-
PXE/Netbooting Pis is generally considered beta
- stable once everything is working
-
Pi boots off the network
-
No SD Card, or other local drive
- SD Cards can be unreliable, stolen, lost, hard to track
-
Security
- Pi's are cheapo, data is not
-
Reliability
- Server storage is more durable and reliable than SD Cards
-
Centralized storage for all Pi's
- Backup all Pi's from a central location, offloading the work
-
Shared binaries and systems
- Share the same OS, configuration, and/or settings
-
Scaliability
- Practical way to manage quantities of Pi's
-
Use the SD Care slot
- Installation/Re-Installation of OS
-
- tftp-hpa, dnsmasq, or other
-
NFS-Server (or iSCI-SAN)
-
[Raspberry-Pi] 3B, 3B+, or 4B
- 3B's require a SD card with bootcode.bin only
- Uncomfirmed 1B, 1B+, or 2B
- Older Pi's neet to boot and toggle boot from USB for PXE
- eeprom update on older Pi's
-
Latest boot files from Github-Repository
- Download directly, avoid copying from Raspbian install
-
Does not use PXE bootloaders
-
Does not use common DHCP PXE options
- ISC DHCP:
filename "pxelinux.0"
- dnsmasq:
dhcp-boot=pxelinux.0
- ISC DHCP:
-
Pi specific DHCP Options
- ISC DHCP:
option vendor-class-identifier "PXEClient";
option vendor-encapsulated-options "Raspberry Pi Boot";
- dnsmasq:
pxe-service=0, "Raspberry Pi Boot"
- ISC DHCP:
-
Short window for booting
- Around 30 seconds, does not retry
- Requires portfast on switches
-
Adding options to lots of hosts is unweildy
-
Use class feature of ISC DHCP
### PXE Netboot Pi's
class "rpi-pxe" {
match if ((
(binary-to-ascii(16,8,":",substring(hardware,1,3)) = "b8:27:eb") or
(binary-to-ascii(16,8,":",substring(hardware,1,3)) = "dc:a6:32")
) and
(option vendor-class-identifier = "PXEClient:Arch:00000:UNDI:002001")
);
option tftp-server-name "10.1.10.1";
option vendor-class-identifier "PXEClient";
option vendor-encapsulated-options "Raspberry Pi Boot";
}
### DHCP Netboot Pi's
class "rpi-dhcp" {
match if (
(binary-to-ascii(16,8,":",substring(hardware,1,3)) = "b8:27:eb") or
(binary-to-ascii(16,8,":",substring(hardware,1,3)) = "dc:a6:32")
);
option root-path "10.1.10.1:/srv/nfs/pi,vers=3";
}
-
Requires all files in /boot directory to be in /tftproot
- creates a messy tftp root directory
-
Option to use device specific directory
- folder named using device serial number in /tftproot
- only way to get serial is cat /proc/cpuinfo
- can limit boot files to device specific
-
Copy all boot files from Github repo
-
Must edit cmdline.txt
- change root path:
root=/dev/nfs
- add nfs specific options:
nfsroot=x.x.x.x:/path/to/distro,vers=3
- add
rootfstype=nfs
- add
ip=dhcp
- optionally disable quiet and splash to show details
- change root path:
console=serial0,115200 console=tty1 root=/dev/nfs nfsroot=10.1.10.1:/srv/nfs/pi,vers=3 rootfstype=nfs rw ip=dhcp
elevator=deadline rootwait noquiet nosplash plymouth.ignore-serial-consoles
-
Single directory per system, single export
/srv/nfs/pi 10.1.10.2 (rw,async,no_root_squash,no_subtree_check,fsid=1001)
-
Bind mounted shared system, multiple exports
- only exporting bind mounted directories
- needs crossmount for main export, nohide for bind mounts
/srv/nfs/pi *(rw,async,crossmnt,nohide,no_root_squash,no_subtree_check,fsid=100)
/srv/nfs/pi/bin *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=101)
/srv/nfs/pi/boot *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=102)
/srv/nfs/pi/home *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=103)
/srv/nfs/pi/lib *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=104)
/srv/nfs/pi/opt *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=105)
/srv/nfs/pi/root *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=106)
/srv/nfs/pi/sbin *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=107)
/srv/nfs/pi/usr *(rw,async,nohide,no_root_squash,no_subtree_check,fsid=108)
-
Either way, single mount point for boot purposes
- This is from a Pi, sharing binaries for other Pi's
-
Download and unpack img file from zip
-
Use fdisk to see partition offset of root partition (usually 532480)
- calculate partition offset, multiply by 512 (usually 272629760)
-
Loopback mount the image using partition offset
-
Copy files, preserving ownership and permissions
-
Edit /etc/fstab, comment out
/boot
and/
mounts- filesystem will already be mounted
-
Optionally, copy ssh keys
-
Optionally, change default.target
- toggle between graphical and CLI aka multi-user
-
Optionally, enable/disable services
- must be done manually in /etc/systemd/system/
- ARM chroot/emulation required to run systemctl
- enable ssh
ln -s /lib/systemd/system/ssh.service
- services to disable:
rpi-eeprom-update.service
,dphys-swapfile.service
-
tcpdump is best for both DHCP and TFTP
tcpdump -n -v -i eth0 port 68
(dhcp)tcpdump -n -v -i eth0 port 69
(tftp)- best to use two terminals and seprate commands
-
Pi will request lots of files not found via tftp
- this is normal and makes debugging tftp difficult
-
Limit CPUs for kernal panic details
- add
maxcpus=2
to kernel options
- add
-
If boot hangs or crashes: ensure latest boot files
-
Try disabling any service that hangs
- add
systemd.confirm_spawn=true
to kernel options
- add
-
Bind mounted NFS shares require additional exports
- mount share on another system
- check for empty directories
- export any directory that is empty
-
General NFS issues: view server logs
-
Systemd is not your friend
-
Install Gentoo instead of Raspbian
- use openrc instead of systemd
-
Turn a Pi into a general PXE/Netboot device
- portable to fix other systems
-
Use a Pi for USB booting
- ability to modify USB files for booting
- https://www.youtube.com/channel/UCj1uRFMY2I9NijnQI9TN4YQ
- https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/net_tutorial.md
- https://www.raspberrypi.org/documentation/installation/installing-images/linux.md
- https://github.com/raspberrypi/firmware/tree/master/boot
- https://www.blockdev.io/network-booting-a-raspberry-pi-3/
- https://lig-membres.imag.fr/duble/software/raspberry-pi-netboot/
- https://hackaday.com/2019/11/11/network-booting-the-pi-4/
- http://www.isc.org/software/dhcp
- http://www.kernel.org/pub/software/network/tftp/
- http://www.thekelleys.org.uk/dnsmasq/doc.html
- https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters
- https://github.com/orgs/raspberrypi/
- https://youtube.com/playlist?list=PLvFA4zkDIoOnVtmXr0h33hS1E0yZdqCTC
- https://jaxlug.github.io/
- https://www.facebook.com/JaxLUG/
- https://www.obsidian-studios.com/
Credit to wltjr for his presentation and lessons on implementing and contrubution to the development of this project!