Differences between revisions 4 and 5
Revision 4 as of 2011-12-04 12:50:01
Size: 2167
Editor: ?AndreasMundt
Comment: Add detailed instructions on how to add machines and users
Revision 5 as of 2012-01-17 20:23:01
Size: 3835
Editor: ?AndreasMundt
Comment: Diskless HowTo
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
 * The mainserver with two network cards acts as a gateway to the external network.  * The mainserver with two network cards acts as a gateway to the external network. It serves the central services to the LAN and optionally the root file system for diskless machines.
Line 17: Line 17:
 * '''diskless (workstation):'''
  * Same features as workstation (experimental, see below on how to activate)
Line 44: Line 46:
== Diskless Clients ==
/!\ Diskless Clients are still experimental. Needs testing and fine tuning!

The mainserver might serve the root file system for diskless machines. To enable diskless machines, install the mainserver with the partitioning scheme LVM6_A replaced by LVM7_A, which will add another partition for {{{/opt}}}. After installation and the creation of the FAI nfsroot ({{{fai-setup}}}), execute:
{{{
export LC_ALL=C
fai -vNu diskless dirinstall /opt/live/filesystem.dir/ |tee /var/log/fai/fai-diskless.log
}}}
Then make the installed chroot available by adding:
{{{
/opt 10.0.0.0/8(async,ro,no_subtree_check,no_root_squash)
}}}
to {{{/etc/exports}}}. (You might in addition need to modify the network masks to allow mounting the home directory for unknown machines).
To boot the diskless clients via PXE, edit {{{/etc/dhcp/dhcpd.conf}}} and add:
{{{
server-name faiserver;
next-server faiserver;
filename "fai/pxelinux.0";
}}}
to the corresponding declaration (for testing: below "allow unknown-clients"). Create a template file {{{/srv/tftp/fai/pxelinux.cfg/diskless.tmpl}}} containing:
{{{
# template for diskless
default fai-generated

label fai-generated
kernel vmlinuz-2.6.32-5-486
append initrd=initrd.img-2.6.32-5-486 ip=dhcp root=/dev/nfs nfsroot=/opt boot=live
}}}
and use it to prepare the default PXE configuration:
{{{
fai-chboot -vc diskless default
}}}
Finally, PXE-boot your client.

Translation(s): none


Debian-LAN Setup_A

Network Topology

  • The mainserver with two network cards acts as a gateway to the external network. It serves the central services to the LAN and optionally the root file system for diskless machines.

Machine Types

  • mainserver:

    • DNS and DHCP for the internal network.
    • Kerberos KDC
    • LDAP
    • Home directories distributed via NFSv4
    • Squid proxy
    • apt-cacher-ng
  • workstation:

    • Minimalistic LXDE and Gnome Desktop enviroment
  • diskless (workstation):

    • Same features as workstation (experimental, see below on how to activate)

User and Machine Management

  • The script debian-lan is provided to manage users and groups in LDAP (using ldapscripts).

  • debian-lan also helps with copying the Kerberos keytabs to the machines (machine principals).

Details

Adding clients: After the installation of a workstation from the mainserver, use the command:

debian-lan addmachine workstationXX

on the mainserver to copy the Kerberos keytab to workstationXX.

Adding users: Use the command:

debian-lan adduser <list of usernames separated by spaces>

or

debian-lan adduser <path to file> 

to add users. The file is a simple text file containing on each line a single username and optionally the user's password separated by spaces. If you omit the password, debian-lan will create a random password and append it to the user's line in the file.

Removing users: Use the command deluser in the debian-lan script.

For more details take a look at the debian-lan script itself.

Diskless Clients

/!\ Diskless Clients are still experimental. Needs testing and fine tuning!

The mainserver might serve the root file system for diskless machines. To enable diskless machines, install the mainserver with the partitioning scheme LVM6_A replaced by LVM7_A, which will add another partition for /opt. After installation and the creation of the FAI nfsroot (fai-setup), execute:

export LC_ALL=C
fai -vNu diskless dirinstall /opt/live/filesystem.dir/ |tee /var/log/fai/fai-diskless.log

Then make the installed chroot available by adding:

/opt 10.0.0.0/8(async,ro,no_subtree_check,no_root_squash)

to /etc/exports. (You might in addition need to modify the network masks to allow mounting the home directory for unknown machines). To boot the diskless clients via PXE, edit /etc/dhcp/dhcpd.conf and add:

server-name faiserver;
next-server faiserver;
filename "fai/pxelinux.0";

to the corresponding declaration (for testing: below "allow unknown-clients"). Create a template file /srv/tftp/fai/pxelinux.cfg/diskless.tmpl containing:

# template for diskless
default fai-generated

label fai-generated
kernel vmlinuz-2.6.32-5-486
append initrd=initrd.img-2.6.32-5-486 ip=dhcp root=/dev/nfs nfsroot=/opt boot=live

and use it to prepare the default PXE configuration:

fai-chboot -vc diskless default

Finally, PXE-boot your client.

Known Issues and Work-Arounds

  • NFSv4 not kerberized: 638157 → apply patch.

  • Installation of munin-node fails during the mainserver FAI-installation because of 612481 (still relevant on squeeze) → install munin-node after the FAI installation.

  • munin-node-configure does not link all available (i.e. working) plugins during installation → add missing links (use munin-node-configure --shell to get links for available plugins).