LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Blogs > IsaacKuo
User Name
Password

Notices


Rating: 2 votes, 4.50 average.

Diskless PXE netboot How-To for Debian 8 Jessie

Posted 09-23-2016 at 03:15 PM by IsaacKuo
Updated 09-23-2016 at 03:53 PM by IsaacKuo

There are plenty of other diskless how-to sites out there, but I decided to post this one so it would fit in with my other similarly themed blog posts. Also, most other how-to's are a bit more complicated. This one is a simplistic setup for just one client workstation. You'd have to modify things in one way or another to handle multiple clients.

You can combine this How-To with my How-To for serving up tmpfs nfsroot on the server side. This could be useful if you want to make use of a couple used laptops which lack hard drive cables/caddy, but they do have gigabit ethernet and you have a spare USB thumbdrive to boot from. The server laptop can connect up to your LAN via WiFi, while acting as the dhcp/tftpd/etc server for the client laptop (you turn off its WiFi switch for simplicity).

In this how-to, I'm going to assume the server and client both start with traditional Debian 8 installs. The server is a laptop connected to the internet via WiFi; the client and server are connected to each other via ethernet cable (thus forming a small LAN).

STEP 1) SET UP DHCP FOR TINY LAN

On server, set up static IP address in /etc/network/interfaces with something like:
Code:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.111.1
netmask 255.255.255.0
Recycle eth0 with:

ifdown eth0
ifup eth0

Note that this address must NOT be in the range of the larger LAN that the server's WiFi is connecting to. If the larger LAN coincidentally happens to be 192.168.111.X, then change the tiny lan to something else. For example, change 192.168.111.X to 192.168.123.X.

Install DHCP server as well as other stuff which will be needed.
Code:
apt-get install tftpd-hpa syslinux pxelinux nfs-kernel-server isc-dhcp-server dnsmasq
Edit /etc/dhcp/dhcpd.conf to make your DHCP server authoritative and define the subnet:
Code:
authoritative;

subnet 192.168.111.0 netmask 255.255.255.0 {
  range 192.168.111.150 192.168.111.250;
  option domain-name-servers 192.168.111.1;
  option routers 192.168.111.1;
  next-server 192.168.111.1;
  allow bootp;
  allow booting;
  filename "pxelinux.0";
}
Again, it is important that the wider LAN be on a different subnet of addresses. Otherwise, this laptop will try to serve as DHCP server for the wider LAN. If you don't know whether or not you want this, you don't want this.

STEP 2) SET UP TFTP

Copy various files to the default TFTP directories with:
Code:
mkdir -p /srv/tftp /srv/nfs1
###cp -vax /srv/nfs1/boot/*.pxe /srv/tftp/ WE WILL DO THIS LATER
cp -vax /usr/lib/PXELINUX/pxelinux.o /srv/tftp/
cp -vax /usr/lib/syslinux/modules/bios/ldlinux.c32 /srv/tftp/
mkdir /srv/tftp/pxelinux.cfg
Create /srv/tftp/pxelinux.cfg/default so it looks like this:
Code:
default Debian
prompt 1
timeout 3
label Debian
kernel vmlinuz.pxe
append rw initrd=initrd.pxe root=/dev/nfs ip=dhcp nfsroot=192.168.111.1:/srv/nfs1
STEP 3) SET UP NFS SHARE
Add this line to /etc/exports:
Code:
/srv/nfs1 192.168.111.0/24(rw,async,no_subtree_check,no_root_squash)
Recycle daemons with:
Code:
systemctl restart isc-dhcp-server
systemctl restart tftpd-hpa
systemctl restart nfs-kernel-server
STEP 4) TRANSFER CLIENT OS TO NFS SHARE
On client, edit /etc/fstab to add:
Code:
192.168.111.1:/srv/nfs1     /srv/nfs1     nfs noauto,rw,users,exec 0 1
Copy over the OS with:
Code:
mkdir -p /srv/nfs1
mount /srv/nfs1
cp -vax /. /srv/nfs1/
mv -vi /srv/nfs1/boot/grub/grub.cfg /srv/nfs1/boot/grub/grub.cfg.MOVED
Moving grub.cfg makes it so that future kernel updates do NOT attempt to run "update-grub". If you don't do this, a future kernel update will attempt to run "update-grub", and it will fail because it can't find the canonical path of /.

STEP 5) MODIFY CLIENT OS FILES FOR NETWORK BOOTING
edit /srv/nfs1/etc/fstab by commenting out the "/" entry and adding these lines:
Code:
#192.168.111.1:/srv/nfs1 / nfs rw,noatime,nolock 1 1
/dev/nfs                 / nfs tcp,nolock 0 0
proc /proc    proc  defaults 0 0
none /tmp     tmpfs defaults 0 0
none /var/tmp tmpfs defaults 0 0
none /media   tmpfs defaults 0 0
none /var/log tmpfs defaults 0 0
Create an entry for eth0 in /srv/nfs1/etc/network/interfaces, if necessary:
Code:
iface eth0 inet dhcp
STEP 6) CREATE INITRD.IMG AND VMLINUZ
add the following line to /srv/nfs1/etc/initramfs-tools/initramfs.conf
Code:
BOOT=nfs
Now create initrd.pxe and vmlinuz.pxe with:
Code:
cd /srv/nfs1/
mkinitramfs -d etc/initramfs-tools -o boot/initrd.pxe
cp -vax boot/vmlinuz[TAB] boot/vmlinuz.pxe

STEP 7) COPY OVER INITRD.IMG AND VMLINUZ
On the server, copy over the generated files with:

Code:
cp -vax /srv/nfs1/boot/*.pxe /srv/tftp/
Note that we generated the files on the client computer. You can generate them on the server if they're running the same architecture/kernel/etc, but running it on the client generally reduces the chances of something weird happening.

STEP 8) REBOOT CLIENT

Everything on the Debian side of things should now be set up for PXE boot, but you'll have to fiddle with the client computer's BIOS settings or boot menu in order to boot from PXE. The way to do this varies from BIOS to BIOS. Usually, you have to specifically turn enable PXE booting in one place, in addition to placing PXE network boot in the boot priority list (this does NOT typically automatically enable PXE booting, even if it appears in this list). Good luck!

STEP 9) SET UP INTERNET GATEWAY

Hopefully, you now have a diskless client that successfully boots off of the server laptop. But the client does not have internet access yet. If the client is a laptop, you can do a quick fix by turning on WiFi on the client laptop and it should only try to communicate with the nfs server for the nfs share. But if the client is a desktop with only one network interface, or you want to keep things tightened up, you'll want to set up the server laptop as a router.

First edit /etc/sysctl.conf to allow IPv4 packet forwarding:
Code:
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
and run "sysctl -p" to get this change to take.

Set up iptables with something like:
Code:
iptables -F
iptables -t nat -F

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

iptables -A FORWARD -i eth0 -s 192.168.111.0/255.255.255.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

apt-get install iptables-persistent
netfilter-persistent save
Note that iptables-persistent is a package to persist the save the current iptables settings to be replicated upon boot. The command "netfilter-persistent save" saves the current iptables and ip6tables state.

MAINTENANCE

My kernel update notes for my other how-to's apply here also. Kernel updates can't update grub, not that PXE boot uses /boot at all anyway, so the point is moot. You'll have to manually copy over newly generated vmlinuz and initrd.img files over to /srv/tftp/initrd.pxe and /srv/tftp/vmlinuz.pxe.
Posted in Uncategorized
Views 11947 Comments 2
« Prev     Main     Next »
Total Comments 2

Comments

  1. Old Comment
    Notes on Debian 9 Stretch

    one quick initial note on Debian 9 Stretch:

    When upgrading from Debian 8 to Debian 9, it will want to update grub-pc. It will fail, because it will try to run update-grub even if /boot/grub/grub.cfg does not exist. More generally, my trick of renaming (or erasing) /boot/grub/grub.cfg might not work any more. It seems to try to run update-grub regardless of whether or not grub.cfg exists.

    So, instead of using this trick to prevent trying and failing update-grub (fails when it can't find the root canonical path), do this instead:

    After booting up into the PXE Netboot machine, uninstall grub-pc with:

    Code:
    apt-get remove grub-pc
    apt-get autoremove --purge
    If you don't do this, then it's not really a problem. It's just that every time you do an update or install software with apt-get, it will complain that it can't finish installing grub-pc. If you don't mind the annoyance of this every time, you can just leave grub-pc semi-installed.
    Posted 06-22-2017 at 08:45 AM by IsaacKuo IsaacKuo is offline
  2. Old Comment
    BTW, I confirm this how-to still works in Debian 10 Buster.
    Posted 07-19-2019 at 05:17 PM by IsaacKuo IsaacKuo is offline
 

  



All times are GMT -5. The time now is 04:00 AM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration