donderdag 22 november 2012

PXE boot SystemRescueCd using a Linux server

I needed to get some things done on a PC that didn't have a optical drive so I needed to get creative. I know there is this thing called PXE (Preboot eXecution Environment) but I never tried it. When I started doing some research it was exactly what I needed.


I always hated it when I saw PXE initializing because it meant the PC couldn't boot from disk. Little did I know PXE is an awesome invention.

Get on with the how-to already!! Ok, Ok..

The ingredients I used are:
  • A Linux server (I prefer Gentoo, but any distribution will do).
  • Root access to the server.
  • A client PC which supports PXE. psst.. VirtualBox supports PXE ;-)
  • A network to connect the client and server. You will be running a DHCP server on this network. I used a cross cable. You can bridge VirtualBox to the interface you use.
  • An Internet connection on the server (you need to download a few things).
  • A couple hours of time.
The server will need a static IP. I use 192.168.1.1 and a subnet of 255.255.255.0. 192.168.1.1/24 for short. Wherever you see this, replace it with your own.
Since I want this set-up to work with a specific interface I've used 'eth0'. So If you want to have this too, substitute 'eth0' with your own.

For those who compile their own kernel, these options need to be enabled:
 CONFIG_EXPERIMENTAL=y  
 CONFIG_PACKET=y  
 CONFIG_UNIX=y  
 CONFIG_INET=y  
 CONFIG_IP_MULTICAST=y  
 CONFIG_NFSD=y  
 CONFIG_NFSD_V3=y  

The interface you will be running the DHCP server from should be configured for multicast. The way to do this is:
 ifconfig eth0 multicast  

Running ifconfig should then mention the interface is multicast, something like
 UP BROADCAST MULTICAST  

or
 UP BROADCAST RUNNING MULTICAST  

As long as it says "MULTICAST" you're doing good so far! Hooray!

The interface will need a static IP, you can do it using ifconfig or use your network manager for this.
 ifconfig eth0 192.168.1.1/24  

Note: I had some trouble since I'm using NetworkManager, the init scripts kept starting NetworkManager somehow so I needed to configure my eth0 with NetworkManager.

Now it's time to install the DHCP server, as a good Linux user you use your distro's package manager. As a Gentoo user you would normally use Portage for this, but I'm using Paludis. Mind that you want to run a DHCP server, so the 'server' use flag should be turned on for this package.

Using Portage you should do:
 emerge dhcp  

But since I'm using Paludis I do:
 cave resolve dhcp -x  

Now that we have dhcpd installed we can configure it.
Fire up your favorite text editor hint: vim and edit "/etc/dhcp/dhcpd.conf"
This is a minimal config I did, so consult the documentation if you want more.
 subnet 192.168.1.0 netmask 255.255.255.0  
 {  
   range 192.168.1.2 192.168.1.10;  
   filename "pxelinux.0";  
   next-server 192.168.1.1;  
 }  

Now if you want your DHCP server to run on a specific interface, on Gentoo you can edit "/etc/conf.f/dhcpd":
 IFACE="eth0"  

If you (and I) did everything right you should be able to start the DHCP daemon:
 /etc/init.d/dhcpd start  

IIRC if you do this on a Debian flavored machine it will slap you on the wrist and tell you to use something like "services [service] start" instead. The choice is yours.

Now the second part of the PXE server, the TFTP service.
Go ahead and install the TFTP server using your favorite package manager (package is called "tftp-hpa" in the Gentoo repo):
 cave resolve tftp-hpa -x  

Once the TFTP service is installed it's time to configure it. In my Gentoo machine I only had to edit the file "/etc/conf.d/in.tftpd":
 INTFTPD_PATH="/var/tftpd"  
 INTFTPD_OPTS="--listen --secure ${INTFTPD_PATH} --address 192.168.1.1"  

I like to use the long version of switches in config files because they are more readable then -a, -t, -3, etc.
The "--listen" switch tells TFTP to listen, the "--secure" switch locks TFTP in the directory specified (you may only specify one directory) and the "--address [IP]" switch tells TFTP to only accept connection to a specified IP address.
The directory specified by INTFTPD_PATH must exist, if it doesn't, create it.

You can now start the TFTP server:
 /etc/init.d/in.tftpd start  

You may have noticed the directory TFTP is serving is empty. We're now going to fix that. For that, we need syslinux.
Go ahead and install syslinux with your favorite package manager:
 cave resolve syslinux -x  

Once syslinux is installed you can copy over the PXELinux files to the TFTP directory:
 cp /usr/share/syslinux/pxelinux.0 /var/tftpd  
 cp /usr/share/syslinux/menu.c32 /var/tftpd  
 mkdir /var/tftpd/pxelinux.cfg  
 touch /var/tftpd/pxelinux.cfg/default  

Why did we touch "/var/tftpd/pxelinux.cfg/default"? Because we're going to edit it now. So fire up your text editor and write something like:
 prompt 0  
 timeout 200  
 default menu.c32  
   
 menu title siebz0r's awesome PXE boot  
   
 LABEL SystemRescueCd  
   kernel sysresccd/rescue32  
   append initrd=sysresccd/initram.igz dodhcp setkmap=us rootpass=somepassword nfsboot=192.168.1.1:/var/nfs/sysresccd  

This is a sample to present a menu with the option to boot SystemRescueCd. SystemRescueCd accepts some kernel parameters, the interesting one for this set-up is nfsboot. "nfsboot=192.168.1.1:/var/nfs/sysresccd" instructs SystemRescueCd to mount "/var/nfs/sysresccd" from server "192.168.1.1" through NFS.

NFS? Yeah, we're getting to it..

Install NFS using your package manager:
 cave resolve nfs-utils -x  

When this is done edit "/etc/exports" using your favorite text editor:
 /var/nfs/sysresccd  192.168.1.0/24(ro,no_subtree_check,all_squash,insecure,anonuid=1000,anongid=1000)  

This configures NFS to export "/var/nfs/sysresccd" to clients in the network "192.168.1.0/24". Options are copied from SystemRescueCd's wiki.

Now download SystemRescueCd to "/some/dir/sysresccd.iso" and mount it:
 mount -o loop /some/dir/sysresccd.iso /mnt/cdrom  

Now copy over the needed files:
 mkdir /var/tftpd/sysresccd  
 cp /mnt/cdrom/isolinux/rescue32 /var/tftpd/sysresccd  
 cp /mnt/cdrom/isolinux/initram.igz /var/tftpd/sysresccd  
   
 mkdir /var/nfs/sysresccd  
 cp /mnt/cdrom/sysrcd.dat /var/nfs/sysresccd  
 cp /mnt/cdrom/sysrcd.md5 /var/nfs/sysresccd  

And at last start NFS:
 /etc/init.d/nfs start  

Well.. that's all there is to it.
Now fire up a client with PXE support on the same network and see your awesome PXE boot menu: