Manual Chapter : System Controller Management

Applies To:

Show Versions Show Versions

F5OS-C

  • 1.2.2, 1.2.1, 1.2.0
Manual Chapter

System Controller Management

System controller overview

A VELOS chassis contains a redundant pair of system controllers. Together, the system controllers provide a high bandwidth interconnect between blades, as well as external management connectivity to the blades. Each system controller has a front-panel serial console and a front panel Ethernet management port. System controllers operate in an active-active state when routing traffic between blades, but otherwise operate in a active-standby state for management functions.
During initial configuration, you assign these three management IP addresses to the system controllers:
  • Floating IP address
  • System controller 1 management IP address
  • System controller 2 management IP address
The floating IP address should be the primary management address for the system, so that connections go to the active system controller. You can use the floating IP address to manage the system from the webUI, system controller CLI, or REST APIs. In some cases, such as for troubleshooting, you might log in to an individual system controller IP address, as opposed to the floating IP address.

System controller high availability overview

The system controllers are designed to work together as a redundant, high availability pair.
One of the system controllers is designated as active (or the primary node) and the other as standby. The system controllers act as an active-standby pair for system management and as an active-active pair with regard to traffic processing on the backplane. Each system controller handles half of the traffic in the chassis; if a system controller is not available, the available bandwidth of the chassis is halved. Centralized management functions include hosting the primary (floating) IP address and providing the webUI, CLI, and REST API interfaces that you use to configure and manage the VELOS system.
The default mode for system controller high availability (HA) is Auto, which lets the system select the system controller that is best suited at the time to be the active system controller. This is the recommended setting.
It is possible to set a preference for either system controller to be active, however, this should rarely be necessary. When you do specify a preference for a particular system controller, that system controller will become active if it is in a healthy operational state. If the preferred controller is not present or unhealthy, the non-preferred system controller becomes active. When the preferred system controller returns to an available state, a switchover occurs.

Configure high availability for the system controllers from the webUI

You should not need to change system controller high availability (HA) to something other than the default configuration (Auto), but you can opt to change the configuration or initiate a failover from the active controller to the standby from the system controller webUI.
  1. Log in to the VELOS system controller webUI using an account with admin access.
  2. On the left, click
    SYSTEM SETTINGS
    Controller Management
    .
  3. For the
    Preferred Node
    field, select
    System Controller 1
    or
    System Controller 2
    to act as an active system controller, or choose
    Auto
    (recommended).
    Changing the Preferred Node configuration creates a failover event and ends the session if you select the system controller that is currently acting as the standby. Wait 30 seconds and then start a new session with either the floating IP address or the active system controller IP address after the change has completed.
    Hardware health conditions of the system controllers always take precedence. If one of the system controllers is not healthy, the chassis partition will ignore the preference and synchronize with the healthy system controller.
  4. To force a failover to occur immediately, click
    Failover
    .
    The
    Failover
    button is available only when
    Preferred Node
    field is set to
    Auto
    .
    You would do this only if you want the current standby system controller to become the active system controller.

Show high availability status for the system controllers from the CLI

You can view the status of system controller high availability (HA) from the CLI.
  1. Connect using SSH to the system controller floating management IP address.
  2. Log in to the command line interface (CLI) of the system controller using an account with admin access.
    When you log in to the system, you are in user (operational) mode.
  3. Show the current HA configuration for the system controllers.
    show system redundancy state
    A summary similar to this example displays:
    syscon-1-active# show system redundancy state system redundancy state mode auto system redundancy state current-active controller-1

Configure high availability for the system controllers from the CLI

You can change the preferred system controller high availability (HA) mode from the system controller CLI.
  1. Connect using SSH to the system controller floating management IP address.
  2. Log in to the command line interface (CLI) of the system controller using an account with admin access.
    When you log in to the system, you are in user (operational) mode.
  3. Change to config mode.
    config
    The CLI prompt changes to include
    (config)
    .
  4. Change system controller redundancy to a specified mode.
    syscon-1-active(config)# system redundancy config mode [
    auto
    |
    prefer-1
    |
    prefer-2
    ]
    These redundancy modes are available:
    Option
    Description
    auto
    System chooses preferred mode automatically. This is the default value.
    prefer-1
    Prefer controller-1 to be active.
    prefer-2
    Prefer controller-2 to be active.
    This example sets controller-1 as the preferred active system controller.
    system redundancy config mode prefer-1
  5. Commit the configuration changes.
    commit

Chassis terminal service overview

With VELOS chassis, blades do not have physical console ports. Each system controller has a physical console port. The system controllers in the chassis provide a terminal service that enables authorized users to access blade consoles over SSH using the chassis floating address.
At a high level, these user roles have terminal service access:
Admin
Users with this role can access any terminals in the chassis.
Terminal server admin
Users with this role have terminal server access to all consoles on the system regardless of partition restrictions.
Operator
Users with this role can access any terminals in the chassis.
Partition
Users with this role are not given access to any terminals in the chassis.
Since the chassis terminal service uses SSHD, clients can connect using SSH. The terminal service uses a range of network port numbers to differentiate between connections being requested to the various consoles in the chassis.
You can also access any blade console by selecting the desired blade using the Always-On Management (AOM) Command Menu after you connect a serial cable to either of the system controllers' console ports. For more information about AOM, see the section entitled
About Always-On Management
in the platform guide for your VELOS chassis
.

Console port numbers

The
VELOS
chassis terminal service uses a range of network port numbers to differentiate between connections being requested to either the blade or system controller consoles in a chassis.
Console
Port number
System controller 1
7100
System controller 2
7200
Blade <
1...x
>
700x

Connect to a blade or system controller using the chassis terminal service

If you are an authorized user, you can connect to a blade or system controller using the chassis terminal service.
  1. Connect using SSH to the blade or system controller that you want to access.
    ssh <
    blade-or-sys-controller-ip-address
    > -l admin -p <
    port-number
    >
    This example opens an SSH session to an IPv4 address as an admin user to the blade in slot 1:
    ssh 192.0.2.10 -l admin -p 7001
    This example opens an SSH session to an IPv4 address as an admin user to the system controller in slot 2:
    ssh 192.0.2.10 -l admin -p 7200
    This example opens an SSH session to an IPv6 address as an admin user to the blade in slot 4:
    ssh 2001:db8:ffff:100::1 -l admin -p 7004
    If there is not already an active terminal session attached to the specified console, you are connected immediately. If there is already an active terminal session attached, you can choose to terminate the existing terminal session and replace it.
When you complete your terminal session to a blade or a system controller, you can terminate your session by typing the
Enter ~.
(tilde period) command sequence.