Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Install

All yarnman install commands need to be run with sudo

ym-set-static-ip.sh

ym-generate-certs.sh

ym-install.sh

Upgrade

All yarnman upgrade commands need to be run with sudo

ym-upgrade.sh

This command upgrades yarnman

Take a vmware snapshot before starting the upgrade process

Copy the upgrade file into /var/opt/yarnlab/upgrade  eg wget http://xxxxxxxx or sftp/scp the file onto the server

SSH into the yarnman host and change into the directory /var/opt/yarnlab/upgrade 

Note that you may need to rename the file to the following format if you ssh client cannot accept : ym-registry:package-upgrade-master-<version>-<build>.tar.gz i.e. ym-registry:package-upgrade-master-2.6.5-81d5809c.tar.gz

run the command yarnman@host [ ~ ]$ sudo ym-upgrade.sh ym-registry:package-upgrade-master-2.6.5-81d5809c.tar.gz

Yarnman Upgrade file  found /var/opt/yarnlab/upgrade/ym-registry:package-upgrade-yl-ph-8023676b.tar.gz
Do you want to upgrade yarnman to ym-registry:package-upgrade-yl-ph-8023676b.tar.gz ? Y or Ny
Upgrade yarnman
Stopping yarnman services
Stopping local registry containers
Removing local registry images
Loading local registry package tgz
Loaded image: ym-registry:package
Launching  yarnman registry
f39ac12322df9a3add72c0ad135e691c6fc3ca0fc7be463a5b4534b88e8e68e6
Loading upgrade pre-req script from registry container
Starting upgrade pre-req script
TEMP upgrade script
Setting up tang
groupadd: group 'ym-tang-app-gp' already exists
Showing package container registry catalog
{"repositories":["ym-couchdb","ym-ostree-upgrade","ym-redis","ym-tang","ym-yarnman"]}
{"name":"ym-ostree-upgrade","tags":["yl-ph-8023676b"]}
{"name":"ym-yarnman","tags":["yl-ph-8023676b"]}
[+] Running 2/4
*** lots of docker pull output ***
*** lots of ostree output ***
State: idle
Deployments:
  photon:photon/4.0/x86_64/yarnman
                   Version: 4.0_yarnman (2022-11-16T23:54:09Z)
                    Commit: 9941830a095f3a8630eabca846414afa03a935e95462845f7e71cc17f8437438
              GPGSignature: Valid signature by 352365935446AC840528AF8703F9C95608035F3C
                      Diff: 15 added

● photon:photon/4.0/x86_64/yarnman
                   Version: 4.0_yarnman (2022-11-14T04:04:13Z)
                    Commit: 7fe66e8afc639d7a006b60208b5981748426ef4487581924e897d69a7b7c87cd
              GPGSignature: Valid signature by 352365935446AC840528AF8703F9C95608035F3C
Do you want to remove upgrade file ? Y or N
Removing :ym-registry:package-upgrade-yl-ph-n18-a23846af.tar.gz
Removing old containers
Removing old yarnman image :localhost:5000/ym-yarnman:yl-ph-n18-475aac7a
Removing old couchdb image :localhost:5000/ym-couchdb:yl-ph-n18-475aac7a
Removing old redis image :localhost:5000/ym-redis:yl-ph-n18-475aac7a
Removing old tang image :localhost:5000/ym-tang:yl-ph-n18-475aac7a
Do you want to reboot yarnman ? Y or N 
Reboot yarnman

A reboot may be required to apply OS patches if they are bundled into the update.

Service Commands

All yarnman service commands need to be run with sudo

ym-service-commands.sh start

This command starts the yarnman services

yarnman@yarnman-test [ ~ ]$ sudo ym-service-commands.sh start
starting yarnman.service
● yarnman.service - yarnman
     Loaded: loaded (/usr/lib/systemd/system/yarnman.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2022-08-17 08:24:21 UTC; 5ms ago
    Process: 56027 ExecStartPre=/usr/bin/docker-compose -f docker-compose.yml down (code=exited, status=0/SUCCESS)
   Main PID: 56037 (docker-compose)
      Tasks: 5 (limit: 4694)
     Memory: 5.0M
     CGroup: /system.slice/yarnman.service
             └─56037 /usr/bin/docker-compose -f docker-compose.yml -f docker-compose-override.yml up --remove-orphans

ym-service-commands.sh stop

This command stops the yarnman services

yarnman@yarnman-test [ ~ ]$ sudo ym-service-commands.sh stop
stopping yarnman.service
● yarnman.service - yarnman
     Loaded: loaded (/usr/lib/systemd/system/yarnman.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Wed 2022-08-17 08:24:16 UTC; 6ms ago
    Process: 4221 ExecStart=/usr/bin/docker-compose -f docker-compose.yml -f docker-compose-override.yml up --remove-orphans (code=exited, status=0/SUCCESS)
    Process: 55552 ExecStop=/usr/bin/docker-compose -f docker-compose.yml down (code=exited, status=0/SUCCESS)
   Main PID: 4221 (code=exited, status=0/SUCCESS)

Aug 17 08:24:14 yarnman-test docker-compose[4221]: ym-redis exited with code 0
Aug 17 08:24:14 yarnman-test docker-compose[55552]: Container ym-redis  Removed
Aug 17 08:24:15 yarnman-test docker-compose[55552]: Container ym-couchdb  Stopped
Aug 17 08:24:15 yarnman-test docker-compose[55552]: Container ym-couchdb  Removing
Aug 17 08:24:15 yarnman-test docker-compose[4221]: ym-couchdb exited with code 0
Aug 17 08:24:15 yarnman-test docker-compose[55552]: Container ym-couchdb  Removed
Aug 17 08:24:15 yarnman-test docker-compose[55552]: Network yarnman_yl-yarnman  Removing
Aug 17 08:24:16 yarnman-test docker-compose[55552]: Network yarnman_yl-yarnman  Removed
Aug 17 08:24:16 yarnman-test systemd[1]: yarnman.service: Succeeded.
Aug 17 08:24:16 yarnman-test systemd[1]: Stopped yarnman.

ym-service-commands.sh restart

this command restarts the yarnman services

yarnman@yarnman-test [ ~ ]$ sudo ym-service-commands.sh restart
restarting yarnman.service
● yarnman.service - yarnman
     Loaded: loaded (/usr/lib/systemd/system/yarnman.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2022-08-17 08:27:36 UTC; 6ms ago
    Process: 63277 ExecStartPre=/usr/bin/docker-compose -f docker-compose.yml down (code=exited, status=0/SUCCESS)
   Main PID: 63287 (docker-compose)
      Tasks: 6 (limit: 4694)
     Memory: 4.9M
     CGroup: /system.slice/yarnman.service
             └─63287 /usr/bin/docker-compose -f docker-compose.yml -f docker-compose-override.yml up --remove-orphans

Aug 17 08:27:36 yarnman-test systemd[1]: Starting yarnman...
Aug 17 08:27:36 yarnman-test docker-compose[63277]: yarnman  Warning: No resource found to remove
Aug 17 08:27:36 yarnman-test systemd[1]: Started yarnman.

ym-service-commands.sh reboot

this command reboots the yarnman appliance

sudo ym-service-commands.sh reboot
rebooting yarnman

ym-service-commands.sh status

this command shows the systemd service status

yarnman@yarnman-test [ ~ ]$ sudo ym-service-commands.sh status
● yarnman.service - yarnman
     Loaded: loaded (/usr/lib/systemd/system/yarnman.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2022-08-17 08:29:13 UTC; 4s ago
    Process: 67157 ExecStartPre=/usr/bin/docker-compose -f docker-compose.yml down (code=exited, status=0/SUCCESS)
   Main PID: 67167 (docker-compose)
      Tasks: 9 (limit: 4694)
     Memory: 15.7M
     CGroup: /system.slice/yarnman.service
             └─67167 /usr/bin/docker-compose -f docker-compose.yml -f docker-compose-override.yml up --remove-orphans

Aug 17 08:29:14 yarnman-test docker-compose[67167]: ym-couchdb  | [info] 2022-08-17T08:29:14.759420Z nonode@nohost <0.11.0> -------- Application ddoc_cache started on node nonode@nohost
Aug 17 08:29:14 yarnman-test docker-compose[67167]: ym-couchdb  | [info] 2022-08-17T08:29:14.769878Z nonode@nohost <0.11.0> -------- Application global_changes started on node nonode@nohost
Aug 17 08:29:14 yarnman-test docker-compose[67167]: ym-couchdb  | [info] 2022-08-17T08:29:14.769962Z nonode@nohost <0.11.0> -------- Application jiffy started on node nonode@nohost
Aug 17 08:29:14 yarnman-test docker-compose[67167]: ym-couchdb  | [info] 2022-08-17T08:29:14.774590Z nonode@nohost <0.11.0> -------- Application mango started on node nonode@nohost
Aug 17 08:29:14 yarnman-test docker-compose[67167]: ym-couchdb  | [info] 2022-08-17T08:29:14.779025Z nonode@nohost <0.11.0> -------- Application setup started on node nonode@nohost
Aug 17 08:29:14 yarnman-test docker-compose[67167]: ym-couchdb  | [info] 2022-08-17T08:29:14.779045Z nonode@nohost <0.11.0> -------- Application snappy started on node nonode@nohost
Aug 17 08:29:15 yarnman-test docker-compose[67167]: ym-yarnman  | 1660724955149 WARN  Setting Default startup.
Aug 17 08:29:15 yarnman-test docker-compose[67167]: ym-couchdb  | [notice] 2022-08-17T08:29:15.166800Z nonode@nohost <0.334.0> 144d89930f localhost:5984 127.0.0.1 undefined GET / 200 ok 70
Aug 17 08:29:16 yarnman-test docker-compose[67167]: ym-couchdb  | [notice] 2022-08-17T08:29:16.252345Z nonode@nohost <0.335.0> 23ea8ef0ca localhost:5984 127.0.0.1 undefined GET / 200 ok 1
Aug 17 08:29:17 yarnman-test docker-compose[67167]: ym-couchdb  | [notice] 2022-08-17T08:29:17.323062Z nonode@nohost <0.465.0> a377eb4c4c localhost:5984 127.0.0.1 undefined GET / 200 ok 0

ym-service-commands.sh status-pm2

this command shows the internal processes of yarnman

yarnman@yarnman-test [ ~ ]$ sudo ym-service-commands.sh status-pm2
┌─────┬──────────────────────────────────────────────────────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐
│ id  │ name                                                     │ namespace   │ version │ mode    │ pid      │ uptime │ ↺    │ status    │ cpu      │ mem      │ user     │ watching │
├─────┼──────────────────────────────────────────────────────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤
│ 2   │ administration-app-0ca298ae6a834cf29c661930c58cb621      │ default     │ 2.5.18  │ fork    │ 236      │ 10s    │ 0    │ online    │ 0%       │ 137.8mb  │ ym-… │ enabled  │
│ 0   │ arm_fc30b4f5d59f4275829ff8b65d02914b                     │ default     │ 2.5.18  │ fork    │ 121      │ 19s    │ 5    │ online    │ 0%       │ 65.1mb   │ ym-… │ enabled  │
│ 3   │ interconnect-service-49ab91419f064823b8ab85806b3b4ce1    │ default     │ 2.5.18  │ fork    │ 260      │ 8s     │ 0    │ online    │ 0%       │ 138.8mb  │ ym-… │ enabled  │
│ 1   │ jadeberlin_arm_fc30b4f5d59f4275829ff8b65d02914b          │ default     │ N/A     │ fork    │ 0        │ 0      │ 4    │ errored   │ 0%       │ 0b       │ ym-… │ disabled │
│ 4   │ proxy-service-a4500ec67fcc491399dc395e12c1bbe1           │ default     │ 2.5.18  │ fork    │ 271      │ 6s     │ 0    │ online    │ 0%       │ 105.3mb  │ ym-… │ enabled  │
│ 5   │ workflow-service-8b4edbbb287c468cae0f023dd7e0cf44        │ default     │ 2.5.18  │ fork    │ 282      │ 5s     │ 0    │ online    │ 0%       │ 175.4mb  │ ym-… │ enabled  │
└─────┴──────────────────────────────────────────────────────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘
[PM2][WARN] Current process list is not synchronized with saved list. Type 'pm2 save' to synchronize.

Note that the jadeberlin service will be in an errored state till setup

Note that the status-pm2 options will change based on the terminal/console width/resolution

ym-service-commands.sh status-docker

this command shows the docker container processes

sudo ym-service-commands.sh status-docker
CONTAINER ID   IMAGE                                          COMMAND                  CREATED       STATUS                 PORTS                                                                                                                                            NAMES
203da0dedf3b   ym-local/ym-yarnman:ym-bbpatch-fcab0f3         "/bin/bash -c 'node …"   7 hours ago   Up 7 hours (healthy)   0.0.0.0:80->80/tcp, :::80->80/tcp, 0/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 0.0.0.0:6700-6710->6700-6710/udp, :::6700-6710->6700-6710/udp   ym-yarnman
edcca82fbcb8   localhost:5000/ym-couchdb:yl-ph-n18-cb516f8c   "tini -- /docker-ent…"   7 hours ago   Up 7 hours (healthy)   4369/tcp, 5984/tcp, 9100/tcp, 0.0.0.0:6984->6984/tcp, :::6984->6984/tcp                                                                          ym-couchdb
8aee8553dec6   localhost:5000/ym-tang:yl-ph-n18-cb516f8c      "/usr/local/bin/star…"   7 hours ago   Up 7 hours (healthy)   6655/tcp, 0.0.0.0:6655->8080/tcp, :::6655->8080/tcp                                                                                              ym-tang
63b6e664ab62   localhost:5000/ym-redis:yl-ph-n18-cb516f8c     "docker-entrypoint.s…"   7 hours ago   Up 7 hours (healthy)   6379/tcp   

ym-service-commands.sh stats-docker

this command shows the internal docker container resource utilisation

sudo ym-service-commands.sh stats-docker
CONTAINER ID   NAME         CPU %     MEM USAGE / LIMIT   MEM %     NET I/O           BLOCK I/O         PIDS
203da0dedf3b   ym-yarnman   7.84%     1.472GiB / 4GiB     36.79%    112MB / 660MB     11.7MB / 0B       161
edcca82fbcb8   ym-couchdb   4.70%     194.9MiB / 6GiB     3.17%     7.87MB / 29.2MB   17.5MB / 6.46MB   61
8aee8553dec6   ym-tang      3.31%     804KiB / 128MiB     0.61%     2.15kB / 0B       0B / 0B           2
63b6e664ab62   ym-redis     0.56%     11.04MiB / 512MiB   2.16%     157MB / 70.8MB    0B / 0B           5

ym-service-commands.sh yarnman-logs

This command shows the scrolling output of yarnman services press CTRL+c to exit

ym-service-commands.sh couchdb-logs

This command shows the scrolling output of dabase logs press CTRL+c to exit

ym-service-commands.sh redis-logs

This command shows the scrolling output of message bus logs press CTRL+c to exit

ym-service-commands.sh tang-logs

This command shows the scrolling output of NBE logs press CTRL+c to exit

ym-service-commands.sh tang-thp

Note that this command was previously ym-service-commands.sh tang-adv

This command shows the tag thp used for setting up configuration encryption

yarnman@ym-ph-test [ ~ ]$ sudo ym-service-commands.sh tang-adv
9_CZiwV9PKBlQfehPKZO7cd5ZpM

ym-service-commands.sh update-jtapi

This command updates jtapi for test_mate

PENDING

ym-service-commands.sh update-jtapi-local

This command updates jtapi for test_mate locally

PENDING

ym-service-commands.sh stig-hardening-check

PENDING

ym-service-commands.sh stig-hardening-run

PENDING

ym-service-commands.sh show-tech-support

This command provides an overview of the system for yarnlab tech support

sudo ym-service-commands.sh show-tech-support
YARNMAN SHOW TECH SUPPORT
YARNMAN HOSTNAME
ym-ph4-wxc
!! ommitted

Edit Configuration Commands

All yarnman edit config commands need to be run with sudo

ym-edit-config.sh enable-local-admin-access

This command enables local admin access on port 3999

sudo ym-edit-config.sh enable-local-admin-access

ym-edit-config.sh disable-local-admin-access

This command disables local admin access on port 3999

sudo ym-edit-config.sh disable-local-admin-access

ym-edit-config.sh enable-local-couchdb-access

This command enables couchdb access

sudo ym-edit-config.sh enable-local-couchdb-access

ym-edit-config.sh disable-local-couchdb-access

This command disables couchdb access

sudo ym-edit-config.sh disable-local-couchdb-access

ym-edit-config.sh set-local-yarnman-container-name

This command sets the container hostname for clustered systems

sudo ym-edit-config.sh set-local-yarnman-container-name

ym-edit-config.sh unset-local-yarnman-container-name

This command unsets the container hostname for clustered systems

sudo ym-edit-config.sh unset-local-yarnman-container-name

ym-edit-config.sh enable-yarnman-logs

This command enables yarnman trace logs

sudo ym-edit-config.sh enable-yarnman-logs

ym-edit-config.sh disable-yarnman-logs

This command enables yarnman debug logs (default)

sudo ym-edit-config.sh disable-yarnman-logs

ym-edit-config.sh set-hw-8vcpu-16gb

This command allocates 8vcpu and 16gb ram which is required for large wrangler_ migrations

sudo ym-edit-config.sh set-hw-8vcpu-16gb

ym-edit-config.sh set-hw-default

This command reverts the changes in ym-edit-config.sh set-hw-8vcpu-16gb

sudo ym-edit-config.sh set-hw-default

ym-edit-config.sh set-custom-motd

This command sets a custom MOTD

sudo ym-edit-config.sh set-custom-motd

Backup

ym-backup-setup.sh

refer to Yarnman Photon Powered (YM-PH) - Backup and Restore Guide

ym-backup-actions.sh

refer to Yarnman Photon Powered (YM-PH) - Backup and Restore Guide

Advanced Configuration

ym-encrypt-at-rest.sh

This command encrypts the local keys and configuration using clevis/tang

yarnman@ym-ph-test [ ~ ]$ sudo ym-encrypt-at-rest.sh
Database key found proceeding
Number of pins required for decryption :1
Number of pins this must be equal or greater than the number of pins required for decryption :3
Enter URL for tang server 1 :http://10.101.10.10:6655
Enter THP for tang server 1 :DwLco7FJtXWxFTprQ5M3cojJsZo
Connection successful to : http://10.101.10.10:6655
Enter URL for tang server 2 :http://10.101.10.11:6655
Enter THP for tang server 2 :0Lqk7DroJ0g3patTCgTweMUAHPc
Connection successful to : http://10.101.10.11:6655
Enter URL for tang server 3 :http://10.101.10.12:6655
Enter THP for tang server 3 :GEpmSTQfz8ctVxdgQEp_rnS3za
Connection successful to : http://10.101.10.12:6655

{
  "t": 1,
  "pins": {
    "tang": [
      {
        "url": "http://10.101.10.10:6655",
        "thp": "DwLco7FJtXWxFTprQ5M3cojJsZo"
      },
      {
        "url": "http://10.101.10.11:6655",
        "thp": "0Lqk7DroJ0g3patTCgTweMUAHPc"
      },
      {
        "url": "http://10.101.10.12:6655",
        "thp": "GEpmSTQfz8ctVxdgQEp_rnS3za"
      }
    ]
  }
}
Do you want to encrypt configuration? Y or Ny
encrypt configuration
Encrypting keys
1668397245104 INFO  Encrypting private and SSL keys using settings:
1668397245106 INFO    - not overwriting existing encrypted files and not deleting any original files after encryption
1668397245106 INFO  --------------------------------
1668397245106 INFO  Encrypting...
1668397245308 INFO    - 'private-encryption-key.pem' encrypted successfully
1668397245543 INFO    - 'ssl-key.pem' encrypted successfully
1668397245543 INFO  --------------------------------
1668397245543 INFO  Finished encrypting the files
Encrypting config
1668397245643 INFO  Starting the encryption of 1 local configuration fields through Clevis Shamir Secret Sharing
1668397245743 INFO  Attempting to encrypt the following local config fields: couchdb.password
1668397245843 INFO  Local key 'couchdb.password' encrypted successfully
1668397245943 INFO  1 local config fields encrypted, 0 fields omitted
Do you want to take a backup of database key this will be shown on console? Y orNy
Echo private key to console
-----BEGIN RSA PRIVATE KEY-----
REMOVED
-----END RSA PRIVATE KEY-----
Encrypted private key is 8129 bytes
restarting services
Config encryption is complete
  • No labels