Abstract: A cooling-power-consumption-based workload allocation system includes a workload allocation system coupled to at least one client device and a plurality of server devices. The workload allocation system receives a first workload request that identifies a first workload from the at least one client device, and determines a first workload priority of the first workload relative to a second workload priority of each second workload being performed by the plurality of server devices. Based on the first workload priority of the first workload relative to the second workload priority of each second workload and a cooling-power-utilization-efficiency ranking of each of the plurality of server devices, the workload allocation system identifies a first server device included in the plurality of server devices for performing the first workload, and causes the first server device to perform the first workload.

Abstract: Method and systems provide automated configuration of replaceable hardware components of a chassis comprising a plurality of IHSs (Information Handling Systems) and a plurality of storage devices that are configured to support demands of a specific computing solution designed for a particular computing task. The IHSs may be computing sleds and the storage devices may be storage sleds, where the sleds are coupled within bays of the chassis. Processes operating on the IHSs monitor for changes to settings related to the first computing solution. A chassis management controller detects updates to the replaceable hardware components that are coupled to the chassis and determines supported settings for detected new hardware components. Parameters for configuring the new hardware components for supporting the first computing solution are selected and used to configure the new hardware components.

Abstract: An apparatus comprises a processing device that is configured to maintain a list of a managed devices, to generate a seed value and to submit a login request to a first managed device. The processing device is configured to generate a value based at least in part on the seed value and to select a second managed device from the list based at least in part on the value. The processing device is further configured to receive a second factor authentication challenge from the first managed device and to obtain a device key encrypted passcode from the second managed device. The processing device is further configured to provide the device key encrypted passcode to the first managed device and to receive a successful authentication of the login request from the first managed device based at least in part on providing the device key encrypted passcode to the first managed device.

Abstract: A power/workload management system includes a power system that is coupled to a first computing device that is configured to perform a first workload, as well as to a second computing device. A management subsystem is coupled to the first computing device and the second computing device, and operates to identify a reduced power event associated with the power system and, in response, determine that the first computing device is associated with a higher power consumption than the second computing device. In response to determining that the first computing device is associated with the higher power consumption than the second computing device, the management subsystem moves the first workload to the second computing device such that the second computing device performs the first workload, and configures the first computing device in a reduced power consumption state.

Abstract: An integrated infrastructure secure communication system includes at least one chassis, and a plurality of computing devices that are located in the at least one chassis and that are coupled to each other. A first computing device included in the plurality of computing device receives a communication from a first component in the first computing device, retrieves a vendor-based key, and encrypts the communication using the vendor-based key to provide a first-level encrypted communication. The first computing device also generates a first random key, encrypts the first-level encrypted communication with the first random key to provide a second-level encrypted communication, and transmits the second-level encrypted communication to a second computing device that is included in the plurality of computing devices.

Abstract: An apparatus comprises a processing device that is configured to maintain a list of a managed devices, to generate a seed value and to submit a login request to a first managed device. The processing device is configured to generate a value based at least in part on the seed value and to select a second managed device from the list based at least in part on the value. The processing device is further configured to receive a second factor authentication challenge from the first managed device and to obtain a device key encrypted passcode from the second managed device. The processing device is further configured to provide the device key encrypted passcode to the first managed device and to receive a successful authentication of the login request from the first managed device based at least in part on providing the device key encrypted passcode to the first managed device.

Abstract: A data encryption key management system includes an application layer with a hypervisor and a virtual machine, a host operating system coupled to the application layer and including a key management agent, and a Baseboard Management Controller (BMC) device coupled to the host operating system and including a BMC storage device providing a key vault. The BMC device receives a first stored data encryption key that was generated by the hypervisor for the virtual machine from the key management agent, and stores the first stored data encryption key in the key vault provided by the BMC storage device. The BMC device subsequently receives a stored data encryption key request from the key management agent and, in response, retrieves the first stored data encryption key from the key vault provided by the BMC storage device, and transmits the first stored data encryption key to the key management agent.

Abstract: An integrated infrastructure secure communication system includes at least one chassis, and a plurality of computing devices that are located in the at least one chassis and that are coupled to each other. A first computing device included in the plurality of computing device receives a communication from a first component in the first computing device, retrieves a vendor-based key, and encrypts the communication using the vendor-based key to provide a first-level encrypted communication. The first computing device also generates a first random key, encrypts the first-level encrypted communication with the first random key to provide a second-level encrypted communication, and transmits the second-level encrypted communication to a second computing device that is included in the plurality of computing devices.

Abstract: A secure infrastructure onboarding system includes an infrastructure device with an infrastructure device wireless subsystem that it may use to perform wireless key management system discovery operations in response to initialization. A key management system includes a key management system wireless subsystem it uses to perform the wireless key management system discovery operations with the infrastructure device. The key management subsystem may then wirelessly receive an infrastructure device certificate along with an infrastructure device validation key from the infrastructure device, and validate the first infrastructure device based on the first infrastructure device certificate and the first infrastructure device validation key. In response, the key management system may wirelessly transmit a first credential generation key that is configured for use by the first infrastructure device to generate first authentication credentials.

Abstract: A cooling-power-consumption-based workload allocation system includes a workload allocation system coupled to at least one client device and a plurality of server devices. The workload allocation system receives a first workload request that identifies a first workload from the at least one client device, and determines a first workload priority of the first workload relative to a second workload priority of each second workload being performed by the plurality of server devices. Based on the first workload priority of the first workload relative to the second workload priority of each second workload and a cooling-power-utilization-efficiency ranking of each of the plurality of server devices, the workload allocation system identifies a first server device included in the plurality of server devices for performing the first workload, and causes the first server device to perform the first workload.

Abstract: A power/workload management system includes a power system that is coupled to a first computing device that is configured to perform a first workload, as well as to a second computing device. A management subsystem is coupled to the first computing device and the second computing device, and operates to identify a reduced power event associated with the power system and, in response, determine that the first computing device is associated with a higher power consumption than the second computing device. In response to determining that the first computing device is associated with the higher power consumption than the second computing device, the management subsystem moves the first workload to the second computing device such that the second computing device performs the first workload, and configures the first computing device in a reduced power consumption state.

Abstract: An HCI distributed ledger management system includes a first HCI node in an HCI system that uses its first HCI node data to generate a first hash value that it stores in a distributed ledger and broadcasts to other HCI nodes in the HCI system. In response to a first modification performed on the first HCI node, the first HCI node uses its second HCI node data to generate a second hash value that it stores along with the first hash value in the distributed ledger, and broadcasts to the other HCI nodes in the HCI system. A management system may then determine that an issue exists in the HCI system and, in response, identify a cause of the issue based on the first hash value and the second hash value stored in the distributed ledger.

Abstract: A secure infrastructure onboarding system includes an infrastructure device with an infrastructure device wireless subsystem that it may use to perform wireless key management system discovery operations in response to initialization. A key management system includes a key management system wireless subsystem it uses to perform the wireless key management system discovery operations with the infrastructure device. The key management subsystem may then wirelessly receive an infrastructure device certificate along with an infrastructure device validation key from the infrastructure device, and validate the first infrastructure device based on the first infrastructure device certificate and the first infrastructure device validation key. In response, the key management system may wirelessly transmit a first credential generation key that is configured for use by the first infrastructure device to generate first authentication credentials.

Abstract: A data encryption key management system includes an application layer with a hypervisor and a virtual machine, a host operating system coupled to the application layer and including a key management agent, and a Baseboard Management Controller (BMC) device coupled to the host operating system and including a BMC storage device providing a key vault. The BMC device receives a first stored data encryption key that was generated by the hypervisor for the virtual machine from the key management agent, and stores the first stored data encryption key in the key vault provided by the BMC storage device. The BMC device subsequently receives a stored data encryption key request from the key management agent and, in response, retrieves the first stored data encryption key from the key vault provided by the BMC storage device, and transmits the first stored data encryption key to the key management agent.

Abstract: Method and systems support configuring components of a chassis comprising a plurality of IHSs (Information Handling Systems). A management controller of the chassis initiates a process for identifying a plurality of hardware and software capabilities of the chassis. Based on the identified capabilities, computing solutions, such as specialized computation and storage functions, supported by the chassis are determined. The computing solutions supported by the capabilities of the chassis are encoded, such as within a set of compatibility bits. Upon detecting updates to the hardware and software capabilities of the chassis, the encoded compatibility bits are used to determine compatibility of the updated capabilities with computing solutions supported by the chassis.

Abstract: An infrastructure backup system includes an infrastructure manager system coupled to infrastructure devices via a network. A first infrastructure device includes a management controller database storing component dependency information identifying dependenc(ies) between a first component in the first infrastructure device and a second component in a second infrastructure device. A management controller device in the first infrastructure device receives a predicted failure for the first component from the infrastructure manager system and performs first backup operations to generate first component backup data based on the identification of the predicted failure for the first component. Based on the component dependency information that identifies the dependency between the first component and the second component, the management controller device also performs second backup operations to generate second component backup data.

Abstract: Method and systems provide automated configuration of replaceable hardware components of a chassis comprising a plurality of IHSs (Information Handling Systems) and a plurality of storage devices that are configured to support demands of a specific computing solution designed for a particular computing task. The IHSs may be computing sleds and the storage devices may be storage sleds, where the sleds are coupled within bays of the chassis. Processes operating on the IHSs monitor for changes to settings related to the first computing solution. A chassis management controller detects updates to the replaceable hardware components that are coupled to the chassis and determines supported settings for detected new hardware components. Parameters for configuring the new hardware components for supporting the first computing solution are selected and used to configure the new hardware components.

Abstract: Method and systems support configuring components of a chassis comprising a plurality of IHSs (Information Handling Systems). A management controller of the chassis initiates a process for identifying a plurality of hardware and software capabilities of the chassis. Based on the identified capabilities, computing solutions, such as specialized computation and storage functions, supported by the chassis are determined. The computing solutions supported by the capabilities of the chassis are encoded, such as within a set of compatibility bits. Upon detecting updates to the hardware and software capabilities of the chassis, the encoded compatibility bits are used to determine compatibility of the updated capabilities with computing solutions supported by the chassis.

Abstract: An information handling system includes a management controller and a processor coupled to the management controller. The processor determines that an application is running on the processor, and determines that a hardware resource of the information handling system is used by the application. The management controller determines to change a first configuration setting for the information handling system, determines that the first configuration setting is related to the hardware resource, and prevents the first configuration setting from being changed based upon the determination that the first configuration setting is related to the hardware resource.

Abstract: An information handling system includes a memory and a processor that determines to change a configuration setting for the information handling system and receives a remediation policy related to the configuration setting from a configuration management system in response to determining to change the configuration setting. The processor further determines from the first remediation policy that the change to the first configuration setting necessitates a configuration change to a device prior to changing the first configuration setting and changes the first configuration setting in response to a first indication that the second configuration setting of the device has been changed. The device is separate from the information handling system.