User talk:Jch/Starting AL from network

From Alpine Linux

Template:Toc

Starting AL from network

As it does not seems possible to start qemu with a virtual USB key *and* a virtual HDD attached to the VM. Let's try something different: to start AL from the network and mount the HDD later on...

Usually this kind of setup needs

  • a DHCP server to get an IP address and the location of the TFTP server
  • a TFTP server to download the kernel and tje root file system to boot from
  • a NFS server or a HTTP one to get the overlay used to configure the machine
  • a NFS server to share files with others
  • a NBD server to get his own block devices as storage
  • a machine where to prepare initramfs

First, let's check what is vailable in AL and what is not...

  • dhcpcd-6.6.7-r0
  • tftp-hpa-5.2-r1
  • nfs-utils-1.3.1-r2
  • darkhttpd-1.10-r1
  • nbd-3-10-r0

PXE_boot

We are trying to do something as in PXE_boot.

We did it on separate machine for each service. It forces us to deeply understand all interactions between processes.
But next one will be all-in-one KVM.

In current state we

umount /media/alpine

as last step of the boot procees and we are running with no tie.

dhcpd

192.168.1.1

with package dhcp from repo. Nothing special.

  filename "pxelinux.0";
  next-server 192.168.1.2;

and

# Disable RFC 2136 dynamic DNS updates.
ddns-update-style none;

# Define actions to take when leases are committed, released, or expired to
# accomplish dynamic DNS updates to djbdns. This does not use the RFC 2136
# update mechanism, because djbdns does not support it. However, it
# accomplishes the same thing.
# syntax "execute(cmd, arg, ...)"
### need to check if the two "on EVENT" must be nested or in sequence...
on commit {
  execute ("/usr/local/bin/dns-update-djb",
           "commit",
           lcase (option host-name),
           config-option domain-name,
           binary-to-ascii (10, 8, ".", leased-address));
  on release or expiry {
    execute ("/usr/local/bin/dns-update-djb",
             "release",
             binary-to-ascii (10, 8, ".", leased-address));
  }
}

with a custom /usr/local/bin/dns-update-djb script largely inspired from https://sites.google.com/site/dmoulding/dns-update-djb but adapted for a distant tinydns server and to the AL way.

tftp

192.168.1.2

tftp-hpa configured to serve some SYSLINUX files.

The config is in /etc/conf.d/in.tftpd
Then to issue:

rc-update add in.tftpd
rc-service in.tftpd start

We serve from /var/tftpboot.

We add to temporary install the syslinux apk to get pxelinix.0 and other libs needed.
We did prepare a "pxerd" initramfs file with virtio_net.ko, dhcp and nfs included; made sure loop and squashfs are included.

pxelinux.cfg/default looks like

PROMPT 0
TIMEOUT 3
default alpine
LABEL alpine
LINUX alpine/vmlinuz-grsec
INITRD alpine/pxerd
APPEND ip=dhcp alpine_dev=nfs:192.168.1.3:/srv/boot/alpine modloop=/boot/grsec.modloop.squashfs nomodeset quiet apkovl=http://192.168.1.4/localhost.apkovl.tar.gz
#APPEND modloop=http:/192.168.1.4/grsec.modloop.squashfs
#APPEND apkovl=http://192.168.1.4/localhost.apkovl.tar.gz # including the modloop hack
#APPEND alpine_repo=http://repo-url

Modules are loaded

/ # lsmod
Module                  Size  Used by    Not tainted
nfsv3                  22784  1
nfs                   144376  2 nfsv3
lockd                  71917  2 nfsv3,nfs
sunrpc                225574  6 nfsv3,nfs,lockd
af_packet              28735  0
sr_mod                 13487  0
cdrom                  40424  1 sr_mod
pata_acpi               3326  0
ata_piix               25601  0
ata_generic             3554  0
libata                181955  3 pata_acpi,ata_piix,ata_generic
virtio_net             19684  0
scsi_mod              113710  2 sr_mod,libata
virtio_pci              6485  0
virtio                  4933  2 virtio_net,virtio_pci
virtio_ring             9161  2 virtio_net,virtio_pci
squashfs               25893  1
loop                   18243  2

Network is up

/ # ifconfig eth0 Link encap:Ethernet HWaddr 52:54:33:B0:C2:D2 inet addr:192.168.1.108 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:322 errors:0 dropped:0 overruns:0 frame:0 TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:20514 (20.0 KiB) TX bytes:684 (684.0 B)

but modloop does not load This patch fix this issue (hope to see it mainstream soon)

localhost:~# diff /etc/init.d/modloop modloop.new 
--- /etc/init.d/modloop 
+++ modloop.new
@@ -32,7 +32,7 @@
        local search_dev="$1" fstab="$2" 
        local dev mnt fs mntopts chk
        case "$search_dev" in
-               UUID=*|LABEL=*|/dev/*);;
+               UUID=*|LABEL=*|/dev/*|nfs);;
                *) search_dev=/dev/$search_dev;;
        esac
        local search_real_dev=$(resolve_dev $search_dev)
@@ -49,6 +49,10 @@
                                fi
                        done
                done
+               if [ "$fs" = "$search_dev" ]; then
+                       echo "$mnt" 
+                       return
+               fi
        done < $fstab 2>/dev/null
 } 

References

http://www.syslinux.org/wiki/index.php/PXELINUX

nfs

192.168.1.3

see http://wiki.alpinelinux.org/wiki/User_talk:Jch#NFS_bug_study
It is now working with http://dev.alpinelinux.org/~clandmeter/rpcbind-0.2.3_rc2-r0.apk

We serve the content of an usb key (iso) in ro as

/srv/boot/alpine	*(ro,no_root_squash,no_subtree_check)

http

192.168.1.4

With package Darkhttpd from repo serving from /var/tftpboot/ to serve files needed to boot (kernel, rootfs, apkovl.tar.gz)

nbd

192.168.1.5

I really would like to have xnbd-server in AL. nbd-3.1.0 was just added to edge/testing repo; need to try it in real situation...
For now, we have a qcow2 debian image added to the apkovl with lbu add; lbu ci.
This image is used to launch a first KVM with /dev/mdX as second drive.
In turn, inside the KVM, vdb is used to define a lvm2 volume.
The LV are published with xnbd-server.

Later on, the same KVM will be able to connect to RBD device and re-publish it as NBD.

xnbd-server allows live migration of Block Devices while live. And has a powerfull proxy mode.

All other KVM are running from FS accessed trough NBD from such SAN. Even other SAN.
As soon as those KVM-NBD are up, they may be used to launch others or to provide datastores.

We put that image on every USB key we use along with mdadm and OpenVSwitch (and collectd).

dns

192.168.1.6

tinydns from repo with split-dns config.