This is an old revision of the document!
This document will describe how to deploy Ubuntu® MAAS supporting some Windows features.
You can find more info about MAAS here: https://maas.ubuntu.com
Note: If you are deploying on a vmware/esxi environment, be sure to change your network adapter type inside your vmx files to e1000e. Do this for every interface. Example:
ethernet0.virtualDev = "e1000e"
This should be the case for all other hypervisors as well. Also, if using KVM/QEMU make sure that the block device controllers are IDE or SATA, unless you have bundeled virtio drivers when creating the PXE installation media.
If you plan on deploying MaaS on Hyper-V using Generation 2 images, you will need to disable secure boot in VMs and patch grubx64.efi located in:
wget http://wiki.cloudbase.it/_media/grubnetx64.efi.gz gunzip grubnetx64.efi.gz cp grubnetx64.efi /var/lib/maas/boot-resources/current/grubx64.efi
or get the Ubuntu 16.10 grub2 version:
wget http://archive.ubuntu.com/ubuntu/dists/yakkety/main/uefi/grub2-amd64/2.02~beta2-36ubuntu11/grubnetx64.efi \ -O /var/lib/maas/boot-resources/current/grubx64.efi
Follow this article to compile GRUB with Generation 2 VM support
NOTE: this will be overwritten by maas every time something changes in boot images (eg: upload new image, maas updates images from simplestreams)
Ubuntu doesn't come with the standard naming interfaces like eth0 eth1 anymore instead you will see ens3 ensp5s because of systemd renaming those. Let's assume the ens3 is the primary one and ensp5s the second one.
Example interface configuration:
# The primary network interface (external) auto ens3 iface ens3 inet static address 192.168.122.157 netmask 255.255.255.0 # usually this is virb0 address created by the virtual # system that you are using mine is 192.168.122.1 gateway 192.168.122.1 dns-nameservers 8.8.8.8 # The secondary NIC (used internal for MAAS) auto eth1 iface eth1 inet static address 10.10.10.10 netmask 255.255.255.0 dns-nameservers 8.8.8.8 dns-search maas post-up iptables -t nat -A POSTROUTING -o ens3 -j SNAT --to-source 192.168.122.157 post-down iptables -t nat -D POSTROUTING -o ens3 -j SNAT --to-source 192.168.122.157
Basic install
Note: This will add the current MAAS distribution.
sudo apt-get update sudo apt-get upgrade sudo apt-get install software-properties-common -y sudo add-apt-repository ppa:maas/stable -y sudo apt-get update
sudo apt-get install maas maas-dhcp -y
Add the following lines to one of your startup scripts. For most cases, /etc/rc.local should do.
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
Enable IPv4 forwarding:
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf sysctl -p
In this example eth0 is the public interface and eth1 is the private one
Insert password when prompted.
sudo maas-region-admin createadmin --username root --email user@server.com
Head to http://<maas-server-ip>/MAAS/
and test if the MAAS webpage loads.
To import boot images you have to connect to the MAAS API
sudo maas login <session-name> http://<maas-server-ip>/MAAS/ <maas-key>
You create a session with the name <session-name>
which you will use when
you want to execute maas commands. <maas-server-ip>
is the IP used by your
external NIC (eth0) and <maas-key>
can be obtained from the web interface
at http://<maas-server-ip>/MAAS/account/prefs/
Once you are connected to the MAAS API, you can import Ubuntu boot images
sudo maas <session-name> boot-resources import
Edit the default cluster and enable DHCP and DNS on the interface where you will be serving DHCP (see the screenshot as an example).
Open http://<maas-server-ip>/MAAS/clusters/
in a browser; eth1 is most probably the one that needs to be configured.
Example: Router IP = eth1's IP* IP = eth1's IP
Open http://<maas-server-ip>/MAAS/settings/
in a browser. Look for "Upstream DNS used to resolve domains not managed by this MAAS" and set the DNS to something like 8.8.8.8
Add a ssh key for authentification to the nodes
Generate a key:
ssh-keygen -t rsa cat ~/.ssh/id_rsa.pub
Copy the output.
Open http://<maas-server-ip>/MAAS/account/prefs/sshkey/add/
and paste the contents.
Create a x509 certificate to use with WinRM. This command is available on the MAAS node itself.
maas-generate-winrm-cert
For your convenience, there are also self contained binaries available for windows and linux
Copy the outputed key to:
Open http://<maas-server-ip>/MAAS/account/prefs/sslkey/add/
and paste the contents.
To generate a new image for MaaS, you will need the following powershell scripts:
https://github.com/cloudbase/windows-openstack-imaging-tools/tree/experimental
For the moment, this only works on Windows. Please follow the inscructions detailed in the README of the above repo. There will also be an image builder that works on linux as well provided by the MaaS team. Stay tuned.
At the moment the tools necessary to generate these images are not public. There will be a linux version of the tool available soon, and we are working on getting a windows version as well. This page will be updated as soon as they are made available.
maas root boot-resources create name=windows/win2012r2 architecture=amd64/generic filetype=ddtgz content@=/home/maasctrl/windows-win2012r2-amd64-root-dd
If you are uploading a custom image (anything other then the officially supported ones) you will probably want to use:
maas root boot-resources create name=customOS title="This is my custom OS" architecture=amd64/generic filetype=ddtgz content@=/home/maasctrl/customOS-amd64-root-dd