Deploying Debian systems with FAI
FAI helps you automate the process of installing and configuring new Debian systems.
The Fully Automatic Installation (FAI) framework developed at the University of Cologne, Germany, relieves the headache of mass installing Debian systems. FAI offers several customization features and allows you to set up virtual systems. The new 3.2.9  version supports Debian Lenny and includes a new partioning tool.
How It Works
FAI manages the installation process by automating the steps executed by the Debian installer. As shown in Figure 1, an FAI server system runs the FAI daemon and also hosts the services necessary to support network-based installation, including NFS, TFTP, and DHCP. In the most basic scenario, a client with a preboot execution environment (PXE)-based network adapter remote boots, gets an IP address from the DHCP server, then obtains the necessary files through TFTP to launch the remote installation.
FAI also works with older computers that do not have PXE support. If you don't have PXE support, you will need to launch the setup manually from a boot image on a floppy disk, CD-ROM, or USB stick. Whether or not your system supports PXE, the start routine will load a bootable kernel. The client then contacts the FAI server and uses NFS to bind its root and configuration directories. These directories contain all the information required to install the client.
FAI lets you define classes of computers with a common location or role. The class definition associates scripts, configurations, and a custom set of software packages with the client. As you will learn later in this article, a client can belong to more than one class.
An init script launches the local installation. The script investigates the hostname and the mounted configuration data to decide to which installation class the client belongs. The installation process formats the client's hard disk and downloads the required packages from a Debian mirror before going on to install the packages with Apt. Finally, the client is customized according to the specs provided through FAI.
Other Installation Tools
The setup_harddisks and setup-storage programs partition the hard disk. These packages also include the fcopy and ftar commands, which copy files to the client independent of its class. The fai-doc package includes the FAI documentation and some sample configurations. After installing the package, you will find the files in the -/-usr/share/doc/fai-doc directory.
The fai-nfsroot package is not intended for installation on normal computers. Instead, the FAI setup procedure downloads this package from the mirror while configuring the server, dropping its content into the /srv/fai/nfsroot directory. The clients use NFS to mount this directory as their root.
Installing the Server
The FAI server contains several components. Figure 2 illustrates the installation steps. The first step is to set up the daemon responsible for distributing the configuration. To do so, you need a Debian machine with NFS, TFTP, and DHCP. In addition, I recommend the FAI packages fai-server, fai-doc, fai-quickstart, and fai-nfsroot. These packages are available through the normal Debian repositories.
The fai-server package is the starting point for the server installation. The list of dependencies includes packages for NFS, DHCP, and the TFTP server. Also, do not forget the fai-setup command for the central server configuration. make-fai-bootfloppy creates boot media such as CD-ROMs and floppies for hardware without PXE boot support. fai-client provides the programs run by the client during the installation.
fai-quickstart installs all of the tools necessary for the FAI installation and copies the sample configurations to the correct location. It installs all the required packages and creates configuration templates in the /etc/fai directory. Unless you are using NFS to mount a Debian mirror, you won't need to change the parameters in the fai.conf file that define the central settings for the FAI server.
The make-fai-nfsroot.conf file tells FAI how to configure the NFS root. If the FAI server does not have a DNS entry, you need to comment out the NFSROOT_ETC_HOSTS line. The file already has default IP addresses and names, which you can modify to match your local environment. You also need to specify the mirror from which to download the packages to create the NFS root.
Using Debian Standards
FAI uses the normal Debian Apt system, which lists its repositories in /etc/apt/sources.list. FAI adds the distributor's standard mirrors and the mirror at Cologne University to this list. If you prefer to use a different set of mirror servers, you need to modify the file. To avoid unnecessary complications, let FAI create the NFS root with the same version of Debian you will be using for the clients.
After correctly configuring all of these parameters, the next step is to create the NFS root directory. To do so, run the fai-setup -v command. After downloading some 330MB of package data, /srv/fai/nfsroot/live/filesystem.dir will contain the NFS root. The script also exports the directories required for the client installation on NFS and drops a matching kernel image into the /srv/tftp directory.
Buy this article as PDF
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.
Redmond rushes in to root out alleged malware haven.
New initiative will bring futuristic virtual reality effects to the web surfing experience.
Dyreza malware launches a man-in-the-middle attack that compromises SSL.
New cloud combines worldwide access with local attention to data security.