README


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

This is all very proof of concept, so assumptions about things are everywhere.

The main goal is to be able to bootstrap the Supermicro SYS-5018D-FN8T 1U
servers from scratch, with as little human intervention as possible.

The kickstart template and scripts here accomplish that, up to and including
cosmos bootstrap.

c02vp1:ndn-boot-img-stuffs jac$ tree
.
|-- adapt-ks-template
|-- create-boot-floppy
|-- ks-template
|   `-- hw
|       `-- supermicro
|           `-- SYS-5018D-FN8T
|               `-- dtn-10g.ks
`-- prep-boot-floppy-and-ks-config

Run the wrapper script with options, something like this:

jac@u1804-01:~$ ./bin/prep-boot-floppy-and-ks-config --host dtn-10g-01 \
  -D nordu.net -I 109.105.122.136 -M 255.255.255.192 -G 109.105.122.129 \
  --sec-ip 10.10.10.4 --sec-nm 255.255.255.0

and out come the floppy image and a tailor made kickstart config:

jac@u1804-01:~$ ls -l /var/www/html/install/dtn-10g-01.d/
total 576
-rw-rw-r-- 1 jac jac 1474560 Jul 16 13:53 dtn-10g-01.img
jac@u1804-01:~$ ls -l /var/www/html/install/ks/dtn-10g-01.ks
-rw-rw-r-- 1 jac jac 3161 Jul 16 13:54 /var/www/html/install/ks/dtn-10g-01.ks

(/var/www/html is published by nginx on this host)


The floppy image can now be uploaded to the SYS-5018D IPMI, and the system be
set to boot from this image.

When the system boots, it will now retrieve kernel+initrd from the install 
server - in this case the same as the kickstart server - as well as the 
kickstart config, and run the install accordingly.

In order to have some sort of verification that things have not been tampered
with, the 'cosmos hash' is built into the boot floppy. If the boot floppy is
copied from the web server using scp, and uploaded to the IPMI using https,
it is reasonable to assume that integrity is preserved.

When the install kernel is booted, it is given the cosmos hash as a cmdline
option.

The kernel does not recognize this option, and therefore ignores it, but;

When the install comes to an end, the hash can be read from the kernel command
line and passed to cosmos bootstrap. The nifty thing is that this ensures that
the hash cannot be lost or mangled, since the kernel commandline cannot be 
changed once the kernel is running.

Hence integrity is ensured all the way from the generation of the boot floppy,
through system install, right up to cosmos bootstrap.

Cosmos bootstrap can be skipped by passing --cosmos-hash=disabled to the script,
when generating the boot image.