This documents my adventure in setting up Tinkerbell

In This post (Part One) we’ll get the system ready. and go over some fundamental stuff.

In the followups, part two, and part three, we’ll actually use tinkerbell for awesomeness.

This is ground broken by many before me. Adam Otto at The container-solutions-blog has done a great job walking someone through this process in a three part blog:

• Part 1
• Part 2
• Part 3

As well as the following

• Aaron’s “geek gone crazy” blog post on tinkerbell
• based on the above blogpost: Tinkerbell’s baremetal walkthrough

in Part 1 of the container-solutions-blog blog series, Adam describes the moving parts.

To follow along here, You’ll need:

• a host from which to run the various tinkerbell components.
  • This host should have (at least) two network interfaces.
  • The host should be using hardware which runs linux well.
  • This host will run several docker containers which comprise the Tinkerbell Stack.
    • We cover installing Docker in This Blog post
• A network segment allocated for Tinkerbell to use to provision hosts.

HP T730 additional ethernet interface for pxe

installed ubuntu 22.04

1
2
3
4
5
6
7

root@tinky:~# lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 22.04 LTS
Release:	22.04
Codename:	jammy
root@tinky:~#

Quick oneliner to install any needed packages:

1
2
3
4

apt-get install apt-transport-https ca-certificates curl dialog git gnupg-agent ifupdown \ 
jq libjq1 libmaxminddb0 libnginx-mod-http-geoip2 libnginx-mod-http-image-filter \ 
libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 \ 
libonig5 libxslt1.1 net-tools nginx nginx-common nginx-core nginx-doc software-properties-common 

Not strictly necessary packages

These aren’t NECESSARY, but I’ve found them useful to have:

root@tinky:~# apt-get install memtest86+ htop silversearcher-ag tcputils sockstat silversearcher-ag bpytop

Journald is cool, but it’s a good idea to set the local log to be small and push all yer systemic logs to a log ingestion host.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

cat << EOF >> /etc/systemd/journald.conf
[Journal]
Storage=volatile
ForwardToSyslog=yes
Compress=no
SystemMaxFileSize=10M
SystemMaxFiles=100
RuntimeMaxFileSize=10M
RuntimeMaxFiles=100
EOF

systemd-resolved is a pretty nifty local caching nameserver.

Documentation for systemd-resolved can be found here

Check to see if it’s enabled by running resolvectl:

If systemd-resolved isn’t configured, you’ll see a message like this:

1
2

root@tinky:~# resolvectl
Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found.

This is fairly straightforward:

root@tinky:~# systemctl enable systemd-resolved && systemctl start systemd-resolved

1
2
3
4
5

root@tinky:~# systemctl enable systemd-resolved
Created symlink /etc/systemd/system/dbus-org.freedesktop.resolve1.service → /lib/systemd/system/systemd-resolved.service.
Created symlink /etc/systemd/system/multi-user.target.wants/systemd-resolved.service → /lib/systemd/system/systemd-resolved.service.
root@tinky:~# systemctl start systemd-resolved
root@tinky:~#

There are a few files that need be put in place which are specific to your environment:

/etc/systemd/resolved.conf

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

[Resolve]
LLMNR=false
DNS=256.2.3.4 256.6.7.8
FallbackDNS=256.0.0.1
MulticastDNS=false
DNSSEC=allow-downgrade
Domains=localdomain1 localsearchdomain otherlocalsearchdomain? ~.
Cache=no-negative
DNSStubListener=yes
# listens on tcp/udp on 127.0.0.53:53
ReadEtcHosts=yes

root@tinky:~# apt-get install libnss-mymachines libnss-resolve dialog

Lets continue to Part Two, where we configure Tinkerbell or Part Three, where we provision our first node!