Cisco UCS Manager B-Series Troubleshooting Guide
General Troubleshooting Solutions
Download the complete book
Cisco UCS Manager B-Series Troubleshooting GuideCisco UCS Manager B-Series Troubleshooting Guide (PDF - 2 MB)
 Feedback

General Troubleshooting Solutions

This chapter includes the following sections:

Guidelines for Troubleshooting

When you troubleshoot issues with Cisco UCS Manager or a component that it manages, you should follow the guidelines listed in the following table.

Table 1 Troubleshooting Guidelines

Guideline

Description

Check the release notes to see if the issue is a known problem.

The release notes are accessible through the Cisco UCS B-Series Servers Documentation Roadmap available at the following URL: http://www.cisco.com/go/unifiedcomputing/b-series-doc.

Take screenshots of the fault or error message dialog box, the FSM for the component, and other relevant areas.

These screenshots provide visual cues about the state of Cisco UCS Manager when the problem occurred. If your computer does not have software to take screenshots, check the documentation for your operating system, as it might include this functionality.

Record the steps that you took directly before the issue occurred.

If you have access to screen or keystroke recording software, repeat the steps you took and record what occurs in Cisco UCS Manager.

If you do not have access to that type of software, repeat the steps you took and make detailed notes of the steps and what happens in Cisco UCS Manager after each step.

Create a technical support file.

The information about the current state of the Cisco UCS domain is very helpful to Cisco support and frequently provides the information needed to identify the source of the problem.

Technical Support Files

When you encounter an issue that requires troubleshooting or a request for assistance to the Cisco Technical Assistance Center (Cisco TAC), collect as much information as possible about the affected Cisco UCS domain. Cisco UCS Manager outputs this information into a tech support file that you can send to Cisco.

You can create a tech support file for the following components of a Cisco UCS domain:

  • UCSM—Contains technical support data for the entire Cisco UCS domain.
  • Chassis—Contains technical support data for the I/O module or the CIMCs on the blade servers in a given chassis only.
  • Fabric extender—Contains technical support data for the given FEX.
  • Rack server—Contains technical support data for the given rack-mount server and adapter.

Creating a Technical Support File in the Cisco UCS Manager CLI

Use the show tech-support command to output information about a Cisco UCS domain that you can send to Cisco TAC.

Procedure
     Command or ActionPurpose
    Step 1 UCS-A# connect local-mgmt {a | b}  

    Enters local management mode.

     
    Step 2UCS-A(local-mgmt) # show tech-support {chassis chassis-id { all | cimc slot [ adapter adapter-id] | iom iom-id} | ucsm} [brief | detail]  

    Outputs information about the selected objects in a file that you can send to Cisco TAC.

     
    Step 3UCS-A (local-mgmt) # copy workspace:techsupport/filename.tar {scp | ftp}: user_name@IP_addressEnter username’s password: password 

    Copies the output file to an external location through SCP or FTP.

    The SCP and FTP commands require an absolute path for the target location. The path to your home directory cannot include special symbols, such as ‘~’.

     

    Creating a Tech Support File in the Cisco UCS Manager GUI


    Note

    In releases earlier than Cisco UCS Manager Release 1.4(1), you can create a technical support file only in the Cisco UCS Manager CLI.

    Procedure
      Step 1   In the Navigation pane, click the Admin tab.
      Step 2   On the Admin tab, click All.
      Step 3   In the Work pane, click Create and Download Tech Support.
      Step 4   In the Path field in the Create and Download a Tech Support File dialog box, enter the full path where the technical support file should be saved.

      This path must be locally accessible. If you do not know the path, click the Browse button to navigate to it.

      Step 5   In the Options area, click one of the following radio buttons:
      Option Description

      ucsm

      Saves a file containing technical support data for the entire Cisco UCS domain in the specified directory.

      ucsm-mgmt

      Saves a file containing technical support data for the Cisco UCS management services, excluding the fabric interconnects, in the specified directory.

      chassis

      Saves a file containing technical support data for either the CIMCs or I/O modules in a given chassis. When you select this option, Cisco UCS Manager GUI displays the following fields:

      • Chassis ID field—The chassis for which you want technical support data.
      • CIMC radio button—Select this option to get CIMC technical support data. To get the data for a single server within the chassis, enter that server's ID in the CIMC ID field. To get the CIMC data for all servers in the chassis, enter all in this field.
      • IOM radio button—Select this option to get I/O module technical support data. To get the data for a single I/O module within the chassis, enter that module's ID in the IOM ID field. To get the data for all I/O modules in the chassis, enter all in this field.

      fabric-extender

      Saves a file containing technical support data for a fabric extender in the specified directory. When you select this option,Cisco UCS Manager GUI displays the FEX ID field that lets you enter the unique identifier of the FEX for which you want technical support data.

      rack-server

      Saves a file containing technical support data for a C-Series server to the specified directory. When you select this option, Cisco UCS Manager GUI displays the following fields:

      • Rack Server ID field—The unique identifier of the rack server for which you want technical support data.
      • Rack Server Adapter ID field—The unique identifier of the adapter for which you want technical support data. To get the data for all adapters in the server, enter all in this field.
      Step 6   Click OK.

      Powering Down a Cisco UCS Domain

      You can decommission an entire Cisco UCS domain, for example as part of a planned power outage.

      Procedure
        Step 1   Create a configuration backup.

        For more information, see the Cisco UCS Manager configuration guides for the release of Cisco UCS Manager that you are using. The configuration guides are accessible through the Cisco UCS B-Series Servers Documentation Roadmap available at the following URL: http://www.cisco.com/go/unifiedcomputing/b-series-doc.

        Step 2   Gracefully power down all of the blades or rack servers from their installed operating system.

        You can power down the servers from the OS on the server or through Cisco UCS Manager.

        Step 3   Unplug the chassis power or the power to the rack servers after all of the servers are powered down.

        When the servers are powered down, the power LEDs are amber rather than green.

        Step 4   Power down each fabric interconnect by unplugging the power cords in the following order:
        • Unplug the subordinate fabric interconnect.
        • unplug the primary fabric interconnect

        Verification of LDAP Configurations


        Note

        This procedure can be performed only through the Cisco UCS Manager CLI.

        The Cisco UCS Manager CLI test commands verify the configuration of the Lightweight Directory Access Protocol (LDAP) provider or the LDAP provider group.

        Verifying the LDAP Provider Configuration


        Note

        The test aaa server ldap command verifies the server-specific configuration, irrespective of the LDAP global configurations. This command uses the values for the base DN, filter, attribute, and timeout that are configured at the LDAP provider level. If the base DN or filter at the provider level is empty, the LDAP search fails.

        You can enter the test aaa server ldap command to verify the following information if Cisco UCS Manager is able to communicate with the LDAP provider as follows:

        • The server responds to the authentication request if the correct username and password is provided.
        • The roles and locales defined on the user object in the LDAP are downloaded.
        • If the LDAP group authorization is turned on, the LDAP groups are downloaded.
        Procedure
           Command or ActionPurpose
          Step 1connect nxos
           

          Enters nxos mode.

           
          Step 2test aaa server ldap
           

          Tests the LDAP provider configuration.

           

          The following is an example of the response:

          UCS-A# /security # connect nxos 
UCS-A#(nxos)# test aaa server ldap 10.193.23.84 kjohn Nbv12345
user has been authenticated
Attributes downloaded from remote server:
User Groups:
CN=g3,CN=Users,DC=ucsm  CN=g2,CN=Users,DC=ucsm  CN=group-2,CN=groups,DC=ucsm  
CN=group-1,CN=groups,DC=ucsm  CN=Domain Admins,CN=Users,DC=ucsm
CN=Enterprise Admins,CN=Users,DC=ucsm  CN=g1,CN=Users,DC=ucsm  
CN=Administrators,CN=Builtin,DC=ucsm
User profile attribute:
shell:roles="server-security,power"
shell:locales="L1,abc"
Roles:
server-security power
Locales:
L1 abc

          Verifying the LDAP Provider Group Configuration


          Note

          The test aaa group command verifies the group-specific configuration, irrespective of the LDAP global configurations.

          You can enter the test aaa group command to verify the following information if Cisco UCS Manager is able to communicate with the LDAP group as follows:

          • The server responds to the authentication request if the correct username and password is provided.
          • The roles and locales defined on the user object in the LDAP are downloaded.
          • If the LDAP group authorization is turned on, the LDAP groups are downloaded.
          Procedure
             Command or ActionPurpose
            Step 1connect nxos
             

            Enters nxos mode.

             
            Step 2test aaa group
             

            Tests the LDAP group configuration.

             

            The following is an example of the response:

            UCS-A# /security # connect nxos
UCS-A#(nxos)# test aaa group grp-ad1 kjohn Nbv12345
user has been authenticated
Attributes downloaded from remote server:
User Groups:
CN=g3,CN=Users,DC=ucsm  CN=g2,CN=Users,DC=ucsm  CN=group-2,CN=groups,DC=ucsm  
CN=group-1,CN=groups,DC=ucsm  CN=Domain Admins,CN=Users,DC=ucsm
CN=Enterprise Admins,CN=Users,DC=ucsm  CN=g1,CN=Users,DC=ucsm  
CN=Administrators,CN=Builtin,DC=ucsm
User profile attribute:
shell:roles="server-security,power"
shell:locales="L1,abc"
Roles: 
server-security power
Locales:
L1 abc