NetBoot target configuration
This article presents the NetBoot configuration we are using in my company.
Contents
Aim
I want to achieve the following configuration:
I'll be using a local network 172.16.50.0/24 with 172.16.50.2 as main server (gateway).
Key points
- Each client is a diskless station.
- I want to use the same distribution everywhere.
What means "diskless"?
Diskless station means:
The clients don't need any hard drive to run, they will retrieve the file system from the TFTP server and use a NFS share as hard drive. The system will only run in RAM disk. So:
- All the clients will share the installation, configuration files and so on.
- Each client will run a dedicated instance of the operating system in his own RAM disk
- Logs will be centralized on the common NFS server - so we don't loose data on each reboot.
- The user will be able to choose the O.S to run on boot - thanks to a PXE menu
Network monitoring
Monitoring is done using Zabbix:
- Each client will have a local a dedicated zabbix agent to send back its status.
- Each server will also have a dedicated zabbix agent so I can monitor them too.
File access
- All the thin client will use a NFS root image ;
- They will all access a common file-share managed by Samba, anyone will be able to access, browse and update that share folder.
Redirections
Web access and redirections
- The "smartcard-gw" will act as the unique entry point: security GW + Apache 2 proxy
- RabbitMQ AMPQ messages will be forward to "smartcard-mq" on port 5672
- RabbitMQ UI will be redirect from port 15672 to "/rabbitmq/"
- The zabbix monitoring server will be accessible on "/zabbix/"
- The ElasticSearch server will be accessible on port 9200 + “/_plugin/HQ | head”
- HTTP will be redirect to HTTPS - using an auto-generate certificate
All the port redirections are done using IpTables forwarding (TCP 5672, 15672, 3030, 9200 ...) ; All the URL redirections are done using Apache2 mod_proxy