Controller Node

Verify Requirements

Check the operating system

Currently we only support Ubuntu 20.04.5 LTS. Verify the operating system by

$ cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.5 LTS (Focal Fossa)"

Check disk space

Here, we see that there is more than 20GB free in the root file system.

[root@dev01 ~]# df -h /
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/cl_dev-root  228G  135G   94G  60% /

Check available memory

We see that total memory is more than 8G.

[root@dev01 ~]# free -h
              total        used        free      shared  buff/cache   available
Mem:           125G        3.6G        106G         39M         15G        121G
Swap:          4.0G          0B        4.0G

Set up Linux users and permissions

We need somewhere to run the tools, and an account to run them as. We recommend not using the root account to do so. Ensure you have a non-root user account, with paswordless sudo configured. We will refer to this account as deploy-user, and their group as deploy-group. Replace these with your own values.

How to make the user expeca use sudo without password. Add it to the very last line.

$ sudo visudo
...
expeca    ALL = (ALL) NOPASSWD: ALL

Ensure permissions and groups

# Create and join deploy-group
[deploy-user@dev01 ~]$ sudo groupadd <deploy-group>
[deploy-user@dev01 ~]$ sudo usermod -a -G <deploy-group> <deploy-user>

# Create and join docker group
[deploy-user@dev01 ~]$ sudo groupadd docker
[deploy-user@dev01 ~]$ sudo usermod -a -G docker <deploy-user>

Log out and back in to refresh group membership, then verify.

[deploy-user@dev01 ~]$ groups
... <deploy-group> docker

Set directory permissions

For this example, we'll be putting files into /opt/, so we need to ensure that it can be read and written by members of deploy-group

[deploy-user@dev01 ~]$ sudo chown root:<deploy-group> /opt
[deploy-user@dev01 ~]$ sudo chmod g+rw /opt

Install dependencies

Now we need to install some dependencies, then check out and set up chi-in-a-box

# Install Dependencies
sudo apt update && sudo apt install -f -y \
    python3 \
    python3-venv \
    jq \
    git

Configure networking

Apart from the management interface, there are 2 ethernet ports available on the controller machine, simillar to the figure, we create 4 virtual interfaces with 2 bridges.

Create the file /etc/systemd/network/20-veth-internal.netdev and insert:

[NetDev]
Name=veth-internala
Kind=veth
[Peer]
Name=veth-internalb

Create the file /etc/systemd/network/20-veth-public.netdev and insert

[NetDev]
Name=veth-publica
Kind=veth
[Peer]
Name=veth-publicb

Create the virtual interfaces by restarting networkd

sudo systemctl restart systemd-networkd

Assume MGMT_IF is the reserved interface with the static ip MGMT_IP and the gateway MGMT_GW_IP for ssh connection to the controller. Configure netplan by editing the config file /etc/netplan/00-installer-config.yaml:

network:
  ethernets:
  eno8403: {}
  ens1f0: {}
  ens1f1: {}
  veth-publica: {}
  veth-publicb: {}
  veth-internala: {}
  veth-internalb: {}
  <MGMT_IF>:
    addresses:
    - <MGMT_IP>
    gateway4: <MGMT_GW_IP>
    nameservers:
       search:
       - expeca
       addresses:
       - <MGMT_GW_IP>
    dhcp4: false
    optional: true
  bridges:
  brpublic:
    interfaces:
    - ens1f1
    - veth-publica
    addresses:
    - 10.0.87.10/24
  brinternal:
    interfaces:
    - ens1f0
    - veth-internala
    addresses:
    - 10.20.111.10/23
    - 192.168.2.1/16
  version: 2

Apply the changes by running sudo netplan generate && sudo netplan apply.

PreviousAdvantech Routers NextSecurity

Last updated 2 years ago