[GSOC 2020] Booting via network

[GSOC 2020] Booting via network

[Brice Waegeneire]

[-- Attachment #1: Type: text/plain, Size: 5205 bytes --]

Hello,

I know it's quite late to submit a GSOC proposal but here it's.
I would like to work on the project suggested by Danny to
add PXE support to Guix. Which has been requested several
times on IRC and in the ML. This would get us a step closer
to provisioning bare bone machines directly from Guix.

1 Name
══════

   Brice Waegeneire


2 Email
═══════

   [`brice@waegenei.re']


3 Project name
══════════════

   GNU Guix: [Booting via network]


[Booting via network]
<https://libreplanet.org/wiki/Group:Guix/GSoC-2020#Booting_via_network>


4 Summary
═════════

   This Google Summer Of Code proposal goal is two fold: adding to Guix
   System the ability to boot from the network and using it as a PXE
   server. This will be done by adding NFS support to the initrd along
   with adding DHCP and TFTP services to easily set up a PXE server.


5 Benefits
══════════

   PXE booting is a feature that most mainstream GNU/Linux distributions
   support but it is still missing in Guix due to the initrd being
   written in Guile. This impede the adoption of Guix System in
   organisations where a lot of user terminals are in use, such as
   libraries; without it each terminal has to be manually provisioned
   which is time consuming and repetitive. It would also help the [Guix
   HPC] crowd to provision their clusters with Guix System instead of
   just using Guix as a package manager.

   Realising this proposal will put Guix System at the same level as
   other distributions regarding network booting and ahead of the pack in
   regards to the simplicity of setting up a PXE server.

   This will enable future work on `guix deploy' to add bare bone
   provisioning.


[Guix HPC] <https://hpc.guix.info/about/>


6 Deliverables
══════════════

   `(gnu system linux-initrd)' will be modified to support mounting the
   root of the file system from an NFS server. DHCP and TFTP services
   allowing PXE configuration options will be added to `(gnu services)'
   together with a PXE server service to serve Guix System to PXE
   clients.

   The documentation at `guix.texi' will be updated to reflect the new
   initrd feature and the additional services. An end-to-end test will be
   added to `(gnu tests)' using Guix as the PXE server which will boot
   Guix System on the clients.


7 Plan
══════

   I’ll be able to work on this for the whole summer. At the end of each
   phase I’ll write a email to `guix-devel@gnu.org' detailing my work
   during the previous month and my progress compared to the following
   plan.


7.1 Phase 1 (June 1 - July 3)
─────────────────────────────

   • Setting a clean developing environment.
   • Planning the actual design.
   • Manually configuring a PXE server with some clients.
   • Adding NFS support to the initial ramdsik.

   Before the first deadline I’ll have a working PXE environment, the
   design phase will be finished and the modification of the initrd will
   be more than half done.


7.2 Phase 2 (July 3 - July 31)
──────────────────────────────

   • Finishing the work on the initrd.
   • Adding the DHCP and TFTP services.

   At this point Guix System will be able to PXE boot from a manually
   configured server at least.


7.3 Phase 3 (July 31 - August 24)
─────────────────────────────────

   • Adding the PXE server service.
   • Writing the test.
   • Writing the documentation.
   • Tyding things up.
   • Writing a blog post describing the new features.

   All of the deliverables will be finished, fully working and the
   modifications merged in Guix.


8 Communication
═══════════════

   I communicate daily through IRC in the `#guix' channel on Freenode as
   `bricewge' and by email as [`brice@waegenei.re'] to the different
   Guix’s mailing lists.

   I plan to communicate live with my mentor, by phone or video chat
   (Jitsi Meet), at least twice a week to inform him about what I’m
   actually doing, what I’ve done and what is blocking me. To make
   following my progress easier I’ll keep a daily updated branch `gsoc'
   at <https://git.sr.ht/~bricewge/guix>.


[`brice@waegenei.re'] <mailto:brice@waegenei.re>


9 Qualifications
════════════════

   For several years I used NixOS as my main system and actively
   contributed to it. Some months ago I switched to using Guix System
   exclusively, since then I have written patches to Guix and Shepherd
   adding packages, service, features and documentation – most of which
   have been merged – and will continue to so since hacking on this
   project is so enjoyable.

   Related to network booting, I had setup my homelab to PXE boot from an
   Arch box some years ago.

   I am also a computer science student, a Free Software advocate and an
   avid Emacs user. I’m currently reading SICP to improve my Scheme
   skills.

[-- Attachment #2: guix.pdf --]
[-- Type: application/pdf, Size: 146687 bytes --]

Re: [GSOC 2020] Booting via network

[Vincent Legoll]

Hello,

that's a great project, I hope to be able to lend a hand,
here and there...

-- 
Vincent Legoll

Re: [GSOC 2020] Booting via network

[Vagrant Cascadian]

[-- Attachment #1: Type: text/plain, Size: 988 bytes --]

On 2020-03-30, Brice Waegeneire wrote:
> I know it's quite late to submit a GSOC proposal but here it's.
> I would like to work on the project suggested by Danny to
> add PXE support to Guix. Which has been requested several
> times on IRC and in the ML. This would get us a step closer
> to provisioning bare bone machines directly from Guix.

I was just thinking Guix needed network boot support yesterday! Happy to
hear you're looking into it...

I've been the LTSP maintainer in Debian for almost 15 years, so have a
good amount of experience with network booting. LTSP was rewritten from
scratch last year and there might be elements of it useful to you:

  https://ltsp.org

None of it is scheme code, but there are possibly some useful ideas in
there you could make use of. One of the big changes is making extensive
use of iPXE, though that might need some further auditing to meet the
FSDG (Free Software Distribution Guidelines?) for inclusion into Guix.


live well,
  vagrant

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]

iPXE network booting (was Re: [GSOC 2020] Booting via network)

[Giovanni Biscuolo]

[-- Attachment #1: Type: text/plain, Size: 3839 bytes --]

Hello Brice and Vagrant

Vagrant Cascadian <vagrant@debian.org> writes:

> On 2020-03-30, Brice Waegeneire wrote:
>> I know it's quite late to submit a GSOC proposal but here it's.
>> I would like to work on the project suggested by Danny to
>> add PXE support to Guix. Which has been requested several
>> times on IRC and in the ML. This would get us a step closer
>> to provisioning bare bone machines directly from Guix.

Great feature, I hope you are not too late

[...]

>   https://ltsp.org

Thanks Vagrant for your work with LTSP in Debian!!!

I'm an _enthusiastic_ user of LTSP (LTSP5 now, but soon I'll experiment
20.04) and I'll be very happy to test (and help as I can) develop this
Guix feature (network booting, I mean).

I never used iPXE but... please consider using iPXE (if possible) for
Guix network booting and consider that this feature is a prerequisite
for seamless remote desktop with Guix (using x2go or xrdp like the new
LTSP is doing [1]) in addition to "diskless fat clients"; a very cool
feature, I think :-D

In addition to LAN booting, iPXE supports booting from:

* a web server via HTTP/HTTPS
* an iSCSI SAN
* a Fibre Channel SAN via FCoE
* an AoE SAN
* a wireless network
* a wide-area network
* an Infiniband network

inlcuding "code signing" to verify the authenticity and integrity of
files downloaded by iPXE.

Users will have many interesting, configurable [2] and secure ways to
boot Guix with iPXE :-D (imagine booting from a remote host connected
via a wireguard network connection... could it be possible?!?)

> None of it is scheme code, but there are possibly some useful ideas in
> there you could make use of. One of the big changes is making extensive
> use of iPXE, though that might need some further auditing to meet the
> FSDG (Free Software Distribution Guidelines?) for inclusion into Guix.

Vagrant plz do you have some specific potential issue in mind?

iPXE AFAIU is completely free software https://ipxe.org/licensing , it
also contains a tool that produces a detailed license analysis for each
ROM file.

On Guix iPXE could be used in "chainloading mode" [3] if the network
card already have a PXE implementation or - for advenced users - could
replace the network card ROM [4]: Guix service configuration should then
allow disabling chainloading for advanced users.

iPXE is still not packaged for Guix but it should not be hard to package
since AFAIU it uses standard GNU build tools and deps are all already
packaged (not sure about mkisofs and syslinux):

https://ipxe.org/download:
--8<---------------cut here---------------start------------->8---

[...]

build it using:

  cd ipxe/src
  make

You will need to have at least the following packages installed in order to build iPXE:

    gcc (version 3 or later)
    binutils (version 2.18 or later)
    make
    perl
    liblzma or xz header files
    mtools
    mkisofs (needed only for building .iso images)
    syslinux (for isolinux, needed only for building .iso images)

[...]

--8<---------------cut here---------------end--------------->8---

Making a iPXE ISO image could be useful to boot from CD-ROM/USB on
machines lacking NIC supporting PXE (do they still exist?)


HTH! Thanks, Gio'




[1] https://github.com/ltsp/community/issues/4: «thin client support is
now reduced to "remote desktop with xfreerdp / x2go / VNC".»
Exept VNC (that I do not consider useful in this scenario), x2go and
xrdp are still not packaged in Guix but we can work it out

[2] https://ipxe.org/embed and https://ipxe.org/scripting (including
dynamic scripts)

[3] https://ipxe.org/download#chainloading_from_an_existing_pxe_rom

[4] https://ipxe.org/howto/romburning

-- 
Giovanni Biscuolo

Xelera IT Infrastructures

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

Re: iPXE network booting (was Re: [GSOC 2020] Booting via network)

[Vincent Legoll]

Hello,


in order to start the discussion and the project, what

about the patch in [1] ?


It's marked RFC as there are a few debatable points.


And it can be enhanced (building the efi firmwares, etc.)


[1] http://debbugs.gnu.org/cgi/bugreport.cgi?bug=40579


-- 

Vincent Legoll

Re: [GSOC 2020] Booting via network

[Brice Waegeneire]

Hello Vincent,

On 2020-03-30 22:10, Vincent Legoll wrote:
> Hello,
> 
> that's a great project, I hope to be able to lend a hand,
> here and there...

Looks like you already started by packaging iPXE. :)
Thanks!

- Brice

Re: [GSOC 2020] Booting via network

[Brice Waegeneire]

Hello Vagrant,

On 2020-03-30 23:16, Vagrant Cascadian wrote:
> I was just thinking Guix needed network boot support yesterday! Happy 
> to
> hear you're looking into it...
> 
> I've been the LTSP maintainer in Debian for almost 15 years, so have a
> good amount of experience with network booting. LTSP was rewritten from
> scratch last year and there might be elements of it useful to you:
> 
>   https://ltsp.org
> 
> None of it is scheme code, but there are possibly some useful ideas in
> there you could make use of. One of the big changes is making extensive
> use of iPXE, though that might need some further auditing to meet the
> FSDG (Free Software Distribution Guidelines?) for inclusion into Guix.

I see the rewrite has been done during a GSoC too; it's interesting that 
it
has mostly been done in shell. It looks like a interesting project, I'll
keep reading...

- Brice

Re: iPXE network booting (was Re: [GSOC 2020] Booting via network)

[Brice Waegeneire]

Hello Giovanni,

On 2020-04-10 13:44, Giovanni Biscuolo wrote:
> 
> [...]
> 
> I never used iPXE but... please consider using iPXE (if possible) for
> Guix network booting and consider that this feature is a prerequisite
> for seamless remote desktop with Guix (using x2go or xrdp like the new
> LTSP is doing [1]) in addition to "diskless fat clients"; a very cool
> feature, I think :-D

Since the proposal has already been submitted I can't promise to add 
iPXE
support in the context of this GSoC, however I will keep it in mind when
implementing PXE booting. If I'm able to finish it early I'll look into
adding iPXE booting as a bonus.

> In addition to LAN booting, iPXE supports booting from:
> 
> * a web server via HTTP/HTTPS
> * an iSCSI SAN
> * a Fibre Channel SAN via FCoE
> * an AoE SAN
> * a wireless network
> * a wide-area network
> * an Infiniband network
> 
> inlcuding "code signing" to verify the authenticity and integrity of
> files downloaded by iPXE.
> 
> Users will have many interesting, configurable [2] and secure ways to
> boot Guix with iPXE :-D (imagine booting from a remote host connected
> via a wireguard network connection... could it be possible?!?)

Wow, that sounds cool. I would like to find out if it's possible too.

> 
> [...]
> 
> HTH! Thanks, Gio'

Yes it is helping, really, that was dense with information.

Cheers,
- Brice

Re: [GSOC 2020] Booting via network

[Vincent Legoll]

Hello,

On 15/04/2020 20:57, Brice Waegeneire wrote:
> On 2020-03-30 22:10, Vincent Legoll wrote:
>> that's a great project, I hope to be able to lend a hand,
>> here and there...
>
> Looks like you already started by packaging iPXE. :)
> Thanks!


That one was a "release early", but I can't promise you

a "relase often"... ;-)


-- 

Vincent Legoll