Basic Usage¶
The configuration module is controlled via onecfg
CLI tool. This section covers subcommands provided by the tool:
- status - Versions status
- init - Initialize version management state
- validate - Validate current configuration files
- diff - Identify changes in configuration files
- upgrade - Upgrade configuration files to a new version
Important
This command must be always run under privileged user root
directly or via sudo
. For example:
sudo onecfg status
The tool comes with help for each subcommand and command-line option. Simple run without any parameter or a run with the parameter --help
prints the brief documentation (e.g., onecfg status --help
).
Status¶
The status
subcommand provides an overview of the OpenNebula installation. It shows:
- Current OpenNebula version.
- Current configuration files version.
- Backup from previous OpenNebula version to process.
- Available updates with the corresponding migrators.
Note
If status subcommand fails on an unknown configuration version, check the section about init subcommand below.
Example:
onecfg status
--- Versions -----------------
OpenNebula: 5.10.1
Config: 5.6.0
--- Backup to Process ---------------------
Snapshot: /var/lib/one/backups/config/backup
(will be used as one-shot source for next update)
--- Available updates --------
New config: 5.10.0
- from 5.6.0 to 5.8.0 (YAML,Ruby)
- from 5.8.0 to 5.10.0 (YAML,Ruby)
Important
OpenNebula version and Configuration version are tracked independently, but both versions are closely related and must be from the same X.Y release (i.e., OpenNebula 5.10.Z must have a configuration on version 5.10.Z). Minor configuration releases X.Y.Z are tight to the OpenNebula version for which a significant update has happened. Usually, configuration version remains on the same version for all OpenNebula releases within the same X.Y release (i.e., configuration version 5.8.0 is valid for all OpenNebula from 5.8.0 to 5.8.5 releases).
Backup to Process is a one-shot backup that needs to be processed. It’s created automatically by OpenNebula packages (since 5.10.2) during the upgrade and contains a backup of all configuration files from the previous version. Content of the backup is taken, upgraded for current OpenNebula version and placed into production directories (/etc/one/
and /var/lib/one/remotes/etc
). Any existing content will be replaced there.
Example of status without available updates:
onecfg status
--- Versions ------------------------------
OpenNebula: 5.10.2
Config: 5.10.0
--- Available Configuration Updates -------
No updates available.
Exit codes¶
Based on different status, the command ends with the following exit codes:
- 0 - No update available.
- 1 - Updates available.
- 255 - Unspecified error (e.g., unknown versions)
Init¶
For clean new installations, the init
subcommand initializes the configuration management state based on the currently installed OpenNebula version.
Parameters:
Parameter | Description | Mandatory |
---|---|---|
--force |
Force (re)initialization | NO |
--to VERSION |
Configuration version override (default: current OpenNebula version) | NO |
Examples:
onecfg init INFO : Initialized on version 5.10.0 onecfg init ANY : Already initialized
You can also force configuration reinitialization based on detected OpenNebula version:
onecfg init --force
INFO : Initialized on version 5.10.0
Or, force reinitialization on own provided version:
onecfg init --force --to 5.8.0
INFO : Initialized on version 5.8.0
Note
Version state is stored in configuration file /etc/onescape/config.yaml
. You shouldn’t modify this file directly, as it might result in unpredictable behavior.
Example¶
Initialization is necessary when the OneScape is not sure about the version of current configuration files. When running onecfg status
in the uninitialized environment, you might get the following error:
onecfg status
--- Versions ------------------------------
OpenNebula: 5.8.0
Config: unknown
ERROR: Unknown config version
If you are sure the configuration files are current for the OpenNebula version you have (i.e., 5.8.0 in the example above), you can initialize the version management by using OpenNebula version (e.g., onecfg init
). Or, by explicitly providing the version configuration files match (e.g., onecfg init --to 5.6.0
).
In both cases, after the initialization, the configuration version should be known:
onecfg status
--- Versions ------------------------------
OpenNebula: 5.8.0
Config: 5.8.0
--- Available Configuration Updates -------
No updates available.
Validate¶
The validate
subcommand checks that all known configuration files can be parsed.
Parameters:
Parameter | Description | Mandatory |
---|---|---|
--prefix PATH |
Root location prefix (default: / ) |
NO |
Without any parameter provided, it validates and returns only problematic files:
onecfg validate
ERROR : Unable to process file '/etc/one/oned.conf' - Failed to parse file
When running in verbose mode with --verbose
, it writes all checked files:
onecfg validate --verbose
INFO : File '/etc/one/vcenter_driver.default' - OK
INFO : File '/etc/one/ec2_driver.default' - OK
INFO : File '/etc/one/az_driver.default' - OK
INFO : File '/etc/one/auth/ldap_auth.conf' - OK
INFO : File '/etc/one/auth/server_x509_auth.conf' - OK
...
Note
You can also validate files inside a dedicated directory instead of a system-wide installation location using the option --prefix
. Directory structure inside the prefix must follow the structure on real locations (e.g., for real /etc/one
there must be $PREFIX/etc/one
).
onecfg validate --prefix /tmp/ONE --verbose
INFO : File '/tmp/ONE/etc/one/vcenter_driver.default' - OK
INFO : File '/tmp/ONE/etc/one/ec2_driver.default' - OK
INFO : File '/tmp/ONE/etc/one/az_driver.default' - OK
INFO : File '/tmp/ONE/etc/one/auth/ldap_auth.conf' - OK
INFO : File '/tmp/ONE/etc/one/auth/server_x509_auth.conf' - OK
...
Exit codes¶
- 0 - all files are OK
- 1 - error when processing some file
Diff¶
Similar to the validation functionality above, the diff
subcommand reads all configuration files and identifies changes that were done by the user when compared to based configuration files. It doesn’t do any changes in the files, only reads and compares them.
Parameters:
Parameter | Description | Mandatory |
---|---|---|
--prefix PATH |
Root location prefix (default: / ) |
NO |
The command prints only files with changes. Unchanged files are not included in the output. Each individual change description is printed on a separate line with following syntax:
ins PATH = VALUE
- inserted new parameter onPATH
withVALUE`
set PATH = VALUE
- existing attribute onPATH
was changed with differentVALUE
rm PATH (= VALUE)
- deleted parameter onPATH
(optionally specifying the removedVALUE
)
Example:
onecfg diff
/etc/one/cli/onegroup.yaml
- ins ID/adjust = true
- set NAME/size = 15
- ins NAME/expand = true
/etc/one/cli/onehost.yaml
- ins ID/adjust = true
- ins NAME/expand = true
- set CLUSTER/size = 10
- set STAT/size = 4
/etc/one/cli/oneimage.yaml
- ins ID/adjust = true
- set USER/size = 8
- set GROUP/size = 8
- ins NAME/expand = true
/etc/one/oned.conf
- set DEFAULT_DEVICE_PREFIX = "\"sd\""
- set VM_MAD[NAME = '"vcenter"']/ARGUMENTS = "\"-p -t 15 -r 0 -s sh vcenter\""
- rm VM_MAD[NAME = '"vcenter"']/DEFAULT = "\"vmm_exec/vmm_exec_vcenter.conf\""
- ins HM_MAD/ARGUMENTS = "\"-p 2101 -l 2102 -b 127.0.0.1\""
- ins VM_RESTRICTED_ATTR = "\"NIC/FILTER\""
...
How to read the output? Let’s go through few examples for /etc/one/cli/onegroup.yaml
above:
ins ID/adjust = true
- new keyadjust
with valuetrue
was added intoID
sectionset NAME/size = 15
- value for existing keysize
inside sectionNAME
was changed to15
Upgrade¶
The upgrade
subcommand makes all the changes in configuration files to update content from one version to another. It mainly does the following steps:
- Detect if an upgrade is necessary (or, at least if one-shot backup should be processed)
- Backup existing configuration files
- Apply upgrades (run migrators)
- Copy upgraded files back
Important
Upgrade operation is always done on a copy of your production configuration files in the temporary directory. If anything fails during the upgrade process, it doesn’t affect the real files. When the upgrade is successfully done for all files and for all intermediate versions, the new state is copied back to production locations. In case of serious failure during the final copy back, there should be a backup stored in /var/lib/one/backups/config/
for manual restore.
Note
You can first test the dry upgrade with --noop
, which doesn’t change real production files. It skips the final copy back phase.
Important
Upgrade operation detects changed values and preserves their content. Using patch mode replace described in Troubleshooting, the user can request to replace changed values with default ones for which new default appears in the newer version.
Parameters:
Parameter | Description | Mandatory |
---|---|---|
--from VERSION |
Old configuration version (default: current) | NO |
--to VERSION |
New configuration version (default: autodetected from OpenNebula) | NO |
--noop |
Runs upgrade without changing system state | NO |
--unprivileged |
Skip privileged operations (e.g., chown ) - only for testing |
NO |
--patch-modes MODES |
Patch modes per file and version | NO |
--recreate |
Recreate deleted files that would be changed | NO |
--prefix PATH |
Root location prefix (default: / ) |
NO |
--read-from PATH |
Backup directory to take as source of current state (instead of production directories) | NO |
In most cases, the upgrade from one version to another will be as easy as simply run of command onecfg upgrade
without any extra parameters. It’ll upgrade based on internal configuration version tracking and currently installed OpenNebula. For example:
onecfg upgrade
ANY : Backup stored in '/tmp/onescape/backups/2019-12-16_13:10:16_18130'
ANY : Configuration updated to 5.10.0
Important
The upgrade process tries to apply changes from newer versions to your current configuration files (i.e., diff/patch approach modified for each different configuration file type). If the configuration files have been heavily modified, the upgrade might easily fail. The dedicated section describes how to deal with conflicts during the upgrade (patching) process.
If there is no upgrade available, the tool will not do anything:
onecfg upgrade
ANY : No updates available
To see the files changed during the upgrade, run the command in verbose mode via --verbose
parameter. For example:
onecfg upgrade --verbose
INFO : Checking updates from 5.8.0 to 5.10.0
ANY : Backup stored in '/tmp/onescape/backups/2019-12-12_15:14:39_18278'
INFO : Updating from 5.8.0 to 5.10.0
INFO : Incremental update from 5.8.0 to 5.10.0
INFO : Update file '/etc/one/vcenter_driver.default'
INFO : Skip file '/etc/one/cli/oneprovision.yaml' - missing
INFO : Update file '/etc/one/cli/onegroup.yaml'
INFO : Update file '/etc/one/cli/onehost.yaml'
INFO : Update file '/etc/one/cli/oneimage.yaml'
...
Versions Override¶
It can be useful to control the upgrade process by providing custom source configuration version (--from VERSION
), target configuration version (--to VERSION
), or both configuration versions in cases when some version is not known or when user wants to have control over the process when upgrading over multiple major versions.
The example below demonstrates step-by-step manual upgrade with versions enforcing (verbose output was filtered):
onecfg upgrade --verbose --from 5.4.0 --to 5.6.0 INFO : Checking updates from 5.4.0 to 5.6.0 ANY : Backup stored in '/tmp/onescape/backups/2019-12-17_18:08:05_28564' INFO : Updating from 5.4.0 to 5.6.0 INFO : Incremental update from 5.4.0 to 5.4.1 INFO : Incremental update from 5.4.1 to 5.4.2 INFO : Incremental update from 5.4.2 to 5.4.6 INFO : Incremental update from 5.4.6 to 5.6.0 ANY : Configuration updated to 5.6.0 onecfg upgrade --verbose --to 5.8.0 INFO : Checking updates from 5.6.0 to 5.8.0 ANY : Backup stored in '/tmp/onescape/backups/2019-12-17_18:10:18_29087' INFO : Updating from 5.6.0 to 5.8.0 INFO : Incremental update from 5.6.0 to 5.8.0 ANY : Configuration updated to 5.8.0 onecfg upgrade --verbose INFO : Checking updates from 5.8.0 to 5.10.0 ANY : Backup stored in '/tmp/onescape/backups/2019-12-17_18:11:19_29405' INFO : Updating from 5.8.0 to 5.10.0 INFO : Incremental update from 5.8.0 to 5.10.0 ANY : Configuration updated to 5.10.0
Successful upgrade saves the target version as a new current configuration version.
Debug Output¶
The tool provides more detailed information even about individual changes done in the configuration files and status of their application, if run with the debug logging enabled via parameter --debug
. On the example below, see the Patch Report section which uses the format introduced for diff subcommand prefixed by patch application status in square brackets:
onecfg upgrade --debug
DEBUG : Loading migrators
INFO : Checking updates from 5.4.0 to 5.10.0
DEBUG : Backing up multiple dirs into '/tmp/onescape/backups/2019-12-16_13:16:16_22128'
DEBUG : Backing up /tmp/ONE540/etc/one in /tmp/onescape/backups/2019-12-16_13:16:16_22128/etc/one
DEBUG : Backing up /tmp/ONE540/var/lib/one/remotes in /tmp/onescape/backups/2019-12-16_13:16:16_22128/var/lib/one/remotes
DEBUG : Loading migrators
ANY : Backup stored in '/tmp/onescape/backups/2019-12-16_13:16:16_22128'
DEBUG : Restoring multiple dirs from '/tmp/ONE540'
DEBUG : Restoring /tmp/ONE540/etc/one to /tmp/d20191216-22128-qqek6g/etc/one
DEBUG : Restoring /tmp/ONE540/var/lib/one/remotes to /tmp/d20191216-22128-qqek6g/var/lib/one/remotes
INFO : Updating from 5.4.0 to 5.10.0
INFO : Incremental update from 5.4.0 to 5.4.1
DEBUG : 5.4.0 -> 5.4.1 - No Ruby pre_up available
INFO : Update file '/etc/one/az_driver.conf'
DEBUG : --- PATCH REPORT '/etc/one/az_driver.conf' ---
DEBUG : Patch [OK] set instance_types/ExtraSmall/memory = 0.768
DEBUG : Patch [OK] ins instance_types/Standard_A1_v2 = {"cpu"=>1, "memory"=>2.0}
DEBUG : Patch [OK] ins instance_types/Standard_A2_v2 = {"cpu"=>2, "memory"=>4.0}
DEBUG : Patch [OK] ins instance_types/Standard_A4_v2 = {"cpu"=>4, "memory"=>8.0}
DEBUG : Patch [--] ins instance_types/Standard_A8_v2 = {"cpu"=>8, "memory"=>16.0}
DEBUG : Patch [--] ins instance_types/Standard_A2m_v2 = {"cpu"=>2, "memory"=>16.0}
DEBUG : Patch [--] ins instance_types/Standard_A4m_v2 = {"cpu"=>4, "memory"=>32.0}
DEBUG : Patch [--] ins instance_types/Standard_A8m_v2 = {"cpu"=>8, "memory"=>64.0}
DEBUG : Patch [--] ins instance_types/Standard_G1 = {"cpu"=>2, "memory"=>28.0}
...