SEE Operational States
The following describes the different states that the SEE operates within and provides information on transitioning of the states.
The SEE operates within 3 defined states (or levels) according to the principle that the higher the operating state, the further access controls and restrictions are placed on the SEE.
State 1 - OEM
State 1 is the operational state in which the SEE is delivered to the customer. State 1 provides access to the PiLO and SFP via SSH and allows installing and configuring virtual machine(s).
State 2 - Administrative State
This special operational state, known as the Administrative State, allows an authenticated user to perform administrative tasks on the virtual machines deployed within the SEE. Examples of such administrative tasks are updating an application within a virtual machine and performing a full backup of a virtual machine. This state’s sole purpose is to allow administrative tasks, for example, updating an application within a virtual machine or performing a full backup of a virtual machine. Administrative tasks can only be performed via the Web interface and SSH access to the SFP is not available.
Note that virtual machines cannot be created or destroyed in this state.
State 3 - End User State
It is during this third End User state that installed virtual machines are automatically started and monitored. This is the highest level of restriction and the SFP only provides access to (executing) virtual machines via their configured network ports. There is no access to the SFP and further, no administrative tasks can be performed on the SFP or on any of the installed virtual machines.
Transitioning of states refers to moving from one state into another. For example, from state 1 to state 2, or from state 3 to state 2. (Note that in SEE versions prior to 2.0, state 2 is not available).
Transitioning of states is controlled by the TA and is triggered via the PiLO (or a web browser connected to the PiLO). The principle is that transitioning to a higher level provides additional restrictions to access the SFP, and you can optionally protect the transition from a lower to a higher state. In reverse, transitioning to a lower state provides additional access to the SFP and it is hence necessary that the SEE requires authentication and authorization. For more information on how to protect transitions, see.
All transitions, except that of 2<->3, require that the SFP is shut down prior to performing the transition. The system will forcibly shutdown the SFP if it is not shut down prior to performing the transition.