Running the Provisioning OS via PXE
-
First, you need to get five files. These are distributed together as
pxe-artifacts.zip:- bootx64.efi This is the shim binary that is hard-coded to launch grubx64.efi.
- grubx64.efi This is a copy of the "noprefix" version of GRUB2.
- grub.cfg Configuration file for GRUB that directs it to load the following files.
- vmlinuz The Linux kernel binary.
- initrd.img An initrd containing Trident and a placeholder Trident configuration.
-
Move the first four files to a
tftpdirectory to serve them:mkdir tftp
cp bootx64.efi grubx64.efi grub.cfg vmlinuz tftp/ -
Insert your own Host Configuration into the initrd. Trident reads its configuration from
/etc/trident/config.yamlinside the initramfs. To replace the placeholder configuration with your own, unpack the initrd, copy your file in, and repack it:mkdir initrd-work && cd initrd-work
zstdcat ../initrd.img | cpio -idm --no-absolute-filenames
cp ../trident.yaml etc/trident/config.yaml
find . | cpio -o -H newc | zstd > ../tftp/initrd.img
cd .. && rm -rf initrd-workNote: Trident initrds are zstd-compressed. If your image uses gzip instead, replace
zstdcatwithzcatandzstdwithgzip.For details on the Host Configuration format, see the Host Configuration reference.
-
Create
disk.imgto use as an emulated hard drive:truncate -s 20G disk.img -
Run TPM emulator (the
swtpmcall needs to be rerun each time you launch QEMU).mkdir /tmp/mytpm1
swtpm socket \
--tpmstate dir=/tmp/mytpm1 \
--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
--log level=20 -
While
swtpmis still running, launch QEMU in a second terminal.qemu-system-x86_64 -machine q35 -cpu host -smp 2 -m 4G -accel kvm -serial stdio \
-netdev user,id=net0,tftp=./tftp,bootfile=/bootx64.efi \
-device virtio-net-pci,netdev=net0 \
-drive if=pflash,format=raw,file=/usr/share/OVMF/OVMF_CODE_4M.fd,readonly=on \
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 \
-drive format=raw,file=disk.raw