After successfully deploying an installer-provisioned cluster, consider the following postinstallation procedures.
OKD installs the chrony
Network Time Protocol (NTP) service on the cluster nodes.
Use the following procedure to configure NTP servers on the control plane nodes and configure compute nodes as NTP clients of the control plane nodes after a successful deployment.
OKD nodes must agree on a date and time to run properly. When compute nodes retrieve the date and time from the NTP servers on the control plane nodes, it enables the installation and operation of clusters that are not connected to a routable network and thereby do not have access to a higher stratum NTP server.
Install Butane on your installation host by using the following command:
$ sudo dnf -y install butane
Create a Butane config, 99-master-chrony-conf-override.bu
, including the contents of the chrony.conf
file for the control plane nodes.
See "Creating machine configs with Butane" for information about Butane. |
variant: openshift
version: 4.0
metadata:
name: 99-master-chrony-conf-override
labels:
machineconfiguration.openshift.io/role: master
storage:
files:
- path: /etc/chrony.conf
mode: 0644
overwrite: true
contents:
inline: |
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (https://www.pool.ntp.org/join.html).
# The Machine Config Operator manages this file
server openshift-master-0.<cluster-name>.<domain> iburst (1)
server openshift-master-1.<cluster-name>.<domain> iburst
server openshift-master-2.<cluster-name>.<domain> iburst
stratumweight 0
driftfile /var/lib/chrony/drift
rtcsync
makestep 10 3
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
generatecommandkey
noclientlog
logchange 0.5
logdir /var/log/chrony
# Configure the control plane nodes to serve as local NTP servers
# for all compute nodes, even if they are not in sync with an
# upstream NTP server.
# Allow NTP client access from the local network.
allow all
# Serve time even if not synchronized to a time source.
local stratum 3 orphan
1 | You must replace <cluster-name> with the name of the cluster and replace <domain> with the fully qualified domain name. |
Use Butane to generate a MachineConfig
object file, 99-master-chrony-conf-override.yaml
, containing the configuration to be delivered to the control plane nodes:
$ butane 99-master-chrony-conf-override.bu -o 99-master-chrony-conf-override.yaml
Create a Butane config, 99-worker-chrony-conf-override.bu
, including the contents of the chrony.conf
file for the compute nodes that references the NTP servers on the control plane nodes.
variant: openshift
version: 4.0
metadata:
name: 99-worker-chrony-conf-override
labels:
machineconfiguration.openshift.io/role: worker
storage:
files:
- path: /etc/chrony.conf
mode: 0644
overwrite: true
contents:
inline: |
# The Machine Config Operator manages this file.
server openshift-master-0.<cluster-name>.<domain> iburst (1)
server openshift-master-1.<cluster-name>.<domain> iburst
server openshift-master-2.<cluster-name>.<domain> iburst
stratumweight 0
driftfile /var/lib/chrony/drift
rtcsync
makestep 10 3
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
generatecommandkey
noclientlog
logchange 0.5
logdir /var/log/chrony
1 | You must replace <cluster-name> with the name of the cluster and replace <domain> with the fully qualified domain name. |
Use Butane to generate a MachineConfig
object file, 99-worker-chrony-conf-override.yaml
, containing the configuration to be delivered to the worker nodes:
$ butane 99-worker-chrony-conf-override.bu -o 99-worker-chrony-conf-override.yaml
Apply the 99-master-chrony-conf-override.yaml
policy to the control plane nodes.
$ oc apply -f 99-master-chrony-conf-override.yaml
machineconfig.machineconfiguration.openshift.io/99-master-chrony-conf-override created
Apply the 99-worker-chrony-conf-override.yaml
policy to the compute nodes.
$ oc apply -f 99-worker-chrony-conf-override.yaml
machineconfig.machineconfiguration.openshift.io/99-worker-chrony-conf-override created
Check the status of the applied NTP settings.
$ oc describe machineconfigpool
The assisted installer and installer-provisioned installation for bare metal clusters provide the ability to deploy a cluster without a provisioning
network. This capability is for scenarios such as proof-of-concept clusters or deploying exclusively with Redfish virtual media when each node’s baseboard management controller is routable via the baremetal
network.
You can enable a provisioning
network after installation using the Cluster Baremetal Operator (CBO).
A dedicated physical network must exist, connected to all worker and control plane nodes.
You must isolate the native, untagged physical network.
The network cannot have a DHCP server when the provisioningNetwork
configuration setting is set to Managed
.
You can omit the provisioningInterface
setting in OKD 4.10 to use the bootMACAddress
configuration setting.
When setting the provisioningInterface
setting, first identify the provisioning interface name for the cluster nodes. For example, eth0
or eno1
.
Enable the Preboot eXecution Environment (PXE) on the provisioning
network interface of the cluster nodes.
Retrieve the current state of the provisioning
network and save it to a provisioning custom resource (CR) file:
$ oc get provisioning -o yaml > enable-provisioning-nw.yaml
Modify the provisioning CR file:
$ vim ~/enable-provisioning-nw.yaml
Scroll down to the provisioningNetwork
configuration setting and change it from Disabled
to Managed
. Then, add the provisioningIP
, provisioningNetworkCIDR
, provisioningDHCPRange
, provisioningInterface
, and watchAllNameSpaces
configuration settings after the provisioningNetwork
setting. Provide appropriate values for each setting.
apiVersion: v1
items:
- apiVersion: metal3.io/v1alpha1
kind: Provisioning
metadata:
name: provisioning-configuration
spec:
provisioningNetwork: (1)
provisioningIP: (2)
provisioningNetworkCIDR: (3)
provisioningDHCPRange: (4)
provisioningInterface: (5)
watchAllNameSpaces: (6)
1 | The provisioningNetwork is one of Managed , Unmanaged , or Disabled . When set to Managed , Metal3 manages the provisioning network and the CBO deploys the Metal3 pod with a configured DHCP server. When set to Unmanaged , the system administrator configures the DHCP server manually. |
2 | The provisioningIP is the static IP address that the DHCP server and ironic use to provision the network. This static IP address must be within the provisioning subnet, and outside of the DHCP range. If you configure this setting, it must have a valid IP address even if the provisioning network is Disabled . The static IP address is bound to the metal3 pod. If the metal3 pod fails and moves to another server, the static IP address also moves to the new server. |
3 | The Classless Inter-Domain Routing (CIDR) address. If you configure this setting, it must have a valid CIDR address even if the provisioning network is Disabled . For example: 192.168.0.1/24 . |
4 | The DHCP range. This setting is only applicable to a Managed provisioning network. Omit this configuration setting if the provisioning network is Disabled . For example: 192.168.0.64, 192.168.0.253 . |
5 | The NIC name for the provisioning interface on cluster nodes. The provisioningInterface setting is only applicable to Managed and Unmanaged provisioning networks. Omit the provisioningInterface configuration setting if the provisioning network is Disabled . Omit the provisioningInterface configuration setting to use the bootMACAddress configuration setting instead. |
6 | Set this setting to true if you want metal3 to watch namespaces other than the default openshift-machine-api namespace. The default value is false . |
Save the changes to the provisioning CR file.
Apply the provisioning CR file to the cluster:
$ oc apply -f enable-provisioning-nw.yaml
br-ex
bridgeAs an alternative to using the configure-ovs.sh
shell script to set a customized br-ex
bridge on a bare-metal platform, you can create a NodeNetworkConfigurationPolicy
custom resource (CR) that includes a customized br-ex
bridge network configuration.
Creating a For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope. |
This feature supports the following tasks:
Modifying the maximum transmission unit (MTU) for your cluster.
Modifying attributes of a different bond interface, such as MIImon (Media Independent Interface Monitor), bonding mode, or Quality of Service (QoS).
Updating DNS values.
Consider the following use cases for creating a manifest object that includes a customized br-ex
bridge:
You want to make postinstallation changes to the bridge, such as changing the Open vSwitch (OVS) or OVN-Kubernetes br-ex
bridge network. The configure-ovs.sh
shell script does not support making postinstallation changes to the bridge.
You want to deploy the bridge on a different interface than the interface available on a host or server IP address.
You want to make advanced configurations to the bridge that are not possible with the configure-ovs.sh
shell script. Using the script for these configurations might result in the bridge failing to connect multiple network interfaces and facilitating data forwarding between the interfaces.
You set a customized br-ex
by using the alternative method to configure-ovs
.
You installed the Kubernetes NMState Operator.
Create a NodeNetworkConfigurationPolicy
(NNCP) CR and define a customized br-ex
bridge network configuration. Depending on your needs, ensure that you set a masquerade IP for either the ipv4.address.ip
, ipv6.address.ip
, or both parameters. A masquerade IP address must match an in-use IP address block.
apiVersion: nmstate.io/v1
kind: NodeNetworkConfigurationPolicy
metadata:
name: worker-0-br-ex (1)
spec:
nodeSelector:
kubernetes.io/hostname: worker-0
desiredState:
interfaces:
- name: enp2s0 (2)
type: ethernet (3)
state: up (4)
ipv4:
enabled: false (5)
ipv6:
enabled: false
- name: br-ex
type: ovs-bridge
state: up
ipv4:
enabled: false
dhcp: false
ipv6:
enabled: false
dhcp: false
bridge:
port:
- name: enp2s0 (6)
- name: br-ex
- name: br-ex
type: ovs-interface
state: up
copy-mac-from: enp2s0
ipv4:
enabled: true
dhcp: true
address:
- ip: "169.254.169.2"
prefix-length: 29
ipv6:
enabled: false
dhcp: false
address:
- ip: "fd69::2"
prefix-length: 125
1 | Name of the policy. |
2 | Name of the interface. |
3 | The type of ethernet. |
4 | The requested state for the interface after creation. |
5 | Disables IPv4 and IPv6 in this example. |
6 | The node NIC to which the bridge is attached. |
When deploying OKD on bare-metal hosts, there are times when you need to make changes to the host either before or after provisioning. This can include inspecting the host’s hardware, firmware, and firmware details. It can also include formatting disks or changing modifiable firmware settings.
You can use the Bare Metal Operator (BMO) to provision, manage, and inspect bare-metal hosts in your cluster. The BMO can complete the following operations:
Provision bare-metal hosts to the cluster with a specific image.
Turn on or off a host.
Inspect hardware details of the host and report them to the bare-metal host.
Upgrade or downgrade a host’s firmware to a specific version.
Inspect firmware and configure BIOS settings.
Clean disk contents for the host before or after provisioning the host.
The BMO uses the following resources to complete these tasks:
BareMetalHost
HostFirmwareSettings
FirmwareSchema
HostFirmwareComponents
The BMO maintains an inventory of the physical hosts in the cluster by mapping each bare-metal host to an instance of the BareMetalHost
custom resource definition. Each BareMetalHost
resource features hardware, software, and firmware details. The BMO continually inspects the bare-metal hosts in the cluster to ensure each BareMetalHost
resource accurately details the components of the corresponding host.
The BMO also uses the HostFirmwareSettings
resource, the FirmwareSchema
resource, and the HostFirmwareComponents
resource to detail firmware specifications and upgrade or downgrade firmware for the bare-metal host.
The BMO interfaces with bare-metal hosts in the cluster by using the Ironic API service. The Ironic service uses the Baseboard Management Controller (BMC) on the host to interface with the machine.
The Bare Metal Operator (BMO) uses the following resources to provision, manage, and inspect bare-metal hosts in your cluster. The following diagram illustrates the architecture of these resources:
The BareMetalHost
resource defines a physical host and its properties. When you provision a bare-metal host to the cluster, you must define a BareMetalHost
resource for that host. For ongoing management of the host, you can inspect the information in the BareMetalHost
or update this information.
The BareMetalHost
resource features provisioning information such as the following:
Deployment specifications such as the operating system boot image or the custom RAM disk
Provisioning state
Baseboard Management Controller (BMC) address
Desired power state
The BareMetalHost
resource features hardware information such as the following:
Number of CPUs
MAC address of a NIC
Size of the host’s storage device
Current power state
You can use the HostFirmwareSettings
resource to retrieve and manage the firmware settings for a host. When a host moves to the Available
state, the Ironic service reads the host’s firmware settings and creates the HostFirmwareSettings
resource. There is a one-to-one mapping between the BareMetalHost
resource and the HostFirmwareSettings
resource.
You can use the HostFirmwareSettings
resource to inspect the firmware specifications for a host or to update a host’s firmware specifications.
You must adhere to the schema specific to the vendor firmware when you edit the |
Firmware settings vary among hardware vendors and host models. A FirmwareSchema
resource is a read-only resource that contains the types and limits for each firmware setting on each host model. The data comes directly from the BMC by using the Ironic service. The FirmwareSchema
resource enables you to identify valid values you can specify in the spec
field of the HostFirmwareSettings
resource.
A FirmwareSchema
resource can apply to many BareMetalHost
resources if the schema is the same.
Metal3 provides the HostFirmwareComponents
resource, which describes BIOS and baseboard management controller (BMC) firmware versions. You can upgrade or downgrade the host’s firmware to a specific version by editing the spec
field of the HostFirmwareComponents
resource. This is useful when deploying with validated patterns that have been tested against specific firmware versions.
Metal3 introduces the concept of the BareMetalHost
resource, which defines a physical host and its properties. The BareMetalHost
resource contains two sections:
The BareMetalHost
spec
The BareMetalHost
status
The spec
section of the BareMetalHost
resource defines the desired state of the host.
Parameters | Description | ||
---|---|---|---|
|
An interface to enable or disable automated cleaning during provisioning and de-provisioning. When set to |
||
bmc: address: credentialsName: disableCertificateVerification: |
The
|
||
|
The MAC address of the NIC used for provisioning the host. |
||
|
The boot mode of the host. It defaults to |
||
|
A reference to another resource that is using the host. It could be empty if another resource is not currently using the host. For example, a |
||
|
A human-provided string to help identify the host. |
||
|
A boolean indicating whether the host provisioning and deprovisioning are managed externally. When set:
|
||
|
Contains information about the BIOS configuration of bare metal hosts. Currently,
|
||
image: url: checksum: checksumType: format: |
The
|
||
|
A reference to the secret containing the network configuration data and its namespace, so that it can be attached to the host before the host boots to set up the network. |
||
|
A boolean indicating whether the host should be powered on ( |
||
raid: hardwareRAIDVolumes: softwareRAIDVolumes: |
(Optional) Contains the information about the RAID configuration for bare metal hosts. If not specified, it retains the current configuration.
See the following configuration settings:
You can set the spec: raid: hardwareRAIDVolume: [] If you receive an error message indicating that the driver does not support RAID, set the |
||
rootDeviceHints: deviceName: hctl: model: vendor: serialNumber: minSizeGigabytes: wwn: wwnWithExtension: wwnVendorExtension: rotational: |
The
|
The BareMetalHost
status represents the host’s current state, and includes tested credentials, current hardware details, and other information.
Parameters | Description |
---|---|
|
A reference to the secret and its namespace holding the last set of baseboard management controller (BMC) credentials the system was able to validate as working. |
|
Details of the last error reported by the provisioning backend, if any. |
|
Indicates the class of problem that has caused the host to enter an error state. The error types are:
|
hardware: cpu arch: model: clockMegahertz: flags: count: |
The
|
hardware: firmware: |
Contains BIOS firmware information. For example, the hardware vendor and version. |
hardware: nics: - ip: name: mac: speedGbps: vlans: vlanId: pxe: |
The
|
hardware: ramMebibytes: |
The host’s amount of memory in Mebibytes (MiB). |
hardware: storage: - name: rotational: sizeBytes: serialNumber: |
The
|
hardware: systemVendor: manufacturer: productName: serialNumber: |
Contains information about the host’s |
|
The timestamp of the last time the status of the host was updated. |
|
The status of the server. The status is one of the following:
|
|
Boolean indicating whether the host is powered on. |
provisioning: state: id: image: raid: firmware: rootDeviceHints: |
The
|
|
A reference to the secret and its namespace holding the last set of BMC credentials that were sent to the provisioning backend. |
The BareMetalHost
resource contains the properties of a physical host. You must get the BareMetalHost
resource for a physical host to review its properties.
Get the list of BareMetalHost
resources:
$ oc get bmh -n openshift-machine-api -o yaml
You can use |
Get the list of hosts:
$ oc get bmh -n openshift-machine-api
Get the BareMetalHost
resource for a specific host:
$ oc get bmh <host_name> -n openshift-machine-api -o yaml
Where <host_name>
is the name of the host.
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
creationTimestamp: "2022-06-16T10:48:33Z"
finalizers:
- baremetalhost.metal3.io
generation: 2
name: openshift-worker-0
namespace: openshift-machine-api
resourceVersion: "30099"
uid: 1513ae9b-e092-409d-be1b-ad08edeb1271
spec:
automatedCleaningMode: metadata
bmc:
address: redfish://10.46.61.19:443/redfish/v1/Systems/1
credentialsName: openshift-worker-0-bmc-secret
disableCertificateVerification: true
bootMACAddress: 48:df:37:c7:f7:b0
bootMode: UEFI
consumerRef:
apiVersion: machine.openshift.io/v1beta1
kind: Machine
name: ocp-edge-958fk-worker-0-nrfcg
namespace: openshift-machine-api
customDeploy:
method: install_coreos
online: true
rootDeviceHints:
deviceName: /dev/disk/by-id/scsi-<serial_number>
userData:
name: worker-user-data-managed
namespace: openshift-machine-api
status:
errorCount: 0
errorMessage: ""
goodCredentials:
credentials:
name: openshift-worker-0-bmc-secret
namespace: openshift-machine-api
credentialsVersion: "16120"
hardware:
cpu:
arch: x86_64
clockMegahertz: 2300
count: 64
flags:
- 3dnowprefetch
- abm
- acpi
- adx
- aes
model: Intel(R) Xeon(R) Gold 5218 CPU @ 2.30GHz
firmware:
bios:
date: 10/26/2020
vendor: HPE
version: U30
hostname: openshift-worker-0
nics:
- mac: 48:df:37:c7:f7:b3
model: 0x8086 0x1572
name: ens1f3
ramMebibytes: 262144
storage:
- hctl: "0:0:0:0"
model: VK000960GWTTB
name: /dev/disk/by-id/scsi-<serial_number>
sizeBytes: 960197124096
type: SSD
vendor: ATA
systemVendor:
manufacturer: HPE
productName: ProLiant DL380 Gen10 (868703-B21)
serialNumber: CZ200606M3
lastUpdated: "2022-06-16T11:41:42Z"
operationalStatus: OK
poweredOn: true
provisioning:
ID: 217baa14-cfcf-4196-b764-744e184a3413
bootMode: UEFI
customDeploy:
method: install_coreos
image:
url: ""
raid:
hardwareRAIDVolumes: null
softwareRAIDVolumes: []
rootDeviceHints:
deviceName: /dev/disk/by-id/scsi-<serial_number>
state: provisioned
triedCredentials:
credentials:
name: openshift-worker-0-bmc-secret
namespace: openshift-machine-api
credentialsVersion: "16120"
After you deploy an OKD cluster on bare metal, you might need to edit a node’s BareMetalHost
resource. Consider the following examples:
You deploy a cluster with the Assisted Installer and need to add or edit the baseboard management controller (BMC) host name or IP address.
You want to move a node from one cluster to another without deprovisioning it.
Ensure the node is in the Provisioned
, ExternallyProvisioned
, or Available
state.
Get the list of nodes:
$ oc get bmh -n openshift-machine-api
Before editing the node’s BareMetalHost
resource, detach the node from Ironic by running the following command:
$ oc annotate baremetalhost <node_name> -n openshift-machine-api 'baremetalhost.metal3.io/detached=true' (1)
1 | Replace <node_name> with the name of the node. |
Edit the BareMetalHost
resource by running the following command:
$ oc edit bmh <node_name> -n openshift-machine-api
Reattach the node to Ironic by running the following command:
$ oc annotate baremetalhost <node_name> -n openshift-machine-api 'baremetalhost.metal3.io/detached'-
When the Bare Metal Operator (BMO) deletes a BareMetalHost
resource, Ironic deprovisions the bare-metal host with a process called cleaning. When cleaning fails, Ironic retries the cleaning process three times, which is the source of the latency. The cleaning process might not succeed, causing the provisioning status of the bare-metal host to remain in the deleting state indefinitely. When this occurs, use the following procedure to disable the cleaning process.
Do not remove finalizers from the |
If the cleaning process fails and restarts, wait for it to finish. This might take about 5 minutes.
If the provisioning status remains in the deleting state, disable the cleaning process by modifying the BareMetalHost
resource and setting the automatedCleaningMode
field to disabled
.
See "Editing a BareMetalHost resource" for additional details.
You can attach a generic, non-bootable ISO virtual media image to a provisioned node by using the DataImage
resource. After you apply the resource, the ISO image becomes accessible to the operating system after it has booted. This is useful for configuring a node after provisioning the operating system and before the node boots for the first time.
The node must use Redfish or drivers derived from it to support this feature.
The node must be in the Provisioned
or ExternallyProvisioned
state.
The name
must be the same as the name of the node defined in its BareMetalHost
resource.
You have a valid url
to the ISO image.
Create a DataImage
resource:
apiVersion: metal3.io/v1alpha1
kind: DataImage
metadata:
name: <node_name> (1)
spec:
url: "http://dataimage.example.com/non-bootable.iso" (2)
1 | Specify the name of the node as defined in its BareMetalHost resource. |
2 | Specify the URL and path to the ISO image. |
Save the DataImage
resource to a file by running the following command:
$ vim <node_name>-dataimage.yaml
Apply the DataImage
resource by running the following command:
$ oc apply -f <node_name>-dataimage.yaml -n <node_namespace> (1)
1 | Replace <node_namespace> so that the namespace matches the namespace for the BareMetalHost resource. For example, openshift-machine-api . |
Reboot the node.
To reboot the node, attach the |
View the DataImage
resource by running the following command:
$ oc get dataimage <node_name> -n openshift-machine-api -o yaml
apiVersion: v1
items:
- apiVersion: metal3.io/v1alpha1
kind: DataImage
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"metal3.io/v1alpha1","kind":"DataImage","metadata":{"annotations":{},"name":"bmh-node-1","namespace":"openshift-machine-api"},"spec":{"url":"http://dataimage.example.com/non-bootable.iso"}}
creationTimestamp: "2024-06-10T12:00:00Z"
finalizers:
- dataimage.metal3.io
generation: 1
name: bmh-node-1
namespace: openshift-machine-api
ownerReferences:
- apiVersion: metal3.io/v1alpha1
blockOwnerDeletion: true
controller: true
kind: BareMetalHost
name: bmh-node-1
uid: 046cdf8e-0e97-485a-8866-e62d20e0f0b3
resourceVersion: "21695581"
uid: c5718f50-44b6-4a22-a6b7-71197e4b7b69
spec:
url: http://dataimage.example.com/non-bootable.iso
status:
attachedImage:
url: http://dataimage.example.com/non-bootable.iso
error:
count: 0
message: ""
lastReconciled: "2024-06-10T12:05:00Z"
You can use the HostFirmwareSettings
resource to retrieve and manage the BIOS settings for a host. When a host moves to the Available
state, Ironic reads the host’s BIOS settings and creates the HostFirmwareSettings
resource. The resource contains the complete BIOS configuration returned from the baseboard management controller (BMC). Whereas, the firmware
field in the BareMetalHost
resource returns three vendor-independent fields, the HostFirmwareSettings
resource typically comprises many BIOS settings of vendor-specific fields per host.
The HostFirmwareSettings
resource contains two sections:
The HostFirmwareSettings
spec.
The HostFirmwareSettings
status.
HostFirmwareSettings
specThe spec
section of the HostFirmwareSettings
resource defines the desired state of the host’s BIOS, and it is empty by default. Ironic uses the settings in the spec.settings
section to update the baseboard management controller (BMC) when the host is in the Preparing
state. Use the FirmwareSchema
resource to ensure that you do not send invalid name/value pairs to hosts. See "About the FirmwareSchema resource" for additional details.
spec:
settings:
ProcTurboMode: Disabled(1)
1 | In the foregoing example, the spec.settings section contains a name/value pair that will set the ProcTurboMode BIOS setting to Disabled . |
Integer parameters listed in the |
HostFirmwareSettings
statusThe status
represents the current state of the host’s BIOS.
Parameters | Description |
---|---|
status: conditions: - lastTransitionTime: message: observedGeneration: reason: status: type: |
The
|
status: schema: name: namespace: lastUpdated: |
The
|
status: settings: |
The |
The HostFirmwareSettings
resource contains the vendor-specific BIOS properties of a physical host. You must get the HostFirmwareSettings
resource for a physical host to review its BIOS properties.
Get the detailed list of HostFirmwareSettings
resources:
$ oc get hfs -n openshift-machine-api -o yaml
You can use |
Get the list of HostFirmwareSettings
resources:
$ oc get hfs -n openshift-machine-api
Get the HostFirmwareSettings
resource for a particular host
$ oc get hfs <host_name> -n openshift-machine-api -o yaml
Where <host_name>
is the name of the host.
You can edit the HostFirmwareSettings
of provisioned hosts.
You can only edit hosts when they are in the |
Get the list of HostFirmwareSettings
resources:
$ oc get hfs -n openshift-machine-api
Edit a host’s HostFirmwareSettings
resource:
$ oc edit hfs <host_name> -n openshift-machine-api
Where <host_name>
is the name of a provisioned host. The HostFirmwareSettings
resource will open in the default editor for your terminal.
Add name/value pairs to the spec.settings
section:
spec:
settings:
name: value (1)
1 | Use the FirmwareSchema resource to identify the available settings for the host. You cannot set values that are read-only. |
Save the changes and exit the editor.
Get the host’s machine name:
$ oc get bmh <host_name> -n openshift-machine name
Where <host_name>
is the name of the host. The machine name appears under the CONSUMER
field.
Annotate the machine to delete it from the machineset:
$ oc annotate machine <machine_name> machine.openshift.io/delete-machine=true -n openshift-machine-api
Where <machine_name>
is the name of the machine to delete.
Get a list of nodes and count the number of worker nodes:
$ oc get nodes
Get the machineset:
$ oc get machinesets -n openshift-machine-api
Scale the machineset:
$ oc scale machineset <machineset_name> -n openshift-machine-api --replicas=<n-1>
Where <machineset_name>
is the name of the machineset and <n-1>
is the decremented number of worker nodes.
When the host enters the Available
state, scale up the machineset to make the HostFirmwareSettings
resource changes take effect:
$ oc scale machineset <machineset_name> -n openshift-machine-api --replicas=<n>
Where <machineset_name>
is the name of the machineset and <n>
is the number of worker nodes.
When the user edits the spec.settings
section to make a change to the HostFirmwareSetting
(HFS) resource, the Bare Metal Operator (BMO) validates the change against the FimwareSchema
resource, which is a read-only resource. If the setting is invalid, the BMO will set the Type
value of the status.Condition
setting to False
and also generate an event and store it in the HFS resource. Use the following procedure to verify that the resource is valid.
Get a list of HostFirmwareSetting
resources:
$ oc get hfs -n openshift-machine-api
Verify that the HostFirmwareSettings
resource for a particular host is valid:
$ oc describe hfs <host_name> -n openshift-machine-api
Where <host_name>
is the name of the host.
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ValidationFailed 2m49s metal3-hostfirmwaresettings-controller Invalid BIOS setting: Setting ProcTurboMode is invalid, unknown enumeration value - Foo
If the response returns |
BIOS settings vary among hardware vendors and host models. A FirmwareSchema
resource is a read-only resource that contains the types and limits for each BIOS setting on each host model. The data comes directly from the BMC through Ironic. The FirmwareSchema
enables you to identify valid values you can specify in the spec
field of the HostFirmwareSettings
resource. The FirmwareSchema
resource has a unique identifier derived from its settings and limits. Identical host models use the same FirmwareSchema
identifier. It is likely that multiple instances of HostFirmwareSettings
use the same FirmwareSchema
.
Parameters | Description |
---|---|
<BIOS_setting_name> attribute_type: allowable_values: lower_bound: upper_bound: min_length: max_length: read_only: unique: |
The
|
Each host model from each vendor has different BIOS settings. When editing the HostFirmwareSettings
resource’s spec
section, the name/value pairs you set must conform to that host’s firmware schema. To ensure you are setting valid name/value pairs, get the FirmwareSchema
for the host and review it.
To get a list of FirmwareSchema
resource instances, execute the following:
$ oc get firmwareschema -n openshift-machine-api
To get a particular FirmwareSchema
instance, execute:
$ oc get firmwareschema <instance_name> -n openshift-machine-api -o yaml
Where <instance_name>
is the name of the schema instance stated in the HostFirmwareSettings
resource (see Table 3).
Metal3 provides the HostFirmwareComponents
resource, which describes BIOS and baseboard management controller (BMC) firmware versions. The HostFirmwareComponents
resource contains two sections:
The HostFirmwareComponents
spec
The HostFirmwareComponents
status
The spec
section of the HostFirmwareComponents
resource defines the desired state of the host’s BIOS and BMC versions.
Parameters | Description |
---|---|
updates: component: url: |
The
|
The status
section of the HostFirmwareComponents
resource returns the current status of the host’s BIOS and BMC versions.
Parameters | Description |
---|---|
components: component: initialVersion: currentVersion: lastVersionFlashed: updatedAt: |
The
|
updates: component: url: |
The
|
The HostFirmwareComponents
resource contains the specific firmware version of the BIOS and baseboard management controller (BMC) of a physical host. You must get the HostFirmwareComponents
resource for a physical host to review the firmware version and status.
Get the detailed list of HostFirmwareComponents
resources:
$ oc get hostfirmwarecomponents -n openshift-machine-api -o yaml
Get the list of HostFirmwareComponents
resources:
$ oc get hostfirmwarecomponents -n openshift-machine-api
Get the HostFirmwareComponents
resource for a particular host:
$ oc get hostfirmwarecomponents <host_name> -n openshift-machine-api -o yaml
Where <host_name>
is the name of the host.
---
apiVersion: metal3.io/v1alpha1
kind: HostFirmwareComponents
metadata:
creationTimestamp: 2024-04-25T20:32:06Z"
generation: 1
name: ostest-master-2
namespace: openshift-machine-api
ownerReferences:
- apiVersion: metal3.io/v1alpha1
blockOwnerDeletion: true
controller: true
kind: BareMetalHost
name: ostest-master-2
uid: 16022566-7850-4dc8-9e7d-f216211d4195
resourceVersion: "2437"
uid: 2038d63f-afc0-4413-8ffe-2f8e098d1f6c
spec:
updates: []
status:
components:
- component: bios
currentVersion: 1.0.0
initialVersion: 1.0.0
- component: bmc
currentVersion: "1.00"
initialVersion: "1.00"
conditions:
- lastTransitionTime: "2024-04-25T20:32:06Z"
message: ""
observedGeneration: 1
reason: OK
status: "True"
type: Valid
- lastTransitionTime: "2024-04-25T20:32:06Z"
message: ""
observedGeneration: 1
reason: OK
status: "False"
type: ChangeDetected
lastUpdated: "2024-04-25T20:32:06Z"
updates: []
You can edit the HostFirmwareComponents
resource of a node.
Get the detailed list of HostFirmwareComponents
resources:
$ oc get hostfirmwarecomponents -n openshift-machine-api -o yaml
Edit a host’s HostFirmwareComponents
resource:
$ oc edit <host_name> hostfirmwarecomponents -n openshift-machine-api (1)
1 | Where <host_name> is the name of the host. The HostFirmwareComponents resource will open in the default editor for your terminal. |
---
apiVersion: metal3.io/v1alpha1
kind: HostFirmwareComponents
metadata:
creationTimestamp: 2024-04-25T20:32:06Z"
generation: 1
name: ostest-master-2
namespace: openshift-machine-api
ownerReferences:
- apiVersion: metal3.io/v1alpha1
blockOwnerDeletion: true
controller: true
kind: BareMetalHost
name: ostest-master-2
uid: 16022566-7850-4dc8-9e7d-f216211d4195
resourceVersion: "2437"
uid: 2038d63f-afc0-4413-8ffe-2f8e098d1f6c
spec:
updates:
- name: bios (1)
url: https://myurl.with.firmware.for.bios (2)
- name: bmc (3)
url: https://myurl.with.firmware.for.bmc (4)
status:
components:
- component: bios
currentVersion: 1.0.0
initialVersion: 1.0.0
- component: bmc
currentVersion: "1.00"
initialVersion: "1.00"
conditions:
- lastTransitionTime: "2024-04-25T20:32:06Z"
message: ""
observedGeneration: 1
reason: OK
status: "True"
type: Valid
- lastTransitionTime: "2024-04-25T20:32:06Z"
message: ""
observedGeneration: 1
reason: OK
status: "False"
type: ChangeDetected
lastUpdated: "2024-04-25T20:32:06Z"
1 | To set a BIOS version, set the name attribute to bios . |
2 | To set a BIOS version, set the url attribute to the URL for the firmware version of the BIOS. |
3 | To set a BMC version, set the name attribute to bmc . |
4 | To set a BMC version, set the url attribute to the URL for the firmware verison of the BMC. |
Save the changes and exit the editor.
Get the host’s machine name:
$ oc get bmh <host_name> -n openshift-machine name (1)
1 | Where <host_name> is the name of the host. The machine name appears under the CONSUMER field. |
Annotate the machine to delete it from the machine set:
$ oc annotate machine <machine_name> machine.openshift.io/delete-machine=true -n openshift-machine-api (1)
1 | Where <machine_name> is the name of the machine to delete. |
Get a list of nodes and count the number of worker nodes:
$ oc get nodes
Get the machine set:
$ oc get machinesets -n openshift-machine-api
Scale the machine set:
$ oc scale machineset <machineset_name> -n openshift-machine-api --replicas=<n-1> (1)
1 | Where <machineset_name> is the name of the machine set and <n-1> is the decremented number of worker nodes. |
When the host enters the Available
state, scale up the machine set to make the HostFirmwareComponents
resource changes take effect:
$ oc scale machineset <machineset_name> -n openshift-machine-api --replicas=<n> (1)
1 | Where <machineset_name> is the name of the machine set and <n> is the number of worker nodes. |