{"id":18512848,"url":"https://github.com/vmware/pmd","last_synced_at":"2026-03-10T09:02:52.035Z","repository":{"id":37752237,"uuid":"88086561","full_name":"vmware/pmd","owner":"vmware","description":"Photon Management Daemon","archived":false,"fork":false,"pushed_at":"2024-02-12T13:24:19.000Z","size":8048,"stargazers_count":15,"open_issues_count":8,"forks_count":13,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-06-20T14:43:18.962Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vmware.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-04-12T19:01:58.000Z","updated_at":"2023-12-22T03:13:33.000Z","dependencies_parsed_at":"2023-02-14T07:46:28.893Z","dependency_job_id":"732bf11a-0c1a-4da5-af02-8554cde424a9","html_url":"https://github.com/vmware/pmd","commit_stats":{"total_commits":114,"total_committers":12,"mean_commits":9.5,"dds":0.7280701754385965,"last_synced_commit":"c35a75d7c909bd7706a8bd659a0221ecd2fb1648"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/vmware/pmd","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware%2Fpmd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware%2Fpmd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware%2Fpmd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware%2Fpmd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vmware","download_url":"https://codeload.github.com/vmware/pmd/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware%2Fpmd/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30328273,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T05:25:20.737Z","status":"ssl_error","status_checked_at":"2026-03-10T05:25:17.430Z","response_time":106,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T15:35:41.937Z","updated_at":"2026-03-10T09:02:51.965Z","avatar_url":"https://github.com/vmware.png","language":"Go","readme":"\n# NOTE\n\nThe pmd-next-gen official Git repository has been moved to: [pmd-next-gen](https://github.com/vmware/pmd-next-gen)\nAccess to a clone of the repository is available as below:\n```bash\ngit clone git@github.com:vmware/pmd-next-gen.git\n```\n\n## photon-mgmtd\n\n\n`photon-mgmtd` is a high performance open-source, simple, and pluggable REST API gateway designed with stateless architecture. It is written in Go, and built with performance in mind. It features real time health monitoring, configuration and performance for systems (containers), networking and applications.\n\n- Proactive Monitoring and Analytics\n  easy to gather statistics and perform analyses.\n- Platform independent REST APIs can be accessed via any application (curl, chrome, PostMan ...) from any OS (Linux, IOS, Android, Windows ...)\n- Minimal data transfer using JSON.\n- Plugin based Architechture. See how to write plugin section for more information.\n\n### Features!\n\n|Feature| Details |\n| ------ | ------ |\n|systemd  | information, services (start, stop, restart, status), service properties for example CPUShares\nsee information from ```/proc``` fs| netstat, netdev, memory , vms, ARP and much more\nsystem | fetch and configure system information for example hostname\nnetwork | fetch and configure network information example (dns, iostat, interface)\nnetwork link | configure network link parameters like (dhcp, linkLocalAddressing, multicastDNS, Address, route, domains, dns, ntp, ipv6AcceptRA, mode, mtubytes, mac, group, requiredFamilyForOnline, activationPolicy, routingPolicyRule, DHCPv4, DHCPv6, DHCPServer, Ipv6SendRA) etc\nlogin | fetch list of users and sessions also get information for a id\nnetwork devices | create and remove virtual network devices like (Vlan, Bond, Bridge, MacVLan, IpVLan, VxLan, WireGuard) etc\nethtool | fetch ethernet settings for a link also based on a action\nsysctl | used to fetch, set, load and automate kernel parameters\nuser | used to fetch, add, and remove user on the system\ngroup | used to fetch, add, and remove group on the system\nlink | configure link parameters like (MACAddress, Name, AlternativeNames, Offload, VLANTAG, CHannels, Buffers, Queues, FlowControls, Coalesce) etc\nfirewall | add, delete and show nft tables, chain and rules also is used to run any NFT commands\npackage management (tdnf) | used to manage package management on the system like (list, info, download, update, remove, clean cache, list repositories, search package) etc\n\n#### Building and installation from source\n----\n\n```bash\n\n❯ make build\n❯ sudo make install\n```\n\nDue to security `photon-mgmtd` runs in non root user `photon-mgmt`. It drops all privileges except `CAP_NET_ADMIN` and `CAP_SYS_ADMIN`.\n\n```bash\n\n❯  useradd -M -s /usr/bin/nologin photon-mgmt\n```\n\n#### Configuration\n----\n\nConfiguration file `mgmt.toml` located in `/etc/photon-mgmt/` directory to manage the configuration.\n\nThe `[System]` section takes following Keys:\n\n`LogLevel=`\n\nSpecifies the log level. Takes one of `Trace`, `Debug`, `Info`, `Warning`, `Error`, `Fatal` and `Panic`. Defaults to `info`. See [sirupsen](https://github.com/sirupsen/logrus#level-logging)\n\n`UseAuthentication=`\nA boolean. Specifies whether the users should be authenticated. Defaults to `true`.\n\nThe `[Network]` section takes following Keys:\n\n`Listen=`\nSpecifies the IP address and port which the REST API server will listen to. When enabled, defaults to `127.0.0.1:5208`.\n\n`ListenUnixSocket=`\nA boolean. Specifies whether the server would listen on a unix domain socket `/run/photon-mgmt/mgmt.sock`. Defaults to `true`.\n\nNote that when both `ListenUnixSocket=` and `Listen=` are enabled, server listens on the unix domain socket by default.\n ```bash\n❯ sudo cat /etc/photon-mgmt/mgmt.toml\n[System]\nLogLevel=\"debug\"\nUseAuthentication=\"false\"\n\n[Network]\nListenUnixSocket=\"true\"\n```\n\n```bash\n❯ sudo systemctl start photon-mgmtd\n```\n\n```bash\n❯ sudo systemctl status photon-mgmtd\n● photon-mgmtd.service - A REST API based configuration management microservice gateway\n     Loaded: loaded (8;;file://zeus/usr/lib/systemd/system/photon-mgmtd.service^G/usr/lib/systemd/system/photon-mgmtd.service8;;^G; enabled; preset: enabled)\n     Active: active (running) since Thu 2023-01-26 11:34:05 UTC; 2min 44s ago\n   Main PID: 668 (photon-mgmtd)\n      Tasks: 6 (limit: 18735)\n     Memory: 22.8M\n     CGroup: /system.slice/photon-mgmtd.service\n             └─668 /usr/bin/photon-mgmtd\n\nJan 26 11:34:05 zeus systemd[1]: photon-mgmtd.service: Changed dead -\u003e running\nJan 26 11:34:05 zeus systemd[1]: photon-mgmtd.service: Job 185 photon-mgmtd.service/start finished, result=done\nJan 26 11:34:05 zeus systemd[1]: Started A REST API based configuration management microservice gateway.\nJan 26 11:34:05 zeus systemd[668]: photon-mgmtd.service: Executing: /usr/bin/photon-mgmtd\nJan 26 11:34:05 zeus photon-mgmtd[668]: time=\"2023-01-26T11:34:05Z\" level=info msg=\"photon-mgmtd: v0.1 (built go1.19.3)\"\nJan 26 11:34:05 zeus photon-mgmtd[668]: time=\"2023-01-26T11:34:05Z\" level=info msg=\"Starting photon-mgmtd... Listening on unix domain socket='/run/photon-mgmt/mgmt.sock' in HTTP\u003e\nJan 26 11:36:43 zeus systemd[1]: photon-mgmtd.service: Trying to enqueue job photon-mgmtd.service/start/replace\nJan 26 11:36:43 zeus systemd[1]: photon-mgmtd.service: Installed new job photon-mgmtd.service/start as 596\nJan 26 11:36:43 zeus systemd[1]: photon-mgmtd.service: Enqueued job photon-mgmtd.service/start as 596\nJan 26 11:36:43 zeus systemd[1]: photon-mgmtd.service: Job 596 photon-mgmtd.service/start finished, result=done\n```\n\n#### pmctl\n----\n\n`pmctl` is a CLI tool allows to view and configure system/network/service status.\n\n```bash\n❯ sudo pmctl service status systemd-networkd\n                   Name: systemd-networkd.service\n            Description: Network Configuration\n               Main Pid: 644\n             Load State: loaded\n           Active State: active\n              Sub State: running\n        Unit File State: enabled\n State Change TimeStamp: Thu Jan 26 11:34:05 UTC 2023\n Active Enter Timestamp: Thu Jan 26 11:34:05 UTC 2023\nInactive Exit Timestamp: Thu Jan 26 11:34:04 UTC 2023\n  Active Exit Timestamp: 0\nInactive Exit Timestamp: Thu Jan 26 11:34:04 UTC 2023\n                 Active: active (running) since Thu Jan 26 11:34:05 UTC 2023\n\n\n```\n\n#### Configure system hostname\n```bash\n❯ pmctl system set-hostname static ubuntu transient transientname pretty prettyname\n```\n\n#### Acquire system status\n```bash\n❯ sudo pmctl status system\n              System Name: zeus\n                   Kernel: Linux (5.10.159-2.ph4) #1-photon SMP Tue Jan 3 21:27:11 UTC 2023\n                  Chassis: vm\n           Hardware Model: VMware Virtual Platform\n          Hardware Vendor: VMware, Inc.\n             Product UUID: 979e4d56b63718b18534e112e64cb18\n         Operating System: VMware Photon OS/Linux\nOperating System Home URL: https://vmware.github.io/photon/\n                Time zone: UTC (2023-01-26 11:42:49.847435 +0000 UTC)\n         NTP synchronized: true\n                     Time: Thu Jan 26 11:42:49 UTC 2023\n                 RTC Time: 2023-01-26 11:42:49.847435 +0000 UTC\n          Systemd Version: v252-1\n             Architecture: x86-64\n           Virtualization: vmware\n            Network State: routable (carrier)\n     Network Online State: partial\n                      DNS: 172.16.130.2\n                  Address: 172.16.130.132/24 on device ens33\n                           172.16.130.131/24 on device ens33\n                           fe80::3279:c56d:55f9:aed7/64 on device ens33\n                           172.16.130.138/24 on device ens37\n                  Gateway: 172.16.130.2 on device ens37\n                           172.16.130.2 on device ens33\n                   Uptime: Running Since (17 hours 58 minutes) Booted (Sun Feb  5 22:41:12 IST 2023) Users (5) Proc (278)\n                   Memory: Total (13559750656) Used (13559750656) Free (5929107456) Available (10282934272)\n```\n\n#### Network status\n```bash\n❯ sudo pmctl status network -i eth0\n             Name: eth0\nAlternative Names: eno1 enp11s0 ens192\n            Index: 2\n        Link File: /usr/lib/systemd/network/99-default.link\n     Network File: /etc/systemd/network/99-dhcp-en.network\n             Type: ether\n            State: routable ()\n           Driver: vmxnet3\n           Vendor: VMware\n            Model: VMXNET3 Ethernet Controller\n             Path: pci-0000:0b:00.0\n    Carrier State: carrier\n     Online State: online\nIPv4Address State: routable\nIPv6Address State: degraded\n       HW Address: 00:0c:29:64:cb:18\n              MTU: 1500\n        OperState: up\n            Flags: up|broadcast|multicast\n        Addresses: 172.16.130.132/24 172.16.130.131/24 fe80::3279:c56d:55f9:aed7/64\n          Gateway: 172.16.130.2\n              DNS: 172.16.130.2\n```\n\n#### Network dns status\n```bash\n\u003e pmctl status network dns\nGlobal\n\n        DNS: 8.8.8.1 8.8.8.2\nDNS Domains: test3.com test4.com . localdomain . localdomain\nLink 2 (ens33)\nCurrent DNS Server:  172.16.61.2\n       DNS Servers:  172.16.61.2\n\nLink 3 (ens37)\nCurrent DNS Server:  172.16.61.2\n       DNS Servers:  172.16.61.2\n```\n\n#### Network iostat status\n```bash\n\u003e pmctl status network iostat\n            Name: lo\nPackets received: 7510\n  Bytes received: 7510\n      Bytes sent: 7510\n         Drop in: 7510\n        Drop out: 0\n        Error in: 0\n       Error out: 0\n         Fifo in: 0\n        Fifo out: 0\n\n            Name: ens33\nPackets received: 46014\n  Bytes received: 19072\n      Bytes sent: 19072\n         Drop in: 19072\n        Drop out: 0\n        Error in: 0\n       Error out: 0\n         Fifo in: 0\n        Fifo out: 0\n\n            Name: ens37\nPackets received: 9682\n  Bytes received: 10779\n      Bytes sent: 10779\n         Drop in: 10779\n        Drop out: 0\n        Error in: 0\n       Error out: 0\n         Fifo in: 0\n        Fifo out: 0\n```\n\n#### Network interfaces status\n```bash\n\u003e pmctl status network interfaces\n            Name: lo\n           Index: 1\n             MTU: 65536\n           Flags: up loopback\nHardware Address:\n       Addresses: 127.0.0.1/8 ::1/128\n\n            Name: ens33\n           Index: 2\n             MTU: 1500\n           Flags: up broadcast multicast\nHardware Address: 00:0c:29:7c:6f:84\n       Addresses: 172.16.61.128/24 fe80::c099:2598:cc4c:14d1/64\n\n            Name: ens37\n           Index: 3\n             MTU: 1500\n           Flags: up broadcast multicast\nHardware Address: 00:0c:29:7c:6f:8e\n       Addresses: 172.16.61.134/24 fe80::be9:7746:7729:3e2/64\n```\n\n#### Login status\n```bash\n\n# List Users\n\u003epmctl status login user\n\n# List Sessions\n\u003epmctl status login session\n\n# Acquire User based on UID\npmctl status login user \u003cUID\u003e\n\u003epmctl status login user 2\n\n# Acquire Session based on ID\npmctl status login session \u003cID\u003e\n\u003epmctl status login session 1000\n\n```\n\n#### Ethtool status\n```bash\n\n# Acquire Ethtool all status\npmctl status ethtool \u003cLINK\u003e\n\u003epmctl status ethtool ens37\n\n# Acquire Ethtool status based on action\npmctl status ethtool \u003cLINK\u003e \u003cACTION\u003e\n\u003epmctl status ethtool ens37 bus\n\n```\n\n#### sysctl usecase via pmctl\n```bash\n\n# Acquire all sysctl configuration in the system in json format.\npmctl status sysctl\n\n# Acquire one variable configuration from sysctl configuration.\npmctl status sysctl k \u003cInputKey\u003e\nor\npmctl status sysctl key \u003cInputKey\u003e\n\n\u003epmctl status sysctl k fs.file-max\nfs.file-max: 9223372036854775807\n\n# Acquire all variable configuration from sysctl configuration based on input pattern.\npmctl status sysctl p \u003cInputPatern\u003e\nor\npmctl status sysctl pattern \u003cInputPatern\u003e\n\n\u003epmctl status sysctl p net.ipv6.route.gc\n{\"net.ipv6.route.gc_elasticity\":\"9\",\"net.ipv6.route.gc_interval\":\"30\",\"net.ipv6.route.gc_min_interval\":\"0\",\"net.ipv6.route.gc_min_interval_ms\":\"500\",\"net.ipv6.route.gc_thresh\":\"1024\",\"net.ipv6.route.gc_timeout\":\"60\"}\n\n# Add or Update a variable configuration in sysctl configuration.\npmctl sysctl u -k \u003cInputKey\u003e -v \u003cInputValue\u003e -f \u003cInputFile\u003e\nor\npmctl sysctl update key \u003cInputKey\u003e value \u003cInputValue\u003e filename \u003cInputFile\u003e\n\n\u003epmctl sysctl u -k fs.file-max -v 65566 -f 99-sysctl.conf\n\u003epmctl sysctl u -k fs.file-max -v 65566\n\n# Remove a variable configuration from sysctl configuration.\npmctl sysctl r -k \u003cInputKey\u003e -f \u003cInputFile\u003e\nor\npmctl sysctl remove key \u003cInputKey\u003e filename \u003cInputFile\u003e\n\n\u003epmctl sysctl r -k fs.file-max -f 99-sysctl.conf\n\u003epmctl sysctl r -k fs.file-max\n\n# Load sysctl configuration files.\npmctl sysctl l -f \u003cInputfileList\u003e\nor\npmctl sysctl load files \u003cInputFileList\u003e\n\n\u003epmctl sysctl l -f 99-sysctl.conf,70-sysctl.conf\n\u003epmctl sysctl l -f\n```\n\n#### sysctl usecase via curl\n```bash\n\n# Acquire all sysctl configuration in the system in json format.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET http://localhost/api/v1/system/sysctl/statusall\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET http://localhost/api/v1/system/sysctl/statusall\n\n# Acquire one variable configuration from sysctl configuration.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET --data '{\"key\":\"\u003ckeyName\u003e\"}' http://localhost/api/v1/system/sysctl/status\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET --data '{\"key\":\"fs.file-max\"}' http://localhost/api/v1/system/sysctl/status\n\n# Acquire all variable configuration from sysctl configuration based on input pattern.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET --data '{\"pattern\":\"\u003cPattern\u003e\"}' http://localhost/api/v1/system/sysctl/statuspattern\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET --data '{\"pattern\":\"fs.file\"}' http://localhost/api/v1/system/sysctl/statuspattern\n\n# Add or Update a variable configuration in sysctl configuration.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"apply\":true,\"key\":\"\u003ckeyName\u003e\",\"value\":\"\u003cValue\u003e\",\"filename\":\"\u003cfileName\u003e\"}' http://localhost/api/v1/system/sysctl/update\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"apply\":true,\"key\":\"fs.file-max\",\"value\":\"65409\",\"filename\":\"99-sysctl.conf\"}' http://localhost/api/v1/system/sysctl/update\n\n# Remove a variable configuration from sysctl configuration.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request DELETE --data '{\"apply\":true,\"key\":\"\u003ckeyName\u003e\",\"filename\":\"\u003cfileName\u003e\"}' http://localhost/api/v1/system/sysctl/remove\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request DELETE --data '{\"apply\":true,\"key\":\"fs.file-max\",\"filename\":\"99-sysctl.conf\"}' http://localhost/api/v1/system/sysctl/remove\n\n# Load sysctl configuration files.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"apply\":true,\"files\":[\"\u003cfileName\u003e\",\"\u003cfileName\u003e\"]}' http://localhost/api/v1/system/sysctl/load\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"apply\":true,\"files\":[\"99-sysctl.conf\",\"75-sysctl.conf\"]}' http://localhost/api/v1/system/sysctl/load\n```\n\n#### Group usecase via pmctl\n```bash\n\n# Acquire all Group information.\n\u003epmctl status group\n             Gid: 0\n            Name: root\n\n             Gid: 1\n            Name: daemon\n\n             Gid: 2\n            Name: bin\n\n             Gid: 3\n            Name: sys\n\n             Gid: 4\n            Name: adm\n\t    .\n            .\n            .\n             Gid: 1001\n            Name: photon-mgmt\n\n# Fetch a group information.\npmctl status group \u003cGroupName\u003e\nor\npmctl status group \u003cGroupName\u003e\n\n\u003epmctl status group photon-mgmt\n             Gid: 1001\n            Name: photon-mgmt\n\n# Add a new Group.\npmctl group add \u003cGroupName\u003e \u003cGid\u003e\nor\npmctl group add \u003cGroupName\u003e\n\n# Remove a Group.\npmctl group remove \u003cGroupName\u003e \u003cGid\u003e\nor\npmctl group remove \u003cGroupName\u003e\n```\n\n#### Group usecase via curl\n```bash\n\n# Acquire all Group information.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET http://localhost/api/v1/system/group/view\n\n# Acquire one Group information.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET http://localhost/api/v1/system/group/view/\u003cGroupName\u003e\n\n# Add a new Group.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"Name\":\"\u003cGroupName\u003e\",\"Gid\":\"\u003cInputGid\u003e\"}' http://localhost/api/v1/system/group/add\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"Name\":\"nk1\",\"Gid\":\"101\"}' http://localhost/api/v1/system/group/add\n\n# Remove a Group.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request DELETE --data '{\"Name\":\"\u003cGroupName\u003e\",\"Gid\":\"\u003cInputGid\u003e\"}' http://localhost/api/v1/system/group/remove\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request DELETE --data '{\"Name\":\"photon-mgmt\",\"Gid\":\"101\"}' http://localhost/api/v1/system/group/remove\n```\n\n#### User usecase via pmctl\n```bash\n\n# Acquire all User information.\n\u003epmctl status user\n          User Name: root\n                Uid: 0\n                Gid: 0\n              GECOS: root\n     Home Directory: /root\n\n          User Name: daemon\n                Uid: 1\n                Gid: 1\n              GECOS: daemon\n     Home Directory: /usr/sbin\n\n          User Name: bin\n                Uid: 2\n                Gid: 2\n              GECOS: bin\n     Home Directory: /bin\n\n          User Name: sys\n                Uid: 3\n                Gid: 3\n              GECOS: sys\n     Home Directory: /dev\n\n          User Name: photon-mgmt\n                Uid: 1001\n                Gid: 1001\n     Home Directory: /home/photon-mgmt\n\n# Add a new User.\npmctl user add \u003cUserName\u003e home-dir \u003cHomeDir\u003e groups \u003cgroupsList\u003e uid \u003cUid\u003e gid \u003cGid\u003e shell \u003cShell\u003e password \u003cxxxxxxx\u003e\nor\npmctl user a \u003cUserName\u003e -d \u003cHomeDir\u003e -grp \u003cgroupsList\u003e -u \u003cUid\u003e -g \u003cGid\u003e -s \u003cShell\u003e -p \u003cxxxxxxx\u003e\n\n# Remove a User.\npmctl user remove \u003cUserName\u003e\nor\npmctl user r \u003cUserName\u003e\n```\n\n#### User usecase via curl\n```bash\n\n# Acquire all User information.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request GET http://localhost/api/v1/system/user/view\n\n# Add a new User.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"Name\":\"\u003cUserName\u003e\",\"Uid\":\"\u003cUid\u003e\",\"Gid\":\"\u003cGid\u003e\",\"Groups\":[\"group1\",\"group2\"],\"\"HomeDirectory\":\"\u003cHomeDir\u003e\",\"Shell\":\"\u003cshell\u003e\",\"Comment\":\"\u003ccomment\u003e\",\"Password\":\"\u003cxxxxxx\u003e\"}' http://localhost/api/v1/system/user/add\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request POST --data '{\"Name\":\"nts1\",\"Uid\":\"\",\"Gid\":\"1004\",\"Groups\":[\"nts\",\"group2\"],\"HomeDirectory\":\"home/nts\",\"Shell\":\"\",\"Comment\":\"hello\",\"Password\":\"unknown\"}' http://localhost/api/v1/system/user/add\n\n# Remove a User.\ncurl --unix-socket /run/photon-mgmt/mgmt.sock --request DELETE --data '{\"Name\":\"\u003cUserName\u003e\"}' http://localhost/api/v1/system/user/remove\n\u003ecurl --unix-socket /run/photon-mgmt/mgmt.sock --request DELETE --data '{\"Name\":\"nts1\"}' http://localhost/api/v1/system/user/remove\n```\n\n#### Configure network link section using pmctl\n```bash\n\n# Configure network dhcp\npmctl network set-dhcp \u003cdeviceName\u003e \u003cDHCPMode\u003e\n\u003epmctl network set-dhcp ens37 ipv4\n\n# Configure network linkLocalAddressing\npmctl network set-link-local-addr \u003cdeviceName\u003e \u003clinkLocalAddressingMode\u003e\n\u003epmctl network set-link-local-addr ens37 ipv4\n\n# Configure network multicastDNS\npmctl network set-multicast-dns \u003cdeviceName\u003e \u003cMulticastDNSMode\u003e\n\u003epmctl network set-multicast-dns ens37 resolve\n\n# Configure network address\npmctl network add-link-address \u003cdeviceName\u003e address \u003cAddress\u003e peer \u003cAddress\u003e label \u003clabelValue\u003e scope \u003cscopeValue\u003e\n\u003epmctl network add-link-address ens37 address 192.168.0.15/24 peer 192.168.10.10/24 label ipv4 scope link\n\n# Configure network sriov\npmctl network add-sriov dev \u003cdeviceName\u003e vf \u003cVirtualFunction\u003e vlanid \u003cVLANId\u003e qos \u003cQualityOfService\u003e vlanproto \u003cVLANProtocol\u003e macsfc \u003cMACSpoofCheck\u003e qrss \u003cQueryReceiveSideScaling\u003e trust \u003cTrust\u003e linkstate \u003cLinkState\u003e macaddr \u003cMACAddress\u003e\n\u003epmctl network add-sriov dev ens37 vf 2 vlanid 1 qos 1024 vlanproto 802.1Q macsfc yes qrss yes trust yes linkstate auto macaddr 00:0c:29:3a:bc:11\n\n# Configure network route\npmctl network add-route dev \u003cdeviceName\u003e gw \u003cGateway\u003e gwonlink \u003cGatewayOnlink\u003e src \u003cSource\u003e dest \u003cDestination\u003e prefsrc \u003cpreferredSource\u003e table \u003cTable\u003e scope \u003cScope\u003e\n\u003epmctl network add-route dev ens33 gw 192.168.1.0 gwonlink no src 192.168.1.15/24 dest 192.168.10.10/24 prefsrc 192.168.8.9 table 1234 scope link\n\n# Configure network dns\npmctl network add-dns dev \u003cdeviceName\u003e dns \u003cdnslist\u003e\n\u003epmctl network add-dns dev ens37 dns 8.8.8.8,8.8.4.4,8.8.8.1,8.8.8.2\n\n#Configure network domains\npmctl network add-domain dev \u003cdeviceName\u003e domains \u003cdomainlist\u003e\n\u003epmctl network add-domain dev ens37 domains test1.com,test2.com,test3.com,test4.com\n\n#Configure network ntp\npmctl network add-ntp dev \u003cdeviceName\u003e ntp \u003cntplist\u003e\n\u003epmctl network add-ntp dev ens37 ntp 198.162.1.15,test3.com\n\n# Configure network ipv6AcceptRA\npmctl network set-ipv6-accept-ra \u003cdeviceName\u003e \u003cIPv6AcceptRA\u003e\n\u003epmctl network set-ipv6-accept-ra ens37 false\n\n# Configure link mode\npmctl network set-link-mode dev \u003cdevice\u003e mode \u003cunmanagedValue\u003e arp \u003carpValue\u003e mc \u003cmulticastValue\u003e amc \u003callmulticastValue\u003e pcs \u003cPromiscuousValue\u003e rfo \u003cRequiredForOnline\u003e\n\u003epmctl network set-link-mode dev ens37 arp 1 mc no amc true pcs yes rfo on\n\n# Configure link mtubytes\npmctl network set-mtu \u003cdeviceName\u003e \u003cmtubytesValue\u003e\n\u003epmctl network set-mtu ens37 2048\n\n# Configure link mac\npmctl network set-mac \u003cdeviceName\u003e \u003cMACAddress\u003e\n\u003epmctl network set-gmac ens37 00:a0:de:63:7a:e6\n\n# Configure link group\npmctl network set-group \u003cdeviceName\u003e \u003cgroupValue\u003e\n\u003epmctl network set-group ens37 2147483647\n\n# Configure link requiredFamilyForOnline\npmctl network set-rf-online \u003cdeviceName\u003e \u003cfamilyValue\u003e\n\u003epmctl network set-rf-online ens37 ipv4\n\n# Configure link activationPolicy\npmctl network set-active-policy \u003cdeviceName\u003e \u003cpolicyValue\u003e\n\u003epmctl network set-active-policy ens37 always-up\n\n# Configure network routingPolicyRule\npmctl network add-rule dev \u003cdeviceName\u003e tos \u003cTypeOfService\u003e from \u003cAddress\u003e to \u003cAddress\u003e fwmark \u003cFirewallMark\u003e table \u003cTable\u003e prio \u003cPriority\u003e iif \u003cIncomingInterface\u003e oif \u003cOutgoingInterface\u003e srcport \u003cSourcePort\u003e destport \u003cDestinationPort\u003e ipproto \u003cIPProtocol\u003e invertrule \u003cInvertRule\u003e family \u003cFamily\u003e usr \u003cUser\u003e suppressprefixlen \u003cSuppressPrefixLength\u003e suppressifgrp \u003cSuppressInterfaceGroup\u003e type \u003cType\u003e\n\u003epmctl network add-rule dev ens37 tos 12 from 192.168.1.10/24 to 192.168.2.20/24 fwmark 7/255 table 8 prio 3 iif ens37 oif ens37 srcport 8000-8080 destport 9876 ipproto 17 invertrule yes family ipv4 usr 1001 suppressprefixlen 128 suppressifgrp 2098 type prohibit\n\n# Remove network routingPolicyRule\npmctl network delete-rule dev \u003cdeviceName\u003e tos \u003cTypeOfService\u003e from \u003cAddress\u003e to \u003cAddress\u003e fwmark \u003cFirewallMark\u003e table \u003cTable\u003e prio \u003cPriority\u003e iif \u003cIncomingInterface\u003e oif \u003cOutgoingInterface\u003e srcport \u003cSourcePort\u003e destport \u003cDestinationPort\u003e ipproto \u003cIPProtocol\u003e invertrule \u003cInvertRule\u003e family \u003cFamily\u003e usr \u003cUser\u003e suppressprefixlen \u003cSuppressPrefixLength\u003e suppressifgrp \u003cSuppressInterfaceGroup\u003e type \u003cType\u003e\n\u003epmctl network delete-rule dev ens37 tos 12 from 192.168.1.10/24 to 192.168.2.20/24 fwmark 7/255 table 8 prio 3 iif ens37 oif ens37 srcport 8000-8080 destport 9876 ipproto 17 invertrule yes family ipv4 usr 1001 suppressprefixlen 128 suppressifgrp 2098 type prohibit\n\n# Configure network DHCPv4 id's\npmctl network set-dhcpv4-id dev \u003cdeviceName\u003e clientid \u003cClientIdentifier\u003e vendorclassid \u003cVendorClassIdentifier\u003e iaid \u003cIAID\u003e\n\u003epmctl network set-dhcpv4-id dev ens37 clientid duid vendorclassid 101 iaid 201\n\n# Configure network DHCPv4 duid\npmctl network set-dhcpv4-duid dev \u003cdeviceName\u003e duidtype \u003cDUIDType\u003e duidrawdata \u003cDUIDRawData\u003e\n\u003epmctl network set-dhcpv4-duid dev ens37 duidtype vendor duidrawdata af:03:ff:87\n\n# Configure network DHCPv4 use options\npmctl network set-dhcpv4-use dev \u003cdeviceName\u003e usedns \u003cUseDNS\u003e usentp \u003cUseNTP\u003e usesip \u003cUseSIP\u003e usemtu \u003cUseMTU\u003e usehostname \u003cUseHostname\u003e usedomains \u003cUseDomains\u003e useroutes \u003cUseRoutes\u003e usegateway \u003cUseGateway\u003e usetimezone \u003cUseTimezone\u003e\n\u003epmctl network set-dhcpv4-use dev ens37 usedns false usentp false usesip false usemtu yes usehostname true usedomains yes useroutes no usegateway yes usetimezone no\n\n# Configure network DHCPv6\npmctl network set-dhcpv6 dev \u003cdeviceName\u003e mudurl \u003cMUDURL\u003e userclass \u003cUserClass\u003e vendorclass \u003cVendorClass\u003e prefixhint \u003cIPV6ADDRESS\u003e withoutra \u003cWithoutRA\u003e\n\u003epmctl network set-dhcpv6 dev ens37 mudurl https://example.com/devB userclass usrcls1,usrcls2 vendorclass vdrcls1 prefixhint 2001:db1:fff::/64 withoutra solicit\n\n# Configure network DHCPv6 id's\npmctl network set-dhcpv6-id dev \u003cdeviceName\u003e iaid \u003cIAID\u003e duidtype \u003cDUIDType\u003e duidrawdata \u003cDUIDRawData\u003e\n\u003epmctl network set-dhcpv6-id dev ens37 iaid 201 duidtype vendor duidrawdata af:03:ff:87\n\n# Configure network DHCPv6 Use\npmctl network set-dhcpv6-use dev \u003cdeviceName\u003e useaddr \u003cUseAddress\u003e useprefix \u003cUsePrefix\u003e usedns \u003cUseDNS\u003e usentp \u003cUseNTP\u003e usehostname \u003cUseHostname\u003e usedomains \u003cUseDomains\u003e\n\u003epmctl network set-dhcpv6-use dev ens37 useaddr yes useprefix no usedns false usentp false usehostname true usedomains yes\n\n# Configure network DHCPv6 Options\npmctl network set-dhcpv6-option dev \u003cdeviceName\u003e reqopt \u003cRequestOptions\u003e sendopt \u003cSendOption\u003e sendvendoropt \u003cSendVendorOption\u003e\n\u003epmctl network set-dhcpv6-option dev ens37 reqopt 10,198,34 sendopt 34563 sendvendoropt 1987653,65,ipv6address,af:03:ff:87\n\n# Configure network DHCPServer\npmctl network add-dhcpv4-server dev \u003cDevicename\u003e pool-offset \u003cpoolOffset\u003e pool-size \u003cPoolSize\u003e default-lease-time-sec \u003cDefaultLeaseTimeSec\u003e max-lease-time-sec \u003cMaxLeaseTimeSec\u003e dns \u003cDNS\u003e emit-dns \u003cEmitDNS\u003e emit-ntp \u003cEmitNTP\u003e emit-router \u003cEmitRouter\u003e\n\u003epmctl network add-dhcpv4-server dev ens37 pool-offset 100 pool-size 200 default-lease-time-sec 10 max-lease-time-sec 30 dns 192.168.1.2,192.168.10.10,192.168.20.30 emit-dns yes emit-ntp no emit-router yes\n\n# Remove network DHCPServer\npmctl network remove-dhcpv4-server \u003cDevicename\u003e\n\u003epmctl network remove-dhcpv4-server ens37\n\n# Configure network IPv6SendRA\npmctl network add-ipv6ra dev \u003cdeviceName\u003e rt-pref \u003cRouterPreference\u003e emit-dns \u003cEmitDNS\u003e dns \u003cDNS\u003e emit-domains \u003cEmitDomains\u003e domains \u003cDomains\u003e dns-lifetime-sec \u003cDNSLifetimeSec\u003e prefix \u003cPrefix\u003e pref-lifetime-sec \u003cPreferredLifetimeSec\u003e valid-lifetime-sec \u003cValidLifetimeSec\u003e assign \u003cAssign\u003e route \u003cRoute\u003e lifetime-sec \u003cLifetimeSec\u003e\n\u003epmctl network add-ipv6ra dev ens37 rt-pref medium emit-dns yes dns 2002:da8:1::1,2002:da8:2::1 emit-domains yes domains test1.com,test2.com dns-lifetime-sec 100 prefix 2002:da8:1::/64 pref-lifetime-sec 100 valid-lifetime-sec 200 assign yes route 2001:db1:fff::/64 lifetime-sec 1000\n\n# Remove network IPv6SendRA\npmctl network remove-ipv6ra \u003cDevicename\u003e\n\u003epmctl network remove-ipv6ra ens37\n\n```\n\n#### Configure network device using pmctl\n```bash\n# Configure VLan\npmctl network create-vlan \u003cvlanName\u003e dev \u003cdevice\u003e id \u003cvlanId\u003e\n\u003epmctl network create-vlan vlan1 dev ens37 id 101\n\n# Configure Bond\npmctl network create-bond \u003cbondName\u003e dev \u003cdevice\u003e mode \u003cmodeType\u003e thp \u003cTransmitHashPolicyType\u003e ltr \u003cLACPTransmitRateType\u003e mms \u003cMIIMonitorSecTime\u003e\n\u003epmctl network create-bond bond1 dev ens37,ens38 mode 802.3ad thp layer2+3 ltr slow mms 1s\n\n# Configure Bond with default\n\u003epmctl network create-bond bond1 dev ens37,ens38\n\n# Configure Bridge with default\npmctl network create-bridge \u003cbridgeName\u003e dev \u003cdevice list\u003e\n\u003epmctl network create-bridge br0 dev ens37,ens38\n\n# Configure MacVLan\npmctl network create-macvlan \u003cmacvlanName\u003e dev \u003cdevice\u003e mode \u003cmodeName\u003e\n\u003epmctl network create-macvlan macvlan1 dev ens37 mode private\n\n# Configure IpVLan\npmctl network create-ipvlan \u003cipvlanName\u003e dev \u003cdevice\u003e mode \u003cmodeName\u003e flags \u003cflagsName\u003e\n\u003epmctl network create-ipvlan ipvlan1 dev ens37 mode l2 flags vepa\n\n# Configure IpVLan with default\n\u003epmctl network create-ipvlan ipvlan1 dev ens38\n\n# Configure VxLan\npmctl network create-vxlan \u003cvxlanName\u003e dev \u003cdevice\u003e remote \u003cRemoteAddress\u003e local \u003cLocalAddress\u003e group \u003cGroupAddress\u003e destport \u003cDestinationPort\u003e independent \u003cIndependentFlag\u003e\n\u003epmctl network create-vxlan vxlan1 dev ens37 vni 16777215 remote 192.168.1.3 local 192.168.1.2 group 192.168.0.0 destport 4789 independent no\n\n# Configure WireGuard\npmctl network create-wg \u003cwireguardName\u003e dev \u003cdevice\u003e skey \u003cprivateKey\u003e pkey\u003cpublicKey\u003e endpoint \u003caddress:Port\u003e port \u003clistenport\u003e ips \u003callowedIPs\u003e\n\u003epmctl network create-wg wg1 dev ens37 skey wCmc/74PQpRoxTgqGircVFtdArZFUFIiOoyQY8kVgmI= pkey dSanSzExlryduCwNnAFt+rzpI5fKeHuJx1xx2zxEG2Q= endpoint 10.217.69.88:51820 port 51822 ips fd31:bf08:57cb::/48,192.168.26.0/24\n\n# Configure WireGuard with default\n\u003epmctl network create-wg wg1 dev ens37 skey wCmc/74PQpRoxTgqGircVFtdArZFUFIiOoyQY8kVgmI= pkey dSanSzExlryduCwNnAFt+rzpI5fKeHuJx1xx2zxEG2Q= endpoint 10.217.69.88:51820\n\n# Configure Tun\npmctl network create-tun \u003ctunName\u003e dev \u003cdevice\u003e mq \u003cMultiQueue\u003e pktinfo\u003cPacketInfo\u003e vnet-hdr \u003cVNetheader\u003e usr \u003cUser\u003e grp \u003cGroup\u003e kc \u003cKeepCarrier\u003e\n\u003epmctl network create-tun tun1 dev ens37 mq yes pktinfo yes vnet-hdr no usr test-user grp test-group kc no\n\n# Configure Tap\npmctl network create-tap \u003ctapName\u003e dev \u003cdevice\u003e mq \u003cMultiQueue\u003e pktinfo\u003cPacketInfo\u003e vnet-hdr \u003cVNetheader\u003e usr \u003cUser\u003e grp \u003cGroup\u003e kc \u003cKeepCarrier\u003e\n\u003epmctl network create-tap tap99 dev ens37 mq yes pktinfo yes vnet-hdr no usr test-user grp test-group kc no\n```\n\n#### Remove network device using pmctl\n```bash\npmctl network remove-netdev \u003ckindDeviceName\u003e kind \u003ckindType\u003e\n\u003epmctl network remove-netdev ipvlan1 dev ens37 kind ipvlan\n```\n\n#### Configure link using pmctl\n```bash\n\n# Configure Link MACAddress.\npmctl link set-mac dev \u003cdeviceName\u003e macpolicy \u003cMACAddressPolicy\u003e macaddr \u003cMACAddress\u003e\n\u003epmctl link set-mac dev eth0 macpolicy none macaddr 00:a0:de:63:7a:e6\n\n# Configure Link Name.\npmctl link set-name dev \u003cdeviceName\u003e namepolicy \u003cNamePolicy\u003e name \u003cName\u003e\n\u003epmctl link set-name dev ens37 namepolicy mac,kernel,database,onboard,keep,slot,path\n\n# Configure Link AlternativeNames.\npmctl link set-name dev \u003cdeviceName\u003e altnamespolicy \u003cAlternativeNamesPolicy\u003e altname \u003cAlternativeName\u003e\n\u003epmctl link set-alt-name dev ens37 altnamespolicy mac,database,onboard,slot,path\n\n# Configure Link ChecksumOffload.\npmctl link set-csum-offload dev \u003cdeviceName\u003e rco \u003cReceiveCheksumOffload\u003e tco \u003cTransmitChecksumOffload\u003e\n\u003epmctl link set-csum-offload dev ens37 rxco true txco true\n\n# Configure Link TCPSegmentationOffload.\npmctl link set-tcp-offload dev \u003cdeviceName\u003e tcpso \u003cTCPSegmentationOffload\u003e tcp6so \u003cTCP6SegmentationOffload\u003e\n\u003epmctl link set-tcp-offload dev ens37 tcpso true tcp6so true\n\n# Configure Link GenericOffload.\npmctl link set-generic-offload dev \u003cdeviceName\u003e gso \u003cGenericSegmentationOffload\u003e gro \u003cGenericReceiveOffload\u003e grohw \u003cGenericReceiveOffloadHardware\u003e gsomaxbytes \u003cGenericSegmentOffloadMaxBytes\u003e gsomaxseg \u003cGenericSegementOffloadMaxSegments\u003e\n\u003epmctl link set-generic-offload dev ens37 gso true gro true grohw false gsomaxbytes 65536 gsomaxseg 65535\n\n# Configure Link VLANTAG.\npmctl link set-vlan-tags dev \u003cdeviceName\u003e rxvlanctaghwacl \u003cReceiveVLANCTAGHardwareAcceleration\u003e txvlanctaghwacl \u003cTransmitVLANCTAGHardwareAcceleration\u003e rxvlanctagfilter \u003cReceiveVLANCTAGFilter\u003e txvlanstaghwacl \u003cTransmitVLANSTAGHardwareAcceleration\u003e\n\u003epmctl link set-vlan-tags dev ens37 rxvlanctaghwacl true txvlanctaghwacl false rxvlanctagfilter true txvlanstaghwacl true\n\n# Configure Link Channels.\npmctl link set-channel dev \u003cdeviceName\u003e rxch \u003cRxChannels\u003e txch \u003cTxChannels\u003e oth \u003cOtherChannels\u003e coch \u003cCombinedChannels\u003e\n\u003epmctl link set-channel dev ens37 rxch 1024 txch 2045 och 45678 coch 32456\n\n# Configure Link Buffers.\npmctl link set-buffer dev \u003cdeviceName\u003e rxbufsz \u003cRxBufferSize\u003e rxmbufsz \u003cRxMiniBufferSize\u003e rxjbufsz \u003cRxJumboBufferSize\u003e txbufsz \u003cTxBufferSize\u003e\n\u003epmctl link set-buffer dev ens37 rxbufsz 100009 rxmbufsz 1998 rxjbufsz 10999888 txbufsz 83724\n\n# Configure Link Queues.\npmctl link set-queue dev \u003cdeviceName\u003e rxq \u003cReceiveQueues\u003e txq \u003cTransmitQueues\u003e txqlen \u003cTransmitQueueLength\u003e\n\u003epmctl link set-queue dev ens37 rxq 4096 txq 4096 txqlen 4294967294\n\n# Configure Link FlowControls.\npmctl link set-flow-ctrl dev \u003cdeviceName\u003e rxfctrl \u003cRxFlowControl\u003e txfctrl \u003cTxFlowControl\u003e anfctrl \u003cAutoNegotiationFlowControl\u003e\n\u003epmctl link set-flow-ctrl dev ens37 rxfctrl true txfctrl true anfctrl true\n\n# Configure Link UseAdaptiveCoalesce.\npmctl link set-adpt-coalesce dev \u003cdeviceName\u003e uarxc \u003cUseAdaptiveRxCoalesce\u003e uatxc \u003cUseAdaptiveTxCoalesce\u003e\n\u003epmctl link set-adpt-coalesce dev ens37 uarxc true uatxc true\n\n# Configure Link ReceiveCoalesce.\npmctl link set-rx-coalesce dev \u003cdeviceName\u003e rxcs \u003cRxCoalesceSec\u003e rxcsirq \u003cRxCoalesceIrqSec\u003e rxcslow \u003cRxCoalesceLowSec\u003e rxcshigh \u003cRxCoalesceHighSec\u003e\n\u003epmctl link set-rx-coalesce dev ens37 rxcs 23 rxcsirq 56 rxcslow 5 rxcshigh 76788\n\n# Configure Link TransmitCoalesce.\npmctl link set-tx-coalesce dev \u003cdeviceName\u003e txcs \u003cTxCoalesceSec\u003e txcsirq \u003cTxCoalesceIrqSec\u003e txcslow \u003cTxCoalesceLowSec\u003e txcshigh \u003cTxCoalesceHighSec\u003e\n\u003epmctl link set-tx-coalesce dev ens37 txcs 23 txcsirq 56 txcslow 5 txcshigh 76788\n\n# Configure Link ReceiveMaxCoalescedFrames.\npmctl link set-rx-coald-frames dev \u003cdeviceName\u003e rxcmf \u003cRxMaxCoalescedFrames\u003e rxcmfirq \u003cRxMaxCoalescedIrqFrames\u003e rxcmflow \u003cRxMaxCoalescedLowFrames\u003e rxcmfhigh \u003cRxMaxCoalescedHighFrames\u003e\n\u003epmctl link set-rx-coald-frames dev ens37 rxmcf 23 rxmcfirq 56 rxmcflow 5 rxmcfhigh 76788\n\n# Configure Link TransmitMaxCoalescedFrames.\npmctl link set-tx-coald-frames dev \u003cdeviceName\u003e txcmf \u003cTxMaxCoalescedFrames\u003e txcmfirq \u003cTxMaxCoalescedIrqFrames\u003e txcmflow \u003cTxMaxCoalescedLowFrames\u003e txcmfhigh \u003cTxMaxCoalescedHighFrames\u003e\n\u003epmctl link set-tx-coald-frames dev ens37 txmcf 23 txmcfirq 56 txmcflow 5 txmcfhigh 76788\n\n# Configure Link CoalescePacketRate.\npmctl link set-coalesce-pkt dev \u003cdeviceName\u003e cprlow \u003cCoalescePacketRateLow\u003e cprhigh \u003cCoalescePacketRateHigh\u003e cprsis \u003cCoalescePacketRateSampleIntervalSec\u003e\n\u003epmctl link set-coalesce-pkt dev ens37 cprlow 1000 cprhigh 32456 cprsis 102\n\n# Configure Link Alias,Description,port,duplex...etc.\npmctl link set-link dev ens37 alias \u003cAlias\u003e desc \u003cDescription\u003e mtub \u003cMTUBytes\u003e bits \u003cBitsPerSecond\u003e duplex \u003cDuplex\u003e auton \u003cAutoNegotiation\u003e wol \u003cWakeOnLan\u003e wolpassd \u003cWakeOnLanPassword\u003e port \u003cPort\u003e advertise \u003cAdvertise\u003e lrxo \u003cLargeReceiveOffload\u003e ntf \u003cNTupleFilter\u003e ssbcs \u003cStatisticsBlockCoalesceSec\u003e\n\u003epmctl link set-link dev ens37 alias ifalias desc configdevice mtub 10M bits 5G duplex full auton no wol phy,unicast,broadcast,multicast,arp,magic,secureon wolpassd cb:a9:87:65:43:21  port mii advertise 10baset-half,10baset-full,20000basemld2-full lrxo true ntf true ssbcs 1024\n\n```\n\n#### firewall nftable\n```bash\n\n# Add nft table.\npmctl network add-nft-table name \u003cTABLE\u003e family \u003cFAMILY\u003e\n\u003epmctl network add-nft-table name test99 family inet\n\n# Delete nft table.\npmctl network delete-nft-table name \u003cTABLE\u003e family \u003cFAMILY\u003e\n\u003epmctl network delete-nft-table name test99 family inet\n\n# Show nft table.\npmctl network show-nft-table name \u003cTABLE\u003e family \u003cFAMILY\u003e\n\u003epmctl network show-nft-table name test99 family inet\n\n# Show all nft tables.\n\u003epmctl network show-nft-table\n\n# Add nft chain.\npmctl network add-nft-chain name \u003cCHAIN\u003e table \u003cTABLE\u003e family \u003cFAMILY\u003e hook \u003cHOOK\u003e priority \u003cPRIORITY\u003e type \u003cTYPE\u003e policy \u003cPOLICY\u003e\n\u003epmctl network add-nft-chain name chain1 table test99 family inet hook input priority 300 type filter policy drop\n\n# Delete nft chain.\npmctl network delete-nft-chain name \u003cCHAIN\u003e table \u003cTABLE\u003e family \u003cFAMILY\u003e\n\u003epmctl network delete-nft-chain name chain1 table test99 family inet\n\n# Show nft chain.\npmctl network show-nft-chain name \u003cCHAIN\u003e table \u003cTABLE\u003e family \u003cFAMILY\u003e\n\u003epmctl network show-nft-chain name chain1 table test99 family inet\n\n# Show all nft chain.\n\u003epmctl network show-nft-chain\n\n# Save all nft tables.\n\u003epmctl network nft-save\n\n# Run nft commands.\npmctl network nft-run \u003cCOMMAND\u003e\n\u003epmctl network nft-run nft add table inet test99\n\u003epmctl network nft-run nft add chain inet test99 my_chain '{ type filter hook input priority 0; }'\n\u003epmctl network nft-run nft add rule inet test99 my_chain tcp dport {telnet, http, https} accept\n\u003epmctl network nft-run nft delete rule inet test99 my_chain handle 3\n\u003epmctl network nft-run nft delete chain inet test99 my_chain\n\u003epmctl network nft-run nft delete table inet test99\n\n```\n\n#### proc info and configuration\n```bash\n\n# Net device property stats.\npmctl status proc net path \u003cPATH\u003e property \u003cPROPERTY\u003e\npmctl status proc net path ipv6 property calipso_cache_bucket_size\n                 Path: ipv6\n             Property: calipso_cache_bucket_size\n                Value: 10\n\n# Net device property configuration.\npmctl proc net path \u003cPATH\u003e property \u003cPROPERTY\u003e value \u003cVALUE\u003e\n\u003epmctl proc net path ipv6 property calipso_cache_bucket_size value 12\n\n# Net device link property stats.\npmctl status proc net path \u003cPATH\u003e dev \u003cLINK\u003e property \u003cPROPERTY\u003e\n\u003epmctl status proc net path ipv6 dev ens37 property mtu\n                 Path: ipv6\n                 Link: ens37\n             Property: mtu\n                Value: 1300\n\n# Net device link property configuration.\npmctl proc net path \u003cPATH\u003e dev \u003cLINK\u003e property \u003cPROPERTY\u003e value \u003cVALUE\u003e\n\u003epmctl proc net path ipv6 dev ens37 property mtu value 1500\n\n# VM property stats.\npmctl status proc vm \u003cPROPERTY\u003e\n\u003epmctl status proc vm page-cluster\n             Property: page-cluster\n                Value: 3\n\n# VM property configuration.\n\u003epmctl proc vm \u003cPROPERTY\u003e \u003cVALUE\u003e\npmctl proc vm page-cluster 5\n\n# System property stats.\npmctl status proc system \u003cPROPERTY\u003e\n\u003epmctl status proc system cpuinfo\n\n# ARP stats.\npmctl status proc arp\n\u003epmctl status proc arp\n             IPAddress: 172.16.61.254\n                HWType: 0x1\n                 Flags: 0x2\n             HWAddress: 00:50:56:f3:5d:48\n                  Mask: *\n                Device: ens37\n\n             IPAddress: 172.16.61.254\n                HWType: 0x1\n                 Flags: 0x2\n             HWAddress: 00:50:56:f3:5d:48\n                  Mask: *\n                Device: ens33\n\n             IPAddress: 172.16.61.2\n                HWType: 0x1\n                 Flags: 0x2\n             HWAddress: 00:50:56:f4:e7:22\n                  Mask: *\n                Device: ens33\n\n             IPAddress: 172.16.61.2\n                HWType: 0x1\n                 Flags: 0x2\n             HWAddress: 00:50:56:f4:e7:22\n                  Mask: *\n                Device: ens37\n```\n\n#### Netstat info\n\n```bash\npmctl status proc netstat \u003cPROTOCOL\u003e\n\u003epmctl status proc netstat tcp\n```\n\n#### Process stats\n```bash\npmctl status proc process \u003cPID\u003e \u003cPROPERTY\u003e\n\u003epmctl status proc process 88157 pid-memory-percent\n```\n\n#### Protopidstat stats\n```bash\npmctl status proc protopidstat \u003cPID\u003e \u003cPROTOCOL\u003e\n\u003epmctl status proc protopidstat 89502 tcp\n\n```\n\n#### Package Management\n```bash\n# List all packages\npmctl pkg list\n\u003e pmctl pkg list\n\n# List specific packages\n\u003e pmctl pkg list \u003cpkg\u003e\npmctl pkg list lsof\n\n# Info\n\u003e pmctl pkg info \u003cpkg\u003e\npmctl pkg info lsof\n\n# Download metada\n\u003e pmctl pkg makecache\npmctl pkg makecache\n\n# Clean cache\n\u003e pmctl pkg clean\npmctl pkg clean\n\n# List repositories\n\u003e pmctl pkg repolist\npmctl pkg repolist\n\n# Search packages\n\u003e pmctl pkg search \u003cpattern\u003e\npmctl pkg search lsof\n\n# Acquire update info\n\u003e pmctl pkg updateinfo\n\u003e pmctl pkg updateinfo --list\n\u003e pmctl pkg updateinfo --info\n\n# Install a package\n\u003e pmctl pkg install \u003cpkg\u003e\npmctl install lsof\n\n# Update a package\n\u003e pmctl pkg update \u003cpkg\u003e\npmctl pkg update lsof\n\n# Remove a package\n\u003e pmctl pkg remove \u003cpkg\u003e\npmctl pkg remove lsof\n\n# Update all\n\u003e pmctl pkg update\npmctl pkg update\n\n# Use common options\n\u003e pmctl pkg [--allowerasing][--best][--cacheonly][--config=\u003cfile\u003e][--disablerepo=\u003cpattern\u003e[,..]]\n\t[--disableexcludes][--downloaddir=\u003cdir\u003e][--downloadonly][--enablerepo=\u003cpattern\u003e[,..]]\n\t[--exclude=\u003cpkg\u003e][--installroot=\u003cdir\u003e][--noautoremove][--nogpgcheck][--noplugins]\n\t[--rebootrequired][--refresh][--releaserver=\u003crelease\u003e][--repoid=\u003crepo\u003e]\n\t[--repofrompath=\u003crepo\u003e,\u003cdir\u003e][--security][--secseverity=\u003csev\u003e][--setopt=\u003ckey=value\u003e[,..]]\n\t[--skipconflicts][--skipdigest][--skipobsletes][--skipsignature]\npmctl pkg --repoid=photon-debuginfo list lsof*\n```\n\n#### How to configure users ?\n\n##### Unix domain socket\n\nAny users added to the group photon-mgmt, they are allowed to access the unix socket.\n```bash\n# usermod -a -G photon-mgmt exampleusername\n```\n\n##### Web users via pmctl\n\nExport the token key to the enviroment as below\n```bash\n❯ export PHOTON_MGMT_AUTH_TOKEN=secret\n```\n\n#### How to configure TLS ?\n\nGenerate private key (.key)\n\n```bash\n# Key considerations for algorithm \"RSA\" ≥ 2048-bit\n$ openssl genrsa -out server.key 2048\nGenerating RSA private key, 2048 bit long modulus (2 primes)\n.......................+++++\n.+++++\ne is 65537 (0x010001)\n\nopenssl genrsa -out server.key 2048\n```\n\nGeneration of self-signed(x509) public key (PEM-encodings .pem|.crt) based on the private (.key)\n\n```bash\n$ openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter '.', the field will be left blank.\n-----\nCountry Name (2 letter code) [XX]:\n\n```\n\nPlace ```server.crt``` and ```server.key``` in the dir ```/etc/photon-mgmt/tls```\n\n```bash\n[root@Zeus tls]# ls\nserver.crt  server.key\n[root@Zeus tls]# pwd\n/etc/photon-mgmt/cert\n\n```\n\nUse case: https\n\n```bash\n$ curl --header \"X-Session-Token: secret\" --request GET https://localhost:5208/api/v1/network/ethtool/vmnet8/get-link-features -k --tlsv1.2\n\n```\n\n#### How to write your own plugin ?\n\nphoton-mgmtd is designed with robust plugin based architecture in mind. You can always add and remove modules to it with minimal effort\nYou can implement and incorporate application features very quickly. Because plug-ins are separate modules with well-defined interfaces,\nyou can quickly isolate and solve problems. You can create custom versions of an application with minimal source code modifications.\n\n* Choose namespace under `plugins` directory (systemd, system, proc) where you want to put your module.\n* Write sub router see for example ```plugins/systemd/```\n* Write your module ```module.go``` and  ```module_router.go```\n* Write ```RegisterRouterModule```\n* Register ```RegisterRouterModule``` with parent router for example for ```login``` registered with\n  ```RegisterRouterSystem``` under ```system``` namespace as ```login.RegisterRouterLogin```\n* See examples directory how to write on your own plugin.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvmware%2Fpmd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvmware%2Fpmd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvmware%2Fpmd/lists"}