Diskless Booting For the Modern Age 99
An anonymous reader writes "Ever wonder what happened to PXE? Intel's popular standard for diskless booting hasn't been updated since 1999, and has missed out on such revolutions as wireless Ethernet, cloud computing, and iSCSI. An open source project called Etherboot has been trying to drag PXE into the 21st century. One of their programmers explains how to set up diskless booting for your cloud, using copy-on-write to save space."
How is it slow? (Score:4, Interesting)
TFTP over UDP on a LAN, doesn't seem slow at all. It's stupid, but sufficient to bootstrap a small kernel to access the real meat of your OS. 1-10MB TFTP downloads over 100mbit is no big deal. You can't get good 1gbit performance (let alone 10gbit) out of the dumb drivers in a PXE boot ROM, but that's OK.
PXE/DHCP/AoE (Score:1, Interesting)
I did a similar thing a while ago with an Ubuntu desktop image and ATA over Ethernet. Worked nicely. Didn't get round to COW though ...
http://www.s-mart.net/aoe.txt
Authentication (Score:3, Interesting)
The one thing missing from PXE is authentication: A PXE system will accept any DHCP address and with it any boot server configuration. Without cryptographic boot image authentication, network security is the Achilles' heel of PXE.
i dont wonder...... (Score:3, Interesting)
i am using pxe often.
i have setup a few linux install "CDs" for network install, a few live CDs for an emergency OS. LTSP is using it too and a small intel atom box gets its kernel over tftp/pxe... the pxe provides the parameters for the nfsroot mount. :) :)
old win2k netinstall for ppl without a RIS uses that system too
the tftpd box that provides all that stuff is a small amd geode that is normally my router
i often thought about making a sourceforge project out of it.... :)
I haven't been wondering... (Score:5, Interesting)
Re:Authentication (Score:2, Interesting)
It's still an omission. If you use PXE for remote administration (instead of using it for completely diskless operation), then there is local data which can be compromised by a hostile PXE payload. How hard would it have been to verify a cryptographic signature against a public key stored in the BIOS configuration?
Re:Cloud? (Score:2, Interesting)
My grandfather was telling me about how he used to walk inside of an old cray with 5 processors like 50 years ago. What happened to the people who used to know how to program those things efficiently? Apparently multi-core programming isn't so new.
Works pretty well and scales well too (Score:4, Interesting)
A few interesting things... (Score:5, Interesting)
The DHCPv6 netboot standard about to come out recommends http as the protocol of choice where tftp would have been used, but uses URLs so the protocol is selectable.
The iSCSI portion of this is a wider standard, implemented by many firmware configurations out of the box.
Finally, I'm going to plug xCAT as a tool to wrap dhcp, dns, ntp, active directory, gPXE, iSCSI, PXE, bootp/tftp, ipmi, blades, vmware, kvm, xen, LPARs, and more to deploy vmware, windows, linux, and aix systems and do hardware management. It mostly pays off at larger scale, but it is a project that aims to understand how to best utilize those various technologies.