SliTaz GNU/Linux official and community documentation wiki.
.png

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:guides:pxe [2011/07/22 10:31]
bellard [Customize your PXE server]
en:guides:pxe [2020/09/20 16:51] (current)
hgt old revision restored (2018/03/05 16:48)
Line 23: Line 23:
  
     * From the //Static IP// tab, click //Start//.     * From the //Static IP// tab, click //Start//.
-      *  This box will be the DHCP server. It can't use DHCP to get IP configuration.+      *  This box will be the DHCP server. It can't use DHCP to get an IP configuration.
  
 <note tip>​Since SliTaz 3.0 the Netbox application is now split into Netbox and Serverbox. If you are running a recent SliTaz version, please read **Serverbox application** instead of **Server tab** below</​note>​ <note tip>​Since SliTaz 3.0 the Netbox application is now split into Netbox and Serverbox. If you are running a recent SliTaz version, please read **Serverbox application** instead of **Server tab** below</​note>​
Line 35: Line 35:
       *  This will update the DHCP server configuration automatically.       *  This will update the DHCP server configuration automatically.
  
-    * From the //Server// tab, select the //DHCP// sub-tab. Check the configuration aligns with your network. The previous step has added the lines //​boot_file//​ and //siaddr//. Click //Start//.+    * From the //Server// tab, select the //DHCP// sub-tab. Check that the configuration aligns with your network. The previous step has added the lines //​boot_file//​ and //siaddr//. Click //Start//.
       *  This will launch the the DHCP server. If clients to do not receive an IP address, check this configuration.       *  This will launch the the DHCP server. If clients to do not receive an IP address, check this configuration.
  
Line 43: Line 43:
  
     * You can have multiple PXE configurations for the different client groups, see [[http://​syslinux.zytor.com/​wiki/​index.php/​PXELINUX#​How_do_I_Configure_PXELINUX.3F|PXElinux wiki]].     * You can have multiple PXE configurations for the different client groups, see [[http://​syslinux.zytor.com/​wiki/​index.php/​PXELINUX#​How_do_I_Configure_PXELINUX.3F|PXElinux wiki]].
-    * You can store /home on client local drive only (like tazusb does), example append /etc/fstab with <​file>/​dev/​hda1 ​   /home   ​ext3 ​   defaults ​  ​0 ​ 0</​file>​ +    * You can store __/home__ ​on client local drive only (like tazusb does), example append ​__/etc/fstab__ ​with <​file>/​dev/​hda1 ​   /home   ​ext3 ​   defaults ​  ​0 ​ 0</​file>​ 
-    * You can stack the initramfs in the pxelinux configuration file. A easy way to upgrade SliTaz and keep your customizations,​ example :<​file>​label slitaz+    * Since SliTaz 3.0, you can have a hydrid installation on (some) clients. These clients have SliTaz installed with some huge packages like libreoffice. They boot with PXE and most of the system runs in RAM except the huge software linked to the hard disk (could be a network disk too). Example, append to __/​etc/​init.d/​local.sh__ :<​file>​mount -t nfs -o ro bootserver:/​slitaz ​ /​media/​slitaz 
 +tazpkg link libre-office /​media/​slitaz</​file>​ 
 +    * Since SliTaz 3.0, you can stack multiple ​initramfs in the pxelinux configuration file - An easy way to upgrade SliTaz and keep your customizations,​ example :<​file>​label slitaz
   kernel /​boot/​bzImage   kernel /​boot/​bzImage
   append initrd=/​boot/​rootfs.gz,/​boot/​configs/​extra-packages.gz,/​boot/​configs/​special-configuration.gz rw root=/​dev/​null vga=normal autologin</​file>​   append initrd=/​boot/​rootfs.gz,/​boot/​configs/​extra-packages.gz,/​boot/​configs/​special-configuration.gz rw root=/​dev/​null vga=normal autologin</​file>​
 +    * Example of a PXE server configuration:​ The [[http://​boot.slitaz.org/​|SliTaz web boot]] server http://​mirror.slitaz.org/​pxe/​ (start with [[http://​mirror.slitaz.org/​pxe/​pxelinux.cfg/​default|pxelinux.cfg/​default]])
 +\\
 +==== Test the PXE server with QEMU ====
 +
 +    * Install qemu <​file>​tazpkg get-install qemu</​file>​
 +    * Launch the VM <​file>​qemu -boot n -bootp /pxelinux.0 -tftp /​boot</​file>​
 \\ \\
 ===== PXE Client Set-Up ===== ===== PXE Client Set-Up =====
  
-Most recent machines with on-board Ethernet have a PXE-capable BIOS. Look for this feature in BIOS menus and BIOS boot menu and ensure it is activated. It may require you press a key, such as F12, during the boot process.+Most recent machines with on-board Ethernet have a PXE-capable BIOS. Look for this feature in BIOS menus and the BIOS boot menu and ensure it is activated. It may require you press a key, such as F12, during the boot process.
  
 If your computer does not support PXE booting, you can use SliTaz as a client instead. Create a bootable CD-ROM or floppy disk with the // Boot Floppy/​CDROM // tool found in the //System Tools// menu. If your computer does not support PXE booting, you can use SliTaz as a client instead. Create a bootable CD-ROM or floppy disk with the // Boot Floppy/​CDROM // tool found in the //System Tools// menu.
  
-In PXE Network tab click Write floppy. Use this to boot the client computer.+In the PXE Network tab click Write floppy. Use this to boot the client computer.
  
 <note tip>Is your Ethernet card not recognised? See [[http://​rom-o-matic.net/​|ROM-O-Matic]]</​note>​ <note tip>Is your Ethernet card not recognised? See [[http://​rom-o-matic.net/​|ROM-O-Matic]]</​note>​
Line 78: Line 86:
 === PXE boot without DHCP server: Web Boot & Command Line === === PXE boot without DHCP server: Web Boot & Command Line ===
  
-If you have no device that can function as a DHCP server, you need an IP address with a netmask, ​gateway address and, optionally, a DNS address. ​+If you have no device that can function as a DHCP server, you need an IP address with a netmask, gateway address and, optionally, a DNS address. ​
 <​file>​ <​file>​
 title Slitaz Web title Slitaz Web
Line 117: Line 125:
   # echo "​dhcp-boot=gpxe.pxe"​ >> /​tmp/​dnsmasq.conf   # echo "​dhcp-boot=gpxe.pxe"​ >> /​tmp/​dnsmasq.conf
  
-launch ​the tftp server for your lan (say 192.168.0.1/​24)+Launch ​the tftp server for your lan (say 192.168.0.1/​24)
  
   # /​jffs/​usr/​sbin/​tftpd 192.168.0.1 /jffs/boot   # /​jffs/​usr/​sbin/​tftpd 192.168.0.1 /jffs/boot
Line 178: Line 186:
   download.tuxfamily.org/​slitaz/​pxe/​pxelinux.0"​ | cat - /dev/zero | dd conv=notrunc bs=1 seek=519 count=255 of=gpxe   download.tuxfamily.org/​slitaz/​pxe/​pxelinux.0"​ | cat - /dev/zero | dd conv=notrunc bs=1 seek=519 count=255 of=gpxe
  
 +===== Why use PXE ? The VNC example =====
 +
 +Let's say that your company is working on some very sensitive data.
 +You don't want people copying anything on to removable media such as USB keys.
 +Only a few users can use this data.
    
 +  * PXELINUX chooses a special configuration by the MAC address in //​pxelinux.cfg/<​client-mac-address>//​
 +  * It checks the md5 (or sha256) password of the user boot entry with menu.c32
 +  * It sends a kernel and an initramfs with a **fbvnc** package built by http://​tiny.slitaz.org/​ (total size < 1.44MB)
 +  * The client boots in 1 to 5 seconds with a VNC framebuffer client
 +  * The VNC server can send any OS display
 +  * The client has no media driver and can use 20 year old hardware (may avoid theft risk)
 +  * The target OS can run in a VM : more scalable and easier to maintain than multiple desktops
 +  * No data is stored on the client machine. It may also have no disk. It only needs an ethernet card
 +  * Of course, the sessions in the target OS must have a connection timeout and need a username and a password... ​
 +
 +==== Increase security a bit ====
 +
 +The VNC listens to the network without a password
 +(fbvnc has no authentication support) and the VNC traffic is not encrypted on
 +the network.
 +
 +  * Build an initramfs with a **fbvnc-ssh** package on http://​tiny.slitaz.org/​
 +  * On the server, VNC should listen on localhost only
 +  * The SSH public key of the client is installed in //​$HOME/​.ssh/​authorized_keys//​ on the VNC server
 +  * The VNC traffic can be compressed in the SSH tunnel (fbvnc supports raw frames only)
 +==== A quick demo ====
 +
 +The menu //Tiny SliTaz// -> //Tiny VNC// of the [[http://​boot.slitaz.org/​|SliTaz Web Boot]] launches the VNC client without ssh
 +(you need a VNC server running on your network...).
 +<note tip>You can directly download the [[http://​mirror.slitaz.org/​pxe/​tiny/​vnc/​bzImage.gz|kernel]]
 +and then the [[http://​mirror.slitaz.org/​pxe/​tiny/​vnc/​rootfs.gz|initramfs]] and test it
 +on your network or with qemu
 +</​note>​
 +<note tip>Try with the cmdline argument **vga=ask** first. This will find the best
 +VESA mode to use (example **vga=0x33B**)
 +</​note>​
 +
 ----  ---- 
 \\ \\
 
en/guides/pxe.1311323496.txt.gz · Last modified: 2011/07/22 10:31 by bellard