== Pre-Introduction ==

The following document is a couple of notes on what I did to set up a lab environment for teaching LPI. Unfortunately I could not really write this document as I went along, since a lot of it was trial and error. Other aspects also only became clear once the lab was used. 

This document describes my own experiences and is by no means definitive in any way. I hope it's a good start though.
Hopefully others find this document useful and it will grow over time. Please feel free to add your experiences and give feedback.

== Introduction ==
This document is a guideline to a possible setup in a lab environment for teaching the [[http://www.lpi.org/|LPI courses]] on Ubuntu. Typically you would have a couple of learners, each with a PC. The instructor would have a PC, preferably with a projector. You would also need an install server.

== Install server ==
Create an install server as described in the [[https://wiki.ubuntu.com/PXEInstallServer|PXEInstallServer]] document. If the lab environment allows for it, the install server should also be a dhcp server. In some cases the install server might even be an DNS server and gateway for the lab PCs.

== Customise the install ==
Create a ks.cfg as described in the [[https://wiki.ubuntu.com/PXEInstallServer|PXEInstallServer]] document. I had the following %packages section in ks.cfg
{{{
%packages
ubuntu-desktop
dhcp3-server
openssh-server
nmap
xinetd
nfs-kernel-server
ppp
wvdial
setserial
rpm
lftp
dovecot
gcc-3.4
build-essential
quota
quotatools
samba
smbclient
netkit-inetd
}}}

== Apt Cacher ==
Install apt-cacher on install server and configure

== SSH key ==
Generate an ssh key on the install server and copy the public part of it where it is visible to the install client. This is used so that the install server can always ssh to clients as root, so that further tasks can be performed on the clients if needed.

=== Post-install ===
The lab I installed needed some packages from universe and multiverse, I could not find a way to get the netboot initrd to include the universe and multiverse repositories, so  I created a post-install script to take care of this.
My network install retrieved files over http, so I had a webserver running on the install server. I added a %post section which creates a small script on the client and creates a symlink to it so that it will run at the first reboot. This script in turn downloads a more complex script from the server and executes that.

Add this to your %post section in ks.cfg, changing IP addresses where needed.
{{{
%post
echo "wget http://172.16.43.251/post-install/post-install.sh -O /usr/local/sbin/post-install.sh" > /usr/local/sbin/firstboot
echo "chmod u+x /usr/local/sbin/post-install.sh" >> /usr/local/sbin/firstboot
echo "/usr/local/sbin/post-install.sh" >> /usr/local/sbin/firstboot
chmod u+x /usr/local/sbin/firstboot
ln -s /usr/local/sbin/firstboot /etc/rc2.d/S99firstboot
echo "deb http://172.16.43.251/ubuntu/ breezy main restricted universe" > /etc/apt/sources.list
}}}

The following is the post-install.sh script placed on the server, once again, be sure to change IP addresses where needed.
{{{
#!/bin/sh

SERVER=172.16.43.251
PROXY="http://username:password@172.16.43.251:8080"
LOGFILE=/var/log/lpi-install.log

touch $LOGFILE

# only run on first boot
if [ -e /etc/rc2.d/S99firstboot ]; then
    rm -rf /etc/rc2.d/S99firstboot
fi

# copy ssh key
mkdir /root/.ssh >> $LOGFILE
chmod 700 /root/.ssh >> $LOGFILE
wget http://$SERVER/post-install/sshkey -O /root/.ssh/authorized_keys2 2>&1 >> $LOGFILE

# set proxy
export http_proxy="$PROXY"

echo "deb http://$SERVER:3142/za.archive.ubuntu.com/ubuntu breezy universe" >> /etc/apt/sources.list
echo "deb http://$SERVER:3142/za.archive.ubuntu.com/ubuntu breezy multiverse" >> /etc/apt/sources.list
apt-get update >> $LOGFILE

# install universe packages
apt-get -y install apache 2>&1 >> $LOGFILE
apt-get -y install bind 2>&1 >> $LOGFILE
apt-get -y install sendmail 2>&1 >> $LOGFILE
apt-get -y install ethereal 2>&1 >> $LOGFILE
apt-get -y install ftpd 2>&1 >> $LOGFILE
apt-get -y install lpr 2>&1 >> $LOGFILE
apt-get -y install dump 2>&1 >> $LOGFILE
apt-get -y install openntpd 2>&1 >> $LOGFILE
apt-get -dy install nis 2>&1 >> $LOGFILE
}}}

This script removes the firstboot symlink so that it will not run every time the PC is rebooted. 

It then downloads the ssh public key from the install server to allow us to ssh to clients as needed.

Next we add entries into sources.list so that the clients use our apt-cacher server. We then do an apt-get update and install some packages that we need for the lab, but that are part of the universe or multiverse repositories.

== Problems experienced ==
 * HTTP does not seem to scale well for mass installs for some reason. NFS would be much better but infortunately NFS net install is not supported in Breezy. It should be in Dapper, see bug [[https://launchpad.net/distros/ubuntu/+source/debian-installer/+bug/34161|34161]];
 * As soon as SSH was taught learners started SSH-ing to each others machines and changing passwords etc.

== Ideas ==
 * Deploy an sshd_config to all clients that does not allow password authentication, only key authentication.

== List of packages ==
Incomplete list of packages needed for the LPI course
{{{
apache
bind
dhcp3-server
sendmail
ethereal
nmap
xinetd
openssh-server
nfs-kernel-server
nis
ppp
wvdial
ftpd
lftp
dovecot
gcc-3.4
build-essential
lpr
quota
quotatool
dump
openntpd
samba
smbclient
inetd
man-db
manpages
linux-source-2.6.12
telnet
traceroute
portmap
}}}