Hardware

The baremetal nodes are based on ubuntu with the following configuration.

SSH Access

Copy SSH Key to Host

From the local host, copy your public ssh key to the nodes:

ssh-copy-id -i <PATH_TO_SSH_KEY> ubuntu@<HOST_IP>

Edit the following options in the sshd config:

...
PermitRootLogin no
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

service ssh restart

Enable SUDO without password

Edit the following line in the sudoers file:

...
%sudo    ALL=(ALL) NOPASSWD:ALL
...

Scramble User Password

The user password is no longer needen.

head -c 500 /dev/urandom | tr -dc 'a-zA-Z0-9~!@#$%^&*_-' | fold -w 24 | head -n 1 | passwd ubuntu --stdin

Keepalived

vrrp_instance VI_API {
        state MASTER
        interface eth0
        virtual_router_id 51
        priority 200
        advert_int 1
        authentication {
              auth_type PASS
              auth_pass 12345
        }
        virtual_ipaddress {
              10.10.98.10/16
        }
}

vrrp_instance VI_API {

        state BACKUP
        interface eth0
        virtual_router_id 51
        priority 150
        advert_int 1
        authentication {
              auth_type PASS
              auth_pass 12345
        }
        virtual_ipaddress {
              10.10.98.10/16
        }
}

BGP

Unifi Router.

ssh 10.20.0.1
configure
set protocols bgp 64512 parameters router-id 10.10.0.1
set protocols bgp 64512 neighbor 10.10.100.11 remote-as 64512
set protocols bgp 64512 neighbor 10.10.100.12 remote-as 64512
set protocols bgp 64512 neighbor 10.10.100.13 remote-as 64512
show protocols bgp
commit
save
exit