Headless Debian Installation
Wherein we read Aaron's adventure installing Debian on an Apple Xserve, kallisti, without a keyboard or monitor. It won't quite be touchless, though. I'll have to push buttons on the front panel to get it to boot over the network.
The hope is to get it up far in the installer to get it to running the OpenSSH server, and finish the install remotely.
Hardware we'll be touching
- kallisti, an Apple Xserve G5 DP, circa 2004-2006. Installation of Debian is happening here.
- sacredchao, a Dell PowerEdge 1950. The main server at home.
- Power cables, Ethernet cables
Preparing to boot the network installer
DHCP server setup
Get DHCP configured to hand an IP address to the Xserve, default route, DNS settings, and TFTP boot info to the Xserve. Here's the snipped from my dhcpd.conf file:
host kallisti {
# Apple Xserve G5 s/n QP5260YBSLZ
hardware ethernet 00:0d:93:9d:7a:8f;
fixed-address 172.16.0.139;
option host-name "kallisti";
# un-comment the next two lines to enable TFTP boot this system
next-server 172.16.0.1;
filename "yaboot"; # new-world PowerMac boot loader
# comment the previous two lines disable TFTP boot of this system
}
Now, for a sensible machine, this would convince the firmware to TFTP a file called "yaboot" from 172.16.0.1. But, apparently, Apple is special and needs extra DHCP tweaking to get this to work. So, see http://mike.passwall.com/macnc/analysis.html for the goods on this. (I admit to being quite confused. Watching the all the traffic between the Xserve and sacredchao in Wireshark, I could plainly see what looked like a complete DHCP transaction. But it was never followed with a TFTP of the yaboot binary from the TFTP server. Thank you so much, Apple.) So, try changing it to read more like this:
host kallisti {
hardware ethernet 00:0d:93:9d:7a:8f;
fixed-address 172.16.0.139;
filename "/RackMac3,1/yaboot";
server-name "sacredchao.fnord.greeley.co.us";
next-server 172.17.0.1;
# Likely Server Version Information: found to be 0:0:0:0 from sniffer.
option option-230 0:0:0:0;
# Username used to authenticate against the AFP/IP Server
option option-232 "Mac NC #1";
# Machine name to call the client, also would be used in 238 for dir
# with specialized settings for this client's booting hard disk.
option option-237 "Mac NC #1";
# Password for use with the Username above when authenticating against
# AFP/IP server for 3 images in 234, 235, and 238
option option-233 "PassWooD";
# Used to grab initial BOOT HD Image from server over AFP/IP for mounting
option option-234 ac:11:0:9:2:24:a:4D:61:63:20:48:44:5F:4E:42:53:0:0:0:0:2:1b:53:68:61:72:65:64:49:6D:61:67:65:73:0:4E:65:74:42:6F:6F:74:20:48:44:2E:69:6D:67;
# Used to grab Applications HD Image from server over AFP/IP for mounting
option option-235 ac:11:0:9:2:24:a:4D:61:63:20:48:44:5F:4E:42:53:0:0:0:0:2:20:53:68:61:72:65:64:49:6D:61:67:65:73:0:41:70:70:6C:69:63:61:74:69:6F:6E:73:20:48:44:2E:69:6D:67;
#Used to grab Special Client HD Image from server over AFP/IP for
# mounting
option option-238 ac:11:0:9:2:24:a:4D:61:63:20:48:44:5F:4E:42:53:0:0:0:0:2:27:43:6C:69:65:6E:74:49:6D:61:67:65:73:0:4D:61:63:20:4E:43:20:23:31:0:4E:65:74:42:6F:6F:74:20:48:44:2E:69:6D:67:5F:73;
}
Well, you could try that. And it might work with ISC DHCP version 3. Not with version 4, though. Stay tuned...
Make installer files available by TFTP
Put the following files in the TFTP server's root directory. These can be retrieved from http://http.us.debian.org/debian/dists/wheezy/main/installer-powerpc/current/images/powerpc64/netboot/
vmlinux initrd.gz yaboot yaboot.conf boot.msg
Fixing up the firmware situation for the installer
At this point, if all goes as planned, netbooting the Xserve will get us up, into the Debian installer, and unable to talk to the network because the tg3 Ethernet adapters need non-free firmware blobs to work. This can be fixed like so:
mv initrd.gz initrd.gz.orig cd /tmp mkdir prep-installer-initramfs-with-tg3-firmware wget http://cdimage.debian.org/cdimage/unofficial/non-free/firmware/stable/current/firmware.tar.gz gzip -dc firmware.tar.gz | tar xvvf - ./firmware-linux-nonfree_0.36+wheezy.1_all.deb # this has the tg3 firmware inside cd prep-installer-initramfs-with-tg3-firmware gzip -dc /srv/tftp/RackMac3,1/initrd.gz.orig | sudo cpio -iv # unpack the initramfs archive (run as root so included device files are created) dpkg-deb -x ../firmware-linux-nonfree_0.36+wheezy.1_all.deb . # unpack the non-free firmware package find * -depth -print0 | cpio -o0a -R 0:0 -Hnewc > ../initrd+firmware gzip -9v ../initrd+firmware # leaves a new initramfs image for the boot loader to pick up sudo install -o root -g root -m 644 -v -b ../initrd+firmware.gz /srv/tftp/RackMac3,1/initrd.gz # put it where yaboot can get it
And it might be nice to make sure we haven't inadvertently removed anything from the Debian-supplied initramfs image. Give this a go:
diff -u <(lsinitramfs /srv/tftp/RackMac3,1/initrd.gz~ | tail -n+2 | sort) <(lsinitramfs /srv/tftp/RackMac3,1/initrd.gz | tail -n+2 | sort)
If this returns any lines that begin with a '-', something was left out of the new initramfs image. Investigation is in order.
Important Note: This will let the Debian installer talk to the network with the server's tg3 Ethernet adapters. The installed system will still need to have the non-free firmware packages installed in order to run.
Boot loader config tweaks
Add this stanza to the yaboot.conf downloaded from the Debian FTP mirror:
image=/RackMac3,1/vmlinux
label=touchless
initrd=/RackMac3,1/initrd.gz
initrd-size=28652 # this value was computed by dividing the uncompressed size of the initramfs image (find with "gzip -l") by 1024 and rounding up to the next integer.
append="priority=low --"
read-only
And change the value for "default" near the top of the file to "touchless" like so:
default=touchless