ON THIS PAGE
How to Use the APM Utility and CLI Commands
Access APM Utility Commands
SUMMARY After you've installed the Address Pool Manager (APM) application, you can perform the following administration functions.
You can use the APM utility script (apm) to administer the application
and to access the CLI that you use to configure the address management functions. The
Juniper APM installation places the utility script in /var/local/apm
and creates a symbolic link to the script in /usr/local/bin/apm.
You can use the apm utility script (which uses the K8 API and Helm
commands ) to do the following:
- Create and delete objects.
- Provide log access.
- Conduct interactive sessions with pod containers.
- Display the status of the APM objects.
Using the apm utility script simplifies many of your administrative
duties. The script performs the tasks you need to manage APM, while masking the complexity
of the kubectl command.
Table 1 lists the commands that you can invoke with the apm utility script and
describes the action that occurs. Many of the individual commands have options that you
can specify.
| Name | Action |
|---|---|
clean |
Clean up unneeded releases and/or docker cache. Note:
Introduced in Release 3.2. |
cli |
Access the CLI that you can use to configure APM features and to monitor the current status for managed BNGs. |
contexts |
Display the available clusters for control with APM Note:
Introduced in Release 3.2. |
| db-info | Displays current state of APM’s database microservice including the current
version, stateful set pods, and their roles. Note:
Introduced in Release 3.2. |
| db-switchover | Forces the persistent state database (DB) primary pod to switchover to an
eligible backup pod. Introduced in Release 3.2. Note:
DB switchover is a service disrupting event and you only use it with the upgrade procedure. |
ip |
Displays the IP addresses of Address Pool Manager. Note:
Introduced in Release 3.2. |
link |
Links a cluster to a specific software version. Note:
Introduced in Release 3.2. |
logs |
Display APM logs. |
rename-context |
Rename a context. Does not effect the running Address Pool Manager on the cluster. Note:
Introduced in Release 3.2. |
restart |
Restart one or more specified services. To run this command, you need sudo
root privileges. Note:
Introduced in Release 3.1. |
rollout |
Upgrade an APM service. To run this command, you need sudo root privileges. Note:
Introduced in Release 3.2. |
save-config |
Saves the current config of the Address Pool Manager to a file outside the pod. Note:
Introduced in Release 3.2. |
shell |
Connect to a running APM microservice. |
setup |
Set up the APM application as part of the installation process. To run this command, you need sudo root privileges. |
start |
Start a specific APM service or all APM services. To run this command, you need sudo root privileges. |
status |
Display the current status of the APM services. To run this command, you need sudo root privileges. |
storage |
Provides the status of the storage drivers for APM. Note:
Introduced in Release 3.2. |
stop |
Stop all APM services. To run this command, you need sudo root privileges. |
unlink |
Unlink components associated with the context. Note:
Introduced in Release 3.2. |
version |
Displays the version of every running microservice in the APM instance as well as the APM utility. It also lists all available APM software releases on the system. |
Use the following general syntax to issue a command:
-
For a short option:
$ apm command-name -option
-
For a long option:
$ apm command-name ––option
To view details for a cluster, use the cluster name after the command.
$ apm command-name --context contextname
To display a list of available commands with a brief description, use either the
h or help option:
$ apm -h
$ apm -help
To display the options for a specific command:
$ apm command-name -h
To specify the --no-color option to disable colored-text output (used to distinguish logs from different microservices):
$ apm command-name --no-color
Upgrade APM to a New Version
Use this procedure to upgrade to a new version of APM. This procedure assumes APM is running on your system.
Start or Stop APM Services
Use the apm utility script to start or stop all APM services. The
services start in order of dependency. Essential services (db and mgmt) start first,
followed by the other services. The services stop in reverse order of dependency.
-
To start all APM services:
$ sudo -E apm start --context contextName
Note:We recommend that you use the
sudo -E apm start ––servicesoption to start individual services or a set of services only for troubleshooting. Use under the guidance of a Juniper Networks support representative. Use with caution as this command is like rebooting to factory-default.Note:By default, APM starts from factory-defaults. The configuration is reset to its initial state, any persistent state database (DB) is cleared, and any persistent logs are cleared. In APM Release 3.2, after the initial setup, you can use
apm start –-save-configto save the config. you save the config to a file (not on the pod) so that you can load it later. -
To stop all APM services:
$ sudo -E apm stop --context contextName WARNING Shutting down your Address Pool Manager will reset it to factory defaults and you will lose all state on the system. Shutdown will begin in 2 minutes. Please use CTRL+C to cancel.
Setup Secrets
You can setup secrets during setup or run the sudo -E apm setup --context
contextName --secrets to setup secrets or update them.
$ sudo -E apm setup --context contextName --secrets APMi certficate (configured: N/A) > ../apm.crt Copied /home/user/KeySet/etc/certs/apm.crt to /var/local/apm/swwf-il-k46-s/secrets/apmi/ with 600 permissions APMi key (configured: N/A) > ../apm_swwf-il-k46-s.key Copied /home/user/KeySet/etc/keys/private/apm_swwf-il-k46-s.key to /var/local/apm/swwf-il-k46-s/secrets/apmi/ with 600 permissions APMi root ca (configured: N/A) > ../rootCA.crt Copied /home/user/KeySet/etc/certs/rootCA.crt to /var/local/apm/swwf-il-k46-s/secrets/apmi/ with 600 permissions
Display Database Information
The apm db-info command displays current state of APM’s database
microservice including the current version, stateful set pods, and their roles.
apm db-info [--context contextName] [-o|--output
json]
$ apm db-info [--context contextName] [-o|--output json]
Version: 6.2.13
Primary: jnpr-apm-redis-0
Backup(s): jnpr-apm-redis-1
Check the Status of APM Services
Use the apm status utility script to check the status of each APM
service (functional component) listed in Table 2. The status shows whether a service is running, has exited, or has not started. It also
displays the service name on the Kubernetes pod. You can compare uptime for the services
to quickly see whether any service has been restarted.
|
Microservice |
Pod Prefix |
|---|---|
|
addrman—Address manager |
jnpr-apm-addrman |
|
mgmt—CLI management |
jnpr-apm-mgmt |
|
Redis (Remote Dictionary Server)—consists of a set of pods which provide the persistent database. |
jnpr-apm-redis |
|
entman—Entity manager |
jnpr-apm-entman |
|
provman—Provisioning manager |
jnpr-apm-provman |
|
apm-fluentd—A set of pods that collects logs from mgmt, address manager, entity manager, provisioning manager and provisioning manager microservices, and exports them to remote syslog servers. |
jnpr-apm-fluentd |
To check the status:
For example:
$ apm status --context contextName --detail MICROSERVICE POD STATE RESTARTS UPTIME NODE addrman jnpr-apm-addrman-7b778979b6-5vk44 Running 0 11 days, 23:25:14.629150 test-node-1 mgmt jnpr-apm-mgmt-6b4cf98d4d-hmjd9 Running 0 11 days, 23:25:33.629206 test-node-1 entman jnpr-apm-entman-7d66d89d6b-5295d Running 0 11 days, 23:25:14.629224 test-node-1 apm-fluentd jnpr-apm-fluentd-qzjp2 Running 0 11 days, 23:25:55.629242 test-node-1 provman jnpr-apm-provman-849fb9cc4-vswm6 Running 0 11 days, 22:50:05.629258 test-node-1 redis jnpr-apm-redis-0 Running 0 11 days, 23:25:36.629275 test-node-1 redis jnpr-apm-redis-1 Running 0 11 days, 23:25:23.629290 test-node-1 redis jnpr-apm-redis-sentinels-0 Running 0 11 days, 23:25:26.629306 test-node-1 redis jnpr-apm-redis-sentinels-1 Running 0 11 days, 23:25:26.629322 test-node-1 redis jnpr-apm-redis-sentinels-2 Running 0 11 days, 23:25:26.629337 test-node-1 Storage: Healthy
$ apm status --context contextName MICROSERVICE PODS RESTARTS addrman 1/1 0 mgmt 2/2 0/0 entman 1/1 0 apm-fluentd 1/1 0 provman 1/1 0 redis 5/5 0/0/0/0/0 Storage: Healthy
Display APM IP Addresses
Use the apm ip utility script to display the Kubernetes objects that are
necessary for the orchestration of the APM pods. For example:
$ apm ip --context contextName --detail SERVICE MICROSERVICE EXTERNAL IP INTERNAL IP address-pool-manager-ssh address-pool-manager 10.9.2.13 10.0.239.217 apm-apmi provman 192.168.0.0 10.0.116.217 jnpr-apm-mgmt-svc mgmt 10.0.110.57 jnpr-apm-redis-svc redis 10.0.244.166
Display Logging
SUMMARY Use the
apm logs utility script to display the logs of events that occur while
APM is running. You can also use the BBE Event Collection and Visualization utility to
display file-based logs collected and stored since the time APM is started. BBE Event
Collection and Visualization is a cloud-based centralized utility that provides a way to
capture APM logs that span the life-cycle of APM micro-services. You link to the BBE Event
Collection and Visualization logging utility when you set up APM. See the Broadband Edge Event Collection and Visualization
Installation Guide.
Display APM Logging
BBE Event Collection and Visualization is a cloud-based centralized utility that provides a way to capture APM logs that span the life-cycle of APM micro-services. If you have BBE Event Collection and Visualization setup, during the APM setup, you can point BBE Event Collection and Visualization to perform the logging. BBE Event Collection and Visualization has a web-based interface to OpenSearch’s capabilities for advanced searching, aggregation, viewing, and data analysis of collected syslog events.
Use the apm logs utility script to display the logs of events
that occur while APM is running. The event logs include events such as those
shown in the following non-exhaustive list:
-
Pool-domain registration events
-
Address allocation failures
-
Network entity connection failures
-
Startup messages
-
Network entity resynchronization events
-
Pool and partition utilization threshold and depletion warnings
By default, APM sends logs to the standard output (stdout) of the service. The output displays the circular buffer of all services or of a specified service. You can also enable logging to follow the log output of the running services. Following the log output creates an open session that continuously streams the logs to stdout.
The APM logging functions mask the underlying complexities of the kubectl
log command that is collecting the log information. You can still
use the kubectl log command, but that is outside the scope of
this documentation.
You can use third-party applications to capture and redirect the stdout stream for the container. Refer to your third-party documentation for assistance. You can also configure Docker with different logging drivers to redirect stdout. Refer to your Docker documentation for assistance.
To display APM logs for all services:
$ apm logs [--context contextName] [-f] [--previous] [--services SERVICES [SERVICES ...]] [--logset LOGSET] [--nocolor]
Use the apm logs ––services option only when you are
troubleshooting under the guidance of a Juniper Networks support
representative.
To follow the logs for all services, specify the follow option
(-f):
$ apm logs -f
To view logs from previous instances of the containers in a Kubernetes pod,
specify the previous container option (-p):
$ apm logs -p
You can use standard Ubuntu conventions to redirect the logs to a file or to the terminal and to a file. Refer to the Ubuntu documentation for more information, but you can use the following examples as a starting point:
-
Redirect all logs to only a file.
$ apm logs > file-path
-
Redirect all logs to both the screen and to a file.
$ apm logs | tee file-path
By default, the utility command reports logs of all severity levels. You can
limit the number of logs that are reported by setting a severity level when you
start APM services. Include the --log-level option when you
start services to specify the minimum severity level of logs that are reported
when you also use the logs command. Logs are reported for the
specified level and all levels that are more severe. The default level is
debug, which is the lowest severity level. This means that
by default logs are reported for all levels.
When you set a severity level, it applies to all services.
-
To set the severity level for all services:
$ apm start ––log-level severity-level
Use the ––services option only for troubleshooting under the
guidance of a Juniper Networks support representative.
You can specify any of the following severity levels, in order of increasing severity:
| Severity Level | Description |
|---|---|
debug |
Detailed information that is typically of interest only when you are trying to diagnose a problem. These logs are often very frequent. |
info |
Events or non-error conditions of interest. Logs at this level provide confirmation that everything is working as expected. These logs are generally not very frequent. |
warning |
Indicates that something unexpected happened or that some problem might occur in the near future. A simple example of the latter is the disk space low warning that indicates that you might run out of disk space soon. In either case, the software is still working as expected, but you might want to monitor it more closely. These logs are generally not very frequent. |
error |
Indicates that a more serious problem has prevented the software from performing some function, but the software has handled the problem as gracefully as possible to continue functioning. |
critical |
A serious error that indicates that the program itself might be unable to continue running. |
You can use the --logset option to display logs either for only
APM services or for only prebuilt services. If you do not use this option, then
only the APM services logs are displayed.
To display logs for only APM services:
$ apm logs ––logset apm $ apm logs
To display logs for prebuilt services:
$ apm logs ––logset apm-infra
Prebuilt services are services borrowed from other sources to provide infrastructure functions for APM. These sources include cMGD, haproxy, redis, and redis-sentinel. For example, redis provides database and messaging services, cMGD provides a configuration/CLI service, and so on.
Determine the APM Version
Use the apm version [--context <context name>] [-o|--output json]
[--detail| --compare <SwVersion>] utility script to determine the version
number of the installed APM release.
To display the release version:
$ apm version --context contextName --detail Address Pool Manager versions: Microservice Release (version) apm: 3.2.0 addrman: 3.2.0 apm-fluentd: 3.2.0 entman: 3.2.0 mgmt: 3.2.0 provman: 3.2.0 redis: 3.2.0 (6.2.13)
To compare the specified software release versions against the current deployed release for the specified context:
apm version --compare 3.2.1 –-context myCluster components: apm: 3.2.0 -> 3.2.1 addrman: 3.2.0 -> 3.2.1 entman: 3.2.0 -> 3.2.1 apm-fluentd: 3.2.0 -> 3.2.1 mgmt: 3.2.0 -> 3.2.1 provman: 3.2.0 -> 3.2.1 redis: 6.2.13 -> 7.2.1
Use the -j option to render the version information in JavaScript Object
Notation (JSON) format.
Uninstall and Remove APM
Use the apm utility script to uninstall the APM configuration. The
uninstall command reverts the actions you performed when setting up
APM. Use this command to return APM to the state it was in immediately after you installed
the application but before you did any setup configuration.
To uninstall APM:
$ sudo -E apm stop –-context contextName sudo -E apm unlink –-context contextName
After you uninstall APM, we recommend that you use the Debian uninstall procedure to remove the entire package.
$ sudo sudo -E apm clean --uninstall [--context contextName]
How to Access APM Configuration and Operational Commands
- Access the APM CLI
- Access and Use CLI Configuration Statements
- Access and Use CLI Operational Commands
Access the APM CLI
To access the CLI prompt, enter the following apm utility script
command:
$ apm cli --context contextName [-p|--pipe]
root@jnpr-apm-mgmt
Enter a question mark to see the available top-level CLI commands. This list of commands is a subset of the Junos OS top-level commands.
root@jnpr-apm-mgmt> ? Possible completions: clear Clear information in the system configure Manipulate software configuration information file Perform file operations help Provide help information monitor Show real-time debugging information op Invoke an operation script quit Exit the management session request Make system-level requests restart Restart software process set Set CLI properties, date/time, craft interface message show Show system information ssh Start secure shell on another host start Start shell telnet Telnet to another host test Perform diagnostic debugging traceroute Trace route to remote host
For an overview of Junos OS CLI basics, see Day One: Exploring the Junos CLI. For more detailed information, see the CLI User Guide.
Access and Use CLI Configuration Statements
Access and Use CLI Operational Commands
To monitor APM, view APM configuration and statistics, or run certain operations manually: