Bare Metal Orchestrator can detect a configuration mismatch (drift) before provisioning a server against the blueprint provided. A blueprint is a json
file that contains mandatory details such as the firmware version, CPU count, and hardware model.
-
A drift check for servers can be triggered on demand when creating or updating a server.
-
A blueprint must be defined with values populated for firmwareVersion
, coreCount
, and hwModel
.
-
The name of the blueprint file must be blueprint
, and it must be defined in json
format.
- If the facade API is used directly by any other orchestrator, then the
Refresh-Token: <refresh-token>
must be passed in the header in addition to the Authorization: Bearer <bearer-token>
.
- Establish a CLI session on the Bare Metal Orchestrator VM and log in. For high availability configurations, establish a CLI session using the virtual IP (VIP) of the Load Balancers for the Bare Metal Orchestrator cluster.
- Run the
cat
command to view the contents of the blueprint file: cat blueprint
{
"firmwareVersion": "5.00.10.20",
"coreCount": "24",
"hwModel": "PowerEdge R640"
}
- Create a
configmap
from the blueprint. bmo create configmap dell-blueprint --from-file blueprint --label blueprint=true
- Run the
bmo get configmap
command to view the blueprint file created. - Edit the
<server_pre_scan>.yaml
file with Vim or a similar editor. For example:
vi server_pre_scan.yaml
- Configure the audit attributes such as
scan
, action
, and blueprint
. For more information about these attribute definitions, see Pre-validation audit attribute definitions. apiVersion: mw.dell.com/v4
kind: Server
metadata:
name: dell-server-1
labels:
site: gc
spec:
audit:
scan: "pre-scan"
action: "deny"
blueprint: "dell-blueprint"
# Add fields here
bmcEndPoint: "https://<BMC_IP>"
userName: "root"
password: "REDACTED"
- Save the file and quit the editor.
- Create the server instance. Run the following command.
bmo create server -f server_pre-scan.yaml
You can also run a pre-scan while editing the server using the command bmo edit server -f server_pre-scan.yaml
.
-
If there is a mismatch in the expected and actual values of the attributes and if the action is configured as allow, further provisioning of the server is continued.
-
If there is a mismatch in the expected and actual values of the attributes and if the action is configured as deny, further provisioning of the server is not performed.
-
If there is no mismatch in the expected and actual values of the attributes, further provisioning of the server is continued.
Note: If there is a mismatch in the coreCount
, further provisioning of the server is not allowed even if the action is configured as allow
.
- Run the
bmo describe server
command to view the audit status and the expected and actual values of the attributes. For more information about these attributes, see Pre-validation audit status attribute definitions. bmo describe server <server-name>
For a successful scan, the drift state transitions from none
to running
to completed
.
For an unsuccessful scan, the drift state transitions from none
to running
to failed
.
During the course of server create/update with pre-scan validation, the server moves to busy
state while collecting inventory and remains in ready
state. After the drift scan is completed, the server will move to busy
state if any further configuration changes must be applied.
The following is an example when there is no mismatch.
"audit": {
"compliant": true,
"state": "completed",
"drift": {
"firmwareVersion": {},
"coreCount": {},
"hwModel": {}
},
"lastScan": "Fri Jan 20 08:11:34 UTC 2023"
}
The following is an example if there is mismatch.
"audit": {
"compliant": false,
"state": "failed",
"drift": {
"firmwareVersion": {
"expected": "5.00.10.21",
"actual": "5.00.10.20"
},
"coreCount": {},
"hwModel": {}
},
"lastScan": "Fri Jan 20 08:11:34 UTC 2023"
}
}
Note: If
Bare Metal Orchestrator is not retrieving Backplane inventory details after running pre-validation where pre-scan action is set to allow, then reInitialize the server(edit the server with reInitialize flag) after the server comes to ready state in order to retrieve Backplane inventory details. For more about reInitialize, see
Reinitialize attribute definition.