built the first time, we add the, ahem, udev file, to our
FAI profile so on a rebuild we get consistent interface naming. I'll switch
to systemd.link at some point in time.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
On Wed, 2024-12-18 at 08:40 +, Schulz, Reiner wrote:
> Hi!
>
> here a snip of the solution i use:
> Unforturnately it work only at install
Just checking, are you installing the cryptsetup-initramfs package in the
target? Not doing this has bitten me before.
Cheers,
Andrew
ux-fai/2024-January/013149.html
Along with some follow up posts in February.
Good luck!
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
u'll actually
be running.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
Hey,
On Fri, 2024-05-31 at 13:19 +0200, Paul via linux-fai wrote:
> I've only installed "cryptsetup" via "package_config".
>
> Is package_config the right way for both pkgs?
Yes. You need cryptsetup-initramfs so that the generated initramfs has the
LUKS stuff
ryptsetup-initramfs packages on your
target?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
On Sat, 2024-01-20 at 01:27 +1300, Andrew Ruthven wrote:
> On Fri, 2024-01-19 at 09:48 +0100, Thomas Lange wrote:
>
>
> > I use this script to manipulate the disklist:
> > http://fai-project.org/download/misc/99-disklist.sh
>
> Attached is the script which I wrote
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
94-disklist-order
Description: application/shellscript
and have SALT set CACERTIFICATES
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
for the basefile you want
to use.
Are you setting BOOKWORM64?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
ent install to automatically reboot.
This is an on-going battle with every new hardware type! Definitely worth
doing though.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
ass of $RELEASE_$ARCH and use that to select the basefile.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
t; > > primary - 0- - -
> > >
> > > disk_config raid fstabkey:uuid
> > > raid1 /boot disk1.1,disk2.1 - - mdcreateopts="--verbose
> > > --metadata=0.90" createopts="-L boot"
> > > raid1 - disk1.4,disk2.4 - -
>
d. So it
should just be:
disk_config raid
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
s? I
have some I can most probably share. Could FAI have a "plugins" directory
that mimics the top level of a profile and allow for contained plugins to be
installed?
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space inten
On Fri, 2023-10-06 at 11:18 +0200, Thomas Lange wrote:
> > > > > > On Fri, 06 Oct 2023 21:57:28 +1300, Andrew Ruthven
> > > > > > said:
>
> > This isn't ideal as the secrets are still present in the NFSROOT for
> a short
> > peri
till need to have some credentials in the NFSROOT to
talk to the server.
It is primarily used for fetching and storing answers to questions on the
server. This allows us to have interactive builds that can save the answers
to the server so the next build can be automatic. Hence the "Semi".
Puppet.
This isn't ideal as the secrets are still present in the NFSROOT for a short
period of time, but does solve the chicken and egg issue others mentioned
and removes the need for a generic "sign any request that comes in" that
others have suggested.
Cheers,
Andrew
--
An
etely
> reinstall the system (possibly preserving data partition(s)) than
> risking RAID desync and related headaches. To keep the disk partitions
> aligned, you could use the "mirror" space for an extra swap partition :)
Heh, maybe. :)
We're just going through and reb
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
if [ "$key" != "" ];
then
fcopy -M $key
fi
Cheers,
Andrew
On Tue, 2023-08-22 at 09:46 +0200, Thomas Lange wrote:
> I would suggest you are using a hook with an fcopy command to put
> those files to some other locations.
>
> > > > > > On Tue, 18
additional
repositories.
How about having task_repository check for another file, say
package_config/CLASS.gpg_dest that'd allow us to specify where to copy
package_config/CLASS.gpg to?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud:
ar concept. We have a
pxelinux.cfg/default file that has:
default localboot
label localboot
localboot 0
So by default the boxes will just boot off the local disk.
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
slow boot
in my opinion.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
homas Lange wrote:
> Hi Andrew,
>
> unshare --pid is also called in fai-make-nfsroot. Does it also
> need to be removed in there or only in bin/fai?
> > > > > > On Thu, 05 Jan 2023 20:54:28 +1300, Andrew Ruthven
> > > > > > said:
>
> >
eeper.
Any thoughts? (Well, other than not installing etckeeper!)
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
tering a passphrase during the build process.
Another option for ssh which I am considering is using PKI for it. Then
servers and clients just need to trust a CA.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
t /srv/fai/config/class/DEBIAN.var with release=bullseye
> it's not working..
> Let me know if you want me to share some config files.
>
> Any help will be greatly appreciated :)
> Thanks!
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
o handle reinstalls on many networks with a single
> server).
> If only machines had an "attestation key" by default... Maybe an USB
> key
> to insert in the machine being reinstalled... Possibly in an internal
> slot... Uhm... Still brainstorming...
>
> Tks,
>
on" I could find is to save the secret in
> /srv/tftp/fai/pxelinux.cfg/C0A8xxyy in append line, like FAI_FLAGS,
> FAI_CONFIG_SRC and FAI_ACTION, but since append line can be at most
> 255
> chars there's not much space... I's good just for very small
> "sec
ve multiple files that match as the last match
would be what is used. FAI processes the files in the class directory
in shell sorting order.
We also use multiple Perl scripts that perform a regexes on the
hostname and sets classes that way. One script perl per cluster type or
customer.
Cheers,
Andrew
On Thu, 2021-04-29 at 22:48 +1200, Andrew Ruthven wrote:
> > > Is there an approach so that ISO images created with fai-cd
> > perform
> > > DHCP lease renewals?
> > As a workaround, you could write a hook, that starts dhclient.
> > Since the hooks are o
On Thu, 2021-04-29 at 12:04 +0200, Thomas Lange wrote:
> > > > > > On Thu, 29 Apr 2021 21:21:06 +1200, Andrew Ruthven <
> > > > > > and...@etc.gen.nz> said:
>
> > Dracut acts as a DHCP client, but is a single shot only. Once
> the
>
there an approach so that ISO images created with fai-cd perform
DHCP lease renewals?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz |
Catalyst Cloud: | This space intentionally left blank
https://catalystcloud.nz |
On Fri, 2021-03-12 at 10:26 +0100, Thomas Lange wrote:
> > > > > > On Thu, 11 Mar 2021 22:43:31 +1300, Andrew Ruthven <
> > > > > > and...@etc.gen.nz> said:
>
> > Is the reason that setup-storage can't just leave these volumes
> alone
LVs. I'm already
copying the keys back into place, and the partitions don't need to be
mounted for the build phase.
Is the reason that setup-storage can't just leave these volumes alone
if they already exist?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
an
setup-storage is unable to use that block device after this
point and the installation fails.
Is anyone else encountering issues like this? Any suggested fixes?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2021, Canberra, AU
Catalyst
ems while I am using basic tftp for legacy boot clients).
Well... I'm still using legacy boot for these machines. I've been
meaning to get UEFI network booting set up, but I just haven't had the
time. I thought I'd try and do that this month while we're in lockdown,
but
nx/html/rhcos-4.2.18-x86_64-metal-
> bios.raw.gz
>
> Reiner Schulz
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2021, Canberra, AU
Catalyst Cloud:| http://lca2021.linux.org.au/
https://catalystcloud.nz|
ple, and is potentially
a good example of how we can easily deploy other operating systems
using FAI.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2021, Canberra, AU
Catalyst Cloud:| http://lca2021.linux.org.au/
https://catalystcloud.nz|
On Fri, 2020-02-28 at 09:24 +0100, Thomas Lange wrote:
> > > > > > On Fri, 28 Feb 2020 16:21:38 +1300, Andrew Ruthven <
> > > > > > and...@etc.gen.nz> said:
>
> > All the servers support Redfish, so I can script uploading a
> disk image
&
on an nfsroot, with
minimal configuration to bring up a degraded LACP bond.
Has anyone already done this?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2020, Gold Coast, AU
Catalyst Cloud:|https://lca2020.li
(--unpack):
> > new fai-nfsroot package pre-installation script subprocess
> > returned error exit status 2
> >
> > when upgrading FAI from 5.9.1 to 5.9.2
> >
> > I had to manually chroot to the nfsroot and remove the diversion,
> > then it worked. M
On Fri, 2020-01-03 at 08:56 +0100, Thomas Lange wrote:
> > > > > > On Fri, 03 Jan 2020 11:49:52 +1300, Andrew Ruthven <
> > > > > > and...@etc.gen.nz> said:
>
> > Would it be possible to get the fai-server available for Trusty
> from
>
TRUSTY \
&& sed -i 's/,metadata_csum//' /etc/mke2fs.conf
-- End --
Cheers,
Andrew
[0] I run lspci during the build to identify PCI cards which need
customised actions, and a new server uses 32 byte PCI IDs which lspci
on Jessie doesn't support.
--
Andrew Ru
Hey,
Would it be possible to get the fai-server available for Trusty from
http://ppa.launchpad.net/fai/ppa/ubuntu updated so that at lase fai-
make-nfsroot includes the fix to run mkdir -p $NFSROOT/dev/pts in the
upgrade_nfsroot function?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New
sroot. More is described here:
>
> http://fai-project.org/fai-guide/#_a_id_nfsv4_a_how_to_use_nfs_v4_with_the_nfsroot
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2020, Gold Coast, AU
Catalyst Cloud:|https://lca2020.linux.org.au/
https://catalystcloud.nz|
Hey Thomas,
On Tue, 2019-07-02 at 13:38 +0200, Thomas Lange wrote:
> > > > > > On Tue, 02 Jul 2019 22:57:48 +1200, Andrew Ruthven > > > > > etc.gen.nz> said:
>
> > When we manually create them, we tend to name our VGs for SSDs
> as: vg-
>
Hey,
When we manually create them, we tend to name our VGs for SSDs as: vg-
ssd[0-9]+ .
However, setup-storage doesn't like that and ends up confused with the
colums on the vg line in the disk_config file.
Would it be able possible to have VG names allow hyphens?
Cheers,
Andrew
--
A
but that didn't seem to help.
>
> Is this something you've come across before whan using this hook?
>
> Thanks
>
> Jerry
>
>
>
>
>
>
> --
> ---
>
> Jerry Steele
> Telephone: +44 (0)7492 910225
> GPG: 43A3A8C6
>
--
And
ts.
> This one is 60 seconds by default:
>
> rd.net.timeout.iflink=10
>
> ..or even less if that will still work for the interface you do want
> configured :)
>
>
>
> Cheers,
> Just
>
>
> On Tue, 2 Jul 2019 at 07:29, Andrew Ruthven
> wrote:
> > He
each interface...
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2020, Gold Coast, AU
Catalyst Cloud: | https://lca2020.linux.org.au/
https://catalystcloud.nz|
ere started by the kernel and eradicate anything from the
disks. Based on a hook written by W. Walkowiak in 2013, but modified
over the years to fix various new behaviours I've discovered.
Save the file, set a class of WIPEDISKS and, well, all your data will
be gone. ;)
Cheers,
Andrew
do this yet. ;)
All of this is currently deployed via Ansible playbooks. I've been
meaning to write a blog post about this and publish the playbooks...
Information from my previous iteration is here:
http://blog.etc.gen.nz/archives/131-Network-boot-a-Raspberry-Pi-3.html
Cheers,
An
none of the other tooling
around it exists any longer (like how to make the encrypted file, or
how to manage GPG keys).
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2020, Gold Coast, AU
Catalyst Cloud: | https://lca20
hine.
> cfdisk warned me that the device has an "ext4 signature" and that it
> will be destroyed when continuing.
> So i did it and with next reboot FAI installed without an error.
>
> Christian
>
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz
On Thu, 2018-11-22 at 13:06 +0100, Thomas Lange wrote:
> OK, I will just add the mkdir into FAI. I guess an older deboostrap
> version does not create this device.
Cool, thank you. But, it does occur to me that this'll only help if the
PPA for Ubuntu is updated. ;)
Cheers,
Andrew
xist
within it.
On both trusty and sid, /usr/share/debootstrap/scripts/stretch and
jessie are all symlinks to the sid script.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz| linux.conf.au 2019, Christchurch, NZ
https://catalystcloud.nz | https://lca2019.linux.org.au
Trusty, not sure, but Thomas, what do
you think about adding that mkdir -p?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz| linux.conf.au 2019, Christchurch, NZ
https://catalystcloud.nz | https://lca2019.linux.org.au
me/cloud
>
> If you have any comments, feature requests or feedback, do not
> hesitate to contact me.
>
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2018, Sydney, AU
New Zealand's only Cloud: | Just a little bit of history
https://catalyst.net.nz/cloud | http://linux.conf.au
/var 4G ext4 defaults
-- end --
Cheers.
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2018, Sydney, AU
New Zealand's only Cloud: | Just a little bit of history
https://catalyst.net.nz/cloud | http://linux.conf.au
opts from an environment
variable? I use generic disk_configs, like QEMU_GUEST for any distro if
an VM is being built. It'd be nice to not have to special case all the
Ubuntu >= XENIAL distros.
Then in my UBUNTU.var file I can set createopts if need be (I set
classes like WILY_GT for e
On Thu, 2017-11-09 at 11:40 +0100, Thomas Lange wrote:
> > > > > > On Thu, 09 Nov 2017 22:48:37 +1300, Andrew Ruthven > > > > > etc.gen.nz> said:
>
> > But you missed my pull request on github to add -S to the help
> output
> > of th
and. ;)
Thank you!
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2018, Sydney, AU
New Zealand's only Cloud: | Just a little bit of history
https://catalyst.net.nz/cloud | http://linux.conf.au
gt; http://fai-project.org/screenshots/
>
> The log files of this installation are available at
> https://fai-project.org/logs/armhost/last/
>
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2018, Sydney, AU
New Zealand's only Clo
T as
well. ;)
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2018, Sydney, AU
New Zealand's only Cloud: | Just a little bit of history
https://catalyst.net.nz/cloud | http://linux.conf.au
approach than that I've done.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2017, Hobart, AU
New Zealand's only Cloud: | The Future of Open Source
https://catalyst.net.nz/cloud |
On Thu, 2016-09-22 at 00:48 +0200, Thomas Lange wrote:
> >
> > >
> > > >
> > > > >
> > > > > >
> > > > > > On Thu, 22 Sep 2016 10:39:57 +1200, Andrew Ruthven > > > > > etc.gen.nz> said:
>
>
Hey,
I have a requirement to change some of the settings that are passed to
cryptsetup. I could add in a createopts similar to the various other
options what'd allow changing the cipher and size (and whatever else).
Would this be of interest?
Cheers,
Andrew
--
Andrew Ruthven, Wellington
u could run it in a hook script with just the drives you
> want to partition. Using the '-D' option allows you to set the disks.
Yes, they are different disks. Yeah, I guess I could do that. A little
bit awkward, but certainly do-able.
Cheers,
Andrew
> On Wed, 21 Sep 2016 at 10:
artition
exists on the first hard drive, and if it doesn't exist, set the
INITIAL class. But that seems a bit brittle to me.
How are others handling that situation?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2017, Hobart, AU
N
gt; On 08/22/2016 09:56 AM, Paul Schulz wrote:
> > > > > (Repeated as first attempt didn't go through.)
> > > > >
> > > > > Greetings,
> > > > > I have been asked to setup some systems with an encrypted
> > > > disk
> > &
On Tue, 2016-09-20 at 20:07 +1200, Andrew Ruthven wrote:
> On Tue, 2016-09-20 at 09:58 +0200, Thomas Lange wrote:
> > IIRC if you specify a NIC on the kernel cmdline, it only probes
> > this
> > interface. For more info read dracut.cmdline(7).
>
> Yes, but then sometime
On Tue, 2016-09-20 at 09:58 +0200, Thomas Lange wrote:
> >
> > >
> > > >
> > > > >
> > > > > >
> > > > > > On Tue, 20 Sep 2016 15:12:30 +1200, Andrew Ruthven > > > > > etc.gen.nz> said:
>
Hey,
Is it possible to have Dracut stop on the first interface that receives
a DHCP configuration?
Some of my servers have 8 NICs, and while we typically netboot off
eth0, the rest might be plugged into switches and it can take a long
time for the rest to time out.
Cheers,
Andrew
--
Andrew
for a fai-softupdate.
> I plan to release FAI 5.2 in september, so any feedback is welcome.
I'll give it a whirl in the new week.
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2016
New Zealand's only Cloud: |
that udev isn't picking up the new LV in time to create the
device before lvcreate tries to wipe the start of the device. I've
worked around this for now by modifying:
/usr/share/fai/setup-storage/Commands.pm
to have lvcreate have the "-Z n' parameter.
Cheers,
Andrew
--
A
On Fri, 2016-04-15 at 11:49 +1200, Andrew Ruthven wrote:
> On Tue, 2016-04-12 at 10:10 +0200, Thomas Lange wrote:
> > You can disable the ramdisk by setting
> > FAI_RAMDISK=/doesnotexist
> > in class/*.var
> I've put this into LAST.var and now I can complete installs w
On Tue, 2016-04-12 at 10:10 +0200, Thomas Lange wrote:
> >
> > >
> > > >
> > > > >
> > > > > >
> > > > > > On Tue, 12 Apr 2016 12:04:57 +1200, Andrew Ruthven > > > > > etc.gen.nz> said:
> &
packages.
Is there something else that I should be doing here?
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
and...@etc.gen.nz | linux.conf.au 2016
New Zealand's only Cloud: | LCA By the Bay, Geelong, AU
https://catalyst.net.nz/cloud | http://lca2016.linux.org.au
On Mon, 2014-09-15 at 10:19 +0200, Steffen Grunewald wrote:
> On Mon, Sep 15, 2014 at 10:29:04AM +1200, Andrew Ruthven wrote:
> > Hey,
> >
> > Is it possible to make an install abort from within a hook? Looking at
> > the code it doesn't seem obvious.
>
>
Hey,
Is it possible to make an install abort from within a hook? Looking at
the code it doesn't seem obvious.
I've added a hook for extrbase to check and make sure if a require
basefile is present (namely Ubuntu ones if we're building an Ubuntu
box), and if not present it'll spit an error. Ideall
On Wed, 2014-08-20 at 11:19 +0200, Thomas Neumann wrote:
> On Wednesday 20 August 2014 16:11:47 Andrew Ruthven wrote:
> > Is it possible to set labels on individual partitions with setup-storage
> > when GPT is being used?
>
> Do you want to set a label so you can mount th
Hey,
Is it possible to set labels on individual partitions with setup-storage
when GPT is being used?
Cheers,
Andrew
84 matches
Mail list logo
