Deploying Debian systems with FAI

Test Drive

To test the server, try a single client installation. You can use the pre-defined DEMOHOST package class for this. It contains a minimal system with client hardware requirements to match: A standard PC with at least 500MB hard disk space and (to keep things simple) a PXE-capable network adapter should suffice.

All the required network services, such as the nameserver and NFS, should be installed on the FAI server by now. To help the clients boot, set up an /etc/dhcp3/dhcpd.conf file similar to that shown in Listing 1 on your DHCP server. Then assign an IP address and a DNS name to the MAC address and specify the TFTP image for booting the client.

Listing 1

DHCP Configuration

01 group {
02   allow booting;
03   next-server 192.168.0.100;
04   filename "pxelinux.0";
05   option root-path "/srv/fai/nfsroot";
06   host demohost {
07     hardware ethernet 00:e0:81:5c:aa:82;
08     fixed-address 192.168.1.25;
09   }
10 }

The client's IP address needs to be in hexadecimal notiation: COA80119 for 192.168.1.25 in this case. Then create a /srv/tftp/fai/pxelinux.cfg/COA80119 file with the contents of Listing 2. The default setting controls the client's boot behavior; start by selecting fai-generated. It is a good idea to use the fai-chboot -IFv demohost command to create the file; this will automatically add the current values. After booting the client, FAI takes over the helm and installs a basic Debian system without a GUI. After the installation is complete, you can change the boot behavior for fai-generated to uf localboot and relaunch the client, which is now ready to run.

Listing 2

TFTP Configuration

01 # Select boot behavior
02 # (please comment out one of the following two lines)
03 default fai-generated
04 # default localboot
05
06 # Network boot and FAI start
07 label fai-generated
08 kernel vmlinuz-2.6.25-2-486
09 append initrd=initrd.img-2.6.25-2-486 ip=dhcp \
10        root=/dev/nfs nfsroot=/srv/fai/nfsroot boot=live \
11        FAI_FLAGS=verbose,sshd,createvt
12 ACTION=install
13
14 # Boot from hard disc
15 label localboot
16 localboot 0

Besides the official Debian mirrors, FAI will also work with local mirror servers. If you have a large number of clients and have to install regularly, you will appreciate the benefits of your own mirror, in that it avoids the need for FAI to download the packages time and time again through your Internet connection. Additionally, a local installation over Fast or gigabit Ethernet will take less time.

Another benefit is that you can freeze the content of your local mirror. This makes the local installation independent of the current repository state and guarantees that all your clients have identical software, no matter when you install them. Also, you can add a repository on the mirror server to distribute packages you have built yourself.

After installing the demohost testing client to test FAI's functionality, you can go on to plan additional installations. Follow the FAI motto: "Plan your installation, and FAI installs your plans."

Working with Classes

FAI classes provide a versatile means for assigning packages and settings to client systems. For example, the Computer Science department at Aalen University, Aalen, Germany, organizes computers into pools and labs, with identical machines in many rooms. Some labs have computers with different architectures, so a separate kernel with hardware-specific drivers for each computer type is needed.

The configuration is based on a common class for each room and a class for each computer type. Because FAI also is also used to install VMware machines, a separate class for virtual machines is needed. In some rooms with a variety of computer architectures, the admins use a combination of room and computer classes.

Common sets of software applications can define different sofware class categories – for example, a basic class (BC), a service class (SC), and a program class (PC). The basic class includes the basic Debian system, programs, configuration files, and scripts that are valid for all pool and lab machines. The basic GUI client classes are BC_X11, BC_KDE, and BC_GNOME. A service class contains the information needed to prepare a client for a specific service. For example, the SC_LDAP class contains all the packages and configuration data required to access the faculty's own OpenLDAP directory service.

Many student projects require the installation of programs on a group of computers. One approach to handling this is to define a separate program class for each project.

Classes also can define a common system configuration. For example, you could disable the KDE screen-locking mechanism for all the computers in the pool. These settings are typically supported by an entry in an existing file or by a script that adds the entry. If settings of this kind are necessary, you can add another class to the machines.

Assigning programs to classes of their own also gives you an easy way to enable or disable them. This said, it is better not to define too many program classes or you will lose track of them. Table 1 provides an overview of defined classes with examples.

The /srv/fai/config/ configuration directory and its subdirectories contain the information FAI needs to install a client. Each subdirectory has a different task. The class/ subdirectory contains the files and scripts that define the individual classes and variables, like 50-host-classes, in which the administrator stores the classes assigned to each client group.

Listing 3 is an example of the 50-host-classes group. The file is a shell script that displays the class names depending on the $HOSTNAME variable. If the client's hostname starts with, say, L024-, it is a computer in lab L0.24. FAI will install the basic classes BC_LINUX, BC_X11, BC_KDE, and BC_BASE; the computer class CC_SUN; the room class RC_L024; and the service class SC_LDAP on this client type. If FAI identifies the client as vmware-1 or vmware-2, it is a virtualized machine. In this case, FAI installs the classes BC_LINUX, CC_VMWARE, and SC_LDAP.

Listing 3

50-host-classes Structure

01 #!/bin/bash
02 # assign classes hosts
03 case $HOSTNAME in
04    # L0.24 - CC_SUN (computer class _ sun)
05    L024-*)
06       echo "BC_LINUX CC_SUN BC_X11 BC_KDE BC_BASE RC_L024 SC_LDAP" ;;
07    # Linux Debian VMware Class: CC_VMWARE
08    vmware-1|vmware-2)
09       echo "BC_LINUX CC_VMWARE SC_LDAP" ;;
10    # default class
11    *)
12       echo "BC_LINUX" ;;
13 esac
14 (ifclass I386 || ifclass AMD64) && echo GRUB
15 exit 0

Local Environment

For each class, you can define defaults for the keyboard layout, time zone, user passwords, or similar settings. The values are stored in the classname.var file. Listing 4 is a template for the BC_LINUX class. FAI parses the list of classes defined in 50-host-classes from left to right. If multiple classes define the same variable, the rightmost value in the list prevails. Clever administrators replace generic with specific values this way.

Listing 4

BC_LINUX.var Parameters

01 # Allow unsigned repositories:
02 FAI_ALLOW_UNSIGNED=1
03
04 # German keyboard:
05 FAI_KEYMAP=de-latin1-nodeadkeys
06
07 # UTC=yes, if the system clock is set to UTC.
08 UTC=yes
09 TIMEZONE=Europe/Berlin
10 time_zone=Europe/Berlin
11
12 # Call "openssl passwd -1" to create the root password
13 # for the new system; supported formats are md5 and crypt:
14 rootpw='$1$865YxXkZ$xRxd/WUBLPU4gZfVmi1ax1'
15 servicepw='$1$arm/uRPR$5w0Q7Z3i2cRSq1tOq/zyK/'

If the computers in Lab L0.24 are assigned the BC_LINUX class settings with different passwords, you can create a new RC_L024.var file with lines 12 through 15 of Listing 4 with a new password. Because 50-host-classes lists the RC_L024 class after the BC_LINUX class, the details in the new file prevail.

The debconf/ subdirectory is used for the class-independent configuration of the Debconf system parameters. Debian uses debconf/ to store global settings such as the default editor or the default web browser. Storage media are configured in the disk_config subdirectory (see the "Enhanced Partitioning" box).

The package_config/ directory defines the packages required by the target system for each class, usually with the PACKAGES aptitude package name… command. De-installation is also supported by the PACKAGES remove package name… command. Listing 5 shows how to define dependencies between classes. The PACKAGES aptitude BC_KDE command installs the named packages only if they are part of the BC_KDE class, which lets administrators design and implement highly granular structures.

Listing 5

Package Configuration in BC_LINUX

01 # packages for all systems
02 PACKAGES aptitude
03 alsa-base
04 alsa-utils
05 discover
06 ...
07
08 PACKAGES aptitude BC_KDE
09 firefox-locale-de-de
10 thunderbird-locale-de

Enhanced Partitioning

Earlier versions of FAI used the setup_hard-disks script to partition the client hard disk. The tool works fine with normal hard disks, but it does not support RAID systems or Logical Volume Manager (LVM2). As of version 3.2.8, FAI provides the setup-storage tool as an alternative to setup_harddisks.

If FAI finds a USE_SETUP_STORAGE=1 line in a configuration class, it uses setup-storage to partition hard disks instead of setup_harddisks. Unfortunately, the tool is not downwardly compatible; its configuration file syntax has changed.

Listing 6, a sample configuration for setup-storage, partitions the first hard disk on a dual-boot system, reserving the first partition for Windows XP. Each line of the script contains a command with matching options. The disk_config command defines global settings for partitioning the whole hard disk. The disk 1 option selects the first hard disk. If this is an IDE hard disk, setup-storage uses the internal partition designator hda; this is sda for SATA or SCSI disks.

The preserve_always:1 option tells the partitioning tool not to modify the first primary partition, thus leaving the Windows installation in place. setup-storage will delete all the other partitions. The bootable:2 option enables the second partition as the boot partition. The primary and logical commands tell setup-storage to create a primary or logical partition. The partition numbers depend on the order in which they are listed in the file.

Line 2 of Listing 6 uses the primary option to tell setup-storage to create an sda2 partition with a size of 200MB. The partition contains an ext2 filesystem and uses /boot as its mount point. The first logical command in line 3 creates a swap filesystem with a size of 4,000MB in the first logical partition, sda5. The logical partitions sda6 and sda7 for /tmp and /var follow. The last command creates the sda8 partition. The 3000- parameter tells the program to use the remaining disk space, but with at least 3,000MB for the partition. In case of insufficient disk space, the installation will display an error message and quit. FAI identifies the partition names autonomously; the administrator only needs to say whether they are primary or logical partitions.

Listing 7 is an example of partitioning a RAID 1 with two SCSI disks. First, setup-storage partitions the sda and sdb disks identically but does not assign the filesystem or mount points. Commands in the disk_config raid block tell setup-storage to set up a RAID system with three partitions and format the partitions as specified.

The setup-storage tool is a very powerful utility with far more functionality than setup_harddisks. The configuration command syntax is specified by EBNF rules. These rules and more information on using setup-storage are available from the man page and the FAI wiki [2].

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Router as a Mini-Server

    Many devices now run Linux – but mostly as a closed source firmware that you cannot access. We show how to use OpenWrt to free the TL-MR3020 router from its proprietary firmware and convert it into an all-around server for your home network.

  • Puppet

    Learn how to save time and streamline your system administration with the help of Puppet, a centralized configuration management tool.

  • Ask Klaus!

    Klaus Knopper is the creator of Knoppix and co-founder of the LinuxTag expo. He currently works as a teacher, programmer, and consultant. If you have a configuration problem, or if you just want to learn more about how Linux works, send your questions to: klaus@linux-magazine.com

  • Manjaro and Antergos

    Manjaro and Antergos put the power of Arch Linux in a beginner-friendly form.

  • Cfengine 3

    Automate admin tasks with the powerful Cfengine framework.

comments powered by Disqus

Direct Download

Read full article as PDF:

066-071_FAI.pdf  (774.99 kB)

News