lab:stack_-_nuc_2
This is an old revision of the document!
Table of Contents
NUC 2
This is the second NUC in the Stack of NUCs. In the previous step we configured a Linux desktop system on NUC 1. Now we will configure our Ansible control node. We will build it using the USB install and autoconfiguration method we tested with NUC 1.
Ansible terms:
- Control node - A system on which Ansible is installed. You run Ansible commands such as ansible or ansible-inventory on a control node.
- Managed node - A remote system, or host, that Ansible controls.
- Inventory - A list of managed nodes that are logically organized. You create an inventory on the control node to describe host deployments to Ansible.
References
Hardware:
- D34010WYK - i4-4010U @ 1.70GHz
- Haswell NUC D34010WYK and D54250WYK: BIOS version 0054 (9/2/2019)
- 8GB RAM
- 32GB or more storage
- Wireless
- Nearly 10 years old, but still readily available in used market
Software:
- Ubuntu 22.04 LTS server
Purpose:
- Ansible control node
Step 1 - Modify CIDATA USB Stick for Ansible Controller
Modify the CIDATA USB stick file user_data to set up an Ansible controller
#cloud-config autoinstall: version: 1 ssh: install-server: true # option "allow-pw" defaults to `true` if authorized_keys is empty, `false` otherwise. allow-pw: false # "[late-commands] are run in the installer environment with the installed system mounted at /target." late-commands: # randomly generate the hostname & show the IP at boot - echo nuc-ansible-$(openssl rand -hex 3) > /target/etc/hostname # dump the IP out at login screen - echo "Ubuntu 22.04 LTS \nIP - $(hostname -I)\n" > /target/etc/issue # merge storage to use 100% use of the file system - curtin in-target --target=/target -- lvextend -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv - curtin in-target --target=/target -- resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv # shut-down the host to avoid an infinite installer loop - shutdown -h now user-data: disable_root: true timezone: America/New_York package_upgrade: false packages: - network-manager - lldpd - git - python3-pip - ansible - arp-scan runcmd: - nmcli d wifi connect SSID password PASSWORD users: - name: tux primary_group: users groups: sudo lock_passwd: true # don't need PW since using SSH, leaving this in though... # password is "changeme" - created with `docker run -it --rm alpine mkpasswd --method=SHA-512` # passwd: "$5$IWwNqL9VUSDoc4Jv$DEUGR.cZQcbz/QvdCOmU13fX5ZW0rANg8LqkAtX3nBA" shell: /bin/bash # use cat ~/.ssh/id_rsa.pub or generate to get your public key ssh_authorized_keys: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local" sudo: ALL=(ALL) NOPASSWD:ALL - name: ansible gecos: Ansible User primary_group: users groups: sudo sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash lock_passwd: true ssh_authorized_keys: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local" ansible: install_method: pip package_name: ansible run_user: ansible galaxy: actions: - ["ansible-galaxy", "collection", "install", "community.general"] setup_controller: repositories: - path: /home/ansible/my-repo source: git@github.com:doritoes/nuc-ansible-lab.git # shutdown after first host initial provisioning power_state: mode: poweroff
Step 2 - Boot NUC 2 with USB Sticks
- Boot with the custom Lab bootable USB and the customized CIDATA USB inserted
- with the NUC powered off, insert both USB sticks
- power on the NUC, and press F10 when prompted
- select the UEFI USB boot option
- be patient as the system is configured
- after a while, the device will power down
- remove the USB sticks from the NUC and power it back on
- be patient it is completes configuration and powers down again
- WiFi should be working now; you can disconnect the ethernet cable if you'd like, relocate it, etc., and then power it back on
Step 3 - Prepare Ansible
- By default, Ansible default configuration file and inventory file is located at /etc/ansible/ansible.cfg and /etc/ansible/hosts respectively.
- Log in to NUC 2 from NUC 1:
ssh ansible@[IP ADDRESS NUC2]
- Generate keys
ssh-keygen -o- press enter to accept defaults to all prompts
- View the key, which you will use for building the remaining NUCs
cat ~/.ssh/id_rsa.pub
- Ansible is now installed, but with no inventory file(s) or configuration
ansible –version
- Set up some files for Ansible; we will be configuring/adding the new NUCs under [nodes] later
mkdir my-project cat <<'EOF' > my-project/hosts [all:vars] ansible_python_interpreter=/usr/bin/python3 ansible_user='ansible' ansible_become=yes ansible_become_method=sudo [nodes] EOF
Step 4 - Update Ubuntu Packages
- Exit back to your NUC 1 session
- Test running a remote command using SSH
ssh ansible@[IP ADDRESS NUC2] “sudo apt update && sudo apt upgrade -y”
Next Step
You are now ready to build more more NUCs! Continue with NUC 3
lab/stack_-_nuc_2.1682906178.txt.gz · Last modified: 2023/05/01 01:56 by user