Customized LiveCD for diskless server

Discussion in 'all things UNIX' started by mirimir, Apr 8, 2013.

Thread Status:
Not open for further replies.
  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    I'd like to create a customized Debian or Ubuntu LiveCD to boot a hosted diskless server. I'd only be adding VirtualBox. However, I'd like use about 4GB RAM (out of 8GB total) as ramdisk, and (if possible) install the entire OS in ramdisk (for performance). The remaining 4GB RAM would be plenty for VMs that I want to run.

    I've been reading about Remastersys and Ubuntu Customization Kit. Would either of them do what I want?
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    Hi mirimir,

    I don't know if Remastersys will do what you want. A couple of years ago, I asked if it could be used to capture my live environment and the net answer from the developer was that it would probably take about 12 GB of free hard drive space - so, a no go for my needs then.

    Here are some links that might be helpful for what you want to do:

    PXE Booting a Diskless Ubuntu Server.

    DisklessUbuntuHowto.

    You might want to think about using gPXE.

    -- Tom
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Thanks, Tom :)

    Although NFS would work for initial testing, I'm concerned that my ISP connection is too slow, even for testing in a local hosting facility. Getting symmetric 100Mbps is my primary goal here :)

    Also, I want the remote server to be independent of my local gear, especially because I'm going to be moving, and will be offline for a while.
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    Hi mirimir,

    I saw this article about Ubuntu low-mem install for VMs to reduce the amount of memory needed for VMs and thought it might be useful if applicable to your case and can accomodate your requirements, but I'm really not an expert on VMs. Hope it helps!

    -- Tom
     
    Last edited: Apr 9, 2013
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Thanks, Tom. I'll play with that.

    I wonder what it's doing. What's missing with "minimal virtual machine"?

    I'll update the thread when I find out.

    As far as the LiveCD goes, I guess that I'll be asking on Remastersys and Ubuntu forums, but I'll be new there, which often doesn't work out so well.
     
  6. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    Hi mirimir,

    If your plan is to take an existing .iso , strip it of unwanted packages, and add to it, ask me how and I'll point you to what I know how to do, and walk you through what I have done in the past to create my own pae .iso before they became standard issue for Ubuntu.

    According to the article "minimal virtual machine" means using the least amount of RAM possible as well as reduce disk usage - I assume they mean "virtual disk usage" as a Live environment is all in RAM.

    -- Tom
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Thanks, Tom :)

    I'm exploring how to securely run a remote server. I know that I'm reinventing the wheel, but I don't know where to get the plans ;)

    With a diskless server booting from a LiveCD, there's much less risk of data compromise. I'll configure ssh on the LiveCD to accept key-based connections only from me, with root and password-based access disabled. I'll use tripwire as well, to verify integrity of the LiveCD.

    I could also employ such physical measures as internally disconnecting USB and VGA ports, and embedding RAM. But that would be complicated and expensive unless I used local hosting ;)

    I'll be using VirtualBox VMs to isolate components from each other, and to isolate the host from them. To permit easy customization, none of the VMs will be on the LiveCD. They, and any sensitive data, will be sent via sftp after the LiveCD boots.

    LiveCDs tend to be slow, with lots of disc thrashing. To avoid that, I'd like to configure the LiveCD to load everything that it needs into ramdisk. Although booting will be slower, I can live with that. Also, I want the ramdisk to be large enough for the VMs that I'll be adding.

    To summarize, I want to customize the LiveCD in these ways:

    increase ramdisk size and loading of system components
    configure ssh with my public key, and disable other access
    install VirtualBox
    install tripwire and generate hashes for integrity verification

    Is that readily doable?
     
  8. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    Hi mirimir,

    From my own perspective, Live CDs are limited to just over 700 MB, while Live USBs are faster at booting into RAM and more portable than CDs/DVDs (i.e. in your pocket portable). Live USBs/DVDs are getting to be required with increasing distribution sizes.

    Live CDs don't need to be slow if their support includes boot loading with the toram parameter such as Knoppix provides. You can also use tohd by creating a linux partition on hard drive exclusively for booting the Live CD from as I understand it. Knoppix has a great list of cheat codes with which to modify the normal Live CD booting command - check it out and then if you are using Ubuntu for the Live CD you will need to find a list of what cheat codes (aka boot options) they support for booting a Live CD/USB/DVD.

    There is also a bootfrom cheat code in Knoppix that is worth checking out as it allows you to develop the Live CD environment you are creating without the constraints of a Live CD (700MB). For example, you could boot from an ISO image on disk by issuing:
    bootfrom=/dev/hda1/Knoppix.iso

    This would be an ideal approach for development of your customized Live CD as it would avoid any slowness involving a normal Live CD approach.

    -- Tom
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Thanks, Tom. I'll check out Knoppix and cheat codes.

    It's not that I want more than 700MB on the LiveCD. It'll be a server, with no X or desktop environment, and VirtualBox isn't that big.

    What I want is a bigger ramdrive. It seems like the standard LiveCD ramdrive is about twice the size of the compressed filesystem, and that there's about 650MB available for installing stuff. I need more like 2-3GB for installing stuff. The host machine has 8GB, so that seems doable.

    Also, when I say "diskless", I mean that the host machine will have no hard disk, so I can't boot from an ISO image. I could boot from USB. The server may have an internal USB port, and I can easily create one if it doesn't.
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    OK, I've skimmed -http://knoppix.net/wiki/Knoppix_Remastering_Howto.

    It seems to do everything that I need. I must have misunderstood what I had read elsewhere about toram. Also, I get that toram simply loads the filesystem from the LiveCD. So if I want a 4GB filesystem, I'll need to create a LiveDVD or USB.

    Thanks again, Tom :)

    Edit: In the "Remastering the ISO" script, I see this:

    Code:
    # Make the big  compressed filesystem KNOPPIX
    genisoimage -input-charset ISO-8859-15 -R -l -D -V KNOPPIX_FS -quiet \
      -no-split-symlink-components -no-split-symlink-fields \
      -hide-rr-moved -cache-inodes $PFAD/knx/source/KNOPPIX \
      | /usr/sbin/create_compressed_fs -q -B 65536 -t 8 -L 9 \
      -f $PFAD/knx/isotemp - $PFAD/knx/master/KNOPPIX/KNOPPIX
    I'm guessing that "65536" specifies the size of the compressed filesystem. If that's so, can I just change it to single-layer DVD size?

    Edit2: OK, I get it. That's block size. If I want DVD-sized filesystem, I start with KNOPPIX_V7.0.4DVD-2012-08-20-EN.iso ;)
     
    Last edited: Apr 11, 2013
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Wow, I was very confused about this :oops:

    It seems that Debian bootcd is what I want, in that its primary purpose is creating boot CDs for diskless systems ;)

    Knoppix and Ubuntu Customization Kit are for creating custom distros. And Remastersys is mainly for ISO backups, but can also create custom distros.

    I'll say more after learning how to use Debian bootcd.
     
  12. curious george

    curious george Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    218


    https://wiki.archlinux.org/index.php/Using_DM-Crypt#Kernel_parameter_configuration_of_the_bootloader


    might be of some use...
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Thanks, but I don't think that I'll encrypt the LiveCD, because I want unattended reboot. I could do a Mandops server, I know. But that's too much hassle for now.

    I just won't put anything sensitive on the LiveCD. I'll just sftp it after the system is up, and it (and any logs etc) will be gone at reboot. RDP connections to the VMs will be RC4 encrypted.

    Anyway, here's what I've done so far. Eventually I'll post a tutorial.

    Set up host machine:

    dual-core CPU
    8GB RAM

    Debian 7.0 (Wheezy) x64

    Code:
    300MB	/boot
    1.0GB	/swap
    10GB	/
    Installed firmware-linux-nonfree, bootcd, and virtualbox with extpack.

    Using VBoxManage, created four VMs:

    pfSense 2.03 x86 (for VPN service client)
    CrunchBang 11 x86 (for managing pfSense and Tor gateway)
    ra's Tor Gateway (gateway for Debian server)
    Debian 7.0 (Wheezy) x86 (for running Tor hidden services)

    Disk usage summary:

    Code:
    Filesystem              Size  Used Avail Use% Mounted on
    rootfs                  9.9G  6.1G  3.4G  65% /
    udev                     11M     0   11M   0% /dev
    tmpfs                   847M  189k  846M   1% /run
    /dev/disk/by-uuid/foo   9.9G  6.1G  3.4G  65% /
    tmpfs                   5.3M     0  5.3M   0% /run/lock
    tmpfs                   1.9G     0  1.9G   0% /run/shm
    /dev/sda1               290M   30M  246M  11% /boot
    Next steps: configure hidden services, and create LiveCD using bootcd.

    Edit: I have a ~3GB working LiveCD :D

    Getting OpenVPN Access Server and the Tor hidden services up was easy.

    Getting a working LiveCD was a pain. I had to make the CrunchBang VM use differencing VDIs, and have bootcdwrite keep the base VDI out of RAM. That makes CrunchBang sluggish from the LiveCD, but it's usable for managing pfSense and Tor gateway.
     
    Last edited: Apr 28, 2013
Loading...
Thread Status:
Not open for further replies.