UCS Server Policies Explained & Configuration
I – BIOS Policy
The BIOS policy is a policy that automates the configuration of BIOS settings for a server or group of servers. You can create global BIOS policies available to all servers in the root organization, or you can create BIOS policies in sub-organizations that are only available to that hierarchy.
To use a BIOS policy, do the following:
- Create the BIOS policy in Cisco UCS Manager.
- Assign the BIOS policy to one or more service profiles.
- Associate the service profile with a server.
During service profile association, the Cisco UCS Manager modifies the BIOS settings on the server to match the configuration in the BIOS policy. If you do not create and assign a BIOS policy to a service profile, the server uses the default BIOS settings for that server platform.
Default BIOS Settings
Cisco UCS Manager includes a set of default BIOS settings for each type of server supported by Cisco UCS. The default BIOS settings are available only in the root organization and are global. Only one set of default BIOS settings can exist for each server platform supported by Cisco UCS. You can modify the default BIOS settings, but you cannot create an additional set of default BIOS settings.
Each set of default BIOS settings are designed for a particular type of supported server and is applied to all servers of that specific type that do not have a BIOS policy included in their service profiles.
Unless a Cisco UCS implementation has specific needs that are not met by the server-specific settings, we recommend that you use the default BIOS settings that are designed for each type of server in the instance.
Cisco UCS Manager applies these servers platform-specific BIOS settings as follows:
- The service profile associated with a server does not include a BIOS policy.
- The BIOS policy is configured with the platform-default option for a specific setting.
You can modify the default BIOS settings provided by Cisco UCS Manager. However, any changes to the default BIOS settings apply to all servers of that particular type or platform. If you want to modify the BIOS settings for only certain servers, we recommend that you use a BIOS policy.
BIOS Policy Configuration:
Procedure
II- Boot Policy
The boot policy determines the following:
- Configuration of the boot device
- Location from which the server boots
- Order in which boot devices are invoked
For example, you can choose to have associated servers boot from a local device, such as a local disk or CD-ROM (VMedia), or you can select a SAN boot or a LAN (PXE) boot.
You must include this policy in a service profile, and that service profile must be associated with a server for it to take effect. If you do not include a boot policy in a service profile, the server uses the default settings in the BIOS to determine the boot order.
Important:
Changes to a boot policy may be propagated to all servers created with an updating service profile template that includes that boot policy. Reassociation of the service profile with the server to rewrite the boot order information in the BIOS is auto-triggered.
When you create a boot policy, you can add one or more of the following to the boot policy and specify their boot order:
| Boot type | Description |
|---|---|
| SAN boot | Boots from an operating system image on the SAN. You can specify a primary and a secondary SAN boot. If the primary boot fails, the server attempts to boot from the secondary.We recommend that you use a SAN boot, because it offers the most service profile mobility within the system. If you boot from the SAN when you move a service profile from one server to another, the new server boots from the exact same operating system image. Therefore, the new server appears to be the exact same server to the network. |
| LAN boot | Boots from a centralized provisioning server. It is frequently used to install operating systems on a server from that server. |
| Local disk boot | If the server has a local drive, boots from that drive.Note Cisco UCS Manager does not differentiate between the types of local drives. If an operating system has been installed on more than one local drive or on an internal USB drive (eUSB), you cannot specify which of these local drives the server should use as the boot drive. |
| Virtual media boot | Mimics the insertion of a physical CD-ROM disk (read-only) or floppy disk (read-write) into a server. It is typically used to manually install operating systems on a server. |
The default boot order is as follows:
- Local disk boot
- LAN boot
- Virtual media read-only boot
- Virtual media read-write boot
BooT Policy Configuration:
Procedure
IPMI Access Profile
This policy allows you to determine whether IPMI commands can be sent directly to the server, using the IP address. For example, you can send commands to retrieve sensor data from the CIMC. This policy defines the IPMI access, including a username and password that can be authenticated locally on the server, and whether the access is read-only or read-write.
III- Host firmware policies:
Use host firmware policy to associate qualified or well-known versions of the BIOS, adapter ROM, or local disk controller with logical service profiles, as described earlier.
A best practice is to create one policy, based on the latest packages that correspond with the Cisco UCS Manager infrastructure and server software release, and to reference that host firmware package for all service profiles and templates created. This best practice helps ensure version consistency of a server’s lowest-level firmware, regardless of physical server failures that may cause reassociation of service profiles on other blades.
IV- Maintenance Policy
A maintenance policy determines a pre-defined action to take when there is a disruptive change made to the service profile associated with a server.
The maintenance policy specifies how Cisco UCS Manager deploys the service profile changes. When creating a maintenance policy you have to select a reboot policy which defines when the server can reboot once the changes are applied. The Immediate option will make the server reboot right then. User acknowledge option will wait for manual acknowledgment from the user before rebooting the server. Timer automatic option will trigger the reboot at a specific time mentioned in a schedule.
Create Maintenance Policy:
To create a maintenance policy login to UCS manager and navigate to the Servers tab and right-click on Maintenance Policies and select Create Maintenance Policy.
Reference: https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/UCSM_GUI_Configuration_Guide_141_chapter26.html#concept_7ED5469EA87D4BD7A5BE67525FBB93D6
