![Fai (Fully Automatic Installation) Version 4 Debian Wheezy install howto](https://www.secretisland.de/wp-content/uploads/2013/03/fai-logo.jpg)
Fai (Fully Automatic Installation) Version 4 Debian Wheezy install howto
FAI (Fully Automatic Installation) Version 4 Debian Wheezy Howto
Dieses Howto beschreibt wie man eine FAI Instanz unter Debian Wheezy installiert.
Benötigte wird ein Server oder VM mit Debian Wheezy.
In diesem Beispiel heißt der Server
fai-wheezy.dmz-home.secretisland.de mit der IP 192.168.254.101
und er ist per DNS erreichbar.
Benötigte FAI Pakete installieren
[stextbox id=“bash“]apt-get install esmtp-run sudo fai-server fai-setup-storage fai-quickstart[/stextbox]
Es werden noch einige andere Pakete installiert wie tftpd-hpa und isc-dhcp-server die für FAI benötigt werden.
Konfiguration des FAI live systems „FAI nfsroot“
FAI soll in unserm Beispiel von NFS booten dazu wurde bereits der nfs-kernel-server installiert.
In dem Verzeichnis /etc/fai werden alle Einstellungen für den FAI NFSROOT gesetzt. Und anschließend mit fai-setup in das NFSROOT übernommen.
Als erstes wird die Datei /etc/fai/fai.conf angepasst.
[stextbox id=“bash“]nano /etc/fai/fai.conf[/stextbox]
Orginal:
# See fai.conf(5) for detailed information. # Account for saving log files and calling fai-chboot. #LOGUSER=fai # URL to access the fai config space # If undefined, use default nfs://<install server>/$FAI_CONFIGDIR #FAI_CONFIG_SRC=nfs://yourservername/path/to/config/space
Bedeutung der Variablen:
- LOGUSER
Der User unter dem FAI versucht die Installations Logfiles auf den FAI Server zu kopieren. - FAI_CONFIG_SRC
Die Source wo die Konfigurationsdateien für die Installation der Clients sich befinden sollen.
Hier setzen wir die Variablen auf die gegebenen Servereinstellungen.
# See fai.conf(5) for detailed information. # Account for saving log files and calling fai-chboot. LOGUSER=fai # URL to access the fai config space # If undefined, use default nfs://<install server>/$FAI_CONFIGDIR FAI_CONFIG_SRC=nfs://fai-wheezy.dmz-home.secretisland.de/srv/fai/config
Die Variable $FAI_CONFIGDIR ist in der Datei /etc/fai/nfsroot.conf zu finden.
Als nächstes nehmen wir uns die Datei /etc/fai/nfsroot.conf vor.
[stextbox id=“bash“]nano /etc/fai/nfsroot.conf[/stextbox]
# For a detailed description see nfsroot.conf(5) # "<suite> <mirror>" for debootstrap FAI_DEBOOTSTRAP="wheezy http://http.debian.net/debian" FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1' SERVER=fai-wheezy.dmz-home.secretisland.de NFSROOT=/srv/fai/nfsroot TFTPROOT=/srv/tftp/fai NFSROOT_HOOKS=/etc/fai/nfsroot-hooks/ FAI_DEBOOTSTRAP_OPTS="--exclude=info" # Configuration space FAI_CONFIGDIR=/srv/fai/config
Bedeutung der Variablen:
- FAI_DEBOOTSTRAP
Die Quelle, aus der die von debootstrap benötigten Pakete bezogen werden können. Dies kann ein lokales Verzeichnis oder ein FTP- / HTTP-Server sein. Hier wird auch die Version des späteren NFSROOT bestimmt. - FAI_ROOTPW
Das verschlüsselte Passwort für den Systemadministrator. Vorgegeben ist das Passwort „fai“; ein verschlüsseltes Password kann aus der Datei /etc/shadow kopiert werden oder mit dem Programm makepasswd erzeugt werden. Mit diesem PW könnten Sie während der FAI Installation auf den zu installierenden Server mit SSH connecten. - SERVER
URL des FAI Servers wird an das NFSROOT dann angehängt (Änderung von mir) - NFSROOT
Das Installationsverzeichnis wo sich der NFSROOT befinden soll. - TFTPROOT
Das Verzeichnis wo sich der Kernel für den Netboot des live-systems befinden soll. - NFSROOT_HOOKS
in diesem Verzeichnis liegen bash-scripte die nach dem debootstrap ausgeführt werden - FAI_DEBOOTSTRAP_OPTS
Zusätzliche Parameter für die DEBOOTSTRAP Umgebung - FAI_CONFIGDIR
Das Verzeichnis wo die Konfigurationsdateien für die Installation der Clients sich befinden sollen.
Da in der Config das /etc/fai/nfsroot-hooks Verzeichnis angegeben ist sollte es auch noch erstellt werden. Leider ist es beim Debian Paket nicht automatisch dabei.
[stextbox id=“bash“]mkdir /etc/fai/nfsroot-hooks/[/stextbox]
In der Datei /etc/fai/apt/sources.list werden die Sources eingetragen. Diese Datei ist die sources.list, die nachher im Live-System vorhanden ist.
[stextbox id=“bash“]nano /etc/fai/apt/sources.list[/stextbox]
# These lines should work for many sites # A more comprehensive example is at /usr/share/doc/fai-doc/examples/etc deb http://http.debian.net/debian wheezy main contrib non-free deb http://security.debian.org/debian-security wheezy/updates main contrib non-free # repository that may contain newer fai packages for wheezy deb http://fai-project.org/download wheezy koeln
In die Datei /etc/fai/NFSROOT können noch weitere Pakte eingetragen werden die zur Erstellung des live-system benötigt werden.
zb. Spezielle Netzwerkkarten Treiber, oder ein Spezieller Kernel.
[stextbox id=“bash“]nano /etc/fai/NFSROOT[/stextbox]
# package list for creating the NFSROOT PACKAGES aptitude nfs-common fai-nfsroot module-init-tools ssh rdate lshw rpcbind rsync lftp less dump reiserfsprogs e2fsprogs usbutils hwinfo psmisc pciutils hdparm smartmontools parted mdadm lvm2 dnsutils ntpdate dosfstools xfsprogs xfsdump procinfo numactl dialog console-tools console-common iproute udev subversion xz-utils cupt # some network cards needs firmware firmware-bnx2 firmware-bnx2x firmware-realtek # dracut can replace live-boot dracut-network live-boot- live-boot-initramfs-tools- # squeeze also needs initramfs-tools, even with dracut #initramfs-tools # choose if you like live-boot or dracut inside the nfsroot #live-boot live-boot-doc # you should not edit the lines below # architecture dependend list of packages that are installed #git # git consumes a lot of disk space on the FAI CD (ISO 9660) PACKAGES aptitude I386 grub read-edid linux-image-686 # packages for Ubuntu natty/oneiric/precise: # linux-image-generic live-boot PACKAGES aptitude AMD64 grub linux-image-amd64 # packages for Ubuntu natty/oneiric/precise: # linux-image-generic live-boot # Pakete die sonst noch benoetigt werden sudo debian-keyring
Ich hab hier die Pakete sudo und debian-keyring aufgenommen.
Die Datei /etc/fai/live.conf enthält Einstellungen für das live initramfs. Dort musste ich nichts anpassen.
Erstellung des FAI Live-Systems „FAI nfsroot“
Nachdem alle Einstellungen gemacht wurden kann mit dem Befehl fai-setup das Live-System erstellt werden. Dies benötigt ein paar Minuten.
Falls schon mal das live-system erstellt wurde und etwas an den Config Dateien in /etc/fai geändert wurde, muss man fai-setup -f ausführen um es zu überschreiben.
Die Option -v gibt das ganze mit mehr infos aus.
[stextbox id=“bash“]fai-setup -v -f [/stextbox]
Warning: The home dir /var/log/fai you specified already exists. Adding system user `fai' (UID 104) ... Adding new user `fai' (UID 104) with group `nogroup' ... adduser: Warning: The home directory `/var/log/fai' does not belong to the user you are currently creating. The home directory `/var/log/fai' already exists. Not copying from `/etc/skel'. Generating public/private rsa key pair. Your identification has been saved in /var/log/fai/.ssh/id_rsa. Your public key has been saved in /var/log/fai/.ssh/id_rsa.pub. The key fingerprint is: bf:20:bc:af:41:95:ed:9d:ab:6a:c9:22:52:99:64:bd fai@fai-wheezy The key's randomart image is: +--[ RSA 2048]----+ | | | o | | . o . | | o .. . . . | | o o..S . o | | +oE . . | | . +.... . | | . . .++. o | | . .o=o.o | +-----------------+ Generating public/private dsa key pair. Your identification has been saved in /var/log/fai/.ssh/id_dsa. Your public key has been saved in /var/log/fai/.ssh/id_dsa.pub. The key fingerprint is: 8c:27:b3:09:8b:fe:41:4a:17:54:b0:34:eb:61:2b:39 fai@fai-wheezy The key's randomart image is: +--[ DSA 1024]----+ | =o. | | o + | | * | | + + o | | E * + S | | . B o * | | o o o | | . . | | ... | +-----------------+ Adding 192.168.254.101,fai-wheezy.dmz-home,fai-wheezy to known_hosts. /var/log/fai/.ssh/known_hosts created. /var/log/fai/.ssh/authorized_keys created. User account fai set up. Using configuration files from /etc/fai Creating FAI nfsroot in /srv/fai/nfsroot Creating base system using debootstrap version 1.0.44 Calling debootstrap --exclude=info wheezy /srv/fai/nfsroot http://http.debian.net/debian I: Retrieving InRelease I: Checking Release signature I: Valid Release signature (key id 9FED2BCBDCD29CDF762678CBAED4B06F473041FA) I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... I: Found additional required dependencies: insserv libbz2-1.0 libdb5.1 libsemanage-common libsemanage1 libslang2 libustr-1.0-1 I: Found additional base dependencies: libept1.4.12 libgcrypt11 libgnutls26 libgpg-error0 libidn11 libnfnetlink0 libp11-kit0 libsqlite3-0 libtasn1-3 libxapia22 I: Checking component main on http://http.debian.net/debian... I: Retrieving libacl1 . . . I: Base system installed successfully. Creating base.tar.xz ainsl: appending to /srv/fai/nfsroot/etc/hosts: 192.168.254.101 fai-wheezy.dmz-home fai-wheezy `/etc/resolv.conf' -> `/srv/fai/nfsroot/etc/resolv.conf-installserver' `/etc/resolv.conf' -> `/srv/fai/nfsroot/etc/resolv.conf' Upgrading /srv/fai/nfsroot Get:1 http://security.debian.org wheezy/updates InRelease [102 kB] Ign http://fai-project.org wheezy InRelease Get:2 http://fai-project.org wheezy Release.gpg [190 B] Get:3 http://fai-project.org wheezy Release [5003 B] Ign http://fai-project.org wheezy Release Get:4 http://security.debian.org wheezy/updates/main amd64 Packages [14 B] Get:5 http://fai-project.org wheezy/koeln amd64 Packages [4104 B] Get:6 http://security.debian.org wheezy/updates/contrib amd64 Packages [14 B] Get:7 http://security.debian.org wheezy/updates/non-free amd64 Packages [14 B] Get:8 http://http.debian.net wheezy InRelease [224 kB] Get:9 http://http.debian.net wheezy/contrib amd64 Packages [41.9 kB] Get:10 http://http.debian.net wheezy/main amd64 Packages/DiffIndex [7876 B] Get:11 http://http.debian.net wheezy/non-free amd64 Packages [80.9 kB] Fetched 466 kB in 18s (25.6 kB/s) Reading package lists... W: GPG error: http://fai-project.org wheezy Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY DC13E54AB9B66FD Reading package lists... Building dependency tree... Initializing package states... Writing extended state information... Reading task descriptions... The following NEW packages will be installed: dmsetup{a} fai-client{a} fai-nfsroot fai-setup-storage{a} file{a} libapt-pkg-perl{a} libcap2{a} libclass-isa-perl{a} libdevmapper1.02.1{a} libevent-2.0-5{a} libgssglue1{a} libk5crypto3{a} libkeyutils1{a} libkrb5-3{a} libkrb5support0{a} libldap-2.4-2{a} liblinux-lvm-perl{a} libmagic1{a} libnfsidmap2{a} libparse-recdescent-perl{a} libparted0debian1{a} libsasl2-2{a} libswitch-perl{a} libtirpc1{a} libwrap0{a} nfs-common parted{a} perl{a} perl-modules{a} rpcbind{a} syslinux-common{a} ucf{a} 0 packages upgraded, 32 newly installed, 0 to remove and 0 not upgraded. Need to get 12.1 MB of archives. After unpacking 44.9 MB will be used. Writing extended state information... Get: 1 http://http.debian.net/debian/ wheezy/main libcap2 amd64 1:2.22-1.2 [13.6 kB] . . . Get: 32 http://http.debian.net/debian/ wheezy/main libparse-recdescent-perl all 1.967009+dfsg-1 [172 kB] Fetched 12.1 MB in 22s (528 kB/s) Extracting templates from packages: 100% Preconfiguring packages ... Selecting previously unselected package libcap2:amd64. (Reading database ... 9283 files and directories currently installed.) Unpacking libcap2:amd64 (from .../libcap2_1%3a2.22-1.2_amd64.deb) ... Selecting previously unselected package libevent-2.0-5:amd64. . . . Setting up nfs-common (1:1.2.6-3) ... Creating config file /etc/idmapd.conf with new version Creating config file /etc/default/nfs-common with new version insserv: warning: script 'rcS.distrib' missing LSB tags and overrides Adding system user `statd' (UID 101) ... Adding new user `statd' (UID 101) with group `nogroup' ... Not creating home directory `/var/lib/nfs'. [....] Starting NFS common utilities: statd [warn] Not starting: portmapper is not running ... (warning). Setting up parted (2.3-12) ... Setting up dmsetup (2:1.02.74-6) ... Setting up libswitch-perl (2.16-2) ... Setting up perl-modules (5.14.2-20) ... Setting up perl (5.14.2-20) ... update-alternatives: using /usr/bin/prename to provide /usr/bin/rename (rename) in auto mode Setting up liblinux-lvm-perl (0.16-1) ... Setting up libparse-recdescent-perl (1.967009+dfsg-1) ... Setting up fai-client (4.0.6) ... Setting up fai-setup-storage (4.0.6) ... Setting up fai-nfsroot (4.0.6) ... update-alternatives: using /usr/bin/policy-rc.d.fai to provide /usr/sbin/policy-rc.d (policy-rc.d) in auto mode insserv: warning: script 'rcS.distrib' missing LSB tags and overrides Reading package lists... Building dependency tree... Reading state information... Reading extended state information... Initializing package states... Writing extended state information... Reading task descriptions... Reading package lists... Building dependency tree... Reading state information... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Adding additional packages to /srv/fai/nfsroot: nfs-common fai-nfsroot module-init-tools ssh rdate lshw rpcbind rsync lftp less dump reiserfsprogs e2fsprogs usbutils hwinfo psmisc pciutils hdparm smartmontols parted mdadm lvm2 dnsutils ntpdate dosfstools xfsprogs xfsdump procinfo numactl dialog console-tools console-common iproute udev subversion xz-utils cuptfirmware-bnx2 firmware-bnx2x firmware-realtek dracut-network live-boot- live-boot-initramfs-tools- grub linux-image-amd64 install_packages: reading config files from directory /etc/fai install_packages: read config file NFSROOT install_packages: executing chroot /srv/fai/nfsroot apt-get clean install_packages: executing chroot /srv/fai/nfsroot aptitude -R -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install nfs-common fi-nfsroot module-init-tools ssh rdate lshw rpcbind rsync lftp less dump reiserfsprogs e2fsprogs usbutils hwinfo psmisc pciutils hdparm smartmontools parted madm lvm2 dnsutils ntpdate dosfstools xfsprogs xfsdump procinfo numactl dialog console-tools console-common iproute udev subversion xz-utils cupt firmware-bnx firmware-bnx2x firmware-realtek dracut-network live-boot- live-boot-initramfs-tools- grub linux-image-amd64 Reading package lists... Building dependency tree... Reading state information... Reading extended state information... Initializing package states... Reading task descriptions... Note: selecting "grub-legacy" instead of the virtual package "grub" The following NEW packages will be installed: bind9-host{a} console-common console-data{a} console-tools{b} cupt dialog dnsutils dosfstools dracut{a} dracut-network dump firmware-bnx2 firmware-bnx2x firmware-realtek gettext-base{a} grub-common{a} grub-legacy hdparm hwinfo iputils-arping{a} kbd{ab} kpartx{a} less lftp libapr1{a} libaprutil1{a} libasprintf0c2{a} libbind9-80{a} libboost-program-options1.49.0{a} libbsd0{a} libcap-ng0{a} libconsole{a} libcupt2-0{a} libdbus-1-3{a} libdevmapper-event1.02.1{a} libdns88{a} libedit2{a} libexpat1{a} libfreetype6{a} libfuse2{a} libgeoip1{a} libgssapi-krb5-2{a} libhal1{a} libhd16{a} libisc84{a} libisccc80{a} libisccfg82{a} liblwres80{a} libneon27-gnutls{a} libnuma1{a} libpci3{a} libreadline5{a} libsvn1{a} libsysfs2{a} libusb-1.0-0{a} libuuid-perl{a} libxml2{a} linux-base{a} linux-image-3.2.0-4-amd64{a} linux-image-amd64 lshw lvm2 mdadm module-init-tools ntpdate numactl openssh-client{a} openssh-server{a} pciutils procinfo psmisc rdate reiserfsprogs rsync smartmontools ssh subversion usbutils xfsdump xfsprogs 0 packages upgraded, 80 newly installed, 0 to remove and 0 not upgraded. Need to get 47.2 MB of archives. After unpacking 166 MB will be used. The following packages have unmet dependencies: kbd : Conflicts: console-utilities which is a virtual package. console-tools : Conflicts: console-utilities which is a virtual package. The following actions will resolve these dependencies: Keep the following packages at their current version: 1) console-tools [Not Installed] The following NEW packages will be installed: bind9-host{a} console-common console-data{a} cupt dialog dnsutils dosfstools dracut{a} dracut-network dump firmware-bnx2 firmware-bnx2x firmware-realtek gettext-base{a} grub-common{a} grub-legacy hdparm hwinfo iputils-arping{a} kbd{a} kpartx{a} less lftp libapr1{a} libaprutil1{a} libasprintf0c2{a} libbind9-80{a} libboost-program-options1.49.0{a} libbsd0{a} libcap-ng0{a} libcupt2-0{a} libdbus-1-3{a} libdevmapper-event1.02.1{a} libdns88{a} libedit2{a} libexpat1{a} libfreetype6{a} libfuse2{a} libgeoip1{a} libgssapi-krb5-2{a} libhal1{a} libhd16{a} libisc84{a} libisccc80{a} libisccfg82{a} liblwres80{a} libneon27-gnutls{a} libnuma1{a} libpci3{a} libreadline5{a} libsvn1{a} libsysfs2{a} libusb-1.0-0{a} libuuid-perl{a} libxml2{a} linux-base{a} linux-image-3.2.0-4-amd64{a} linux-image-amd64 lshw lvm2 mdadm module-init-tools ntpdate numactl openssh-client{a} openssh-server{a} pciutils procinfo psmisc rdate reiserfsprogs rsync smartmontools ssh subversion usbutils xfsdump xfsprogs 0 packages upgraded, 78 newly installed, 0 to remove and 0 not upgraded. Need to get 46.7 MB of archives. After unpacking 165 MB will be used. Writing extended state information... Get: 1 http://http.debian.net/debian/ wheezy/main libasprintf0c2 amd64 0.18.1.1-9 [26.8 kB] . . . Get: 78 http://http.debian.net/debian/ wheezy/main reiserfsprogs amd64 1:3.6.21-1 [523 kB] Fetched 46.7 MB in 16s (2895 kB/s) Extracting templates from packages: 100% Preconfiguring packages ... Selecting previously unselected package libasprintf0c2:amd64. (Reading database ... 11435 files and directories currently installed.) Unpacking libasprintf0c2:amd64 (from .../libasprintf0c2_0.18.1.1-9_amd64.deb) ... . . . Looking for keymap to install: NONE Setting up kbd (1.15.3-9) ... insserv: warning: script 'rcS.distrib' missing LSB tags and overrides invoke-rc.d: policy-rc.d denied execution of start. Setting up console-common (0.7.87) ... Looking for keymap to install: NONE insserv: warning: script 'rcS.distrib' missing LSB tags and overrides invoke-rc.d: policy-rc.d denied execution of start. Setting up libdbus-1-3:amd64 (1.6.8-1) ... Setting up libdevmapper-event1.02.1:amd64 (2:1.02.74-6) ... Setting up libexpat1:amd64 (2.1.0-1) ... Setting up libfreetype6:amd64 (2.4.9-1.1) ... Setting up libfuse2:amd64 (2.9.0-2+deb7u1) ... Setting up libreadline5:amd64 (5.2+dfsg-1) ... Setting up libapr1 (1.4.6-3) ... Setting up libaprutil1 (1.4.1-3) ... Setting up libneon27-gnutls (0.29.6-3) ... Setting up libsvn1:amd64 (1.6.17dfsg-4) ... Setting up libsysfs2:amd64 (2.1.0+repack-2) ... Setting up libusb-1.0-0:amd64 (2:1.0.11-1) ... Setting up module-init-tools (9-2) ... Setting up libuuid-perl (0.02-5) ... Setting up linux-base (3.5) ... Setting up kpartx (0.4.9+git0.4dfdaf2b-6) ... Setting up dracut (020-2) ... dracut: Generating /boot/initrd.img-3.2.0-4-amd64 E: No '/dev/log' or 'logger' included for syslog logging Setting up linux-image-3.2.0-4-amd64 (3.2.39-2) ... Running depmod. Examining /etc/kernel/postinst.d. run-parts: executing /etc/kernel/postinst.d/dracut 3.2.0-4-amd64 /boot/vmlinuz-3.2.0-4-amd64 E: No '/dev/log' or 'logger' included for syslog logging Setting up ntpdate (1:4.2.6.p5+dfsg-2) ... . . . Reading package lists... Building dependency tree... Reading state information... Reading extended state information... Initializing package states... Writing extended state information... Reading task descriptions... install_packages: executing chroot /srv/fai/nfsroot apt-get clean install_packages: executing chroot /srv/fai/nfsroot dpkg --configure --pending install_packages: executing chroot /srv/fai/nfsroot dpkg -C install_packages: executing chroot /srv/fai/nfsroot apt-get clean install_packages exit code: 0 `/srv/fai/nfsroot/boot/vmlinuz-3.2.0-4-amd64' -> `/srv/tftp/fai/vmlinuz-3.2.0-4-amd64' `/srv/fai/nfsroot/boot/initrd.img-3.2.0-4-amd64' -> `/srv/tftp/fai/initrd.img-3.2.0-4-amd64' TFTP environment prepared. To use it, enable the dhcpd and start a TFTP daemon on root /srv/tftp/fai. FAI packages inside the nfsroot: fai-client 4.0.6 fai-nfsroot 4.0.6 fai-setup-storage 4.0.6 FAI related packages inside the nfsroot: dracut 020-2 dracut-network 020-2 Waiting for background jobs to finish [1]+ Done nice xz -q $NFSROOT/var/tmp/base.tar (wd: /srv/fai/nfsroot) fai-make-nfsroot finished properly. Log file written to /var/log/fai/fai-make-nfsroot.log Adding line to /etc/exports: /srv/fai/config 192.168.254.101/24(async,ro,no_subtree_check) Adding line to /etc/exports: /srv/fai/nfsroot 192.168.254.101/24(async,ro,no_subtree_check,no_root_squash) Re-exporting directories for NFS kernel daemon.... FAI setup finished. Log file written to /var/log/fai/fai-setup.log
Ein Logfile zur Installation der LIVE Umgebung befindet sich unter /var/log/fai/fai-make-nfsroot.log
FAI Log Verzeichnis die richtigen Rechte geben.
[stextbox id=“bash“]chown fai:nogroup /var/log/fai[/stextbox]
Leider wird bei fai-setup die fai.conf Datei im Live-System nicht angepasst. Dadurch startet die FAI Installation nicht richtig.
Wenn man dies aber editiert funktioniert es auch.
[stextbox id=“bash“]nano /srv/fai/nfsroot/etc/fai/fai.conf[/stextbox]
# See fai.conf(5) for detailed information. # Account for saving log files and calling fai-chboot. #LOGUSER=fai LOGUSER=fai # URL to access the fai config space # If undefined, use default nfs://<install server>/$FAI_CONFIGDIR #FAI_CONFIG_SRC=nfs://yourservername/path/to/config/space FAI_CONFIG_SRC=nfs://fai-wheezy.dmz-home.secretisland.de/srv/fai/config
Das Setup hat auch gleich die Einstellungen in der Datei /etc/exports für den NFS Server gemacht. Und ihn neu geladen. Dies sollte dann so ausschauen.
[stextbox id=“bash“]nano /etc/exports[/stextbox]
# /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /srv/fai/nfsroot 192.168.254.101/24(async,ro,no_subtree_check,no_root_squash) /srv/fai/config 192.168.254.101/24(async,ro,no_subtree_check)
Hier muss dann die IP Range angepasst werden damit die Clients auch das NFS mounten können.
Außerdem muss noch ein Mountpoint für /srv/nfs4 gesetzt werden. Sonst bekommt man beim Client boot einen Kernel Panic. Warum weiß ich nicht aber so gehts.
/srv/nfs4 192.168.254.0/24(ro,sync,fsid=0,crossmnt,no_subtree_check) /srv/fai/config 192.168.254.0/24(async,ro,no_subtree_check) /srv/fai/nfsroot 192.168.254.0/24(async,ro,no_subtree_check,no_root_squash)
und das Verzeichnis angelegt werden.
[stextbox id=“bash“]mkdir /srv/nsf4[/stextbox]
Dann den NFS Restarten
[stextbox id=“bash“]/etc/init.d/nfs-kernel-server restart[/stextbox]
Den TFTP Server anpassen
Die Config vom TFTP Server anpassen. Diese liegt unter /etc/default/tftpd-hpa
[stextbox id=“bash“]nano /etc/default/tftpd-hpa[/stextbox]
# /etc/default/tftpd-hpa TFTP_USERNAME="tftp" TFTP_DIRECTORY="/srv/tftp/fai" TFTP_ADDRESS="0.0.0.0:69" TFTP_OPTIONS="--secure"
Hier muss das TFTP_DIRECTORY auf den Pfad angepasst werden wo in der FAI Config der TFTPROOT angegeben ist.
[stextbox id=“bash“]/etc/init.d/tftpd-hpa restart[/stextbox]
Installation eines Clients
Bei Erstellung dieses HowTo´s ist mir aufgefallen das das fai-chboot Programm einen Fehler macht.
Dieser Patch behebt den Fehler.
[stextbox id=“bash“]nano /root/fai-chboot.patch[/stextbox]
--- /usr/sbin/fai-chboot_org 2013-03-17 16:38:01.519470172 +0100 +++ /usr/sbin/fai-chboot 2013-03-17 15:42:06.219470569 +0100 @@ -387,6 +387,9 @@ ($opt_S and $opt_I) && die "ERROR: use only one option out of -I and -S\n"; #TODO: also -e, -r and -c can't be used together +$server = `. $cfdir/nfsroot.conf 2>/dev/null; echo \$SERVER`; +chomp $server; + # read the nfsroot variable; a little bit ugly, but it works $nfsroot = `. $cfdir/nfsroot.conf 2>/dev/null; echo \$NFSROOT`; chomp $nfsroot; @@ -457,7 +460,7 @@ # create config so host will boot the install kernel $kernelname = "kernel vmlinuz-$kernelsuffix"; $initrd = "initrd=initrd.img-$kernelsuffix"; - $rootfs = "root=/dev/nfs nfsroot=$nfsroot $bopt"; + $rootfs = "root=/dev/nfs nfsroot=$server:$nfsroot $bopt"; $bootprot = "ip=dhcp "; } elsif ($opt_o) {
Patch als Datei
fai-chboot.patch
Patch anwenden
[stextbox id=“bash“]patch -Np1 -i /root/fai-chboot.patch /usr/sbin/fai-chboot[/stextbox]
Vor dem Patch schaut der Inhalt der Server Config für meinen test.dmz-home.secretisland.de so aus
[stextbox id=“bash“]cat /srv/tftp/fai/pxelinux.cfg/C0A8FEC8[/stextbox]
# generated by fai-chboot for host test.dmz-home.secretisland.de with IP 192.168.254.200 default fai-generated label fai-generated kernel vmlinuz-3.2.0-4-amd64 append initrd=initrd.img-3.2.0-4-amd64 ip=dhcp root=/dev/nfs nfsroot=/srv/fai/nfsroot aufs FAI_FLAGS=verbose,sshd,reboot FAI_ACTION=install
Danach so
[stextbox id=“bash“]cat /srv/tftp/fai/pxelinux.cfg/C0A8FEC8[/stextbox]
# generated by fai-chboot for host test.dmz-home.secretisland.de with IP 192.168.254.200 default fai-generated label fai-generated kernel vmlinuz-3.2.0-4-amd64 append initrd=initrd.img-3.2.0-4-amd64 ip=dhcp root=/dev/nfs nfsroot=fai-wheezy.dmz-home.secretisland.de:/srv/fai/nfsroot aufs FAI_FLAGS=verbose,sshd,reboot FAI_ACTION=install
Um den Test Server nun installieren zu lassen muss fai-chboot ausgeführt werden
[stextbox id=“bash“]fai-chboot -IBv test.dmz-home.secretisland.de[/stextbox]
Booting kernel vmlinuz-2.6.32-5-amd64 append initrd=initrd.img-2.6.32-5-amd64 ip=dhcp FAI_FLAGS=verbose,sshd,reboot test.dmz-home.secretisland.de has 192.168.254.200 in hex C0A8FEC8 Writing file /srv/tftp/fai/pxelinux.cfg/C0A8FEC8 for test.dmz-home.secretisland.de
Nun den Test Server starten und auf PXE BOOT einstellen.
Jetzt sollte am Monitor des Test Servers das ganze so ausschauen.
Mir ist noch aufgefallen bei meiner Installation das ich den ssh connect bestätigen muss. Dies kann man umgehen wenn man die Datei /var/log/fai/.ssh/known_hosts und /srv/fai/nfsroot/root/.ssh/known_hosts anpasst.
[stextbox id=“bash“]nano /var/log/fai/.ssh/known_hosts[/stextbox]
192.168.254.101,fai-wheezy.dmz-home,fai-wheezy ssh-dss AAAAB3N.... 192.168.254.101,fai-wheezy.dmz-home,fai-wheezy ssh-rsa AAAAB3N....
und den FQDN einfügen
192.168.254.101,fai-wheezy.dmz-home.secretisland.de,fai-wheezy.dmz-home,fai-wheezy ssh-dss AAAAB3N.... 192.168.254.101,fai-wheezy.dmz-home.secretisland.de,fai-wheezy.dmz-home,fai-wheezy ssh-rsa AAAAB3N....
Diese Änderung dann noch nach /srv/fai/nfsroot/root/.ssh/known_hosts kopieren.
[stextbox id=“bash“]cp /var/log/fai/.ssh/known_hosts /srv/fai/nfsroot/root/.ssh/known_hosts[/stextbox]
Viel Spaß
Danke.
Habe 2 Wochen lang vergeblich versucht das Ganze zum laufen zu bringen. Jetzt mit dieser Anleitung gehts!!!