README.rst

=====
Usage
=====

Metal as a Service

Sample pillars
==============

Single maas service:

.. code-block:: yaml

    maas:
      server:
        enabled: true

Single MAAS region service [single UI/API]:

.. code-block:: yaml

  maas:
    salt_master_ip: 192.168.0.10
    region:
      upstream_proxy:
        address: 10.0.0.1
        port: 8080
        user: username      #OPTIONAL
        password: password  #OPTIONAL
      theme: mirantis
      bind:
        host: 192.168.0.10:5240
        port: 5240
      admin:
        username: exampleuser
        password: examplepassword
        email:  email@example.com
      database:
        engine: null
        host: localhost
        name: maasdb
        password: qwqwqw
        username: maas
      enabled: true
      user: mirantis
      token: "89EgtWkX45ddjMYpuL:SqVjxFG87Dr6kVf4Wp:5WLfbUgmm9XQtJxm3V2LUUy7bpCmqmnk"
      fabrics:
        fabric1:
          name: 'tf2'
          description: "Test fabric"
        fabric2:
          name: 'tf2'
          description: "Test fabric2"
        deploy_network:
          name: 'deploy_network'
          description: Fabric for deploy_network
          vlans:
            0:
              name: 'vlan 0'
              description: Deploy VLAN
              mtu: 1500
              dhcp: true
              # FIXME: after refactoring domain module, it should be
              # fixed exactly for FQDN, not only 'hostname'
              primary_rack: "${linux:network:hostname}"

      subnets:
        subnet1:
          fabric: ${maas:region:fabrics:deploy_network:name}
          cidr: 2.2.3.0/24
          gateway_ip: 2.2.3.2
          vlan: 150
          ipranges:
            1:
              end: "2.2.3.40"
              start: "2.2.3.20"
              type: dynamic
            2:
              end: "2.2.3.250"
              start: "2.2.3.45"
              type: reserved
      dhcp_snippets:
        test-snippet:
          value: option bootfile-name "tftp://192.168.0.10/snippet";
          description: Test snippet
          enabled: true
          subnet: subnet1
      boot_sources_delete_all_others: true
      boot_sources:
        resources_mirror:
          url: http://images.maas.io/ephemeral-v3/
          keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
      boot_sources_selections:
        xenial:
          url: "http://images.maas.io/ephemeral-v3/" # should be same in boot_sources, or other already defined.
          os: "ubuntu"
          release: "xenial"
          arches: "amd64"
          subarches: '"*"'
          labels: '"*"'
      package_repositories:
        Saltstack:
          url: http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3/
          distributions:
               - trusty
          components:
              - main
          arches: amd64
          key: "-----BEGIN PGP PUBLIC KEY BLOCK-----
               Version: GnuPG v2

               mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9
                ......
               fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS
               MA==
               =dtMN
               -----END PGP PUBLIC KEY BLOCK-----"
          enabled: true
      machines:
        machine1_new_schema:
          pxe_interface_mac: "11:22:33:44:55:66" # Node will be identified by those mac
          interfaces:
            nic01: # could be any, used for iterate only
              type: eth # NotImplemented
              name: eth0 # Override default nic name. Interface to rename will be identified by mac
              mac: "11:22:33:44:55:66"
              mode: "static"
              ip: "2.2.3.19"  # ip should be out of reserved subnet range, but still in subnet range
              subnet: "subnet1"
              gateway: "2.2.3.2" # override default gateway from subnet
            nic02:
              type: eth # Not-implemented
              mac: "11:22:33:44:55:78"
              subnet: "subnet2"
              mode: "dhcp"
          power_parameters:
            power_type: ipmi
            power_address: '192.168.10.10'
            power_user: bmc_user
            # power_password: bmc_password  # Old format,please use new one
            power_pass: bmc_password
            #Optional (for legacy HW)
            power_driver: LAN
          distro_series: xenial
          hwe_kernel: hwe-16.04
        machine1_old_schema:
          interface:
              mac: "11:22:33:44:55:88"  # Node will be identified by those mac
              mode: "static"
              ip: "2.2.3.15"
              subnet: "subnet1"
              gateway: "2.2.3.2"
          power_parameters:
            power_type: ipmi
            power_address: '192.168.10.10'
            power_user: bmc_user
            # power_password: bmc_password  # Old format,please use new one
            power_pass: bmc_password
            #Optional (for legacy HW)
            power_driver: LAN
          distro_series: xenial
          hwe_kernel: hwe-16.04
        virsh_example:
          pxe_interface_mac: "52:54:00:00:01:01"
          interfaces:
            nic01:
              type: eth
              name: eth0
              mac: "52:54:00:00:01:01"
              subnet: "${maas:region:subnets:deploy_network:name}"
              mode: "dhcp"
          power_parameters:
            power_type: virsh
            power_address: "qemu+tcp://my-kvm-node-hostname/system"
            power_id: "kvm01-pxe01"
      devices:
        machine1-ipmi:
          interface:
            ip_address: 192.168.10.10
            subnet: cidr:192.168.10.0/24
          mac: '66:55:44:33:22:11'
      commissioning_scripts:
        00-maas-05-simplify-network-interfaces: /etc/maas/files/commisioning_scripts/00-maas-05-simplify-network-interfaces
      maas_config:
        # domain: mydomain.local # This function broken
        http_proxy: http://192.168.0.10:3142
        commissioning_distro_series: xenial
        default_distro_series: xenial
        default_osystem: 'ubuntu'
        default_storage_layout: lvm
        disk_erase_with_secure_erase: true
        dnssec_validation: 'no'
        enable_third_party_drivers: true
        maas_name: cfg01
        network_discovery: 'enabled'
        active_discovery_interval: '600'
        ntp_external_only: true
        ntp_servers: 10.10.11.23 10.10.11.24
        upstream_dns: 192.168.12.13
        enable_http_proxy: true
        default_min_hwe_kernel: ''
       sshprefs:
        - 'ssh-rsa ASD.........dfsadf blah@blah'

Update VLAN:

.. note:: Vid 0 has default name untagged in the MaaS UI.

.. code-block:: yaml

  maas:
    region:
      fabrics:
        test-fabric:
          description: "Test fabric"
          vlan:
            0:
              description: "Your VLAN 0"
              dhcp: True
            13:
              description: "Your VLAN 13"
              dhcp: False

Create disk schema per machine via ``maas/client.sls`` with
default lvm schema + default values.

.. note:: This should be used mostly for custom root
          partitioning and RAID configuration. For
          not-root partitions, use ``salt-formula-linux``.

.. code-block:: yaml

  maas:
    region:
      machines:
        server1:
          disk_layout:
            type: lvm
            root_size: 20G
            root_device: vda
            volume_group: vg1
            volume_name: root
            volume_size: 8
            bootable_device: vda

FLAT layout with custom root size:

.. code-block:: yaml

  maas:
    region:
      machines:
        server2:
          disk_layout:
            type: flat
            root_size: 20
            physical_device: vda
            bootable_device: vda

Size specification with ``%`` char used is not yet supported.

.. code-block:: yaml

  maas:
    region:
      machines:
        server3:
          disk_layout:
            type: flat
            bootable_device: sda
            disk:
              sda:
                type: physical
                partition_schema:
                  part1:
                    size: 100%
                    type: ext4
                    mount: '/'

Define more complex layout:

.. code-block:: yaml

  maas:
    region:
      machines:
        server3:
          disk_layout:
            type: custom
            bootable_device: vda
            disk:
              vda:
                type: physical
                partition_schema:
                  part1:
                    size: 10G
                    type: ext4
                    mount: '/'
                  part2:
                    size: 2G
                    mount: '/var/tmp'
                    mount_options: defaults,nodev,noexec,nosuid
                  part3:
                    size: 3G
              vdc:
                type: physical
                partition_schema:
                  part1:
                    size: 100G
              vdd:
                type: physical
                partition_schema:
                  part1:
                    size: 100G
              raid0:
                type: raid
                level: 10
                devices:
                  - vde
                  - vdf
                partition_schema:
                  part1:
                    size: 10G
                  part2:
                    size: 2G
                  part3:
                    size: 3G
              raid1:
                type: raid
                level: 1
                partitions:
                  - vdc-part1
                  - vdd-part1
              volume_group2:
                type: lvm
                devices:
                  - raid1
                volume:
                  tmp:
                    size: 5G
                    type: ext4
                    mount: '/tmp'
                    mount_options: defaults,nodev,noexec,nosuid
                  log:
                    size: 7G
                    type: ext4
                    mount: '/var/log'

Raid setup, 4x HDD:

.. code-block:: yaml

  maas:
    region:
      machines:
        serverWithRaidExample:
          disk_layout:
            type: custom
            bootable_device: sda
            disk:
              md0:
                type: raid
                level: 1
                devices:
                  - sda
                  - sdb
                partition_schema:
                  part1:
                    size: 230G
                    type: ext4
                    mount: /
              md1:
                type: raid
                level: 1
                devices:
                  - sdc
                  - sdd
                partition_schema:
                  part1:
                    size: 1890G
                    type: ext4
                    mount: /var/lib/libvirt

Raid + LVM setup, 2xSSD + 2xHDD:

.. note:: This setup lacks the ability run state twice,
          as of now when ``disk_partition_present`` is called,
          it tries blindly to delete the partition and then
          recreated. That fails as MAAS rejects remove
          partition used in RAID/LVM.

.. code-block:: yaml

  maas:
    region:
      machines:
        serverWithRaidExample2:
          disk_layout:
            type: custom
            #bootable_device: vgssd-root
            disk:
              sda: &maas_disk_physical_ssd
                type: physical
                partition_schema:
                  part1:
                    size: 239G
              sdb: *maas_disk_physical_ssd
              sdc: &maas_disk_physical_hdd
                type: physical
                partition_schema:
                  part1:
                    size: 1990G
              sdd: *maas_disk_physical_hdd
              md0:
                type: raid
                level: 1
                partitions:
                  - sda-part1
                  - sdb-part1
              md1:
                type: raid
                level: 1
                partitions:
                  - sdc-part1
                  - sdd-part1
              vgssd:
                type: lvm
                devices:
                  - md0
                volume:
                  root:
                    size: 230G
                    type: ext4
                    mount: '/'
              vghdd:
                type: lvm
                devices:
                  - md1
                volume:
                  libvirt:
                    size: 1800G
                    type: ext4
                    mount: '/var/lib/libvirt'


LVM setup using partition


.. code-block:: yaml


  maas:
    region:
      machines:
        serverWithLvmExample3:
          disk_layout:
            type: custom
            bootable_device: sda
            disk:
              sda:
                type: physical
                partition_schema:
                  part1:
                    size: 50G
                  part2:
                    mount: /var/lib/libvirt/images/
                    size: 10G
                    type: ext4
              vg0:
                partitions:
                  - sda-part1
                type: lvm
                volume:
                  root:
                    mount: /
                    size: 40G
                    type: ext4


Setup image mirror (Maas boot resources):

.. code-block:: yaml

  maas:
    mirror:
      enabled: true
      image:
        sections:
          bootloaders:
            keyring: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
            upstream: http://images.maas.io/ephemeral-v3/daily/
            local_dir: /var/www/html/maas/images/ephemeral-v3/daily
            count: 1
            # i386 need for pxe
            filters: ['arch~(i386|amd64)', 'os~(grub*|pxelinux)']
          xenial:
            keyring: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
            upstream: http://images.maas.io/ephemeral-v3/daily/
            local_dir: /var/www/html/maas/images/ephemeral-v3/daily
            count: 1
            filters: ['release~(xenial)', 'arch~(amd64)', 'subarch~(generic|hwe-16.04$|ga-16.04)']
          count: 1

Usage of local deb repos and curtin-based variables.

Dict of variables ``curtin_vars:amd64:xenial: `` format, which will be passed only to:
``/etc/maas/preseeds/curtin_userdata_amd64_generic_xenial`` accordingly.


.. code-block:: yaml

  maas:
    cluster:
      enabled: true
      region:
        port: 80
        host: localhost
      saltstack_repo_key: |
        -----BEGIN PGP PUBLIC KEY BLOCK-----
        Version: GnuPG v2

        mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9
        .....
        fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS
        MA==
        =dtMN
        -----END PGP PUBLIC KEY BLOCK-----
      saltstack_repo_xenial: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-xenial stable salt"
      saltstack_repo_trusty: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-trusty stable salt"
      curtin_vars:
        amd64:
          xenial:
            # List of packages, to be installed directly in curtin stage.
            extra_pkgs:
              enabled: true
              pkgs: [ "linux-headers-generic-hwe-16.04", "linux-image-extra-virtual-hwe-16.04" ]
            # exact kernel pkgs name, to be passed into curtin stage.
            kernel_package:
              enabled: true
              value 'linux-image-virtual-hwe-16.04'

Single MAAS cluster service [multiple racks]

.. code-block:: yaml

    maas:
      cluster:
        enabled: true
        role: master/slave

.. code-block:: yaml

    maas:
      cluster:
        enabled: true
        role: master/slave

MAAS region service with backup data:

.. code-block:: yaml

    maas:
      region:
        database:
          initial_data:
            source: cfg01.local
            host: 192.168.0.11

MAAS service power_parameters defintion with OpenStack Nova power_type:

.. code-block:: yaml

    maas:
      region:
        machines:
          cmp1:
            power_type: nova
            power_parameters: # old style, deprecated
              power_nova_id: hostuuid
              power_os_tenantname: tenant
              power_os_username: user
              power_os_password: password
              power_os_authurl: http://url


.. code-block:: yaml

    maas:
      region:
        machines:
          cmp1:
            power_type: nova
            power_parameters: # new style
              nova_id: hostuuid
              os_tenantname: tenant
              os_username: user
              os_password: password
              os_authurl: http://url


Ext pillar from MAAS address pool:
==================================

Set up salt master:

.. code-block:: yaml

    salt:
      master:
        ext_pillars:
          1:
            module: cmd_json
            params: /usr/share/salt-formulas/env/_modules/maas-IPAM.py --address_pool ${salt:master:pillar:data_dir}/classes/cluster/${_param:cluster_name}/infra/address_pool.yml

.. code-block:: bash

    salt-call state.apply salt.master
    salt '*' saltutil.refresh_pillar

Update infra/address_pool.yml:

.. code-block:: yaml

    parameters:
      address_pool:
        external:
          dns_server01: 8.8.8.8
          dns_server02: 8.8.4.4
          upstream_ntp_server: 193.27.208.100
          remote_rsyslog_host: 127.0.0.3
        deploy_network:
          address: 192.168.0.0
          netmask: 255.255.255.0
          gateway: 192.168.0.1
          prefix: 24
          vlan: 0
          # Static reservation which interfere with maas reserve pool
          reserved:
            cmp001_deploy_address: 192.168.0.101
            cmp002_deploy_address: 192.168.0.102
            infra_config_deploy_address: 192.168.0.253
            infra_kvm_node01_deploy_address: 192.168.0.241
            infra_kvm_node02_deploy_address: 192.168.0.242
            infra_kvm_node03_deploy_address: 192.168.0.243
            infra_kvm_node04_deploy_address: 192.168.0.244
            infra_kvm_node05_deploy_address: 192.168.0.245
            infra_kvm_node06_deploy_address: 192.168.0.246
            ldap_ip_address: 192.168.0.249
          pool:
            # Static reservation out of maas reserved pool
            aptly_server_deploy_address: 192.168.0.252
            # Dynamic serialization
            cicd_control_node01_deploy_address: dummy
            cicd_control_node02_deploy_address: dummy
            cicd_control_node03_deploy_address: dummy
            # Release IP address
            openstack_share_node02_proxy_address: ""
      cluster_networks:
        deploy_network:
          name: 'deploy_network'
          cidr: ${address_pool:deploy_network:address}/${address_pool:deploy_network:prefix}
          fabric: deploy_fabric
          vlan: ${address_pool:deploy_network:vlan}
          gateway_ip: ${address_pool:deploy_network:gateway}
          ipranges:
            1:
              start: 192.168.0.30
              end: 192.168.0.80
              type: dynamic
              comment: 'dynamic range'
            2:
              start: 192.168.0.1
              end: 192.168.0.29
              type: reserved
              comment: 'infra reserve'
        control_network:
          name: 'control_network'
          cidr: ${address_pool:control_network:address}/${address_pool:control_network:prefix}
          fabric: control_fabric
          vlan: ${address_pool:control_network:vlan}
          gateway_ip: ${address_pool:control_network:address}


Update maas.yml:

.. code-block:: yaml

      maas:
        region:
          fabrics:
            deploy_fabric:
              name: ${cluster_networks:deploy_network:fabric}
              description: 'Fabric for deploy_network'
              vlans:
                0:
                  name: 'lan 0'
                  description: Deploy VLAN
                  dhcp: true
                  primary_rack: "${linux:network:hostname}"
            control_fabric:
              name: 'control_fabric'
              description: 'Fabric for control_network'
              vlans:
                0:
                  name: ${cluster_networks:control_network:fabric}
                  description: Control VLAN
                  dhcp: false
                  primary_rack: "${linux:network:hostname}"
            mesh_fabric:
              name: ${cluster_networks:mesh_network:fabric}
              description: 'Fabric for mesh_network'
              vlans:
                0:
                  name: 'mesh_network'
                  description: Mesh VLAN
                  dhcp: false
                  primary_rack: "${linux:network:hostname}"
          subnets:
            deploy_network: ${cluster_networks:deploy_network}
            control_network: ${cluster_networks:control_network}
            mesh_network: ${cluster_networks:mesh_network}
            proxy_network: ${cluster_networks:proxy_network}


Populate maas with networks:

.. code-block:: bash

    salt-call state.apply maas.region

Serialize ip addresses using maas network pools:

.. code-block:: bash

    salt-call maasng.sync_address_pool

Verify pillar override works:

.. code-block:: bash

    salt-call pillar.get address_pool:deploy_network:pool:openstack_share_node02_deploy_address

    # Sample output:
    # local:
    #     192.168.0.81


Test pillars
==============

Mind the PostgreSQL and rsyslog ``.sls``. Database and
syslog service are required for MAAS to properly install
and work.

* https://gerrit.mcp.mirantis.com/salt-formulas/rsyslog/tree/master/tests/pillar


Module function's example:
==========================

Wait for status of selected machine's:

.. code-block:: bash

    > cat maas/machines/wait_for_machines_ready.sls

    ...

    wait_for_machines_ready:
      module.run:
      - name: maas.wait_for_machine_status
      - kwargs:
            machines:
              - kvm01
              - kvm02
            timeout: {{ region.timeout.ready }}
            attempts: {{ region.timeout.attempts }}
            req_status: "Ready"
      - require:
        - cmd: maas_login_admin
      ...

The timeout setting is taken from the reclass pillar data.
If the pillar data is not defined, it will use the default value.

If module run w/\o any extra paremeters,
``wait_for_machines_ready`` will wait for defined in salt
machines. In this case, it is usefull to skip some machines:

.. code-block:: bash

    > cat maas/machines/wait_for_machines_deployed.sls

    ...

    wait_for_machines_ready:
      module.run:
      - name: maas.wait_for_machine_status
      - kwargs:
            timeout: {{ region.timeout.deployed }}
            attempts: {{ region.timeout.attempts }}
            req_status: "Deployed"
            ignore_machines:
               - kvm01 # in case it's broken or whatever
      - require:
        - cmd: maas_login_admin
      ...

It is also possible to skip all the machines which are already in
the "Deployed" state. This is especially useful when you are adding
new nodes and you don't want to check the already deployed ones.
This can be enabled by setting in the ``ignore_deployed_machines``
parameter to ``true`` in reclass.

.. code-block:: bash

    ...

    maas:
      region:
        ignore_deployed_machines: true
      ...

List of available ``req_status`` defined in global variable:

.. code-block:: python

    STATUS_NAME_DICT = dict([
        (0, 'New'), (1, 'Commissioning'), (2, 'Failed commissioning'),
        (3, 'Missing'), (4, 'Ready'), (5, 'Reserved'), (10, 'Allocated'),
        (9, 'Deploying'), (6, 'Deployed'), (7, 'Retired'), (8, 'Broken'),
        (11, 'Failed deployment'), (12, 'Releasing'),
        (13, 'Releasing failed'), (14, 'Disk erasing'),
        (15, 'Failed disk erasing')])

Read more
=========

* https://maas.io/