Controller Node

Verify Requirements
Check the operating system
Currently we only support Ubuntu 20.04.5 LTS. Verify the operating system by
$ cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.5 LTS (Focal Fossa)"
Check disk space
Here, we see that there is more than 20GB free in the root file system.
[root@dev01 ~]# df -h /
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/cl_dev-root 228G 135G 94G 60% /
Check available memory
We see that total memory is more than 8G.
[root@dev01 ~]# free -h
total used free shared buff/cache available
Mem: 125G 3.6G 106G 39M 15G 121G
Swap: 4.0G 0B 4.0G
Set up Linux users and permissions
We need somewhere to run the tools, and an account to run them as. We recommend not using the root
account to do so. Ensure you have a non-root user account, with paswordless sudo configured. We will refer to this account as deploy-user
, and their group as deploy-group
. Replace these with your own values.
How to make the user expeca
use sudo without password. Add it to the very last line.
$ sudo visudo
...
expeca ALL = (ALL) NOPASSWD: ALL
Ensure permissions and groups
# Create and join deploy-group
[deploy-user@dev01 ~]$ sudo groupadd <deploy-group>
[deploy-user@dev01 ~]$ sudo usermod -a -G <deploy-group> <deploy-user>
# Create and join docker group
[deploy-user@dev01 ~]$ sudo groupadd docker
[deploy-user@dev01 ~]$ sudo usermod -a -G docker <deploy-user>
Log out and back in to refresh group membership, then verify.
[deploy-user@dev01 ~]$ groups
... <deploy-group> docker
Set directory permissions
For this example, we'll be putting files into /opt/
, so we need to ensure that it can be read and written by members of deploy-group
[deploy-user@dev01 ~]$ sudo chown root:<deploy-group> /opt
[deploy-user@dev01 ~]$ sudo chmod g+rw /opt
Install dependencies
Now we need to install some dependencies, then check out and set up chi-in-a-box
# Install Dependencies
sudo apt update && sudo apt install -f -y \
python3 \
python3-venv \
jq \
git
Configure networking
Apart from the management interface, there are 2 ethernet ports available on the controller machine, simillar to the figure, we create 4 virtual interfaces with 2 bridges.
Create the file /etc/systemd/network/20-veth-internal.netdev
and insert:
[NetDev]
Name=veth-internala
Kind=veth
[Peer]
Name=veth-internalb
Create the file /etc/systemd/network/20-veth-public.netdev
and insert
[NetDev]
Name=veth-publica
Kind=veth
[Peer]
Name=veth-publicb
Create the virtual interfaces by restarting networkd
sudo systemctl restart systemd-networkd
Assume MGMT_IF
is the reserved interface with the static ip MGMT_IP
and the gateway MGMT_GW_IP
for ssh connection to the controller. Configure netplan by editing the config file /etc/netplan/00-installer-config.yaml
:
network:
ethernets:
eno8403: {}
ens1f0: {}
ens1f1: {}
veth-publica: {}
veth-publicb: {}
veth-internala: {}
veth-internalb: {}
<MGMT_IF>:
addresses:
- <MGMT_IP>
gateway4: <MGMT_GW_IP>
nameservers:
search:
- expeca
addresses:
- <MGMT_GW_IP>
dhcp4: false
optional: true
bridges:
brpublic:
interfaces:
- ens1f1
- veth-publica
addresses:
- 10.0.87.10/24
brinternal:
interfaces:
- ens1f0
- veth-internala
addresses:
- 10.20.111.10/23
- 192.168.2.1/16
version: 2
Apply the changes by running sudo netplan generate && sudo netplan apply
.
Last updated