TestingMAAS

Introduction (DRAFT)

This page aims to help someone set up MAAS in a standalone virtual machine using libvirt and has been tested on 12.04 LTS. MAAS should be accessible to other virtual machines in the libvirt network (ie, the one that the MAAS vm is on). Other machines on the libvirt network should be able to use juju or the maas cli tool to interface with the MAAS vm. Note, this is not intended to by a guide for a production deployment of MAAS.

The basic idea is this:

  • The MAAS server runs in a VM within libvirt
  • The MAAS server is configured as a DNS, DHCP and TFTP server
  • 4 nodes are added and enlisted via the MAAS web interface
  • Users and their ssh public keys are added via the MAAS web interface
  • Users interface with MAAS via juju or the MAAS cli tool to start nodes (understanding that the user must create/start these nodes with PXE booting via virt-manager to simulate wake on lan, etc

VM host configuration

  1. Created a VM with enough memory and disk space. The VM should have (at least) the following characteristics):
    • 1024M RAM
    • 20G disk
  2. Add a few firewall rules to make sure that the host's dnsmasq does not interfere with the MAAS server's dnsmasq (e assume the following MAC addresses for the 4 nodes throughout: AA:BB:CC:DD:EE:F0 AA:BB:CC:DD:EE:F1 AA:BB:CC:DD:EE:F2 AA:BB:CC:DD:EE:F3):

    $ sudo iptables -I INPUT -p udp --dport 69 -j REJECT
    $ sudo ip6tables -I INPUT -p udp --dport 69 -j REJECT
    $ for i in AA:BB:CC:DD:EE:F0 AA:BB:CC:DD:EE:F1 AA:BB:CC:DD:EE:F2 AA:BB:CC:DD:EE:F3 ; do \
    sudo ebtables -I INPUT -p IPv4 --ip-prot udp --ip-dport 67 -s $i -j DROP ; done

MAAS server configuration

  1. Adjust /etc/network/interfaces to use a static ip:

    # The primary network interface
    auto eth0
    iface eth0 inet static
            address 192.168.122.4
            network 192.168.122.0
            netmask 255.255.255.0
            broadcast 192.168.122.255
            gateway 192.168.122.1
    
    #iface eth0 inet dhcp
  2. Adjust /etc/resolvconf/resolv.conf.d/base to have:

    search defaultdomain
    nameserver 192.168.122.1
  3. Reboot to make sure it all comes up ok.
  4. Install necessary software:

    $ sudo apt-get install maas dnsmasq debmirror
  5. Create a MAAS superuser:

    $ sudo maas createsuperuser
    Username (Leave blank to use 'root'): root
    E-mail address: root@example.com
    Password: ubuntu
    Password (again): ubuntu 
    Superuser created successfully.
  6. If on a desktop, you should disable dnsmasq in network manager (edit /etc/NetworkManager/NetworkManager.conf to comment out dns=dnsmasq. Then do 'sudo restart network-manager')
  7. Setup dhcp and dns:
    • apt-get install maas-dhcp or:

    • Setup up cobbler manually:
      1. Adjust /etc/cobbler/dnsmasq.template to use avahi, set the dhcp range, the maas server's ip address and the DNS servers to forward to:

        dhcp-range=192.168.122.17,192.168.122.22
        dhcp-option=3,192.168.122.4
        server=192.168.122.1
      2. Adjust /etc/cobbler/settings to have:

        manage_dhcp: 1
        manage_dns: 1
      3. Adjust /etc/cobbler/modules.conf to have:

        [dns]
        module = manage_dnsmasq
        
        [dhcp]
        module = manage_dnsmasq
      4. Now restart cobbler:

        $ sudo /etc/init.d/cobbler restart
      5. Verify the cobbler settings:

        $ sudo cobbler check
        No configuration problems found.  All systems go.
      6. Now restart dnsmasq:

        $ sudo cobbler sync
  8. reboot to make sure everything works (eg, dnsmasq is resolving names properly)
  9. Import the ISOs (takes a while):

    $ sudo maas-import-isos

After this point, all configuration of MAAS is done via the web interface: http://192.168.122.4:80/MAAS

Users

  1. Add non-admin users to MAAS via the web interface. These should match the usernames of the users running juju or the MAAS cli client
  2. Add the user's ssh key to MAAS via the web interface:
    1. Login as the user
    2. Click on the username in the upper left and select Preferences
    3. Add the ssh key

Nodes

We need to add the nodes to MAAS before using them. For each of our predefined MAC addresses (the ones we added ebtables rules for above. Ie, AA:BB:CC:DD:EE:F0, AA:BB:CC:DD:EE:F1, AA:BB:CC:DD:EE:F2, AA:BB:CC:DD:EE:F3):

  1. Click 'Add node' on the front page of the web interface. NOTE: if adding a node with a non-admin user, you will have to login as an admin user and accept the enlistment for each added node.

  2. Add the node using the MAC address, but for now specify the hostname to be 'node-<mac address without colons>' (eg node-aabbccddeef0). MAAS by default creates hostnames in this manner, but adds '.local'. We want to strip .local off of the hostname since dnsmasq does not seem to be working with avahi properly (FIXME)

  3. Choose the architecture to use
  4. Use defaults for everything else

IMPORTANT: do not start the nodes in virt-manager yet or via MAAS. You will need to use juju or the MAAS cli client first, then start the node manually in virt-manager.

Juju

See https://wiki.ubuntu.com/ServerTeam/MAAS/Juju for up to date information.

  1. add a non-admin user to MAAS. this should match the username of the user running juju
  2. add the juju user's ssh key to MAAS
  3. On the maas server node (doesn't have to be here):
    1. install software:

      $ sudo apt-get install juju charm-tools
    2. Create ~/.juju/environments.yaml (get the mass api key by logging into MAAS and clicking on the username and selecting 'Preferences'):

      environments:
        maas:
          type: maas
          maas-server: 'http://localhost:80/MAAS'
          maas-oauth: '${maas-api-key}'
          admin-secret: 'nothing'
  4. Secure ~/.juju/environments.yaml:

    $ chmod 600 ~/.juju/environments.yaml
  5. Get some charms:

    $ mkdir -p ~/charms/precise
    $ cd ~/charms/precise
    $ charm get wordpress
    $ charm get mysql
  6. add several nodes through the MAAS web interface, and accept them as enlisted, but don't start them yet.
  7. Since these are all virtual machines and do not respond to wake-on-lan, we need to simulate that. So after each juju command that starts an instance, we first run the command, then go into virt-manager to start it. Eg:
    1. Bootstrap juju (ie, create the bootstrapping juju node):

      $ juju bootstrap
      2012-04-06 10:29:31,463 INFO Bootstrapping environment 'maas' (type: maas)...
      2012-04-06 10:29:31,889 INFO 'bootstrap' command finished successfully
      If you get errors here, check that you added your nodes to MAAS already.
    2. In virt-manager, create and PXE boot a machine with MAC aa:bb:cc:dd:ee:f0. You should see it get an IP address in our range and get its image (viewing the squid-deb-proxy should show it is fetching packages)
    3. Check the status with:

      $ juju status
      2012-04-06 09:16:19,546 INFO Connecting to environment...
      2012-04-06 09:16:24,642 ERROR Invalid host for SSH forwarding: ssh: Could not resolve hostname node-aabbccddeef0.local: Name or service not known
      ...
      The authenticity of host 'node-aabbccddeef0 (192.168.122.19)' can't be established.
      ECDSA key fingerprint is 5d:cf:6a:4b:2f:6c:cd:6b:02:5a:25:e1:50:76:fd:0f.
      Are you sure you want to continue connecting (yes/no)? yes
      2012-04-06 11:09:53,399 INFO Connected to environment.
      2012-04-06 11:09:53,454 ERROR Machine provider information missing: machine 0
      machines:
        0:
          instance-id: /MAAS/api/1.0/nodes/node-efe72798-7ff6-11e1-9ca4-52540073b165/
      services: {}
      2012-04-06 11:09:53,460 INFO 'status' command finished successfully
    4. Once the status commands completes successfully (it takes a long while the first time), deploy some services:

      $ juju deploy --repository=~/charms local:precise/wordpress
      $ juju deploy --repository=~/charms local:precise/mysql
    5. In virt-manager create and PXE boot two machines (one for each of the services we deployed with juju, eg aa:bb:cc:dd:ee:f1 and aa:bb:cc:dd:ee:f2)
    6. Check the status:

      $ juju status
      2012-04-06 11:19:04,219 INFO Connecting to environment...
      2012-04-06 11:19:04,945 INFO Connected to environment.
      2012-04-06 11:19:05,098 ERROR Machine provider information missing: machine 0
      machines:
        0:
          instance-id: /MAAS/api/1.0/nodes/node-efe72798-7ff6-11e1-9ca4-52540073b165/
        1:
          instance-id: pending
        2:
          instance-id: pending
      services:
        mysql:
          charm: local:precise/mysql-118
          relations: {}
          units:
            mysql/0:
              agent-state: pending
              machine: 2
              public-address: null
        wordpress:
          charm: local:precise/wordpress-32
          relations: {}
          units:
            wordpress/0:
              agent-state: pending
              machine: 1
              public-address: null
      2012-04-06 11:19:05,121 INFO 'status' command finished successfully

Once the instance-id no longer says 'pending', you should be able to login to the machine. Eg:

$ ssh ubuntu@node-aabbccddeef0
Welcome to Ubuntu precise (development branch) (GNU/Linux 3.2.0-22-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
Last login: Fri Apr  6 12:10:30 2012 from maas-precise-server-amd64.example.com

NOTE: At the time of this writing 'juju ssh 0' would not work.

MAAS cli client

TODO: The cli client is still be written.

SecurityTeam/TestingMAAS (last edited 2012-12-06 17:10:01 by jdstrand)