You are viewing sharkcz

Tired of ads? Upgrade to paid account and never see ads again!

Previous Entry | Next Entry

Fedora on Alix 2D3/2D13

Few weeks ago I decided I need to replace Asus wl500gx serving as a router/firewall/vpn server that connects me to the Internet with a new hardware. The Asus worked well for almost 5 years, but its hardware capabilities are a limiting factor. My new choice was Alix 2D13 that has AMD Geode LX800 CPU, 256 MB RAM, 3 FastEthernets and 2 USB ports, enough to interconnect my 2 internal networks, 1 demilitarized zone and Internet via ADSL modem.
To decide what software to use was more complicated, first I tried to find a firewall distro that would boot from CF card and run solely in ramdisk, but could find a recent one. I knew RWMJ chose Debian (see http://rwmj.wordpress.com/tag/alix/ for details), but I prefer to run Fedora (or RHEL/Centos) where possible.

Embedded HW can be picky about the CF cards used so I have bought one Kingston and one A-Data. A quick test showed that Alix boots from the Kingston, but doesn't like the A-Data. It took me some time to find that the main problem is missing bootable first sector on the A-Data CF. The fix is "cat /usr/share/syslinux/mbr.bin > /dev/your_cf_card". Grub is then installed to a partition and not into MBR.

Using Anaconda to install Fedora on such low-power hardware would be most likely complicated or even completely no-go. So I used yum, did some edits on few files and manually installed grub. And at end I have a bootable Fedora. The steps described in more details are:

1. prepare yum repo config in /etc/yum.repos.d/fw.repo

[fw-12]
name=FW 12 - i386
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-12&arch=i386
enabled=0
metadata_expire=7d
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386

[fw-12-updates]
name=FW 12 - i386 - Updates
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/$releasever/$basearch/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-released-f12&arch=i386
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386


2. running "yum --installroot=/mnt/cf_card_partition --disablerepo=* --enablerepo=fw* install kernel rpm openssh-server grub passwd vi" creates a root filesystem on the CF card with a minimal set of packages that will allow to connect later with ssh, edit files and work with rpms

3. create /etc/fstab with

/dev/sda1               /                       ext3    defaults        1 1
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0


4. set root password "chroot /mnt/cf_card_partition passwd"

5. network setup needs creating 2 files - /etc/sysconfig/network as
NETWORKING=yes
HOSTNAME=firewall

and /etc/sysconfig/network-scripts/ifcfg-eth0 as
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes


6. install grub with "grub-install --root-directory=/mnt/cf_card_partition /dev/cf_card_partition"

7. prepare grub config, remember to add "console=ttyS0,38400", upstart will then automatically open a console on the serial port

serial --unit=0 --speed=38400
terminal --timeout=5 serial

#boot=/dev/sda1
default=0
timeout=5
#hiddenmenu
title Fedora
        root (hd0,0)
        kernel /boot/vmlinuz ro root=/dev/sda1 console=ttyS0,38400
        initrd /boot/initramfs.img


8. plug the prepared CF card into Alix, connect power and enjoy Fedora :-)

Also possible is to update default dracut configuration in /etc/dracut.conf and generate smaller initramfs images. The decompression takes a some on this low power machine.

# Sample dracut config file

# Specific list of dracut modules to use
dracutmodules="dash kernel-modules rootfs-block udev-rules syslog base"

# Dracut modules to omit
#omit_dracutmodules=""

# additional kernel modules to the default
#add_drivers=""

# list of kernel filesystem modules to be included in the generic initramfs
filesystems="ext3"

# build initrd only to boot current hardware
#hostonly="yes"
#

# install local /etc/mdadm.conf
mdadmconf="no"

# install local /etc/lvm/lvm.conf
lvmconf="no"


I have to choose Fedora 12, because F-13 lost the capability to run the generated code on the Geode LX CPU. The reason is yet unknow to me, but I don't think it was intentional. The other drawback is there is no yum, but with such a limited set packages it won't be so hard to do updates only wirh rpm.

Edit 2010-04-07:
As https://bugzilla.redhat.com/show_bug.cgi?id=579838 shows Geode is not a real i686 CPU, because the NOPL instruction is missing and recent GCC does generate it. So until an instruction emulator is included in kernel Fedora >= 13 won't run there.

Comments

Profile

dhorak1
sharkcz
sharkcz

Latest Month

May 2015
S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930
31      
Powered by LiveJournal.com
Designed by Lilia Ahner