02-06-2021

https://youtu.be/-HK1KLbisNY

https://youtu.be/4LTNixANuoU

PXE-Server

What is a PXE server? A Preboot eXecution Environment, pronounce pixie. PXE is one of the components of the server installation, which allows a server to boot from a PXE server on a network prior to booting from OS on the local hard drive. This is used for mass installation of the servers without the need for DVD or USB.

Directory: /etc/sysconfig/network-scripts, / etc/xinetd.d/tftp, /usr/share/syslinux/pxelinux.0, /var/lib/tftpboot, /var/lib/tftpboot/pxelinux.cfg, networkboot, /mnt/images/pxeboot/

Config file: /etc/sysconfig/network-scripts/ifcfg-enp0s3, /etc/hostname, /etc/dhcp/dhcpd.conf, etc/xinetd.d/tftp, CentOS-7-x86_64-DVD-1908.iso, andaconda.cfg, centos7.cfg, /var/lib/tftpboot/pxelinux.cfg

Port #: 69, 4011

Package: dhcp tftp tftp-server syslinux vsftpd xinetd

Services: xinetd, dhcpd, vsftpd, tftp, firewalld

Protocol: tcp, udp

Command:

URL:

Configure PXE [network boot] installation server

Server ip = 192.168.56.133

Hostname = pxe01.zmpt.com

Set static ip and hostname

[root@pxe01 ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE=Ethernet

DEVICE=enp0s3

NAME=enp0s3

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.56.133

NETMASK=255.255.255.0

HWADDR=08:00:27:27:7f:f7

[root@zmpt01 ~]# vi /etc/hostname

pxe01.zmpt.com

Install the required packages

[root@pxe01 ~]# yum install -y dhcp tftp tftp-server syslinux vsftpd xinetd

Configure DHCP server – Dynamic host control Protocol

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks, whereby a DHCP server dynamically assigns an IP address

Configure the DHCP configuration file – copy and paste – edit as needed

[root@pxe01 ~]# vi /etc/dhcp/dhcpd.conf #< ---delete content and start from scratch

ddns-update-style interim;

ignore client-updates;

authoritative;

allow booting;

allow bootp;

allow unknown-clients;

subnet 192.168.56.0 netmask 255.255.255.0 {

range 192.168.56.171 192.168.56.200;

option domain-name-servers 192.168.56.133;

option domain-name "pxeboot.zmpt.com";

option routers 192.168.56.133;

option broadcast-address 192.168.56.255;

default-lease-time 600;

max-lease-time 7200;

# IP of PXE Server

next-server 192.168.56.133;

filename "pxelinux.0";

}

Config TFTP server file – Trivial File Transfer Protocol

No edit required

[root@pxe01 ~]# vi /etc/xinetd.d/tftp

{

socket_type = dgram

protocol = udp

wait = yes

user = root

server = /usr/sbin/in.tftpd

server_args = -s /var/lib/tftpboot #< --- Network boot related file goes here

disable = yes

per_source = 11

cps = 100 2

flags = IPv4

}

Copy network boot related files to /var/lib/tftpboot – 5 files

[root@pxe01 tftpboot]# cp -v /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

[root@pxe01 tftpboot]# cp -v /usr/share/syslinux/menu.c32 /var/lib/tftpboot/

[root@pxe01 tftpboot]# cp -v /usr/share/syslinux/memdisk /var/lib/tftpboot/

[root@pxe01 tftpboot]# cp -v /usr/share/syslinux/mboot.c32 /var/lib/tftpboot/

[root@pxe01 tftpboot]# cp -v /usr/share/syslinux/chain.c32 /var/lib/tftpboot/

[root@pxe01 tftpboot]# pwd

/var/lib/tftpboot

[root@pxe01 tftpboot]# ls

chain.c32 mboot.c32 memdisk menu.c32 pxelinux.0

Make a directory in tftpboot folder

[root@pxe01 tftpboot]# pwd

/var/lib/tftpboot

[root@pxe01 tftpboot]# mkdir pxelinux.cfg

[root@pxe01 tftpboot]# mkdir networkboot

[root@pxe01 tftpboot]# ls -l

total 172

-rw-r--r--. 1 root root 20832 Feb 6 16:20 chain.c32

-rw-r--r--. 1 root root 33628 Feb 6 16:20 mboot.c32

-rw-r--r--. 1 root root 26140 Feb 6 16:19 memdisk

-rw-r--r--. 1 root root 55140 Feb 6 16:19 menu.c32

drwxr-xr-x. 2 root root 6 Feb 6 16:23 networkboot

-rw-r--r--. 1 root root 26759 Feb 6 16:19 pxelinux.0

drwxr-xr-x. 2 root root 6 Feb 6 16:23 pxelinux.cfg

Copy the iso file to the server

[root@pxe01 ~]# ls -ltrh

total 4.4G

-rw-r--r--. 1 root root 4.4G Dec 27 2019 CentOS-7-x86_64-DVD-1908.iso

drwxr-xr-x. 2 root root 6 Dec 6 14:59 dir2

-rw-r--r--. 1 root root 0 Dec 6 14:59 file2

-rw-rw-rw-. 1 root root 0 Dec 6 15:11 file3

drwxrwxrwx. 2 root root 6 Dec 6 15:12 dir3

[root@pxe01 ~]# mount -o loop CentOS-7-x86_64-DVD-1908.iso /mnt

mount: /dev/loop0 is write-protected, mounting read-only

[root@pxe01 ~]# df -h

Filesystem Size Used Avail Use% Mounted on

devtmpfs 484M 0 484M 0% /dev

tmpfs 496M 0 496M 0% /dev/shm

tmpfs 496M 6.9M 489M 2% /run

tmpfs 496M 0 496M 0% /sys/fs/cgroup

/dev/mapper/centos-root 14G 6.1G 7.4G 46% /

/dev/loop0 4.4G 4.4G 0 100% /mnt

/dev/sda1 1014M 136M 879M 14% /boot

tmpfs 100M 0 100M 0% /run/user/0

Now copy to /var/ftp/pub – directory

[root@pxe01 mnt]# pwd

/mnt

[root@pxe01 mnt]# cp -av * /var/ftp/pub

Copy Kernel Files

[root@pxe01 mnt]# cd /mnt/images/pxeboot/

[root@pxe01 pxeboot]# ls -l

total 60360

-rw-r--r--. 2 root root 55073584 Sep 6 2019 initrd.img

-r--r--r--. 1 root root 441 Sep 11 2019 TRANS.TBL

-rwxr-xr-x. 2 root root 6734016 Aug 7 2019 vmlinuz

[root@pxe01 pxeboot]# cp initrd.img /var/lib/tftpboot/networkboot/

[root@pxe01 pxeboot]# cp vmlinuz /var/lib/tftpboot/networkboot/

Unmount the cd

[root@pxe01 ~]# umount /mnt

Set the encription - SSL (Secure Sockets Layer) – save the generated encryption key

[root@pxe01 ~]# openssl passwd -1 redhat

$1$qvYA3uE2$jFmQN3bDPC13U41b8OegF/

Copy anaconda-ks.cfg from the /root folder, if not available , copy from another computer or online

[root@pxe01 ~]# cp anaconda-ks.cfg /var/ftp/pub/

Rename anacomda-ks.cfg to centos7.cfg

[root@pxe01 pub]# mv anaconda-ks.cfg centos7.cfg

Modify the fields as shown

[root@pxe01 pub]# vi centos7.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

#Firewall configuration

firewall --disabled

#Install OS

install

#Use FTP Installation Media

url --url="ftp://192.168.56.133/pub"

#Root password

rootpw --iscrypted $1$qvYA3uE2$jFmQN3bDPC13U41b8OegF/

# System authorization information

auth --enableshadow --passalgo=sha512

# Use graphical install

graphical

# Run the Setup Agent on first boot

firstboot disable

# Keyboard layouts

keyboard us

# System language

lang en_US

#SELinux configuration

selinux disabled

#Installation logging level

logging level=info

# System timezone

timezone America/New_York --isUtc

# System bootloader configuration

bootloader --location=mbr

# Partition clearing information

clearpart --all --initlabel

part swap --asprimary --fstype="swap" ---size-1024

part /boot --fstype xfs --size=1024

part pv.01 --size=1 --grow

volgroup zmpt01 pv.01

logvol / --fstype xfs --name=lv_01 --vgname=zmpt01 --size=1 --grow

%packages

@^minimal

@core

%end

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

Change the centos7.cfg to allow file execution

[root@pxe01 pub]# ls -l centos7.cfg

-rw-------. 1 root root 1006 Feb 7 14:31 centos7.cfg

[root@pxe01 pub]# chmod 755 centos7.cfg

Config file explaination – centos7.cfg

#platform=x86, AMD64, or Intel EM64T #< ---Architecture of processor

#version=DEVEL

#Firewall configuration #< ---Disable the firewall

firewall --disabled

#Install OS #< --- OS Install

Install

#Use FTP Installation Media #< ----FTP server folder location

url --url="ftp://192.168.56.133/pub"

# System authorization information #< ---Authorication of password file

auth --enableshadow --passalgo=sha512

#Root password #< --- root password generated

rootpw --iscrypted $1$qvYA3uE2$jFmQN3bDPC13U41b8OegF/

# Use graphical install #< ---Graphical Mode Installation

graphical

# Run the Setup Agent on first boot

firstboot disable

# Keyboard layouts # < --- Default setting

keyboard us

# System language

lang en_US

#SELinux configuration

selinux disabled

#Installation logging level

logging level=info

# System timezone

timezone America/New_York --isUtc

# System bootloader configuration

bootloader --location=mbr

# Partition clearing information

clearpart --all --initlabel

part swap --asprimary --fstype="swap" ---size-1024

part /boot --fstype xfs --size=1024

part pv.01 --size=1 --grow

volgroup zmpt01 pv.01

logvol / --fstype xfs --name=lv_01 --vgname=zmpt01 --size=1 --grow

%packages

@^minimal

@core

%end

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

PXE boot Menu – Create ‘default’ file

[root@pxe01 pxelinux.cfg]# pwd

/var/lib/tftpboot/pxelinux.cfg

[root@pxe01 pxelinux.cfg]# vi default

default menu.c32

prompt 0

timeout 30

MENU Title zmprotech PXE installation

LABEL centos7_x64 bits

MENU LABEL Centos7_64

KERNEL /networkboot/vmlinuz

APPEND initrd=/networkboot/initrd.img inst.repo=ftp://192.168.56.133/pub

ks=ftp://192.168.56.133/pub/cento7.cfg

Start all the required services

[root@pxe01 pxelinux.cfg]# systemctl start xinetd

[root@pxe01 pxelinux.cfg]# systemctl enable xinetd

[root@pxe01 pxelinux.cfg]# systemctl start dhcpd

Job for dhcpd.service failed because the control process exited with error code. See "systemctl status dhcpd.service" and "journalctl -xe" for details.

[root@pxe01 pxelinux.cfg]# systemctl enable dhcpd

Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.

[root@pxe01 pxelinux.cfg]# systemctl start vsftpd

[root@pxe01 pxelinux.cfg]# systemctl enable vsftpd

Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.

[root@pxe01 pxelinux.cfg]# systemctl start tftp

[root@pxe01 pxelinux.cfg]# systemctl enable tftp

Created symlink from /etc/systemd/system/sockets.target.wants/tftp.socket to /usr/lib/systemd/system/tftp.socket.

[root@pxe01 pxelinux.cfg]#

SELinux exception – allow through SELinux

[root@pxe01 ~]# setsebool -P allow_ftpd_full_access 1

Open ports in firewall