Red Hat SummitChapter 7. Preparing a PXE installation source
You must configure TFTP and DHCP on a PXE server to enable PXE boot and network installation.
7.1. Network installation overview
A network installation allows you to install Red Hat Enterprise Linux to a system that has access to an installation server. At a minimum, two systems are required for a network installation:
- Server
- A system running a DHCP server, an HTTP, HTTPS, FTP, or NFS server, and in the PXE boot case, a TFTP server. Although each server can run on a different physical system, the procedures in this section assume a single system is running all servers.
- Client
- The system to which you are installing Red Hat Enterprise Linux. Once installation starts, the client queries the DHCP server, receives the boot files from the HTTP or TFTP server, and downloads the installation environment image from the HTTP, HTTPS, FTP or NFS server. Unlike other installation methods, the client does not require any physical boot media for the installation to start.
To boot a client from the network, enable network boot in the firmware or in a quick boot menu on the client. On some hardware, the option to boot from a network might be disabled, or not available.
The workflow steps to prepare for an installation of Red Hat Enterprise Linux from a network by using HTTP or PXE are as follows:
Procedure
- Export the installation ISO image or the installation tree to an NFS, HTTPS, HTTP, or FTP server.
- Configure the HTTP or TFTP server and DHCP server, and start the HTTP or TFTP service on the server.
- Boot the client and start the installation.
You can choose between the following network boot protocols:
- HTTP
- Use the HTTP boot if your client UEFI supports it. HTTP boot is usually more reliable.
- PXE (TFTP)
- PXE boot is more widely supported by client systems, but sending the boot files over TFTP protocol might be slow and result in timeout failures.
7.2. Configuring the DHCPv4 server for network boot
Enable the DHCP version 4 (DHCPv4) service on your server, so that it can provide network boot functionality.
Prerequisites
- You are preparing network installation over the IPv4 protocol.
Find the network addresses of the server.
In the following examples, the server has a network interface
enp1s0with this configuration:- IPv4 address
- 192.168.124.2/24
- IPv4 gateway + DNS server
- 192.168.124.1
Procedure
Install the DHCP server:
dnf install kea
# dnf install keaCopy to Clipboard Copied! Set up a DHCPv4 server. Enter the following configuration in the
/etc/kea/kea-dhcp4.conffile. Replace the addresses to match your network card.{ "Dhcp4": { "interfaces-config": { "interfaces": [ "enp1s0" ] }, "subnet4": [ { "id": 1, "subnet": "192.168.124.0/24", "pools": [ { "pool": "192.168.124.100 - 192.168.124.200" } ], "option-data": [ { "space": "dhcp4", "name": "routers", "code": 3, "data": "192.168.124.10" }, { "space": "dhcp4", "name": "domain-name-servers", "code": 6, "data": "192.168.124.10" } ] } ], "client-classes": [ { "name": "uefi PXE Clients", "test": "substring(option[60].hex,0,9) == 'PXEClient' and option[93].hex == 0x0007", "next-server": "192.168.124.2", "boot-file-name": "/uefi/BOOT/BOOTX64.EFI" }, { "name": "bios PXE Clients", "test": "substring(option[60].hex,0,9) == 'PXEClient' and option[93].hex == 0x0000", "next-server": "192.168.124.2", "boot-file-name": "syslinux/pxelinux.0" }, { "name": "uefi HTTP Clients", "test": "substring(option[60].hex,0,10) == 'HTTPClient' and option[93].hex == 0x0007", "option-data": [ { "space": "dhcp4", "name": "vendor-class-identifier", "code": 60, "data": "HTTPClient" } ], "next-server": "192.168.124.2", "boot-file-name": "http://192.168.124.2/uefi/BOOT/BOOTX64.EFI" } ] } }{ "Dhcp4": { "interfaces-config": { "interfaces": [ "enp1s0" ] }, "subnet4": [ { "id": 1, "subnet": "192.168.124.0/24", "pools": [ { "pool": "192.168.124.100 - 192.168.124.200" } ], "option-data": [ { "space": "dhcp4", "name": "routers", "code": 3, "data": "192.168.124.10" }, { "space": "dhcp4", "name": "domain-name-servers", "code": 6, "data": "192.168.124.10" } ] } ], "client-classes": [ { "name": "uefi PXE Clients", "test": "substring(option[60].hex,0,9) == 'PXEClient' and option[93].hex == 0x0007", "next-server": "192.168.124.2", "boot-file-name": "/uefi/BOOT/BOOTX64.EFI" }, { "name": "bios PXE Clients", "test": "substring(option[60].hex,0,9) == 'PXEClient' and option[93].hex == 0x0000", "next-server": "192.168.124.2", "boot-file-name": "syslinux/pxelinux.0" }, { "name": "uefi HTTP Clients", "test": "substring(option[60].hex,0,10) == 'HTTPClient' and option[93].hex == 0x0007", "option-data": [ { "space": "dhcp4", "name": "vendor-class-identifier", "code": 60, "data": "HTTPClient" } ], "next-server": "192.168.124.2", "boot-file-name": "http://192.168.124.2/uefi/BOOT/BOOTX64.EFI" } ] } }Copy to Clipboard Copied! Start the DHCPv4 service:
systemctl enable --now kea-dhcp4
# systemctl enable --now kea-dhcp4Copy to Clipboard Copied!
7.3. Configuring the DHCPv6 server for network boot
Enable the DHCP version 6 (DHCPv4) service on your server, so that it can provide network boot functionality.
Prerequisites
- You are preparing network installation over the IPv6 protocol.
Find the network addresses of the server.
In the following examples, the server has a network interface
enp1s0with this configuration:- IPv6 address
- fd33::2/64
- IPv6 gateway
- fd33::1
Procedure
Install the DHCP server:
dnf install kea
# dnf install keaCopy to Clipboard Copied! Set up a DHCPv6 server. Enter the following configuration in the
/etc/kea/kea-dhcp6.conffile. Replace the addresses to match your network card.{ "Dhcp6": { "interfaces-config": { "interfaces": [ "enp1s0" ] }, "subnet6": [ { "id": 1, "subnet": "fd33::/64", "interface": "enp1s0", "pools": [ { "pool": "fd33::100-fd33::200" } ] } ], "client-classes": [ { "name": "uefi PXE Clients", "test": "substring(option[16].hex,6,9) == 'PXEClient' and substring(option[16].hex,21,5) == '00007'", "option-data": [ { "space": "dhcp6", "name": "bootfile-url", "code": 59, "data": "tftp://[fd33::2]/uefi/BOOT/BOOTX64.EFI" } ] }, { "name": "bios PXE Clients", "test": "substring(option[16].hex,6,9) == 'PXEClient' and substring(option[16].hex,21,5) == '00000'", "option-data": [ { "space": "dhcp6", "name": "bootfile-url", "code": 59, "data": "tftp://[fd33::2]/syslinux/pxelinux.0" } ] }, { "name": "uefi HTTP Clients", "test": "substring(option[16].hex,6,10) == 'HTTPClient' and substring(option[16].hex,22,5) == '00007'", "option-data": [ { "space": "dhcp6", "name": "bootfile-url", "code": 59, "data": "http://[fd33::2]/uefi/BOOT/BOOTX64.EFI" } ] } ] } }{ "Dhcp6": { "interfaces-config": { "interfaces": [ "enp1s0" ] }, "subnet6": [ { "id": 1, "subnet": "fd33::/64", "interface": "enp1s0", "pools": [ { "pool": "fd33::100-fd33::200" } ] } ], "client-classes": [ { "name": "uefi PXE Clients", "test": "substring(option[16].hex,6,9) == 'PXEClient' and substring(option[16].hex,21,5) == '00007'", "option-data": [ { "space": "dhcp6", "name": "bootfile-url", "code": 59, "data": "tftp://[fd33::2]/uefi/BOOT/BOOTX64.EFI" } ] }, { "name": "bios PXE Clients", "test": "substring(option[16].hex,6,9) == 'PXEClient' and substring(option[16].hex,21,5) == '00000'", "option-data": [ { "space": "dhcp6", "name": "bootfile-url", "code": 59, "data": "tftp://[fd33::2]/syslinux/pxelinux.0" } ] }, { "name": "uefi HTTP Clients", "test": "substring(option[16].hex,6,10) == 'HTTPClient' and substring(option[16].hex,22,5) == '00007'", "option-data": [ { "space": "dhcp6", "name": "bootfile-url", "code": 59, "data": "http://[fd33::2]/uefi/BOOT/BOOTX64.EFI" } ] } ] } }Copy to Clipboard Copied! Start the DHCPv6 service:
systemctl enable --now kea-dhcp6
# systemctl enable --now kea-dhcp6Copy to Clipboard Copied! If DHCPv6 packets are dropped by the RP filter in the firewall, check its log. If the log contains the
rpfilter_DROPentry, disable the filter using the following configuration in the/etc/firewalld/firewalld.conffile:IPv6_rpfilter=no
IPv6_rpfilter=noCopy to Clipboard Copied!
7.4. Configuring a TFTP server for BIOS-based clients
You must configure a TFTP server and DHCP server and start the TFTP service on the PXE server for BIOS-based AMD and Intel 64-bit systems.
Procedure
As root, install the following package.
dnf install tftp-server
# dnf install tftp-serverCopy to Clipboard Copied! Allow incoming connections to the
tftp servicein the firewall:firewall-cmd --add-service=tftp
# firewall-cmd --add-service=tftpCopy to Clipboard Copied! This command enables temporary access until the next server reboot.
Optional: To enable permanent access, repeat the previous command together with the
--permanentoption.Depending on the location of the installation ISO file, you might have to allow incoming connections for HTTP or other services.
Install
syslinux-tftpbootpackage:dnf -y install syslinux-tftpboot
# dnf -y install syslinux-tftpbootCopy to Clipboard Copied! Create a
pxelinuxdirectory in the/var/lib/tftpbootdirectory and copy all the files provided by thesyslinux-tftpbootpackage (located in/tftpbootdirectory) into thepxelinuxdirectory:mkdir /var/lib/tftpboot/pxelinux cp /tftpboot/* /var/lib/tftpboot/pxelinux
# mkdir /var/lib/tftpboot/pxelinux # cp /tftpboot/* /var/lib/tftpboot/pxelinuxCopy to Clipboard Copied! Create the directory
pxelinux.cfgin thepxelinuxdirectory:mkdir /var/lib/tftpboot/pxelinux/pxelinux.cfg
# mkdir /var/lib/tftpboot/pxelinux/pxelinux.cfgCopy to Clipboard Copied! Create a configuration file named
defaultand add it to thepxelinux.cfgdirectory as shown in the following example:DEFAULT menu.c32 MENU TITLE Red Hat Enterprise Linux 10.0 Installation TIMEOUT 600 LABEL default MENU LABEL ^Install Red Hat Enterprise Linux 10.0 KERNEL /pxelinux/images/RHEL-10/vmlinuz APPEND initrd=/pxelinux/images/RHEL-10/initrd.img inst.repo=http://192.168.124.2/redhat/iso quiet LABEL text MENU LABEL Install Red Hat Enterprise Linux 10.0 in ^text mode KERNEL /pxelinux/images/RHEL-10/vmlinuz APPEND initrd=/pxelinux/images/RHEL-10/initrd.img inst.repo=http://192.168.124.2/redhat/iso inst.text quiet LABEL rescue MENU LABEL ^Rescue a Red Hat Enterprise Linux system KERNEL /pxelinux/images/RHEL-10/vmlinuz APPEND initrd=/pxelinux/images/RHEL-10/initrd.img inst.stage2=http://192.168.124.2/redhat/iso inst.rescue quiet LABEL local MENU LABEL Boot from ^local drive LOCALBOOT 0xffff
DEFAULT menu.c32 MENU TITLE Red Hat Enterprise Linux 10.0 Installation TIMEOUT 600 LABEL default MENU LABEL ^Install Red Hat Enterprise Linux 10.0 KERNEL /pxelinux/images/RHEL-10/vmlinuz APPEND initrd=/pxelinux/images/RHEL-10/initrd.img inst.repo=http://192.168.124.2/redhat/iso quiet LABEL text MENU LABEL Install Red Hat Enterprise Linux 10.0 in ^text mode KERNEL /pxelinux/images/RHEL-10/vmlinuz APPEND initrd=/pxelinux/images/RHEL-10/initrd.img inst.repo=http://192.168.124.2/redhat/iso inst.text quiet LABEL rescue MENU LABEL ^Rescue a Red Hat Enterprise Linux system KERNEL /pxelinux/images/RHEL-10/vmlinuz APPEND initrd=/pxelinux/images/RHEL-10/initrd.img inst.stage2=http://192.168.124.2/redhat/iso inst.rescue quiet LABEL local MENU LABEL Boot from ^local drive LOCALBOOT 0xffffCopy to Clipboard Copied! -
The installation program cannot boot without its runtime image. Use the
inst.stage2boot option to specify location of the image. Alternatively, you can use theinst.repo=option to specify the image as well as the installation source. -
The installation source location used with
inst.repomust contain a valid.treeinfofile. -
When you select the content of RHEL10 installation DVD as the installation source, the
.treeinfofile points to the BaseOS and the AppStream repositories. You can use a singleinst.repooption to load both repositories.
-
The installation program cannot boot without its runtime image. Use the
Create a subdirectory to store the boot image files in the
/var/lib/tftpbootdirectory, and copy the boot image files to the directory. In this example, the directory is/var/lib/tftpboot/pxelinux/images/RHEL-10:mkdir -p /var/lib/tftpboot/pxelinux/images/RHEL-10 cp /path_to_x86_64_images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/pxelinux/images/RHEL-10/# mkdir -p /var/lib/tftpboot/pxelinux/images/RHEL-10 # cp /path_to_x86_64_images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/pxelinux/images/RHEL-10/Copy to Clipboard Copied! Start and enable the
tftp.socketservice:systemctl enable --now tftp.socket
# systemctl enable --now tftp.socketCopy to Clipboard Copied! The PXE boot server is now ready to serve PXE clients. You can start the client, which is the system to which you are installing Red Hat Enterprise Linux. Select PXE Boot or Network Boot when prompted to specify a boot source, and start the network installation.
7.5. Configuring a TFTP server for UEFI-based clients
You must configure a TFTP server and DHCP server and start the TFTP service on the PXE server for UEFI-based AMD64, Intel 64, and 64-bit ARM systems.
Red Hat Enterprise Linux 10 UEFI PXE boot supports, apart from the default grub menu file (grub.cfg), a lowercase file format for a MAC-based grub menu file. For example, the MAC address file format for grub2 can be grub.cfg-01-aa-bb-cc-dd-ee-ff
Procedure
As root, install the following package.
dnf install tftp-server
# dnf install tftp-serverCopy to Clipboard Copied! Allow incoming connections to the
tftp servicein the firewall:firewall-cmd --add-service=tftp
# firewall-cmd --add-service=tftpCopy to Clipboard Copied! This command enables temporary access until the next server reboot.
Optional: To enable permanent access, repeat the previous command together with the
--permanentoption.Depending on the location of the installation ISO file, you might have to allow incoming connections for HTTP or other services.
Access the EFI boot image files from the DVD ISO image:
mount -t iso9660 /path_to_image/name_of_image.iso /mount_point -o loop,ro
# mount -t iso9660 /path_to_image/name_of_image.iso /mount_point -o loop,roCopy to Clipboard Copied! Copy the EFI boot images from the DVD ISO image:
mkdir /var/lib/tftpboot/redhat cp -r /mount_point/EFI /var/lib/tftpboot/redhat/
# mkdir /var/lib/tftpboot/redhat # cp -r /mount_point/EFI /var/lib/tftpboot/redhat/Copy to Clipboard Copied! Create a subdirectory to store the boot image files in the
/var/lib/tftpboot/directory, and copy the boot image files to the directory. In this example, the directory is/var/lib/tftpboot/images/RHEL-10/:mkdir -p /var/lib/tftpboot/images/RHEL-10/ cp /mount_point/images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/images/RHEL-10/ umount /mount_point# mkdir -p /var/lib/tftpboot/images/RHEL-10/ # cp /mount_point/images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/images/RHEL-10/ # umount /mount_pointCopy to Clipboard Copied! Fix the permissions of the copied files:
chmod -R 755 /var/lib/tftpboot/redhat/
# chmod -R 755 /var/lib/tftpboot/redhat/Copy to Clipboard Copied! Replace the content of
/var/lib/tftpboot/redhat/EFI/BOOT/grub.cfgwith the following example:set default="1" set timeout=60 function load_video { insmod efi_gop insmod efi_uga insmod video_bochs insmod video_cirrus insmod all_video } load_video set gfxpayload=keep menuentry 'Install Red Hat Enterprise Linux 10.0' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/RHEL-10/vmlinuz inst.repo=http://192.168.124.2/redhat/iso quiet initrdefi /images/RHEL-10/initrd.img } submenu 'Troubleshooting -->' { menuentry 'Install Red Hat Enterprise Linux 10.0 in text mode' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/RHEL-10/vmlinuz inst.repo=http://192.168.124.2/redhat/iso inst.text quiet initrdefi /images/RHEL-10/initrd.img } menuentry 'Rescue a Red Hat Enterprise Linux system' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/RHEL-10/vmlinuz inst.stage2=http://192.168.124.2/redhat/iso inst.rescue quiet initrdefi /images/RHEL-10/initrd.img } }set default="1" set timeout=60 function load_video { insmod efi_gop insmod efi_uga insmod video_bochs insmod video_cirrus insmod all_video } load_video set gfxpayload=keep menuentry 'Install Red Hat Enterprise Linux 10.0' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/RHEL-10/vmlinuz inst.repo=http://192.168.124.2/redhat/iso quiet initrdefi /images/RHEL-10/initrd.img } submenu 'Troubleshooting -->' { menuentry 'Install Red Hat Enterprise Linux 10.0 in text mode' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/RHEL-10/vmlinuz inst.repo=http://192.168.124.2/redhat/iso inst.text quiet initrdefi /images/RHEL-10/initrd.img } menuentry 'Rescue a Red Hat Enterprise Linux system' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/RHEL-10/vmlinuz inst.stage2=http://192.168.124.2/redhat/iso inst.rescue quiet initrdefi /images/RHEL-10/initrd.img } }Copy to Clipboard Copied! -
The installation program cannot boot without its runtime image. Use the
inst.stage2boot option to specify location of the image. Alternatively, you can use theinst.repo=option to specify the image as well as the installation source. -
The installation source location used with
inst.repomust contain a valid.treeinfofile. -
When you select the RHEL10 installation DVD as the installation source, the
.treeinfofile points to the BaseOS and the AppStream repositories. You can use a singleinst.repooption to load both repositories.
-
The installation program cannot boot without its runtime image. Use the
Start and enable the
tftp.socketservice:systemctl enable --now tftp.socket
# systemctl enable --now tftp.socketCopy to Clipboard Copied! The PXE boot server is now ready to serve PXE clients. You can start the client, which is the system to which you are installing Red Hat Enterprise Linux. Select PXE Boot or Network Boot when prompted to specify a boot source, and start the network installation.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}