樹心幽徑

« 20190119用Fedora Server’s netinst images透過網路安裝Fedora 28 server最小集及NFS4網路檔案系統 | Main | 20190123在Fedora 28 Server設定system locale、安裝 GNOME桌面、嘸蝦米輸入法、Firefox及LibreOffice »

20190120在Fedora 28 Netboot server 裝NFS並建立NetBoot Image
2019/01/20,16:00

上篇

(16) 建立Netboot Image所在目錄

# mkdir /fc28

(17)先裝fedora-release systemd passwd rootfiles sudo dracut dracut-network nfs-utils vim-minimal dnf等十個基本套件:

# dnf -y --releasever=28 --installroot=/fc28 install fedora-release systemd passwd rootfiles sudo dracut dracut-network nfs-utils vim-minimal dnf

註:dracut是一種事件驅動的 initramfs infrastructure,dracut指令會自裝妥的linux系統拷取必要的檔案與工具來產生initramfs。

(18-1) 不採hostonly,以利initramfs可支援多種硬體驅動程式:

# echo 'hostonly=no' > /fc28/etc/dracut.conf.d/hostonly.conf

(18-2) 設定支援nfs

# echo 'add_dracutmodules+=" network nfs "' > /fc28/etc/dracut.conf.d/netboot.conf

(18-3)再裝kernel組件

# dnf -y --installroot=/fc28 install kernel

(18-4)設定不要自動更新kernel組件

# echo 'exclude=kernel-*' >> /fc28/etc/dnf/dnf.conf

 

(19)

# echo 'exclude=kernel-*' >> /fc28/etc/dnf/dnf.conf
#  MY_CLIENT_HOSTNAME=sice-client1.home.idv.tw
#  echo $MY_CLIENT_HOSTNAME > /fc28/etc/hostname
# echo 'kernel.printk = 0 4 1 7' > /fc28/etc/sysctl.d/00-printk.conf
# echo 'liveuser:x:1000:1000::/home/liveuser:/bin/bash' >> /fc28/etc/passwd
# echo 'liveuser::::::::' >> /fc28/etc/shadow
#  echo 'liveuser:x:1000:' >> /fc28/etc/group
# echo 'liveuser:!::' >> /fc28/etc/gshadow
# echo 'liveuser ALL=(ALL) NOPASSWD: ALL' > /fc28/etc/sudoers.d/liveuser

(20)# dnf install -y --installroot=/fc28 authselect oddjob-mkhomedir

(21)

# echo 'dirs /home' > /fc28/etc/rwtab.d/home

 

# chroot /fc28 authselect select sssd with-mkhomedir --force
Backup stored at /var/lib/authselect/backups/2019-01-24-07-33-49.LpqSvR
Profile "sssd" was selected.
The following nsswitch maps are overwritten by the profile:
- passwd
- group
- netgroup
- automount
- services

Make sure that SSSD service is configured and enabled. See SSSD documentation for more information.
 
- with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module
  is present and oddjobd service is enabled
  - systemctl enable oddjobd.service
  - systemctl start oddjobd.service

# chroot /fc28 systemctl enable oddjobd.service
Created symlink /etc/systemd/system/multi-user.target.wants/oddjobd.service → /usr/lib/systemd/system/oddjobd.service.

註:chroot指令用以改變所指定命令或程序的根目錄


(22)# sed -i 's/^READONLY=no$/READONLY=yes/' /fc28/etc/sysconfig/readonly-root

(23)# cat /fc28/etc/sysconfig/readonly-root
# Set to 'yes' to mount the system filesystems read-only.
# NOTE: It's necessary to append 'ro' to mount options of '/' mount point in
#       /etc/fstab as well, otherwise the READONLY option will not work.
READONLY=yes
# Set to 'yes' to mount various temporary state as either tmpfs
# or on the block device labelled RW_LABEL. Implied by READONLY
TEMPORARY_STATE=no
# Place to put a tmpfs for temporary scratch writable space
RW_MOUNT=/var/lib/stateless/writable
# Label on local filesystem which can be used for temporary scratch space
RW_LABEL=stateless-rw
# Options to use for temporary mount
RW_OPTIONS=
# Label for partition with persistent data
STATE_LABEL=stateless-state
# Where to mount to the persistent data
STATE_MOUNT=/var/lib/stateless/state
# Options to use for persistent mount
STATE_OPTIONS=
# NFS server to use for persistent data?
CLIENTSTATE=
# Use slave bind-mounts
SLAVE_MOUNTS=yes

(24-1)# sed -i 's/^#Storage=auto$/Storage=volatile/' /fc28/etc/systemd/journald.conf
(24-2)# cat /fc28/etc/systemd/journald.conf
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See journald.conf(5) for details.

[Journal]
Storage=volatile
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitIntervalSec=30s
#RateLimitBurst=1000
#SystemMaxUse=
#SystemKeepFree=
#SystemMaxFileSize=
#SystemMaxFiles=100
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#RuntimeMaxFiles=100
#MaxRetentionSec=
#MaxFileSec=1month
#ForwardToSyslog=no
#ForwardToKMsg=no
#ForwardToConsole=no
#ForwardToWall=yes
#TTYPath=/dev/console
#MaxLevelStore=debug
#MaxLevelSyslog=debug
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
#LineMax=48K
#ReadKMsg=yes

(25)# cat << END > /fc28/etc/resolv.conf
> nameserver 192.168.1.1
> nameserver 163.25.20.1
> END

 

(26)

# echo 'dirs /var/lib/gssproxy' > /fc28/etc/rwtab.d/gssproxy
# cat << END > /fc28/etc/rwtab.d/systemd
> dirs /var/lib/systemd/catalog
> dirs /var/lib/systemd/coredump
> END

(27)

# mkdir /export/fc28
# echo '/fc28 /export/fc28 none bind 0 0' >> /etc/fstab
#  mount /export/fc28
#  echo "/export/fc28 -ro,sec=sys,no_root_squash 192.168.1.0/24" > /etc/exports.d/fc28.exports
# exportfs -vr
exporting 192.168.1.0/24:/export/fc28
exporting 192.168.1.0/24:/export

(28)比一下:

# ls /fc28
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

# ls /export/fc28
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

# ls /
bin  boot  dev  etc  export  fc28  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

 

迴響

 
Accessible and Valid XHTML 1.0 Strict and CSS Powered by LifeType