NetBoot using PXE and TFTP.

This will boot using an official installation image.

Reminder:

• NetBoot requires a DHCP server
• TFTP is NOT secure at all. You should only use it into your internal network !!

=> Don't forget to adjust your firewall rules

Installation

Trivial FTP (TFTP) client

apt-get install tftp-hpa

Trivial FTP (TFTP) server

apt-get install tftpd-hpa

SysLinux [netboot utilities]

apt-get install syslinux mtools initramfs-tools

Syslinux contains some starter files you can use for your netboot clients.

Configuration

Create target TFTP folders

mkdir -m 755 -p /tftpboot

TFTP configuration

vim /etc/default/tftpd-hpa

It should look like:

# /etc/default/tftpd-hpa
RUN_DAEMON="yes"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"

Don't forget to add the RUN_DAEMON setting.

The TFTP server files [= the files that will be used by the TFTP clients] are in the "TFTP_DIRECTORY" instruction. ==> You should use the folder we just created: /tftpboot

IMPORTANT !!

You must not change the default user or port number !!

service tftpd-hpa restart

TFTP automatic start on boot

Sometimes the "RUN_DAEMON" is not enough for TFTP automatic startup... :(

In that case you have to create a new script:

vim /etc/network/if-up.d/tftpd-hpa

Put the following content:

#!/bin/sh
restart tftpd-hpa

Adjust the script's rights:

chmod 755 /etc/network/if-up.d/tftpd-hpa

Reboot your server ! The TFTP should be up and running now :)

Firewall configuration

Adjust your firewall script and add the following rules:

IPTABLES=`which iptables`
LAN_ADDRESS="172.16.50.0/24"

$IPTABLES -A INPUT -p udp -s $LAN_ADDRESS --dport 69 -j ACCEPT

Test the server

1. Create a file on the server

vim /tftpboot/hello.txt

2. Connect to the server

Install TFTP client:

apt-get install tftp-hpa

Connect to the server and get file:

tftp 192.168.1.156
get hello.txt
quit

Check the received file:

cat hello.txt

Setup NetBoot files

Use an Ubuntu ISO image as NetBoot

Download the latest Ubuntu netboot image for the target architecture(s) from: http://cdimage.ubuntu.com/netboot/

You have to take the netboot.tar.gz archive.

cd /tftpboot/
mkdir rescue
cd rescue
wget http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xzvf netboot.tar.gz
rm netboot.tar.gz

Register files in DHCP server

Edit your DHCP server configuration:

vim /etc/dhcp/dhcpd.conf

Adjust it like that:

        #### NETBOOT settings 
        # PXE file to serve.
        #   >> elilo.efi   => for ia64 clients; 
        #   >> pxelinux.0  => for x86
        # These files should be at the root of your TFTP server
        # Note: The file name can be add in the "host" section too. Then, the "host" will override the current setting
        filename "rescue/pxelinux.0";
        # set the server that serve this NETBOOT file
        next-server 172.16.50.2;
        # Ensure that the new client (the one booting) is not stealing someone else IP @
        ping-check = 1;

Mind the "rescue/" in the filename section.

You can always override that setting later on for each host.

Restart the DHCP server

service isc-dhcp-server restart

TFTP management

Just use the "service" command:

service tftpd-hpa {status|restart|start|stop}

Next step: Diskless server / workstation