X-Git-Url: https://iankelling.org/git/?p=automated-distro-installer;a=blobdiff_plain;f=README;fp=README;h=0dc966b444daaec21b33185ff1b45979a82626b7;hp=4bbcc87018079be31b6f0a1c59398c8dbd814733;hb=14f283f82afc48d6cec1bb7498ec34ac2b0da77c;hpb=bd3227e34e549257fee819cf6bd50fe202ca7996 diff --git a/README b/README index 4bbcc87..0dc966b 100644 --- a/README +++ b/README @@ -138,6 +138,83 @@ faiserver-disable # Disable the fai nfs server exports fresize # resize swap or boot partitions in a host +# NAT/forward/vpn tftp + +I tried to get this working, but failed. + +tftp server in theory can be forwarded over a vpn, eg on a wireguard tunnel. + +However, I found that when actually pxe booting, it wouldn't work, only +the 1st filename would be requested, eg, in the logs: + +Jun 20 23:51:02 kd in.tftpd[4021350]: RRQ from 10.2.0.12 filename pxelinux.0 + + +To get that far, nating tftp requires some special attention in iptables, like so: + +https://unix.stackexchange.com/questions/579508/iptables-rules-to-forward-tftp-via-nat +iptables -t raw -A PREROUTING -p udp --dport 69 -s 209.51.188.0/24 -j CT --helper tftp +modprobe nf_nat_tftp + +to test tftp from a client machine: + +tftp SERVER_IP -c get pxelinux.0 +rm -fv pxelinux.0 + + +# Common problems + +## kernel mismatch very early error, no remote logs: + +ERROR: the running kernel does not match the kernel modules inside the nfsroot. +ERROR: Kernel modules directory /lib/modules/5.10.0-8-amd not available. Only found /lib/modules/5.10.0-15-amd64 + +solution: if running from fai-cd, recreate autodiscover cd as noted above in setup. + +# What good logs look like: + +logging nfs traffic from server + +s rpcdebug -m nfsd -s all + + +normal nfs mount & umount logs look like: + +journalctl -ef | gr nfs + +Jun 20 22:15:36 kd rpc.mountd[2025725]: authenticated mount request from 10.32.2.1:865 for /srv/fai/nfsroot (/srv/fai/nfsroot) +Jun 20 22:15:36 kd kernel: nfsd: exp_rootfh(/srv/fai/nfsroot [00000000e8c53e54] *:dm-0/5521225) +Jun 20 22:15:36 kd kernel: nfsd: fh_compose(exp 00:1b/5521225 fai/nfsroot, ino=5521225) +Jun 20 22:15:36 kd kernel: nfsd: FSINFO(3) 28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000 +Jun 20 22:15:36 kd kernel: nfsd: fh_verify(28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000) +Jun 20 22:15:36 kd kernel: nfsd: PATHCONF(3) 28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000 +Jun 20 22:15:36 kd kernel: nfsd: fh_verify(28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000) +Jun 20 22:15:36 kd kernel: nfsd: GETATTR(3) 28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000 +Jun 20 22:15:36 kd kernel: nfsd: fh_verify(28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000) +Jun 20 22:15:36 kd kernel: nfsd: FSINFO(3) 28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000 +Jun 20 22:15:36 kd kernel: nfsd: fh_verify(28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000) +Jun 20 22:15:36 kd kernel: nfsd: GETATTR(3) 28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000 +Jun 20 22:15:36 kd kernel: nfsd: fh_verify(28: 00070001 00543f49 00000000 d185f7b0 58d1a3c6 00000000) +Jun 20 22:15:45 kd rpc.mountd[2025725]: authenticated unmount request from 10.32.2.1:986 for /srv/fai/nfsroot (/srv/fai/nfsroot) + +normal tftpd logs from: + +after setting -vv in TFTP_OPTIONS in /etc/default/tftpd-hpa + +journalctl -u tftpd-hpa + +Jun 20 23:51:02 kd in.tftpd[4021350]: RRQ from 10.2.0.12 filename pxelinux.0 +Jun 20 23:51:02 kd in.tftpd[4021351]: RRQ from 10.2.0.12 filename ldlinux.c32 +Jun 20 23:51:02 kd in.tftpd[4021352]: RRQ from 10.2.0.12 filename pxelinux.cfg/a913a477-fca6-234d-a928-6bb011decd05 +Jun 20 23:51:02 kd in.tftpd[4021352]: sending NAK (1, File not found) to 10.2.0.12 +Jun 20 23:51:02 kd in.tftpd[4021353]: RRQ from 10.2.0.12 filename pxelinux.cfg/01-52-54-00-9c-ef-ad +Jun 20 23:51:02 kd in.tftpd[4021353]: sending NAK (1, File not found) to 10.2.0.12 +Jun 20 23:51:02 kd in.tftpd[4021354]: RRQ from 10.2.0.12 filename pxelinux.cfg/0A02000C +Jun 20 23:51:02 kd in.tftpd[4021355]: RRQ from 10.2.0.12 filename vmlinuz-5.10.0-15-amd64 +Jun 20 23:51:03 kd in.tftpd[4021356]: RRQ from 10.2.0.12 filename initrd.img-5.10.0-15-amd64 + + + # Replacing a raid 10 disk pxe-server -S HOST fai @@ -177,7 +254,9 @@ reboot # Expected output in fai logs -On focal, + +## On focal: + fai.log:updatebase.UBUNTU FAILED with exit code 1. the real error is dpkg-reconfigure locales, seems to be related to a workaround for < 20.04, relevant comment: @@ -185,13 +264,17 @@ to a workaround for < 20.04, relevant comment: in config/hooks/instsoft.DEBIAN -For flidas, when installing systemd, this error happens, and it's +## For flidas, + +when installing systemd, this error happens, and it's a superflous upstream bug based on reading the post install script: addgroup: The group `systemd-journal' already exists as a system group. Exiting. Operation failed: No such file or directory -On nabia/newer, python is removed, now its python3, +## On nabia/newer, + +python is removed, now its python3, and its easier to just let the package get removed than do host class package config. fai.log:WARNING: These unknown packages are removed from the installation list: python python-minimal @@ -204,6 +287,10 @@ fai.log:WARNING: These unknown packages are removed from the installation list: Also, cryptsetup-initramfs is new to buster/nabia, it gets removed on earlier versions. +## parted error +fai.log:Error: /dev/vda: unrecognised disk label +This is from parted -m $d unit MiB print. +It happens when there are no partitions yet. # linode notes