RE: Updates announcements and testing

updated and tested:

test pool (2 hosts) iscsi storage
no problems so far.
(live-migration, snapshots, changed master in pool)

guest tools updated on
Debian 10 / 11 / Rocky Linux 8.5

Hi @randomlyhere ,

I have installed so far apcupsd and have copied from my exisiting XenServer 6.5 pool the configuration, which was tested and have also proven in production more than once the intended funtionality, (shoutdown first vApps, then remaining VMs, finally pool member hosts and pool master).

Testing on the new XCP-NG pool is still to be done and will happen in the next three weeks.

So I will report here the results after testing.

@olivierlambert

sorry, I was not detailed enough.

In order to use your APC ups via management NIC or usb cable you have to install the "apcupsd" package.

In the config file apcupsd.conf for apcupsd located in

/etc/apcupsd

you could set /define how your ups is communicating with your host(s). The possible parameters are well documented in this file.

I have not modified any iptables entry to work with my systems.

Please note that the script below is a combination of various scripts found in the web. I have modified it to my needs as far as I am able to do so.

We use a two node shared storage pool with the HALizard extention in combination with the 'vapp' function, (in order to start and stop VMs in a defined order and time). If you do not use it, you could strip off these portions of the script below. Also 'sleep' is not really needed, however I am felling better with it

If you find something to improve I am happy to learn from you.

#!/bin/bash

# XenCenter Custom Field for HA-Lizard HA
XC_FIELD_NAME=ha-lizard-enabled

# Put your pool uuid here
POOL_UUID="you_pool_UUID"

# get uuid of pool master
MASTER_UUID=`xe pool-list params=master --minimal`

# get uuid of current host
CURRENT_HOST_UUID=`cat /etc/xensource-inventory | grep -i installation_uuid |egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`

# Check if current host is pool master, as only pool master should run this script

    if [ $CURRENT_HOST_UUID != $MASTER_UUID ]
    then
        ###(uncomment following line to exit the script)
        exit

    fi

# This is supposed to switch off HA-Lizard VM restart
    xe pool-param-set uuid=$POOL_UUID other-config:XenCenter.CustomFields.$XC_FIELD_NAME=false

sleep 5s

###enumerate uuid's of all _running_ VAPPs in the pool
for VAPP in `xe appliance-list params=uuid | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do

xe appliance-shutdown uuid=$VAPP

done

sleep 10s

###enumerate uuid's of all _running_ VMs in the pool
for VM in `xe vm-list is-control-domain=false power-state=running params=uuid | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
    ###(uncomment following line to perform actual shutdown)
    xe vm-shutdown vm=$VM

done

sleep 5s

###enumerate of all XCP NG hosts in the pool except master
for HOST in `xe host-list params=uuid --minimal | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
    if [ $HOST != $MASTER_UUID ]
    then
        ###(uncomment following line to put any host except master in maintenance)
        xe host-disable uuid=$HOST

sleep 10s

    elif [ $HOST = $MASTER_UUID ]
    then
        ###(uncomment following line to put master in maintenance)
        xe host-disable uuid=$HOST
    fi
done

sleep 10s

###Shutdown all XCP NG hosts in the pool except master
for HOST in `xe host-list params=uuid --minimal | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
 if [ $HOST != $MASTER_UUID ]
    then
        ###(uncomment following line to perform actual shutdown)
        xe host-shutdown host=$HOST
    fi
done

sleep 10s

# Before we perform the shutdown sequence we turn on again HA-Lizard HA
# as after restarting we want to have the VMs in the pool running again!!!
        xe pool-param-set uuid=$POOL_UUID other-config:XenCenter.CustomFields.$XC_FIELD_NAME=true

###finally shutdown pool master
for HOST in `xe host-list params=uuid --minimal | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
   if [ $HOST = $MASTER_UUID ]
    then
        ###(uncomment following line to perform actual shutdown)
        xe host-shutdown host=$HOST
    fi
done

@Ajmind-0

I am answering myself:

As I do not want to install unwanted and unknown packages for a simple and small purpose I have choosen the apcupsd route to go.

My old pool was running without a hassle and has proven its intended function with that setup, there is no reason to change it towards NUT.

However, I have found a script from a NUT install which seems to be much more elegant than the currently used one.

I will check, test and report here the results.

I am setting up a new pool with XCP-NG 8.2.1 to replace an existing pool with XenServer 6.5.

In this forum I do not find anything about apcupsd and some limited information about NUT.

On my old pool I have used apcupsd and I was going to use it again.

The footprint on Dom0 is very limited, only one packet plus one dependency.

If I would follow the forum post with the NUT service I would have to install one package plus 51 dependencies!

In order to follow the top rule - keep DOM0 clean and mostly untouched - I wonder if the NUT way is not "recommended"?

Any thoughts and opinions about this topic are welcome?

@fohdeesha

as already mentioned, I have not modified iptables in regard to the communication with the management nic on our APC ups. It was just working by using dom0 default settings.

@dougs
Why using "pcnet" as device instead of snmp? You need to specify a username and a pass passphrase.

If you go with snmp it is quite simple to archive.

[17:17 IT1XCP-NG-SLAVE1 apcupsd]# apcaccess
APC      : 001,046,1126
DATE     : 2023-01-25 17:17:30 +0100
HOSTNAME : IT1XCP-NG-SLAVE1
VERSION  : 3.14.14 (31 May 2016) redhat
UPSNAME  : IT1USV1
CABLE    : Ethernet Link
DRIVER   : SNMP UPS Driver
UPSMODE  : Stand Alone
STARTTIME: 2022-12-11 14:08:12 +0100
STATUS   : ONLINE
LINEV    : 231.0 Volts
LOADPCT  : 9.0 Percent
BCHARGE  : 100.0 Percent
TIMELEFT : 84.0 Minutes
MBATTCHG : 45 Percent
MINTIMEL : 25 Minutes
MAXTIME  : 0 Seconds
MAXLINEV : 233.0 Volts
MINLINEV : 226.0 Volts
OUTPUTV  : 231.0 Volts
SENSE    : Unknown
DWAKE    : 12000 Seconds
DSHUTD   : 240 Seconds
DLOWBATT : 2 Minutes
LOTRANS  : 161.0 Volts
HITRANS  : 253.0 Volts
RETPCT   : 25.0 Percent
ITEMP    : 26.0 C
ALARMDEL : 5 Seconds
BATTV    : 218.0 Volts
LINEFREQ : 50.0 Hz
LASTXFER : Automatic or explicit self test
NUMXFERS : 1
XONBATT  : 2022-12-18 16:58:19 +0100
TONBATT  : 0 Seconds
CUMONBATT: 1 Seconds
XOFFBATT : 2022-12-18 16:58:20 +0100
LASTSTEST: 2022-12-18 16:58:19 +0100
SELFTEST : OK
STESTI   : 336
STATFLAG : 0x05000008
MANDATE  : 10/11/08
BATTDATE : 02/01/13
NOMOUTV  : 230 Volts
EXTBATTS : 1
FIRMWARE : 477.18.W
END APC  : 2023-01-25 17:18:09 +0100
[17:18 IT1XCP-NG-SLAVE1 apcupsd]#

@dougs

my settings are:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
xapi_nbd_input_chain  tcp  --  anywhere             anywhere             tcp dpt:nbd
ACCEPT     gre  --  anywhere             anywhere
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
xapi_nbd_output_chain  tcp  --  anywhere             anywhere             tcp spt:nbd

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere             icmp any
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootps
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere             ctstate NEW udp dpt:ha-cluster
ACCEPT     tcp  --  anywhere             anywhere             ctstate NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             ctstate NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             ctstate NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:21064
ACCEPT     udp  --  anywhere             anywhere             multiport dports hpoms-dps-lstn,netsupport
ACCEPT     all  --  10.10.10.0/24        anywhere
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain xapi_nbd_input_chain (1 references)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain xapi_nbd_output_chain (1 references)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

I have some old notes from flurweg.net about a Xenserver 6.2 setting:

Xenserver firewall, enable port:
If you want to read the values of the UPS connected to the Xenserver from another Linux host with installed CGI-Multimon connected to the Xenserver (NISIP), the Xenserver firewall blocks communication. Tcp port
3551 must be opened, for this the file "/etc/sysconfig/iptables" must be edited, the line: 

"-A RH-Firewall-1-INPUT -p tcp -m tcp -dport 631 -j ACCEPT" 
and paste it below again. In this copied line, change the port to 3551:

May this is what you need to do?

@olivierlambert

sorry, I was not detailed enough.

In order to use your APC ups via management NIC or usb cable you have to install the "apcupsd" package.

In the config file apcupsd.conf for apcupsd located in

/etc/apcupsd

you could set /define how your ups is communicating with your host(s). The possible parameters are well documented in this file.

I have not modified any iptables entry to work with my systems.

I am using

UPSTYPE snmp
DEVICE 192.168.x.xxx:161:APC:private

This works fine without touching iptables.

@ajpri1998

please look at:

https://xcp-ng.org/forum/topic/5920/apc-smart-ups-with-nic-which-service-to-use-apcupsd-or-nut/8

Please note that the script below is a combination of various scripts found in the web. I have modified it to my needs as far as I am able to do so.

We use a two node shared storage pool with the HALizard extention in combination with the 'vapp' function, (in order to start and stop VMs in a defined order and time). If you do not use it, you could strip off these portions of the script below. Also 'sleep' is not really needed, however I am felling better with it

If you find something to improve I am happy to learn from you.

#!/bin/bash

# XenCenter Custom Field for HA-Lizard HA
XC_FIELD_NAME=ha-lizard-enabled

# Put your pool uuid here
POOL_UUID="you_pool_UUID"

# get uuid of pool master
MASTER_UUID=`xe pool-list params=master --minimal`

# get uuid of current host
CURRENT_HOST_UUID=`cat /etc/xensource-inventory | grep -i installation_uuid |egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`

# Check if current host is pool master, as only pool master should run this script

    if [ $CURRENT_HOST_UUID != $MASTER_UUID ]
    then
        ###(uncomment following line to exit the script)
        exit

    fi

# This is supposed to switch off HA-Lizard VM restart
    xe pool-param-set uuid=$POOL_UUID other-config:XenCenter.CustomFields.$XC_FIELD_NAME=false

sleep 5s

###enumerate uuid's of all _running_ VAPPs in the pool
for VAPP in `xe appliance-list params=uuid | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do

xe appliance-shutdown uuid=$VAPP

done

sleep 10s

###enumerate uuid's of all _running_ VMs in the pool
for VM in `xe vm-list is-control-domain=false power-state=running params=uuid | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
    ###(uncomment following line to perform actual shutdown)
    xe vm-shutdown vm=$VM

done

sleep 5s

###enumerate of all XCP NG hosts in the pool except master
for HOST in `xe host-list params=uuid --minimal | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
    if [ $HOST != $MASTER_UUID ]
    then
        ###(uncomment following line to put any host except master in maintenance)
        xe host-disable uuid=$HOST

sleep 10s

    elif [ $HOST = $MASTER_UUID ]
    then
        ###(uncomment following line to put master in maintenance)
        xe host-disable uuid=$HOST
    fi
done

sleep 10s

###Shutdown all XCP NG hosts in the pool except master
for HOST in `xe host-list params=uuid --minimal | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
 if [ $HOST != $MASTER_UUID ]
    then
        ###(uncomment following line to perform actual shutdown)
        xe host-shutdown host=$HOST
    fi
done

sleep 10s

# Before we perform the shutdown sequence we turn on again HA-Lizard HA
# as after restarting we want to have the VMs in the pool running again!!!
        xe pool-param-set uuid=$POOL_UUID other-config:XenCenter.CustomFields.$XC_FIELD_NAME=true

###finally shutdown pool master
for HOST in `xe host-list params=uuid --minimal | egrep -o "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"`
do
   if [ $HOST = $MASTER_UUID ]
    then
        ###(uncomment following line to perform actual shutdown)
        xe host-shutdown host=$HOST
    fi
done

@chcnetconsulting

Just to mention here that your problem(s) have been addressed in the most recent version of HA-Lizard (2.3.1).

Simply upgrading and you are happy again

updated and tested:

test pool (2 hosts) iscsi storage
no problems so far.
(live-migration, snapshots, changed master in pool)

guest tools updated on
Debian 10 / 11 / Rocky Linux 8.5

Last weekend I had tested my new pool with XCP-NG 8.2.1 with apcupsd and the scripts I have found and later modified to my needs. (We use vAPPs groups to manage the start and stop order and timing of most VMs.)

We have a two node pool with the HA-Lizard extention.
(DELL R6515 / AMD EPYC 7313P 16-Core Processor)

We use a APC Smart-UPS RT 8000 RM XL online ups.
We communicate via NIC /snmp.

The shutdown script will shutdown first the vAPP group, second allremaining VMs third the slave host and finally the master host.

The test was performed twice and finally with the expected result.

However, as I have disovered some missing point in the test preparation, (daemon was not enabled, server BIOS no restart after AC loss selected), I have to repeat the test once again in the next two weeks.

I am sure that this will not change anything on the success of this solution and as Alexander has also confirmed that apcupsd is the most straightforward way I vote also for it.

We are managing in XCP-ng Center vAPPs in order to group VMs and to start, restart or stop them in a controlled order and time.

I have not found this to be possible XOA from the sources. Is this not implemented, (yet)?