Lab2 Bootstrapping Debian

In this lab we will cover the install process relying on the bootstrapping process, which in our opinion illustrates all the essential steps of the installation. Using the installer application will eventually hide all these important steps making the whole installation more user friendly, we however are aiming at expert level understanding of the GNU/Linux OS and therefore now and further we will try to avoid wizards and helpers.

Creating the VM

Next let's create VM suitable to run Debian 9.3 GNU/Linux. This newly created VM becomes our temporary environment for installing Debian.

Once the ISO downloaded and is valid, we may create VM and install Debian(dependent on chosen emulator Qemu or VirtualBox):

• For Qemu users:
  • First create the HDD for your VM:
  • in command line, create virtual hard disk as follows:
    • qemu-img create -f qcow2 BootstrapDebian.qcow2 10G
    • the options used here:
      • create qemu-img command for creating new virtual hard disks
      • -f qcow2 virtual hard disk file format, QEMU Copy-On-Write format (more details here)
      • BootstrapDebian.qcow2 the name of the file to be created in your CWD
      • 10G maximal size of the virtual hard disk. The actual file will be several kilobytes after creation, however it will grow once we start filling the disk with the data (due to Dynamically allocated variant of virtual disk).
    • Now create a second virtual hard disk with same parameters but different name e.g. BootstrapDebian2.qcow2 .
  • Next start the VM using newly created HDD:
  • in command line, start Qemu as follows:
    • qemu-system-i386 --enable-kvm -m 1024M -hda BootstrapDebian.qcow2 -hdb BootstrabDebian2.qcow2 -cdrom debian-live-9.3.0-i386-xfce.iso -boot d
    • the options used here:
      • --enable-kvm forcing KVM hypervizer (CPU-virtualization feature has to be enabled)
      • -m 1024M amount of RAM to assign for the VM
      • -cdrom debian-live-9.3.0-i386-xfce.iso install Live ISO file into VM's CD-ROM
      • -boot d force VM to boot CD-ROM first

• For VirtualBox users:
  • Open the VirtualBox application, and click New Button
    • Give a new VM a name BootstrapDebian
    • Choose a type Linux
    • Choose version Debian (32-bit)
    • Click Next
    • Specify amount of memory 1024MB, as this will be enough for testing purposes
    • Click Next
      • Select Create a virtual hard disk now
    • Click Next
      • Select VDI (VirtualBox Disk Image)
    • Click Next
      • Select Dynamically allocated
    • Click Next
      • Set 10 GB as size
    • Click Create
  • The newly created VM should be visible in the VM list (in the left in VirtualBox main window you should see BootStrapDebian icon)
  • Right-click on it and select Settings
    • Go to System -> Processor tab -> select 2 CPU cores and Enable PAE/NX -> Acceleration tab -> Verify that Enable VT-x/AMD-V is marked -> Click OK.
    • Go to Storage -> Click Controller: SATA -> Click second icon with green "plus sign" called Add hard disk -> Create new disk -> Select VDI (VirtualBox Disk Image) -> Select Dynamically allocated -> 10GB -> Click Create -> Click OK.
  • Double-click on BootstrapDebian VM in the list of VMs
  • During the first boot, the VM will ask to provide an ISO image to boot from
    • Provide the ISO file of the live version of Debian 9.3 which was copied or downloaded in previous lab.

After you have started the VM a Debian Live boot windows should appear:

• Please select First option Debian Gnu/Linux Live (kernel 4.9...) and hit Enter
• The standard boot process will take place and bring to a login prompt:
  • The default user for any Debian live is user with password live

Now we are ready to boot into Debian Live and start installing Debian manually!

Bootstrapping Debian 9.3 into virtual HDD using Debian Live shell

The first thing we need to do is to switch to root shell in order to have access to utils like:

• fdisk, mkfs.ext4, mkswap, tune2fs, apt, mount, nano, vi, debootstrap (etc.)
• ... which we will use to setup the OS up.

'Changing to root shell in Live Normally I would do this over su - in live however it is not critical to avoid sudo, so we do this like:

• sudo su -

And afterwards we may notice our user shell sign $ changed # (a sign of a root shell).
Now we can start partitioning and formatting our HDD.

Partitioning virtual HDD (DOS or GPT)
First of all make sure we have HDD in our system at all:

• # fdisk -l or
• # lsblk
• ... should give us an information about attached hard drives and partitions
  • We should see /dev/sda (the first hard drive) and /dev/sdb empty with 10 GiB of free space each.

The correct output for p command in fdisk

• In case you did something wrong or want to redo you can use # fdisk /dev/sda and then hit d to delete partitions.

The correct output for lsblk command

RAID 1 for better data reliability
RAID (Redundant Array of Independent Disks, originally Redundant Array of Inexpensive Disks) is a data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both.

Data is distributed across the drives in one of several ways, referred to as RAID levels, depending on the required level of redundancy and performance. The different schemes, or data distribution layouts, are named by the word "RAID" followed by a number, for example RAID 0 or RAID 1. Each schema, or RAID level, provides a different balance among the key goals: reliability, availability, performance, and capacity. RAID levels greater than RAID 0 provide protection against unrecoverable sector read errors, as well as against failures of whole physical drives. https://en.wikipedia.org/wiki/RAID

• Now lsblk output should look like this

• You can check status of RAID arrays with cat /proc/mdstat command

For added security lets encrypt the data parts of our disks
dm-crypt is a transparent disk encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD. It is part of the device mapper infrastructure, and uses cryptographic routines from the kernel's Crypto API. The dm-crypt device mapper target resides entirely in kernel space, and is only concerned with encryption of the block device – it does not interpret any data itself. It relies on user space front-ends to create and activate encrypted volumes, and manage authentication. At least two frontends are currently available: cryptsetup and cryptmount. The cryptsetup command-line interface, by default, does not write any headers to the encrypted volume, and hence only provides the bare essentials: encryption settings have to be provided every time the disk is mounted (although usually employed with automated scripts), and only one key can be used per volume; the symmetric encryption key is directly derived from the supplied passphrase. https://en.wikipedia.org/wiki/Dm-crypt

• You can chek if the newly opened disk is available in lsblk list

LVM

In Linux, Logical Volume Manager (LVM) is a device mapper target that provides logical volume management for the Linux kernel. Most modern Linux distributions are LVM-aware to the point of being able to have their root file systems on a logical volume.

LVM is used for the following purposes:

• Creating single logical volumes of multiple physical volumes or entire hard disks (somewhat similar to RAID 0, but more similar to JBOD), allowing for dynamic volume resizing.
• Managing large hard disk farms by allowing disks to be added and replaced without downtime or service disruption, in combination with hot swapping.
• On small systems (like a desktop), instead of having to estimate at installation time how big a partition might need to be, LVM allows filesystems to be easily resized as needed.
• Performing consistent backups by taking snapshots of the logical volumes.

LVM can be considered as a thin software layer on top of the hard disks and partitions, which creates an abstraction of continuity and ease-of-use for managing hard drive replacement, repartitioning and backup.

If done correctly lsblk should look like something like this

• To verify previous command you can use blkid command

Adding created partition to the file tree
The newly formatted ROOT file system is not yet added to the file tree, hence it is impossible to create any files in there. First we need to add the file system to the system file tree by specifying a directory for it (mounting a file system to a directory). Create a new directory under /mnt named NewRoot. Mount the root partition (by its label) to the newly created directory,

Bootstrapping the new Debian into ROOT filesystem

Confinguring the hostname, file system map and network

 LABEL=BOOT	/boot	vfat	defaults	0	0 
 LABEL=ROOT	/	ext4	defaults,errors=remount-ro	0	0
 LABEL=SWAP	swap	swap	defaults	0	0

 auto lo
 iface lo inet loopback

 auto eth0
 iface eth0 inet dhcp

Change root into new Debian
Currently we have just one Debian environment running on Linux kernel. What we do next is that we first share the kernel specific directories of the Debian Live with our new Debian. In file tree we will have to now link existing kernel directories into the new root directory.

Setting up locale

Setting up timezone

Setting up initial users and passwords

Install extra Software for RAID, LVM and encryption support.

Installing Linux kernel and Boot loader for new Debian Each operating system uses a kernel. Without a kernel, you can’t have an operating system that actually works. Windows, Mac OS X, and Linux all have kernels, and they’re all different. It’s the kernel that also does the grunt work of the operating system. Besides the kernel, there are a lot of applications that are bundled with the kernel to make the entire package something useful — more on that a bit later.

The kernel’s job is to talk to the hardware and software, and to manage the system’s resources as best as possible. It talks to the hardware via the drivers that are included in the kernel (or additionally installed later on in the form of a kernel module). This way, when an application wants to do something (say change the volume setting of the speakers), it can just submit that request to the kernel, and the kernel can use the driver it has for the speakers to actually change the volume.

The kernel is highly involved in resource management. It has to make sure that there is enough memory available for an application to run, as well as to place an application in the right location in memory. It tries to optimize the usage of the processor so that it can complete tasks as quickly as possible. It also aims to avoid deadlocks, which are problems that completely halt the system when one application needs a resource that another application is using. It’s a fairly complicated circus act to coordinate all of those things, but it needs to be done and that’s what the kernel is for. https://www.makeuseof.com/tag/linux-kernel-explanation-laymans-terms/

Finishing and checking installation

CONGRATULATIONS you have completed the lab 2.

Lab 001 Live Videos