The Shœstring Foundation Weblog

Remote Boot and Root for Plan9

Started to play with Plan9 again. First major experiment: Run a bare-metal cpu server without local disks. All configuration can be done from an OpenBSD server supplying the loader, kernel, bootup-config, and filesystem. The Plan9 server runs on an old 1U Pentium 4 server.

Results so far: PXE finds Plan9 loader, that again loads a plan9.ini by TFTP which specifies a kernel, which then mounts its rootfs from a u9fs on OpenBSD. Said rootfs contains cpurc which determines the server's behaviour.

Details

dhcpd.conf on DHCP/TFTP server:
host cpu {
        hardware ethernet 00:11:22:33:44:55;
		fixed-address 192.168.66.99;
		filename "9pxeload";
}
Once the PXE Plan9 bootloader 9pxeload is running it pulls the file /cfg/pxe/001122334455 from the DHCP/TFTP server. This file is used as the plan9.ini.

Example plan9.ini:
bootfile=ether0!9pccpu
bootargs=tcp!192.168.66.11!564
nobootprompt=tcp!192.168.66.11!564
fs=192.168.66.11
console=0 b19200 pn
9pxeload will load 9pccpu from the TFTP server it found on ether0 and supply that kernel with the infomation that its rootfs will be remotely supplied from 192.168.66.11. Console is on first serial interface with 19200bps and no parity.

On 192.168.66.11 the following entry in inetd.conf starts 9legacy's modified u9fs process on demand:
9fs stream tcp nowait root /mnt/9atom/unix/u9fs u9fs -a none /mnt/9atom
(This implies that the service 9fs is already defined as 567 in /etc/services.)
The u9fs exports The original u9fs found in /sys/src/cmd/unix/u9fs.c exported the whole fs of the server. This led to the custom of chrooting the process, with all the pitfalls included. The 9legacy patch allows to export arbitrary subtrees. the filetree under /mnt/9atom without authorization. This is excusable only in a private network and necessary only because my rootless cpu server does not know the password for the remote fs. A way around that would be to put the password into the kernel itself (which again is totally insecure in an open network where everybody can fake the MAC and pull the kernel...)

The Plan9 server can now be controlled completely from the OpenBSD machine which is nice for testing configurations.

Thu, 11 Apr 2013
[/plan9] permanent link