Difference between revisions of "NetBoot server"
Line 88: | Line 88: | ||
− | In that case you have to | + | In that case you have to register tftp-hpa as a service. |
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
− | + | cd /etc/init.d/ | |
+ | update-rc.d tftpd-hpa defaults | ||
</syntaxhighlight> | </syntaxhighlight> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
Reboot your server ! The TFTP should be up and running now :) | Reboot your server ! The TFTP should be up and running now :) |
Revision as of 14:40, 4 June 2014
NetBoot using PXE and TFTP.
This will boot using an official installation image.
Reminder:
- NetBoot requires a DHCP server
- TFTP is NOT secure at all. You should only use it into your internal network !!
=> Don't forget to adjust your firewall rules
Contents
Installation
Trivial FTP (TFTP) client
apt-get install tftp-hpa
Trivial FTP (TFTP) server
apt-get install tftpd-hpa
SysLinux [netboot utilities]
apt-get install syslinux mtools initramfs-tools
Syslinux contains some starter files you can use for your netboot clients.
Configuration
Create target TFTP folders
mkdir -m 755 -p /tftpboot
TFTP configuration
vim /etc/default/tftpd-hpa
It should look like:
# /etc/default/tftpd-hpa
RUN_DAEMON="yes"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"
Don't forget to add the RUN_DAEMON setting.
The TFTP server files [= the files that will be used by the TFTP clients] are in the "TFTP_DIRECTORY" instruction.
==> You should use the folder we just created: /tftpboot
IMPORTANT !!
You must not change the default user or port number !!
service tftpd-hpa restart
TFTP automatic start on boot
Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :(
In that case you have to register tftp-hpa as a service.
cd /etc/init.d/
update-rc.d tftpd-hpa defaults
Reboot your server ! The TFTP should be up and running now :)
Firewall configuration
Adjust your firewall script and add the following rules:
IPTABLES=`which iptables`
LAN_ADDRESS="172.16.50.0/24"
$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT
Test the server
1. Create a file on the server
vim /tftpboot/hello.txt
2. Connect to the server
Install TFTP client:
apt-get install tftp-hpa
Connect to the server and get file:
tftp 192.168.1.156
get hello.txt
quit
Check the received file:
cat hello.txt
Setup NetBoot files
Use an Ubuntu ISO image as NetBoot
Download the latest Ubuntu netboot image for the target architecture(s) from: http://cdimage.ubuntu.com/netboot/
You have to take the netboot.tar.gz archive.
cd /tftpboot/
mkdir rescue
cd rescue
wget http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xzvf netboot.tar.gz
rm netboot.tar.gz
Register files in DHCP server
Edit your DHCP server configuration:
vim /etc/dhcp/dhcpd.conf
Adjust it like that:
#### NETBOOT settings
# PXE file to serve.
# >> elilo.efi => for ia64 clients;
# >> pxelinux.0 => for x86
# These files should be at the root of your TFTP server
# Note: The file name can be add in the "host" section too. Then, the "host" will override the current setting
filename "rescue/pxelinux.0";
# set the server that serve this NETBOOT file
next-server 172.16.50.2;
# Ensure that the new client (the one booting) is not stealing someone else IP @
ping-check = 1;
Mind the "rescue/" in the filename section.
You can always override that setting later on for each host.
Restart the DHCP server
service isc-dhcp-server restart
TFTP management
Just use the "service" command:
service tftpd-hpa {status|restart|start|stop}
Next step: Diskless server / workstation