Re: NFS booting problem

John Summerfield <debian@xxxxxxxxxxxxxxxxxxxxxx> · Tue, 16 Oct 2007 09:02:47 +0800

Joe_Wulf wrote:
John, thank you.  Jason Edgecombe also mentioned to just simply copy the NFS tree
to a
web-viewable directory on a web server. I've stayed away from the
http/squid/apache
method/version of installations as I don't know anything about apache or squid,
securing
them, etc... nor did I feel I had the time to spare to learn how to set THAT up
just to
get all my other stuff working.  My task/project is to develop a straightforward
method

The allow/deny lines secure apache. If it's only listening on your LAN, 
it's secured from outside (assuming your firewall's okay). Mine's on 
192.168.9.4 and there's no way you can get to it.

Squid doesn't need much, mainly make sure you cache big files. Its 
config file is well commented, about as good as I've seen.

You may need to loosen Squid' security a little:-) That said, it too is 
on 192.168.9.4 and you can't reach that either.

to install a baseline (stable standard) version of RHEL AS4 and RHEL5 that is
usable
across the enterprise (potentially thousands of machines) that is the same, and
has been
well secured/hardened.  I'm pretty close to the final stages of that effort.  The
kickstart method has generally been working at a lab site, but not so well at the
near-
production site.

if you're going to be looking after that much kit you need to get your 
geek skills up really soon. Configuring Apache and Squid (and your MTA) 
are all part of what you need.

btw Kickstart off DVD would be pretty cool too. "Here's your new 
machine. Boot this DVD."

Your %pre would need to ensure they didn't do it twice (or after /home 
is populated or something).

Yes, the "noipv6" in the pxeconfig worked.  Thank you.

I've pretty closely watched (tail -f) the /var/log/messages and only see the DHCP
and tftp
related messages.  No errors reported.

This is the first time I've found NFS temperamental.  But not sure how to further
test
this or 'fix' it, much less how to troubleshoot it.

VMware Workstation v6.0+ is what is being used today.  Haven't had the spare time
to
set up and try any of the others.

R,
-Joe Wulf, CISSP, USN(RET)
 Senior IA Engineer
 ProSync Technology Group, LLC
 www.prosync.com

-----Original Message-----
From: kickstart-list-bounces@xxxxxxxxxx
[mailto:kickstart-list-bounces@xxxxxxxxxx] On Behalf Of John Summerfield
Sent: Monday, October 15, 2007 05:28
To: Discussion list about Kickstart
Subject: Re: NFS booting problem

Joe_Wulf wrote:
John,

Thank you for writing.

At this point NFS is all I know.  I have 'gotten' the concept of 
kickstarting only recently, much less learned and applied it and 
gotten it to work.  A friend/co-worker helped me to get the NFS 
working.  I've set it up, the same way for two different locations.  
One of the kickstart servers is FC5 the other is Fedora 7.  I've pretty
carefully checked my configuration stuff.
Made sure DHCP, pxeconfig, tftp and NFS were set up.  I've done 
matched up comparisons between the config files for both locations.  
At the FC5 site I can fully build repeatedly the same end systems 
(RHEL AS4u5 32/64 bit) and (RHEL5 32/64 bit) while only changing the 
nuts and bolts in the %post sections.  I'm applying the same logic and 
applying the same kinds of things at the Fedora 7 site (even with the 
same IP networks/address space) and find that the at the Fedora 7 
site, something is 'wrong'.  About 1 time in 25 (or more) the system 
will build without anything changing; the rest of the time it is not 
NFS mounting for the KS.cfg parts.  So, its failing at the same place.

What's in /var/log/messages?

To use http, you need a web server. I use virtual hosts, but that's not
essential.

With a decent Internet connexion, one can also install via http directly off the
'net. It runs well with a caching proxy, and bot Squid and Apache can fill that
role superbly.

An advantage of this technique is that one only downloads those files actually
needed: there's no need for several Gbytes of data.

Once it's cached, installs go at local LAN speeds.

If using Squid, then I suggest a transparent proxy - it simplifies installs (one
does not need to configure the proxy) and applies to ordinary folk using Firefox,
Seamonkey etc as well.

I use this virtual host definition:
[root@ns ~]# cat /etc/httpd/conf/vhosts.d/RHEL.conf
<VirtualHost *:80>
         ServerAdmin webmaster@xxxxxxxxxxxxxxxxxxxxxxx
         DocumentRoot /var/local/mirrors/linux/RHEL
         ServerName RHEL.demo.lan
         ServerAlias RHEL.demo.room
         ServerAlias RHEL
         Alias           /RHEL/          "/var/local/mirrors/linux/RHEL/"
         Alias           /Fedora/        "/var/local/mirrors/linux/Fedora/"
         Alias           /Specifix/ 
"/var/local/mirrors/linux/Specifix/os/"
         Alias           /ScientificLinux/ 
"/var/local/mirrors/linux/ScientificLinux/"
         Alias           /CentOS/        "/var/local/mirrors/linux/CentOS/"
         ScriptAlias     /ks/            "/var/local/mirrors/linux/ks/"
         ErrorLog  /var/log/httpd/RHEL-error_log
         CustomLog /var/log/httpd/RHEL-access_log combined <Directory
"/var/local/mirrors/linux/RHEL/">
         AllowOverride None
         Options +FollowSymLinks +Indexes
         Order allow,deny
         Allow from 192.168
</Directory>

<directory "/var/local/mirrors/linux/Fedora">
         AllowOverride None
         Options FollowSymLinks Indexes
         Order allow,deny
         Allow from 192.168
</Directory>

<directory "/var/local/mirrors/linux/Specifix/os">
         AllowOverride None
         Options FollowSymLinks Indexes
         Order allow,deny
         Allow from 192.168
</Directory>
<Directory "/var/local/mirrors/linux/CentOS/">
         AllowOverride None
         Options FollowSymLinks Indexes
         Order allow,deny
         Allow from 192.168
</Directory>

</VirtualHost>
[root@ns ~]#

If you don't want the virtual host stuff, just remove the virtualhost things fore
and aft.

I have another vhost which I used to install FC2 through a modem with
time-limited sessions; I'll post it on provocation:-)

On the VC3 screen there is syslog-like output, of the following (retyped):
20:08:21  INFO    : doing kickstart... setting it up
20:08:22  INFO    : DHCPv4 interface configuration succeeded.
20:08:23  WARNING : reverse name lookup failed
20:08:24  INFO    : url is 192.168.10.2:/ks/ks-f/RHEL5u0x32ks.cfg
20:08:25  INFO    : file location: nfs://192.168.10.2:/ks/ks-f/RHEL5u0x32ks.cfg
20:08:26  ERROR   : failed to mount nfs source

Like you, I found nfs a little temperamental. In contrast, httpp works 
every time, and also it writes a nice log so one can see what files are 
used.

I've put the 'seconds' in increments to uniquely talk about each line, as
needed.  Before ":21" I'm frustrated with the IPv6 that it wastes time trying
to mount, but hopefully someone will give me a way to prevent that.

I think it's "noipv6"

At ":23" I do not understand that reverse name lookup failure.  DNS has been
setup, established, configured and not changed.  For these boots, it seems
that the errors only occasionally go away without any change to DNS or a
restart of the named daemon.  And when I don't get this error, the systems
NFS mount and build fully.
It's trying to convert your install target's IP address to a host name. 
It plans to use this as the name of the system.

At the Fedora 7 site, the Fedora 7 system is a Pentium 4 with 512 MB of RAM
726 GB of disk storage with a 100 bit ethernet card.  The network connections
are through a Linksys RT41-BU router.  The kickstart'ees are virtual machines
on a MAC Pro with dual quad-core CPUs, 4GB RAM and 520 GB of internal storage.
The MAC Pro has XP64bit installed and is current with all the Micro$loth
updates, no firewall, no anti-virus and no anti-spam enabled.  Manually built
systems of the above mentioned guests flawlessly install time after time, I
can get them repeatedly successfully mount filesystems via NFS (and
successfully export them too)

Xen?
Virtual PC?
VMWare?
Whichever you're using, have you tried one of the others?

I'm not sure of the current situation, but it used to be the case that 
Anaconda's nfs tools weren't as good as the installed ones. Also, I 
think it's using pump for its dhcp client.

There is also a Dell XPS 1710 laptop within the same network, also every
attempt
to build 32 bit systems succeed.  I even changed the 'mac' address of a problem
one not building to identify the one from the MAC Pro over to the Dell XPS, and
it built every time.

R,
-Joe Wulf, CISSP, USN(RET)
 Senior IA Engineer
 ProSync Technology Group, LLC
 www.prosync.com

-----Original Message-----
From: kickstart-list-bounces@xxxxxxxxxx
[mailto:kickstart-list-bounces@xxxxxxxxxx] On Behalf Of John Summerfield
Sent: Sunday, October 14, 2007 20:41
To: Discussion list about Kickstart
Subject: Re: NFS booting problem

Joe_Wulf wrote:
I've got an on again, off again problem where I can initiate a 
kickstart for
RHEL5 (32 or 64 bit), as well as
for RHEL AS4 (32 or 64 bit) and many times the NFS mount for the KS 
config cannot be found.  Then, after numerous reboots to troubleshoot 
the problem, poof, the NFS mount is found and some systems get built.  
Nothing changed.  Even reboots of the kickstart server, the Linksys 
router and the Mac Pro (with WinXP and VMware 6 installed) don't 
change that many restarts have to happen before it will somehow, 
magically start building.

A most confusing problem and one that I need insight, advice and 
questions from you all on what to check so I can solve it.  All help 
is appreciated!
It's some years since I did an NFS install. http, in my experience, works well.
Do you have some reason (other than setup) not to do it too?

--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxx

Please do not reply off-list

_______________________________________________
Kickstart-list mailing list
Kickstart-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/kickstart-list