Tuesday, July 27, 2010

Pxe-Kickstart-Automating-CentOS

In a previous post we looked at the install and setup of a kickstart server. One of the last steps that had to be taken as the client was to use an "append" at the boot prompt to assign the client a static ip address. This time we are going to look at setting up PXE services for clients to create a truly "hands-off" approach to installing desktops and servers with kickstart. I will be using the HTTP protocol again for my kickstart and I must say resources out there for the PXE/Kickstart/HTTP are really limited. It took a lot of trial and error to get this working, however the FTP and NFS method are much easier to implement.

You should already have a working kickstart server in place before setting up anything else in this post. For those that don't as a quick refresh you should have the following directory structure:

/var/www/pub
|-- CentOS
|-- images
    `-- pxeboot
|-- isolinux
    `-- isolinux.cfg
|-- kickstart
|-- repodata 
 
In the pxeboot folder should be vmlinuz and initrd.img files, and the kickstart folder should contain your kickstart file (test.cfg in our case). You can also refer to this earlier post to setup this up. Next you will need to setup a DHCP server first.
# yum -y install dhcp
# cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample /etc/dhcpd.conf
# vi /etc/dhcpd.conf

## /etc/dhcpd.conf file ##
ddns-update-style interim;
ignore client-updates;
authoritative;
allow booting;
allow bootp;

subnet 172.168.1.0 netmask 255.255.255.0 {
   # default gateway
   option routers    172.168.1.1;
   option subnet-mask   255.255.255.0;
   option domain-name   "mydomain.org";
   option domain-name-servers 172.168.1.1;
 
   # EST Time Zone
   option time-offset   -18000; 
 
   # Client IP range
   range dynamic-bootp 172.168.1.100 172.168.1.1.200;
   default-lease-time 21600;
   max-lease-time 43200;
 
   # PXE Server IP
   next-server 172.168.1.1;
   filename "pxelinux.0";
 
}

## END FILE ## 
 
Now you will need to save the file and set the service to start on boot.
# chkconfig dhcpd on
# service dhcpd restart

Now your DHCP server should be setup and working properly. You can test this if you'd like by allowing a client to lease an ip address from the server to verify that it is working (run the dhclient command on any linux box). Next we will need to setup a TFTP server to server up the PXE file to clients. We will need to install the server and configure it run with xinetd service. Essentially all you need to do is change the "disable" option to "yes".
# yum -y install tftp-server
# vi /etc/xinetd.d/tftp

## /etc/xinetd.d/tftp file ##

service tftp
{
        socket_type           = dgram
        protocol              = udp
        wait                  = yes
        user                  = root
        server                = /usr/sbin/in.tftpd
        server_args           -s /tftpboot
        disable               = no
        per_source            = 11
        cps                   = 100 2
        flags                 = IPv4
}

## END FILE ## 
 
Save the file and restart the service for it to take effect:
# service xinetd restart

Next is going to be the install of syslinux which is required to allow the clients to actually PXE boot.
# yum -y install syslinux

Simple enough. Next we will need to create the TFTP directory layout for the clients to PXE boot from.
# cd /
# mkdir tftpboot
# cd tftpboot
# mkdir images
# mkdir pxelinux.cfg
# cp /usr/share/syslinux/menu.c32 .
# cp /usr/share/syslinux/pxelinux.0 .

* Some will have to use /usr/lib/syslinux

Now your directory structure should be in place with the required files. Last we will just copy over the kernel for the clients to use when booting.
# cd images
# cp /var/www/pub/images/pxeboot/vmlinuz .
# cp /var/www/pub/images/pxeboot/initrd.img .

Finally we just need to make the PXE file that directs the clients where you boot from.
# cd /tftpboot/pxelinux.cfg
# vi default

## /tftpboot/default ##

default menu.c32
prompt 0
timeout 10

MENU TITLE PXE Menu

LABEL CentOS 5.4 x32
MENU LABEL CentOS 5.4 x32
KERNEL images/vmlinuz
append initrd=images/initrd.img linux ks=http://172.168.1.1/pub/kickstart/test.cfg

## END FILE ##

Once you save and close this file you are done with the setup! There is one small change I forgot to mention...you will need to adjust your firewall settings for these new services.
# vi /etc/sysconfig/iptables
# -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 67 -j ACCEPT
# -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 68 -j ACCEPT
# -A RH-Firewall-1-INPUT -m udp -p udp --dport 69 -j ACCEPT
#service iptables restart

That should do it. Now if many of you haven't guessed by now I use the following addresses on my "lab" network to perform these test installs:

DHCP Server: 172.168.1.1
DNS Server: 172.168.1.1
PXE Server: 172.168.1.1
Clients: 172.168.1.100 - 172.168.1.200

Most of this should be obvious from following this tutorial. Now try PXE booting your client and it should pickup all that it needs from the PXE server, boot the linux kernel into RAM, and begin executing your kickstart file for installation. I will note for those of you that are note using the HTTP protocol (NFS or FTP) there are very few changes that need to be made to this tutorial to make PXE booting work for you. In particular you will have a different directory layout when starting and the /tftpboot/default file will need to have the last line changed to the format of the protocol you are using.
By at
Labels: