clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
clawdie-iso/docs/ISO-DEPLOYMENT-TARGET-ZFS.md
Sam & Claude 0e6d8cbe53 Drop unresolved Clawdie service staging from USB (Sam & Codex) 
Keeps service clawdie as a deployed-system contract only, removes the old mini-binary FEATURE_CLAWDIE staging lane from the ISO build, and adds explicit Linux-vs-FreeBSD proof boundaries for provider/runtime claims.\n\nChecks: ./scripts/check-format.sh; git diff --check; sh -n over scripts/ firstboot/ live/operator-session/ executables
2026-06-13 12:12:34 +02:00

5.4 KiB
Raw Blame History

ISO Deployment Target — ZFS Disk Install

Internal document. IPs use 10.0.0.0/8 placeholder range; real addresses are in the live USB's ARP table at build time.

Date: 4 Jun 2026
Milestone: v1.0.0 — USB live → ZFS disk deploy
Repo: clawdie-iso

Target machine

Detail Value
Make / Model HPE ProLiant ML350p Gen8 tower
Serial CZ22160QQY
Product ID 646676-421
Management iLO 4 (firmware 2.76 → needs 2.82 update)
iLO License Advanced (remote console + virtual media)
iLO IP 10.0.0.2 (dedicated iLO management port)
Server NICs 4× onboard GbE (MAC 9c:8e:99:4c:43:e6e9)
Server IP DHCP from LAN port 1 (currently no OS booted)
iLO password Physical pull-tab tag on chassis (factory default)

Network layout (sanitised)

  10.0.0.1  — gateway / DHCP server
  10.0.0.2  — iLO 4 management (dedicated port)
  10.0.0.7  — operator USB laptop (ue0, FreeBSD 15)
  10.0.0.?  — server LAN port 1 (DHCP, TBD once OS boots)

Current state

  • Server powered on, iLO reachable at https://10.0.0.2/
  • No host OS installed or booted — no server NIC has an IP
  • iLO 4 firmware 2.76 (CVEs fixed in 2.82 — upgrade required)
  • iLO Advanced license installed (remote console active)
  • Disks unknown (requires iLO login or OS boot)

Deployment plan

Phase 1 — pre-flight (on USB live)

# Verify iLO access
curl -sk -u Administrator:<tag-password> https://10.0.0.2/xmldata?item=all

# Check server health
ipmitool -H 10.0.0.2 -U Administrator -P <tag-password> sdr list
ipmitool -H 10.0.0.2 -U Administrator -P <tag-password> power status

# Mount ISO via iLO virtual media
# → iLO web UI → Remote Console → Virtual Drives → Mount clawdie-iso

# Boot from virtual ISO
ipmitool -H 10.0.0.2 -U Administrator -P <tag-password> chassis bootdev cdrom
ipmitool -H 10.0.0.2 -U Administrator -P <tag-password> chassis power reset

Phase 2 — USB live boots on server

Once the ISO boots on the server hardware:

  1. Server gets DHCP on its LAN port (visible in ARP)
  2. colibri-daemon starts, skills catalog loaded
  3. colibri status / colibri list-skills passes from the live USB
  4. tailscale up for mesh access (if auth key available)

service clawdie is the deployed-system target service name, not a live-USB service in the current baseline image.

Phase 3 — disk survey + ZFS pool create

# List disks
camcontrol devlist
geom disk list

# Create ZFS pool (single disk or mirror, TBD after survey)
zpool create -o ashift=12 zroot /dev/ada0
zfs create -o mountpoint=/ zroot/ROOT/default

Phase 4 — install FreeBSD to ZFS + deployed service

# Bootstrap FreeBSD base system onto ZFS
# Install the future deployed-system clawdie service once its implementation lands
# Keep colibri-daemon as the control-plane core
# Copy config, skills DB, pi sessions from USB
# Set boot environment

Phase 5 — reboot to disk + validate

# On reboot, server boots from local ZFS
# Future deployed-service acceptance, once implemented:
# service clawdie health    # daemon ✓, skills ✓, glasspane ✓
# service clawdie inventory # runtime manifest
colibri list-skills         # catalog intact
# Tailscale mesh active, operator can SSH in

iLO firmware upgrade

Current: 2.76 (Dec 2019)
Target: 2.82 (Aug 2023)
Download: https://support.hpe.com/ → ProLiant ML350p Gen8 → Firmware → iLO 4

Method A (from USB live):

# Upload firmware via iLO REST API
curl -sk -u Administrator:<pw> -X POST \
  -F "file=@ilo4_282.bin" \
  https://10.0.0.2/json/upload_firmware

Method B (via iLO web UI):

  1. Log into https://10.0.0.2/
  2. Administration → Firmware → Upload
  3. Select ilo4_282.bin, apply, iLO reboots (~2 min)

System ROM / BIOS

Check version after iLO login:

curl -sk -u Administrator:<pw> https://10.0.0.2/xmldata?item=all | grep -i rom

Likely needs update — Gen8 latest is 2019.05.00 (P79). Check HPE support.

Required packages on ISO

Package Purpose
ipmitool IPMI/BMC management (power, sensors, boot order)
freeipmi Alternative IPMI toolset (optional, heavier)
curl iLO REST API calls already included
openssl Certificate handling already included
python3 Scripting + JSON already included

Notes

  • iLO 4 password is on a physical pull-tab tag on the chassis.
    • Front panel: pull the plastic tab below the optical drive.
    • Behind bezel: remove the plastic front bezel, check metal.
    • Rear: sticker near the dedicated iLO RJ45 port.
    • Inside: top lid off → sticker on motherboard near iLO chip.
  • If tag is truly lost: physical "iLO Security Override" jumper (SW1 position 1) on motherboard resets iLO to factory defaults (requires monitor + keyboard).
  • The server has an iLO Advanced license — remote console (.NET/Java) and virtual media work. HTML5 console may not be available on iLO 4; use the standalone IRC client or ipmitool sol for Serial-over-LAN.