Cisco Cloud Object Storage Release 3.22.1 User Guide
- Updated:
- April 4, 2019
Chapter: PXE Network Installation
PXE Network Installation
Beginning with Release 3.5.2, COS supports network installation using the Intel Preboot Execution Environment (PXE). PXE provides a way to download a network bootstrap program (NBP) to remotely boot or install a client. When combined with the Red Hat Enterprises network installation feature using NFS, FTP, or HTTP, PXE can be used to install a COS client over the network.
Setting up a PXE installation for COS requires the following steps:
- Setting up a DHCP or Proxy DHCP Server
- Configuring TFTP for PXE
- Setting up a Network Installation Server
- Enabling PXE Boot in BIOS
These procedures are based on a Red Hat Enterprise Linux (RHEL) or CentOS Linux 6.4 distribution, and assume that yum has already been configured to install the necessary packages.
Note
Each network service may require that you apply filter rules to the iptables firewall service. The steps described below account for any firewall filters needed. In a lab or other environment where the iptables service has been disabled, you do not need to apply filter rules.
Setting up a DHCP or Proxy DHCP Server
A DHCP or Proxy DHCP server is needed to supply the necessary PXE boot options. These options include the name of the NBP and the location of the TFTP server from which the NBP can be downloaded.
A Proxy DHCP server is an alternative to a DHCP server for PXE when an existing DHCP server cannot be directly administered. A DHCP server and a Proxy DHCP server can coexist on the same network. A Proxy DHCP server only responds to PXE client requests, and only supplies PXE boot information to a PXE client. A DHCP server is still needed to provide an IP address to the PXE client.
If there is an existing DHCP server on the network segment where the COS nodes are being configured, skip the DHCP server installation and continue with the configuration of DHCP PXE options. If you cannot modify the DHCP server, you must configure a Proxy DHCP server for PXE.
Installing and Configuring the DHCP Server for PXE
A PXE client acquires its IP address from a DHCP server. The DHCP server package (dhcp) provided by RHEL 6.4 contains the Internet Systems Consortium DHCP Server, version 4.1.1.
Install the ISC DHCP Server
Install the DHCP server package dhcp as follows:
Configure DHCP Address Pool and Options
Edit the DHCP configuration file /etc/dhcp/dhcpd.conf to define lease options and an address pool for DHCP clients. Use values appropriate to the network segment where the DHCP server will reside.
The following example shows how to define a subnet along with a router and address pool.
Defining DHCP PXE Options and Class
Add support for PXE clients to the DHCP configuration file as shown in the following example:
This code defines the four DHCP options that must be provided to the PXE client in order to boot:
It also defines a PXE class, which is applied to incoming DHCP requests from PXE clients that use the vendor class identifier PXEClient.
Defining Known Clients (Optional)
It is possible to configure DHCP to only respond to known clients.
Step 1 Add a host statement to the DHCP configuration file.
Step 2 Add the statement allow known-clients to the address pool declaration.
Note To use a static address for a host, use the fixed-address statement in the host declaration.
Configuring IPTables for DHCP
The ISC DHCP service uses raw sockets that bypass IP filtering, so you do not need to add a rule for iptables.
However, if you should need a rule for DHCP, add the rule
to the iptables rules table /etc/sysconfig/iptables to allow UDP ports 67 and 68, as shown in the following example:
Note You must insert any new rules before the final INPUT and FORWARD chain rules. Otherwise, the new rules are ignored.
Enabling and Starting DHCP Service
Enable and start the DHCP service as follows:
Step 1 Change the SELinux enforcing mode from Enforcing to Permissive.
Note ● This setting allows the DHCP server to set file permissions on its lease devices.
- This setting reverts to the default value after the server reboots. To avoid this, open the file /etc/sysconfig/selinux in an editor and change the related line to SELINUX=permissive.
Step 2 As root, enable the DHCP service dhcpd and start it.
Proxy DHCP Server for PXE
A Proxy DHCP server is only needed when it is not possible to install or configure an existing DHCP server for PXE. The ISC DHCP server cannot be configured to act as a proxy server for PXE, so another solution must be used. One such solution is the python implementation found at GitHub at:
https://github.com/gmoro/proxyDHCPd
This older python source requires the following edits to run on a RHEL or CentOS 6.4 (x86_64) install.
Installing proxyDHCPd
Step 1 Download proxyDHCPd-master.zip file from GitHub and unzip it on the server destined to be the Proxy DHCP server.
Step 2 In the proxyDHCPd-master/proxydhcpd subdirectory, edit file net.py to change the line
Note This change is needed because the C structure python unpacks from the ioctl call, which is used to get the list of interfaces, changed in size with the 64-bit Intel install of RHEL 6.4.
Configuring proxyDHCPd
Step 1 Copy the sample configuration file proxy.ini to /etc/proxyDHCPd/proxy.ini:
Step 2 In the proxy.ini configuration file, edit the lines for listen_address, tftpd, and filename, and comment or remove the line vendor_specific_information.
Here, listen_address is the IP address of the local interface on which the service will listen, tftpd is the address of the TFTP server, and filename the name of the bootstrap program.
Running proxyDHCPd
To start proxyDHDPd as a daemon, execute the following command:
Configuring iptables for Proxy DHCP
In addition to using UDP ports 67 and 68 for DHCP, the Proxy DHCP server also listens on UDP port 4011. So, open port 4011 with iptables as well.
Configuring TFTP for PXE
TFTP is used by PXE clients to download the NBP.
Installing TFTP Server
Step 1 Install the xinetd and tftp-server packages, and then reload the xinetd service to pick up the changes.
The configuration file for the TFTP service is /etc/xinetd.d/tftp.
Step 2 Use the default settings and set up the SysLinux boot loader pxelinux.0 in the TFTP root directory, which is /var/lib/tftpboot.
Configuring iptables for TFTP
to the iptables rules file /etc/sysconfig/iptables to allow TCP and UDP port 69, as shown in the following example:
Note You must insert any new rules before the final INPUT and FORWARD chain rules. Otherwise, the new rules are ignored.
Step 2 Once the new filter rules have been added, restart the iptables service:
Setting up the PXELINUX Bootstrap Program
After the TFTP server is installed, the next step is to set up the SysLinux PXELINUX bootstrap program.
Installing the Syslinux Package
Step 1 Install the Syslinux package, or extract its contents into a directory using rpm2cpio.
Step 2 Copy the PXELINUX bootstrap program pxelinux.0 and the text menu program menu.c32 (or the graphical menu program vesamenu.c32) from the Syslinux package to the TFTP root directory at /var/lib/tftpboot/.
Configuring PXELINUX
Under /var/lib/tftpboot/, create the PXELINUX configuration directory pxelinux.cfg.
In this directory, create a boot configuration file for the client. This file is read by the PXELINUX boot loader and defines the install options for the client. The configuration file can be specific to a client, as determined by the Ethernet MAC address, IP address, or UUID string, or there can be a default configuration file named default.
The PXELINUX documentation at http://www.syslinux.org/wiki/index.php/PXELINUX shows the order in which the PXE client requests configuration files.
The following example shows the query order for configuration files for a client with UUID b8945908-d6a6-41a9-611d-74a6ab80b83d, IP address 192.168.2.91, and Ethernet MAC address 88:99:AA:BB:CC:DD:
The following example shows a PXELINUX configuration file for COS:
Note For the C3260-IOE platform (UCSC-C3K-IOE-4U8), the variable "rdblacklist" should not include "ixgbe" as the PXE install needs to use one of the IOE 10Gb ports so the driver cannot be blacklisted.
This PXELINUX configuration defines two menu labels. The menu label cos installs COS 3.18.1, and the menu label local will cause the client to boot from the local hard drive. The timeout value is in tenths of a second. After the timeout expires, the default menu choice will be cos.
Kernel Boot Options
In the configuration example above:
- The append statement describes the kernel command line boot options passed to the vmlinux binary.
- The rdblacklist option tells initrd to not load the e1000e and ixgbe drivers. This allows the igb management port driver to load first as network device eth0.
- The ksdevice option tells anaconda which device to use for the network install. On a CDE460 with two Intel gigabit ports (eth0 and eth1), the ksdevice boot option is necessary to keep anaconda from prompting for the network device to use for the installation. This also applies to UCS S3160 server, which has multiple enic network devices.
- The ks boot option indicates the location of the COS kickstart file, ks_auto.cfg. The repo option tells anaconda the location of the COS installation media.
- The ks_zerombr boot option tells anaconda to initialize the MBR of any drives with invalid partition tables. This is necessary when installing new hardware with uninitialized drives.
- The ks_baud_rate and text boot options are optional. ks_baud_rate is used to specify the serial terminal baud rate; the default rate is 9600. The text option tells anaconda to use a text-based rather than a GUI-based installation.
Setting up the Linux Kernel Executable
Finally, set up the Linux kernel executable vmlinuz and the initial RAM disk initrd that the PXELINUX boot loader uses to start Linux, as follows:
Step 1 In /var/lib/tftpboot/, create the directory cos.
Step 2 Copy the vmlinux and initrd.img files from the COS full install DVD into this directory.
The directory structure of /var/lib/tftpboot/ should now appear as shown below:
Setting up a Network Installation Server
After the PXELINUX bootstrap program is loaded and starts the COS installation, anaconda installs the required packages from the COS installation media from a remote NFS, FTP, or HTTP network server.
The repo boot option, passed to the Linux kernel during installation, indicates which method to use for network installation. The format of this boot option is described in the Red Hat Enterprise Linux 6 Installation Guide.
The format for FTP, HTTP, and NFS installation methods are as follows:
repo=ftp://username:password@host/path
After choosing an installation method:
Step 1 Add the repo=xxx:// parameter for the method to the append keyword in the PXELINUX menu configuration file /var/lib/tftpboot/pxelinux.cfg/default.
Step 2 Set up the necessary installation server.
Setting Up the FTP Server
The FTP server can be accessed using anonymous FTP or with an account name and password. Unless you require an FTP account name and password, the easiest way is to use anonymous FTP.
Step 1 Install the FTP server package vsftpd.
Step 2 Enable the vsftpd service and start it.
Step 3 Create a directory for the COS installation media under /var/ftp.
Step 4 Either copy or mount the installation media to this directory.
The following example creates the media directory /var/ftp/image/COS/3.18.1/. To change the anonymous root location, edit /etc/vsftpd/vsftpd.conf and add an anon_root=/path option.
Step 5 Configure iptables for FTP by adding the filter rules
to the iptables rules file /etc/sysconfig/iptables to allow TCP ports 20 and 21, as shown in the following example:
Step 6 Restart the iptables service to read the new changes.
Setting Up the HTTP Server
Step 1 Install the HTTP server package httpd.
Step 2 Enable the httpd service and start it.
Step 3 Create a directory for the COS installation media under /var/www/html.
Step 4 Copy or mount the installation media to this directory.
The following example creates the media directory /var/www/html/image/COS/3.18.1.
Step 5 Configure iptables for HTTP by adding the filter rules
to the iptables rules file /etc/sysconfig/iptables to allow TCP port 80, as shown in the following example:
Step 6 Restart the iptables service to read the new changes.
Setting Up the NFS Server
Step 1 Install the NFS server package nfs-utils.
Step 2 Edit /etc/sysconfig/nfs and uncomment the lines for LOCKD_TCPPORT, LOCKD_UDPPORT, MOUNT_PORT, and STATD_PORT.
Step 3 Enable the nfs service and start it.
Step 4 Create a directory for the COS installation media under /var/nfs.
Step 5 Copy or mount the installation media to this directory.
The following example creates the media directory /var/nfs/image/COS/3.18.1.
Step 6 Configure NFS exports by adding a read-only entry for the installation media path to the NFS exports file /etc/exports.
Step 7 Instruct NFS to re-read the /etc/exports file:
Step 8 Configure iptables for NFS by adding the filter rules
to the iptables rules file /etc/sysconfig/iptables to allow TCP and UDP port 2049 for NFS. Also allow TCP and UDP port 111 (sunrpc), TCP port 32803 and UDP port 32769 (lockd), TCP and UDP port 892 (mountd), and TCP and UDP port 662 (statd).
Step 9 Restart the iptables service to read the new changes.
Enabling PXE Boot in BIOS
Enabling the PXE Option ROM
Server platforms vary in the way that the PXE option ROM is enabled for a network interface in BIOS. Only the management interface should be PXE enabled. All other network interfaces should disable PXE to speed up the boot process.
BIOS Boot Order
The boot order is typically arranged to boot from any bootable disks first, followed by any interfaces that have PXE enabled. In this case, a new machine from manufacturing with no bootable disks will attempt to boot using PXE. Once COS is installed, the machine will then continue to boot from disk.
Another option, possibly useful for a lab environment, is to allow a machine to always boot from the network first. In this case, the PXELINUX default menu option is set to boot from the local disk after the menu timer has expired. This allows a tester to choose whether to reinstall COS every time the machine restarts. After a small delay (10 seconds or so), the machine boots to disk.
Forcing PXE Boot Using IPMI
If the IPMI management interface is configured on the server, another option is use the ipmitool utility that ships with COS to control the boot order. IPMI can also be used to force a PXE boot the next time the server is restarted. Using this method, a deployment service could deploy a new install image.
Feedback