[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Diskless boot NFS server image


> I have been developing perl scripts that enable easy to configure and
> maintain NFS images for diskless clients. I have packaged these into
> a debian package, and I can provide my current version on request if
> anybody is interested. Currently they allow setting up different groups
> of clients, each with there own settings. Multiple architectures should
> be supported, but I cannot test this. For extra security and less
> diskspace usage, / is mounted read-only from a shared mount point,
> and /etc, /var, and /tmp are mounted as read-write on boot.

yes, I think it would be a nice idea to provide a debian package
for this purpose.

> There are some difficult issues I have with it:
> - I would like to be able calculate MD5sums for certain files, in order
> to be able to check if the contents have changed or not (eg similar to
> how dpkg handles configuration files). How do I do this from perl? Do
> perl packages already exist to do this?


> - as / is mounted R/O, this means /lib/modules is also R/O, and the
> boot process cannot calculate the module dependancies. ARRRGGGGHHHH!!!
> I do not know how to get around this, other then to mount / as R/W
> for the first boot. Is it possible to get module dependancy information
> written to some other directory??? Is there another better way? IMHO,
> it should be possible to mount /lib, /bin, /sbin, /usr, /boot, as
> read only (and possibly /etc too), but FSSTND only seems to mention /usr.

One could boot from an initial ram disk ("initrd", cf. kernel docs)
set up all necessary things and then remount / from nfs.

Another problem could be /dev. Usually login changes ownership
and permission of the tty devices for security reasons.

> - Linux defaults to mounting root from "/tftpboot/<IPaddress>", however,
> I don't think that this is allowed by FSSTND. Hence I have used symlinks
> from /tftpboot/<ipaddress> into and under /var/lib/diskless/. This
> allows booting Linux without giving it command line arguments, but it
> still breaks FSSTND.

I think you can change this by a DHCP parameter. In principle this
is also possible with BOOTP but the limited size of BOOTP packages
may truncate this boot option.

We use diskless clients for two purposes:

1. As a robust "internet point" for our students. There is no login,
   fvwm95 and netscape is started directly from inittab.
2. As a comfortable maintainance option for our server: Just
   boot from disk, mount a nfs root filesystem and you can
   repair the disks, or restore a backup even from remote.
   There are some error messages during the boot process
   that complain that several files are readonly. But it works
   and after a disaster you surely avoid nitpicking, 

Cheers, Thomas

Reply to: