OpenStack: Output VM list with project and domain as JSON file

IFS=$(echo -en "\n\b")
 
PROJECTS_JSON=$(openstack project list --long -f json)
for PROJECT_JSON in $(echo "${PROJECTS_JSON}" | jq -c '.[]'); do
    PROJECT_ID=$(echo ${PROJECT_JSON} | jq -r .ID)
    PROJECT_NAME=$(echo ${PROJECT_JSON} | jq -r .Name)
    DOMAIN_ID=$(echo ${PROJECT_JSON} | jq -r '."Domain ID"')
    DOMAIN_JSON=$(openstack domain show  ${DOMAIN_ID} -f json)
    DOMAIN_NAME=$(echo ${DOMAIN_JSON} | jq -r .name)
 
    openstack server list --all-projects --long --project ${PROJECT_ID} --sort-column Name -f json | jq .[] | \

OpenStack Debug VPN connection

PROJECT_ID=9eaecf3b-0972-4166-806a-295f4e69fd3c
 
ROUTER_ID=$(openstack vpn service list --long -f json | jq -r ".[] | select(.Project == \"${PROJECT_ID}\").Router")
echo ${ROUTER_ID}
 
openstack port list --router ${ROUTER_ID} --device-owner network:ha_router_replicated_interface -c binding_host_id  -f value | sort -u
 
CONTROL_NODE=ewos1-ctl1-prod
ssh -t ${CONTROL_NODE} docker exec -u root -ti neutron_l3_agent bash
 
apt update
apt install -y vim
vi /var/lib/neutron/ipsec/${ROUTER_ID}/etc/strongswan.d/charon-logging.conf
 
charon {
    ...
    filelog {
        /var/log/vpn-debug-${ROUTER_ID}.log {
            append = no
            default = 2
            ike_name = yes
            time_add_ms = yes
            time_format = %b %e %T
        }
    }
    ...
}
 
 
ip netns exec qrouter-${ROUTER_ID} neutron-vpn-netns-wrapper \

script-server (Web UI for scripts)

Install

# install reuired packages
apt install -y unzip python3-tornado
 
# download and instal script-server
mkdir script-server
cd script-server
wget https://github.com/bugy/script-server/releases/download/1.15.2/script-server.zip
unzip script-server.zip
rm script-server.zip
 
# start script-server
./launcher.py

Add job

# cat ./conf/runners/certgen.json 
{
  "name": "certgen",
  "description": "Request Lets Encrypt certificate",
  "script_path": "/usr/local/bin/certgen",
  "parameters": [
    {
      "name": "Domain",
      "default": "example.com"
    }
  ],
  "output_files": [
      "/home/local/certificates/*${Domain}*"
  ]
}

WebUI
http://SERVER_IP:5000/

Redirect port 5000 to 80

iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 5000

Links
https://github.com/bugy/script-server

Vagrant

Install
https://www.vagrantup.com/downloads.html

# sudo apt install -y jq
 
URL=$(wget https://checkpoint-api.hashicorp.com/v1/check/vagrant -qO- | jq  -r '"https://releases.hashicorp.com/vagrant/" + .current_version + "/vagrant_" + .current_version + "_x86_64.deb"')
wget ${URL} -qP /tmp
sudo dpkg -i /tmp/${URL##*/}
 
vagrant --version

Install with Ansible

- name: Get latest vagrant version
  uri:
    url: https://checkpoint-api.hashicorp.com/v1/check/vagrant
  register: release
 
- set_fact:
    version: "{{ release.json | json_query('current_version') }}"
 
- name: Install Vagrant
  apt:
    deb: https://releases.hashicorp.com/vagrant/{{ version }}/vagrant_{{ version }}_x86_64.deb
  become: yes
 
- name: Adding user ubuntu to group libvirt
  user:
    name: ubuntu
    groups: libvirt
    append: yes
  become: yes
 
- name: Install vagrant-libvirt plugin
  command: sudo -H -u ubuntu vagrant plugin install vagrant-libvirt
  become: yes

CLI

topgrade

Install
https://github.com/r-darwish/topgrade/releases/

URL=https://github.com/r-darwish/topgrade/releases/download/v5.4.0/topgrade-v5.4.0-x86_64-unknown-linux-gnu.tar.gz
 
wget ${URL} -qP /tmp
tar -C /tmp -xzf /tmp/topgrade-v*-x86_64-unknown-linux-gnu.tar.gz
sudo mv /tmp/topgrade /usr/local/sbin

Custom configuration

# ~/.config/topgrade.toml
...
remote_topgrades = ["www.example.com", "db.example.com"]
 
[git]
repos = [
    "~/git/repository_1",
    "~/git/repository_2"
]
...

Run update

topgrade -cy

Run on specific remote host

topgrade -cy --only remotes --remote-host-limit ".*.example.com"

Links
https://github.com/r-darwish/topgrade
https://github.com/r-darwish/topgrade/releases

Get noisy neighbor VMs

source /etc/kolla/admin-openrc.sh
 
IFS=$(echo -en "\n\b")
 
function get_vm_details() {
    LINE=$1
 
    SERVER_ID=$(echo ${LINE} | cut -d" " -f3)
    SERVER_JSON=$(openstack server show ${SERVER_ID} -f json)
    SERVER_NAME=$(echo ${SERVER_JSON} | jq -r .name)
    SERVER_PROJECT_ID=$(echo ${SERVER_JSON} | jq -r .project_id)
    SERVER_PROJECT_JSON=$(openstack project show ${SERVER_PROJECT_ID} -f json)
    SERVER_PROJECT_NAME=$(echo ${SERVER_PROJECT_JSON} | jq -r .name)
 
    echo "${LINE} ${SERVER_NAME} ${SERVER_PROJECT_NAME}"
}
 

Ubuntu 20.04 Focal Fossa LTS

Schedule
https://wiki.ubuntu.com/FocalFossa/ReleaseSchedule

ReleaseNotes
https://wiki.ubuntu.com/FocalFossa/ReleaseNotes

Known issues
https://wiki.ubuntu.com/FocalFossa/ReleaseNotes#Known_issues

Download
Releases: http://releases.ubuntu.com/20.04/
Cloud image (minimal): https://cloud-images.ubuntu.com/minimal/daily/focal/current/focal-minimal-cloudimg-amd64.img
Netboot: http://archive.ubuntu.com/ubuntu/dists/focal/main/installer-amd64/current/images/netboot/mini.iso
Torrent: http://releases.ubuntu.com/20.04/ubuntu-20.04-desktop-amd64.iso.torrent

Repository

echo "deb http://de.archive.ubuntu.com/ubuntu focal main restricted universe multiverse" \
    sudo tee /etc/apt/sources.list.d/ubuntu-focal.list
echo "deb http://de.archive.ubuntu.com/ubuntu focal-updates main restricted universe multiverse" \
    sudo tee /etc/apt/sources.list.d/ubuntu-focal-updates.list
 
sudo apt update

Workarounds

Mellanox ConnectX-3 Pro UEFI iPXE boot

  Device Type:      ConnectX3Pro
  Part Number:      MCX312B-XCC_Ax
  Description:      ConnectX-3 Pro EN network interface card; 10GigE; dual-port SFP+; PCIe3.0 x8 8GT/s; RoHS R6
  PSID:             MT_1200111023
  PCI Device Name:  /dev/mst/mt4103_pci_cr0
  Port1 MAC:        ec0d9a00aab1
  Port2 MAC:        ec0d9a00aab2
  Versions:         Current        Available    
     FW             2.42.5000      N/A          
     PXE            3.4.0752       N/A          

Flash UEFI firmware
Request UEFI firmware from support@mellanox.com
http://www.panticz.de/mellanox/firmware-update

flint -y -d /dev/mst/mt4103_pci_cr0 -i firmware fw-ConnectX3Pro-rel-2_42_5000-MCX312B-XCC_Ax-FlexBoot-3.4.752-UEFI-14.11.46.bin b
  Device Type:      ConnectX3Pro
  Part Number:      MCX312B-XCC_Ax
  Description:      ConnectX-3 Pro EN network interface card; 10GigE; dual-port SFP+; PCIe3.0 x8 8GT/s; RoHS R6
  PSID:             MT_1200111023
  PCI Device Name:  /dev/mst/mt4103_pci_cr0
  Port1 MAC:        ec0d9a00aab1
  Port2 MAC:        ec0d9a00aab2
  Versions:         Current        Available    
     FW             2.42.5000      N/A          
     PXE            3.4.0752       N/A          
     UEFI           14.11.0046     N/A     

Fix iPXE boot issue (recompile ipxe.efi) when connected to LACP swith port
http://www.panticz.de/ipxe/compile