Hardware Management Console Readme *Version 10 Release 1 Maintenance 1020 (V10 R1 M1020) README* Updated: 05 May 2023 (C) Copyright International Business Machines Corp., 2023 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * Terminology <#term> * PTF MF70046 HMC V10 R1M1020.0 - for vHMC for x86_64 hypervisors (5765-VHX) <#MF70046> * PTF MF70047 HMC V10 R1M1020.0 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) <#MF70047> * Backup and Restore with HMC 1020 <#insnotes> * Mandatory PTF on HMC 1020 <#manda> * Enhancements and New Features <#enhance> * Virtualization Management Interface (VMI) Configuration <#vmi> * List of fixes <#fixes> * Command line changes <#command> * Known issues and limitations <#known> * Best Practices <#best> * Installation <#install> Terminology *x86* - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. *Note:* HMC V10R1 release for x86 is not supported on bare metal (7042 hardware appliances). * ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MF70046 HMC V10 R1 M1020 - for vHMC for x86_64 hypervisors (5765-VHX) This package represents a service pack image that can be used to update the HMC from HMC V10 R1 M1010 release. You can also reference this package by APAR MB04342 and PTF MF70046. This image can be installed on top of HMC V10 R1 M1010 with or without other PTF or Service Packs before it. * Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V10R1M1020_x86.iso 5141334016 00d2010ed8bb28a93e4dec1b2947aa9fa0be59e7 MB04342 MF70046 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 1 Service Pack: 1020 HMC Build level 2206300707 MF70046 - HMC V10R1 M1020 ","base_version=V10R1 " PTF MF70047 HMC V10 R1 M1020 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) This package represents a service pack image that can be used to update the HMC from HMC V10 R1 M1010 release. You can also reference this package by APAR MB04343 and PTF MF70047. This image can be installed on top of HMC V10 R1 M1010 with or without other PTF or Service Packs before it. * Service packs are cumulative and will include all the interim fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V10R1M1020_ppc.iso 5138192384 889a93b3968fad791f0216f2399dfd8f5ed48da3 MB04343 MF70047 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 1 Service Pack: 1020 HMC Build level 2206300707 MF70047 - HMC V10R1 M1020 ","base_version=V10R1 " Backup and Restore with HMC 1020 If a HMC critical console backup is taken after installing M1020, the restore process requires installing the PTF MF69186/MF69187 on top of Recovery image V10R1M1010 with or without additional PTFs before restoring M1020 or higher to be successful. If the PTF is not installed the following error will occur: /"/sbin/reboot:symbol lookup error: /sbin/reboot: undefined symbol: bus_wait_for_units_new, version SD_SHARED" / Mandatory PTF on HMC 1020 It is recommended to update HMC 1020 with the mandatory PTF MF70119/ MF70120 after installing/upgrading to HMC 1020 to avoid an HMC hang symptom. Enhancements and New Features * Support for managing Power10 Scale-out and mid-range systems. o VIOS Management Enhancements o New options in HMC installios command to specify the number of attempts for the BOOTP & TFTP requests o lshwres command to display virtual storage topology will now display disk name on the client LPAR along with the UDID o Command Line support for importing and managing VIOS images o Scheduled operations support for VIOS backup and SSP configuration backup * HMC User Experience Enhancements o Usability improvements in Virtual Storage & Virtual Network views o Enhancements in help views + Isolated Help Search + Support of navigation details in help search o New notification area in GUI to show messages and notifications. All Capacity on Demand messages that previously popped up on the GUI are now sent to this notification area instead. o Inline Error/Warning for the multi-step progress view * HMC management enhancements o Warning message during HMC shutdown or reboot if there are other logged in sessions (RFE 127366) o Support for monthly repeat option in Scheduled operations (RFE 147943) o New command rstconsdata to restore HMC critical console data (RFE 115894) o Increased the number of commands saved in history command and added time stamp o Provide option to specify bond mode for network bonds (Round Robin (Default mode) or Active Backup) o Add access to sha256sum and md5sum commands in restricted shell * Allow assignment of labels to group VIOSs for Virtual Fibre Channel and virtual SCSI hosting and to group MSPs. These groups can be used for Live Partition Mobility (LPM), Remote Restart (RR), and Disaster Recovery operations. * Ability to enable/disable SR-IOV vNIC auto-failover at system level * Support for TLS1.3 * Added support for enterprise BMC Firmware Updates o More data about the firmware levels before and after the update have been provided o Allowance to select different levels for every selected server from a single point. * TCP port 17443, redfish.event, has been added to the HMC firewall list. This port is open by default. The port is required to manage Enterprise BMC-based systems. Virtualization Management Interface (VMI) Configuration Enterprise BMC-based Power Systems have a new interface to communicate with the Power hypervisor in addition to a connection to the Enterprise BMC. This interface is called the Virtualization Management Interface (VMI). Users need to configure the VMI IP address, after connecting an Enterprise BMC-based system to the HMC for enabling virtualization functions. It is recommended to configure the VMI IP before powering on the system. *HMC GUI:* 1. To view or modify the VMI configuration, complete the following steps: 2. In the navigation area, click *Resources*, then select *All Systems*. 3. In the content pane, select an Enterprise BMC-based managed system. 4. In the menu pod, select *Actions* > *VMI Configuration* .* * 5. From the VMI Configuration window, select the VMI interface that you want to modify then click *Action *to modify or clear the VMI configuration. 6. After you modify the VMI configuration, click the *Refresh *icon to view the updated VMI configuration. *HMC CLI:* 1. Use the *lssysconn -m * *-r vmi *command to view the VMI configuration for a managed system. 2. Use the *chsysconn -m* *-r vmi* command to modify the VMI configuration for a managed system. 3. To get more information about the state of a managed system (specifically for states such as No connection and Incomplete), use the *lssyscfg *command as below * l*ssyscfg -r sys -m* *-F name,state,state_detail * List of fixes *General fixes* * Fixed an issue that caused the VM Recovery Manager relocation of a partition using NETAPP SAN storage to fail with the error /'REST019C Value ' "pending_boot_string=source=,NETAPP-LUN C-Mode-" ' is not valid for option ' inputdata '/". * Fixed issue with filling up root filesystem and generating call home SRC E212E136. * Fixed an issue that caused the partition virtual storage panel of the GUI to show internal error and not provide option to attach storage to the partition. * Fixed the bug that causes the VIOS install operation from GUI to fail with "/unable to connect to database/" error. * Fixed an issue while recreating postgresql database when HMC language is non-English. * Fixed an issue that caused VIOS Backups using HMC to fail whenever HMC hostname or its domain suffix contains shell keys such as the word '/local/'. * Fixed an issue seen during auto-discovery or discovery using IP range for connection establishment Fixed an issue that caused a managed system to go into Incomplete state after renaming a virtual network. This issue only occurs when the managed system is managed by redundant HMCs and a new virtual network is created with the same original name of the virtual network that was renamed. * Fixed some issues causing harmless error messages to be written to the HMC messages log during each restart of the HMC. These messages occur on model 7063 HMCs that are at V9R2M951 or higher. * Fix SO2_FAILED SRC during schedule operation execution. * Addressed a warning message displayed when updating serial number of HMC's 7063-CR1. * Fixed an issue where call home tickets would have commas added. * Fixed an issue where lslic text would be missing from Call Home data. * Added validation to ensure there is only one backing device for every VNIC mappings * Fixed sorting by the timestamp columns in Serviceable Events Manager panel, to be sorted chronologically. * Updated the *lslic *man page to correct the description of the *-c* option. * Generate an error during the case where user attempts to close a problem from the secondary HMC, but the secondary HMC cannot communicate and publish the request to the primary HMC. * Fixed an issue that caused SRC E212E091. * Fixed wrong processor utilization on the HMC GUI for shared processor partitions. Shared Processor partitions utilization shown in the GUI will now reflect utilization data adjusted for OS idle time like dedicated processor partitions. Logical Partitionand VIOS level PCM Rest API JSON attribute utilizedProcUnits has also been adjusted for the same. * Corrected the *chpwdpolicy *man page to remove the statement that only user-defined password policies can be modified. This statement was removed because the default password policy can also be modified. * Extend timeout values during primary console arbitration for HMC manage server, which is what determines which of the peer HMCs will manage and call home serviceable events. * Fixed inconsistency in displaying ipv6 details following recovery install. * Fixed the issue with *lssysconn *to not list the connected managed systems with a rare network configuration on the HMC. * Fixed local console Firefox background connection calls to Amazon and Google Cloud. * Fixed an issue that caused local console to hang at grey screen, when setup wizard is launched and then cancelled, but then the pop-up to confirm cancel is ignored and complete browser close button is pressed. * Fixed an issue where call home tickets would have commas added and not a valid ticket value, ie PR120,220,112. * Fixed an issue that prevents the HMC login by kerberos user ids that exist in a realm other than the default realm. * Enabled Serbia (RS) or Montenegro (ME) country codes to be selected separately for call home customer information. * Fixed the LPAR profile activation issue causing loss of network configuration when profile has Migratable VF configuration with vNIC as backup Device. * Fixed an issue where the browser window on the local console stayed on the "/Initialization is in progress/" screen after restarting the HMC. * Fixed an issue that caused the HMC network to be restarted and SRC E35F0012 to be called home when creating a new HMC user. This issue occurs when the mkhmcusr command is used to create the new user and data replication is enabled. * Fixed an issue causing the repeated call home of SRC E212E13D due to the /var/hsc/log file system being over 80% utilization. * Enhanced Periodic Transmissions to now use an available call home server via port 5026. * Fixed an issue where when a partition is active with Active Memory Expansion (AME) enabled, the UI did not allow the user to view or dynamically modify the AME value. * Fixed a problem with VIOS "Validate Maintenance Readiness and Prepare" where IBM i partitions using vios hosted multipath storage return "ERROR: The storage exposed from the vfchost does not have redundnacy." The fix requires SAN storage support for unique lun ids. * Enhanced the log handling of hdwr_svr to prevent a daemon core dump resulting in the report of SRC E23D040A. *Security fix* * Fixed a security issue that allowed root access to the HMC. Command Line Changes * The *chsysconn *command has been added to configure the Virtualization Management Interface (VMI) network settings. * The *lssysconn *command has been enhanced to list additional connection information and VMI network interface information for Enterprise BMC-based managed systems. * The *mksysconn *command has been enhanced to allow the user to specify the Enterprise BMC user ID when connecting to an Enterprise BMC-based managed system. * A new option has been added to the *chsyspwd *command for entering the Enterprise BMC user ID when authenticating an Enterprise BMC-based managed system in the Failed Authentication state. * The *chhwres *and *lshwres *commands have been enhanced to support the disablement and enablement of automatic priority failover for all virtual NICs on a managed system. * The *mksyscfg *and *chsyscfg *commands have been enhanced to no longer require the uncapped weight to be specified for uncapped shared processor partitions or profiles. The uncapped weight is defaulted to 128 if it is not specified. * When switching a capped shared processor partition to uncapped using the *chhwres *command, the uncapped weight is now defaulted to 128 instead of 0 if it is not specified. * The *lshwres *command has been enhanced to include the volume ID and location code of the virtual fibre channel device when displaying virtual fibre channel topology. * The following commands have been added to support grouping of VIOSs for Virtual Fibre Channel and virtual SCSI adapter hosting for LPM, RR, and DR operations, and for grouping of VIOSs to be used as MSPs for LPM operations: *labelvios *and *lslabelvios*. * The following commands have also been enhanced to support this function: *lslpamigr*, *lsrrstartlpar*, *migrlpar*, and *rrstartlpar*. * The following commands have been added to support importing and managing VIOS installation images: *chviosimg*, *cpviosimg*, *lsviosimg*, and *rmviosimg*. * New options have been added to the *installios *and *lpar_netboot* commands to specify the maximum number of BOOTP and TFTP retry attempts. * The following commands have been added to support the collection of VIOS debug data and the transmission of that data to a remote server: *lpardbg *and *lslpardbg*. * A new option (*-l*) has been added to the *lslic *command to filter the LIC levels that are available to be retrieved from a repository by operation type. * A new option has been added to the *lssvcevents *command to specify the maximum number of serviceable events to list. * New options have been added to the *chhmc *command to support active-backup network bonding mode. * The *chhmcencr *command has been changed to automatically restart the HMC after any HMC Web user interface encryption ciphers are changed, and a new option has been added so that the restart will occur without the user being prompted for confirmation. * A new option has been added to the *lshmcencr *command to allow HMC Web user interface encryption ciphers to be listed by TLS version. * The *rstconsdata *command has been added to restore HMC critical console data. * A new option has been added to the *formatmedia *command to format a USB device with the EXT4 file system. * A *--force* option has been added to the *hmcshutdown *command to force the shutdown when the HMC Command Server is not running. * Provided access to the *sha256sum *and *md5sum *commands in the restricted shell. Known issues and limitations * Sometimes, the HMC GUI & CLI commands hangs following pedbg command execution. The mandatory fix resolves the issue. * On 7063-CR1 HMCs, sometimes the HMC freezes and requires a reboot to continue to work on that HMC. * When there are multiple updates to vnic object like add BD , remove BD , modify VNIC from same panel , the page will display "/Another operation has changed the configuration. Refresh the web page then try the operation again./". Refresh the page to overcome this issue. * Active backing device is not properly mapped in VNIC topology diagram. * GUI throws "/Error Launching Task/" message when BMC General Settings page is accessed during the BMC bootup. * Kerberos users will not be allowed to reset expired password on the HMC. * When primary LDAP server is not reachable, the HMC will not authenticate with backup server. Login to the HMC by connecting with backup uri, when primary is not available. * Code update might fail sometimes due to lock conflict issue "/HSCF0221E Could not free the locks on the following systems./" To overcome this issue, please perform below operations. 1. After a code update, remove system connection and add it back 2. If a lock error is seen on code update, remove system connection and add it back and retry based on where the code update failed (after checking the current level) * In 1020 and higher a new Event Notification field was introduced with 3 scheduled operations settings: o None o All scheduled operations o Failed scheduled operations The prior setting, if it was selected, of "All scheduled operations" is not persisted across updates to V10R1M1020 or greater nor upgrades to V10R2M1030. Instead the setting defaults to the None option. *Workaround:* Re-save the desired setting after update or upgrade to receive notifications of scheduled operations. * If the chhmcencr command has been used to remove any TLS 1.3 ciphers from the HMC Web user interface, those changes are lost when the HMC is updated or upgraded and will need to be made again after the HMC update or upgrade. * The reset of an expired password of a Kerberos user is not supported in multi-realm configuration setups since release V9 R2 950. When such users try to login using GUI, they will get message as Invalid credential. Upon login from CLI, users may see below or similar messages. /Password:// //Password expired. Change your password now.// //Current password:// //Current Password:// //Password change failed. Server message: Old password not accepted.// //Current Password:// //Password change failed. Server message: Old password not accepted.// //Current Password:// //New password:// //Retype new password:// //Password change failed. Server message: Old password not accepted./ *Circumvention**:* Change or reset the password first, then log into HMC. Best Practices * User sessions - The following best practices helps avoid performance degradations gradually over a period of time due to increased login sessions as well as security vulnerabilities such as unauthorized access to the active HMC sessions. o It is a best practice to logoff from HMC UI and then close the browser tab instead of directly closing the tab o Set Idle session timeout for all the users and not leave the timeout as '0' which leaves it as no timeout. Installation Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 10 Updating, upgrading, and migrating your HMC machine code Update(s) for HMC V10R1M1010 Back to top