Floating IPs

# list all floating IPs
openstack floating ip list
openstack floating ip show 1.2.3.4
openstack floating ip list --project ${PROJECT_ID} --long
 
# Allocate floating IP
openstack floating ip create public 
 
# Allocate specific floating IP for a project (as cloud admin)
openstack floating ip create public --floating-ip-address 10.11.12.13 --project foo-project
FLOATING_IP=$(openstack floating ip create public -c floating_ip_address -f value --floating-ip-address 10.11.12.13)
 
# Associate floating IP to instance
openstack server add floating ip ${INSTANCE_NAME_OR_ID} ${FLOATING_IP}
 
# Disassociate floating IP
openstack server remove floating ip ${INSTANCE_NAME_OR_ID} ${FLOATING_IP}
 
# Release floating IP
openstack floating ip delete ${FLOATING_IP}
 
# show used floating IPs
NETWORK_ID=$(openstack subnet list --network public -c Network -f value)
openstack ip availability show -c total_ips -c used_ips ${NETWORK_ID}
 
# Add floating IP to port
openstack floating ip set --port ${PORT_ID} ${FLOATING_IP}

List reserved floating IPs per project

s3cmd

Install s3cmd (s3 CLI client)

sudo apt install -y s3cmd

Configuration file

s3cmd --configure
${HOME}/.s3cfg

CLI

s3fs

Install

sudo apt install -y s3fs

Create credentials

echo ${BUCKET}:${ACCESS_KEY}:${SECRET_KEY} >> ~/.passwd-s3fs
chmod 600 ~/.passwd-s3fs

Mount S3 bucket

s3fs bucket1 /tmp/mnt -o url=https://s3.example.com

Parameter

-o passwd_file=~/.passwd-s3fs
-o url=https://s3.example.com,allow_other,umask=0000
-o use_cache=/tmp/cache

/etc/fstab

mybucket1.mydomain.org /mnt/mybucket1 fuse.s3fs _netdev,allow_other,passwd_file=/home/ftpuser/.passwd-aws-s3fs,default_acl=public-read,uid=1001,gid=65534 0 0

Links
https://github.com/s3fs-fuse/s3fs-fuse
https://gridscale.io/community/tutorials/s3-fuse-ubuntu/

NVMe firmware update with Intel SSD Firmware Update Tool

Intel SSD Firmware Update Tool
https://downloadcenter.intel.com/download/30509?v=t
https://downloadcenter.intel.com/download/30373?v=t
https://downloadmirror.intel.com/30509/eng/CLI-Intel-MAS-1.8-User-Guide-Public-342245-010US.pdf
# latest version
https://www.intel.com/content/www/us/en/download/19520/intel-memory-and-storage-tool-cli-command-line-interface.html?v=t

wget https://downloadmirror.intel.com/30373/eng/Intel%C2%AE_SSD_FUT_3.0.11.zip
 
intelmas show -output json
intelmas load -f -intelssd 0
intelmas show -output json -intelssd -sensor
 
for NVME_ID in $(intelmas show -output json -intelssd | jq '.[] | select(.ProductFamily | contains("Intel")) .Index'); do
    intelmas show -intelssd ${NVME_ID}
    intelmas load -force -intelssd ${NVME_ID}
done

Intel NVMe firmware update with Intel SSD Data Center Tool (deprected)
Check for latest version: https://downloadcenter.intel.com/search?keyword=SSD+Firmware+Update+Tool

GRML iPXE etboot from HTTP (without NFS)

# downlaod Grml image
wget http://download.grml.org/grml32-small_2013.02.iso -O /tmp/grml32-small_2013.02.iso

# mount image
mount /tmp/grml32-small_2013.02.iso /mnt/ -o loop

# copy Grml files to tftpboot
mkdir /var/lib/tftpboot/live/grml/32-small/
cp /mnt/boot/grml32small/initrd.img /var/lib/tftpboot/live/grml/32-small/
cp /mnt/boot/grml32small/vmlinuz /var/lib/tftpboot/live/grml/32-small/
cp /mnt/live/grml32-small/grml32-small.squashfs /var/lib/tftpboot/live/grml/32-small/

# configure NFS
echo "/var/lib/tftpboot/live/grml/32-small *(ro,no_root_squash,async,no_subtree_check)

sysctl

configure parameter

# determine the maximum size of a shared memory segment
cat /proc/sys/kernel/shmmax
 
# set default shared memory limit for shmmax (16 GB)
echo 17179869184 > /proc/sys/kernel/shmmax
 
# add the following line to /etc/sysctl.conf to make a change permanent
echo "kernel.shmmax=4294967296" >> /etc/sysctl.d/90-shmmax.conf
 
# load parameter
/sbin/sysctl -p /etc/sysctl.d/90-shmmax.conf

reduce swap usage
https://en.wikipedia.org/wiki/Swappiness

OpenStack: Floating IP port forward (in development / experimental)

List floatin IPs

openstack floating ip list
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| ID                                   | Floating IP Address | Fixed IP Address | Port                                 | Floating Network                     | Project                          |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| dc049c28-6562-4c37-834b-d3a612d4b580 | 1.2.3.4        | None             | None                                 | 39583230-154f-4b56-a56e-2fd83c9986ce | 1eede1bdc28344f3acf6b48b232e406f |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+

List VMs

Octavia: Allow SSH login to Amphora VM

Allow SSH access

LB_ID=foo-lb01-prod
 
AMPHORA_ID=$(openstack loadbalancer amphora list --loadbalancer ${LB_ID} --role MASTER -c id -f value)
AMPHORA_COMPUTE_ID=$(openstack loadbalancer amphora show ${AMPHORA_ID} -c compute_id -f value)
LB_NETWORK_IP=$(openstack loadbalancer amphora show ${AMPHORA_ID} -c lb_network_ip -f value)
SECURITY_GROUP_ID=$(openstack port list --server ${AMPHORA_COMPUTE_ID} --fixed-ip "ip-address=${LB_NETWORK_IP}" -c security_group_ids -f value)
 
# DEBUG: show ingress tcp rules
openstack security group rule list --ingress --protocol tcp ${SECURITY_GROUP_ID}
openstack security group rule create --protocol tcp --dst-port 22:22 --remote-ip 172.16.0.0/12  ${SECURITY_GROUP_ID}
openstack loadbalancer amphora list --loadbalancer ${LB_ID} -c  lb_network_ip -c role -f value
openstack loadbalancer amphora list --loadbalancer ${LB_ID} -c  lb_network_ip --role MASTER -f value
 
# login to amphora VM from OpenStack control node
ssh local@ctl1-dev.dev.i.example.com
ssh -i ~/.ssh/id_rsa_octavia ubuntu@${AMPHORA_VM_IP}

Manuall SSH access