27. 06. 2018 Michele Santuari Linux, ntop

Custom Ubuntu ISO image for unattended and offline installation

The optimized delivery of our products requires the automation of installations and upgrades.  In particular, the latest version of the nBox appliance is based on Ubuntu and requires automated and, possibly, offline installation and upgrade processes.

The aim of this article is to describe the procedure to create an Ubuntu ISO image, which provides the installation of additional deb packages without requiring internet connection (offline) and without user interaction (unattended).

The article is divided into three main sections:

  1. Unattended installation:  Provide the configurations to create an automated installation procedure
  2. Custom and offline installation:  Update the repository within the ISO image to include new deb packages
  3. Bootable ISO image creation

Requirements

  • Operating system: Ubuntu (tested on 16.04LTS)
  • Main Source Debian repository enabled (e.g., add the line deb-src http://ubuntu.mirror.garr.it/mirrors/ubuntu-archive xenial main restricted universe multiverse to /etc/apt/source.list)
  • Dependencies: apt install syslinux-utils rng-tools fakeroot squashfs-tools dpkg-dev
  • An Ubuntu 16.04 ISO image copied into /opt/cdrom (e.g., mount -o /path/to/iso /cdrom && rsync -av /cdrom/ /opt/cd-image)

Unattended installation

The unattended installation is based on a kickstart file that contains configuration information for the Ubuntu installation.

The following example will automatically configure an Ubuntu system with user root and password admin, and the disk partitioned with LVM (allowing partitions to be changed later on).  If additional packages are required, you could add them in the %packages section, but then during the installation phase, internet connectivity will be required (see the next section for a complete offline installation).

#System language
lang en_US
#System keyboard
keyboard us
#System timezone
timezone Europe/Rome
#Root password
rootpw admin
#Initial user
user --disabled
preseed user-setup/allow-password-weak boolean true
#Reboot after installation
reboot
#Use text mode install
text
#Install OS instead of upgrade
install
#Use CD-ROM installation media
cdrom
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr yes
#Partition clearing information
clearpart --all --initlabel
part pv.01 --size 1 --grow
volgroup vg00 pv.01
logvol / --fstype=ext4 --name=lv_root --vgname=vg00 --grow --size=10000 --maxsize=30000
logvol /storage --fstype=ext4 --name=lv_storage --vgname=vg00 --grow --size=100
logvol swap --name=lv_swap --vgname=vg00 --grow --size=3968 --maxsize=3968

# hack around Ubuntu kickstart bugs
preseed partman-lvm/confirm_nooverwrite boolean true
preseed partman-auto-lvm/no_boot boolean true

#System authorization information
auth --useshadow --enablemd5
#Do not configure the X Window System
skipx

#A list of deb package can be added in this section.
%packages

This example should be placed in the ISO image. We assume that the file is in /opt/cd-image/ks-nbox-ubuntu16.04-amd64.cfg.

To enable the configuration, the boot options in /opt/cd-image/isolinux/txt.cfg should be changed by adding the following lines:

label autoinstall
menu label ^Automatically install Ubuntu
kernel /install/vmlinuz
append file=/cdrom/preseed/ubuntu-server.seed vga=788 initrd=/install/initrd.gz ks=cdrom:/ks-nbox-ubuntu16.04-amd64.cfg quiet

Custom and offline installation

This section describes how to add additional packages to the ISO image, so that an internet connection during installation is not necessary.

New packages must be added to the repository within the CD-ROM and must be re-indexed taking into consideration the Ubuntu repository structure.  Moreover, the Ubuntu installation process verifies the repository keys by checking the GPG key against the public keys held in the package ubuntu-keyring.  Thus the ubuntu-keyring package must include a custom key, which will be used to sign our new repository.

First, let’s generate the key:

gpg --gen-key
Check the key just generated
gpg --list-key

Then, integrate the newly generated key in the ubuntu-keyring package:

cd /opt/cd-image/install
unsquashfs filesystem.squashfs
cd squashfs-root/
cp /opt/build/ubuntu-keyring-*/keyrings/ubuntu-archive-keyring.gpg usr/share/keyrings/ubuntu-archive-keyring.gpg
cp /opt/build/ubuntu-keyring-*/keyrings/ubuntu-archive-keyring.gpg etc/apt/trusted.gpg 
cp /opt/build/ubuntu-keyring-*/keyrings/ubuntu-archive-keyring.gpg var/lib/apt/keyrings/ubuntu-archive-keyring.gpg

Now the keys must be imported into squashfs on the ISO image:

cd /opt/cd-image/install
#Write the manifest
chmod +w filesystem.manifest
chroot squashfs-root dpkg-query -W --showformat='${Package} ${Version}\n' > /opt/cd-image/install/filesystem.manifest
#Recreate the filesystem.squashfs
mksquashfs squashfs-root/ filesystem.squashfs
#Write the size
du -sx --block-size=1 ./squashfs-root/ | cut -f1 > /opt/cd-image/install/filesystem.size
#Remove old squashfs
rm -r squashfs-root/
#GPG sign and verification
#Note that you may want to specify your key with option -u YOURKEYID
gpg --digest-algo SHA256 --sign -bao filesystem.squashfs.gpg filesystem.squashfs
#Verify the correct signment
gpg --verify filesystem.squashfs.gpg filesystem.squashfs

The last step is to add the packages which are used during installation to the CD-ROM repository.  Create a new folder to for the new packages:

cd /opt/cd-image
mkdir -p pool/extras/
#you may want to add additional components (e.g., pool/devel/)

and then copy your deb packages into the pool folder you created (e.g., cp /Download/debs/*.deb /opt/cd-image/pool/extras/).
Now we need to re-index our repository within /cdrom.  Download this script and copy it into /opt/cdrom/.  Modify the script’s variables as follows:

  • GPG_NAME should be the just-generated key ID
  • GPG_PATH_PW a path to a file containing the password for key
  • REPONAME should contain the components as an array e.g., (main extras)
  • ORIGIN the name of the company

Finally, run this script:

cd /opt/cdrom && /bin/bash index.sh

ISO image creation

Create an ISO image ready to be written onto USB or CD-ROM:

IMAGE=custom.iso
BUILD=/opt/cd-image/

mkisofs -r -V "nBox Ubuntu Install CD" \
            -cache-inodes \
            -J -l -b isolinux/isolinux.bin \
            -c isolinux/boot.cat -no-emul-boot \
            -boot-load-size 4 -boot-info-table \
            -o $IMAGE $BUILD
isohybrid custom.iso

Resources

Share this post
Share on LinkedInTweet about this on TwitterShare on FacebookShare on Google+Email this to someoneShare on Tumblr
Michele Santuari

Michele Santuari

Network Developer at Wuerth Phoenix
Hi, my name is Michele Santuari and I'm Network Developer in the System Integration Research & Development Team at Wuerth Phoenix.

Author

Michele Santuari

Hi, my name is Michele Santuari and I’m Network Developer in the System Integration Research & Development Team at Wuerth Phoenix.

Leave a Reply

Your email address will not be published. Required fields are marked *

Archive