Fai (Fully Automatic Installation) Version 4 Debian Wheezy install howto

Fai (Fully Automatic Installation) Version 4 Debian Wheezy install howto

Posted on Veröffentlicht in Fai 1 Comment Tagged with ,

FAI (Fully Automatic Installation) Version 4 Debian Wheezy Howto

 

Dieses Howto beschreibt wie man eine FAI Instanz unter Debian Wheezy installiert.

Benötigte wird ein Server oder VM mit Debian Wheezy.
In diesem Beispiel heißt der Server
fai-wheezy.dmz-home.secretisland.de mit der IP 192.168.254.101
und er ist per DNS erreichbar.

Benötigte FAI Pakete installieren
[stextbox id=“bash“]apt-get install esmtp-run sudo fai-server fai-setup-storage fai-quickstart[/stextbox]

Es werden noch einige andere Pakete installiert wie tftpd-hpa und isc-dhcp-server die für FAI benötigt werden.

 

Konfiguration des FAI live systems „FAI nfsroot“

FAI soll in unserm Beispiel von NFS booten dazu wurde bereits der nfs-kernel-server installiert.

In dem Verzeichnis /etc/fai werden alle Einstellungen für den FAI NFSROOT gesetzt. Und anschließend mit fai-setup in das NFSROOT übernommen.
Als erstes wird die Datei /etc/fai/fai.conf angepasst.
[stextbox id=“bash“]nano /etc/fai/fai.conf[/stextbox]
Orginal:

# See fai.conf(5) for detailed information.

# Account for saving log files and calling fai-chboot.
#LOGUSER=fai

# URL to access the fai config space
# If undefined, use default nfs://<install server>/$FAI_CONFIGDIR
#FAI_CONFIG_SRC=nfs://yourservername/path/to/config/space

Bedeutung der Variablen:

  • LOGUSER
    Der User unter dem FAI versucht die Installations Logfiles auf den FAI Server zu kopieren.
  • FAI_CONFIG_SRC
    Die Source wo die Konfigurationsdateien für die Installation der Clients sich befinden sollen.

Hier setzen wir die Variablen auf die gegebenen Servereinstellungen.

# See fai.conf(5) for detailed information.

# Account for saving log files and calling fai-chboot.
LOGUSER=fai

# URL to access the fai config space
# If undefined, use default nfs://<install server>/$FAI_CONFIGDIR
FAI_CONFIG_SRC=nfs://fai-wheezy.dmz-home.secretisland.de/srv/fai/config

Die Variable $FAI_CONFIGDIR ist in der Datei /etc/fai/nfsroot.conf zu finden.

Als nächstes nehmen wir uns die Datei /etc/fai/nfsroot.conf vor.
[stextbox id=“bash“]nano /etc/fai/nfsroot.conf[/stextbox]

# For a detailed description see nfsroot.conf(5)

# "<suite> <mirror>" for debootstrap
FAI_DEBOOTSTRAP="wheezy http://http.debian.net/debian"
FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'

SERVER=fai-wheezy.dmz-home.secretisland.de
NFSROOT=/srv/fai/nfsroot
TFTPROOT=/srv/tftp/fai
NFSROOT_HOOKS=/etc/fai/nfsroot-hooks/
FAI_DEBOOTSTRAP_OPTS="--exclude=info"

# Configuration space
FAI_CONFIGDIR=/srv/fai/config

Bedeutung der Variablen:

  • FAI_DEBOOTSTRAP
    Die Quelle, aus der die von debootstrap benötigten Pakete bezogen werden können. Dies kann ein lokales Verzeichnis oder ein FTP- / HTTP-Server sein. Hier wird auch die Version des späteren NFSROOT bestimmt.
  • FAI_ROOTPW
    Das verschlüsselte Passwort für den Systemadministrator. Vorgegeben ist das Passwort „fai“; ein verschlüsseltes Password kann aus der Datei /etc/shadow kopiert werden oder mit dem Programm makepasswd erzeugt werden. Mit diesem PW könnten Sie während der FAI Installation auf den zu installierenden Server mit SSH connecten.
  • SERVER
    URL des FAI Servers wird an das NFSROOT dann angehängt (Änderung von mir)
  • NFSROOT
    Das Installationsverzeichnis wo sich der NFSROOT befinden soll.
  • TFTPROOT
    Das Verzeichnis wo sich der Kernel für den Netboot des live-systems befinden soll.
  • NFSROOT_HOOKS
    in diesem Verzeichnis liegen bash-scripte die nach dem debootstrap ausgeführt werden
  • FAI_DEBOOTSTRAP_OPTS
    Zusätzliche Parameter für die DEBOOTSTRAP Umgebung
  • FAI_CONFIGDIR
    Das Verzeichnis wo die Konfigurationsdateien für die Installation der Clients sich befinden sollen.

Da in der Config das /etc/fai/nfsroot-hooks Verzeichnis angegeben ist sollte es auch noch erstellt werden. Leider ist es beim Debian Paket nicht automatisch dabei.

[stextbox id=“bash“]mkdir /etc/fai/nfsroot-hooks/[/stextbox]

 

In der Datei /etc/fai/apt/sources.list werden die Sources eingetragen. Diese Datei ist die sources.list, die nachher im Live-System vorhanden ist.

[stextbox id=“bash“]nano /etc/fai/apt/sources.list[/stextbox]

# These lines should work for many sites
# A more comprehensive example is at /usr/share/doc/fai-doc/examples/etc

deb http://http.debian.net/debian wheezy main contrib non-free
deb http://security.debian.org/debian-security wheezy/updates main contrib non-free

# repository that may contain newer fai packages for wheezy
deb http://fai-project.org/download wheezy koeln

In die Datei /etc/fai/NFSROOT können noch weitere Pakte eingetragen werden die zur Erstellung des live-system benötigt werden.
zb. Spezielle Netzwerkkarten Treiber, oder ein Spezieller Kernel.
[stextbox id=“bash“]nano /etc/fai/NFSROOT[/stextbox]

# package list for creating the NFSROOT

PACKAGES aptitude
nfs-common fai-nfsroot module-init-tools ssh rdate lshw rpcbind
rsync lftp less dump reiserfsprogs e2fsprogs usbutils
hwinfo psmisc pciutils hdparm smartmontools parted mdadm lvm2
dnsutils ntpdate dosfstools xfsprogs xfsdump
procinfo numactl dialog
console-tools console-common
iproute udev subversion
xz-utils
cupt

# some network cards needs firmware
firmware-bnx2 firmware-bnx2x firmware-realtek

# dracut can replace live-boot
dracut-network live-boot- live-boot-initramfs-tools-

# squeeze also needs initramfs-tools, even with dracut
#initramfs-tools

# choose if you like live-boot or dracut inside the nfsroot
#live-boot live-boot-doc

# you should not edit the lines below
# architecture dependend list of packages that are installed

#git # git consumes a lot of disk space on the FAI CD (ISO 9660)

PACKAGES aptitude I386
grub read-edid
linux-image-686

# packages for Ubuntu natty/oneiric/precise:
# linux-image-generic live-boot

PACKAGES aptitude AMD64
grub
linux-image-amd64

# packages for Ubuntu natty/oneiric/precise:
# linux-image-generic live-boot

# Pakete die sonst noch benoetigt werden
sudo debian-keyring

Ich hab hier die Pakete sudo und debian-keyring aufgenommen.

Die Datei /etc/fai/live.conf enthält Einstellungen für das live initramfs. Dort musste ich nichts anpassen.

Erstellung des FAI Live-Systems „FAI nfsroot“

Nachdem alle Einstellungen gemacht wurden kann mit dem Befehl fai-setup das Live-System erstellt werden. Dies benötigt ein paar Minuten.

Falls schon mal das live-system erstellt wurde und etwas an den Config Dateien in /etc/fai geändert wurde, muss man fai-setup -f ausführen um es zu überschreiben.
Die Option -v gibt das ganze mit mehr infos aus.
[stextbox id=“bash“]fai-setup -v -f [/stextbox]

Warning: The home dir /var/log/fai you specified already exists.
Adding system user `fai' (UID 104) ...
Adding new user `fai' (UID 104) with group `nogroup' ...
adduser: Warning: The home directory `/var/log/fai' does not belong to the user you are currently creating.
The home directory `/var/log/fai' already exists.  Not copying from `/etc/skel'.
Generating public/private rsa key pair.
Your identification has been saved in /var/log/fai/.ssh/id_rsa.
Your public key has been saved in /var/log/fai/.ssh/id_rsa.pub.
The key fingerprint is:
bf:20:bc:af:41:95:ed:9d:ab:6a:c9:22:52:99:64:bd fai@fai-wheezy
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|         o       |
|     .  o .      |
|    o .. . . .   |
|   o o..S . o    |
|    +oE  .   .   |
|   .  +.... .    |
|  . . .++. o     |
|   . .o=o.o      |
+-----------------+
Generating public/private dsa key pair.
Your identification has been saved in /var/log/fai/.ssh/id_dsa.
Your public key has been saved in /var/log/fai/.ssh/id_dsa.pub.
The key fingerprint is:
8c:27:b3:09:8b:fe:41:4a:17:54:b0:34:eb:61:2b:39 fai@fai-wheezy
The key's randomart image is:
+--[ DSA 1024]----+
|    =o.          |
|   o +           |
|    *            |
|   + + o         |
|  E * + S        |
| . B o *         |
|  o o o          |
| .   .           |
|  ...            |
+-----------------+
Adding 192.168.254.101,fai-wheezy.dmz-home,fai-wheezy to known_hosts.
/var/log/fai/.ssh/known_hosts created.
/var/log/fai/.ssh/authorized_keys created.
User account fai set up.
Using configuration files from /etc/fai
Creating FAI nfsroot in /srv/fai/nfsroot
Creating base system using debootstrap version 1.0.44
Calling debootstrap --exclude=info wheezy /srv/fai/nfsroot http://http.debian.net/debian
I: Retrieving InRelease
I: Checking Release signature
I: Valid Release signature (key id 9FED2BCBDCD29CDF762678CBAED4B06F473041FA)
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
I: Found additional required dependencies: insserv libbz2-1.0 libdb5.1 libsemanage-common libsemanage1 libslang2 libustr-1.0-1
I: Found additional base dependencies: libept1.4.12 libgcrypt11 libgnutls26 libgpg-error0 libidn11 libnfnetlink0 libp11-kit0 libsqlite3-0 libtasn1-3 libxapia22
I: Checking component main on http://http.debian.net/debian...
I: Retrieving libacl1
.
.
.
I: Base system installed successfully.
Creating base.tar.xz
ainsl: appending to /srv/fai/nfsroot/etc/hosts: 192.168.254.101 fai-wheezy.dmz-home fai-wheezy
`/etc/resolv.conf' -> `/srv/fai/nfsroot/etc/resolv.conf-installserver'
`/etc/resolv.conf' -> `/srv/fai/nfsroot/etc/resolv.conf'
Upgrading /srv/fai/nfsroot

Get:1 http://security.debian.org wheezy/updates InRelease [102 kB]
Ign http://fai-project.org wheezy InRelease
Get:2 http://fai-project.org wheezy Release.gpg [190 B]
Get:3 http://fai-project.org wheezy Release [5003 B]
Ign http://fai-project.org wheezy Release
Get:4 http://security.debian.org wheezy/updates/main amd64 Packages [14 B]
Get:5 http://fai-project.org wheezy/koeln amd64 Packages [4104 B]
Get:6 http://security.debian.org wheezy/updates/contrib amd64 Packages [14 B]
Get:7 http://security.debian.org wheezy/updates/non-free amd64 Packages [14 B]
Get:8 http://http.debian.net wheezy InRelease [224 kB]
Get:9 http://http.debian.net wheezy/contrib amd64 Packages [41.9 kB]
Get:10 http://http.debian.net wheezy/main amd64 Packages/DiffIndex [7876 B]
Get:11 http://http.debian.net wheezy/non-free amd64 Packages [80.9 kB]
Fetched 466 kB in 18s (25.6 kB/s)
Reading package lists...
W: GPG error: http://fai-project.org wheezy Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY DC13E54AB9B66FD
Reading package lists...
Building dependency tree...
Initializing package states...
Writing extended state information...
Reading task descriptions...
The following NEW packages will be installed:
  dmsetup{a} fai-client{a} fai-nfsroot fai-setup-storage{a} file{a}
  libapt-pkg-perl{a} libcap2{a} libclass-isa-perl{a} libdevmapper1.02.1{a}
  libevent-2.0-5{a} libgssglue1{a} libk5crypto3{a} libkeyutils1{a}
  libkrb5-3{a} libkrb5support0{a} libldap-2.4-2{a} liblinux-lvm-perl{a}
  libmagic1{a} libnfsidmap2{a} libparse-recdescent-perl{a}
  libparted0debian1{a} libsasl2-2{a} libswitch-perl{a} libtirpc1{a}
  libwrap0{a} nfs-common parted{a} perl{a} perl-modules{a} rpcbind{a}
  syslinux-common{a} ucf{a}
0 packages upgraded, 32 newly installed, 0 to remove and 0 not upgraded.
Need to get 12.1 MB of archives. After unpacking 44.9 MB will be used.
Writing extended state information...
Get: 1 http://http.debian.net/debian/ wheezy/main libcap2 amd64 1:2.22-1.2 [13.6 kB]
.
.
.
Get: 32 http://http.debian.net/debian/ wheezy/main libparse-recdescent-perl all 1.967009+dfsg-1 [172 kB]
Fetched 12.1 MB in 22s (528 kB/s)
Extracting templates from packages: 100%
Preconfiguring packages ...
Selecting previously unselected package libcap2:amd64.
(Reading database ... 9283 files and directories currently installed.)
Unpacking libcap2:amd64 (from .../libcap2_1%3a2.22-1.2_amd64.deb) ...
Selecting previously unselected package libevent-2.0-5:amd64.
.
.
.
Setting up nfs-common (1:1.2.6-3) ...

Creating config file /etc/idmapd.conf with new version

Creating config file /etc/default/nfs-common with new version
insserv: warning: script 'rcS.distrib' missing LSB tags and overrides
Adding system user `statd' (UID 101) ...
Adding new user `statd' (UID 101) with group `nogroup' ...
Not creating home directory `/var/lib/nfs'.
[....] Starting NFS common utilities: statd
[warn] Not starting: portmapper is not running ... (warning).
Setting up parted (2.3-12) ...
Setting up dmsetup (2:1.02.74-6) ...
Setting up libswitch-perl (2.16-2) ...
Setting up perl-modules (5.14.2-20) ...
Setting up perl (5.14.2-20) ...
update-alternatives: using /usr/bin/prename to provide /usr/bin/rename (rename) in auto mode
Setting up liblinux-lvm-perl (0.16-1) ...
Setting up libparse-recdescent-perl (1.967009+dfsg-1) ...
Setting up fai-client (4.0.6) ...
Setting up fai-setup-storage (4.0.6) ...
Setting up fai-nfsroot (4.0.6) ...
update-alternatives: using /usr/bin/policy-rc.d.fai to provide /usr/sbin/policy-rc.d (policy-rc.d) in auto mode
insserv: warning: script 'rcS.distrib' missing LSB tags and overrides
Reading package lists...
Building dependency tree...
Reading state information...
Reading extended state information...
Initializing package states...
Writing extended state information...
Reading task descriptions...
Reading package lists...
Building dependency tree...
Reading state information...
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Adding additional packages to /srv/fai/nfsroot:
nfs-common fai-nfsroot module-init-tools ssh rdate lshw rpcbind rsync lftp less dump reiserfsprogs e2fsprogs usbutils hwinfo psmisc pciutils hdparm smartmontols parted mdadm lvm2 dnsutils ntpdate dosfstools xfsprogs xfsdump procinfo numactl dialog console-tools console-common iproute udev subversion xz-utils cuptfirmware-bnx2 firmware-bnx2x firmware-realtek dracut-network live-boot- live-boot-initramfs-tools- grub linux-image-amd64
install_packages: reading config files from directory /etc/fai
install_packages: read config file NFSROOT
install_packages: executing chroot /srv/fai/nfsroot apt-get clean
install_packages: executing chroot /srv/fai/nfsroot aptitude -R -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install nfs-common fi-nfsroot module-init-tools ssh rdate lshw rpcbind rsync lftp less dump reiserfsprogs e2fsprogs usbutils hwinfo psmisc pciutils hdparm smartmontools parted madm lvm2 dnsutils ntpdate dosfstools xfsprogs xfsdump procinfo numactl dialog console-tools console-common iproute udev subversion xz-utils cupt firmware-bnx firmware-bnx2x firmware-realtek dracut-network live-boot- live-boot-initramfs-tools- grub linux-image-amd64
Reading package lists...
Building dependency tree...
Reading state information...
Reading extended state information...
Initializing package states...
Reading task descriptions...
Note: selecting "grub-legacy" instead of the
      virtual package "grub"
The following NEW packages will be installed:
  bind9-host{a} console-common console-data{a} console-tools{b} cupt dialog
  dnsutils dosfstools dracut{a} dracut-network dump firmware-bnx2
  firmware-bnx2x firmware-realtek gettext-base{a} grub-common{a}
  grub-legacy hdparm hwinfo iputils-arping{a} kbd{ab} kpartx{a} less lftp
  libapr1{a} libaprutil1{a} libasprintf0c2{a} libbind9-80{a}
  libboost-program-options1.49.0{a} libbsd0{a} libcap-ng0{a} libconsole{a}
  libcupt2-0{a} libdbus-1-3{a} libdevmapper-event1.02.1{a} libdns88{a}
  libedit2{a} libexpat1{a} libfreetype6{a} libfuse2{a} libgeoip1{a}
  libgssapi-krb5-2{a} libhal1{a} libhd16{a} libisc84{a} libisccc80{a}
  libisccfg82{a} liblwres80{a} libneon27-gnutls{a} libnuma1{a} libpci3{a}
  libreadline5{a} libsvn1{a} libsysfs2{a} libusb-1.0-0{a} libuuid-perl{a}
  libxml2{a} linux-base{a} linux-image-3.2.0-4-amd64{a} linux-image-amd64
  lshw lvm2 mdadm module-init-tools ntpdate numactl openssh-client{a}
  openssh-server{a} pciutils procinfo psmisc rdate reiserfsprogs rsync
  smartmontools ssh subversion usbutils xfsdump xfsprogs
0 packages upgraded, 80 newly installed, 0 to remove and 0 not upgraded.
Need to get 47.2 MB of archives. After unpacking 166 MB will be used.
The following packages have unmet dependencies:
 kbd : Conflicts: console-utilities which is a virtual package.
 console-tools : Conflicts: console-utilities which is a virtual package.
The following actions will resolve these dependencies:

     Keep the following packages at their current version:
1)     console-tools [Not Installed]

The following NEW packages will be installed:
  bind9-host{a} console-common console-data{a} cupt dialog dnsutils
  dosfstools dracut{a} dracut-network dump firmware-bnx2 firmware-bnx2x
  firmware-realtek gettext-base{a} grub-common{a} grub-legacy hdparm hwinfo
  iputils-arping{a} kbd{a} kpartx{a} less lftp libapr1{a} libaprutil1{a}
  libasprintf0c2{a} libbind9-80{a} libboost-program-options1.49.0{a}
  libbsd0{a} libcap-ng0{a} libcupt2-0{a} libdbus-1-3{a}
  libdevmapper-event1.02.1{a} libdns88{a} libedit2{a} libexpat1{a}
  libfreetype6{a} libfuse2{a} libgeoip1{a} libgssapi-krb5-2{a} libhal1{a}
  libhd16{a} libisc84{a} libisccc80{a} libisccfg82{a} liblwres80{a}
  libneon27-gnutls{a} libnuma1{a} libpci3{a} libreadline5{a} libsvn1{a}
  libsysfs2{a} libusb-1.0-0{a} libuuid-perl{a} libxml2{a} linux-base{a}
  linux-image-3.2.0-4-amd64{a} linux-image-amd64 lshw lvm2 mdadm
  module-init-tools ntpdate numactl openssh-client{a} openssh-server{a}
  pciutils procinfo psmisc rdate reiserfsprogs rsync smartmontools ssh
  subversion usbutils xfsdump xfsprogs
0 packages upgraded, 78 newly installed, 0 to remove and 0 not upgraded.
Need to get 46.7 MB of archives. After unpacking 165 MB will be used.
Writing extended state information...
Get: 1 http://http.debian.net/debian/ wheezy/main libasprintf0c2 amd64 0.18.1.1-9 [26.8 kB]
.
.
.
Get: 78 http://http.debian.net/debian/ wheezy/main reiserfsprogs amd64 1:3.6.21-1 [523 kB]
Fetched 46.7 MB in 16s (2895 kB/s)
Extracting templates from packages: 100%
Preconfiguring packages ...
Selecting previously unselected package libasprintf0c2:amd64.
(Reading database ... 11435 files and directories currently installed.)
Unpacking libasprintf0c2:amd64 (from .../libasprintf0c2_0.18.1.1-9_amd64.deb) ...
.
.
.
Looking for keymap to install:
NONE
Setting up kbd (1.15.3-9) ...
insserv: warning: script 'rcS.distrib' missing LSB tags and overrides
invoke-rc.d: policy-rc.d denied execution of start.
Setting up console-common (0.7.87) ...
Looking for keymap to install:
NONE
insserv: warning: script 'rcS.distrib' missing LSB tags and overrides
invoke-rc.d: policy-rc.d denied execution of start.
Setting up libdbus-1-3:amd64 (1.6.8-1) ...
Setting up libdevmapper-event1.02.1:amd64 (2:1.02.74-6) ...
Setting up libexpat1:amd64 (2.1.0-1) ...
Setting up libfreetype6:amd64 (2.4.9-1.1) ...
Setting up libfuse2:amd64 (2.9.0-2+deb7u1) ...
Setting up libreadline5:amd64 (5.2+dfsg-1) ...
Setting up libapr1 (1.4.6-3) ...
Setting up libaprutil1 (1.4.1-3) ...
Setting up libneon27-gnutls (0.29.6-3) ...
Setting up libsvn1:amd64 (1.6.17dfsg-4) ...
Setting up libsysfs2:amd64 (2.1.0+repack-2) ...
Setting up libusb-1.0-0:amd64 (2:1.0.11-1) ...
Setting up module-init-tools (9-2) ...
Setting up libuuid-perl (0.02-5) ...
Setting up linux-base (3.5) ...
Setting up kpartx (0.4.9+git0.4dfdaf2b-6) ...
Setting up dracut (020-2) ...
dracut: Generating /boot/initrd.img-3.2.0-4-amd64
E: No '/dev/log' or 'logger' included for syslog logging
Setting up linux-image-3.2.0-4-amd64 (3.2.39-2) ...
Running depmod.
Examining /etc/kernel/postinst.d.
run-parts: executing /etc/kernel/postinst.d/dracut 3.2.0-4-amd64 /boot/vmlinuz-3.2.0-4-amd64
E: No '/dev/log' or 'logger' included for syslog logging
Setting up ntpdate (1:4.2.6.p5+dfsg-2) ...
.
.
.
Reading package lists...
Building dependency tree...
Reading state information...
Reading extended state information...
Initializing package states...
Writing extended state information...
Reading task descriptions...
install_packages: executing chroot /srv/fai/nfsroot apt-get clean
install_packages: executing chroot /srv/fai/nfsroot dpkg --configure --pending
install_packages: executing chroot /srv/fai/nfsroot dpkg -C
install_packages: executing chroot /srv/fai/nfsroot apt-get clean
install_packages exit code: 0
`/srv/fai/nfsroot/boot/vmlinuz-3.2.0-4-amd64' -> `/srv/tftp/fai/vmlinuz-3.2.0-4-amd64'
`/srv/fai/nfsroot/boot/initrd.img-3.2.0-4-amd64' -> `/srv/tftp/fai/initrd.img-3.2.0-4-amd64'
TFTP environment prepared. To use it, enable the dhcpd and start a TFTP daemon on root /srv/tftp/fai.
FAI packages inside the nfsroot:
fai-client         4.0.6
fai-nfsroot        4.0.6
fai-setup-storage  4.0.6
FAI related packages inside the nfsroot:
dracut             020-2
dracut-network     020-2
Waiting for background jobs to finish
[1]+  Done                    nice xz -q $NFSROOT/var/tmp/base.tar  (wd: /srv/fai/nfsroot)
fai-make-nfsroot finished properly.
Log file written to /var/log/fai/fai-make-nfsroot.log
Adding line to /etc/exports: /srv/fai/config 192.168.254.101/24(async,ro,no_subtree_check)
Adding line to /etc/exports: /srv/fai/nfsroot 192.168.254.101/24(async,ro,no_subtree_check,no_root_squash)
Re-exporting directories for NFS kernel daemon....
FAI setup finished.
Log file written to /var/log/fai/fai-setup.log

Ein Logfile zur Installation der LIVE Umgebung befindet sich unter /var/log/fai/fai-make-nfsroot.log

FAI Log Verzeichnis die richtigen Rechte geben.

[stextbox id=“bash“]chown fai:nogroup /var/log/fai[/stextbox]

 

Leider wird bei fai-setup die fai.conf Datei im Live-System nicht angepasst. Dadurch startet die FAI Installation nicht richtig.

fai4-fehler1

Wenn man dies aber editiert funktioniert es auch.
[stextbox id=“bash“]nano /srv/fai/nfsroot/etc/fai/fai.conf[/stextbox]

# See fai.conf(5) for detailed information.

# Account for saving log files and calling fai-chboot.
#LOGUSER=fai
LOGUSER=fai

# URL to access the fai config space
# If undefined, use default nfs://<install server>/$FAI_CONFIGDIR
#FAI_CONFIG_SRC=nfs://yourservername/path/to/config/space
FAI_CONFIG_SRC=nfs://fai-wheezy.dmz-home.secretisland.de/srv/fai/config

Das Setup hat auch gleich die Einstellungen in der Datei /etc/exports für den NFS Server gemacht. Und ihn neu geladen. Dies sollte dann so ausschauen.

[stextbox id=“bash“]nano /etc/exports[/stextbox]

# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#
/srv/fai/nfsroot 192.168.254.101/24(async,ro,no_subtree_check,no_root_squash)
/srv/fai/config 192.168.254.101/24(async,ro,no_subtree_check)

Hier muss dann die IP Range angepasst werden damit die Clients auch das NFS mounten können.
Außerdem muss noch ein Mountpoint für /srv/nfs4 gesetzt werden. Sonst bekommt man beim Client boot einen Kernel Panic. Warum weiß ich nicht aber so gehts.

/srv/nfs4               192.168.254.0/24(ro,sync,fsid=0,crossmnt,no_subtree_check)
/srv/fai/config         192.168.254.0/24(async,ro,no_subtree_check)
/srv/fai/nfsroot        192.168.254.0/24(async,ro,no_subtree_check,no_root_squash)

und das Verzeichnis angelegt werden.
[stextbox id=“bash“]mkdir /srv/nsf4[/stextbox]

Dann den NFS Restarten

[stextbox id=“bash“]/etc/init.d/nfs-kernel-server restart[/stextbox]

Den TFTP Server anpassen

Die Config vom TFTP Server anpassen. Diese liegt unter /etc/default/tftpd-hpa
[stextbox id=“bash“]nano /etc/default/tftpd-hpa[/stextbox]

# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp/fai"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"

Hier muss das TFTP_DIRECTORY auf den Pfad angepasst werden wo in der FAI Config der TFTPROOT angegeben ist.

[stextbox id=“bash“]/etc/init.d/tftpd-hpa restart[/stextbox]

Installation eines Clients

Bei Erstellung dieses HowTo´s ist mir aufgefallen das das fai-chboot Programm einen Fehler macht.

Dieser Patch behebt den Fehler.

[stextbox id=“bash“]nano /root/fai-chboot.patch[/stextbox]

--- /usr/sbin/fai-chboot_org    2013-03-17 16:38:01.519470172 +0100
+++ /usr/sbin/fai-chboot        2013-03-17 15:42:06.219470569 +0100
@@ -387,6 +387,9 @@
($opt_S and $opt_I) && die "ERROR: use only one option out of -I and -S\n";
#TODO: also -e, -r and -c can't be used together

+$server = `. $cfdir/nfsroot.conf 2>/dev/null; echo \$SERVER`;
+chomp $server;
+
# read the nfsroot variable; a little bit ugly, but it works
$nfsroot = `. $cfdir/nfsroot.conf 2>/dev/null; echo \$NFSROOT`;
chomp $nfsroot;
@@ -457,7 +460,7 @@
# create config so host will boot the install kernel
$kernelname = "kernel vmlinuz-$kernelsuffix";
$initrd     = "initrd=initrd.img-$kernelsuffix";
-  $rootfs     = "root=/dev/nfs nfsroot=$nfsroot $bopt";
+  $rootfs     = "root=/dev/nfs nfsroot=$server:$nfsroot $bopt";
$bootprot   = "ip=dhcp ";

} elsif ($opt_o) {

Patch als Datei
fai-chboot.patch

Patch anwenden

[stextbox id=“bash“]patch -Np1 -i /root/fai-chboot.patch /usr/sbin/fai-chboot[/stextbox]

Vor dem Patch schaut der Inhalt der Server Config für meinen test.dmz-home.secretisland.de so aus

[stextbox id=“bash“]cat /srv/tftp/fai/pxelinux.cfg/C0A8FEC8[/stextbox]

# generated by fai-chboot for host test.dmz-home.secretisland.de with IP 192.168.254.200
default fai-generated

label fai-generated
kernel vmlinuz-3.2.0-4-amd64
append initrd=initrd.img-3.2.0-4-amd64 ip=dhcp  root=/dev/nfs nfsroot=/srv/fai/nfsroot aufs  FAI_FLAGS=verbose,sshd,reboot FAI_ACTION=install

Danach so

[stextbox id=“bash“]cat /srv/tftp/fai/pxelinux.cfg/C0A8FEC8[/stextbox]

# generated by fai-chboot for host test.dmz-home.secretisland.de with IP 192.168.254.200
default fai-generated

label fai-generated
kernel vmlinuz-3.2.0-4-amd64
append initrd=initrd.img-3.2.0-4-amd64 ip=dhcp  root=/dev/nfs nfsroot=fai-wheezy.dmz-home.secretisland.de:/srv/fai/nfsroot aufs  FAI_FLAGS=verbose,sshd,reboot FAI_ACTION=install

 

Um den Test Server nun installieren zu lassen muss fai-chboot ausgeführt werden

[stextbox id=“bash“]fai-chboot -IBv test.dmz-home.secretisland.de[/stextbox]

Booting kernel vmlinuz-2.6.32-5-amd64
 append initrd=initrd.img-2.6.32-5-amd64 ip=dhcp
    FAI_FLAGS=verbose,sshd,reboot

test.dmz-home.secretisland.de has 192.168.254.200 in hex C0A8FEC8
Writing file /srv/tftp/fai/pxelinux.cfg/C0A8FEC8 for test.dmz-home.secretisland.de

Nun den Test Server starten und auf PXE BOOT einstellen.

Jetzt sollte am Monitor des Test Servers das ganze so ausschauen.

fai-wheezy-test2

fai-wheezy-test1

fai-wheezy-test3

fai-wheezy-test4

fai-wheezy-test5

Mir ist noch aufgefallen bei meiner Installation das ich den ssh connect bestätigen muss. Dies kann man umgehen wenn man die Datei /var/log/fai/.ssh/known_hosts und /srv/fai/nfsroot/root/.ssh/known_hosts anpasst.

[stextbox id=“bash“]nano /var/log/fai/.ssh/known_hosts[/stextbox]

192.168.254.101,fai-wheezy.dmz-home,fai-wheezy ssh-dss AAAAB3N....
192.168.254.101,fai-wheezy.dmz-home,fai-wheezy ssh-rsa AAAAB3N....

und den FQDN einfügen

192.168.254.101,fai-wheezy.dmz-home.secretisland.de,fai-wheezy.dmz-home,fai-wheezy ssh-dss AAAAB3N....
192.168.254.101,fai-wheezy.dmz-home.secretisland.de,fai-wheezy.dmz-home,fai-wheezy ssh-rsa AAAAB3N....

Diese Änderung dann noch nach /srv/fai/nfsroot/root/.ssh/known_hosts kopieren.

[stextbox id=“bash“]cp /var/log/fai/.ssh/known_hosts /srv/fai/nfsroot/root/.ssh/known_hosts[/stextbox]

 

Viel Spaß

1 Kommentar zu „Fai (Fully Automatic Installation) Version 4 Debian Wheezy install howto

  1. Danke.
    Habe 2 Wochen lang vergeblich versucht das Ganze zum laufen zu bringen. Jetzt mit dieser Anleitung gehts!!!

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

*