Diskless Mode

From Alpine Linux
Revision as of 07:07, 6 November 2024 by Prabuanand (talk | contribs) (replaced category:LBU by category:Diskless as diskless is more generic)

In Diskless mode, the entire operating system with all applications are first loaded into RAM and then only run from there. This is also the method used to boot the Alpine Linux iso installation media. Alpine Linux can be installed and configured so that the system continue to boot like this if "disk=none" is specified while running the setup-alpine script.

The mode is extremely fast and can save on unnecessary disk spin-ups, power, and wear and suitable for servers. It is similar to what other linux distributions may call a "frugal" install or boot using a "toram" option.

You can continue using your installation media as a boot device without installing alpine to the device's internal disk, but it is also possible to install Alpine Linux to a device's internal disk and configure it so that it boots into "diskless mode" .

Apkovl

When you boot an alpine installation into diskless mode, it will initialize a fresh new root (/) and any customisations you make (such as changing the password, adding users, etc.) will be lost when you reboot. However, any custom configurations may be preserved or "persist" across reboots by using the Alpine Linux tool named Local Backup Utility(lbu). The initial and possibly read-only installation media can remain the only boot device for the "diskless" system by saving the running state to an .apkovl file, and have these automatically loaded when booting from the boot device.

An Apkovl (APK Overlay file) is a file used for storing local configuration state when running Alpine Linux in Diskless Mode. It stores all configuration files that have changed from the default ones. The filename is <hostname>.apkovl.tar.gz and is stored in a location whose path is defined in /etc/lbu/lbu.conf. The contents from the Apkovl file are overlaid on top of the contents of the apks that are loaded on boot.

The backup tool lbu enables committing and reverting local configuration system state by using .apkovl files that are saved to a backup location and loaded when booting. In Diskless mode, for every change made to the running system to persist across reboot, the command lbu commit must be issued before rebooting the system to update the .apkovl file.

Local Package Cache

When Alpine Linux boots in Diskless Mode, the remote repositories will not be available until after networking has started. That means extra packages newer not in your local boot media would not be available after a reboot, unless they were made to persistent local package cache available on a local, writable, storage device. The local package cache can be stored on the same partition as the .apkovl file.

Installation

Alpine Linux setup script setup-alpine uses setup-lbu script to save the config and package cache to any available writable filesystem on any media other than the read-only installation media.

Due to Bug: #10473 storing local configs and package cache on internal disks requires manual steps, i.e making an entry in /etc/fstab, create mountpoint, and mount the partition before running setup-alpine script.

  1. In this case, boot the target diskless system from the installation media and do not proceed after the boot process stage.
  2. If necessary partition(s) are unavailable, manually create a partition using fdisk. In the below steps, we will use /dev/sdXY as partition number. Adjust the partition identifier as per the output of blkid
    • Due to Bug: #11589. The APKOVL loading of diskless setups doesn't work on btrfs and xfs filesystems, or nvme-based devices. So use only ext4 filesystem partitions on classic drives to store diskless mode states.
    • mkfs.ext4 creates ext4 filesystem with 64bit feature enabled by default, but extlinux may not be able to boot with that due to Issue #14895. You may need to add "-O ^64bit" to mkfs.ext4 to circumvent this. The below command creates an ext4 partition with disabled journaling, to reduce write operations and allow the disk to spin down after the .apkovl and the packages have been read from the partition during the boot. Install package e2fsprogs using command apk add e2fsprogs, if the command mkfs.ext4 is not available.

    mkfs.ext4 -O ^has_journal,^64bit /dev/sdXY

  3. Due to a bug, the partition can not be mounted to /boot. Configure the /etc/fstab to mount the writable partition to /media/sdXY instead of /boot i.e. conforming to the hot/cold-plug mountpoints.

    mkdir /media/sdXY

    echo "/dev/sdXY /media/sdXY ext4 noatime,ro 0 0" >> /etc/fstab

  4. Mount the partitions listed in /etc/fstab.

    mount -a

    Look at the output of mount to verify that the changes have been applied correctly.
  5. If Setup-alpine has not run before, follow the Installation steps to complete the base configuration. The above changes should now enable you to choose the partition for saving the local configs and package cache. If asked, there is no need to first unmount the partition, that would only be needed to allow installing on its parent disk.
  6. If Setup-alpine has already been used to configure the diskless system, the storage settings may be modified directly with

    setup-lbu sdXY

  7. Local package cache can be enabled as follows:

    mkdir /media/sdXY/cache

    setup-apkcache /media/sdXY/cache

  8. If the partition is large enough, it can be useful to edit lbu.conf to uncomment and set BACKUP_LIMIT=3. For example, to allow reverting to a previous, working state if needed.

    apk add nano

    nano /etc/lbu/lbu.conf

  9. Finally, generate the first .apkovl file containing all the previous changes by executing lbu commit, so the customizations that were just made will persist a reboot.

    lbu commit

  10. From now on, whenever packages are installed or newly configured, and the changes should be kept, execute lbu commit.

Boot Device

The initial ISO9660 filesystem based read-only installation media may remain the only boot device for the newly configured Alpine Linux Diskless system.

Alpine Linux running Diskless mode can also boot from a partition with a writable filesystem on USB-Stick/CompactFlash/SDCard or SSD/NVMe harddisk. This boot device is known as customizable boot device to differentiate against installation media. Local customizations like apkovl files and cached packages can be stored in this customizable boot device, which also allows to upgrade the kernel with its modules and firmware with the update-kernel script.

Loading apkovl from webserver

Alpine's "diskless mode" ISO boot images support boot parameters to load customizations files i.e apkovl from a webserver.

It's possible to load an APKOVL file from a webserver, by supplying a custom url with the APKOVL kernel boot parameter. If you don't have a web server you can run busybox's httpd temporarily to serve an .apkovl - busybox httpd -p 127.0.0.1:80.

Upgrading a Diskless System

When Alping Linux runs in "diskless" or "data" disk mode, Upgrading requires few extra steps in addition to the regular upgrade steps.

If booting a "diskless" system from a read-only device, or as an iso image on writable media, it's not possible to update the boot files (kernel, modules, firmware, ...) that reside on that device.

For customizable boot device, It is possible to update the boot files. However, even then, the kernel, with its modules and firmware files, can still not be updated directly through regular packages updates. Instead, there is the update-kernel script that can generate initfs images and install them together with upgraded kernels.

Upgrading can be done as follows.

apk add mkinitfs

This package is required for the generation of the initial filesystem used during boot.

  • Additional initfs features that are missing in the default configuration, like the btrfs filesystem support (at the time of writing, to allow loading .apkovl configs and package cache during boot), may be enabled in /etc/mkinitfs/mkinitfs.conf.
  • Available initfs features may be listed with ls /etc/mkinitfs/features.d

ls /etc/mkinitfs/features.d apk add nano nano /etc/mkinitfs/mkinitfs.conf lbu commit

Finally update the kernel and its boot environment.

update-kernel /media/sdXY/boot/

  • An update-kernel run needs at least 8 GB free ram memory to avoid a broken modloop-image.
  • See update-kernel --help for options to manually add additional module or firmware packages.

Kernel Options

Documentation about kernel command line options regarding diskless mode will be available after installing the documentation sub-package mkinitfs-doc:

man mkinitfs-bootparam

       If no root= parameter is given, the initramfs will build a live system
       in memory from scratch. This is also called diskless mode.

       When booting in diskless mode, the following options are also
       available:

       alpine_repo=(URL | PATH)
              If set, /etc/apk/repositories will be filled with this. May be a
              comma-separated list of URLs.

       apkovl=(URL | [DEVICE[:FS_TYPE]:]PATH)
              A HTTP, HTTPS or FTP URL to an apkovl.tar.gz file which will be
              retrieved and applied. Can also be a filesystem path, optionally
              prepended with the device name without the /dev/ prefix.

       autodetect_serial=no
              Disable automatic detection and setup of serial console.

       ds=OPTIONS
              Data source for tiny-cloud. If OPTIONS starts with nocloud,
              tiny-cloud will be enabled.

       nokeep_apk_new
              Setup a fresh system, ignore any apkovl.

       pkgs=PACKAGE{,PACKAGE}
              Comma-separated list of packages to be installed.
       ssh_key=(URL | SSH_KEY)
              This setting installs openssh and places the public key given as
              value in /root/.ssh/authorized_keys.  If the value is an HTTP or
              FTP url, its fetches the key(s) from there.

       splash Enable splash screen.

       usbdelay=NUMBER
              Wait NUMBER seconds for USB devices to show up before searching
              for boot media.

       wireguard=INTERFACE;IP_ADDRESS{,IP_ADDRESS,...}[;WG_CONFIG_FILE]
              Set up a wireguard interface named INTERFACE with the addresses
              IP_ADDRESS and use /etc/wireguard/initrd.conf or WG_CONFIG_FILE
              as a classic wg (not wg-quick) config.

       zfs_force=NUMBER
              Enable force importing the root zpool on boot, even if it was
              previously mounted from a different system/OS.

See Also