Working in the Service Enclave

1 Working in the Service Enclave

The appliance administrator's working environment is the Service Enclave. It is the part of the system where the appliance infrastructure is controlled. It provides tools for hardware and capacity management, tenancy control, and centralized monitoring of components at all system layers.

More detailed information about the Service Enclave is provided in the Oracle Private Cloud Appliance Concepts Guide. Refer to the "Enclaves and Interfaces" section in the chapter "Architecture and Design".

This chapter describes the general usage principles of the graphical user interface and command line interface to the Service Enclave.

Note:

You access the Service Web UI using a web browser. For support information, please refer to the Oracle software web browser support policy.

Using the Service Web UI

The Service Web UI is the graphical interface to the Service Enclave. You can use the Service Web UI on its own or with the Service CLI to complete tasks. The Service Web UI provides the same core functionality as the Service CLI, however, the Service CLI does have some additional operations that do not have a UI equivalent.

This section provides general guidelines for using the Service Web UI. The actual commands and their functions are documented throughout the Oracle Private Cloud Appliance Administrator Guide as part of the step-by-step instructions.

To log into the Service Web UI, complete the following steps:

In a supported browser, enter the URL for your Oracle Private Cloud Appliance.

For example, https://adminconsole.pcasys1.example.com where pcasys1 is the name of your Private Cloud Appliance and example.com is your domain.

The Sign In page is displayed.
Enter your Username and Password, and then click Sign In.

The Private Cloud Appliance dashboard displays with quick action tiles.

Note:

If this is the first log in after a Private Cloud Appliance installation, the dashboard displays the ASR Phone Home page so you can register your system with My Oracle Support.

For more information, see Registering Private Cloud Appliance for Oracle Auto Service Request.

Navigating the Dashboard

When you log into the Service Enclave, the dashboard is displayed with a Quick Actions area containing clickable tiles for common tasks, such as viewing rack unit, tenancy, and appliance details and managing users and the network environment.

In the Observability & Management part of the dashboard, there is a quick action tile for Monitoring. When you click Monitoring, the Grafana console opens. For more information, see Using Grafana.

In the top bar of the dashboard you can locate the realm and the system and domain names for your Private Cloud Appliance. You will see your user name in the top bar, as well, with links to your profile information, hardware data sync, oracle.com, and the ability to sign out.

Note:

The dashboard is static and not configurable.

The navigation menu, which you can click on or tab to, lists appliance components and resources that you can manage within the Service Enclave of Private Cloud Appliance. When you click on an item in the navigation menu, a page is displayed that contains information about the component or resource. The following table provides details about what you can expect to find on these component and resource pages.

Component or Resource	Information Provided
Appliance Details	Read-only appliance configuration details and an option to edit rack name and description. For more information, see Displaying Rack Component Details.
Network Environment	Read-only network configuration information and an Edit button that opens a Configure Network Params wizard where you can modify: Routing uplink gateway, VLAN, and HSRP group, and spine virtual IP Management nodes IPs and hostnames Uplink port speed, count, port FEC, VLAN MTU, and netmask and spine IPs NTP servers IP addresses Admin network status DNS servers IP addresses Public IP ranges and object storage IP For more information, see Reconfiguring the Network Environment.
Rack Units	Read-only list of all hardware components installed in the rack and detected by the appliance software and the following information for each: Name Rack unit type State Rack elevation Each component also has an Actions menu (three dots) with a View Details link to a component's detail page. For management nodes, switches, and storage controllers, the detail pages provide read-only rack unit and system information. For more information, see Displaying Rack Component Details. For each compute node in the list, you can see additional information: Provisioning state Maintenance lock Provisioned lock A compute node's detail page provides read-only compute node, rack unit, and system information. Additionally, from either its detail page or the Actions menu, you can perform several actions on a compute node, such as locking for maintenance, migrating all virtual machines, stopping, deprovisioning. For more information, see Performing Compute Node Operations.
Tenancies	Read-only list of all tenancies in the system and the following information for each: Name Description Action menu Contains options to view a tenancy's details page, edit a tenancy's description, or delete a tenancy. You can also edit or delete a tenancy from its details page. A Create Tenancy button. For more information, see Tenancy Management.
Identity Providers	Read-only list of identity providers and the following information for each: Name Force Authentication Encrypt Assertion Action menu Contains options to view an identity provider's details page and edit or delete the identity provider. You can also edit or delete an identity provider from its details page. A Create Identity Provider button. For more information, see Federating with Microsoft Active Directory.
IDP Group Mappings	Read-only list of IDP group mappings in the system and the following information for each: Name IDP Group Name Admin Group Name Description Action menu Contains options to view read-only information on an IDP group mapping details page. MORE... A Create Group Mapping button. For more information, see Federating with Microsoft Active Directory.
Users	Read only list of users in the system and the following information for each: Name Authorization Group Default User Action menu Contains options to view read-only information on a user's details page, change a user password, or delete a user. You can also change a user password or delete a user from its details page. A Create User button. For more information, see Administrator Account Management.
Jobs	Read-only list of jobs that ran and the following information for each: Object type Start and end times Run status - Active, Succeeded, Failed, or Aborted Action menu Contains an option to view read-only information on a job's details page, which includes the user account that the job ran from.
Upgrade & Patching	Read-only list of upgrade and patching jobs that ran and the following information for each: Job name Request and job IDs Start and end times Command name Result - Passed, Failed, Not Run, Cancelled, or None A Create Upgrade or Patch button, where you can select: Upgrade Request - includes several types of upgrades, such as compute node, host, ILOM, Kubernetes, and platform. Patch Request - includes several types of patches, such as compute node, host, ILOM, Kubernetes, OCI Images, and platform. For more information, see System Upgrade.
ASR Phone Home	Read-only auto service request information and a Register button where you can register your Private Cloud Appliance. For more information, see Using Auto Service Requests.

Using the Service CLI

The command line interface to the Service Enclave, which we refer to as the Service CLI in the documentation, is available through the Oracle Linux shell on the management nodes. There is no additional installation or configuration required. The CLI provides access to all the functionality of the Service Web UI, as well as several additional operations that do not have a UI equivalent.

This section provides general guidelines for using the Service CLI. The actual commands and their functions are documented throughout the Oracle Private Cloud Appliance Administrator Guide as part of the step-by-step instructions in the chapters that follow.

Accessing the CLI

To access the Service CLI you establish an SSH connection to TCP port 30006 on one of the management nodes. Log in with an authorized administrator account. After successful authentication, the PCA-ADMIN> prompt is displayed.

$ ssh admin@pcamn02 -p 30006
Password authentication
Password:
PCA-ADMIN>

You are now in an interactive, closed shell environment where you perform administrative operations by entering commands at this prompt. The command syntax and completion functions are described below. To terminate your CLI session, enter the exit command.

Command Syntax

In general, commands entered in the Service CLI have the following syntax:

PCA-ADMIN> command objectType <attributes> [options]

where:

command is the command type to be initiated, for example: list or create.
objectType is the target component or process affected by the command, for example: list ComputeNode or create Tenant.
attributes are properties used to identify a specific object of the selected type to which the command must be applied, for example: show ManagementNode name=pcamn02.
options are additional parameters that may be provided to affect the behavior of the command.

For example, you can add sorting and filtering options to the list command and select which data columns (fields) to display: list RackUnit fields ipAddress,name,rackElevation,serialNumber,firmwareVersion where state eq running.

The main elements of a command are separated by a space. Attributes are specified as "type=value". Lists are entered as a comma-separated series of values (such as fields ipAddress,name,rackElevation,serialNumber,firmwareVersion).

Help and Command Completion

The Service CLI includes a help command. It shows how the most common types of commands are used, which helps you get familiar with the basics of the CLI.

PCA-ADMIN> help
For Most Object Types:
    create <objectType> [(attribute1)="value1"] ... [on <objectType> <instance>]
    delete <objectType> <instance>
    edit <objectType> <instance>  (attribute1)="value1" ...
    list <objectType> [fields (attribute1,attribute2)]where [(filterableAttribute1)  \
         <filterComparator> "value1" [AND|OR] [(filterableAttribute2) <filterComparator> "value2"
    show <objectType> <instance>
For Most Object Types with Children:
    add <objectType> <instance> to <objectType> <instance>
    remove <objectType> <instance> from <objectType> <instance>
Other Commands:
    exit
    showallcustomcmds
    showcustomcmds <objectType>
    showobjtypes

The easiest way to learn which commands and object types are available, is to use the question mark ("?"). After logging in, you start by entering "?" at the CLI prompt, in order to display the set of base commands.

PCA-ADMIN> ?
           add
           clear
           count
           create
           delete
           edit
           [...]

You can drill down into the commands, object types and other elements by adding the "?" to see the available parameters at that cursor position.

Note:

Mind the position of the question mark: it is separated from the command by a space. If you omit the space, the CLI displays the parameters allowed at the level of that command, instead of the parameters that may follow after the command.

For example, if you want to see which object types you can list, type list ? and press Enter. Next, assume that you want to find compute nodes that have not yet been provisioned. To achieve this, you can display a list of compute nodes filtered by their provisioning state. The "?" allows you to navigate through the command parameters, as shown below. Each time you type "?" the CLI displays the parameters you can use at the cursor position. Press the Up arrow key to bring back the part of the command you already typed at the prompt, then add the next part of your command, and type "?" again to display the next set of parameters. When your command is complete, press Enter.

PCA-ADMIN> list ?
                AuthorizationGroup
                ComputeNode
                Event
                Fault
                [...]
PCA-ADMIN> list ComputeNode ?
                            fields
                            limit
                            orderby
                            where
PCA-ADMIN> list ComputeNode where ?
                                  id
                                  provisioningState
                                  provisioningStateLastChangedTime
                                  provisioningType
                                  faultDomain
                                  [...]
PCA-ADMIN> list ComputeNode where provisioningState ?
                                                    EQ
                                                    NE
                                                    LIKE
                                                    [...]
PCA-ADMIN> list ComputeNode where provisioningState EQ ?
                                                       READYTOPROVISION
                                                       PROVISIONED
PCA-ADMIN> list ComputeNode where provisioningState EQ READYTOPROVISION
Command: list ComputeNode where provisioningState EQ READYTOPROVISION
Status: Success
Time: 2021-06-25 14:04:16,837 UTC
Data:
  id                                     name       provisioningState
  --                                     ----       -----------------  
  bb940637-9825-4f7c-a5f4-1b49bcf6a5c9   pcacn005   Ready To Provision
  76df44a9-6980-4242-a3a2-e1614b3d44d1   pcacn008   Ready To Provision
  8fc0d06f-c64a-40ea-8a20-89680f03eb5e   pcacn011   Ready To Provision

The Service CLI also provides a form of tab completion. When you start to type a command and press the Tab key, the CLI auto-completes the part it can predict. If more than one possible value remains, you should add at least one more letter and press the Tab key again. The following examples illustrate how the CLI performs tab completion.

Tab completion with one possible match

PCA-ADMIN> list Com<Tab>
PCA-ADMIN> list ComputeNode

Tab completion with more than one possible match

PCA-ADMIN> list Ra<Tab>
PCA-ADMIN> list Rack

PCA-ADMIN> list RackU<Tab>
PCA-ADMIN> list RackUnit

Base and Custom Commands

When you enter the help command or type the question mark ("?") at the PCA-ADMIN> prompt, the CLI returns information about its base commands, such as create, edit, add, remove, delete, list, show, and so on. However, there is another set of less commonly used custom commands. You can display them all as a single list, or only those available for a particular object type. You can use the "?" to navigate through the commands.

PCA-ADMIN> showallcustomcmds
    Operation Name: <Related Object(s)>
    -----------------------------------
    abort:  Job
    asrClientDisable:  ASRPhonehome
    asrClientEnable:  ASRPhonehome
    asrClientRegister:  ASRPhonehome
    asrClientUnregister:  ASRPhonehome
    changePassword:  User
    createAdminAccount:
    createUserInGroup:  User
    [...]
    upgradePlatform:  UpgradeRequest
    upgradeSwitch:  UpgradeRequest
    upgradeVault:  UpgradeRequest
    upgradeZfssa:  UpgradeRequest

PCA-ADMIN> showcustomcmds ?
                          ASRPhonehome
                          ComputeNode
                          DrConfig
                          Event
                          ExadataNetwork
                          FaultManager
                          Job
                          NetworkConfig
                          PcaSystem
                          PurgeManager
                          UpgradeJob
                          UpgradeJobList
                          UpgradeRequest
                          User
PCA-ADMIN> showcustomcmds ComputeNode
    provisioningLock
    provisioningUnlock
    maintenanceLock
    maintenanceUnlock
    provision
    deprovision
    migrateVm
    reset
    start
    stop

Using the Service Web UI

Logging In

Navigating the Dashboard

Using the Service CLI

Accessing the CLI

Command Syntax

Help and Command Completion

Base and Custom Commands