Difference between pages "Building a Kernel from Source" and "PXE network boot server"

From Funtoo
(Difference between pages)
Jump to: navigation, search
 
 
Line 1: Line 1:
Setting up a proper kernel yourself - lean, mean and tailored to your hardware,  is the challenge by which a linux user can graduate to becoming a Funtoo knight ;-)
+
== ''Howto: Turn your Funtoo machine into a Network Boot Server'' ==
 +
This guide helps explain how to set up a PXE server using in.tftpd and dnsmasq.
 +
This may be useful for installing an operating system on a machine that has no optical drive and/or an older BIOS which doesn't support booting from USB.
  
Even though many of us are using enterprise-ready kernels in datacenters, there is almost nobody who hasn't at least considered building a kernel for his laptop / PC.
+
This guide will cover the basics of getting your server set up to allow clients to boot from the network to a pxelinux/syslinux menu and choose an option of installing / running your preferred distribution or installing a MS Windows operating system - the possibilities are endless and you are free to use it as you wish!! The funtoo way!
We are showing here how an intermediate Linux user can use an alternative to the standard beginners "genkernel" approach,  to compile a custom kernel,  in a relatively speedy and easy set up.
+
  
== Minimum Requirements ==
+
== Dependencies ==
* '''Understand the command line'''
+
The following packages are required:
* '''Know where the kernel files are located'''
+
  
== Assumptions ==
+
* {{Package|net-dns/dnsmasq}}
You start from an installed Funtoo system on the disk, or at least, you are on stage3 in a chrooted environment from a live cd, following somehow the Funto [[Installation (Tutorial)|Installation Tutorial]].
+
* {{Package|net-ftp/tftp-hpa}}
 +
* {{Package|sys-boot/syslinux}}
 +
For Windows PXE Booting:
 +
* {{Package|net-fs/cifs-utils}}
 +
* {{Package|net-fs/samba}}
 +
*A simple fileserving protocol configured and working properly. Both FTP and HTTP work fine. You can use either one.
 +
{{fancynote| This guide will use System Rescue CD as an example of the PXE Boot Process. }}
 +
* Download System Rescue CD[http://www.sysresccd.org]
 +
{{fancynote| The following packages are only required if you intend to install Microsoft Windows via Network Boot (NOT REQUIRED IN THIS HOWTO)}}
 +
*NFS support - Kernel configuration : CONFIG_NFS_FS=y||m
  
In this case we are building a kernel that is booting root in LVM over encrypted LUKS container.
+
== Understanding the PXE/Network Boot process ==
If you don't have this setup, don't worry, you just don't need all the modules, but everything else is similar.
+
A PXE Network boot isn't much different than a traditional boot from your hard drive, in fact you will probably find the boot loader to be very similar to what you are already familiar with!  In a nut shell here is what happens:  You set your BIOS / Boot options to boot from Network. The client will obtain an IP address from the PXE server (via DNSMasq), after the IP address is obtained it simply looks for the tftp daemon running on the server (tftp-hpa). The DHCP Server sends the PXE information to the NIC and it loads up a menu that you define in your pxelinux configuration (syslinux), or depending on your configuration it may go straight into the OS / Installation that you configure.
  
 +
Sounds easy huh? For the most part it is very simple to set up. However if you plan to set up a MS Windows install via the network, it gets a bit more tricky, mainly due to MS not using a case sensitive file system, and requiring files to be located using drive letters and back slashes "\" instead of slashes "/"  What this requires is a remapping file. With a remapping file, tftp daemon will remap the characters, symbols, and/or drive letters to suit the needs. This is why I recommend tftp-hpa in this guide. 
  
== Getting ready to start ==
+
DNSMasq actually provides a tftp server if you want to use it, however I recommend the use of tftp-hpa as it allows remapping in the event you ever intend to boot a Windows environment over your network.
  
First there is the decision which linux kernel sources we need.
+
This guide will cover the basics of getting your PXE server up and running for a linux based client, in this guide we will be using System Rescue CD (which is a Gentoo Live CD Image).  
There are plenty of them in the repositories around, often it is not easy to distinguish between them.
+
  
I would always trust my distribution of choice and take what is has to offer - and funtoo has a lot to offer!
+
In the event that you want to install Microsoft Windows over the network, you will have your server already configured, and you will only need to do some minor config changes, host your Windows installation files / Preinstallation Environment and set your tftp remapping configuration. (This can become a headache if you plan to host several releases of MS Windows over the network - due to conflicting remappings)
  
I really do recommend (especially if it is your first time) to build a debian-sourced genkernel like described in chapter 5 "Using Debian-Sources with Genkernel" in the [[Funtoo_Linux_Kernels| Funtoo Kernels Tutorial]].
+
It is also very important to understand that the PXE network is only responsible for giving you network access up until the operating system is loaded. What this means is that your kernel you are loading will need to have support for the network card on your client(s). You may want to consider a generic kernel that supports several different NICs.  For Windows, this means you will probably want to include all NIC drivers in your installation files and ensure that they are loaded during installation.
  
From there you should have a running system booting nicely from your own build (just little bit bloated) kernel. This is more than you can expect from any other ready to go distribution.
+
== Installing and Configuring tftp-hpa (in.tftpd) for serving your network boot files ==
 +
Install {{Package|net-ftp/tftp-hpa}} using portage:
 +
<console>
 +
###i## emerge net-ftp/tftp-hpa
 +
</console>
  
{{fancynote| We are using RedHat's dracut in order to build a nice initramfs (containing all the necessary tools and extra drivers our kernel might need to start the system). Although dracut is the way to go, more sophisticated and not as buggy as gentoo's genkernel approach, more and more funtoo geeks start using slashbeast's better-initramfs, which we will cover at the end of this howto! So after having set up a genkernel from debian or gentoo sources we are going to build a kernel with either (or both) dracut or/and better-initramfs. So gentoo sources with genkernel is always my backup if anything is not working correctly on my system. For the slightly more geeky approach with my own initram I am using pf-sources, ck-sources or any other more or less heavily patched sources.}}
+
Create a directory for your tftp server - this is where your pxe configuration files and any files that will be accessed directly from the PXE boot process will be located (You can put it anywhere you have access to, I will be using <code>/tftproot</code>):
 +
<console>
 +
###i## mkdir /tftproot
 +
</console>
  
Let's go!
+
Edit your PXE configuration:
 +
Set the path to <tt>/tftproot</tt> or your preferred directory created above. We are going to also go ahead and add a remapping file just in case you intend to use it later it will be <code>${INTFTPD_PATH}tftpd.remap.</code> Edit <code>/etc/conf.d/in.tftpd</code>:
  
== Kernel Sources ==
 
The source you use on your system is up to you. For a laptop or desktop system, the following are recommended:
 
* '''{{Package|sys-kernel/pf-sources}}'''
 
* '''{{Package|sys-kernel/ck-sources}}'''
 
* '''{{Package|sys-kernel/gentoo-sources}}'''
 
* '''{{Package|sys-kernel/git-sources}}'''
 
* '''{{Package|sys-kernel/sysrescue-std-sources}}'''
 
* '''{{Package|sys-kernel/debian-sources}}'''
 
{{fancynote| If you are unsure of which sources you would like to use, emerge <code>gentoo-sources</code>. That's always a safe bet for a general system. For more information on available kernels, check out: [[Funtoo Linux Kernels]]}}
 
 
== Prerequisites ==
 
 
Regardless of the tools you already have installed, it is recommended to follow the steps below, even if you find them to be redundant.
 
First, we edit our <code>/etc/portage/make.conf</code>:
 
  
 
<pre>
 
<pre>
#These compiler flags are just tweaking (optimazation) and NOT necessary:
+
# Path to server files from
CFLAGS="-O2 -pipe -march=native -ftracer -fforce-addr"
+
# Depending on your application you may have to change this.
CXXFLAGS="${CFLAGS} -fpermissive -fomit-frame-pointer"
+
# This is commented out to force you to look at the file!
KDIR=/usr/src/linux
+
#INTFTPD_PATH="/var/tftp/"
KERNEL="symlink build"
+
#INTFTPD_PATH="/tftpboot/"
USE="$KERNEL ....here are your use flags...."
+
INTFTPD_PATH="/tftproot/"
## These modules are available:
+
## DRACUT_MODULES="dracut_modules_biosdevname dracut_modules_btrfs dracut_modules_caps dracut_modules_crypt dracut_modules_crypt-gpg dracut_modules_dmraid dracut_modules_dmsquash-live dracut_modules_gensplash dracut_modules_iscsi dracut_modules_livenet dracut_modules_lvm dracut_modules_mdraid dracut_modules_multipath dracut_modules_nbd dracut_modules_nfs dracut_modules_plymouth dracut_modules_ssh-client dracut_modules_syslog"
+
## We will use these modules for LVM / LUKS:
+
DRACUT_MODULES="crypt lvm plymouth biosdevname dmraid crypt-gpg dmsquash-live ssh-client syslog"
+
</pre>
+
  
Next, we set the package keywords by adding the following to <code>/etc/portage/package.use</code>:
+
# For more options, see in.tftpd(8)
 
+
# -R 4096:32767 solves problems with ARC firmware, and obsoletes
<pre>
+
# the /proc/sys/net/ipv4/ip_local_port_range hack.
sys-kernel/dracut dm net device-mapper crypt lvm
+
# -s causes $INTFTPD_PATH to be the root of the TFTP tree.
 +
# -l is passed by the init script in addition to these options.
 +
INTFTPD_OPTS="-m ${INTFTPD_PATH}tftpd.remap -R 4096:32767 -s ${INTFTPD_PATH}"
 
</pre>
 
</pre>
  
{{fancynote| If you don't have lvm over encrypted LUKS you just add the "net" keyword here, or "selinux".}}
+
No need to worry about the the contents of the tftpd.remap file for now, but to prevent the daemon from panicking on a missing file, just create an empty one like so:
  
 
Next, we build our packages:
 
 
<console>
 
<console>
###i## emerge -av app-portage/gentoolkit sys-kernel/pf-sources sys-kernel/dracut sys-boot/plymouth sys-boot/plymouth-openrc-plugin
+
###i## touch /tftproot/tftpd.remap
 
</console>
 
</console>
  
== Preparing the kernel ==
+
== Installing and Configuring DNSMasq for DHCP / PXE Booting ==
 
+
Install {{Package|net-dns/dnsmasq}} if you don't already have it installed (use the tftp useflag):
We go now to the sources directory and enter the following commands to update the kernel's  .config  file:
+
Even though we won't be using the built-in tftp server for dnsmasq, we will still need it to be tftp-aware:
 
<console>
 
<console>
###i## cd /usr/src/linux/
+
###i## echo "net-dns/dnsmasq tftp" >> /etc/portage/package.use/dnsmasq
###i## make clean
+
###i## emerge net-dns/dnsmasq
  CLEAN  .
+
  CLEAN  arch/x86/kernel/acpi/realmode
+
  CLEAN  arch/x86/kernel/cpu
+
  CLEAN  arch/x86/kernel
+
  CLEAN  arch/x86/vdso
+
  CLEAN  arch/x86/lib
+
  CLEAN  drivers/gpu/drm/radeon
+
  CLEAN  drivers/net/wan
+
  CLEAN  drivers/scsi/aic7xxx
+
  CLEAN  drivers/tty/vt
+
  CLEAN  drivers/video/logo
+
  CLEAN  firmware
+
  CLEAN  kernel
+
  CLEAN  lib/raid6
+
  CLEAN  lib
+
  CLEAN  security/apparmor
+
  CLEAN  security/selinux
+
  CLEAN  usr
+
  CLEAN  arch/x86/boot/compressed
+
  CLEAN  arch/x86/boot
+
  CLEAN  .tmp_versions
+
  CLEAN  vmlinux System.map .tmp_kallsyms2.S .tmp_kallsyms1.o .tmp_kallsyms2.o .tmp_kallsyms1.S .tmp_vmlinux1 .tmp_vmlinux2 .tmp_System.map
+
###i## zcat /proc/config.gz > /usr/src/linux/.config
+
 
</console>
 
</console>
 +
DNSMasq is a powerful daemon that has the capability of functioning as a DNS cacheing server, DHCP Server, TFTPD Server, and more. For now we will be focusing on one thing in the configuration, the DHCP Server.
  
Next, we run <tt>make localmodconfig</tt>. You will get some questions which you can answer mostly with either M (compiled as a module) or Y (compiled directly into the kernel). If you are not sure what to choose, press enter, and the default option will be selected.
+
The DNSMasq configuration file is located at:  /etc/dnsmasq.conf and it is a very large file however there are only 3 options we need for this to work, you can later enable DNS and custom dhcp mappings if needed. Those 3 configuration options are:  
<console>
+
###i## make localmodconfig
+
Enable different security models (SECURITY) [Y/n/?] y
+
Enable the securityfs filesystem (SECURITYFS) [Y/?] y
+
Socket and Networking Security Hooks (SECURITY_NETWORK) [Y/?] y
+
Security hooks for pathname based access control (SECURITY_PATH) [Y/?] y
+
Low address space for LSM to protect from user allocation (LSM_MMAP_MIN_ADDR) [65536] 65536
+
NSA SELinux Support (SECURITY_SELINUX) [Y/n/?] y
+
  NSA SELinux boot parameter (SECURITY_SELINUX_BOOTPARAM) [N/y/?] n
+
  NSA SELinux runtime disable (SECURITY_SELINUX_DISABLE) [N/y/?] n
+
  NSA SELinux Development Support (SECURITY_SELINUX_DEVELOP) [Y/n/?] y
+
  NSA SELinux AVC Statistics (SECURITY_SELINUX_AVC_STATS) [Y/n/?] y
+
  NSA SELinux checkreqprot default value (SECURITY_SELINUX_CHECKREQPROT_VALUE) [1] 1
+
  NSA SELinux maximum supported policy format version (SECURITY_SELINUX_POLICYDB_VERSION_MAX) [Y/n/?] y
+
    NSA SELinux maximum supported policy format version value (SECURITY_SELINUX_POLICYDB_VERSION_MAX_VALUE) [19] 19
+
TOMOYO Linux Support (SECURITY_TOMOYO) [Y/n/?] y
+
  Default maximal count for learning mode (SECURITY_TOMOYO_MAX_ACCEPT_ENTRY) [2048] 2048
+
  Default maximal count for audit log (SECURITY_TOMOYO_MAX_AUDIT_LOG) [1024] 1024
+
  Activate without calling userspace policy loader. (SECURITY_TOMOYO_OMIT_USERSPACE_LOADER) [Y/n/?] y
+
AppArmor support (SECURITY_APPARMOR) [Y/n/?] y
+
  AppArmor boot parameter default value (SECURITY_APPARMOR_BOOTPARAM_VALUE) [1] 1
+
Integrity Measurement Architecture(IMA) (IMA) [Y/n/?] y
+
EVM support (EVM) [N/y/?] (NEW)
+
Default security module
+
  1. SELinux (DEFAULT_SECURITY_SELINUX)
+
  2. TOMOYO (DEFAULT_SECURITY_TOMOYO)
+
  3. AppArmor (DEFAULT_SECURITY_APPARMOR)
+
> 4. Unix Discretionary Access Controls (DEFAULT_SECURITY_DAC)
+
choice[1-4?]: 4
+
warning: (ACPI_HOTPLUG_CPU) selects ACPI_CONTAINER which has unmet direct dependencies (ACPI && EXPERIMENTAL)
+
warning: (MEDIA_TUNER) selects MEDIA_TUNER_TEA5761 which has unmet direct dependencies (MEDIA_SUPPORT && VIDEO_MEDIA && I2C && EXPERIMENTAL)
+
#
+
# configuration written to .config
+
#
+
warning: (GFS2_FS) selects DLM which has unmet direct dependencies (EXPERIMENTAL && INET && SYSFS && CONFIGFS_FS && (IPV6 || IPV6=n))
+
warning: (IMA) selects TCG_TPM which has unmet direct dependencies (HAS_IOMEM && EXPERIMENTAL)
+
warning: (MEDIA_TUNER) selects MEDIA_TUNER_TEA5761 which has unmet direct dependencies (MEDIA_SUPPORT && VIDEO_MEDIA && I2C && EXPERIMENTAL)
+
warning: (ACPI_HOTPLUG_CPU) selects ACPI_CONTAINER which has unmet direct dependencies (ACPI && EXPERIMENTAL)
+
</console>
+
  
Now comes the most adventurous part!
+
#dhcp-boot=pxelinux.0  #Tells the filename to grab from the tftp server for booting This is provided by the syslinux package we will be configuring in the next step
 +
#dhcp-range=192.168.0.100,192.168.0.250,72h #customize this range to suite your network needs.
 +
#interface=eth0 #The interface that will be acting as a DHCP server. If you want the DHCP server to run on a different interface be sure to change this option
  
== Building the Kernel ==
+
== Configuring PXELinux (based on syslinux) ==
 +
Install {{Package|sys-boot/syslinux}}:
 
<console>
 
<console>
###i## make -j8  bzImage
+
###i## emerge sys-boot/syslinux
###i## make -j8 modules
+
###i## make modules_install
+
###i## make install
+
 
</console>
 
</console>
  
 
+
PXE booting only requires one file that is installed by syslinux, however you will probably want to use more later on. For now we will use the pxelinux.0 file as we mentioned earlier while setting up DNSMasq, as well as a basic menu using the <code>menu.c32</code> and a graphical menu using the <code>vesamenu.c32</code>.  
=== Initramfs, or not? ===
+
The reason to build a kernel with an initramfs is mostly for interoperability (e.g. live-cd's) and special features like an included busybox, ssh, etc.  But mostly, and that's why we are doing this here now, to have a proper kernel up and running quick'n dirty in a reasonable time without fighting hours and days until a more or less exotic hardware is perfectly run by the kernel.  
+
After having a proper basic kernel running with the help of an initramfs, I really recommend you to go a step further and build a true kernel with all features includes without an initramfs. But this could be pain in the ass and very time consuming - so we do it the funtoo way here - at least in the second example when we stick to better-initramfs instead of Red-Hat's ''dracut''.
+
 
+
== Option one: Initrd with dracut ==
+
 
+
To build the initrd with dracut, we just execute:
+
 
<console>
 
<console>
# ##i##dracut -f --fstab --xz /boot/initramfs-3.2.6-pf.img  3.2.6-pf
+
###i## cd /usr/share/syslinux
 +
###i## cp menu.c32 vesamenu.c32 pxelinux.0 /tftproot
 +
###i## cd /tftproot
 
</console>
 
</console>
  
Generally, this should be enough!
+
PXELinux can boot a different option for each device's MAC address on your network, or it can also boot a default for all nic's on the network if a MAC address config isn't found. I will be covering the default method as it works for most simple setups. If you prefer a different boot configuration for each MAC address on your NICs then you can google for "pxelinux.cfg MAC config" and find tons of documentation for doing so.
If you experience booting problems like missing modules / drivers then just boot from the genkernel section and fix the initrd building. You can look into the man page to tweak the command a bit (e.g. --add-drivers "xz dm_crypt" etc...).
+
To set up the default config, first create the following directory:
 +
<console>
 +
###i## mkdir /tftproot/pxelinux.cfg
 +
</console>
  
Ok let's go on and finish the taks, we are now going to tell grub how to boot off correctly! Edit <tt>/etc/boot.conf</tt>:
+
Inside this directory is where the "default" config as well as any other custom configurations by MAC will reside. Here is an example of a graphical menu used to boot System Rescue CD, the file should be located at <code>/tftproot/pxelinux.cfg/default</code>:
  
 
<pre>
 
<pre>
 +
# The default menu style - using vesa menu in this example
 +
DEFAULT vesamenu.c32
 +
# If you have a png image in the /tftproot directory you can specify it here like so:
 +
Menu Background netboot-1.png
 +
# Prompt user for selection
 +
prompt 0
  
boot {
+
#Global label identifier
         generate grub
+
label System Rescue CD
         default "Funtoo Linux dracut"
+
         # Set this entry as the default selection
         timeout 3
+
         menu default
}
+
         # Actual viewable label text
 
+
MENU LABEL System Rescue CD
"Funtoo Linux genkernel" {
+
         # The timeout for the entry is a bit unclear, but 10000 is equivalent to 10 Seconds.
         kernel kernel-genkernel[-v]
+
         TIMEOUT 10000
         initrd initramfs-genkernel[-v]
+
         TOTALTIMEOUT 10000
         params = quiet rootfstype=ext4
+
         # The kernel image to load.  This entry would actually reside at /tftproot/srcd/isolinux/rescue64  The path is relative to /tftproot or your tftp directory
         params += luks enc_root=/dev/sda3
+
kernel srcd/isolinux/rescue64
        params += lvm root=/dev/mapper/vg-root
+
         # The initrd relative to tftproot directory and specifying the netboot server, protocol, and file
}
+
         # In this example the http protocol is used on server 192.168.0.1. The file is sysrcd.dat
 
+
         # If you have your http server set up to host files at /var/www/localhost/htdocs then this file would be located in that directory
"Funtoo Linux dracut" {
+
append initrd=srcd/isolinux/initram.igz netboot=http://192.168.0.1/sysrcd.dat
         kernel vmlinuz[-v]
+
## this is the better-initramfs generated initrd
+
         initrd initramfs[-v].img
+
         params  = quiet rootfstype=ext4
+
        params += luks enc_root=/dev/sda3
+
        params += lvm root=/dev/mapper/vg-root
+
}
+
 
</pre>
 
</pre>
  
That's it -- almost!
+
== Mounting the ISO Image and Hosting the Compressed File System ==
 +
In the above configuration example I was using a mounted System Rescue CD image at /tftproot/srcd  The kernel and initrd are located inside the isolinux directory of the ISO, the compressed filesystem is located at the top level of the ISO (i.e. /tftproot/srcd/sysrcd.dat)
  
Now write to the <code>grub.cfg</code> with the handy [[Boot-Update]] script:
+
In order to replicate the exact settings I used in this config you may do the following:  
 
<console>
 
<console>
###i## boot-update -v
+
###i## cd /tftproot
 
+
###i## mkdir srcd
boot-update 1.5.2 / Copyright 2009-2011 Funtoo Technologies
+
###i## mount -o loop /path/to/systemrescuecd.iso srcd/
 
+
[use option "-l" for license info, "-h" for help]
+
 
+
* Generating config for grub...
+
 
+
DEFAULT > Funtoo Linux - vmlinuz-3.2.6-pf
+
          Funtoo Linux genkernel - kernel-genkernel-x86_64-3.2.6-pf
+
 
+
* Completed successfully.
+
 
</console>
 
</console>
 +
Be sure to replace the "/path/to/systemrescuecd.iso" with the actual path you downloaded the System Rescue CD to and the actual filename.
  
Okay,... here you go..! :)
+
Now you need to be sure that 2 files reside on your HTTP or FTP server, whichever you prefer to use for the netboot process is fine, but the System Rescue CD Netboot process will do 3 things:
 
+
#Load Kernel
Reboot and see how it works!
+
#Load Initrd
 
+
#Request the compressed filesystem from the network
== Option two: using better-initramfs ==
+
The files needed for the 3rd step are located in the srcd/ directory if you mounted it with the above command. System Rescue CD uses a .dat file for the compressed filesystem, and it is verified during boot with a md5sum using the .md5 file in the srcd/ directory. The filenames are sysrcd.dat and sysrcd.md5.  They need to be hosted on your fileserver/http server that you specify for the netboot argument in the pxelinux.cfg/default file. If you have a basic Apache/Lighttpd server set up you can do the following:
 
+
Piotr's better-initramfs is another approach that is tiny, nice and shiny and seems to become more and more a favourite among funtoo'ers. The biggest plus is that, once built it is kernel version independent.
+
 
+
To use better-initramfs, follow these steps:
+
# download sources
+
# build kernel with "make bzImage"
+
# download better-initramfs
+
# run better-initramfs
+
# adjust <tt>/etc/boot.conf</tt>
+
 
+
''Here is how in detail:''
+
 
+
Assuming you did install already a genkernel backup or at least you have a working bzImage + modules installed, we rush forward to step 3:
+
 
+
=== Downloading Better-initramfs ===
+
 
+
 
<console>
 
<console>
###i## cd /opt/
+
###i## ln -s /tftproot/srcd/sysrcd.dat /var/www/localhost/htdocs/
###i## git clone https://github.com/slashbeast/better-initramfs.git
+
###i## ln -s /tftproot/srcd/sysrcd.md5 /var/www/localhost/htdocs/
###i## cd better-initramfs
+
###i## ls
+
AUTHORS    LICENSE  README.rst  bootstrap  output  sourceroot
+
ChangeLog  Makefile  TODO        examples  scripts
+
 
</console>
 
</console>
  
=== Build Better-Initramfs ===
+
== Starting the services and preparing for use ==  
 +
First we want to start the PXE server:
 
<console>
 
<console>
###i## bootstrap/bootstrap-all
+
###i## /etc/init.d/in.tftpd start
###i## make prepare
+
###i## make image
+
###i## mv output/initramfs.cpio.gz /boot
+
 
</console>
 
</console>
 
+
And now DNSMasq:
=== Adjust grub ===
+
<console>
 
+
###i## /etc/init.d/dnsmasq start
Taking the above setup we edit the <tt>/etc/boot.conf</tt>:
+
</console>
 
+
If you are using Apache ensure it is running (If you use Lighttpd or Nginx replace this step with the appropriate service)  
 
+
<pre>
+
boot {
+
        generate grub
+
        default "Funtoo Linux"
+
        timeout 3
+
}
+
 
+
# Rootfs over lvm over luks
+
# /dev/sda3 - encrypted lvm's pv
+
# /dev/mapper/vg-root - rootfs's lv
+
 
+
"Funtoo Linux" {
+
        kernel bzImage[-v]
+
## this is the better-initramfs generated initrd
+
        initrd initramfs.cpio.gz
+
        params  = quiet rootfstype=ext4
+
        params += luks enc_root=/dev/sda3
+
        params += lvm root=/dev/mapper/vg-root
+
}
+
 
+
"Funtoo Linux dracut" {
+
        kernel vmlinuz[-v]
+
## this is the dracut generated initrd
+
        initrd initramfs[-v].img
+
        params  = quiet rootfstype=ext4
+
        params += luks enc_root=/dev/sda3
+
        params += lvm root=/dev/mapper/vg-root
+
}
+
 
+
 
+
"Funtoo Linux genkernel" {
+
        kernel kernel-genkernel[-v]
+
        initrd initramfs-genkernel[-v]
+
        params = quiet rootfstype=ext4
+
        params += luks enc_root=/dev/sda3
+
        params += lvm root=/dev/mapper/vg-root
+
}
+
</pre>
+
Okay,... here you go..! :)
+
 
+
update the <tt>grub.cfg</tt> with boot update, then reboot and see how it works!
+
 
+
 
<console>
 
<console>
###i## boot-update -v   
+
###i## /etc/init.d/apache2 status
 +
</console>
 +
If the service is not running, you should start it:
 +
<console>
 +
###i## /etc/init.d/apache2 start
 +
</console>
 +
If all your configuration options are correct and you have your HTTP/FTP server running and hosting the files properly, your configuration should be done on the server side for hosting ''System Rescue CD''!!  Don't get carried away just yet, we still have to test things are working :D
  
boot-update 1.5.2 / Copyright 2009-2011 Funtoo Technologies
+
== Testing your first network boot ==
 +
The first thing you want to do now is set up your client to boot from the network. This may vary on different machines / bios, common methods are:
 +
*Pressing F12 at boot to select boot method
 +
*Pressing F1, F10, or DEL at boot to enter BIOS Setup
 +
*Consult your motherboard documentation for the appropriate method of selecting boot device if the above don't work
  
[use option "-l" for license info, "-h" for help]
+
You will want to choose a method to boot from Network as the first boot device. It may also be called "Boot From Lan" "Network Boot" "PXE Boot"  Once you have selected the appropriate method you may need to save the settings, proceed on to booting.  If you chose the right method you should be seeing some text on your screen, such as:  PXE Boot.. Obtaining DHCP....  If all is well you will be presented with your PXELinux Boot menu.  If your client system is still booting from the hard drive, or you see a failure related to obtaining DHCP IP address, please verify your settings in the above section "Installing and Configuring DNSMasq for DHCP / PXE Booting"[http://www.funtoo.org/index.php?title=Installing_and_Configuring_DNSMasq_for_DHCP_/_PXE_Booting&action=submit#Installing_and_Configuring_DNSMasq_for_DHCP_.2F_PXE_Booting] -make sure that your interface is set correctly, and that you are offering a DHCP range on the same internal network range as the IP address your server has.  If you have any error relating to unable to find PXE boot, please verify that you have the pxelinux.0 file in your /tftproot  and that your /etc/dnsmasq.conf  has the ""dhcp-boot=pxelinux.0"" configuration option.. **note that the 0 is a zero and not an o.
  
* Generating config for grub...
+
Upon a successful PXE configuration you will be presented with the network boot menu, with the option to boot System Rescue CDIf you have the appropriate files in the correct locations and your http/ftp server is working properly, you should be able to select the System Rescue CD menu entry and successfully boot via network. Congratulations!!
 
+
  DEFAULT > Funtoo Linux better-initramfs - vmlinuz-3.2.6-pf
+
          Funtoo Linux dracut - vmlinuz-3.2.6-pf
+
          Funtoo Linux genkernel - kernel-genkernel-x86_64-3.2.6-ck
+
 
+
* Completed successfully.
+
###i## reboot
+
</console>
+
  
 +
== Adding more operating systems / installations to your working PXE setup ==
 +
I know that by example, a lot of people probably want to use something other than the System Rescue CD. The main things have been outlined above for most linux distributions. MS Windows, see [http://www.funtoo.org/wiki/PXE_Network_Windows_Installation PXE Network Windows Installation] is quiet a bit more difficult than any linux install. I will try to cover the most important steps to serving a Windows Installation from the network soon.
  
[[Category:HOWTO]]
+
If you are wondering how you go about hosting a different Linux install other than the System Rescue CD, the main things to look at are the pxelinux.cfg/default file to edit the kernel and initrd lines. You also need to be sure that those files are accessible by the PXE loader, and if your initrd requires a compressed filesystem, be sure that you have a working ftp/http server hosting the compressed filesystem (Remember once boot process has been handed over to your kernel that you are no longer accessing the network via tftp but instead by the core services provided by the initrd + drivers provided by your kernel) I will add that you may use the fetch=tftp:// protocol in the kernel cmdline, however it doesn't seem to work as stable as using http/ftp method.  Each distro is different you may need to consult the documentation for the specific  distro's needed boot cmdline.  For the most part you will find it to be very similar(i.e. kernel+initrd+compressed-filesystem) Ubuntu doesn't even use a compressed filesystem on their ISO's it basically just uses a kernel and an initrd.  I am currently working on getting a Funtoo netboot image developed, tested, and providing information on how to host a Funtoo Base system over the network via your Funtoo PXE Netboot Server.
[[Category:Featured]]
+
[[Category:HOWTO]]
[[Category:Kernel]]
+

Latest revision as of 23:01, 19 February 2014

Contents

[edit] Howto: Turn your Funtoo machine into a Network Boot Server

This guide helps explain how to set up a PXE server using in.tftpd and dnsmasq. This may be useful for installing an operating system on a machine that has no optical drive and/or an older BIOS which doesn't support booting from USB.

This guide will cover the basics of getting your server set up to allow clients to boot from the network to a pxelinux/syslinux menu and choose an option of installing / running your preferred distribution or installing a MS Windows operating system - the possibilities are endless and you are free to use it as you wish!! The funtoo way!

[edit] Dependencies

The following packages are required:

For Windows PXE Booting:

  • net-fs/cifs-utils
  • net-fs/samba
  • A simple fileserving protocol configured and working properly. Both FTP and HTTP work fine. You can use either one.
Note: This guide will use System Rescue CD as an example of the PXE Boot Process.
  • Download System Rescue CD[1]
Note: The following packages are only required if you intend to install Microsoft Windows via Network Boot (NOT REQUIRED IN THIS HOWTO)
  • NFS support - Kernel configuration : CONFIG_NFS_FS=y||m

[edit] Understanding the PXE/Network Boot process

A PXE Network boot isn't much different than a traditional boot from your hard drive, in fact you will probably find the boot loader to be very similar to what you are already familiar with! In a nut shell here is what happens: You set your BIOS / Boot options to boot from Network. The client will obtain an IP address from the PXE server (via DNSMasq), after the IP address is obtained it simply looks for the tftp daemon running on the server (tftp-hpa). The DHCP Server sends the PXE information to the NIC and it loads up a menu that you define in your pxelinux configuration (syslinux), or depending on your configuration it may go straight into the OS / Installation that you configure.

Sounds easy huh? For the most part it is very simple to set up. However if you plan to set up a MS Windows install via the network, it gets a bit more tricky, mainly due to MS not using a case sensitive file system, and requiring files to be located using drive letters and back slashes "\" instead of slashes "/" What this requires is a remapping file. With a remapping file, tftp daemon will remap the characters, symbols, and/or drive letters to suit the needs. This is why I recommend tftp-hpa in this guide.

DNSMasq actually provides a tftp server if you want to use it, however I recommend the use of tftp-hpa as it allows remapping in the event you ever intend to boot a Windows environment over your network.

This guide will cover the basics of getting your PXE server up and running for a linux based client, in this guide we will be using System Rescue CD (which is a Gentoo Live CD Image).

In the event that you want to install Microsoft Windows over the network, you will have your server already configured, and you will only need to do some minor config changes, host your Windows installation files / Preinstallation Environment and set your tftp remapping configuration. (This can become a headache if you plan to host several releases of MS Windows over the network - due to conflicting remappings)

It is also very important to understand that the PXE network is only responsible for giving you network access up until the operating system is loaded. What this means is that your kernel you are loading will need to have support for the network card on your client(s). You may want to consider a generic kernel that supports several different NICs. For Windows, this means you will probably want to include all NIC drivers in your installation files and ensure that they are loaded during installation.

[edit] Installing and Configuring tftp-hpa (in.tftpd) for serving your network boot files

Install net-ftp/tftp-hpa using portage:

# emerge net-ftp/tftp-hpa

Create a directory for your tftp server - this is where your pxe configuration files and any files that will be accessed directly from the PXE boot process will be located (You can put it anywhere you have access to, I will be using /tftproot):

# mkdir /tftproot

Edit your PXE configuration: Set the path to /tftproot or your preferred directory created above. We are going to also go ahead and add a remapping file just in case you intend to use it later it will be ${INTFTPD_PATH}tftpd.remap. Edit /etc/conf.d/in.tftpd:


# Path to server files from
# Depending on your application you may have to change this.
# This is commented out to force you to look at the file!
#INTFTPD_PATH="/var/tftp/"
#INTFTPD_PATH="/tftpboot/"
INTFTPD_PATH="/tftproot/"

# For more options, see in.tftpd(8)
# -R 4096:32767 solves problems with ARC firmware, and obsoletes
# the /proc/sys/net/ipv4/ip_local_port_range hack.
# -s causes $INTFTPD_PATH to be the root of the TFTP tree.
# -l is passed by the init script in addition to these options.
INTFTPD_OPTS="-m ${INTFTPD_PATH}tftpd.remap -R 4096:32767 -s ${INTFTPD_PATH}"

No need to worry about the the contents of the tftpd.remap file for now, but to prevent the daemon from panicking on a missing file, just create an empty one like so:

# touch /tftproot/tftpd.remap

[edit] Installing and Configuring DNSMasq for DHCP / PXE Booting

Install net-dns/dnsmasq if you don't already have it installed (use the tftp useflag): Even though we won't be using the built-in tftp server for dnsmasq, we will still need it to be tftp-aware:

# echo "net-dns/dnsmasq tftp" >> /etc/portage/package.use/dnsmasq
# emerge net-dns/dnsmasq

DNSMasq is a powerful daemon that has the capability of functioning as a DNS cacheing server, DHCP Server, TFTPD Server, and more. For now we will be focusing on one thing in the configuration, the DHCP Server.

The DNSMasq configuration file is located at: /etc/dnsmasq.conf and it is a very large file however there are only 3 options we need for this to work, you can later enable DNS and custom dhcp mappings if needed. Those 3 configuration options are:

  1. dhcp-boot=pxelinux.0 #Tells the filename to grab from the tftp server for booting This is provided by the syslinux package we will be configuring in the next step
  2. dhcp-range=192.168.0.100,192.168.0.250,72h #customize this range to suite your network needs.
  3. interface=eth0 #The interface that will be acting as a DHCP server. If you want the DHCP server to run on a different interface be sure to change this option

[edit] Configuring PXELinux (based on syslinux)

Install sys-boot/syslinux:

# emerge sys-boot/syslinux

PXE booting only requires one file that is installed by syslinux, however you will probably want to use more later on. For now we will use the pxelinux.0 file as we mentioned earlier while setting up DNSMasq, as well as a basic menu using the menu.c32 and a graphical menu using the vesamenu.c32.

# cd /usr/share/syslinux
# cp menu.c32 vesamenu.c32 pxelinux.0 /tftproot
# cd /tftproot

PXELinux can boot a different option for each device's MAC address on your network, or it can also boot a default for all nic's on the network if a MAC address config isn't found. I will be covering the default method as it works for most simple setups. If you prefer a different boot configuration for each MAC address on your NICs then you can google for "pxelinux.cfg MAC config" and find tons of documentation for doing so. To set up the default config, first create the following directory:

# mkdir /tftproot/pxelinux.cfg

Inside this directory is where the "default" config as well as any other custom configurations by MAC will reside. Here is an example of a graphical menu used to boot System Rescue CD, the file should be located at /tftproot/pxelinux.cfg/default:

# The default menu style - using vesa menu in this example
DEFAULT vesamenu.c32
# If you have a png image in the /tftproot directory you can specify it here like so:
Menu Background netboot-1.png
# Prompt user for selection
prompt 0 

#Global label identifier
label System Rescue CD
        # Set this entry as the default selection
        menu default
        # Actual viewable label text
	MENU LABEL System Rescue CD
        # The timeout for the entry is a bit unclear, but 10000 is equivalent to 10 Seconds. 
        TIMEOUT 10000
        TOTALTIMEOUT 10000
        # The kernel image to load.  This entry would actually reside at /tftproot/srcd/isolinux/rescue64   The path is relative to /tftproot or your tftp directory
	kernel srcd/isolinux/rescue64
        # The initrd relative to tftproot directory and specifying the netboot server, protocol, and file
        # In this example the http protocol is used on server 192.168.0.1. The file is sysrcd.dat
        # If you have your http server set up to host files at /var/www/localhost/htdocs then this file would be located in that directory
	append initrd=srcd/isolinux/initram.igz netboot=http://192.168.0.1/sysrcd.dat

[edit] Mounting the ISO Image and Hosting the Compressed File System

In the above configuration example I was using a mounted System Rescue CD image at /tftproot/srcd The kernel and initrd are located inside the isolinux directory of the ISO, the compressed filesystem is located at the top level of the ISO (i.e. /tftproot/srcd/sysrcd.dat)

In order to replicate the exact settings I used in this config you may do the following:

# cd /tftproot 
# mkdir srcd 
# mount -o loop /path/to/systemrescuecd.iso srcd/

Be sure to replace the "/path/to/systemrescuecd.iso" with the actual path you downloaded the System Rescue CD to and the actual filename.

Now you need to be sure that 2 files reside on your HTTP or FTP server, whichever you prefer to use for the netboot process is fine, but the System Rescue CD Netboot process will do 3 things:

  1. Load Kernel
  2. Load Initrd
  3. Request the compressed filesystem from the network

The files needed for the 3rd step are located in the srcd/ directory if you mounted it with the above command. System Rescue CD uses a .dat file for the compressed filesystem, and it is verified during boot with a md5sum using the .md5 file in the srcd/ directory. The filenames are sysrcd.dat and sysrcd.md5. They need to be hosted on your fileserver/http server that you specify for the netboot argument in the pxelinux.cfg/default file. If you have a basic Apache/Lighttpd server set up you can do the following:

# ln -s /tftproot/srcd/sysrcd.dat /var/www/localhost/htdocs/
# ln -s /tftproot/srcd/sysrcd.md5 /var/www/localhost/htdocs/

[edit] Starting the services and preparing for use

First we want to start the PXE server:

# /etc/init.d/in.tftpd start

And now DNSMasq:

# /etc/init.d/dnsmasq start 

If you are using Apache ensure it is running (If you use Lighttpd or Nginx replace this step with the appropriate service)

# /etc/init.d/apache2 status

If the service is not running, you should start it:

# /etc/init.d/apache2 start

If all your configuration options are correct and you have your HTTP/FTP server running and hosting the files properly, your configuration should be done on the server side for hosting System Rescue CD!! Don't get carried away just yet, we still have to test things are working :D

[edit] Testing your first network boot

The first thing you want to do now is set up your client to boot from the network. This may vary on different machines / bios, common methods are:

  • Pressing F12 at boot to select boot method
  • Pressing F1, F10, or DEL at boot to enter BIOS Setup
  • Consult your motherboard documentation for the appropriate method of selecting boot device if the above don't work

You will want to choose a method to boot from Network as the first boot device. It may also be called "Boot From Lan" "Network Boot" "PXE Boot" Once you have selected the appropriate method you may need to save the settings, proceed on to booting. If you chose the right method you should be seeing some text on your screen, such as: PXE Boot.. Obtaining DHCP.... If all is well you will be presented with your PXELinux Boot menu. If your client system is still booting from the hard drive, or you see a failure related to obtaining DHCP IP address, please verify your settings in the above section "Installing and Configuring DNSMasq for DHCP / PXE Booting"[2] -make sure that your interface is set correctly, and that you are offering a DHCP range on the same internal network range as the IP address your server has. If you have any error relating to unable to find PXE boot, please verify that you have the pxelinux.0 file in your /tftproot and that your /etc/dnsmasq.conf has the ""dhcp-boot=pxelinux.0"" configuration option.. **note that the 0 is a zero and not an o.

Upon a successful PXE configuration you will be presented with the network boot menu, with the option to boot System Rescue CD. If you have the appropriate files in the correct locations and your http/ftp server is working properly, you should be able to select the System Rescue CD menu entry and successfully boot via network. Congratulations!!

[edit] Adding more operating systems / installations to your working PXE setup

I know that by example, a lot of people probably want to use something other than the System Rescue CD. The main things have been outlined above for most linux distributions. MS Windows, see PXE Network Windows Installation is quiet a bit more difficult than any linux install. I will try to cover the most important steps to serving a Windows Installation from the network soon.

If you are wondering how you go about hosting a different Linux install other than the System Rescue CD, the main things to look at are the pxelinux.cfg/default file to edit the kernel and initrd lines. You also need to be sure that those files are accessible by the PXE loader, and if your initrd requires a compressed filesystem, be sure that you have a working ftp/http server hosting the compressed filesystem (Remember once boot process has been handed over to your kernel that you are no longer accessing the network via tftp but instead by the core services provided by the initrd + drivers provided by your kernel) I will add that you may use the fetch=tftp:// protocol in the kernel cmdline, however it doesn't seem to work as stable as using http/ftp method. Each distro is different you may need to consult the documentation for the specific distro's needed boot cmdline. For the most part you will find it to be very similar(i.e. kernel+initrd+compressed-filesystem) Ubuntu doesn't even use a compressed filesystem on their ISO's it basically just uses a kernel and an initrd. I am currently working on getting a Funtoo netboot image developed, tested, and providing information on how to host a Funtoo Base system over the network via your Funtoo PXE Netboot Server.