Date: Mon, 5 Sep 2011 19:08:44 -0400 (EDT) From: Benjamin Kaduk <kaduk@MIT.EDU> To: Craig Rodrigues <rodrigc@crodrigues.org> Cc: freebsd-doc@freebsd.org Subject: Re: PXE Booting with an NFS root file system Message-ID: <alpine.GSO.1.10.1109051832151.1411@multics.mit.edu> In-Reply-To: <20110903000815.GA72769@glenbarber.us> References: <CAG=rPVenPP0n5uu8JGAksyTbPW3zMfxz%2BEJNvsPZ=o4P_pex3A@mail.gmail.com> <alpine.BSF.2.00.1108300808040.46886@wonkity.com> <CAG=rPVe4MxScm0B58o1w25hyBrt8-Psh3sobiL90dZm7PFCHpw@mail.gmail.com> <CAG=rPVdZVDo9Vhdj9u1UcopmEcVS3G9PyfFLs%2By-vY5Nn98-mg@mail.gmail.com> <20110903000815.GA72769@glenbarber.us>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry for jumping in late; mail backed up this week while meeting a deadline for work. On Fri, 2 Sep 2011, Glen Barber wrote: > Craig Rodrigues wrote: >> Hi, >> >> I have incorporated more feedback from Glen Barber and Ryusuke Suzuki. >> > > Hi Craig, > > Comments are in-line (not many): > > Index: en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml > =================================================================== > RCS file: /home/dcvs/doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v > retrieving revision 1.436 > diff -u -r1.436 chapter.sgml > --- en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml 18 Feb 2011 18:10:36 -0000 1.436 > +++ en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml 2 Sep 2011 21:19:42 -0000 > @@ -4171,6 +4175,304 @@ > </sect2> > </sect1> > > + <sect1 id="network-pxe-nfs"> > + <sect1info> > + <authorgroup> > + <author> > + <firstname>Craig</firstname> > + <surname>Rodrigues</surname> > + <affiliation> > + <address>rodrigc@FreeBSD.org</address> > + </affiliation> > + <contrib>Written by </contrib> > + </author> > + </authorgroup> > + </sect1info> > + <title>PXE Booting with an NFS root file system</title> > + > + <para>The &intel; Preboot eXecution Environment (<acronym>PXE</acronym>) > + allows booting the operating system over the network. > + <acronym>PXE</acronym> support is usually provided in the > + <acronym>BIOS</acronym> of modern motherboards, where > + it can be enabled in the <acronym>BIOS</acronym> settings > + which enable booting from the network. A fully functioning > + <acronym>PXE</acronym> setup also requires properly configured > + <acronym>DHCP</acronym> and <acronym>TFTP</acronym> servers.</para> > + > + <para>When the host computer boots, it receives information over > + <acronym>DHCP</acronym> about where to obtain the initial boot > + loader via TFTP. After the host computer receives this information, > + it downloads the boot loader via <acronym>TFTP</acronym>, and then > + executes the boot loader. This is documented section 2.2.1 of the "in section 2.2.1" > + <ulink url="http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf">Preboot Execution Environment (PXE) Specification</ulink>. > + In &os;, the boot loader retrieved during the <acronym>PXE</acronym> > + process is <filename>/boot/pxeboot</filename>. After > + <filename>/boot/pxeboot</filename> executes, the &os; kernel is > + loaded, and the rest of the &os; bootup sequence proceeds. > + Refer to <link linkend="boot">The FreeBSD Booting Process</link> > [...] > +myhost.example.com:/b/tftpboot/FreeBSD/install / nfs ro 0 0 > + </programlisting> > + > + <para>Replace <replaceable>myhost.example.com</replaceable> > + with the hostname or IP address of your <acronym>NFS</acronym> > + server. In this example, the root file system is mounted > + "read-only" in order to prevent <acronym>NFS</acronym> > + clients from potentially deleting the contents of the root > + file system.</para> > + </step> > + > + <step> > + <screen>&prompt.root; <userinput>chroot ${NFSROOTDIR}</userinput> > +&prompt.root; <userinput>passwd</userinput></screen> This is setting the root password for the client machine which is PXE booting? It is probably worth mentioning explicitly. > + </step> > + > + <step> > + <para>Enable ssh root logins in > + <filename>${NFSROOTDIR}/etc/ssh/sshd_config</filename></para> > > There is a missing "." after </filename>. It might be worth also mentioning the name of the configuration option, PermitRootLogin. > > + </step> > + > + <step> > + <para>Customize the ${NFSROOTDIR} by using &man.chroot.8;. In the > + <command>chroot</command> environment, the ${NFSROOTDIR} can be > + customized by doing things like adding packages with > + <command>pkg_add</command>, editing the password file with > + &man.vipw.8;, editing &man.amd.conf.5; maps for automounting, > + etc. For example:</para> > + > + <screen> > +&prompt.root; <userinput>chroot ${NFSROOTDIR}</userinput> > +&prompt.root; <userinput>pkg_add -r bash</userinput></screen> > + </step> > + </procedure> > + </sect2> > + > + <sect2> > + <title>Configuring Memory File Systems used by <filename>/etc/rc.initdiskless</filename></title> > + > + <para>If you boot from an NFS root volume, > + <filename>/etc/rc</filename> > + detects that you booted over NFS and runs > + <filename>/etc/rc.initdiskless</filename>. > + Read this script to understand what is going on. We need to make > + <filename>/etc</filename> and <filename>/var</filename> memory backed > + file systems because these directories need to be writable, but > + the NFS root directory is read-only.</para> > + > + <screen> > +&prompt.root; <userinput>chroot ${NFSROOTDIR}</userinput> > +&prompt.root; <userinput>mkdir -p conf/base</userinput> > +&prompt.root; <userinput>tar -c -v -f conf/base/etc.cpio.gz --format cpio --gzip etc</userinput> > +&prompt.root; <userinput>tar -c -v -f conf/base/var.cpio.gz --format cpio --gzip var</userinput></screen> > + > + <para>When system boots, memory file systems for Missing "the" before "system boots". > + <filename>/etc</filename> and <filename>/var</filename> > + will be created and mounted, and the contents of the > + <filename>cpio.gz</filename> files will be copied into them.</para> > + </sect2> > + > + <sect2> > + <title>Setting up the DHCP Server</title> > + > + <para>PXE requires a <acronym>TFTP</acronym> server and a > + <acronym>DHCP</acronym> server to be set up. The > + <acronym>DHCP</acronym> server does not necessarily need > + to be the same machine as the <acronym>TFTP</acronym> server, > + but it needs to be accessible in your network.</para> > + > + <procedure> > + <step> > + <para>Install the <acronym>DHCP</acronym> server by following > + the instructions documented at > + <link linkend="network-dhcp-server">Installing and Configuring a DHCP Server</link> > + in the &os; Handbook. Make sure that <filename>/etc/rc.conf</filename> > + and <filename>/usr/local/etc/dhcpd.conf</filename> > + are correctly configured.</para> > + </step> > + > + <step> > + <para>In <filename>/usr/local/etc/dhcpd.conf</filename>, configure > + the <literal>next-server</literal>, <literal>filename</literal>, > + and <literal>option root-path</literal> settings, > + to specify your <acronym>TFTP</acronym> server IP address, > + the path to <filename>/boot/pxeboot</filename> in > + <acronym>TFTP</acronym>, and the path to <acronym>NFS</acronym> "the NFS root file system" (add 'the') Thanks a lot for putting this together; it will be really helpful! -Ben Kaduk > + root file system. Here is a sample <filename>dhcpd.conf</filename> > + setup:</para> > + > + <programlisting> > +subnet 192.168.0.0 netmask 255.255.255.0 { > + range 192.168.0.2 192.168.0.3 ; > + option subnet-mask 255.255.255.0 ; > + option routers 192.168.0.1 ; > + option broadcast-address 192.168.0.255 ; > + option domain-name-server 192.168.35.35, 192.168.35.36 ; > + option domain-name "example.com";
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.GSO.1.10.1109051832151.1411>