When deploying OKD on bare metal hosts, there are times when you need to make changes to the host either before or after provisioning. This can include inspecting the host’s hardware, firmware, and firmware details. It can also include formatting disks or changing modifiable firmware settings.
Use the Bare Metal Operator (BMO) to provision, manage, and inspect bare-metal hosts in your cluster.
The BMO uses three resources to complete these tasks:
BareMetalHost
HostFirmwareSettings
FirmwareSchema
The BMO maintains an inventory of the physical hosts in the cluster by mapping each bare-metal host to an instance of the BareMetalHost
custom resource definition. Each BareMetalHost
resource features hardware, software, and firmware details. The BMO continually inspects the bare-metal hosts in the cluster to ensure each BareMetalHost
resource accurately details the components of the corresponding host.
The BMO also uses the HostFirmwareSettings
resource and the FirmwareSchema
resource to detail firmware specifications for the bare-metal host.
The BMO interfaces with bare-metal hosts in the cluster by using the Ironic API service. The Ironic service uses the Baseboard Management Controller (BMC) on the host to interface with the machine.
Some common tasks you can complete by using the BMO include the following:
Provision bare-metal hosts to the cluster with a specific image
Format a host’s disk contents before provisioning or after deprovisioning
Turn on or off a host
Change firmware settings
View the host’s hardware details
The Bare Metal Operator (BMO) uses three resources to provision, manage, and inspect bare-metal hosts in your cluster. The following diagram illustrates the architecture of these resources:
The BareMetalHost
resource defines a physical host and its properties. When you provision a bare-metal host to the cluster, you must define a BareMetalHost
resource for that host. For ongoing management of the host, you can inspect the information in the BareMetalHost
or update this information.
The BareMetalHost
resource features provisioning information such as the following:
Deployment specifications such as the operating system boot image or the custom RAM disk
Provisioning state
Baseboard Management Controller (BMC) address
Desired power state
The BareMetalHost
resource features hardware information such as the following:
Number of CPUs
MAC address of a NIC
Size of the host’s storage device
Current power state
You can use the HostFirmwareSettings
resource to retrieve and manage the firmware settings for a host. When a host moves to the Available
state, the Ironic service reads the host’s firmware settings and creates the HostFirmwareSettings
resource. There is a one-to-one mapping between the BareMetalHost
resource and the HostFirmwareSettings
resource.
You can use the HostFirmwareSettings
resource to inspect the firmware specifications for a host or to update a host’s firmware specifications.
You must adhere to the schema specific to the vendor firmware when you edit the |
Firmware settings vary among hardware vendors and host models. A FirmwareSchema
resource is a read-only resource that contains the types and limits for each firmware setting on each host model. The data comes directly from the BMC by using the Ironic service. The FirmwareSchema
resource enables you to identify valid values you can specify in the spec
field of the HostFirmwareSettings
resource.
A FirmwareSchema
resource can apply to many BareMetalHost
resources if the schema is the same.
Metal3 introduces the concept of the BareMetalHost
resource, which defines a physical host and its properties. The BareMetalHost
resource contains two sections:
The BareMetalHost
spec
The BareMetalHost
status
The spec
section of the BareMetalHost
resource defines the desired state of the host.
Parameters | Description | ||
---|---|---|---|
|
An interface to enable or disable automated cleaning during provisioning and de-provisioning. When set to |
||
bmc: address: credentialsName: disableCertificateVerification: |
The
|
||
|
The MAC address of the NIC used for provisioning the host. |
||
|
The boot mode of the host. It defaults to |
||
|
A reference to another resource that is using the host. It could be empty if another resource is not currently using the host. For example, a |
||
|
A human-provided string to help identify the host. |
||
|
A boolean indicating whether the host provisioning and deprovisioning are managed externally. When set:
|
||
|
Contains information about the BIOS configuration of bare-metal hosts. Currently,
|
||
image: url: checksum: checksumType: format: |
The
|
||
|
A reference to the secret containing the network configuration data and its namespace, so that it can be attached to the host before the host boots to set up the network. |
||
|
A boolean indicating whether the host should be powered on ( |
||
raid: hardwareRAIDVolumes: softwareRAIDVolumes: |
(Optional) Contains the information about the RAID configuration for bare-metal hosts. If not specified, it retains the current configuration.
See the following configuration settings:
You can set the spec: raid: hardwareRAIDVolume: [] If you receive an error message indicating that the driver does not support RAID, set the |
||
rootDeviceHints: deviceName: hctl: model: vendor: serialNumber: minSizeGigabytes: wwn: wwnWithExtension: wwnVendorExtension: rotational: |
The
|
The BareMetalHost
status represents the host’s current state, and includes tested credentials, current hardware details, and other information.
Parameters | Description |
---|---|
|
A reference to the secret and its namespace holding the last set of baseboard management controller (BMC) credentials the system was able to validate as working. |
|
Details of the last error reported by the provisioning backend, if any. |
|
Indicates the class of problem that has caused the host to enter an error state. The error types are:
|
hardware: cpu arch: model: clockMegahertz: flags: count: |
The
|
hardware: firmware: |
Contains BIOS firmware information. For example, the hardware vendor and version. |
hardware: nics: - ip: name: mac: speedGbps: vlans: vlanId: pxe: |
The
|
hardware: ramMebibytes: |
The host’s amount of memory in Mebibytes (MiB). |
hardware: storage: - name: rotational: sizeBytes: serialNumber: |
The
|
hardware: systemVendor: manufacturer: productName: serialNumber: |
Contains information about the host’s |
|
The timestamp of the last time the status of the host was updated. |
|
The status of the server. The status is one of the following:
|
|
Boolean indicating whether the host is powered on. |
provisioning: state: id: image: raid: firmware: rootDeviceHints: |
The
|
|
A reference to the secret and its namespace holding the last set of BMC credentials that were sent to the provisioning backend. |
The BareMetalHost
resource contains the properties of a physical host. You must get the BareMetalHost
resource for a physical host to review its properties.
Get the list of BareMetalHost
resources:
$ oc get bmh -n openshift-machine-api -o yaml
You can use |
Get the list of hosts:
$ oc get bmh -n openshift-machine-api
Get the BareMetalHost
resource for a specific host:
$ oc get bmh <host_name> -n openshift-machine-api -o yaml
Where <host_name>
is the name of the host.
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
creationTimestamp: "2022-06-16T10:48:33Z"
finalizers:
- baremetalhost.metal3.io
generation: 2
name: openshift-worker-0
namespace: openshift-machine-api
resourceVersion: "30099"
uid: 1513ae9b-e092-409d-be1b-ad08edeb1271
spec:
automatedCleaningMode: metadata
bmc:
address: redfish://10.46.61.19:443/redfish/v1/Systems/1
credentialsName: openshift-worker-0-bmc-secret
disableCertificateVerification: true
bootMACAddress: 48:df:37:c7:f7:b0
bootMode: UEFI
consumerRef:
apiVersion: machine.openshift.io/v1beta1
kind: Machine
name: ocp-edge-958fk-worker-0-nrfcg
namespace: openshift-machine-api
customDeploy:
method: install_coreos
online: true
rootDeviceHints:
deviceName: /dev/disk/by-id/scsi-<serial_number>
userData:
name: worker-user-data-managed
namespace: openshift-machine-api
status:
errorCount: 0
errorMessage: ""
goodCredentials:
credentials:
name: openshift-worker-0-bmc-secret
namespace: openshift-machine-api
credentialsVersion: "16120"
hardware:
cpu:
arch: x86_64
clockMegahertz: 2300
count: 64
flags:
- 3dnowprefetch
- abm
- acpi
- adx
- aes
model: Intel(R) Xeon(R) Gold 5218 CPU @ 2.30GHz
firmware:
bios:
date: 10/26/2020
vendor: HPE
version: U30
hostname: openshift-worker-0
nics:
- mac: 48:df:37:c7:f7:b3
model: 0x8086 0x1572
name: ens1f3
ramMebibytes: 262144
storage:
- hctl: "0:0:0:0"
model: VK000960GWTTB
name: /dev/disk/by-id/scsi-<serial_number>
sizeBytes: 960197124096
type: SSD
vendor: ATA
systemVendor:
manufacturer: HPE
productName: ProLiant DL380 Gen10 (868703-B21)
serialNumber: CZ200606M3
lastUpdated: "2022-06-16T11:41:42Z"
operationalStatus: OK
poweredOn: true
provisioning:
ID: 217baa14-cfcf-4196-b764-744e184a3413
bootMode: UEFI
customDeploy:
method: install_coreos
image:
url: ""
raid:
hardwareRAIDVolumes: null
softwareRAIDVolumes: []
rootDeviceHints:
deviceName: /dev/disk/by-id/scsi-<serial_number>
state: provisioned
triedCredentials:
credentials:
name: openshift-worker-0-bmc-secret
namespace: openshift-machine-api
credentialsVersion: "16120"
You can use the HostFirmwareSettings
resource to retrieve and manage the BIOS settings for a host. When a host moves to the Available
state, Ironic reads the host’s BIOS settings and creates the HostFirmwareSettings
resource. The resource contains the complete BIOS configuration returned from the baseboard management controller (BMC). Whereas, the firmware
field in the BareMetalHost
resource returns three vendor-independent fields, the HostFirmwareSettings
resource typically comprises many BIOS settings of vendor-specific fields per host.
The HostFirmwareSettings
resource contains two sections:
The HostFirmwareSettings
spec.
The HostFirmwareSettings
status.
HostFirmwareSettings
specThe spec
section of the HostFirmwareSettings
resource defines the desired state of the host’s BIOS, and it is empty by default. Ironic uses the settings in the spec.settings
section to update the baseboard management controller (BMC) when the host is in the Preparing
state. Use the FirmwareSchema
resource to ensure that you do not send invalid name/value pairs to hosts. See "About the FirmwareSchema resource" for additional details.
spec:
settings:
ProcTurboMode: Disabled(1)
1 | In the foregoing example, the spec.settings section contains a name/value pair that will set the ProcTurboMode BIOS setting to Disabled . |
Integer parameters listed in the |
HostFirmwareSettings
statusThe status
represents the current state of the host’s BIOS.
Parameters | Description |
---|---|
status: conditions: - lastTransitionTime: message: observedGeneration: reason: status: type: |
The
|
status: schema: name: namespace: lastUpdated: |
The
|
status: settings: |
The |
The HostFirmwareSettings
resource contains the vendor-specific BIOS properties of a physical host. You must get the HostFirmwareSettings
resource for a physical host to review its BIOS properties.
Get the detailed list of HostFirmwareSettings
resources:
$ oc get hfs -n openshift-machine-api -o yaml
You can use |
Get the list of HostFirmwareSettings
resources:
$ oc get hfs -n openshift-machine-api
Get the HostFirmwareSettings
resource for a particular host
$ oc get hfs <host_name> -n openshift-machine-api -o yaml
Where <host_name>
is the name of the host.
You can edit the HostFirmwareSettings
of provisioned hosts.
You can only edit hosts when they are in the |
Get the list of HostFirmwareSettings
resources:
$ oc get hfs -n openshift-machine-api
Edit a host’s HostFirmwareSettings
resource:
$ oc edit hfs <host_name> -n openshift-machine-api
Where <host_name>
is the name of a provisioned host. The HostFirmwareSettings
resource will open in the default editor for your terminal.
Add name/value pairs to the spec.settings
section:
spec:
settings:
name: value (1)
1 | Use the FirmwareSchema resource to identify the available settings for the host. You cannot set values that are read-only. |
Save the changes and exit the editor.
Get the host’s machine name:
$ oc get bmh <host_name> -n openshift-machine name
Where <host_name>
is the name of the host. The machine name appears under the CONSUMER
field.
Annotate the machine to delete it from the machineset:
$ oc annotate machine <machine_name> machine.openshift.io/delete-machine=true -n openshift-machine-api
Where <machine_name>
is the name of the machine to delete.
Get a list of nodes and count the number of worker nodes:
$ oc get nodes
Get the machineset:
$ oc get machinesets -n openshift-machine-api
Scale the machineset:
$ oc scale machineset <machineset_name> -n openshift-machine-api --replicas=<n-1>
Where <machineset_name>
is the name of the machineset and <n-1>
is the decremented number of worker nodes.
When the host enters the Available
state, scale up the machineset to make the HostFirmwareSettings
resource changes take effect:
$ oc scale machineset <machineset_name> -n openshift-machine-api --replicas=<n>
Where <machineset_name>
is the name of the machineset and <n>
is the number of worker nodes.
When the user edits the spec.settings
section to make a change to the HostFirmwareSetting
(HFS) resource, the Bare Metal Operator (BMO) validates the change against the FimwareSchema
resource, which is a read-only resource. If the setting is invalid, the BMO will set the Type
value of the status.Condition
setting to False
and also generate an event and store it in the HFS resource. Use the following procedure to verify that the resource is valid.
Get a list of HostFirmwareSetting
resources:
$ oc get hfs -n openshift-machine-api
Verify that the HostFirmwareSettings
resource for a particular host is valid:
$ oc describe hfs <host_name> -n openshift-machine-api
Where <host_name>
is the name of the host.
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ValidationFailed 2m49s metal3-hostfirmwaresettings-controller Invalid BIOS setting: Setting ProcTurboMode is invalid, unknown enumeration value - Foo
If the response returns |
BIOS settings vary among hardware vendors and host models. A FirmwareSchema
resource is a read-only resource that contains the types and limits for each BIOS setting on each host model. The data comes directly from the BMC through Ironic. The FirmwareSchema
enables you to identify valid values you can specify in the spec
field of the HostFirmwareSettings
resource. The FirmwareSchema
resource has a unique identifier derived from its settings and limits. Identical host models use the same FirmwareSchema
identifier. It is likely that multiple instances of HostFirmwareSettings
use the same FirmwareSchema
.
Parameters | Description |
---|---|
<BIOS_setting_name> attribute_type: allowable_values: lower_bound: upper_bound: min_length: max_length: read_only: unique: |
The
|
Each host model from each vendor has different BIOS settings. When editing the HostFirmwareSettings
resource’s spec
section, the name/value pairs you set must conform to that host’s firmware schema. To ensure you are setting valid name/value pairs, get the FirmwareSchema
for the host and review it.
To get a list of FirmwareSchema
resource instances, execute the following:
$ oc get firmwareschema -n openshift-machine-api
To get a particular FirmwareSchema
instance, execute:
$ oc get firmwareschema <instance_name> -n openshift-machine-api -o yaml
Where <instance_name>
is the name of the schema instance stated in the HostFirmwareSettings
resource (see Table 3).