From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id qACcAeay/V55egAA0tVLHw (envelope-from ) for ; Thu, 02 Jul 2020 10:11:50 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id aGcGOeWy/V5ESgAAB5/wlQ (envelope-from ) for ; Thu, 02 Jul 2020 10:11:49 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 6B647940669 for ; Thu, 2 Jul 2020 10:11:48 +0000 (UTC) Received: from localhost ([::1]:38838 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jqwC3-0001zE-6l for larch@yhetil.org; Thu, 02 Jul 2020 06:11:47 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36260) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jqwBs-0001wi-NO for guix-devel@gnu.org; Thu, 02 Jul 2020 06:11:36 -0400 Received: from relay11.mail.gandi.net ([217.70.178.231]:50789) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jqwBq-0004lT-5P for guix-devel@gnu.org; Thu, 02 Jul 2020 06:11:36 -0400 Received: from webmail.gandi.net (webmail19.sd4.0x35.net [10.200.201.19]) (Authenticated sender: brice@waegenei.re) by relay11.mail.gandi.net (Postfix) with ESMTPA id 54369100009; Thu, 2 Jul 2020 10:11:28 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Thu, 02 Jul 2020 10:11:28 +0000 From: Brice Waegeneire To: dannym@scratchpost.org, boskovits@gmail.com Subject: [GSOC 2020] network-boot-service Message-ID: X-Sender: brice@waegenei.re User-Agent: Roundcube Webmail/1.3.13 Received-SPF: pass client-ip=217.70.178.231; envelope-from=brice@waegenei.re; helo=relay11.mail.gandi.net X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/02 06:11:30 X-ACL-Warn: Detected OS = Linux 3.11 and newer X-Spam_score_int: -35 X-Spam_score: -3.6 X-Spam_bar: --- X-Spam_report: (-3.6 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: YHrX91DCVdFY Hello Danny, Gábor, Sorry for the very late update on the status of this GSOC about network booting. At the moment I have working network boot service which I'm using to boot various baremetal machines, I'm currently working on adding NFS support to the initrd. To support the widest hardware and boot options possible I went with iPXE as a chainloader. Meaning that any machine doing a PXE boot (or with builtin iPXE with restricted feature set) will load the iPXE bootloader first, which will then properly load the initrd. For the DHCP/TFTP servers I choose dnsmasq instead of isc-dhcp-server with a separate TFTP server mainly because it support ProxyDHCP mode which is required for one of the most used case. Those technical choice where instructed from the LTSP[1] project and some Guixers advice, Vagrant and Giovani to name a few. Speaking of uses cases for the network boot service, I see three of them. Configuration wise, the most straight-forward is as an authoritative DHCP server where all of the interfaces of the server provide the only DHCP server. I'm guessing it won't be used a lot yet since it imply that the machine running Guix is a router which quite rare ATM since our networking configuration are limited ATM. Probably the most popular use case will be as a ProxyDHCP, in a network where there is already a non-PXE authoritative DHCP server, the authoritative server provides IP addresses where our dnsmasq server only send PXE entries and provides images through TFTP. The last one is as a interface specific DHCP server, where dnsmasq attach to one interface to avoid messing around on an already configured network, a NAT can be put in place to allow client to access Internet. That's the one I'm currently using to develop and test the network boot features. The new network-boot-service allows all of those use cases for clients doing PXE boot or UEFI HTTP Boot, arbitrary images to boot from can be specified or extended from an other service. Currently I'm working on the initrd part to add NFS mounting capability to it. At this point I'm blocked by building a lightweight staticly built 'nfs-utils' package to be included in the initrd. It's current total size 219.2 MiB, I manage to reduced it to 162.2 MiB which is still one order of magnitude larger than my initrd at 19 MiB. My issue building a static 'nfs-utils' is that it can't find 'getrpcbynumber{,_r}' “configure: error: Neither getrpcbynumber_r nor getrpcbynumber are available”. This function should be provided by the libc or by libtirpc if it's not that first one. The problem is that 'libtirpc' don't build it's own 'getrpcbynumber' because it find one in libc but nfs-utils can't find it... Some other distros are using the kernel parameter 'nfsroot'[2], but we probably don't want to use it since it can't be used together with an initrd and it also mean we need built-in modules for NFS and network card driver in the kernel. I tried to workaround NFS mounting by copying the image from HTTPS using (web client) but it's not really elegant since the image has to be loaded in RAM and even simple Guix images can be relatively large. After that the intrd work is done I will need to add support for PXE to qemu so that network boot functionality and the network-boot-service can be tested in Guix; I'll try doing so with OVMF. You can find the part of my work which is committed in the 'wip-network-boot' at https://git.sr.ht/~bricewge/guix. [1]: https://ltsp.org/ [2]: https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt Have a good day, - Brice