Difference between revisions of "Configuring an APC AP7900"

From Alteeve Wiki
Jump to navigation Jump to search
(Created page with "{{howto_header}} thumb|right|400px|APC [http://www.apc.com/products/resource/include/techspec_index.cfm?base_sku=AP7900 AP7900 8-Outlet 1U] 120vAC PDU. Photo by [http://www.apcmedia.com/prod_image_library/index.cfm?search_item=AP7900# APC]. = Purpose of This Tutorial = The APC-brand '''AP7900''' (and '''AP7900B''') switched PDU is an excellent backup fence device. All ''Anvil!'' systems we build use a pair of th...")
 
 
Line 27: Line 27:
The easiest way to configure an IP address is to log into the PDU over a [https://en.wikipedia.org/wiki/Serial_port serial] port. Most servers still come with a built-in 9-pin serial port, but most desktops and laptops do not. If you don't have one, many vendors sell USB to serial adapters. The one we've used quite successfully is the [http://www.antaira.com/products/USB-to-Serial/UTS-1110A Antaira UTS-1110A], but almost any adapter you can find at your local computer store will work.
The easiest way to configure an IP address is to log into the PDU over a [https://en.wikipedia.org/wiki/Serial_port serial] port. Most servers still come with a built-in 9-pin serial port, but most desktops and laptops do not. If you don't have one, many vendors sell USB to serial adapters. The one we've used quite successfully is the [http://www.antaira.com/products/USB-to-Serial/UTS-1110A Antaira UTS-1110A], but almost any adapter you can find at your local computer store will work.


{{note|1=The [[Build an m2 Anvil! - Detailed|m2 ''Anvil!'']] installs <span class="code">screen</span> on both nodes and ''Striker'' dashboards.}}
{{note|1=The [[Build an M3 Anvil! Cluster|M3 ''Anvil!'']] installs <span class="code">screen</span> on both nodes and ''Striker'' dashboards.}}


We're going to use a program called <span class="code">[http://www.gnu.org/software/screen/ screen]</span> to talk to the PDU over the serial port.
We're going to use a program called <span class="code">[http://www.gnu.org/software/screen/ screen]</span> to talk to the PDU over the serial port.

Latest revision as of 19:05, 15 August 2023

 Alteeve Wiki :: How To :: Configuring an APC AP7900

APC AP7900 8-Outlet 1U 120vAC PDU. Photo by APC.

Purpose of This Tutorial

The APC-brand AP7900 (and AP7900B) switched PDU is an excellent backup fence device. All Anvil! systems we build use a pair of them.

This mini-tutorial covers how to configure them with an IP address.

That is all you need to do for them to start working!

We run them on our VLAN isolated subnet which how no access to the normal internal network, nor does it have access to the Internet. Thanks to this, we can safely run them without authentication over SNMP queries.

If you want to know more about the AP7900 than we cover here, you view view the entire manual at the link below:

Template warning icon.svg
Warning: If you need to put the PDUs onto a public network, be sure to enable SNMP authentication!

Serial Access

Antaira UTS-1110A single-port USB to RS-232] serial adapter. Photo by Antaira.

By default, the APC AP7900 does not have an IP address assigned.

The easiest way to configure an IP address is to log into the PDU over a serial port. Most servers still come with a built-in 9-pin serial port, but most desktops and laptops do not. If you don't have one, many vendors sell USB to serial adapters. The one we've used quite successfully is the Antaira UTS-1110A, but almost any adapter you can find at your local computer store will work.

Template note icon.svg
Note: The M3 Anvil! installs screen on both nodes and Striker dashboards.

We're going to use a program called screen to talk to the PDU over the serial port.

To do this, you need to know what device the PDU's serial cable is plugged into. Some common ones:

Type Device path
Serial port 1 /dev/ttyS0
Serial port 2 /dev/ttyS1
USB-Connected port 1 /dev/ttyUSB0
USB-Connected port 2 /dev/ttyUSB1

... and so on.

In my case, I'm using the port on a USB to Serial adapter, so I will use '/dev/ttyUSB0'.

Knowing this, we're ready to go!

Open a terminal window and run:

screen /dev/ttyUSB0
Template note icon.svg
Note: When you are done, to exit screen, press '<ctrl>' + 'a', release, then press 'k'. You will be prompted to kill the session, type 'y'.

The screen will be blank at first. Press '<enter>' a couple of times and the AP7900 login prompt should appear.

User Name :
Template note icon.svg
Note: If you make a mistake and nothing happens when you press '<Backspace>', try pressing 'ctrl' + 'h' instead.

The default user name is 'apc' and the default password is 'apc' as well.

User Name : apc
Password  : ***

At this point, how you proceed depends on whether you now see the status page, or if you are prompted to change the password.

If you are asked to change the password, proceed under 'New Secured Firmware'. If you see the status, proceed to 'Old Firmware'

New Secured Firmware

Template note icon.svg
Note: On newer devices, SNMP, web access and so on is disabled by default. It is designed to make the PDU more secure, and so there is more work needed to make the switch work in an Anvil!
Template note icon.svg
Note: This applies to the new APC UPS AP9630 network cards. This is needed for ScanCore to monitor the UPS.
The current password policy requires you to change your password...
Enter current password: ***
Enter new password: ***
Confirm new password: ***
Schneider Electric                      Network Management Card AOS      v6.8.2
(c) Copyright 2019 All Rights Reserved  RPDU 2g APP                      v6.8.0
-------------------------------------------------------------------------------
Name      : apc2E13F9                                 Date : 04/08/2020
Contact   : Unknown                                   Time : 02:53:21
Location  : Unknown                                   User : Super User
Up Time   : 0 Days 0 Hours 5 Minutes                  Stat : P+ N4+ N6+ A+
-------------------------------------------------------------------------------
IPv4               : Enabled            IPv6               : Enabled
Ping Response      : Enabled
-------------------------------------------------------------------------------
HTTP               : Disabled           HTTPS              : Enabled
FTP                : Disabled           Telnet             : Disabled
SSH/SCP            : Enabled            SNMPv1             : Disabled
SNMPv3             : Disabled
-------------------------------------------------------------------------------
Super User         : Enabled            RADIUS             : Disabled
Administrator      : Disabled           Device User        : Disabled
Read-Only User     : Disabled           Network-Only User  : Disabled


Type ? for command listing
Use tcpip command for IP address(-i), subnet(-s), and gateway(-g)

Set the IP address

To set the IP, use the tcpip command.

apc>tcpip -i 10.201.2.1 -s 255.255.0.0 -g 10.201.255.254
E002: Success
Reboot required for change to take effect.

Reboot to have the IP take effect.

apc>reboot -Y
E000: Success
Reboot Management Interface
Rebooting...

Enable WebUI Access

After it reboots, log back in and then enable the web interface. To do this, we'll use the web command to enable HTTP (-h) and HTTP (-s)

apc>web -h enable
E002: Success
Reboot required for change to take effect.


* Reboot required for change to take effect.
apc>web -s enable
E002: Success
Reboot required for change to take effect.


* Reboot required for change to take effect.

Now reboot. When the NMC reboots, you can access the web interface.

Enable Use As Fence Device

Template warning icon.svg
Warning: This configures the PDU for use as it was used in prior Anvil! systems. This is insecure, but acceptable as it's used on the isolated BCN. Consult the APC user manual and man fence_apc_snmp for more secure configurations.

Enable SNMP v1, set the first community to private and give the community write+ access. Then set the second community to public and give the community write+ access.

apc>snmp -S enable -c1 private -a1 writeplus
E000: Success

* Reboot required for change to take effect.
snmp -S enable -c2 public -a2 writeplus
E000: Success

Reset To Factory Default

If you need to reset the PDU to factory defaults, you can do so with the resetToDef command.

Template note icon.svg
Note: The example uses -p all which resets everything. If you want to reset everything except the IP address, use -p keepip instead.
apc>resetToDef -p all
 Reset to Defaults
Enter 'YES' to continue or <ENTER> to cancel : YES
Now initializing system to default values including
all User Names, Passwords and TCP/IP settings.
Please wait...

Please reboot system for changes to take effect!


* Reboot required for change to take effect.

Now reboot to complete.

Old Firmware

Template note icon.svg
Note: On older devices, SNMP, web access and so on is enabled by default.

On the older devices, after logging in, you will see a summary page.

American Power Conversion               Network Management Card AOS      v3.7.4
(c) Copyright 2009 All Rights Reserved  Rack PDU APP                     v3.7.4
-------------------------------------------------------------------------------
Name      : RackPDU                                   Date : 05/23/2000
Contact   : Unknown                                   Time : 20:44:16
Location  : Unknown                                   User : Administrator
Up Time   : 3 Days 3 Hours 1 Minute                   Stat : P+ N? A+

Switched Rack PDU: Communication Established

------- Control Console -------------------------------------------------------

     1- Device Manager
     2- Network
     3- System
     4- Logout

     <ESC>- Main Menu, <ENTER>- Refresh, <CTRL-L>- Event Log
>

Press '2' to go into the "Network" sub-menu.

> 2
------- Network ---------------------------------------------------------------

     1- TCP/IP
     2- DNS
     3- Ping Utility
     4- FTP Server
     5- Telnet/SSH
     6- Web/SSL/TLS
     7- Email
     8- SNMP
     9- Syslog
    10- ISX Protocol

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log
>

Press the '1' key to go into the "TCP/IP" menu.

> 1
------- TCP/IP ----------------------------------------------------------------

        Network not started. Currently making a BOOTP request...
        -----------------------------------------------------------------------
        MAC Address : 00 C0 B7 88 CC 1E

     1- Boot Mode  : DHCP & BOOTP
     2- Advanced...

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log
>

First we need to change the "Boot Mode" to "Manual", so press '1'.

> 1
------- Boot Mode -------------------------------------------------------------

     1- DHCP & BOOTP
     2- DHCP only
     3- BOOTP only
     4- Manual

     <ESC>- Back, <ENTER>- Refresh

Press '4' to select the "Manual" option.

> 4
------- TCP/IP ----------------------------------------------------------------

        Network not started. Currently making a BOOTP request...
        -----------------------------------------------------------------------
        MAC Address : 00 C0 B7 88 CC 1E

        * Changes will take effect on logout.

     1- System IP      : 0.0.0.0
     2- Subnet Mask    : 0.0.0.0
     3- Default Gateway: 0.0.0.0
     4- Boot Mode      : Manual
     5- Advanced...

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log
>

Now we're ready to set the IP address.

In most Anvil! systems, the switched PDUs have the IP address of '10.201.2.x/255.255.0.0'.

This is the convention we're going to use here. This is our first PDU, so we'll set:

System IP 10.201.2.1
Subnet Mask 255.255.0.0
Default Gateway 10.201.255.254

There is no outside network access on the Back-Channel Network, so it may not seem like it makes sense to set the "Default Gateway". The problem is that the PDU requires a gateway be set, so we give it a fake, unused address. Often, when there is a router on a network, it takes the top of bottom IP address in the subnet. We're using the top IP address as the dummy gateway here.

So back to it!

Press '1' to set the IP.

> 1
System IP : 10.201.2.1
------- TCP/IP ----------------------------------------------------------------

        Network not started. IP, Subnet, Gateway must be configured.
        -----------------------------------------------------------------------
        MAC Address : 00 C0 B7 88 CC 1E

        * Changes will take effect on logout.

     1- System IP      : 10.201.2.1
     2- Subnet Mask    : 0.0.0.0
     3- Default Gateway: 0.0.0.0
     4- Boot Mode      : Manual
     5- Advanced...

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log
>

Now press '2' to set the "Subnet Mask".

> 2
Subnet Mask : 255.255.0.0
------- TCP/IP ----------------------------------------------------------------

        Network not started. IP, Subnet, Gateway must be configured.
        -----------------------------------------------------------------------
        MAC Address : 00 C0 B7 88 CC 1E

        * Changes will take effect on logout.

     1- System IP      : 10.201.2.1
     2- Subnet Mask    : 255.255.0.0
     3- Default Gateway: 0.0.0.0
     4- Boot Mode      : Manual
     5- Advanced...

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log
>

Now press '3' to set the dummy "Default Gateway" address.

> 3
Default Gateway : 10.201.255.254

------- TCP/IP ----------------------------------------------------------------

        Network not started. Currently making a DHCP request...
        -----------------------------------------------------------------------
        MAC Address : 00 C0 B7 88 CC 1E

        * A cookie is required in the vendor options to accept a DHCP offer.
        * Changes will take effect on logout.

     1- System IP      : 10.201.2.1
     2- Subnet Mask    : 255.255.0.0
     3- Default Gateway: 10.201.255.254
     4- Boot Mode      : Manual
     5- Advanced...

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log
>
Template note icon.svg
Note: The changes won't take effect until we log out.

Press '<esc>' to go back to the main menu.

<esc>
------- Network ---------------------------------------------------------------

     1- TCP/IP
     2- DNS
     3- Ping Utility
     4- FTP Server
     5- Telnet/SSH
     6- Web/SSL/TLS
     7- Email
     8- SNMP
     9- Syslog
    10- ISX Protocol

     <ESC>- Back, <ENTER>- Refresh, <CTRL-L>- Event Log

Press '<esc>' again.

<esc>
------- Control Console -------------------------------------------------------

     1- Device Manager
     2- Network
     3- System
     4- Logout

     <ESC>- Main Menu, <ENTER>- Refresh, <CTRL-L>- Event Log
>

Lastly, press '4' to log out.

> 4
Logging out.

The terminal window will no longer respond (the PDU is rebooting).

To exit out of 'screen', you need to press 'ctrl + a', release the keys, then press 'k'.

<ctrl> + <a>

(release)

<k>

Screen will ask if you want to kill the session.

Really kill this window [y/n]

Press 'y'

y
[screen is terminating]

Now you are back at the normal linux terminal.

Template note icon.svg
Note: Please be patient while the PDU reboots. It might take a minute.

You can test the connection to the PDU using 'ping';

ping -c 3 10.201.2.1
PING 10.201.2.1 (10.201.2.1) 56(84) bytes of data.
64 bytes from 10.201.2.1: icmp_seq=1 ttl=255 time=4.61 ms
64 bytes from 10.201.2.1: icmp_seq=2 ttl=255 time=4.30 ms
64 bytes from 10.201.2.1: icmp_seq=3 ttl=255 time=3.00 ms

--- 10.201.2.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 3.006/3.976/4.613/0.697 ms

Done!

 

Any questions, feedback, advice, complaints or meanderings are welcome.
Us: Alteeve's Niche! Support: Mailing List IRC: #clusterlabs on Libera Chat
© Alteeve's Niche! Inc. 1997-2023   Anvil! "Intelligent Availability™" Platform
legal stuff: All info is provided "As-Is". Do not use anything here unless you are willing and able to take responsibility for your own actions.