Deploying the MetalSoft Site Controller

Each site or pod is managed via a dedicated MetalSoft Site Controller. When powered on, Site Controllers will connect to the configured Global controller and will authenticate using pre-installed keys and will tie to the configured Site record.

There are different ways in which the MetalSoft Site Controller can be deployed:

  1. On bare metal

  2. As a VM with layer 2 connectivity to the management network

  3. As a VM with a firewall providing security and DHCP relay services

Under normal operation the Site Controller only requires access to the Out of band (management) networks. No in-band access is required.

The only exceptions to the above are when Extensions defined in MetalSoft need to talk to OS in-band networks for deploying or configuring software OR the Site Controller is used for older systems that only support PXE in which case the network setup is different or MetalSoft apps are used in conjunction with deploying the Operating System.

Resource requirements

The following resources are typically required for a MetalSoft Site Controller installation:

  • 300GB Disk

  • 8 vCPU

  • 16GB RAM

  • Ubuntu 22.04 or higher or RHEL9

Other requirements

  1. An already configured DSite record

  2. Network access to MetalSoft Registry, MetalSoft Repo, MetalSoft Global Controller. More details here.

  3. Credentials for accessing MetalSoft docker registry

Bare metal Site Controller cabling

The following shows the Site Controller’s cabling if the Site Controller runs directly on a bare metal server. All ports of the OOB switch should be in the same L2 broadcast domain (VLAN).

Virtual Site Controller, layer 2 connectivity

The Site Controller can also be hosted as a virtual machine if the layer 2 connectivity can be extended (same VLAN).

Virtual Site Controller, layer 3 connectivity

The following shows the Site Controller’s connectivity if the Site Controller runs as a VM in some remote virtualization cluster and there is no direct layer 2 connectivity. In this case, the Site Controller is connected via a firewall or router or some other form.

This setup is often used to enforce firewall rules on the Site Controller in order for example to separate the switch management network from the server management network.

To enable ZTP a DHCP relay configuration is required on the firewall or router appliance that will take the DHCP traffic from the server or switch management interfaces to the Site Controller’s embedded DHCP server.

Install the Site Controllers on the Site Controllers machine

Automated Install

This is the preferred method.

Log into the Global Controller, click on Sites and click on the Site name. Click on Site controller configuration. Select the capabilities and click on Generate command

This will produce a one-line output, which can be pasted on a newly provisioned clean Site Controllers VM or bare metal installation (Ubuntu LTS 22.04+ or RHEL 9.X), and will install all needed packages and configure the agents

Site Controller firewall configuration

Refer to the Network Flows and Firewall Requirements for more details.