From 80f6730bc149833027a01dcd32b7b01e367f5904 Mon Sep 17 00:00:00 2001 From: Kobi Samoray Date: Wed, 6 Jul 2016 16:59:49 +0300 Subject: [PATCH] Admin utility RST file Adds an RST file describing the functionality if the nsxadmin utility. Change-Id: Ie1bae3f7882cd1ca4e10e5660e16c86675ea3c9e --- doc/source/admin_util.rst | 132 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 doc/source/admin_util.rst diff --git a/doc/source/admin_util.rst b/doc/source/admin_util.rst new file mode 100644 index 0000000000..d8a2fa0050 --- /dev/null +++ b/doc/source/admin_util.rst @@ -0,0 +1,132 @@ +Admin Utility +============= + +The NSXv and the NSXv3 support the nsxadmin utility. This enables and administrator to determine and rectify inconsistencies between the Neutron DB and the NSX. +usage: nsxadmin -r -o + +NSXv +---- + +The following resources are supported: 'security-groups', 'edges', 'networks', 'firewall-sections', 'orphaned-edges', 'spoofguard-policy', 'missing-edges', 'backup-edges', 'nsx-security-groups', 'dhcp-binding' and 'metadata' + +Edges +~~~~~ + +-- NSX list:: + + nsxadmin -r edges -o nsx-list + +-- Neutron list:: + + nsxadmin -r edges -o neutron-list + +- Edge Datastore HA: This admin utility can be used on upgrade after the customer added ha_datastore_id to the nsx.ini configuration, in order to update the deployment of existing edges. The new edge appliances configuration will be taken from the nsx.ini, including the datastrore_id, ha_datastore_id, edge_ha. The edge current resource pool & appliance size will not change:: + + nsxadmin -r edges -o nsx-update --property edge-id= --property appliances=True + +- Update the size of an edge:: + + nsxadmin -r edges -o nsx-update --property edge-id=edge-55 --property size=compact + +Orphaned Edges +~~~~~~~~~~~~~~ + +- List orphaned edges:: + + nsxadmin -r orphaned-edges -o list + +- Clean orphaned edges:: + + nsxadmin -r orphaned-edges -o clean + +Missing Edges +~~~~~~~~~~~~~ + +- List missing edges on NSX. This includes missing networks on those edges:: + + nsxadmin -r missing-edges -o list + +Backup Edges +~~~~~~~~~~~~ + +- List backup edges:: + + nsxadmin -r backup-edges -o list + + +- Delete backup edge:: + + nsxadmin -r backup-edges -o clean --property edge-id=edge-9 + +-- List Edge name mismatches between DB and backend:: + + nsxadmin -r backup-edges -o list-mismatches + +-- Fix Edge name mismatch between DB and backend:: + + nsxadmin -r backup-edges -o fix-mismatch --property edge-id=edge-9 + +DHCP Bindings +~~~~~~~~~~~~~ +- List missing DHCP bindings:: + + nsxadmin -r dhcp-binding -o list + +- Update DHCP bindings on an edge:: + + nsxadmin -r dhcp-binding -o nsx-update --property edge-id=edge-15 + + +Networks +~~~~~~~~ + +- Ability to update or get the teaming policy for a DVS:: + + nsxadmin -r networks -o nsx-update --property dvs-id= --property teamingpolicy= + +- Support getting network morefs:: + + nsxadmin -r networks -o list + +Security Groups, Firewall and Spoofguard +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Security groups. This adds support to list security-groups mappings and miss-matches between the mappings and backend resources as: firewall-sections and nsx-security-groups:: + + nsxadmin --resource security-groups --operation list + nsxadmin -r nsx-security-groups -o {list, list-missmatches} + nsxadmin -r firewall-sections -o {list, list-missmatches} + +- Spoofguard support:: + + nsxadmin -r spoofguard-policy -o list-mismatches + nsxadmin -r spoofguard-policy -o clean --property policy-id=spoofguardpolicy-10 + nsxadmin -r spoofguard-policy -o list --property reverse (entries defined on NSXv and not in Neutron) + +Metadata +~~~~~~~~ + +- Update loadbalancer members on router and DHCP edges:: + + nsxadmin -r metadata -o nsx-update + +- Update shared secret on router and DHCP edges:: + + nsxadmin -r metadata -o nsx-update-secret + +NSXv3 +----- + +The following resources are supported: 'security-groups', 'routers', 'networks', 'nsx-security-groups', 'dhcp-binding' and 'ports'. + +- List missing networks:: + + nsxadmin -r networks -o list-mismatches + +- List missing routers:: + + nsxadmin -r routers -o list-mismatches + +- List missing ports:: + + nsxadmin -r ports -o list-mismatches