically truncated into pages to improve performance when
74 Using the REST APIs and other programmatic interfaces
a query would return a large number of resources. The collection attributes (described below)
provide information needed to determine whether the full set of resources were returned, or if
additional queries are required to retrieve additional pages.
For example, a collection object includes a next page and previous page URI. These URIs indicate
whether additional pages are available, and can be retrieved via a GET operation on these URIs.
This provides a simple model for ensuring all resources in the query have been retrieved, by doing
iterative GETs on the nextPageUri attribute until the attribute comes back empty/null (See
Example: Return all resources in a specific collection query below.).
It’s also possible to query for a specific page of resources, using the start and count query
parameters. These parameters indicate the index of the first resource to be returned, and the number
of resources to return in the page, respectively.
NOTE: Queries across multiple pages in a collection are stateless, and are based simply on the
start index and a count of resources returned from that starting point at the time the query is made.
For example, if any server profiles were added or deleted after you performed a GET operation
using a specific next page URI from a collection of server profile resources, and you perform the
GET again, the returned page using the same next page URI may not contain the same set of
resources.
Note also that the specific set of resources returned with a given start and count parameter is highly
dependent on any filter, query and sort parameters sent in the request, therefore it’s important
to always pass the same filter, query and sort parameters on all requests for additional pages. The
nextPageUri and prevPageUri attributes will be pre-populated with any filter, query and
sort parameters from the current request.
Attributes returned in all GET operations performed on a collection URI, for
example/rest/server-profile:
total The total number of resources available in the requested collection (taking
into account including any filters). Not necessarily what was returned.
count The actual number of resources returned (in the members attribute).
start The zero-based index of the first item returned (in the members attribute).
members The array of resources returned in the current result set.
nextPageUri A URI that can be used to query for the next page in the result set (using
the same count specified in the current query).
prevPageUri A URI that can be used to query for the previous page in the result set
(using the same count specified in the current query).
NOTE: A null or empty nextPageUri or prevPageUri attribute is
an indication that you have reached the last or first page (respectively)
in the query. This allows scripts to iterate on nextPageUri until null,
in order to retrieve the full set of resources in the query.
Example: Return all resources in a specific collection query
The number of resources returned in a query might not match what was specified in the count
parameter. Clients must always check the returned results to determine whether the full results set
was returned or not. The two reasons that all the resources may not be returned in a query are:
• You've reached the last page of the query (and there are simply not that many resource left
to return). This is also indicated by a returned prevPageUri with a null value.
• For performance reasons, the service may automatically truncate the returned result set,
requiring additional GET requests (with appropriate start & count parameters set) in order to
retrieve the full set of resources.
5.11 Querying resources and pagination using common REST API parameters 75
The simplest way to make sure that you have retrieved all resources in a specific collection is to
always perform iterative GET requests using the returned nextPageUri until the value is null.
See the following example in pseudo-code based on any filters/queries and sort order:
currentCollection = doGet("/rest/server-hardware");
allResources = currentCollection.members;
While (currentCollection.nextPageUri) {
currentCollection = doGet(currentCollection.nextPageUri);
allResources.Append(currentCollection.members);
}
5.12 State Change Message Bus
The State-Change Message Bus (SCMB) is an interface that uses asynchronous messaging to notify
subscribers of changes to managed resources—both logical and physical. For example, you can
program applications to receive notifications when new server hardware is added to the managed
environment or when the health status of physical resources changes—without having to continuously
poll the appliance for status using the REST APIs. To learn more about receiving asynchronous
messages about changes in the appliance environment, see “Using the State-Change Message
Bus (SCMB)” (page 203).
5.13 Developer tools in a web browser
You can use developer/debug tools in your web browser to view the REST API operations as they
happen in the UI. The UI uses REST APIs for all operations; therefore, anything you can do in the
UI can be done using REST API operations.
5.14 PowerShell and Python code sample libraries
Windows PowerShell and Python libraries are available on Git-compliant websites to download
and use for your REST API scripting. The libraries are currently under the MIT OpenSource license,
and you can modify the source code for your own purposes. Each library provides methods for
you to submit feedback, issues, and other discussions to HP.
About Git version control:
The repository layouts and overall workflows use a very standard simple workflow where the master
branch is always the top of tree trunk. HP tags each release and branches a release only to fix an
issue on a specific release.
To learn more about using Git, see http://git-scm.com/book.
NOTE: If you have questions about REST API scripting or HP OneView in general, post your
questions to the user community forum at http://www.hp.com/go/oneviewcommunity.
PowerShell library
The PowerShell library is hosted on CodePlex and is available here: http://
hponeview.codeplex.com. To subscribe to the site and monitor the project, you need a valid
Microsoft or CodePlex account. Downloading releases or source code does not require
authentication.
For ease of use when the library is updated, a new installer is provided.
You can use a browser or a GIT Windows client to download the source code and samples. To
download the Windows client, see http://windows.github.com/.
The CodePlex site provides an issues tracker to submit issues or feature requests.
Python library
The Python library is hosted on a GitHub website and is available here: https://github.com/
HewlettPackard/python-hpOneView.
76 Using the REST APIs and other programmatic interfaces
To receive development discussions, sign up on the public mailing list at https://groups.google.com/
forum/#!forum/hp-oneview-python.
5.14 PowerShell and Python code sample libraries 77
78
6 Accessing documentation and help
This chapter describes how to access help from the appliance, how to access the publicly available
online information library, and where to find REST API help and reference documentation.
6.1 Online help—conceptual and task information as you need it
The online help documents both the UI and the REST APIs, and includes:
• Overviews of the appliance and its features
• Descriptions of resources and UI screens
• Quick-start instructions for bringing your data center under management
• Step-by-step instructions for using the UI to perform tasks
• Information about using REST API scripting to perform tasks
• The HP OneView REST API Reference
• Information about using the SCMB (State-Change Message Bus) to subscribe to state change
messages
REST API help design
The REST API help is designed so that:
• Each resource is documented in its own chapter.
• Each REST API scripting chapter identifies the REST API calls you must invoke to complete the
tasks.
• Each REST API call links to the HP OneView REST API Reference for details about the API, such
as attributes and parameters, the resource model schema, and JSON (JavaScript Object
Notation) examples.
UI help design
The online help for the UI is designed so that each resource is documented in its own chapter. At
the top of each help chapter is a navigation box that directs you to:
• Tasks that you can perform using the UI
• An About section that provides conceptual information about the resource
• A screen details section for every screen, which provides definitions of screen components to
assist you in data entry and decision making
• Troubleshooting information in case you encounter a problem
• Links to the help for the associated REST APIs if you prefer to use REST API scripting to perform
a task
6.2 This user guide supplements the online help
This user guide provides:
• Conceptual information and describes tasks you can perform using the UI or REST APIs. It
does not duplicate the step-by-step instructions provided by the online help unless the information
might be needed when the online help is not available.
• For procedures that use the REST APIs, the REST APIs are listed, but the complete syntax and
usage information is included in the HP OneView REST API Reference in the online help.
6.1 Online help—conceptual and task information as you need it 79
• Planning information, including configuration decisions to make and tasks that you might need
to perform before you install an appliance, add managed devices, or make configuration
changes
• Quick starts that provide high-level step-by-step instructions for selected tasks that might require
that you configure multiple resources using the UI or REST APIs.
• An illustrated example of using the UI to configure a sample data center
6.3 Where to find HP OneView documentation
HP OneView release notes, user manuals, and other technical documentation is available on the
Enterprise Information Library and help is available on the appliance.
NOTE: To submit feedback about HP OneView documentation to HP, send email to
docsfeedback@hp.com.
Enterprise Information Library
The following documentation is available to view or download from the information library at
http://www.hp.com/go/oneview/docs
• HP OneView Release Notes
• HP OneView Support Matrix
• HP OneView Installation Guide
• HP OneView User Guide
• HP OneView REST API Reference
• zip file containing the HP OneView user interface HTML help files
• zip file containing the HP OneView REST API HTML help files
• White papers
UI and REST API help on the appliance
To view the help delivered on the appliance, open the appliance in a browser. Click the icon
in the banner to open the Help sidebar, which provides hyperlinks to the user interface help and
REST API scripting help.
6.4 Enabling off-appliance browsing of UI HTML help and REST API HTML help
To enable your users and developers to browse the HP OneView help and HP OneView REST API
Reference locally on their own computer or from a local web server, download the
hp-oneview-help.zip file and the hp-oneview-restapi.zip file from the Enterprise
Information Library.
The off-appliance versions of the HP OneView help systems are useful for developers who are
writing REST API scripts or other users that prefer the convenience of accessing help without logging
in to the appliance.
Downloading HTML UI help and HTML REST help
1. Go to the Enterprise Information Library:
http://www.hp.com/go/oneview/docs
2. Select the hp-oneview-help.zip file for UI help or the hp-oneview-restapi.zip file
for REST API help and save it to your computer or a local directory on a web server.
3. Use the utility of your choice to extract the contents of the .zip file.
80 Accessing documentation and help
4. Navigate to the hp-oneview-help/content or hp-oneview-restapi/content
directory.
5. Double-click the index.html file to open the HP OneView help system.
6. If you are serving the files from a web server, communicate the full URL to the index.html
file to your user community to enable them to browse to the UI and REST API help and reference
information.
6.4 Enabling off-appliance browsing of UI HTML help and REST API HTML help 81
82
Part II Planning tasks
The chapters in this part describe data center configuration planning tasks that you might want to complete
before you install the appliance or before you make configuration changes. By completing these planning
tasks, you can create a data center configuration that takes full advantage of the appliance features and is
easier for your administrators to monitor and manage.
84
7 Planning your data center resources
In addition to ensuring that your environment meets the prerequisites for installation of the appliance,
there are other planning tasks you might want to complete before adding data center resources.
By completing these planning tasks, you can create a data center configuration that takes full
advantage of the appliance features and is easier for your administrators to monitor and manage.
7.1 How many data centers?
An appliance data center resource represents a physically contiguous area in which racks containing
IT equipment are located. You create data centers in the appliance to describe a lab floor or a
portion of a computer room, which provides a useful grouping to summarize your environment
and its power and thermal requirements.
Using data centers to describe the physical topology and power systems of your environment is
optional. If you choose to create multiple data centers, consider including data center information
in your other resource names to enable you to use the appliance search capabilities to filter results
by data center.
7.2 Security planning
This section recommends security decisions you might want to make before you install the appliance
or bring hardware under management.
To learn about the security features of the appliance, and for general information about protecting
the appliance, see “Understanding the security features of the appliance” (page 45).
7.3 Preparing your data center network switches
The switch ports for data center network switches that connect to the Virtual Connect interconnect
modules must be configured as described in “Data center switch port requirements” (page 139).
Network traffic should also be considered as described in “About active/active and active/standby
configurations” (page 147).
7.4 Planning your resource names
The banner of every screen includes the Smart Search feature, which enables you to find
resource-specific information such as instances of resource names, serial numbers, WWNs, and
IP and MAC addresses. In general, anything that appears in a resource is searchable.
Defining a standard naming convention for your networks, network sets, enclosures, enclosure
groups, logical interconnect groups, and uplink sets makes it easy for you to identify them and
enables efficient searching or filtering in the UI.
Consider the following information when choosing resource names:
• To minimize the need for name changes and to make network-related resources easier to
identify, consider choosing names that include the following information:
◦ The purpose of the resource. For example:
prod for production network resources
dev for development network resources
◦ For networks, the VLAN ID
◦ An identifier to help you distinguish between resources that use the left side or the right
side of an enclosure. For example:
left and right
A and B
7.1 How many data centers? 85
1 and 2
◦ Examples of network names that follow the recommended naming conventions include
the following:
dev_1105_A
prod_1102_1
test_1111_left
◦ If you plan to use multi-network connections in server profiles, create network sets that
contain all the networks to be used by a single profile connection. Choose names such
as the following:
dev_nset_A
prodnset_1
testns_left
◦ Changing the names of uplinks sets can result in resources being taken offline temporarily
(see “Configuration changes that require or result in resource outages” (page 89)). To
minimize the need for name changes, and make the uplink sets easier to identify, choose
names such as the following:
devUS_A
prodUS_1
testUS_left
• The appliance does not support the filtering of resources, such as server hardware, based on
physical location (data center name). To enable filtering by data center name, choose a
naming convention that includes the data center name in the resource name.
• The appliance supports the filtering of resources by model, so you can search for server
hardware without having to include the model number in the name.
• The appliance provides default names for many resources. For example:
Enclosures are assigned the name Encln, where n is a number that is incremented by
◦
1 as each enclosure is added.
◦ enclosure_name-LI is the default name of a logical interconnect, where
enclosure_name is the name of the enclosure.
◦ Datacenter 1 is the name assigned to the data center when you initialize the appliance.
◦ Server hardware types are assigned names based on the server model, such as BL460c
Gen8 1. If you select a server hardware type as a standard, you can choose to rename
that server hardware type to include the word Standard or some other identifier to help
administrators quickly determine the correct server hardware type to choose.
• You can create shorter names by using abbreviations for resources. For example:
Typical abbreviationsResource name
86 Planning your data center resources
EnclEnclosure
EG, GroupEnclosure group
LILogical interconnect
LIGLogical interconnect group
USUplink set
For more information about the search capabilities of the appliance, see “Search resources”
(page 67).
7.5 Planning the appliance configuration
These topics cover appliance configuration.
7.5.1 Appliance VM and host requirements
HP OneView is delivered as a virtual appliance running on a VMware vSphere Hypervisor VM
(virtual machine).
IMPORTANT: HP OneView cannot import existing VC (HP Virtual Connect) domain configurations,
so do not select a host system located in an enclosure that you plan to manage with HP OneView.
You can, however, select a host system located on an HP ProLiant DL rack mount server that you
plan to manage with HP OneView.
The VM host must be able to support a VM with the following minimum requirements:
• VMware vSphere Hypervisor 5.0, 5.1, or 5.5.
• Two 2 GHz virtual CPUs.
• 10 GB of memory dedicated to the appliance.
• 160 GB of thick-provisioned disk space.
• A connection to the management LAN. HP recommends that you have separate networks for
management and data.
• The clock on the VM host must be set to the correct time. If NTP (Network Time Protocol) is
not used to synchronize the time on the VM host, HP recommends configuring the appliance
to use NTP directly.
7.5.2 Planning for high availability
To use HP OneView in an HA (high availability) configuration, verify that the VM is configured
according to vSphere Hypervisor HA requirements. For more information, see your vSphere
Hypervisor documentation or the following website:
http://www.vmware.com/products/datacenter-virtualization/vsphere/high-availability.html
7.5.3 Location of the appliance
HP recommends that you do not run the virtual appliance on a host that is to be managed by the
same appliance instance.
7.5.4 Separate networks for data and management
HP recommends having separate networks for management and data.
7.5.5 Time clocks and NTP
HP recommends using NTP on the host on which you install the virtual appliance. If you are not
using NTP on the host, HP recommends configuring NTP directly on the virtual appliance. Do not
configure NTP on both the host and the virtual appliance.
7.5 Planning the appliance configuration 87
7.5.6 IP addresses
You must specify what type of IP addresses are in use and how they are assigned to the appliance,
either manually by you or assigned by a DHCP (Dynamic Host Configuration Protocol) server:
• You must choose either IPv4 or IPv6 addresses.
• The appliance IP address must be static.
• If you use a DHCP address for the appliance it must have an infinite lifetime or permanent
reservation.
88 Planning your data center resources
8 Planning for configuration changes
This chapter identifies configuration changes that might result in a resource being taken offline
temporarily or that might require that you make changes to multiple resources.
8.1 Configuration changes that require or result in resource outages
Appliance
Taking an appliance offline does not affect the managed resources—they continue to operate while
the appliance is offline.
When you install an appliance update, the appliance is taken offline.
Enclosures
The Onboard Administrator is taken offline when you update firmware for an enclosure.
Interconnects and logical interconnects
• Server profile connections to networks in an uplink set are taken offline when you delete the
uplink set.
• Server profile connections to networks in an uplink set can be interrupted for a few seconds
when you change the name of an uplink set using either of these methods:
◦ Change the name of the uplink set in the logical interconnect.
◦ Change the name of the uplink set in the logical interconnect group, and then update the
logical interconnect from the logical interconnect group.
• An interconnect is taken offline when you:
Update or activate firmware for a logical interconnect. Staging firmware does not require
◦
interconnects be taken offline.
◦ Update firmware for an enclosure and select the option to update the enclosure, logical
interconnect, and server profiles.
• If an interconnect has firmware that has been staged but not activated, any subsequent reboot
of that interconnect activates the firmware, which takes the interconnect offline.
• You can prevent the loss of network connectivity for servers connected to a logical interconnect
that has a stacking mode of Enclosure and a stacking health of Redundantly Connected
by updating firmware using the following method:
1. Staging the firmware on the logical interconnect.
2. Activating the firmware for the interconnects in even-numbered enclosure bays.
3. Waiting until the firmware update to complete and the interconnects are in the
Configured state.
4. Activating the firmware for the interconnects in the odd-numbered enclosure bays.
Networks
• If you attempt to delete a network that is in use by one or more server profiles, the appliance
warns you that the network is in use. If you delete the network while it is in use, server profile
connections that specify the network explicitly (instead of as part of a network set) are taken
offline.
If you add a network with the same name as the network you deleted, connections that specify
the network explicitly (instead of as part of a network set) are not updated—you must edit
8.1 Configuration changes that require or result in resource outages 89
each server profile connection to reconfigure it to specify the network you added. Because
you must edit the server profile to edit the connection, you must power off the server.
• If you attempt to delete a network that is a member of a network set, the appliance warns you
that the network is assigned to at least one network set. If you delete that network and there
are other networks in that network set, server profile connectivity to the deleted network is
taken offline, but connectivity to other networks in the network set is unaffected.
You can add a network to a network set, including a network that has the same name as a
network you deleted, while server profile connections to that network set remain online.
Network sets
• If you attempt to delete a network set that is in use by one or more server profiles, the appliance
warns you that the network set is in use. If you delete the network set while it is in use, server
profile connections to that network set are taken offline.
• If you add a network set with the same name as the network you deleted, connections that
specify the network set are not updated—you must edit each server profile connection to
reconfigure it to specify the network set you added. Because you must edit the server profile
to edit the connection, you must power off the server.
• Server profiles with connections to a network set can be affected when a network in the network
set is deleted. See “Networks” (page 89).
Server profiles and server hardware
• Before you edit a server profile, you must power down the server hardware to which the server
profile is assigned.
• Firmware updates require that you edit the server profile to change the firmware baseline. As
with any other edits to server profiles, you must power down the server hardware to which
the server profile is assigned before you edit a server profile.
• Server profiles and server hardware can be affected by changes to networks and network
sets. For more information, see “networks” (page 89) and “network sets” (page 90).
• Server profiles and server hardware can be affected by changes to the names of uplink sets.
For more information, see “Interconnects and logical interconnects” (page 89).
8.2 Configuration changes that might require changes to multiple resources
Some configuration tasks require changes to multiple resources.
8.2.1 Adding a network
When you add a network to the appliance, you might need to make configuration changes to the
following resources:
• Networks. Add the network.
• Network Sets. (Optional) If the network you are adding is an Ethernet network you might want
to add it to a network set or create a network set that includes the network.
90 Planning for configuration changes
• Logical Interconnects and Logical Interconnect Groups. For a server connected to a logical
interconnect to access a network, the logical interconnect must have an uplink set that includes
a connection to that network:
◦ You might need to update multiple logical interconnects.
◦ You can make configuration changes to the logical interconnect group, and then update
each logical interconnect from the group.
◦ If your configuration changes include deleting an uplink set or changing the name of an
uplink set, server profile network connectivity can be affected. See “Configuration changes
that require or result in resource outages” (page 89).
• Server Profiles. If the server profile does not have a connection to a network set that includes
this network, you must add connections to the network.
For a summary of the tasks you complete when adding a network, see “Quick Start: Adding a
network to an existing appliance environment” (page 99) .
8.2.2 Adding an enclosure
When you add an enclosure to the appliance, you might need to make configuration changes to
the following resources:
• Enclosures. Add the enclosure.
• Enclosure Groups. Every enclosure must be a member of an enclosure group. If you do not
choose an existing enclosure group, you must create one when you add the enclosure.
• Logical Interconnects and Logical Interconnect Groups. Logical interconnects and logical
interconnect groups define the network connectivity for the enclosure. Enclosure groups must
specify a logical interconnect group. When you create an enclosure group, if you do not
specify an existing logical interconnect group, you must create one. For a server connected
to a logical interconnect to access a network, the logical interconnect group you create must
have an uplink set that includes a connection to that network.
• Server Profiles. Adding and assigning server profiles to the server blades in the enclosure is
not required at the time you add the enclosure, but to use the server blades in an enclosure,
you must assign server profiles to them. To access a network, the server profile must include
a connection to that network or a network set that includes that network.
For a summary of the tasks you complete when adding an enclosure and connect its server blades
to data center networks, see “Quick Start: Adding an enclosure and connecting its server blades
to networks” (page 103).
8.2 Configuration changes that might require changes to multiple resources 91
92
Part III Configuration quick starts
The quick starts provided in this part describe the basic resource configuration tasks required to quickly
bring the primary components of your hardware infrastructure under appliance management. Additional
resource configuration and ongoing management tasks are documented in Part IV.
94
9 Quick Start: Initial Configuration
This quick start describes the process to bring your data center resources under management of
the appliance after you complete the appliance installation. This quick start recommends an order
for adding resources to an appliance that has not previously been configured.
9.1 Process overview
1. Before you install the appliance, you might want to plan for your data center configuration.
By deciding things like resource names and the number and composition of network sets
before you start adding enclosures and servers to the appliance, you can create a configuration
that takes full advantage of the appliance features and results in an environment that is easier
for your administrators to monitor and manage. In addition, the switch ports for data center
network switches that connect to the Virtual Connect interconnect modules must be configured
as described in “Data center switch port requirements” (page 139). For planning information,
see “Planning your data center resources” (page 85).
2. When you install the appliance, you perform the configuration steps described in the HP
OneView Installation Guide, including:
• Changing the Administrator password.
• Configuring the networking settings for the appliance, including entering an appliance
host name and setting IP addresses and DNS server addresses, if used.
3. After you complete the installation, you perform the initial configuration tasks described in
“First time setup: configuration tasks” (page 95).
For illustrated examples of these tasks, see “Step by step: Configuring an example data center
using HP OneView” (page 251).
4. After you perform the initial configuration, back up the appliance and establish policies and
procedures for backing up the appliance on a regular basis. For information about creating
a backup policy, see “Determining your backup policy” (page 172). For information about
backing up the appliance, see “Backing up an appliance” (page 171).
5. If you have not already done so, establish policies for other aspects of appliance and data
center security, such as downloading and archiving audit logs. For more information about
security planning, see “Security planning” (page 85).
9.2 First time setup: configuration tasks
To bring your data center resources under appliance management, complete the following first
time setup configuration tasks:
1. Initial configuration tasks (required)
2. Physical topology and power system configuration tasks (optional)
Initial configuration tasks to bring your environment under management
After installing the appliance and configuring its network, the next step is to make your data center
environment known to the appliance and bring it under management.
The first time configuration tasks are no different than when they are performed as routine
maintenance.
While HP OneView is designed to allow flexibility in the order in which you create, add, and edit
resources and devices, HP recommends using the workflow sequence documented in the following
table for initial configuration tasks or whenever you make significant additions or changes to your
environment.
9.1 Process overview 95
To use REST APIs to configure the appliance and bring your environment under management for
the first time, see the REST API help, which is available from the Help Sidebar.
Table 5 First time setup: initial configuration tasks
Configuration task
Add users to the appliance
1. Create user accounts assigned with predefined or specialized privileges with local or directory-based authentication.
See the Users and Groups online help for more information.
Add firmware bundles to the appliance firmware repository
2. Add the latest firmware bundles to the appliance.
See the Firmware Bundles online help for more information.
Create networks
3. Create Ethernet networks for data and Fibre Channel networks for storage.
See the Networks online help for more information.
Create network sets
4. Create network sets to group Ethernet networks together to simplify management.
See the Network Sets online help for more information.
Create a logical interconnect group
5. Create a logical interconnect group to define the connections between your networks and interconnect uplink ports.
See the Logical Interconnect Groups online help for more information.
Create an enclosure group
6. Create an enclosure group to define and maintain consistent configurations and to be able to detect and manage
devices such as interconnects and server hardware in your enclosures.
See the Enclosure Groups online help for more information.
Add enclosures to the appliance
7. Add enclosures to the appliance to manage their contents and apply firmware updates.
See the Enclosures online help for more information.
If your enclosures or server hardware do not have embedded licenses, you must add licenses to the appliance first.
If you have an SNMP read community string you prefer to use, set the SNMP read community string before you add
an enclosure to the appliance.
Create server profiles and apply them to server hardware
8. Create and apply server profiles to define common configurations for your server hardware.
See the Server Profiles online help for more information.
Save the appliance configuration to a backup file
9. Save the initial appliance configuration settings and database to a backup file in the unlikely event you need to
restore the appliance to its original settings in the future.
See the Settings online help for more information about creating and saving appliance backup files.
Configure physical topology and power systems in your environment (optional)
By defining the physical dimensions of the space your networking hardware inhabits and positioning
enclosures, power delivery devices, server hardware, and other devices in racks provides the
appliance with an accurate diagram of the devices in your data center and their physical
96 Quick Start: Initial Configuration
connections, thus enabling the appliance to provide powerful monitoring and management
functionality:
• The Data Centers screen generates a 3D model of your IT environment, which you can use
for planning and organization purposes.
• The Data Centers screen displays power and temperature data to enable you to monitor power
consumption rates. The appliance monitors and reports peak temperatures for racks and their
components to identify and alert you about potential cooling issues.
• The Power Delivery Devices screen provides data to enable you to monitor power consumption
rates and power caps.
Table 6 First time setup: physical topology and power system configuration tasks
Configuration task
Add power devices
1. Define your power devices and power connections.
See the Power Delivery Devices online help for more information.
After you enter device credentials (your user name and password), the appliance automatically discovers the HP
Intelligent Power Distribution Units (iPDUs).
Add racks and configure the rack layout
2. Add racks and configure the layout of enclosures, power delivery devices, and other rack devices.
See the Racks online help for more information.
Create data centers and position racks in them
3. Define the physical topology and cooling and power characteristics of your data center, which enables 3D
visualization and temperature monitoring.
See the Data Centers online help for more information.
9.2 First time setup: configuration tasks 97
98
10 Quick Start: Adding a network to an existing appliance
environment
This quick start describes the process to add a network to an existing appliance environment and
enable existing server blades to access the network you added.
NOTE: If you are performing initial configuration steps after installing an appliance, HP
recommends that you add networks and network sets before you add enclosures. See “Quick Start:
Initial Configuration” (page 95).
Prerequisites
• Minimum required privileges: Infrastructure administrator or Network administrator for adding
the network.
• Minimum required privileges: Infrastructure administrator or Server administrator for changing
the configurations of the server profiles.
• The enclosures and server blades are already added to the appliance.
• All data center switch ports that connect to the VC (Virtual Connect) interconnect modules are
configured as described in “Data center switch port requirements” (page 139).
99
10.1 Process
When you add a network to the appliance, you might need to make configuration changes to the
following resources:
DescriptionTaskResource
Logical
Interconnect
Groups
Logical
Interconnects
(one or more)
1. Add the network.Networks
2. Add the network to an
uplink set.
3. Do one of the following:
• Add the network to an
uplink set.
• Update the logical
interconnect from the
group.
• Adding a network does not require that you take resources offline.
• For more information about networks, see “Managing networks and
network resources” (page 135), the online help for the Networks
screen, or the REST API scripting help for networks and network sets.
• You can either add the network to an existing uplink set or create a
new uplink set for the network.
• Changing the configuration of an uplink set does not require that
you take resources offline.
• Configuration changes made to a logical interconnect group are not
automatically propagated to the member logical interconnects.
However, by changing the logical interconnect group, for each logical
interconnect, you can update it with a single action.
• For more information, see “Managing interconnects, logical
interconnects, and logical interconnect groups” (page 141), the online
help for the Logical Interconnect Groups screen, or the REST API
scripting help for logical interconnects and the REST API for the
uplink-sets resource.
• Changing the configuration of an uplink set does not require that
you take resources offline.
• Configuration changes made to a logical interconnect group are not
automatically propagated to the member logical interconnects. To
update a logical interconnect with changes made to its logical
interconnect group, you must do one of the following:
Network Sets
4. (Optional) Add the
network to a network set.
◦ Select Logical Interconnects→Actions→Update from group.
◦ Use the REST APIs to reapply the logical interconnect group.
When adding a network, updating a logical interconnect from its
group does not require that you take resources offline.
• You can also make changes to a logical interconnect without also
changing the logical interconnect group. In this case, you add the
network to an uplink set on the logical interconnect. However, the
appliance labels the logical interconnect as being inconsistent with
its group.
• For more information, see “Managing interconnects, logical
interconnects, and logical interconnect groups” (page 141), the online
help for the Logical Interconnects screen, or the REST API scripting
help for logical interconnects.
• Applies to Ethernet networks only.
• Adding a network to a network set does not require that you take
resources offline. Server profiles that have connections to the network
set do not have to be updated when a network is added to the
network set.
• For more information about network sets, see “Managing networks
and network resources” (page 135), the online help for the Network
Sets screen, or the REST API scripting help for networks and network
sets.
100 Quick Start: Adding a network to an existing appliance environment
Loading...