Using CheatSheets To Apply Best Practices

CheatSheet: Cloudfoundry Tile & OpsManager

CheatSheet: Cloudfoundry Tile & OpsManager

1.1 om – Basic

Name Command
om A command-line API client for Pivotal Operations Manager
Download PCF vsphpere Opsmanager OVA
omcli export passwd=’CHANGEME’; alias omcli=”om -t -u admin -p $password -k”
Get uaa admin password omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.uaa_admin_password
Get bosh connect credential omcli curl -p /api/v0/deployed/director/credentials/bosh_commandline_credentials
List all installed tiles omcli curl -p /api/v0/installations
Upload tile to opsmanager via cli omcli upload-product -p </path/myproduct.pivotal>
Upload stemcell to opsmanager via cli omcli upload-stemcell -s </path/mystemcell.tgz>
Use pivnet cli to download stemcell Once pivnet login, pivnet download-product-files -p stemcells-ubuntu-xenial -r 170.15 -g '*vsphere*' -d /tmp/
Show status of apply changes omcli installation-log --id 2, omcli installation-log --id $installation_id
List all properties for a deployment bosh deployments, omcli curl -p /api/v0/staged/products/${bosh_deployment}/properties -s
json output omcli -k --format=json staged-products
Reference PKS CheatSheet, Bosh CheatSheet, Tile CheatSheet, UAA CheatSheet

1.2 Get bosh/pks tile credential from om

Name Summary
bosh tile -> Bosh Commandline Credentials omcli curl -p /api/v0/deployed/director/credentials/bosh2_commandline_credentials
Get ops-manager ca cert omcli curl -p /api/v0/certificate_authorities
pks tile -> Uaa Admin Password omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.uaa_admin_password
pks tile -> Pks Uaa Management Admin Client omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.pks_uaa_management_admin_client
pks tile -> api server FQDN omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.pks_api_hostname
pks tile -> pks certificates omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.pivotal-container-service.pks_tls
pks tile -> whether wavefront is enabled omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.wavefront
pks tile -> wavefront token omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.wavefront.enabled.wavefront_token

1.3 om product

Name Summary
Upload tile from cli omcli upload-product -p </path/myproduct.pivotal>
List products omcli curl -s -p /api/v0/staged/products
List all available products omcli available-products, or omcli curl -p /api/v0/available_products
List all deployed products omcli deployed-products
Delete all unused products omcli delete-unused-products
Delete product omcli -k delete-product -p pivotal-container-service -v 1.3.0-build.3
Unstage product omcli -k unstage-product -p pivotal-container-service
Stage product omcli -k stage-product -p pivotal-container-service -v 1.3.0-build.3

1.4 pivnet-cli

Name Comment
pivnet CLI to interact with Pivotal Network. Install pivnet CLI
pivnet login pivnet login --api-token $your_token
pivnet download stemcell pivnet download-product-files -p stemcells-ubuntu-xenial -r 170.9 -g '*vsphere*' -d /tmp/
List all products pivnet products
Show product info pivnet product -p pivotal-container-service

1.5 Tile Challenges

Name Comment
Tiles are big It’s usually GBs. Too big to distribute
In Opsmanager, can’t cancel task Costly to make mistakes
In Opsmanager, can’t downgrade Inconvenient for development cycle
In Opsmanager, review changes is confusing The review feature should be more informative
Slow to apply changes Usually it takes hours, while minutes in kubernetes

1.6 Tile Reference

Name Command
kiln A command line tool to help you maintain tile metadata. Download kiln
Example example-product/metadata/example-product.yml.erb
service broker  
Reference Forms Reference, Product Template Reference, Property Reference, Tile Generator

1.7 Ops manager

Name Command
Release folder /var/tempest/releases
Restart Ops Manager service tempest-web start, service tempest-web stop
Grant file access chown tempest-web:tempest-web /var/tempest/releases/<your-release.tgz>
Tile entrance file /var/tempest/workspaces/default/metadata/*.yml
Tile jobs folder /var/vcap/jobs

1.8 om cli Online Help

> om --help
om helps you interact with an Ops Manager

Usage: om [options] <command> [<args>]
  --client-id, -c            string  Client ID for the Ops Manager VM (not required for unauthenticated commands, $OM_CLIENT_ID)
  --client-secret, -s        string  Client Secret for the Ops Manager VM (not required for unauthenticated commands, $OM_CLIENT_SECRET)
  --connect-timeout, -o      int     timeout in seconds to make TCP connections (default: 5)
  --format, -f               string  Format to print as (options: table,json) (default: table)
  --help, -h                 bool    prints this usage information (default: false)
  --password, -p             string  admin password for the Ops Manager VM (not required for unauthenticated commands, $OM_PASSWORD)
  --request-timeout, -r      int     timeout in seconds for HTTP requests to Ops Manager (default: 1800)
  --skip-ssl-validation, -k  bool    skip ssl certificate validation during http requests (default: false)
  --target, -t               string  location of the Ops Manager VM
  --trace, -tr               bool    prints HTTP requests and response payloads
  --username, -u             string  admin username for the Ops Manager VM (not required for unauthenticated commands, $OM_USERNAME)
  --version, -v              bool    prints the om release version (default: false)

  activate-certificate-authority  activates a certificate authority on the Ops Manager
  apply-changes                   triggers an install on the Ops Manager targeted
  available-products              list available products
  certificate-authorities         lists certificates managed by Ops Manager
  certificate-authority           prints requested certificate authority
  config-template                 **EXPERIMENTAL** generates a config template for the product
  configure-authentication        configures Ops Manager with an internal userstore and admin user account
  configure-bosh                  **DEPRECATED** configures Ops Manager deployed bosh director
  configure-director              configures the director
  configure-product               configures a staged product
  configure-saml-authentication   configures Ops Manager with SAML authentication
  create-certificate-authority    creates a certificate authority on the Ops Manager
  create-vm-extension             creates a VM extension
  credential-references           list credential references for a deployed product
  credentials                     fetch credentials for a deployed product
  curl                            issues an authenticated API request
  delete-certificate-authority    deletes a certificate authority on the Ops Manager
  delete-installation             deletes all the products on the Ops Manager targeted
  delete-product                  deletes a product from the Ops Manager
  delete-unused-products          deletes unused products on the Ops Manager targeted
  deployed-manifest               prints the deployed manifest for a product
  deployed-products               lists deployed products
  errands                         list errands for a product
  export-installation             exports the installation of the target Ops Manager
  generate-certificate            generates a new certificate signed by Ops Manager's root CA
  generate-certificate-authority  generates a certificate authority on the Opsman
  help                            prints this usage information
  import-installation             imports a given installation to the Ops Manager targeted
  installation-log                output installation logs
  installations                   list recent installation events
  pending-changes                 lists pending changes
  regenerate-certificates         deletes all non-configurable certificates in Ops Manager...
  revert-staged-changes           reverts staged changes on the Ops Manager targeted
  set-errand-state                sets state for a product's errand
  stage-product                   stages a given product in the Ops Manager targeted
  staged-config                   **EXPERIMENTAL** generates a config from a staged product
  staged-manifest                 prints the staged manifest for a product
  staged-products                 lists staged products
  unstage-product                 unstages a given product from the Ops Manager targeted
  upload-product                  uploads a given product to the Ops Manager targeted
  upload-stemcell                 uploads a given stemcell to the Ops Manager targeted
  version                         prints the om release version

1.9 pivnet cli Online Help

> pivnet --help
  pivnet [OPTIONS] <command>

Application Options:
  -v, --version                  Print the version of this CLI and exit
      --format=[table|json|yaml] Format to print as (default: table)
      --verbose                  Display verbose output
      --profile=                 Name of profile (default: default)
      --config=                  Path to config file (default: /Users/zdenny/.pivnetrc)

Help Options:
  -h, --help                     Show this help message

Available commands:
  accept-eula                  Accept EULA (Available for pivots only) (aliases: ae)
  add-file-group               Add file group to release (aliases: afg)
  add-product-file             Add product file to release (aliases: apf)
  add-release-dependency       Add release dependency (aliases: ard)
  add-release-upgrade-path     Add release upgrade path (aliases: arup)
  add-user-group               Add user group to release (aliases: aug)
  add-user-group-member        Add user group member to group (aliases: augm)
  create-dependency-specifier  Create dependency specifier (aliases: cds)
  create-file-group            Create file group (aliases: cfg)
  create-product-file          Create product file (aliases: cpf)
  create-release               Create release (aliases: cr)
  create-user-group            Create user group (aliases: cug)
  curl                         Curl an endpoint (aliases: c)
  delete-dependency-specifier  Delete dependency specifier (aliases: dds)
  delete-file-group            Delete file group (aliases: dfg)
  delete-product-file          Delete product file (aliases: dpf)
  delete-release               Delete release (aliases: dr)
  delete-user-group            Delete user group (aliases: dug)
  dependency-specifier         Get dependency specifier (aliases: ds)
  dependency-specifiers        List dependency specifiers (aliases: dss)
  download-product-files       Download product files (aliases: dlpf)
  eula                         Show EULA (aliases: e)
  eulas                        List EULAs (aliases: es)
  file-group                   Show file group (aliases: fg)
  file-groups                  List file groups (aliases: fgs)
  help                         Print this help message (aliases: h)
  login                        Log in to Pivotal Network. (aliases: l)
  logout                       Log out from Pivotal Network.
  product                      Show product (aliases: p)
  product-file                 Show product file (aliases: pf)
  product-files                List product files (aliases: pfs)
  products                     List products (aliases: ps)
  release                      Show release (aliases: r)
  release-dependencies         List release dependencies (aliases: rds)
  release-types                List release types (aliases: rts)
  release-upgrade-paths        List release upgrade paths (aliases: rups)
  releases                     List releases (aliases: rs)
  remove-file-group            Remove file group from release (aliases: rfg)
  remove-product-file          Remove product file from release (aliases: rpf)
  remove-release-dependency    Remove release dependency (aliases: rrd)
  remove-release-upgrade-path  Remove release upgrade path (aliases: rrup)
  remove-user-group            Remove user group from release (aliases: rug)
  remove-user-group-member     Remove user group member from group (aliases: rugm)
  update-file-group            Update file group (aliases: ufg)
  update-product-file          Update product file (aliases: upf)
  update-release               Update release (aliases: ur)
  update-user-group            Update user group (aliases: uug)
  user-group                   Show user group (aliases: ug)
  user-groups                  List user groups (aliases: ugs)
  version                      Print the version of this CLI and exit (aliases: v)

1.10 More Resources

License: Code is licensed under MIT License.


Leave a Reply

Your email address will not be published. Required fields are marked *