Beginning with Release 3.5.2, COS supports network installation using the Intel Preboot Execution Environment (PXE). PXE provides a way to download a network bootstrap program (NBP) to remotely boot or install a client. When combined with the Red Hat Enterprises network installation feature using NFS, FTP, or HTTP, PXE can be used to install a COS client over the network.
Setting up a PXE installation for COS requires the following steps:
These procedures are based on a Red Hat Enterprise Linux (RHEL) or CentOS Linux 6.4 distribution, and assume that yum has already been configured to install the necessary packages.
Note Each network service may require that you apply filter rules to the iptables firewall service. The steps described below account for any firewall filters needed. In a lab or other environment where the iptables service has been disabled, you do not need to apply filter rules.
A DHCP or Proxy DHCP server is needed to supply the necessary PXE boot options. These options include the name of the NBP and the location of the TFTP server from which the NBP can be downloaded.
A Proxy DHCP server is an alternative to a DHCP server for PXE when an existing DHCP server cannot be directly administered. A DHCP server and a Proxy DHCP server can coexist on the same network. A Proxy DHCP server only responds to PXE client requests, and only supplies PXE boot information to a PXE client. A DHCP server is still needed to provide an IP address to the PXE client.
If there is an existing DHCP server on the network segment where the COS nodes are being configured, skip the DHCP server installation and continue with the configuration of DHCP PXE options. If you cannot modify the DHCP server, you must configure a Proxy DHCP server for PXE.
A PXE client acquires its IP address from a DHCP server. The DHCP server package (dhcp) provided by RHEL 6.4 contains the Internet Systems Consortium DHCP Server, version 4.1.1.
Install the DHCP server package dhcp as follows:
Edit the DHCP configuration file /etc/dhcp/dhcpd.conf to define lease options and an address pool for DHCP clients. Use values appropriate to the network segment where the DHCP server will reside.
The following example shows how to define a subnet along with a router and address pool.
Add support for PXE clients to the DHCP configuration file as shown in the following example:
This code defines the four DHCP options that must be provided to the PXE client in order to boot:
It also defines a PXE class, which is applied to incoming DHCP requests from PXE clients that use the vendor class identifier PXEClient.
It is possible to configure DHCP to only respond to known clients.
Step 1 Add a host statement to the DHCP configuration file.
Step 2 Add the statement allow known-clients to the address pool declaration.
Note To use a static address for a host, use the fixed-address statement in the host declaration.
The ISC DHCP service uses raw sockets that bypass IP filtering, so you do not need to add a rule for iptables.
However, if you should need a rule for DHCP, add the rule
to the iptables rules table /etc/sysconfig/iptables to allow UDP ports 67 and 68, as shown in the following example:
Note You must insert any new rules before the final INPUT and FORWARD chain rules. Otherwise, the new rules are ignored.
Enable and start the DHCP service as follows:
Step 1 Change the SELinux enforcing mode from Enforcing to Permissive.
Note ● This setting allows the DHCP server to set file permissions on its lease devices.
Step 2 As root, enable the DHCP service dhcpd and start it.
A Proxy DHCP server is only needed when it is not possible to install or configure an existing DHCP server for PXE. The ISC DHCP server cannot be configured to act as a proxy server for PXE, so another solution must be used. One such solution is the python implementation found at GitHub at:
https://github.com/gmoro/proxyDHCPd
This older python source requires the following edits to run on a RHEL or CentOS 6.4 (x86_64) install.
Step 1 Download proxyDHCPd-master.zip file from GitHub and unzip it on the server destined to be the Proxy DHCP server.
Step 2 In the proxyDHCPd-master/proxydhcpd subdirectory, edit file net.py to change the line
Note This change is needed because the C structure python unpacks from the ioctl call, which is used to get the list of interfaces, changed in size with the 64-bit Intel install of RHEL 6.4.
Step 1 Copy the sample configuration file proxy.ini to /etc/proxyDHCPd/proxy.ini:
Step 2 In the proxy.ini configuration file, edit the lines for listen_address, tftpd, and filename, and comment or remove the line vendor_specific_information.
Here, listen_address is the IP address of the local interface on which the service will listen, tftpd is the address of the TFTP server, and filename the name of the bootstrap program.
To start proxyDHDPd as a daemon, execute the following command:
In addition to using UDP ports 67 and 68 for DHCP, the Proxy DHCP server also listens on UDP port 4011. So, open port 4011 with iptables as well.
TFTP is used by PXE clients to download the NBP.
Step 1 Install the xinetd and tftp-server packages, and then reload the xinetd service to pick up the changes.
The configuration file for the TFTP service is /etc/xinetd.d/tftp.
Step 2 Use the default settings and set up the SysLinux boot loader pxelinux.0 in the TFTP root directory, which is /var/lib/tftpboot.
to the iptables rules file /etc/sysconfig/iptables to allow TCP and UDP port 69, as shown in the following example:
Note You must insert any new rules before the final INPUT and FORWARD chain rules. Otherwise, the new rules are ignored.
Step 2 Once the new filter rules have been added, restart the iptables service:
After the TFTP server is installed, the next step is to set up the SysLinux PXELINUX bootstrap program.
Step 1 Install the Syslinux package, or extract its contents into a directory using rpm2cpio.
Step 2 Copy the PXELINUX bootstrap program pxelinux.0 and the text menu program menu.c32 (or the graphical menu program vesamenu.c32) from the Syslinux package to the TFTP root directory at /var/lib/tftpboot/.
Under /var/lib/tftpboot/, create the PXELINUX configuration directory pxelinux.cfg.
In this directory, create a boot configuration file for the client. This file is read by the PXELINUX boot loader and defines the install options for the client. The configuration file can be specific to a client, as determined by the Ethernet MAC address, IP address, or UUID string, or there can be a default configuration file named default.
The PXELINUX documentation at http://www.syslinux.org/wiki/index.php/PXELINUX shows the order in which the PXE client requests configuration files.
The following example shows the query order for configuration files for a client with UUID b8945908-d6a6-41a9-611d-74a6ab80b83d, IP address 192.168.2.91, and Ethernet MAC address 88:99:AA:BB:CC:DD:
The following example shows a PXELINUX configuration file for COS:
Note For the C3260-IOE platform (UCSC-C3K-IOE-4U8), the variable "rdblacklist" should not include "ixgbe" as the PXE install needs to use one of the IOE 10Gb ports so the driver cannot be blacklisted.
This PXELINUX configuration defines two menu labels. The menu label cos installs COS 3.18.1, and the menu label local will cause the client to boot from the local hard drive. The timeout value is in tenths of a second. After the timeout expires, the default menu choice will be cos.
In the configuration example above:
Finally, set up the Linux kernel executable vmlinuz and the initial RAM disk initrd that the PXELINUX boot loader uses to start Linux, as follows:
Step 1 In /var/lib/tftpboot/, create the directory cos.
Step 2 Copy the vmlinux and initrd.img files from the COS full install DVD into this directory.
The directory structure of /var/lib/tftpboot/ should now appear as shown below:
After the PXELINUX bootstrap program is loaded and starts the COS installation, anaconda installs the required packages from the COS installation media from a remote NFS, FTP, or HTTP network server.
The repo boot option, passed to the Linux kernel during installation, indicates which method to use for network installation. The format of this boot option is described in the Red Hat Enterprise Linux 6 Installation Guide.
The format for FTP, HTTP, and NFS installation methods are as follows:
repo=ftp://username:password@host/path
After choosing an installation method:
Step 1 Add the repo=xxx:// parameter for the method to the append keyword in the PXELINUX menu configuration file /var/lib/tftpboot/pxelinux.cfg/default.
Step 2 Set up the necessary installation server.
The FTP server can be accessed using anonymous FTP or with an account name and password. Unless you require an FTP account name and password, the easiest way is to use anonymous FTP.
Step 1 Install the FTP server package vsftpd.
Step 2 Enable the vsftpd service and start it.
Step 3 Create a directory for the COS installation media under /var/ftp.
Step 4 Either copy or mount the installation media to this directory.
The following example creates the media directory /var/ftp/image/COS/3.18.1/. To change the anonymous root location, edit /etc/vsftpd/vsftpd.conf and add an anon_root=/path option.
Step 5 Configure iptables for FTP by adding the filter rules
to the iptables rules file /etc/sysconfig/iptables to allow TCP ports 20 and 21, as shown in the following example:
Step 6 Restart the iptables service to read the new changes.
Step 1 Install the HTTP server package httpd.
Step 2 Enable the httpd service and start it.
Step 3 Create a directory for the COS installation media under /var/www/html.
Step 4 Copy or mount the installation media to this directory.
The following example creates the media directory /var/www/html/image/COS/3.18.1.
Step 5 Configure iptables for HTTP by adding the filter rules
to the iptables rules file /etc/sysconfig/iptables to allow TCP port 80, as shown in the following example:
Step 6 Restart the iptables service to read the new changes.
Step 1 Install the NFS server package nfs-utils.
Step 2 Edit /etc/sysconfig/nfs and uncomment the lines for LOCKD_TCPPORT, LOCKD_UDPPORT, MOUNT_PORT, and STATD_PORT.
Step 3 Enable the nfs service and start it.
Step 4 Create a directory for the COS installation media under /var/nfs.
Step 5 Copy or mount the installation media to this directory.
The following example creates the media directory /var/nfs/image/COS/3.18.1.
Step 6 Configure NFS exports by adding a read-only entry for the installation media path to the NFS exports file /etc/exports.
Step 7 Instruct NFS to re-read the /etc/exports file:
Step 8 Configure iptables for NFS by adding the filter rules
to the iptables rules file /etc/sysconfig/iptables to allow TCP and UDP port 2049 for NFS. Also allow TCP and UDP port 111 (sunrpc), TCP port 32803 and UDP port 32769 (lockd), TCP and UDP port 892 (mountd), and TCP and UDP port 662 (statd).
Step 9 Restart the iptables service to read the new changes.
Server platforms vary in the way that the PXE option ROM is enabled for a network interface in BIOS. Only the management interface should be PXE enabled. All other network interfaces should disable PXE to speed up the boot process.
The boot order is typically arranged to boot from any bootable disks first, followed by any interfaces that have PXE enabled. In this case, a new machine from manufacturing with no bootable disks will attempt to boot using PXE. Once COS is installed, the machine will then continue to boot from disk.
Another option, possibly useful for a lab environment, is to allow a machine to always boot from the network first. In this case, the PXELINUX default menu option is set to boot from the local disk after the menu timer has expired. This allows a tester to choose whether to reinstall COS every time the machine restarts. After a small delay (10 seconds or so), the machine boots to disk.
If the IPMI management interface is configured on the server, another option is use the ipmitool utility that ships with COS to control the boot order. IPMI can also be used to force a PXE boot the next time the server is restarted. Using this method, a deployment service could deploy a new install image.