mirror of
https://github.com/mbirth/wiki.git
synced 2024-12-24 22:54:09 +00:00
Post about iPXE and network booting.
This commit is contained in:
parent
ec42c1a9b1
commit
5886d62802
BIN
assets/ipxe01.jpg
Normal file
BIN
assets/ipxe01.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 125 KiB |
BIN
assets/ipxe02.jpg
Normal file
BIN
assets/ipxe02.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 74 KiB |
BIN
assets/ipxe03.jpg
Normal file
BIN
assets/ipxe03.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 77 KiB |
BIN
assets/ipxe04.jpg
Normal file
BIN
assets/ipxe04.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 92 KiB |
BIN
assets/ipxe05.jpg
Normal file
BIN
assets/ipxe05.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 127 KiB |
195
know-how/software/_posts/2016-03-05-ipxe-network-boot.md
Normal file
195
know-how/software/_posts/2016-03-05-ipxe-network-boot.md
Normal file
@ -0,0 +1,195 @@
|
||||
---
|
||||
title: iPXE Network Boot
|
||||
layout: default
|
||||
created: 2016-03-05 00:36:55 +0100
|
||||
updated: 2016-03-05 00:36:55 +0100
|
||||
toc: true
|
||||
tags:
|
||||
- know-how
|
||||
- software
|
||||
- ipxe
|
||||
- network
|
||||
- booting
|
||||
---
|
||||
I first stumbled upon iPXE because of a failing info monitor at my local train
|
||||
station:
|
||||
|
||||
![]({{ site.url }}/assets/ipxe01.jpg){: height="400px"}
|
||||
|
||||
[iPXE](http://ipxe.org/) is an open source firmware, meant as a replacement for
|
||||
the very basic [option ROM](https://en.wikipedia.org/wiki/Option_ROM#Network_boot_ROM)
|
||||
in ethernet cards. But you can also use that default option ROM to chainload
|
||||
iPXE without having to modify your device(s).
|
||||
|
||||
iPXE brings several features like loading boot images via HTTP, FTP, iSCSI, SMB,
|
||||
etc. and it also supports WiFi.
|
||||
|
||||
|
||||
First Steps
|
||||
===========
|
||||
|
||||
Where do you get the binaries to boot from? The easiest way is to download
|
||||
[ready-to-use binaries from their homepage](http://ipxe.org/download).
|
||||
|
||||
However, if you want to use e.g. a different keyboard because your devices
|
||||
don't have a typical QWERTY one, you need to compile iPXE yourself. To do that,
|
||||
[clone the source code](http://ipxe.org/download) to some directory and modify
|
||||
the files `src/config/console.h` and `src/config/general.h`.
|
||||
|
||||
For inspiration, you can take a look at [my settings]({% post_url 2016-03-05-my-ipxe-settings %}).
|
||||
|
||||
I also had a problem with iPXE not being able to fetch the URL to the
|
||||
`boot.ipxe` from dnsmasq. So I made the following `boot.ipxe` to be included in
|
||||
the binary:
|
||||
|
||||
```
|
||||
#!ipxe
|
||||
dhcp
|
||||
chain http://diskstation/ipxe/boot.ipxe
|
||||
```
|
||||
|
||||
After you're done with the files, you have to *make* the required binaries:
|
||||
|
||||
```bash
|
||||
make bin/undionly.kpxe EMBED=boot.ipxe
|
||||
make bin-x86_64-efi/ipxe.efi EMBED=boot.ipxe
|
||||
make bin-i386-efi/ipxe.efi EMBED=boot.ipxe
|
||||
```
|
||||
|
||||
And if everything goes well, you should find the files in those directories.
|
||||
|
||||
You have to rename them for further use:
|
||||
|
||||
`bin/undionly.kpxe` :arrow_right: `undionly.kpxe.0`
|
||||
`bin-x86_64-efi/ipxe.efi` :arrow_right: `ipxe.efi.0`
|
||||
`bin-i386-efi/ipxe.efi` :arrow_right: `ipxe32.efi.0`
|
||||
|
||||
|
||||
Booting iPXE
|
||||
============
|
||||
|
||||
So how do you get your computers to boot iPXE? You have to get your DHCP server
|
||||
to announce it to them. You can either do this in the DHCP directly, or just a
|
||||
DHCP proxy server, which adds the neccessary information. This can be done with
|
||||
*dnsmasq*.
|
||||
|
||||
I'm using this configuration in a file `/etc/dnsmasq.d/pxeproxy.conf`:
|
||||
|
||||
```ini
|
||||
dhcp-range=172.16.0.0,proxy
|
||||
dhcp-match=set:ipxe,175 # iPXE sends a 175 option
|
||||
dhcp-vendorclass=set:bios,PXEClient:Arch:00000
|
||||
dhcp-vendorclass=set:efi32,PXEClient:Arch:00002
|
||||
dhcp-vendorclass=set:efi32,PXEClient:Arch:00006
|
||||
dhcp-vendorclass=set:efi64,PXEClient:Arch:00007
|
||||
dhcp-vendorclass=set:efi64,PXEClient:Arch:00008
|
||||
dhcp-vendorclass=set:efi64,PXEClient:Arch:00009
|
||||
tag-if=set:loadbios,tag:!ipxe,tag:bios
|
||||
tag-if=set:loadefi32,tag:!ipxe,tag:efi32
|
||||
tag-if=set:loadefi64,tag:!ipxe,tag:efi64
|
||||
pxe-service=tag:loadbios,x86PC,"iPXE Network boot (BIOS)",undionly.kpxe
|
||||
pxe-service=tag:loadefi32,IA32_EFI,"iPXE Network boot (EFI32)",ipxe32.efi
|
||||
pxe-service=tag:loadefi32,BC_EFI,"iPXE Network boot (EFI32)",ipxe32.efi
|
||||
pxe-service=tag:loadefi64,X86-64_EFI,"iPXE Network boot (EFI)",ipxe.efi
|
||||
pxe-service=tag:loadefi64,IA64_EFI,"iPXE Network boot (EFI)",ipxe.efi
|
||||
dhcp-boot=tag:ipxe,http://diskstation:80/ipxe/boot.ipxe
|
||||
enable-tftp
|
||||
tftp-root=/var/ftpd
|
||||
```
|
||||
|
||||
This acts as a proxy for the `172.16.0.0/16` network - the one I use. And for
|
||||
each request, it detects whether there's the option 175 (=request comes from
|
||||
iPXE) set or not and which type or architecture is requested (legacy, 32bit,
|
||||
64bit). According to those flags, either the appropriate iPXE binary is returned
|
||||
or - if the request is from iPXE - the URL to the boot script which is hosted
|
||||
on my Synology DiskStation's web server.
|
||||
|
||||
The last two lines enable the built-in tftp server of dnsmasq and set the path
|
||||
to it. That's where you have to put your `undionly.kpxe.0`, `ipxe32.efi.0` and
|
||||
`ipxe.efi.0` from the previous step.
|
||||
|
||||
|
||||
Before the first boot
|
||||
=====================
|
||||
|
||||
Now that iPXE is launched, it tries to fetch the boot script we compiled in.
|
||||
But this doesn't exist yet.
|
||||
|
||||
I used @robinsmidrod's extensive [full iPXE native menu](https://gist.github.com/robinsmidsrod/2234639)
|
||||
as a basis, removed all things I didn't need and added the things I needed.
|
||||
|
||||
In the beginning, this looked like this:
|
||||
|
||||
![]({{ site.url }}/assets/ipxe02.jpg){: height="400px"}
|
||||
|
||||
|
||||
Adding tools to boot
|
||||
====================
|
||||
|
||||
Most tools you want to boot are probably Linux systems. To boot them, you need
|
||||
a *kernel* and some (initial) filesystem. One way is to load an *initrd*
|
||||
(initial ramdisk) which contains only the basic stuff and mounts the big
|
||||
filesystem itself. Or you can mount the "big" filesystem directly and use that
|
||||
from the beginning.
|
||||
|
||||
|
||||
SystemRescueCD
|
||||
--------------
|
||||
|
||||
To boot the [SysRescCD](https://www.system-rescue-cd.org/), you need the
|
||||
following files from the ISO image:
|
||||
|
||||
* `sysrcd.dat` --- "big" filesystem
|
||||
* `sysrcd.md5` --- checksum to validate the sysrcd.dat
|
||||
* `isolinux/rescue32` --- kernel for 32bit systems
|
||||
* `isolinux/rescue64` --- kernel for 64bit systems
|
||||
* `isolinux/initram.igz` --- initial ramdisk
|
||||
|
||||
Copy those to a directory `sysresccd` on your web server (where the `boot.ipxe`
|
||||
is). Look at the `menu.ipxe` from the example configuration mentioned above for
|
||||
how to add new menu items.
|
||||
|
||||
A menu item for SysRescCD could look like this:
|
||||
|
||||
```
|
||||
:srcd
|
||||
echo Booting SystemRescueCD 32bit
|
||||
set base-url http://diskstation:80/ipxe/sysresccd/
|
||||
kernel ${base-url}isolinux/rescue32
|
||||
initrd ${base-url}isolinux/initram.igz
|
||||
imgargs rescue32 setkmap=de dodhcp netboot=${base-url}sysrcd.dat
|
||||
boot || goto failed
|
||||
goto start
|
||||
```
|
||||
|
||||
As you can see, we instruct iPXE to boot the kernel `rescue32` with the initrd
|
||||
`initram.igz` - both from the web server. And in the `imgargs` line, we tell
|
||||
SysRescCD where to look for the `sysrcd.dat`.
|
||||
|
||||
![]({{ site.url }}/assets/ipxe03.jpg){: width="400px"}
|
||||
|
||||
|
||||
Boot ALL the tools
|
||||
==================
|
||||
|
||||
You can find my current config [here](https://github.com/mbirth/ipxe-config).
|
||||
It boots the following tools via the network - no CD or flash drive needed:
|
||||
|
||||
* [System Rescue CD](https://www.system-rescue-cd.org/)
|
||||
* [DFSee](http://www.dfsee.com/)
|
||||
* [CloneZilla](http://clonezilla.org/)
|
||||
* [GParted Live](http://gparted.org/livecd.php)
|
||||
* [g4u - ghost for unix](http://www.feyrer.de/g4u/)
|
||||
* [G4L - Ghost for Linux](https://sourceforge.net/projects/g4l/)
|
||||
* [AVG Rescue CD](http://www.avg.com/ww-en/avg-rescue-cd)
|
||||
* [BitDefender Rescue CD](http://www.bitdefender.com/support/how-to-create-a-bitdefender-rescue-cd-627.html)
|
||||
* [F-Secure Rescue CD](https://www.f-secure.com/en/web/labs_global/rescue-cd)
|
||||
* [HDT - Hardware Detection Tool](http://www.hdt-project.org/)
|
||||
* [Memtest86 V6](http://www.memtest86.com/)
|
||||
* [Memtest86+ V5](http://www.memtest.org/)
|
||||
|
||||
And this is what it looks like:
|
||||
|
||||
![]({{ site.url }}/assets/ipxe04.jpg){: width="400px"}
|
||||
|
||||
![]({{ site.url }}/assets/ipxe05.jpg){: width="400px"}
|
84
know-how/software/_posts/2016-03-05-my-ipxe-settings.md
Normal file
84
know-how/software/_posts/2016-03-05-my-ipxe-settings.md
Normal file
@ -0,0 +1,84 @@
|
||||
---
|
||||
title: My iPXE settings
|
||||
layout: default
|
||||
created: 2016-03-05 00:36:55 +0100
|
||||
updated: 2016-03-05 00:36:55 +0100
|
||||
toc: false
|
||||
tags:
|
||||
- know-how
|
||||
- software
|
||||
- ipxe
|
||||
- network
|
||||
- booting
|
||||
---
|
||||
I'll list my modifications (keep everything else as it is) here but keep in mind that you most probably want
|
||||
different settings.
|
||||
|
||||
See also [this post about iPXE in general]({% post_url 2016-03-05-ipxe-network-boot %}).
|
||||
|
||||
src/config/console.h
|
||||
--------------------
|
||||
|
||||
(commented in to enable:)
|
||||
|
||||
#define CONSOLE_FRAMEBUFFER /* Graphical framebuffer console */
|
||||
|
||||
(changed from `us` to `de`:)
|
||||
|
||||
#define KEYBOARD_MAP de
|
||||
|
||||
|
||||
src/config/general.h
|
||||
--------------------
|
||||
|
||||
(changed from `#undef` to `#define`:)
|
||||
|
||||
#define NET_PROTO_IPV6 /* IPv6 protocol */
|
||||
|
||||
(changed from `#undef` to `#define`:)
|
||||
|
||||
#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */
|
||||
#define DOWNLOAD_PROTO_FTP /* File Transfer Protocol */
|
||||
|
||||
(changed from `#undef` to `#define`:)
|
||||
|
||||
#define DOWNLOAD_PROTO_NFS /* Network File System Protocol */
|
||||
|
||||
(commented in to disable:)
|
||||
|
||||
#undef SANBOOT_PROTO_ISCSI /* iSCSI protocol */
|
||||
#undef SANBOOT_PROTO_AOE /* AoE protocol */
|
||||
#undef SANBOOT_PROTO_IB_SRP /* Infiniband SCSI RDMA protocol */
|
||||
#undef SANBOOT_PROTO_FCP /* Fibre Channel protocol */
|
||||
|
||||
(changed from `#undef` to `#define`:)
|
||||
|
||||
#define SANBOOT_PROTO_HTTP /* HTTP SAN protocol */
|
||||
|
||||
(commented in to enable - *works only for undionly.kpxe*:)
|
||||
|
||||
#define IMAGE_ELF /* ELF image support */
|
||||
|
||||
(commented in to enable:)
|
||||
|
||||
#define IMAGE_SCRIPT /* iPXE script image support */
|
||||
|
||||
(commented in to enable - *works only for undionly.kpxe*:)
|
||||
|
||||
#define IMAGE_COMBOOT /* SYSLINUX COMBOOT image support */
|
||||
|
||||
(commented in to enable:)
|
||||
|
||||
#define NSLOOKUP_CMD /* DNS resolving command */
|
||||
|
||||
(commented in to enable:)
|
||||
|
||||
#define REBOOT_CMD /* Reboot command */
|
||||
#define POWEROFF_CMD /* Power off command */
|
||||
|
||||
(commented in to enable:)
|
||||
|
||||
#define PING_CMD /* Ping command */
|
||||
#define CONSOLE_CMD /* Console command */
|
||||
#define IPSTAT_CMD /* IP statistics commands */
|
||||
|
Loading…
Reference in New Issue
Block a user