Skip to content

[Deprecated] Multiple hubs & deployment with Ansible

Jump to bottom
Oren Lederman edited this page Jun 5, 2017 · 1 revision

Deprecated. Please refer to the README file

We provide an Ansible playbook that can be used for deploying the (python) hubs.

Setup master server

  • generate a key that will be used

    • Example: ssh-keygen -t rsa -b 2048 -C "badgepi-key" -f badgepi-key
    • You get two files:
      • badgepi-key - this one you keep on the man server
      • badgepi-key.pub - this goes to the hub
    • Make sure the permission of badgepi-key are set to 600

  • Install ansible:

sudo pip install ansible
sudo mkdir -p /etc/ansible
  • Add your servers to ansible config file (sudo vi /etc/ansible/hosts):
[pi]
hub1 ansible_user=pi ansible_private_key_file=/path_to/badgepi-key
hub2 ansible_user=pi ansible_private_key_file=/path_to/badgepi-key
  • Create an .env file to be sent to the hubs. Set your server ip address, etc:
sudo mkdir /etc/ansible/openbadge-hub-py
sudo touch /etc/ansible/openbadge-hub-py/.env
sudo chmod a+w /etc/ansible/openbadge-hub-py/.env
echo "BADGE_SERVER_ADDR=1.1.1.1" > /etc/ansible/openbadge-hub-py/.env 
echo "BADGE_SERVER_PORT=8000" >> /etc/ansible/openbadge-hub-py/.env

  • Prepare you hubs (see below)

  • go to openbadge/playbook and run: ansible-playbook main.yml

The last command will setup all hubs and start pulling data

Configure hubs

  • Make sure hubs synchronize their dates using NTP (preferably the same NTP server). No, seriously. Make sure that the time on all of your hubs and servers is synchronized
  • Download the Raspbian lite (2017-04-10-raspbian-jessie-lite.img) and install. Instructions can be found here. In linux:
    • unmount SD card volumes (if exist)
    • Burn a clean image of Raspbian Jessie. I recommend one of the following methods:
      • Using shell: sudo dd bs=4M if=2017-04-10-raspbian-jessie-lite.img of=/dev/mmcblk0
      • Using Etcher (https://etcher.io/)
    • sync
  • Alter files on SD card before placing it in the raspberry Pi:
# turn on ssh
sudo mkdir -p /media/temp_boot ; sudo mount /dev/mmcblk0p1 /media/temp_boot/
sudo touch /media/temp_boot/ssh
sudo umount /media/temp_boot

sudo mkdir -p /media/temp_vol ; sudo mount /dev/mmcblk0p2 /media/temp_vol/
# Change hostname
sudo sh -c 'echo badgepi-xx > /media/temp_vol/etc/hostname'
# Setup SSH keys
sudo mkdir -p /media/temp_vol/home/pi/.ssh
sudo cp badgepi-key.pub /media/temp_vol/home/pi/.ssh/authorized_keys
sudo chmod 750 /media/temp_vol/home/pi/.ssh 
sudo chmod 600 /media/temp_vol/home/pi/.ssh/authorized_keys
sudo chown -R 1000:1000 /media/temp_vol/home/pi/.ssh
# Disable connection using password (use keys instead)
sudo sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/g" /media/temp_vol/etc/ssh/sshd_config
sudo umount /media/temp_vol
sync
  • Connect to raspberry pi. You'll need to use the (private) key file you created since we disabled the password login:
    • ssh -i badgepi-key pi@badgepi-xx
  • run config tool: sudo raspi-config
    • Expand space
    • Change password
  • sudo apt-get update
  • sudo apt-get upgrade
  • sudo dpkg-reconfigure tzdata
  • If you haven't yet put key files on hub, you can use the following commands (run these command on the main server). For example:
ssh pi@badgepi-xx "mkdir -p .ssh; chmod 750 .ssh;"
scp badgepi-key.pub pi@badgepi-xx:.ssh/authorized_keys
ssh pi@badgepi-xx "chmod 600 .ssh/authorized_keys"
  • Double check that your hubs sync their time with a NTP server. Have I mentioned how important that is?

Manually testing the hub

After deploying the scripts, you can ssh to the hub and make sure everything is set correctly

  • go to ~/openbadge-hub-py
  • run: sudo ./badge_hub.py -m server scan

If everything is set up correctly, the hub will connect to the server, pull a list of badges and start scanning

Misc

  • To save time, you can first setup one raspberry pi and then create an image. Then, use that image instead of the regular one * You can use this command to create an image : sudo dd if=/dev/mmcblk0 of=raspi_installed.img * Important! Make sure you umount all partitions of the sd card before running this command * Might be worth running the "sync" command before removing the sd card

  • Ansible can be used for running ad-hoc commands on all devices. for example:

ansible pi -a "/sbin/shutdown -h now" -f 10 --become 
# where pi is the name of the hosts group
  • Use supervisorctl to control whether the hub code is running
    • For example, to stop the hub: sudo supervisorctl stop badge_hub
    • And to start: sudo supervisorctl stop badge_hub
    • This can be combined with an Ansible ad-hoc command:
ansible pi -a "/usr/bin/supervisorctl stop badge_hub" -f 10 --become
# where pi is the name of the hosts group
Clone this wiki locally