Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 8. Performing an automated installation using Kickstart
8.1. Kickstart installation basics
The following provides basic information about Kickstart and how to use it to automate installing Red Hat Enterprise Linux.
8.1.1. What are Kickstart installations
Kickstart provides a way to automate the RHEL installation process, either partially or fully.
Kickstart files contain some or all of the RHEL installation options. For example, the time zone, how the drives should be partitioned, or which packages should be installed. Providing a prepared Kickstart file allows an installation without the need for any user intervention. This is especially useful when deploying Red Hat Enterprise Linux on a large number of systems at once.
Kickstart files also provide more options regarding software selection. When installing Red Hat Enterprise Linux manually using the graphical installation interface, the software selection is limited to pre-defined environments and add-ons. A Kickstart file allows you to install or remove individual packages as well.
Kickstart files can be kept on a single server system and read by individual computers during the installation. This installation method supports the use of a single Kickstart file to install Red Hat Enterprise Linux on multiple machines, making it ideal for network and system administrators.
All Kickstart scripts and log files of their execution are stored in the /tmp
directory of the newly installed system to assist with debugging installation issues. The kickstart used for installation as well as the Anaconda generated output kickstart are stored in /root
on the target system and that logs from kickstart scriptlet execution are stored in /var/log/anaconda
.
In previous versions of Red Hat Enterprise Linux, Kickstart could be used for upgrading systems. Starting with Red Hat Enterprise Linux 7, this functionality has been removed and system upgrades are instead handled by specialized tools. For details on upgrading to Red Hat Enterprise Linux 8, see Upgrading from RHEL 7 to RHEL 8 and Considerations in adopting RHEL.
8.1.2. Automated installation workflow
Kickstart installations can be performed using a local DVD, a local hard drive, or a NFS, FTP, HTTP, or HTTPS server. This section provides a high level overview of Kickstart usage.
- Create a Kickstart file. You can write it by hand, copy a Kickstart file saved after a manual installation, or use an online generator tool to create the file, and edit it afterward. See Creating Kickstart files.
- Make the Kickstart file available to the installation program on removable media, a hard drive or a network location using an HTTP(S), FTP, or NFS server. See Making Kickstart files available to the installation program.
- Create the boot medium which will be used to begin the installation. See Creating a bootable installation medium and Preparing to install from the network using PXE.
- Make the installation source available to the installation program. See Creating installation sources for Kickstart installations.
- Start the installation using the boot medium and the Kickstart file. See Starting Kickstart installations.
If the Kickstart file contains all mandatory commands and sections, the installation finishes automatically. If one or more of these mandatory parts are missing, or if an error occurs, the installation requires manual intervention to finish.
If you plan to install a Beta release of Red Hat Enterprise Linux, on systems having UEFI Secure Boot enabled, then first disable the UEFI Secure Boot option and then begin the installation.
UEFI Secure Boot requires that the operating system kernel is signed with a recognized private key, which the system’s firmware verifies using the corresponding public key. For Red Hat Enterprise Linux Beta releases, the kernel is signed with a Red Hat Beta-specific private key, which the system fails to recognize by default. As a result, the system fails to boot the installation media.
8.2. Creating Kickstart files
You can create a Kickstart file using the following methods:
- Use the online Kickstart configuration tool.
- Copy the Kickstart file created as a result of a manual installation.
- Write the entire Kickstart file manually.
Convert the Red Hat Enterprise Linux 7 Kickstart file for Red Hat Enterprise Linux 8 installation.
For more information on the conversion tool, see Kickstart generator lab.
- In case of virtual and cloud environment, create a custom system image, using Image Builder.
Note that some highly specific installation options can be configured only by manual editing of the Kickstart file.
8.2.1. Creating a Kickstart file with the Kickstart configuration tool
Users with a Red Hat Customer Portal account can use the Kickstart Generator tool in the Customer Portal Labs to generate Kickstart files online. This tool will walk you through the basic configuration and enables you to download the resulting Kickstart file.
Prerequisites
- You have a Red Hat Customer Portal account and an active Red Hat subscription.
Procedure
- Open the Kickstart generator lab information page at https://access.redhat.com/labsinfo/kickstartconfig.
- Click the Go to Application button to the left of heading and wait for the next page to load.
- Select Red Hat Enterprise Linux 8 in the drop-down menu and wait for the page to update.
Describe the system to be installed using the fields in the form.
You can use the links on the left side of the form to quickly navigate between sections of the form.
To download the generated Kickstart file, click the red Download button at the top of the page.
Your web browser saves the file.
8.2.2. Creating a Kickstart file by performing a manual installation
The recommended approach to creating Kickstart files is to use the file created by a manual installation of Red Hat Enterprise Linux. After an installation completes, all choices made during the installation are saved into a Kickstart file named anaconda-ks.cfg
, located in the /root/
directory on the installed system. You can use this file to reproduce the installation in the same way as before. Alternatively, copy this file, make any changes you need, and use the resulting configuration file for further installations.
Procedure
Install RHEL. For more details, see Performing a standard RHEL 8 installation.
During the installation, create a user with administrator privileges.
- Finish the installation and reboot into the installed system.
- Log into the system with the administrator account.
Copy the file
/root/anaconda-ks.cfg
to a location of your choice.ImportantThe file contains information about users and passwords.
To display the file contents in terminal:
# cat /root/anaconda-ks.cfg
You can copy the output and save to another file of your choice.
- To copy the file to another location, use the file manager. Remember to change permissions on the copy, so that the file can be read by non-root users.
Additional resources
8.2.3. Converting a Kickstart file from previous RHEL installation
You can use the Kickstart Converter tool to convert a RHEL 7 Kickstart file for use in a RHEL 8 or 9 installation or convert a RHEL 8 Kickstart file for use it in RHEL 9. For more information about the tool and how to use it to convert a RHEL Kickstart file, see https://access.redhat.com/labs/kickstartconvert/
8.2.4. Creating a custom image using Image Builder
You can use Red Hat Image Builder to create a customized system image for virtual and cloud deployments.
For more information about creating customized images, using Image Builder, see Composing a customized RHEL system image document.
8.3. Making Kickstart files available to the installation program
The following provides information about making the Kickstart file available to the installation program on the target system.
8.3.1. Ports for network-based installation
The following table lists the ports that must be open on the server for providing the files for each type of network-based installation.
Protocol used | Ports to open |
---|---|
HTTP | 80 |
HTTPS | 443 |
FTP | 21 |
NFS | 2049, 111, 20048 |
TFTP | 69 |
Additional resources
8.3.2. Making a Kickstart file available on an NFS server
This procedure describes how to store the Kickstart script file on an NFS server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.
Prerequisites
- You have an administrator-level access to a server with Red Hat Enterprise Linux 8 on the local network.
- The system to be installed can connect to the server.
- The firewall on the server allows connections from the system you are installing to.
Procedure
Install the
nfs-utils
package by running the following command as root:# yum install nfs-utils
- Copy the Kickstart file to a directory on the NFS server.
Open the
/etc/exports
file using a text editor and add a line with the following syntax:/exported_directory/ clients
Replace /exported_directory/ with the full path to the directory holding the Kickstart file. Instead of clients, use the host name or IP address of the computer that is to be installed from this NFS server, the subnetwork from which all computers are to have access the ISO image, or the asterisk sign (
*
) if you want to allow any computer with network access to the NFS server to use the ISO image. See the exports(5) man page for detailed information about the format of this field.A basic configuration that makes the
/rhel8-install/
directory available as read-only to all clients is:/rhel8-install *
-
Save the
/etc/exports
file and exit the text editor. Start the nfs service:
# systemctl start nfs-server.service
If the service was running before you changed the
/etc/exports
file, enter the following command, in order for the running NFS server to reload its configuration:# systemctl reload nfs-server.service
The Kickstart file is now accessible over NFS and ready to be used for installation.
When specifying the Kickstart source, use nfs:
as the protocol, the server’s host name or IP address, the colon sign (:
), and the path inside directory holding the file. For example, if the server’s host name is myserver.example.com
and you have saved the file in /rhel8-install/my-ks.cfg
, specify inst.ks=nfs:myserver.example.com:/rhel8-install/my-ks.cfg
as the installation source boot option.
Additional resources
8.3.3. Making a Kickstart file available on an HTTP or HTTPS server
This procedure describes how to store the Kickstart script file on an HTTP or HTTPS server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.
Prerequisites
- You have an administrator-level access to a server with Red Hat Enterprise Linux 8 on the local network.
- The system to be installed can connect to the server.
- The firewall on the server allows connections from the system you are installing to.
Procedure
To store the Kickstart file on an HTTP, install the
httpd
package:# yum install httpd
To store the Kickstart file on an HTTPS, install
httpd
andmod_ssl
packages:# yum install httpd mod_ssl
WarningIf your Apache web server configuration enables SSL security, verify that you only enable the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1232413 for details.
ImportantIf you use an HTTPS server with a self-signed certificate, you must boot the installation program with the
inst.noverifyssl
option.-
Copy the Kickstart file to the HTTP(S) server into a subdirectory of the
/var/www/html/
directory. Start the httpd service:
# systemctl start httpd.service
The Kickstart file is now accessible and ready to be used for installation.
NoteWhen specifying the location of the Kickstart file, use
http://
orhttps://
as the protocol, the server’s host name or IP address, and the path of the Kickstart file, relative to the HTTP server root. For example, if you are using HTTP, the server’s host name ismyserver.example.com
, and you have copied the Kickstart file as/var/www/html/rhel8-install/my-ks.cfg
, specifyhttp://myserver.example.com/rhel8-install/my-ks.cfg
as the file location.
Additional resources
8.3.4. Making a Kickstart file available on an FTP server
This procedure describes how to store the Kickstart script file on an FTP server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.
Prerequisites
- You have an administrator-level access to a server with Red Hat Enterprise Linux 8 on the local network.
- The system to be installed can connect to the server.
- The firewall on the server allows connections from the system you are installing to.
Procedure
Install the
vsftpd
package by running the following command as root:# yum install vsftpd
Open and edit the
/etc/vsftpd/vsftpd.conf
configuration file in a text editor.-
Change the line
anonymous_enable=NO
toanonymous_enable=YES
-
Change the line
write_enable=YES
towrite_enable=NO
. Add lines
pasv_min_port=min_port
andpasv_max_port=max_port
. Replace min_port and max_port with the port number range used by FTP server in passive mode, e. g.10021
and10031
.This step can be necessary in network environments featuring various firewall/NAT setups.
Optionally, add custom changes to your configuration. For available options, see the vsftpd.conf(5) man page. This procedure assumes that default options are used.
WarningIf you configured SSL/TLS security in your
vsftpd.conf
file, ensure that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1234773 for details.
-
Change the line
Configure the server firewall.
Enable the firewall:
# systemctl enable firewalld # systemctl start firewalld
Enable in your firewall the FTP port and port range from previous step:
# firewall-cmd --add-port min_port-max_port/tcp --permanent # firewall-cmd --add-service ftp --permanent # firewall-cmd --reload
Replace min_port-max_port with the port numbers you entered into the
/etc/vsftpd/vsftpd.conf
configuration file.
-
Copy the Kickstart file to the FTP server into the
/var/ftp/
directory or its subdirectory. Make sure that the correct SELinux context and access mode is set on the file:
# restorecon -r /var/ftp/your-kickstart-file.ks # chmod 444 /var/ftp/your-kickstart-file.ks
Start the
vsftpd
service:# systemctl start vsftpd.service
If the service was running before you changed the
/etc/vsftpd/vsftpd.conf
file, restart the service to load the edited file:# systemctl restart vsftpd.service
Enable the
vsftpd
service to start during the boot process:# systemctl enable vsftpd
The Kickstart file is now accessible and ready to be used for installations by systems on the same network.
NoteWhen configuring the installation source, use
ftp://
as the protocol, the server’s host name or IP address, and the path of the Kickstart file, relative to the FTP server root. For example, if the server’s host name ismyserver.example.com
and you have copied the file to/var/ftp/my-ks.cfg
, specifyftp://myserver.example.com/my-ks.cfg
as the installation source.
8.3.5. Making a Kickstart file available on a local volume
This procedure describes how to store the Kickstart script file on a volume on the system to be installed. This method enables you to bypass the need for another system.
Prerequisites
- You have a drive that can be moved to the machine to be installed, such as a USB stick.
-
The drive contains a partition that can be read by the installation program. The supported types are
ext2
,ext3
,ext4
,xfs
, andfat
. - The drive is connected to the system and its volumes are mounted.
Procedure
List volume information and note the UUID of the volume to which you want to copy the Kickstart file.
# lsblk -l -p -o name,rm,ro,hotplug,size,type,mountpoint,uuid
- Navigate to the file system on the volume.
- Copy the Kickstart file to this file system.
-
Make a note of the string to use later with the
inst.ks=
option. This string is in the formhd:UUID=volume-UUID:path/to/kickstart-file.cfg
. Note that the path is relative to the file system root, not to the/
root of file system hierarchy. Replace volume-UUID with the UUID you noted earlier. Unmount all drive volumes:
# umount /dev/xyz ...
Add all the volumes to the command, separated by spaces.
8.3.6. Making a Kickstart file available on a local volume for automatic loading
A specially named Kickstart file can be present in the root of a specially named volume on the system to be installed. This lets you bypass the need for another system, and makes the installation program load the file automatically.
Prerequisites
- You have a drive that can be moved to the machine to be installed, such as a USB stick.
-
The drive contains a partition that can be read by the installation program. The supported types are
ext2
,ext3
,ext4
,xfs
, andfat
. - The drive is connected to the system and its volumes are mounted.
Procedure
List volume information to which you want to copy the Kickstart file.
# lsblk -l -p
- Navigate to the file system on the volume.
- Copy the Kickstart file into the root of this file system.
-
Rename the Kickstart file to
ks.cfg
. Rename the volume as
OEMDRV
:For
ext2
,ext3
, andext4
file systems:# e2label /dev/xyz OEMDRV
For the XFS file system:
# xfs_admin -L OEMDRV /dev/xyz
Replace /dev/xyz with the path to the volume’s block device.
Unmount all drive volumes:
# umount /dev/xyz ...
Add all the volumes to the command, separated by spaces.
8.4. Creating installation sources for Kickstart installations
This section describes how to create an installation source for the Boot ISO image using the DVD ISO image that contains the required repositories and software packages.
8.4.1. Types of installation source
You can use one of the following installation sources for minimal boot images:
- DVD: Burn the DVD ISO image to a DVD. The DVD will be automatically used as the installation source (software package source).
Hard drive or USB drive: Copy the DVD ISO image to the drive and configure the installation program to install the software packages from the drive. If you use a USB drive, verify that it is connected to the system before the installation begins. The installation program cannot detect media after the installation begins.
-
Hard drive limitation: The DVD ISO image on the hard drive must be on a partition with a file system that the installation program can mount. The supported file systems are
xfs
,ext2
,ext3
,ext4
, andvfat (FAT32)
.
WarningOn Microsoft Windows systems, the default file system used when formatting hard drives is NTFS. The exFAT file system is also available. However, neither of these file systems can be mounted during the installation. If you are creating a hard drive or a USB drive as an installation source on Microsoft Windows, verify that you formatted the drive as FAT32. Note that the FAT32 file system cannot store files larger than 4 GiB.
In Red Hat Enterprise Linux 8, you can enable installation from a directory on a local hard drive. To do so, you need to copy the contents of the DVD ISO image to a directory on a hard drive and then specify the directory as the installation source instead of the ISO image. For example:
inst.repo=hd:<device>:<path to the directory>
-
Hard drive limitation: The DVD ISO image on the hard drive must be on a partition with a file system that the installation program can mount. The supported file systems are
Network location: Copy the DVD ISO image or the installation tree (extracted contents of the DVD ISO image) to a network location and perform the installation over the network using the following protocols:
- NFS: The DVD ISO image is in a Network File System (NFS) share.
- HTTPS, HTTP or FTP: The installation tree is on a network location that is accessible over HTTP, HTTPS or FTP.
8.4.2. Ports for network-based installation
The following table lists the ports that must be open on the server for providing the files for each type of network-based installation.
Protocol used | Ports to open |
---|---|
HTTP | 80 |
HTTPS | 443 |
FTP | 21 |
NFS | 2049, 111, 20048 |
TFTP | 69 |
Additional resources
8.4.3. Creating an installation source on an NFS server
Use this installation method to install multiple systems from a single source, without having to connect to physical media.
Prerequisites
- You have an administrator-level access to a server with Red Hat Enterprise Linux 8, and this server is on the same network as the system to be installed.
- You have downloaded a Binary DVD image. For more information, see Downloading the installation ISO image.
- You have created a bootable CD, DVD, or USB device from the image file. For more information, see Creating installation media.
- You have verified that your firewall allows the system you are installing to access the remote installation source. For more information, see Ports for network-based installation.
Procedure
Install the
nfs-utils
package:# yum install nfs-utils
- Copy the DVD ISO image to a directory on the NFS server.
Open the
/etc/exports
file using a text editor and add a line with the following syntax:/exported_directory/ clients
- Replace /exported_directory/ with the full path to the directory with the ISO image.
Replace clients with one of the following:
- The host name or IP address of the target system
- The subnetwork that all target systems can use to access the ISO image
-
To allow any system with network access to the NFS server to use the ISO image, the asterisk sign (
*
)
See the
exports(5)
man page for detailed information about the format of this field.For example, a basic configuration that makes the
/rhel8-install/
directory available as read-only to all clients is:/rhel8-install *
-
Save the
/etc/exports
file and exit the text editor. Start the nfs service:
# systemctl start nfs-server.service
If the service was running before you changed the
/etc/exports
file, reload the NFS server configuration:# systemctl reload nfs-server.service
The ISO image is now accessible over NFS and ready to be used as an installation source.
When configuring the installation source, use nfs:
as the protocol, the server host name or IP address, the colon sign (:)
, and the directory holding the ISO image. For example, if the server host name is myserver.example.com
and you have saved the ISO image in /rhel8-install/
, specify nfs:myserver.example.com:/rhel8-install/
as the installation source.
8.4.4. Creating an installation source using HTTP or HTTPS
You can create an installation source for a network-based installation using an installation tree, which is a directory containing extracted contents of the DVD ISO image and a valid .treeinfo
file. The installation source is accessed over HTTP or HTTPS.
Prerequisites
- You have an administrator-level access to a server with Red Hat Enterprise Linux 8, and this server is on the same network as the system to be installed.
- You have downloaded a Binary DVD image. For more information, see Downloading the installation ISO image.
- You have created a bootable CD, DVD, or USB device from the image file. For more information, see Creating installation media.
- You have verified that your firewall allows the system you are installing to access the remote installation source. For more information, see Ports for network-based installation.
-
The
httpd
package is installed. -
The
mod_ssl
package is installed, if you use thehttps
installation source.
If your Apache web server configuration enables SSL security, prefer to enable the TLSv1.3 protocol. By default, TLSv1.2 is enabled and you may use the TLSv1 (LEGACY) protocol.
If you use an HTTPS server with a self-signed certificate, you must boot the installation program with the noverifyssl
option.
Procedure
- Copy the DVD ISO image to the HTTP(S) server.
Create a suitable directory for mounting the DVD ISO image, for example:
# mkdir /mnt/rhel8-install/
Mount the DVD ISO image to the directory:
# mount -o loop,ro -t iso9660 /image_directory/image.iso /mnt/rhel8-install/
Replace /image_directory/image.iso with the path to the DVD ISO image.
Copy the files from the mounted image to the HTTP(S) server root.
# cp -r /mnt/rhel8-install/ /var/www/html/
This command creates the
/var/www/html/rhel8-install/
directory with the content of the image. Note that some other copying methods might skip the.treeinfo
file which is required for a valid installation source. Entering thecp
command for entire directories as shown in this procedure copies.treeinfo
correctly.Start the
httpd
service:# systemctl start httpd.service
The installation tree is now accessible and ready to be used as the installation source.
NoteWhen configuring the installation source, use
http://
orhttps://
as the protocol, the server host name or IP address, and the directory that contains the files from the ISO image, relative to the HTTP server root. For example, if you use HTTP, the server host name ismyserver.example.com
, and you have copied the files from the image to/var/www/html/rhel8-install/
, specifyhttp://myserver.example.com/rhel8-install/
as the installation source.
Additional resources
8.4.5. Creating an installation source using FTP
You can create an installation source for a network-based installation using an installation tree, which is a directory containing extracted contents of the DVD ISO image and a valid .treeinfo
file. The installation source is accessed over FTP.
Prerequisites
- You have an administrator-level access to a server with Red Hat Enterprise Linux 8, and this server is on the same network as the system to be installed.
- You have downloaded a Binary DVD image. For more information, see Downloading the installation ISO image.
- You have created a bootable CD, DVD, or USB device from the image file. For more information, see Creating installation media.
- You have verified that your firewall allows the system you are installing to access the remote installation source. For more information, see Ports for network-based installation.
-
The
vsftpd
package is installed.
Procedure
Open and edit the
/etc/vsftpd/vsftpd.conf
configuration file in a text editor.-
Change the line
anonymous_enable=NO
toanonymous_enable=YES
-
Change the line
write_enable=YES
towrite_enable=NO
. Add lines
pasv_min_port=<min_port>
andpasv_max_port=<max_port>
. Replace <min_port> and <max_port> with the port number range used by FTP server in passive mode, for example,10021
and10031
.This step might be necessary in network environments featuring various firewall/NAT setups.
Optional: Add custom changes to your configuration. For available options, see the vsftpd.conf(5) man page. This procedure assumes that default options are used.
WarningIf you configured SSL/TLS security in your
vsftpd.conf
file, ensure that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1234773 for details.
-
Change the line
Configure the server firewall.
Enable the firewall:
# systemctl enable firewalld
Start the firewall:
# systemctl start firewalld
Configure the firewall to allow the FTP port and port range from the previous step:
# firewall-cmd --add-port min_port-max_port/tcp --permanent # firewall-cmd --add-service ftp --permanent
Replace <min_port> and <max_port> with the port numbers you entered into the
/etc/vsftpd/vsftpd.conf
configuration file.Reload the firewall to apply the new rules:
# firewall-cmd --reload
- Copy the DVD ISO image to the FTP server.
Create a suitable directory for mounting the DVD ISO image, for example:
# mkdir /mnt/rhel8-install
Mount the DVD ISO image to the directory:
# mount -o loop,ro -t iso9660 /image-directory/image.iso /mnt/rhel8-install
Replace
/image-directory/image.iso
with the path to the DVD ISO image.Copy the files from the mounted image to the FTP server root:
# mkdir /var/ftp/rhel8-install # cp -r /mnt/rhel8-install/ /var/ftp/
This command creates the
/var/ftp/rhel8-install/
directory with the content of the image. Note that some copying methods can skip the.treeinfo
file which is required for a valid installation source. Entering thecp
command for whole directories as shown in this procedure will copy.treeinfo
correctly.Make sure that the correct SELinux context and access mode is set on the copied content:
# restorecon -r /var/ftp/rhel8-install # find /var/ftp/rhel8-install -type f -exec chmod 444 {} \; # find /var/ftp/rhel8-install -type d -exec chmod 755 {} \;
Start the
vsftpd
service:# systemctl start vsftpd.service
If the service was running before you changed the
/etc/vsftpd/vsftpd.conf
file, restart the service to load the edited file:# systemctl restart vsftpd.service
Enable the
vsftpd
service to start during the boot process:# systemctl enable vsftpd
The installation tree is now accessible and ready to be used as the installation source.
NoteWhen configuring the installation source, use
ftp://
as the protocol, the server host name or IP address, and the directory in which you have stored the files from the ISO image, relative to the FTP server root. For example, if the server host name ismyserver.example.com
and you have copied the files from the image to/var/ftp/rhel8-install/
, specifyftp://myserver.example.com/rhel8-install/
as the installation source.
8.5. Starting Kickstart installations
You can start Kickstart installations in multiple ways:
- Manually by entering the installation program boot menu and specifying the options including Kickstart file there.
- Automatically by editing the boot options in PXE boot.
- Automatically by providing the file on a volume with specific name.
Learn how to perform each of these methods in the following sections.
8.5.1. Starting a Kickstart installation manually
This section explains how to start a Kickstart installation manually, which means some user interaction is required (adding boot options at the boot:
prompt). Use the boot option inst.ks=location
when booting the installation system, replacing location with the location of your Kickstart file. The exact way to specify the boot option and the form of boot prompt depends on your system’s architecture. For detailed information, see the Boot options for RHEL installer guide.
Prerequisites
- You have a Kickstart file ready in a location accessible from the system to be installed.
Procedure
- Boot the system using a local media (a CD, DVD, or a USB flash drive).
At the boot prompt, specify the required boot options.
-
If the Kickstart file or a required repository is in a network location, you may need to configure the network using the
ip=
option. The installer tries to configure all network devices using the DHCP protocol by default without this option. -
Add the
inst.ks=
boot option and the location of the Kickstart file. -
In order to access a software source from which necessary packages will be installed, you may need to add the
inst.repo=
option. If you do not specify this option, you must specify the installation source in the Kickstart file.
For information about editing boot options, see Editing boot options.
-
If the Kickstart file or a required repository is in a network location, you may need to configure the network using the
Start the installation by confirming your added boot options.
The installation begins now, using the options specified in the Kickstart file. If the Kickstart file is valid and contains all required commands, the installation is completely automated from this point forward.
If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list. For more information about UEFI Secure Boot and Red Hat Enterprise Linux Beta releases, see the Completing post-installation tasks section of the Performing a standard RHEL 8 installation document.
8.5.2. Starting a Kickstart installation automatically using PXE
AMD64, Intel 64, and 64-bit ARM systems and IBM Power Systems servers have the ability to boot using a PXE server. When you configure the PXE server, you can add the boot option into the boot loader configuration file, which in turn lets you start the installation automatically. Using this approach, it is possible to automate the installation completely, including the boot process.
This procedure is intended as a general reference; detailed steps differ based on your system’s architecture, and not all options are available on all architectures (for example, you cannot use PXE boot on 64-bit IBM Z).
Prerequisites
- You have a Kickstart file ready in a location accessible from the system to be installed.
- You have a PXE server that can be used to boot the system and begin the installation.
Procedure
Open the boot loader configuration file on your PXE server, and add the
inst.ks=
boot option to the appropriate line. The name of the file and its syntax depends on your system’s architecture and hardware:On AMD64 and Intel 64 systems with BIOS, the file name can be either default or based on your system’s IP address. In this case, add the
inst.ks=
option to the append line in the installation entry. A sample append line in the configuration file looks similar to the following:append initrd=initrd.img inst.ks=http://10.32.5.1/mnt/archive/RHEL-8/8.x/x86_64/kickstarts/ks.cfg
On systems using the GRUB2 boot loader (AMD64, Intel 64, and 64-bit ARM systems with UEFI firmware and IBM Power Systems servers), the file name will be
grub.cfg
. In this file, append theinst.ks=
option to the kernel line in the installation entry. A sample kernel line in the configuration file will look similar to the following:kernel vmlinuz inst.ks=http://10.32.5.1/mnt/archive/RHEL-8/8.x/x86_64/kickstarts/ks.cfg
Boot the installation from the network server.
The installation begins now, using the installation options specified in the Kickstart file. If the Kickstart file is valid and contains all required commands, the installation is completely automated.
If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list.
For more information about UEFI Secure Boot and Red Hat Enterprise Linux Beta releases, see the Completing post-installation tasks section of the Performing a standard RHEL 8 installation document.
8.5.3. Starting a Kickstart installation automatically using a local volume
You can start a Kickstart installation by putting a Kickstart file with a specific name on a specifically labelled storage volume.
Prerequisites
-
You have a volume prepared with label
OEMDRV
and the Kickstart file present in its root asks.cfg
. - A drive containing this volume is available on the system as the installation program boots.
Procedure
- Boot the system using a local media (a CD, DVD, or a USB flash drive).
At the boot prompt, specify the required boot options.
-
If a required repository is in a network location, you may need to configure the network using the
ip=
option. The installer tries to configure all network devices using the DHCP protocol by default without this option. In order to access a software source from which necessary packages will be installed, you may need to add the
inst.repo=
option. If you do not specify this option, you must specify the installation source in the Kickstart file.For more information about installation sources, see Kickstart commands for installation program configuration and flow control.
-
If a required repository is in a network location, you may need to configure the network using the
Start the installation by confirming your added boot options.
The installation begins now, and the Kickstart file is automatically detected and used to start an automated Kickstart installation.
If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list. For more information about UEFI Secure Boot and Red Hat Enterprise Linux Beta releases, see the Completing post-installation tasks section of the Performing a standard RHEL 8 installation document.
8.6. Consoles and logging during installation
The Red Hat Enterprise Linux installer uses the tmux terminal multiplexer to display and control several windows in addition to the main interface. Each of these windows serve a different purpose; they display several different logs, which can be used to troubleshoot issues during the installation process. One of the windows provides an interactive shell prompt with root
privileges, unless this prompt was specifically disabled using a boot option or a Kickstart command.
In general, there is no reason to leave the default graphical installation environment unless you need to diagnose an installation problem.
The terminal multiplexer is running in virtual console 1. To switch from the actual installation environment to tmux, press Ctrl+Alt+F1. To go back to the main installation interface which runs in virtual console 6, press Ctrl+Alt+F6.
If you choose text mode installation, you will start in virtual console 1 (tmux), and switching to console 6 will open a shell prompt instead of a graphical interface.
The console running tmux has five available windows; their contents are described in the following table, along with keyboard shortcuts. Note that the keyboard shortcuts are two-part: first press Ctrl+b, then release both keys, and press the number key for the window you want to use.
You can also use Ctrl+b n, Alt+ Tab, and Ctrl+b p to switch to the next or previous tmux window, respectively.
Shortcut | Contents |
---|---|
Ctrl+b 1 | Main installation program window. Contains text-based prompts (during text mode installation or if you use VNC direct mode), and also some debugging information. |
Ctrl+b 2 |
Interactive shell prompt with |
Ctrl+b 3 |
Installation log; displays messages stored in |
Ctrl+b 4 |
Storage log; displays messages related to storage devices and configuration, stored in |
Ctrl+b 5 |
Program log; displays messages from utilities executed during the installation process, stored in |
8.7. Maintaining Kickstart files
You can run automated checks on Kickstart files. Typically, you will want to verify that a new or problematic Kickstart file is valid.
8.7.1. Installing Kickstart maintenance tools
To use the Kickstart maintenance tools, you must install the package that contains them.
Procedure
Install the pykickstart package:
# yum install pykickstart
8.7.2. Verifying a Kickstart file
Use the ksvalidator
command line utility to verify that your Kickstart file is valid. This is useful when you make extensive changes to a Kickstart file. Use the -v RHEL8
option in the ksvalidator
command to acknowledge new commands of the RHEL8 class.
Procedure
Run
ksvalidator
on your Kickstart file:$ ksvalidator -v RHEL8 /path/to/kickstart.ks
Replace /path/to/kickstart.ks with the path to the Kickstart file you want to verify.
The validation tool cannot guarantee the installation will be successful. It ensures only that the syntax is correct and that the file does not include deprecated options. It does not attempt to validate the %pre
, %post
and %packages
sections of the Kickstart file.
Additional resources
- The ksvalidator(1) man page
8.8. Registering and installing RHEL from the CDN using Kickstart
This section contains information about how to register your system, attach RHEL subscriptions, and install from the Red Hat Content Delivery Network (CDN) using Kickstart.
8.8.1. Registering and installing RHEL from the CDN
Use this procedure to register your system, attach RHEL subscriptions, and install from the Red Hat Content Delivery Network (CDN) using the rhsm
Kickstart command, which supports the syspurpose
command as well as Red Hat Insights. The rhsm
Kickstart command removes the requirement of using custom %post
scripts when registering the system.
The CDN feature is supported by the Boot ISO and DVD ISO image files. However, it is recommended that you use the Boot ISO image file as the installation source defaults to CDN for the Boot ISO image file.
Prerequisites
- Your system is connected to a network that can access the CDN.
- You have created a Kickstart file and made it available to the installation program on removable media, a hard drive, or a network location using an HTTP(S), FTP, or NFS server.
- The Kickstart file is in a location that is accessible by the system that is to be installed.
- You have created the boot media used to begin the installation and made the installation source available to the installation program.
- The installation source repository used after system registration is dependent on how the system was booted. For more information, see the Installation source repository after system registration section in the Performing a standard RHEL 8 installation document.
- Repository configuration is not required in a Kickstart file as your subscription governs which CDN subset and repositories the system can access.
Procedure
- Open the Kickstart file.
Edit the file to add the
rhsm
Kickstart command and its options to the file:- Organization (required)
Enter the organization id. An example is:
--organization=1234567
NoteFor security reasons, Red Hat username and password account details are not supported by Kickstart when registering and installing from the CDN.
- Activation Key (required)
Enter the Activation Key. You can enter multiple keys as long as the activation keys are registered to your subscription. An example is:
--activation-key="Test_key_1" --activation-key="Test_key_2"
- Red Hat Insights (recommended)
Connect the target system to Red Hat Insights.
NoteRed Hat Insights is a Software-as-a-Service (SaaS) offering that provides continuous, in-depth analysis of registered Red Hat-based systems to proactively identify threats to security, performance and stability across physical, virtual and cloud environments, and container deployments. Unlike manual installation using the installer GUI, connecting to Red Hat Insights is not enabled by default when using Kickstart.
An example is:
--connect-to-insights
- HTTP proxy (optional)
Set the HTTP proxy. An example is:
--proxy="user:password@hostname:9000"
NoteOnly the hostname is mandatory. If the proxy is required to run on a default port with no authentication, then the option is:
--proxy="hostname"
- System Purpose (optional)
Set the System Purpose role, SLA, and usage using the command:
subscription-manager syspurpose role ₋₋set="Red Hat Enterprise Linux Server" --sla="Premium" --usage="Production"
- Example
The following example displays a minimal Kickstart file with all
rhsm
Kickstart command options.graphical lang en_US.UTF-8 keyboard us rootpw 12345 timezone America/New_York zerombr clearpart --all --initlabel autopart syspurpose --role="Red Hat Enterprise Linux Server" --sla="Premium" --usage="Production" rhsm --organization="12345" --activation-key="test_key" --connect-to-insights --proxy="user:password@hostname:9000" reboot %packages vim %end
- Save the Kickstart file and start the installation process.
Additional resources
- Configuring System Purpose
- Starting Kickstart installations
- Red Hat Insights product documentation
- Understanding Activation Keys
-
For information about setting up an HTTP proxy for Subscription Manager, see the
PROXY CONFIGURATION
section in thesubscription-manager
man page.
8.8.2. Verifying your system registration from the CDN
Use this procedure to verify that your system is registered to the CDN.
Prerequisites
- You have completed the registration and installation process as documented in Register and install using CDN.
- You have started the Kickstart installation as documented in Starting Kickstart installations.
- The installed system has rebooted and a terminal window is open.
Procedure
From the terminal window, log in as a
root
user and verify the registration:# subscription-manager list
The output displays the attached subscription details, for example:
Installed Product Status Product Name: Red Hat Enterprise Linux for x86_64 Product ID: 486 Version: X Arch: x86_64 Status: Subscribed Status Details Starts: 11/4/2019 Ends: 11/4/2020
To view a detailed report, run the command:
# subscription-manager list --consumed
8.8.3. Unregistering your system from the CDN
Use this procedure to unregister your system from the Red Hat CDN.
Prerequisites
- You have completed the registration and installation process as documented in Registering and installing RHEL from the CDN.
- You have started the Kickstart installation as documented in Starting Kickstart installations.
- The installed system has rebooted and a terminal window is open.
Procedure
From the terminal window, log in as a
root
user and unregister:# subscription-manager unregister
The attached subscription is unregistered from the system and the connection to CDN is removed.
8.9. Performing a remote RHEL installation using VNC
This section describes how to perform a remote RHEL installation using Virtual Network Computing (VNC).
8.9.1. Overview
The graphical user interface is the recommended method of installing RHEL when you boot the system from a CD, DVD, or USB flash drive, or from a network using PXE. However, many enterprise systems, for example, IBM Power Systems and 64-bit IBM Z, are located in remote data center environments that are run autonomously and are not connected to a display, keyboard, and mouse. These systems are often referred to as headless systems and they are typically controlled over a network connection. The RHEL installation program includes a Virtual Network Computing (VNC) installation that runs the graphical installation on the target machine, but control of the graphical installation is handled by another system on the network. The RHEL installation program offers two VNC installation modes: Direct and Connect. Once a connection is established, the two modes do not differ. The mode you select depends on your environment.
- Direct mode
- In Direct mode, the RHEL installation program is configured to start on the target system and wait for a VNC viewer that is installed on another system before proceeding. As part of the Direct mode installation, the IP address and port are displayed on the target system. You can use the VNC viewer to connect to the target system remotely using the IP address and port, and complete the graphical installation.
- Connect mode
- In Connect mode, the VNC viewer is started on a remote system in listening mode. The VNC viewer waits for an incoming connection from the target system on a specified port. When the RHEL installation program starts on the target system, the system host name and port number are provided by using a boot option or a Kickstart command. The installation program then establishes a connection with the listening VNC viewer using the specified system host name and port number. To use Connect mode, the system with the listening VNC viewer must be able to accept incoming network connections.
8.9.2. Considerations
Consider the following items when performing a remote RHEL installation using VNC:
VNC client application: A VNC client application is required to perform both a VNC Direct and Connect installation. VNC client applications are available in the repositories of most Linux distributions, and free VNC client applications are also available for other operating systems such as Windows. The following VNC client applications are available in RHEL:
-
tigervnc
is independent of your desktop environment and is installed as part of thetigervnc
package. -
vinagre
is part of the GNOME desktop environment and is installed as part of thevinagre
package.
-
A VNC server is included in the installation program and doesn’t need to be installed.
Network and firewall:
- If the target system is not allowed inbound connections by a firewall, then you must use Connect mode or disable the firewall. Disabling a firewall can have security implications.
- If the system that is running the VNC viewer is not allowed incoming connections by a firewall, then you must use Direct mode, or disable the firewall. Disabling a firewall can have security implications. See the Security hardening document for more information on configuring the firewall.
- Custom Boot Options: You must specify custom boot options to start a VNC installation and the installation instructions might differ depending on your system architecture.
-
VNC in Kickstart installations: You can use VNC-specific commands in Kickstart installations. Using only the
vnc
command runs a RHEL installation in Direct mode. Additional options are available to set up an installation using Connect mode.
8.9.3. Performing a remote RHEL installation in VNC Direct mode
Use this procedure to perform a remote RHEL installation in VNC Direct mode. Direct mode expects the VNC viewer to initiate a connection to the target system that is being installed with RHEL. In this procedure, the system with the VNC viewer is called the remote system. You are prompted by the RHEL installation program to initiate the connection from the VNC viewer on the remote system to the target system.
This procedure uses TigerVNC as the VNC viewer. Specific instructions for other viewers might differ, but the general principles apply.
Prerequisites
- You have installed a VNC viewer on a remote system as a root user.
- You have set up a network boot server and booted the installation on the target system.
Procedure
-
From the RHEL boot menu on the target system, press the
Tab
key on your keyboard to edit the boot options. Append the
inst.vnc
option to the end of the command line.If you want to restrict VNC access to the system that is being installed, add the
inst.vncpassword=PASSWORD
boot option to the end of the command line. Replace PASSWORD with the password you want to use for the installation. The VNC password must be between 6 and 8 characters long.ImportantUse a temporary password for the
inst.vncpassword=
option. It should not be an existing or root password.
- Press Enter to start the installation. The target system initializes the installation program and starts the necessary services. When the system is ready, a message is displayed providing the IP address and port number of the system.
- Open the VNC viewer on the remote system.
- Enter the IP address and the port number into the VNC server field.
- Click Connect.
- Enter the VNC password and click OK. A new window opens with the VNC connection established, displaying the RHEL installation menu. From this window, you can install RHEL on the target system using the graphical user interface.
8.9.4. Performing a remote RHEL installation in VNC Connect mode
Use this procedure to perform a remote RHEL installation in VNC Connect mode. In Connect mode, the target system that is being installed with RHEL initiates a connect to the VNC viewer that is installed on another system. In this procedure, the system with the VNC viewer is called the remote system.
This procedure uses TigerVNC as the VNC viewer. Specific instructions for other viewers might differ, but the general principles apply.
Prerequisites
- You have installed a VNC viewer on a remote system as a root user.
- You have set up a network boot server to start the installation on the target system.
- You have configured the target system to use the boot options for a VNC Connect installation.
- You have verified that the remote system with the VNC viewer is configured to accept an incoming connection on the required port. Verification is dependent on your network and system configuration. For more information, see Security hardening and Securing networks.
Procedure
Start the VNC viewer on the remote system in listening mode by running the following command:
$ vncviewer -listen PORT
- Replace PORT with the port number used for the connection.
The terminal displays a message indicating that it is waiting for an incoming connection from the target system.
TigerVNC Viewer 64-bit v1.8.0 Built on: 2017-10-12 09:20 Copyright (C) 1999-2017 TigerVNC Team and many others (see README.txt) See http://www.tigervnc.org for information on TigerVNC. Thu Jun 27 11:30:57 2019 main: Listening on port 5500
- Boot the target system from the network.
-
From the RHEL boot menu on the target system, press the
Tab
key on your keyboard to edit the boot options. -
Append the
inst.vnc inst.vncconnect=HOST:PORT
option to the end of the command line. - Replace HOST with the IP address of the remote system that is running the listening VNC viewer, and PORT with the port number that the VNC viewer is listening on.
- Press Enter to start the installation. The system initializes the installation program and starts the necessary services. When the initialization process is finished, the installation program attempts to connect to the IP address and port provided.
- When the connection is successful, a new window opens with the VNC connection established, displaying the RHEL installation menu. From this window, you can install RHEL on the target system using the graphical user interface.