From mboxrd@z Thu Jan 1 00:00:00 1970 From: Giovanni Biscuolo Subject: iPXE network booting (was Re: [GSOC 2020] Booting via network) Date: Fri, 10 Apr 2020 15:44:37 +0200 Message-ID: <877dyn316i.fsf@roquette.mug.biscuolo.net> References: <2a1045c19652dfa74ed3735a860cb88d@waegenei.re> <877dz1fn7a.fsf@ponder> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:45490) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jMtxo-0002Ja-QF for guix-devel@gnu.org; Fri, 10 Apr 2020 09:44:58 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jMtxn-0007iO-DJ for guix-devel@gnu.org; Fri, 10 Apr 2020 09:44:56 -0400 Received: from ns13.heimat.it ([46.4.214.66]:58604) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1jMtxn-0007fk-3p for guix-devel@gnu.org; Fri, 10 Apr 2020 09:44:55 -0400 In-Reply-To: <877dz1fn7a.fsf@ponder> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane-mx.org@gnu.org Sender: "Guix-devel" To: Vagrant Cascadian , Brice Waegeneire , guix-devel@gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello Brice and Vagrant Vagrant Cascadian writes: > On 2020-03-30, Brice Waegeneire wrote: >> I know it's quite late to submit a GSOC proposal but here it's. >> I would like to work on the project suggested by Danny to >> add PXE support to Guix. Which has been requested several >> times on IRC and in the ML. This would get us a step closer >> to provisioning bare bone machines directly from Guix. Great feature, I hope you are not too late [...] > https://ltsp.org Thanks Vagrant for your work with LTSP in Debian!!! I'm an _enthusiastic_ user of LTSP (LTSP5 now, but soon I'll experiment 20.04) and I'll be very happy to test (and help as I can) develop this Guix feature (network booting, I mean). I never used iPXE but... please consider using iPXE (if possible) for Guix network booting and consider that this feature is a prerequisite for seamless remote desktop with Guix (using x2go or xrdp like the new LTSP is doing [1]) in addition to "diskless fat clients"; a very cool feature, I think :-D In addition to LAN booting, iPXE supports booting from: * a web server via HTTP/HTTPS * an iSCSI SAN * a Fibre Channel SAN via FCoE * an AoE SAN * a wireless network * a wide-area network * an Infiniband network inlcuding "code signing" to verify the authenticity and integrity of files downloaded by iPXE. Users will have many interesting, configurable [2] and secure ways to boot Guix with iPXE :-D (imagine booting from a remote host connected via a wireguard network connection... could it be possible?!?) > None of it is scheme code, but there are possibly some useful ideas in > there you could make use of. One of the big changes is making extensive > use of iPXE, though that might need some further auditing to meet the > FSDG (Free Software Distribution Guidelines?) for inclusion into Guix. Vagrant plz do you have some specific potential issue in mind? iPXE AFAIU is completely free software https://ipxe.org/licensing , it also contains a tool that produces a detailed license analysis for each ROM file. On Guix iPXE could be used in "chainloading mode" [3] if the network card already have a PXE implementation or - for advenced users - could replace the network card ROM [4]: Guix service configuration should then allow disabling chainloading for advanced users. iPXE is still not packaged for Guix but it should not be hard to package since AFAIU it uses standard GNU build tools and deps are all already packaged (not sure about mkisofs and syslinux): https://ipxe.org/download: =2D-8<---------------cut here---------------start------------->8--- [...] build it using: cd ipxe/src make You will need to have at least the following packages installed in order to= build iPXE: gcc (version 3 or later) binutils (version 2.18 or later) make perl liblzma or xz header files mtools mkisofs (needed only for building .iso images) syslinux (for isolinux, needed only for building .iso images) [...] =2D-8<---------------cut here---------------end--------------->8--- Making a iPXE ISO image could be useful to boot from CD-ROM/USB on machines lacking NIC supporting PXE (do they still exist?) HTH! Thanks, Gio' [1] https://github.com/ltsp/community/issues/4: =C2=ABthin client support is now reduced to "remote desktop with xfreerdp / x2go / VNC".=C2=BB Exept VNC (that I do not consider useful in this scenario), x2go and xrdp are still not packaged in Guix but we can work it out [2] https://ipxe.org/embed and https://ipxe.org/scripting (including dynamic scripts) [3] https://ipxe.org/download#chainloading_from_an_existing_pxe_rom [4] https://ipxe.org/howto/romburning =2D-=20 Giovanni Biscuolo Xelera IT Infrastructures --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERcxjuFJYydVfNLI5030Op87MORIFAl6QeEUACgkQ030Op87M ORLqNA//faCNO4Lqy5jtncS0sE5QQsYKT1th6ll3Ai2rNmEgd8/MRyDHKRxMHHvA 3L5ZHPfkd6HFcvVPRq1QAJebswNxWgV7gqE4J/zL3DVRmqDE+RT1hPlHSv1hRQqs yjo92M1AnW5phHeTmD9yaC27uggaCvCMTj27qLbXxXId4h97hpZlx8U/jF0QTkq6 qegXx0M/W1qY30t8yVtzDj7Xc63Oy7W2Gd6XDe3w3Ic9w/TgPeCHPGtIONHfyRe1 6NRJfy2iJnLRz4SgsJW8nvVV0TJ20rhtNXBQ66HQfkjjIrWi0DJv2YgcsuiQN1UD aNm3IF9i8jIobCQpWu9uqX6NnrJyNYTUaTTimzqGs6TPyB76dUVPUSuGlXLturuZ T+io6sXrzDqSVxBbg2ot91mBteDJPlyrFRMpbzY+1seyuzW8jwlnBlGWFEgY2bme OVmATHdgeIiAm3gEIUbkO9bIpXc7yhH9IYrRowheX+jJm5GKARp5rSFQkaCRZUBl X4vhVvTvQlG6nTHeD6Yd+yal0amdaCacegNtGmKgArkUX7j4BqJnGF3UZMdgMmwF gF8ELPJNAjTmUaxoFzF2R7bA4VTq107Ktf/nwR9LGnFTzV9RYPXDTUnb6N9guEM+ CAakLU3+1/y+pIDuqfW0oMp4xwcR1kwdwaYQEyuvYi1Nk6RfYCo= =w05E -----END PGP SIGNATURE----- --=-=-=--