[debian-lan-devel] FAI and diskless clients

Andreas B. Mundt andi.mundt at web.de
Tue Jan 17 21:27:46 UTC 2012 

Hello Toomas,

many thanks for your explanations and the script so far! 

On Mon, Jan 16, 2012 at 11:30:22AM +0200, Toomas Tamm wrote:

> We have used diskless clients for years. I am typing this answer on
> one :-) .

[...]

> Of course you also need to set up a server to export the root directory
> with appropriate permissions and make sure that the NFS is efficient
> and reliable in *your* network. My root is currently mounted as
> rw,vers=3,rsize=32768,wsize=32768,namlen=255,hard,intr,nolock,proto=tcp,
> timeo=7,retrans=3,sec=sys,mountproto=udp  . Your preferences and
> situation may vary.

This is where I am working right now.  I did not find a clear
documentation on how to do the implementation (chroot and booting)
best, by more or less try and error I ended up with something that
magically works and already looks quite promising, however I would
like to understand a bit more. Perhaps you or someone having deeper
insights into the subject can give some comments, tips and tricks on
what I did so far: 

I install the chroot with:

  export LC_ALL=C; fai -vNu diskless dirinstall /opt/live/filesystem.dir/

The FAI classes used are almost identical to a comparable disk
installation; only /etc/hosts and /etc/resolv.conf need to be modified
from what FAI produces.  The directory /opt is exported via NFS (I
can't use NFSv4, right?). 

Now I create the PXE configuration: 
  ...
  kernel vmlinuz-2.6.32-5-486
  append initrd=initrd.img-2.6.32-5-486 ip=dhcp root=/dev/nfs nfsroot=/opt boot=live

I was not able to figure out what boot=live exactly means.  What is
the difference to boot=nfs?  Are there other alternatives?

When booting the client, it seems to pick up the hostname from
dhcp/dns if it has been added to these services. This is already
great.  If the machine is unknown to dhcp/dns  it picks up 'host'.  
Can I easily modify or influence this behavior?  What's the
recommended implementation?

Problems I encountered before on debian-edu are security aspects:  We
would like to use Kerberos and NFSv4 for mounting the home
directories.  Of course a keytab in a readable chroot shared by  
many machines is not what you want.  Any ideas how to handle that
best? 

I documented what I got so far in more detail here:

  <URL:http://wiki.debian.org/DebianLAN/Setup_A>  

Hints, tips and tricks as well as pointers are appreciated.  Thanks! 

Best regards,

     Andi

More information about the debian-lan-devel mailing list