The Provisioning Server

The foundation of the automated ecosystem.

Architecture and Roles

The Provisioning Server is a standard Ubuntu server configured by the ansible-provisioning-server project. It runs a suite of services that work in concert to guide a new, bare-metal machine through an automated installation of Ubuntu.

DHCP Server (dnsmasq)

This is the first point of contact for a new node. When a machine is powered on and set to PXE boot, it sends out a DHCP request. Dnsmasq is configured to listen for these requests, assign a specific IP address based on the node's MAC address (defined in roles/netboot/vars/main.yml), and tell the node where to find the TFTP server.

TFTP Server (tftpd-hpa)

The TFTP server has one simple job: to serve the iPXE bootloader (undionly.kpxe or ipxe.efi) to the node. This bootloader is more powerful than a standard PXE ROM and allows for booting from an HTTP source.

HTTP Server (Nginx & PHP)

The HTTP server is the main engine of the provisioning process, responsible for serving the iPXE boot script, the Ubuntu ISO files, and the cloud-init autoinstall configurations. It also hosts the live status page. All of this is managed by the web and iso_preparation roles.

NAT Gateway (iptables)

To allow the newly provisioned nodes to access the internet, the provisioning server is also configured to act as a NAT gateway, masquerading traffic from the internal network out to the internet. This is configured in the common role.