Bare Metal Node Deployment¶
The 3 bare-metal nodes are deployed using appliance mode -- a two-stage ISO boot process that installs the OS, configures networking, wipes drives, and auto-registers each node with the Palette Management Appliance.
Deployment Mode: Appliance Mode¶
Appliance mode was selected over agent mode for the Toyota POC because:
- OS upgrade demonstration is a POC success criterion -- appliance mode supports A/B partition upgrades
- Consistent imaging -- each node gets an identical base OS with baked-in network config
- Drive wipe -- the install ISO includes automated drive wiping to clear prior platform artifacts
- Air-gapped -- no external network needed; all images pulled from PMA internal registry
Two-Stage Boot Process¶
graph LR
ISO["Mount Install ISO<br/>(~1.8 GB)"] --> INSTALL["Auto-Install<br/>Wipe drives, install OS<br/>Configure LACP bond"]
INSTALL --> OFF["Power Off"]
OFF --> SITE["Mount Site<br/>User Data ISO"]
SITE --> BOOT["Boot from Disk<br/>Apply hostname + IP"]
BOOT --> REG["Auto-Register<br/>with Palette"]
style ISO fill:#1F7A78,color:#fff
style INSTALL fill:#005B5B,color:#fff
style OFF fill:#043736,color:#fff
style SITE fill:#005B5B,color:#fff
style BOOT fill:#1F7A78,color:#fff
style REG fill:#9EB277,color:#fffStage 1: Install ISO¶
A single install ISO is shared across all 3 nodes. It contains:
- Ubuntu 24.04 base OS with Kairos
- CanvOS v4.8.8 provider image
- PXKe (kubeadm) 1.33.6 Kubernetes packages
- LACP bond configuration for all 4 NICs
- Drive wipe script -- runs
sgdisk --zap-allon all 7TB drives - Legacy boot loader (UEFI not viable on this hardware)
- Install target:
/dev/sda(223.5GB boot drive)
The install ISO auto-runs without user interaction. After installation completes, the node powers off.
Stage 2: Site User Data ISO¶
Each node gets a unique site-user-data ISO containing:
- Hostname (e.g.,
stg-wahvp004) - Static IP address (e.g.,
10.25.233.4/24) - Gateway, DNS, NTP settings
- Edge host registration token
- Palette endpoint address
When the node boots from disk with the site-user-data ISO mounted, it reads the configuration on first boot only. Subsequent boots ignore the ISO. The node then registers with Palette automatically.
ISO Build: Production Install ISO¶
The production install ISO is built using CanvOS with customizations for the Toyota hardware.
Build Parameters¶
| Parameter | Value |
|---|---|
| CanvOS Version | 4.8.8 |
| Base OS | Ubuntu 24.04 |
| Kubernetes | kubeadm 1.33.6 (PXKe) |
| Boot Mode | Legacy (CSM) |
| Install Target | /dev/sda |
| Network | LACP bond (802.3ad) across 4 NICs |
| Drive Wipe | All drives > 5TB wiped on install and reset |
CanvOS Build Configuration¶
OS_DISTRIBUTION=ubuntu
OS_VERSION=24.04
K8S_DISTRIBUTION=kubeadm
ARCH=amd64
CUSTOM_TAG=toyota-tmna
IMAGE_REGISTRY=gcr.io/spectro-images-public/github/spectrocloud/CanvOS
user-data (baked into ISO)¶
#cloud-config
stylus:
site:
edgeHostToken: "OTVhZDVlMzc5NDI0YzVlYjgyYjg1YjQzNDg4NGQwZjc="
paletteEndpoint: "10.25.232.155"
registryCredentials:
domain: "10.25.232.155:30003/spectro-content"
username: "admin"
password: "********"
insecure: false
install:
device: /dev/sda
poweroff: true
users:
- name: kairos
passwd: kairos
stages:
install:
- name: "Wipe all large drives"
commands:
- |
for disk in $(lsblk -dno NAME,SIZE | awk '$2 == "7T" {print "/dev/"$1}'); do
sgdisk --zap-all "$disk"
wipefs -a "$disk"
dd if=/dev/zero of="$disk" bs=1M count=100
done
reset:
- name: "Wipe all large drives on reset"
commands:
- |
for disk in $(lsblk -dno NAME,SIZE | awk '$2 == "7T" {print "/dev/"$1}'); do
sgdisk --zap-all "$disk"
wipefs -a "$disk"
dd if=/dev/zero of="$disk" bs=1M count=100
done
network:
- name: "Configure LACP bond"
commands:
- |
mkdir -p /etc/systemd/network
# Bond NetDev
cat > /etc/systemd/network/10-bond0.netdev << 'EOF'
[NetDev]
Name=bond0
Kind=bond
[Bond]
Mode=802.3ad
LACPTransmitRate=fast
TransmitHashPolicy=layer3+4
MIIMonitorSec=100ms
EOF
# NIC members
for nic in enp134s0f0np0 enp134s0f0np1 enp175s0f0np0 enp175s0f0np1; do
cat > /etc/systemd/network/10-${nic}.network << NICEOF
[Match]
Name=${nic}
[Network]
Bond=bond0
NICEOF
done
# Bridge
cat > /etc/systemd/network/20-br0.netdev << 'EOF'
[NetDev]
Name=br0
Kind=bridge
[Bridge]
STP=false
ForwardDelaySec=0
EOF
cat > /etc/systemd/network/20-bond0.network << 'EOF'
[Match]
Name=bond0
[Network]
Bridge=br0
EOF
Site User Data ISOs¶
Three separate site-user-data ISOs are created, one per node:
Node Imaging Procedure¶
Repeat for each of the 3 bare-metal nodes:
Step 1: Mount Install ISO¶
- Access the node's IPMI/BMC console
- Mount the production install ISO via IPMI virtual media
- Set boot order to CD/DVD first (Legacy mode)
- Power on or reboot the node
Legacy Boot Only
The BIOS must be set to Legacy mode with CSM enabled. UEFI boot does not work on the NX-8150-G7 Supermicro hardware with the Palette ISO. See Troubleshooting for details.
Step 2: Wait for Auto-Install¶
The ISO will:
- Boot the Kairos installer (Legacy/CSM mode)
- Wipe all 7TB drives (SSD and NVMe) using
sgdisk --zap-all - Install the OS to
/dev/sda(223.5GB) - Configure the LACP bond and bridge
- Power off the node when complete
Installation takes approximately 10-15 minutes depending on drive wipe duration.
Step 3: Mount Site User Data ISO¶
- Unmount the install ISO from virtual media
- Mount the node-specific site-user-data ISO (e.g.,
site-user-data-004.isofor STG-WAHVP004) - Boot the node from the local disk (not the ISO)
Step 4: First Boot and Registration¶
On first boot from disk:
- The node reads the site-user-data ISO and applies the hostname and IP configuration
- The node connects to the Palette Management Appliance at
10.25.232.155:443 - The edge host registers using the token
OTVhZDVlMzc5NDI0YzVlYjgyYjg1YjQzNDg4NGQwZjc= - The node appears in Palette under Edge Hosts with status Registered
Step 5: Verify Registration¶
In the Palette console:
- Navigate to Edge Hosts
- Verify all 3 nodes appear with their correct hostnames and IPs
- Confirm status is Ready for each node
Post-Imaging Validation¶
| Check | Expected | How to Verify |
|---|---|---|
| Node registered in Palette | 3 nodes visible | Palette --> Edge Hosts |
| Hostname correct | stg-wahvp004, 005, 006 | Palette --> Edge Host details |
| IP address correct | 10.25.233.4, .5, .6 | Palette --> Edge Host details |
| Bond active | 4 NICs in LACP bond | SSH: cat /proc/net/bonding/bond0 |
| Drives wiped | No prior partitions | SSH: lsblk shows clean drives |
| OS version | Ubuntu 24.04 | SSH: cat /etc/os-release |
| Palette agent running | stylus service active | SSH: systemctl status stylus |
Subsequent Updates
The site-user-data ISO is only read on first boot. All subsequent configuration changes are made through Palette cluster profiles and user-data management. The ISO can be unmounted after successful registration.