Hardware Management Console Readme *Version 10 Release 2 Maintenance 1040 (V10 R2 M1040) README* Updated: 08 May 2024 (C) Copyright International Business Machines Corp., 2024 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * Terminology <#term> * PTF MF70893 HMC V10 R2M1040.0 – for vHMC for x86_64 hypervisors (5765-VHX) <#MF70893> * PTF MF70894 HMC V10 R2M1040.0 – for 7063 Hardware or vHMC for PowerVM (5765-HMB) <#MF70894> * Enhancements <#enhance> * List of fixes <#fixes> * Command Line changes <#command> * Known issues and limitations <#known> * Best Practices <#best> * Installation <#install> Terminology *x86* - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. *Note:* HMC V10R2 release for x86 is not supported on bare metal (7042 hardware appliances). * ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MF70893 HMC V10 R2 M1040 - for vHMC for x86_64 hypervisors (5765-VHX) This package represents a service pack image that can be used to update the HMC from HMC V10 R2 M1030 release. You can also reference this package by APAR MB04404 and PTF MF70893. This image can be installed on top of HMC V10 R2 M1030 with or without other PTFs or Service Packs. * Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V10R2M1040_x86.iso 5022175232 2ca8edd9e811dd34b3a7a637275777ab81fd2934 MB04404 MF70893 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 2 Service Pack: 1040 HMC Build level 2304262325 MF70893 - HMC V10R2 M1040 ","base_version=V10R2 " PTF MF70894 HMC V10 R2 M1040 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) This package represents a service pack image that can be used to update the HMC from HMC V10 R2 M1030 release. You can also reference this package by APAR MB04405 and PTF MF70894. This image can be installed on top of HMC V10 R2 M1030 with or without other PTFs or Service Packs. * Service packs are cumulative and will include all the interim fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V10R2M1040_ppc.iso 5032087552 2cb7e00f5fe3a8c97e7747fc21d6f6a2a49cc7dd MB04405 MF70894 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 2 Service Pack: 1040 HMC Build level 2304262325 MF70894 - HMC V10R2 M1040 ","base_version=V10R2 " Enhancements * Support for NVMe Expansion Drawer. * Support for FW1040. * New IO adapter support for: o PCIe4 64Gb 2-port Optical Fibre Channel Adapter with Feature Codes #EN2N/#EN2P and CCIN 2CFD. o PCIe3 SAS Tape HBA Adapter with Feature codes #EJ2B/#EJ2C and CCIN 57F2. * Added an option to the *chhmc *command to configure whether idle cycles should be deducted from Performance and Capacity Monitoring (PCM) processor usage calculations. * Systems Management and Usability Enhancements o Added the ability to start, stop and restart the cloud connector from the GUI and REST API. o Allow creation of a system plan even when the system is set to “Power Off when the last partition is shutdown”. o Added support for SFTP and NFS to the *cpsysplan *command. o Added the ability to rename Virtual Target Device (VTD) and Virtual Optical (VOPT) associated with Physical Volume and vhost respectively using either HMC GUI or REST API. o Added option to rename the Logical Unit associated with the Tier of a Cluster. * Virtualization Management Enhancements o Added the ability to update and display descriptions for systems and partitions via the CLI and REST API. o Added support to synchronize and persist system and partition descriptions across dual HMCs, backup and restore operations, and during partition mobility, remote restart and VM Recovery Manager operations. o Added the ability to display system and partition uptime in all HMC interfaces (Command Line, GUI and Rest API). * Security o Support configuration of the key size of the HMC server certificate. Supported key sizes are 2048, 3072, and 4096. o Support configuration of the expiration date for the certificate used for HMC-to-HMC communication on port 9920. o Added support to the *cpfile *command so that a changed certificate can be exported from the HMC where the expiration date change was made and imported and applied on all other HMCs in the network. o Auto-managed Users with LDAP authentication on HMC are now automatically deleted if the ID is deleted or removed from the LDAP server. The deletion happens based on periodic checks or during HMC restart, upgrade, update or when data replication is triggered. o When auto-manage option is disabled on HMC, all the auto-manage users (i.e., users created automatically when auto-manage was enabled) are deleted from the HMC. o Disabled unsecure telnet port 2300 for all security modes. All IBM i remote console sessions now require a TLS connection. * HMC Management Enhancements o A new GUI option for performing an HMC upgrade has been added. The new task can be found on the HMC Management page * HMC User Experience enhancements o Dashboard landing view now has consolidated resource summary, HMC details overview and processor, memory summary across all systems. o Global Search now has an option to search tags along with different resources like Managed System/Lpar/Vios/Cluster. o Search option has also been added to the left side navigation menu and System, Partition, VIOS drill down views o User Preferences will be auto-saved and persists across logins for Default tab selection, Hide/Unhide table columns and Pagination size. * * *General fixes* * Added a reason for the Version Mismatch system state to the State detail field. * Added missing information to the About HMC V10 GUI page so that the same information available in the old dashboard is now available in the new dashboard on the About page. * Changed a partition migration warning message for the case when one of the source VIOS’s hosting one of the partition's virtual Fibre Channel (FC) adapters supports FC port labels but the destination VIOS does not. The previous message was misleading /"HSCLC3C8 There was a Fibre Channel (FC) port label mismatch for the partition's virtual FC client adapter/ " to now the correct message of "/VIOS does not support FC port labels/". * Fixed an issue so that any TLS 1.3 ciphers removed from the HMC Web user interface via the *chhmcencr *command prior to an HMC update or upgrade remain removed after the update or upgrade. * Corrected the Allocated processors value shown on the GUI in the VIOS table for Virtual I/O servers configured with a processor mode of shared uncapped. * Disabled editing of the Jumbo Frame checkbox on the Modify Virtual Network Bridge GUI page since the jumbo frame setting cannot be changed dynamically. * Fixed a rare timing issue that can cause SRC E3550046 to be reported if a CoD console message is being displayed on the GUI at the same time a user logs into the GUI. * Fixed an issue causing an attempt to activate deferred firmware updates on an Enterprise BMC based managed system to always fail with the following error message: E/rror. Cannot invoke "com.ibm.sfp.updates.openbmc.UpdaterEBmc.getUpdateImage()" because "updater" is null./ * Fixed an issue causing Firefox on the local HMC console to make background connection calls to Amazon and Google Cloud. * Fixed an issue causing HMC ethernet interfaces configured as DHCP clients to go down after updating the HMC network settings. * Fixed an issue causing SRC E35F0010 to be reported multiple times after upgrading the HMC to V10R1M1010. This problem occurs on HMCs with custom scheduling for Serviceability -> Service Management -> Transmit Service Information for Disk Health that was created when the HMCs were at a level earlier than V10R1M1010. * Fixed an issue causing the following harmless events to be logged every 3-10 minutes in /var/log/messages: /systemd[1]: dev-disk-by\x2dlabel-EFI.device: Job dev-disk-by\x2dlabel-EFI.device/start timed out.// // systemd[1]: Timed out waiting for device dev-disk-by\x2dlabel-EFI.device.// // systemd[1]: Dependency failed for /boot/efi.// // systemd[1]: boot-efi.mount: Job boot-efi.mount/start failed with result 'dependency'.// // systemd[1]: dev-disk-by\x2dlabel-EFI.device: Job dev-disk-by\x2dlabel-EFI.device/start failed with result 'timeout'./ * Fixed an issue causing the system firmware level of an Enterprise BMC based managed system to be missing in the system inventory VPD.xml file. * Fixed an issue preventing SRC B303000E from being reported for an Enterprise BMC based managed system and the system from transitioning into No Connection state when the Enterprise BMC becomes unreachable on the network. * Fixed an issue that caused "-" to be shown for all the usage values on the Usage page of the Partitions table in the new GUI dashboard. * Fixed an issue that caused PCM aggregated metrics to no longer be generated after the HMC time was moved forward or when Daylight Saving Time starts. * Fixed an issue that caused SRC E320F817 to be reported and called home after a successful firmware update on a single-FSP system. * Fixed an issue that caused SRC E35A0033 to be generated and called home repeatedly. This issue only occurs on 7063-CR1 HMCs that have a large number of BMC events. * Fixed an issue that caused the Autoconfigure IP Addresses setting for IPv6 be shown incorrectly for an HMC Ethernet interface after a clean install of the HMC was performed when there was no cable connected to that ethernet interface. * Fixed an issue that caused the event notification email notification setting of "All scheduled operations" to be lost after an HMC update or upgrade, causing notification emails for scheduled operations to stop. This issue only occurs when the HMC version prior to the update or upgrade is V10R1M101x and the version after the update or upgrade is V10R1M1020 or greater. * Fixed an issue that caused the *lslic -t sriov* command to fail with the error: "/HSCF0004E An error occurred trying to survey the target mmmm-ttt*sssssss. Please verify the connection to the managed system/." even though the managed system was connected and in Operating state. This error can occur when there is a stale connection to the managed system, or the redundant service processor in the managed system is in No Connection state. * Fixed an issue that caused the *updlic *command to fail when the "-l latest" option was specified when upgrading the firmware on an Enterprise BMC-based managed system to a new release. * Fixed an issue that causes a successful system firmware update operation that takes more than 3 hours to complete to return the following error on the GUI: "/COMPLETED_WITH_ERROR: java.lang.interruptedException: Timed out waiting for the process to exit/." * Fixed an issue that causes in-band BMC communication on a Power HMC to fail after restoring HMC upgrade data that was migrated with network configuration data from a CR9 HMC. * Fixed an issue running the scheduled operation for hardware VPD from a system with a large number of partitions collecting inventory that caused SRC E212E136 to be generated and called home. * Fixed an issue where changing server settings on a new server that is powered off may disable memory mirroring. * Fixed an issue that caused the following warning message to be displayed when updating the HMC: "/Installing Packages...warning: /dump/hsc_install.images/images/install.d/java/ibm-java-sdk-17.0.5.0-x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 9bce9629: NOKEY/" * In the update system firmware wizard, when the highest level in the selected system firmware repository is already installed, the default "Target Level" was changed to "Do Not Update". * Re-enabled the "Use virtual OptiConnect" setting in the Edit Profile GUI. * Updated the rrstartlpar man page and error message to clearly indicate that the *--usecurrdata* command option must be used to restart the partition when its remote restart data is stale. * Fixed an issue that causes one of two HMCs trying to connect to an Enterprise BMC-based managed system to fail to connect to the VMI due to choosing the wrong VMI IP address to connect. This issue occurs when the HMCs are configured with DHCP on separate private networks. * Fixed an issue that may cause /var to fill and SRC E212E134 to be reported due to excessive taskcontroller ssl log entries. * Fixed an issue that resulted in call home SRC E302F817 at the successful completion of a code update. * Fixed an issue when locally at the HMC console with virtual terminal windows open clicking on the Systems hyperlink on the left navigation caused the windows to close requiring the user to reopen the window(s). * Fixed an issue that caused SRC E35F0013 to erroneously be generated and called home sometimes immediately after updating or a subsequent reboot later. Command Line Changes * The following commands have been enhanced to support system and partition descriptions: *chsyscfg*, *lssyscfg*, and *mksyscfg*. * The *lssyscfg *command has been enhanced to display the uptime for systems and partitions. * A new option has been added to the *chhmc *command to select whether Performance and Capacity Monitoring (PCM) processor usage calculations deduct idle cycles, and a new option has been added to the *lshmc *command to display this selection. * The following commands have been enhanced to support configuring the key size of the HMC server certificate: *chhmccert*, *lshmccert*, and *mkhmccert*. * The *chhmccert *command has been enhanced to support configuring the expiration date for the certificate used for HMC-to-HMC communication, and the *lshmccert *command has been enhanced to display the certificate. * The *cpfile *command has been enhanced to copy the certificate used for HMC-to-HMC communication between HMCs, which is required if the expiration date of the certificate is changed. * The *cpsysplan *command has been enhanced to support SFTP and NFS. Known Issues & Limitations * The Remove action is missing from the GUI Shared Storage Pool Volumes page. * VIOS scheduled operations are deleted when the HMC is restarted. * If log in to the HMC GUI is failing with this error for LDAP or auto-managed users: /Error: "Logon Error: Invalid credential or Timeout. Please try again after some time, if it repeats, please follow troubleshooting steps from IBM support."/ Use the following troubleshooting steps: Check whether the user is LDAP or auto-managed authentication type. If so, run the following command to change the LDAP configuration: o chhmcldap -o s --timelimit 30 --bindtimelimit 20 If log in to the GUI still fails, run the following command: o chhmcldap -o s --timelimit 30 --bindtimelimit 10 Best Practices * User sessions - The following best practices helps avoid performance degradations gradually over a period of time due to increased login sessions as well as security vulnerabilities such as unauthorized access to the active HMC sessions. o It is a best practice to logoff from HMC UI and then close the browser tab instead of directly closing the tab o Set Idle session timeout for all the users and not leave the timeout as '0' which leaves it as no timeout. * Profile recommendations - The maximum number of partition profiles suggested per partition is 10. Installation Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations: Upgrading the HMC from Version V9R2 or V10R1M1010 to V10R2M1040 Updating, upgrading, and migrating your HMC machine code Update(s) for HMC V10R2M1040