box.matto.nl

home/

Create and boot diskless OpenBSD 5.4 machine with a Debian PXE server

Last edited

Building a new diskless OpenBSD machine

It takes just a few simple steps to set up a diskless OpenBSD machine

OpenBSD is a solid BSD operating system. It is developped with emphasize on portability, standardization, correctness, proactive security and integrated cryptography.

Our project for the weekend was to set up a diskless machine running OpenBSD 5.4. The diskless machine boots from a PXE server and mounts a rootfs over NFS.

A PXE server and a NFS server are required for this.

Debian PXE server

In my network runs a Raspberry Pi as a Debian PXE server and a Debian based NAS. I build my diskless OpenBSD system on top of these two.

This PXE server runs a isc-dhcp DHCP-server and a tftpd-hpa TFTP-server, which is normally enough to function as a PXE server.

Extra's on the PXE server

In contrast to Linux and FreeBSD we need some extra's on the PXE server for diskless OpenBSD. These extra's don't require much resources and are easy to install. There are the extra services I had to install:

  • rarpd
  • bootparamd

Define machine name

The machine name of the dikless machine will be used in several places on our servers. This name must match between different files, like in /etc/hosts, /etc/bootparams and /etc/ethers (all files on the TFTP server). Choose a machine name and use it consistently.

Getting the operating system

Besides a kernel it only takes two targz archives to get OpenBSD up and running.

Setting up the rootf on the NFS server

We start with the two targz archives, get them from one of the OpenBSD mirror servers.

We need base54.tgz and etc54.tgz.

Download these files and extract them somewhere where the contents can be mounted over NFS. Extract the files with tar -zxpvf base54.tgz. The "p" is neccesary to preserve the right ownership of the files.

The directory in which we extracted these two targz archives will be called ROOTFSDIR in the remainder of this article.

Also we need a swapfile that the OpenBSD can use. Create this file somewhere where it can be mounted over NFS.

dd if=/dev/zero of=swapfile bs=1M count=0 seek=128  

This will create a sparse file called "swapfile" that can hold 128Mb.

Add configuration files in the ROOTFSDIR

We need to add the following files to our freshly extracted ROOTFSDIR:

  • /etc/fstab
  • /etc/myname
  • /etc/mygate
  • /etc/resolv.conf

The contents of these files are explained below.

Don't set up a /etc/hostname.em0 or whatever in the ROOTFSDIR. The diskless machine will get it's network configuration before the rootfs is NFS-mounted. After this init will be passed to the rootfs, and when the system at that point "sees" a /etc/hostname.em0 it will re-configure the network resulting in a loss of the mounted rootfs.

/etc/fstab

Create a /etc/fstab inside the ROOTFSDIR with the following content.

192.168.1.200:/path-to-ROOTFSDIR     /       nfs     rw      0       0
192.168.1.200:/path-to-swapfile      none    swap    sw,nfsmntpt=/swap

where 192.168.1.200 is the ip address of the NFS-server.

/etc/myname

This file contains one line, with the FQDN of the machine, like:

disklessbsd.example.com

/etc/mygate

This file contains a reference to the gateway in your network.

192.168.1.250

where 192.168.1.250 is the ip address of the gateway.

/etc/resolv.conf

domain example.com
search example.com
nameserver 192.168.1.251
lookup file bind

where 192.168.1.251 is the ip address of the nameserver to use.

Populate /dev

The directory /dev inside the ROOTFSDIR needs to be polulated. Normaly, this is done by the script /dev/MAKEDEV. This script however does not work under Debian. This means we can not make the device-files with the script.

I did create a number of devices with the mknod command:

mknod console c 0 0 
mknod kmem c 2 1 
mknod ksyms c 50 0 
mknod mem c 2 0 
mknod null c 2 2 
mknod pf c 73 0 
mknod ptm c 81 0 
mknod ptyp0 c 6 0 
mknod ptyp1 c 6 1 
mknod stderr c 22 2 
mknod stdin c 22 0 
mknod stdout c 22 1 
mknod tty c 1 0 
mknod ttyC0 c 12 0 
mknod ttyp0 c 5 0 
mknod ttyp1 c 5 1 
mknod ttyps c 5 28 
mknod zero c 2 12 
chmod 0666 *

The last line makes the created devices world read-writable. This is not what is should be for every line, but we will correct this after first boot. This way we can boot the diskless machine and run MAKEDEV from there.

This is a ugly hack, but it worked.

Setup the TFTP and DHCP server

isc-dhcp-server

We need to download the files "pxeboot" and "bsd" from the OpenBSD mirror. Depending on your mirror you can wget or curl them like this.

wget ftp://ftp.eu.openbsd.org/pub/OpenBSD/5.4/i386/bsd
wget ftp://ftp.eu.openbsd.org/pub/OpenBSD/5.4/i386/pxeboot

Put these files in a convenient location in the tree of the TFTP-server and make an entry in the /etc/dhcp/dhcpd.conf.

host disklessbsd {
    hardware ethernet 12:34:56:78:90:ab;
    fixed-address 192.168.1.100;
    filename "/path-to/pxeboot";
    next-server 192.168.1.200;
    option domain-name "example.com";
    option domain-name-servers 192.168.1.201;
    option subnet-mask 255.255.255.0;
    option root-path "path-to-ROOTFSDIR";
}
  • 12:34:56:78:90:ab is the mac-address of the diskless machine
  • 192.168.1.100 is the ip-address it will get from the isc-dhcp-server
  • 192.168.1.200 is the ip-address of the NFS-server
  • "/path-to/pxeboot" is the path to the pxeboot file, relative to the root of the tftp-path
  • 192.168.1.201 is our nameserver
  • path-to-ROOTFSDIR is the path to mount the ROOTFSDIR from the NFS-server

etc/boot.conf

Create a directory etc inside the tftp-path. Inside this directory create a file boot.conf.

boot tftp:/path-to/bsd

This points to the path in which we did wget pxeboot and bsd.

Bootparams

I was not able to give all parameters to the OpenBSD kernel from the DHCP server. Appertenlty OpenBSD still needs a running bootparamd in the network.

On the Debian TFTP server bootparamd is quickly installed:

apt-get install bootparamd

On the TFTP server create a file /etc/bootparams with the following content on a single line.

disklessbsd root=192.168.1.200:/path-to-ROOTFSDIR swap=192.168.1.200:/path-to-swapfile

This line starts with the machine name, followed by the machine and path to NFS-mount the ROOTFSDIR from as well as the machine and path to mount the swapfile from.

rarpd

OpenBSD requires a rarpd server in the network. Also this is easy installed with apt-get on our Debian box. We need to edit two files:

  • /etc/hosts
  • /etc/ethers

In /etc/hosts, add a line with the machine name and ip-address of our diskless OpenBSD server.

192.168.1.100    disklessbsd.example.com      diklessbsd

In /etc/ethers, add a line with the mac-address and the hostname of our diskless OpenBSD server.

12:34:56:78:90:ab disklessbsd.example.com 

Restart the TFTP server and the DHCP server and kick the diskless machine into life.

Now we are ready to boot the diskless OpenBSD machine for the first time. If we have made no errors, we get a login prompt. Log in as root. First, we are going to get the contents of /dev right. We did make some devices but not all with the right permissions and not all devices, remember?

cd /dev
./MAKEDEV all

This will take some time, when done, reboot.

If you want this to be really clean, you could do something like;

mkdir /newdev
cd /newdev
cp /dev/MAKEDEV .
./MAKEDEV all

Then shutdown the diskless machine and move newdev to dev.

Install some packages

Log in our fresh diskless OpenBSD system and edit /root/.profile. Add the following line.

export PKG_PATH=ftp://ftp.eu.openbsd.org/pub/$(uname -s)/$(uname -r)/packages/$(uname -p)/

Log out and log in in order to activate this change.

Now we can add packages.

pkg_add -i screen

Resources

A lot of information floats on the internet. Some links that helped me accomplish the project: