7.20b:
==
* Meepo: Agility gain reduced from 2.2 to 1.4
* Meepo: Poof damage reduced from 80/100/120/140 to 70/90/110/130
* Meepo: Ransack hero steal reduced from 8/12/16/20 to 6/10/14/18
* Meepo: Level 10 Talent reduced from +15 Damage to +10
* Meepo: Level 15 Talent changed from +10% Lifesteal to +15% Evasion
* Meepo: Level 20 Talent changed from +15% Evasion to +10% Lifesteal
* Meepo: Level 25 Talent reduced from +600 Health to +400

* Luna: Lunar Blessing reduced from 8/14/20/26 to 6/12/18/24
* Luna: Level 15 Talent changed from +14 Lunar Blessing Attributes to +30 Movement Speed

* Slark: Now only steals agility when he kills the enemy himself
* Slark: Pounce leash duration from 3.5 to 2.75/3/3.25/3.5
* Slark: Pounce leash range from 325 to 350
* Slark: Shadow Dance cooldown increased from 60 to 80/70/60
* Slark: Level 20 Talent reduced from +3s Pounce Leash to +2s

* Dazzle: Poison Touch manacost increased from 80/90/100/110 to 80/100/120/140
* Dazzle: Bad Juju debuff duration reduced from 10 to 8

* Sand King: Sandstorm cooldown increased from 34/28/22/16 to 40/32/24/16
* Sand King: Sandstorm manacost rescaled from 60/50/40/30 to 60

* Underlord: Intelligence gain reduced from 2.6 to 2.3

* Lone Druid: Spirit Link attack speed reduced from 30/50/70/90 to 20/40/60/80
* Lone Druid: Spirit Link cooldown from 42/34/26/18 to 44/36/28/20

* Wraith Band: Attack speed bonus reduced from 8 to 7

* Drow: Base agility increased by 4
* Drow: Precision Aura increased from 20/36/52/68% to 20/40/60/80%

* Outworld Devourer: Base Intelligence increased from 24 to 28
* Outworld Devourer: Equilibrium mana restore from 60/80/100/120% to 80/100/120/140%
* Outworld Devourer: Equilibrium slow from 8/16/24/32% to 12/20/28/36%
* Outworld Devourer: Equilibrium cooldown from 20 to 18

* Clinkz: Burning Army base attack time improved from 1.8/1.65/1.5 to 1.65/1.5/1.35
* Clinkz: Burning Army cast range increased from 800 to 1200

* Chaos Knight: Chaos Strike cooldown from 8/7/6/5 to 7/6/5/4
* Chaos Knight: Phantasm damage increased from 40/70/100% to 50/75/100%

* Centaur: Retaliate max stacks increased from 10 to 13

* Ember Spirit: Fixed a bug with multiple Fire Remnant instances not doing damage properly
* Ember Spirit: Sleight of Fist damage increased from 30/60/90/120 to 35/70/105/140

* Medusa: Agility increased from 20 + 2.5 to 22 + 3.4
* Medusa: Level 15 Talent increased from +20% Mystic Snake Mana Steal to +35%

* Treant Protector: Nature’s Guise fade time reduced from 4.75/4/3.25/2.5 to 4/3.5/3/2.5
* Treant Protector: Nature’s Guise total damage increased from 30/80/130/180 to 30/90/150/210
* Treant Protector: Nature’s Guise movement speed increased from 10/15/20/25% to 14/18/22/26%

* Storm Spirit: Electric Vortex duration from 1/1.5/2/2.5 to 1.4/1.8/2.2/2.6
* Storm Spirit: Electric Vortex cooldown from 21/20/19/18 to 22/20/18/16
* Storm Spirit: Overload attack speed reduction from -50 to -80 (matches movement speed now)

* Sven: Warcry shield health increased from 100/200/300/400 to 110/220/330/440

* Venomancer: Poison Sting slow from 11/12/13/14% to 11/13/15/17%

Todays snapshot is nice and peaceful. We’ve gone and fixed some bugs, cleaned up so much code, nothing can go wr███████████████ … Oh no…

A full summary of the content available in this snapshot can be found in the changelog on Minecraft.net, the following is a short summary:

• Added Pillager Outpost
• Added Raids
• Changed some block textures based on feedback

PILLAGER OUTPOST

• As if finding Pillagers out in the wild wasn’t scary enough with Patrols, keep an eye out as out on your exploration you may just find an outpost of theirs.
• Can be found in any biome a village can be generated.
• Takes advantage of our new mystery block, the Jigsaw, for generation.

RAIDS

• If you find an illager wearing a banner on its head, be careful not to kill it!
• If you do kill it, you might find yourself facing a Bad Omen
• If you find yourself facing a Bad Omen, be especially careful not to walk into a village
• If you do walk into a village…good luck

• MC-139374 – Leashes spazzing out
• MC-138797 – Eating block entities makes lava particles
• MC-138075 – Dying Shulker Boxes Doesnt work
• MC-137819 – Shulker boxes cannot be dyed, resulting in duplication

To get snapshots, open your launcher and go to the “launch options” tab. Check the box saying “Enable snapshots” and save. To switch between the snapshot and normal version, you can find a new dropdown menu next to the “Play” button. Back up your world first or run the game on in a different folder (In the “launch options” page).

Please report any and all bugs you find in Minecraft to bugs.mojang.com.

Snapshots can corrupt your world, please backup and/or run them in a different folder from your main worlds. 

Share your thoughts on how 1.14 is shaping up in the comments below!

At some point in your career as a Linux administrator, you’re going to use Secure Shell (SSH) to remote into a Linux server or desktop. Chances are, you already have. In some instances, you’ll be SSH’ing into multiple Linux servers at once. In fact, Secure Shell might well be one of the most-used tools in your Linux toolbox. Because of this, you’ll want to make the experience as efficient as possible. For many admins, nothing is as efficient as the command line. However, there are users out there who do prefer a GUI tool, especially when working from a desktop machine to remote into and work on a server.

If you happen to prefer a good GUI tool, you’ll be happy to know there are a couple of outstanding graphical tools for SSH on Linux. Couple that with a unique terminal window that allows you to remote into multiple machines from the same window, and you have everything you need to work efficiently. Let’s take a look at these three tools and find out if one (or more) of them is perfectly apt to meet your needs.

I’ll be demonstrating these tools on Elementary OS, but they are all available for most major distributions.

PuTTY

Anyone that’s been around long enough knows about PuTTY. In fact, PuTTY is the de facto standard tool for connecting, via SSH, to Linux servers from the Windows environment. But PuTTY isn’t just for Windows. In fact, from withing the standard repositories, PuTTY can also be installed on Linux. PuTTY’s feature list includes:

• Saved sessions.

• Connect via IP address or hostname.

• Define alternative SSH port.

• Connection type definition.

• Logging.

• Options for keyboard, bell, appearance, connection, and more.

• Local and remote tunnel configuration

• Proxy support

• X11 tunneling support

The PuTTY GUI is mostly a way to save SSH sessions, so it’s easier to manage all of those various Linux servers and desktops you need to constantly remote into and out of. Once you’ve connected, from PuTTY to the Linux server, you will have a terminal window in which to work. At this point, you may be asking yourself, why not just work from the terminal window? For some, the convenience of saving sessions does make PuTTY worth using.

Installing PuTTY on Linux is simple. For example, you could issue the command on a Debian-based distribution:

sudo apt-get install -y putty

Once installed, you can either run the PuTTY GUI from your desktop menu or issue the command putty. In the PuTTY Configuration window (Figure 1), type the hostname or IP address in the HostName (or IP address) section, configure the port (if not the default 22), select SSH from the connection type, and click Open.

Once the connection is made, you’ll then be prompted for the user credentials on the remote server (Figure 2).

To save a session (so you don’t have to always type the remote server information), fill out the IP address (or hostname), configure the port and connection type, and then (before you click Open), type a name for the connection in the top text area of the Saved Sessions section, and click Save. This will then save the configuration for the session. To then connect to a saved session, select it from the saved sessions window, click Load, and then click Open. You should then be prompted for the remote credentials on the remote server.

EasySSH

Although EasySSH doesn’t offer the amount of configuration options found in PuTTY, it’s (as the name implies) incredibly easy to use. One of the best features of EasySSH is that it offers a tabbed interface, so you can have multiple SSH connections open and quickly switch between them. Other EasySSH features include:

Install EasySSH on a Linux desktop is simple, as the app can be installed via flatpak (which does mean you must have Flatpak installed on your system). Once flatpak is installed, add EasySSH with the commands:

sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo sudo flatpak install flathub com.github.muriloventuroso.easyssh

Run EasySSH with the command:

flatpak run com.github.muriloventuroso.easyssh

The EasySSH app will open, where you can click the + button in the upper left corner. In the resulting window (Figure 3), configure your SSH connection as required.

Once you’ve added the connection, it will appear in the left navigation of the main window (Figure 4).

To connect to a remote server in EasySSH, select it from the left navigation and then click the Connect button (Figure 5).

The one caveat with EasySSH is that you must save the username and password in the connection configuration (otherwise the connection will fail). This means anyone with access to the desktop running EasySSH can remote into your servers without knowing the passwords. Because of this, you must always remember to lock your desktop screen any time you are away (and make sure to use a strong password). The last thing you want is to have a server vulnerable to unwanted logins.

Terminator

Terminator is not actually an SSH GUI. Instead, Terminator functions as a single window that allows you to run multiple terminals (and even groups of terminals) at once. Effectively you can open Terminator, split the window vertical and horizontally (until you have all the terminals you want), and then connect to all of your remote Linux servers by way of the standard SSH command (Figure 6).

To install Terminator, issue a command like:

sudo apt-get install -y terminator

Once installed, open the tool either from your desktop menu or from the command terminator. With the window opened, you can right-click inside Terminator and select either Split Horizontally or Split Vertically. Continue splitting the terminal until you have exactly the number of terminals you need, and then start remoting into those servers.
The caveat to using Terminator is that it is not a standard SSH GUI tool, in that it won’t save your sessions or give you quick access to those servers. In other words, you will always have to manually log into your remote Linux servers. However, being able to see your remote Secure Shell sessions side by side does make administering multiple remote machines quite a bit easier.

Few (But Worthwhile) Options

There aren’t a lot of SSH GUI tools available for Linux. Why? Because most administrators prefer to simply open a terminal window and use the standard command-line tools to remotely access their servers. However, if you have a need for a GUI tool, you have two solid options and one terminal that makes logging into multiple machines slightly easier. Although there are only a few options for those looking for an SSH GUI tool, those that are available are certainly worth your time. Give one of these a try and see for yourself.

Battle for Korsun is a turn-based ‘lite’ strategy wargame set during the Eastern Front of World War 2. Specifically, it covers the events of the Korsun-Shevchenkovsky Offensive between Jan/Feb 1944 which led to what is known as the Battle of the Korsun-Cherkasy Pocket. A surrounded German Army Group failed to breakout and find relief, causing massive casualties.

The game is developed by Yobowargames, or Lance Craner as he is also known, and is a more simplistic wargame that acts as a great gateway experience for casual enthusiasts or those looking to get into that particular niche. Key features include:

• Hotseat or German v AI
• Large Map
• Units represent Divisions/Regiments or Battalions
• Variable weather conditions

At the time of writing, Pocket Tactics has yet to do it’s own dedicated review on Battle for Korsun, however our sister website Wargamer.com has a review of the PC version if you’re interested in some broad impressions.

Once we do a dedicated review on iOS, this text will be replaced by the official PT verdict.

As has become a tradition here on GameFromScratch, every year we track down and present the best Black Friday deals of interest for game developers.  This year is no exception, so here they are!  Although it is becoming less and less of a thing, this page will also track applicable Cyber Monday deals as well.  If you know of a missing deal, let me know in the comments down below and I will do my best to add it.

3D Coat (Store Link)

3D Coat is a 3D sculpting, paintings and PBR texturing application that is currently $100 off during Black Friday, valid through Nov 26th.

Adobe (Store Link)

Adobe are offering 25% off their entire creative suite annual subscription service.  This includes seminal products such as Photoshop, Illustrator, Animate and more.

APress (Store Link)

Any aPress published ebook for $7.

Affinity Paint/Designer (Store Link)

All Serif products are currently 30% off for Black Friday, including Affinity Designer, Painter and Painter for iOS.  If you want to learn more about Affinity Designer, check out our recent video.

Allegorithmic (Substance) (Store Link)

Save 33% on annual subscriptions for their Substance Suite of PBR texturing tools (Painter, Designer, B2M).  For more information on Substance Painter, check out our recent hands on video.

Amazon

Amazon is always heavily involved in Black Friday and sell a wealth of software and hardware that’s useful for game developers.  I will be updating this category as deals come online.

Asus GX501 15” Ultra Portable GeForce 1070 Laptop $400 Off

Corel Draw 30% Off

Corel Painter 2019 33% Off

CyberPowerPC PC Towers – @20% Off

Dell XPS 15 Laptop with 1050 Geforce $200 Off

Gigabyte Aero 15x 1070 Thin Laptop $550 Off

Google PixelBook 19% Off

MacBook Pro 13” $100 Off

MSI GS63VR Stealth $350 Off

Microsoft Surface Go 10% Off

Logitech MX Master 50% Off

Oculus Rift $50 Off

Razer Blade Stealth $200 Off

Samsung Monitors @25% Off

Samsung Tablets 33-44% Off

Smith Micro Software (Anime Studio, MoHo, Poser, etc) – Moho 30% off

CGTrader (Store Link)

CG Trader are offering up to 50% discount on 3D models this Black Friday.

ClipPaint Studio (Store Link)

ClipPaint Studio (the successor to Manga Studio) is an anime style painting application that is currently 50% off for Black Friday.

The Foundry (Store Link)

The Foundry are offering 30% discounts to Modo subscriptions and 15% off maintenance.

Humble Bundle RPG Game Dev Bundle (Store Link)

Technically not a Black Friday sale, but the Humble RPG Game Dev Bundle is going on during the same period.  Now with an improved license, you can get a ton of RPG related graphics, music and icons for a low price while helping charity.  I got hands-on with the bundle in this video.

Marmoset (Store Link)

Save up to 50% on all Marmoset Software, such as Toolbag, Viewer and Hexels.  See Hexels in action in this video.

Microsoft Store (Store Link)

The Microsoft store is an ecceletic mix of software, computers and devices, with a variety of items on sale during Black Friday such as laptops, tablets and VR headsets.

PluralSight (Store Link)

Pluralsight offer online training and courses.  Their Black Friday sale includes 33% off on subscriptions.

Packt Books (Store Link)

All eBooks and videos from Packt Publishing are available for $10 during the sale.

Quixel (Store Link)

Quixel’s sale doesn’t actually start until Black Friday.  Generally its a discount of their texturing software as well as their texture resources.

Safari Books Online (Store Link)

Safari Books is O’Reilly Press’ online book repository, offering full access to thousands of computer related books.  This sale, good through Monday, is good for 50% off an annual subscriptions, a $200 value.

Steam Autumn Sale (Store Link)

Steam is also having their annual autumn sale with tons of game development software available at discounted pricing.

TurboSquid (Store Link)

TurboSquid is offering select 3D models from their catalog for up to 40% off.

Udemy (Store Link)

Udemy is offering most of their thousands of online courses for $10 each.

Unity Asset Store (Store Link)

There are sales across the entire Unity Asset Store for Black Friday, generally 50% off or better.  Pretty much all kinds of assets are currently on sale, models, plugins, tools, you name it.  They have also organized several discounted bundles specifically for Black Friday.

Unity Essentials Bundle – 55% Off

Unity World Building Bundle – 55% Off

Unity Ultimate Characters Bundle – 55% Off

Unity Quick Prototyping Bundle – 55% Off

Unreal Engine Marketplace (Store Link)

Unreal Engine aren’t having a Black Friday sale… they are having a “Fall Sale”.  Same thing, different label.  Save up to 90% off on 3,100 items in their online asset store.  The “totally not a Black Friday” sale ends on November 27th.

YoYo Games (Store Link)

YoYoGames are offering 20% off all licenses for all GameMaker products.

[embedded content]

---

Some of the above links contain affiliate codes, meaning if you make a purchase through a link on this site you help GameFromScratch.

GameDev News Tips

---

Some computer networks need to maintain identical software installations and configurations on several physical machines. One such environment would be a school computer lab. A netboot server can be set up to serve an entire operating system over a network so that the client computers can be configured from one central location. This tutorial will show one method of building a netboot server.

Part 1 of this tutorial will cover creating a netboot server and image. Part 2 will show how to add Kerberos-authenticated home directories to the netboot configuration.

Initial Configuration

Start by downloading one of Fedora Server’s netinst images, burning it to a CD, and booting the server that will be reformatted from it. We just need a typical “Minimal Install” of Fedora Server for our starting point and we will use the command line to add any additional packages that are needed after the installation is finished.

NOTE: For this tutorial we will be using Fedora 28. Other versions may include a slightly different set of packages in their “Minimal Install”. If you start with a different version of Fedora, then you may need to do some troubleshooting if an expected file or command is not available.

Once you have your minimal installation of Fedora Server up and running, log in as root and set the hostname:

$ MY_HOSTNAME=server-01.example.edu $ hostnamectl set-hostname $MY_HOSTNAME

NOTE: Red Hat recommends that both static and transient names match the fully-qualified domain name (FQDN) used for the machine in DNS, such as host.example.com (Understanding Host Names).

NOTE: This guide is meant to be copy-and-paste friendly. Any value that you might need to customize will be stated as a MY_* variable that you can tweak before running the remaining commands. Beware that if you log out, the variable assignments will be cleared.

NOTE: Fedora 28 Server tends to dump a lot of logging output to the console by default. You may want to disable the console logging temporarily by running: sysctl -w kernel.printk=0

Next, we need a static network address on our server. The following sequence of commands should find and reconfigure your default network connection appropriately:

$ MY_DNS1=192.0.2.91 $ MY_DNS2=192.0.2.92 $ MY_IP=192.0.2.158 $ MY_PREFIX=24 $ MY_GATEWAY=192.0.2.254 $ DEFAULT_DEV=$(ip route show default | awk '{print $5}') $ DEFAULT_CON=$(nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p') $ nohup bash << END nmcli con mod "$DEFAULT_CON" connection.id "$DEFAULT_DEV" nmcli con mod "$DEFAULT_DEV" connection.interface-name "$DEFAULT_DEV" nmcli con mod "$DEFAULT_DEV" ipv4.method disabled nmcli con up "$DEFAULT_DEV" nmcli con add con-name br0 ifname br0 type bridge nmcli con mod br0 bridge.stp no nmcli con mod br0 ipv4.dns $MY_DNS1,$MY_DNS2 nmcli con mod br0 ipv4.addresses $MY_IP/$MY_PREFIX nmcli con mod br0 ipv4.gateway $MY_GATEWAY nmcli con mod br0 ipv4.method manual nmcli con up br0 nmcli con add con-name br0-slave0 ifname "$DEFAULT_DEV" type bridge-slave master br0 nmcli con up br0-slave0 END

NOTE: The last set of commands above is wrapped in a “nohup” script because it will disable networking temporarily. The nohup command should allow the nmcli commands to finish running even while your ssh connection is down. Beware that it may take 10 or so seconds for the connection to come back up and that you will have to start a new ssh connection if you changed the server’s IP address.

NOTE: The above network configuration creates a network bridge on top of the default connection so that we can run a virtual machine instance directly on the server for testing later. If you do not want to test the netboot image directly on the server, you can skip creating the bridge and set the static IP address directly on your default network connection.

Install and Configure NFS4

Start by installing the nfs-utils package:

$ dnf install -y nfs-utils

Create a top-level pseudo filesystem for the NFS exports and share it out to your network:

$ MY_SUBNET=192.0.2.0 $ mkdir /export $ echo "/export -fsid=0,ro,sec=sys,root_squash $MY_SUBNET/$MY_PREFIX" > /etc/exports

SELinux will interfere with the netboot server’s operation. Configuring exceptions for it is beyond the scope of this tutorial, so we will disable it:

$ sed -i '/GRUB_CMDLINE_LINUX/s/"$/ audit=0 selinux=0"/' /etc/default/grub $ grub2-mkconfig -o /boot/grub2/grub.cfg $ sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux $ setenforce 0

NOTE: Editing the grub command line should not be necessary, but simply editing /etc/sysconfig/selinux proved ineffective across reboots of Fedora Server 28 during testing, so the “selinux=0” flag has been set here to be doubly sure.

Now, add an exception for the NFS service to the local firewall and start the NFS service:

$ firewall-cmd --add-service nfs $ firewall-cmd --runtime-to-permanent $ systemctl enable nfs-server.service $ systemctl start nfs-server.service

Create the Netboot Image

Now that our NFS server is up and running, we need to supply it with an operating system image to serve to the client computers. We will start with a very minimal image and add to it after everything is working.

First, create a new directory where our image will be stored:

$ mkdir /fc28

Use the “dnf” command to build the image under the new directory with only a few base packages:

$ dnf -y --releasever=28 --installroot=/fc28 install fedora-release systemd passwd rootfiles sudo dracut dracut-network nfs-utils vim-minimal dnf

It is important that the “kernel” packages were omitted from the above command. Before they are installed, we need to tweak the set of drivers that will be included in the “initramfs” image that is built automatically when the kernel is first installed. In particular, we need to disable “hostonly” mode so that the initramfs image will work on a wider set of hardware platforms and we need to add support for networking and NFS:

$ echo 'hostonly=no' > /fc28/etc/dracut.conf.d/hostonly.conf $ echo 'add_dracutmodules+=" network nfs "' > /fc28/etc/dracut.conf.d/netboot.conf

Now, install the kernel:

$ dnf -y --installroot=/fc28 install kernel

Set a rule to prevent the kernel from being updated:

$ echo 'exclude=kernel-*' >> /fc28/etc/dnf/dnf.conf

Set the locale:

$ echo 'LANG="en_US.UTF-8"' > /fc28/etc/locale.conf

NOTE: Some programs (e.g. GNOME Terminal) will not function if the locale is not properly configured.

Blank root’s passwd:

$ sed -i 's/^root:\*/root:/' /fc28/etc/shadow

Set the client’s hostname:

$ MY_CLIENT_HOSTNAME=client-01.example.edu $ echo $MY_CLIENT_HOSTNAME > /fc28/etc/hostname

Disable logging to the console:

$ echo 'kernel.printk = 0 4 1 7' > /fc28/etc/sysctl.d/00-printk.conf 

Define a local “liveuser” in the netboot image:

$ echo 'liveuser:x:1000:1000::/home/liveuser:/bin/bash' >> /fc28/etc/passwd $ echo 'liveuser::::::::' >> /fc28/etc/shadow $ echo 'liveuser:x:1000:' >> /fc28/etc/group $ echo 'liveuser:!::' >> /fc28/etc/gshadow

Allow “liveuser” to sudo:

$ echo 'liveuser ALL=(ALL) NOPASSWD: ALL' > /fc28/etc/sudoers.d/liveuser

Enable automatic home directory creation:

$ dnf install -y --installroot=/fc28 authselect oddjob-mkhomedir $ echo 'dirs /home' > /fc28/etc/rwtab.d/home $ chroot /fc28 authselect select sssd with-mkhomedir --force $ chroot /fc28 systemctl enable oddjobd.service

Since multiple clients will be mounting our image concurrently, we need to configure the image so that it will operate in read-only mode:

$ sed -i 's/^READONLY=no$/READONLY=yes/' /fc28/etc/sysconfig/readonly-root

Configure logging to go to RAM rather than permanent storage:

$ sed -i 's/^#Storage=auto$/Storage=volatile/' /fc28/etc/systemd/journald.conf

Configure DNS:

$ MY_DNS1=192.0.2.91 $ MY_DNS2=192.0.2.92 $ cat << END > /fc28/etc/resolv.conf nameserver $MY_DNS1 nameserver $MY_DNS2 END

Work-around a few bugs that exist for read-only root mounts at the time this tutorial is being written (BZ1542567):

$ echo 'dirs /var/lib/gssproxy' > /fc28/etc/rwtab.d/gssproxy $ cat << END > /fc28/etc/rwtab.d/systemd dirs /var/lib/systemd/catalog dirs /var/lib/systemd/coredump END

Finally, we can create the NFS filesystem for our image and share it out to our subnet:

$ mkdir /export/fc28 $ echo '/fc28 /export/fc28 none bind 0 0' >> /etc/fstab $ mount /export/fc28 $ echo "/export/fc28 -ro,sec=sys,no_root_squash $MY_SUBNET/$MY_PREFIX" > /etc/exports.d/fc28.exports $ exportfs -vr

Create the Boot Loader

Now that we have an operating system available to netboot, we need a boot loader to kickstart it on the client systems. For this setup, we will be using iPXE.

NOTE: This section and the following section — Testing with QEMU — can be done on a separate computer; they do not have to be run on the netboot server.

Install git and use it to download iPXE:

$ dnf install -y git $ git clone http://git.ipxe.org/ipxe.git $HOME/ipxe

Now we need to create a special startup script for our bootloader:

$ cat << 'END' > $HOME/ipxe/init.ipxe #!ipxe prompt --key 0x02 --timeout 2000 Press Ctrl-B for the iPXE command line... && shell || dhcp || exit set prefix file:///linux chain ${prefix}/boot.cfg || exit END

Enable the “file” download protocol:

$ echo '#define DOWNLOAD_PROTO_FILE' > $HOME/ipxe/src/config/local/general.h

Install the C compiler and related tools and libraries:

$ dnf groupinstall -y "C Development Tools and Libraries"

Build the boot loader:

$ cd $HOME/ipxe/src $ make clean $ make bin-x86_64-efi/ipxe.efi EMBED=../init.ipxe

Make note of where the where the newly-compiled boot loader is. We will need it for the next section:

$ IPXE_FILE="$HOME/ipxe/src/bin-x86_64-efi/ipxe.efi"

Testing with QEMU

This section is optional, but you will need to duplicate the file layout of the EFI system partition that is shown below on your physical machines to configure them for netbooting.

NOTE: You could also copy the files to a TFTP server and reference that server from DHCP if you wanted a fully diskless system.

In order to test our boot loader with QEMU, we are going to create a small disk image containing only an EFI system partition and our startup files.

Start by creating the required directory layout for the EFI system partition and copying the boot loader that we created in the previous section to it:

$ mkdir -p $HOME/esp/efi/boot $ mkdir $HOME/esp/linux $ cp $IPXE_FILE $HOME/esp/efi/boot/bootx64.efi

The below command should identify the kernel version that our netboot image is using and store it in a variable for use in the remaining configuration directives:

$ DEFAULT_VER=$(ls -c /fc28/lib/modules | head -n 1)

Define the boot configuration that our client computers will be using:

$ MY_DNS1=192.0.2.91 $ MY_DNS2=192.0.2.92 $ MY_NFS4=server-01.example.edu $ cat << END > $HOME/esp/linux/boot.cfg #!ipxe kernel --name kernel.efi \${prefix}/vmlinuz-$DEFAULT_VER initrd=initrd.img ro ip=dhcp rd.peerdns=0 nameserver=$MY_DNS1 nameserver=$MY_DNS2 root=nfs4:$MY_NFS4:/fc28 console=tty0 console=ttyS0,115200n8 audit=0 selinux=0 quiet initrd --name initrd.img \${prefix}/initramfs-$DEFAULT_VER.img boot || exit END

NOTE: The above boot script shows a minimal example of how to get iPXE to netboot Linux. Much more complex configurations are possible. Most notably, iPXE has support for interactive boot menus which can be configured with a default selection and a timeout. A more advanced iPXE script could, for example, default to booting an operation system from the local disk and only go to the netboot operation if a user pressed a key before a countdown timer reached zero.

Copy the Linux kernel and its associated initramfs to the EFI system partition:

$ cp $(find /fc28/lib/modules -maxdepth 2 -name 'vmlinuz' | grep -m 1 $DEFAULT_VER) $HOME/esp/linux/vmlinuz-$DEFAULT_VER $ cp $(find /fc28/boot -name 'init*' | grep -m 1 $DEFAULT_VER) $HOME/esp/linux/initramfs-$DEFAULT_VER.img

Our resulting directory layout should look like this:

esp ├── efi │   └── boot │   └── bootx64.efi └── linux ├── boot.cfg ├── initramfs-4.18.18-200.fc28.x86_64.img └── vmlinuz-4.18.18-200.fc28.x86_64

To use our EFI system partition with QEMU, we need to create a small “uefi.img” disk image containing it and then connect that to QEMU as the primary boot drive.

Begin by installing the necessary tools:

$ dnf install -y parted dosfstools

Now create the “uefi.img” file and copy the files from the “esp” directory into it:

$ ESP_SIZE=$(du -ks $HOME/esp | cut -f 1) $ dd if=/dev/zero of=$HOME/uefi.img count=$((${ESP_SIZE}+5000)) bs=1KiB $ UEFI_DEV=$(losetup --show -f $HOME/uefi.img) $ parted ${UEFI_DEV} -s mklabel gpt mkpart EFI FAT16 1MiB 100% toggle 1 boot $ mkfs -t msdos ${UEFI_DEV}p1 $ mkdir -p $HOME/mnt $ mount ${UEFI_DEV}p1 $HOME/mnt $ cp -r $HOME/esp/* $HOME/mnt $ umount $HOME/mnt $ losetup -d ${UEFI_DEV}

NOTE: On a physical computer, you need only copy the files from the “esp” directory to the computer’s existing EFI system partition. You do not need the “uefi.img” file to boot a physical computer.

NOTE: On a physical computer you can rename the “bootx64.efi” file if a file by that name already exists, but if you do so, you will probably have to edit the computer’s BIOS settings and add the renamed efi file to the boot list.

Next we need to install the qemu package:

$ dnf install -y qemu-system-x86

Allow QEMU to access the bridge that we created in the “Initial Configuration” section of this tutorial:

$ echo 'allow br0' > /etc/qemu/bridge.conf

Create a copy of the “OVMF_VARS.fd” image to store our virtual machine’s persistent BIOS settings:

$ cp /usr/share/edk2/ovmf/OVMF_VARS.fd $HOME

Now, start the virtual machine:

$ qemu-system-x86_64 -machine accel=kvm -nographic -m 1024 -drive if=pflash,format=raw,unit=0,file=/usr/share/edk2/ovmf/OVMF_CODE.fd,readonly=on -drive if=pflash,format=raw,unit=1,file=$HOME/OVMF_VARS.fd -drive if=ide,format=raw,file=$HOME/uefi.img -net bridge,br=br0 -net nic,model=virtio

If all goes well, you should see results similar to what is shown in the below image:

You can use the “shutdown” command to get out of the virtual machine and back to the server:

$ sudo shutdown -h now

NOTE: If something goes wrong and the virtual machine hangs, you may need to start a new ssh session to the server and use the “kill” command to terminate the “qemu-system-x86_64” process.

Adding to the Image

Adding to the image should be a simple matter of chroot’ing into the image on the server and running “dnf install <package_name>”.

There is no limit to what can be installed on the netboot image. A full graphical installation should function perfectly.

Here is an example of how to bring our minimal netboot image up to a complete graphical installation:

$ for i in dev dev/pts dev/shm proc sys run; do mount -o bind /$i /fc28/$i; done $ chroot /fc28 /usr/bin/bash --login $ dnf -y groupinstall "Fedora Workstation" $ dnf -y remove gnome-initial-setup $ systemctl disable sshd.service $ systemctl enable gdm.service $ systemctl set-default graphical.target $ sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux $ logout $ for i in run sys proc dev/shm dev/pts dev; do umount /fc28/$i; done 

Optionally, you may want to enable automatic login for the “liveuser” account:

$ sed -i '/daemon/a AutomaticLoginEnable=true' /fc28/etc/gdm/custom.conf $ sed -i '/daemon/a AutomaticLogin=liveuser' /fc28/etc/gdm/custom.conf