This is the third NUC in the Stack of NUCs. This will be an Ansible member node. We will build it using the USB install and automation methods used for NUC 1 and NUC 2.

This process will be used to build the remaining devices in your Stack of NUCs.

Hardware:

• i3
• D34010WYK
• https://www.intel.com/content/www/us/en/download/17536/bios-update-wylpt10h.html?v=t
• 8GB RAM
• 32GB storage
• Wireless

Software:

• Ubuntu 22.04 LTS server

Purpose:

• Ansible node

Steps:

1. Modify the CIDATA USB stick file user_data to set up an Ansible controller
   • You will need to modify the example below:
     • Replace the wifi SSID name and PASSWORD with your wifi SSID and passphrase
     • Replace the key(s) in the example for user tux with the output from NUC 1 for: cat ~/.ssh/id_rsa.pub
     • Replace the key(s) in the example for user ansible with the output from NUC 2 (logged in as user ansible) for: cat ~/.ssh/id_rsa.pub

   • #cloud-config
     autoinstall:
       version: 1
       ssh:
         install-server: true
         # option "allow-pw" defaults to `true` if authorized_keys is empty, `false` otherwise.
         allow-pw: false
      
       # "[late-commands] are run in the installer environment with the installed system mounted at /target."
       late-commands:
         # randomly generate the hostname & show the IP at boot
         - echo nuc-node-$(openssl rand -hex 3) > /target/etc/hostname
         # dump the IP out at login screen
         - echo "Ubuntu 22.04 LTS \nIP - $(hostname -I)\n" > /target/etc/issue
         # merge storage to use 100% use of the file system
         - curtin in-target --target=/target -- lvextend -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv
         - curtin in-target --target=/target -- resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv
         # shut-down the host to avoid an infinite installer loop
         - shutdown -h now
     
       user-data:
         disable_root: true
         timezone: America/New_York
         package_upgrade: false
         packages:
         - network-manager
         runcmd:
         - nmcli d wifi connect SSID password PASSWORD
         users:
           - name: tux
             primary_group: users
             groups: sudo
             lock_passwd: true
             # don't need PW since using SSH, leaving this in though...
             # password is "changeme" - created with `docker run -it --rm alpine mkpasswd --method=SHA-512`
             # passwd: "$5$IWwNqL9VUSDoc4Jv$DEUGR.cZQcbz/QvdCOmU13fX5ZW0rANg8LqkAtX3nBA"
             shell: /bin/bash
             # use cat ~/.ssh/id_rsa.pub or generate to get your public key
             ssh_authorized_keys:
               - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local"
             sudo: ALL=(ALL) NOPASSWD:ALL
           - name: ansible
             gecos: Ansible User
             primary_group: users
             groups: sudo
             sudo: ALL=(ALL) NOPASSWD:ALL
             shell: /bin/bash
             lock_passwd: true
             ssh_authorized_keys:
               - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local"
         # shutdown after first host initial provisioning
         power_state:
           mode: poweroff

2. Boot with the custom Lab bootable USB and the customized CIDATA USB inserted
   • with the NUC powered off, insert both USB sticks
   • power on the NUC, and press F10 when prompted
   • select the UEFI USB boot option
   • after a while, the device will power down
   • remove the USB sticks from the NUC and power it back on
   • be patient it is completes configuration and powers down again
   • you can disconnect the ethernet cable if you'd like, relocate it, etc., and then power it back on

Congratulations! You have successfully built your first Ansible node! Optionally test access to it using the section below.

At this point you should assemble and build your remaining Ansible nodes for the lab, if any.

Continue to Discover NUCs and add to inventory

1. Test logging in (for now you will need to manually accept the keys; we will add those automatically later)
   • from NUC 1
     • ssh tux@[IP NUC3]
     • exit back to NUC 1
     • ssh ansible@[IP NUC3]
     • exit back to NUC 1
   • from NUC 2, logged in as user 'ansible'
     • ssh [IP NUC3]
2. Test running ad hoc commands using Ansible from NUC 2 to NUC 3
   • Add the IP address of NUC 3 to the inventory:
     • File: /home/ansible/my-project/hosts
     • Under [nodes] add the IP address
     • Run some test Ansible ad hoc commands
       • ansible -i hosts all -m ping
       • ansible -i hosts nodes -m ping
       • ansible -i hosts all -a “/sbin/reboot”
         • in my testing I get a connection refused message as the NUC reboots
         • after it comes back up you can confirm it rebooted by looking at the uptime
           • ansible -i hosts all -a “/usr/bin/uptime”
     • ansible -i hosts all -m ansible.builtin.setup # see all facts
   • Optionally, take the NUC 3 IP address back out of the inventory file “hosts”