UPS setup for multiple All-In-One (FreeNAS-on-ESXi) servers on the same UPS

Status
Not open for further replies.

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
Setting up the UPS NUT service to shut down a standalone FreeNAS system is straightforward. But things become more interesting when you have multiple systems, especially when those systems are All-In-One (AIO) servers with FreeNAS running as a virtual machine on VMware's ESXi. In this case you don't want to shut down FreeNAS directly. Instead, you want to shut down ESXi and let it shut down all of its virtual machines, including FreeNAS.

If you're running ESXi v4.x/5.x/6.x, you're fortunate in that you can gracefully power it down with a simple poweroff command, provided you have the VMware tools installed on all of its virtual machines. And yes, FreeNAS installs these tools automatically when you install it as a virtual machine.

First enable the SSH service on the ESXi server and set up private key authentication. Then configure the FreeNAS UPS service with this Shutdown Command: ssh root@esxihost poweroff. I name my ESXi systems after well-known cats - Felix and Fritz - so my specific commands are ssh root@felix poweroff and ssh root@fritz poweroff, as you'll see in the screenshots below.

WARNING: I tried using a shell script for the UPS Shutdown Command and couldn't get it to work consistently; upsmon wasn't always able to execute it despite the script working fine when run manually and having the correct ownership and execute permissions. I got this error in my message log:
Code:
Mar 17 13:17:40 boomer upsmon[2071]: parent: Unable to call shutdown command: /mnt/tank/systems/scripts/esxi-poweroff-host.sh
It's a riddle wrapped in a mystery inside an enigma, so stick with the explicit ssh commands shown.

If you power multiple servers with a single UPS, as I do, you must connect one of them to the UPS with an appropriate USB or serial cable and configure this server as the Master. Be sure to specify the server's IP address in the upsd Auxillary parameters section for the UPS daemon to listen on. This provides a communications link between the Master and the other servers on your network powered by the UPS. Configure these other servers in Slave mode, specifying the Master's IP address as the Remote Host.

You want to test this setup before you leave it unattended... but how? You can always unplug the UPS from the wall, but this puts a strain on it, and what if you've goofed something up? We don't want to trash our data in the course of trying to protect it! There's a better way that doesn't stress the UPS or even turn it off, and has the advantage that if you botch something -- like misspelling 'poweroff' as 'powoff', for example -- nothing happens. The NUT system provides for a Forced Shutdown Sequence (FSD) by running this command from a shell: upsmon -c fsd. This initiates a shutdown just as though the UPS had lost power. See the "Testing shutdowns" section at the networkupstools.org website for details.

Hint: if you're impatient like me, use a short time period -- 120 seconds or so -- for the Shutdown timer setting during testing. You won't have to wait and twiddle your thumbs for 3 or 4 minutes while the shutdown sequence pokes along. Once you have everything working to your liking, change this setting back to whatever value you want to use in production.

'Master' settings:
ups-master.jpg


'Slave' settings:

ups-slave.jpg
 

Dice

Wizard
Joined
Dec 11, 2015
Messages
1,410
This is absolutely excellent timing (for my own interests!)

Thanks.
Consider making this a resource post.......?
 

Beep

Dabbler
Joined
Dec 28, 2017
Messages
21
I followed your tutorial and configured:
ssh -i id_esxi root@ipadress poweroff

Manually in terminal it works, but not in the services. Any chance of getting a log or similiar?
 

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
I followed your tutorial and configured:


Manually in terminal it works, but not in the services. Any chance of getting a log or similiar?
You could check out /var/log/messages and /var/log/auth.log.

Are you providing the full path to your ID file?
 

Beep

Dabbler
Joined
Dec 28, 2017
Messages
21
In /var/log/messages I can see:
[...] upsmon[16839]: parent: Unable to call shutdown command: ssh -i id_esxi root@ipadresse poweroff
No I'm not providing full path to id. How would it be?
 

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
In /var/log/messages I can see:

No I'm not providing full path to id. How would it be?
You're using the SSH -i option to specify the location of your private key. I suggest that you provide the full path to this file in your shutdown command.
 

Beep

Dabbler
Joined
Dec 28, 2017
Messages
21
With using this:
Code:
ssh -i /.ssh/id_esxi root@ipadress poweroff

Code:
ssh -i ~/.ssh/id_esxi root@ipadress poweroff

Code:
ssh -i ./.ssh/id_esxi root@ipadress poweroff

I'm still getting the same issue. I'm confused. Maybe missing rights for executing this command?
 

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
With using this:
Code:
ssh -i /.ssh/id_esxi root@ipadress poweroff

Code:
ssh -i ~/.ssh/id_esxi root@ipadress poweroff

Code:
ssh -i ./.ssh/id_esxi root@ipadress poweroff

I'm still getting the same issue. I'm confused. Maybe missing rights for executing this command?
It very well could be a permissions issue: these are quite common on Unix-based systems.

The root user's home directory is /root, so your key file is most likely /root/.ssh/id_esxi. You'll need to verify this.

In any case, you should easily be able to test your SSH setup without powering off your ESXi server: just executing ssh -i /root/.ssh/id_esxi root@ipadress should open a shell for you on the ESXi server.

Also, I've assumed all along that you're replacing the ESXi server's actual IP address with 'ipadress' in the code snippets above. If not, that is another problem: you need to specify the ESXi server's actual IP address or a name that your local DNS service or hosts file resolves to the ESXi server's IP address.
 

Beep

Dabbler
Joined
Dec 28, 2017
Messages
21
This was the issue:
Code:
ssh -i /root/.ssh/id_esxi root@ipadress

In the terminal I'm logged in as root but the UPS service may be working under another user. Now it's working like a charme.

Thank you!
 
Status
Not open for further replies.
Top