Diskless system

Install ISC dhcp and configure it:

/etc/dhcpd.conf

allow booting;
allow bootp;

authoritative;

option domain-name-servers 10.0.0.1;

option architecture code 93 = unsigned integer 16;

group {
    next-server 10.0.0.1;

    if option architecture = 00:07 {
        filename "/grub/x86_64-efi/core.efi";
    } else {
        filename "/grub/i386-pc/core.0";
    }

    subnet 10.0.0.0 netmask 255.255.255.0 {
        option routers 10.0.0.1;
        range 10.0.0.128 10.0.0.254;
    }
}

RFC:4578 defines the "Client System Architecture Type" dhcp option. In the above configuration, if the PXE client requests an x86_64-efi binary (type 0x7), we appropriately give them one, otherwise falling back to the legacy binary. This allows both UEFI and legacy BIOS clients to boot simultaneously on the same network segment.

Start ISC DHCP systemd service.

The TFTP server will be used to transfer the bootloader, kernel, and initramfs to the client.

Set the TFTP root to . See TFTP for installation and configuration.

The primary difference between using NFS and NBD is while with both you can in fact have multiple clients using the same installation, with NBD (by the nature of manipulating a filesystem directly) you will need to use the mode to do so, which ends up discarding all writes on client disconnect. In some situations however, this might be highly desirable.

Install on the server.

You will need to add the root of your Arch installation to your NFS exports:

Next, start NFS services: nfs-idmapd .

Install and configure it.

/etc/nbd-server/config

[generic]
    user = nbd
    group = nbd
[arch]
    exportname = /srv/arch.img
    copyonwrite = false

Start systemd service.

Create a sparse file of at least 2 gibibytes, and create a btrfs filesystem on it (you can of course also use a real block device or LVM if you want).

# truncate -s 2G /srv/arch.img
# mkfs.btrfs /srv/arch.img
# export root=/srv/arch
# mount --mkdir -o loop,compress=lzo /srv/arch.img "$root"

Install and , and run pacstrap to install the essential packages for the client:

# pacstrap -K "$root" base linux linux-firmware mkinitcpio-nfs-utils nfs-utils

Now the initramfs needs to be constructed.

Trivial modifications to the net hook are required in order for NFSv4 mounting to work (not supported by nfsmount – the default for the net hook).

# sed s/nfsmount/mount.nfs4/ "$root/usr/lib/initcpio/hooks/net" > "$root/usr/lib/initcpio/hooks/netnfs4"
# cp $root/usr/lib/initcpio/install/net{,nfs4}

The copy of net is unfortunately needed so it does not get overwritten when is updated on the client installation.

Edit and add to , to , and to .

Next, we chroot our installation and run mkinitcpio:

# arch-chroot "$root" mkinitcpio -p linux

The mkinitcpio-nbd^AUR package needs to be installed on the client. Build it with makepkg and install it:

# pacman --root "$root" --dbpath "$root/var/lib/pacman" -U mkinitcpio-nbd-0.4-1-any.pkg.tar.xz

You will then need to append to your array after net; net will configure your networking for you, but not attempt a NFS mount if nfsroot is not specified in the kernel line.

Though poorly documented, GRUB supports being loaded via PXE.

# pacman --root "$root" --dbpath "$root/var/lib/pacman" -S grub

Create a grub prefix on the target installation for both architectures using .

# arch-chroot "$root" grub-mknetdir --net-directory=/boot --subdir=grub

Luckily for us, grub-mknetdir creates prefixes for all currently compiled/installed targets, and the maintainers were nice enough to give us both in the same package, thus grub-mknetdir only needs to be run once.

Now we create a trivial GRUB configuration:

GRUB will automatically, so that the kernel and initramfs are transferred via TFTP without any additional configuration, though you might want to set it explicitly if you have any other non-tftp menuentries.

PXELINUX is provided by , see PXELINUX for details.

In late boot, you will want to switch your root filesystem mount to both , and enable compress=lzo, for much improved disk performance in comparison to NFS.

You could mount /var/log, for example, as tmpfs so that logs from multiple hosts do not mix unpredictably, and do the same with , so the 20 instances of cups using the same spool do not fight with each other and make 1,498 print jobs and eat an entire ream of paper (or worse: toner cartridge) overnight.

It would be best to configure software that has some sort of state/database to use unique state/database storage directories for each host. If you wanted to run puppet, for example, you could simply use the specifier in the puppet unit file:

Puppet-agent creates and if they do not exist.

If neither of these approaches are appropriate, the last sane option would be to create a systemd.generator(7) that creates a mount unit specific to the current host (specifiers are not allowed in mount units, unfortunately).

If you are using NBD, you will need to umount the before/while you boot your client.

This makes things particularly interesting when it comes to kernel updates. You cannot have your client filesystem mounted while you are booting a client, but that also means you need to use a kernel separate from your client filesystem in order to build it.

You will need to first copy from the client installation to your tftp root (i.e. ).

# cp -r "$root/boot" /srv/boot

You will then need to umount $root before you start the client.

# umount "$root"