Portal network
Review these network considerations to help you set up the network in your datacenter to use Lenovo XClarity One as a virtual machine.
Network interface (eth0)
- The network interface is used for discovery and management. XClarity One must be able to communicate with all hubs and devices that you intend to manage.
- Some functions require an Internet connection, preferably through a firewall. If the network interface is not connected to the Internet, those functions will not work.
IPv4 address settings
XClarity One uses IPv4 network settings. You can configure the IP assignment method, IPv4 address, network mask, and default gateway.
For the IP assignment method, you can choose to use a statically-assigned IP address or obtain an IP address from a Dynamic Host Configuration Protocol (DHCP) server. When using a static IP address, you must provide an IP address, network mask, and default gateway. The default gateway must be a valid IP address and must be on the same subnet as the network interface.
If DHCP is used to obtain an IP address, the default gateway also uses DHCP.
- IPv6 addresses are not supported.
- Network address translation (NAT), which remaps one IP address space into another, is not supported.
- If you change the IP address of the XClarity One virtual-appliance after the portal is up and running:
The virtual appliance is restarted and takes approximately 20 or more minutes to come back online.
The portal will lose connectivity the hubs. Before changing the XClarity One IP address, disconnect hubs from the portal. After the IP address change is complete, reconnect hubs to the portal.
- If the network interface is configured to use the DHCP, ensure that IP address changes are minimized by basing the DHCP address on a MAC address or configuring DHCP so that the lease does not expire to avoid communication issues. If the IP address changes when the DHCP lease expires, you must disconnect (delete) the hub from the portal, and then connect it again.
DNS settings
XClarity One uses IPv4 network settings. You can configure the IP assignment method, up to two static DNS IPv4 addresses, and custom host name and domain.
For the IP assignment method, you can choose to use a statically-assigned IP address or obtain an IP address from a DHCP server. When using a static IP address, you must provide an IP address for at least one and up to two DNS servers.
Specify the DNS host name and domain name. You can choose to retrieve the domain name from a DHCP server or specify a custom domain name.
- If you change the DNS settings after the portal is up and running, the virtual appliance is restarted and takes 20 or more minutes to come back online.
- If you choose to use a DHCP server to assign IPv4 address, ensure that the DHCP server is configured such that the DHCP address lease is permanent to avoid communication issues. If the IP address changes when the DHCP lease expires, the host name and domain that you provided are overwritten when the DHCP lease is renewed.
Web proxy settings
You can optionally configure XClarity One use an HTTP or HTTPS web proxy for outbound communication between the portal and external services when direct access to the Internet is not available.
XClarity One automatically detects the type of connection that the proxy server is using on the specified port, either HTTP or HTTPS.
For HTTPS proxy servers, XClarity One automatically detects the server certificate for the proxy server. You must review the certificate details and, if correct, accept the certificate to complete the web proxy configuration. If rejected, the web proxy configuration is reset.
After the web proxy is enabled, you can test the connection to the proxy server by clicking Test connection. Enter any hostname or IP address to test the connection between portal and that host. By default, supportapi.lenovo.com is used to test the configuration, which is the hostname used for Call Home.
Authentication is not required; however, if the proxy server is configured to authenticate requests, ensure that it is set up to use basic authentication.
Ensure that the proxy server is correctly configured with valid full-chain certificates if TLS is enabled.
Ensure that the proxy server is set up as a non-terminating proxy.
Ensure that the proxy server is set up as a forwarding proxy.
Ensure that load balancers are configured to keep sessions with one proxy server and not switch between them.
Firewalls
Ensure that the following DNS names and ports are open on the firewall for XClarity One and hubs. Each DNS represents a geographically distributed system with a dynamic IP address.
| DNS name | Ports | Protocols | Description |
|---|---|---|---|
| soaus.lenovo.com | 443 | https | Create a service ticket with Lenovo Support (Call Home) |
| support.lenovo.com | 443 | https | Retrieve firmware catalog information and download firmware packages from Lenovo |
| esupportwebapi.lenovo.com | 443 | https | Send service data to Lenovo Support (Call Home) |
| supportapi.lenovo.com | 443 | https | Retrieve warranty information |
Open ports
If your hubs are behind a firewall and if you intend to manage those hubs from an XClarity One instances that is outside of that firewall, you must ensure that all ports involved with communications between the XClarity One portal and each hub are open.
If devices are behind a firewall and if you intend to manage those devices from a hub that is outside of that firewall, you must ensure that all ports involved with communications between the hub and the baseboard management controller in each device are open (see Configuring the hub network).
| Service or component | Outbound (ports open to external services) | Inbound (ports open on the XClarity One virtual appliance) |
|---|---|---|
| XClarity One |
|
|