4.0 KiB
Installing the Admin server
Prerequisites
The installation script assumes a installed and configured openSUSE Leap 15.3 x86_64. My setup has two NIC and one wifi.
eth0is connected to the lab switch, internal networketh1is going to be the external interfacewlan0acts as a wireless access point to internal network
Installing
Clone this repository and run the update.sh script as a normal user with sudo permissions, the admin server needs access to Internet.
The update script will run through several steps:
- check prerequisites, if any packages needed to install/configure the admin server it will ask to install them.
- salt-call, the main installation/configuration is done with a masterless salt-call. This step will apply the highstate
- rmt sync, a sync with SUSE Customer Center will be performed
- rmt enable products, this will enable the preconfigured products to sync with SCC
- rmt mirror, mirror all enabled products
- install tools, install latest versions of some additional tools into
$HOME/bin, such as helm, kubctl, stern, virtctl, etc
customizing the setup.
The preconfigured defaults are located in the salt/pillar/*.sls files, you can override them by creating a salt/pillar/local.sls and specify your setting
⚠️ You need at least specify your SCC organization mirror credentials and your docker username and access token
rmt:
scc:
username: <SCC mirror credential username>
password: <SCC mirror credential password>
docker:
username: <Docker HUB username>
access_token: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX
There's also a bunch of default passwords you might want to change, some examples:
- WPA pass phrase for hostapd
- root password for mariadb
- CA certificate pass phrase for rancher
- Bootstrap password for rancher
- CA certificate pass phrase for rmt
- DB password for rmt
- TLU Harvester OS password
- TLU Harvester admin password
- TLU Harvester token
- remote-desktop password
When you have made your changes just run
./update.sh
If you make changes in your salt/pillars/local.sls you can run the following to apply them
./update.sh --salt
Components - Salt States
chrony dnsmasq docker firewalld hostapd hosts mariadb nfs-server nginx packages podman pxe rancher remote-desktop rmt ssh tlu-harvester vlan wol
### chrony Chrony is an implementation of the Network Time Protocol (NTP). This step will install chrony and configure upstream pools and start serving NTP on internal networks ``` # salt/pillars/chrony.sls chrony: pool: - 0.se.pool.ntp.org - 1.se.pool.ntp.org - 2.se.pool.ntp.org - 3.se.pool.ntp.org ``` ### dnsmasq Serves dhcp and dns for internal network This step will install dnsmasq and configure dhcp for all internal networks defined in `salt/pillars/network.sls` It will also configure the pxe next step, etc. ### docker This step will create podman container running a local docker registry pull through instance, also a systemd service called `registry-container.service` is created. ``` # salt/pillars/docker.sls docker: username: access_token: url: docker.io/registry tag: 2.7.1 ``` ### firewalld Configures firewalld services and networks Installs and configures hostapd to use the wireless interface as a access point ``` # salt/pillars/hostapd.sls hostapd: country_code: SE ssid: Transportable Lab Unit channel: 6 wpa_passphrase: linux2linux ``` ### hosts Configures the hostname and `/etc/hosts`file so [dnsmasq](#dnsmask) has correct information ### mariadb Installs and configures mariadb, [rmt](#rmt) needs a database ``` # salt/pillars/mysql.sls mysql: root_password: linux ``` ### nfs-server