This article presents the NetBoot configuration we are using in my company.

Aim

I want to achieve the following configuration:

I'll be using a local network 172.16.50.0/24 with 172.16.50.2 as main server (gateway).

Key points

• Each client is a diskless station.

• I want to use the same distribution everywhere.

What means "diskless"?

Diskless station means:

The clients don't need any hard drive to run, they will retrieve the file system from the TFTP server and use a NFS share as hard drive. The system will only run in RAM disk. So:

• All the clients will share the installation, configuration files and so on.

• Each client will run a dedicated instance of the operating system in his own RAM disk

• Logs will be centralized on the common NFS server - so we don't loose data on each reboot.

• The user will be able to choose the O.S to run on boot - thanks to a PXE menu

Network monitoring

Monitoring is done using Zabbix:

• Each client will have a local a dedicated zabbix agent to send back its status.

• Each server will also have a dedicated zabbix agent so I can monitor them too.

File access

• All the thin client will use a NFS root image ;

• They will all access a common file-share managed by Samba, anyone will be able to access, browse and update that share folder.

Redirections

Web access and redirections

• The "smartcard-gw" will act as the unique entry point: security GW + Apache 2 proxy
• RabbitMQ AMPQ messages will be forward to "smartcard-mq" on port 5672
• RabbitMQ UI will be redirect from port 15672 to "/rabbitmq/"
• The zabbix monitoring server will be accessible on "/zabbix/"
• The ElasticSearch server will be accessible on port 9200 + “/_plugin/HQ | head”
• HTTP will be redirect to HTTPS - using an auto-generate certificate

All the port redirections are done using IpTables forwarding (TCP 5672, 15672, 3030, 9200 ...)

All the URL redirections are done using Apache2 mod_proxy