Tuesday, October 25, 2011

HowTo - Booting with PXE DHCP TFTP NFS using only Knoppix

The goal of this project is to configure a complete PXE environment using only Knoppix. Why only Knoppix? Because it's easy to do and a great place to start learning about PXE. We will get two machines running, one as the PXE server and the other as a diskless client.
  • We are using Knoppix 6.7.1
  • For clients we will use virtual clients (in this case I'm running them on VMware Workstation).
  • We are using a completely isolated Ethernet test network.
  • You need to know basic IPv4 concepts with DHCP and how to change the boot order of your client machines. Chances are if your reading this howto you've got the basics down cold.
Before you get started, please take a quick look at the definitions in the blog posting just preceding this one. You really do need to be clear on the basics of what goes into the PXE process.
Machine #1: DHCP, TFTP, and NFS on Knoppix configured as a terminal server
Note: Do this on a separate network from your default DHCP server. If you have two DHCP servers running on the same wire it's gonna' get ugly.
Boot the Knoppix from the live CD. For a little bit of security you may want to set a root password before proceeding.
The network interface should NOT have come up at this point because you shouldn't have any other DHCP servers running. The following steps will bring the network interface up with a static IP.
OK, here we go with the fun stuff:
  • Open the menu and select Preferences → Start KNOPPIX Terminal Server. You will be shown a brief explanation window describing what the terminal server does. We are not going to deal with any security issues here.
  • From the Terminal Server menu choose setup (Re)configure server and (re)start. This means restart the Terminal Server services, not the whole computer.
  • Choose your NIC from the available network Devices. If you don't have network adapter showing here you need to step back and get the networking to work before proceeding with this PXE project. If you have more than one NIC just be sure to choose the one one your test network segment.
  • Configure the NIC. You probably know this, but don't obtain your address automatically. Your test network should not have any other running DHCP server, so click the No button, then set the IP address. The buttons on my screen covered the text entry box so if you're typing blind just put an IP address. Keep in mind that Knoppix will automatically set your network mask based on the class (A,B, or C) of the IP address you use. I didn't see any option to use CIDR notation. Once you have the IP address set click Close to close the network configuration.
  • Set the DHCP IP address pool range. Knoppix is calling this the IP Address range for clients, but I call it the DHCP pool. The default is probably just fine, unless you want to test a bunch of clients at the same time.
  • Client hardware is where you choose various NIC models to support on your PXE clients. If you have a specific old NIC that you need to use then choose it here, otherwise just click OK.
  • Next we are given a few options. From a security point of view you should really disable root access on the client, but for testing purposes I am unchecking it. (FYI: Disabling root on the client is done when the client mounts the root file system with the nosuid option, which prevents passwd from running with sufficient rights to change a password.) I also suggest leaving IP masquerading turned on for now.
  • Finally we have the opportunity to change the client boot parameters. I just accepted the defaults. In my experience Knoppix almost always gets this right; your mileage may vary.
  • Now start that Terminal Server! We are done setting up the server side.
The following is a list of all the processes that Knoppix started for this terminal server:
root 3882 1 0 09:35 ? 00:00:00 /usr/sbin/dhcpd -q ethO
root 3894 1 0 09:35 ? 00:00:00 in.tftpd -l -s / tftpboot
daemon 3917 1 0 09:35 ? 00:00:00 /sbin/portmap
statd 3933 1 0 09:35 ? 00:00:00 /sbin/ rpc.statd
root 3937 2 0 09:35 ? 00:00:00 [nfsiod]
root 3943 1 0 09:35 ? 00:00:00 /usr/sbin/rpc.idmapd
root 3962 2 0 09:35 ? 00:00:00 [lockd]
root 3963 2 0 09:35 ? 00:00:00 [ nfsd4]
root 3964 2 0 09:35 ? 00:00:00 [nfsd4- callbacks]
root 3965 2 0 09:35 ? 00:00:00 [nfsd]
root 3966 2 0 09:35 ? 00:00:00 [nfsd]
root 3967 2 0 09:35 ? 00:00:00 [nfsd]
root 3968 2 0 09:35 ? 00:00:00 [nfsd]
root 3969 2 0 09:35 ? 00:00:00 [nfsd]
root 3970 2 0 09:35 ? 00:00:00 [nfsd]
root 3971 2 0 09:35 ? 00:00:00 [nfsd]
root 3972 2 0 09:35 ? 00:00:00 [nfsd]
root 3976 1 0 09:35 ? 00:00:00 /usr/sbin/rpc.mountd --manage-gids
knoppix 4009 2439 0 09:35 pts/0 00:00:00 ps -A -f
Knoppix is now running DHCP, TFTP, and NFS. Most of the items listed here, including lockd, rpc, nfsd4, and nfsd, are for NFS support. This everything we need to boot some PXE clients.

Machine #2: The PXE client
The instructions for this part are really short and sweet. Configure your machine's BIOS to boot via PXE as the first boot device, then turn it on. As long as the client can find the DHCP server it should just boot right up.

Basic Definitions for Upcoming PXE Projects - PXE, DHCP,NBP, TFTP, NFS

These are just basic definitions of what you need to know before you start on a PXE project. There are countless other resources with more detail if you are so inclined. This is just a primer.

  • PXE (pronounced pixie)– Preboot Execution Environment: Allows computers and other devices to boot operating systems across network connections, and without having any directly attached storage. Surprisingly the newest version of the PXE specification, V2.1, September 20, 1999, isn't very new. (I guess that if it works would they fool with it.)
  • DHCP – Dynamic Host Configuration Protocol: Briefly, DHCP assigns IP addresses and gateway information to client machines. The full definition is really beyond the scope of what we are doing here. Respectfully, if you don't know about basic DHCP functionality, you need to study up a bit before digging into PXE.
    PXE Specific: You need a DHCP server that will provide the extra PXE specific information including IP address of the TFTP boot server address and the file path to an NBP. Note: Your DHCP server built into your DSL or Wireless router will almost certainly NOT work for this project. Most home routers are incapable of being configured with the additional options required by PXE.
  • NBP – Network Bootstrap Program: This is the OS boot loader with networking built in. This is transferred to the client via TFTP. After the NBP is loaded it must take over all network duties from the PXE enabled BIOS. The format of the NBP file is OS dependent and outside the spec for PXE. Once it loads, the actual PXE process is over.
  • TFTP – Trivial File Transfer Protocol: It's just like FTP but less! TFTP will transfer files, but there is no user authentication and no flow control. It listens on UDP port 69 to handshake and assigns ports dynamically to transfer data. It's one of the slowest file transfer protocols there are even over fast networks, but it's only being used to get your initial boot files to your client.
  • NFS – Network File System: This is an older but still widely used file remote file system protocol originally developed by Sun Microsystems. It is much faster than TFTP at data transfer. With the exception of the latest version 4 of NFS, it is a very unsecure protocol. (I never allow this traffic to cross a firewall on my networks.) In this case we are only using it to mount a read only file system containing only the read only Knoppix ISO file from CD so security isn't a huge problem. NFS uses several different daemons and its full configuration is beyond the scope of our work on this project. We are using NFS because that is what the Knoppix NBP uses. NFS is not part of the PXE specification.

Monday, October 24, 2011

Folding @ Home - Would you consider folding?

Do you leave your machines on all the time? Are most of your CPU cycles going to polling? If so you are like millions of other users around the world. I think there is some very important work you can help with just by leaving your machine on and donating your CPU cycles (some electricity too) to medical science. The cause I support is called Folding@Home, pronounced Folding At Home.

Me and about 350,000 other people around the world run protein folding simulations to fight diseases like Alzheimer's, Huntington's Disease (formerly Chorea), Malaria, Cancer, and many more. All the data is collected by Stanford University, one of the premier medical research universities in the world (just in case you didn't already know that).

I have a warm spot in my heart for Stanford University and Medical Center. This is where my mom made her last stand against leukemia. They worked hard and always did so with compassion. Perhaps the work the Folding team is doing now will save your mum one day.

I am asking you to help them by running one their folding programs on your computer. Since you are probably more advanced than the average users (your reading this blog aren't you?) please consider running one of their SMP, or better still, a GPU client. (I run both at the same time.) The graphics processors in many video cards today are really nothing more the parallel processing number crunchers. Exactly what protein folding simulations need. The have clients for Windows, Linux, Intel-Mac, and even PS3.
Please go to http://folding.standford.edu for more information. I'm proud of my work for them; you'll feel great too. Feel free to join my team (165452, Sparkyz World Gives Back Folding Team) or one of the other thousands of teams. Create your own!

Thanks for reading this. Now back to the nerding!

PS I run my nVidia graphics card at 99%, my six core CPU and 100%, I jam VMware Workstation all day, and keep it all running smoothly with a little help from Process Lasso. An awesome little app from from a small company called Bitsum Technolgies. (Not a paid advert; just a thumbs up to a friend.)

Tuesday, October 18, 2011

Welcome to The Chaos Waves Technology HowTo Blog

Ignorance can be fixed! Nerding, Fixing Ignorance, Chaos, Waves, Technology, and Learning. That's what the Chaos Waves blog is all about.

Welcome!

At Chaos Waves "Nerding" is a verb. When I'm working on Linux systems I'm nerding. When I'm working on Android I'm nerding. When I'm working on Windows I'm nerding.When I'm working on Cisco gear I'm nerding. When I'm fixing my wife's laptop (again!) I'm nerding.

Nerding is learning. Nerding is doing. So now, Nerding is a verb. Let's do some Nerding now!

At Choas Waves Ignorance is OK only if you want to fix it by learning something new. I'm not afraid to say "I don't know", because I know I won't be ignorant for long. I'll fix the ignorance by learning.

Ignorance is Fixable; Stupid just is.

Changing technology never stops and it blasts at us in new and unexpected ways; that's Chaos. On the other hand, the challenges of keeping those systems running faster and safer are non-stop; those are the Waves.

Chaos + Waves = Zen. Common sense solutions that balance high tech change against solid performance.

I've been nerding since a Commodore 64 was a cool little computer (of course I was 12 years old), since Netware 386 was the best of breed (Novell, how did you blow this so badly?), and since Minix (pre-Linux) fit on eight 1.44MB floppies that you downloaded from a dial-up BBS running on Mustang Wildcat! (At least Linux survived the years.)

Right now my favorites are Linux (usually Red Hat and Ubuntu, with Knoppix always nearby), Cisco gear and technologies, and VMware hypervisors (I'm done with ESX, moving on to ESXi).
Also security, security, security. Keep it running! Keep it safe! Sleep better at night.

This blog is dedicated learning new ideas and techniques and paying it forward. I learn something new, I'll tell you. If you can use the information I hope you'll tell us how you used it. If you know better then I hope you'll tell us about that too!

My latest project tangent is using PXE with a Cisco router configured for DHCP specifically for headless (happy Halloween) computers and virtual machines.