Sunday, July 31, 2016

Kickstart Implementation In Linux Without PXE

Steps of doing automated kickstart installation on RHEL systems  without  PXE boot and using static IP address.

Some Key Points:-

- Kickstart is ideally be suited for DHCP based environment with PXE enabled network cards.

- If there is no PXE enabled network card then initial manual effort is required.

- Kickstart would use NetworkManager (NM) daemon for initial fetch of “*.cfg” file and boot files over network.


- Central Server with RHEL ISO image which can be accessed over HTTP/FTP/NFS network.

- Customized *.cfg file which is accessible over network with required answer parameters which are otherwise provided during manual installation.

- New, un-used IP as per requirements.

- FQDN (Fully Qualified Domain Name) (not mandatory).

Build Environment:-

- Central Server:- RHEL 6.7 x86_64 bit OS On VMware Workstation 11.

Step 1: Create Central Repo

- Mount the RHEL 6.x ISO image or CD/DVD and copy all files.

 # mount -t iso9660 /dev/cdrom /media -o ro,loop,users

 # mkdir -p /var/www/html/rhel67

 # cp -arv /media/* /var/www/html/rhel67/

- Also, copy “.treeinfo” file from the image.

To cut down the task of file copy, you could get "/var/www/html/rhel67" directory bind with "media" directory as shown below:-

 # mount --bind /media /var/www/html/rhel67

- Make sure that this directory and files is accessible over 'http' (start httpd if not started so that these files are accessible). 

Step 2: Creating ks.cfg File

- Turn off 'Iptables' if enabled, otherwise, allow port 80/443 via iptables/firewalld to be accessible from other servers.

- Create a customized 'ks.cfg' file, otherwise, copy from '/root/anaconda-ks.cfg' file from a running system and modify it as required. 

-----------------------Sample ks.cfg file---------------------

url --url
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto static --ip --netmask --gateway --noipv6
rootpw  --iscrypted $6$/q08oGGDPneWfCST$rxyzDcAXOATEfHOZeQQvZNft9rTZgN26G/fpz1GfHKLP4yBhWUWOOssMwykA7RFgtNQdwOCk.tPvzrzv2pUgu.
# Reboot after installation
firewall --service=ssh
authconfig --enableshadow --passalgo=sha512
selinux --enforcing
timezone --utc Asia/Kolkata
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
clearpart --all

#boot partition is of size 800MB
#swap size of 1000MB
#PV created for volumegroup for root and other file systems

part /boot --fstype=ext4 --size=800
part pv.01 --size=15356
part pv.02 --ondrive=sdb --size=1000 --grow
part swap --size=1000

volgroup vg_rhel67 pv.01
volgroup vg_data pv.02

logvol /home --fstype=ext4 --name=homelv --vgname=vg_rhel67 --size=2000
logvol / --fstype=ext4 --name=rootlv --vgname=vg_rhel67 --size=3352
logvol /tmp --fstype=ext4 --name=tmplv --vgname=vg_rhel67 --size=1000
logvol /usr --fstype=ext4 --name=usrlv --vgname=vg_rhel67 --size=2500
logvol /var --fstype=ext4 --name=varlv --vgname=vg_rhel67 --size=6000

logvol /data --fstype=ext4 --name=datalv --vgname=vg_data --size=500 --grow

@General Purpose Desktop
@Internet Browser
@Printing client
@X Window System

------------------Sample ks.cfg file--------------

Kickstart Parameters:- Some of the kickstart parameters are :-

“ install ”

- This specifies to start a fresh installation.

“ url --url

- This indicates from where the installation source has to be fetched. In this case, I’m using http, it could also be done using ftp/nfs protocols.

“ network --onboot yes --device eth0 --bootproto static --ip --netmask --gateway --noipv6 ”

- Here, network parameters are set up for the deployment. IP Address, Subnet Mask, Gateway etc. are set.

“ rootpw  --iscrypted $6$/q08oGGDPneWfCST$rxyzDcAXOATEfHOZeQQvZNft9rTZgN26G/fpz1GfHKLP4yBhWUWOOssMwykA7RFgtNQdwOCk.tPvzrzv2pUgu. ”

- This is the encrypted password using 'SHA512' hashing algorithm. This can be setup using “grub-crypt command” if required. For example, if it is required to generate a password using 'MD5' encryption algorithm, then we could get it done as shown below:-

# grub-crypt --md5
-> Generate encrypted password as per requirement and add it here.

“ firewall --service=ssh ”

- Default iptables is set to start and enabled with SSH being allowed. If this is not required then we could disable this as shown below:-

firewall --disable

“ authconfig --enableshadow --passalgo=sha512 ”

- This sets the SHA512 encryption algorithm being used for local password and shadow to be implemented.

“ selinux --enforcing ”

- SElinux is enabled and set into enforcing mode.

“ timezone --utc Asia/Kolkata ”

- Timezone is set here.

“ bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet" ”

- This specifies where the bootloader being installed and crash parameters.

“ zerombr ”

- If zerombr is specified then any invalid partition tables found on disks gets initialized. This destroys all of the contents of disks with invalid partition tables. This command is required when performing an unattended installation on a system with previously initialized disks.

“ clearpart --all ”

Removes all partitions from the system, prior to creation of new partitions. By default, no partitions are removed.

- In the next section, it is the disk partitioning configuration which is listed. The '/boot' is created as a separate physical partition with size of 800 MB, Swap with size of 1 GB, a PV (physical volume) created with size of almost 15 GB, and rest of the file systems including root and others are created on top of logical volumes.

-> part pv.01 --size=15356

          -> This has created a partition of size 15356 MB on first hard drive found.

-> part pv.02 --ondrive=sdb --size=1000 --grow

          -> This has carved a partition on “sbd” with minimum size of 1000 MB and extend up to maximum to occupy remaining space on the drive.

          -> Like-wise these partitions can be created on any specific block device if needed.

“ %packages
@desktop ”

- This tells what package/package groups to be installed. Anything begins with @ indicates package group to be installed and this should be specified one per line. Also, individual packages can be also be specified one per line.

Note that the Core and Base groups are always selected by default, so it is not necessary to specify them in the %packages section.

“ %post ”

- All post installation process/steps could be added here. I’ve added steps to remove NetworkManager package, since it would not be required on most RHEL 6 systems.

Step 3: Start Installation via Kickstart File

- Bring up new RHEL system (physical or virtual) with RHEL DVD or ISO image.

- At the boot prompt hit “Tab” key and enter the command parameter to pass the details as shown here and once done, hit “Enter” key.

- If any of the parameters are missing or invalid then installation would stop and prompts for user intervention.

-This would configure eth0 network interface on pre-build mode and look for ks.cfg file over network for automated answers and would start installation using the ISO image mounted remotely.

- NetworkManager would configure network interface with specified details to establish connection to the remote system to fetch further details....

- File System creation using underlying block devices as specified in the kickstart file would be implemented at this stage. 

- Installation getting started..

- Package installation is in progress…..

- Once installation is completed, it would reboot and system would be ready for further configuration.

References:- 32.4. KickstartOption

       :- Skip manual process of entering boot parameters -:

- If you wish to skip the process of entering boot parameters on the first screen during kickstart non-PXE mode then, one could create a small boot ISO image with kickstart config file integrated. After this just boot up the new system using the newly built bootable image.

- Download the required 'boot.iso' image file from right source.

- In this example, I’m going to use the one found under installation media (ISO image).

- Create a directory for holding the boot files and copy files from 'isolinux' folder.

- Create a new kickstart file (ks.cfg) under '/tmp/mymedia' directory with the required boot parameters.

- Edit 'isolinux.cfg' file as required. Here, one could change the timeout value since it is required only for a fresh installation. Change the permission of this file before editing since it is by default read only.

- Make sure that the default menu stanza under 'isolinux.cfg' would read as shown below (especially the “append” line):-

- Since the task involved is only installation, I’ve removed other labels and stanzas from isolinux.cfg file.

- Now, create a bootable iso image using mkisofs command:-

“ mkisofs -r -T -J -b isolinux.bin -c -no-emul-boot -boot-load-size 4 -boot-info-table -v -o /tmp/linuxboot.iso. ”

 [root@host1 mymedia]# mkisofs -r -T -J -b isolinux.bin -c -no-emul-boot \
-boot-load-size 4 -boot-info-table -v -o /root/linuxboot.iso . 

I: -input-charset not specified, using utf-8 (detected in locale settings)
genisoimage 1.1.9 (Linux)
Scanning .
Excluded by match: ./
Excluded: ./TRANS.TBL
Writing:   Initial Padblock                        Start Block 0
Done with: Initial Padblock                        Block(s)    16
Writing:   Primary Volume Descriptor               Start Block 16
Done with: Primary Volume Descriptor               Block(s)    1
Writing:   Eltorito Volume Descriptor              Start Block 17
Size of boot image is 4 sectors -> No emulation
Done with: Eltorito Volume Descriptor              Block(s)    1
Writing:   Joliet Volume Descriptor                Start Block 18
Done with: Joliet Volume Descriptor                Block(s)    1
Writing:   End Volume Descriptor                   Start Block 19
Done with: End Volume Descriptor                   Block(s)    1
Writing:   Version block                           Start Block 20
Done with: Version block                           Block(s)    1
Writing:   Path table                              Start Block 21
Done with: Path table                              Block(s)    4
Writing:   Joliet path table                       Start Block 25
Done with: Joliet path table                       Block(s)    4
Writing:   Directory tree                          Start Block 29
Done with: Directory tree                          Block(s)    1
Writing:   Joliet directory tree                   Start Block 30
Done with: Joliet directory tree                   Block(s)    1
Writing:   Directory tree cleanup                  Start Block 31
Done with: Directory tree cleanup                  Block(s)    0
Writing:   Extension record                        Start Block 31
Done with: Extension record                        Block(s)    1
Writing:   The File(s)                             Start Block 32
 24.06% done, estimate finish Sat Jul 30 20:13:11 2016
 48.13% done, estimate finish Sat Jul 30 20:13:11 2016
 72.12% done, estimate finish Sat Jul 30 20:13:11 2016
 96.14% done, estimate finish Sat Jul 30 20:13:11 2016
Total translation table size: 4481
Total rockridge attributes bytes: 1143
Total directory bytes: 0
Path table size(bytes): 10
Done with: The File(s)                             Block(s)    20626
Writing:   Ending Padblock                         Start Block 20658
Done with: Ending Padblock                         Block(s)    150
Max brk space used 0
20808 extents written (40 MB)

- This would create the required bootable image file with kickstart config file as shown below:-

 [root@server2 mymedia]# file /tmp/linuxboot.iso 
/tmp/linuxboot.iso: ISO 9660 CD-ROM filesystem data 'CDROM' (bootable)

 [root@server2 mymedia]# du -sh /tmp/linuxboot.iso 
41M   /tmp/linuxboot.iso

- Copy this 'linuxboot.iso' image file and boot a new linux system/instance using this.

- NOTE:- Make sure to modify the required IP, file systems, packages as required in the original ISO image file which would be treated as source of installation. 

- This would start the installation as per customized and would complete and then reboot the system. 

- Once installation is done, it would reboot and a new system is up and ready:-

- That’s all..
Sadashiva Murthy M|RHCA

1 comment: