Ahoy there! This is my personal blog which I use as my memory extension and a medium to share stuff that could be useful to others.

Cisco UCS Archives

QoS and poor SAN performance in Cisco UCS

Symptoms:

  • Very poor SAN performance on Cisco UCS B200 M3 Blades.
  • Deploying VMs from templates and cloning VMs hang.
  • CPU stats in a VM indicated 100% cpu in wio state

Background:

  • Cisco UCS provides a QoS feature to allow prioritization of certain types of traffic.
  • Cisco UCS supported multi-hop FCoE from release 2.1 onwards.

 

Resolution:

Enable Packet Drop (no pause) for any enabled priority (in my case below, it was Platinum) when using UCS 2.1+ i.e. UCS with multi-hop FCoE. This was not required in earlier versions of UCS using native FC.

QoS

Root Cause:

I am not a networking expert to provide much clarity here, but according to Jeremy Waldrop, packet drop cannot be enabled on 2 different QoS groups on the same interfaces. I thought this wouldn’t matter because the QoS groups are assigned to different CoS groups, but I don’t know much about this to discuss further.

 

(1) The solution above describes a successful problem-solving experience and may not be applicable to other problems with similar symptoms.

(2) Your rating of this post will be much appreciated as it gives me and others who read this article, an indication of whether this solution has worked for people other than me. Also, feel free to leave comments.

VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Symptoms: The following errors were encountered when associating a Service Profile with a B200 M3 UCS Blade:

ERROR 1:

SRIOV PF/VF vNIC configuration failure. Incompatible Bios Policy Settings for SRIOV vNICs There are not enough resources overall.

ERROR 2:

[FSM:STAGE:REMOTE-ERROR]: Configure adapter for pre-boot environment(FSM-STAGE:sam:dme:ComputePhysicalAssociate:NicConfigPnuOSLocal)

 

toomanyvnics-1

Background: 

  • Cisco’s Virtual Interface Cards (VIC) such as the VIC 1240 support SRIOV and are used with Dynamic vNICS when provisioning Hypervisor hosts such as ESXi on Cisco UCS Blades.
  • Dynamic vNICs may be assigned using a “Global” Dynamic vNIC policy (applied to all adapters in the Blade) or to a specific adapter.
  • There is also a provision to associate a Dynamic vNIC policy with a vNIC Template.
  • Each CIsco VIC supports a maximum number of dynamic vNICS.

 

Resolution:

ERROR 1: The dynamic vNIC policy was disassociated from the vNIC template and assigned as a “global” dynamic vNIC policy.

ERROR 2: The number of vNICS in the global dynamic vNIC policy was reduced to 54 vNICS.

 

Root Cause:

ERROR 1: Caused by associating a dynamic vNIC policy (54 vNICS) with a vNIC template that was assigned to both vNICS associated with the Blade. It’s not about the number of vNICS in the policy (54) which caused the issue here, but the use of the policy in a vNIC template. As a vNIC template is meant for vNICS and can be assigned to each of the maximum number of vNICS permitted for the adapter, it does not make sense to assign a dynamic vNIC policy to a vNIC template. I don’t know why this option is provided in the vNIC template.

ERROR 2: Caused by associating a global dynamic vNIC policy (96 vNICS) with the Blade via the Service Profile. The number of vNICS exceeded the permissible maximum.

 

(1) The solution above describes a successful problem-solving experience and may not be applicable to other problems with similar symptoms.

(2) Your rating of this post will be much appreciated as it gives me and others who read this article, an indication of whether this solution has worked for people other than me. Also, feel free to leave comments.

VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

UCS CSR

While configuring certificates in UCSM 2.1(1f), I observed that the UCSM does not permit you to create a Certificate Signing Request (CSR) for certificates with more than one Subject Alternative Name (SAN).

However, you can create a certificate with 1 SAN as shown in the image below. The certificate’s SAN is requested using the DNS field (cybergav.com) and the CN is requested using the Subject field (cybergav.in).

 

UCS_CSR

If UCSM permitted users to create CSRs outside UCSM and just use the private key and certificate, then there would not have been any constraint on the certificates used. On the other hand, the current setup enhances security (private key generated and stored only in UCSM) and facilitates certificate configuration for cert newbies.

VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

UCS MAC Nomenclature

Given below is a nomenclature for Cisco UCS MAC Addresses:

 

CiscoUCS_MAC_Nomenclature

 

Example:

00:25:B5:02:0B:02 => The second MAC address (OP=02) in a MAC Pool in UCS Domain 2 (KL=02) for an ESXi Host (M=0) in Fabric B (N=B)

VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

UCS WWN Nomenclature

Given below is a nomenclature for Cisco UCS WWPNs and WWNNs:

 

CiscoUCS_WWxN_Nomenclature

 

Examples:

(1) 20:00:00:25:B5:01:0A:01  => The first WWPN (OP=01) in a WWPN pool in UCS Domain 1 (KL=01) which is used by an ESXi host (M=0) in Fabric A (N=A).

(2) 20:00:00:25:B5:03:2F:03  => The third WWNN (OP=03 and N=F) in a WWNN pool in UCS Domain 3 (KL=03) which is used by a Linux host (M=2).

VN:F [1.9.22_1171]
Rating: -1 (from 1 vote)