Differences

This shows you the differences between two versions of the page.

--- lab:stack_of_nucs:nuc_1 [2023/05/01 19:00] – created user
+++ lab:stack_of_nucs:nuc_1 [2024/05/06 02:12] (current) – removed user
@@ Line 1: / Line 1: @@
-====== NUC 1 ======
-This is the first NUC in the [[:Lab:Stack of NUCs]]. This "NUC 1" will be a user-friendly desktop installation used to create the rest of the environment. We will also prepare two (2) USB sticks for automatically installing our [[NUC 2|next NUC, NUC 2]].
-References:
-  * [[https://www.jimangel.io/posts/automate-ubuntu-22-04-lts-bare-metal/]]
-Hardware:
-  * [[https://ark.intel.com/content/www/us/en/ark/products/95069/intel-nuc-kit-nuc7i3bnk.html|BOXNUC7i3BNK]]
-  * 16GB RAM (8GB is my recommendation)
-  * 32GB storage
-  * Wireless
-Software:
-  * Ubuntu 22.04 LTS desktop
-Purpose:
-  * Linux desktop machine to facilitate the following:
-    * create modified ISO for the boot USB stick
-    * create boot USB stick from the new ISO
-    * create CIDATA USB stick
-    * create firmware upgrade USB stick
-    * create SSH management keys
-    * connect to the other NUCs you build
-====== Step 1 - Install Ubuntu Desktop ======
-Install Ubuntu Desktop - [[https://ubuntu.com/tutorials/install-ubuntu-desktop#1-overview]]
-  * This process will step you through downloading the latest file and creating a bootable USB stick
-  * To boot from the bootable USB stick
-    * Insert the USB stick
-    * Reboot the NUC
-    * Press F10 at the boot prompt
-    * Select the USB stick (USB EUFI)
-====== Step 2 - Update Packages and Generate SSH Key ======
-  * Log in to the NUC ([[NUC 1]]) and perform the usual software updates and install software packages
-    * <file bash>
-sudo apt update && sudo apt upgrade -y
-sudo apt install xorriso squashfs-tools python3-debian gpg liblz4-tool arp-scan notepadqq python3-pip -y
-</file>
-  * Generate key for ssh
-    * ''ssh-keygen -o''
-    * accept default settings and don't enter a passphrase
-====== Step 3 - Create Modified Bootable Ubuntu Server USB Stick ======
-These steps are performed while logged in on [[NUC 1]].
-  - Download the latest __live-server__ ISO from [[https://releases.ubuntu.com/22.04/|Ubuntu 22.04 releases page]] (name similar to ubuntu-22.04.2-live-server-amd64.iso)
-    * move this file to your home directory
-  - Open the terminal (you should be in your home directory be default)
-  - Install livefs-editor, which we will use to modify the ISO
-    * <file bash>
-git clone https://github.com/mwhudson/livefs-editor
-cd livefs-editor
-sudo python3 -m pip install .
-</file>
-    * Return to your home directory (i.e., ''cd ~'' or ''cd ..'')
-  - Create modified live-server ISO
-    - Copy the grub.cfg file from the ISO file
-      * Set the ORIG_ISO filename to the actual file you downloaded. In this example I will use ''ubuntu-22.04.2-live-server-amd64.iso''
-      * <file bash>
-export ORIG_ISO="ubuntu-22.04.2-live-server-amd64.iso"
-mkdir mnt
-mount -o loop $(ORIG_ISO) mnt
-cp --no-preserve=all mnt/boot/grub/grub.cfg ./grub.cfg
-umount nnt
-sed -i 's/linux	\/casper\/vmlinuz  ---/linux	\/casper\/vmlinuz autoinstall quiet ---/g' ./grub.cfg
-sed -i 's/timeout=30/timeout=1/g' /tmp/grub.cfg
-export MODDED_ISO="${ORIG_ISO::-4}-modded.iso"
-livefs-edit ../$ORIG_ISO ../$MODDED_ISO --cp /tmp/grub.cfg new/iso/boot/grub/grub.cfg
-</file>
-  - Create bootable USB from the modified ISO
-    * Use [[https://www.balena.io/etcher|Balena Etcher]] or [[https://ubuntu.com/tutorials/create-a-usb-stick-on-ubuntu#1-overview|Startup Disk Creator]]
-====== Step 4 - Create CIDATA USB Stick ======
-Create a USB stick named CIDATA as a cloud-init datasource
-  - Unplug the bootable USB stick you just created
-  - Plug in the USB that will be erased and used as the cloud-init datasource
-  - Identify the USB stick device name
-    * ''lsblk'' - it will probably be sda or sdb
-    * be SURE you pick the right one!
-  - Format the USB disk (assuming it's sdb in this example)
-    - Unmount it: ''sudo umount /dev/sdb''
-    - Format it: ''sudo mkfs.vfat -I -F 32 -n 'CIDATA' /dev/sdb''
-    - Confirm: ''ls /dev/disk/by-label/''
-  - Create meta-data file on CIDATA (assuming it's sdb in this example)
-      * <file bash>
-mkdir /tmp/cidata
-sudo mount /dev/sdb /tmp/cidata
-cd /tmp/cidata
-touch meta-data
-touch user-data
-</file>
-  - Modify the user-data file on CIDATA
-    * You can create the use using a text editor (notepadqq was installed earlier) or use the command line
-    * :!: Replace the key(s) in the example with the output from your computer for:
-      * ''cat ~/.ssh/id_rsa.pub''
-    * :!: Replace the WiFi SSID name and PASSWORD with your WiFi SSID and passphrase
-    * <file yaml user-data>
-#cloud-config
-autoinstall:
-  version: 1
-  ssh:
-    install-server: true
-    # option "allow-pw" defaults to `true` if authorized_keys is empty, `false` otherwise.
-    allow-pw: false
-  # "[late-commands] are run in the installer environment with the installed system mounted at /target."
-  late-commands:
-    # randomly generate the hostname & show the IP at boot
-    - echo nuc-host-$(openssl rand -hex 3) > /target/etc/hostname
-    # dump the IP out at login screen
-    - echo "Ubuntu 22.04 LTS \nIP - $(hostname -I)\n" > /target/etc/issue
-    # merge storage to use 100% use of the file system
-    - curtin in-target --target=/target -- lvextend -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv
-    - curtin in-target --target=/target -- resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv
-    # shut-down the host to avoid an infinite installer loop
-    - shutdown -h now
-  user-data:
-    disable_root: true
-    timezone: America/New_York
-    package_upgrade: false
-    packages:
-    - network-manager
-    runcmd:
-    - nmcli d wifi connect SSID password PASSWORD
-    users:
-      - name: tux
-        primary_group: users
-        groups: sudo
-        lock_passwd: true
-        # don't need PW since using SSH, leaving this in though...
-        # password is "changeme" - created with `docker run -it --rm alpine mkpasswd --method=SHA-512`
-        # passwd: "$5$IWwNqL9VUSDoc4Jv$DEUGR.cZQcbz/QvdCOmU13fX5ZW0rANg8LqkAtX3nBA"
-        shell: /bin/bash
-        # use cat ~/.ssh/id_rsa.pub or generate to get your public key
-        ssh_authorized_keys:
-          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local"
-        sudo: ALL=(ALL) NOPASSWD:ALL
-      - name: ansible
-        gecos: Ansible User
-        primary_group: users
-        groups: sudo
-        sudo: ALL=(ALL) NOPASSWD:ALL
-        shell: /bin/bash
-        lock_passwd: true
-        ssh_authorized_keys:
-          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local"
-    # shutdown after first host initial provisioning
-    power_state:
-      mode: poweroff
-</file>
-  - Unmount the USB stick
-    - ''sudo umount /tmp/cidata''
-    - Remove the USB stick
-  - Test boot setup on a different NUC
-    - Insert both USBs into the (powered off) test NUC
-    - Connect the test NUC to your wired Lab network (which has Internet access)
-    - Power on the NUC
-    - Press F10 when prompted and select the USB bootable USB stick ("USB UEFI")
-    - Be patient
-      * if the user-data file is configured to update packages, be aware this requires additional time
-      * if the ISO is older, it may take a while to download and install all the security updates
-    - When the NUC powers down the first time, remove the USB sticks, then power it back on
-    - When the NUC powers down the second time, it is ready to deploy
-      * the WiFi connection should work at this point, so you don't need the wired Internet connection at this point
-      * power back on when you are ready
-    - Test ssh from NUC 1 to the test NUC
-      * identify the IP address on the NUC
-      * ''ssh tux@[IPADDRESS]''
-====== Next Step ======
-You now have a working auto installation process! You can now proceed to building [[Stack - NUC 2|NUC 2]].
-====== Optional ======
-The following method is one way to set up all host keys so you aren't prompted to accept then when opening a SSH connection.
-Set up SSH management keys
-  * once all your NUCs are up, you can use this script to add all of them to your ssh known_hosts file
-  * <code bash>
-IPs=$(sudo arp-scan --localnet --numeric --quiet --ignoredups | grep -E '([a-f0-9]{2}:){5}[a-f0-9]{2}' | awk '{print $1}')
-for i in $(IPs"); do ssh-keygen -R $i && ssh-keyscan -H $i >> ~/.ssh/known_hosts; done
-</code>
-====== Lab Notes ======
-Ubuntu will automatically download and install all security updates over the Internet as part of the automatic installation. As your ISO image gets older (and more security updates need to be installed), the build process will take longer and longer. Update your ISO boot USB stick to keep installation as fast as possible.