Setting up Tinkerbell #

This documents my adventure in setting up Tinkerbell

In This post (Part One) we’ll get the system ready. and go over some fundamental stuff.

In the followups, part two, and part three, we’ll actually use tinkerbell for awesomeness.

References / Shoulders I’m standing on #

This is ground broken by many before me. Adam Otto at The container-solutions-blog has done a great job walking someone through this process in a three part blog:

As well as the following

Aaron’s “geek gone crazy” blog post on tinkerbell
based on the above blogpost: Tinkerbell’s baremetal walkthrough

in Part 1 of the container-solutions-blog blog series, Adam describes the moving parts.

Pre Requisites #

To follow along here, You’ll need:

a host from which to run the various tinkerbell components.
- This host should have (at least) two network interfaces.
- The host should be using hardware which runs linux well.
- This host will run several docker containers which comprise the Tinkerbell Stack.
  - We cover installing Docker in This Blog post
A network segment allocated for Tinkerbell to use to provision hosts.

Physical hardware #

HP T730 additional ethernet interface for pxe

Hardware setup #

installed ubuntu 22.04

root@tinky:~# lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 22.04 LTS
Release:	22.04
Codename:	jammy
root@tinky:~#

Software #

Packages #

Quick oneliner to install any needed packages:

apt-get install apt-transport-https ca-certificates curl dialog git gnupg-agent ifupdown \ 
jq libjq1 libmaxminddb0 libnginx-mod-http-geoip2 libnginx-mod-http-image-filter \ 
libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 \ 
libonig5 libxslt1.1 net-tools nginx nginx-common nginx-core nginx-doc software-properties-common

Note

Not strictly necessary packages

These aren’t NECESSARY, but I’ve found them useful to have:

root@tinky:~# apt-get install memtest86+ htop silversearcher-ag tcputils sockstat silversearcher-ag bpytop

Software setup #

Systemd #

Configure journald #

Journald is cool, but it’s a good idea to set the local log to be small and push all yer systemic logs to a log ingestion host.

cat << EOF >> /etc/systemd/journald.conf
[Journal]
Storage=volatile
ForwardToSyslog=yes
Compress=no
SystemMaxFileSize=10M
SystemMaxFiles=100
RuntimeMaxFileSize=10M
RuntimeMaxFiles=100
EOF

Configure systemd-resolved #

systemd-resolved is a pretty nifty local caching nameserver.

Note

Documentation for systemd-resolved can be found here

Check to see if it’s enabled by running resolvectl:

If systemd-resolved isn’t configured, you’ll see a message like this:

root@tinky:~# resolvectl
Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found.

Enable systemd-resolved #

This is fairly straightforward:

root@tinky:~# systemctl enable systemd-resolved && systemctl start systemd-resolved

See shell output ↕

There are a few files that need be put in place which are specific to your environment:

/etc/systemd/resolved.conf

/etc/systemd/resolved.conf

/etc/systemd/resolved.conf, /etc/resolv.conf

This file controls how systemd-resolved works overall.

Documentation: [here][resolved.conf]

Here’s an example file. Obviously, adjust the DNS, FallbackDNS, and Domains entries to be relevant to your environment.

[Resolve]
LLMNR=false
DNS=256.2.3.4 256.6.7.8
FallbackDNS=256.0.0.1
MulticastDNS=false
DNSSEC=allow-downgrade
Domains=localdomain1 localsearchdomain otherlocalsearchdomain? ~.
Cache=no-negative
DNSStubListener=yes
# listens on tcp/udp on 127.0.0.53:53
ReadEtcHosts=yes

/etc/resolv.conf

nameserver 127.0.0.53 options edns0 trust-ad search localdomain1 localsearchdomain otherlocalsearchdomain?

root@tinky:~# apt-get install libnss-mymachines libnss-resolve dialog

Next! Onward to Part Two! #

Lets continue to Part Two, where we configure Tinkerbell or Part Three, where we provision our first node!