FAI Ubuntu: Unterschied zwischen den Versionen

Aus Doku-Wiki
Zur Navigation springenZur Suche springen
Zeile 185: Zeile 185:
 
  $ROOTCMD dpkg-reconfigure -f noninteractive console-setup
 
  $ROOTCMD dpkg-reconfigure -f noninteractive console-setup
  
* vi files/etc/default/keyboard/GERMAN
+
* vi /srv/fai/config/files/etc/default/keyboard/GERMAN
 
  XKBMODEL="pc105"
 
  XKBMODEL="pc105"
 
  XKBLAYOUT="de"
 
  XKBLAYOUT="de"
Zeile 191: Zeile 191:
 
  XKBOPTIONS=""
 
  XKBOPTIONS=""
  
* vi files/etc/default/console-setup/GERMAN
+
* vi /srv/fai/config/files/etc/default/console-setup/GERMAN
 
  VERBOSE_OUTPUT=no
 
  VERBOSE_OUTPUT=no
 
  ACTIVE_CONSOLES="/dev/tty[1-2]"
 
  ACTIVE_CONSOLES="/dev/tty[1-2]"
Zeile 204: Zeile 204:
 
  BOOTTIME_KMAP_MD5=""
 
  BOOTTIME_KMAP_MD5=""
  
* vi files/etc/default/locale
+
* vi /srv/fai/config/files/etc/default/locale/GERMAN
 
  LANG="de_DE.UTF-8"
 
  LANG="de_DE.UTF-8"
  

Version vom 14. Mai 2014, 12:34 Uhr

Installatio

FAI Komponenten

  • Fai Pakete instalieren
aptitude install fai-quickstart
  • NFS Export freigeabe eintragen
vi /etc/exports
/srv/fai/config 172.27.0.0/16(async,ro,no_subtree_check,no_root_squash)
  • make-fai-nfsroot.conf anpassen
vi /etc/fai/make-fai-nfsroot.conf
NFSROOT=/srv/fai/nfsroot
TFTPROOT=/srv/tftp/fai
FAI_CONFIGDIR=/srv/fai/config
FAI_DEBOOTSTRAP="trusty http://gb.archive.ubuntu.com/ubuntu"
FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
FAI_DEBOOTSTRAP_OPTS="--exclude=info,dhcp-client --include=aptitude,grub-pc"
  • Fai sources.list anpassen
vi /etc/fai/apt/sources.list
deb http://archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
  • Zu installierenden Kernel eintragen
vi /srv/fai/config/package_config/DEFAULT
  PACKAGES aptitude
  linux-image-generic
  memtest86+

Server Dienste

TFTP anpassen

vi /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"

# IPv6 deaktivieren und IPv4 eintragen #
#TFTP_ADDRESS="[::]:69"
TFTP_ADDRESS="0.0.0.0:69"

TFTP_OPTIONS="--secure"

DHCP anpassen

vi /etc/dhcp/dhcpd.conf
  deny unknown-clients;
  option dhcp-max-message-size 2048;
  use-host-decl-names on;

  subnet 172.27.0.0 netmask 255.255.0.0 {

    # Network Settings
    option routers 172.27.0.254;
    option domain-name "blb-intranet.de";
    option domain-name-servers 172.27.100.20;
    #option time-servers faiserver;
    #option ntp-servers faiserver;
    server-name fai-ubuntu;
    # PXE boot Server
    next-server 172.27.1.10;
    filename "pxelinux.0";
  }

  host demohost {hardware ethernet b8:ca:3a:be:17:74;fixed-address 172.27.11.251;}

approx Paketproxy

aptitude install approx
  • Konfiguration (Zeile hinzufügen)
 vi /etc/approx/approx.conf
 ubuntu http://de.archive.ubuntu.com/ubuntu
 ubuntu-security http://security.ubuntu.com/ubuntu

* Client konfigurieren
 vi /etc/apt/sources.list
 deb http://172.27.1.10:9999/ubuntu trusty main universe restricted multiverse
 deb-src http://localhost:9999/ubuntu trusty main universe restricted multiverse
 
 deb http://172.27.1.10:9999/ubuntu trusty-security universe main multiverse restricted
 deb http://172.27.1.10:9999/ubuntu trusty-updates universe main multiverse restricted

 

Allgemeine Anpassungen

Optionale Änderungen kennzeichne ich mit -OPTIONAL-

Disk Config

Bevor man die Installation mit dem Client Demohost testet, sollte man ein Blick in die disk_config von FAIBASE schauen. Ich hatte nur deshalb Fehler, weil hier die Festplattengröße zu klein war.

# Beispiel Config für FAIBASE
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid

primary /      5000-50000       ext3  rw,noatime,errors=remount-ro
logical swap   2000-4000        swap  rw
logical /var   6000-13000       ext3  rw,noatime         createopts="-L var -m 5" tuneopts="-c 0 -i 0"

Grub -optional-

In der Datei /etc/default/grub habe ich folgende Anpassungen vorgenommen:

  • Anzeige beim Booten einschalten
# GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
GRUB_CMDLINE_LINUX_DEFAULT="splash"
update-grub

Grub wird nicht in base.tgz installiert

  • Lösung
vi make-fai-nfsroot.conf
FAI_DEBOOTSTRAP_OPTS="--exclude=info,dhcp-client --include=aptitude,grub-pc"

Faimond -optional-

Sollte der Client keine Daten an den Faimomd übertragen, sollte die Auflösung des Hostname auf dem Client überprüft werden. Wenn nötig eine DNS Eintrag oder einen Eintrag in die /etc/hosts des Client vornehmen

Die Client Logs werden nicht auf dem FAI-Server gespeichert

  • vipw und User FAI eine Shell zuweiden
  • Fai User Passwort vergeben
passwd fai
  • Dateirechte setzen
chown fai.nogroup -R /var/log/fai
  • Die Keys erzeugen und in die nfsroot unter /root/.ssh/ speichern.
su - fai
ssh-keygen -t dsa
ssh-keygen -t rsa
exit
  • Danach die beiden Keys in die /var/log/fai/.ssh/authorized_keys kopieren
cd /var/log/fai/.ssh/
cp id_dsa.pub id_rsa.pub /srv/fai/nfsroot/live/filesystem.dir/root/.ssh/
cat /var/log/fai/.ssh/id_rsa.pub >> /var/log/fai/.ssh/authorized_keys
cat /var/log/fai/.ssh/id_dsa.pub >> /var/log/fai/.ssh/authorized_keys
  • Nun noch den Key des Servers in die /srv/fai/nfsroot/live/filesystem.dir/root/.ssh/known_hosts eintragen

Diesen Key habe ich erzeugt, in dem ich mich vom FAI-Server auf den Fai-Server als Root per ssh eingelogt habe.
Danach steht der Key in der /root/.ssh/known_host und kann in die known_host im NFSROOT/root/.ssh/known_host kopiert werden

ssh fai-ubuntu
cat /root/.ssh/known_hosts >> /srv/fai/nfsroot/live/filesystem.dir/root/.ssh/known_hosts

Nun sollte der Passswortfrei Zugang, für Clients die gerade installiert werden, frei sein.

FAI-Server - SSH Zugang zu CLients

Passwortfreier Zugang zu den Clients, wenn sie instaliert werden

cat /root/.ssh/id_dsa.pub >> /srv/fai/nfsroot/live/filesystem.dir/root/.ssh/authorized_keys
cat /root/.ssh/id_rsa.pub >> /srv/fai/nfsroot/live/filesystem.dir/root/.ssh/authorized_keys

Client Anpassungen

Deutsche Tastatur in der Console

  • vi /srv/fai/config/debconf/GERMAN
locales         locales/default_environment_locale select de_DE.UTF-8
locales         locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8
xserver-xorg    xserver-xorg/config/inputdevice/keyboard/layout string  de
xserver-xorg    xserver-xorg/config/inputdevice/keyboard/model  string  pc105 
xserver-xorg    xserver-xorg/config/inputdevice/keyboard/options        string  lv3:ralt_switch
xserver-xorg    xserver-xorg/autodetect_monitor         boolean false
xserver-xorg    xserver-xorg/autodetect_keyboard        boolean true
xserver-xorg    xserver-xorg/autodetect_mouse           boolean true
xserver-xorg    xserver-xorg/autodetect_video_card      boolean true
console-setup   console-setup/variant   select  Germany 
console-setup   console-setup/charmap   select  UTF-8
console-setup   console-setup/layoutcode        string  de
console-setup   console-setup/compose   select  No compose key
console-setup   console-setup/fontsize-text     select  16
console-setup   console-setup/optionscode       string  lv3:ralt_switch
console-setup   console-setup/layout    select  Germany
console-setup   console-setup/detected  note
console-setup   console-setup/variantcode       string
console-setup   console-setup/codesetcode       string  Lat15
console-setup   console-setup/modelcode string  pc105
console-setup   console-setup/ask_detect        boolean false
console-setup   console-setup/altgr     select  Right Alt
console-setup   console-setup/ttys      string  /dev/tty[1-6]
console-setup   console-setup/model     select  Generic 105-key (Intl) PC
console-setup   console-setup/fontsize-fb       select  16
console-setup   console-setup/switch    select  No temporary switch
console-setup   console-setup/codeset   select  # Latin1 and Latin5 - western Europe and Turkic languages
console-setup   console-setup/toggle    select  No toggling
console-setup   console-setup/fontface  select  VGA
console-setup   console-setup/fontsize  string  16
  • vi /srv/fai/config/package_config/GERMAN
PACKAGES aptitude
language-pack-de

PACKAGES aptitude GNOME
iceweasel-l10n-de icedove-l10n-de
  • vi /srv/fai/config/scripts/GERMAN
#!/bin/bash
fcopy /etc/default/keyboard
fcopy /etc/default/console-setup
fcopy /etc/default/locale

$ROOTCMD dpkg-reconfigure -f noninteractive console-setup
  • vi /srv/fai/config/files/etc/default/keyboard/GERMAN
XKBMODEL="pc105"
XKBLAYOUT="de"
XKBVARIANT=""
XKBOPTIONS=""
  • vi /srv/fai/config/files/etc/default/console-setup/GERMAN
VERBOSE_OUTPUT=no
ACTIVE_CONSOLES="/dev/tty[1-2]"
CHARMAP="UTF-8"
CODESET="Lat15"
FONTFACE="VGA"
FONTSIZE="16"
XKBMODEL="pc105"
XKBLAYOUT="de"
XKBVARIANT=""
XKBOPTIONS=""
BOOTTIME_KMAP_MD5=""
  • vi /srv/fai/config/files/etc/default/locale/GERMAN
LANG="de_DE.UTF-8"