MAAS控制HP,需要iLO firmware 2.4

MAAS控制virsh vm,选择"virsh”, “qemu+ssh://[email protected]/system”,和virsh中vm的名字。这里10.240.169.2是拥有这个virsh的hypervisor,所以root自然就是可以登录这个hypervisor并具有执行turn on这台vm权限的用户。

Clear DHCP on MAAS

每次重建OPENSTACK,MAAS中cluster控制的网段dhcp pool都需要手动清空,juju destroy不会自动清空。

cd /var/lib/maas/dhcp

sudo bash

cat dhcpd.leases | awk ‘/^host/,/}/ {print$0} /^server/ {print $0}’ > newlease

cp newlease dhcpd.leases

service maas-dhcpd restart

exit

export OS_USERNAME=admin export OS_PASSWORD=****** export OS_TENANT_NAME=admin export OS_AUTH_URL=http://10.240.169.202:35357/v2.0

这里10.240.169.202是keystone cluster的vip。

比如下面的例子中,neutron命令会通过source中定义的auth URL去尝试以admin登陆进行net-list命令。

*****@maas-wticiaas:~/charms$ neutron net-list +————————————–+—————————————————-+——————————————————-+ | id | name | subnets | +————————————–+—————————————————-+——————————————————-+ | 8dbef572-5a0a-48c7-9a31-31caf643e3bf | HA network tenant 893503fac1bd482b9e5b1c8a30c9e027 | 78d876be-bb0a-45c7-81e7-b5d7f691e62f 169.254.192.0/18 | | 7c31a6f3-1a77-460e-9f75-bc7547bb46f5 | DMZ | 34718522-e9ee-4bfc-92e2-12c3c065d617 10.237.3.0/24 | | 2c8465c3-b2c5-440a-8448-f08b4430f5bf | External | 9e8bef9c-7e74-4697-8985-ce7f0f6ca87f 10.240.172.0/24 | +————————————–+—————————————————-+——————————————————-+

如果为了安全不想把密码写到文件里,可以script让用户手动输入

图中,Br-Ext是untagged uplink,Br-Vlan是juju中的br-data为tagged uplink,Br-Int类似ACI中的AEP负责各网络部件之间连接,Br-Tun是vxlan。

nova-compute的External uplink可以选择是从自己host上的uplink直接出去还是从neutron-gateway的uplink出去,如果gateway,那就以为只traffic要从br-int到controller,再从controller上gateway定义中的upolink出去。neutron-gateway在设计时也可以选择是从trunk还是native vlan uplink出去。

在host上用ovs-vsctl show 查看各自ovs 上的br关系。

 

跳过任何注释直接显示实际script有效部分

cat xx | egrep -v “(^#.*|^$)”

Clear up expired key to free space

keystone table in mariadb keeps growing, the way to fix it is to periodically run a cron job to prune it.

As mentioned above, UUID tokens must be persisted. By default, keystone persists UUID tokens using a SQL backend. An unfortunate side-effect is that the size of the database will grow over time regardless of the token’s expiration time. Expired UUID tokens can be pruned from the backend using keystone’s command line utility:

$ keystone-manage token_flush We recommend invoking this command periodically using cron.

Clear up all LBaaS resources in a tenant

neutron lbaas-listener-delete $(neutron lbaas-listener-list | awk {'print $2'})
neutron lbaas-healthmonitor-delete $(neutron lbaas-healthmonitor-list | awk {'print $2'})
neutron lbaas-pool-delete $(neutron lbaas-pool-list | awk {'print $2'})
neutron lbaas-loadbalancer-delete $(neutron lbaas-loadbalancer-list | awk {'print $2'})

there maybe a time that lb stuck in ‘pending’ state, which causes failure on any action agianst that lb. You have to login DB to change its state manually. update lbaas_loadbalancers set provisioning_status='ACTIVE' where id='39cc7abd-b30f-4c11-a227-eda4ecfcfbf6'