RPI power management in MAAS with MAAS's Webhook and Node-RED controlled PoE managed switch

From UNamur InfoSec
Jump to navigation Jump to search

Introduction

MAAS work by managing machines with netboot, and in order for machines to perform netboot any time MAAS needed. It need to be able to control the power state of the machines. MAAS support a wide ranges of power control types: such as Intelligent Platform Management Interface (IPMI) which support by machine's Baseboard management controller (BMC). However, the RPI does not come with such feature. Though, in order to allow MAAS to managed power cycle of the RPI, additional setup is required.

Architecture

MAAS PoE RPi.drawio.png

MAAS have a webhook that we can configure to run when MAAS need to power the machine as well as when it want to query the power status of the machines. And our managed PoE switch has the HTTP API server to manage the setting of the switch. However, since the two aren't compatible we have create a Node-RED flow that will transform the request from MAAS to the PoE switch.

RPI

To support PoE, we install the PoE hat on our RPi devices. We are using the PoE hat from here: https://thepihut.com/products/raspberry-pi-poe-plus-hat

PoE switch

We use the TL-SG108PE switch from TP-link https://www.tp-link.com/uk/business-networking/easy-smart-switch/tl-sg108pe/ because it have the smart confige feature. Unfortunately, our version does not have direct PoE power configuration option and we have to use the PoE auto recovery feature instead. Poeconfig1.png


Create PoE control API with Node-RED

MAAS will send HTTP POST request with Power on/off request. and HTTP GET request when querying power status. We use Node-RED "http in" node to capture HTTP requests and "exec" node to run curl command to send API request to PoE switch.

Node-RED to control PoE on managed switch.png

The Node-RED flow JSON export is available here: rpi-poe-node-red-flow.json

Configure machine power with MAAS webhook

After have deployed Node-RED flow, MAAS shuold be able to send request to it. We can go to MAAS and change the power type of our machine to webhook and add the correct http endpoint.

Maas webhook power control.png