Using CheatSheets To Apply Best Practices

CheatSheet: Cloudfoundry Tile & OpsManager

CheatSheet: Cloudfoundry Tile & OpsManager

1.1 om – Basic

Name Command
om a command-line API client for Pivotal Operations Manager
omcli alias omcli=”om -t -u admin -p <password> -k”
Upload stemcell from cli omcli upload-stemcell -s </path/stemcell.tgz>
Upload tile from cli omcli upload-product -p </path/myproduct.pivotal>
List all properties for a deployment bosh deployments, omcli curl -p /api/v0/staged/products/${bosh_deployment}/properties -s
List all installed tiles omcli curl -p /api/v0/installations
json output omcli -k --format=json staged-products

1.2 om product

Name Summary
Upload tile from cli omcli upload-product -p </path/myproduct.pivotal>
List products omcli curl -s -p /api/v0/staged/products
List all available products omcli available-products, or omcli curl -p /api/v0/available_products
List all deployed products omcli deployed-products
Delete all unused products omcli delete-unused-products
Delete product omcli -k delete-product -p pivotal-container-service -v 1.3.0-build.3
Unstage product omcli -k unstage-product -p pivotal-container-service
Stage product omcli -k stage-product -p pivotal-container-service -v 1.3.0-build.3

1.3 pivnet-cli

Name Comment
pivnet CLI to interact with Pivotal Network. Install pivnet CLI
pivnet login pivnet login --api-token <your_token>
pivnet download stemcell pivnet download-product-files -p stemcells-ubuntu-xenial -r 170.9 -g '*vsphere*' -d /tmp/

1.4 Get bosh/pks tile credential from om

Name Summary
bosh tile -> Bosh Commandline Credentials omcli curl -p /api/v0/deployed/director/credentials/bosh2_commandline_credentials
Get ops-manager ca cert omcli curl -p /api/v0/certificate_authorities
pks tile -> Uaa Admin Password omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.uaa_admin_password
pks tile -> Pks Uaa Management Admin Client omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.pks_uaa_management_admin_client
pks tile -> api server FQDN omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.pks_api_hostname
pks tile -> pks certificates omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.pivotal-container-service.pks_tls
pks tile -> whether wavefront is enabled omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.wavefront
pks tile -> wavefront token omcli curl -p /api/v0/deployed/products/${bosh_deployment}/credentials/.properties.wavefront.enabled.wavefront_token
Reference PKS CheatSheet, Bosh CheatSheet

1.5 Tile Reference

Name Command
kiln A command line tool to help you maintain tile metadata. Download kiln
Example example-product/metadata/example-product.yml.erb
service broker  
Reference Forms Reference, Product Template Reference, Property Reference, Tile Generator

1.6 Ops manager

Name Command
Release folder /var/tempest/releases
Restart Ops Manager service tempest-web stop/start
Grant file access chown tempest-web:tempest-web /var/tempest/releases/<your-release.tgz>
Tile entrance file /var/tempest/workspaces/default/metadata/*.yml
Tile jobs folder /var/vcap/jobs

1.7 Tile Challenges

Name Comment
Tiles are big It’s usually GBs. Too big to distribute
In Opsmanager, can’t cancel task Costly to make mistakes
In Opsmanager, can’t downgrade Inconvenient for development cycle
In Opsmanager, review changes is confusing The review feature should be more informative
Slow to apply changes Usually it takes hours, while minutes in kubernetes

1.8 om cli Online Help

> om --help
om helps you interact with an Ops Manager

Usage: om [options] <command> [<args>]
  --client-id, -c            string  Client ID for the Ops Manager VM (not required for unauthenticated commands, $OM_CLIENT_ID)
  --client-secret, -s        string  Client Secret for the Ops Manager VM (not required for unauthenticated commands, $OM_CLIENT_SECRET)
  --connect-timeout, -o      int     timeout in seconds to make TCP connections (default: 5)
  --format, -f               string  Format to print as (options: table,json) (default: table)
  --help, -h                 bool    prints this usage information (default: false)
  --password, -p             string  admin password for the Ops Manager VM (not required for unauthenticated commands, $OM_PASSWORD)
  --request-timeout, -r      int     timeout in seconds for HTTP requests to Ops Manager (default: 1800)
  --skip-ssl-validation, -k  bool    skip ssl certificate validation during http requests (default: false)
  --target, -t               string  location of the Ops Manager VM
  --trace, -tr               bool    prints HTTP requests and response payloads
  --username, -u             string  admin username for the Ops Manager VM (not required for unauthenticated commands, $OM_USERNAME)
  --version, -v              bool    prints the om release version (default: false)

  activate-certificate-authority  activates a certificate authority on the Ops Manager
  apply-changes                   triggers an install on the Ops Manager targeted
  available-products              list available products
  certificate-authorities         lists certificates managed by Ops Manager
  certificate-authority           prints requested certificate authority
  config-template                 **EXPERIMENTAL** generates a config template for the product
  configure-authentication        configures Ops Manager with an internal userstore and admin user account
  configure-bosh                  **DEPRECATED** configures Ops Manager deployed bosh director
  configure-director              configures the director
  configure-product               configures a staged product
  configure-saml-authentication   configures Ops Manager with SAML authentication
  create-certificate-authority    creates a certificate authority on the Ops Manager
  create-vm-extension             creates a VM extension
  credential-references           list credential references for a deployed product
  credentials                     fetch credentials for a deployed product
  curl                            issues an authenticated API request
  delete-certificate-authority    deletes a certificate authority on the Ops Manager
  delete-installation             deletes all the products on the Ops Manager targeted
  delete-product                  deletes a product from the Ops Manager
  delete-unused-products          deletes unused products on the Ops Manager targeted
  deployed-manifest               prints the deployed manifest for a product
  deployed-products               lists deployed products
  errands                         list errands for a product
  export-installation             exports the installation of the target Ops Manager
  generate-certificate            generates a new certificate signed by Ops Manager's root CA
  generate-certificate-authority  generates a certificate authority on the Opsman
  help                            prints this usage information
  import-installation             imports a given installation to the Ops Manager targeted
  installation-log                output installation logs
  installations                   list recent installation events
  pending-changes                 lists pending changes
  regenerate-certificates         deletes all non-configurable certificates in Ops Manager...
  revert-staged-changes           reverts staged changes on the Ops Manager targeted
  set-errand-state                sets state for a product's errand
  stage-product                   stages a given product in the Ops Manager targeted
  staged-config                   **EXPERIMENTAL** generates a config from a staged product
  staged-manifest                 prints the staged manifest for a product
  staged-products                 lists staged products
  unstage-product                 unstages a given product from the Ops Manager targeted
  upload-product                  uploads a given product to the Ops Manager targeted
  upload-stemcell                 uploads a given stemcell to the Ops Manager targeted
  version                         prints the om release version

1.9 More Resources

License: Code is licensed under MIT License.


Leave a Reply

Your email address will not be published. Required fields are marked *