Skip to content

Instantly share code, notes, and snippets.

@c0m4r

c0m4r/vyos_installation_hetzner_cloud.md

Last active September 7, 2024 10:57
Show Gist options
  • Save c0m4r/13baeca67156ab88d3168e3db7cc26da to your computer and use it in GitHub Desktop.
Save c0m4r/13baeca67156ab88d3168e3db7cc26da to your computer and use it in GitHub Desktop.
Download ZIP
VyOS installation on Hetzner Cloud VPS
Raw
vyos_installation_hetzner_cloud.md

VyOS installation on Hetzner Cloud VPS

This guide explains how to install the VyOS Rolling Release (free nightly builds) on Hetzner Cloud VPS. This might also work for other VPS providers with the proper rescue system in place.

First log into Hetzner Cloud, switch to your VPS control panel, select Rescue -> Enable Rescue and Power Cycle. It takes up to 1 minute to boot into rescue mode. Your login details will be displayed in the control panel after you activate the console. You can also use previously defined SSH keys.

Hetzner Rescue SSH

Download and write the ISO image in the Rescue environment:

wipefs -a /dev/sda
wget https://github.com/vyos/vyos-rolling-nightly-builds/releases/download/1.5-rolling-202401170024/vyos-1.5-rolling-202401170024-amd64.iso
dd if=vyos-1.5-rolling-202401170024-amd64.iso of=/dev/sda
reboot

Boot the installation image

⚠️ That's the imporant part.

Before you boot VyOS, while in GRUB, press TAB and add a space and toram option to the cmdline, then hit enter. This option lets the system to boot into RAM. Without it, the installation will fail.

image

image

Default credentials:

  • User: vyos
  • Pass: vyos

Installation

Docs: permanent installation

install image

Next, next, next:

Would you like to continue?: y
What would you like to name ths image?: enter
Please enter a password for the "vyos" user: password
What console should be used by default?: KVM (K)
Which one should be used for installation?: /dev/sda
Installation will delete all data on the drive. Continue?: y

The last one asks you if you want to use the entire space. It's up to you, (but in the end) it doesn't even really matter.

Once the installation is done, you can reboot.

reboot

Post-installation

Quick setup

configure
set interfaces ethernet eth0 address dhcp
set service ssh access-control allow user vyos
set service ssh port 22
set service ssh listen-address 0.0.0.0
commit
save
exit
restart ssh

Now you can connect to your VyOS using SSH and continue the installation.

Enable key-based authentication:

configure
set system login user vyos authentication public-keys <identifier> key <ssh_key>
set system login user vyos authentication public-keys <identifier> type <ssh_type>
commit
save
exit
exit

Now you should be able to log in using your SSH key.

If you succeed, disable password-based authentication:

configure
set service ssh disable-password-authentication
commit
save
exit

Keep in mind that it's just a very basic setup. Make sure to properly secure and harden your configuration.

VyOS Documentation

If you found this article helpful, please consider making a donation to a charity on my behalf. Thank you.

image

@cFire
Copy link

cFire commented Aug 5, 2024

Works on OVH VPS too, with the one exception that in their rescue mode sda is the rootfs of the rescue system so you need to wipefs and dd to /dev/sdb instead.

@frederico-monteiro
Copy link

frederico-monteiro commented Aug 20, 2024
edited
Loading

Hey, I'm having trouble with the a server with nvme disks on a dedicated server. Is it possible to provide some guidance for this use case?

@c0m4r
Copy link
Author

c0m4r commented Aug 20, 2024
edited
Loading

Hey, I'm having trouble with the a server with nvme disks on a dedicated server. Is it possible to provide some guidance for this use case?

@frederico-monteiro On a dedicated (bare metal) server you should be able to mount installation image as a virtual media drive through IPMI/KVM console (or iDRAC for DELL and iLO for HPE servers), which is equivalent to loading an ISO from a bootable USB drive, similar to OS installation process. It's worth noting that in this case, using the "toram" option will probably not be necessary, since you will be using a live environment, not a persistent one.

You can also ask the data center support to physically connect a flash drive with the ISO image to the server for you, but you still need to have access to some form of remote console and possibly change the boot order.

And when it comes to NVMe drives, the only difference that matters in this case is the naming scheme, which is different from magnetic disks and regular SSDs. Instead of /dev/sdX you look for /dev/nvmeX.

@frederico-monteiro
Copy link

frederico-monteiro commented Aug 21, 2024
edited
Loading

Thank you for the answer @c0m4r! I was aware of the KVM console option, however I don't think it suits my requirements.

I am trying to setup a few servers at the same time (one of them the router) while trying to automate this process. By using the the KVM, every time I did a mistake, I would have to factory reset the machine by using the KVM (not really practical). Or at least this is my impression.

My following up question for you is, are you aware if it is possible to install VyOS with a custom image through the rescue system?

@c0m4r
Copy link
Author

c0m4r commented Aug 21, 2024
edited
Loading

@frederico-monteiro I believe automating this process should be possible with some form of API and IaC software, like. Terraform, depending what your server provider provides you with. You can also set up PXE boot: https://docs.vyos.io/en/equuleus/installation/install.html#pxe-boot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment