Thursday, 30 November 2017

Creating Arch Linux Packages

In this blog, we take a look at creating Arch Linux packages. Working through an example we create an Arch Linux package with the latest SED source code.  In Arch, we have pkg files stat make up the software packages used to encapsulate out software that we install and remove from the system. These files are very similar to the deb files we have in Debian and the rpm files used in Red Hat.

Arch Linux Packages, LPI Tutorials and Materials, LPI Certifications

Using Software Packages


In all Linux distributions, we want to use software packages where possible when installing software. The process of installing is simplified and the package contains the packaged programs and dependencies lists. More than this though, we are able to easily list what is installed and remove software that is no longer needed as we have a database of what is installed.

Latest Software Versions


When a package is not available in the repository then you can choose to download and compile the source code. This, though, is not the best where we have many servers and it is not so easy to audit or remove software installed in this way. This is where we can create our own packages so we can maintain the integrity of our installed software base across the server estate. We may also choose this method where the latest version of the vendor software has not made it into the Arch repositories. We will use SED 4.4 for the demonstration, the current version in the repo is 4.2.

Creating Arch Linux Packages for SED 4.4


We will be working with the source code for SED, the Stream Editor. The version we have in the repos as of February 2017 is version 4.2 and the latest version from the vendor itself is 4.4. Although, there may not be a lot of difference we may need these new features and hence the need to package sed 4.4.

Build Host

We need an Arch system up and running to build the packages on. This needs to be the same architecture of the target clients. Ensure that we have the base-devel package group installed as this will give as there required compilers and the makepkg command.

$ sudo pacman -S base-devel

With this installed and ready top go we can create a directory to work with. We should be logged in as a standard user and NOT root. Move to your home directory and create a folder called abs for Arch Build System. We won’t be using the ABS command but the directory name still makes sense. In that directory, we can create a directory named sed. Representing the package that we are creating.

$ cd
$ midir -p abs/sed
$ cd abs/sed

Create the PKGBUILD File


The command makepkg will read it work inventory from the PKGBUILD file. A sample file can be copied from /usr/share/pacman/PKGBUILD.proto. The file should be copied across to the sed directory and named PKGBUILD. The file should be edited so it appears similar to the following:

pkgname="sed"
pkgver=4.4
pkgrel=1
pkgdesc="SED the stream editor"
arch=("x86_64")
license=('GPL')
source=("ftp://ftp.gnu.org/gnu/sed/$pkgname-$pkgver.tar.xz")
build() {
        cd "$pkgname-${pkgver}"
        ./configure --prefix=/usr
        make
}

package() {
        cd "$pkgname-${pkgver}"
        make DESTDIR="$pkgdir" install
}

◉ The source function is used to download the source code tarball
◉ The build function creates the Makefile and compiles the code
◉ The package function installs the target code to a local subdirectory so the install can run as a standard user and not actually install onto the system. This steps also creates the package from the dummy directory.

The structure of the abs directory should be similar to this:

abs
└── sed
    └── PKGBUILD

Execute makepkg


To create the package we run the aptly named program makepkg. This is from the base-devel package group. We first run with the -g option which will create an MD5 Checksum for the downloaded source file and add it to the PKGBUILD file. We then run makepkg proper. This all should be run from the ~/abs/sed directory.

$ makepkg -g >> PKGBUILD && makepkg

This will run through the complete instruction set that we added to the PKGBUILD file and create a file named: sed-4.4-1-x86_64.pkg.tar.xz. This we can copy to the target systems or add to our own repo. In the demo we create the package file to another Arch Linux system for installation:

$ scp sed-4.4-1-x86_64.pkg.tar.xz 192.168.56.11:

We can then install it from that system with:

$ sudo pacman -U sed-4.4-1-x86_64.pkg.tar.xz

I hope you enjoy the video demonstration:

Friday, 24 November 2017

7 Steps to Start Your Linux SysAdmin Career

LPI Tutorials and Materials, LPI Certification, LPI Guides, LPI SysAdmin

Linux is hot right now. Everybody is looking for Linux talent. Recruiters are knocking down the doors of anybody with Linux experience, and there are tens of thousands of jobs waiting to be filled. But what if you want to take advantage of this trend and you’re new to Linux? How do you get started?

1. Install Linux  


It should almost go without saying, but the first key to learning Linux is to install Linux. Both the LFS101x and the LFS201 courses include detailed sections on installing and configuring Linux for the first time.

2. Take LFS101x


If you are completely new to Linux, the best place to start is our free LFS101x Introduction to Linux course. This online course is hosted by edX.org, and explores the various tools and techniques commonly used by Linux system administrators and end users to achieve their day-to-day work in a Linux environment. It is designed for experienced computer users who have limited or no previous exposure to Linux, whether they are working in an individual or enterprise environment. This course will give you a good working knowledge of Linux from both a graphical and command line perspective, allowing you to easily navigate through any of the major Linux distributions.

3. Look into LFS201


Once you’ve completed LFS101x, you’re ready to start diving into the more complicated tasks in Linux that will be required of you as a professional sysadmin. To gain those skills, you’ll want to take LFS201 Essentials of Linux System Administration. The course gives you in-depth explanations and instructions for each topic, along with plenty of exercises and labs to help you get real, hands-on experience with the subject matter.

LPI Tutorials and Materials, LPI Certification, LPI Guides, LPI SysAdmin

If you would rather have a live instructor teach you or you have an employer who is interested in helping you become a Linux sysadmin, you might also be interested in LFS220 Linux System Administration. This course includes all the same topics as the LFS201 course, but is taught by an expert instructor who can guide you through the labs and answer any questions you have on the topics covered in the course.

4. Practice!


Practice makes perfect, and that’s as true for Linux as it is for any musical instrument or sport. Once you’ve installed Linux, use it regularly. Perform key tasks over and over again until you can do them easily without reference material. Learn the ins and outs of the command line as well as the GUI. This practice will ensure that you’ve got the skills and knowledge to be successful as a professional Linux sysadmin.

5. Get Certified


After you’ve taken LFS201 or LFS220 and you’ve gotten some practice, you are now ready to get certified as a system administrator. You’ll need this certification because this is how you will prove to employers that you have the necessary skills to be a professional Linux sysadmin.
There are several Linux certifications on the market today, and all of them have their place. However, most of these certifications are either centered on a specific distro (like Red Hat) or are purely knowledge-based and don’t demonstrate actual skill with Linux. The Linux Foundation Certified System Administrator certification is an excellent alternative for someone looking for a flexible, meaningful entry-level certification.

6. Get Involved


At this point you may also want to consider joining up with a local Linux Users Group (or LUG), if there’s one in your area. These groups are usually composed of people of all ages and experience levels, so regardless of where you are at with your Linux experience, you can find people with similar skill levels to bond with, or more advanced Linux users who can help answer questions and point you towards helpful resources. To find out if there’s a LUG near you, try looking on meetup.com, check with a nearby university, or just do a simple Internet search.

There are also many online communities available to you as you learn Linux. These sites and communities provide help and support to both individuals new to Linux or experienced administrators:

http://wiki.centos.org/Documentation

7. Learn To Love The Documentation


Last but not least, if you ever get stuck on something within Linux, don’t forget about Linux’s included documentation. Using the commands man (for manual), info and help, you can find information on virtually every aspect of Linux, right from within the operating system. The usefulness of these built-in resources cannot be overstated, and you’ll find yourself using them throughout your career, so you might as well get familiar with them early on.

Tuesday, 21 November 2017

Join the Linux Professional Institute Development Community and earn your LPIC-2 Linux Engineer certification for free.

The Linux Professional Institute (LPI) has updated the objectives for LPIC-2 and is offering free beta exams to a limited number of qualified candidates.

The Linux Professional Institute (LPI) is organizing select events worldwide that offer a rare opportunity for eligible LPIC-1 certificate holders to be among the first to take the updated 201 and 202 beta exams, join the LPI Exam Development Community, and advance their professional credentials.

LPI Certifications, LPI LPIC Exam, LPI Exam

LPI is committed to the development of global standards and certifications in Linux and open source innovation. A community of Linux professionals, volunteers, vendors, and educators design the LPI Certification Program that unites the requirements of both IT professionals and the organizations that would employ them.

To achieve this goal LPI utilizes an open, rigorous, and consultative development process that uses both volunteer and hired resources. The LPI development process is widely recognized and endorsed by Fortune 500 companies, and has met the strict requirements of independent certification authorities.

About the LPIC-2 Linux Engineer Certification

LPIC-2 is aimed at advanced Linux professionals. To be awarded LPIC-2, candidates must be able administer small-to-medium sized mixed networks, and provide recommendations to upper management. To become LPIC-2 certified the candidate must be able to:

◉ Administer a small to medium-sized site
◉ Plan, implement, maintain, keep consistent, secure, and troubleshoot a small mixed (MS, Linux) network, including a:
◉ LAN server (Samba, NFS, DNS, DHCP, client management)
◉ Internet Gateway (firewall, VPN, SSH, web cache/proxy, mail)
◉ Internet Server (web server and reverse proxy, FTP server)
◉ Supervise assistants
◉ Advise management on automation and purchases

About the LPIC-2 Beta Exams (Version 4.5)

Beta exams are organized in the English language only, and will be delivered as paper based tests (PBT). Both exams, 201 and 202, each take 90 minutes and contain 60 questions. They are offered free of charge. Passing the exams for 201 and 202 in conjunction with an active LPIC-1 certification leads to the LPIC-2 Linux Engineer certification.

In addition, beta candidates will be asked to answer a short survey and provide feedback on the exam content. For this purpose, LPI Exam Development staff may visit beta exam labs to collect direct feedback from the candidates.

Candidates should be aware that beta exams cover the new version of the objectives which will contain new exam material. Their passed exams are counted as regular exams and can be used to achieve a certification. Failed exams can be deleted from the candidate’s profile on their request.

How to prepare for the LPIC-2 Beta Exams

Candidates can find updated exam objectives for the new LPIC-2 201 and 202 (Version 4.5) on the LPI Wiki Resources website: https://wiki.lpi.org/wiki/LPIC-2_Objectives_V4.5

The detailed list of changes is available at: https://wiki.lpi.org/wiki/LPIC-2_Summary_Version_4.0_To_4.5

How to sign up for LPIC-2 Beta Exams for free

Beta exams are currently available in select regions including Latin America, North America, Europe, Africa, and Asia). To apply for the free beta exams in your country, please fill out the LPIC-2 Beta Exam Contact Request Form here: https://www.lpi.org/lpic-2-beta-signup

“We are thankful to all the candidates for their support of our exam development process and standards at LPI. Accurate skills verification is vitally important in today’s economy, ” states Mr. Matthew Rice, Executive Director of LPI. He goes on to explain, “Our organization has a fundamental commitment to championing workforce development initiatives for Linux and open source professionals. We have been working closely with employers globally to reinforce the value of certification, and we are seeing demand for certification rise. A recent survey found that 93% of employers plan to hire a Linux professional.”

About the Linux Professional Institute (LPI)

LPI is the global certification standard and career support organization for open source professionals. With more than 500,000 exams delivered, it's the world's first and largest vendor-neutral Linux and open source certification body. LPI has certified professionals in 181 countries, delivers exams in 9 languages, and has over 200 training partners.

We are committed to providing the IT community with certifications of the highest quality, relevance, and accuracy. 

Saturday, 18 November 2017

What is DevOps? or: Why Another DevOps Certification?

The Linux Professional Institute ("LPI") recently announced the objectives for a new certification – the LPIC-OT DevOps Tools Engineer – which tests the skills and understanding of the open source tools commonly used by organisations trying to create a DevOps environment.

LPI Tutorials and Materials, LPI Certification, LPI Exam, LPI Learning

If you want a brief introduction into DevOps, Wikipedia has a good description of the subject:

"a term used to refer to a set of practices that emphasize the collaboration and communication of both software developers and information technology (IT) professionals while automating the process of software delivery and infrastructure changes"

It is the simplicity of this description that belies the complexity that exists in both the collaboration methods and the full technology stack required to implement the desired organizational changes.

While researching the need for and potential content of a DevOps certification, LPI quickly found that while many organizations were covering the collaboration side of DevOps – such as the Project Management Institute with the PMI-ACP credential – few were offering a complementary certification that covered the technology required to support it.

Considering that most, if not all, of the most popular DevOps tools are open source, it was a natural decision for us to create a certification that tests the skills required to use these technologies effectively.

The image below is a good representation of the cyclical nature of DevOps, which involves taking new code, using it in production and providing feedback in order to aid further improvements and feature development:


The basic building blocks of a DevOps toolchain are covered in detail by LPI’s new DevOps tools certification – with two exceptions: the programming language technologies and the individual service configuration topics.

These two areas deserve their own attention and, possibly, their own certifications. Although, it should be noted that LPI does already cover the configuration and management of commonly deployed network services in our LPIC-2 certification.

There are many more services, including custom developed ones, which are also beyond the scope of the new certification.

However, what exactly should be covered in a programming language certification track remains a contentious topic.

As an aside, if you are interested in helping us determine what we cover in future certifications, feel free to join the LPI exam development mailing list by signing up here. We’d love for you to get involved.

The creation of a DevOps certification was also a little contentious among our development groups – partially because, at LPI, we tend to cover field-deployed topics.

On closer inspection by everyone involved it became clear that best practices and the use of reliable open source tools within DevOps were becoming ubiquitous. Certification of these skills became an important next step for LPI and our community.

This dominance of open source DevOps tools also demonstrates that open source software continues to lead and enable innovation. As IT professionals who relish using open source, this gives us every reason to look forward to more opportunities for participating in interesting projects.

It also means you will increasingly have the ability to better support the tools that you create. As an LPI certification holder myself, I'll be getting my certification as soon as I can.

Wednesday, 15 November 2017

Installing Arch Linux

Installing Arch Linux is not the easy way to get Linux up and running and neither should it be. The idea behind Arch is that your learn Linux. Nothing is hidden from you and you control everything. Using this approach you do gain real control over the Operating System you install adding only what you want and nothing more. There is not installer program, so all the steps of the install process has to be completed by you. By the end of the install you will already be an experienced Linux Administrator, although you may have done more than a little Googling only the way.

LPI Tutorials and Material, LPI Guides, LPI Live

Downloading the ISO


Installing Arch starts with downloading the ISO file. This can be obtained from Arch themselves and the ISO is date based. The ISO file I use is dated 2016-11-01. As always, new features may be added in later releases of the installer disk. Downloading the DUAL version will allow you to install the 32 bit or 64 bit version of Arch. With the ISO downloaded you can install to a virtual machine or physical machine. Using the Linux command dd you may transfer the ISO contents to a USB drive.

Hardware Requirements


◉ 32 bit Version >= 256MB
◉ 64 bit Version >= 512MB

When installing Arch Linux in the demonstration we will see that a Virtual Machine is used but this could equally be a physical machine on bare-metal. The requirements can be very low depending on what you want to do with the system. I will not use a GUI or run many services so I can get away with very small requirements. Using as low as 256MB RAM is possible for the 32 bit version and 512MB is required for the 64 bit version. This is one feature that Arch offers, is that nothing is added that you do specifically add in. We have no spurious services running in the background that you may or may not run.

Installing Arch Linux


Starting the VM or the Physical Box to run the install making sure that we do boot from the ISO or CD. In doing this we will boot to the live Arch installation system. The boot menu will allow us to choose to install the 64 bit or 32 bit version. We choose the 64 bit edition in the demonstration. Linux will load and login automatically as the root user to the ISO.

Setting the Keyboard Layout


Using the default keyboard layout is going to be fine if you have a US keyboard. Using other keyboard layouts may require you to set the layout to match the keyboard that you have. If you are only going to connect via SSH you may well be able to leave this at the default and your client layout will have the correct mapping no mater what your Arch Server is set to. For example, connecting from a UK SSH client will give you access to the UK keylayout.

The keymaps are stored in sub-directories below the /usr/share/keymaps directory. The UK layout would be /usr/share/keymaps/i386/qwerty/uk.map.gz. To use this layout we can use the command:

loadkeys uk

Check Network


Since 2012 the network should load automatically where wifi is not required. So if you are using a wired connection with either a VM or Physical system you should have networking. Using the command ip we can verify the address settings:

ip addr show

The output will show that you have an IP Address.

Partitioning the Disk


We are now ready to start partitioning the disk. There are many scenarios that we could run here but we will make use of a swap partition and a single partition for the root filesystem. Initially, though, we can check the the disks we have available to the system.

lsblk

We should see devices /dev/sda if we have a standard hard drive available or perhaps, /dev/vda if we are using XEN or KVM virtualisation. When portioning the disk you can use tools like parted, fdisk, cfdisk and sfdisk to manage this. Much depends on tools you have used before and are comfortable with. We will use fdisk but tools such as cfdisk provide more of a menu if this is what you prefer. We will create a swap portion and a single portion for the rootfs.

Using fdisk as the partitioning tool:

fdisk /dev/sda
n enter # Create new partition
enter # Create primary
enter # Accept the default start
+256M enter # Set size to 256MB
t enter # Change type of partition
enter # Accept the default of partition 1
82 enter # Set it for swap
n enter # Create second new partition
enter # Create primary
enter # Accept the default start
enter # Accept the default end being the rest of the disk
a enter # Set the bootable flag
enter # Accept that this will be on partition 2 the last use partition
w enter # Save the changes
lsblk #Confirm partitions

Format Partitions


So we have the sda1 partition now which we will use for SWAP and sda2 which we will use for our root filesystem. We make use of the XFS filesystem for our root filesystem, you may choose other filesystems if you prefer.

mkswap /dev/sda1
mkfs.xfs -L ROOT /dev/sda2

Using the blkid command we can confirm that the label is set correctly:

blkid

With the filesystem comfortably on the partition we need to use for root, we can mount the filesystem through to the /mnt directory of the live CD. The swapon command is used to add the swap space to the system.

mount /dev/sdb2 /mnt
swapon /dev/sdb1
swapon -s #Can be used to display swap space in use

Installing Packages


While we continue install Arch Linux we do need to add some packages. We will add package groups to make this a little easier. The Arch Linux site has a list of package groups. We add the base package group, which as the name suggests, adds the minimal packages that we require. Adding in base-devel will give you tools like sed and gcc. We target the packages to be installed in the mount point the root filesystem was targeted at. As well as the package groups base and base-devel we can add individual packages.

The individual packages we add are listed below:

◉ grub: The GRUB 2 boot loader
◉ vim: Although the basic vi editor is included in the base group vim provides more functionality such as syntax highlighting.
◉ bash-completion: This package allows for tab completion on programs to be able to list sub-commands and options. Really useful to see which options are available to which sub-commands
◉ openssh: The OpenSSH Server so that we can connect remotely if required.

pacstrap /mnt base base-devel grub vim bash-completion openssh

This will take a little while to download, expand and install. Aim to leave 20 to 25 minutes or so for this process to complete

Create a New /etc/fstab File


The /etc/fstab file is used to mount filesystems at boot time, we of course, need to create this file. Installing Arch Linux in this way we get to see each process, whilst other distributions will use an installer process that will execute many of these task for you. Exposing these elements to you at installation does help you understand the installation better; even though it may seem a little frustrating if you are new to Linux. We still target the etc directory located in the mount point, as that is where the target root filesystem is located. The option -p will include psuedo-filesystems in needed and the -U option is to ensure that partition UUIDs are used in favour of partition devices.

genfstab -pU /mnt >> /mnt/etc/fstab
cat !$ # Will display the /mnt/etc/fstab file, !$ is the last argument

Change Root


We have now completed all the task that we need from the installation disk itself. We can now change the root directory to /mnt. In this ways all commands target our real root filesystem and not the installation disk.

arch-chroot /mnt

Set Root User Password


We can now assign a password to the root user:

passwd root

We will also take this opportunity to create a non-root user account. Adding the user to the wheel group which can be used for administrative purposes. The -m option ensure the user’s home directory is created and the -G option adds the user to the wheel group. We can use this membership of the wheel group later to allow this user access to administrative command via sudo.

useradd -m tux -G wheel
passwd tux

Setting the Hostname and Hosts Entry


We can echo the name that we want to use for our host to the /etc/hostname file. This can be just the name to the Fully Qualified Domain Name if you want.

echo zeus > /etc/hostname

We normally will have a localhost record for that name, so we can append an entry to the local hosts file. Using >> will append to the file and the -e with echo allows for escape code to be used. We use \t for a tab.

echo -e "127.0.1.1\tzeus" >> /etc/hosts

Setting the Timezone


The timezone of the system means that we can accurate know the correct time from time servers around the world. The time is given as UTC time and we can adjust the display to match the timezone we are located in. We need to create a symlink /etc/localtime that points to the correct timezone file we use. On my system I am setting for UK time.

ln -s /usr/share/zoneinfo/Europe/London /etc/localtime

We can now make sure that the system time is synchronised back to the hardware clock, with the hardware clock using UTC time. This is normal as the system time will then add the offset to the Hardware Clocks UTC time.

hwclock --systohc --utc

Setting the Locale


The locale has regional specific information such as the way that the date is display and numerical separators. To set the locale when installing Arch Linux we first edit a template file that list the locales. We just uncomment the locales that we want to use on the system. Uncomment the locale that you want from the file /etc/locale.gen. In my case I  only need to use en_GB.UTF-8 and this is the only locale that I uncomment. Once edited we can generate the lace information using the command locale-gen. Then add the default locale to the file /etc/locale.conf. In my case I add the line LANG=en_GB.UTF-8. To ensure that it is in use now we can also export the variable.

vim /etc/locale.gen
locale-gen
echo LANG=en_GB.UTF-8 > /etc/locale.conf
export LANG=en_GB.UTF-8

Generate the InitRAMFS and Install GRUB


To create the ram disk for the kernel we run the following command

mkinitcpio -p linux

We can then install the GRUB boot loader and populate the grub.cfg file.

grub-install /dev/sda
grub-mkconfig -o /boot/grub/grub.cfg

Enable Services


If we want to continue using DHCP on boot to obtain the IP Address we need to start the DHCP Client automatically and if we want to connect via SSH to the system we need to start the SSH Server on boot. Arch Linux is system based so we use systemctl to manage this.

systemctl enable sshd dhcpcd

Reboot the System


We are almost at the end of installing Arch Linux now. We first have to exit back to the ISO system from the chroot jail we entered. We then shutdown so we can remove the CD or ISO file before rebooting.

exit
shutdown -h now

If it is a virtual machine we can disconnect the ISO file before rebooting.

Final Configuration


With Arch now installed we can restart the system and login as the root user. Once looked in we can ensure that we have the correct keymap loaded on to load on boot.

localectl set-keymap uk

We can also set the default locale

localtectl set-locale LANG=en_GB.UTF-8

To allow the use we created to use sudo to run commands, this use was added to the wheel group, we run the command visudo and un-comment the entry for the wheel group.

visudo

The following video will step you through the complete installation process and is worthwhile watching the full 30 minutes.


Saturday, 11 November 2017

PXELinux using Proxy DHCP

In this blog we look at PXELinux using Proxy DHCP. PXELinux is a network boot server and can be used as a replacement to boot CDs or USB. Devices boot from the network and the PXELinux server provides the bootstrap files. Often this is used to deploy new installations of Linux when a system boots. The PXELinux server will often use its own DHCP Server, but often you have an existing DHCP server and the PXELinux server, then , just needs to send a few extra DHCP options. This is achieved by setting up PXELinux using Proxy DHCP. For the demonstration we are using Ubuntu 16.04 Server.

Install Required Packages for PXELinux using Proxy DHCP


We will install the package dnsmasq as this provides DNS, DHCP, DHCP Proxy and TFTP services with the single package and single service. This is very much designed with PXELinux in mind as we want DHCP and TFTP or as we will use TFTP with Proxy DHCP. Along with this we want the package pxelinux and its sister package syslinux. Pxelinux provides network boot and syslinux provides boot mechanisms from hard disk, iso file systems and USB drives. The package systenlix provides a lot of the shared files that we need for booting to any medium.

PXELinux using Proxy DHCP, LPI Certifications, LPI Tutorials and Materials

$ sudo apt-get update
$ sudo apt-get install pxelinux syslinux dnsmasq

By default the dnsmasq service will be running and is configured as a DNS Server by default. We do not need the DNS server and we will disable this later.

Create the DNSMASQ Configuration


As our first step we will rename the dnsmasq configuration file, /etc/dnsmasq.conf

$ sudo mv dnsmasq.conf dnsmasq.conf.orig

We can then use the editor of choice to create a new configuration:

$ sudo vim /etc/dnsmasq.conf

port=0
log-dhcp
dhcp-range=192.168.56.0,proxy
dhcp-boot=pxelinux.0
pxe-service=x86PC,'Network Boot',pxelinux
enable-tftp
tftp-root=/tftpboot

Make sure that you setup the correct IP address for the network that you want Proxy DHCP to work with. You must have an interface configured on this network range.

◉ port=0 : Disables the DNS Service
◉ log-dhcp=192.168.56.0,proxy : Log DHCP traffic
◉ dhcp-range : The network range that we want to listen to DHCP requests on. The proxy options ensures we only send DHCP options and not the main IP address and mask. This is used so we can interoperate with and existing DHCP Server on the network
◉ dhcp-boot=pxelinux.0: Set the DHCP Option for the boot filename used as the network bootstrap file
pxe-service=x86PC,’Network Boot’,pxelinux : Here we set the 2nd DHCP Option we deliver to DHCP clients and specify this is for our bios based systems, x86PC, a boot message and the name of the bootstrap file omitting the .0 from the end of the name.
◉ enable-tftp : We need the TFTP server to deliver files after the bootstrap files has been delivered by PXELinux using Proxy DHCP.
◉ tftp-root=/tftpboot : We set the path to the root directory that will be used by the TFTP Server

Fix the /etc/resolv.conf


When DNSMASQ was installed the resolv.conf will point to the localhost for DNS name resolution. This will be fine if we leave the DNS Server running but we want to disable it, as we have set with the port=0 setting in the dnsmasq.conf. To ensure that when using PXELinux with Proxy DHCP we do not need DNS we must reconfigure DNSMASQ to ignore the local interface. This is set in the file /etc/default/dnsmasq. And we need to add a line to this file:

$ sudo vim /etc/default/dnsmasq

#Add this as the last line
DNSMASQ_EXCEPT=lo
Create the TFTP Root

We can create the TFTP Server root directory and a subdirectory that we will need:

$ sudo mkdir -p /tftpboot/pxelinux.cfg

We can now restart the services. Restarting the networking service will ensure that the resolv.conf is rewritten as well:

$ sudo systemctl restart dnsmasq.service networking.service

Populate the TFTP Root


We now need to make sure the the bootstrap file that the DHCP options refer to is present. We will also need some other files from the system Linux package. We will add these all to the /tftpboot directory we have recently created.

sudo cp /usr/lib/PXELINUX/pxelinux.0 /tftpboot/
sudo cp /usr/lib/syslinux/modules/bios/{menu,ldlinux,libmenu,libutil}.c32 /tftpboot/
ls -l /tftpboot/
total 240
-rw-r--r-- 1 root root 116492 Oct 29 13:15 ldlinux.c32
-rw-r--r-- 1 root root  24196 Oct 29 13:15 libmenu.c32
-rw-r--r-- 1 root root  23700 Oct 29 13:15 libutil.c32
-rw-r--r-- 1 root root  26208 Oct 29 13:15 menu.c32
-rw-r--r-- 1 root root  42788 Oct 29 13:14 pxelinux.0
drwxr-xr-x 2 root root   4096 Oct 29 13:18 pxelinux.cfg

Create the PXELinux Configuration


When using PXELinux using Proxy DHCP the boot process will look for configurations for the client MAC address it IP address. If a specific file is not found then it can fall back to the default configuration. We will use the default configuration for all the clients at this stage and create a configuration files /tftpboot/pxelinux.cfg/default

$ sudo vim /tftpboot/pxelinux.cfg/default

default menu.c32
prompt 0
menu title Boot Menu
  label localboot
    menu label Boot Local Disk
    localboot 0

We load the menu program first and display the title. We have just one menu item that boots to the local disk. There will be more on installing Linux with these menus in another blog.

All we need to do is boot from a device on the network and test that NetBoot is working for that client. The video shows the process from start to finish.

Wednesday, 1 November 2017

Linux Professional Institute launches new website and brand identity to reflect rededication to its mission

Linux Professional Institute (LPI) is pleased to announce the launch of its new website and brand identity. These efforts enforce LPI’s purpose: to enable economic and creative opportunities for everybody by making Open Source knowledge and skills certification universally accessible.

Linux Professional Institute (LPI)

The new website and brand identity demonstrates Linux Professional Institute’s renewed commitment to its Linux and Open Source community-based beginnings.

Established as an international non-profit organization in October 1999 by the Linux community, LPI has grown to be a global organization contributing to the continued spread of Linux and Open Source software, and the professional certification and support of its members.

LPI’s renewed community commitment is front and center of the new website and redesigned brand identity. Over the next year, these efforts will further support the growth of LPIs certifications, corporate, and academic partnerships.

“The LPI community was created in 1999 and is trusted in over 180 countries, across 9 languages. LPI sets the most accessible, versatile, demanded, and independent standard for Open Source professional certification in the world. This year we also surpassed over half a million exams delivered. We want our brand and website to reflect this, to give people a greater sense of opportunity and better access to all of our Linux and Open Source resources. And now they do,” says G. Matthew Rice, Executive Director of LPI.

Emphasizing the role LPI plays in increasing adoption of Open Source software, Rice commented, “LPI is an enabling, scalable certification program for Open Source professionals who need to demonstrate proficiency in order to establish or further their career and to participate in Open Source communities and economies.”

The launch of the new website reaffirms and bolsters LPI’s ideal of challenging the status quo of closed source solutions, offering an alternative means of getting an education and skills recognition, knocking down barriers of entry for people and businesses by providing access for all, and leveling the economic playing field.

About Linux Professional Institute (LPI)

LPI is the global certification standard and career support organization for Open Source professionals. With more than 500,000 exams delivered, it’s the world’s first and largest vendor-neutral Linux and Open Source certification body. LPI has certified professionals in 181 countries, delivers exams in 9 languages, and has over 200 training partners.