lab:nuc_2
This is an old revision of the document!
NUC 2
This is the second NUC in the Stack of NUCs. This will be the Ansible controller, the Control Node. We will build it using the USB install and autoconfiguration method we tested with NUC 1.
Ansible terms:
- Control node - A system on which Ansible is installed. You run Ansible commands such as ansible or ansible-inventory on a control node.
- Managed node - A remote system, or host, that Ansible controls.
- Inventory - A list of managed nodes that are logically organized. You create an inventory on the control node to describe host deployments to Ansible.
References
Hardware:
- i3
- Haswell NUC D34010WYK and D54250WYK: BIOS version 0054 (9/2/2019)
- 8GB RAM
- 32GB storage
- Wireless
Software:
- Ubuntu 22.04 LTS server
Purpose:
- Ansible controller
Steps:
- Modify the CIDATA USB stick file user_data to set up an Ansible controller
#cloud-config autoinstall: version: 1 ssh: install-server: true # option "allow-pw" defaults to `true` if authorized_keys is empty, `false` otherwise. allow-pw: false # "[late-commands] are run in the installer environment with the installed system mounted at /target." late-commands: # randomly generate the hostname & show the IP at boot - echo nuc-ansible-$(openssl rand -hex 3) > /target/etc/hostname # dump the IP out at login screen - echo "Ubuntu 22.04 LTS \nIP - $(hostname -I)\n" > /target/etc/issue # merge storage to use 100% use of the file system - curtin in-target --target=/target -- lvextend -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv - curtin in-target --target=/target -- resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv # shut-down the host to avoid an infinite installer loop - shutdown -h now user-data: disable_root: true timezone: America/New_York package_upgrade: false packages: - network-manager - git - python3-pip - ansible - arp-scan runcmd: - nmcli d wifi connect SSID password PASSWORD users: - name: tux primary_group: users groups: sudo lock_passwd: true # don't need PW since using SSH, leaving this in though... # password is "changeme" - created with `docker run -it --rm alpine mkpasswd --method=SHA-512` # passwd: "$5$IWwNqL9VUSDoc4Jv$DEUGR.cZQcbz/QvdCOmU13fX5ZW0rANg8LqkAtX3nBA" shell: /bin/bash # use cat ~/.ssh/id_rsa.pub or generate to get your public key ssh_authorized_keys: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local" sudo: ALL=(ALL) NOPASSWD:ALL - name: ansible gecos: Ansible User primary_group: users groups: sudo sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash lock_passwd: true ssh_authorized_keys: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local" ansible: install_method: pip package_name: ansible run_user: ansible galaxy: actions: - ["ansible-galaxy", "collection", "install", "community.general"] setup_controller: repositories: - path: /home/ansible/my-repo source: git@github.com:doritoes/nuc-ansible-lab.git # shutdown after first host initial provisioning power_state: mode: poweroff
- Update the firmware on this NUC to the latest version
- Insert the USB firmware stick you created
- Boot the NUC to the Visual BIOS menu (press F2 at the boot prompt)
- Compare the version of BIOS with the version you downloaded
- Click Update, don't check using the Internet, and find the file on the USB stick
- Click Open, and confirm the upgrade
- Be patient as the system update the firmware and reboots a couple times
- Boot with the custom Lab bootable USB and the customized CIDATA USB inserted
- with the NUC powered off, insert both USB sticks
- power on the NUC, and press F10 when prompted
- select the UEFI USB boot option
- be patient as the system is configured
- after a while, the device will power down
- remove the USB sticks from the NUC and power it back on
- be patient it is completes configuration and powers down again
- wifi should be working now; you can disconnect the ethernet cable if you'd like, relocate it, etc., and then power it back on
- By default, Ansible default configuration file and inventory file is located at /etc/ansible/ansible.cfg and /etc/ansible/hosts respectively.
- Log in to NUC 2 from NUC 1:
ssh ansible@[IP ADDRESS NUC2]
- Generate keys
ssh-keygen -o- press enter to accept defaults to all prompts
- View the key, which you will use for building the remaining NUCs
cat ~/.ssh/id_rsa.pub
- Ansible is now installed, but with no inventory file(s) or configuration
ansible –version
- Set up some files for Ansible; we will be configuring/adding the new NUCs under [nodes] later
mkdir my-project cat <<'EOF' > my-project/hosts [all:vars] ansible_python_interpreter=/usr/bin/python3 ansible_user='ansible' ansible_become=yes ansible_become_method=sudo [nodes] EOF
- Exit back to your NUC 1 session
- Test running a remote command using SSH
ssh ansible@[IP ADDRESS NUC2] “sudo apt update && sudo apt upgrade -y”
- You are now ready to build more more NUCs! Continue with NUC 3
lab/nuc_2.1681672807.txt.gz · Last modified: 2023/04/16 19:20 by user