Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 5. Configuring iPXE to Reduce Provisioning Times

You can use Satellite to configure PXELinux to chainboot iPXE and boot using the HTTP protocol if you have the following restrictions that prevent you from using PXE:

  • A network with unmanaged DHCP servers.
  • A PXE service that is blacklisted on your network or restricted by a firewall.
  • An unreliable TFTP UDP-based protocol because of, for example, a low-bandwidth network.

iPXE Workflow Overview

The provisioning process using iPXE follows this workflow:

  • A discovered host boots over PXE.
  • The host loads either ipxe.efi or undionly.0.
  • The host initializes again on the network using DHCP.
  • The DHCP server detects the iPXE firmware and returns the iPXE template URL with the bootstrap flag.
  • The host requests iPXE template. Satellite does not recognize the host, and because the bootstrap flag is set, the host receives the iPXE intermediate script template that ships with Satellite.
  • The host runs the intermediate iPXE script and downloads the discovery image.
  • The host starts the discovery operating system and performs a discovery request.
  • The host is scheduled for provisioning and restarts.
  • The host boots over PXE.
  • The previous workflow repeats, but Satellite recognizes the host’s remote IP address and instead of the intermediate template, the host receives a regular iPXE template.
  • The host reads the iPXE configuration and boots the installer.
  • From this point, the installation follows a regular PXE installation workflow.

Note that the workflow uses the discovery process, which is optional. To set up the discovery service, see Section 5.1, “Setting up the Discovery Service for iPXE”.

With Satellite, you can set up hosts to download either the ipxe.efi or undionly.kpxe over TFTP. When the file downloads, all communication continues using HTTP. Satellite uses the iPXE provisioning script either to load an operating system installer or the next entry in the boot order.

There are three methods of using iPXE with Red Hat Satellite:

  1. Chainbooting virtual machines using hypervisors that use iPXE as primary firmware.
  2. Using PXELinux through TFTP to chainload iPXE directly on bare metal hosts.
  3. Using PXELinux through UNDI, which uses HTTP to transfer the kernel and the initial RAM disk on bare-metal hosts.

Security Information

The iPXE binary in Red Hat Enterprise Linux is built without some security features. For this reason, you can only use HTTP, and cannot use HTTPS.

+ All security-related features of iPXE in Red Hat Enterprise Linux are not supported. For more information, see Red Hat Enterprise Linux HTTPS support in iPXE.

Prerequisites

Before you begin, ensure that the following conditions are met:

  • A host exists on Red Hat Satellite to use.
  • The MAC address of the provisioning interface matches the host configuration.
  • The provisioning interface of the host has a valid DHCP reservation.
  • The NIC is capable of PXE booting. For more information, see http://ipxe.org/appnote/hardware_drivers.
  • The NIC is compatible with iPXE.

5.1. Setting up the Discovery Service for iPXE
Copier lien

  1. On Capsule Server, install the Foreman discovery service: 

    # yum install foreman-discovery-image
    Copy to Clipboard Toggle word wrap

  2. On Capsule Server, enable the httpboot service: 

    # satellite-installer --foreman-proxy-httpboot true
    Copy to Clipboard Toggle word wrap
  3. In the Satellite web UI, navigate to Administer > Settings, and click the Provisioning tab.
  4. Locate the Default PXE global template entry row and in the Value column, change the value to discovery.

5.2. Chainbooting virtual machines
Copier lien

Some virtualization hypervisors use iPXE as primary firmware for PXE booting. Because of this, you can chainboot without TFTP and PXELinux.

Chainbooting virtual machine workflow

Using virtualization hypervisors removes the need for TFTP and PXELinux. It has the following workflow:

  1. Virtual machine starts
  2. iPXE retrieves the network credentials using DHCP
  3. iPXE retrieves the HTTP address using DHCP
  4. iPXE chainloads the iPXE template from the template Capsule
  5. iPXE loads the kernel and initial RAM disk of the installer

If you want to use the discovery service with iPXE, see Section 5.1, “Setting up the Discovery Service for iPXE”.

Ensure that the hypervisor that you want to use supports iPXE. The following virtualization hypervisors support iPXE:

  • libvirt
  • oVirt
  • RHEV

Configuring Satellite Server to use iPXE

You can use the default template to configure iPXE booting for hosts. If you want to change the default values in the template, clone the template and edit the clone.

Procedure

  1. Copy a boot file to the TFTP directory on your Satellite Server:

    • For EFI systems, copy the ipxe.efi file: 

      # cp /usr/share/ipxe/ipxe.efi /var/lib/tftpboot/
      Copy to Clipboard Toggle word wrap

    • For BIOS systems, copy the undionly.kpxe file: 

      # cp /usr/share/ipxe/undionly.kpxe /var/lib/tftpboot/undionly.0
      Copy to Clipboard Toggle word wrap
  2. In the Satellite web UI, navigate to Hosts > Provisioning Templates, enter Kickstart default iPXE and click Search.
  3. Optional: If you want to change the template, click Clone, enter a unique name, and click Submit.
  4. Click the name of the template you want to use.
  5. If you clone the template, you can make changes you require on the Template tab.
  6. Click the Association tab, and select the operating systems that your host uses.
  7. Click the Locations tab, and add the location where the host resides.
  8. Click the Organizations tab, and add the organization that the host belongs to.
  9. Click Submit to save the changes.
  10. Navigate to Hosts > Operating systems and select the operating system of your host.
  11. Click the Templates tab.
  12. From the iPXE Template list, select the template you want to use.
  13. Click Submit to save the changes.
  14. Navigate to Hosts > All Hosts.
  15. In the Hosts page, select the host that you want to use.
  16. Select the Templates tab.
  17. From the iPXE template list, select Review to verify that the Kickstart default iPXE template is the correct template.

  18. To use the iPXE bootstrapping feature for Satellite, configure the dhcpd.conf file as follows: 

    if exists user-class and option user-class = "iPXE" {
  filename "http://satellite.example.com/unattended/iPXE?bootstrap=1";
} elsif option architecture = 00:06 {
  filename "ipxe.efi";
} elsif option architecture = 00:07 {
  filename "ipxe.efi";
} elsif option architecture = 00:09 {
  filename "ipxe.efi";
} else {
  filename "undionly.0";
}
    Copy to Clipboard Toggle word wrap

    If you use an isolated network, use a Capsule Server URL with TCP port 8000, instead of the URL of Satellite Server.

    Note

    Use http://satellite.example.com/unattended/iPXE?bootstrap=1 when Capsule HTTP endpoint is disabled (installer option --foreman-proxy-http false). Template Capsule plug-in has the default value 8000 when enabled and can be changed with --foreman-proxy-http-port installer option. In that case, use http://capsule.example.com:8000. You must update the /etc/dhcp/dhcpd.conf file after every upgrade.

5.3. Chainbooting Satellite Server to use iPXE directly
Copier lien

Use this procedure to set up iPXE to use a built-in driver for network communication or UNDI interface. There are separate procedures to configure Satellite Server and Capsule to use iPXE.

You can use this procedure only with bare metal hosts.

Chainbooting iPXE directly or with UNDI workflow

  1. Host powers on
  2. PXE driver retrieves the network credentials using DHCP
  3. PXE driver retrieves the PXELinux firmware pxelinux.0 using TFTP
  4. PXELinux searches for the configuration file on the TFTP server
  5. PXELinux chainloads iPXE ipxe.lkrn or undionly-ipxe.0
  6. iPXE retrieves the network credentials using DHCP again
  7. iPXE retrieves HTTP address using DHCP
  8. iPXE chainloads the iPXE template from the template Capsule
  9. iPXE loads the kernel and initial RAM disk of the installer

If you want to use the discovery service with iPXE, see Section 5.1, “Setting up the Discovery Service for iPXE”.

Configuring Red Hat Satellite Server to use iPXE

You can use the default template to configure iPXE booting for hosts. If you want to change the default values in the template, clone the template and edit the clone.

Procedure

  1. In the Satellite web UI, navigate to Hosts > Provisioning Templates, enter PXELinux chain iPXE or, for BIOS systems, enter PXELinux chain iPXE UNDI, and click Search.
  2. Optional: If you want to change the template, click Clone, enter a unique name, and click Submit.
  3. Click the name of the template you want to use.
  4. If you clone the template, you can make changes you require on the Template tab.
  5. Click the Association tab, and select the operating systems that your host uses.
  6. Click the Locations tab, and add the location where the host resides.
  7. Click the Organizations tab, and add the organization that the host belongs to.
  8. Click Submit to save the changes.
  9. In the Provisioning Templates page, enter Kickstart default iPXE into the search field and click Search.
  10. Optional: If you want to change the template, click Clone, enter a unique name, and click Submit.
  11. Click the name of the template you want to use.
  12. If you clone the template, you can make changes you require on the Template tab.
  13. Click the Association tab, and associate the template with the operating system that your host uses.
  14. Click the Locations tab, and add the location where the host resides.
  15. Click the Organizations tab, and add the organization that the host belongs to.
  16. Click Submit to save the changes.
  17. Navigate to Hosts > Operating systems and select the operating system of your host.
  18. Click the Templates tab.
  19. From the PXELinux template list, select the template you want to use.
  20. From the iPXE template list, select the template you want to use.
  21. Click Submit to save the changes.
  22. Navigate to Hosts > All Hosts, and select the host you want to use.
  23. Select the Templates tab, and from the PXELinux template list, select Review to verify the template is the correct template.
  24. From the iPXE template list, select Review to verify the template is the correct template. If there is no PXELinux entry, or you cannot find the new template, navigate to Hosts > All Hosts, and on your host, click Edit. Click the Operating system tab and click the Provisioning Template Resolve button to refresh the list of templates.

  25. To use the iPXE bootstrapping feature for Satellite, configure the dhcpd.conf file as follows: 

    if exists user-class and option user-class = "iPXE" {
  filename "http://satellite.example.com/unattended/iPXE?bootstrap=1";
} elsif option architecture = 00:06 {
  filename "ipxe.efi";
} elsif option architecture = 00:07 {
  filename "ipxe.efi";
} elsif option architecture = 00:09 {
  filename "ipxe.efi";
} else {
  filename "undionly.0";
}
    Copy to Clipboard Toggle word wrap

    If you use an isolated network, use a Capsule Server URL with TCP port 8000, instead of the URL of Satellite Server.

    Note

    For http://satellite.example.com/unattended/iPXE, you can also use a Red Hat Satellite Capsule http://capsule.example.com:8000/unattended/iPXE. You must update the /etc/dhcp/dhcpd.conf file after every upgrade.

You must perform this procedure on all Capsules.

Procedure

  1. Install the ipxe-bootimgs RPM package: 

    # yum install ipxe-bootimgs
    Copy to Clipboard Toggle word wrap

  2. Copy the iPXE firmware to the TFTP server’s root directory. Do not use symbolic links because TFTP runs in the chroot environment.

    • For EFI systems, copy the ipxe.efi file: 

      # cp /usr/share/ipxe/ipxe.lkrn /var/lib/tftpboot/
      Copy to Clipboard Toggle word wrap

    • For BIOS systems, copy the undionly.kpxe file: 

      # cp /usr/share/ipxe/undionly.kpxe /var/lib/tftpboot/undionly-ipxe.0
      Copy to Clipboard Toggle word wrap

  3. Correct the file contexts: 

    # restorecon -RvF /var/lib/tftpboot/
    Copy to Clipboard Toggle word wrap
Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2025 Red Hat