tanhueco · November 11, 2019 05:03
diff --git a/danube-cloud-hetzner-install.doc b/danube-cloud-hetzner-install.doc
 Danube Cloud is a Copyright of Erigones, s. r. o.
 https://danubecloud.org
 Wiki: https://github.com/erigones/esdc-ce/wiki

 *********************************************************************************************************************************
                                         Danube Cloud Install on Hetzner Dedicated 
                                                Servers with a /29 Subnet
 *********************************************************************************************************************************

 Danube Cloud starting v4.2 now supports hybrid boot from USB and from a disk. That means you can boot through legacy BIOS or UEFI
 without GRUB modifications allowing easy install process on Hetzner dedicated servers.

 There are 2 ways to install Danube Cloud on Hetzer servers. One is a step-by-step process. The other is unattended full automated 
 install. This guideline will address both. Just to note that this guideline serves as the minimum setup enough to get Danube Cloud 
 running at Hetzner and will not cover complex set-ups like multiple VLANs, link aggregation, or even etherstubs.

 You will need a USB stick (€1.5/month), at least 2 mirror drives, and a /29 ip subnet or more. /29 (5 useable ips) are just enough 
 to use up 5 VM's required to function as headnode for Danube Cloud. You will need to activate ipv6 or get another ip and route a 
 NAT to create additional VM's.

 Let me start first with unattended install. This is the simplest way in installing Danube Cloud without requesting for a KVM/LARA 
 access at Hetzner(!).  Installation will take about 30-40 minutes to complete without additional user intervention except for 
 further customizations at the end of the install process.

 1.  The first step is to create an answers.json file using your favorite text editor and save it to your drive for now.

    {
        "config_console": "vga",
        "skip_instructions": true,
        "simple_headers": true,
        "accept_eula": true,
        "advanced_install": true,
        "datacenter_name": "yourdatacentername",
        "etherstubs": "",
        "admin_nic": "r5:63:10:8w:w4:40",           <<< Enter admin nic. Can be found under "Network data" after accessing rescue.
        "admin_ip": "1.2.34.567",                   <<< Main ip from Robot
        "admin_netmask": "255.255.255.224",         <<< Netmask of main ip from Robot
        "admin_gateway": "1.2.34.555",              <<< Gateway of main ip from Robot
        "admin_vlan_id": "",
        "add_nictags": true,
        "external_add_nictag": true,
        "external_add_ip": true,
        "external_ip": "52.53.545.122",             <<< Subnet ip from Robot (Use 2nd ip number of subnet provided)
        "external_netmask": "255.255.255.248",      <<< Subnet ip netmask from Robot
        "external_vlan_id": "",
        "external_preserve_mac": false,
        "internal_add_nictag": false,
        "storage_add_nictag": false,
        "headnode_default_gateway": "1.2.34.555",   <<< Same as admin gateway
        "dns_resolver1": "<default>",
        "dns_resolver2": "<default>",
        "dns_search": "yourdomain.tld",
        "ntp_host": "<default>",
        "skip_ntp_check": false,
        "install_to_hdd": false,                    <<< OS installed in USB stick for complete headless setup
        "disk_layout": "<default>",                 <<< Change it to "manual" for custom disk setup.
        "root_password": "yourpassword",
        "hostname": "subdom.yourdomain.tld",
        "remote_node": false,
        "mgmt_admin_ip": "52.53.545.123",           <<< Use 3rd subnet ip provided in Robot
        "cfgdb_admin_ip": "52.53.545.127",          <<< Use 7th subnet ip provided in Robot
        "esdc_install_password": "otherpassword",
        "admin_email": "name@youremail.tld",
        "skip_final_confirm": true
    }

    If a custom RAID drive other than 2 mirrored drive is desired, change the "disk_layout" to "manual", then assign the drive 
    set-up from there using KVM/LARA.

 2.  Activate the Rescue system from your Hetzner Robot control panel. A password will be provided. SSL to your ip from there. 
    Here's a sample rescue welcome page:

                Rescue System up since 2019-11-11 02:36 +01:00

                /usr/bin/xauth:  file /root/.Xauthority does not exist
                Hardware data:

                   CPU1: Intel(R) Xeon(R) CPU E31245 @ 3.30GHz (Cores 8)
                   Memory:  15975 MB
                   Disk /dev/sda: 3000 GB (=> 2794 GiB) 
                   Disk /dev/sdb: 3000 GB (=> 2794 GiB) 
                   Disk /dev/sdc: 15 GB (=> 14 GiB) 
                   Total capacity 5603 GiB with 3 Disks

                Network data:
                   eth0  LINK: yes
                         MAC:  r5:63:10:8w:w4:40
                         IP:   1.2.34.567
                         IPv6: 2a01:4f4:225:7332::2/64
                         Intel(R) PRO/1000 Network Driver

                root@rescue ~ #

 3.  Danube Cloud install requires a clean install. If you have SmartOS already installed, it is preferrable to delete all the 
    partition from the drives including the USB stick. Take note of your MAC address. You will need this to complete the json in 
    step 1.
   
    root@rescue ~ # lsblk
    NAME  MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
    loop0   7:0    0    4G  1 loop 
    sda     8:0    0  2.7T  0 disk 
    sdb     8:16   0  2.7T  0 disk 
    sdc     8:32   1 14.7G  0 disk    << Note: Size of the drive shows this is the USB stick.
   
    Perform the following for each of the drives. In this case, sda, sdb, and sdc:
   
    root@rescue ~ # fdisk /dev/sdc
    Command (m for help): p << print partition
    Command (m for help): d << delete partition
    Partition number: 9 << partition number. Do the same for the rest of the partitions
    Command (m for help): w << write changes to the drive

 4.  Install Danube Cloud
   
   From step 2, get the drive name of the USB stick. In this case, it is sdc:
   
   root@rescue ~ # wget https://download.erigones.org/esdc/usb/stable/esdc-ce-hn-4.2.img.gz
   root@rescue ~ # gunzip esdc*.img.gz
   root@rescue ~ # dd bs=1M if=esdc-ce-hn-4.2.img of=/dev/sdc

   Upon successful copy, you will see something like this:
   
   root@rescue ~ # lsblk
   NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
   loop0    7:0    0    4G  1 loop 
   sda      8:0    0  2.7T  0 disk 
   sdb      8:16   0  2.7T  0 disk 
   sdc      8:32   1 14.7G  0 disk 
   ├─sdc1   8:33   1  256M  0 part 
   ├─sdc2   8:34   1    1M  0 part 
   ├─sdc3   8:35   1  3.5G  0 part 
   └─sdc9   8:41   1    8M  0 part 

 5.  Create the answers.json file under /private directory in USB stick

    From step 3, the main files in the USB stick is under sdc3 (largest size).
   
    root@rescue ~ # mount /dev/sdc3 /mnt
   
    The /private directory is at the root directory of the USB stick. Use WinSCP or Xftp to SSL into the direcotry and upload the 
    answers.json file under /private.
   
    root@rescue ~ # reboot
   
    Wait about 40 minutes for the install to complete. If everything goes well, you will be able to SSH into the main ip. 
    Otherwise, request KVM/LARA to run the script step by step. 
   
 6.  This process is optional. It is needed only if the steps above are not successful. Use the answers.json file created earlier 
    for reference.
   
        a)  Request for KVM access
        b)  At the boot screen, there is an option to customize the install.  Press space here to stop the script then select 4 
            "Configure Boot Options".
        c)  Select 7 to "Destroy Zpools". Make sure you do not need the pools with this option. This is for fresh install only.
        d)  Select 1 to go back and press <Enter>
        e)  Accept the license. Type "q" then "accept".
        f)  Enter advance installation "y"
        g)  Enter you Datacenter name
        h)  Select admin interface "1".  The etherstub automatically create will not work.
        i)  Enter you main ip address (1.2.34.567)
        j)  Enter netmask of main ip (255.255.255.224)
        k)  Leave VLAN ID blank
        l)  Type "y" for another network tag
        m)  Type "y" to add an external NIC tag
        n)  Type "y" to modify network tags. From there, a NIC will be autoselected for you.
        o)  Type "y" to add an external interface
        p)  Type the 2nd ip address (gateway address) provided to you on the subnet (52.53.545.122)
        q)  Type the netmask of the subnet and leave VLAN ID as blank or none
        r)  Type "n" to not preserve the MAC address of the external interface. This way, packets will be chanelled through the 
            main ip by using the same nic mac address.
        s)  Type "n" for internal and storage NIC tags unless you have for subnet ip's to add
        t)  Type the main ip default gateway (1.2.34.555)
        u)  Enter the default DNS server ip. It is important that there is connectivity after the DNS servers are entered. 
            Otherwise, start from the beginning and pick the correct ip from the answers.json file.
        v)  Type your DNS search domain (usually just your domain name) and default NTP server.
        w)  Type "n" to install to the USB instead of hard drive
        x)  Setup your zpool layout - mirror, raidz1, etc.
        y)  Enter the management portal ip address. This will come from your subnet - typically the 3rd ip in the subnet 
            (2.53.545.123).
        z)  The rest, enter your password, admin email address, and proceed with the installation.
        
    Once you get to the end of the installation process, make sure to note down the Zabbix ID and password.  Danube Cloud ID and
    password defaults to "admin" and "changeme" respectively.
    
    If you get to the point where the screen shows "Waiting for cfgbd availability..." repeatedly, the setup is not correct.  
    Review the entries in answers.json and start all over again. If everything completes, ping to your main ip and SSH to the 
    server.
            
 7.  At the global zone, run the script /opt/custom/bin/create-router-from-gz.sh to allow nat-route traffic from the main admin 
    network to the internet. This will allow the network to be persistent as well without the need for executing manifests like 
    in previous SmartOS installs:

    # cd /opt/custom/bin
    # ./create-router-from-gz.sh
   
 8.  At this point, there will be 5 pre-installed VM's for management, monitor, and other administrative purposes:

    # vmadm list -o uuid,nics.0.mac,nics.0.ip,alias
    UUID                                  NICS.0.MAC            NICS.0.IP        ALIAS
    2b504f53-1c0b-4ceb-bfda-352f549a70e1  f2:d1:e6:b7:c8:2a     2.53.545.126     img01.local
    6546040c-ca68-4c5b-8a19-a42e487267c9  g2:62:e0:f7:c8:2b     2.53.545.125     dns01.local
    a28faa4d-d0ee-4593-938a-f0d062022b02  h2:73:ee:c7:c9:cc     2.53.545.124     mon01.local
    ddca4052-effd-47fb-9e70-e6807025d8b4  i2:34:e2:e7:c0:2d     2.53.545.127     cfgdb01.local
    f7860689-c435-4964-9f7d-2d2d70cfe389  j2:c5:e6:f7:c1:2e     2.53.545.123     mgmt01.local

 9.  Replace the ip address of each of the VM's above to expose them to the internet. For example:

    # echo '{ "update_nics": [{"mac": "j2:c5:e6:f7:c1:2e", "nic_tag": "external", "gateway": "2.53.545.122", "gateways": ["2.
    53.545.122"], "netmask": "255.255.255.248", "ips": ["2.53.545.123/29"]}]}' | vmadm update f7860689-c435-4964-9f7d-
    2d2d70cfe389
    
    Perform the above on the rest of the VM's replacing the mac and uuid's for each.
    
 10. Reboot. Done! From there, go to https://2.53.545.123 to access the Danube Cloud web panel
	Danube Cloud is a Copyright of Erigones, s. r. o.
	https://danubecloud.org
	Wiki: https://github.com/erigones/esdc-ce/wiki

	*********************************************************************************************************************************
	Danube Cloud Install on Hetzner Dedicated
	Servers with a /29 Subnet
	*********************************************************************************************************************************

	Danube Cloud starting v4.2 now supports hybrid boot from USB and from a disk. That means you can boot through legacy BIOS or UEFI
	without GRUB modifications allowing easy install process on Hetzner dedicated servers.

	There are 2 ways to install Danube Cloud on Hetzer servers. One is a step-by-step process. The other is unattended full automated
	install. This guideline will address both. Just to note that this guideline serves as the minimum setup enough to get Danube Cloud
	running at Hetzner and will not cover complex set-ups like multiple VLANs, link aggregation, or even etherstubs.

	You will need a USB stick (€1.5/month), at least 2 mirror drives, and a /29 ip subnet or more. /29 (5 useable ips) are just enough
	to use up 5 VM's required to function as headnode for Danube Cloud. You will need to activate ipv6 or get another ip and route a
	NAT to create additional VM's.

	Let me start first with unattended install. This is the simplest way in installing Danube Cloud without requesting for a KVM/LARA
	access at Hetzner(!). Installation will take about 30-40 minutes to complete without additional user intervention except for
	further customizations at the end of the install process.

	1. The first step is to create an answers.json file using your favorite text editor and save it to your drive for now.

	{
	"config_console": "vga",
	"skip_instructions": true,
	"simple_headers": true,
	"accept_eula": true,
	"advanced_install": true,
	"datacenter_name": "yourdatacentername",
	"etherstubs": "",
	"admin_nic": "r5:63:10:8w:w4:40", <<< Enter admin nic. Can be found under "Network data" after accessing rescue.
	"admin_ip": "1.2.34.567", <<< Main ip from Robot
	"admin_netmask": "255.255.255.224", <<< Netmask of main ip from Robot
	"admin_gateway": "1.2.34.555", <<< Gateway of main ip from Robot
	"admin_vlan_id": "",
	"add_nictags": true,
	"external_add_nictag": true,
	"external_add_ip": true,
	"external_ip": "52.53.545.122", <<< Subnet ip from Robot (Use 2nd ip number of subnet provided)
	"external_netmask": "255.255.255.248", <<< Subnet ip netmask from Robot
	"external_vlan_id": "",
	"external_preserve_mac": false,
	"internal_add_nictag": false,
	"storage_add_nictag": false,
	"headnode_default_gateway": "1.2.34.555", <<< Same as admin gateway
	"dns_resolver1": "<default>",
	"dns_resolver2": "<default>",
	"dns_search": "yourdomain.tld",
	"ntp_host": "<default>",
	"skip_ntp_check": false,
	"install_to_hdd": false, <<< OS installed in USB stick for complete headless setup
	"disk_layout": "<default>", <<< Change it to "manual" for custom disk setup.
	"root_password": "yourpassword",
	"hostname": "subdom.yourdomain.tld",
	"remote_node": false,
	"mgmt_admin_ip": "52.53.545.123", <<< Use 3rd subnet ip provided in Robot
	"cfgdb_admin_ip": "52.53.545.127", <<< Use 7th subnet ip provided in Robot
	"esdc_install_password": "otherpassword",
	"admin_email": "name@youremail.tld",
	"skip_final_confirm": true
	}

	If a custom RAID drive other than 2 mirrored drive is desired, change the "disk_layout" to "manual", then assign the drive
	set-up from there using KVM/LARA.

	2. Activate the Rescue system from your Hetzner Robot control panel. A password will be provided. SSL to your ip from there.
	Here's a sample rescue welcome page:

	Rescue System up since 2019-11-11 02:36 +01:00

	/usr/bin/xauth: file /root/.Xauthority does not exist
	Hardware data:

	CPU1: Intel(R) Xeon(R) CPU E31245 @ 3.30GHz (Cores 8)
	Memory: 15975 MB
	Disk /dev/sda: 3000 GB (=> 2794 GiB)
	Disk /dev/sdb: 3000 GB (=> 2794 GiB)
	Disk /dev/sdc: 15 GB (=> 14 GiB)
	Total capacity 5603 GiB with 3 Disks

	Network data:
	eth0 LINK: yes
	MAC: r5:63:10:8w:w4:40
	IP: 1.2.34.567
	IPv6: 2a01:4f4:225:7332::2/64
	Intel(R) PRO/1000 Network Driver

	root@rescue ~ #

	3. Danube Cloud install requires a clean install. If you have SmartOS already installed, it is preferrable to delete all the
	partition from the drives including the USB stick. Take note of your MAC address. You will need this to complete the json in
	step 1.

	root@rescue ~ # lsblk
	NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
	loop0 7:0 0 4G 1 loop
	sda 8:0 0 2.7T 0 disk
	sdb 8:16 0 2.7T 0 disk
	sdc 8:32 1 14.7G 0 disk << Note: Size of the drive shows this is the USB stick.

	Perform the following for each of the drives. In this case, sda, sdb, and sdc:

	root@rescue ~ # fdisk /dev/sdc
	Command (m for help): p << print partition
	Command (m for help): d << delete partition
	Partition number: 9 << partition number. Do the same for the rest of the partitions
	Command (m for help): w << write changes to the drive

	4. Install Danube Cloud

	From step 2, get the drive name of the USB stick. In this case, it is sdc:

	root@rescue ~ # wget https://download.erigones.org/esdc/usb/stable/esdc-ce-hn-4.2.img.gz
	root@rescue ~ # gunzip esdc*.img.gz
	root@rescue ~ # dd bs=1M if=esdc-ce-hn-4.2.img of=/dev/sdc

	Upon successful copy, you will see something like this:

	root@rescue ~ # lsblk
	NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
	loop0 7:0 0 4G 1 loop
	sda 8:0 0 2.7T 0 disk
	sdb 8:16 0 2.7T 0 disk
	sdc 8:32 1 14.7G 0 disk
	├─sdc1 8:33 1 256M 0 part
	├─sdc2 8:34 1 1M 0 part
	├─sdc3 8:35 1 3.5G 0 part
	└─sdc9 8:41 1 8M 0 part

	5. Create the answers.json file under /private directory in USB stick

	From step 3, the main files in the USB stick is under sdc3 (largest size).

	root@rescue ~ # mount /dev/sdc3 /mnt

	The /private directory is at the root directory of the USB stick. Use WinSCP or Xftp to SSL into the direcotry and upload the
	answers.json file under /private.

	root@rescue ~ # reboot

	Wait about 40 minutes for the install to complete. If everything goes well, you will be able to SSH into the main ip.
	Otherwise, request KVM/LARA to run the script step by step.

	6. This process is optional. It is needed only if the steps above are not successful. Use the answers.json file created earlier
	for reference.

	a) Request for KVM access
	b) At the boot screen, there is an option to customize the install. Press space here to stop the script then select 4
	"Configure Boot Options".
	c) Select 7 to "Destroy Zpools". Make sure you do not need the pools with this option. This is for fresh install only.
	d) Select 1 to go back and press <Enter>
	e) Accept the license. Type "q" then "accept".
	f) Enter advance installation "y"
	g) Enter you Datacenter name
	h) Select admin interface "1". The etherstub automatically create will not work.
	i) Enter you main ip address (1.2.34.567)
	j) Enter netmask of main ip (255.255.255.224)
	k) Leave VLAN ID blank
	l) Type "y" for another network tag
	m) Type "y" to add an external NIC tag
	n) Type "y" to modify network tags. From there, a NIC will be autoselected for you.
	o) Type "y" to add an external interface
	p) Type the 2nd ip address (gateway address) provided to you on the subnet (52.53.545.122)
	q) Type the netmask of the subnet and leave VLAN ID as blank or none
	r) Type "n" to not preserve the MAC address of the external interface. This way, packets will be chanelled through the
	main ip by using the same nic mac address.
	s) Type "n" for internal and storage NIC tags unless you have for subnet ip's to add
	t) Type the main ip default gateway (1.2.34.555)
	u) Enter the default DNS server ip. It is important that there is connectivity after the DNS servers are entered.
	Otherwise, start from the beginning and pick the correct ip from the answers.json file.
	v) Type your DNS search domain (usually just your domain name) and default NTP server.
	w) Type "n" to install to the USB instead of hard drive
	x) Setup your zpool layout - mirror, raidz1, etc.
	y) Enter the management portal ip address. This will come from your subnet - typically the 3rd ip in the subnet
	(2.53.545.123).
	z) The rest, enter your password, admin email address, and proceed with the installation.

	Once you get to the end of the installation process, make sure to note down the Zabbix ID and password. Danube Cloud ID and
	password defaults to "admin" and "changeme" respectively.

	If you get to the point where the screen shows "Waiting for cfgbd availability..." repeatedly, the setup is not correct.
	Review the entries in answers.json and start all over again. If everything completes, ping to your main ip and SSH to the
	server.

	7. At the global zone, run the script /opt/custom/bin/create-router-from-gz.sh to allow nat-route traffic from the main admin
	network to the internet. This will allow the network to be persistent as well without the need for executing manifests like
	in previous SmartOS installs:

	# cd /opt/custom/bin
	# ./create-router-from-gz.sh

	8. At this point, there will be 5 pre-installed VM's for management, monitor, and other administrative purposes:

	# vmadm list -o uuid,nics.0.mac,nics.0.ip,alias
	UUID NICS.0.MAC NICS.0.IP ALIAS
	2b504f53-1c0b-4ceb-bfda-352f549a70e1 f2:d1:e6:b7:c8:2a 2.53.545.126 img01.local
	6546040c-ca68-4c5b-8a19-a42e487267c9 g2:62:e0:f7:c8:2b 2.53.545.125 dns01.local
	a28faa4d-d0ee-4593-938a-f0d062022b02 h2:73:ee:c7:c9:cc 2.53.545.124 mon01.local
	ddca4052-effd-47fb-9e70-e6807025d8b4 i2:34:e2:e7:c0:2d 2.53.545.127 cfgdb01.local
	f7860689-c435-4964-9f7d-2d2d70cfe389 j2:c5:e6:f7:c1:2e 2.53.545.123 mgmt01.local

	9. Replace the ip address of each of the VM's above to expose them to the internet. For example:

	# echo '{ "update_nics": [{"mac": "j2:c5:e6:f7:c1:2e", "nic_tag": "external", "gateway": "2.53.545.122", "gateways": ["2.
	53.545.122"], "netmask": "255.255.255.248", "ips": ["2.53.545.123/29"]}]}' \| vmadm update f7860689-c435-4964-9f7d-
	2d2d70cfe389

	Perform the above on the rest of the VM's replacing the mac and uuid's for each.

	10. Reboot. Done! From there, go to https://2.53.545.123 to access the Danube Cloud web panel