Automated Installations of RHEL/CentOS 7 using PXE Server and Kickstart Objectives:
In this Lab Assignment (A part of RHCSA Training Course), you will configure and use Automated Installations of RHEL/CentOS 7 using PXE Server and Kickstart File. The Complete course is available here. Course Contents for the RHCSA Trainings are available here. The Lab assignment is divided in two sections as follows:
A. Configure a PXE Server for Linux Installations in RHEL/CentOS 7
Subscribe to the Youtube Channel for Live Demo
PXE Server (Preboot eXecution Environment) instructs a client computer to boot, run or install an operating system directly form a network interface, eliminating the need to burn a CD/DVD or use a physical medium, or, can ease the job of installing Linux distributions on your network infrastructure on multiple machines the same time. [caption id="attachment_3297" align="aligncenter" width="310"] CentOS 7 Kickstart installation with PXE Server[/caption] I will explain how you can install and configure a PXE Server on RHEL/CentOS 7 x64-bit with ftp and http installation repositories, sources provided by CentOS 7 DVD ISO image using
libvirtd
and DNSMASQ Server (service provided by
libvirted
. No separate installation required) Which provides DNS and DHCP services, Syslinux package which provides bootloaders for network booting, TFTP-Server, which makes bootable images available to be downloaded via network using Trivial File Transfer Protocol (TFTP) and VSFTPD Server which will host the local mounted mirrored DVD image – which will act as an official RHEL/CentOS 7 mirror installation repository from where the installer will extract its required packages.
B. Automate the Installation of RHEL/CentOS 7 with PXE Server and Kickstart Files
In the second part, I will focused on how you can perform Automatic Installations of RHEL/CentOS 7, without the need for user intervention, on headless machines using a Kickstart file read from a local FTP server. The simplest way to create a customize Kickstart file that you can use it further for multiple installations is to manually perform an installation of RHEL/CentOS 7 and copy, after installation process finishes, the file
/root/anaconda-ks.cfg
, to an accessible network location, and specify the initrd boot parameter
inst.ks=protocol://path/to/kickstart.file
to PXE Menu Configuration File.
Requirements:
- Isolated Virtual Network, 192.168.122.0 (Server/Host IP: 192.168.122.1) with dhcp enabled.
- ISO Image/DVD of CentOS 7.4
- The
libvirtd
installed (Virtual Machine Manager). QEMU/VMM running. - All required packages for KVM installed and you have successfully created at least one virtual machine manually before this lab on the same host.
- At least 30 GB Free Space.
- 2 GB RAM for each machine to be created in this lab.
- 10GB Hard Disks for each of the machine to be created in this lab.
Sequence 1. Configure a PXE Server and FTP Server for Network Installation
Step 1: Configure DNSMASQ Server (used by libvirtd)
On linux host servers, libvirtd uses dnsmasq to service the virtual networks, such as the default network. A new instance of dnsmasq is started for each virtual network, only accessible to guests in that specific network. If you are running your own "global" dnsmasq, then this can cause your own dnsmasq to fail to start (or for libvirtd to fail to start its dnsmasq and the given virtual network). This happens because both instances of dnsmasq might try to bind to the same port number on the same network interfaces. Therefore ensure that you are not running dnsmasq as independent service.
- To manage the dnsmasq configuration setting, use virsh command.
# virsh net-edit default
(This will open /var/lib/libvirt/dnsmasq/default.conf in xml format as given below)
default
be030726-e9d7-4ef2-9c07-60de47780e0c
- Regenerate the Configuration file /var/lib/libvirt/dnsmasq/default.conf
# virsh net-destroy default
# virsh net-start default
- Verify the update in /var/lib/libvirt/dnsmasq/default.conf
# vi /var/lib/libvirt/dnsmasq/default.conf
##WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
##OVERWRITTEN AND LOST. Changes to this configuration should be made using:
## virsh net-edit default
## or other application using the libvirt API.
##
## dnsmasq conf file created by libvirt
strict-order
domain=default
expand-hosts
pid-file=/var/run/libvirt/network/default.pid
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-option=3
no-resolv
ra-param=*,0,0
dhcp-range=192.168.122.128,192.168.122.254
dhcp-no-override
dhcp-authoritative
dhcp-boot=pxelinux.0
dhcp-lease-max=127
dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile
addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts
Verify the “dhcp-boot” Option. If the option is still missing, restart the machine and verify again.
Step 2: Install SYSLINUX Bootloaders
- Install Syslinx PXE bootloader package by issuing the following command.
# yum install syslinux
- The PXE bootloaders files reside in /usr/share/syslinux absolute system path, so you can check it by listing this path content. This step is optional, but you might need to be aware of this path because on the next step, we will copy of all its content to TFTP Server path.
# ls /usr/share/syslinux
Step 3: Install TFTP-Server and populate it with SYSLINUX Bootloaders
- Next step is to install TFTP-Server and, then, copy all bootloders files provided by Syslinux package from the above listed location to /var/lib/tftpboot path.
# yum install tftp-server
# systemctl enable tftp.service
# systemctl start tftp.service
# systemctl status tftp.service
# cp -r /usr/share/syslinux/* /var/lib/tftpboot
Step 4: Setup PXE Server Configuration File
- The PXE Server reads its configuration from a group of specific files hosted in a folder called
cfg
.
Create the required directory pxelinux.cfg and populate it with a default file:
# mkdir /var/lib/tftpboot/pxelinux.cfg
- Create the PXE Server configuration file with valid Linux distributions installation options. Note that all paths used in this file must be relative to the
/var/lib/tftpboot
Here is a an example configuration file that you can use it, but modify the installation images (kernel and initrd files), protocols (FTP, HTTP, HTTPS, NFS) and IPs to reflect your network installation source repositories and paths accordingly.
# vi /var/lib/tftpboot/pxelinux.cfg/default
Add the following whole excerpt to the file.
default menu.c32
prompt 0
timeout 300
ONTIMEOUT local
menu title ########## PXE Boot Menu - The Skill Pedia ##########
label 1
menu label ^1) Install CentOS 7 x64 from FTP Server
kernel /centos7/vmlinuz
append initrd=/centos7/initrd.img method=ftp://192.168.122.1/pub/inst
devfs=nomount
label 2
menu label ^2) Install CentOS 7 x64 from Web Server & Kickstart File
kernel /centos7/vmlinuz
append initrd=/centos7/initrd.img method=http://192.168.122.1/inst inst.ks=http://192.168.122.1/inst/ks.cfg
devfs=nomount inst.vnc inst.vncpassword=password
As you can see CentOS 7 boot images (kernel and initrd) reside in a directory named centos7 relative to
/var/lib/tftpboot
and the installer repositories can be reached by using
or
http://192.168.122.1/inst
network location.
Step 5: Add CentOS 7 Boot Images to PXE Server
- For this step CentOS kernel and initrd files are required. To get those files you need the CentOS 7 DVD ISO Image. So, download CentOS DVD Image, put it in your DVD drive and mount the image to
/mnt
The reason for using the DVD and not a Minimal CD Image is the fact that this DVD content would be used to create the locally installer repositories for FTP and HTTP Sources.
# mount -o loop /dev/cdrom /mnt
# ls /mnt
If your machine has no DVD drive you can also download CentOS 7 DVD ISO.
# cd ~/Downloads
# wget http://mirrors.xservers.ro/centos/7.4.1708/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso
# mount -o loop CentOS-7-x86_64-DVD-1708.is /mnt
- Create the centos7 directory and copy CentOS 7 bootable kernel and initrd images from the DVD mounted location to
centos7
folder structure.
# mkdir /var/lib/tftpboot/centos7
# cp /mnt/images/pxeboot/vmlinuz /var/lib/tftpboot/centos7
# cp /mnt/images/pxeboot/initrd.img /var/lib/tftpboot/centos7
The reason for using this approach is that, later you can create new separate directories in
/var/lib/tftpboot
path and add other Linux distributions to PXE menu without messing up the entire directory structure.
Step 6: Create CentOS 7 Local Mirror Installation Source
- Although you can setup Installation Source Mirrors via a variety of protocols such as HTTPS or NFS, for this lab, I have chosen FTP and http protocol because is very reliable and easy to setup with the help of vsftpd server. If you have successfully complete Lab 2, you should have your FTP Server up and running. In that case you can directly jump to
Step 9: Create a Virtual Machine to Boot from Network
- Install
vsftpd
daemon, copy all DVD mounted content to vsftpd default server path (/var/ftp/pub/inst) – this can take a while depending on your system resources and append readable permissions to this path by issuing the following commands.
# yum install vsftpd
# cp -ar /mnt/* /var/ftp/pub/inst/
# chmod -R 755 /var/ftp/pub/inst
Ensure that you have copied two files starting with “.” ( .diskinfo and .treeinfo)
Step 7: Start and Enable Daemons System-Wide
- Start DNSMASQ, TFTP and VSFTPD servers, verify their status and enable it system-wide, to automatically start after every system reboot, by running the below commands.
# systemctl restart libvirtd
# systemctl status libvirtd
# systemctl start vsftpd
# systemctl status vsftpd
# systemctl enable libvirtd
# systemctl enable vsftpd
# systemctl restart tftp.service
Step 8: Open Firewall and Test FTP Installation Source
- To get a list of all ports that needs to be open on your Firewall in order for client machines to reach and boot from PXE server, run netstat command and add CentOS 7 Firewalld rules accordingly to dnsmasq and vsftpd listening ports.
# netstat -tulpn
# firewall-cmd --add-service=ftp --permanent ## Port 21
# firewall-cmd --add-service=dns --permanent ## Port 53
# firewall-cmd --add-service=dhcp --permanent ## Port 67
# firewall-cmd --add-port=69/udp --permanent ## Port for TFTP
# firewall-cmd --add-port=4011/udp --permanent ## Port for ProxyDHCP
# firewall-cmd --reload ## Apply rules
- To test FTP Installation Source network path open a browser locally or on a different computer and type the IP Address of your PXE server with FTP protocol followed by /pub/inst network location on URL.
ftp://192.168.122.1/pub/inst
- To debug PXE server for eventual misconfigurations or other information and diagnostics in live mode run the following command.
# tail -f /var/log/ messages
- Finally, the last required step that you need to do is to unmount CentOS 7 DVD and remove the physical medium.
# umount /mnt
Step 9: Create a Virtual Machine to Boot from Network
- Start the Virtual Machine Manager and Select “Create New” VM. Select the Network Boot (PXE) as boot method.
- Once you have reached PXE menu, choose your CentOS 7 installation type, hit Enter key and continue with the installation procedure the same way as you might install it from a local media boot device.
Please note down that using variant 2 from this menu requires a kickstart file is created and available as discussed in the next Sequence.
Sequence 2. Automate the Installation of RHEL/CentOS 7 with PXE Server and Kickstart Files
In this lab I have used the Kikstart file resulted from the previous Installation procedure of RHEL/CentOS 7. If you need a Kickstart file that covers GUI Installation and a specific partition table, I suggest that you first perform a customizable Graphical Installation of RHEL/CentOS 7 in a virtualized environment and use that resulted Kickstart file for future GUI installations.
Step 1. Mount the ISO Image
- If your machine has no DVD drive you can also download CentOS 7 DVD ISO.
# mount -o loop /dev/cdrom /mnt
# ls /mnt
# mount -o loop /path/to/centos-dvd.iso /mnt
Step 2: Create CentOS 7 Local Mirror Installation Source
- For this sequence, I have chosen HTTP protocol. Therefore install httpd daemon, copy all DVD mounted content to http server path
(/var/www/html/inst)
– this can take a while depending on your system resources and append readable permissions to this path by issuing the following commands. If you have successfully complete Lab 2, you should have your HTTP Server up and running. In that case you can directly jump toStep 5: Add Kikstart Installation Label to PXE Server Configuration
.
# yum install httpd*
# cp -ar /mnt/* /var/www/html/inst/
# chmod -R 755 /var/www/html/inst
Ensure that you have copied two files starting with “.” ( .diskinfo and .treeinfo)
Step 3: Start and Enable Daemons System-Wide
- Now that the PXE server configuration is finished, start the servers, verify their status and enable it system-wide, to automatically start after every system reboot.
# systemctl restart httpd
# systemctl status httpd
# systemctl enable httpd
# systemctl restart tftp.service
Step 4: Create and Copy Kiskstart File to http Server Path
- On the first step go to your PXE machine /root directory and copy the file named anaconda-ks.cfg to http server path.
# cp anaconda-ks.cfg /var/www/html/inst/ks.cfg
# chmod 755 /var/www/html/inst/ks.cfg
- After the file has been copied, open it with your favorite text editor and make the following minimal changes.
# vi /var/www/html/inst/ks.cfg
An excerpt on how a Kickstart file might look like is presented below. You can use it as it is. The Password is “redhat” in encrypted form.
(If you have successfully completed Lab 5, you should have you’re your own Kickstart file at ftp server, that is, ftp://192.168.122.1/pub/inst/ks.cfg. You can use same or create a new one as given below)
#platform=x86, AMD64, or Intel EM64T
#version=CentOS
# Install OS instead of upgrade
install
# Keyboard layouts
# old format: keyboard us
# new format:
keyboard --vckeymap=us --xlayouts='us'
# Root password
rootpw redhat
# Use network installation
url --url="http://192.168.122.1/inst"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# System authorization information
auth --useshadow --passalgo=sha512
# Use graphical install
graphical
# Run the Setup Agent on first boot
firstboot --enable
# SELinux configuration
selinux --enforcing
# System services
services --enabled="chronyd"
ignoredisk --only-use=vda
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone America/New_York
# System bootloader configuration
bootloader --append="crashkernel=auto" --location=mbr --boot-drive=vda
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="xfs" --size=5000
part /boot --fstype="xfs" --size=500
part swap --fstype="swap" --size=2000
%packages
@^gnome-desktop-environment
@backup-client
@base
@compat-libraries
@core
@desktop-debugging
@dial-up
@directory-client
@fonts
@gnome-apps
@gnome-desktop
@guest-agents
@guest-desktop-agents
@input-methods
@internet-applications
@internet-browser
@java-platform
@legacy-x
@multimedia
@network-file-system-client
@networkmanager-submodules
@print-client
@x11
chrony
kexec-tools
%end
- Before attempting to use this file for installations procedures, it is important that you verify the file using
ksvalidator
included onpykickstart
package, especially if manual customizations had been performed. Install Pykickstart package and verify your Kickstart file by issuing the following commands.
# yum install pykickstart
# ksvalidator /var/www/html/inst/ks.cfg
- The last verification is to assure that Kickstart file is accessible from your specified network location – in this case FTP Local Mirror Installation Source defined by following URL Address.
ftp://192.168.122.1/pub/inst
Step 5: Add Kikstart Installation Label to PXE Server Configuration
- In order to access Automatic Installation of RHEL/CentOS 7 option from PXE Menu add the following label to PXE default file configuration.
# vi /var/lib/tftpboot/pxelinux.cfg/default
-----------PXE Menu Label excerpt----------------
label 2
menu label ^2) Install CentOS 7 x64 from Web Server & Kickstart File
kernel /centos7/vmlinuz
append initrd=/centos7/initrd.img method=http://192.168.122.1/inst inst.ks=http://192.168.122.1/inst/ks.cfg
devfs=nomount inst.vnc inst.vncpassword=password
As you can see from this example the automatically installation can be supervised via VNC with password (replace VNC password accordingly) and the Kickstart file is located locally on PXE server and is specified by the initrd boot parameter inst.ks= http network location
Step 6: Create a Virtual Machine to Boot from Network
- Start the Virtual Machine Manager and Select “Create New” VM. Select the Network Boot (PXE) as boot method as given below.
[caption id="attachment_3062" align="aligncenter" width="310"] PXE-Boot Virtual Machine[/caption]
- Once you have reached PXE menu, choose second option, hit Enter key and grab a coffee. The Installation will complete on its own and you will be required after successful installation and system is booted after the installation is complete..
[caption id="attachment_3063" align="aligncenter" width="550"] PXE-Boot-Menu[/caption]
That’s all! Automatic Kickstart installations offer a great deal of benefits for system administrators in environments that they have to perform system installations on multiple machines the same time, in a short period of time, without the need to manually interfere with the installation process.
This will give you time to do other things, or perhaps some leisure time if you’re lucky.