1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
|
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="generator" content="Docutils 0.18: http://docutils.sourceforge.net/" />
<title>TestBoxImaging.txt</title>
<style type="text/css">
/*
:Author: David Goodger (goodger@python.org)
:Id: $Id: TestBoxImaging.html $
:Copyright: This stylesheet has been placed in the public domain.
Default cascading style sheet for the HTML output of Docutils.
See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
customize this style sheet.
*/
/* used to remove borders from tables and images */
.borderless, table.borderless td, table.borderless th {
border: 0 }
table.borderless td, table.borderless th {
/* Override padding for "table.docutils td" with "! important".
The right padding separates the table cells. */
padding: 0 0.5em 0 0 ! important }
.first {
/* Override more specific margin styles with "! important". */
margin-top: 0 ! important }
.last, .with-subtitle {
margin-bottom: 0 ! important }
.hidden {
display: none }
.subscript {
vertical-align: sub;
font-size: smaller }
.superscript {
vertical-align: super;
font-size: smaller }
a.toc-backref {
text-decoration: none ;
color: black }
blockquote.epigraph {
margin: 2em 5em ; }
dl.docutils dd {
margin-bottom: 0.5em }
object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
overflow: hidden;
}
/* Uncomment (and remove this text!) to get bold-faced definition list terms
dl.docutils dt {
font-weight: bold }
*/
div.abstract {
margin: 2em 5em }
div.abstract p.topic-title {
font-weight: bold ;
text-align: center }
div.admonition, div.attention, div.caution, div.danger, div.error,
div.hint, div.important, div.note, div.tip, div.warning {
margin: 2em ;
border: medium outset ;
padding: 1em }
div.admonition p.admonition-title, div.hint p.admonition-title,
div.important p.admonition-title, div.note p.admonition-title,
div.tip p.admonition-title {
font-weight: bold ;
font-family: sans-serif }
div.attention p.admonition-title, div.caution p.admonition-title,
div.danger p.admonition-title, div.error p.admonition-title,
div.warning p.admonition-title, .code .error {
color: red ;
font-weight: bold ;
font-family: sans-serif }
/* Uncomment (and remove this text!) to get reduced vertical space in
compound paragraphs.
div.compound .compound-first, div.compound .compound-middle {
margin-bottom: 0.5em }
div.compound .compound-last, div.compound .compound-middle {
margin-top: 0.5em }
*/
div.dedication {
margin: 2em 5em ;
text-align: center ;
font-style: italic }
div.dedication p.topic-title {
font-weight: bold ;
font-style: normal }
div.figure {
margin-left: 2em ;
margin-right: 2em }
div.footer, div.header {
clear: both;
font-size: smaller }
div.line-block {
display: block ;
margin-top: 1em ;
margin-bottom: 1em }
div.line-block div.line-block {
margin-top: 0 ;
margin-bottom: 0 ;
margin-left: 1.5em }
div.sidebar {
margin: 0 0 0.5em 1em ;
border: medium outset ;
padding: 1em ;
background-color: #ffffee ;
width: 40% ;
float: right ;
clear: right }
div.sidebar p.rubric {
font-family: sans-serif ;
font-size: medium }
div.system-messages {
margin: 5em }
div.system-messages h1 {
color: red }
div.system-message {
border: medium outset ;
padding: 1em }
div.system-message p.system-message-title {
color: red ;
font-weight: bold }
div.topic {
margin: 2em }
h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
margin-top: 0.4em }
h1.title {
text-align: center }
h2.subtitle {
text-align: center }
hr.docutils {
width: 75% }
img.align-left, .figure.align-left, object.align-left, table.align-left {
clear: left ;
float: left ;
margin-right: 1em }
img.align-right, .figure.align-right, object.align-right, table.align-right {
clear: right ;
float: right ;
margin-left: 1em }
img.align-center, .figure.align-center, object.align-center {
display: block;
margin-left: auto;
margin-right: auto;
}
table.align-center {
margin-left: auto;
margin-right: auto;
}
.align-left {
text-align: left }
.align-center {
clear: both ;
text-align: center }
.align-right {
text-align: right }
/* reset inner alignment in figures */
div.align-right {
text-align: inherit }
/* div.align-center * { */
/* text-align: left } */
.align-top {
vertical-align: top }
.align-middle {
vertical-align: middle }
.align-bottom {
vertical-align: bottom }
ol.simple, ul.simple {
margin-bottom: 1em }
ol.arabic {
list-style: decimal }
ol.loweralpha {
list-style: lower-alpha }
ol.upperalpha {
list-style: upper-alpha }
ol.lowerroman {
list-style: lower-roman }
ol.upperroman {
list-style: upper-roman }
p.attribution {
text-align: right ;
margin-left: 50% }
p.caption {
font-style: italic }
p.credits {
font-style: italic ;
font-size: smaller }
p.label {
white-space: nowrap }
p.rubric {
font-weight: bold ;
font-size: larger ;
color: maroon ;
text-align: center }
p.sidebar-title {
font-family: sans-serif ;
font-weight: bold ;
font-size: larger }
p.sidebar-subtitle {
font-family: sans-serif ;
font-weight: bold }
p.topic-title {
font-weight: bold }
pre.address {
margin-bottom: 0 ;
margin-top: 0 ;
font: inherit }
pre.literal-block, pre.doctest-block, pre.math, pre.code {
margin-left: 2em ;
margin-right: 2em }
pre.code .ln { color: grey; } /* line numbers */
pre.code, code { background-color: #eeeeee }
pre.code .comment, code .comment { color: #5C6576 }
pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
pre.code .literal.string, code .literal.string { color: #0C5404 }
pre.code .name.builtin, code .name.builtin { color: #352B84 }
pre.code .deleted, code .deleted { background-color: #DEB0A1}
pre.code .inserted, code .inserted { background-color: #A3D289}
span.classifier {
font-family: sans-serif ;
font-style: oblique }
span.classifier-delimiter {
font-family: sans-serif ;
font-weight: bold }
span.interpreted {
font-family: sans-serif }
span.option {
white-space: nowrap }
span.pre {
white-space: pre }
span.problematic {
color: red }
span.section-subtitle {
/* font-size relative to parent (h1..h6 element) */
font-size: 80% }
table.citation {
border-left: solid 1px gray;
margin-left: 1px }
table.docinfo {
margin: 2em 4em }
table.docutils {
margin-top: 0.5em ;
margin-bottom: 0.5em }
table.footnote {
border-left: solid 1px black;
margin-left: 1px }
table.docutils td, table.docutils th,
table.docinfo td, table.docinfo th {
padding-left: 0.5em ;
padding-right: 0.5em ;
vertical-align: top }
table.docutils th.field-name, table.docinfo th.docinfo-name {
font-weight: bold ;
text-align: left ;
white-space: nowrap ;
padding-left: 0 }
/* "booktabs" style (no vertical lines) */
table.docutils.booktabs {
border: 0px;
border-top: 2px solid;
border-bottom: 2px solid;
border-collapse: collapse;
}
table.docutils.booktabs * {
border: 0px;
}
table.docutils.booktabs th {
border-bottom: thin solid;
text-align: left;
}
h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
font-size: 100% }
ul.auto-toc {
list-style-type: none }
</style>
</head>
<body>
<div class="document">
<div class="section" id="testbox-imaging-backup-restore">
<h1>Testbox Imaging (Backup / Restore)</h1>
<div class="section" id="introduction">
<h2>Introduction</h2>
<p>This document is explores deploying a very simple drive imaging solution to help
avoid needing to manually reinstall testboxes when a disk goes bust or the OS
install seems to be corrupted.</p>
</div>
</div>
<div class="section" id="definitions-glossary">
<h1>Definitions / Glossary</h1>
<p>See AutomaticTestingRevamp.txt.</p>
</div>
<div class="section" id="objectives">
<h1>Objectives</h1>
<blockquote>
<ul class="simple">
<li>Off site, no admin interaction (no need for ILOM or similar).</li>
<li>OS independent.</li>
<li>Space and bandwidth efficient.</li>
<li>As automatic as possible.</li>
<li>Logging.</li>
</ul>
</blockquote>
</div>
<div class="section" id="overview-of-the-solution">
<h1>Overview of the Solution</h1>
<p>Here is a brief summary:</p>
<blockquote>
<ul class="simple">
<li>Always boot testboxes via PXE using PXELINUX.</li>
<li>Default configuration is local boot (hard disk / SSD)</li>
<li>Restore/backup action triggered by machine specific PXE config.</li>
<li>Boots special debian maintenance install off NFS.</li>
<li>A maintenance service (systemd style) does the work.</li>
<li>The service reads action from TFTP location and performs it.</li>
<li>When done the service removes the TFTP machine specific config
and reboots the system.</li>
</ul>
</blockquote>
<dl class="docutils">
<dt>Maintenance actions are:</dt>
<dd><ul class="first last simple">
<li>backup</li>
<li>backup-again</li>
<li>restore</li>
<li>refresh-info</li>
<li>rescue</li>
</ul>
</dd>
</dl>
<p>Possible modifier that indicates a subset of disk on testboxes with other OSes
installed. Support for partition level backup/restore is not explored here.</p>
<div class="section" id="how-to-use">
<h2>How to use</h2>
<p>To perform one of the above maintenance actions on a testbox, run the
<tt class="docutils literal"><span class="pre">testbox-pxe-conf.sh</span></tt> script:</p>
<pre class="literal-block">
/mnt/testbox-tftp/pxeclient.cfg/testbox-pxe-conf.sh 10.165.98.220 rescue
</pre>
<p>Then trigger a reboot. The box will then boot the NFS rooted debian image and
execute the maintenance action. On success, it will remove the testbox hex-IP
config file and reboot again.</p>
</div>
</div>
<div class="section" id="storage-server">
<h1>Storage Server</h1>
<p>The storage server will have three areas used here. Using NFS for all three
avoids extra work getting CIFS sharing right too (NFS is already a pain).</p>
<blockquote>
<ol class="arabic simple">
<li>/export/testbox-tftp - TFTP config area. Read-write.</li>
<li>/export/testbox-backup - Images and logs. Read-write.</li>
<li>/export/testbox-nfsroot - Custom debian. Read-only, no root squash.</li>
</ol>
</blockquote>
</div>
<div class="section" id="tftp-export-testbox-tftp">
<h1>TFTP (/export/testbox-tftp)</h1>
<p>The testbox-tftp share needs to be writable, root squashing is okay.</p>
<p>We need files from both PXELINUX and SYSLINUX to make this work now. On a
debian system, the <tt class="docutils literal">pxelinux</tt> and <tt class="docutils literal">syslinux</tt> packages needs to be
installed. We actually do this further down when setting up the nfsroot, so
it's possible to get them from there by postponing this step a little. On
debian 8.6.0 the PXELINUX files are found in <tt class="docutils literal">/usr/lib/PXELINUX</tt> and the
SYSLINUX ones in <tt class="docutils literal">/usr/lib/syslinux</tt>.</p>
<p>The initial PXE image as well as associated modules comes in three variants,
BIOS, 32-bit EFI and 64-bit EFI. We'll only need the BIOS one for now.
Perform the following copy operations:</p>
<pre class="literal-block">
cp /usr/lib/PXELINUX/pxelinux.0 /mnt/testbox-tftp/
cp /usr/lib/syslinux/modules/*/ldlinux.* /mnt/testbox-tftp/
cp -R /usr/lib/syslinux/modules/bios /mnt/testbox-tftp/
cp -R /usr/lib/syslinux/modules/efi32 /mnt/testbox-tftp/
cp -R /usr/lib/syslinux/modules/efi64 /mnt/testbox-tftp/
</pre>
<p>For simplicity, all the testboxes boot using good old fashioned BIOS, no EFI.
However, it doesn't really hurt to be prepared.</p>
<p>The PXELINUX related files goes in the root of the testbox-tftp share. (As
mentioned further down, these can be installed on a debian system by running
<tt class="docutils literal"><span class="pre">apt-get</span> install pxelinux syslinux</tt>.) We need the <tt class="docutils literal">*pxelinux.0</tt> files
typically found in <tt class="docutils literal">/usr/lib/PXELINUX/</tt> on debian systems (recent ones
anyway). It is possible we may need one ore more fo the modules <a class="footnote-reference" href="#footnote-1" id="footnote-reference-1">[1]</a> that
ships with PXELINUX/SYSLINUX, so do copy <tt class="docutils literal">/usr/lib/syslinux/modules</tt> to
<tt class="docutils literal"><span class="pre">testbox-tftp/modules</span></tt> as well.</p>
<p>The directory layout related to the configuration files is dictated by the
PXELINUX configuration file searching algorithm <a class="footnote-reference" href="#footnote-2" id="footnote-reference-2">[2]</a>. Create a subdirectory
<tt class="docutils literal">pxelinux.cfg/</tt> under <tt class="docutils literal"><span class="pre">testbox-tftp</span></tt> and create the world readable file
<tt class="docutils literal">default</tt> with the following content:</p>
<pre class="literal-block">
PATH bios
DEFAULT local-boot
LABEL local-boot
LOCALBOOT
</pre>
<p>This will make the default behavior to boot the local disk system.</p>
<p>Copy the <tt class="docutils literal"><span class="pre">testbox-pxe-conf.sh</span></tt> script file found in the same directory as
this document to <tt class="docutils literal"><span class="pre">/mnt/testbox-tftp/pxelinux.cfg/</span></tt>. Edit the copy to correct
the IP addresses near the top, as well as any linux, TFTP and PXE details near
the bottom of the file. This script will generate the PXE configuration file
when performing maintenance on a testbox.</p>
</div>
<div class="section" id="images-and-logs-export-testbox-backup">
<h1>Images and logs (/export/testbox-backup)</h1>
<p>The testbox-backup share needs to be writable, root squashing is okay.</p>
<p>In the root there must be a file <tt class="docutils literal"><span class="pre">testbox-backup</span></tt> so we can easily tell
whether we've actually mounted the share or are just staring at an empty mount
point directory.</p>
<p>The <tt class="docutils literal"><span class="pre">testbox-maintenance.sh</span></tt> script maintains a global log in the root
directory that's called <tt class="docutils literal">maintenance.log</tt>. Errors will be logged there as
well as a ping and the action.</p>
<p>We use a directory layout based on dotted decimal IP addresses here, so for a
server with the IP 10.40.41.42 all its file will be under <tt class="docutils literal">10.40.41.42/</tt>:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><hostname></tt></dt>
<dd>The name of the testbox (empty file). Help finding a testbox by name.</dd>
<dt><tt class="docutils literal"><span class="pre">testbox-info.txt</span></tt></dt>
<dd>Information about the testbox. Starting off with the name, decimal IP,
PXELINUX style hexadecimal IP, and more.</dd>
<dt><tt class="docutils literal">maintenance.log</tt></dt>
<dd>Maintenance log file recording what the maintenance service does.</dd>
<dt><tt class="docutils literal"><span class="pre">disk-devices.lst</span></tt></dt>
<dd>Optional list of disk devices to consider backuping up or restoring. This is
intended for testboxes with additional disks that are used for other purposes
and should touched.</dd>
<dt><tt class="docutils literal">sda.raw.gz</tt></dt>
<dd>The gzipped raw copy of the sda device of the testbox.</dd>
<dt><tt class="docutils literal"><span class="pre">sd[bcdefgh].raw.gz</span></tt></dt>
<dd>The gzipped raw copy sdb, sdc, sde, sdf, sdg, sdh, etc if any of them exists
and are disks/SSDs.</dd>
<dt>Note! If it turns out we can be certain to get a valid host name, we might just</dt>
<dd>switch to use the hostname as the directory name instead of the IP.</dd>
</dl>
</div>
<div class="section" id="debian-nfs-root-export-testbox-nfsroot">
<h1>Debian NFS root (/export/testbox-nfsroot)</h1>
<p>The testbox-nfsroot share should be read-only and must <strong>not</strong> have root
squashing enabled. Also, make sure setting the set-uid-bit is allowed by the
server, or <tt class="docutils literal">su` and ``sudo</tt> won't work</p>
<p>There are several ways of creating a debian nfsroot, but since we've got a
tool like VirtualBox around we've just installed it in a VM, prepared it,
and copied it onto the NFS server share.</p>
<p>As of writing debian 8.6.0 is current, so a minimal 64-bit install of it was
done in a VM. After installation the following modifications was done:</p>
<blockquote>
<ul>
<li><p class="first"><tt class="docutils literal"><span class="pre">apt-get</span> install pxelinux syslinux <span class="pre">initramfs-tools</span> zip gddrescue sudo joe</tt>
and optionally <tt class="docutils literal"><span class="pre">apt-get</span> install smbclient <span class="pre">cifs-utils</span></tt>.</p>
</li>
<li><p class="first"><tt class="docutils literal">/etc/default/grub</tt> was modified to set <tt class="docutils literal">GRUB_CMDLINE_LINUX_DEFAULT</tt> to
<tt class="docutils literal">""</tt> instead of <tt class="docutils literal">"quiet"</tt>. This allows us to see messages during boot
and perhaps spot why something doesn't work on a testbox. Regenerate the
grub configuration file by running <tt class="docutils literal"><span class="pre">update-grub</span></tt> afterwards.</p>
</li>
<li><p class="first"><tt class="docutils literal">/etc/sudoers</tt> was modified to allow the <tt class="docutils literal">vbox</tt> user use sudo without
requring any password.</p>
</li>
<li><p class="first">Create the directory <tt class="docutils literal">/etc/systemd/system/getty@tty1.service.d</tt> and create
the file <tt class="docutils literal">noclear.conf</tt> in it with the following content:</p>
<pre class="literal-block">
[Service]
TTYVTDisallocate=no
</pre>
<p>This stops getty from clearing VT1 and let us see the tail of the boot up
messages, which includes messages from the testbox-maintenance service.</p>
</li>
<li><p class="first">Mount the testbox-nfsroot under <tt class="docutils literal">/mnt/</tt> with write privileges. (The write
privileges are temporary - don't forget to remove them later on.):</p>
<pre class="literal-block">
mount -t nfs myserver.com:/export/testbox-nfsroot
</pre>
<p>Note! Adding <tt class="docutils literal"><span class="pre">-o</span> nfsvers=3</tt> may help with some NTFv4 servers.</p>
</li>
<li><p class="first">Copy the debian root and dev file system onto nfsroot. If you have ssh
access to the NFS server, the quickest way to do it is to use <tt class="docutils literal">tar</tt>:</p>
<pre class="literal-block">
tar -cz --one-file-system -f /mnt/testbox-maintenance-nfsroot.tar.gz . dev/
</pre>
<p>An alternative is <tt class="docutils literal">cp <span class="pre">-ax</span> . /mnt/. && cp <span class="pre">-ax</span> dev/. /mnt/dev/.</tt> but this
is quite a bit slower, obviously.</p>
</li>
<li><p class="first">Edit <tt class="docutils literal">/etc/ssh/sshd_config</tt> setting <tt class="docutils literal">PermitRootLogin</tt> to <tt class="docutils literal">yes</tt> so we can ssh
in as root later on.</p>
</li>
<li><p class="first">chroot into the nfsroot: <tt class="docutils literal">chroot /mnt/</tt></p>
<blockquote>
<ul>
<li><p class="first"><tt class="docutils literal">mount <span class="pre">-o</span> proc proc /proc</tt></p>
</li>
<li><p class="first"><tt class="docutils literal">mount <span class="pre">-o</span> sysfs sysfs /sys</tt></p>
</li>
<li><p class="first"><tt class="docutils literal">mkdir <span class="pre">/mnt/testbox-tftp</span> <span class="pre">/mnt/testbox-backup</span></tt></p>
</li>
<li><p class="first">Recreate <tt class="docutils literal">/etc/fstab</tt> with:</p>
<pre class="literal-block">
proc /proc proc defaults 0 0
/dev/nfs / nfs defaults 1 1
10.42.1.1:/export/testbox-tftp /mnt/testbox-tftp nfs tcp,nfsvers=3,noauto 2 2
10.42.1.1:/export/testbox-backup /mnt/testbox-backup nfs tcp,nfsvers=3,noauto 3 3
</pre>
<p>We use NFS version 3 as that works better for our NFS server and client,
remove if not necessary. The <tt class="docutils literal">noauto</tt> option is to work around mount
trouble during early bootup on some of our boxes.</p>
</li>
<li><p class="first">Do <tt class="docutils literal">mount <span class="pre">/mnt/testbox-tftp</span> && mount <span class="pre">/mnt/testbox-backup</span></tt> to mount the
two shares. This may be a good time to execute the instructions in the
sections above relating to these two shares.</p>
</li>
<li><p class="first">Edit <tt class="docutils literal"><span class="pre">/etc/initramfs-tools/initramfs.conf</span></tt> and change the <tt class="docutils literal">MODULES</tt>
value from <tt class="docutils literal">most</tt> to <tt class="docutils literal">netboot</tt>.</p>
</li>
<li><p class="first">Append <tt class="docutils literal">aufs</tt> to <tt class="docutils literal"><span class="pre">/etc/initramfs-tools/modules</span></tt>. The advanced
multi-layered unification filesystem (aufs) enables us to use a
read-only NFS root. <a class="footnote-reference" href="#footnote-3" id="footnote-reference-3">[3]</a> <a class="footnote-reference" href="#footnote-4" id="footnote-reference-4">[4]</a> <a class="footnote-reference" href="#footnote-5" id="footnote-reference-5">[5]</a></p>
</li>
<li><p class="first">Create <tt class="docutils literal"><span class="pre">/etc/initramfs-tools/scripts/init-bottom/00_aufs_init</span></tt> as
an executable file with the following content:</p>
<pre class="literal-block">
#!/bin/sh
# Don't run during update-initramfs:
case "$1" in
prereqs)
exit 0;
;;
esac
modprobe aufs
mkdir -p /ro /rw /aufs
mount -t tmpfs tmpfs /rw -o noatime,mode=0755
mount --move $rootmnt /ro
mount -t aufs aufs /aufs -o noatime,dirs=/rw:/ro=ro
mkdir -p /aufs/rw /aufs/ro
mount --move /ro /aufs/ro
mount --move /rw /aufs/rw
mount --move /aufs /root
exit 0
</pre>
</li>
<li><p class="first">Update the init ramdisk: <tt class="docutils literal"><span class="pre">update-initramfs</span> <span class="pre">-u</span> <span class="pre">-k</span> all</tt></p>
<dl class="docutils">
<dt>Note! It may be necessary to do <tt class="docutils literal">mount <span class="pre">-t</span> tmpfs tmpfs /var/tmp</tt> to help</dt>
<dd><p class="first last">this operation succeed.</p>
</dd>
</dl>
</li>
<li><p class="first">Copy <tt class="docutils literal">/boot</tt> to <tt class="docutils literal"><span class="pre">/mnt/testbox-tftp/maintenance-boot/</span></tt>.</p>
</li>
<li><p class="first">Copy the <tt class="docutils literal"><span class="pre">testbox-maintenance.sh</span></tt> file found in the same directory as this
document to <tt class="docutils literal">/root/scripts/</tt> (need to create the dir) and make it
executable.</p>
</li>
<li><p class="first">Create the systemd service file for the maintenance service as
<tt class="docutils literal"><span class="pre">/etc/systemd/system/testbox-maintenance.service</span></tt> with the content:</p>
<pre class="literal-block">
[Unit]
Description=Testbox Maintenance
After=network.target
Before=getty@tty1.service
[Service]
Type=oneshot
RemainAfterExit=True
ExecStart=/root/scripts/testbox-maintenance.sh
ExecStartPre=/bin/echo -e \033%G
ExecReload=/bin/kill -HUP $MAINPID
WorkingDirectory=/tmp
Environment=TERM=xterm
StandardOutput=journal+console
[Install]
WantedBy=multi-user.target
</pre>
</li>
<li><p class="first">Enable our service: <tt class="docutils literal">systemctl enable <span class="pre">/etc/systemd/system/testbox-maintenance.service</span></tt></p>
</li>
<li><p class="first">xxxx ... more ???</p>
</li>
<li><p class="first">Before leaving the chroot, do <tt class="docutils literal">mount /proc /sys <span class="pre">/mnt/testbox-*</span></tt>.</p>
</li>
</ul>
</blockquote>
</li>
<li><p class="first">Testing the setup from a VM is kind of useful (if the nfs server can be
convinced to accept root nfs mounts from non-privileged clinet ports):</p>
<blockquote>
<ul>
<li><p class="first">Create a VM using the 64-bit debian profile. Let's call it "pxe-vm".</p>
</li>
<li><p class="first">Mount the TFTP share somewhere, like M: or /mnt/testbox-tftp.</p>
</li>
<li><p class="first">Reconfigure the NAT DHCP and TFTP bits:</p>
<pre class="literal-block">
VBoxManage setextradata pxe-vm VBoxInternal/PDM/DriverTransformations/pxe/AboveDriver NAT
VBoxManage setextradata pxe-vm VBoxInternal/PDM/DriverTransformations/pxe/Action mergeconfig
VBoxManage setextradata pxe-vm VBoxInternal/PDM/DriverTransformations/pxe/Config/TFTPPrefix M:/
VBoxManage setextradata pxe-vm VBoxInternal/PDM/DriverTransformations/pxe/Config/BootFile pxelinux.0
</pre>
</li>
<li><p class="first">Create the file <tt class="docutils literal"><span class="pre">testbox-tftp/pxelinux.cfg/0A00020F</span></tt> containing:</p>
<pre class="literal-block">
PATH bios
DEFAULT maintenance
LABEL maintenance
MENU LABEL Maintenance (NFS)
KERNEL maintenance-boot/vmlinuz-3.16.0-4-amd64
APPEND initrd=maintenance-boot/initrd.img-3.16.0-4-amd64 ro ip=dhcp aufs=tmpfs \
boot=nfs root=/dev/nfs nfsroot=10.42.1.1:/export/testbox-nfsroot
LABEL local-boot
LOCALBOOT
</pre>
</li>
</ul>
</blockquote>
</li>
</ul>
</blockquote>
</div>
<div class="section" id="troubleshooting">
<h1>Troubleshooting</h1>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">PXE-E11</span></tt> or something like <tt class="docutils literal">No ARP reply</tt></dt>
<dd>You probably got the TFTP and DHCP on different machines. Try move the TFTP
to the same machine as the DHCP, then the PXE stack won't have to do any
additional ARP resolving. Google results suggest that a congested network
could use the ARP reply to get lost. Our suspicion is that it might also be
related to the PXE stack shipping with the NIC.</dd>
</dl>
<hr class="docutils" />
<table class="docutils footnote" frame="void" id="footnote-1" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#footnote-reference-1">[1]</a></td><td>See <a class="reference external" href="http://www.syslinux.org/wiki/index.php?title=Category:Modules">http://www.syslinux.org/wiki/index.php?title=Category:Modules</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="footnote-2" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#footnote-reference-2">[2]</a></td><td>See <a class="reference external" href="http://www.syslinux.org/wiki/index.php?title=PXELINUX#Configuration">http://www.syslinux.org/wiki/index.php?title=PXELINUX#Configuration</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="footnote-3" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#footnote-reference-3">[3]</a></td><td>See <a class="reference external" href="https://en.wikipedia.org/wiki/Aufs">https://en.wikipedia.org/wiki/Aufs</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="footnote-4" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#footnote-reference-4">[4]</a></td><td>See <a class="reference external" href="http://shitwefoundout.com/wiki/Diskless_ubuntu">http://shitwefoundout.com/wiki/Diskless_ubuntu</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="footnote-5" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#footnote-reference-5">[5]</a></td><td>See <a class="reference external" href="http://debianaddict.com/2012/06/19/diskless-debian-linux-booting-via-dhcppxenfstftp/">http://debianaddict.com/2012/06/19/diskless-debian-linux-booting-via-dhcppxenfstftp/</a></td></tr>
</tbody>
</table>
<hr class="docutils" />
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">Status:</th><td class="field-body">$Id: TestBoxImaging.html $</td>
</tr>
<tr class="field"><th class="field-name">Copyright:</th><td class="field-body">Copyright (C) 2010-2020 Oracle Corporation.</td>
</tr>
</tbody>
</table>
</div>
</div>
</body>
</html>
|