High-performance and highly available VPS/VDS with automatic installation and full root access to the OS. The ordered resources are guaranteed to be reserved for you.
Fortify your operational continuity with our resilient disaster recovery solutions, ensuring swift recovery and minimal downtime in the face of unforeseen challenges.
Managing an HPE server from anywhere: configuring iLO 5
Atlas Demetriadis
16 minutes reading time
A server is a productive and reliable computer for organizations that stores corporate data and/or runs critical business applications and services. All servers need to be regularly maintained and monitored. And it's critical to get back up and running quickly in the event of critical failures. A few hours of downtime even in a medium-sized company can cost more than a server. And in a large one — much more.
There are two ways to administer the server:
Physical access;
Remote access.
But if a sysadmin has to go to the server every time for maintenance or troubleshooting, it will take hours or even days. And imagine if there are many servers and they work in different rooms.
This is where IPMI technology comes in, and in the case of HPE servers, — iLO 5 (Integrated Lights-Out), a low-level remote access technology that makes the server look like it's right in front of you.
Read more about the technology in general and the initial setup later in the article.
Brief background on iLO
Hewlett Packard introduced the iLO 1 back in 2002. In many ways, iLO is a product of the developments of Compaq, which was absorbed in the same year, and the publicly available IPMI. The RIB (Remote Insight Board) was taken from Compaq, and all specifications were taken from IPMI.
RILOE-I is a proprietary expansion card for remote server management.
So, iLO 1 provided basic remote management capabilities: console access, power management and hardware monitoring. But the first version was not integrated into all server models, so the discrete expansion card RILOE (Remote Insight Light-Out Edition) grew out of Compaq's RIB technology. Almost a full analog, but at an additional cost.
The iLO 2, released in 2006, added support for virtual media and improved remote console performance. iLO 3, released in 2010, gave advanced features such as a remote graphics console, remote scripts, and a virtual power button. iLO 4, released in 2012, added IPv6 support, Active Health System and enhanced security features such as Secure Boot and Trusted Platform Module (TPM).
In 2015, HP spun off its enterprise server hardware business into a new company called Hewlett Packard Enterprise (HPE), which continued to develop and enhance iLO. The latest version at the time of this article's publication, iLO 5, was released in 2017. It gained new features: silicon root of trust, enhanced remote console capabilities, and more.
Which servers support iLO
Importantly, starting with the third version of iLO, this technology is integrated into almost all HPE servers. With a few exceptions:
iLO is not available in HP MicroServer Gen7 (but you can install the iLO plus expansion board or use the built-in Intel AMT);
iLO is not in HPE ML10 Gen9 (iLO4 was in ML10 v2 Gen8 server);
iLO is not in HPE MicroServer Gen10 (iLO4 was also in previous Gen8 and Gen9 generations).
So if you have a modern HPE server, there's a 99% chance it already has iLO with a basic license. And to utilize its full potential, you need to spend 5-10 minutes of time on the initial configuration. Now let's talk about iLO versions, licenses, functionality and features.
IMPORTANT: Initial configuration of iLO 5 is the first thing you need to do after putting an HPE server into service.
What is iLO
HPE iLO 5 ASIC.
At the beginning of this article we told you that iLO is a technology for full remote management of servers. It has its own graphical interface and hundreds of functions. But besides the software component, there is also a hardware component - iLO ASIC (Application-Specific Integrated Circuit), aka BMC (Baseboard Management Controller).
iLO ASIC (Application-Specific Integrated Circuit) is a specialized hardware chip designed specifically for iLO operation. From a technical point of view, it is a system-on-chip soldered on a motherboard that contains graphics, RAM, and a network interface. A mini-computer in a server. Proprietary hardware components allow iLO to operate independently of the server's processor and OS, as well as manage it even in the event of critical failures. The main thing is to have a network connection and +5V Standby power supply to the motherboard.
Why iLO is needed
Most importantly, iLO technology saves time and money. One system administrator will be able to remotely administer dozens of servers, while in the classic - manual management - this would require several specialists. We get less expenses on personnel and their movements. And it is much faster.
The other side is technical and warranty support. For example, our friends from Servermall use iLO and other types of IPMI when customers have problems that need to be solved quickly. The functionality of iLO is enough to diagnose and fix problems without a technician traveling to the location.
Overall, iLO is an indispensable tool for professionals who need to remotely and securely manage servers and monitor their infrastructure.
Features and capabilities of iLO 5
Let's start with the key features of iLO 5:
Remote Management: iLO allows administrators to remotely access and manage servers from anywhere in the world, as long as there is a network connection. With iLO, you can perform a huge pool of tasks: cold start, shutdown and reboot the server; update firmware, software and BIOS; monitor performance, configure and automate tasks with timers, and flip drives (as if you were connecting via USB, but remotely).
Enhanced Security: iLO provides an additional layer of security with a built-in firewall that blocks suspicious commands and settings. This allows for safer management of critical servers and reduces the risk of unauthorized access.
Increased uptime: iLO enables administrators to quickly identify and fix problems with servers, even if they are in a different geographic location. This helps reduce downtime and keep critical systems up and running.
Scalability: iLO can be used to manage multiple servers simultaneously from a single GUI, allowing administrators to easily scale their infrastructure as their business grows.
Built-in and included: The base license and iLO ASIC chip are already in the server (with few exceptions). No need to buy anything extra, just the advanced paid licenses.
No additional hardware needed: You can forget about physical and IP KVM consoles (iLO's functionality is broader).
Much more.
iLO capabilities (functionality may vary by version and license):
Monitoring is available via multiple interfaces: browser, command line SMASH Redfish APIs, and XML scripts;
Alerts can be delivered via SNMP to email, push to a smartphone, or via the HPE Systems Insight Manager management console;
iLO includes a flexible Intelligent Provisioning tool for rapid server deployment that is always active;
IP address autoconfiguration can be done via DNS/DHCP or manually via static IP addresses.
The iLO controller itself is also always active when the server is connected to a power source and provides feedback via LED POST indication.
The server is monitored continuously via sensors that measure fan speed, component temperature and power level.
There are two types of network connections for iLO: dedicated on the controller/network card itself or shared network ports (you can use the combined mode).
Security signatures for iLO and UEFI/BIOS are built into the iLO ASIC to prevent unauthorized tampering.
And for Gen 10+ and older models, an iLO USB service port is available. It is located on the front panel of the server and is connected to iLO via the system bus. This port can be used to connect external disks, download logs, or external devices via a USB/Ethernet adapter to access the iLO 5 web interface, Command Line Interface (CLI), Integrated Remote Console (IRC), scripting, and iLO RESTful APIs.
All iLO versions in the table
Relatively recently, the next generation of HPE Gen11 servers came out with a new version of iLO 6. But it is important to note that support for previous versions will continue and updates will be released for years. Since servers are devices with a long lifecycle, they can run companies for 5-10 years at a time. For example, for iLO 4 (Gen8 and Gen9 servers), updates are still being released.
Generation
Servers
Latest firmware
iLO
ProLiant G2, G3, G4, and G6, model numbers up to 300
1.96, released April 30, 2014.
iLO 2
ProLiant G5 and G6, model numbers 300 and above
2.33, released on March 30, 2018.
iLO 3
ProLiant G7
1.94.2 released on December 06, 2020.
iLO 4
ProLiant Gen8 and Gen9
2.82 released on April 2, 2023.
iLO 5
ProLiant Gen10 (not all)
2.78, released December 24, 2022.
iLO 6
ProLiant Gen11
1.2, released February 15, 2023.
iLO 5 license levels: cost and functionality
HPE iLO 5 has three license levels: Standard, Essentials (not available for purchase after January 31, 2019), and Advanced. The license is not perpetual - purchased for 1 or 3 years, renewable even after the hardware warranty expires.
The iLO license levels are listed below:
iLO Standard: This license level is included in all HPE servers shipped with iLO 5. It provides basic remote management capabilities including remote console access, virtual media, and remote power management.
iLO Essentials: No longer available for sale. This license level provides additional features for SMBs, such as advanced remote console and virtual media capabilities, as well as advanced power management and email alerts. The cost of an Essentials license varies depending on the number of servers to be licensed and the length of the license.
iLO Advanced: This license tier provides the most comprehensive feature set for large enterprises, including a remote console with multi-user collaboration, advanced security and compliance features, and remote management APIs for automation and scripting. Advanced license pricing also varies depending on the number of servers to be licensed and the length of the license.
Functionality of iLO 5
iLO 5Standard
iLO 5 Essentials(no longer for sale)
iLO 5 Advanced
Active Health System Diagnostics
✔
✔
✔
Advanced Power Management (Power history graphs, dynamic power limitation)
✔
Agentless Management
✔
✔
✔
Automatic Secure Recovery (Gen10 and newer)
✔
Backup and Restore (Gen10 and newer)
✔
✔
✔
Commercial National Security Algorithm (CNSA) Mode (Gen10 and newer)
✔
Core Boosting (Gen10 and newer)
✔
Directory Service Authentication
✔
Discovery Services
✔
Email-Based Alerting
✔
✔
Embedded Remote Support
✔
✔
✔
Embedded System Health
✔
✔
✔
Global Team Collaboration via Integrated Remote Console
✔
iLO Federation Discovery
✔
✔
✔
iLO Federation Management
✔
iLO Reset
✔
✔
✔
iLO RESTful API
✔
✔
✔
iLO Web Interface
✔
✔
✔
Integrated Remote Console (IRC/Virtual KVM - supports text and graphics)
Pre-OS for all servers except BL and WS. Standard offer for BL and WS servers
✔
✔
Integrated Remote Console Record and Playback
✔
IPMI Over LAN/ DCMI
✔
✔
✔
IPv6
✔
✔
✔
Jitter Smoothing (Gen10 and newer)
✔
Pre-Boot Health Summary
✔
✔
✔
Remote Syslog
✔
RIBCL
✔
✔
✔
Runtime Firmware Verification (Gen10 and newer)
✔
Scripted Virtual Media
✔
Secure Erase of Non-Volatile Storage (NAND/ User Data)
✔
Silicon Root of Trust (Gen10 and newer)
✔
✔
✔
SSH Command Line Interface
✔
✔
✔
Text-based Remote Console (Textcons)
✔
Text-Based Remote Console via SSH
✔
Two-Factor Authentication (Kerberos, Smart Card — PIV/ Common Access Card)
✔
Virtual Media via Integrated Remote Console
Standard offer for BL and WS servers only
✔
✔
Virtual Power Button
✔
✔
✔
Virtual Serial Port
✔
✔
✔
Virtual Serial Port Record and Playback
✔
Workload Matching Profiles (Gen10 and newer)
✔
✔
✔
How to customize iLO 5
After you purchase and install the HPE server in a rack, you must immediately configure an IP address (dynamic or static) for the iLO. To do this, connect power and network to the server. If the server has a dedicated iLO port (so and so signed), it is better to use it, so as not to occupy the server's Ethernet port.
There are three ways to connect the iLO to the network via an RJ-45 (8P8C) connector:
iLO Dedicated Network Port - This is a separate server port that handles only iLO traffic.
Shared Network Port LOM - This is a port on the server-integrated NIC that by default is combined with the eth0 port and can handle server and iLO traffic simultaneously.
Shared Network Port Flexible LOM is a port on optional discrete network adapters that can be configured to handle server and iLO traffic simultaneously.
IMPORTANT!You can connect to the server's local KVM console or use a web browser to perform the initial configuration of the iLO IP address. The iLO firmware is configured with a default username, password, and DNS name. The default information is listed on the serial label. This is how you can get the iLO remotely configured
A retractable iLO label. Located on the front panel of the server.
Copy or photograph this data from the label in advance:
Standard login: "Administrator";
DNS: "ILOXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", where X is the server's serial number;
Standard password: eight random characters, for example: Q1W2E3R4.
It is highly recommended to change the default authentication credentials after configuring iLO 5.
Dynamic or static IP address for iLO?
Depending on your network requirements and settings, you can use either a dynamic or static IP address for iLO.
Using a dynamic IP address for iLO allows you to automatically obtain network settings from a DHCP server, which can be useful when scaling your network or changing your network infrastructure. However, it is worth keeping in mind that changing the IP address of iLO may require updating the settings in the server monitoring and management systems.
Using a static IP address for iLO allows the address to be managed directly, which can be useful in stable network environments. However, when using a static address, it is important to ensure that it does not conflict with other devices on the network and to update it when necessary.
Overall, the choice of dynamic or static IP address for iLO depends on your needs and network settings, and both options can be used.
Configuring a dynamic IP address for iLO
If you choose to use DHCP to configure the iLO's network settings, you must connect the iLO to the same network where the DHCP server is located before turning on the server. When iLO boots up for the first time, it will attempt to request an IP address and other necessary network settings from the DHCP server.
If the server was unable to obtain the settings from the first request, it will repeat the request every 90 seconds until it receives a response from the DHCP server.
To ensure that the iLO works properly, you must ensure that the DHCP server is configured to grant permissions for DNS and WINS domain names. This approach will make it easier to identify the iLO on the network and ensure that other services that may use these domain names work properly.
Configuring a Static IP Address (iLO 5 Configuration Utility)
HPE recommends that you use the built-in iLO 5 Configuration Utility for manual configuration if you have chosen a static IP address rather than automatic configuration through DHCP, DNS, or WINS.
If you are configuring iLO 5, you can use mouse control in UEFI.
To configure a static IP address for the iLO 5 through the Configuration Utility, follow these steps:
Access the iLO 5 Configuration Utility by pressing the F9 key when the server boots.
Select System Configuration > iLO 5 Configuration Utility > Network Options from the menu.
In the "DHCP Enable" subsection, set it to "OFF".
Now enter the IP Address, Subnet Mask and Gateway Address in the corresponding fields: "IP Address", "Subnet Mask" and "Gateway IP Address".
Press F12 and "Yes - Save Changes" to save the settings.
iLO 5 Configuration will ask you to reboot the server. Click "OK".
After the reboot, you will be taken to the "Network Options" section again. Double-check that the network settings are correct and have been successfully saved.
Press ESC several times to return to System Configuration, followed by "Exit".
The manual configuration of the iLO 5 IP address is now complete.
Adding iLO 5 Configuration Utility accounts
We can configure this option remotely, since we have already configured an IP address for iLO management. To perform this action, you need to go to "First login to the iLO web interface" and then go back (there will be a link there too).
To create a new account on the server, you need to power on or reboot the server, then during the POST procedure press F9 to launch UEFI System Utilities.
Then you need to go to System Configuration > iLO 5 Configuration Utility > User Management > Add User and fill in the New User Name and Login Name fields.
After that you need to set a password and select access rights for the new user.
From the iLO 5 Configuration Utility menu, you can also create additional accounts, delete or edit existing accounts.
After setting up the new user, you need to save the changes by pressing F12 and confirm the action by selecting Yes - Save Changes.
The iLO 5 Configuration Utility will then notify you that a new account has been created in a dialog box and you should click OK.
In addition, to work with iLO we may need to create multiple accounts with different access rights. We can create up to 12 local users in total, but if we need more, we can use directory services.
First login to the iLO web interface
For best performance, HPE recommends using the following browsers: Google Chrome (mobile or desktop versions), Mozilla Firefox, and Microsoft Edge.
Logging into iLO 5:
To log into iLO, you must type "https://<iLO hostname or IP address>" in the browser address bar, where "iLO hostname or IP address" is the DNS or IP address of the server.
If you didn't change the DNS name when setting up the static IP address, it's still the default, look for it on the pull-down label.
Then you need to enter the standard login and password, which are listed there, and after that - click "Log In". I remind you that immediately after the first login to iLO you should change the standard login and password to ensure security.
This page is the main entry point for interacting with the server through the iLO interface. On this page you can see general information about the system status. When using Remote Console, you will be able to see the image that would be displayed on the local KVM console.
If you came to this page from "Add Accounts", click Remote Console, further configuration will be done through it. Return to "Adding accounts".
To summarize the iLO thesis
iLO 5 is a remote management solution for HPE ProLiant servers that allows administrators to monitor, manage, and troubleshoot servers from anywhere in the world. It is built into nearly all HPE ProLiant servers by default with basic functionality.
iLO 5 provides a Web-based user interface and command-line interface for server management.
With iLO 5, administrators can view system information, monitor hardware status, update firmware, and configure network settings remotely.
iLO 5 includes advanced security features such as SSL encryption, two-factor authentication and a secure boot process to protect servers from unauthorized access.
iLO 5 also supports virtual media, allowing administrators to mount media such as ISO images and install operating systems remotely.
The iLO 5 supports IPv4 and IPv6 network protocols, providing flexibility and future-proofing for modernizing network infrastructure.
Overall, iLO 5 is a powerful and flexible remote management solution that simplifies server administration and reduces downtime, making it a valuable tool for IT administrators in enterprise-level environments.
Subscribe to our newsletter to get articles and news
