Oracle Linux 6: Set up unattended network installation (Kickstart/PXE)

Introduction

Enabling client systems to boot from network can be a massive time saver. This article describes the steps necessary to create an Oracle Linux 6 installation server, which uses a combination of apache/httpd, xinetd/in.tftpd, dhcpd, and pxelinux to facilitate automatic, unattended client installations.

The official documentation is cited throughout the article; however, as is usually the case, the official documentation does not always take into account real-world road blocks such as firewall and SELinux settings, both of which are configured out of the box and they both need to be updated in order for the boot server to function.

Table of Contents


Environment

Sun Fire X2100 M2
4 GB RAM
Proxmox 3.2

vmbr0 (lab bridge)
eth1: connected to lab network

vmbr2 (private bridge)
eth2: not connected

Kickstart Server

OLKickstart

Oracle Linux 6.4

1 socket, 2 core

512 MB RAM

32 GB disk

Two NICS:

One Bridged on
vmbr1: 192.168.3.89

One Bridged on
vmbr2: 10.0.0.5

Installation

Initialize disk

Use entire disk

Set password

First Boot

localhost login: root

Network

ifconfig eth0 192.168.3.89 netmask 255.255.255.0 up
route add default gw 192.168.3.1

Now SSH into the boot server and configure the network permanently:

ssh root@192.168.3.89
password:
vi /etc/syconfig/network
NETWORKING=yes
#HOSTNAME=localhost.localdomain
HOSTNAME=OLKickstart.seedsofgenius.net
GATEWAY=192.168.3.1
:wq!
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=XX:XX:XX:XX:XX:XX
TYPE=Ethernet
UUID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
#ONBOOT=no
#NM_CONTROLLED=yes
#BOOTPROTO=dhcp
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.3.89
NETMASK=255.255.255.0
DNS1=192.168.1.11
DNS2=192.168.1.1
DOMAIN=seedsofgenius.net
:wq!
vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=52:97:B0:05:05:14
TYPE=Ethernet
UUID=ac6aad6b-fd98-4b71-a23d-7c9b39483204
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=10.0.0.10
NETMASK=255.255.255.0
:wq!
service network restart
vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.3.89 OLKickstart.seedsofgenius.net   OLKickstart
:wq!

Kickstart Server

Chapter 32. Kickstart Installations

Automated Installations of RHEL and Oracle Linux

Apache

yum install httpd
vi /etc/http/conf/httpd.conf
# Listen 80
Listen 192.168.3.89:80
Listen 10.0.0.10:80
:wq!
chkconfig httpd on

Firewall

vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
:wq!
service iptables restart

Installation Media

mkdir /var/www/html/ks/OL6
mount /dev/cdrom /mnt
cd /mnt
tar -cf - * | (cd /var/www/html/ks/OL6 ; tar -xf -)

Generate Kickstart Config File

Chapter 33. Kickstart Configurator

The Kickstart configuration file is used to define both the initial configuration settings of the client installation as well as the package set to be installed automatically. Any additional modifications to the system can be performed via shell commands/scripts added to the pre-installation and post-installation sections. In this example, an additional message is added to the /etc/issue file, which is displayed when someone logs in.

Note: Do not forget to select the Core packages under Base System in the Package Selection screen. This installs the base operating system.

X-Server recommended

yum install system-config-kickstart
system-config-kickstart

Save the file as ~/ks.cfg by default, then move it into place:

mv ~/ks.cfg /var/www/html/ks

PXE

Configuring a Linux Server to Support PXE Installation

DHCP

yum install dhcp
vi /etc/dhcp/dhcpd.conf
server-identifier 10.0.0.10;
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;

subnet 10.0.0.0 netmask 255.255.255.0 {
   range dynamic-bootp 10.0.0.100 10.0.0.200;
   option routers 10.0.0.1;
   option broadcast-address 10.0.0.255;
}

class "PXE" {
   match if substring(option vendor-class-identifier, 0, 9) ="PXEClient";
   option vendor-class-identifier "PXEClient";
   vendor-option-space PXE;
   next-server 10.0.0.10;
   filename = "pxelinux.0";
}
:wq!
service dhcpd start
chkconfig dhcpd on

TFTP

yum install portmap tftp-server
vi /etc/xinetd.d/tftp
Make the following changes:
Change the -s /var/lib/tftpboot entry to -v -s /pxeboot.
Change the disable attribute to no.
:wq!
service xinetd restart
service chkconfig xinitd on
vi /etc/sysconfig/iptables-config
#IPTABLES_MODULES=""
IPTABLES_MODULES="ip_conntrack_ftp"
:wq!
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -i eth1 -p udp --dport 69 -j ACCEPT
:wq!
service iptables restart

PXELINUX

yum install wget
cd ~
wget https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.02.tar.gz
gunzip -dc syslinux-6.02.tar.gz | tar xf -
cp syslinux-6.02/bios/core/pxelinux.0 /pxeboot/

The following files are optional, but they provide a nice menu system that may be used to select alternate configurations at boot time. See Multiple Configurations for more details.

cp syslinux-6.02/bios/bios/core/ldlinux.sys /pxeboot/
cp syslinux-6.02/bios/com32/menu/menu.c32 /pxeboot/
cp syslinux-6.02/bios/com32/elflink/ldlinux/ldlinux.c32 /pxeboot/
cp syslinux-6.02/bios/com32/libutil/libutil.c32 /pxeboot
mkdir /pxeboot/pxelinux.cfg
mkdir /pxeboot/OL6
mount /dev/cdrom /mnt
cp /mnt/images/pxeboot/initrd.img /pxeboot/OL6/
cp /mnt/images/pxeboot/vmlinuz /pxeboot/OL6/
umount /mnt

Configure the PXE default configuration file. The menu lines are optional but they require the com32 files listed above to present a graphical menu on boot (recommended). To accommodate multiple configurations, see Multiple Configurations below

vi /home/pxeboot/pxelinux.cfg/default
default menu.c32
prompt 0
timeout 30

LABEL Oracle Linux 6.4
MENU TITLE PXE Menu
KERNEL OL6/vmlinuz
APPEND ksdevice=eth0 console=tty0 load_ramdisk=1 initrd=OL6/initrd.img network ks=http://10.0.0.10/ks/ks.cfg
:wq!

SELINUX

yum install policycoreutils-python
semanage fcontext -a -t tftpdir_rw_t '/pxeboot(/.*)?'
restorecon -R -v /pxeboot

Client

KSClient1

Oracle Linux 6.4

1 socket, 2 core

512 MB RAM

32 GB disk

One NIC
Bridged on vmbr2

Open console, boot from network, observe PXE menu

Alterations

Multiple Configurations

To install different configurations on different systems, there are two methods that may be used:

  1. Manual intervention: Manual menu selection

  2. Fully automatic: Automatic menu selection

The first option involves creating many kickstart configuration files on the server, then defining additional pxelinux menu entries (or submenus) to boot with the “ks=http://serverIP/ks/filename” parameter. These menu entries would need to be selected manually at boot time in order to install different configurations.

The second option involves defining separate menu files based on client MAC address or IP (or IP range), each with a default menu entry that points to a different ks.cfg file. Configuration files for PXELINUX reside in directory “pxelinux.cfg/”. PXELINUX uses the following method to search for the appropriate configuration file:

  • The hardware type (using its ARP type code) and address, all in lower case hexadecimal with dash separators; for example, for an Ethernet (ARP type 1) with address 88:99:AA:BB:CC:DD it would search for the file-name 01-88-99-aa-bb-cc-dd.
  • Alternatively, the file could be named after the client IP address or range in upper case hexadecimal, e.g. 192.0.2.91 -> C000025B
  • A file named default

To group client systems together by IP, continuously remove one hex digit from the hexadecimal IP address (this could be combined with dhcpd.conf matching to assign discrete IP ranges to various client types). As an example, if the boot file name is pxelinux.0, the Ethernet MAC address is 88:99:AA:BB:CC:DD and the IP address 192.0.2.91, it will try following the files:

pxelinux.cfg/01-88-99-aa-bb-cc-dd
pxelinux.cfg/C000025B
pxelinux.cfg/C000025
pxelinux.cfg/C00002
pxelinux.cfg/C0000
pxelinux.cfg/C000
pxelinux.cfg/C00
pxelinux.cfg/C0
pxelinux.cfg/C
pxelinux.cfg/default

Source

LVM

The system-config-kickstart GUI does not support LVM, but an LVM configuration can be added to ks.cfg.

If the boot server was configured with LVM, an example configuration can be found in the file /root/anaconda.ks:

EXAMPLE 1

clearpart --all --drives=sda
volgroup VolGroup --pesize=4096 pv.008002
logvol  / --fstype=ext4 --name=lv_root --vgname=VolGroup --grow --size=1024 --maxsize=51200
logvol swap --name=lv_swap --vgname=VolGroup --grow --size=992 --maxsize=992
part   /boot --fstype=ext4 --size=500
part   pv.008002 --grow --size=1

EXAMPLE 2

part     pv.01      --size=1000     --grow	--size=1        --ondisk=sda
volgroup   vg00 pv.01
logvol     /        --vgname=vg00   --fstype=ext3   --size=8192     --name=lvroot
logvol     /var     --vgname=vg00   --fstype=ext3   --size=8192     --name=lvvar
logvol     /tmp     --vgname=vg00   --fstype=ext3   --size=2048     --name=lvtmp
logvol     /usr     --vgname=vg00   --fstype=ext3   --size=8192     --name=lvusr

Troubleshooting

DHCP

If dhcpd fails to start, check /var/log/messages. It will give the line number of the configuration file near which an issue was identified

TFTP

If the client connnection times out, the firewall is probably blocking TFTP (see below). If the client returns an error “permission denied” or “operation not supported”, the issue is likely SELinux blocking the tftp daemon from accessing the requested files. See /var/log/messages for more information.

Firewall

To check if the firewall is causing a problem, temporarily disable it with the command

service iptables stop

SELinux

To check if SELinux is causing a problem, temporarily disable it with the following steps:

vi /etc/selinux/config
#SELINUX=enforcing
SELINUX=permissive
:wq!
init 6

Related Articles:


ABOUT US
Seeds of Genius, Inc. offers a full range of IT solutions including hardware and software products in addition to consulting, installation and support services. For more information, please visit our main web site at http://www.seedsofgenius.com or contact our Technical Sales department at (410) 312-9806.