Pivotal Knowledge Base

Follow

How to enable advanced mode in the Ops Manager

Environment

Product Version
Ops Manager 1.7.0+

Purpose

The Ops Manager will disable certain fields after you have performed the initial installation. The reason for this is to protect you from changing fields that have a high likelihood of breaking your installation. Most of the time, this is a good thing, and you shouldn’t need to edit these fields.

Here are some sample fields that get locked:

  • Director Tile -> Assign AZs and Networks
  • Elastic Runtime Tile -> Assign AZs and Networks -> Place Singleton Jobs & Balance other jobs

Procedure

To make changes to a locked field, you can enable the advanced mode in the Ops Manager. There are two ways to do this:  using curl and using UAAC.  See the section below for detailed instructions.

Curl

First, we want to get an access token with User Account and Authentication (UAA). You can do that with this command.

curl -s -k -H 'Accept: application/json;charset=utf-8' -d 'grant_type=password' -d 'username=<your-username>' -d 'password=<your-pass>' -u 'opsman:' https://<fqdn for your om>/uaa/oauth/token

The output of this will be a simple JSON dictionary and will have six keys. Look for the key named access token. Copy the value to your clipboard.

Second, we can run one of the following commands to enable, disable, or check the status of advanced mode.

  • To enable advanced mode, run this command.
    curl -s -k -H 'Accept: application/json;charset=utf-8' -H "Content-Type: application/json" -H 'Authorization: bearer <access-token>' https://<fqdn for your om>/api/v0/staged/infrastructure/locked -X PUT --data '{"locked" : "false"}'
  • To check if advanced mode is enabled, run this command:
    curl -s -k -H 'Accept: application/json;charset=utf-8' -H 'Authorization: bearer <access-token>' https://<fqdn for your om>/api/v0/staged/infrastructure/locked
    The output will indicate "true" if it is enabled or "false" if it is disabled.
  • To disable advanced mode, run this command:
    curl -s -k -H 'Accept: application/json;charset=utf-8' -H "Content-Type: application/json" -H 'Authorization: bearer <access-token>' https://<fqdn for your om>/api/v0/staged/infrastructure/locked -X PUT --data '{"locked" : "true"}'

UAAC

If you have the UAA Command Line Interface (UAAC) utility installed, you can also use that to enable and disable advanced mode.  The process is similar.

  1. Target UAA on Ops Manager.  Run the following:
    uaac target https://<fqdn for your om>/uaa
  2. Authenticate.  Run the following:
    uaac token owner get
    When prompted, enter the client name as "opsman", leave the client secret blank, enter your username and password (the same as what you use to log on to the Ops Manager UI).
  3. Now you can enable, disable, and check the status of advanced mode with the following commands.
    1. To enable advanced mode, run the following:
      uaac curl https://<fqdn for your om>/api/v0/staged/infrastructure/locked -X PUT --data '{"locked" : "false"}' -H "Content-Type: application/json"
    2. To check the status of advanced mode, run the following:
      uaac curl https://<fqdn for your om>/api/v0/staged/infrastructure/locked
    3. To disable advanced mode, run the following:
      uaac curl https://<fqdn for your om>/api/v0/staged/infrastructure/locked -X PUT --data '{"locked" : "true"}' -H "Content-Type: application/json"

Impact/Risk

Using Ops Manager while it is in advanced mode disables some of the protections that Ops Manager provides for you.  This will allow you to make changes that could potentially be dangerous to your installation of Pivotal Cloud Foundry® (PCF).  Pivotal does not recommend enabling advanced mode unless you have been directed to do so by Pivotal Support.  Even then, please proceed with caution when advanced mode is enabled and disable advanced mode once you have completed the change that you set out to make.

Additional Information

When running commands with curl, you can pipe the output into jq for cleaner and easier to read output.

The example shown here uses jq to pick out just the access token

curl -s -k -H 'Accept: application/json;charset=utf-8' -d 'grant_type=password' -d 'username=<your-username>' -d 'password=<your-pass>' -u 'opsman:' https://<fqdn for your om>/uaa/oauth/token | jq .access_token

Comments

  • Avatar
    Stephen Berry

    edited example

    Added closing apostrophe to -d 'username='

Powered by Zendesk