How to install MAAS(deb/2.9/CLI)

2.9 3.0 3.1
DEB CLI ~ UI CLI ~ UI CLI ~ UI
SNAP CLI ~ UI CLI ~ UI CLI ~ UI

MAAS initialisation modes reference

MAAS supports the following modes, which dictate what services will run on the local system:

Mode Region Rack Database Description
region X Region API server only
rack X Rack controller only
region+rack X X Region API server and rack controller
none Reinitialises MAAS and stops services

About SSH keys

MAAS uses your Launchpad or Github SSH keys to access machines that have been deployed. Normally, you enter this key during the initialisation of MAAS. If you don’t have a key associated with either of these services, you will have an opportunity to paste your public key into the MAAS SSH key list, after you’ve started MAAS for the first time as part of the welcome screens.

About the MAAS URL

All run modes (except none) prompt for a MAAS URL, interpreted differently depending on the mode:

  • region: Used to create a new region controller.
  • rack: Used to locate the region controller.

About the shared secret

The ‘rack’ and ‘region+rack’ modes will additionally ask for a shared secret that will allow the new rack controller to register with the region controller.

How to install MAAS

This article will show you:

Note that all headings are hyperlinks for bookmarking.

How to check system requirements for MAAS

Before installing MAAS for the first time, you should make sure that the target system meets the minimum hardware requirements.

How to upgrade from MAAS 2.8 or lower to MAAS 2.9

MAAS 2.8 is the last supported version for Ubuntu 18.04 LTS. Newer versions of MAAS will not be back-portable, and consequently, to upgrade to MAAS 2.9 and all future versions, you will also need to upgrade the base operating system to Ubuntu 20.04. You do these two operations all at once, with the following procedure:

sudo add-apt-repository ppa:maas/2.9

You will get a message similar to this:

 For stable releases of 2.9.x
 More info: https://launchpad.net/~maas/+archive/ubuntu/2.9
Press [ENTER] to continue or Ctrl-c to cancel adding it.

Hit:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Hit:2 http://ppa.launchpad.net/maas/2.8/ubuntu bionic InRelease          
Hit:3 http://archive.ubuntu.com/ubuntu bionic InRelease                  
Hit:4 http://archive.ubuntu.com/ubuntu bionic-updates InRelease                                     
Ign:5 http://ppa.launchpad.net/maas/2.9/ubuntu bionic InRelease          
Hit:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease        
Err:7 http://ppa.launchpad.net/maas/2.9/ubuntu bionic Release                 
  404  Not Found [IP: 91.189.95.85 80]
Reading package lists... Done
E: The repository 'http://ppa.launchpad.net/maas/2.9/ubuntu bionic Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

This message seems to indicate that nothing happened, but, in fact, this command still creates the file:

/etc/apt/sources.list.d/maas-ubuntu-2_9-bionic.list

This file identifies the path to the 2.9 PPA, even though it incorrectly implies there’s a Bionic release there:

deb http://ppa.launchpad.net/maas/2.9/ubuntu bionic main

Still, that’s enough for do-release-upgrade to figure out that there is a 2.9 PPA, and when it checks, it will find a Focal version of MAAS, which it will bring over and install in place of 2.8. It isn’t necessary to stop MAAS or do anything else, except go ahead and run the upgrade:

sudo do-release-upgrade --allow-third-parties

This command will produce a lot of output, ask you a few questions (for which the defaults are usually fine), and eventually ask you to reboot. Once your machine has come back up, you can check whether your upgrade has been successful by entering:

lsb_release -a

If the ugprade was successful, this command should yield output similar to the following:

No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 20.04.1 LTS
Release:	20.04
Codename:	focal

You have now upgraded to the Ubuntu 20.04 LTS base, and if you check your running MAAS install, you should see that the version has been updated to the latest stable 2.9 release.

How to do a fresh install of MAAS 2.9 from packages

The recommended way to set up an initial MAAS environment is to put everything on one machine:

sudo apt-get -y install maas

Executing this command leads you to a list of dependent packages to be installed, and a summary prompt that lets you choose whether to continue with the install:

Choosing “Y” proceeds with a standard apt package install.

Distributed environment

For a more distributed environment, you can place the region controller on one machine:

sudo apt install maas-region-controller

and the rack controller on another:

sudo apt install maas-rack-controller
sudo maas-rack register

These two steps will lead you through two similar apt install sequences.

How to create a MAAS user

You will need to create a MAAS administrator user to access the web UI:

sudo maas createadmin --username=$PROFILE --email=$EMAIL_ADDRESS

$PROFILE is the administrative MAAS username you wish to create. $EMAIL_ADDRESS is an email address you may type in at random (currently, MAAS does not use this email address).

The createadmin option will ask for an SSH key. If you have an SSH key associated with your launchpad or github accounts, you can enter the username here to use the associated key. For launchpad, just enter lp:username, and for github, enter gh:username at the prompt. In both cases, the actual username has to be supplied after the lp: or gh: prefix.

How to check the status of MAAS services

You can check the status of running services with:

sudo maas status

Typically, the output looks something like this:

bind9                            RUNNING   pid 7999, uptime 0:09:17
dhcpd                            STOPPED   Not started
dhcpd6                           STOPPED   Not started
ntp                              RUNNING   pid 8598, uptime 0:05:42
postgresql                       RUNNING   pid 8001, uptime 0:09:17
proxy                            STOPPED   Not started
rackd                            RUNNING   pid 8000, uptime 0:09:17
regiond:regiond-0                RUNNING   pid 8003, uptime 0:09:17
regiond:regiond-1                RUNNING   pid 8008, uptime 0:09:17
regiond:regiond-2                RUNNING   pid 8005, uptime 0:09:17
regiond:regiond-3                RUNNING   pid 8015, uptime 0:09:17
tgt                              RUNNING   pid 8040, uptime 0:09:15

How to re-initialise MAAS

It is also possible to re-initialise MAAS to switch modes. For example, to switch from rack to region:

sudo maas init region

How to list additional MAAS initialisation options

The init command can takes optional arguments. To list them, as well as read a brief description of each, you can enter:

sudo maas init --help

How to configure MAAS

Once you’ve successfully installed MAAS (regardless of method), you can login to the MAAS CLI via the following process. First, generate the API-key for the user you’re going to employing:

sudo maas apikey --username=$PROFILE > api-key-file

Replace $PROFILE with whatever username you set during the createadmin part of the install process. Next, login with the following command:

maas login $PROFILE $MAAS_URL < api-key-file

Substitute $MAAS_URL with the URL that was returned to you when you initialised MAAS, for example, 192.168.43.251:5240/MAAS. Remember that, once you’ve logged in, you can get extensive CLI help with the command:

maas admin --help

Sample output is shown in the detail section below.

MAAS CLI help, sample output usage: maas admin [-h] COMMAND ...

Issue commands to the MAAS region controller at http://192.168.43.251:5240/MAAS/api/2.0/.

optional arguments:
-h, --help show this help message and exit

drill down:
COMMAND
account Manage the current logged-in user.
bcache-cache-set Manage bcache cache set on a machine.
bcache-cache-sets Manage bcache cache sets on a machine.
bcache Manage bcache device on a machine.
bcaches Manage bcache devices on a machine.
block-device Manage a block device on a machine.
block-devices Manage block devices on a machine.
boot-resource Manage a boot resource.
boot-resources Manage the boot resources.
boot-source Manage a boot source.
boot-source-selection
Manage a boot source selection.
boot-source-selections
Manage the collection of boot source selections.
boot-sources Manage the collection of boot sources.
commissioning-script
Manage a custom commissioning script.
commissioning-scripts
Manage custom commissioning scripts.
dhcpsnippet Manage an individual DHCP snippet.
dhcpsnippets Manage the collection of all DHCP snippets in MAAS.
dnsresource Manage dnsresource.
dnsresource-record Manage dnsresourcerecord.
dnsresource-records
Manage DNS resource records (e.g. CNAME, MX, NS, SRV,
TXT)
dnsresources Manage dnsresources.
device Manage an individual device.
devices Manage the collection of all the devices in the MAAS.
discoveries Query observed discoveries.
discovery Read or delete an observed discovery.
domain Manage domain.
domains Manage domains.
events Retrieve filtered node events.
fabric Manage fabric.
fabrics Manage fabrics.
fan-network Manage Fan Network.
fan-networks Manage Fan Networks.
file Manage a FileStorage object.
files Manage the collection of all the files in this MAAS.
ipaddresses Manage IP addresses allocated by MAAS.
iprange Manage IP range.
ipranges Manage IP ranges.
interface Manage a node’s or device’s interface.
interfaces Manage interfaces on a node.
license-key Manage a license key.
license-keys Manage the license keys.
maas Manage the MAAS server.
machine Manage an individual machine.
machines Manage the collection of all the machines in the MAAS.
network Manage a network.
networks Manage the networks.
node Manage an individual Node.
node-results Read the collection of commissioning script results.
node-script Manage or view a custom script.
node-script-result Manage node script results.
node-script-results
Manage node script results.
node-scripts Manage custom scripts.
nodes Manage the collection of all the nodes in the MAAS.
notification Manage an individual notification.
notifications Manage the collection of all the notifications in
MAAS.
package-repositories
Manage the collection of all Package Repositories in
MAAS.
package-repository Manage an individual package repository.
partition Manage partition on a block device.
partitions Manage partitions on a block device.
pod Manage an individual pod.
pods Manage the collection of all the pod in the MAAS.
rack-controller Manage an individual rack controller.
rack-controllers Manage the collection of all rack controllers in MAAS.
raid Manage a specific RAID (Redundant Array of Independent
Disks) on a machine.
raids Manage all RAIDs (Redundant Array of Independent
Disks) on a machine.
region-controller Manage an individual region controller.
region-controllers Manage the collection of all region controllers in
MAAS.
resource-pool Manage a resource pool.
resource-pools Manage resource pools.
sshkey Manage an SSH key.
sshkeys Manage the collection of all the SSH keys in this
MAAS.
sslkey Manage an SSL key.
sslkeys Operations on multiple keys.
space Manage space.
spaces Manage spaces.
static-route Manage static route.
static-routes Manage static routes.
subnet Manage subnet.
subnets Manage subnets.
tag Tags are properties that can be associated with a Node
and serve as criteria for selecting and allocating
nodes.
tags Manage all tags known to MAAS.
user Manage a user account.
users Manage the user accounts of this MAAS.
version Information about this MAAS instance.
vlan Manage a VLAN on a fabric.
vlans Manage VLANs on a fabric.
vm-host Manage an individual vm-host.
vm-hosts Manage the collection of all the vm-hosts in the MAAS.
vmfs-datastore Manage VMFS datastore on a machine.
vmfs-datastores Manage VMFS datastores on a machine.
volume-group Manage volume group on a machine.
volume-groups Manage volume groups on a machine.
zone Manage a physical zone.
zones Manage physical zones.

This is a profile. Any commands you issue on this profile will
operate on the MAAS region server.

The command information you see here comes from the region server’s
API; it may differ for different profiles. If you believe the API may
have changed, use the command’s ‘refresh’ sub-command to fetch the
latest version of this help information from the server.

Configuration

Configuring MAAS consists of four broad steps:

  1. Setting upstream DNS
  2. Importing an SSH key for your admin user
  3. Importing images
  4. Configuring DNS

This section will cover those four operations

How to set upstream DNS

After logging in for the first time, you will need to set a number of system-wide configuration options. First up, you should configure DNS. You can check out the help for DNS settings, known in the CLI as a “DNS forwarder”:

maas $PROFILE maas set-config name=upstream_dns value="8.8.8.8"

Here, we’ve set the DNS forwarder to “8.8.8.8” (Google), which is a reliable value.

How to set up SSH for the admin user

To add a public SSH key to a MAAS user account, type the following command:

maas $PROFILE sshkeys create "key=$SSH_KEY"

How to import images

Before going any further, it’s worthwhile to start the image import, as it can sometimes take a few minutes. You can see what images you already have downloaded with this command:

maas $PROFILE boot-resources read | jq -r '.[] | "\(.name)\t\(.architecture)"'

This command will return a list similar to the following:

grub-efi-signed/uefi        amd64/generic
grub-efi/uefi           arm64/generic
grub-ieee1275/open-firmware ppc64el/generic
pxelinux/pxe            i386/generic
ubuntu/bionic           amd64/ga-18.04
ubuntu/bionic           amd64/ga-18.04-lowlatency
ubuntu/bionic           amd64/hwe-18.04
ubuntu/bionic           amd64/hwe-18.04-edge
ubuntu/bionic           amd64/hwe-18.04-lowlatency
ubuntu/bionic           amd64/hwe-18.04-lowlatency-edge

Suppose you also want a version called “Trusty” – you can import a new image by first selecting it for download, like this:

maas $PROFILE boot-source-selections create 1 \ > os="ubuntu" release="trusty" arches="amd64" subarches="*" \ > labels="*"

which returns some JSON confirming your action:

Success.
Machine-readable output follows:
{
    "os": "ubuntu",
    "release": "trusty",
    "arches": [
        "amd64"
    ],
    "subarches": [
        "*"
    ],
    "labels": [
        "*"
    ],
    "boot_source_id": 1,
    "id": 2,
    "resource_uri": "/MAAS/api/2.0/boot-sources/1/selections/2/"
}

Once selected, you can start the image import with this command:

maas admin boot-resources import

which offers a shorter confirmation message:

Success.
Machine-readable output follows:
Import of boot resources started

How to enable DHCP

Once your image has been imported, you’ll want to get DHCP working, which means finding the untagged VLAN. In truth, it shouldn’t be too hard, because at this point, there still should only be one.

In order to turn on DHCP, you need to know two things besides the VLAN name (“untagged”): the fabric ID and the primary rack controller name. To start, all the fabrics will be on the same untagged VLAN, so any fabric will do. You can find a valid fabric ID by reading it from any subnet, so just pick one (e.g., 192.168.123.0/24) and find a usable fabric ID like this:

maas $PROFILE subnet read $SUBNET_CIDR | grep fabric_id

which returns (in this example):

"fabric_id": $FABRIC_ID,

Next, find the name of the primary rack controller. It’s usually fairly obvious, but for purposes of argument, assume that it’s not known. You can get it this way:

maas $PROFILE rack-controllers read | grep hostname | cut -d '"' -f 4

This returns a hostname, which we’ll call:

$RACK_CONTR_HOSTNAME

Finally, you need to create an IP range for DHCP, in this case, a dynamic range:

maas $PROFILE ipranges create type=dynamic start_ip=$START_IP end_ip=$END_IP

This command returns something similar to this sample output:

Success.
Machine-readable output follows:
{
    "subnet": {
        "name": "192.168.123.0/24",
        "description": "",
        "vlan": {
            "vid": 0,
            "mtu": 1500,
            "dhcp_on": false,
            "external_dhcp": null,
            "relay_vlan": null,
            "fabric": "fabric-2",
            "primary_rack": null,
            "name": "untagged",
            "id": 5003,
            "space": "undefined",
            "secondary_rack": null,
            "fabric_id": 2,
            "resource_uri": "/MAAS/api/2.0/vlans/5003/"
        },
        "cidr": "192.168.123.0/24",
        "rdns_mode": 2,
        "gateway_ip": null,
        "dns_servers": [],
        "allow_dns": true,
        "allow_proxy": true,
        "active_discovery": false,
        "managed": true,
        "id": 4,
        "space": "undefined",
        "resource_uri": "/MAAS/api/2.0/subnets/4/"
    },
    "type": "dynamic",
    "start_ip": "192.168.123.190",
    "end_ip": "192.168.123.253",
    "user": {
        "is_superuser": true,
        "username": "admin",
        "email": "admin@admin.com",
        "is_local": true,
        "resource_uri": "/MAAS/api/2.0/users/admin/"
    },
    "comment": "",
    "id": 1,
    "resource_uri": "/MAAS/api/2.0/ipranges/1/"
}

So you should now be able to turn on DHCP like this:

maas $PROFILE vlan update $FABRIC_ID untagged dhcp_on=True primary_rack=$RACK_CONTR_HOSTNAME

If you’ve done everything correctly, you should see JSON output similar to this sample:

Success.
Machine-readable output follows:
{
    "vid": 0,
    "mtu": 1500,
    "dhcp_on": true,
    "external_dhcp": null,
    "relay_vlan": null,
    "fabric": "fabric-2",
    "space": "undefined",
    "primary_rack": "8dwnne",
    "secondary_rack": null,
    "name": "untagged",
    "fabric_id": 2,
    "id": 5003,
    "resource_uri": "/MAAS/api/2.0/vlans/5003/"
}

Last updated 22 days ago.