Monday, April 14, 2014

How to setup Jumpstart from OSX

Step 1, Prepare File System

First off, create a dedicated file system which we can export our jumpstart configuration from. You can probably skip this and just use any existing file system but this way everything is self-contained and we avoid NFS exporting more than we need.

We use HFSX to ensure that the file system is case sensitive, HFS+ can cause problems with pkgadd(1M).

$ hdiutil create -size 1g -type SPARSE -fs HFSX -volname "install" install
$ hdiutil attach install.sparseimage -mountpoint /install

Next up, download and mount sol-10-u10-ga-x86-dvd.iso.

$ open sol-10-u8-ga-x86-dvd.iso

MacBook-Pro:tftpboot$ df -h
Filesystem      Size   Used  Avail Capacity  iused    ifree %iused  Mounted on
/dev/disk1s2   238Gi  209Gi   29Gi    88% 54790142  7514728   88%   /
devfs          195Ki  195Ki    0Bi   100%      674        0  100%   /dev
/dev/disk0s2   299Gi   34Gi  265Gi    12%  8878443 69413608   11%   /Volumes/DATA1
map -hosts       0Bi    0Bi    0Bi   100%        0        0  100%   /net
map auto_home    0Bi    0Bi    0Bi   100%        0        0  100%   /home
/dev/disk0s3   399Gi   94Gi  305Gi    24% 24653272 79955649   24%   /Volumes/DATA2
/dev/disk2s1   1.0Gi  113Mi  911Mi    12%    28899   233233   11%   /install
/dev/disk3     2.1Gi  2.1Gi    0Bi   100%        0        0  100%   /Volumes/SOL_10_811_X86
/dev/disk4     2.1Gi  2.1Gi    0Bi   100%        0        0  100%   /Volumes/SOL_10_811_SPARC



Step 2, NFS


Share /install and the DVD via NFS with the correct options. -alldirs allows clients to mount from any point within that file system (which jumpstart requires), and -maproot=root is also required by jumpstart. As this allows root-owned files to be created, make sure you understand the security risks.

$ sudo vi /etc/exports

/install                  -alldirs -maproot=root
/Volumes/SOL_10_811_X86  -alldirs -maproot=root

$ sudo nfsd checkexports && sudo nfsd enable

$ sudo nfsd checkexports && sudo nfsd disable
$ sudo nfsd checkexports && sudo nfsd enable


Check export 

$ showmount -e
Exports list on localhost:
/Volumes/SOL_10_811_X86             Everyone
/install                            Everyone

Step 3, DHCP

$ cat /etc/bootpd.plist


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>dhcp_enabled</key>
    <string>en1</string>
    <key>Subnets</key>
    <array>
        <dict>
            <key>name</key>
            <string>10.151.120</string>
            <key>net_mask</key>
            <string>255.255.255.0</string>
            <key>net_address</key>
            <string>10.151.120.0</string>
            <key>net_range</key>
            <array>
                <string>10.151.120.194</string>
                <string>10.151.120.254</string>
            </array>
            <key>allocate</key>
            <true/>
            <key>dhcp_option_66</key>
            <string>10.151.120.193</string>
            <key>dhcp_option_67</key>
            <data>L2Jvb3QvZ3J1Yi9weGVncnViAA==</data>
        </dict>
    </array>
</dict>
</plist>



Note 10.151.120.193 => IP server (source setup)

  • If the file /etc/bootpd.plist already exists, turn off Internet Sharing in System Preferences > Sharing.  Then the file will be removed, and you can create it as in this step.

    (Make sure to move /etc/bootpd.plist to the Trash and disable the DHCP server before turning Internet Sharing back on.  See "Uninstall steps" below.)

  • If you are using an ethernet port other than en1 (see System Information or System Profiler for the port name), change the value for the dhcp_enabled key to the port you are using.

  • The data for the dhcp_option_67 key is the bootloader filename "pxelinux.0" (see step 9 below), null terminated and encoded into base64.  This can be generated with the free DHCP Option Code Utility, or by entering the following command in Terminal: 
  •  $ printf %s00 `echo -n /boot/grub/pxegrub | xxd -p` | xxd -r -p | openssl base64
    
    
    L2Jvb3QvZ3J1Yi9weGVncnViAA== 
     (See this discussion thread.)

  • The string for the dhcp_option_66 key is the IP address of the tftp server, i.e. the address of the Mac from step 2. 
 Stop and start service DHCP

$ sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/bootps.plist
$ sudo /bin/launchctl load -w /System/Library/LaunchDaemons/bootps.plist

Most parts of these configurations should be self-explanatory. The /boot/grub/pxegrub entry is important for our next step, and I’d recommend using that exact pathname for reasons explained later.


Step 4, TFTP

Now, enable the TFTP server which comes with OSX. I added the -s option so tftpd would chroot to the tftpboot directory, both for security reasons and also to ensure that paths specified as /path/to/file would work correctly (relative to /install/tftpboot).

I also changed the location of the tftpboot directory so that everything was self-contained within the UFS image. In previous attempts I didn’t do this and ran into problems with GRUB which I think are again caused by case-insensitive file systems.

$ sudo vi /System/Library/LaunchDaemons/tftp.plist

[...]
    <key>ProgramArguments</key>
    <array>
        <string>/usr/libexec/tftpd</string>
        <string>-i</string>
        <string>-s</string>
        <string>/install/tftpboot</string>
    </array>
[...]


$ mkdir /install/tftpboot
$ sudo launchctl unload -w /System/Library/LaunchDaemons/tftp.plist
$ sudo launchctl load -w /System/Library/LaunchDaemons/tftp.plist

Test tftp
You can then create a test file and check that it’s working as you expect, using:

echo "testing" >/install/tftpboot/testfile
printf "verbose\ntrace\nget testfile\n" | tftp localhost
rm /install/tftpboot/testfile


Step 5, GRUB


Next up, configure PXE booting using GRUB. We need to copy the GRUB images and configuration from the Solaris install DVD then modify it for our environment:

$ rsync -av /Volumes/SOL_10_811_X86/boot/grub /install/tftpboot/boot/
$ rsync -av /Volumes/SOL_10_811_X86/boot/multiboot /install/tftpboot/sol10u8x/
$ rsync -av /Volumes/SOL_10_811_X86/boot/x86.miniroot /install/tftpboot/sol10u8x/


As we are copying the boot files from the DVD, they come hardcoded with particular pathnames to e.g. the menu.lst file. While it may be possible to pass extra parameters to pxegrub and load this from a different path, I simply recommend doing as I do and replicating the /boot/grub/ path structure so that everything Just Works.

The menu.lst file includes kernel arguments and allows you to choose which type of install to perform at startup. My file listed below has 3 choices:

    Unattended install using a graphical environment (if available). The “install” keyword after the kernel instructs it to perform an unattended install, so long as it can find the necessary settings from sysidcfg etc.
    As above, but force the use of the console and do not start a graphical environment (using the “nowin” keyword)
    A manual install, so you need to go through the steps of layout out disks, selecting packages, etc.

$ vi /install/tftpboot/boot/grub/menu.lst

default=0
timeout=60

title Solaris PXE Unattended Install
    kernel /sol10u8x/multiboot kernel/unix - install -B \
      install_media=10.151.120.193:/Volumes/SOL_10_811_X86,\
      sysid_config=10.151.120.193:/install/jumpstart,\
      install_config=10.151.120.193:/install/jumpstart
    module /sol10u8x/x86.miniroot

title Solaris PXE Unattended Install (console)
    kernel /sol10u8x/multiboot kernel/unix - install nowin -B \
      install_media=10.151.120.193:/Volumes/SOL_10_811_X86,\
      sysid_config=10.151.120.193:/install/jumpstart,\
      install_config=10.151.120.193:/install/jumpstart
    module /sol10u8x/x86.miniroot

title Solaris PXE Manual Install
    kernel /sol10u8x/multiboot kernel/unix -B \
      install_media=10.151.120.193:/Volumes/SOL_10_811_X86
    module /sol10u8x/x86.miniroot

Anyone used to doing jumpstart but with RARP/bootparams will notice the symmetry between install_config etc in the GRUB configuration and similar options in /etc/bootparams. Make sure that the full kernel arguments are all on one line, and that there are no spaces in between the install_media=..,sysid_config=.. options.

Step 6, Jumpstart

Finally, set up your Jumpstart configuration. Here’s what I personally use, you may want something different:

$ mkdir /install/jumpstart
$ cd /install/jumpstart
$ vi sysidcfg


#password is password
root_password=uHL9FDUAkZpGs
timeserver=localhost
timezone=Europe/London
security_policy=NONE
service_profile=limited_net
system_locale=C
terminal=vt100
keyboard=US-English
name_service=none
network_interface=ce0 { hostname=TT4-V890-A
ip_address=10.151.120.248
protocol_ipv6=no
netmask=255.255.255.192
default_route=10.151.120.193}
nfs4_domain=dynamic

Ordinarily this file is processed using a check script available in the jumpstart_sample directory on the Solaris DVD, however this only works from a Solaris host. To create the rules.ok file, we need to strip out any comments and put entries on one line, then create the checksum (although this isn’t actually necessary).

$ vi rules

hostname host1 - profile -

$ cp rules rules.ok
$ echo "# version=2 checksum=$(cksum -o 2 rules | awk '{print $1}')" >> rules.ok

Machine profile. This gives me a full Solaris install (minus OEM stuff) on mirrored ZFS disks with additional dump/swap space (the defaults made dump a bit too small I found).

$ vi profile

install_type    initial_install
pool            store auto 4g 4g mirror c1t0d0s0 c1t1d0s0
bootenv         installbe bename sol10u8x
cluster         SUNWCall

Step 7 Change IP server

 And check IP status

$ ifconfig -a

en1: flags=8963 mtu 1500
    ether 4c:8d:79:e0:59:ac
    inet6 fe80::4e8d:79ff:fee0:59ac%en1 prefixlen 64 scopeid 0x5
    inet 10.151.120.193 netmask 0xffffff00 broadcast 10.151.120.255
    media: autoselect
    status: active


Step 8, Make A Cup Of Tea

With everything set up you should be able to enable PXE booting in your BIOS and watch it automatically install. One small minor problem you may have if you don’t have a BIOS which allows you to hit F12 or similar and choose PXE booting for one boot only is that it will infinitely cycle through installing, rebooting, installing, rebooting.. until you change your boot options.

No comments: