Difference between revisions of "NetBoot server"
Line 50: | Line 50: | ||
vim /etc/default/tftpd-hpa | vim /etc/default/tftpd-hpa | ||
</syntaxhighlight> | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | It should look like: | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | # /etc/default/tftpd-hpa | ||
+ | RUN_DAEMON="yes" | ||
+ | TFTP_USERNAME="tftp" | ||
+ | TFTP_DIRECTORY="/tftpboot" | ||
+ | TFTP_ADDRESS="0.0.0.0:69" | ||
+ | TFTP_OPTIONS="--secure" | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | '''Don't forget to add the RUN_DAEMON setting.''' | ||
Line 65: | Line 80: | ||
service tftpd-hpa restart | service tftpd-hpa restart | ||
</syntaxhighlight> | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | |||
+ | ==TFTP automatic start on boot== | ||
+ | |||
+ | Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :( | ||
+ | |||
+ | |||
+ | In that case you have to create a new script: | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | vim /etc/network/if-up.d/tftpd-hpa | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Put the following content: | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | #!/bin/sh | ||
+ | restart tftpd-hpa | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | Adjust the script's rights: | ||
+ | |||
+ | <syntaxhighlight lang="bash"> | ||
+ | chmod 755 /etc/network/if-up.d/tftpd-hpa | ||
+ | </syntaxhighlight> | ||
+ | |||
+ | |||
+ | |||
+ | Reboot your server ! The TFTP should be up and running now :) | ||
+ | |||
+ | |||
Revision as of 13:54, 4 June 2014
NetBoot using PXE and TFTP.
This will boot using an official installation image.
Reminder:
- NetBoot requires a DHCP server
- TFTP is NOT secure at all. You should only use it into your internal network !!
=> Don't forget to adjust your firewall rules
Contents
Installation
Trivial FTP (TFTP) client
apt-get install tftp-hpa
Trivial FTP (TFTP) server
apt-get install tftpd-hpa
SysLinux [netboot utilities]
apt-get install syslinux mtools initramfs-tools
Syslinux contains some starter files you can use for your netboot clients.
Configuration
Create target TFTP folders
mkdir -m 755 -p /tftpboot
TFTP configuration
vim /etc/default/tftpd-hpa
It should look like:
# /etc/default/tftpd-hpa
RUN_DAEMON="yes"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"
Don't forget to add the RUN_DAEMON setting.
The TFTP server files [= the files that will be used by the TFTP clients] are in the "TFTP_DIRECTORY" instruction.
==> You should use the folder we just created: /tftpboot
IMPORTANT !!
You must not change the default user or port number !!
service tftpd-hpa restart
TFTP automatic start on boot
Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :(
In that case you have to create a new script:
vim /etc/network/if-up.d/tftpd-hpa
Put the following content:
#!/bin/sh
restart tftpd-hpa
Adjust the script's rights:
chmod 755 /etc/network/if-up.d/tftpd-hpa
Reboot your server ! The TFTP should be up and running now :)
Firewall configuration
Adjust your firewall script and add the following rules:
IPTABLES=`which iptables`
LAN_ADDRESS="172.16.50.0/24"
$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT
Test the server
1. Create a file on the server
vim /tftpboot/hello.txt
2. Connect to the server
Install TFTP client:
apt-get install tftp-hpa
Connect to the server and get file:
tftp 192.168.1.156
get hello.txt
quit
Check the received file:
cat hello.txt
Setup NetBoot files
Use an Ubuntu ISO image as NetBoot
Download the latest Ubuntu netboot image for the target architecture(s) from: http://cdimage.ubuntu.com/netboot/
You have to take the netboot.tar.gz archive.
cd /tftpboot/
mkdir rescue
cd rescue
wget http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xzvf netboot.tar.gz
rm netboot.tar.gz
Register files in DHCP server
Edit your DHCP server configuration:
vim /etc/dhcp/dhcpd.conf
Adjust it like that:
#### NETBOOT settings
# PXE file to serve.
# >> elilo.efi => for ia64 clients;
# >> pxelinux.0 => for x86
# These files should be at the root of your TFTP server
# Note: The file name can be add in the "host" section too. Then, the "host" will override the current setting
filename "rescue/pxelinux.0";
# set the server that serve this NETBOOT file
next-server 172.16.50.2;
# Ensure that the new client (the one booting) is not stealing someone else IP @
ping-check = 1;
Mind the "rescue/" in the filename section.
You can always override that setting later on for each host.
Restart the DHCP server
service isc-dhcp-server restart
TFTP management
Just use the "service" command:
service tftpd-hpa {status|restart|start|stop}
Next step: Diskless server / workstation