Articles in the Debian category

  1. Switching Away From Debian to Ubuntu LTS

    July 06, 2011

    Over the last couple of years, Debian Linux has released new stable versions about every two years. This pace is great for progress, but there is a serious problem. This problem is related to their support for older Debian stable versions.

    If you read the quote below from the Debian Security FAQ it will dawn upon you:

        Q:  How long will security updates be provided?
        A:  The security team tries to support a stable distribution 
            for about one year after the next stable distribution has 
            been released, except when another stable distribution is 
            released within this year. It is not possible to support 
            three distributions; supporting two simultaneously is 
            already difficult enough.
    

    Translation: after 3 years, you must apt-get dist-upgrade or be screwed, you will no longer receive security updates!.

    Apt-get dist-upgrade or die, so to speak.

    The problem is that the whole apt-get dist-upgrade thing is cool and all, but in my experience, it doesn't work. Even a simple web server gets screwed up badly. You need to diff all config files and spend quite some time reviewing all changes and fixing the broken stuff.

    I'd rather spend the time creating a new fresh Debian installation based on the new stable release than on tinkering with the aftermath of an apt-get dist-upgrade. But that also takes a lot of effort.

    I want an operating system that will be supported for the next five years so I don't have to spend time on this upgrade process every 3 years for a system that is otherwise fully functional and rock solid.

    To tease you a little bit: Microsoft Windows operating systems are supported for ages. But that's not an option for me, I stick with Linux, but Debian does not provide this kind of extended support.

    But Ubuntu does.

    Ubuntu releases LTS versions: Long Term Support versions that will receive security updates for at least 5 years.

    All the goodness of Debian but with longer support. That is the reason my shop will switch to Ubuntu Server LTS.

  2. Automated Install of Debian Linux Based on PXE Net Booting

    April 25, 2009

    Every honest and good system administrator is continue bussy with automating his work. For two reasons:

    1. Repeating the same task over and over again is friggin boring. A system administrator has better things to do, such as drinking coffee.
    2. Humans make mistakes, especially if boring. Computers do not.

    If a computer can do a certain job, it wil do it always faster and better than a human. Automating system installation is both more time efficient and allows you to deliver a constant quality.

    Netbooting or PXE booting

    Regarding the installation of hosts, the holy grail of automated installation is netbooting or PXE booting. Almost every system today contains a network interface card that supports booting over the network. A system obtains instructions from the local DHCP server where to obtain an operating system kernel. This kernel is obtained using TFTP and then loaded. From then on, the operating system takes over and the installation continues, for example based on Debian preseeding and/or FAI.

    How to prepare for netbooting

    The following requirements must be met:

    1. a DHCP server must be available
    2. a TFTP server must be avaialble
    3. the correct files for netbooting must be in place

    Configuring the DHCP server

    The following two lines must be added to the 'subnet' section of your DHCP server configuration.

    filename "pxelinux.0";
    next-server 10.0.0.1;
    

    The 'next-server' section specifies the IP-address of the system that is running the TFTP server, so change it based on your configuration, this is just an example.

    Don't forget to restart the DHCP server daemon.

    Configuring the TFTP server

    First, make sure you install "tftpd-hpa" since the standard "tftpd" server does not seem to support the "tsize" option. Then, edit /etc/defaults/tftpd- hpa like this:

    RUN_DAEMON="yes"
    OPTIONS="-l -a -R 30000:30100 -s /var/lib/tftpboot"
    

    Do not run the TFTP server from inetd because the above lines provide more control over how the server behaves, especially in regard to firewalls.

    The -R option specifies the port-range used for data transfers. This port range should also be configured within your firewall configuration. Watch out! Do not allow TFTP access from the Internet. TFTP requires NO authentication and is very insecure.

    Start the TFTPD server with:

    /etc/init.d/tftpd-hpa start
    

    Install the files required for netbooting

    The fun thing is that Debian provides a complete package for netbooting. So cd to /var/lib/tftpboot and enter:

    wget http://ftp.debian.org/debian/dists/lenny/main/installer-i386/current
         /imag es/netboot/netboot.tar.gz
    

    Then extract the contents of netboot.tar.tz like:

    tar xzf netboot.tar.gz
    

    That is all there is to it. If you start a host and make it boot using PXE, it will show you the regular installation menu that is also shown when a system is booted from a regular Debian installation CD-ROM.

    However, if you want automated installation and not use this boot menu, first cd to:

    /var/lib/tftpboot/debian-installer/i386/boot-screens
    

    Then edit syslinux.cfg and comment this rule out:

    default debian-installer/i386/boot-screens/vesamenu.c32
    

    If you want to use preseeding, first edit adtxt.cfg and goto label auto. Edit label auto like this:

    label auto
    menu label ^Automated install
    kernel debian-installer/i386/linux
    append auto=true priority=critical vga=normal 
        initrd=debian-installer/i386/initrd.gz url=http://(IP-address)/preseed/preseed.cfg -- quiet
    

    The IP-address section should point towards the preseed server that is hosting the preseed configuration file.

    Last, edit txt.cfg. Change 'default install' to:

    default auto
    

    I always though that PXE booting was a pain to setup. However, I got it working within 60 minutes using this howto.

    Tagged as : Uncategorized
  3. 'Linux: Unattended Installation With Debian Preseeding'

    February 22, 2009

    Debian Linux provides a mechanism to install the operating system without user intervention. This mechanism is called 'preseeding' and is similar to Red Hat Kick Start and Sun Solaris Jump Start.

    The basic idea is that the installer is fed a recipe, according to which the system is installed. This recipe can be fed by a floppy, usb stick, cdrom, or through a web server over the network. To use such a recipe, just boot from a Debian CD-rom and issue the following command:

    Floppy based: (you really shouldn't be using those anymore) 

    Boot: auto file=/floppy/preseed.cfg

    USB stick based:

    Boot: auto file=/hd-media/preseed.cfg

    Network based: 

    Boot: auto url=http://internal.web.server.com/preseed.cfg

    The only work you have to do is to create a preseed configuration file. This is really simple, since preseeding is well-documented and preseed configuration files are easy to understand.

    d-i debian-installer/country string US 

    d-i debian-installer/locale string en_US.UTF-8 

    d-i mirror/country string manual 

    d-i mirror/http/hostname string ftp.uk.debian.org 

    d-i mirror/http/directory string /debian 

    base-config apt-setup/hostname string ftp.uk.debian.org 

    base-config apt-setup/directory string /debian

    As you can see, it is just a text-based file that configures some variables that are used during installation. It is basically an answer file. Questions that are asked by the installer during installation are answered with the preseed file.

    For a full example, take a look here. 

    Very extensive documentation can be found here.

    A  minimal debian installation without support for X can be installed within 2.5 minutes, assuming a network-based installation (tested in VMware Workstation). 

    Please note that if your company uses Debian Linux not only for servers but also for desktops / laptops, preseeding is an ideal solution to provide your users with a new and fresh installation whenever they want. Users or sysadmins shouldn't be bussy manually installing these systems. 

    I have implemented Debian Preseeding to create a fully unattended and automated installation of laptops, based on LUKS full disk encryption, which is supported by the Debian installer (!), with all required software installed. All additional software is installed with a custom installation framework based on shell-scripts. The installation framework makes sure that if anything goes wrong during installation, it is noticed. 

    Unattended installation allows system administrators to quickly deploy new installations and guarantee that such installations are 100% correct. They rule out the human factor, which tends to introduce random errors. So take a look at Debian Preseeding and decide for yourself how useful it is.

    Tagged as : Uncategorized
  4. Why Debian/Ubuntu Linux Is to Be Preferred

    February 16, 2009

    There are many Linux distributions around. However, I always come back to just one: Debian. The reason why so many people use Debian is the same reason I like it so much: software management.  With good old apt-get or the new aptitude, software is installed within minutes. Due to the vast amount of software available even the most obscure software can be installed without resorting to manually downloading and compiling.

    But the most important aspect of Debian is it's mantra of stability. It is build for servers. For people who don't want to take risks and prefer stability and security above anything else. This is also the main gripe most people have about Debian: it is often not very up-to-date regarding drivers or the latest software versions.  If that is a problem, there is still the possibility to run the testing branch of Debian, exchanging the risk on things getting broken or unstable for the availability of newer software.

    As a part-time system administrator, one of the most ideal components of Debian is its installer. Especially the "preseeding" bit. Preseeding is for Debian what Kickstart is for Red Hat and Jump start is for Sun Solaris. It allows a full unattended installation of Debian Linux on any hardware without ever touching your keyboard. This isn't new, but it is much more user friendly as opposed to, for example, kick start. 

    Debian Preseeding is very well documented and can easily be extended to run your own scripts after installation for some post-configuration.

    I currently use it to install hosts by booting them with an USB stick and using a network install. Not only are network installs often the fastest solution, assuming that a local Debian mirror is available, the system is also direct up-to-date. 

    Abount preseeding:

    [http://d-i.alioth.debian.org/manual/en.i386/apb.html

    ]1

    [http://wiki.debian.org/DebianInstaller/Preseed

    ]2

    About setting up a local Debian mirror (requires about 50 GB of storage space on a web server) 

    http://www.howtoforge.com/local_debian_ubuntu_mirror

    Tagged as : Uncategorized
  5. Rebooting Results in Degraded RAID Array Using Debian Lenny

    December 24, 2008

    As described earlier, I setup a RAID 6 array consisting of physical 1 TB disk and 'virtual' 1 TB disks that are in fact two 0.5 TB disks in RAID 0. 

    I wanted to upgrade to Lenny because the new kernel that ships with Lenny supports growing a RAID 6 array. After installing Lenny the RAID 0 devices were running smootly, but not recognised as part of the RAID 6. 

    So the array was running in degraded mode. That is bad.

    In Lenny, a new version of mdadm is used that requires the presense of the mdadm.conf file. The mdadm.conf file contains these lines: 

    #DEVICE partitions
    #DEVICE /dev/md*
    

    After I uncommented the "DEVICE /dev/md*" line and generated a new initramfs file with:

    update-initramfs -u
    

    The RAID 0 drives were recognised as part of a RAID array and everything was OK again. So mdadm must be instructed to check if /dev/md? devices are a member of a RAID array. 

    I guess this is also relevant if you are running a RAID 10 based on a mirrored stripe or a striped mirror.

    Tagged as : Uncategorized

Page 1 / 1