Bind-mount K3s agent data, node identity, and kubelet dirs from
NVMe so container image cache and node registration survive reboots
on the diskless netboot nodes. Includes K3s binary download, agent
systemd service, DHCP hostname resolution, and open-iscsi for
Longhorn iSCSI support.
- Built from latest iPXE git source
- Fixes UEFI initrd handoff bugs present in old 2019 version
- Add tftp/ sync to Makefile deploy target
- Track ipxe.efi in git
- Use --name vmlinuz and --name initrd for explicit image naming
- Use imgargs separately from kernel line
- Use 'boot vmlinuz' explicitly instead of bare 'boot'
- Add imgfree to clear previous images
- Add initrd=initrd to kernel args for EFI stub
- Load initrd FIRST to address UEFI memory mapping requirements
- Add imgfree to clear previous images before loading
- Put kernel args directly on kernel line instead of using imgargs
- Add break=mountroot for debugging initramfs execution
The overlay mount was failing because it tried to mount overlay onto /root
while also using /root as the lowerdir source. This is invalid - you cannot
overlay-mount a directory onto itself.
Fix: Mount squashfs to /mnt/squashfs, tmpfs to /mnt/overlay, then mount
overlay onto /root using the squashfs mount as lowerdir.
- Install linux-image-generic-hwe-24.04 (6.14+) for RTL8125BP XID 689 support
- Enable noble-updates and noble-security repositories in chroot
- Add explicit rdinit=/init and panic=-1 kernel parameters for boot robustness
- Rename CLAUDE.md to AGENTS.md for broader AI assistant coverage
- Document dracut module alternative and verify-image.sh utility
- Clean up initramfs netboot script comments
Conflicts with custom netboot script that provides essential tmpfs overlay.
cloud-initramfs-rooturl mounts squashfs read-only, but diskless nodes need
writable overlay for /var/log, /tmp, /etc, and runtime state.
Fixes: Can't open blockdev error during boot
- Update CLAUDE.md with complete kernel parameters including boot=netboot
- Remove duplicate wget/curl package declarations in build-image.sh
- Check unsquashfs in both /usr/bin and /usr/sbin in verify-image.sh
- Use consistent $quiet variable expansion in netboot hook functions
All issues identified in zen-opus pre-commit review are now resolved.
Initramfs-tools boot scripts must provide hook functions (netboot_top,
netboot_premount, netboot_bottom) and mount wrappers (mount_top, mount_premount,
mount_bottom) for the init script to call them properly.
Without these, the init script doesn't recognize netboot as a valid boot method
and falls back to trying /dev/root, causing "cannot open block device" errors.
The initramfs hooks copy binaries from the chroot environment, so these tools
must be installed there. Without squashfs-tools, unsquashfs is missing from the
initramfs and the netboot script cannot extract the root filesystem.
- Add CLAUDE.md with project architecture and build documentation
- Add verify-image.sh script to validate generated netboot images
- Fix boot.ipxe kernel parameters:
- Add boot=netboot to invoke custom initramfs script
- Add console=tty0 for VGA output alongside serial console
- Fix earlyprintk serial specification
- Remove dead symlink creation in build-image.sh (http/latest pointed to non-existent directory)
The boot=netboot parameter is critical - without it, initramfs falls back to local boot
and fails with /dev/root errors. The console changes enable viewing boot messages on
monitor instead of only serial port.
