Diskless Debian Linux booting via dhcp/pxe/nfs/tftp/aufs

Want to boot a (possibly minimal) installation of Debian off the network using a read-only NFS share as the root filesystem, such that each netbooted machine has / mounted read-only over NFS and all writes are done to memory? Read on!

This assumes you are using a Linux computer as your router, which will be running Debian and hosting the local version of Debian we will be serving to clients which are PXE booting. This could be seen as a second part of my tutorial on making a Debian box a router , as it assumes your local network is still 10.0.0.0/24 and the dhcp/nfs/tftp server’s IP is 10.0.0.1

First off, we’ll need deboostrap, nfs, tftpd, and syslinux. Install them:

apt-get install tftp-hpa nfs-kernel-server debootstrap syslinux

We will store our initrd and boot loader under /srv/tftp and our NFS root filesystem under /srv/nfsroot

mkdir -p /srv/tftp /srv/nfsroot

Our nfsroot needs to be mountable via NFS. Export it read-only to our local network by putting the following in /etc/exports

/srv/nfsroot 10.0.0.0/24(ro,no_root_squash,no_subtree_check)

We will be booting to a custom Debian install. Install it in /srv/nfsroot using Debootstrap:

debootstrap stable /srv/nfsroot http://ftp.us.debian.org/debian

Now we need to install some packages in the NFS installation of Debian:

chroot /srv/nfsroot apt-get update
chroot /srv/nfsroot apt-get install initramfs-tools linux-image-2.6.32-5-amd64

Configure its initramfs to generate NFS-booting initrd’s

sed 's/BOOT=local/BOOT=nfs/' -i /srv/nfsroot/etc/initramfs-tools/initramfs.conf

We’ll need the aufs module

echo aufs >> /srv/nfsroot/etc/initramfs-tools/modules

Create the file /srv/nfsroot/etc/initramfs-tools/scripts/init-bottom/aufs give it executable permissions and fill it with the following

modprobe aufs
mkdir /ro /rw /aufs
mount -t tmpfs tmpfs /rw -o noatime,mode=0755
mount --move $rootmnt /ro
mount -t aufs aufs /aufs -o noatime,dirs=/rw:/ro=ro
mkdir -p /aufs/rw /aufs/ro
mount --move /ro /aufs/ro
mount --move /rw /aufs/rw
mount --move /aufs /root
exit 0

Generate initrd

update-initramfs -k

Copy generated initrd, kernel image, and pxe bootloader to tftp root and create folder for pxe config

cp /srv/nfsroot/boot/initrd.img-2.6.32-5-amd64 /srv/tftp/
cp /srv/nfsroot/boot/vmlinuz-2.6.32-5-amd64 /srv/tftp/
cp /usr/lib/syslinux/pxelinux.0 /srv/tftp
mkdir /srv/tftp/pxelinux.cfg

Configure boot loader. Put the following into /srv/tftp/pxelinux.cfg/default

default Debian
prompt 1
timeout 10
label Debian
kernel vmlinuz-2.6.32-5-amd64
append ro initrd=initrd.img-2.6.32-5-amd64 root=/dev/nfs ip=dhcp nfsroot=10.0.0.1:/srv/nfsroot

Configure tftp’s /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"

Add these lines to your dhcp config file /etc/dhcp/dhcpd.conf

next-server 10.0.0.1;
allow bootp;
allow booting;

Restart some services:

/etc/init.d/isc-dhcp-server restart
/etc/init.d/tftpd-hpa restart
exportfs -ra

At this point, configuration is done and you should be good to go. You might want to reset the root password on the nfs debian install:

chroot /srv/nfsroot passwd root

 

Leave a Reply

Your email address will not be published. Required fields are marked *


six × = forty two