Category Archives: Software

Running Ironic Standalone on RHEL

Posted on by
Reply

This is only going to work if you have access to the OpenStack code. If you are not an OpenStack customer, you are going to need an evaluation entitlement. That is beyond the scope of this article.

For me, I had to enable the repo openstack-16-for-rhel-8-x86_64-rpms. With that enabled I was able to install via yum:

yum install openstack-ironic-api mariadb-server python3-openstackclient python3-ironicclient openstack-ironic-conductor

Set up Maria DB

systemctl enable mariadb 
Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
[root@nuzleaf ~]# systemctl start mariadb 
mysql -u root 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.3.17-MariaDB MariaDB Server
 
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database ironic;
Query OK, 1 row affected (0.001 sec)
 
MariaDB [(none)]> CREATE USER 'ironic'@'localhost' IDENTIFIED BY 'ironic';
Query OK, 0 rows affected (0.001 sec)
 
MariaDB [(none)]> GRANT ALL PRIVILEGES ON ironic.* TO 'ironic'@'localhost';
Query OK, 0 rows affected (0.001 sec)
 
MariaDB [(none)]> \q
Bye

Make sure I can log in as the ironic user

mysql ironic -u ironic -p

Back up the config file:

cp /etc/ironic/ironic.conf /etc/ironic/ironic.conf.orig

I’ll use these values:

auth_strategy = noauth
enabled_hardware_types = ipmi
enabled_power_interfaces = ipmitool
connection=mysql+pymysql://ironic:ironic@localhost/ironic
rpc_transport = json-rpc

Now let me see if I can sync the database:

ironic-dbsync 
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade  -> 2581ebaf0cb2, initial migration
INFO  [alembic.runtime.migration] Running upgrade 2581ebaf0cb2 -> 21b331f883ef, Add provision_updated_at
...
 
INFO  [alembic.runtime.migration] Running upgrade 28c44432c9c3 -> 2aac7e0872f6, Create deploy_templates and deploy_template_steps tables.
INFO  [alembic.runtime.migration] Running upgrade 2aac7e0872f6 -> 1e15e7122cc9, add extra column to deploy_templates

Seemed to work. Let’s start conductor:

systemctl status openstack-ironic-conductor
# systemctl status openstack-ironic-conductor
● openstack-ironic-conductor.service - OpenStack Ironic Conductor service
   Loaded: loaded (/usr/lib/systemd/system/openstack-ironic-conductor.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-10-15 17:11:36 EDT; 1s ago
 Main PID: 491085 (ironic-conducto)
    Tasks: 1 (limit: 99656)
   Memory: 40.0M
   CGroup: /system.slice/openstack-ironic-conductor.service
           └─491085 /usr/bin/python3 /usr/bin/ironic-conductor
 
Oct 15 17:11:36 nuzleaf.home.younglogic.net systemd[1]: Started OpenStack Ironic Conductor service.

So far so good.

The API server is going to be an interesting piece. For a first run, I’ll try the command line version I ran on the upstream. However, my longer term approach will be to run it as a wsgi App behind the Apache server that is already running on this host.

Run the API server in one terminal

ironic-api

and open up a second one to try to hit it with curl.

$ curl http://127.0.0.1:6385
{"name": "OpenStack Ironic API", "description": "Ironic is an OpenStack project which aims to provision baremetal machines.", "versions": [{"id": "v1", "links": [{"href": "http://127.0.0.1:6385/v1/", "rel": "self"}], "status": "CURRENT", "version": "1.58", "min_version": "1.1"}], "default_version": {"id": "v1", "links": [{"href": "http://127.0.0.1:6385/v1/", "rel": "self"}], "status": "CURRENT", "version": "1.58", "min_version": "1.1"}}

Excellent. let’s try the command line. The python3-ironicclient RPM does not ship the baremetal executable, but using the openstack common client, we can see all of the baremetal sub-commands. To list the drivers and the nodes, we can use the following.

openstack baremetal driver list
+---------------------+-----------------------------+
| Supported driver(s) | Active host(s)              |
+---------------------+-----------------------------+
| ipmi                | nuzleaf.home.younglogic.net |
+---------------------+-----------------------------+
$ openstack baremetal node list

Edit: Next up was going to be configuring Apache to run the Ironic API as a WSGI App, but I decided to use the systemd files to enable and run Ironic for the time being. Here’s all the commands together.

systemctl start mariadb 
systemctl start openstack-ironic-conductor
systemctl start openstack-ironic-api
systemctl enable mariadb 
systemctl enable openstack-ironic-conductor
systemctl enable openstack-ironic-api

Edit 2: Seems I am having trouble connecting. I’m back to running the API from the command line. More to come.

Introduction to Ironic

Posted on by
Reply

“I can do any thing. I can’t do everything.”

The sheer number of projects and problem domains covered by OpenStack was overwhelming. I never learned several of the other projects under the big tent. One project that is getting relevant to my day job is Ironic, the bare metal provisioning service. Here are my notes from spelunking the code.

Continue reading

Recovering Audio off an Old Tape Using Audacity

Posted on by
Reply

One of my friends wrote a bunch of music back in high school. The only remaining recordings are on a cassette tape that he produced. Time has not been kind to the recordings, but they are audible…barely. He has a device that produces MP3s from the tape. My job has been to try and get them so that we can understand them well enough to recover the original songs.

I have the combined recording on a single MP3. I’ve gone through and noted the times where each song starts and stops. I am going to go through the steps I’ve been using to go from that single long MP3 to an individual recording.

Continue reading

DHCP Lease Design

Posted on by
Reply

The key piece of persisted data in an DHCP server is the lease. A lease is a the mapping between a MAC address and an IP address, limited in time. A Lease typically has a start time and an end time, but can be renewed. Because I am still living in an IPV4 world, I have to deal with arbitrarily small pools of IP addresses. Thus, the design needs to strike the balance between static and dynamic: a machine should generally get back the same IP address each time. However, if addresses get tight, address reuse should be aggressive.

Continue reading

Extract Function Refactoring using inline functions.

Posted on by
Reply

The Extract Function refactoring is the starting point for much of my code clean up. Once a “Main” function gets sufficiently complicated, I pull pieces of it out into their own functions, often with an eye to making them methods of the involved classes.

While working with some rust code, I encountered an opportunity to execute this refactoring on some logging code. Here’s how I executed it.

Continue reading

Podman login to a secured registry

Posted on by
1

I took the container registry I ran via podman and put it behind an Apache HTTPD instance secured with mod_ssl. Now when I try to log in to it, I get:

error authenticating creds for “nuzleaf.home.younglogic.net”: error pinging docker registry nuzleaf.home.younglogic.net: invalid status code from registry 403 (Forbidden)

Here’s my debugging notes.

Continue reading