This section covers how to set up a diskless environment. By the end of the section you should be able to boot up your diskless client with access to the FreeBSD base system.
The diskless client will fetch kernel and kernel modules at boot using tftp. Then nfs mounting the root file system. Each client must have separate var and tmp partitions as processes on different clients may otherwise overwrite files.
Everything will be installed in /var/diskless, the base system and user applications in FreeBSD, see the following section. For each host we create a directory, <hostname> with subdirectories, var and tmp.
Without the host specific directories, var and tmp will be created as memory file systems. This has the advantage that cleaning up the "disk" is done on reboot, but at the price of precious RAM.
In the following we will create a separate root file system. This has many advantages, in particular it is easy to move or copy to other servers, and you don't risk exporting files containing confidential server information onto your diskless clients.
The following builds the base system and installs into /var/diskless/FreeBSD:
# cd /usr/src # make buildworld # mkdir /var/diskless/FreeBSD # make DESTDIR=/var/diskless/FreeBSD installworld # make DESTDIR=/var/diskless/FreeBSD distribution
Note: On FreeBSD 5.X you will have to cd into etc before making the distribution, make DESTDIR=/var/diskless/FreeBSD distribution.
You can make a more lean installation by disabling unneeded features in /etc/make.conf.
The configuration of the client is done on the server. The first to do is do edit /var/diskless/FreeBSD/.cshrc and set set promt = "FreeBSD diskless # ". Now chroot(8) into /var/diskless/FreeBSD. The prompt should now change,
FreeBSD diskless #
indicating that you are in the diskless file system, this helps you avoid messing up your server configuration. In the following, paths are relative to the root in the chrooted environment.
We need to modify the following files:
/etc/fstab
/etc/syslog.conf
/etc/resolv.conf
/etc/rc.conf
Of course, this is a minimal list, you may wish to modify other files as well, for example to give users access to cdrom or usb devices.
The root file system is mounted at boot, but this is mounted read only. We need to mount /var, /tmp and /home. We may also want to mount a swap partition.
Swap over NFS is slow, and should be avoided if posible. Also, since each diskless client needs it's own swap partition, you need to create a large number of swap files on the server wasting a lot of disk space. However, if you have limited RAM swap may be needed.
All diskless clients will share the same fstab for the common file systems:
### Common fstab for diskless clients # Device Mount FStype Options Dump Pass nfs.example.com:/var/diskless/FreeBSD / nfs ro 0 0 nfs.example.com:/home /home nfs rw, userquota 0 0 proc /proc procfs rw 0 0
The dump frequency and pass numbers are set to 0 to avoid running fsck(8). fsck should never be run on nfs mounted file systems, if the partition becomes corrupt, run fsck on the server.
The /var and /tmp partitions have been excluded. This is because these cannot be shared among the diskless clients. By default, at startup if the system detects that /var and /tmp are read only, it will create these as memory file systems. Although the size can be limited this wastes precious memory.
If you compiled the kernel with the BOOTP options, hostname should be set on boot, and we can then create a script that will mount host specific partitions given the hostname.
The diskless client should not log locally, even if the log directory is nfs mounted. This will spread out logs for all the diskless clients and make it more difficult to rotate logs and clean up. In stead the diskless clients should log to a remote syslog server.
To log to a remote syslog server, replace the entries in /etc/syslog.conf with the following:
*.* @syslog.example.com
It may be useful to log critical errors on the console also.
/etc/resolv.conf won't be updated on boot since using dhclient would cause the client to loose the root file system, and it's mounted read only anyway. So update resolv.conf manually to reflect the correct network configuration.
The diskless client should not run any services, with the posible only exception of syslog. Certain services are enabled by default, even if only intended to run as a local service. These are all controled in /etc/rc.conf. Defaults are set in /etc/defaults/rc.conf, we need only change a few. A sample rc.conf may be as follows:
# rc.conf for diskless clients # # System daemons: # sendmail_submit_enable="NO" # Do not enable local delivery or outbound sendmail_outbound_enable="NO" # sendmail daemon. This disables sendmail sendmail_msp_queue_enable="NO" # completely on the client. cron_enable="NO" # Cron should run on the server # # File systems # root_rw_mount="NO" # Root is exported read only background_fsck="NO" # NEVER run fsck on nfs mounted partitions nfs_client_enable="YES" # The diskless client is an NFS client tmpmfs="NO" # We mount /var and /tmp as NFS partitions varmfs="NO" # cleanvar_enable="YES" # Clean the /var directory (this is default) clear_tmp_enable="YES" # Clear /tmp at startup. clear_tmp_X="YES" # Clear and recreate X11-related directories # # Scripts run at startup only # newsyslog_enable="NO" # Logging to server update_motd="NO" # Root file system is read only
On a standalone machine, sendmail(8) is only used by cron to send status reports to root. Cron should run on the server, not on the client so sendmail can be disabled along with cron.
At boot, by default the root file system is first mounted read-only, then remounted read-write when switching into multiuser mode. The root file system is exported read-only, so we disable the remounting. You should never run fsck on an nfs mounted disk, if there are disk errors, run fsck on the server. Enabling the nfs client merely checks that nfs is supported by the kernel and if not loads the nfsclient kernel module. Strictly this line is not needed.
The default value for tmpmfs and varmfs is AUTO. The script then checks if these directories are writeable, if not memory file systems are created. To avoid this, we disable the script. By default /var is cleaned up on boot as it should. Then the server need not clean up after the clients. This is not the default for /tmp though, so we enable clearing /tmp.
Since syslog logs to the server, there is no need to run newsyslog on startup. This would only have the effect of rotating log files. Also, we cannot update the "message of the day" file, since the root is mounted read-only.
Of course, the above sample rc.conf only lists the settings required for diskless operation. You must add any other customization as needed, you posibly want to configure the console.
The previous section assumed the same configuration for all diskless clients. But there are some things that will differ, separate /var and /tmp partitions have been mentioned, but you may also be in the situation where there are differences in hardware or some clients are used by a single user with specific requirements. In this section we solve this problem.
At this point, you should be able to boot up the diskless client but there is still tons of stuff that remains to be tweaked to make the system useful. Among other things, we haven't considered how to manage users. The next section covers management and finetuning.
This, and other documents, can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/.
For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
For questions about this documentation, e-mail <doc@FreeBSD.org>.