Bringing the yellow bastards back to life.
This script will allow building a complete Google Search Appliance based on version 7.6.512, which is the last available version before it was discontinued.
Don't run this exposed to the internet. This product doesn't have the best security track record, which is probably partially why it got discontinued.
-
The script must be run under Linux.
-
The script must be run on the physical hardware or VM that will be used to run the actual appliance. The licensing is tied to the MAC addresses, to be specific.
-
The target disk will be completely wiped, and must be at least 32 GB. 18 GB is used by the system, the rest is used for data.
-
The appliance requires at least 8 GB of RAM.
-
The appliance requires two network adapters.
-
The environment that runs the
build.pyscript must have access to:- some recent-ish version of python3
- python-protobuf 6.31.1 or later (or just rebuild
network_configurator_pb2.pywith whatever version ofprotocyou have available) - curl
- pv
- gpg
- tar
- blkdiscard
- parted
- LVM tools
- mkfs.ext3
- mkfs.ext4
- findmnt
- rpm
You can run
prereqs.shto do install this automatically on supported distros. -
The environment that runs the
build.pyscript needs to have the traditional, non-deterministic network names (eth0,eth1, and so on)
During testing, I've been booting a VM from an Arch Linux live disc, and performing the build from there.
On account of this being intended for appliances, and there being no official way to perform an installation from scratch, there are some differences compared to what you would find on an appliance:
- There is a pre-activated license valid until 2069-04-20 4:20:00 PM GMT. With an appliance, you'd get a license valid for your appliance for as long as you had an active support contract, and they've all expired now.
- While this generates secure, unique credentials like a real appliance would have, GRUB isn't locked down, and the BIOS password is not set. (Hopefully. No guarantees.)
- Appliances would come with a RAID setup from the factory, and generally have a different configuration depending on the model. This pretends to be a weird Dell R710 with no disks and no RAID, as far as the management software is concerned :)
- When run with
--generalizethe kernel is replaced with a slightly newer one from Rocky Linux 8, as the stock kernel is hyperspecialized to the point of only supporting the PERC controllers in the Dell servers it was intended for. Yes, it doesn't even support AHCI. - The appliances have an A/B partitioning setup, similar to Android devices. This doesn't, because it's highly unlikely Google is going to release an update at this point.
- System status will always show a temperature warning, because it's trying to probe for hardware sensors that doesn't exist.
- If you have real hardware, it's highly unlikely the ID printed on the case will match, on account of the whole "always pretending to be an R710" thing.
- Inability to build premade images - see the first point under Requirements. Fixing this requires moving some steps to a systemd service, to run once at first boot before any of the GSA services start.
- The unused, non-working initramfs generated for the build host kernel is never removed.
- The inability to make a secure image is... pretty bad. In development mode, it gets configured to be extremely insecure, and even if you think you've got all the wide open accounts, there's a myriad of hidden ones.
- Wang at DEVCORE who wrote the blog post that helped me track down the firmware image
- Cursed Silicon whose two messages, now at the bottom of the command help output, planted the idea of doing this in my head
- "GG-ServerParts" in southern Sweden who advertised a T3 model for a reasonable price several years ago, which ended up being my first server
This is generally compatible with the official Installation guide.
When configuring, if you don't know what to enter for NTP servers, enter 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org.
You can press "Help" to read what each option means in the configuration.