Sysadmin's Shouts!

a blog for sysadmin's rants and raves…

Leave a comment

Update Cisco Servers CIMC’s Firmware

Cisco’s CIMC updates are done using the HUU – Cisco Host Upgrade Utility, which comes in ISO form so can be burned on physical media or mounted remotely via the KVM on the CICM interface. Quoting Cisco’s manual:

<<Upgrading BIOS and Cisco IMC Firmware, Cisco provides the Cisco Host Upgrade Utility to assist you in upgrading the BIOS, Cisco IMC, CMC LOM, LSI storage controller, and Cisco UCS Virtual Interface Cards firmware to compatible levels.

Always upgrade the BIOS, the Cisco IMC and CMC from the HUU ISO. Do not upgrade individual components (only BIOS or only Cisco IMC or CMC), since this could lead to unexpected behavior. If you choose to upgrade BIOS, the Cisco IMC and the CMC individually and not from the HUU ISO, make sure to upgrade both Cisco IMC, BIOS and CMC to the same container release. If the BIOS, CMC and the Cisco IMC versions are from different container releases, it could result in unexpected behavior. Cisco recommends that you use the Update All option from the Host Upgrade Utility to update the firmware versions of Cisco IMC, BIOS, CMC and all other server components (VIC, RAID Controllers, PCI devices, and LOM) together.>>


1.- Connect to Cisco Download Software website & download the ISO update.

Example of direct dowload HUU 3.03e

Easiest way to find the latest software for your Server if you have updated it before:

From Download Software > My Download History > UCS C240 Rack Server Software > Latest Release > Download File

2.- Perform a Backup

Backup of the FW.

NOTE: in CIMC this step is performed automatically. Backup FW versions can be perused in CIMC > Admin > Firmware Management

Backup of the BIOS.

Navigation Panel (Top Left Icon) > Compute > BIOS > Configure BIOS Profile > Take Backup

3.- Revise NTP & TimeZone

Set NTP:

Navigation Panel (Top Left Icon) > Admin > Networking > NTP Setting > NTP Properties
NTP Enabled x
Server 1:
Server 2:
Server 3:
Server 4:
> Save Changes

Set TimeZone:

Navigation Panel (Top Left Icon) > Chassis > Summary >Cisco Integrated Management Controller (Cisco IMC) Information > Timezone: Europe/Madrid

Check Time:

Navigation Panel (Top Left Icon) > Chassis > Summary >Cisco Integrated Management Controller (Cisco IMC) Information > Local Time

Check NTP (Note: leave at least 15 minutes between configuration and verification –to avoid getting a stratum 16):

Navigation Panel (Top Left Icon) > Admin > Networking > NTP Setting > NTP Properties > Status: Values 1-15

4.- Start Console

Navigation Panel (Top Left Icon) > Admin > Firmware Management > Firmware Management Review the versions stored.

Open a KVM (Java or HTML), map the ISO downloaded to the server as Virtual Media, CD.
NOTE: if we choose the Java KVM, we can record the whole installation in a video (for documentation purposes), the HTML KVM option can only take snaps, not videos.

If the UCS is being managed from a vCenter or a OVMmanager, move the VMs off the server first and put into maintenance or stopped mode.

5.- Reboot from HUU

On Boot, press <F6>, to choose the Boot Menu, and once there, select boot device Cisco vKVM-Mapped vDVD1.22. Now it will start from the HUU software.

ISOLINUX 4.04… image will start booting, followed by a GUI named Cisco UCS Host Upgrade Utility, with an animated loading circle, which does a few full turns.

6.- Update FW Packages

Once HUU has finished copying the FW to the CIMC, it will display the Agreement page, which we will confirm, and after that we can review the FW levels to be updated.

We will select the Update All option, and Are you sure? Yes

It will mark all the packages in the inventory as SCHEDULED, and it will go through each one as IN PROGRESS, PASS.
NOTE: The BIOS is updated last, as after doing that step, the system reboots.

7.- Verify Upgrade & System Status

Once all the packages have a green PASS update status, we can press the Exit button, wait 5 minutes and login into the new CIMC.

Review that the CIMC is correct via HOME > Chassis > Summary, note that the CIMC starts pretty quick, but the server takes longer to start, and it will show as powered off from the CIMC until it has boot up, so it’s best to wait for a while to see if the server comes up OK, before issuing a host power on from the CIMC.

8.- Now, go and grab a coffee… ‘coz we’ve finished!




UNIX/Linux everywhere???

In our days most of the appliances that support a terminal session and provide a CLI or command line interface behave like UNIX/Linux.

This is good, as at least there is a wide standard for basic system commands like:


However the most common implementation of a CLI in appliances that have an embedded OS, is not really a Linux environment or shell, but an implementation of BusyBox.

BusyBox is a multi-call binary that combines many common Unix/Linux commands and utilities into a single executable, therefore creating links or alias to all the individual commands pointing to the same executable, saving space in disk and memory.

The latest version of BusyBox (v1.26.2 as of 10/01/2017) has all the following commands built in:

 [, [[, ar, awk, base64, basename, bunzip2, bzcat, bzip2, cal, cat,
 catv, chat, chgrp, chmod, chown, chpasswd, chpst, chroot, chrt,
 cksum, clear, cmp, comm, cp, cpio, cryptpw, cut, date, dc, dd,
 devmem, df, diff, dirname, dnsd, dnsdomainname, dos2unix, du, echo,
 ed, egrep, env, envdir, envuidgid, expand, expr, fakeidentd, false,
 fgrep, find, fold, fsync, ftpd, ftpget, ftpput, fuser, getopt, grep,
 groups, gunzip, gzip, hd, head, hexdump, hostid, hostname, httpd,
 id, inetd, install, iostat, ipcalc, kill, killall, killall5, less,
 ln, logger, logname, logread, lpd, lpq, lpr, ls, lzcat, lzma, lzop,
 lzopcat, makemime, man, md5sum, mesg, microcom, mkdir, mkfifo,
 mknod, mkpasswd, mktemp, more, mpstat, mt, mv, nc, nice, nmeter,
 nohup, nslookup, od, patch, pgrep, pidof, pipe_progress, pkill,
 popmaildir, printenv, printf, ps, pscan, pstree, pwd, pwdx,
 readlink, realpath, reformime, renice, reset, resize, rm, rmdir,
 rpm, rpm2cpio, run-parts, runsv, runsvdir, sed, sendmail, seq,
 setsid, setuidgid, sha1sum, sha256sum, sha512sum, sleep, smemcap,
 softlimit, sort, split, start-stop-daemon, stat, strings, stty, sum,
 sv, svlogd, sync, sysctl, syslogd, tac, tail, tar, tcpsvd, tee,
 telnet, telnetd, test, tftp, tftpd, time, timeout, touch, tr, true,
 tty, ttysize, udpsvd, uname, uncompress, unexpand, uniq, unix2dos,
 unlzma, unlzop, unxz, unzip, usleep, uudecode, uuencode, vlock,
 volname, watch, wc, which, whoami, whois, xargs, xz, xzcat, yes,

If you want to try busybox on real time, you can go to this page, where there is a JavaScript PC emulator with BusyBox v1.20.0:

If you want to know more about this excellent and widely-used Open-Source project, visit:

Traditionally, to try a UNIX like environment on a windows PC, you had a couple of options: install microsoft’s own windows unix support, or install cygwin.

Well it’s good to know that now we have another option, and that it’s easier to install.
But in any case, my all-time favourite until today, is the use of MobaXterm.

This is a product to handle all sort of sessions & connections, and the best of it is that it lets you setup connections with terminals with SSH and Telnet, but also handles RDP, HTTP, etc. It even imports settings from PuTTY.

The best of all, is that it lets you open a local terminal session in windows, and that local session uses our new friend busybox, so you can also type windows commands (not built-ins, only externals, but hey!) or unix-like commands, at your leisure.

It’s specially good to develop unix or linux scripts in your PC, instead of doing so in a real server (really handy when you don’t have a development server in your environment, or if you are developing or fixing scripts in a laptop while you travel, on a hotel, etc.).

So there you go, if you want to have the best of linux in windows you can use busybox, cygwin, or MobaXterm. In Windows 10 mind, we also have the ubuntu bash shell, which is also very nice, and supported by Microsoft, excellent.

Leave a comment

HowTo: Actualizar FW de librerías de cintas IBM TS3100-TS3200.


a.- Conocer el Hardware de nuestra librería de cintas: Modelo, Serial Number, FW version numbers de la librería y de los drives. Saber si tenemos drives Full Hight (FH) o Half Hight (HH) y si su conexión es SAS (directa) o FC (fibra SAN).

[Nota: si tenemos una TS3100, podemos tener 1 drive FH o 2 HH, si es una TS3200, podemos tener 2 drives FH o 4 HH].  Para conocer mejor los detalles del HW de cada librería, revisar sus datos técnicos en la web de Storage de IBM:


b.- Bajar el pack de FW de la librería de “IBM Download Center”, el cual incluye tanto el FW de la librería, como el FW de los drives: se debe siempre instalar el pack, ya que se comprueba en los laboratorios de IBM para que la version del FW de los drives funcione correctamente junto con el FW de la librería, y actualizar el FW de la librería o de los drives por separado no está recomendado (a no ser que se reemplace un drive, en cuyo caso su nivel de FW se debe poner al mismo que el resto de drives en la librería -mismo baselevel-).

  • Desde Fix Central, seleccionar las siguientes opciones:


  • escoger el modelo y versión de pack FW correcto para tu librería:


c.- Leer el fichero README del pack de actualización de FW por si vienen instrucciones especiales que puedan ser diferentes de las especificadas en este documento.

d.- Disponer de los usuarios de la librería:

· user  (este usuario es para operadores, y no permite actualizar FW).
· admin (en realidad solo se necesita este usuario, pero éste es un buen momento para verificar si tenemos todos los usuarios registrados. por defecto admin/secure para FW posterior a la v1.90 y admin/adm001 para FW anterior).
· service (probar con: service/sev001 para TS3100 y service/Sev001 para TS3200 -Unconfirmed-)

Si no tenemos la contraseña de “admin”, seguir la siguiente documentación oficial de IBM para devolverlo a valores de fábrica:

e.- Inhabilitar el uso de la librería desde nuestro servidor/software de backups, ya que si los drives o el brazo robótico están en uso, y la actualización de FW reinicia la librería, los dispositivos en uso pueden estropearse (si un drive usando una cinta se reinicia, la cinta se quedará encajada dentro del drive y se perderá el drive y la cinta -en cuyo caso, abrá que abrir caso a soporte HW IBM-).



1.- Es buena idea el configurar las alertas por email de la librería de cintas, ya que si la actualización FW falla, o la ventana del navegador se cuelga, recibiremos una notificación por email de los fallos o sucesos a nuestro correo en el PC, portátil o móvil (muy útil y recomendado).

2.- Primero se actualiza el FW de la librería  luego el de los drives, y solo se pueden actualizar de uno en uno. El proceso comprende la subida del fichero de FW primero al dispositivo, y luego su actualización. Ya que estos envíos se hacen a través de interfaces de red a 100 Mbps, son muy lentos y en ocasiones la conexión se cae; cuando esto pasa, falla la actualización del FW, en cuyo caso la probaremos de nuevo, hasta que funcione correctamente (o mejoramos la estabilidad de la conexión).



Verificar que el status de la librería y los drives están en Ready o Idle, y no en reading, writing, loading, unloading, inventory.

Para actualizar el FW, ir a > Service Library > Upgrade Firmware, seleccionar Choose File desde la sección “Upgrade Library Firmware”. Cargamos el fichero .fbi con el FW y pulsamos el botón “Update”.

Comprobaremos el estado de la actualización revisando primero la subida del FW a la librería (mirando la barra de estado en la parte inferior de la ventana) y luego la carga al dispositivo revisando la sección “System Status” a la derecha.

Una vez actualizado el FW de la librería, procederemos a subir el FW de cada drive, siguiendo el mismo procedimiento, pero seleccionando los ficheros .fmrz apropiados para nuestros drives (FH/HH/SAS/FC).



3.- Una vez finalizado todas las actualizaciones de FWs, hay que probar los drives, el brazo robótico y revisar los logs por errores (una vez revisado todo OK, podemos borrar los logs, para tener el sistema estable y controlado, o dejarlos tal cual por motivos de auditoría).

Para comprobar la librería, podemos lanzar movimientos de cintas desde el panel de control de la librería, o desde el GUI, pero lo mejor es lanzar algún proceso de inventario, consolidación de cintas o traspaso de datos entre cintas desde el software de backup.

4.- Actualizar nuestros sistemas de monitorización (Nagios, Zabbix, Netcool, etc) con el MIB adjunto al FW de la librería, ya que cada actualización de FW de un dispositivo HW cambia los OIDs a monitorizar por SNMP, por lo que hay que actualizar el nuevo MIB, y reconfigurar los OIDs o Trap Events que pudiéramos tener monitorizados por los nuevos.


No es necesario realizar actualizaciones de FW correlativas para llegar a la última versión disponible, se puede hacer directamente la subida a la última versión, no obstante el procedimiento recomendado por IBM es subir de versión en versión, paso a paso.

Al hacer la actualización al último nivel disponible, podremos ahorrarnos un montón de tiempo, ya que las actualizaciones (especialmente las de los drives) son lentas y se tarda mucho tiempo, tiempo en el cual la librería no está operativa para el software de backups. (Puede minimizarse el tiempo actualizando la librería y 1 drive, devolver el acceso al software de backup para dicho drive, y a medida que vamos actualizando cada drive, devolver el acceso al software, drive a drive).

En el caso de que la subida directa al último FW falle, probaremos el método recomendado por IBM de subir versión a versión (lógicamente, cuando el atajo no te lleva donde pensabas, lo mejor es por el camino largo y tortuoso pero seguro…).

Las actualizaciones firmware del hardware de almacenamiento enterprise son muy seguras y rara vez fallan hasta tal punto de dejar el dispositivo offline (siempre y cuando se hayan seguido las instrucciones dadas en esta guía, recordar que si a la librería se le da orden de efectuar cualquier acción de backup/restore mientras se está actualizando la librería, es muy posible que después de actualizarse se reinicie y nos cause una avería HW, perdiendo uno o varios drives y cintas, así que tener especial CUIDADO!).

-Para que no exista afectación alguna a los sistemas productivos siempre se aconseja realizar las intervenciones fuera de horas de afectación al negocio (te ahorrarás sorpresas, dolores de cabeza, y trabajarás de manera mas profesional).-


Leave a comment

HowTo: Install a Fibre Switch (Brocade) in 12 to 15 steps.

Instructions to install a Brocade switch (in our days most of SAN fibre switches are Brocade: IBM, EMC, DELL, FUJITSU, HP, HITACHI, NETAPP, SUN, and ORACLE use OEMized Brocade Switches, and Brocade also sells switches directly, other manufacturers of fibre switches are QLogic and CISCO).

We assume that you have unboxed the switch, put in the rails, mounted it on the rack, populated the FC ports with the SFPs that came in the box, and put the cable or cables and switched it on.

To do the Initial configuration of the switch, We will need the following:

  • A laptop with windows, where we will install the EzSwitchSetup software that comes in a CD with the switch.
  • An Ethernet (normal – no crossover needed) cable to plug directly to the switch on the Management port (We can also use the Serial cable that comes included with some switches, but it’s a lot easier with a CAT5 cable).
  • And now to sit down for a minute and think: prepare/collect the following information to use on the initial switch config:

MAC WWN: _____________________
Hostname: _____________________
IP: _____________________
Mask: _____________________
Gateway: _____________________
NTP Server: _____________________
root passwd: _____________________
factory passwd: _____________________
admin passwd: _____________________
user passwd: _____________________

Once we have this details and prerequisites, we can carry on with the initial config:


1.- We get our laptop and connect it directly to the ethernet management port of our first switch.

2.- Start EzSwitchSetup software

3.- Select the first part of the switch’s MAC address from the drop down list

4.- Complete the MAC address withthe last 3 bytes of our model (it will be printed on a sticker on the switch, or on a plastic tongue on the front left side).

5.- Once our switch is identified, we can proceed to change it’s IP address (the switch will show as default values):


6.- Once the switch has been successfully changed to it’s final IP, we will unplug our laptop, and connect the switch to it`s final network connection.

7.- Now connect remotely to the switch as admin, and when presented with the message:

Please change passwords for switch default accounts now.
Use Control-C to exit or press 'Enter' key to proceed.

Warning: Access to the Root and Factory accounts may be required for
proper support of the switch. Please ensure the Root and Factory
passwords are documented in a secure location. Recovery of a lost Root
or Factory password will result in fabric downtime.

for user - root
Changing password for root
Enter new password:
Re-type new password:
passwd: all authentication tokens updated successfully
Please change passwords for switch default accounts now.
for user - factory
Changing password for factory
Enter new password:
Re-type new password:
passwd: all authentication tokens updated successfully
Please change passwords for switch default accounts now.
for user - admin
Changing password for admin
Enter new password:
Re-type new password:
passwd: all authentication tokens updated successfully
Please change passwords for switch default accounts now.
for user - user
Changing password for user
Enter new password:
Re-type new password:
passwd: all authentication tokens updated successfully
Saving passwords to stable storage.
Passwords saved to stable storage successfully

8.- Change the default 10 minute timeout value to 60 minutes:

timeout 60

9.- Configure our switch hostname with the command:

switchname $HOSTNAME

10.- Configure the timezone:

tstimezone --interactive

11.- Configure the time and the NTP server:

date "0213101215"
Fri Feb 13 10:12:59 CET 2015

Note: Date and time are specified as a string in the format: “mmddhhmmyy” (month day hour minutes year).

tsClockServer "$NTP_IP"
Updating Clock Server configuration...done.
Updated with the NTP servers

12.- Wait 5 minutes and verify the time has adjusted accordingly:

Fri Feb 13 10:12:59 CET 2015

13- Reboot (Note: this step is not really needed, I do it to verify the boot process and that settings are applied correctly):


14.- Extra step: If you want to be thorough, you can Check the SFPs are correct with the provided FC Loopback.

For that you need to plug a loopback in a SFP port and issue the command:


You can change the loopback to another port and issue switchshow again, until we have tried all the SFPs. As usually you will setup switches in pairs, you will have 2 loopbacks, wich makes the check quicker.

15.- As a Final Check, issue the command:


and verify that all the hardware sensors and that the switchstate are all in HEALTHY status, and none of them are in MARGINAL.


And that’s it, the switch is now configured, and ready to plug the fibres to the SAN and the Servers, then the zoning will be needed, and maybe extend the fabric to another switch… but that’s material for another post… Thanx for reading!


Leave a comment

HowTo: detect and connect to Oracle / Sun Microsytems ILOMs (Integrated Lights Out Manager)


· A laptop PC (with windows)
· NetScan from Softperfect (it’s free for personal & professional use)
· An ethernet cable (ie: cat5-6, normal cable -no crossover needed-)


1.- If you haven’t done it already, go to Softperfects web and download the latest version of NetScanner.
Why I like this program? well, it’s free, it’s portable (I love portables BTW), it’s one of the best scanners that I have seen, and it’s free (did I say that already?).

2.- Conect your laptop to the “Net Mgmt” ethernet port of your server, and change your laptop’s local IP address to, with a gateway of

3.- Open NetScan, let it identify your NICs IP network, and start the scan.


4.- As soon as you have 2 entries displayed on NetScan, you can save time and pause the scan process.


5.- Select the last IP shown, and right click, open as Secure HTTP (HTTPS).


6.- Voilá, You may get a certificate error, ignore that, and you will be able to login;


a browser windows should have opened with the ILOM login’s page.

remember that the default user/password to access is root/changeme.

7.- Now you can do what you wanted to do in the ILOM, log off, and go for another server…


Leave a comment

Oracle Hardware – How to replace a Blade from a Sun Blade 8000 chassis.

Today I will do a post with some nice photos of blades hardware ;o)

Well, on this post we’re going to describe the process of replacing a faulty blade, for a good one.


-To have the replacement blade, equal to the one that we are replacing, would be a good start.

Blade X8400_5

To replace a Blade, we basically need to follow this steps:

1.- Power off blade,

2.- Remove the blade from the chassis, -the chassis without blade will look like this:

Sun Blade 8000 Chassis

3.- Take off the blade’s cover,

4.- Remove and set aside the HDs of the blade (better leave them in top of an anti-static mat)

5.- Remove and set aside the RAM SIMMs of the blade (and leave them in the anti-static mat)

6.- Remove and set aside the CPUs Heat Dissipators of the blade (and leave them in the anti-static mat)

7.- Clean the CPUs and the Heat Dissipators of the heat conducting paste with a special cleaning cloth
(you can buy them on and IT shop, next to the heat conducting paste)

Sun Blade 8000 Chassis_1New

8.- Remove and set aside the CPUs of the blade (and leave them in the anti-static mat)

9.- Prepare the new blade, and take off it’s cover,

10.- Insert the CPUs from the old blade,

11.- Apply new heat conducting paste to each CPU (with the syringe: I usually put a big dot in the center, but if you really want to get into it, there are lots of pages on the internet about how to corrrectly apply heat dissipator paste to a CPU),

12.- Put the CPU Heat Dissipators (careful with the pressure applied to the screws, you don’t want one of this broken – in fact, I always screw them crossed like the car tires: if we have screws 1,2,3,4, I will half screw 1, 3, 2, 4, and then finish off 1,3,2,4 again, that ensures even pressure has been applied to the heat dissipator),

13.- Put the RAM DIMMs,

14.- Put the HDs,

Sun Blade 8000 Chassis_3New

15.- Put the cover, and reseat the blade on the chassis,

Sun Blade 8000 Chassis_6End

16.- Power On, and check the lights for green ( if an orange light appears, look at the ILOM, you may have a problem ;o(  )

The old blade will look all empty and sad on one side:

Sun Blade 8000 Chassis_4Old

This instructions are from a Sun Blade 8000, but they are pretty simmilar for an IBM BladeCenter blade.

In any case, this procedure is usually performed by an Oracle Field Service Engineer (FSE), as a blade or motherboard is a Field Replaceable Unit (FRU), not a Customer Replaceable Unit (CRU); but it may be of use to those who have a blade at home, or to the inquisitive type sysadmins.

And that’s about the size of it,

thanks for reading.