export OS_ENV=dev export SERVER_ID=$1 # search for VM by name if [ ${#SERVER_ID} -ne 36 ]; then RESULT="$(openstack server list --all --name ${SERVER_ID})" if [ $(echo "${RESULT}" | wc -l) -eq 5 ]; then SERVER_ID=$(echo "${RESULT}" | tail -2 | head -1 | cut -d " " -f2) else echo "No VM with name ${SERVER_ID}) found, similar VMs:" echo "${RESULT}" exit 0 fi fi RESULT=$(openstack server show ${SERVER_ID} -f value -c id) if [ -z "${RESULT}" ]; then
SERVER_ID=51f8bbe2-4a89-4065-a24f-4a6fa47fadd0 PORT_ID=$(openstack port list --server ${SERVER_ID} -c id -f value) echo ${PORT_ID} #DEP: SECURITY_GROUP_ID=$(openstack port show ${PORT_ID} -c security_group_ids -f json | jq -r .security_group_ids | tr ',' '\n' | head -1) SECURITY_GROUP_ID=$(openstack port show ${PORT_ID} -c security_group_ids -f json | jq -r 'first(.security_group_ids[])') echo ${SECURITY_GROUP_ID} # openstack security group show ${SECURITY_GROUP_ID} # create security group rule to allow incomming icmp traffic SECURITY_GROUP_RULE_ID=$(openstack security group rule create --protocol icmp ${SECURITY_GROUP_ID} -c id -f value) echo ${SECURITY_GROUP_RULE_ID} openstack security group rule show ${SECURITY_GROUP_RULE_ID} # remove rule openstack security group rule delete ${SECURITY_GROUP_RULE_ID}
Identify port by MAC
MAC=00:11:22:33:44:55 openstack port list --mac-address ${MAC} SUBNET_ID=b07b6b7a-dfb2-4b58-82cb-1568da8990b3 openstack subnet show ${SUBNET_ID} PROJECT_ID=701e329e-997d-4dfa-b0d0-27a51670ed2d openstack project show ${PROJECT_ID}
Add security group to port
SERVER_ID=$(openstack server list --all-projects --name vm1-dev -c ID -f value) openstack port list --server ${SERVER_ID} PORT_ID=97006537-07b1-4d37-9e2e-3bb71ad23087 openstack port set --security-group 2060fc87-a1bf-4cf5-a497-f6c4b45cffcd ${PORT_ID}
Create VM
openstack server create foo-certbot \
--image "Ubuntu 18.04" \
--flavor m1.small \
--key-name foo-key \
--network foo-net \
--security-group foo-secAdd floating IP
FLOATING_IP=$(openstack floating ip create public -c floating_ip_address -f value) echo ${FLOATING_IP} openstack server add floating ip foo-certbot ${FLOATING_IP}
Install certbot
ssh ubuntu@${FLOATING_IP} sudo apt update && sudo apt install -y certbot
Create wildcard certificates
export DOMAINS=" dev.example.com www.example.com " for DOMAIN in ${DOMAINS}; do sudo certbot certonly \ --manual \ --manual-public-ip-logging-ok \ --register-unsafely-without-email \ --agree-tos \ --preferred-challenges dns-01 \ --server https://acme-v02.api.letsencrypt.org/directory \ -d \*.${DOMAIN} done
Debug
Upload new image(s)
Configure kolla-ansible
#echo 'designate_tag: "7.0.1.2"' >> /etc/kolla/globals.yml sed -i 's/[#]dns_interface:/dns_interface:/g' /etc/kolla/globals.yml sed -i 's/[#]enable_designate: .*/enable_designate: "yes"/g' /etc/kolla/globals.yml sed -i 's/[#]enable_horizon_designate:/enable_horizon_designate:/g' /etc/kolla/globals.yml sed -i 's/[#]designate_ns_record: .*/designate_ns_record: "pool.{{ os_environment }}.example.com"/g' /etc/kolla/globals.yml
Configure pool
mkdir -p /etc/kolla/config/foo/designate /etc/kolla/config/foo/designate/pools.yaml - name: default-bind description: Default BIND9 Pool attributes: {} ns_records: - hostname: ns1.dev.i.example.com. priority: 1 nameservers: - host: 10.0.4.45 port: 53 targets: - type: bind9 description: BIND9 Server 1 masters: - host: 10.0.4.135 port: 5354 options: host: 10.0.4.45 port: 53 rndc_host: 10.0.4.45 rndc_port: 953 rndc_key_file: /etc/designate/rndc.key
Deploy Designate container
openstack container create bucket1 openstack object create bucket1 /etc/fstab --name fstab # list objects count openstack container show backup1
Get broken / INACTIVE ports
Check kibana logs for
"While synchronizing instance power states, found"
Check libvirt VMs vs. nova DB
COMPUTE_NODE=com1-dev # get shutoff VMs on compute node VMS_COMPUTE=$(ssh ${COMPUTE_NODE} docker exec -i nova_libvirt virsh list --state-shutoff --uuid | sed '/^$/d' | sort) # echo "${VMS_COMPUTE}" # get shutoff VMs from nova DB VMS_NOVA=$(ssh os-admin-dev "source /etc/kolla/admin-openrc.sh; openstack server list --all --host ${COMPUTE_NODE} -c ID -f value --status SHUTOFF" | sort) # echo "${VMS_NOVA}" # diff shutoff VMs comm -3 <(echo "${VMS_COMPUTE}") <(echo "${VMS_NOVA}")
Remove shutdown VM from libvirt
Show bridges without tab device
brctl show | egrep "qvb|tap" | sed '$!N;/\n.*tap/d;P;D' | awk '{print substr($1,4,8)}'
Get interface details
TOKEN=cac559da # show port details docker exec openvswitch_vswitchd ovsdb-client dump | grep ${TOKEN} # get OVS port docker exec openvswitch_vswitchd ovs-vsctl list-ports br-int | grep ${TOKEN} # get OVS interface docker exec openvswitch_vswitchd ovs-vsctl list-ifaces br-int | grep ${TOKEN} # show host bridges brctl show | grep ${TOKEN} # show host interfaces ip a | grep ${TOKEN}
Delete interface