Skip to content

Unattended Debian Installations (or How I Learned to Stop Worrying and Love the preseed.cfg)

A CMR project recently bought 12 new Dell PowerEdge SC1435 servers to replace some of our aging compute cluster systems. In previous server rollouts, I’d generally get one system installed and configured, image it with SystemImager, and then PXE-boot the rest of the systems to pull that image. However, it’s tough to audit exactly what got installed, and how. It’s also arguably a waste of space to keep images of all the types of cluster systems we have (PowerEdge 2650, PowerEdge 1850, PowerEdge 1855, Dimension 9200, etc.). So enter Debian Preseeding. With preseeding, I can make a text file that describes what packages I want installed, debconf configurations that vary from the default, how I want the partitioning done, copy configuration files from web or ftp servers to the target drive, etc. It took a few days to get going, but the long-term payoff should be enormous.

The resulting installation timeline for a PowerEdge SC1435 (relative to power-on in HH:MM:SS):

  • 00:00:25 – Power-on self tests have completed enough to allow me to hit F12 for PXE boot.
  • 00:01:20 – Rest of power-on self tests have completed, PXE boot process starts. All installation parameters are passed in from the pxelinux.cfg file on the DHCP server or the preseed.cfg file on a nearby ftp server.
  • 00:04:50 – Base and standard task packages installed. openssh-server and puppet packages are installed. puppet defaults file is downloaded. System starts formatting a 500GB SATA drive for /tmp space.
  • 00:08:20 – System finishes formatting /tmp, and reboots since that was the last step of the unattended install.
  • 00:09:30 – System is at login prompt. Root password works. puppet will take over installing miscellaneous packages and other post-installation configuration tasks. Once puppet has finished copying over root@adminserver’s public key, I can log in from adminserver without being prompted for a password.

Total number of keypresses from power-up to login: 1. Annotated preseed and pxelinux files after the jump.


PXELinux config file (amd64 version, i386 would be nearly identical — the contents of the “append” line should be all on one line. It’s broken here for readability.)

default preseed
label preseed
kernel debian-installer/amd64/linux
append initrd=debian-installer/amd64/initrd.gz ramdisk_size=10800 root=/dev/rd/0 rw auto
  url=http://REDACTED/./preseed.cfg console-keymaps-at/keymap=us locale=en_US interface=eth0
  hostname=x domain=x netcfg/dhcp_timeout=60 --
prompt 1
timeout 1

Changes versus the default configuration:

  1. Removed display command for splash screen. At one point, I was running out of parameter space on the append line, and removing ‘vga=normal’ was one space saver. I didn’t expect the splash screen to work once that was removed, so I dumped it as well.
  2. Removed F1, F2, … , F9, F0 commands for online help. Optional.
  3. Changed ‘default install’ to ‘default preseed’.
  4. Added preseed stanza, with default kernel, but much different append options.
  5. At the time I started this, the default pxelinux config file had entries for the ramdisk size and root device; these do not appear in the current Debian config file, and I’ll remove mine once I verify that they’re unneeded.
  6. Added append option ‘auto url=http://REDACTED/./preseed.cfg’ to define location of preseed configuration file.
  7. Added append options ‘console-keymaps-at/keymap=us’ and ‘locale=en_US’ to define basic localization for the installation.
  8. Addd append options ‘interface=eth0’, ‘hostname=x’, ‘domain=x’, and ‘netcfg/dhcp_timeout=60’ to get the networking configured. The ‘hostname=x’ and ‘domain=x’ parameters were one of the last tricky bits. I had wrongly assumed that specifying that I’d be using DHCP to get my address would make it pass over asking for a hostname and domain. Preseeding dummy values for each gets past the questions, and DHCP overrides the dummy values as soon as the DHCP negotiation is done.
  9. Changed ‘timeout 0’ to ‘timeout 1’ to allow the installer to proceed without me manually selecting any configurations. Obviously, you may want to increase the timeout to some larger value if you need more time to hit a key to override something for testing.

preseed.cfg (the contents of the “d-i preseed/late_command” line should be all on one line. It’s broken here for readability.):

### References:
###  http://d-i.alioth.debian.org/manual/en.amd64/install.en.pdf
###  http://d-i.alioth.debian.org/manual/example-preseed.txt
###  http://www.hands.com/d-i/etch/classes/

### This file needs to be at
### http://REDACTED/preseed.cfg and
### referenced via boot arguments as
### http://REDACTED/./preseed.cfg

### Generic settings applicable to all CAE Debian systems

d-i debian-installer/locale string en_US
d-i console-tools/archs select at
d-i console-keymaps-at/keymap select American English
d-i debian-installer/keymap string us
d-i netcfg/choose_interface select eth0
d-i netcfg/dhcp_timeout string 60
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_hostname seen true
d-i netcfg/get_domain string unassigned-domain
d-i netcfg/get_domain seen true
d-i netcfg/dhcp_options select Retry network autoconfiguration
d-i mirror/codename string etch
d-i mirror/country string enter information manually
d-i mirror/http/countries select enter information manually
d-i mirror/http/directory string /debian/
d-i mirror/http/hostname string ftp.cae.tntech.edu
d-i mirror/http/proxy string
d-i clock-setup/utc boolean false
d-i time/zone string US/Central
d-i apt-setup/security_host string
d-i apt-setup/local0/repository string http://ftp.cae.tntech.edu/debian-security etch/updates main

# XXX -- TEMPORARY HACK UNTIL WE GET A SIGNED LOCAL REPOSITORY
d-i debian-installer/allow_unauthenticated string true

d-i passwd/make-user boolean false
d-i passwd/root-password-crypted password $1$REDACTED
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
tasksel tasksel/first multiselect standard
d-i pkgsel/include string puppet lsb-release openssh-server
d-i finish-install/reboot_in_progress note

popularity-contest popularity-contest/participate boolean false

### Less generic settings

# Partitioning:
# sda1: 40-100MB for /boot
# sda2: majority of remaining space for /
# sda3: 64MB-(2*RAM) for swap
d-i partman-auto/disk string /dev/sda
d-i partman-auto/method string regular
d-i partman-auto/expert_recipe string 
  boot-root :: 
    40 50 100 ext3 
      $primary{ } $bootable{ } 
      method{ format } format{ } 
      use_filesystem{ } filesystem{ ext3 } 
      mountpoint{ /boot } 
    . 
    500 10000 1000000000 ext3 
      method{ format } format{ } 
      use_filesystem{ } filesystem{ ext3 } 
      mountpoint{ / } 
    . 
    64 512 200% linux-swap 
      method{ swap } format{ } 
    .
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select Finish partitioning and write changes to disk
d-i partman/confirm boolean true

# Some systems may vary on /tmp -- many have separate disks for it
# (/dev/sdb1), some may have a separate partition on the sda
# drive. This needs to be split out into a system-specific file and
# chained in via class tmp_on_sdb1
# Only applicable for hosts with separate /tmp disk on /dev/sdb1 --
# PE1855 blades (ch226-11...-19), SC1435 servers (ch226-21...-32), old
# ch208a
d-i preseed/late_command string wget -O /target/etc/default/puppet http://REDACTED/puppet ; 
  wget -O /target/root/caeftp_key.asc http://REDACTED/caeftp_key.asc ;
  in-target apt-key add /root/caeftp_key.asc ; echo ';' | sfdisk /dev/sdb ; mke2fs -j -q /dev/sdb1 ;
  echo '/dev/sdb1 /tmp ext3 defaults 0 2' >> /target/etc/fstab; cp /var/log/syslog /target/root

I’m not going to run through every change made in the preseed.cfg file, since the options are well-documented and what’s useful in one environment won’t necessarily translate to another. But I am mildly proud of the late_command at the end: this does two things that were minor pains on a normal preseed installation:

  1. Bootstraps a basic puppet defaults file over to the target drive. Grabbing /etc/default/puppet from a remote site before rebooting makes sure that when puppetd starts up, that it can contact the central server for key signing, and work normally afterwards.
  2. Partitions and formats /dev/sdb to be my /tmp directory. Debian-installer’s partman can’t partition more than one disk automatically, but each of these new systems had a second drive I had planned on using for /tmp. Sfdisk comes to the rescue. The input format description in the sfdisk man page indicates that if you give it a line with no values specified, it will make a partition from the first nonassigned sector to the maximum size, and set the ID to 83 for a Linux partition. So the first time I run this, I go from a drive with an empty partition table to one with a giant partition 1, exactly what I wanted. Subsequent times I run this, it should leave the partition table unmodified, which is also fine. I can’t find the original hint I found for this use of sfdisk.

My /etc/default/puppet is:

# Puppet doesn't like starting before it can contact the puppetmaster.
# Wait up to 30 seconds before continuing.

for n in `seq 1 30`; do
  ping -c 1 REDACTED >& /dev/null && break
  echo -n " $n"
  sleep 1
done
DAEMON_OPTS="--server REDACTED --factsync"

You may be able to avoid putting in the 30-second sleep, but at one point, with some puppet version, it was helpful on DHCP-managed systems. The critical thing to override on Debian, though, is the -w 0 flag in the default DAEMON_OPTS in /etc/init.d/puppetd. Removing it ensures that puppetd will start up, contact the gold server for key signing, and wait for the signing to happen, rather than immediately exit.

{ 47 } Comments

  1. Apental | February 11, 2018 at 2:13 am | Permalink

    I’m extremely impressed with your writing skills as well as with the layout on your blog

  2. dell system support | February 22, 2018 at 11:46 am | Permalink

    I would like to say you,i feel so glad to come here often your study material so good and beneficial for me and also other member of your blog. I appreciate it. Keep writing!

  3. izmirmasajsalonu | February 22, 2018 at 5:39 pm | Permalink

    I’m extremely impressed with your writing skills as well as with the layout on your blog

  4. hotmail sign in | February 24, 2018 at 1:37 am | Permalink

    Thank you Mike Renfro. Do your job well

  5. Psychology Assignmen | March 6, 2018 at 4:57 am | Permalink

    I must say we should have an online discussion on this.

  6. Dubai Company Setup | March 6, 2018 at 4:59 am | Permalink

    only professional writers can make this kind of material, cheers

  7. Neelam stones | March 7, 2018 at 4:20 am | Permalink

    amazing things here. I am very glad to see your article. Thanks a lot

  8. paykasa kart | March 7, 2018 at 4:58 pm | Permalink

    Burada inanılmaz şeyler. Makaleni gördüğüme çok sevindim. Çok teşekkürler

  9. Epson Printers | March 20, 2018 at 5:00 pm | Permalink

    It is an amazing post, i found you randomly over the internet i feel so good! Keep writing waiting your new post.

  10. Ramyasree | April 10, 2018 at 7:16 am | Permalink

    Really i am impressed with your Article .Keep Good work. only experts can write like this

  11. Ramyasree | April 10, 2018 at 7:17 am | Permalink

    Really i am impressed with your Article .Keep Good work.

  12. Ramyasree | April 10, 2018 at 7:18 am | Permalink

    Great to see like this article it’s my pleasure

  13. Independent Escorts | April 11, 2018 at 6:44 am | Permalink

    Welcome to Mumbai Call Girls alongside Mumbai Escorts offering Independent Escorts benefit in Mumbai over the city. Proficient Independent Escorts benefits in Mumbai Make you Most fulfilled Lifetime involvement with moderate Rates.

    Thank for Sharing More Visits : http://www.olidesoza.com/

  14. Adobe Photoshop Tech | April 14, 2018 at 6:39 pm | Permalink

    You always write new and unique informative blog, like other blogs this blog is also remarkable. You presented so well, you did a great job. keep writing and inspiring us.

  15. Jamaica Nels | April 15, 2018 at 2:47 pm | Permalink

    This is interesting information and beautiful topic good work brother i will share this with my other friends.

  16. hotmail Login | April 17, 2018 at 11:08 pm | Permalink

    It is an amazing post, Really i am impressed with your Article .Keep Good work. only experts can write like this

    Thanks

  17. hotmail sign in | April 18, 2018 at 3:41 am | Permalink

    Thanks dude for this great information

  18. hotmail log in | April 18, 2018 at 3:42 am | Permalink

    Thanks for this article. Here i learned lot.

  19. trend micro customer | April 24, 2018 at 4:09 am | Permalink

    I feel so fortunate to come to your blog to be a new member on your blog it’s superb for me I generally get such huge numbers of new thing over your blog. I hope i will get more valuable knowledge in your blogs.<a href="

  20. milan | April 27, 2018 at 1:42 am | Permalink

    Here is a one of the popular application http://mobdroforpcwindows.com/download-ivms-4500-pc-windows-8-mac/. Using this URL you can enjoy the app on your Windows computer.

  21. Wireless Payment Pro | April 27, 2018 at 3:43 am | Permalink

    EZ Payment Systems provides a full range of POS terminals, peripherals and supplies designed to save both time and money while processing wireless transactions.

  22. Hotmail Sign up | April 30, 2018 at 10:07 pm | Permalink

    I feel so fortunate to come to your blog to be a new member on your blog it’s superb for me I generally get such huge numbers of new thing over your blog. I hope i will get more valuable knowledge in your blogs
    Hotmail Sign up

  23. Create Hotmail Accou | April 30, 2018 at 10:10 pm | Permalink

    Sign up Hotmail.com

  24. Sign in Hotmail | April 30, 2018 at 10:12 pm | Permalink

    Really i am impressed with your Article .Keep Good work. only experts can write like this
    Hotmail.com Sign in

  25. dj liker apk | May 1, 2018 at 1:59 pm | Permalink

    Awesome article. The content you used here is totally unique and perfect. Please share more and publish more amazing articles.

  26. Anil King | May 1, 2018 at 2:45 pm | Permalink

    At some place I was fully bold, because actually, I am very new to Unattended Debian Installations. As you said in the title you stop worrying about preseed.cfg, but now also I have some worry about preseed.cfg. After reading this article which may help me to out of the situation now.

  27. bluedart tracking | May 5, 2018 at 1:09 am | Permalink

    Great article. Keep it up.

  28. Ankita | May 8, 2018 at 7:08 am | Permalink

    Good info.

  29. hotmail sign in | May 9, 2018 at 12:18 am | Permalink

    thank you for great info Hotmail Login – Hotmail Login Page

  30. www.office.com/setup | May 9, 2018 at 2:22 am | Permalink

    Awesome website love it.I have bookmarked it.As an expert i really appreciate your hard work!

  31. Renavo | May 13, 2018 at 11:19 pm | Permalink

    its very interesting and great post thanks for sharing

  32. Roger Lewis | May 15, 2018 at 1:27 am | Permalink

    nice info.

  33. Insta DP | May 15, 2018 at 1:48 am | Permalink

    great post

  34. Mumbai escorts | May 16, 2018 at 8:47 am | Permalink

    Escort Service in Mumbai -Mumbaifunclub.in
    Now the best escort services in Mumbai you get a beautiful call girl and giving full satisfaction with the relationship. call girls service is provided to its girls in Mumbai here, there is a 5-year experience for working on Mumbai escorts http://www.mumbaifunclub.in

  35. Assignment Help | May 17, 2018 at 3:15 am | Permalink

    If you are searching Assignment help.Our experts write high quality assignment.Our professionals have been working on Networking assignments, IT plans, Enterprise software presentations and much more.

  36. sophia | May 17, 2018 at 7:24 am | Permalink

    The points you have given for installation were good but I am facing an issue regarding support so can you share some information related to that. My friend sort the issue of support from Geek squad

  37. Economics Assignment | May 18, 2018 at 2:46 am | Permalink

    Please continue this great work and I look forward to more of your awesome blog posts.

  38. Hotmail.com login | May 19, 2018 at 3:30 am | Permalink

    Please contact the MSN Support Team for recovery of your password.

    They will indicate you the necessary procedures involving a hacked account.

    Thanks in advance.

  39. jordan | May 19, 2018 at 6:59 am | Permalink

    Nice post. thanks to share with us.

  40. companymart | May 22, 2018 at 11:16 pm | Permalink

    Thanks for sharing with us such an interesting article

  41. companymart | May 22, 2018 at 11:17 pm | Permalink

    Thanks for sharing with us such an wonderful story. keep rocking

  42. companymart | May 22, 2018 at 11:19 pm | Permalink

    Thanks for sharing with us such an wonderful story. keep good work going . really Ur expert

  43. Kroscheck | May 22, 2018 at 11:21 pm | Permalink

    Really its my plussere to read article like this thanks for sharing

  44. Assignment Help | May 23, 2018 at 1:44 am | Permalink

    Those students who are searching for assignment help services in USA can contact with our experts. We are best services providers over the country. Our experts are available round the clock, students can contact them at any time.

  45. John Xmod | May 24, 2018 at 5:09 am | Permalink

    I simply wanted to write down a quick word to say thanks to you for those wonderful tips and hints you are showing on this site.

  46. Gmail support | May 25, 2018 at 4:01 am | Permalink

    Thankyou for sharing such post keep sharing this i have shared this to my friend because he was dealing with this installation error.
    you can reach here Gmail support for gmail errors and solutions.

  47. Noida escorts | May 25, 2018 at 7:06 am | Permalink

    I am subscribing you because I want to read more about this story. please post more story. Thanks of bunch man.

Post a Comment

Your email is never published nor shared. Required fields are marked *