Difference between revisions of "NetBoot server"

(Created page with " =NetBoot using PXE and TFTP= Reminder: * NetBoot requires a DHCP server * TFTP is NOT secure at all. You should only use it into your internal network !! => Don't forget...")
 
Line 1: Line 1:
 
+
NetBoot using PXE and TFTP
=NetBoot using PXE and TFTP=
 
  
  
Line 12: Line 11:
  
  
==Installation==
+
=Installation=
  
 
'''Trivial FTP (TFTP) client'''
 
'''Trivial FTP (TFTP) client'''
Line 29: Line 28:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
'''NFS support'''
 
<syntaxhighlight lang="bash">
 
apt-get install nfs-kernel-server nfs-common
 
</syntaxhighlight>
 
 
'''Debootstrap (manage netboot image)'''
 
<syntaxhighlight lang="bash">
 
apt-get install debootstrap
 
</syntaxhighlight>
 
  
  
==Configuration==
+
=Configuration=
  
  
===TFTP configuration===
+
==TFTP configuration==
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
Line 61: Line 51:
  
  
===Firewall configuration===
+
==Firewall configuration==
  
 
Adjust your firewall script and add the following rules:
 
Adjust your firewall script and add the following rules:
Line 74: Line 64:
  
  
===Test the server===
+
==Test the server==
  
 
1. Create a file on the server  
 
1. Create a file on the server  
Line 110: Line 100:
  
  
==Setup NetBoot files==
+
=Setup NetBoot files=
  
  
===Get NetBoot image===
+
==Get NetBoot image==
  
 
Download the latest Ubuntu netboot image for the target architecture(s) from: http://cdimage.ubuntu.com/netboot/
 
Download the latest Ubuntu netboot image for the target architecture(s) from: http://cdimage.ubuntu.com/netboot/
Line 132: Line 122:
  
  
===Register files in DHCP server===
+
==Register files in DHCP server==
  
  
Line 175: Line 165:
  
  
==TFTP management==
+
=TFTP management=
  
 
Just use the "service" command:
 
Just use the "service" command:
Line 182: Line 172:
 
service tftpd-hpa {status|restart|start|stop}
 
service tftpd-hpa {status|restart|start|stop}
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
 +
 +
 +
 +
Next step: [[Diskless netboot]]

Revision as of 13:41, 22 May 2014

NetBoot using PXE and TFTP


Reminder:

  • NetBoot requires a DHCP server
  • TFTP is NOT secure at all. You should only use it into your internal network !!

=> Don't forget to adjust your firewall rules


Installation

Trivial FTP (TFTP) client 

apt-get install tftp-hpa

Trivial FTP (TFTP) server 

apt-get install tftpd-hpa

SysLinux [netboot utilities] 

apt-get install syslinux mtools initramfs-tools


Configuration

TFTP configuration

vim /etc/default/tftpd-hpa


The TFTP server files, = the files that will be used by the TFTP clients, are in the "TFTP_DIRECTORY" instruction.

By default tftpd-hpa uses /var/lib/tftpboot

!! You should not change the default user or port number if you plan to use NetBoot !! 

service tftpd-hpa restart


Firewall configuration

Adjust your firewall script and add the following rules: 

IPTABLES=`which iptables`
LAN_ADDRESS="172.16.50.0/24"

$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT


Test the server

1. Create a file on the server 

vim /var/lib/tftpboot/hello.txt


2. Connect to the server

Install TFTP client: 

apt-get install tftp-hpa

Connect to the server and get file: 

tftp 192.168.1.156
get hello.txt
quit


Check the received file: 

cat hello.txt



Setup NetBoot files

Get NetBoot image

Download the latest Ubuntu netboot image for the target architecture(s) from: http://cdimage.ubuntu.com/netboot/


You have to take the netboot.tar.gz archive. 


cd /var/lib/tftpboot/
mkdir amd64
cd amd64
wget http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xzvf netboot.tar.gz
rm netboot.tar.gz


Register files in DHCP server

Edit your DHCP server configuration: 

vim /etc/dhcp/dhcpd.conf


Adjust it like that: 

        #### NETBOOT settings 
        # PXE file to serve.
        #   >> elilo.efi   => for ia64 clients; 
        #   >> pxelinux.0  => for x86
        # These files should be at the root of your TFTP server
        # Note: The file name can be add in the "host" section too. Then, the "host" will override the current setting
        filename "amd64/pxelinux.0";
        # set the server that serve this NETBOOT file
        next-server 172.16.50.2;
        # Ensure that the new client (the one booting) is not stealing someone else IP @
        ping-check = 1;


Mind the "amd64/" in the filename section.


You can always override that setting later on for each host.


Restart the DHCP server 

service isc-dhcp-server restart



TFTP management

Just use the "service" command: 

service tftpd-hpa {status|restart|start|stop}



Next step: Diskless netboot

Retrieved from "http://www.daxiongmao.eu/wiki/index.php?title=NetBoot_server&oldid=291"