Commission machines (deb/2.9/CLI)
MAAS is built to manage machines, including the operating systems on those machines. Enlistment and commissioning are features that make it easier to start managing a machine – as long as that machine has been configured to netboot. Enlistment enables users to simply connect a machine, configure the firmware properly, and power it on so that MAAS can find it and add it.
Enlistment happens when MAAS starts; it reaches out on connected subnets to locate any nodes – that is, devices and machines – that reside on those subnets. MAAS finds a machine that’s configured to netboot (e.g., via PXE), boots that machine into Ubuntu, and then sends cloud-init user data which runs standard (i.e., built-in) commissioning scripts. The machine actually adds itself over the MAAS API, and then requests permission to send commissioning data.
Since MAAS doesn’t know whether you might intend to actually include these discovered machines in your cloud configuration, it won’t automatically take them over, but it will read them to get an idea how they’re set up. MAAS then presents these machines to you with a MAAS state of “New.” This allows you to examine them and decide whether or not you want MAAS to manage them.
When you configure a machine to netboot – and turn it on while connected to the network – MAAS will enlist it, giving it a status of “New.” You can also add a machine manually). In either case, the next step is commissioning, which boots the machine into an ephemeral Ubuntu kernel so that resource information can be gathered. You can also run custom commissioning scripts to meet your specific needs.
Commissioning requires 60 seconds.
Six questions you may have:
- How are machines commissioned?
- How can I commission NUMA and SR-IOV nodes?
- What are MAAS commissioning scripts?
- What post-commission configuration is possible?
- What is a bond interface and how do I create one?
- What is a bridge interface and how do I create one?
When MAAS commissions a machine, the following sequence of events takes place:
- DHCP server is contacted
- kernel and initrd are received over TFTP
- machine boots
- initrd mounts a Squashfs image ephemerally over HTTP
- cloud-init runs built-in and custom commissioning scripts
- machine shuts down
The commissioning scripts will talk to the region API server to ensure that everything is in order and that eventual deployment will succeed.
MAAS chooses the latest Ubuntu LTS release as the default image for commissioning. If desired, you can select a different image in the “Settings” page of the web UI, by selecting the “General” tab and then scrolling down to the Commissioning section.
To commission a machine:
maas $PROFILE machine commission $SYSTEM_ID
To commission a node, it must have a status of “New”.
To commission all nodes in the “New” state:
maas $PROFILE machines accept-all
You have the option of setting some parameters to change how commissioning runs:
enable_ssh: Optional integer. Controls whether to enable SSH for the commissioning environment using the user’s SSH key(s). ‘1’ == True, ‘0’ == False. Roughly equivalent to the Allow SSH access and prevent machine powering off in the web UI.
skip_bmc_config: Optional integer. Controls whether to skip re-configuration of the BMC for IPMI based machines. ‘1’ == True, ‘0’ == False.
skip_networking: Optional integer. Controls whether to skip re-configuring the networking on the machine after the commissioning has completed. ‘1’ == True, ‘0’ == False. Roughly equivalent to Retain network configuration in the web UI.
skip_storage: Optional integer. Controls hether to skip re-configuring the storage on the machine after the commissioning has completed. ‘1’ == True, ‘0’ == False. Roughly equivalent to Retain storage configuration in the web UI.
commissioning_scripts: Optional string. A comma separated list of commissioning script names and tags to be run. By default all custom commissioning scripts are run. Built-in commissioning scripts always run. Selecting
configure_hbawill run firmware updates or configure HBA’s on matching machines.
testing_scripts: Optional string. A comma seperated list of testing script names and tags to be run. By default all tests tagged
commissioningwill be run. Set to
noneto disable running tests.
parameters: Optional string. Scripts selected to run may define their own parameters. These parameters may be passed using the parameter name. Optionally a parameter may have the script name prepended to have that parameter only apply to that specific script.
If you are using the NUMA architecture, MAAS versions 2.7 and higher guarantee that machines are assigned to a single NUMA node that contains all the machine’s resources. Node boundaries are critical, especially in vNUMA situations. Splitting nodes can create unnecessary latency. You want the NUMA node boundaries to match VM boundaries if at all possible.
You must recommission NUMA/SR-IOV machines that were previously commissioned under version 2.6 or earlier.
When a machine boots, MAAS first instructs it to run cloud-init to set up SSH keys (during commissioning only), set up NTP, and execute a script that runs other commissioning scripts. Currently, the sequence of MAAS-provided commissioning scripts proceeds like this:
maas-support-info: MAAS gathers information that helps to identify and characterise the machine for debugging purposes, such as the kernel, versioning of various components, etc. Runs in parallel with other scripts.
maas-lshw: this script pulls system BIOS and vendor info, and generates user-defined tags for later use. Runs in parallel with other scripts.
20-maas-01-install-lldpd: this script installs the link layer discovery protocol (LLDP) daemon, which will later capture networking information about the machine. This script provides some extensive logging.
maas-list-modaliases: this script figures out what hardware modules are loaded, providing a way to autorun certain scripts based on which modules are loaded. Runs in parallel with other scripts.
20-maas-02-dhcp-unconfigured-ifaces: MAAS will want to know all the ways the machine is connected to the network. Only PXE comes online during boot; this script brings all the other networks online so they can be recognised. This script provides extensive logging.
maas-get-fruid-api-data: this script gathers information for the Facebook wedge power type. Runs in parallel with other scripts.
maas-serial-ports: this script lists what serial ports are available on the machine. Runs in parallel with other scripts.
40-maas-01-network-interfaces: this script is just used to get the IP address, which can then be associated with a VLAN/subnet.
50-maas-01-commissioning: this script is the main MAAS tool, gathering information on machine resources, such as storage, network devices, CPU, RAM, etc. We currently pull this data using lxd: We use a Go binary built from lxd source that just contains the minimum source to gather the resource information we need. This script also checks whether the machine being commissioning is a virtual machine, which may affect how MAAS interacts with it.
maas-capture-lldp: this script gathers LLDP network information to be presented on the logs page; this data is not used by MAAS at all. Runs in parallel with other scripts.
maas-kernel-cmdline: this script is used to update the boot devices; it double-checks that the right boot interface is selected.
Commissioning runs the same dozen or so scripts as enlistment, gathering all the same information, but with these seven caveats:
Commissioning also runs user-supplied commissioning scripts, if present. Be aware that these scripts run as root, so they can execute any system command.
Commissioning runs test scripts which are not run during enlistment.
Commissioning scripts can send BMC configuration data, and can be used to configure BMC data.
The environment variable BMC_CONFIG_PATH is passed to serially run commissioning scripts; these scripts may write BMC power credentials to BMC_CONFIG_PATH in YAML format, where each key is a power parameter. The first script to write BMC_CONFIG_PATH is the only script allowed to configure the BMC, allowing you to override MAAS’ built-in BMC detection. If the script returns 0, that value will be send to MAAS.
All built-in commissioning scripts have been migrated into the database.
maas-run-remote-scriptsis capable of enlisting machines, so enlistment
user-datascripts have been removed.
The metadata endpoints
http://<MAAS>:5240/<latest or 2012-03-01>/and
http://<MAAS>:5240/<latest or 2012-03-01>/meta-data/are now available anonymously for use during enlistment.
In both enlistment and commissioning, MAAS uses either the MAC address or the UUID to identify machines. Currently, because some machine types encountered by MAAS do not use unique MAC addresses, we are trending toward using the UUID.
Once commissioned, you can configure the machine’s network interface(s). Specifically, when a machine’s status is either “Ready” or “Broken”, interfaces can be added/removed, attached to a fabric and linked to a subnet, and provided an IP assignment mode. Tags can also be assigned to specific network interfaces (see Tags for network interfaces).
Auto assign: MAAS will assign a random static address (
iface eth0 inet static). The pool of available addresses depends on whether the subnet is managed or unmanaged (see Subnet management).
Static assign: The administrator will specify a static address using a secondary field.
DHCP: The machine leases a dynamic IP address, via either MAAS-managed DHCP or an external DHCP server.
Unconfigured: The interface is not configured.
Press the “Save” button to apply the changes.
snap-2-7-ui snap-2-8-ui snap-2-9-ui deb-2-7-ui deb-2-8-ui deb-2-9-ui -->
If you want to edit the IP assignment mode of a network interface, the existing subnet link first needs to be removed.
Begin by finding the interface ID as well as the interface’s subnet link ID with the command:
maas $PROFILE node read $SYSTEM_ID
Once that’s done, proceed to unlink and link:
maas $PROFILE interface unlink-subnet $SYSTEM_ID $INTERFACE_ID id=$SUBNET_LINK_ID maas $PROFILE interface link-subnet $SYSTEM_ID $INTERFACE_ID mode=$IP_MODE subnet=$SUBNET_CIDR [$OPTIONS]
For instance, to have interface
58, with subnet link
146, on machine
exqn37 use DHCP on subnet
maas $PROFILE interface unlink-subnet exqn37 58 id=146 maas $PROFILE interface link-subnet exqn37 58 mode=dhcp subnet=192.168.1.0/24
If instead of DHCP, you desire a static address, then the second command would look like this:
maas $PROFILE interface link-subnet exqn37 58 mode=static subnet=192.168.1.0/24 ip_address=192.168.1.113
See Concepts and terms for the definitions of reserved range types.
A bond interface is used to aggregate two or more physical interfaces into a single logical interface. Combining multiple network connections in parallel can increase network throughput beyond what a single NIC will allow. It also provides some redundancy in case one of the NICs should fail. More information about the theory behind bonded NICs is found in the relevant IEEE standard.
A bond can be created with the following command:
maas $PROFILE interfaces create-bond $SYSTEM_ID name=$BOND_NAME \ parents=$IFACE1_ID mac_address=$MAC_ADDR \ parents=$IFACE2_ID bond_mode=$BOND_MODE \ bond_updelay=$BOND_UP bond_downdelay=$BOND_DOWN mtu=$MTU
parents parameters to define which interfaces form the aggregate interface.
bond_downdelay parameters specify the number of milliseconds to wait before either enabling or disabling a slave after a failure has been detected.
The following is an example of
create-bond in action:
maas admin interfaces create-bond 4efwb4 name=bond0 parents=4 \ mac_address=52:52:00:00:00:00 parents=15 bond_mode=802.3ad \ bond_updelay=200 bond_downdelay=200 mtu=9000
There are a wide range of bond parameters you can choose when creating a bond:
|Parameter||Type and description|
||Optional string. MAC address of the interface.|
||Optional string. Tags for the interface.|
||Optional string. VLAN the interface is connected to. If not provided then the interface is considered disconnected.|
||Required integer. Parent interface ids that make this bond.|
||Optional integer. The link monitoring freqeuncy in milliseconds. (Default: 100).|
||Optional integer. Specifies the time, in milliseconds, to wait before disabling a slave after a link failure has been detected.|
||Optional integer. Specifies the time, in milliseconds, to wait before enabling a slave after a link recovery has been detected.|
||Optional string. Option specifying the rate at which to ask the link partner to transmit LACPDU packets in 802.3ad mode. Available options are
||Optional string. The transmit hash policy to use for slave selection in balance-xor, 802.3ad, and tlb modes. Possible values are:
||Optional integer. The number of peer notifications (IPv4 ARP or IPv6 Neighbour Advertisements) to be issued after a failover. (Default: 1)|
||Optional integer. Maximum transmission unit.|
||Optional boolen. Accept router advertisements. (IPv6 only)|
||Optional boolean. Perform stateless autoconfiguration. (IPv6 only)|
||Optional string. The operating mode of the bond. (Default: active-backup).|
Supported bonding modes include:
||Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.|
||Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond’s MAC address is externally visible on only one port (network adapter) to avoid confusing the switch.|
||Transmit based on the selected transmit hash policy. The default policy is a simple [(source MAC address XOR’d with destination MAC address XOR packet type ID) modulo slave count].|
||Transmits everything on all slave interfaces. This mode provides fault tolerance.|
||IEEE 802.3ad dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Uses all slaves in the active aggregator according to the 802.3ad specification.|
||Adaptive transmit load balancing: channel bonding that does not require any special switch support.|
||Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation.|
A bridge interface is created with the following syntax:
maas $PROFILE interfaces create-bridge $SYSTEM_ID name=$BRIDGE_NAME \ parent=$IFACE_ID
parent to define the primary interface used for the bridge:
maas admin interfaces create-bridge 4efwb4 name=bridged0 parent=4
The following parameters may be applied when creating a bridge:
name: Optional string. Name of the interface.
mac_address: Optional string. MAC address of the interface.
tags: Optional string. Tags for the interface.
vlan: Optional string. VLAN the interface is connected to.
parent: Optional integer. Parent interface id for this bridge interface.
bridge_type: Optional string. The type of bridge to create. Possible values are:
bridge_stp: Optional boolean. Turn spanning tree protocol on or off. (Default: False).
bridge_fd: Optional integer. Set bridge forward delay to time seconds. (Default: 15).
mtu: Optional integer. Maximum transmission unit.
accept_ra: Optional boolean. Accept router advertisements. (IPv6 only)
autoconf: Optional boolean. Perform stateless autoconfiguration. (IPv6 only)
The “delete” command can be used to delete a bridge interface, a bond interface or a physical interface:
maas $PROFILE interface delete $SYSTEM_ID $IFACE_ID
maas admin interface delete 4efwb4 15
The following is output after the successful deletion of an interface:
Success. Machine-readable output follows:
Note that while the label is presented, there is no machine-readable output expected after the successful execution of the delete command.