Setting up thin Clients At The Wendell Free Library: Part 2

By RobertHeller. Filed in Linux Articles 
Tags: , , ,

TOP  del.icio.us  digg  facebook

Abstract

One of the services that many public libraries provide is computer access, both for local applications and access to Internet services. The Wendell Free Library provides these services with thin1 Linux workstations. These workstations provide a web browser (Firefox), for access to web sites of all sorts and also provide a number of local applications, including an office suite (OpenOffice), plus several other applications, including a movie player (MPlayer), an image editing program (GIMP), and a large collection of games.

Using thin clients reduces energy costs, creates a uniform environment that only needs to be updated in one place, on the server, and quieter operation. This article describes the setup and configuration of these thin clients at the Wendell Free Library and covers the step-by-step process of setting up the server and the client machines and includes the process from installing the base system on the server to configuring the PXE boot process to user authentication and management.

Contents

4 Booting the Diskless Clients

4.1 PXEBoot

The diskless clients boot over the network using boot ROMs that implement the industry standard PXE (Pre-eXecution Environment). This environment uses the DHCP to get its initial boot images, the pxelinux.0 image that is part of the syslinux package. This image uses the TFTP protocol to download the kernel and initial ramdisk images and then uncompresses and starts the kernel, in much the same way as a normal local boot loader (such as LILO or Grub) would do. The initial ramdisk includes programs and scripts that set up the clients networking, mount the root file system’s backing tree and then set up, mount, and initialize the client’s root file system. Control is then passed to the init program and boot up continues in much the same way as for a “normal” disk-based workstation.

4.2 DHCPD and DNS setup

In order for the diskless clients to boot up, they need some basic configuration information. This information is provided initially by the DHCPD process running on the server. There is a group block containing common option definitions and each workstation has a DHCPD host block within the group block. Here is an example:

 1  group {

filename "/pxelinux.0";
option root-path "server1.wendellfreelibrary.org:/nfsroot";
next-server 192.168.1.254;
6
host station1 {
# New box adult station
hardware ethernet 00:40:ca:7a:b4:b5;
fixed-address 192.168.1.21;
11 option host-name "station1.wendellfreelibrary.org";
}

# Additional host sections here

16 }


These blocks are in the server’s /etc/dhcpd.conf file2. In addition, it is necessary to configure the DNS server as well3.

4.3 TFTPD

The tftp server is started from xinetd4, and is controlled by a configuration file in /etc/xinetd.d named tftp:

 # default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
4 # workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
socket_type = dgram
9 protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /tftpboot
14 disable = no
per_source = 11
cps = 100 2
flags = IPv4
}

All of the boot configuration files live in the /tftpboot directory. You need to copy pxelinux.0 from the /usr/lib/syslinux/ directory, then copy the kernel and initrd images there (see the next section) and create a directory named “pxelinux.cfg”, containing a single file named “default”:

 LABEL linux
2 KERNEL vmlinuz-2.6.18-92.el5
APPEND initrd=pxeboot-2.6.18-92.el5.img enforcing=0

4.4 Kernel and Initrd

The kernel used is the same kernel that installs with the operating system. The initial ramdisk is different. The initial ramdisk needs to be loaded up with all of the possible network drivers and the NFS file system modules. Busybox (I used, in this example, the 1.13.2 tarball) also needs to be built and installed. I’ve included the configuration file I generated with this article’s downloads. I also wrote a greatly simplified and statically linked version of lspci, the source code of which is also included. I adapted a startup script that does the following:

  • Auto detects the network device and installs its driver.
  • Installs the NFS modules.
  • Initializes the network (both lo and eth0). Eth0 is configured using DHCP.
  • The NFS root file system is mounted read-only.
  • A RAMDISK file system is mounted as the system root.
  • All of the toplevel files and directories on the NFS mounted root file system are symlinked to the root RAMDISK file system.
  • A selection of the files and directories at the root file system are specially handled, including root’s home directory, and various mount points.
  • The /var file system is copied to the RAMDISK.
  • The /dev file system is initialized.
  • /proc/sys/kernel/real-root-dev is initialized.
  • And finally, the root file system is switched into place with the pivot_root function.
  • Control is then passed to init and the system proceeds with the boot up process.

5 Diskless Clients Root file system RAMDISK

The diskless clients run with a root file system that is actually a RAMDISK. This RAMDISK is initialized with symbolic links to a read-only mounted NFS file system. Selected directories (/var and /root) are either copied during the boot process. Certain files are created either on the fly or are symbolic links, based on the client’s host name. The special files and directories are created initially under /nfsroot/var/etc and consist of:

  • A resolv.conf file is generated from information retrieved via DHCP.
  • A client-specific version of /etc/modprobe.conf. This file contains module aliases for client-specific driver modules, generally for the sound card, but might also include other devices, such as special USB, Firewire, or other devices.
  • A client-specific version of the /etc/sysconfig/ directory. Again anything specific to the client that would normally be configured in /etc/sysconfig/ goes here.

5.1 Read-only root file system

Mostly, /nfsroot is a copy of the server’s own root and /var file systems. Some important differences include: Several scripts under /etc/init.d/ have to be modified and selected files under /etc are symlinked to files under /var/etc5. There are no local file systems, instead there are some read-only file systems, namely /usr and /var/lib/rpmdb6 that have to be mounted early. The rc.sysinit needs to be modified to skip bothering with fsck’ing and to mount these file systems early. It is also important NOT to unmount the root file system during shutdown, this means that the halt and netfs scripts need to be modified to not unmount read-only NFS file systems. This is slightly tricky since the root file system is not actually the NFS file system, but a RAMDISK that has symbolic links to a NFS mounted file system. Other changes include turning off probing for new or changed hardware, since the file system where these changes would be recorded is a read-only file system.

6 Diskless Clients NFS Mounted file systems

The fstab file on the diskless clients looks like this:

 #none            /                     tmpfs   defaults        0 0
2 none /dev/pts devpts gid>=5,mode=620 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
server1.wendellfreelibrary.org:/usr /usr nfs ro,nolock 0 0
server1.wendellfreelibrary.org:/var/lib/rpm /var/lib/rpm nfs ro,nolock 0 0
7 server1.wendellfreelibrary.org:/var/spool/mail /var/spool/mail nfs rw 0 0
server1.wendellfreelibrary.org:/home /home nfs rw 0 0

The two read-only file systems, /usr and /var/lib/rpm are mounted by rc.sysinit and not by the netfs script. The other file systems, /var/spool/mail and /home are mounted later.

Next week: User Authentication

Next week we will cover user authentication and related topics.

*Copyright (C) 2009 Robert Heller.

1 Thin clients are diskless computers, which get their operating system and application software from a file server on the local area network (LAN).

2 See the downloads section at the end of this article for a copy of the /etc/dhcpd.conf used by the server at the Wendell Free Library.

3 Don’t forget to adjust server’s firewall settings to set the LAN’s ethernet interface as “trusted”. This is needed so that the server can accept various network connections from the clients for the various services they need.

4 Make sure xinetd is installed and set to start. The base CentOS 5 install does not include xinetd nor does it start it by default!

5 These files are “computed” at boot time.

6 /var/lib/rpmdb does not have to be mounted early, but because it is marked read-only, it gets mounted when /usr gets mounted.

One Comment