Install Server

=What's it for?= We have a chronic shortage of install media at FCS Workshops, so this is a project to mitigate the situation.

You set up a computer to boot from its network interface, plug in a network cable on the server's subnet, and boot into a Xubuntu Live session.

=Status and To-Do= allow sending back a class-identifier (option 60) in the DHCP offer."
 * We're slowly working on a metapackage to automate installing this setup. The code lives here: https://github.com/freegeek-seattle/install_pxeserver but as of today is is not yet ready. Koanhead (talk) 21:05, 15 November 2014 (PST)
 * Where is the server? It is not seen on the network and the physical location is UNKNOWN
 * Currently there is no install server. The last one went missing, hence automation.
 * The server should have a flawless boot operation. Currently not the case.
 * Currently it doesn't work at all. Flawless may be a bit much to ask; I'd be happy with 'boots Ubuntu 12.o4 32-bit more quickly than a CD', which is the best we've achieved with it so far. I expect we can do better. Watch this space ☺
 * The server should have Xubuntu 14.04 (Trusty) boot/install. Currently it has (just) 12.04 (Precise)
 * We can add arbitrary images to the boot server after it is set up. Storage is the only limit.
 * The server should be configured to auto-update to ensure security vulnerabilities are avoided.
 * See http://www.debianadmin.com/automatic-update-of-packages-using-cron-apt.html (or package `unattended-upgrades`)
 * The server data & configuration should ideally be backed up somewhere- as should all important data.
 * One machine has already refused to boot over PXE due to "client does not accept TFTP option". This message is not especially helpful in that it doesn't specify which option it doesn't like. The only option specified in server's config is "secure". Turning this option off did not clear the message. May be related to http://lkml.iu.edu/hypermail/linux/kernel/0202.2/0724.html, "The PXE daemon cannot be used on this server because the DHCP daemon will not

=References=


 * https://wiki.debian.org/PXEBootInstall
 * http://www.serenux.com/2010/05/howto-setup-your-own-pxe-boot-server-using-ubuntu-server/
 * http://www.serenux.com/2010/05/howto-get-an-ubuntu-live-cd-to-boot-off-a-pxe-server/
 * https://wiki.ubuntu.com/LiveCDNetboot
 * http://www.syslinux.org/wiki/index.php/PXELINUX
 * https://www.debian.org/releases/stable/i386/ch04s05.html.en
 * http://www.syslinux.org/old/menu.php
 * http://lkml.iu.edu/hypermail/linux/kernel/0202.2/0724.html
 * http://webapp5.rrz.uni-hamburg.de/SuSe-Dokumentation/packages/syslinux/pxelinux.txt

This will probably also come in handy:


 * https://help.ubuntu.com/community/LiveCDCustomization
 * https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes
 * http://cdimage.ubuntu.com/netboot/14.04/
 * http://cdimage.ubuntu.com/xubuntu/releases/14.04/release/

=Clients=

Any computer with the following:


 * 1) Wired network interface supporting PXE (check BIOS)
 * 2) Enough RAM to support kernel + RAMdisk (currently >1 GiB, will be more with Ubuntu)
 * 3) Architecture supported by install image (currently i386)

=Server=

Hardware
Little is needed. Intel P4, 1024GB RAM is adequate. More than can saturate available NIC is probably not useful. Enough storage for whichever exported filesystems we want. Two NICs allows updates and proxy / router operation.

PROBLEMS
Kept for nostalgia, the machine in question has gone missing:


 * GRUB is not properly installed, machine does not boot normally. Use grub-rescue prompt to boot:
 * http://gnu-linux.org/grub-rescue-commands.html
 * https://www.gnu.org/software/grub/manual/html_node/GRUB-only-offers-a-rescue-shell.html
 * https://www.gnu.org/software/grub/manual/html_node/Command_002dline-and-menu-entry-commands.html
 * This may be due to incorrect BIOS / bus settings. There are only 2 SATA connectors on the mobo, and the drive only shows as Second Master or Fourth Master IIRC...


 * Not currently configured to share internet access with DHCP clients.
 * use squid?


 * Synaptics touchpads don't seem to work with Trusty Tahr? Perhaps the iso is corrupt?
 * Nope, it's a known bug in Trusty: https://bugs.launchpad.net/bugs/1265885


 * Wishlist: set up an APT cache.
 * https://help.ubuntu.com/community/Apt-Cacher-Server
 * squid-deb-proxy

Software
DHCP server. Example uses isc-dhcp-server, dnsmasq is also alleged to work. TFTP server. For Debian this is tftpd-hpa. NFS server. nfs-kernel-server

Optionally: caching proxy server for updates. Squid or apt-cacher or similar. NOTE: we don't need to unpack and modify the iso files in order to use a proxy: DHCP option 252 defines proxy information for the client. See http://manpages.debian.org/cgi-bin/man.cgi?query=dhcpd&apropos=0&sektion=0&manpath=Debian+6.0+squeeze&format=html&locale=en under "OPTIONS" for more information.

OS
The examples here assume Debian Wheezy.

DHCP
isc-dhcp-server with configs as shown in Files.

TFTP
tftpd-hpa

http://releases.ubuntu.com/12.04.4/ubuntu-12.04.4-desktop-i386.iso http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-i386/current/images/netboot/

http://mirror.anl.gov/pub/ubuntu-iso/CDs-Xubuntu/14.04/release/xubuntu-14.04-desktop-i386.iso

mkdir -p /srv/tftp/ubuntu-livecd-boot/i386 mkdir -p /srv/ubuntu-livecd/i386 cp -av /media/cdrom/* /srv/ubuntu-livecd/i386 cp -av /media/cdrom/.disk /srv/ubuntu-livecd/i386 cp -av /media/cdrom/casper/initrd.lz /srv/tftp/ubuntu-livecd-boot/i386 cp -av /media/cdrom/casper/vmlinuz /srv/tftp/ubuntu-livecd-boot/i386
 * 1) extract files from image
 * 2) place files in tftpd directory

NOTE Only i386 works right now. Koanhead (talk)

NFS
nfs-kernel-server

network/interfaces
allow-hotplug eth0
 * 1) wired

iface pxesrv inet static address 192.168.0.1 netmask 255.255.255.0 iface uplink inet dhcp
 * 1) config for pxeserver interface
 * 1) config for uplink interface


 * 1) sample wifi config
 * 2) allow-hotplug wlan0
 * 3) iface wlan0 inet dhcp
 * 4)   wpa-ssid "FCSTEAMLAB"
 * 5)   wpa-psk "whateveritis"

This uses "logical interfaces" as in | the interfaces manpage, so the interfaces need to be brought up like ifup eth0=pxesrv for example.

Make sure that wicd or NetworkManager or similar automaticity is disabled, or your manual settings are likely to suddenly stop working...

default/
Edit isc-dhcp-server to specify which interface to use. Also found here is defaults for tftpd which so far do not need to be altered from what the package writes.

tftpd
TFTP_DIRECTORY="/srv/tftp"

isc-dhcp-server
INTERFACES="eth0"

dhcp/dhcpd.conf

 * 1) lines retained from default preceded by a comment (like this one)

ddns-update-style none;

option domain-name "installment.local"; option domain-name-servers 8.8.8.8, 4.4.2.1;
 * 1) option definitions common to all supported networks...

default-lease-time 600; max-lease-time 7200;

allow booting;

subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.3 192.168.0.127; option broadcast-address 192.168.0.255; option routers 192.168.0.1; filename "pxelinux.0"; }

group { next-server 192.168.0.1; host tftpclient { filename "pxelinux.0"; } }

exports
Config file for NFS. Run exportfs -a after editing this file.


 * 1) /etc/exports: the access control list for filesystems which may be exported
 * 2) 		to NFS clients. See exports(5).
 * 3) Example for NFSv2 and NFSv3:
 * 4) /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
 * 5) Example for NFSv4:
 * 6) /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
 * 7) /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
 * 1) /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
 * 2) /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)


 * 1) Live ubuntu i386

/srv/nfs/live-files/i386  *(ro,async,no_root_squash,no_subtree_check) /srv/nfs/live-files/amd64  *(ro,async,no_root_squash,no_subtree_check)

/srv/
Top-level of files to be served.

pxe/
pxelinux.0, menu files, and other PXE stuff lives here.

nfs/
files to be served live here, including ISO images.


 * xubuntu-14.04-i386.iso - downloaded ISO image.
 * tmpmnt/ Directory for loop-mounting the iso images. You could serve the mounted images, but I prefer to copy the files.