Red Hat Training

A Red Hat training course is available for RHEL 8

System Design Guide

Red Hat Enterprise Linux 8

Designing a RHEL 8 system

Red Hat Customer Content Services

Abstract

This content covers how to start using Red Hat Enterprise Linux 8. To learn about Red Hat Enterprise Linux technology capabilities and limits, see https://access.redhat.com/articles/rhel-limits.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

We appreciate your input on our documentation. Please let us know how we could make it better. To do so:

  • For simple comments on specific passages:

    1. Make sure you are viewing the documentation in the Multi-page HTML format. In addition, ensure you see the Feedback button in the upper right corner of the document.
    2. Use your mouse cursor to highlight the part of text that you want to comment on.
    3. Click the Add Feedback pop-up that appears below the highlighted text.
    4. Follow the displayed instructions.
  • For submitting more complex feedback, create a Bugzilla ticket:

    1. Go to the Bugzilla website.
    2. As the Component, use Documentation.
    3. Fill in the Description field with your suggestion for improvement. Include a link to the relevant part(s) of documentation.
    4. Click Submit Bug.

Part I. Design of installation

Chapter 1. Supported RHEL architectures and system requirements

Red Hat Enterprise Linux 8 delivers a stable, secure, consistent foundation across hybrid cloud deployments with the tools needed to deliver workloads faster with less effort. It can be deployed as a guest on supported hypervisors and Cloud provider environments as well as deployed on physical infrastructure, so your applications can take advantage of innovations in the leading hardware architecture platforms.

This section contains information about the supported architectures and the system requirements for installing Red Hat Enterprise Linux.

1.1. Supported architectures

Red Hat Enterprise Linux supports the following architectures:

  • AMD, Intel, and ARM 64-bit architectures
  • IBM Power Systems, Little Endian

    • IBM Power System LC servers
    • IBM Power System AC servers
    • IBM Power System L servers
  • IBM Z

1.2. System requirements

If this is a first-time install of Red Hat Enterprise Linux it is recommended that you review the guidelines provided for system, hardware, security, memory, and RAID before installing. See System requirements reference for more information.

Chapter 2. Preparing for your installation

Before you begin to install Red Hat Enterprise Linux, review the following sections to prepare your setup for the installation.

2.1. Recommended steps

Preparing for your RHEL installation consists of the following steps:

Steps

  1. Review and determine the installation method.
  2. Check system requirements.
  3. Review the installation boot media options.
  4. Download the required installation ISO image.
  5. Create a bootable installation medium.
  6. Prepare the installation source*

*Only required for the Boot ISO (minimal install) image if you are not using the Content Delivery Network (CDN) to download the required software packages.

2.2. RHEL installation methods

You can install Red Hat Enterprise Linux using any of the following methods:

  • GUI-based installations
  • System or cloud image-based installations
  • Advanced installations
Note

This document provides details about installing RHEL using the user interfaces (GUI).

GUI-based installations

The following GUI-based installation methods are available:

  • Install RHEL using an ISO image from the Customer Portal: Install Red Hat Enterprise Linux by downloading the Binary DVD ISO image file from the Customer Portal. Registration is performed after the GUI installation completes. This installation method is also supported by Kickstart.
  • Register and install RHEL from the Content Delivery Network: Register your system, attach subscriptions, and install Red Hat Enterprise Linux from the Content Delivery Network (CDN). This installation method is supported by the Boot ISO and Binary DVD ISO image files; however, it is recommended that you use the Boot ISO image file as the installation source defaults to CDN for the Boot ISO image file. Registration is performed before the installation packages are downloaded and installed from the CDN. This installation method is also supported by Kickstart.

    Important

    You can customize the RHEL installation for your specific requirements using the GUI. You can select additional options for specific environment requirements, for example, Connect to Red Hat, software selection, partitioning, security, and many more. For more information, see Chapter 4, Customizing your installation.

System or cloud image-based installations

You can use system or cloud image-based installation methods only in virtual and cloud environments.

To perform a system or cloud image-based installation, use Red Hat Image Builder. Image Builder creates customized system images of Red Hat Enterprise Linux, including the system images for cloud deployment.

For more information about installing RHEL using Image Builder, see the Composing a customized RHEL system image document.

Advanced installations

The following advanced installation methods are available:

  • Perform an automated RHEL installation using Kickstart: Install Red Hat Enterprise Linux using Kickstart. Kickstart is an automated installation that allows you to execute unattended operating system installation tasks.
  • Perform a remote RHEL installation using VNC: The RHEL installation program offers two VNC installation modes: Direct and Connect. Once a connection is established, the two modes do not differ. The mode you select depends on your environment.
  • Install RHEL from the network using PXE : A network installation allows you to install Red Hat Enterprise Linux to a system that has access to an installation server. At a minimum, two systems are required for a network installation.

For more information about the advanced installation methods, see the Performing an advanced RHEL installation document.

2.3. System requirements

If this is a first-time install of Red Hat Enterprise Linux it is recommended that you review the guidelines provided for system, hardware, security, memory, and RAID before installing. See System requirements reference for more information.

2.4. Installation boot media options

There are several options available to boot the Red Hat Enterprise Linux installation program.

Full installation DVD or USB flash drive
Create a full installation DVD or USB flash drive using the Binary DVD ISO image. The DVD or USB flash drive can be used as a boot device and as an installation source for installing software packages. Due to the size of the Binary DVD ISO image, a DVD or USB flash drive are the recommended media types.
Minimal installation DVD, CD, or USB flash drive
Create a minimal installation CD, DVD, or USB flash drive using the Boot ISO image, which contains only the minimum files necessary to boot the system and start the installation program.
Important

If you are not using the Content Delivery Network (CDN) to download the required software packages, the Boot ISO image requires an installation source that contains the required software packages.

PXE Server
A preboot execution environment (PXE) server allows the installation program to boot over the network. After a system boot, you must complete the installation from a different installation source, such as a local hard drive or a network location.
Image Builder
Image Builder allows to create customized system and cloud images to install Red Hat Enterprise Linux in virtual and cloud environment.

2.5. Types of installation ISO images

Two types of Red Hat Enterprise Linux 8 installation ISO images are available from the Red Hat Customer Portal.

Binary DVD ISO image file

A full installation program that contains the BaseOS and AppStream repositories and allows you to complete the installation without additional repositories.

Important

You can use a Binary DVD for IBM Z to boot the installation program using a SCSI DVD drive, or as an installation source.

Boot ISO image file

The Boot ISO image is a minimal installation that can be used to install RHEL in two different ways:

  1. When registering and installing RHEL from the Content Delivery Network (CDN).
  2. As a minimal image that requires access to the BaseOS and AppStream repositories to install software packages. The repositories are part of the Binary DVD ISO image that is available for download from the Red Hat Customer Portal. Download and unpack the Binary DVD ISO image to access the repositories.

The following table contains information about the images that are available for the supported architectures.

Table 2.1. Boot and installation images

ArchitectureInstallation DVDBoot DVD

AMD64 and Intel 64

x86_64 Binary DVD ISO image file

x86_64 Boot ISO image file

ARM 64

AArch64 Binary DVD ISO image file

AArch64 Boot ISO image file

IBM POWER

ppc64le Binary DVD ISO image file

ppc64le Boot ISO image file

IBM Z

s390x Binary DVD ISO image file

s390x Boot ISO image file

2.6. Downloading a RHEL installation ISO image

This section contains instructions about downloading a Red Hat Enterprise Linux installation image from the Red Hat Customer Portal or by using the curl command.

2.6.1. Types of installation ISO images

Two types of Red Hat Enterprise Linux 8 installation ISO images are available from the Red Hat Customer Portal.

Binary DVD ISO image file

A full installation program that contains the BaseOS and AppStream repositories and allows you to complete the installation without additional repositories.

Important

You can use a Binary DVD for IBM Z to boot the installation program using a SCSI DVD drive, or as an installation source.

Boot ISO image file

The Boot ISO image is a minimal installation that can be used to install RHEL in two different ways:

  1. When registering and installing RHEL from the Content Delivery Network (CDN).
  2. As a minimal image that requires access to the BaseOS and AppStream repositories to install software packages. The repositories are part of the Binary DVD ISO image that is available for download from the Red Hat Customer Portal. Download and unpack the Binary DVD ISO image to access the repositories.

The following table contains information about the images that are available for the supported architectures.

Table 2.2. Boot and installation images

ArchitectureInstallation DVDBoot DVD

AMD64 and Intel 64

x86_64 Binary DVD ISO image file

x86_64 Boot ISO image file

ARM 64

AArch64 Binary DVD ISO image file

AArch64 Boot ISO image file

IBM POWER

ppc64le Binary DVD ISO image file

ppc64le Boot ISO image file

IBM Z

s390x Binary DVD ISO image file

s390x Boot ISO image file

2.6.2. Downloading an ISO image from the Customer Portal

This procedure describes how to download a Red Hat Enterprise Linux 8 ISO image file from the Red Hat Customer Portal.

Note
  • The Boot ISO image is a minimal image file that supports registering your system, attaching subscriptions, and installing RHEL from the Content Delivery Network (CDN).
  • The Binary DVD ISO image file contains all repositories and software packages and does not require any additional configuration.

Prerequisites

  • You have an active Red Hat subscription.
  • You are logged in to the Product Downloads section of the Red Hat Customer Portal at Product Downloads.

Procedure

  1. From the Product Downloads page, select the By Category tab.
  2. Click the Red Hat Enterprise Linux 8 link.

    The Download Red Hat Enterprise Linux web page opens.

  3. From the Product Variant drop-down menu, select the variant that you require.

    1. Optional: Select the Packages tab to view the packages contained in the selected variant. For information on the packages available in Red Hat Enterprise Linux 8, see the Package Manifest document.
  4. The Version drop-down menu defaults to the latest version for the selected variant.
  5. The Architecture drop-down menu displays the supported architecture.

    The Product Software tab displays the image files, which include:

    • Red Hat Enterprise Linux Binary DVD image.
    • Red Hat Enterprise Linux Boot ISO image.

    Additional images may be available, for example, preconfigured virtual machine images, but they are beyond the scope of this document.

  6. Click Download Now beside the ISO image that you require.

2.6.3. Downloading an ISO image using curl

Use the curl command to download installation images directly from a specific URL.

Prerequisites

  • Verify the curl package is installed:

    • If your distribution uses the yum package manager:

      # yum install curl
    • If your distribution uses the dnf package manager:

      # dnf install curl
    • If your distribution uses the apt package manager:

      # apt update
      # apt install curl
    • If your Linux distribution does not use yum, dnf, or apt, or if you do not use Linux, download the most appropriate software package from the curl website.
  • You have navigated to the Product Downloads section of the Red Hat Customer Portal at https://access.redhat.com/downloads, and selected the variant, version, and architecture that you require. You have right-clicked on the required ISO image file, and selected Copy Link Location to copy the URL of the ISO image file to your clipboard.

Procedure

  • On the command line, enter a suitable directory, and run the following command to download the file:

    $ curl --output directory-path/filename.iso 'copied_link_location'

    Replace directory-path with a path to the location where you want to save the file; replace filename.iso with the ISO image name as displayed in the Customer Portal; replace copied_link_location with the link that you have copied from the Customer Portal.

2.7. Creating a bootable installation medium for RHEL

This section contains information about using the ISO image file that you have downloaded to create a bootable physical installation medium, such as a USB, DVD, or CD. For more information about downloading the ISO images, see Downloading the installation ISO image

Note

By default, the inst.stage2= boot option is used on the installation medium and is set to a specific label, for example, inst.stage2=hd:LABEL=RHEL8\x86_64. If you modify the default label of the file system containing the runtime image, or if you use a customized procedure to boot the installation system, you must verify that the label is set to the correct value.

2.7.1. Installation boot media options

There are several options available to boot the Red Hat Enterprise Linux installation program.

Full installation DVD or USB flash drive
Create a full installation DVD or USB flash drive using the Binary DVD ISO image. The DVD or USB flash drive can be used as a boot device and as an installation source for installing software packages. Due to the size of the Binary DVD ISO image, a DVD or USB flash drive are the recommended media types.
Minimal installation DVD, CD, or USB flash drive
Create a minimal installation CD, DVD, or USB flash drive using the Boot ISO image, which contains only the minimum files necessary to boot the system and start the installation program.
Important

If you are not using the Content Delivery Network (CDN) to download the required software packages, the Boot ISO image requires an installation source that contains the required software packages.

PXE Server
A preboot execution environment (PXE) server allows the installation program to boot over the network. After a system boot, you must complete the installation from a different installation source, such as a local hard drive or a network location.
Image Builder
Image Builder allows to create customized system and cloud images to install Red Hat Enterprise Linux in virtual and cloud environment.

2.7.2. Creating a bootable DVD or CD

You can create a bootable installation DVD or CD using burning software and a CD/DVD burner. The exact steps to produce a DVD or CD from an ISO image file vary greatly, depending on the operating system and disc burning software installed. Consult your system’s burning software documentation for the exact steps to burn a CD or DVD from an ISO image file.

Warning

You can create a bootable DVD or CD using either the Binary DVD ISO image (full install) or the Boot ISO image (minimal install). However, the Binary DVD ISO image is larger than 4.7 GB, and as a result, it might not fit on a single or dual-layer DVD. Check the size of the Binary DVD ISO image file before you proceed. A USB key is recommended when using the Binary DVD ISO image to create bootable installation media.

2.7.3. Creating a bootable USB device on Linux

Follow this procedure to create a bootable USB device on a Linux system.

Note

This procedure is destructive and data on the USB flash drive is destroyed without a warning.

Prerequisites

  • You have downloaded an installation ISO image as described in Downloading the installation ISO image.
  • The Binary DVD ISO image is larger than 4.7 GB, so a USB flash drive that is large enough to hold the ISO image is required.

Procedure

  1. Connect the USB flash drive to the system.
  2. Open a terminal window and run the dmesg command:

    $ dmesg|tail

    The dmesg command returns a log that details all recent events. Messages resulting from the attached USB flash drive are displayed at the bottom of the log. Record the name of the connected device.

  3. Switch to user root:

    $ su -
  4. Enter your root password when prompted.
  5. Find the device node assigned to the drive. In this example, the drive name is sdd.

    # dmesg|tail
    [288954.686557] usb 2-1.8: New USB device strings: Mfr=0, Product=1, SerialNumber=2
    [288954.686559] usb 2-1.8: Product: USB Storage
    [288954.686562] usb 2-1.8: SerialNumber: 000000009225
    [288954.712590] usb-storage 2-1.8:1.0: USB Mass Storage device detected
    [288954.712687] scsi host6: usb-storage 2-1.8:1.0
    [288954.712809] usbcore: registered new interface driver usb-storage
    [288954.716682] usbcore: registered new interface driver uas
    [288955.717140] scsi 6:0:0:0: Direct-Access     Generic  STORAGE DEVICE   9228 PQ: 0 ANSI: 0
    [288955.717745] sd 6:0:0:0: Attached scsi generic sg4 type 0
    [288961.876382] sd 6:0:0:0: sdd Attached SCSI removable disk
  6. Run the dd command to write the ISO image directly to the USB device.

    # dd if=/image_directory/image.iso of=/dev/device

    Replace /image_directory/image.iso with the full path to the ISO image file that you downloaded, and replace device with the device name that you retrieved with the dmesg command. In this example, the full path to the ISO image is /home/testuser/Downloads/rhel-8-x86_64-boot.iso, and the device name is sdd:

    # dd if=/home/testuser/Downloads/rhel-8-x86_64-boot.iso of=/dev/sdd
    Note

    Ensure that you use the correct device name, and not the name of a partition on the device. Partition names are usually device names with a numerical suffix. For example, sdd is a device name, and sdd1 is the name of a partition on the device sdd.

  7. Wait for the dd command to finish writing the image to the device. The data transfer is complete when the # prompt appears. When the prompt is displayed, log out of the root account and unplug the USB drive. The USB drive is now ready to be used as a boot device.

2.7.4. Creating a bootable USB device on Windows

Follow the steps in this procedure to create a bootable USB device on a Windows system. The procedure varies depending on the tool. Red Hat recommends using Fedora Media Writer, available for download at https://github.com/FedoraQt/MediaWriter/releases.

Note
  • Fedora Media Writer is a community product and is not supported by Red Hat. You can report any issues with the tool at https://github.com/FedoraQt/MediaWriter/issues.
  • This procedure is destructive and data on the USB flash drive is destroyed without a warning.

Prerequisites

  • You have downloaded an installation ISO image as described in Downloading the installation ISO image.
  • The Binary DVD ISO image is larger than 4.7 GB, so a USB flash drive that is large enough to hold the ISO image is required.

Procedure

  1. Download and install Fedora Media Writer from https://github.com/FedoraQt/MediaWriter/releases.

    Note

    To install Fedora Media Writer on Red Hat Enterprise Linux, use the pre-built Flatpak package. You can obtain the package from the official Flatpak repository Flathub.org at https://flathub.org/apps/details/org.fedoraproject.MediaWriter.

  2. Connect the USB flash drive to the system.
  3. Open Fedora Media Writer.
  4. From the main window, click Custom Image and select the previously downloaded Red Hat Enterprise Linux ISO image.
  5. From Write Custom Image window, select the drive that you want to use.
  6. Click Write to disk. The boot media creation process starts. Do not unplug the drive until the operation completes. The operation may take several minutes, depending on the size of the ISO image, and the write speed of the USB drive.
  7. When the operation completes, unmount the USB drive. The USB drive is now ready to be used as a boot device.

2.7.5. Creating a bootable USB device on Mac OS X

Follow the steps in this procedure to create a bootable USB device on a Mac OS X system.

Note

This procedure is destructive and data on the USB flash drive is destroyed without a warning.

Prerequisites

  • You have downloaded an installation ISO image as described in Downloading the installation ISO image.
  • The Binary DVD ISO image is larger than 4.7 GB, so a USB flash drive that is large enough to hold the ISO image is required.

Procedure

  1. Connect the USB flash drive to the system.
  2. Identify the device path with the diskutil list command. The device path has the format of /dev/disknumber, where number is the number of the disk. The disks are numbered starting at zero (0). Typically, Disk 0 is the OS X recovery disk, and Disk 1 is the main OS X installation. In the following example, the USB device is disk2:

    $ diskutil list
    /dev/disk0
    #:                       TYPE NAME                    SIZE       IDENTIFIER
    0:      GUID_partition_scheme                        *500.3 GB   disk0
    1:                        EFI EFI                     209.7 MB   disk0s1
    2:          Apple_CoreStorage                         400.0 GB   disk0s2
    3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
    4:          Apple_CoreStorage                         98.8 GB    disk0s4
    5:                 Apple_Boot Recovery HD             650.0 MB   disk0s5
    /dev/disk1
    #:                       TYPE NAME                    SIZE       IDENTIFIER
    0:                  Apple_HFS YosemiteHD             *399.6 GB   disk1
    Logical Volume on disk0s1
    8A142795-8036-48DF-9FC5-84506DFBB7B2
    Unlocked Encrypted
    /dev/disk2
    #:                       TYPE NAME                    SIZE       IDENTIFIER
    0:     FDisk_partition_scheme                        *8.1 GB     disk2
    1:               Windows_NTFS SanDisk USB             8.1 GB     disk2s1
  3. To identify your USB flash drive, compare the NAME, TYPE and SIZE columns to your flash drive. For example, the NAME should be the title of the flash drive icon in the Finder tool. You can also compare these values to those in the information panel of the flash drive.
  4. Use the diskutil unmountDisk command to unmount the flash drive’s filesystem volumes:

    $ diskutil unmountDisk /dev/disknumber
    					Unmount of all volumes on disknumber was successful

    When the command completes, the icon for the flash drive disappears from your desktop. If the icon does not disappear, you may have selected the wrong disk. Attempting to unmount the system disk accidentally returns a failed to unmount error.

  5. Log in as root:

    $ su -
  6. Enter your root password when prompted.
  7. Use the dd command as a parameter of the sudo command to write the ISO image to the flash drive:

    # sudo dd if=/path/to/image.iso of=/dev/rdisknumber
    Note

    Mac OS X provides both a block (/dev/disk*) and character device (/dev/rdisk*) file for each storage device. Writing an image to the /dev/rdisknumber character device is faster than writing to the /dev/disknumber block device.

  8. To write the /Users/user_name/Downloads/rhel-8-x86_64-boot.iso file to the /dev/rdisk2 device, run the following command:

    # sudo dd if=/Users/user_name/Downloads/rhel-8-x86_64-boot.iso of=/dev/rdisk2
  9. Wait for the dd command to finish writing the image to the device. The data transfer is complete when the # prompt appears. When the prompt is displayed, log out of the root account and unplug the USB drive. The USB drive is now ready to be used as a boot device.

2.8. Preparing an installation source

The Boot ISO image file does not include any repositories or software packages; it contains only the installation program and the tools required to boot the system and start the installation. This section contains information about creating an installation source for the Boot ISO image using the Binary DVD ISO image that contains the required repositories and software packages.

Important

An installation source is required for the Boot ISO image file only if you decide not to register and install RHEL from the Content Delivery Network (CDN).

2.8.1. Types of installation source

You can use one of the following installation sources for minimal boot images:

  • DVD: Burn the Binary DVD ISO image to a DVD. The installation program will automatically install the software packages from the DVD.
  • Hard drive or USB drive: Copy the Binary DVD ISO image to the drive and configure the installation program to install the software packages from the drive. If you use a USB drive, verify that it is connected to the system before the installation begins. The installation program cannot detect media after the installation begins.

    • Hard drive limitation: The Binary DVD ISO image on the hard drive must be on a partition with a file system that the installation program can mount. The supported file systems are xfs, ext2, ext3, ext4, and vfat (FAT32).
    Warning

    On Microsoft Windows systems, the default file system used when formatting hard drives is NTFS. The exFAT file system is also available. However, neither of these file systems can be mounted during the installation. If you are creating a hard drive or a USB drive as an installation source on Microsoft Windows, verify that you formatted the drive as FAT32. Note that the FAT32 file system cannot store files larger than 4 GiB.

    In Red Hat Enterprise Linux 8, you can enable installation from a directory on a local hard drive. To do so, you need to copy the contents of the DVD ISO image to a directory on a hard drive and then specify the directory as the installation source instead of the ISO image. For example: inst.repo=hd:<device>:<path to the directory>

  • Network location: Copy the Binary DVD ISO image or the installation tree (extracted contents of the Binary DVD ISO image) to a network location and perform the installation over the network using the following protocols:

    • NFS: The Binary DVD ISO image is in a Network File System (NFS) share.
    • HTTPS, HTTP or FTP: The installation tree is on a network location that is accessible over HTTP, HTTPS or FTP.

2.8.2. Specify the installation source

You can specify the installation source using any of the following methods:

  • Graphical installation: Select the installation source in the Installation Source window of the graphical install. For more information, see Configuring installation source
  • Boot option: Configure a custom boot option to specify the installation source. For more information, see, Boot options preference
  • Kickstart file: Use the install command in a Kickstart file to specify the installation source. See the Performing an advanced RHEL installation document for more information.

2.8.3. Ports for network-based installation

The following table lists the ports that must be open on the server providing the files for each type of network-based installation.

Table 2.3. Ports for network-based installation

Protocol usedPorts to open

HTTP

80

HTTPS

443

FTP

21

NFS

2049, 111, 20048

TFTP

69

Additional resources

2.8.4. Creating an installation source on an NFS server

Follow the steps in this procedure to place the installation source on an NFS server. Use this installation method to install multiple systems from a single source, without having to connect to physical media.

Prerequisites

  • You have administor level access to a server with Red Hat Enterprise Linux8, and this server is on the same network as the system to be installed.
  • You have downloaded a Binary DVD image. See Downloading the installation ISO image from the Performing a standard RHEL installation document for more information.
  • You have created a bootable CD, DVD, or USB device from the image file. See Creating installation media from the Performing a standard RHEL installation document for more information.
  • You have verified that your firewall allows the system you are installing to access the remote installation source. See Ports for network-based installation from the Performing a standard RHEL installation document for more information.

Procedure

  1. Install the nfs-utils package:

    # yum install nfs-utils
  2. Copy the Binary DVD ISO image to a directory on the NFS server.
  3. Open the /etc/exports file using a text editor and add a line with the following syntax:

    /exported_directory/ clients
  4. Replace /exported_directory/ with the full path to the directory with the ISO image. Replace clients with the host name or IP address of the target system, the subnetwork that all target systems can use to access the ISO image, or the asterisk sign (*) if you want to allow any system with network access to the NFS server to use the ISO image. See the exports(5) man page for detailed information about the format of this field.

    A basic configuration that makes the /rhel8-install/ directory available as read-only to all clients is:

    /rhel8-install *
  5. Save the /etc/exports file and exit the text editor.
  6. Start the nfs service:

    # systemctl start nfs-server.service

    If the service was running before you changed the /etc/exports file, run the following command for the running NFS server to reload its configuration:

    # systemctl reload nfs-server.service

    The ISO image is now accessible over NFS and ready to be used as an installation source.

Note

When configuring the installation source, use nfs: as the protocol, the server host name or IP address, the colon sign (:), and the directory holding the ISO image. For example, if the server host name is myserver.example.com and you have saved the ISO image in /rhel8-install/, specify nfs:myserver.example.com:/rhel8-install/ as the installation source.

2.8.5. Creating an installation source using HTTP or HTTPS

Follow the steps in this procedure to create an installation source for a network-based installation using an installation tree, which is a directory containing extracted contents of the Binary DVD ISO image and a valid .treeinfo file. The installation source is accessed over HTTP or HTTPS.

Prerequisites

  • You have administrator level access to a server with Red Hat Enterprise Linux8, and this server is on the same network as the system to be installed.
  • You have downloaded a Binary DVD image. See Downloading the installation ISO image from the Performing a standard RHEL installation document for more information.
  • You have created a bootable CD, DVD, or USB device from the image file. See Creating installation media from the Performing a standard RHEL installation document for more information.
  • You have verified that your firewall allows the system you are installing to access the remote installation source. See Ports for network-based installation from the Performing a standard RHEL installation document for more information.

Procedure

  1. Install the httpd package:

    # yum install httpd
    Warning

    If your Apache web server configuration enables SSL security, verify that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1232413 for details.

    Important

    If you use an HTTPS server with a self-signed certificate, you must boot the installation program with the noverifyssl option.

  2. Copy the Binary DVD ISO image to the HTTP(S) server.
  3. Mount the Binary DVD ISO image, using the mount command, to a suitable directory:

    # mkdir /mnt/rhel8-install/
    # mount -o loop,ro -t iso9660 /image_directory/image.iso /mnt/rhel8-install/

    Replace /image_directory/image.iso with the path to the Binary DVD ISO image.

  4. Copy the files from the mounted image to the HTTP(S) server root. This command creates the /var/www/html/rhel8-install/ directory with the contents of the image.

    # cp -r /mnt/rhel8-install/ /var/www/html/

    This command creates the /var/www/html/rhel8-install/ directory with the content of the image. Note that some copying methods can skip the .treeinfo file which is required for a valid installation source. Running the cp command for whole directories as shown in this procedure will copy .treeinfo correctly.

  5. Start the httpd service:

    # systemctl start httpd.service

    The installation tree is now accessible and ready to be used as the installation source.

    Note

    When configuring the installation source, use http:// or https:// as the protocol, the server host name or IP address, and the directory that contains the files from the ISO image, relative to the HTTP server root. For example, if you are using HTTP, the server host name is myserver.example.com, and you have copied the files from the image to /var/www/html/rhel8-install/, specify http://myserver.example.com/rhel8-install/ as the installation source.

2.8.6. Creating an installation source using FTP

Follow the steps in this procedure to create an installation source for a network-based installation using an installation tree, which is a directory containing extracted contents of the Binary DVD ISO image and a valid .treeinfo file. The installation source is accessed over FTP.

Prerequisites

  • You have administor level access to a server with Red Hat Enterprise Linux8, and this server is on the same network as the system to be installed.
  • You have downloaded a Binary DVD image. See Downloading the installation ISO image from the Performing a standard RHEL installation document for more information.
  • You have created a bootable CD, DVD, or USB device from the image file. See Creating installation media from the Performing a standard RHEL installation document for more information.
  • You have verified that your firewall allows the system you are installing to access the remote installation source. See Ports for network-based installation from the Performing a standard RHEL installation document for more information.

Procedure

  1. Install the vsftpd package by running the following command as root:

    # yum install vsftpd
  2. Open and edit the /etc/vsftpd/vsftpd.conf configuration file in a text editor.

    1. Change the line anonymous_enable=NO to anonymous_enable=YES
    2. Change the line write_enable=YES to write_enable=NO.
    3. Add lines pasv_min_port=min_port and pasv_max_port=max_port. Replace min_port and max_port with the port number range used by FTP server in passive mode, e. g. 10021 and 10031.

      This step can be necessary in network environments featuring various firewall/NAT setups.

    4. Optionally, add custom changes to your configuration. For available options, see the vsftpd.conf(5) man page. This procedure assumes that default options are used.

      Warning

      If you configured SSL/TLS security in your vsftpd.conf file, ensure that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1234773 for details.

  3. Configure the server firewall.

    1. Enable the firewall:

      # systemctl enable firewalld
      # systemctl start firewalld
    2. Enable in your firewall the FTP port and port range from previous step:

      # firewall-cmd --add-port min_port-max_port/tcp --permanent
      # firewall-cmd --add-service ftp --permanent
      # firewall-cmd --reload

      Replace min_port-max_port with the port numbers you entered into the /etc/vsftpd/vsftpd.conf configuration file.

  4. Copy the Binary DVD ISO image to the FTP server.
  5. Mount the Binary DVD ISO image, using the mount command, to a suitable directory:

    # mkdir /mnt/rhel8-install
    # mount -o loop,ro -t iso9660 /image-directory/image.iso /mnt/rhel8-install

    Replace /image-directory/image.iso with the path to the Binary DVD ISO image.

  6. Copy the files from the mounted image to the FTP server root:

    # mkdir /var/ftp/rhel8-install
    # cp -r /mnt/rhel8-install/ /var/ftp/

    This command creates the /var/ftp/rhel8-install/ directory with the content of the image. Note that some copying methods can skip the .treeinfo file which is required for a valid installation source. Running the cp command for whole directories as shown in this procedure will copy .treeinfo correctly.

  7. Make sure that the correct SELinux context and access mode is set on the copied content:

    # restorecon -r /var/ftp/rhel8-install
    # find /var/ftp/rhel8-install -type f -exec chmod 444 {} \;
    # find /var/ftp/rhel8-install -type d -exec chmod 755 {} \;
  8. Start the vsftpd service:

    # systemctl start vsftpd.service

    If the service was running before you changed the /etc/vsftpd/vsftpd.conf file, restart the service to load the edited file:

    # systemctl restart vsftpd.service

    Enable the vsftpd service to start during the boot process:

    # systemctl enable vsftpd

    The installation tree is now accessible and ready to be used as the installation source.

    Note

    When configuring the installation source, use ftp:// as the protocol, the server host name or IP address, and the directory in which you have stored the files from the ISO image, relative to the FTP server root. For example, if the server host name is myserver.example.com and you have copied the files from the image to /var/ftp/rhel8-install/, specify ftp://myserver.example.com/rhel8-install/ as the installation source.

Chapter 3. Getting started

To get started with the installation, first review the boot menu and the available boot options. Then, depending on the choice you make, proceed to boot the installation.

3.1. Booting the installation

After you have created bootable media you are ready to boot the Red Hat Enterprise Linux installation.

3.1.1. Boot menu

The Red Hat Enterprise Linux boot menu is displayed using GRand Unified Bootloader version 2 (GRUB2) when your system has completed loading the boot media.

Figure 3.1. Red Hat Enterprise Linux boot menu

Boot menu window.

The boot menu provides several options in addition to launching the installation program. If you do not make a selection within 60 seconds, the default boot option (highlighted in white) is run. To select a different option, use the arrow keys on your keyboard to make your selection and press the Enter key.

You can customize boot options for a particular menu entry:

  • On BIOS-based systems: Press the Tab key and add custom boot options to the command line. You can also access the boot: prompt by pressing the Esc key but no required boot options are preset. In this scenario, you must always specify the Linux option before using any other boot options.
  • On UEFI-based systems: Press the e key and add custom boot options to the command line. When ready press Ctrl+X to boot the modified option.

Table 3.1. Boot menu options

Boot menu optionDescription

Install Red Hat Enterprise Linux 8

Use this option to install Red Hat Enterprise Linux using the graphical installation program. For more information, see Section 3.2, “Installing RHEL using an ISO image from the Customer Portal”

Test this media & install Red Hat Enterprise Linux 8

Use this option to check the integrity of the installation media. For more information, see Section B.4, “Verifying boot media”

Troubleshooting >

Use this option to resolve various installation issues. Press Enter to display its contents.

Table 3.2. Troubleshooting options

Troubleshooting optionDescription

Troubleshooting > Install Red Hat Enterprise Linux 8 in basic graphics mode

Use this option to install Red Hat Enterprise Linux in graphical mode even if the installation program is unable to load the correct driver for your video card. If your screen is distorted when using the Install Red Hat Enterprise Linux 8 option, restart your system and use this option. For more information, see Section B.7, “Display settings and device drivers”

Troubleshooting > Rescue a Red Hat Enterprise Linux system

Use this option to repair any issues that prevent you from booting. For more information, see Section C.10, “Using rescue mode”

Troubleshooting > Run a memory test

Use this option to run a memory test on your system. Press Enter to display its contents. For more information, see see Section B.3, “Detecting memory faults using the Memtest86 application”

Troubleshooting > Boot from local drive

Use this option to boot the system from the first installed disk. If you booted this disk accidentally, use this option to boot from the hard disk immediately without starting the installation program.

3.1.2. Types of boot options

There are two types of boot options; those with an equals "=" sign, and those without an equals "=" sign. Boot options are appended to the boot command line and multiple options must be separated by a single space. Boot options that are specific to the installation program always start with inst.

Options with an equals "=" sign
You must specify a value for boot options that use the = symbol. For example, the inst.vncpassword= option must contain a value, in this case, a password. The correct syntax for this example is inst.vncpassword=password.
Options without an equals "=" sign
This boot option does not accept any values or parameters. For example, the rd.live.check option forces the installation program to verify the installation media before starting the installation. If this boot option is present, the verification is performed; if the boot option is not present, the verification is skipped.

3.1.3. Editing boot options

This section contains information about the different ways that you can edit boot options from the boot menu. The boot menu opens after you boot the installation media.

Editing the boot: prompt in BIOS

When using the boot: prompt, the first option must always specify the installation program image file that you want to load. In most cases, you can specify the image using the keyword. You can specify additional options according to your requirements.

Prerequisites

  • You have created bootable installation media (USB, CD or DVD).
  • You have booted the installation from the media, and the installation boot menu is open.

Procedure

  1. With the boot menu open, press the Esc key on your keyboard.
  2. The boot: prompt is now accessible.
  3. Press the Tab key on your keyboard to display the help commands.
  4. Press the Enter key on your keyboard to start the installation with your options. To return from the boot: prompt to the boot menu, restart the system and boot from the installation media again.
Note

The boot: prompt also accepts dracut kernel options. A list of options is available in the dracut.cmdline(7) man page.

Editing the > prompt

You can use the > prompt to edit predefined boot options. For example, select Test this media and install Red Hat Enterprise Linux 8.1 from the boot menu to display a full set of options.

Note

This procedure is for BIOS-based AMD64 and Intel 64 systems.

Prerequisites

  • You have created bootable installation media (USB, CD or DVD).
  • You have booted the installation from the media, and the installation boot menu is open.

Procedure

  1. From the boot menu, select an option and press the Tab key on your keyboard. The > prompt is accessible and displays the available options.
  2. Append the options that you require to the > prompt.
  3. Press the Enter key on your keyboard to start the installation.
  4. Press the Esc key on your keyboard to cancel editing and return to the boot menu.
Editing the GRUB2 menu

The GRUB2 menu is available on UEFI-based AMD64, Intel 64, and 64-bit ARM systems.

Prerequisites

  • You have created bootable installation media (USB, CD or DVD).
  • You have booted the installation from the media, and the installation boot menu is open.

Procedure

  1. From the boot menu window, select the required option and press the e key on your keyboard.
  2. Move the cursor to the kernel command line. On UEFI systems, the kernel command line starts with linuxefi.
  3. Move the cursor to the end of the linuxefi kernel command line.
  4. Edit the parameters as required. For example, to configure one or more network interfaces, add the ip= parameter at the end of the linuxefi kernel command line, followed by the required value.
  5. When you finish editing, press Ctrl+X on your keyboard to start the installation using the specified options.

3.1.4. Booting the installation from a USB, CD, or DVD

Follow the steps in this procedure to boot the Red Hat Enterprise Linux installation using a USB, CD, or DVD. The following steps are generic. Consult your hardware manufacturer’s documentation for specific instructions.

Prerequisite

You have created bootable installation media (USB, CD or DVD). See Creating a bootable DVD or CD for more information.

Procedure

  1. Power off the system to which you are installing Red Hat Enterprise Linux.
  2. Disconnect any drives from the system.
  3. Power on the system.
  4. Insert the bootable installation media (USB, DVD, or CD).
  5. Power off the system but do not remove the boot media.
  6. Power on the system.

    Note

    You might need to press a specific key or combination of keys to boot from the media or configure the Basic Input/Output System (BIOS) of your system to boot from the media. For more information, see the documentation that came with your system.

  7. The Red Hat Enterprise Linux boot window opens and displays information about a variety of available boot options.
  8. Use the arrow keys on your keyboard to select the boot option that you require, and press Enter to select the boot option. The Welcome to Red Hat Enterprise Linux window opens and you can install Red Hat Enterprise Linux using the graphical user interface.

    Note

    The installation program automatically begins if no action is performed in the boot window within 60 seconds.

  9. Optionally, edit the available boot options:

    1. UEFI-based systems: Press E to enter edit mode. Change the predefined command line to add or remove boot options. Press Enter to confirm your choice.
    2. BIOS-based systems: Press the Tab key on your keyboard to enter edit mode. Change the predefined command line to add or remove boot options. Press Enter to confirm your choice.

3.1.5. Booting the installation from a network using PXE

When installing Red Hat Enterprise Linux on a large number of systems simultaneously, the best approach is to boot from a PXE server and install from a source in a shared network location. Follow the steps in this procedure to boot the Red Hat Enterprise Linux installation from a network using PXE.

Note

To boot the installation process from a network using PXE, you must use a physical network connection, for example, Ethernet. You cannot boot the installation process with a wireless connection.

Prerequisites

  • You have configured a TFTP server, and there is a network interface in your system that supports PXE. See Additional resources for more information.
  • You have configured your system to boot from the network interface. This option is in the BIOS, and can be labeled Network Boot or Boot Services.
  • You have verified that the BIOS is configured to boot from the specified network interface. Some BIOS systems specify the network interface as a possible boot device, but do not support the PXE standard. See your hardware’s documentation for more information. When you have properly enabled PXE booting, the system can boot the Red Hat Enterprise Linux installation program without any other media.

Procedure

  1. Verify that the network cable is attached. The link indicator light on the network socket should be lit, even if the computer is not switched on.
  2. Switch on the system.

    Depending on your hardware, some network setup and diagnostic information can be displayed before your system connects to a PXE server. When connected, a menu is displayed according to the PXE server configuration.

  3. Press the number key that corresponds to the option that you require.

    Note

    In some instances, boot options are not displayed. If this occurs, press the Enter key on your keyboard or wait until the boot window opens.

    The Red Hat Enterprise Linux boot window opens and displays information about a variety of available boot options.

  4. Use the arrow keys on your keyboard to select the boot option that you require, and press Enter to select the boot option. The Welcome to Red Hat Enterprise Linux window opens and you can install Red Hat Enterprise Linux using the graphical user interface.

    Note

    The installation program automatically begins if no action is performed in the boot window within 60 seconds.

  5. Optionally, edit the available boot options:

    1. UEFI-based systems: Press E to enter edit mode. Change the predefined command line to add or remove boot options. Press Enter to confirm your choice.
    2. BIOS-based systems: Press the Tab key on your keyboard to enter edit mode. Change the predefined command line to add or remove boot options. Press Enter to confirm your choice.

Additional Resources

  • For information about how to prepare to install Red Hat Enterprise Linux from the network using PXE, see the Performing an advanced RHEL installation document.
  • Refer to the Boot Options Reference for more information about the list of available boot options you can use on the boot command line.

3.2. Installing RHEL using an ISO image from the Customer Portal

Use this procedure to install RHEL using a Binary DVD ISO image that you downloaded from the Customer Portal. The steps provide instructions to follow the RHEL Installation Program.

Warning

When performing a GUI installation using the Binary DVD ISO image file, a race condition in the installer can sometimes prevent the installation from proceeding until you register the system using the Connect to Red Hat feature. For more information, see BZ#1823578 in the Known Issues section of the RHEL 8.2 Release Notes document.

Prerequisites

  • You have downloaded the Binary DVD ISO image file from the Customer Portal.
  • You have created bootable installation media.
  • You have booted the installation program and the boot menu is displayed.

Procedure

  1. From the boot menu, select Install Red Hat Enterprise Linux 8, and press Enter on your keyboard.
  2. In the Welcome to Red Hat Enterprise Linux 8 window, select your language and location, and click Continue. The Installation Summary window opens and displays the default values for each setting.
  3. Select System > Installation Destination, and in the Local Standard Disks pane, select the target disk and then click Done. The default settings are selected for the storage configuration. For more information about customizing the storage settings, see Section 4.4, “Configuring software options”, Section 4.5, “Configuring storage devices”, Section 4.6, “Configuring manual partitioning”.
  4. Select System > Network & Host Name. The Network and Hostname window opens.
  5. In the Network and Hostname window, toggle the Ethernet switch to ON, and then click Done. The installer connects to an available network and configures the devices available on the network. If required, from the list of networks available, you can choose a desired network and configure the devices that are available on that network. For more information about configuring a network or network devices, see Section 4.3.3, “Configuring network and host name options”.
  6. Select User Settings > Root Password. The Root Password window opens.
  7. In the Root Password window, type the password that you want to set for the root account, and then click Done. A root password is required to finish the installation process and to log in to the system administrator user account. For more details about the requirements and recommendations for creating a password, see Section 4.7, “Configuring a root password”.
  8. Optional: Select User Settings > User Creation to create a user account for the installation process to complete. In place of the root account, you can use this user account to perform any system administrative tasks.
  9. In the Create User window, perform the following, and then click Done.

    1. Type a name and user name for the account that you want to create.
    2. Select the Make this user administrator and the Require a password to use this account check boxes. The installation program adds the user to the wheel group, and creates a password protected user account with default settings. It is recommended to create a password protected administrative user account. For more information about editing the default settings for a user account, see Section 4.8, “Creating a user account”.
  10. Click Begin Installation to start the installation, and wait for the installation to complete. It might take a few minutes.
  11. When the installation process is complete, click Reboot to restart the system.
  12. Remove any installation media if it is not ejected automatically upon reboot.

    Red Hat Enterprise Linux8 starts after your system’s normal power-up sequence is complete. If your system was installed on a workstation with the X Window System, applications to configure your system are launched. These applications guide you through initial configuration and you can set your system time and date, register your system with Red Hat, and more. If the X Window System is not installed, a login: prompt is displayed.

    Note

    If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list.

  13. From the Initial Setup window, accept the licensing agreement and register your system.

Additional resources

3.3. Registering and installing RHEL from the CDN using the GUI

This section contains information about how to register your system, attach RHEL subscriptions, and install RHEL from the Red Hat Content Delivery Network (CDN) using the GUI.

3.3.1. What is the Content Delivery Network

The Red Hat Content Delivery Network (CDN), available from cdn.redhat.com, is a geographically distributed series of static web servers that contain content and errata that is consumed by systems. The content can be consumed directly, such as using a system registered to Red Hat Subscription Management. The CDN is protected by x.509 certificate authentication to ensure that only valid users have access. When a system is registered to Red Hat Subscription Management, the attached subscriptions govern which subset of the CDN the system can access.

Registering and installing RHEL from the CDN provides the following benefits:

  • The CDN installation method supports the Boot ISO and the Binary DVD ISO image files. However, the use of the smaller Boot ISO image file is recommended as it consumes less space than the larger Binary DVD ISO image file.
  • The CDN uses the latest packages resulting in a fully up-to-date system right after installation. There is no requirement to install package updates immediately after installation as is often the case when using the Binary DVD ISO image file.
  • Integrated support for connecting to Red Hat Insights and enabling System Purpose.

Registering and installing RHEL from the CDN is supported by the GUI and Kickstart. For information about how to register and install RHEL using the GUI, see the Performing a standard RHEL installation document. For information about how to register and install RHEL using Kickstart, see the Performing an advanced RHEL installation document.

3.3.2. Registering and installing RHEL from the CDN

Use this procedure to register your system, attach RHEL subscriptions, and install RHEL from the Red Hat Content Delivery Network (CDN) using the GUI.

Important

The CDN feature is supported by the Boot ISO and Binary DVD ISO image files. However, it is recommended that you use the Boot ISO image file as the installation source defaults to CDN for the Boot ISO image file.

Prerequisites

  • Your system is connected to a network that can access the CDN.
  • You have downloaded the Boot ISO image file from the Customer Portal.
  • You have created bootable installation media.
  • You have booted the installation program and the boot menu is displayed. Note that the installation repository used after system registration is dependent on how the system was booted.

Procedure

  1. From the boot menu, select Install Red Hat Enterprise Linux 8, and press Enter on your keyboard.
  2. In the Welcome to Red Hat Enterprise Linux 8 window, select your language and location, and click Continue. The Installation Summary window opens and displays the default values for each setting.
  3. Select System > Installation Destination, and in the Local Standard Disks pane, select the target disk and then click Done. The default settings are selected for the storage configuration. For more information about customizing the storage settings, see Section 4.4, “Configuring software options”, Section 4.5, “Configuring storage devices”, Section 4.6, “Configuring manual partitioning”.
  4. Select System > Network & Host Name. The Network and Hostname window opens.
  5. In the Network and Hostname window, toggle the Ethernet switch to ON, and then click Done. The installer connects to an available network and configures the devices available on the network. If required, from the list of networks available, you can choose a desired network and configure the devices that are available on that network. For more information about configuring a network or network devices, see Section 4.3.3, “Configuring network and host name options”.
  6. Select Software > Connect to Red Hat. The Connect to Red Hat window opens.
  7. In the Connect to Red Hat window, perform the following steps:

    1. Select the Authentication method, and provide the details based on the method you select.

      For Account authentication method: Enter your Red Hat Customer Portal username and password details.

      For Activation Key authentication method: Enter your organization ID and activation key. You can enter more than one activation key, separated by a comma, as long as the activation keys are registered to your subscription.

    2. Select the Set System Purpose check box, and then select the required Role, SLA, and Usage from the corresponding drop-down lists.

      With System Purpose you can record the intended use of a Red Hat Enterprise Linux 8 system, and ensure that the entitlement server auto-attaches the most appropriate subscription to your system.

    3. The Connect to Red Hat Insights check box is enabled by default. Clear the check box if you do not want to connect to Red Hat Insights.

      Red Hat Insights is a Software-as-a-Service (SaaS) offering that provides continuous, in-depth analysis of registered Red Hat-based systems to proactively identify threats to security, performance and stability across physical, virtual and cloud environments, and container deployments.

    4. Optionally, expand Options, and select the network communication type.

      • Select the Use HTTP proxy check box if your network environment allows external Internet access only or accesses the content servers through an HTTP proxy.
      • If you are running Satellite Server or performing internal testing, select the Custom server URL and Custom base URL check boxes and enter the required details.

        The Custom server URL field does not require the HTTP protocol, for example nameofhost.com. However, the Custom base URL field requires the HTTP protocol. To change the Custom base URL after registration, you must unregister, provide the new details, and then re-register.

    5. Click Register. When the system is successfully registered and subscriptions are attached, the Connect to Red Hat window displays the attached subscription details.

      Depending on the amount of subscriptions, the registration and attachment process might take up to a minute to complete.

    6. Click Done.

      A Registered message is displayed under Connect to Red Hat.

  8. Select User Settings > Root Password. The Root Password window opens.
  9. In the Root Password window, type the password that you want to set for the root account, and then click Done. A root password is required to finish the installation process and to log in to the system administrator user account. For more details about the requirements and recommendations for creating a password, see Section 4.7, “Configuring a root password”.
  10. Optional: Select User Settings > User Creation to create a user account for the installation process to complete. In place of the root account, you can use this user account to perform any system administrative tasks.
  11. In the Create User window, perform the following, and then click Done.

    1. Type a name and user name for the account that you want to create.
    2. Select the Make this user administrator and the Require a password to use this account check boxes. The installation program adds the user to the wheel group, and creates a password protected user account with default settings. It is recommended to create a password protected administrative user account. For more information about editing the default settings for a user account, see Section 4.8, “Creating a user account”.
  12. Click Begin Installation to start the installation, and wait for the installation to complete. It might take a few minutes.
  13. When the installation process is complete, click Reboot to restart the system.
  14. Remove any installation media if it is not ejected automatically upon reboot.

    Red Hat Enterprise Linux8 starts after your system’s normal power-up sequence is complete. If your system was installed on a workstation with the X Window System, applications to configure your system are launched. These applications guide you through initial configuration and you can set your system time and date, register your system with Red Hat, and more. If the X Window System is not installed, a login: prompt is displayed.

    Note

    If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list.

  15. From the Initial Setup window, accept the licensing agreement and register your system.

Additional resources

3.3.2.1. Installation source repository after system registration

The installation source repository used after system registration is dependent on how the system was booted.

System booted from the Boot ISO or the Binary DVD ISO image file
If you booted the RHEL installation using either the Boot ISO or the Binary DVD ISO image file with the default boot parameters, the installation program automatically switches the installation source repository to the CDN after registration.
System booted with the inst.repo=<URL> boot parameter
If you booted the RHEL installation with the inst.repo=<URL> boot parameter, the installation program does not automatically switch the installation source repository to the CDN after registration. If you want to use the CDN to install RHEL, you must manually switch the installation source repository to the CDN by selecting the Red Hat CDN option in the Installation Source window of the graphical installation. If you do not manually switch to the CDN, the installation program installs the packages from the repository specified on the kernel command line.
Important
  • You can switch the installation source repository to the CDN using the rhsm Kickstart command only if you do not specify an installation source using inst.repo= on the kernel command line or the url command in the Kickstart file. You must use inst.stage2=<URL> on the kernel command line to fetch the installation image, but not specify the installation source.
  • An installation source URL specified using a boot option or included in a Kickstart file takes precedence over the CDN, even if the Kickstart file contains the rhsm command with valid credentials. The system is registered, but it is installed from the URL installation source. This ensures that earlier installation processes operate as normal.

3.3.3. Verifying your system registration from the CDN

Use this procedure to verify that your system is registered to the CDN using the GUI.

Warning

You can only verify your registration from the CDN if you have not clicked the Begin Installation button from the Installation Summary window. Once the Begin Installation button is clicked, you cannot return to the Installation Summary window to verify your registration.

Prerequisite

Procedure

  1. From the Installation Summary window, select Connect to Red Hat.
  2. The window opens and displays a registration summary:

    Method
    The registered account name or activation keys are displayed.
    System Purpose
    If set, the role, SLA, and usage details are displayed.
    Insights
    If enabled, the Insights details are displayed.
    Number of subscriptions
    The number of subscriptions attached are displayed.
  3. Verify that the registration summary matches the details that were entered.

3.3.4. Unregistering your system from the CDN

Use this procedure to unregister your system from the CDN using the GUI.

Warning
  • You can unregister from the CDN if you have not clicked the Begin Installation button from the Installation Summary window. Once the Begin Installation button is clicked, you cannot return to the Installation Summary window to unregister your registration.
  • When unregistering, the installation program switches to the first available repository, in the following order:

    1. The URL used in the inst.repo=<URL> boot parameter on the kernel command line.
    2. An automatically detected repository on the installation media (USB or DVD).

Prerequisite

Procedure

  1. From the Installation Summary window, select Connect to Red Hat.
  2. The Connect to Red Hat window opens and displays a registration summary:

    Method
    The registered account name or activation keys used are displayed.
    System Purpose
    If set, the role, SLA, and usage details are displayed.
    Insights
    If enabled, the Insights details are displayed.
    Number of subscriptions
    The number of subscriptions attached are displayed.
  3. Click Unregister to remove the registration from the CDN. The original registration details are displayed with a Not registered message displayed in the lower-middle part of the window.
  4. Click Done to return to the Installation Summary window.
  5. Connect to Red Hat displays a Not registered message, and Software Selection displays a Red Hat CDN requires registration message.
Note

After unregistering, it is possible to register your system again. Click Connect to Red Hat. The previously entered details are populated. Edit the original details, or update the fields based on the account, purpose, and connection. Click Register to complete.

3.4. Completing the installation

Wait for the installation to complete. It might take a few minutes.

After the installation is complete, remove any installation media if it is not ejected automatically upon reboot.

Red Hat Enterprise Linux 8 starts after your system’s normal power-up sequence is complete. If your system was installed on a workstation with the X Window System, applications to configure your system are launched. These applications guide you through initial configuration and you can set your system time and date, register your system with Red Hat, and more. If the X Window System is not installed, a login: prompt is displayed.

To learn how to complete initial setup, register, and secure your system, see the Completing post-installation tasks section of the Performing a standard RHEL installation document.

Chapter 4. Customizing your installation

When installing Red Hat Enterprise Linux, you can customize location, software, and system settings and parameters, using the Installation Summary window.

The Installation Summary window contains the following categories:

  • LOCALIZATION: You can configure Keyboard, Language Support, and Time and Date.
  • SOFTWARE: You can configure Connect to Red Hat, Installation Source, and Software Selection.
  • SYSTEM: You can configure Installation Destination, KDUMP, Network and Host Name, and Security Policy.
  • USER SETTINGS: You can configure a root password to log in to the administrator account that is used for system administration tasks, and create a user account to login to the system.

A category has a different status depending on where it is in the installation program.

Table 4.1. Category status

Category statusStatusDescription

Warning symbol type 1

Yellow triangle with an exclamation mark and red text

Requires attention before installation. For example, Network & Host Name requires attention before you can register and download from the Content Delivery Network (CDN).

Warning symbol type 2

Grayed out and with a warning symbol (yellow triangle with an exclamation mark)

The installation program is configuring a category and you must wait for it to finish before accessing the window.

Note

A warning message is displayed at the bottom of the Installation Summary window and the Begin Installation button is disabled until you configure all of the required categories.

This section contains information about customizing your Red Hat Enterprise Linux installation using the Graphical User Interface (GUI). The GUI is the preferred method of installing Red Hat Enterprise Linux when you boot the system from a CD, DVD, or USB flash drive, or from a network using PXE.

Note

There may be some variance between the online help and the content that is published on the Customer Portal. For the latest updates, see the installation content on the Customer Portal.

4.1. Configuring language and location settings

The installation program uses the language that you selected during installation.

Prerequisites

  1. You created installation media.
  2. You specified an installation source if you are using the Boot ISO image file.
  3. You booted the installation.

Procedure

  1. From the left-hand pane of the Welcome to Red Hat Enterprise Linux window, select a language. Alternatively, type your preferred language into the Search field.

    Note

    A language is pre-selected by default. If network access is configured, that is, if you booted from a network server instead of local media, the pre-selected language is determined by the automatic location detection feature of the GeoIP module. If you used the inst.lang= option on the boot command line or in your PXE server configuration, then the language that you define with the boot option is selected.

  2. From the right-hand pane of the Welcome to Red Hat Enterprise Linux window, select a location specific to your region.
  3. Click Continue to proceed to the Chapter 4, Customizing your installation window.

    Important

    If you are installing a pre-release version of Red Hat Enterprise Linux, a warning message is displayed about the pre-release status of the installation media. Click I want to proceed to continue with the installation, or I want to exit to quit the installation and reboot the system.

Additional resources

For information about how to change language and location settings during the installation program, see Section 4.2, “Configuring localization options”

4.2. Configuring localization options

This section contains information about configuring your keyboard, language support, and time and date settings.

Important

If you use a layout that cannot accept Latin characters, such as Russian, add the English (United States) layout and configure a keyboard combination to switch between the two layouts. If you select a layout that does not have Latin characters, you might be unable to enter a valid root password and user credentials later in the installation process. This might prevent you from completing the installation.

4.2.1. Configuring keyboard, language, and time and date settings

Note

Keyboard, Language, and Time and Date Settings are configured by default as part of Section 4.1, “Configuring language and location settings”. To change any of the settings, complete the following steps, otherwise proceed to Section 4.4, “Configuring software options”.

Procedure: Configuring keyboard settings

  1. From the Installation Summary window, click Keyboard. The default layout depends on the option selected in Section 4.1, “Configuring language and location settings”.

    1. Click + to open the Add a Keyboard Layout window and change to a different layout.
    2. Select a layout by browsing the list or use the Search field.
    3. Select the required layout and click Add. The new layout appears under the default layout.
    4. Click Options to optionally configure a keyboard switch that you can use to cycle between available layouts. The Layout Switching Options window opens.
    5. To configure key combinations for switching, select one or more key combinations and click OK to confirm your selection.

      Note

      When you select a layout, click the Keyboard button to open a new dialog box that displays a visual representation of the selected layout.

    6. Click Done to apply the settings and return to Chapter 4, Customizing your installation.

Procedure: Configuring language settings

  1. From the Installation Summary window, click Language Support. The Language Support window opens. The left pane lists the available language groups. If at least one language from a group is configured, a check mark is displayed and the supported language is highlighted.

    1. From the left pane, click a group to select additional languages, and from the right pane, select regional options. Repeat this process for languages that you require.
    2. Click Done to apply the changes and return to Chapter 4, Customizing your installation.

Procedure: Configuring time and date settings

  1. From the Installation Summary window, click Time & Date. The Time & Date window opens.

    Note

    The Time & Date settings are configured by default based on the settings you selected in Section 4.1, “Configuring language and location settings”.

    The list of cities and regions come from the Time Zone Database (tzdata) public domain that is maintained by the Internet Assigned Numbers Authority (IANA). Red Hat can not add cities or regions to this database. You can find more information at the IANA official website.

    1. From the Region drop-down menu, select a region.

      Note

      Select Etc as your region to configure a time zone relative to Greenwich Mean Time (GMT) without setting your location to a specific region.

    2. From the City drop-down menu, select the city, or the city closest to your location in the same time zone.
    3. Toggle the Network Time switch to enable or disable network time synchronization using the Network Time Protocol (NTP).

      Note

      Enabling the Network Time switch keeps your system time correct as long as the system can access the internet. By default, one NTP pool is configured; you can add a new option, or disable or remove the default options by clicking the gear wheel button next to the Network Time switch.

    4. Click Done to apply the changes and return to Chapter 4, Customizing your installation.

      Note

      If you disable network time synchronization, the controls at the bottom of the window become active, allowing you to set the time and date manually.

4.3. Configuring system options

This section contains information about configuring Installation Destination, KDUMP, Network and Host Name, Security Policy, and System Purpose.

4.3.1. Configuring installation destination

Use the Installation Destination window to configure the storage options, for example, the disks that you want to use as the installation target for your Red Hat Enterprise Linux installation. You must select at least one disk.

Warning

Back up your data if you plan to use a disk that already contains data. For example, if you want to shrink an existing Microsoft Windows partition and install Red Hat Enterprise Linux as a second system, or if you are upgrading a previous release of Red Hat Enterprise Linux. Manipulating partitions always carries a risk. For example, if the process is interrupted or fails for any reason data on the disk can be lost.

Important

Special cases

  • Some BIOS types do not support booting from a RAID card. In these instances, the /boot partition must be created on a partition outside of the RAID array, such as on a separate hard drive. It is necessary to use an internal hard drive for partition creation with problematic RAID cards. A /boot partition is also necessary for software RAID setups. If you choose to partition your system automatically, you should manually edit your /boot partition.
  • To configure the Red Hat Enterprise Linux boot loader to chain load from a different boot loader, you must specify the boot drive manually by clicking the Full disk summary and bootloader link from the Installation Destination window.
  • When you install Red Hat Enterprise Linux on a system with both multipath and non-multipath storage devices, the automatic partitioning layout in the installation program creates volume groups that contain a mix of multipath and non-multipath devices. This defeats the purpose of multipath storage. It is recommended that you select either multipath or non-multipath devices on the Installation Destination window. Alternatively, proceed to manual partitioning.

Prerequisite

The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens.

    1. From the Local Standard Disks section, select the storage device that you require; a white check mark indicates your selection. Disks without a white check mark are not used during the installation process; they are ignored if you choose automatic partitioning, and they are not available in manual partitioning.

      Note

      All locally available storage devices (SATA, IDE and SCSI hard drives, USB flash and external disks) are displayed under Local Standard Disks. Any storage devices connected after the installation program has started are not detected. If you use a removable drive to install Red Hat Enterprise Linux, your system is unusable if you remove the device.

    2. Optional: Click the Refresh link in the lower right-hand side of the window if you want to configure additional local storage devices to connect new hard drives. The Rescan Disks dialog box opens.

      Note

      All storage changes that you make during the installation are lost when you click Rescan Disks.

      1. Click Rescan Disks and wait until the scanning process completes.
      2. Click OK to return to the Installation Destination window. All detected disks including any new ones are displayed under the Local Standard Disks section.
  2. Optional: To add a specialized storage device, click Add a disk…​.

    The Storage Device Selection window opens and lists all storage devices that the installation program has access to. For information about how to add a specialized disk, see Section 4.5.3, “Using advanced storage options”.

  3. Optional: Under Storage Configuration, select the Automatic radio button.

    Important

    Automatic partitioning is the recommended method of partitioning your storage. You can also configure custom partitioning, for more details see Section 4.6, “Configuring manual partitioning”

  4. Optional: To reclaim space from an existing partitioning layout, select the I would like to make additional space available check box. For example, if a disk you want to use already contains a different operating system and you want to make this system’s partitions smaller to allow more room for Red Hat Enterprise Linux.
  5. Optional: Select Encrypt my data to encrypt all partitions except the ones needed to boot the system (such as /boot) using Linux Unified Key Setup (LUKS). Encrypting your hard drive is recommended.

    1. Click Done. The Disk Encryption Passphrase dialog box opens.

      1. Type your passphrase in the Passphrase and Confirm fields.
      2. Click Save Passphrase to complete disk encryption.

        Warning

        If you lose the LUKS passphrase, any encrypted partitions and their data is completely inaccessible. There is no way to recover a lost passphrase. However, if you perform a Kickstart installation, you can save encryption passphrases and create backup encryption passphrases during the installation. See the Performing an advanced RHEL installation document for information.

  6. Optional: Click the Full disk summary and bootloader link in the lower left-hand side of the window to select which storage device contains the boot loader. For more information, see Section 4.3.1.1, “Configuring boot loader”.

    Note

    In most cases it is sufficient to leave the boot loader in the default location. Some configurations, for example, systems that require chain loading from another boot loader require the boot drive to be specified manually.

  7. Click Done.

    1. If you selected automatic partitioning and I would like to make additional space available, or if there is not enough free space on your selected hard drives to install Red Hat Enterprise Linux, the Reclaim Disk Space dialog box opens when you click Done, and lists all configured disk devices and all partitions on those devices. The dialog box displays information about how much space the system needs for a minimal installation and how much space you have reclaimed.

      Warning

      If you delete a partition, all data on that partition is lost. If you want to preserve your data, use the Shrink option, not the Delete option.

    2. Review the displayed list of available storage devices. The Reclaimable Space column shows how much space can be reclaimed from each entry.
    3. To reclaim space, select a disk or partition, and click either the Delete button to delete that partition, or all partitions on a selected disk, or click Shrink to use free space on a partition while preserving the existing data.

      Note

      Alternatively, you can click Delete all, this deletes all existing partitions on all disks and makes this space available to Red Hat Enterprise Linux. Existing data on all disks is lost.

    4. Click Reclaim space to apply the changes and return to Chapter 4, Customizing your installation.
Important

No disk changes are made until you click Begin Installation on the Installation Summary window. The Reclaim Space dialog only marks partitions for resizing or deletion; no action is performed.

4.3.1.1. Configuring boot loader

Red Hat Enterprise Linux uses GRand Unified Bootloader version 2 (GRUB2) as the boot loader for AMD64 and Intel 64, IBM Power Systems, and ARM. For IBM Z, the zipl boot loader is used.

The boot loader is the first program that runs when the system starts and is responsible for loading and transferring control to an operating system. GRUB2 can boot any compatible operating system (including Microsoft Windows) and can also use chain loading to transfer control to other boot loaders for unsupported operating systems.

Warning

Installing GRUB2 may overwrite your existing boot loader.

If an operating system is already installed, the Red Hat Enterprise Linux installation program attempts to automatically detect and configure the boot loader to start the other operating system. If the boot loader is not detected, you can manually configure any additional operating systems after you finish the installation.

If you are installing a Red Hat Enterprise Linux system with more than one disk, you might want to manually specify the disk where you want to install the boot loader.

Procedure

  1. From the Installation Destination window, click the Full disk summary and bootloader link. The Selected Disks dialog box opens.

    The boot loader is installed on the device of your choice, or on a UEFI system; the EFI system partition is created on the target device during guided partitioning.

  2. To change the boot device, select a device from the list and click Set as Boot Device. You can set only one device as the boot device.
  3. To disable a new boot loader installation, select the device currently marked for boot and click Do not install boot loader. This ensures GRUB2 is not installed on any device.
Warning

If you choose not to install a boot loader, you cannot boot the system directly and you must use another boot method, such as a standalone commercial boot loader application. Use this option only if you have another way to boot your system.

The boot loader may also require a special partition to be created, depending on if your system uses BIOS or UEFI firmware, or if the boot drive has a GUID Partition Table (GPT) or a Master Boot Record (MBR, also known as msdos) label. If you use automatic partitioning, the installation program creates the partition.

4.3.2. Configuring Kdump

Kdump is a kernel crash-dumping mechanism. In the event of a system crash, Kdump captures the contents of the system memory at the moment of failure. This captured memory can be analyzed to find the cause of the crash. If Kdump is enabled, it must have a small portion of the system’s memory (RAM) reserved to itself. This reserved memory is not accessible to the main kernel.

Procedure

  1. From the Installation Summary window, click Kdump. The Kdump window opens.
  2. Select the Enable kdump check box.
  3. Select either the Automatic or Manual memory reservation setting.

    1. If you select Manual, enter the amount of memory (in megabytes) that you want to reserve in the Memory to be reserved field using the + and - buttons. The Usable System Memory readout below the reservation input field shows how much memory is accessible to your main system after reserving the amount of RAM that you select.
  4. Click Done to apply the settings and return to Chapter 4, Customizing your installation.
Note

The amount of memory that you reserve is determined by your system architecture (AMD64 and Intel 64 have different requirements than IBM Power) as well as the total amount of system memory. In most cases, automatic reservation is satisfactory.

Important

Additional settings, such as the location where kernel crash dumps will be saved, can only be configured after the installation using either the system-config-kdump graphical interface, or manually in the /etc/kdump.conf configuration file.

4.3.3. Configuring network and host name options

Use the Network and Host name window to configure network interfaces. Options that you select here are available both during the installation for tasks such as downloading packages from a remote location, and on the installed system.

Follow the steps in this procedure to configure your network and host name.

Procedure

  1. From the Installation Summary window, click Network and Host Name.
  2. From the list in the left-hand pane, select an interface. The details are displayed in the right-hand pane.
  3. Toggle the ON/OFF switch to enable or disable the selected interface.

    Note

    The installation program automatically detects locally accessible interfaces, and you cannot add or remove them manually.

  4. Click + to add a virtual network interface, which can be either: Team, Bond, Bridge, or VLAN.
  5. Click - to remove a virtual interface.
  6. Click Configure to change settings such as IP addresses, DNS servers, or routing configuration for an existing interface (both virtual and physical).
  7. Type a host name for your system in the Host Name field.

    Note
    • There are several types of network device naming standards used to identify network devices with persistent names, for example, em1 and wl3sp0. For information about these standards, see the Configuring and managing networking document.
    • The host name can be either a fully-qualified domain name (FQDN) in the format hostname.domainname, or a short host name with no domain name. Many networks have a Dynamic Host Configuration Protocol (DHCP) service that automatically supplies connected systems with a domain name. To allow the DHCP service to assign the domain name to this machine, specify only the short host name. The value localhost.localdomain means that no specific static host name for the target system is configured, and the actual host name of the installed system is configured during the processing of the network configuration, for example, by NetworkManager using DHCP or DNS.
  8. Click Apply to apply the host name to the environment.

4.3.3.1. Adding a virtual network interface

Follow the steps in this procedure to add a virtual network interface.

Procedure

  1. From the Network & Host name window, click the + button to add a virtual network interface. The Add a device dialog opens.
  2. Select one of the four available types of virtual interfaces:

    • Bond: NIC (Network Interface Controller) Bonding, a method to bind multiple physical network interfaces together into a single bonded channel.
    • Bridge: Represents NIC Bridging, a method to connect multiple separate networks into one aggregate network.
    • Team: NIC Teaming, a new implementation to aggregate links, designed to provide a small kernel driver to implement the fast handling of packet flows, and various applications to do everything else in user space.
    • Vlan (Virtual LAN): A method to create multiple distinct broadcast domains which are mutually isolated.
  3. Select the interface type and click Add. An editing interface dialog box opens, allowing you to edit any available settings for your chosen interface type. For more information see Section 4.3.3.2, “Editing network interface configuration”.
  4. Click Save to confirm the virtual interface settings and return to the Network & Host name window.
Note

If you need to change the settings of a virtual interface, select the interface and click Configure.

4.3.3.2. Editing network interface configuration

This section contains information about the most important settings for a typical wired connection used during installation. Configuration of other types of networks is broadly similar, although the specific configuration parameters might be different.

Note

On IBM Z, you cannot add a new connection as the network subchannels need to be grouped and set online beforehand, and this is currently done only in the booting phase.

Procedure

  1. To configure a network connection manually, select the interface from the Network and Host name window and click Configure.

    An editing dialog specific to the selected interface opens.

Note

The options present depend on the connection type - the available options are slightly different depending on whether the connection type is a physical interface (wired or wireless network interface controller) or a virtual interface (Bond, Bridge, Team, or Vlan) that was previously configured in Section 4.3.3.1, “Adding a virtual network interface”.

4.3.3.3. Enabling or Disabling the Interface Connection

Follow the steps in this procedure to enable or disable an interface connection.

Procedure

  1. Click the General tab.
  2. Select the Connect automatically with priority check box to enable connection by default. Keep the default priority setting at 0.

    Important
    • When enabled on a wired connection, the system automatically connects during startup or reboot. On a wireless connection, the interface attempts to connect to any known wireless networks in range. For further information about NetworkManager, including the nm-connection-editor tool, see the Configuring and managing networking document.
    • You can enable or disable all users on the system from connecting to this network using the All users may connect to this network option. If you disable this option, only root will be able to connect to this network.
    • It is not possible to only allow a specific user other than root to use this interface, as no other users are created at this point during the installation. If you need a connection for a different user, you must configure it after the installation.
  3. Click Save to apply the changes and return to the Network and Host name window.

4.3.3.4. Setting up Static IPv4 or IPv6 Settings

By default, both IPv4 and IPv6 are set to automatic configuration depending on current network settings. This means that addresses such as the local IP address, DNS address, and other settings are detected automatically when the interface connects to a network. In many cases, this is sufficient, but you can also provide static configuration in the IPv4 Settings and IPv6 Settings tabs. Complete the following steps to configure IPv4 or IPv6 settings:

Procedure

  1. To set static network configuration, navigate to one of the IPv Settings tabs and from the Method drop-down menu, select a method other than Automatic, for example, Manual. The Addresses pane is enabled.

    Note

    In the IPv6 Settings tab, you can also set the method to Ignore to disable IPv6 on this interface.

  2. Click Add and enter your address settings.
  3. Type the IP addresses in the Additional DNS servers field; it accepts one or more IP addresses of DNS servers, for example, 10.0.0.1,10.0.0.8.
  4. Select the Require IPvX addressing for this connection to complete check box.

    Note

    Select this option in the IPv4 Settings or IPv6 Settings tabs to allow this connection only if IPv4 or IPv6 was successful. If this option remains disabled for both IPv4 and IPv6, the interface is able to connect if configuration succeeds on either IP protocol.

  5. Click Save to apply the changes and return to the Network & Host name window.

4.3.3.5. Configuring Routes

Complete the following steps to configure routes.

Procedure

  1. In the IPv4 Settings and IPv6 Settings tabs, click Routes to configure routing settings for a specific IP protocol on an interface. An editing routes dialog specific to the interface opens.
  2. Click Add to add a route.
  3. Select the Ignore automatically obtained routes check box to configure at least one static route and to disable all routes not specifically configured.
  4. Select the Use this connection only for resources on its network check box to prevent the connection from becoming the default route.

    Note

    This option can be selected even if you did not configure any static routes. This route is used only to access certain resources, such as intranet pages that require a local or VPN connection. Another (default) route is used for publicly available resources. Unlike the additional routes configured, this setting is transferred to the installed system. This option is useful only when you configure more than one interface.

  5. Click OK to save your settings and return to the editing routes dialog that is specific to the interface.
  6. Click Save to apply the settings and return to the Network and Host Name window.

4.3.3.6. Additional resources

4.3.4. Configuring Connect to Red Hat

The Red Hat Content Delivery Network (CDN), available from cdn.redhat.com, is a geographically distributed series of static web servers that contain content and errata that is consumed by systems. The content can be consumed directly, such as using a system registered to Red Hat Subscription Management. The CDN is protected by x.509 certificate authentication to ensure that only valid users have access. When a system is registered to Red Hat Subscription Management, the attached subscriptions govern which subset of the CDN the system can access.

Registering and installing RHEL from the CDN provides the following benefits:

  • The CDN installation method supports the Boot ISO and the Binary DVD ISO image files. However, the use of the smaller Boot ISO image file is recommended as it consumes less space than the larger Binary DVD ISO image file.
  • The CDN uses the latest packages resulting in a fully up-to-date system right after installation. There is no requirement to install package updates immediately after installation as is often the case when using the Binary DVD ISO image file.
  • Integrated support for connecting to Red Hat Insights and enabling System Purpose.

4.3.4.1. Introduction to System Purpose

System Purpose is an optional but recommended feature of the Red Hat Enterprise Linux installation. You use System Purpose to record the intended use of a Red Hat Enterprise Linux 8 system, and ensure that the entitlement server auto-attaches the most appropriate subscription to your system.

Benefits include:

  • In-depth system-level information for system administrators and business operations.
  • Reduced overhead when determining why a system was procured and its intended purpose.
  • Improved customer experience of Subscription Manager auto-attach as well as automated discovery and reconciliation of system usage.

You can enter System Purpose data in one of the following ways:

  • During image creation
  • During a GUI installation when using Connect to Red Hat to register your system and attach your Red Hat subscription
  • During a Kickstart installation when using Kickstart automation scripts
  • After installation using the syspurpose command-line (CLI) tool

To record the intended purpose of your system, you can configure the following components of System Purpose. The selected values are used by the entitlement server upon registration to attach the most suitable subscription for your system.

  • Role

    • Red Hat Enterprise Linux Server
    • Red Hat Enterprise Linux Workstation
    • Red Hat Enterprise Linux Compute Node
  • Service Level Agreement

    • Premium
    • Standard
    • Self-Support
  • Usage

    • Production
    • Development/Test
    • Disaster Recovery

Additional resources

4.3.4.2. Configuring Connect to Red Hat options

Use the following procedure to configure the Connect to Red Hat options in the GUI.

Note

You can register to the CDN using either your Red Hat account or your activation key details.

Procedure

  1. Click Account.

    1. Enter your Red Hat Customer Portal username and password details.
  2. Optional: Click Activation Key.

    1. Enter your organization ID and activation key. You can enter more than one activation key, separated by a comma, as long as the activation keys are registered to your subscription.
  3. Select the Set System Purpose check box. System Purpose enables the entitlement server to determine and automatically attach the most appropriate subscription to satisfy the intended use of your RHEL 8 system.

    1. Select the required Role, SLA, and Usage from the corresponding drop-down lists.
  4. The Connect to Red Hat Insights check box is enabled by default. Clear the check box if you do not want to connect to Red Hat Insights.

    Note

    Red Hat Insights is a Software-as-a-Service (SaaS) offering that provides continuous, in-depth analysis of registered Red Hat-based systems to proactively identify threats to security, performance and stability across physical, virtual and cloud environments, and container deployments.

  5. Optional: Expand Options.

    1. Select the Use HTTP proxy check box if your network environment only allows external Internet access or access to content servers through an HTTP proxy. Clear the Use HTTP proxy check box if an HTTP proxy is not used.
    2. If you are running Satellite Server or performing internal testing, select the Custom server URL and Custom base URL check boxes and enter the required details.

      Important
      • The Custom server URL field does not require the HTTP protocol, for example nameofhost.com. However, the Custom base URL field requires the HTTP protocol.
      • To change the Custom base URL after registration, you must unregister, provide the new details, and then re-register.
  6. Click Register to register the system. When the system is successfully registered and subscriptions are attached, the Connect to Red Hat window displays the attached subscription details.

    Note

    Depending on the amount of subscriptions, the registration and attachment process might take up to a minute to complete.

  7. Click Done to return to the Installation Summary window.

    1. A Registered message is displayed under Connect to Red Hat.

4.3.4.3. Installation source repository after system registration

The installation source repository used after system registration is dependent on how the system was booted.

System booted from the Boot ISO or the Binary DVD ISO image file
If you booted the RHEL installation using either the Boot ISO or the Binary DVD ISO image file with the default boot parameters, the installation program automatically switches the installation source repository to the CDN after registration.
System booted with the inst.repo=<URL> boot parameter
If you booted the RHEL installation with the inst.repo=<URL> boot parameter, the installation program does not automatically switch the installation source repository to the CDN after registration. If you want to use the CDN to install RHEL, you must manually switch the installation source repository to the CDN by selecting the Red Hat CDN option in the Installation Source window of the graphical installation. If you do not manually switch to the CDN, the installation program installs the packages from the repository specified on the kernel command line.
Important
  • You can switch the installation source repository to the CDN using the rhsm Kickstart command only if you do not specify an installation source using inst.repo= on the kernel command line or the url command in the Kickstart file. You must use inst.stage2=<URL> on the kernel command line to fetch the installation image, but not specify the installation source.
  • An installation source URL specified using a boot option or included in a Kickstart file takes precedence over the CDN, even if the Kickstart file contains the rhsm command with valid credentials. The system is registered, but it is installed from the URL installation source. This ensures that earlier installation processes operate as normal.

4.3.4.4. Verifying your system registration from the CDN

Use this procedure to verify that your system is registered to the CDN using the GUI.

Warning

You can only verify your registration from the CDN if you have not clicked the Begin Installation button from the Installation Summary window. Once the Begin Installation button is clicked, you cannot return to the Installation Summary window to verify your registration.

Prerequisite

Procedure

  1. From the Installation Summary window, select Connect to Red Hat.
  2. The window opens and displays a registration summary:

    Method
    The registered account name or activation keys are displayed.
    System Purpose
    If set, the role, SLA, and usage details are displayed.
    Insights
    If enabled, the Insights details are displayed.
    Number of subscriptions
    The number of subscriptions attached are displayed.
  3. Verify that the registration summary matches the details that were entered.

4.3.4.5. Unregistering your system from the CDN

Use this procedure to unregister your system from the CDN using the GUI.

Warning
  • You can unregister from the CDN if you have not clicked the Begin Installation button from the Installation Summary window. Once the Begin Installation button is clicked, you cannot return to the Installation Summary window to unregister your registration.
  • When unregistering, the installation program switches to the first available repository, in the following order:

    1. The URL used in the inst.repo=<URL> boot parameter on the kernel command line.
    2. An automatically detected repository on the installation media (USB or DVD).

Prerequisite

Procedure

  1. From the Installation Summary window, select Connect to Red Hat.
  2. The Connect to Red Hat window opens and displays a registration summary:

    Method
    The registered account name or activation keys used are displayed.
    System Purpose
    If set, the role, SLA, and usage details are displayed.
    Insights
    If enabled, the Insights details are displayed.
    Number of subscriptions
    The number of subscriptions attached are displayed.
  3. Click Unregister to remove the registration from the CDN. The original registration details are displayed with a Not registered message displayed in the lower-middle part of the window.
  4. Click Done to return to the Installation Summary window.
  5. Connect to Red Hat displays a Not registered message, and Software Selection displays a Red Hat CDN requires registration message.
Note

After unregistering, it is possible to register your system again. Click Connect to Red Hat. The previously entered details are populated. Edit the original details, or update the fields based on the account, purpose, and connection. Click Register to complete.

4.3.5. Configuring Security Policy

This section contains information about the Red Hat Enterprise Linux 8 security policy and how to configure it for use on your system.

4.3.5.1. About security policy

The Red Hat Enterprise Linux security policy adheres to restrictions and recommendations (compliance policies) defined by the Security Content Automation Protocol (SCAP) standard. The packages are automatically installed. However, by default, no policies are enforced and therefore no checks are performed during or after installation unless specifically configured.

Applying a security policy is not a mandatory feature of the installation program. If you apply a security policy to the system, it is installed using restrictions and recommendations defined in the profile that you selected. The openscap-scanner package is added to your package selection, providing a preinstalled tool for compliance and vulnerability scanning. After the installation finishes, the system is automatically scanned to verify compliance. The results of this scan are saved to the /root/openscap_data directory on the installed system. You can also load additional profiles from an HTTP, HTTPS, or FTP server.

4.3.5.2. Configuring a security policy

Complete the following steps to configure a security policy.

Prerequisite

The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Security Policy. The Security Policy window opens.
  2. To enable security policies on the system, toggle the Apply security policy switch to ON.
  3. Select one of the profiles listed in the top pane.
  4. Click Select profile.

    Profile changes that you must apply before installation appear in the bottom pane.

    Note

    The default profiles do not require changes before installation. However, loading a custom profile can require pre-installation tasks.

  5. Click Change content to use a custom profile. A separate window opens allowing you to enter a URL for valid security content.

    1. Click Fetch to retrieve the URL.
    2. Click Use SCAP Security Guide to return to the Security Policy window.

      Note

      You can load custom profiles from an HTTP, HTTPS, or FTP server. Use the full address of the content including the protocol, such as http://. A network connection must be active before you can load a custom profile. The installation program detects the content type automatically.

  6. Click Done to apply the settings and return to the Installation Summary window.

4.4. Configuring software options

This section contains information about configuring your installation source and software selection settings, and activating a repository.

4.4.1. Configuring installation source

Complete the steps in this procedure to configure an installation source from either auto-detected installation media, Red Hat CDN, or the network.

Note

When the Installation Summary window first opens, the installation program attempts to configure an installation source based on the type of media that was used to boot the system. The full Red Hat Enterprise Linux Server DVD configures the source as local media.

Prerequisites

  • You have downloaded the full installation image.
  • You have created a bootable physical media.
  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Source. The Installation Source window opens.

    1. Review the Auto-detected installation media section to verify the details. This option is selected by default if you started the installation program from media containing an installation source, for example, a DVD.
    2. Click Verify to check the media integrity.
    3. Review the Additional repositories section and note that the AppStream checkbox is selected by default.

      Important
      • No additional configuration is necessary as the BaseOS and AppStream repositories are installed as part of the full installation image.
      • Do not disable the AppStream repository check box if you want a full Red Hat Enterprise Linux8 installation.
  2. Optional: Select the Red Hat CDN option to register your system, attach RHEL subscriptions, and install RHEL from the Red Hat Content Delivery Network (CDN). For more information, see the Registering and installing RHEL from the CDN section.
  3. Optional: Select the On the network option to download and install packages from a network location instead of local media.

    Note
    1. Select the On the network drop-down menu to specify the protocol for downloading packages. This setting depends on the server that you want to use.
    2. Type the server address (without the protocol) into the address field. If you choose NFS, a second input field opens where you can specify custom NFS mount options. This field accepts options listed in the nfs(5) man page.

      Important

      When selecting an NFS installation source, you must specify the address with a colon (:) character separating the host name from the path. For example:

      server.example.com:/path/to/directory
      Note

      The following steps are optional and are only required if you use a proxy for network access.

    3. Click Proxy setup…​ to configure a proxy for an HTTP or HTTPS source.
    4. Select the Enable HTTP proxy check box and type the URL into the Proxy Host field.
    5. Select the Use Authentication check box if the proxy server requires authentication.
    6. Type in your user name and password.
    7. Click OK to finish the configuration and exit the Proxy Setup…​ dialog box.

      Note

      If your HTTP or HTTPS URL refers to a repository mirror menu, select the required option from the URL type drop-down list. All environments and additional software packages are available for selection when you finish configuring the sources.

  4. Click + to add a repository.
  5. Click - to delete a repository.
  6. Click the arrow icon to revert the current entries to the setting when you opened the Installation Source window.
  7. To activate or deactivate a repository, click the check box in the Enabled column for each entry in the list.

    Note

    You can name and configure your additional repository in the same way as the primary repository on the network.

  8. Click Done to apply the settings and return to the Installation Summary window.

4.4.2. Configuring software selection

Use the Software Selection window to select the software packages that you require. The packages are organized by Base Environment and Additional Software.

  • Base Environment contains predefined packages. You can select only one base environment, and availability is dependent on the installation ISO image that is used as the installation source.
  • Additional Software for Selected Environment contains additional software packages for the base environment. You can select multiple software packages.

Use a predefined environment and additional software to customize your system. However, in a standard installation, you cannot select individual packages to install. To view the packages contained in a specific environment, see the repository/repodata/*-comps-repository.architecture.xml file on your installation source media (DVD, CD, USB). The XML file contains details of the packages installed as part of a base environment. Available environments are marked by the <environment> tag, and additional software packages are marked by the <group> tag.

If you are unsure about which packages to install, Red Hat recommends that you select the Minimal Install base environment. Minimal install installs a basic version of Red Hat Enterprise Linux with only a minimal amount of additional software. After the system finishes installing and you log in for the first time, you can use the Yum package manager to install additional software. For more information about Yum package manager, see the Configuring basic system settings document.

Note
  • The yum group list command lists all package groups from yum repositories. See the Configuring basic system settings document for more information.
  • If you need to control which packages are installed, you can use a Kickstart file and define the packages in the %packages section. See the Performing an advanced RHEL installation document for information about installing Red Hat Enterprise Linux using Kickstart.

Prerequisites

  • You have configured the installation source.
  • The installation program downloaded package metadata.
  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Software Selection. The Software Selection window opens.
  2. From the Base Environment pane, select a base environment. You can select only one base environment.

    Note

    The Server with GUI base environment is the default base environment and it launches the Initial Setup application after the installation completes and you restart the system.

  3. From the Additional Software for Selected Environment pane, select one or more options.
  4. Click Done to apply the settings and return to Chapter 4, Customizing your installation.

4.5. Configuring storage devices

You can install Red Hat Enterprise Linux on a large variety of storage devices. You can configure basic, locally accessible, storage devices in the Installation Destination window. Basic storage devices directly connected to the local system, such as hard disk drives and solid-state drives, are displayed in the Local Standard Disks section of the window. On IBM Z, this section contains activated Direct Access Storage Devices (DASDs).

Warning

A known issue prevents DASDs configured as HyperPAV aliases from being automatically attached to the system after the installation is complete. These storage devices are available during the installation, but are not immediately accessible after you finish installing and reboot. To attach HyperPAV alias devices, add them manually to the /etc/dasd.conf configuration file of the system.

4.5.1. Storage device selection

The storage device selection window lists all storage devices that the installation program can access. Depending on your system and available hardware, some tabs might not be displayed. The devices are grouped under the following tabs:

Multipath Devices

Storage devices accessible through more than one path, such as through multiple SCSI controllers or Fiber Channel ports on the same system.

Important

The installation program only detects multipath storage devices with serial numbers that are 16 or 32 characters long.

Other SAN Devices
Devices available on a Storage Area Network (SAN).
Firmware RAID
Storage devices attached to a firmware RAID controller.
NVDIMM Devices
Under specific circumstances, Red Hat Enterprise Linux 8 can boot and run from (NVDIMM) devices in sector mode on the Intel 64 and AMD64 architectures.
System z Devices
Storage devices, or Logical Units (LUNs), attached through the zSeries Linux FCP (Fiber Channel Protocol) driver.

4.5.2. Filtering storage devices

In the storage device selection window you can filter storage devices either by their World Wide Identifier (WWID) or by the port, target, or logical unit number (LUN).

Prerequisite

The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click the Search by tab to search by port, target, LUN, or WWID.

    Searching by WWID or LUN requires additional values in the corresponding input text fields.

  4. Select the option that you require from the Search drop-down menu.
  5. Click Find to start the search. Each device is presented on a separate row with a corresponding check box.
  6. Select the check box to enable the device that you require during the installation process.

    Later in the installation process you can choose to install Red Hat Enterprise Linux on any of the selected devices, and you can choose to mount any of the other selected devices as part of the installed system automatically.

    Note
    • Selected devices are not automatically erased by the installation process and selecting a device does not put the data stored on the device at risk.
    • You can add devices to the system after installation by modifying the /etc/fstab file.
  7. Click Done to return to the Installation Destination window.
Important

Any storage devices that you do not select are hidden from the installation program entirely. To chain load the boot loader from a different boot loader, select all the devices present.

4.5.3. Using advanced storage options

To use an advanced storage device, you can configure an iSCSI (SCSI over TCP/IP) target or FCoE (Fibre Channel over Ethernet) SAN (Storage Area Network).

To use iSCSI storage devices for the installation, the installation program must be able to discover them as iSCSI targets and be able to create an iSCSI session to access them. Each of these steps might require a user name and password for Challenge Handshake Authentication Protocol (CHAP) authentication. Additionally, you can configure an iSCSI target to authenticate the iSCSI initiator on the system to which the target is attached (reverse CHAP), both for discovery and for the session. Used together, CHAP and reverse CHAP are called mutual CHAP or two-way CHAP. Mutual CHAP provides the greatest level of security for iSCSI connections, particularly if the user name and password are different for CHAP authentication and reverse CHAP authentication.

Note

Repeat the iSCSI discovery and iSCSI login steps to add all required iSCSI storage. You cannot change the name of the iSCSI initiator after you attempt discovery for the first time. To change the iSCSI initiator name, you must restart the installation.

4.5.3.1. Discovering and starting an iSCSI session

Complete the following steps to discover and start an iSCSI session.

Prerequisites

  • The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…​. The storage devices selection window opens.
  3. Click Add iSCSI target…​. The Add iSCSI Storage Target window opens.

    Important

    You cannot place the /boot partition on iSCSI targets that you have manually added using this method - an iSCSI target containing a /boot partition must be configured for use with iBFT. However, in instances where the installed system is expected to boot from iSCSI with iBFT configuration provided by a method other than firmware iBFT, for example using iPXE, you can remove the /boot partition restriction using the inst.nonibftiscsiboot installer boot option.

  4. Enter the IP address of the iSCSI target in the Target IP Address field.
  5. Type a name in the iSCSI Initiator Name field for the iSCSI initiator in iSCSI qualified name (IQN) format. A valid IQN entry contains the following information:

    • The string iqn. (note the period).
    • A date code that specifies the year and month in which your organization’s Internet domain or subdomain name was registered, represented as four digits for the year, a dash, and two digits for the month, followed by a period. For example, represent September 2010 as 2010-09.
    • Your organization’s Internet domain or subdomain name, presented in reverse order with the top-level domain first. For example, represent the subdomain storage.example.com as com.example.storage.
    • A colon followed by a string that uniquely identifies this particular iSCSI initiator within your domain or subdomain. For example, :diskarrays-sn-a8675309.

      A complete IQN is as follows: iqn.2010-09.storage.example.com:diskarrays-sn-a8675309. The installation program prepopulates the iSCSI Initiator Name field with a name in this format to help you with the structure. For more information about IQNs, see 3.2.6. iSCSI Names in RFC 3720 - Internet Small Computer Systems Interface (iSCSI) available from tools.ietf.org and 1. iSCSI Names and Addresses in RFC 3721 - Internet Small Computer Systems Interface (iSCSI) Naming and Discovery available from tools.ietf.org.

  6. Select the Discovery Authentication Type drop-down menu to specify the type of authentication to use for iSCSI discovery. The following options are available:

    • No credentials
    • CHAP pair
    • CHAP pair and a reverse pair
    1. If you selected CHAP pair as the authentication type, enter the user name and password for the iSCSI target in the CHAP Username and CHAP Password fields.
    2. If you selected CHAP pair and a reverse pair as the authentication type, enter the user name and password for the iSCSI target in the CHAP Username and CHAP Password field, and the user name and password for the iSCSI initiator in the Reverse CHAP Username and Reverse CHAP Password fields.
  7. Optionally, select the Bind targets to network interfaces check box.
  8. Click Start Discovery.

    The installation program attempts to discover an iSCSI target based on the information provided. If discovery succeeds, the Add iSCSI Storage Target window displays a list of all iSCSI nodes discovered on the target.

  9. Select the check boxes for the node that you want to use for installation.

    Note

    The Node login authentication type menu contains the same options as the Discovery Authentication Type menu. However, if you need credentials for discovery authentication, use the same credentials to log in to a discovered node.

  10. Click the additional Use the credentials from discovery drop-down menu. When you provide the proper credentials, the Log In button becomes available.
  11. Click Log In to initiate an iSCSI session.

4.5.3.2. Configuring FCoE parameters

Complete the following steps to configure FCoE parameters.

Prerequisite

The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click Add FCoE SAN…​. A dialog box opens for you to configure network interfaces for discovering FCoE storage devices.
  4. Select a network interface that is connected to an FCoE switch in the NIC drop-down menu.
  5. Click Add FCoE disk(s) to scan the network for SAN devices.
  6. Select the required check boxes:

    • Use DCB:Data Center Bridging (DCB) is a set of enhancements to the Ethernet protocols designed to increase the efficiency of Ethernet connections in storage networks and clusters. Select the check box to enable or disable the installation program’s awareness of DCB. Enable this option only for network interfaces that require a host-based DCBX client. For configurations on interfaces that use a hardware DCBX client, disable the check box.
    • Use auto vlan:Auto VLAN is enabled by default and indicates whether VLAN discovery should be performed. If this check box is enabled, then the FIP (FCoE Initiation Protocol) VLAN discovery protocol runs on the Ethernet interface when the link configuration has been validated. If they are not already configured, network interfaces for any discovered FCoE VLANs are automatically created and FCoE instances are created on the VLAN interfaces.
  7. Discovered FCoE devices are displayed under the Other SAN Devices tab in the Installation Destination window.

4.5.3.3. Configuring DASD storage devices

Complete the following steps to configure DASD storage devices.

Prerequisite

The Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click Add DASD. The Add DASD Storage Target dialog box opens and prompts you to specify a device number, such as 0.0.0204, and attach additional DASDs that were not detected when the installation started.
  4. Type the device number of the DASD that you want to attach in the Device number field.
  5. Click Start Discovery.
Note
  • If a DASD with the specified device number is found and if it is not already attached, the dialog box closes and the newly-discovered drives appear in the list of drives. You can then select the check boxes for the required devices and click Done. The new DASDs are available for selection, marked as DASD device 0.0.xxxx in the Local Standard Disks section of the Installation Destination window.
  • If you entered an invalid device number, or if the DASD with the specified device number is already attached to the system, an error message appears in the dialog box, explaining the error and prompting you to try again with a different device number.

4.5.3.4. Configuring FCP devices

FCP devices enable IBM Z to use SCSI devices rather than, or in addition to, Direct Access Storage Device (DASD) devices. FCP devices provide a switched fabric topology that enables IBM Z systems to use SCSI LUNs as disk devices in addition to traditional DASD devices.

Prerequisites

  • The Installation Summary window is open.
  • For an FCP-only installation, remove the DASD= option from the CMS configuration file or the rd.dasd= option from the parameter file to indicate that no DASD is present.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…. The storage devices selection window opens.
  3. Click Add ZFCP LUN. The Add zFCP Storage Target dialog box opens allowing you to add a FCP (Fibre Channel Protocol) storage device.

    IBM Z requires that you enter any FCP device manually so that the installation program can activate FCP LUNs. You can enter FCP devices either in the graphical installation, or as a unique parameter entry in the parameter or CMS configuration file. The values that you enter must be unique to each site that you configure.

  4. Type the 4 digit hexadecimal device number in the Device number field.
  5. Type the 16 digit hexadecimal World Wide Port Number (WWPN) in the WWPN field.
  6. Type the 16 digit hexadecimal FCP LUN identifier in the LUN field.
  7. Click Start Discovery to connect to the FCP device.

The newly-added devices are displayed in the System z Devices tab of the Installation Destination window.

Note
  • Interactive creation of an FCP device is only possible in graphical mode. It is not possible to configure an FCP device interactively in text mode installation.
  • Use only lower-case letters in hex values. If you enter an incorrect value and click Start Discovery, the installation program displays a warning. You can edit the configuration information and retry the discovery attempt.
  • For more information about these values, consult the hardware documentation and check with your system administrator.

4.5.4. Installing to an NVDIMM device

Non-Volatile Dual In-line Memory Module (NVDIMM) devices combine the performance of RAM with disk-like data persistence when no power is supplied. Under specific circumstances, Red Hat Enterprise Linux 8 can boot and run from NVDIMM devices.

4.5.4.1. Criteria for using an NVDIMM device as an installation target

You can install Red Hat Enterprise Linux 8 to Non-Volatile Dual In-line Memory Module (NVDIMM) devices in sector mode on the Intel 64 and AMD64 architectures, supported by the nd_pmem driver.

Conditions for using an NVDIMM device as storage

To use an NVDIMM device as storage, the following conditions must be satisfied:

  • The architecture of the system is Intel 64 or AMD64.
  • The NVDIMM device is configured to sector mode. The installation program can reconfigure NVDIMM devices to this mode.
  • The NVDIMM device must be supported by the nd_pmem driver.

Conditions for booting from an NVDIMM Device

Booting from an NVDIMM device is possible under the following conditions:

  • All conditions for using the NVDIMM device as storage are satisfied.
  • The system uses UEFI.
  • The NVDIMM device must be supported by firmware available on the system, or by an UEFI driver. The UEFI driver may be loaded from an option ROM of the device itself.
  • The NVDIMM device must be made available under a namespace.

Utilize the high performance of NVDIMM devices during booting, place the /boot and /boot/efi directories on the device. The Execute-in-place (XIP) feature of NVDIMM devices is not supported during booting and the kernel is loaded into conventional memory.

4.5.4.2. Configuring an NVDIMM device using the graphical installation mode

A Non-Volatile Dual In-line Memory Module (NVDIMM) device must be properly configured for use by Red Hat Enterprise Linux 8 using the graphical installation.

Warning

Reconfiguration of a NVDIMM device process destroys any data stored on the device.

Prerequisites

  • A NVDIMM device is present on the system and satisfies all the other conditions for usage as an installation target.
  • The installation has booted and the Installation Summary window is open.

Procedure

  1. From the Installation Summary window, click Installation Destination. The Installation Destination window opens, listing all available drives.
  2. Under the Specialized & Network Disks section, click Add a disk…​. The storage devices selection window opens.
  3. Click the NVDIMM Devices tab.
  4. To reconfigure a device, select it from the list.

    If a device is not listed, it is not in sector mode.

  5. Click Reconfigure NVDIMM…​. A reconfiguration dialog opens.
  6. Enter the sector size that you require and click Start Reconfiguration.

    The supported sector sizes are 512 and 4096 bytes.

  7. When reconfiguration completes click OK.
  8. Select the device check box.
  9. Click Done to return to the Installation Destination window.

    The NVDIMM device that you reconfigured is displayed in the Specialized & Network Disks section.

  10. Click Done to return to the Installation Summary window.

The NVDIMM device is now available for you to select as an installation target. Additionally, if the device meets the requirements for booting, you can set the device as a boot device.

4.6. Configuring manual partitioning

You can use manual partitioning to configure your disk partitions and mount points and define the file system that Red Hat Enterprise Linux is installed on.

Note

Before installation, you should consider whether you want to use partitioned or unpartitioned disk devices. For more information, see the Knowledgebase article at https://access.redhat.com/solutions/163853.

An installation of Red Hat Enterprise Linux requires a minimum of one partition but Red Hat recommends using at least the following partitions or volumes: PReP, /, /home, /boot, and swap. You can also create additional partitions and volumes as you require.

Note

An installation of Red Hat Enterprise Linux on IBM Power Systems servers requires a PReP boot partition.

Warning

To prevent data loss it is recommended that you back up your data before proceeding. If you are upgrading or creating a dual-boot system, you should back up any data you want to keep on your storage devices.

4.6.1. Starting manual partitioning

Prerequisites

  • The Installation Summary screen is currently displayed.
  • All disks are available to the installation program.

Procedure

  1. Select disks for installation:

    1. Click Installation Destination to open the Installation Destination window.
    2. Select the disks that you require for installation by clicking the corresponding icon. A selected disk has a check-mark displayed on it.
    3. Under Storage Configuration, select the Custom radio-button.
    4. Optional: To enable storage encryption with LUKS, select the Encrypt my data check box.
    5. Click Done.
  2. If you selected to encrypt the storage, a dialog box for entering a disk encryption passphrase opens. Type in the LUKS passphrase:

    1. Enter the passphrase in the two text fields. To switch keyboard layout, use the keyboard icon.

      Warning

      In the dialog box for entering the passphrase, you cannot change the keyboard layout. Select the English keyboard layout to enter the passphrase in the installation program.

    2. Click Save Passphrase. The Manual Partitioning window opens.
  3. Detected mount points are listed in the left-hand pane. The mount points are organized by detected operating system installations. As a result, some file systems may be displayed multiple times if a partition is shared among several installations.

    1. Select the mount points in the left pane; the options that can be customized are displayed in the right pane.

      Note
      • If your system contains existing file systems, ensure that enough space is available for the installation. To remove any partitions, select them in the list and click the - button.

        The dialog has a check box that you can use to remove all other partitions used by the system to which the deleted partition belongs.

      • If there are no existing partitions and you want to create the recommended set of partitions as a starting point, select your preferred partitioning scheme from the left pane (default for Red Hat Enterprise Linux is LVM) and click the Click here to create them automatically link.

        A /boot partition, a / (root) volume, and a swap volume proportionate to the size of the available storage are created and listed in the left pane. These are the recommended file systems for a typical installation, but you can add additional file systems and mount points.

    2. Click Done to confirm any changes and return to the Installation Summary window.

4.6.2. Adding a mount point file system

Complete the following steps to add multiple mount point file systems.

Prerequisites

  • Plan for your partitions:

    • To avoid problems with space allocation, first create small partitions with known fixed sizes, such as /boot, and then create the remaining partitions, letting the installation program allocate the remaining capacity to them.
    • If you want to install the system on multiple disks, or if your disks differ in size and a particular partition must be created on the first disk detected by BIOS, then create these partitions first.

Procedure

  1. Click + to create a new mount point file system. The Add a New Mount Point dialog opens.
  2. Select one of the preset paths from the Mount Point drop-down menu or type your own; for example, select / for the root partition or /boot for the boot partition.
  3. Enter the size of the file system in to the Desired Capacity field; for example, 2GiB.

    Warning

    If you do not specify a value in the Desired Capacity field, or if you specify a size bigger than available space, then all remaining free space is used.

  4. Click Add mount point to create the partition and return to the Manual Partitioning window.

4.6.3. Configuring a mount point file system

This procedure describes how to set the partitioning scheme for each mount point that was created manually. The available options are Standard Partition, LVM, and LVM Thin Provisioning.

Note
  • Btfrs support has been removed in Red Hat Enterprise Linux 8.
  • The /boot partition is always located on a standard partition, regardless of the value selected.

Procedure

  1. To change the devices that a single non-LVM mount point should be located on, select the required mount point from the left-hand pane.
  2. Under the Device(s) heading, click Modify…​. The Configure Mount Point dialog opens.
  3. Select one or more devices and click Select to confirm your selection and return to the Manual Partitioning window.
  4. Click Update Settings to apply the changes.

    Note

    Click the Rescan button (circular arrow button) to refresh all local disks and partitions; this is only required after performing advanced partition configuration outside the installation program. Clicking the Rescan Disks button resets all configuration changes made in the installation program.

  5. In the lower left-hand side of the Manual Partitioning window, click the storage device selected link to open the Selected Disks dialog and review disk information.

4.6.4. Customizing a partition or volume

You can customize a partition or volume if you want to set specific settings.

Important

If /usr or /var is partitioned separately from the rest of the root volume, the boot process becomes much more complex as these directories contain critical components. In some situations, such as when these directories are placed on an iSCSI drive or an FCoE location, the system is unable to boot, or hangs with a Device is busy error when powering off or rebooting.

This limitation only applies to /usr or /var, not to directories below them. For example, a separate partition for /var/www works successfully.

Procedure

  1. From the left pane, select the mount point.

    Figure 4.1. Customizing Partitions

    Customizing partitions.
  2. From the right-hand pane, you can customize the following options:

    1. Enter the file system mount point into the Mount Point field. For example, if a file system is the root file system, enter /; enter /boot for the /boot file system, and so on. For a swap file system, do not set the mount point as setting the file system type to swap is sufficient.
    2. Enter the size of the file system in the Desired Capacity field. You can use common size units such as KiB or GiB. The default is MiB if you do not set any other unit.
    3. Select the device type that you require from the drop-down Device Type menu: Standard Partition, LVM, or LVM Thin Provisioning.

      Warning

      The installation program does not support overprovisioned LVM thin pools.

      Note

      RAID is available only if two or more disks are selected for partitioning. If you choose RAID, you can also set the RAID Level. Similarly, if you select LVM, you can specify the Volume Group.

    4. Select the Encrypt check box to encrypt the partition or volume. You must set a password later in the installation program. The LUKS Version drop-down menu is displayed.
    5. Select the LUKS version that you require from the drop-down menu.
    6. Select the appropriate file system type for this partition or volume from the File system drop-down menu.

      Note

      Support for VFAT file system is not available for Linux system partitions. For example, /, /var, /usr, and so on.

    7. Select the Reformat check box to format an existing partition, or clear the Reformat check box to retain your data. The newly-created partitions and volumes must be reformatted, and the check box cannot be cleared.
    8. Type a label for the partition in the Label field. Use labels to easily recognize and address individual partitions.
    9. Type a name in the Name field.

      Note

      Note that standard partitions are named automatically when they are created and you cannot edit the names of standard partitions. For example, you cannot edit the /boot name sda1.

  3. Click Update Settings to apply your changes and if required, select another partition to customize. Changes are not applied until you click Begin Installation from the Installation Summary window.

    Note

    Click Reset All to discard your partition changes.

  4. Click Done when you have created and customized all file systems and mount points. If you choose to encrypt a file system, you are prompted to create a passphrase.

    A Summary of Changes dialog box opens, displaying a summary of all storage actions for the installation program.

  5. Click Accept Changes to apply the changes and return to the Installation Summary window.

4.6.5. Preserving the /home directory

In a RHEL 8 graphical installation, you can preserve the /home directory that was used on your RHEL 7 system.

Warning

Preserving /home is only possible if the /home directory is located on a separate /home partition on your RHEL 7 system.

Preserving the /home directory that includes various configuration settings, makes it possible that the GNOME Shell environment on the new RHEL 8 system is set in the same way as it was on your RHEL 7 system. Note that this applies only for users on RHEL 8 with the same user name and ID as on the previous RHEL 7 system.

Complete this procedure to preserve the /home directory from your RHEL 7 system.

Prerequisites

  • RHEL 7 system is installed on your computer.
  • The /home directory is located on a separate /home partition on your RHEL 7 system.
  • The RHEL 8 Installation Summary window is currently displayed.

Procedure

  1. Click Installation Destination to open the Installation Destination window.
  2. Under Storage Configuration, select the Custom radio button. Click Done.
  3. Click Done, the Manual Partitioning window opens.
  4. Choose the /home partition, fill in /home under Mount Point: and clear the Reformat check box.

    Figure 4.2. Ensuring that /home is not formatted

    preserving home partition
  5. Optional: You can also customize various aspects of the /home partition required for your RHEL 8 system as described in Section 4.6.4, “Customizing a partition or volume”. However, to preserve /home from your RHEL 7 system, it is necessary to clear the Reformat check box.
  6. After you customized all partitions according to your requirements, click Done. The Summary of changes dialog box opens.
  7. Verify that the Summary of changes dialog box does not show any change for /home. This means that the /home partition is preserved.
  8. Click Accept Changes to apply the changes, and return to the Installation Summary window.

4.6.6. Creating software RAID

Follow the steps in this procedure to create a Redundant Arrays of Independent Disks (RAID) device. RAID devices are constructed from multiple storage devices that are arranged to provide increased performance and, in some configurations, greater fault tolerance.

A RAID device is created in one step and disks are added or removed as necessary. You can configure one RAID partition for each physical disk in your system, so the number of disks available to the installation program determines the levels of RAID device available. For example, if your system has two hard drives, you cannot create a RAID 10 device, as it requires a minimum of three separate disks.

Note

On IBM Z, the storage subsystem uses RAID transparently. You do not have to configure software RAID manually.

Prerequisites

  • You have selected two or more disks for installation before RAID configuration options are visible. At least two disks are required to create a RAID device.
  • You have created a mount point. By configuring a mount point, you configure the RAID device.
  • You have selected the Custom radio button on the Installation Destination window.

Procedure

  1. From the left pane of the Manual Partitioning window, select the required partition.
  2. Under the Device(s) section, click Modify. The Configure Mount Point dialog box opens.
  3. Select the disks that you want to include in the RAID device and click Select.
  4. Click the Device Type drop-down menu and select RAID.
  5. Click the File System drop-down menu and select your preferred file system type.
  6. Click the RAID Level drop-down menu and select your preferred level of RAID.
  7. Click Update Settings to save your changes.
  8. Click Done to apply the settings and return to the Installation Summary window.

A message is displayed at the bottom of the window if the specified RAID level requires more disks.

To learn more about soft corruption and how you can protect your data when configuring a RAID LV, see Using DM integrity with RAID LV.

4.6.7. Creating an LVM logical volume

Logical Volume Management (LVM) presents a simple logical view of underlying physical storage space, such as hard drives or LUNs. Partitions on physical storage are represented as physical volumes that you can group together into volume groups. You can divide each volume group into multiple logical volumes, each of which is analogous to a standard disk partition. Therefore, LVM logical volumes function as partitions that can span multiple physical disks.

Note

LVM configuration is available only in the graphical installation program.

Important

During text-mode installation, LVM configuration is not available. To create an LVM configuration, press Ctrl+Alt+F2 to use a different virtual console, and run the lvm command. To return to the text-mode installation, press Ctrl+Alt+F1.

Procedure

  1. From the left-hand pane of the Manual Partitioning window, select the mount point.
  2. Click the Device Type drop-down menu and select LVM. The Volume Group drop-down menu is displayed with the newly-created volume group name.

    Note

    You cannot specify the size of the volume group’s physical extents in the configuration dialog. The size is always set to the default value of 4 MiB. If you want to create a volume group with different physical extents, you must create it manually by switching to an interactive shell and using the vgcreate command, or use a Kickstart file with the volgroup --pesize=size command. See the Performing an advanced RHEL installation document for more information about Kickstart.

Additional resources

4.6.8. Configuring an LVM logical volume

Follow the steps in this procedure to configure a newly-created LVM logical volume.

Warning

Placing the /boot partition on an LVM volume is not supported.

Procedure

  1. From the left-hand pane of the Manual Partitioning window, select the mount point.
  2. Click the Device Type drop-down menu and select LVM. The Volume Group drop-down menu is displayed with the newly-created volume group name.
  3. Click Modify to configure the newly-created volume group.

    The Configure Volume Group dialog box opens.

    Note

    You cannot specify the size of the volume group’s physical extents in the configuration dialog. The size is always set to the default value of 4 MiB. If you want to create a volume group with different physical extents, you must create it manually by switching to an interactive shell and using the vgcreate command, or use a Kickstart file with the volgroup --pesize=size command. See the Performing an advanced RHEL installation document for more information about Kickstart.

  4. From the RAID Level drop-down menu, select the RAID level that you require.

    The available RAID levels are the same as with actual RAID devices.

  5. Select the Encrypt check box to mark the volume group for encryption.
  6. From the Size policy drop-down menu, select the size policy for the volume group.

    The available policy options are:

    • Automatic: The size of the volume group is set automatically so that it is large enough to contain the configured logical volumes. This is optimal if you do not need free space within the volume group.
    • As large as possible: The volume group is created with maximum size, regardless of the size of the configured logical volumes it contains. This is optimal if you plan to keep most of your data on LVM and later need to increase the size of some existing logical volumes, or if you need to create additional logical volumes within this group.
    • Fixed: You can set an exact size of the volume group. Any configured logical volumes must then fit within this fixed size. This is useful if you know exactly how large you need the volume group to be.
  7. Click Save to apply the settings and return to the Manual Partitioning window.
  8. Click Update Settings to save your changes.
  9. Click Done to return to the Installation Summary window.

4.7. Configuring a root password

You must configure a root password to finish the installation process and to log in to the administrator (also known as superuser or root) account that is used for system administration tasks. These tasks include installing and updating software packages and changing system-wide configuration such as network and firewall settings, storage options, and adding or modifying users, groups and file permissions.

Important
  • Use one or both of the following ways to gain root privileges to the installed system:

    • Use a root account.
    • Create a user account with administrative privileges (member of the wheel group). The root account is always created during the installation. Switch to the administrator account only when you need to perform a task that requires administrator access.
Warning

The root account has complete control over the system. If unauthorized personnel gain access to the account, they can access or delete users' personal files.

Procedure

  1. From the Installation Summary window, select User Settings > Root Password. The Root Password window opens.
  2. Type your password in the Root Password field.

    The requirements and recommendations for creating a strong root password are:

    • Must be at least eight characters long
    • May contain numbers, letters (upper and lower case) and symbols
    • Is case-sensitive
  3. Type the same password in the Confirm field.
  4. Click Done to confirm your root password and return to the Installation Summary window.

    Note

    If you proceeded with a weak password, you must click Done twice.

4.8. Creating a user account

It is recommended that you create a user account to finish the installation. If you do not create a user account, you must log in to the system as root directly, which is not recommended.

Procedure

  1. On the Installation Summary window, select User Settings > User Creation. The Create User window opens.
  2. Type the user account name in to the Full name field, for example: John Smith.
  3. Type the username in to the User name field, for example: jsmith.

    Note

    The User name is used to log in from a command line; if you install a graphical environment, then your graphical login manager uses the Full name.

  4. Select the Make this user administrator check box if the user requires administrative rights (the installation program adds the user to the wheel group ).

    Important

    An administrator user can use the sudo command to perform tasks that are only available to root using the user password, instead of the root password. This may be more convenient, but it can also cause a security risk.

  5. Select the Require a password to use this account check box.

    Warning

    If you give administrator privileges to a user, verify that the account is password protected. Never give a user administrator privileges without assigning a password to the account.

  6. Type a password into the Password field.
  7. Type the same password into the Confirm password field.
  8. Click Done to apply the changes and return to the Installation Summary window.

4.8.1. Editing advanced user settings

Follow the steps in this procedure to edit the default settings for the user account in the Advanced User Configuration dialog box.

Procedure

  1. On the Create User window, click Advanced.
  2. Edit the details in the Home directory field, if required. The field is populated by default with /home/username .
  3. In the User and Groups IDs section you can:

    1. Select the Specify a user ID manually check box and use + or - to enter the required value.

      Note

      The default value is 1000. User IDs (UIDs) 0-999 are reserved by the system so they cannot be assigned to a user.

    2. Select the Specify a group ID manually check box and use + or - to enter the required value.

      Note

      The default group name is the same as the user name, and the default Group ID (GID) is 1000. GIDs 0-999 are reserved by the system so they can not be assigned to a user group.

  4. Specify additional groups as a comma-separated list in the Group Membership field. Groups that do not already exist are created; you can specify custom GIDs for additional groups in parentheses. If you do not specify a custom GID for a new group, the new group receives a GID automatically.

    Note

    The user account created always has one default group membership (the user’s default group with an ID set in the Specify a group ID manually field).

  5. Click Save Changes to apply the updates and return to the Create User window.

Chapter 5. Completing post-installation tasks

This section describes how to complete the following post-installation tasks:

  • Completing initial setup
  • Registering your system

    Note

    Depending on your requirements, there are several methods to register your system. Most of these methods are completed as part of post-installation tasks. However, the Red Hat Content Delivery Network (CDN) registers your system and attaches RHEL subscriptions before the installation process starts. See Section 3.3.2, “Registering and installing RHEL from the CDN” for more information.

  • Securing your system

5.1. Completing initial setup

This section contains information about how to complete initial setup on a Red Hat Enterprise Linux 8 system.

Important
  • If you selected the Server with GUI base environment during installation, the Initial Setup window opens the first time you reboot your system after the installation process is complete.
  • If you registered and installed RHEL from the CDN, the Subscription Manager option displays a note that all installed products are covered by valid entitlements.

The information displayed in the Initial Setup window might vary depending on what was configured during installation. At a minimum, the Licensing and Subscription Manager options are displayed.

Prerequisites

Procedure

  1. From the Initial Setup window, select Licensing Information.

    The License Agreement window opens and displays the licensing terms for Red Hat Enterprise Linux.

  2. Review the license agreement and select the I accept the license agreement checkbox.

    Note

    You must accept the license agreement. Exiting Initial Setup without completing this step causes a system restart. When the restart process is complete, you are prompted to accept the license agreement again.

  3. Click Done to apply the settings and return to the Initial Setup window.

    Note

    If you did not configure network settings, you cannot register your system immediately. In this case, click Finish Configuration. Red Hat Enterprise Linux 8 starts and you can login, activate access to the network, and register your system. See Section 5.3, “Registering your system using the Subscription Manager User Interface” for more information. If you configured network settings, as described in Section 4.3.3, “Configuring network and host name options”, you can register your system immediately, as shown in the following steps:

  4. From the Initial Setup window, select Subscription Manager.

    Important

    If you registered and installed RHEL from the CDN, the Subscription Manager option displays a note that all installed products are covered by valid entitlements.

  5. The Subscription Manager graphical interface opens and displays the option you are going to register, which is: subscription.rhsm.redhat.com.
  6. Click Next.
  7. Enter your Login and Password details and click Register.
  8. Confirm the Subscription details and click Attach. You must receive the following confirmation message: Registration with Red Hat Subscription Management is Done!
  9. Click Done. The Initial Setup window opens.
  10. Click Finish Configuration. The login window opens.
  11. Configure your system. See the Configuring basic system settings document for more information.

Additional resources

Depending on your requirements, there are five methods to register your system:

5.2. Registering your system using the command line

This section contains information about how to register your Red Hat Enterprise Linux 8 system using the command line.

Note

When auto-attaching a system, the subscription service checks if the system is physical or virtual, as well as how many sockets are on the system. A physical system usually consumes two entitlements, a virtual system usually consumes one. One entitlement is consumed per two sockets on a system.

Prerequisites

  • You have an active, non-evaluation Red Hat Enterprise Linux subscription.
  • Your Red Hat subscription status is verified.
  • You have not previously received a Red Hat Enterprise Linux 8 subscription.
  • You have activated your subscription before attempting to download entitlements from the Customer Portal. You need an entitlement for each instance that you plan to use. Red Hat Customer Service is available if you need help activating your subscription.
  • You have successfully installed Red Hat Enterprise Linux 8  and logged into the system.

Procedure

  1. Open a terminal window and register a subscription using your Red Hat Customer Portal username and password:

    # subscription-manager register --username [username] --password [password]
  2. When the subscription is successfully registered, an output similar to the following is displayed:

    # The system has been registered with ID: 123456abcdef
    # The registered system name is: localhost.localdomain
  3. Set the role for the system, for example:

    # subscription-manager role --set="Red Hat Enterprise Linux Server"
    Note

    Available roles depend on the subscriptions that have been purchased by the organization and the architecture of the RHEL 8 system. You can set one of the following roles: Red Hat Enterprise Linux Server, Red Hat Enterprise Linux Workstation, or Red Hat Enterprise Linux Compute Node.

  4. Set the service level for the system, for example:

    # subscription-manager service-level --set="Premium"
  5. Set the usage for the system, for example:

    # subscription-manager usage --set="Production"
  6. Attach the system to an entitlement that matches the host system architecture:

    # subscription-manager attach
  7. When the subscription is successfully attached, an output similar to the following is displayed:

    Installed Product Current Status:
    Product Name: Red Hat Enterprise Linux for x86_64
    Status: Subscribed
    Note

    You can also register Red Hat Enterprise Linux 8 by logging in to the system as a root user and using the Subscription Manager graphical user interface.

5.3. Registering your system using the Subscription Manager User Interface

This section contains information about how to register your Red Hat Enterprise Linux 8 system using the Subscription Manager User Interface to receive updates and access package repositories.

Prerequisites

Procedure

  1. Log in to your system.
  2. From the top left-hand side of the window, click Activities.
  3. From the menu options, click the Show Applications icon.
  4. Click the Red Hat Subscription Manager icon, or enter Red Hat Subscription Manager in the search.
  5. Enter your administrator password in the Authentication Required dialog box.

    Note

    Authentication is required to perform privileged tasks on the system.

  6. The Subscriptions window opens, displaying the current status of Subscriptions, System Purpose, and installed products. Unregistered products display a red X.
  7. Click the Register button.
  8. The Register System dialog box opens. Enter your Customer Portal credentials and click the Register button.

The Register button in the Subscriptions window changes to Unregister and installed products display a green X. You can troubleshoot an unsuccessful registration using the subscription-manager status command.

Additional resources

5.4. Registration Assistant

Registration Assistant is designed to help you choose the most suitable registration option for your Red Hat Enterprise Linux environment. See https://access.redhat.com/labs/registrationassistant/ for more information.

5.5. Configuring System Purpose using the syspurpose command-line tool

System Purpose is an optional but recommended feature of the Red Hat Enterprise Linux installation. You use System Purpose to record the intended use of a Red Hat Enterprise Linux 8 system, and ensure that the entitlement server auto-attaches the most appropriate subscription to your system. The syspurpose command-line tool is part of the python3_syspurpose.rpm package. If System Purpose was not configured during the installation process, you can use the syspurpose command-line tool after installation to set the required attributes.

Prerequisites

  • You installed and registered your Red Hat Enterprise Linux 8 system, but System Purpose is not configured.
  • You are logged in as a root user.
  • The python3_syspurpose.rpm package is available on your system.

    Note

    If your system is registered but has subscriptions that do not satisfy the required purpose, you can run the subscription-manager remove --all command to remove attached subscriptions. You can then use the syspurpose command-line tool to set the required purpose attributes, and run subscription-manager attach --auto to entitle the system with the updated attributes.

    Procedure

    Complete the steps in this procedure to configure System Purpose after installation using the syspurpose command-line tool. The selected values are used by the entitlement server to attach the most suitable subscription to your system.

    1. From a terminal window, run the following command to set the intended role of the system:

      # syspurpose set-role "VALUE"

      Replace VALUE with the role that you want to assign:

      • Red Hat Enterprise Linux Server
      • Red Hat Enterprise Linux Workstation
      • Red Hat Enterprise Linux Compute Node

      For example:

      # syspurpose set-role "Red Hat Enterprise Linux Server"
      1. Optional: Run the following command to unset the role:

        # syspurpose unset-role
    2. Run the following command to set the intended Service Level Agreement (SLA) of the system:

      # syspurpose set-sla "VALUE"

      Replace VALUE with the SLA that you want to assign:

      • Premium
      • Standard
      • Self-Support

      For example:

      # syspurpose set-sla "Standard"
      1. Optional: Run the following command to unset the SLA:

        # syspurpose unset-sla
    3. Run the following command to set the intended usage of the system:

      # syspurpose set-usage "VALUE"

      Replace VALUE with the usage that you want to assign:

      • Production
      • Disaster Recovery
      • Development/Test

      For example:

      # syspurpose set-usage "Production"
      1. Optional: Run the following command to unset the usage:

        # syspurpose unset-usage
    4. Run the following command to show the current system purpose properties:

      # syspurpose show
      1. Optional: Run the following command to access the syspurpose man page:

        # man syspurpose

5.6. Securing your system

Complete the following security-related steps immediately after you install Red Hat Enterprise Linux.

Prerequisites

  • You have completed the graphical installation.

Procedure

  1. To update your system, run the following command as root:

    # yum update
  2. Even though the firewall service, firewalld, is automatically enabled with the installation of Red Hat Enterprise Linux, there are scenarios where it might be explicitly disabled, for example in a Kickstart configuration. In that scenario, it is recommended that you re-enable the firewall.

    To start firewalld, run the following commands as root:

    # systemctl start firewalld
    # systemctl enable firewalld
  3. To enhance security, disable services that you do not need. For example, if your system has no printers installed, disable the cups service using the following command:

    # systemctl mask cups

    To review active services, run the following command:

    $ systemctl list-units | grep service

5.7. Deploying systems that are compliant with a security profile immediately after an installation

You can use the OpenSCAP suite to deploy RHEL systems that are compliant with a security profile, such as OSPP, PCI-DSS, and HIPAA profile, immediately after the installation process. Using this deployment method, you can apply specific rules that cannot be applied later using remediation scripts, for example, a rule for password strength and partitioning.

5.7.1. Deploying baseline-compliant RHEL systems using the graphical installation

Use this procedure to deploy a RHEL system that is aligned with a specific baseline. This example uses Protection Profile for General Purpose Operating System (OSPP).

Prerequisites

  • You have booted into the graphical installation program. Note that the OSCAP Anaconda Add-on does not support text-only installation.
  • You have accessed the Installation Summary window.

Procedure

  1. From the Installation Summary window, click Software Selection. The Software Selection window opens.
  2. From the Base Environment pane, select the Server environment. You can select only one base environment.

    Warning

    Do not use the Server with GUI base environment if you want to deploy a compliant system. Security profiles provided as part of the SCAP Security Guide may not be compatible with the extended package set of Server with GUI. For more information, see, for example, BZ#1648162, BZ#1787156, or BZ#1816199.

  3. Click Done to apply the setting and return to the Installation Summary window.
  4. Click Security Policy. The Security Policy window opens.
  5. To enable security policies on the system, toggle the Apply security policy switch to ON.
  6. Select Protection Profile for General Purpose Operating Systems from the profile pane.
  7. Click Select Profile to confirm the selection.
  8. Confirm the changes in the Changes that were done or need to be done pane that is displayed at the bottom of the window. Complete any remaining manual changes.
  9. Because OSPP has strict partitioning requirements that must be met, create separate partitions for /boot, /home, /var, /var/log, /var/tmp, and /var/log/audit.
  10. Complete the graphical installation process.

    Note

    The graphical installation program automatically creates a corresponding Kickstart file after a successful installation. You can use the /root/anaconda-ks.cfg file to automatically install OSPP-compliant systems.

Verification

  1. To check the current status of the system after installation is complete, reboot the system and start a new scan:

    # oscap xccdf eval --profile ospp --report eval_postinstall_report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

Additional resources

5.7.2. Deploying baseline-compliant RHEL systems using Kickstart

Use this procedure to deploy RHEL systems that are aligned with a specific baseline. This example uses Protection Profile for General Purpose Operating System (OSPP).

Prerequisites

  • The scap-security-guide package is installed on your RHEL 8 system.

Procedure

  1. Open the /usr/share/scap-security-guide/kickstarts/ssg-rhel8-ospp-ks.cfg Kickstart file in an editor of your choice.
  2. Update the partitioning scheme to fit your configuration requirements. For OSPP compliance, the separate partitions for /boot, /home, /var, /var/log, /var/tmp, and /var/log/audit must be preserved, and you can only change the size of the partitions.

    Warning

    Because the OSCAP Anaconda Addon plugin does not support text-only installation, do not use the text option in your Kickstart file. For more information, see RHBZ#1674001.

  3. Start a Kickstart installation as described in Performing an automated installation using Kickstart.
Important

Passwords in the hash form cannot be checked for OSPP requirements.

Verification

  1. To check the current status of the system after installation is complete, reboot the system and start a new scan:

    # oscap xccdf eval --profile ospp --report eval_postinstall_report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

Additional resources

5.8. Next steps

When you have completed the required post-installation steps, you can configure basic system settings. For information about completing tasks such as installing software with yum, using systemd for service management, managing users, groups, and file permissions, using chrony to configure NTP, and working with Python 3, see the Configuring basic system settings document.

Appendix A. Troubleshooting

The following sections cover various troubleshooting information that might be helpful when diagnosing issues during different stages of the installation process.

Appendix B. Tools and tips for troubleshooting and bug reporting

The troubleshooting information in the following sections might be helpful when diagnosing issues at the start of the installation process. The following sections are for all supported architectures. However, if an issue is for a particular architecture, it is specified at the start of the section.

B.1. Dracut

Dracut is a tool that manages the initramfs image during the Linux operating system boot process. The dracut emergency shell is an interactive mode that can be initiated while the initramfs image is loaded. You can run basic troubleshooting commands from the dracut emergency shell. For more information, see the Troubleshooting section of the dracut man page.

B.2. Using installation log files

For debugging purposes, the installation program logs installation actions in files that are located in the /tmp directory. These log files are listed in the following table.

Table B.1. Log files generated during the installation

Log fileContents

/tmp/anaconda.log

General messages.

/tmp/program.log

All external programs run during the installation.

/tmp/storage.log

Extensive storage module information.

/tmp/packaging.log

yum and rpm package installation messages.

/tmp/dbus.log

Information about the dbus session that is used for installation program modules.

/tmp/ifcfg.log

Information about networking scripts.

/tmp/sensitive-info.log

Configuration information that is not part of other logs and not copied to the installed system.

/tmp/syslog

Hardware-related system messages.

If the installation fails, the messages are consolidated into /tmp/anaconda-tb-identifier, where identifier is a random string. After a successful installation, these files are copied to the installed system under the directory /var/log/anaconda/. However, if the installation is unsuccessful, or if the inst.nosave=all or inst.nosave=logs options are used when booting the installation system, these logs only exist in the installation program’s RAM disk. This means that the logs are not saved permanently and are lost when the system is powered down. To store them permanently, copy the files to another system on the network or copy them to a mounted storage device such as a USB flash drive.

B.2.1. Creating pre-installation log files

Use this procedure to set the inst.debug option to create log files before the installation process starts. These log files contain, for example, the current storage configuration.

Prerequisites

  • The Red Hat Enterprise Linux boot menu is displayed.

Procedure

  1. Select the Install Red Hat Enterprise Linux option from the boot menu.
  2. Press the Tab key on BIOS-based systems or the e key on UEFI-based systems to edit the selected boot options.
  3. Append inst.debug to the options. For example:

    vmlinuz ... inst.debug
  4. Press the Enter key on your keyboard. The system stores the pre-installation log files in the /tmp/pre-anaconda-logs/ directory before the installation program starts.
  5. To access the log files, switch to the console.
  6. Change to the /tmp/pre-anaconda-logs/ directory:

    # cd /tmp/pre-anaconda-logs/

B.2.2. Transferring installation log files to a USB drive

Use this procedure to transfer installation log files to a USB drive.

Prerequisites

  • Back up any data on the USB drive before using this procedure.
  • You are logged into a root account and you have access to the installation program’s temporary file system.

Procedure

  1. Press Ctrl + Alt + F2 to access a shell prompt on the system you are installing.
  2. Connect a USB flash drive to the system and run the dmesg command:

    # dmesg

    A log detailing all recent events is displayed. At the end of this log, a set of messages is displayed. For example:

    [ 170.171135] sd 5:0:0:0: [sdb] Attached SCSI removable disk
  3. Note the name of the connected device. In the above example, it is sdb.
  4. Navigate to the /mnt directory and create a new directory that serves as the mount target for the USB drive. This example uses the name usb:

    # mkdir usb
  5. Mount the USB flash drive onto the newly created directory. In most cases, you do not want to mount the whole drive, but a partition on it. Do not use the name sdb, use the name of the partition you want to write the log files to. In this example, the name sdb1 is used:

    # mount /dev/sdb1 /mnt/usb
  6. Verify that you mounted the correct device and partition by accessing it and listing its contents:

    # cd /mnt/usb
    # ls
  7. Copy the log files to the mounted device.

    # cp /tmp/*log /mnt/usb
  8. Unmount the USB flash drive. If you receive an error message that the target is busy, change your working directory to outside the mount (for example, /).

    # umount /mnt/usb

B.2.3. Transferring installation log files over the network

Use this procedure to transfer installation log files over the network.

Prerequisites

  • You are logged into a root account and you have access to the installation program’s temporary file system.

Procedure

  1. Press Ctrl + Alt + F2 to access a shell prompt on the system you are installing.
  2. Switch to the /tmp directory where the log files are located:

    # cd /tmp
  3. Copy the log files onto another system on the network using the scp command:

    # scp *log user@address:path
    1. Replace user with a valid user name on the target system, address with the target system’s address or host name, and path with the path to the directory where you want to save the log files. For example, if you want to log in as john on a system with an IP address of 192.168.0.122 and place the log files into the /home/john/logs/ directory on that system, the command is as follows:

      # scp *log john@192.168.0.122:/home/john/logs/

      When connecting to the target system for the first time, the SSH client asks you to confirm that the fingerprint of the remote system is correct and that you want to continue:

      The authenticity of host '192.168.0.122 (192.168.0.122)' can't be established.
      ECDSA key fingerprint is a4:60:76:eb:b2:d0:aa:23:af:3d:59:5c:de:bb:c4:42.
      Are you sure you want to continue connecting (yes/no)?
    2. Type yes and press Enter to continue. Provide a valid password when prompted. The files are transferred to the specified directory on the target system.

B.3. Detecting memory faults using the Memtest86 application

Faults in memory (RAM) modules can cause your system to fail unpredictably. In certain situations, memory faults might only cause errors with particular combinations of software. For this reason, you should test your system’s memory before you install Red Hat Enterprise Linux.

Note

Red Hat Enterprise Linux includes the Memtest86+ memory testing application for BIOS systems only. Support for UEFI systems is currently unavailable.

B.3.1. Running Memtest86

Use this procedure to run the Memtest86 application to test your system’s memory for faults before you install Red Hat Enterprise Linux.

Prerequisites

  • You have accessed the Red Hat Enterprise Linux boot menu.

Procedure

  1. From the Red Hat Enterprise Linux boot menu, select Troubleshooting > Run a memory test. The Memtest86 application window is displayed and testing begins immediately. By default, Memtest86 performs ten tests in every pass. After the first pass is complete, a message is displayed in the lower part of the window informing you of the current status. Another pass starts automatically.

    If Memtest86+ detects an error, the error is displayed in the central pane of the window and is highlighted in red. The message includes detailed information such as which test detected a problem, the memory location that is failing, and others. In most cases, a single successful pass of all 10 tests is sufficient to verify that your RAM is in good condition. In rare circumstances, however, errors that went undetected during the first pass might appear on subsequent passes. To perform a thorough test on important systems, run the tests overnight or for a few days to complete multiple passes.

    Note

    The amount of time it takes to complete a single full pass of Memtest86+ varies depending on your system’s configuration, notably the RAM size and speed. For example, on a system with 2 GiB of DDR2 memory at 667 MHz, a single pass takes 20 minutes to complete.

  2. Optional: Follow the on-screen instructions to access the Configuration window and specify a different configuration.
  3. To halt the tests and reboot your computer, press the Esc key at any time.

Additional resources

B.4. Verifying boot media

Verifying ISO images helps to avoid problems that are sometimes encountered during installation. These sources include DVD and ISO images stored on a hard drive or NFS server. Use this procedure to test the integrity of an ISO-based installation source before using it to install Red Hat Enterprise Linux.

Prerequisites

  • You have accessed the Red Hat Enterprise Linux boot menu.

Procedure

  1. From the boot menu, select Test this media & install Red Hat Enterprise Linux 8.1 to test the boot media.
  2. The boot process tests the media and highlights any issues.
  3. Optional: You can start the verification process by appending rd.live.check to the boot command line.

B.5. Consoles and logging during installation

The Red Hat Enterprise Linux installer uses the tmux terminal multiplexer to display and control several windows in addition to the main interface. Each of these windows serve a different purpose; they display several different logs, which can be used to troubleshoot issues during the installation process. One of the windows provides an interactive shell prompt with root privileges, unless this prompt was specifically disabled using a boot option or a Kickstart command.

Note

In general, there is no reason to leave the default graphical installation environment unless you need to diagnose an installation problem.

The terminal multiplexer is running in virtual console 1. To switch from the actual installation environment to tmux, press Ctrl+Alt+F1. To go back to the main installation interface which runs in virtual console 6, press Ctrl+Alt+F6.

Note

If you choose text mode installation, you will start in virtual console 1 (tmux), and switching to console 6 will open a shell prompt instead of a graphical interface.

The console running tmux has five available windows; their contents are described in the following table, along with keyboard shortcuts. Note that the keyboard shortcuts are two-part: first press Ctrl+b, then release both keys, and press the number key for the window you want to use.

You can also use Ctrl+b n, Alt+ Tab, and Ctrl+b p to switch to the next or previous tmux window, respectively.

Table B.2. Available tmux windows

ShortcutContents

Ctrl+b 1

Main installation program window. Contains text-based prompts (during text mode installation or if you use VNC direct mode), and also some debugging information.

Ctrl+b 2

Interactive shell prompt with root privileges.

Ctrl+b 3

Installation log; displays messages stored in /tmp/anaconda.log.

Ctrl+b 4

Storage log; displays messages related to storage devices and configuration, stored in /tmp/storage.log.

Ctrl+b 5

Program log; displays messages from utilities executed during the installation process, stored in /tmp/program.log.

B.6. Saving screenshots

You can press Shift+Print Screen at any time during the graphical installation to capture the current screen. The screenshots are saved to /tmp/anaconda-screenshots.

B.7. Display settings and device drivers

Some video cards have trouble booting into the Red Hat Enterprise Linux graphical installation program. If the installation program does not run using its default settings, it attempts to run in a lower resolution mode. If that fails, the installation program attempts to run in text mode. There are several possible solutions to resolve display issues, most of which involve specifying custom boot options. For more information, see Section F.3, “Console boot options”.

Table B.3. Solutions

SolutionDescription

Use the basic graphics mode

You can attempt to perform the installation using the basic graphics driver. To do this, either select Troubleshooting > Install Red Hat Enterprise Linux 8.1 in basic graphics mode from the boot menu, or edit the installation program’s boot options and append inst.xdriver=vesa at the end of the command line.

Specify the display resolution manually

If the installation program fails to detect your screen resolution, you can override the automatic detection and specify it manually. To do this, append the inst.resolution=x option at the boot menu, where x is your display’s resolution, for example, 1024x768.

Use an alternate video driver

You can attempt to specify a custom video driver, overriding the installation program’s automatic detection. To specify a driver, use the inst.xdriver=x option, where x is the device driver you want to use (for example, nouveau)*.

Perform the installation using VNC

If the above options fail, you can use a separate system to access the graphical installation over the network, using the Virtual Network Computing (VNC) protocol. For details on installing using VNC, see the Performing a remote RHEL installation using VNC section of the Performing an advanced RHEL installation document.

*If specifying a custom video driver solves your problem, you should report it as a bug at https://bugzilla.redhat.com under the anaconda component. The installation program should be able to detect your hardware automatically and use the appropriate driver without intervention.

B.8. Reporting error messages to Red Hat Customer Support

If the graphical installation encounters an error, it displays the unknown error dialog box. You can send information about the error to Red Hat Customer Support. To send a report, you must enter your Customer Portal credentials. If you do not have a Customer Portal account, you can register at https://www.redhat.com/wapps/ugc/register.html. Automated error reporting requires a network connection.

Prerequisite

The graphical installation program encountered an error and displayed the unknown error dialog box.

Procedure

  1. From the unknown error dialog box, click Report Bug to report the problem, or Quit to exit the installation.

    1. Optionally, click More Info…​ to display a detailed output that might help determine the cause of the error. If you are familiar with debugging, click Debug. This displays the virtual terminal tty1, where you can request additional information. To return to the graphical interface from tty1, use the continue command.
  2. Click Report a bug to Red Hat Customer Support.
  3. The Red Hat Customer Support - Reporting Configuration dialog box is displayed. From the Basic tab, enter your Customer Portal user name and password. If your network settings require you to use an HTTP or HTTPS proxy, you can configure it by selecting the Advanced tab and entering the address of the proxy server.
  4. Complete all fields and click OK.
  5. A text box is displayed. Explain each step that was taken before the unknown error dialog box was displayed.
  6. Select an option from the How reproducible is this problem drop-down menu and provide additional information in the text box.
  7. Click Forward.
  8. Verify that all the information you provided is in the Comment tab. The other tabs include information such as your system’s host name and other details about your installation environment. You can remove any of the information that you do not want to send to Red Hat, but be aware that providing less detail might affect the investigation of the issue.
  9. Click Forward when you have finished reviewing all tabs.
  10. A dialog box displays all the files that will be sent to Red Hat. Clear the check boxes beside the files that you do not want to send to Red Hat. To add a file, click Attach a file.
  11. Select the check box I have reviewed the data and agree with submitting it.
  12. Click Forward to send the report and attachments to Red Hat.
  13. Click Show log to view the details of the reporting process or click Close to return to the unknown error dialog box.
  14. Click Quit to exit the installation.

A.1. Troubleshooting during the installation

The troubleshooting information in the following sections might be helpful when diagnosing issues during the installation process. The following sections are for all supported architectures. However, if an issue is for a particular architecture, it is specified at the start of the section.

A.1.1. Disks are not detected

If the installation program cannot find a writable storage device to install to, it returns the following error message in the Installation Destination window: No disks detected. Please shut down the computer, connect at least one disk, and restart to complete installation.

Check the following items:

  • Your system has at least one storage device attached.
  • If your system uses a hardware RAID controller; verify that the controller is properly configured and working as expected. See your controller’s documentation for instructions.
  • If you are installing into one or more iSCSI devices and there is no local storage present on the system, verify that all required LUNs are presented to the appropriate Host Bus Adapter (HBA).

If the error message is still displayed after rebooting the system and starting the installation process, the installation program failed to detect the storage. In many cases the error message is a result of attempting to install on an iSCSI device that is not recognized by the installation program.

In this scenario, you must perform a driver update before starting the installation. Check your hardware vendor’s website to determine if a driver update is available. For more general information on driver updates, see the Updating drivers during installation section of the Performing an advanced RHEL installation document.

You can also consult the Red Hat Hardware Compatibility List, available at https://access.redhat.com/ecosystem/search/#/category/Server.

A.1.2. Reporting error messages to Red Hat Customer Support

If the graphical installation encounters an error, it displays the unknown error dialog box. You can send information about the error to Red Hat Customer Support. To send a report, you must enter your Customer Portal credentials. If you do not have a Customer Portal account, you can register at https://www.redhat.com/wapps/ugc/register.html. Automated error reporting requires a network connection.

Prerequisite

The graphical installation program encountered an error and displayed the unknown error dialog box.

Procedure

  1. From the unknown error dialog box, click Report Bug to report the problem, or Quit to exit the installation.

    1. Optionally, click More Info…​ to display a detailed output that might help determine the cause of the error. If you are familiar with debugging, click Debug. This displays the virtual terminal tty1, where you can request additional information. To return to the graphical interface from tty1, use the continue command.
  2. Click Report a bug to Red Hat Customer Support.
  3. The Red Hat Customer Support - Reporting Configuration dialog box is displayed. From the Basic tab, enter your Customer Portal user name and password. If your network settings require you to use an HTTP or HTTPS proxy, you can configure it by selecting the Advanced tab and entering the address of the proxy server.
  4. Complete all fields and click OK.
  5. A text box is displayed. Explain each step that was taken before the unknown error dialog box was displayed.
  6. Select an option from the How reproducible is this problem drop-down menu and provide additional information in the text box.
  7. Click Forward.
  8. Verify that all the information you provided is in the Comment tab. The other tabs include information such as your system’s host name and other details about your installation environment. You can remove any of the information that you do not want to send to Red Hat, but be aware that providing less detail might affect the investigation of the issue.
  9. Click Forward when you have finished reviewing all tabs.
  10. A dialog box displays all the files that will be sent to Red Hat. Clear the check boxes beside the files that you do not want to send to Red Hat. To add a file, click Attach a file.
  11. Select the check box I have reviewed the data and agree with submitting it.
  12. Click Forward to send the report and attachments to Red Hat.
  13. Click Show log to view the details of the reporting process or click Close to return to the unknown error dialog box.
  14. Click Quit to exit the installation.

A.1.3. Partitioning issues for IBM Power Systems

Note

This issue is for IBM Power Systems.

If you manually created partitions, but cannot move forward in the installation process, you might not have created all the partitions that are necessary for the installation to proceed. At a minimum, you must have the following partitions:

  • / (root) partition
  • PReP boot partition
  • /boot partition (only if the root partition is an LVM logical volume)

See Section E.4, “Recommended partitioning scheme” for more information.

Appendix C. Troubleshooting

The troubleshooting information in the following sections might be helpful when diagnosing issues after the installation process. The following sections are for all supported architectures. However, if an issue is for a particular architecture, it is specified at the start of the section.

C.1. Resuming an interrupted download attempt

You can resume an interrupted download using the curl command.

Prerequisite

  • You have navigated to the Product Downloads section of the Red Hat Customer Portal at https://access.redhat.com/downloads, and selected the required variant, version, and architecture.
  • You have right-clicked on the required ISO file, and selected Copy Link Location to copy the URL of the ISO image file to your clipboard.

Procedure

  1. Download the ISO image from the new link. Add the --continue-at - option to automatically resume the download:

    $ curl --output directory-path/filename.iso 'new_copied_link_location' --continue-at -
  2. Use a checksum utility such as sha256sum to verify the integrity of the image file after the download finishes:

    $ sha256sum rhel-8.1-x86_64-dvd.iso
    			`85a...46c rhel-8.1-x86_64-dvd.iso`

    Compare the output with reference checksums provided on the Red Hat Enterprise Linux Product Download web page.

Example C.1. Resuming an interrupted download attempt

The following is an example of a curl command for a partially downloaded ISO image:

$ curl --output _rhel-8.1-x86_64-dvd.iso 'https://access.cdn.redhat.com//content/origin/files/sha256/85/85a...46c/rhel-8.1-x86_64-dvd.iso?_auth=141...963' --continue-at -

C.2. Disks are not detected

If the installation program cannot find a writable storage device to install to, it returns the following error message in the Installation Destination window: No disks detected. Please shut down the computer, connect at least one disk, and restart to complete installation.

Check the following items:

  • Your system has at least one storage device attached.
  • If your system uses a hardware RAID controller; verify that the controller is properly configured and working as expected. See your controller’s documentation for instructions.
  • If you are installing into one or more iSCSI devices and there is no local storage present on the system, verify that all required LUNs are presented to the appropriate Host Bus Adapter (HBA).

If the error message is still displayed after rebooting the system and starting the installation process, the installation program failed to detect the storage. In many cases the error message is a result of attempting to install on an iSCSI device that is not recognized by the installation program.

In this scenario, you must perform a driver update before starting the installation. Check your hardware vendor’s website to determine if a driver update is available. For more general information on driver updates, see the Updating drivers during installation section of the Performing an advanced RHEL installation document.

You can also consult the Red Hat Hardware Compatibility List, available at https://access.redhat.com/ecosystem/search/#/category/Server.

C.3. Cannot boot with a RAID card

If you cannot boot your system after the installation, you might need to reinstall and repartition your system’s storage. Some BIOS types do not support booting from RAID cards. After you finish the installation and reboot the system for the first time, a text-based screen displays the boot loader prompt (for example, grub>) and a flashing cursor might be displayed. If this is the case, you must repartition your system and move your /boot partition and the boot loader outside of the RAID array. The /boot partition and the boot loader must be on the same drive. Once these changes have been made, you should be able to finish your installation and boot the system properly.

C.4. Graphical boot sequence is not responding

When rebooting your system for the first time after installation, the system might be unresponsive during the graphical boot sequence. If this occurs, a reset is required. In this scenario, the boot loader menu is displayed successfully, but selecting any entry and attempting to boot the system results in a halt. This usually indicates that there is a problem with the graphical boot sequence. To resolve the issue, you must disable the graphical boot by temporarily altering the setting at boot time before changing it permanently.

Procedure: Disabling the graphical boot temporarily

  1. Start your system and wait until the boot loader menu is displayed. If you set your boot timeout period to 0, press the Esc key to access it.
  2. From the boot loader menu, use your cursor keys to highlight the entry you want to boot. Press the Tab key on BIOS-based systems or the e key on UEFI-based systems to edit the selected entry options.
  3. In the list of options, find the kernel line - that is, the line beginning with the keyword linux. On this line, locate and delete rhgb.
  4. Press F10 or Ctrl+X to boot your system with the edited options.

If the system started successfully, you can log in normally. However, if you do not disable graphical boot permanently, you must perform this procedure every time the system boots.

Procedure: Disabling the graphical boot permanently

  1. Log in to the root account on your system.
  2. Use the grubby tool to find the default GRUB2 kernel:

    # grubby --default-kernel
    /boot/vmlinuz-4.18.0-94.el8.x86_64
  3. Use the grubby tool to remove the rhgb boot option from the default kernel in your GRUB2 configuration. For example:

    # grubby --remove-args="rhgb" --update-kernel /boot/vmlinuz-4.18.0-94.el8.x86_64
  4. Reboot the system. The graphical boot sequence is no longer used. If you want to enable the graphical boot sequence, follow the same procedure, replacing the --remove-args="rhgb" parameter with the --args="rhgb" parameter. This restores the rhgb boot option to the default kernel in your GRUB2 configuration.

C.5. X server fails after log in

An X server is a program in the X Window System that runs on local machines, that is, the computers used directly by users. X server handles all access to the graphics cards, display screens and input devices, typically a keyboard and mouse on those computers. The X Window System, often referred to as X, is a complete, cross-platform and free client-server system for managing GUIs on single computers and on networks of computers. The client-server model is an architecture that divides the work between two separate but linked applications, referred to as clients and servers.*

If X server crashes after login, one or more of the file systems might be full. To troubleshoot the issue, execute the following command:

$ df -h

The output verifies which partition is full - in most cases, the problem is on the /home partition. The following is a sample output of the df command:

Filesystem                                  Size  Used Avail Use% Mounted on
devtmpfs                                    396M     0  396M   0%  /dev
tmpfs                                       411M     0  411M   0%  /dev/shm
tmpfs                                       411M  6.7M  405M   2%  /run
tmpfs                                       411M     0  411M   0%  /sys/fs/cgroup
/dev/mapper/rhel-root                       17G    4.1G  13G   25% /
/dev/sda1                                   1014M  173M 842M  17% /boot
tmpfs                                       83M    20K   83M   1%  /run/user/42
tmpfs                                       83M    84K  83M    1%  /run/user/1000
/dev/dm-4                                   90G    90G    0  100% /home

In the example, you can see that the /home partition is full, which causes the failure. Remove any unwanted files. After you free up some disk space, start X using the startx command. For additional information about df and an explanation of the options available, such as the -h option used in this example, see the df(1) man page.

*Source: http://www.linfo.org/x_server.html

C.6. RAM is not recognized

In some scenarios, the kernel does not recognize all memory (RAM), which causes the system to use less memory than is installed. You can find out how much RAM is being utilized using the free -m command. If the total amount of memory does not match your expectations, it is likely that at least one of your memory modules is faulty. On BIOS-based systems, you can use the Memtest86+ utility to test your system’s memory.

Some hardware configurations have part of the system’s RAM reserved, and as a result, it is unavailable to the system. Some laptop computers with integrated graphics cards reserve a portion of memory for the GPU. For example, a laptop with 4 GiB of RAM and an integrated Intel graphics card shows roughly 3.7 GiB of available memory. Additionally, the kdump crash kernel dumping mechanism, which is enabled by default on most Red Hat Enterprise Linux systems, reserves some memory for the secondary kernel used in case of a primary kernel failure. This reserved memory is not displayed as available when using the free command.

Procedure: Manually configuring the memory

Use this procedure to manually set the amount of memory using the mem= kernel option.

  1. Start your system and wait until the boot loader menu is displayed. If you set your boot timeout period to 0, press the Esc key to access it.
  2. From the boot loader menu, use your cursor keys to highlight the entry you want to boot, and press the Tab key on BIOS-based systems or the e key on UEFI-based systems to edit the selected entry options.
  3. In the list of options, find the kernel line - that is, the line beginning with the keyword linux. Append the following option to the end of this line:

    mem=xxM
  4. Replace xx with the amount of RAM you have in MiB.
  5. Press F10 or Ctrl+X to boot your system with the edited options.
  6. Wait for the system to boot and then log in.
  7. Open a command line and execute the free -m command again. If the total amount of RAM displayed by the command matches your expectations, append the following to the line beginning with GRUB_CMDLINE_LINUX in the /etc/default/grub file to make the change permanent:

    # grub2-mkconfig --output=/boot/grub2/grub.cfg

C.7. System is displaying signal 11 errors

A signal 11 error, commonly known as a segmentation fault means that a program accessed a memory location that it was not assigned. A signal 11 error can occur due to a bug in one of the software programs that are installed, or faulty hardware. If you receive a signal 11 error during the installation process, verify that you are using the most recent installation images and prompt the installation program to verify them to ensure they are not corrupt. For more information, see Section B.4, “Verifying boot media”.

Faulty installation media (such as an improperly burned or scratched optical disk) are a common cause of signal 11 errors. Verifying the integrity of the installation media is recommended before every installation. For information about obtaining the most recent installation media, see Downloading the installation ISO image.

To perform a media check before the installation starts, append the rd.live.check boot option at the boot menu. If you performed a media check without any errors and you still have issues with segmentation faults, it usually indicates that your system encountered a hardware error. In this scenario, the problem is most likely in the system’s memory (RAM). This can be a problem even if you previously used a different operating system on the same computer without any errors.

Note

For AMD and Intel 64-bit and 64-bit ARM architectures: On BIOS-based systems, you can use the Memtest86+ memory testing module included on the installation media to perform a thorough test of your system’s memory. For more information, see Section B.3, “Detecting memory faults using the Memtest86 application”.

Other possible causes are beyond this document’s scope. Consult your hardware manufacturer’s documentation and also see the Red Hat Hardware Compatibility List, available online at https://access.redhat.com/ecosystem/search/#/category/Server.

C.8. Unable to IPL from network storage space

Note

This issue is for IBM Power Systems.

If you experience difficulties when trying to IPL from Network Storage Space (*NWSSTG), it is most likely due to a missing PReP partition. In this scenario, you must reinstall the system and create this partition during the partitioning phase or in the Kickstart file.

C.9. Using XDMCP

There are scenarios where you have installed the X Window System and want to log in to your Red Hat Enterprise Linux system using a graphical login manager. Use this procedure to enable the X Display Manager Control Protocol (XDMCP) and remotely log in to a desktop environment from any X-compatible client, such as a network-connected workstation or X11 terminal.

Note

XDMCP is not supported by the Wayland protocol. For more information, see the Using the desktop environment in RHEL 8 document.

Note

This issue is for IBM Z.

Procedure

  1. Open the /etc/gdm/custom.conf configuration file in a plain text editor such as vi or nano.
  2. In the custom.conf file, locate the section starting with [xdmcp]. In this section, add the following line:

    Enable=true
  3. Save the file and exit the text editor.
  4. Restart the X Window System. To do this, either reboot the system, or restart the GNOME Display Manager using the following command as root:

    # systemctl restart gdm.service
  5. Wait for the login prompt and log in using your user name and password. The X Window System is now configured for XDMCP. You can connect to it from another workstation (client) by starting a remote X session using the X command on the client workstation. For example:

    $ X :1 -query address
  6. Replace address with the host name of the remote X11 server. The command connects to the remote X11 server using XDMCP and displays the remote graphical login screen on display :1 of the X11 server system (usually accessible by pressing Ctrl-Alt-F8). You can also access remote desktop sessions using a nested X11 server, which opens the remote desktop as a window in your current X11 session. You can use Xnest to open a remote desktop nested in a local X11 session. For example, run Xnest using the following command, replacing address with the host name of the remote X11 server:

    $ Xnest :1 -query address

    For more information about XDMCP, see the X Window System documentation at http://www.x.org/releases/X11R7.6/doc/libXdmcp/xdmcp.html.

C.10. Using rescue mode

The installation program’s rescue mode is a minimal Linux environment that can be booted from the Red Hat Enterprise Linux DVD or other boot media. It contains command-line utilities for repairing a wide variety of issues. Rescue mode can be accessed from the Troubleshooting menu of the boot menu. In this mode, you can mount file systems as read-only, blacklist or add a driver provided on a driver disc, install or upgrade system packages, or manage partitions.

Note

The installation program’s rescue mode is different from rescue mode (an equivalent to single-user mode) and emergency mode, which are provided as parts of the systemd system and service manager.

To boot into rescue mode, you must be able to boot the system using one of the Red Hat Enterprise Linux boot media, such as a minimal boot disc or USB drive, or a full installation DVD.

Important

Advanced storage, such as iSCSI or zFCP devices, must be configured either using dracut boot options such as rd.zfcp= or root=iscsi: options, or in the CMS configuration file on IBM Z. It is not possible to configure these storage devices interactively after booting into rescue mode. For information about dracut boot options, see the dracut.cmdline(7) man page.

C.10.1. Booting into rescue mode

Use this procedure to boot into rescue mode.

Procedure

  1. Boot the system from either minimal boot media, or a full installation DVD or USB drive, and wait for the boot menu to be displayed.
  2. From the boot menu, either select Troubleshooting > Rescue a Red Hat Enterprise Linux system option, or append the inst.rescue option to the boot command line. To enter the boot command line, press the Tab key on BIOS-based systems or the e key on UEFI-based systems.
  3. Optional: If your system requires a third-party driver provided on a driver disc to boot, append the inst.dd=driver_name to the boot command line:

    inst.rescue inst.dd=driver_name
  4. Optional: If a driver that is part of the Red Hat Enterprise Linux distribution prevents the system from booting, append the modprobe.blacklist= option to the boot command line:

    inst.rescue modprobe.blacklist=driver_name
  5. Press Enter (BIOS-based systems) or Ctrl+X (UEFI-based systems) to boot the modified option. Wait until the following message is displayed:

    The rescue environment will now attempt to find your Linux installation and mount it under the directory: /mnt/sysroot/. You can then make any changes required to your system. Choose 1 to proceed with this step. You can choose to mount your file systems read-only instead of read-write by choosing 2. If for some reason this process does not work choose 3 to skip directly to a shell.
    
    1) Continue
    2) Read-only mount
    3) Skip to shell
    4) Quit (Reboot)

    If you select 1, the installation program attempts to mount your file system under the directory /mnt/sysroot/. You are notified if it fails to mount a partition. If you select 2, it attempts to mount your file system under the directory /mnt/sysroot/, but in read-only mode. If you select 3, your file system is not mounted.

    For the system root, the installer supports two mount points /mnt/sysimage and /mnt/sysroot. The /mnt/sysroot path is used to mount / of the target system. Usually, the physical root and the system root are the same, so /mnt/sysroot is attached to the same file system as /mnt/sysimage. The only exceptions are rpm-ostree systems, where the system root changes based on the deployment. Then, /mnt/sysroot is attached to a subdirectory of /mnt/sysimage. It is recommended to use /mnt/sysroot for chroot.

  6. Select 1 to continue. Once your system is in rescue mode, a prompt appears on VC (virtual console) 1 and VC 2. Use the Ctrl+Alt+F1 key combination to access VC 1 and Ctrl+Alt+F2 to access VC 2:

    sh-4.2#
  7. Even if your file system is mounted, the default root partition while in rescue mode is a temporary root partition, not the root partition of the file system used during normal user mode (multi-user.target or graphical.target). If you selected to mount your file system and it mounted successfully, you can change the root partition of the rescue mode environment to the root partition of your file system by executing the following command:

    sh-4.2# chroot /mnt/sysroot

    This is useful if you need to run commands, such as rpm, that require your root partition to be mounted as /. To exit the chroot environment, type exit to return to the prompt.

  8. If you selected 3, you can still try to mount a partition or LVM2 logical volume manually inside rescue mode by creating a directory, such as /directory/, and typing the following command:

    sh-4.2# mount -t xfs /dev/mapper/VolGroup00-LogVol02 /directory

    In the above command, /directory/ is the directory that you created and /dev/mapper/VolGroup00-LogVol02 is the LVM2 logical volume you want to mount. If the partition is a different type than XFS, replace the xfs string with the correct type (such as ext4).

  9. If you do not know the names of all physical partitions, use the following command to list them:

    sh-4.2# fdisk -l

    If you do not know the names of all LVM2 physical volumes, volume groups, or logical volumes, use the pvdisplay, vgdisplay or lvdisplay commands.

C.10.2. Using an SOS report in rescue mode

The sosreport command-line utility collects configuration and diagnostic information, such as the running kernel version, loaded modules, and system and service configuration files from the system. The utility output is stored in a tar archive in the /var/tmp/ directory. The sosreport utility is useful for analyzing system errors and troubleshooting. Use this procedure to capture an sosreport output in rescue mode.

Prerequisites

  • You have booted into rescue mode.
  • You have mounted the installed system / (root) partition in read-write mode.
  • You have contacted Red Hat Support about your case and received a case number.

Procedure

  1. Change the root directory to the /mnt/sysroot/ directory:

    sh-4.2# chroot /mnt/sysroot/
  2. Execute sosreport to generate an archive with system configuration and diagnostic information:

    sh-4.2# sosreport
    Important

    sosreport prompts you to enter your name and the case number you received from Red Hat Support. Use only letters and numbers because adding any of the following characters or spaces could render the report unusable:

    # % & { } \ < > > * ? / $ ~ ' " : @ + ` | =

  3. Optional: If you want to transfer the generated archive to a new location using the network, it is necessary to have a network interface configured. In this scenario, use the dynamic IP addressing as no other steps required. However, when using static addressing, enter the following command to assign an IP address (for example 10.13.153.64/23) to a network interface, for example dev eth0:

    bash-4.2# ip addr add 10.13.153.64/23 dev eth0
  4. Exit the chroot environment:

    sh-4.2# exit
  5. Store the generated archive in a new location, from where it can be easily accessible:

    sh-4.2# cp /mnt/sysroot/var/tmp/sosreport new_location
  6. For transferring the archive through the network, use the scp utility:

    sh-4.2# scp /mnt/sysroot/var/tmp/sosreport username@hostname:sosreport

    Additional resources

C.10.3. Reinstalling the GRUB2 boot loader

In some scenarios, the GRUB2 boot loader is mistakenly deleted, corrupted, or replaced by other operating systems. Use this procedure to reinstall GRUB2 on the master boot record (MBR) on AMD64 and Intel 64 systems with BIOS, or on the little-endian variants of IBM Power Systems with Open Firmware.

Prerequisites

  • You have booted into rescue mode.
  • You have mounted the installed system / (root) partition in read-write mode.
  • You have mounted the /boot mount point in read-write mode.

Procedure

  1. Change the root partition:

    sh-4.2# chroot /mnt/sysroot/
  2. Reinstall the GRUB2 boot loader, where the install_device block device was installed:

    sh-4.2# /sbin/grub2-install install_device
    Important

    Running the grub2-install command could lead to the machine being unbootable if all the following conditions apply:

    • The system is an AMD64 or Intel 64 with Extensible Firmware Interface (EFI).
    • Secure Boot is enabled.

    After you run the grub2-install command, you cannot boot the AMD64 or Intel 64 systems that have Extensible Firmware Interface (EFI) and Secure Boot enabled. This issue occurs because the grub2-install command installs an unsigned GRUB2 image that boots directly instead of using the shim application. When the system boots, the shim application validates the image signature, which when not found fails to boot the system.

  3. Reboot the system.

C.10.4. Using RPM to add or remove a driver

Missing or malfunctioning drivers cause problems when booting the system. Rescue mode provides an environment in which you can add or remove a driver even when the system fails to boot. Wherever possible, it is recommended that you use the RPM package manager to remove malfunctioning drivers or to add updated or missing drivers. Use the following procedures to add or remove a driver.

Important

When you install a driver from a driver disc, the driver disc updates all initramfs images on the system to use this driver. If a problem with a driver prevents a system from booting, you cannot rely on booting the system from another initramfs image.

Procedure: Adding a driver using RPM

Use this procedure to add a driver.

Prerequisites

  • You have booted into rescue mode.
  • You have mounted the installed system in read-write mode.

    1. Make the RPM package that contains the driver available. For example, mount a CD or USB flash drive and copy the RPM package to a location of your choice under /mnt/sysroot/, for example: /mnt/sysroot/root/drivers/.
    2. Change the root directory to /mnt/sysroot/:

      sh-4.2# chroot /mnt/sysroot/
    3. Use the rpm -ivh command to install the driver package. For example, run the following command to install the xorg-x11-drv-wacom driver package from /root/drivers/:

      sh-4.2# rpm -­ivh /root/drivers/xorg-x11-drv-wacom-0.23.0-6.el7.x86_64.rpm
      Note

      The /root/drivers/ directory in this chroot environment is the /mnt/sysroot/root/drivers/ directory in the original rescue environment.

    4. Exit the chroot environment:

      sh-4.2# exit

Procedure: Removing a driver using RPM

Use this procedure to remove a driver.

Prerequisites

  • You have booted into rescue mode.
  • You have mounted the installed system in read-write mode.

    1. Change the root directory to the /mnt/sysroot/ directory:

      sh-4.2# chroot /mnt/sysroot/
    2. Use the rpm -e command to remove the driver package. For example, to remove the xorg-x11-drv-wacom driver package, run:

      sh-4.2# rpm -e xorg-x11-drv-wacom
    3. Exit the chroot environment:

      sh-4.2# exit

      If you cannot remove a malfunctioning driver for some reason, you can instead blocklist the driver so that it does not load at boot time.

    4. When you have finished adding and removing drivers, reboot the system.

C.11. ip= boot option returns an error

Using the ip= boot option format ip=[ip address] for example, ip=192.168.1.1 returns the error message Fatal for argument 'ip=[insert ip here]'\n sorry, unknown value [ip address] refusing to continue.

In previous releases of Red Hat Enterprise Linux, the boot option format was:

--ip=192.168.1.15 --netmask=255.255.255.0 --gateway=192.168.1.254 --nameserver=192.168.1.250 --hostname=myhost1

However, in Red Hat Enterprise Linux 8, the boot option format is:

ip=192.168.1.15::192.168.1.254:255.255.255.0:myhost1::none: nameserver=192.168.1.250

To resolve the issue, use the format: ip=ip::gateway:netmask:hostname:interface:none where:

  • ip specifies the client ip address. You can specify IPv6 addresses in square brackets, for example, [2001:DB8::1].
  • gateway is the default gateway. IPv6 addresses are also accepted.
  • netmask is the netmask to be used. This can be either a full netmask, for example, 255.255.255.0, or a prefix, for example, 64.
  • hostname is the host name of the client system. This parameter is optional.

For more information, see Section F.2, “Network boot options”.

C.12. Cannot boot into the graphical installation on iLO or iDRAC devices

The graphical installer for a remote ISO installation on iLO or iDRAC devices may not be available due to a slow internet connection. To proceed with the installation in this case, you can choose one of the following methods:

  1. Avoid the timeout. To do so:

    1. Press the Tab key in case of BIOS usage, or the e key in case of UEFI usage when booting from an installation media. That will allow you to modify the kernel command line arguments.
    2. To proceed with the installation, append the rd.live.ram=1 and press Enter in case of BIOS usage, or Ctrl+x in case of UEFI usage.

      This might take longer time to load the installation program.

  2. Another option to extend the loading time for the graphical installer is to set the inst.xtimeout kernel argument in seconds.

    inst.xtimeout=N
  3. You can install the system in text mode. For more details, see Installing RHEL8 in text mode.
  4. In the remote management console, such as iLO or iDRAC, instead of a local media source, use the direct URL to the installation ISO file from the Download center on the Red Hat Customer Portal. You must be logged in to access this section.

Appendix D. System requirements reference

This section provides information and guidelines for hardware, installation target, system, memory, and RAID when installing Red Hat Enterprise Linux.

D.1. Hardware compatibility

Red Hat works closely with hardware vendors on supported hardware.

D.2. Supported installation targets

An installation target is a storage device that stores Red Hat Enterprise Linux and boots the system. Red Hat Enterprise Linux supports the following installation targets for AMD64, Intel 64, and 64-bit ARM systems:

  • Storage connected by a standard internal interface, such as SCSI, SATA, or SAS
  • BIOS/firmware RAID devices
  • NVDIMM devices in sector mode on the Intel64 and AMD64 architectures, supported by the nd_pmem driver.
  • Fibre Channel Host Bus Adapters and multipath devices. Some can require vendor-provided drivers.
  • Xen block devices on Intel processors in Xen virtual machines.
  • VirtIO block devices on Intel processors in KVM virtual machines.

Red Hat does not support installation to USB drives or SD memory cards. For information about support for third-party virtualization technologies, see the Red Hat Hardware Compatibility List.

D.3. System specifications

The Red Hat Enterprise Linux installation program automatically detects and installs your system’s hardware, so you should not have to supply any specific system information. However, for certain Red Hat Enterprise Linux installation scenarios, it is recommended that you record system specifications for future reference. These scenarios include:

Installing RHEL with a customized partition layout

Record: The model numbers, sizes, types, and interfaces of the hard drives attached to the system. For example, Seagate ST3320613AS 320 GB on SATA0, Western Digital WD7500AAKS 750 GB on SATA1.

Installing RHEL as an additional operating system on an existing system

Record: Partitions used on the system. This information can include file system types, device node names, file system labels, and sizes, and allows you to identify specific partitions during the partitioning process. If one of the operating systems is a Unix operating system, Red Hat Enterprise Linux may report the device names differently. Additional information can be found by executing the equivalent of the mount command and the blkid command, and in the /etc/fstab file.

If multiple operating systems are installed, the Red Hat Enterprise Linux installation program attempts to automatically detect them, and to configure boot loader to boot them. You can manually configure additional operating systems if they are not detected automatically. See Configuring boot loader in Section 4.4, “Configuring software options” for more information.

Installing RHEL from an image on a local hard drive

Record: The hard drive and directory that holds the image.

Installing RHEL from a network location

If the network has to be configured manually, that is, DHCP is not used.

Record:

  • IP address
  • Netmask
  • Gateway IP address
  • Server IP addresses, if required

Contact your network administrator if you need assistance with networking requirements.

Installing RHEL on an iSCSI target

Record: The location of the iSCSI target. Depending on your network, you may need a CHAP user name and password, and a reverse CHAP user name and password.

Installing RHEL if the system is part of a domain

Verify that the domain name is supplied by the DHCP server. If it is not, enter the domain name during installation.

D.4. Disk and memory requirements

If several operating systems are installed, it is important that you verify that the allocated disk space is separate from the disk space required by Red Hat Enterprise Linux.

Note
  • For AMD64, Intel 64, and 64-bit ARM, at least two partitions (/ and swap) must be dedicated to Red Hat Enterprise Linux.
  • For IBM Power Systems servers, at least three partitions (/, swap, and a PReP boot partition) must be dedicated to Red Hat Enterprise Linux.

You must have a minimum of 10 GiB of available disk space.

To install Red Hat Enterprise Linux, you must have a minimum of 10 GiB of space in either unpartitioned disk space or in partitions that can be deleted. See Appendix E, Partitioning reference for more information.

Table D.1. Minimum RAM requirements

Installation typeRecommended minimum RAM

Local media installation (USB, DVD)

  • 1.5 GiB for aarch64, s390x and x86_64 architectures
  • 3 GiB for ppc64le architecture

NFS network installation

  • 1.5 GiB for aarch64, s390x and x86_64 architectures
  • 3 GiB for ppc64le architecture

HTTP, HTTPS or FTP network installation

  • 3 GiB for s390x and x86_64 architectures
  • 4 GiB for aarch64 and ppc64le architectures
Note

It is possible to complete the installation with less memory than the recommended minimum requirements. The exact requirements depend on your environment and installation path. It is recommended that you test various configurations to determine the minimum required RAM for your environment. Installing Red Hat Enterprise Linux using a Kickstart file has the same recommended minimum RAM requirements as a standard installation. However, additional RAM may be required if your Kickstart file includes commands that require additional memory, or write data to the RAM disk. See the Performing an advanced RHEL installation document for more information.

D.5. RAID requirements

It is important to understand how storage technologies are configured and how support for them may have changed between major versions of Red Hat Enterprise Linux.

Hardware RAID

Any RAID functions provided by the mainboard of your computer, or attached controller cards, need to be configured before you begin the installation process. Each active RAID array appears as one drive within Red Hat Enterprise Linux.

Software RAID

On systems with more than one hard drive, you can use the Red Hat Enterprise Linux installation program to operate several of the drives as a Linux software RAID array. With a software RAID array, RAID functions are controlled by the operating system rather than the dedicated hardware.

Note

When a pre-existing RAID array’s member devices are all unpartitioned disks/drives, the installation program treats the array as a disk and there is no method to remove the array.

USB Disks

You can connect and configure external USB storage after installation. Most devices are recognized by the kernel, but some devices may not be recognized. If it is not a requirement to configure these disks during installation, disconnect them to avoid potential problems.

NVDIMM devices

To use a Non-Volatile Dual In-line Memory Module (NVDIMM) device as storage, the following conditions must be satisfied:

  • Version of Red Hat Enterprise Linux is 7.6 or later.
  • The architecture of the system is Intel 64 or AMD64.
  • The device is configured to sector mode. Anaconda can reconfigure NVDIMM devices to this mode.
  • The device must be supported by the nd_pmem driver.

Booting from an NVDIMM device is possible under the following additional conditions:

  • The system uses UEFI.
  • The device must be supported by firmware available on the system, or by a UEFI driver. The UEFI driver may be loaded from an option ROM of the device itself.
  • The device must be made available under a namespace.

To take advantage of the high performance of NVDIMM devices during booting, place the /boot and /boot/efi directories on the device.

Note

The Execute-in-place (XIP) feature of NVDIMM devices is not supported during booting and the kernel is loaded into conventional memory.

Considerations for Intel BIOS RAID Sets

Red Hat Enterprise Linux uses mdraid for installing on Intel BIOS RAID sets. These sets are automatically detected during the boot process and their device node paths can change across several booting processes. For this reason, local modifications to the /etc/fstab, /etc/crypttab or other configuration files that refer to the devices by their device node paths may not work in Red Hat Enterprise Linux. It is recommended that you replace device node paths (such as /dev/sda) with file system labels or device UUIDs. You can find the file system labels and device UUIDs using the blkid command.

D.6. UEFI Secure Boot and Beta release requirements

If you plan to install a Beta release of Red Hat Enterprise Linux, on systems having UEFI Secure Boot enabled, then first disable the UEFI Secure Boot option and then begin the installation.

UEFI Secure Boot requires that the operating system kernel is signed with a recognized private key, which the system’s firware verifies using the corresponding public key. For Red Hat Enterprise Linux Beta releases, the kernel is signed with a Red Hat Beta-specific public key, which the system fails to recognize by default. As a result, the system fails to even boot the installation media.

Appendix E. Partitioning reference

E.1. Supported device types

Standard partition
A standard partition can contain a file system or swap space. Standard partitions are most commonly used for /boot and the BIOS Boot and EFI System partitions. LVM logical volumes are recommended for most other uses.
LVM
Choosing LVM (or Logical Volume Management) as the device type creates an LVM logical volume. If no LVM volume group currently exists, one is automatically created to contain the new volume; if an LVM volume group already exists, the volume is assigned. LVM can improve performance when using physical disks, and it allows for advanced setups such as using multiple physical disks for one mount point, and setting up software RAID for increased performance, reliability, or both.
LVM thin provisioning
Using thin provisioning, you can manage a storage pool of free space, known as a thin pool, which can be allocated to an arbitrary number of devices when needed by applications. You can dynamically expand the pool when needed for cost-effective allocation of storage space.
Warning

The installation program does not support overprovisioned LVM thin pools.

E.2. Supported file systems

This section describes the file systems available in Red Hat Enterprise Linux.

xfs
XFS is a highly scalable, high-performance file system that supports file systems up to 16 exabytes (approximately 16 million terabytes), files up to 8 exabytes (approximately 8 million terabytes), and directory structures containing tens of millions of entries. XFS also supports metadata journaling, which facilitates quicker crash recovery. The maximum supported size of a single XFS file system is 500 TB. XFS is the default and recommended file system on Red Hat Enterprise Linux.
ext4
The ext4 file system is based on the ext3 file system and features a number of improvements. These include support for larger file systems and larger files, faster and more efficient allocation of disk space, no limit on the number of subdirectories within a directory, faster file system checking, and more robust journaling. The maximum supported size of a single ext4 file system is 50 TB.
ext3
The ext3 file system is based on the ext2 file system and has one main advantage - journaling. Using a journaling file system reduces the time spent recovering a file system after it terminates unexpectedly, as there is no need to check the file system for metadata consistency by running the fsck utility every time.
ext2
An ext2 file system supports standard Unix file types, including regular files, directories, or symbolic links. It provides the ability to assign long file names, up to 255 characters.
swap
Swap partitions are used to support virtual memory. In other words, data is written to a swap partition when there is not enough RAM to store the data your system is processing.
vfat

The VFAT file system is a Linux file system that is compatible with Microsoft Windows long file names on the FAT file system.

Note

Support for VFAT file system is not available for Linux system partitions. For example, /, /var, /usr and so on.

BIOS Boot
A very small partition required for booting from a device with a GUID partition table (GPT) on BIOS systems and UEFI systems in BIOS compatibility mode.
EFI System Partition
A small partition required for booting a device with a GUID partition table (GPT) on a UEFI system.
PReP
This small boot partition is located on the first partition of the hard drive. The PReP boot partition contains the GRUB2 boot loader, which allows other IBM Power Systems servers to boot Red Hat Enterprise Linux.

E.3. Supported RAID types

RAID stands for Redundant Array of Independent Disks, a technology which allows you to combine multiple physical disks into logical units. Some setups are designed to enhance performance at the cost of reliability, while others improve reliability at the cost of requiring more disks for the same amount of available space.

This section describes supported software RAID types which you can use with LVM and LVM Thin Provisioning to set up storage on the installed system.

None
No RAID array is set up.
RAID 0
Performance: Distributes data across multiple disks. RAID 0 offers increased performance over standard partitions and can be used to pool the storage of multiple disks into one large virtual device. Note that RAID 0 offers no redundancy and that the failure of one device in the array destroys data in the entire array. RAID 0 requires at least two disks.
RAID 1
Redundancy: Mirrors all data from one partition onto one or more other disks. Additional devices in the array provide increasing levels of redundancy. RAID 1 requires at least two disks.
RAID 4
Error checking: Distributes data across multiple disks and uses one disk in the array to store parity information which safeguards the array in case any disk in the array fails. As all parity information is stored on one disk, access to this disk creates a "bottleneck" in the array’s performance. RAID 4 requires at least three disks.
RAID 5
Distributed error checking: Distributes data and parity information across multiple disks. RAID 5 offers the performance advantages of distributing data across multiple disks, but does not share the performance bottleneck of RAID 4 as the parity information is also distributed through the array. RAID 5 requires at least three disks.
RAID 6
Redundant error checking: RAID 6 is similar to RAID 5, but instead of storing only one set of parity data, it stores two sets. RAID 6 requires at least four disks.
RAID 10
Performance and redundancy: RAID 10 is nested or hybrid RAID. It is constructed by distributing data over mirrored sets of disks. For example, a RAID 10 array constructed from four RAID partitions consists of two mirrored pairs of striped partitions. RAID 10 requires at least four disks.

E.5. Advice on partitions

There is no best way to partition every system; the optimal setup depends on how you plan to use the system being installed. However, the following tips may help you find the optimal layout for your needs:

  • Create partitions that have specific requirements first, for example, if a particular partition must be on a specific disk.
  • Consider encrypting any partitions and volumes which might contain sensitive data. Encryption prevents unauthorized people from accessing the data on the partitions, even if they have access to the physical storage device. In most cases, you should at least encrypt the /home partition, which contains user data.
  • In some cases, creating separate mount points for directories other than /, /boot and /home may be useful; for example, on a server running a MySQL database, having a separate mount point for /var/lib/mysql allows you to preserve the database during a re-installation without having to restore it from backup afterward. However, having unnecessary separate mount points will make storage administration more difficult.
  • Some special restrictions apply to certain directories with regards on which partitioning layouts can they be placed. Notably, the /boot directory must always be on a physical partition (not on an LVM volume).
  • If you are new to Linux, consider reviewing the Linux Filesystem Hierarchy Standard for information about various system directories and their contents.
  • Each kernel installed on your system requires approximately 56 MB on the /boot partition:

    • 32 MB initramfs
    • 14 MB kdump initramfs
    • 3.5 MB system map
    • 6.6 MB vmlinuz

      Note

      For rescue mode, initramfs and vmlinuz require 80 MB.

      The default partition size of 1 GB for /boot should suffice for most common use cases. However, it is recommended that you increase the size of this partition if you are planning on retaining multiple kernel releases or errata kernels.

  • The /var directory holds content for a number of applications, including the Apache web server, and is used by the YUM package manager to temporarily store downloaded package updates. Make sure that the partition or volume containing /var has at least 3 GB.
  • The contents of the /var directory usually change very often. This may cause problems with older solid-state drives (SSDs), as they can handle a lower number of read/write cycles before becoming unusable. If your system root is on an SSD, consider creating a separate mount point for /var on a classic (platter) HDD.
  • The /usr directory holds the majority of software on a typical Red Hat Enterprise Linux installation. The partition or volume containing this directory should therefore be at least 5 GB for minimal installations, and at least 10 GB for installations with a graphical environment.
  • If /usr or /var is partitioned separately from the rest of the root volume, the boot process becomes much more complex because these directories contain boot-critical components. In some situations, such as when these directories are placed on an iSCSI drive or an FCoE location, the system may either be unable to boot, or it may hang with a Device is busy error when powering off or rebooting.

    This limitation only applies to /usr or /var, not to directories under them. For example, a separate partition for /var/www works without issues.

    Important

    Some security policies require the separation of /usr and /var, even though it makes administration more complex.

  • Consider leaving a portion of the space in an LVM volume group unallocated. This unallocated space gives you flexibility if your space requirements change but you do not wish to remove data from other volumes. You can also select the LVM Thin Provisioning device type for the partition to have the unused space handled automatically by the volume.
  • The size of an XFS file system cannot be reduced - if you need to make a partition or volume with this file system smaller, you must back up your data, destroy the file system, and create a new, smaller one in its place. Therefore, if you plan to alter your partitioning layout later, you should use the ext4 file system instead.
  • Use Logical Volume Management (LVM) if you anticipate expanding your storage by adding more hard drives or expanding virtual machine hard drives after the installation. With LVM, you can create physical volumes on the new drives, and then assign them to any volume group and logical volume as you see fit - for example, you can easily expand your system’s /home (or any other directory residing on a logical volume).
  • Creating a BIOS Boot partition or an EFI System Partition may be necessary, depending on your system’s firmware, boot drive size, and boot drive disk label. See Recommended partitioning scheme for information about these partitions. Note that you cannot create a BIOS Boot or EFI System Partition in graphical installation if your system does not require one - in that case, they are hidden from the menu.
  • If you need to make any changes to your storage configuration after the installation, Red Hat Enterprise Linux repositories offer several different tools which can help you do this. If you prefer a command-line tool, try system-storage-manager.

Appendix F. Boot options reference

This section contains information about some of the boot options that you can use to modify the default behavior of the installation program. For Kickstart and advanced boot options, see the Performing an advanced RHEL installation document.

F.1. Installation source boot options

This section contains information about the various installation source boot options.

inst.repo=

The inst.repo= boot option specifies the installation source, that is, the location providing the package repositories and a valid .treeinfo file that describes them. For example: inst.repo=cdrom. The target of the inst.repo= option must be one of the following installation media:

  • an installable tree, which is a directory structure containing the installation program images, packages, and repository data as well as a valid .treeinfo file
  • a DVD (a physical disk present in the system DVD drive)
  • an ISO image of the full Red Hat Enterprise Linux installation DVD, placed on a hard drive or a network location accessible to the system.

    Use the inst.repo= boot option to configure different installation methods using different formats. The following table contains details of the inst.repo= boot option syntax:

    Table F.1. inst.repo= installation source boot options

    Source typeBoot option formatSource format

    CD/DVD drive

    inst.repo=cdrom:<device>

    Installation DVD as a physical disk. [a]

    Installable tree

    inst.repo=hd:<device>:/<path>

    Image file of the installation DVD, or an installation tree, which is a complete copy of the directories and files on the installation DVD.

    NFS Server

    inst.repo=nfs:[options:]<server>:/<path>

    Image file of the installation DVD, or an installation tree, which is a complete copy of the directories and files on the installation DVD. [b]

    HTTP Server

    inst.repo=http://<host>/<path>

    Installation tree, which is a complete copy of the directories and files on the installation DVD.

    HTTPS Server

    inst.repo=https://<host>/<path>

    FTP Server

    inst.repo=ftp://<username>:<password>@<host>/<path>

    HMC

    inst.repo=hmc

     
    [a] If device is left out, installation program automatically searches for a drive containing the installation DVD.
    [b] The NFS Server option uses NFS protocol version 3 by default. To use a different version, add nfsvers=X to options, replacing X with the version number that you want to use.

    Set disk device names with the following formats:

  • Kernel device name, for example /dev/sda1 or sdb2
  • File system label, for example LABEL=Flash or LABEL=RHEL8
  • File system UUID, for example UUID=8176c7bf-04ff-403a-a832-9557f94e61db

    Non-alphanumeric characters must be represented as \xNN, where NN is the hexadecimal representation of the character. For example, \x20 is a white space (" ").

inst.addrepo=

Use the inst.addrepo= boot option to add an additional repository that can be used as another installation source along with the main repository (inst.repo=). You can use the inst.addrepo= boot option multiple times during one boot. The following table contains details of the inst.addrepo= boot option syntax.

Note

The REPO_NAME is the name of the repository and is required in the installation process. These repositories are only used during the installation process; they are not installed on the installed system.

Table F.2. inst.addrepo installation source boot options

Installation sourceBoot option formatAdditional information

Installable tree at a URL

inst.addrepo=REPO_NAME,[http,https,ftp]://<host>/<path>

Looks for the installable tree at a given URL.

Installable tree at an NFS path

inst.addrepo=REPO_NAME,nfs://<server>:/<path>

Looks for the installable tree at a given NFS path. A colon is required after the host. The installation program passes everything after nfs:// directly to the mount command instead of parsing URLs according to RFC 2224.

Installable tree in the installation environment

inst.addrepo=REPO_NAME,file://<path>

Looks for the installable tree at the given location in the installation environment. To use this option, the repository must be mounted before the installation program attempts to load the available software groups. The benefit of this option is that you can have multiple repositories on one bootable ISO, and you can install both the main repository and additional repositories from the ISO. The path to the additional repositories is /run/install/source/REPO_ISO_PATH. Additional, you can mount the repository directory in the %pre section in the Kickstart file. The path must be absolute and start with /, for example inst.addrepo=REPO_NAME,file:///<path>

Hard Drive

inst.addrepo=REPO_NAME,hd:<device>:<path>

Mounts the given <device> partition and installs from the ISO that is specified by the <path>. If the <path> is not specified, the installation program looks for a valid installation ISO on the <device>. This installation method requires an ISO with a valid installable tree.

inst.stage2=

Use the inst.stage2= boot option to specify the location of the installation program runtime image. This option expects a path to a directory containing a valid .treeinfo file. The location of the runtime image is read from the .treeinfo file. If the .treeinfo file is not available, the installation program attempts to load the image from images/install.img.

When the inst.stage2 option is not specified, the installation program attempts to use the location specified with inst.repo option.

Use this option only while using the PXE boot method. The installation DVD and Boot ISO already contain a correct inst.stage2 option to boot the installation program from themselves.

Note

By default, the inst.stage2= boot option is used on the installation media and is set to a specific label, for example, inst.stage2=hd:LABEL=RHEL-8-0-0-BaseOS-x86_64. If you modify the default label of the file system containing the runtime image, or if you use a customized procedure to boot the installation system, you must verify that the inst.stage2= boot option is set to the correct value.

inst.noverifyssl

Use the inst.noverifyssl boot option to prevent the installer from verifying SSL certificates for all HTTPS connections with the exception of additional Kickstart repositories, where --noverifyssl can be set per repository.

For example, if your remote installation source is using self-signed SSL certificates, the inst.noverifyssl boot option enables the installer to complete the installation without verifying the SSL certificates.

Example when specifying the source using inst.stage2=

inst.stage2=https://hostname/path_to_install_image/ inst.noverifyssl

Example when specifying the source using inst.repo=

inst.repo=https://hostname/path_to_install_repository/ inst.noverifyssl

inst.stage2.all

The inst.stage2.all boot option is used to specify several HTTP, HTTPS, or FTP sources. You can use the inst.stage2= boot option multiple times with the inst.stage2.all option to fetch the image from the sources sequentially until one succeeds. For example:

inst.stage2.all
inst.stage2=http://hostname1/path_to_install_tree/
inst.stage2=http://hostname2/path_to_install_tree/
inst.stage2=http://hostname3/path_to_install_tree/
inst.dd=
The inst.dd= boot option is used to perform a driver update during the installation. For more information on how to update drivers during installation, see the Performing an advanced RHEL installation document.
inst.repo=hmc
When booting from a Binary DVD, the installation program prompts you to enter additional kernel parameters. To set the DVD as an installation source, append the inst.repo=hmc option to the kernel parameters. The installation program then enables SE and HMC file access, fetches the images for stage2 from the DVD, and provides access to the packages on the DVD for software selection. This option eliminates the requirement of an external network setup and expands the installation options.
inst.proxy=

The inst.proxy= boot option is used when performing an installation from a HTTP, HTTPS, and FTP protocol. For example:

[PROTOCOL://][USERNAME[:PASSWORD]@]HOST[:PORT]
inst.nosave=

Use the inst.nosave= boot option to control the installation logs and related files that are not saved to the installed system, for example input_ks, output_ks, all_ks, logs and all. Multiple values can be combined as a comma-separated list, for example: input_ks,logs.

Note

The inst.nosave boot option is used for excluding files from the installed system that can’t be removed by a Kickstart %post script, such as logs and input/output Kickstart results.

Table F.3. inst.nosave boot options

OptionDescription

input_ks

Disables the ability to save the input Kickstart results.

output_ks

Disables the ability to save the output Kickstart results generated by the installation program.

all_ks

Disables the ability to save the input and output Kickstart results.

logs

Disables the ability to save all installation logs.

all

Disables the ability to save all Kickstart results, and all logs.

inst.multilib
Use the inst.multilib boot option to set DNF’s multilib_policy to all, instead of best.
inst.memcheck
The inst.memcheck boot option performs a check to verify that the system has enough RAM to complete the installation. If there isn’t enough RAM, the installation process is stopped. The system check is approximate and memory usage during installation depends on the package selection, user interface, for example graphical or text, and other parameters.
inst.nomemcheck
The inst.nomemcheck boot option does not perform a check to verify if the system has enough RAM to complete the installation. Any attempt to perform the installation with less than the recommended minimum amount of memory is unsupported, and might result in the installation process failing.

F.2. Network boot options

This section contains information about commonly used network boot options.

Note

Initial network initialization is handled by dracut. For a complete list, see the dracut.cmdline(7) man page.

ip=

Use the ip= boot option to configure one or more network interfaces. To configure multiple interfaces, you can use the ip option multiple times, once for each interface; to do so, you must use the rd.neednet=1 option, and you must specify a primary boot interface using the bootdev option. Alternatively, you can use the ip option once, and then use Kickstart to set up further interfaces. This option accepts several different formats. The following tables contain information about the most common options.

Note

In the following tables:

  • The ip parameter specifies the client IP address and requires square brackets, for example [2001:db8::99].
  • The gateway parameter is the default gateway. IPv6 addresses are also accepted.
  • The netmask parameter is the netmask to be used. This can be either a full netmask (for example, 255.255.255.0) or a prefix (for example, 64).
  • The hostname parameter is the host name of the client system. This parameter is optional.

Table F.4. Network interface configuration boot option formats

Configuration methodBoot option format

Automatic configuration of any interface

ip=method

Automatic configuration of a specific interface

ip=interface:method

Static configuration

ip=ip::gateway:netmask:hostname:interface:none

Automatic configuration of a specific interface with an override

ip=ip::gateway:netmask:hostname:interface:method:mtu

Note

The method automatic configuration of a specific interface with an override brings up the interface using the specified method of automatic configuration, such as dhcp, but overrides the automatically-obtained IP address, gateway, netmask, host name or other specified parameters. All parameters are optional, so specify only the parameters that you want to override.

The method parameter can be any of the following:

Table F.5. Automatic interface configuration methods

Automatic configuration methodValue

DHCP

dhcp

IPv6 DHCP

dhcp6

IPv6 automatic configuration

auto6

iSCSI Boot Firmware Table (iBFT)

ibft

Note
  • If you use a boot option that requires network access, such as inst.ks=http://host/path, without specifying the ip option, the installation program uses ip=dhcp.
  • To connect to an iSCSI target automatically, you must activate a network device for accessing the target. The recommended way to activate a network is to use the ip=ibft boot option.
nameserver=

The nameserver= option specifies the address of the name server. You can use this option multiple times.

Note

The ip= parameter requires square brackets. However, an IPv6 address does not work with square brackets. An example of the correct syntax to use for an IPv6 address is nameserver=2001:db8::1.

bootdev=
The bootdev= option specifies the boot interface. This option is mandatory if you use more than one ip option.
ifname=

The ifname= options assigns an interface name to a network device with a given MAC address. You can use this option multiple times. The syntax is ifname=interface:MAC. For example:

ifname=eth0:01:23:45:67:89:ab
Note

The ifname= option is the only supported way to set custom network interface names during installation.

inst.dhcpclass=
The inst.dhcpclass= option specifies the DHCP vendor class identifier. The dhcpd service sees this value as vendor-class-identifier. The default value is anaconda-$(uname -srm).
inst.waitfornet=
Using the inst.waitfornet=SECONDS boot option causes the installation system to wait for network connectivity before installation. The value given in the SECONDS argument specifies the maximum amount of time to wait for network connectivity before timing out and continuing the installation process even if network connectivity is not present.

Additional resources

F.3. Console boot options

This section contains information about configuring boot options for your console, monitor display, and keyboard.

console=
Use the console= option to specify a device that you want to use as the primary console. For example, to use a console on the first serial port, use console=ttyS0. Use this option in conjunction with the inst.text option. You can use the console= option multiple times. If you do, the boot message is displayed on all specified consoles, but only the last one is used by the installation program. For example, if you specify console=ttyS0 console=ttyS1, the installation program uses ttyS1.
inst.lang=
Use the inst.lang= option to set the language that you want to use during the installation. The locale -a | grep _ or localectl list-locales | grep _ commands return a list of locales.
inst.singlelang
Use the inst.singlelang option to install in single language mode, which results in no available interactive options for the installation language and language support configuration. If a language is specified using the inst.lang boot option or the lang Kickstart command, then it is used. If no language is specified, the installation program defaults to en_US.UTF-8.
inst.geoloc=

Use the inst.geoloc= option to configure geolocation usage in the installation program. Geolocation is used to preset the language and time zone, and uses the following syntax: inst.geoloc=value. The value can be any of the following parameters:

Table F.6. Values for the inst.geoloc boot option

ValueBoot option format

Disable geolocation

inst.geoloc=0

Use the Fedora GeoIP API

inst.geoloc=provider_fedora_geoip

Use the Hostip.info GeoIP API

inst.geoloc=provider_hostip

If you do not specify the inst.geoloc= option, the installation program uses provider_fedora_geoip.

inst.keymap=
Use the inst.keymap= option to specify the keyboard layout that you want to use for the installation.
inst.cmdline
Use the inst.cmdline option to force the installation program to run in command-line mode. This mode does not allow any interaction, and you must specify all options in a Kickstart file or on the command line.
inst.graphical
Use the inst.graphical option to force the installation program to run in graphical mode. This mode is the default.
inst.text
Use the inst.text option to force the installation program to run in text mode instead of graphical mode.
inst.noninteractive
Use the inst.noninteractive boot option to run the installation program in a non-interactive mode. User interaction is not permitted in the non-interactive mode, and inst.noninteractive can be used with a graphical or text installation. When the inst.noninteractive option is used in text mode it behaves the same as the inst.cmdline option.
inst.resolution=
Use the inst.resolution= option to specify the screen resolution in graphical mode. The format is NxM, where N is the screen width and M is the screen height (in pixels). The lowest supported resolution is 1024x768.
inst.vnc
Use the inst.vnc option to run the graphical installation using VNC. You must use a VNC client application to interact with the installation program. When VNC sharing is enabled, multiple clients can connect. A system installed using VNC starts in text mode.
inst.vncpassword=
Use the inst.vncpassword= option to set a password on the VNC server that is used by the installation program.
inst.vncconnect=
Use the inst.vncconnect= option to connect to a listening VNC client at the given host location. For example inst.vncconnect=<host>[:<port>] The default port is 5900. This option can be used with vncviewer -listen.
inst.xdriver=
Use the inst.xdriver= option to specify the name of the X driver that you want to use both during installation and on the installed system.
inst.usefbx
Use the inst.usefbx option to prompt the installation program to use the frame buffer X driver instead of a hardware-specific driver. This option is equivalent to inst.xdriver=fbdev.
modprobe.blacklist=

Use the modprobe.blacklist= option to blocklist or completely disable one or more drivers. Drivers (mods) that you disable using this option cannot load when the installation starts, and after the installation finishes, the installed system retains these settings. You can find a list of the blocklisted drivers in the /etc/modprobe.d/ directory. Use a comma-separated list to disable multiple drivers. For example:

modprobe.blacklist=ahci,firewire_ohci
inst.xtimeout=
Use the inst.xtimeout= option to specify the timeout in seconds for starting X server.
inst.sshd

Use the inst.sshd option to start the sshd service during installation, so that you can connect to the system during the installation using SSH, and monitor the installation progress. For more information about SSH, see the ssh(1) man page. By default, the sshd option is automatically started only on the IBM Z architecture. On other architectures, sshd is not started unless you use the inst.sshd option.

Note

During installation, the root account has no password by default. You can set a root password during installation with the sshpw Kickstart command.

inst.kdump_addon=
Use the inst.kdump_addon= option to enable or disable the Kdump configuration screen (add-on) in the installation program. This screen is enabled by default; use inst.kdump_addon=off to disable it. Disabling the add-on disables the Kdump screens in both the graphical and text-based interface as well as the %addon com_redhat_kdump Kickstart command.

F.4. Debug boot options

This section contains information about the options that you can use when debugging issues.

inst.rescue
Use the inst.rescue option to run the rescue environment. The option is useful for trying to diagnose and fix systems. For example, you can repair a filesystem in rescue mode.
inst.updates=

Use the inst.updates= option to specify the location of the updates.img file that you want to apply during installation. There are a number of sources for the updates.

Table F.7. inst.updates= source updates

SourceDescriptionExample

Updates from a network

The easiest way to use inst.updates= is to specify the network location of updates.img. This does not require any modification to the installation tree. To use this method, edit the kernel command line to include inst.updates.

inst.updates=http://some.website.com/path/to/updates.img.

Updates from a disk image

You can save an updates.img on a floppy drive or a USB key. This can be done only with an ext2 filesystem type of updates.img. To save the contents of the image on your floppy drive, insert the floppy disc and run the command.

dd if=updates.img of=/dev/fd0 bs=72k count=20. To use a USB key or flash media, replace /dev/fd0 with the device name of your USB key.

Updates from an installation tree

If you are using a CD, hard drive, HTTP, or FTP install, you can save the updates.img in the installation tree so that all installations can detect the .img file. Save the file in the images/ directory. The file name must be updates.img.

For NFS installs, there are two options: You can either save the image in the images/ directory, or in the RHupdates/ directory in the installation tree.

inst.loglevel=
Use the inst.loglevel= option to specify the minimum level of messages logged on a terminal. This concerns only terminal logging; log files always contain messages of all levels. Possible values for this option from the lowest to highest level are: debug, info, warning, error and critical. The default value is info, which means that by default, the logging terminal displays messages ranging from info to critical.
inst.syslog=
When installation starts, the inst.syslog= option sends log messages to the syslog process on the specified host. The remote syslog process must be configured to accept incoming connections.
inst.virtiolog=
Use the inst.virtiolog= option to specify the virtio port (a character device at /dev/virtio-ports/name) that you want to use for forwarding logs. The default value is org.fedoraproject.anaconda.log.0; if this port is present, it is used.
inst.zram=
The inst.zram= option controls the usage of zRAM swap during installation. The option creates a compressed block device inside the system RAM and uses it for swap space instead of the hard drive. This allows the installation program to run with less available memory than is possible without compression, and it might also make the installation faster. By default, swap on zRAM is enabled on systems with 2 GiB or less RAM, and disabled on systems with more than 2 GiB of memory. You can use this option to change this behavior; on a system with more than 2 GiB RAM, use inst.zram=1 to enable the feature, and on systems with 2 GiB or less memory, use inst.zram=0 to disable the feature.
rd.live.ram
If the rd.live.ram option is specified, the stage 2 image is copied into RAM. Using this option when the stage 2 image is on an NFS server increases the minimum required memory by the size of the image by roughly 500 MiB.
inst.nokill
The inst.nokill option is a debugging option that prevents the installation program from rebooting when a fatal error occurs, or at the end of the installation process. Use the inst.nokill option to capture installation logs which would be lost upon reboot.
inst.noshell
Use inst.noshell option if you do not want a shell on terminal session 2 (tty2) during installation.
inst.notmux
Use inst.notmux option if you do not want to use tmux during installation. The output is generated without terminal control characters and is meant for non-interactive uses.
inst.remotelog=
You can use the inst.remotelog= option to send all of the logs to a remote host:port using a TCP connection. The connection is retired if there is no listener and the installation proceeds as normal.

F.5. Storage boot options

inst.nodmraid
Use the inst.nodmraid option to disable dmraid support.
Warning

Use this option with caution. If you have a disk that is incorrectly identified as part of a firmware RAID array, it might have some stale RAID metadata on it that must be removed using the appropriate tool, for example, dmraid or wipefs.

inst.nompath
Use the inst.nompath option to disable support for multipath devices. This option can be used for systems on which a false-positive is encountered which incorrectly identifies a normal block device as a multipath device. There is no other reason to use this option.
Warning

Use this option with caution. You should not use this option with multipath hardware. Using this option to attempt to install to a single path of a multipath is not supported.

inst.gpt
The inst.gpt boot option forces the installation program to install partition information to a GUID Partition Table (GPT) instead of a Master Boot Record (MBR). This option is not valid on UEFI-based systems, unless they are in BIOS compatibility mode. Normally, BIOS-based systems and UEFI-based systems in BIOS compatibility mode attempt to use the MBR schema for storing partitioning information, unless the disk is 2^32 sectors in size or larger. Disk sectors are typically 512 bytes in size, meaning that this is usually equivalent to 2 TiB. Using the inst.gpt boot option changes this behavior, allowing a GPT to be written to smaller disks.

F.6. Deprecated boot options

This section contains information about deprecated boot options. These options are still accepted by the installation program but they are deprecated and are scheduled to be removed in a future release of Red Hat Enterprise Linux.

method
The method option is an alias for inst.repo.
dns
Use nameserver instead of dns. Note that nameserver does not accept comma-separated lists; use multiple nameserver options instead.
netmask, gateway, hostname
The netmask, gateway, and hostname options are provided as part of the ip option.
ip=bootif
A PXE-supplied BOOTIF option is used automatically, so there is no requirement to use ip=bootif.
ksdevice

Table F.8. Values for the ksdevice boot option

ValueInformation

Not present

N/A

ksdevice=link

Ignored as this option is the same as the default behavior

ksdevice=bootif

Ignored as this option is the default if BOOTIF= is present

ksdevice=ibft

Replaced with ip=ibft. See ip for details

ksdevice=<MAC>

Replaced with BOOTIF=${MAC/:/-}

ksdevice=<DEV>

Replaced with bootdev

F.7. Removed boot options

This section contains the boot options that have been removed from Red Hat Enterprise Linux.

Note

dracut provides advanced boot options. For more information about dracut, see the dracut.cmdline(7) man page.

askmethod, asknetwork
initramfs is completely non-interactive, so the askmethod and asknetwork options have been removed. Instead, use inst.repo or specify the appropriate network options.
blacklist, nofirewire
The modprobe option handles blocklisting kernel modules; use modprobe.blacklist=<mod1>,<mod2>. You can blocklist the firewire module by using modprobe.blacklist=firewire_ohci.
inst.headless=
The headless= option specified that the system that is being installed to does not have any display hardware, and that the installation program is not required to look for any display hardware.
inst.decorated
The inst.decorated option was used to specify the graphical installation in a decorated window. By default, the window is not decorated, so it doesn’t have a title bar, resize controls, and so on. This option was no longer required.
repo=nfsiso
Use the inst.repo=nfs: option.
serial
Use the console=ttyS0 option.
updates
Use the inst.updates option.
essid, wepkey, wpakey
Dracut does not support wireless networking.
ethtool
This option was no longer required.
gdb
This option was removed as there are many options available for debugging dracut-based initramfs.
inst.mediacheck
Use the dracut option rd.live.check option.
ks=floppy
Use the inst.ks=hd:<device> option.
display
For a remote display of the UI, use the inst.vnc option.
utf8
This option was no longer required as the default TERM setting behaves as expected.
noipv6
ipv6 is built into the kernel and cannot be removed by the installation program. You can disable ipv6 using ipv6.disable=1. This setting is used by the installed system.
upgradeany
This option was no longer required as the installation program no longer handles upgrades.

Appendix G. Changing a subscription service

To manage the subscriptions, you can register a RHEL system with either Red Hat Subscription Management Server or Red Hat Satellite Server. If required, you can change the subscription service at a later point. To change the subscription service under which you are registered, unregister the system from the current service and then register it with a new service.

This section contains information about how to unregister your RHEL system from the Red Hat Subscription Management Server and Red Hat Satellite Server.

Prerequisites

You have registered your system with any one of the following:

  • Red Hat Subscription Management Server
  • Red Hat Satellite Server
Note

To receive the system updates, register your system with either of the management server.

G.1. Unregistering from Subscription Management Server

This section contains information about how to unregister a RHEL system from Red Hat Subscription Management Server, using a command line and the Subscription Manager user interface.

G.1.1. Unregistering using command line

Use the unregister command to unregister a RHEL system from Red Hat Subscription Management Server.

Procedure

  1. Run the unregister command as a root user, without any additional parameters.

    # subscription-manager unregister
  2. When prompted, provide a root password.

The system is unregistered from the Subscription Management Server, and the status 'The system is currently not registered' is displayed with the Register button enabled.

Note

To continue uninterrupted services, re-register the system with either of the management services. If you do not register the system with a management service, you may fail to receive the system updates. For more information about registering a system, see Registering your system using the command line

For more information about Red Hat Subscription Management server, see the Using and Configuring Red Hat Subscription Manager document.

G.1.2. Unregistering using Subscription Manager user interface

This section contains information about how to unregister a RHEL system from Red Hat Subscription Management Server, using Subscription Manager user interface.

Procedure

  1. Log in to your system.
  2. From the top left-hand side of the window, click Activities.
  3. From the menu options, click the Show Applications icon.
  4. Click the Red Hat Subscription Manager icon, or enter Red Hat Subscription Manager in the search.
  5. Enter your administrator password in the Authentication Required dialog box. The Subscriptions window appears and displays the current status of Subscriptions, System Purpose, and installed products. Unregistered products display a red X.

    Note

    Authentication is required to perform privileged tasks on the system.

  6. Click the Unregister button.

The system is unregistered from the Subscription Management Server, and the status 'The system is currently not registered' is displayed with the Register button enabled.

Note

To continue uninterrupted services, re-register the system with either of the management services. If you do not register the system with a management service, you may fail to receive the system updates. For more information about registering a system, see Registering your system using the Subscription Manager User Interface

For more information about Red Hat Subscription Management server, see the Using and Configuring Red Hat Subscription Manager document.

G.2. Unregistering from Satellite Server

To unregister a Red Hat Enterprise Linux system from Satellite Server, remove the system from Satellite Server.

For more information, see Removing a Host from Red Hat Satellite in the Managing Hosts guide from Satellite Server documentation.

Appendix H. iSCSI disks in installation program

The Red Hat Enterprise Linux installer can discover and log in to iSCSI disks in two ways:

  • When the installer starts, it checks if the BIOS or add-on boot ROMs of the system support iSCSI Boot Firmware Table (iBFT), a BIOS extension for systems that can boot from iSCSI. If the BIOS supports iBFT, the installer reads the iSCSI target information for the configured boot disk from the BIOS and logs in to this target, making it available as an installation target.

    Important

    To connect automatically to an iSCSI target, activate a network device for accessing the target. To do so, use ip=ibft boot option. For more information, see Network boot options.

  • You can discover and add iSCSI targets manually in the installer’s graphical user interface. For more information, see Configuring storage devices.

    Important

    You cannot place the /boot partition on iSCSI targets that you have manually added using this method - an iSCSI target containing a /boot partition must be configured for use with iBFT. However, in instances where the installed system is expected to boot from iSCSI with iBFT configuration provided by a method other than firmware iBFT, for example using iPXE, you can remove the /boot partition restriction using the inst.nonibftiscsiboot installer boot option.

While the installer uses iscsiadm to find and log into iSCSI targets, iscsiadm automatically stores any information about these targets in the iscsiadm iSCSI database. The installer then copies this database to the installed system and marks any iSCSI targets that are not used for root partition, so that the system automatically logs in to them when it starts. If the root partition is placed on an iSCSI target, initrd logs into this target and the installer does not include this target in start up scripts to avoid multiple attempts to log into the same target.

Chapter 6. Booting a beta system with UEFI Secure Boot

This chapter provides information about the steps to be performed to boot a Red Hat Enterprise Linux Beta release on systems having UEFI Secure Boot enabled.

6.1. UEFI Secure Boot and RHEL Beta releases

UEFI Secure Boot requires that the operating system kernel is signed with a recognized private key. UEFI Secure Boot then verifies the signature using the corresponding public key.

For Red Hat Enterprise Linux Beta releases, the kernel is signed with a Red Hat Beta-specific private key. UEFI Secure Boot attempts to verify the signature using the corresponding public key, but because the hardware does not recognize the Beta private key, Red Hat Enterprise Linux Beta release system fails to boot. Therefore, to use UEFI Secure Boot with a Beta release, add the Red Hat Beta public key to your system using the Machine Owner Key (MOK) facility.

6.2. Adding a Beta public key for UEFI Secure Boot

This section contains information about how to add a Red Hat Enterprise Linux Beta public key for UEFI Secure Boot.

Prerequisites

  • UEFI Secure Boot is disabled on the system.
  • The Red Hat Enterprise Linux Beta release is installed, and Secure Boot is disabled even after system reboot.
  • You are logged in to the system, and the tasks in the Initial Setup window are complete.

Procedure

  1. Begin to enroll the Red Hat Beta public key in the system’s Machine Owner Key (MOK) list:

    # mokutil --import /usr/share/doc/kernel-keys/$(uname -r)/kernel-signing-ca.cer

    ${kr%} is replaced by the string - for example, 4.18.0-80.el8.x86_64.

  2. Enter a password when prompted.
  3. Reboot the system and press any key to continue the startup. The Shim UEFI key management utility starts during the system startup.
  4. Select Enroll MOK.
  5. Select Continue.
  6. Select Yes and enter the password. The key is imported into the system’s firmware.
  7. Select Reboot.
  8. Enable Secure Boot on the system.

6.3. Removing a Beta public key

If you plan to remove the Red Hat Enterprise Linux Beta release, and install a Red Hat Enterprise Linux General Availability (GA) release, or a different operating system, then remove the Beta public key.

The procedure describes how to remove a Beta public key.

Procedure

  1. Begin to remove the Red Hat Beta public key from the system’s Machine Owner Key (MOK) list:

    # mokutil --reset
  2. Enter a password when prompted.
  3. Reboot the system and press any key to continue the startup. The Shim UEFI key management utility starts during the system startup.
  4. Select Reset MOK.
  5. Select Continue.
  6. Select Yes and enter the password that you had specified in step 2. The key is removed from the system’s firmware.
  7. Select Reboot.

Chapter 7. Composing a customized RHEL system image

7.1. Image Builder description

7.1.1. Introduction to Image Builder

You can use Image Builder to create customized system images of Red Hat Enterprise Linux, including system images prepared for deployment on cloud platforms. Image Builder automatically handles details of setup for each output type and is thus easier to use and faster to work with than manual methods of image creation. You can access Image Builder functionality through a command-line interface in the composer-cli tool, or a graphical user interface in the RHEL 8 web console.

As of Red Hat Enterprise Linux 8.3, the osbuild-composer backend replaces lorax-composer. The new service provides REST APIs for image building. As a result, users can benefit from a more reliable backend and more predictable output images.

Image Builder runs as a system service osbuild-composer. You can interact with this service through two interfaces:

  • CLI tool composer-cli for running commands in the terminal. This method is preferred.
  • GUI plugin for the RHEL 8 web console.

7.1.2. Image Builder terminology

Blueprint

Blueprints define customized system images by listing packages and customizations that will be part of the system. Blueprints can be edited and they are versioned. When a system image is created from a blueprint, the image is associated with the blueprint in the Image Builder interface of the RHEL 8 web console.

Blueprints are presented to the user as plain text in the Tom’s Obvious, Minimal Language (TOML) format.

Compose
Composes are individual builds of a system image, based on a particular version of a particular blueprint. Compose as a term refers to the system image, the logs from its creation, inputs, metadata, and the process itself.
Customizations
Customizations are specifications for the system, which are not packages. This includes users, groups, and SSH keys.

7.1.3. Image Builder output formats

Image Builder can create images in multiple output formats shown in the following table.

Table 7.1. Image Builder output formats

DescriptionCLI namefile extension

QEMU QCOW2 Image

qcow2

.qcow2

TAR Archive

tar

.tar

Amazon Machine Image Disk

ami

.raw

Azure Disk Image

vhd

.vhd

VMware Virtual Machine Disk

vmdk

.vmdk

Openstack

openstack

.qcow2

RHEL for Edge Commit

rhel-edge-commit

.tar

RHEL for Edge Container

rhel-edge-container

.tar

RHEL for Edge Installer

rhel-edge-installer

.iso

7.1.4. Image Builder system requirements

The osbuild-composer tool underlying Image Builder performs a number of potentially insecure and unsafe actions while creating the system images. For this reason, use a virtual machine to run Image Builder.

The environment where Image Builder runs, for example the virtual machine, must meet requirements listed in the following table.

Table 7.2. Image Builder system requirements

ParameterMinimal Required Value

System type

A dedicated virtual machine

Processor

2 cores

Memory

4 GiB

Disk space

20 GiB

Access privileges

Administrator level (root)

Network

Connectivity to Internet

Note

There is no support for creating images on virtual machine directly installed on UEFI systems.

7.2. Installing Image Builder

Image Builder is a tool for creating custom system images. Before using Image Builder, you must install Image Builder in a virtual machine.

7.2.1. Image Builder system requirements

The osbuild-composer tool underlying Image Builder performs a number of potentially insecure and unsafe actions while creating the system images. For this reason, use a virtual machine to run Image Builder.

The environment where Image Builder runs, for example the virtual machine, must meet requirements listed in the following table.

Table 7.3. Image Builder system requirements

ParameterMinimal Required Value

System type

A dedicated virtual machine

Processor

2 cores

Memory

4 GiB

Disk space

20 GiB

Access privileges

Administrator level (root)

Network

Connectivity to Internet

Note

There is no support for creating images on virtual machine directly installed on UEFI systems.

7.2.2. Installing Image Builder in a virtual machine

To install Image Builder on a dedicated virtual machine, follow these steps:

Prerequisites

  • Connect to the virtual machine.
  • The virtual machine for Image Builder must be installed, subscribed, and running.

Procedure

  1. Install the Image Builder and other necessary packages on the virtual machine:

    • osbuild-composer - supported from RHEL 8.3 onward
    • composer-cli
    • cockpit-composer
    • bash-completion
    # yum install osbuild-composer composer-cli cockpit-composer bash-completion

    The web console is installed as a dependency of the cockpit-composer package.

  2. Enable Image Builder to start after each reboot:

    # systemctl enable --now osbuild-composer.socket
    # systemctl enable cockpit.socket

    The osbuild-composer and cockpit services start automatically on first access.

  3. Configure the system firewall to allow access to the web console:

    # firewall-cmd --add-service=cockpit && firewall-cmd --add-service=cockpit --permanent
  4. Load the shell configuration script so that the autocomplete feature for the composer-cli command starts working immediately without reboot:

    $ source  /etc/bash_completion.d/composer-cli
Important

The osbuild-composer package is the new backend engine that will be the preferred default and focus of all new functionality beginning with Red Hat Enterprise Linux 8.3 and later. The previous backend lorax-composer package is considered deprecated, will only receive select fixes for the remainder of the Red Hat Enterprise Linux 8 life cycle and will be omitted from future major releases. It is recommended to uninstall lorax-composer in favor of osbuild-composer.

7.2.3. Reverting to lorax-composer Image Builder backend

The osbuild-composer backend, though much more extensible, does not currently achieve feature parity with the previous lorax-composer backend.

To revert to the previous backend, follow the steps:

Prerequisites

  • You have installed the osbuild-composer package

Procedure

  1. Remove the osbuild-composer backend.

    # yum remove osbuild-composer
  2. In the /etc/yum.conf file, add an exclude entry for osbuild-composer package.

    # cat /etc/yum.conf
    [main]
    gpgcheck=1
    installonly_limit=3
    clean_requirements_on_remove=True
    best=True
    skip_if_unavailable=False
    exclude=osbuild-composer
  3. Install the "lorax-composer" package.

    # yum install lorax-composer

Additional resources

7.3. Creating system images with Image Builder command-line interface

Image Builder is a tool for creating custom system images. To control Image Builder and create your custom system images, use the command-line interface which is currently the preferred method to use Image Builder.

7.3.1. Image Builder command-line interface

Image Builder command-line interface is currently the preferred method to use Image Builder. It offers more functionality than the Web console interface. To use this interface, run the composer-cli command with suitable options and subcommands.

The workflow for the command-line interface can be summarized as follows:

  1. Export (save) the blueprint definition to a plain text file
  2. Edit this file in a text editor
  3. Import (push) the blueprint text file back into Image Builder
  4. Run a compose to build an image from the blueprint
  5. Export the image file to download it

Apart from the basic subcommands to achieve this procedure, the composer-cli command offers many subcommands to examine the state of configured blueprints and composes.

To run the composer-cli command as non-root, user must be in the weldr or root groups.

7.3.2. Creating an Image Builder blueprint with command-line interface

This procedure describes how to create a new Image Builder blueprint using the command-line interface.

Procedure

  1. Create a plain text file with the following contents:

    name = "BLUEPRINT-NAME"
    description = "LONG FORM DESCRIPTION TEXT"
    version = "0.0.1"
    modules = []
    groups = []

    Replace BLUEPRINT-NAME and LONG FORM DESCRIPTION TEXT with a name and description for your blueprint.

    Replace 0.0.1 with a version number according to the Semantic Versioning scheme.

  2. For every package that you want to be included in the blueprint, add the following lines to the file:

    [[packages]]
    name = "package-name"
    version = "package-version"

    Replace package-name with name of the package, such as httpd, gdb-doc, or coreutils.

    Replace package-version with a version to use. This field supports dnf version specifications:

    • For a specific version, use the exact version number such as 8.30.
    • For latest available version, use the asterisk *.
    • For a latest minor version, use format such as 8.*.
  3. Blueprints can be customized in a number of ways. For this example, Simultaneous Multi Threading (SMT) can be disabled by performing the steps below. For additional customizations available, please see Supported Image Customizations.

    [customizations.kernel]
    append = "nosmt=force"
  4. Save the file as BLUEPRINT-NAME.toml and close the text editor.
  5. Push (import) the blueprint:

    # composer-cli blueprints push BLUEPRINT-NAME.toml

    Replace BLUEPRINT-NAME with the value you used in previous steps.

  6. To verify that the blueprint has been pushed and exists, list the existing blueprints:

    # composer-cli blueprints list
  7. Check whether the components and versions listed in the blueprint and their dependencies are valid:

    # composer-cli blueprints depsolve BLUEPRINT-NAME
Note

You are able to create images using the composer-cli command as non-root. To do so, add your user to the weldr or root groups. To add your user to the weldr group, perform the following steps:

# usermod -a -G weldr user
$ newgrp weldr

7.3.3. Editing an Image Builder blueprint with command-line interface

This procedure describes how to edit an existing Image Builder blueprint in the command-line interface.

Procedure

  1. Save (export) the blueprint to a local text file:

    # composer-cli blueprints save BLUEPRINT-NAME
  2. Edit the BLUEPRINT-NAME.toml file with a text editor of your choice and make your changes.
  3. Before finishing with the edits, make sure the file is a valid blueprint:

    1. Remove this line, if present:

      packages = []
    2. Increase the version number. Remember that Image Builder blueprint versions must use the Semantic Versioning scheme. Note also that if you do not change the version, the patch component of version is increased automatically.
    3. Check if the contents are valid TOML specifications. See the TOML documentation for more information.

      Note

      TOML documentation is a community product and is not supported by Red Hat. You can report any issues with the tool at https://github.com/toml-lang/toml/issues

  4. Save the file and close the editor.
  5. Push (import) the blueprint back into Image Builder:

    # composer-cli blueprints push BLUEPRINT-NAME.toml

    Note that you must supply the file name including the .toml extension, while in other commands you use only the name of the blueprint.

  6. To verify that the contents uploaded to Image Builder match your edits, list the contents of blueprint:

    # composer-cli blueprints show BLUEPRINT-NAME
  7. Check whether the components and versions listed in the blueprint and their dependencies are valid:

    # composer-cli blueprints depsolve BLUEPRINT-NAME

7.3.4. Creating a system image with Image Builder in the command-line interface

This procedure shows how to build a custom image using the Image Builder command-line interface.

Prerequisites

  • You have a blueprint prepared for the image.

Procedure

  1. Start the compose:

    # composer-cli compose start BLUEPRINT-NAME IMAGE-TYPE

    Replace BLUEPRINT-NAME with name of the blueprint, and IMAGE-TYPE with the type of image. For possible values, see output of the composer-cli compose types command.

    The compose process starts in the background and the UUID of the compose is shown.

  2. Wait until the compose is finished. Please, notice that this may take several minutes.

    To check the status of the compose:

    # composer-cli compose status

    A finished compose shows a status value FINISHED. Identify the compose in the list by its UUID.

  3. Once the compose is finished, download the resulting image file:

    # composer-cli compose image UUID

    Replace UUID with the UUID value shown in the previous steps.

    You can also download the logs using the composer-cli compose logs UUID command, or the metadata using the composer-cli compose metadata UUID command.

7.3.5. Basic Image Builder command-line commands

The Image Builder command-line interface offers the following subcommands.

Blueprint manipulation

List all available blueprints
# composer-cli blueprints list
Show a blueprint contents in the TOML format
# composer-cli blueprints show BLUEPRINT-NAME
Save (export) blueprint contents in the TOML format into a file BLUEPRINT-NAME.toml
# composer-cli blueprints save BLUEPRINT-NAME
Remove a blueprint
# composer-cli blueprints delete BLUEPRINT-NAME
Push (import) a blueprint file in the TOML format into Image Builder
# composer-cli blueprints push BLUEPRINT-NAME

Composing images from blueprints

Start a compose
# composer-cli compose start BLUEPRINT COMPOSE-TYPE

Replace BLUEPRINT with name of the blueprint to build and COMPOSE-TYPE with the output image type.

List all composes
# composer-cli compose list
List all composes and their status
# composer-cli compose status
Cancel a running compose
# composer-cli compose cancel COMPOSE-UUID
Delete a finished compose
# composer-cli compose delete COMPOSE-UUID
Show detailed information about a compose
# composer-cli compose info COMPOSE-UUID
Download image file of a compose
# composer-cli compose image COMPOSE-UUID

Additional resources

  • The composer-cli(1) manual page provides a full list of the available subcommands and options:

    $ man composer-cli
  • The composer-cli command provides help on the subcommands and options:

    # composer-cli help

7.3.6. Image Builder blueprint format

Image Builder blueprints are presented to the user as plain text in the Tom’s Obvious, Minimal Language (TOML) format.

The elements of a typical blueprint file include:

The blueprint metadata
name = "BLUEPRINT-NAME"
description = "LONG FORM DESCRIPTION TEXT"
version = "VERSION"

Replace BLUEPRINT-NAME and LONG FORM DESCRIPTION TEXT with a name and description for your blueprint.

Replace VERSION with a version number according to the Semantic Versioning scheme.

This part is present only once for the whole blueprint file.

The entry modules describe the package names and matching version glob to be installed into the image.

The entry group describes a group of packages to be installed into the image. Groups categorize their packages in:

  • Mandatory
  • Default
  • Optional

    Blueprints installs the mandatory packages. There is no mechanism for selecting optional packages.

Groups to include in the image
[[groups]]
name = "group-name"

Replace group-name with the name of the group, such as anaconda-tools, widget, wheel or users.

Packages to include in the image
[[packages]]
name = "package-name"
version = "package-version"

Replace package-name with the name of the package, such as httpd, gdb-doc, or coreutils.

Replace package-version with a version to use. This field supports dnf version specifications:

  • For a specific version, use the exact version number such as 8.30.
  • For latest available version, use the asterisk *.
  • For a latest minor version, use format such as 8.*.

Repeat this block for every package to include.

7.3.7. Supported Image Customizations

A number of image customizations are supported at this time within blueprints. In order to make use of these options, they must be initially configured in the blueprint and imported (pushed) to Image Builder.

Note

These customizations are not currently supported within the accompanying cockpit-composer GUI.

Procedure

  1. Set the image hostname:

    [customizations]
    hostname = "baseimage"
  2. User specifications for the resulting system image:

    [[customizations.user]]
    name = "USER-NAME"
    description = "USER-DESCRIPTION"
    password = "PASSWORD-HASH"
    key = "PUBLIC-SSH-KEY"
    home = "/home/USER-NAME/"
    shell = "/usr/bin/bash"
    groups = ["users", "wheel"]
    uid = NUMBER
    gid = NUMBER
    Note

    The GID is optional and must already exist in the image, be created by a package, or be created by the blueprint [[customizations.group]] entry.

    Important

    To generate the hash, you must install python3 on your system. The following command will install the python3 package.

    # yum install python3

    Replace PASSWORD-HASH with the actual password hash. To generate the hash, use a command such as:

    $ python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'

    Replace PUBLIC-SSH-KEY with the actual public key.

    Replace the other placeholders with suitable values.

    Leave out any of the lines as needed, only the user name is required.

    Repeat this block for every user to include.

  3. Group specifications for the resulting system image:

    [[customizations.group]]
    name = "GROUP-NAME"
    gid = NUMBER

    Repeat this block for every group to include.

  4. Set an existing users ssh key:

    [[customizations.sshkey]]
    user = "root"
    key = "PUBLIC-SSH-KEY"
    Note

    This option is only applicable for existing users. To create a user and set an ssh key, use the User specifications for the resulting system image customization.

  5. Append a kernel boot parameter option to the defaults:

    [customizations.kernel]
    append = "KERNEL-OPTION"
  6. Define a kernel name to be used in an image:

    [customizations.kernel.name]
    name = "KERNEL-NAME"
  7. Set the timezone and the Network Time Protocol (NTP) servers for the resulting system image:

    [customizations.timezone]
    timezone = "TIMEZONE"
    ntpservers = "NTP_SERVER"

    If you do not set a timezone, the system uses Universal Time, Coordinated (UTC) as default. Setting NTP servers is optional.

  8. Set the locale settings for the resulting system image:

    [customizations.locale]
    languages = ["LANGUAGE"]
    keyboard = "KEYBOARD"

    Setting both language and keyboard options is mandatory. You can add multiple languages. The first language you add will be the primary language and the other languages will be secondary.

  9. Set the firewall for the resulting system image:

    [customizations.firewall]
    port = ["PORTS"]

    You can use the numeric ports, or theirs names from the /etc/services file to enable lists.

  10. Customize the firewall services:

    Review the available firewall services.

    $ firewall-cmd --get-services

    In the blueprint, under section customizations.firewall.service, specify the firewall services that you want to customize.

    [customizations.firewall.services]
    enabled = ["SERVICES"]
    disabled = ["SERVICES"]

    The services listed in firewall.services are different from the names available in the /etc/services file.

    You can optionally customize the firewall services for the system image that you plan to create.

    Note

    If you do not want to customize the firewall services, omit the [customizations.firewall] and [customizations.firewall.services] sections from the blueprint.

  11. Set which services to enable during the boot time:

    [customizations.services]
    enabled = ["SERVICES"]
    disabled = ["SERVICES"]

    You can control which services to enable during the boot time. Some image types already have services enabled or disabled so that the image works correctly and this setup cannot be overridden.

  12. Add files from a git repository to your blueprint:

    [[repos.git]]
    rpmname = "RPM-NAME"
    rpmversion = "RPM-VERSION"
    rpmrelease = "RPM-RELEASE"
    summary = "RPM-SUMMARY"
    repo = "REPO-URL"
    ref = "GIT-REF"
    destination = "SERVICES"

    You can use entries to add files from a git repository to the created image.

    For example, to create an RPM package named server-config-1.0-1.noarch.rpm, add the following information to your blueprint:

    Replace _RPM-NAME with the name of the RPM package to create. This is also the prefix name in the resulting tar archive.

    Replace RPM-VERSION with the version of the RPM package, for example, "1.0.0".

    Replace RPM-RELEASE with the version of the RPM package release, for example, "1".

    Replace RPM-SUMMARY with the summary string for the RPM package.

    Replace REPO-URL with the URL of the get repository to clone and create the archive from it.

    Replace GIT-REF with the git reference to check out, for example, origin/branch-name, git tag, or git commit hash.

    Replace SERVICES with the path to install the directory of the git repository when installing the RPM package.

    As a consequence, the git repository you provided is cloned, the specified git reference is checked out and an RPM package is created to install the files to a destination path, for example, /opt/server/. The RPM includes a summary with the details of the repository and reference used to create it. The RPM package is also included in the image build metadata.

    Note

    Each time a build starts, it clones the repository. If you refer to a repository with a large amount of history, it might take a while to clone and use a significant amount of disk space. Also, the clone is temporary and is removed once the RPM package is created.

7.3.8. Installed Packages

When you create a system image using Image Builder, by default, the system installs a set of base packages. The base list of packages are the members of the comps core group. By default, Image Builder uses the core yum group.

Table 7.4. Default packages to support image type creation

Image typeDefault Packages

ami

checkpolicy, chrony, cloud-init, cloud-utils-growpart, @Core, dhcp-client, gdisk, insights-client, kernel, langpacks-en, net-tools, NetworkManager, redhat-release, redhat-release-eula, rng-tools, rsync, selinux-policy-targeted, tar, Yum-utils

openstack

@Core, langpacks-en

qcow2

@Core, chrony, dnf, kernel, yum, nfs-utils, dnf-utils, cloud-init, python3-jsonschema, qemu-guest-agent, cloud-utils-growpart, dracut-norescue, tar, tcpdump, rsync, dnf-plugin-spacewalk, rhn-client-tools, rhnlib, rhnsd, rhn-setup, NetworkManager, dhcp-client, cockpit-ws, cockpit-system, subscription-manager-cockpit, redhat-release, redhat-release-eula, rng-tools, insights-client

rhel-edge-commit

glibc, glibc-minimal-langpack, nss-altfiles, kernel, dracut-config-generic, dracut-network, basesystem, bash, platform-python,shadow-utils, chrony, setup, shadow-utils, sudo, systemd, coreutils, util-linux, curl, vim-minimal, rpm, rpm-ostree, polkit, lvm2, cryptsetup, pinentry, e2fsprogs, dosfstools, keyutils, gnupg2, attr, xz, gzip, firewalld, iptables, NetworkManager, NetworkManager-wifi, NetworkManager-wwan, wpa_supplicant, dnsmasq, traceroute, hostname, iproute, iputils, openssh-clients, procps-ng, rootfiles, openssh-server, passwd, policycoreutils, policycoreutils-python-utils, selinux-policy-targeted, setools-console, less, tar, rsync, fwupd, usbguard, bash-completion, tmux, ima-evm-utils, audit, rng-tools, podman, container-selinux, skopeo, criu, slirp4netns, fuse-overlayfs, clevis, clevis-dracut, clevis-luks, greenboot, greenboot-grub2, greenboot-rpm-ostree-grub2, greenboot-reboot, greenboot-status

tar

policycoreutils, selinux-policy-targeted

vhd

@Core, langpacks-en

vmdk

@Core, chrony, firewalld, kernel, langpacks-en, open-vm-tools, selinux-policy-targeted

Note

When you add additional components to your blueprint, you must make sure that the packages in the components you added do not conflict with any other package components, otherwise the system fails to solve dependencies. As a consequence, you are not able to create your customized image.

Additional resources

7.3.9. Enabled Services

When you configure the custom image, the services enabled are the defaults services for the RHEL8 release you are running osbuild-composer from, additionally the services enabled for specific image types.

For example, the .ami image type enables the services sshd, chronyd and cloud-init and without these services, the custom image does not boot.

Table 7.5. Enabled services to support image type creation

Image typeEnabled Services

ami

No default service

openstack

sshd, cloud-init, cloud-init-local, cloud-config, cloud-final

qcow2

No default service

rhel-edge-commit

No default service

tar

No default service

vhd

sshd, chronyd, waagent, cloud-init, cloud-init-local, cloud-config, cloud-final

vmdk

sshd, chronyd, vmtoolsd

Note: You can customize which services to enable during the system boot. However, for image types with services enabled by default, the customization does not override this feature.

Additional resources

7.3.10. Disks and Partitions Configuration using Image Builder

Image Builder does not allow disks to be partitioned. The output types that have a partitioned disk will have a single partition and additionally any platform-specific partitions that are required to boot the system image. For example, qcow2 image type has a single root partition, and possibly a platform specific boot partition - like PReP for PPC64 system - that the image requires to boot.

7.4. Creating system images with Image Builder web console interface

Image Builder is a tool for creating custom system images. To control Image Builder and create your custom system images, you can use the web console interface. Note that the command line interface is the currently preferred alternative, because it offers more features.

7.4.1. Accessing Image Builder GUI in the RHEL 8 web console

The cockpit-composer plugin for the RHEL 8 web console enables users to manage Image Builder blueprints and composes with a graphical interface. Note that the preferred method for controlling Image Builder is at the moment using the command-line interface.

Prerequisites

  • You must have root access to the system.

Procedure

  1. Open https://localhost:9090/ in a web browser on the system where Image Builder is installed.

    For more information how to remotely access Image Builder, see Managing systems using the RHEL 8 web console document.

  2. Log into the web console with credentials for an user account with sufficient privileges on the system.
  3. To display the Image Builder controls, click the Image Builder icon, which is in the upper-left corner of the window.

    The Image Builder view opens, listing existing blueprints.

7.4.2. Creating an Image Builder blueprint in the web console interface

To describe the customized system image, create a blueprint first.

Prerequisites

  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.

Procedure

  1. Click Create Blueprint in the top right corner.

    A pop-up appears with fields for the blueprint name and description.

  2. Fill in the name of the blueprint, its description, then click Create.

    The screen changes to blueprint editing mode.

  3. Add components that you want to include in the system image:

    1. On the left, enter all or part of the component name in the Available Components field and press Enter.

      The search is added to the list of filters under the text entry field, and the list of components below is reduced to these that match the search.

      If the list of components is too long, add further search terms in the same way.

    2. The list of components is paged. To move to other result pages, use the arrows and entry field above the component list.
    3. Click the name of the component you intend to use to display its details. The right pane fills with details of the components, such as its version and dependencies.
    4. Select the version you want to use in the Component Options box, with the Version Release dropdown.
    5. Click Add in the top left.
    6. If you added a component by mistake, remove it by clicking the …​ button at the far right of its entry in the right pane, and select Remove in the menu.
    Note

    If you do not intend to select a version for some components, you can skip the component details screen and version selection by clicking the + buttons on the right side of the component list.

  4. To save the blueprint, click Commit in the top right. A dialog with a summary of the changes pops up. Click Commit.

    A small pop-up on the right informs you of the saving progress and then the result.

  5. To exit the editing screen, click Back to Blueprints in the top left.

    The Image Builder view opens, listing existing blueprints.

7.4.3. Editing an Image Builder blueprint in the web console interface

To change the specifications for a custom system image, edit the corresponding blueprint.

Prerequisites

  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • A blueprint exists.

Procedure

  1. Locate the blueprint that you want to edit by entering its name or a part of it into the search box at top left, and press Enter.

    The search is added to the list of filters under the text entry field, and the list of blueprints below is reduced to these that match the search.

    If the list of blueprints is too long, add further search terms in the same way.

  2. On the right side of the blueprint, press the Edit Blueprint button that belongs to the blueprint.

    The view changes to the blueprint editing screen.

  3. Remove unwanted components by clicking their button at the far right of its entry in the right pane, and select Remove in the menu.
  4. Change version of existing components:

    1. On the Blueprint Components search field, enter component name or a part of it into the field under the heading Blueprint Components and press Enter.

      The search is added to the list of filters under the text entry field, and the list of components below is reduced to these that match the search.

      If the list of components is too long, add further search terms in the same way.

    2. Click the button at the far right of the component entry, and select View in the menu.

      A component details screen opens in the right pane.

    3. Select the desired version in the Version Release drop-down menu and click Apply Change in top right.

      The change is saved and the right pane returns to listing the blueprint components.

  5. Add new components:

    1. On the left, enter component name or a part of it into the field under the heading Available Components and press Enter.

      The search is added to the list of filters under the text entry field, and the list of components below is reduced to these that match the search.

      If the list of components is too long, add further search terms in the same way.

    2. The list of components is paged. To move to other result pages, use the arrows and entry field above the component list.
    3. Click the name of the component you intend to use to display its details. The right pane fills with details of the components, such as its version and dependencies.
    4. Select the version you want to use in the Component Options box, with the Version Release drop-down menu.
    5. Click Add in the top right.
    6. If you added a component by mistake, remove it by clicking the button at the far right of its entry in the right pane, and select Remove in the menu.

      Note

      If you do not intend to select a version for some components, you can skip the component details screen and version selection by clicking the + buttons on the right side of the component list.

  6. Commit a new version of the blueprint with your changes:

    1. Click the Commit button in top right.

      A pop-up window with a summary of your changes appears.

    2. Review your changes and confirm them by clicking Commit.

      A small pop-up on the right informs you of the saving progress and the results. A new version of the blueprint is created.

    3. In the top left, click Back to Blueprints to exit the editing screen.

      The Image Builder view opens, listing existing blueprints.

7.4.4. Adding users and groups to an Image Builder blueprint in the web console interface

Adding customizations such as users and groups to blueprints in the web console interface is currently not possible. To work around this limitation, use the Terminal tab in web console to use the command-line interface (CLI) workflow.

Prerequisites

  • A blueprint must exist.
  • A CLI text editor such as vim, nano, or emacs must be installed. To install them:

    # yum install editor-name

Procedure

  1. Find out the name of the blueprint: Open the Image Builder (Image builder) tab on the left in the RHEL 8 web console to see the name of the blueprint.
  2. Navigate to the CLI in web console: Open the system administration tab on the left, then select the last item Terminal from the list on the left.
  3. Enter the super-user (root) mode:

    $ sudo bash

    Provide your credentials when asked. Note that the terminal does not reuse your credentials you entered when logging into the web console.

    A new shell with root privileges starts in your home directory.

  4. Export the blueprint to a file:

    # composer-cli blueprints save BLUEPRINT-NAME
  5. Edit the file BLUEPRINT-NAME.toml with a CLI text editor of your choice and add the users and groups.

    Important

    RHEL 8 web console does not have any built-in feature to edit text files on the system, so the use of a CLI text editor is required for this step.

    1. For every user to be added, add this block to the file:

      [[customizations.user]]
      name = "USER-NAME"
      description = "USER-DESCRIPTION"
      password = "PASSWORD-HASH"
      key = "ssh-rsa (...) key-name"
      home = "/home/USER-NAME/"
      shell = "/usr/bin/bash"
      groups = ["users", "wheel"]
      uid = NUMBER
      gid = NUMBER

      Replace PASSWORD-HASH with the actual password hash. To generate the hash, use a command such as this:

      $ python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'

      Replace ssh-rsa (…​) key-name with the actual public key.

      Replace the other placeholders with suitable values.

      Leave out any of the lines as needed, only the user name is required.

    2. For every user group to be added, add this block to the file:

      [[customizations.group]]
      name = "GROUP-NAME"
      gid = NUMBER
    3. Increase the version number.
    4. Save the file and close the editor.
  6. Import the blueprint back into Image Builder:

    # composer-cli blueprints push BLUEPRINT-NAME.toml

    Note that you must supply the file name including the .toml extension, while in other commands you use only the name of the blueprint.

  7. To verify that the contents uploaded to Image Builder match your edits, list the contents of blueprint:

    # composer-cli blueprints show BLUEPRINT-NAME

    Check if the version matches what you put in the file and if your customizations are present.

    Important

    The Image Builder plugin for RHEL 8 web console does not show any information that could be used to verify that the changes have been applied, unless you edited also the packages included in the blueprint.

  8. Exit the privileged shell:

    # exit
  9. Open the Image Builder (Image builder) tab on the left and refresh the page, in all browsers and all tabs where it was opened.

    This prevents state cached in the loaded page from accidentally reverting your changes.

7.4.5. Creating a system image with Image Builder in the web console interface

The following steps below describe creating a system image.

Prerequisites

  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • A blueprint exists.

Procedure

  1. Locate the blueprint that you want to build an image by entering its name or a part of it into the search box at top left, and press Enter.

    The search is added to the list of filters under the text entry field, and the list of blueprints below is reduced to these that match the search.

    If the list of blueprints is too long, add further search terms in the same way.

  2. On the right side of the blueprint, press the Create Image button that belongs to the blueprint.

    A pop-up window appears.

  3. Select the image type and press Create.

    A small pop-up in the top right informs you that the image creation has been added to the queue.

  4. Click the name of the blueprint.

    A screen with details of the blueprint opens.

  5. Click the Images tab to switch to it. The image that is being created is listed with the status In Progress.

    Note

    Image creation takes a longer time, measured in minutes. There is no indication of progress while the image is created.

    To abort image creation, press its Stop button on the right.

  6. Once the image is successfully created, the Stop button is replaced by a Download button. Click this button to download the image to your system.

7.4.6. Adding a source to a blueprint

The sources defined in Image Builder provide the contents that you can add to blueprints. These sources are global and therefore available to all blueprints. The System sources are repositories that are set up locally on your computer and cannot be removed from Image Builder. You can add additional custom sources and thus be able to access other contents than the System sources available on your system.

The following steps describe how to add a Source to your local system.

Prerequisites

  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.

Procedure

  1. Click the Manage Sources button in the top right corner.

    image builder manage source

    A pop-up window appears with the available sources, their names and descriptions.

    image builder available sources

  2. On the right side of the pop-up window, click the Add Source button.
  3. Add the desired Source name, the Source path, and the Source Type. The Security field is optional.

    image builder sources options

  4. Click Add Source button. The screen shows the available sources window and list the source you have added.

As a result, the new System source is available and ready to be used or edited.

7.4.7. Creating a user account for a blueprint

The images created by Image Builder have the root account locked and no other accounts included. Such configuration is provided in order to ensure that you cannot accidentally build and deploy an image without a password. Image Builder enables you to create a user account with password for a blueprint so that you can log in to the image created from the blueprint.

Prerequisites

  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • You have an existing blueprint.

Procedure

  1. Locate the blueprint that you want to create a user account for by entering its name or a part of it into the search box at the top left, and press Enter.

    The search is added to the list of filters under the text entry field, and the list of blueprints below is reduced to those that match the search.

  2. Click on the blueprint name to display the blueprint details.

    image builder create user account
  3. Click Create User Account.

    This will open a window with fields for user account creation.

    image builder creating user account 2
  4. Fill in the details. Notice that when you insert the name, the User name field autocompletes, suggesting a username.
  5. Once you have inserted all the desired details, click Create.
  6. The created user account appears showing all the information you have inserted.

    image builder user account created
  7. To create further user accounts for the blueprint, repeat the process.

7.4.8. Creating a user account with SSH key

The images created by Image Builder have the root account locked and no other accounts included. Such configuration is provided in order to ensure that images are secure, by not having a default password. Image Builder enables you to create a user account with SSH key for a blueprint so that you can authenticate to the image that you created from the blueprint. To do so, first, create a blueprint. Then, you will create a user account with a password and an SSH key. The following example shows how to create a Server administrator user with an SSH key configured.

Prerequisites

  • You have created an SSH key that will be paired with the created user later on in the process.
  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • You have an existing blueprint

Procedure

  1. Locate the blueprint that you want to create a user account for by entering its name or a part of it into the search box at the top left, and press Enter.

    The search is added to the list of filters under the text entry field, and the list of blueprints below is reduced to those that match the search.

  2. Click on the blueprint name to display the blueprint details.

    image builder create user account
  3. Click Create User Account.

    This will open a window with fields for user account creation

    image builder creating user account 2
  4. Fill in the details. Notice that when you insert the name, the User name field autocompletes, suggesting a username.

    If you want to provide administrators rights to the user account you are creating, check the Role field.

    Paste the content of your public SSH key file.

  5. Once you have inserted all the desired details, click Create.
  6. The new user account will appear in the user list, showing all the information you have inserted.

    image builder user account created
  7. If you want to create more user accounts for the blueprint, repeat the process.

Additional resources

7.5. Preparing and Uploading cloud images with Image Builder

Image Builder can create custom system images ready for use in clouds of various providers. To use your customized RHEL system image in a cloud, create the system image with Image Builder using the respective output type, configure your system for uploading the image, and upload the image to your cloud account. From Red Hat Enterprise Linux 8.3, the ability to push customized images clouds through the Image Builder application in the RHEL web console is available for a subset of the service providers that we support, such as AWS and Azure clouds. See Pushing images to AWS Cloud AMI and Pushing VHD imaged to Azure cloud.

7.5.1. Preparing for uploading AWS AMI images

This describes steps to configure a system for uploading AWS AMI images.

Prerequisites

Procedure

  1. Install Python 3 and the pip tool:

    # yum install python3
    # yum install python3-pip
  2. Install the AWS command-line tools with pip:

    # pip3 install awscli
  3. Run the following command to set your profile. The terminal prompts you to provide your credentials, region and output format:

    $ aws configure
    AWS Access Key ID [None]:
    AWS Secret Access Key [None]:
    Default region name [None]:
    Default output format [None]:
  4. Define a name for your bucket and use the following command to create a bucket:

    $ BUCKET=bucketname
    $ aws s3 mb s3://$BUCKET

    Replace bucketname with the actual bucket name. It must be a globally unique name. As a result, your bucket is created.

  5. Then, to grant permission to access the S3 bucket, create a vmimport S3 Role in IAM, if you have not already done so in the past:

    $ printf '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "vmie.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals":{ "sts:Externalid": "vmimport" } } } ] }' > trust-policy.json
    $ printf '{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket" ], "Resource":[ "arn:aws:s3:::%s", "arn:aws:s3:::%s/*" ] }, { "Effect":"Allow", "Action":[ "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:Describe*" ], "Resource":"*" } ] }' $BUCKET $BUCKET > role-policy.json
    $ aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
    $ aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

7.5.2. Uploading an AMI image to AWS

This section describes how to upload an AMI image to AWS.

Prerequisites

  • Your system must be set up for uploading AWS images.
  • You must have an AWS image created by Image Builder. Use the ami output type in CLI or Amazon Machine Image Disk (.ami) in GUI when creating the image.

Procedure

  1. Push the image to S3:

    $ AMI=8db1b463-91ee-4fd9-8065-938924398428-disk.ami
    $ aws s3 cp $AMI s3://$BUCKET
    Completed 24.2 MiB/4.4 GiB (2.5 MiB/s) with 1 file(s) remaining
    ...
  2. After the upload to S3 ends, import the image as a snapshot into EC2:

    $ printf '{ "Description": "my-image", "Format": "raw", "UserBucket": { "S3Bucket": "%s", "S3Key": "%s" } }' $BUCKET $AMI > containers.json
    $ aws ec2 import-snapshot --disk-container file://containers.json

    Replace my-image with the name of the image.

    To track progress of the import, run:

    $ aws ec2 describe-import-snapshot-tasks --filters Name=task-state,Values=active
  3. Create an image from the uploaded snapshot by selecting the snapshot in the EC2 console, right clicking on it and selecting Create Image:

    composer aws ec2 select snapshot

  4. Select the Virtualization type of Hardware-assisted virtualization in the image you create:

    composer aws ec2 create image

  5. Now you can run an instance using whatever mechanism you like (CLI or AWS Console) from the snapshot. Use your private key via SSH to access the resulting EC2 instance. Log in as ec2-user.

7.5.3. Pushing images to AWS Cloud AMI

The ability to push the output image that you create to AWS Cloud AMI is available this time. This describes steps to push .ami images you create using Image Builder to Amazon AWS Cloud service provider.

Prerequisites

  • You must have root or wheel group user access to the system.
  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • You must have an Access Key ID configured in the AWS IAM account manager.
  • You must have a writable S3 bucket prepared.

Procedure

  1. Click Create blueprint to create a blueprint. See Creating an Image Builder blueprint in the web console interface.
  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A small pop-up on the superior right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the tab Images.
  6. Click Create Image to create your customized image.

    A pop-up window opens.

    1. From the "Type" drop-down menu list, select the `"Amazon Machine Image Disk (.ami)"' image.
    2. Check the "Upload to AWS" check box to upload your image to the AWS Cloud and click Next.
    3. To authenticate your access to AWS, type your "AWS access key ID" and "AWS secret access key" in the corresponding fields. Click Next.

      Note

      You can view your AWS secret access key only when you create a new Access Key ID. If you do not know your Secret Key, generate a new Access Key ID.

    4. Type the name of the image in the "Image name" field, type the Amazon bucket name in the "Amazon S3 bucket name" field and type the "AWS region" field for the bucket you are going to add your customized image to. Click Next.
    5. Review the information you provided and once you are satisfied, click Finish.

      Optionally, you can click Back to modify any incorrect detail.

      Note

      You must have the correct IAM settings for the bucket you are going to send your customized image. We are using the IAM Import and Export, so you have to setup a policy to your bucket before you are able to upload images to it. For more information, see Required Permissions for IAM Users.

  7. A small pop-up on the superior right side informs you of the saving progress. It also informs that the image creation has been initiated, the progress of this image creation and the subsequent upload to the AWS Cloud.

    Once the process is complete, you can see the "Image build complete" status.

  8. Click Service→EC2 on the menu and choose the correct region in the AWS console. The image must have the "Available" status, to indicate that it is uploaded.
  9. On the dashboard, select your image and click Launch.
  10. A new window opens. Choose an instance type according to the resources you need to launch your image. Click Review and Launch.
  11. Review your instance launch details. You can edit each section if you need to make any change. Click Launch
  12. Before you launch the instance, you must select a public key to access it.

    You can either use the key pair you already have or you can create a new key pair. Alternatively, you can use Image Builder to add a user to the image with a preset public key. See Creating a user account with SSH key for more details.

    Follow the next steps to create a new key pair in EC2 and attach it to the new instance.

    1. From the drop-down menu list, select "Create a new key pair".
    2. Enter the name to the new key pair. It generates a new key pair.
    3. Click "Download Key Pair" to save the new key pair on your local system.
  13. Then, you can click Launch Instance to launch your instance.

    You can check the status of the instance, it shows as "Initializing".

  14. Once the instance status is "running", the Connect button turns available.
  15. Click Connect. A popup window appears with instructions on how to connect using SSH.

    1. Select the preferred connection method to "A standalone SSH client" and open a terminal.
    2. In the location you store your private key, make sure that your key is publicly viewable for SSH to work. To do so, run the command:

      $ chmod 400 <your-instance-name.pem>_
    3. Connect to your instance using its Public DNS:

      $ ssh -i "<_your-instance-name.pem_"> ec2-user@<_your-instance-IP-address_>
    4. Type "yes" to confirm that you want to continue connecting.

      As a result, you are connected to your instance using SSH.

Verification steps

  1. Check if you are able to perform any action while connected to your instance using SSH.

7.5.4. Preparing for uploading Azure VHD images

This describes steps to upload an VHD image to Azure.

Prerequisites

  • You must have a usable Azure resource group and storage account.

Procedure

  1. Install python2:

    # yum install python2
    Note

    python2 package must be installed because since the AZ CLI depends specifically on python 2.7

  2. Import the Microsoft repository key:

    # rpm --import https://packages.microsoft.com/keys/microsoft.asc
  3. Create a local azure-cli repository information:

    # sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azure-cli.repo'
  4. Install the Azure CLI:

    # yumdownloader azure-cli
    # rpm -ivh --nodeps azure-cli-2.0.64-1.el7.x86_64.rpm
    Note

    The downloaded version of the Azure CLI package may vary depending on the current downloaded version.

  5. Run the Azure CLI:

    $ az login

    The terminal shows the message 'Note, we have launched a browser for you to login. For old experience with device code, use "az login --use-device-code"' and opens a browser where you can login.

    Note

    If you are running a remote (SSH) session, the link will not open in the browser. In this case, you can use the link provided and thus be able to login and autenticate your remote session. To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXXXXXXXX to authenticate.

  6. List the keys for the storage account in Azure:

    $ GROUP=resource-group-name
    $ ACCOUNT=storage-account-name
    $ az storage account keys list --resource-group $GROUP --account-name $ACCOUNT

    Replace resource-group-name with name of the Azure resource group and storage-account-name with name of the Azure storage account.

    Note

    You can list the available resources using the command:

    $ az resource list
  7. Make note of value key1 in the output of the previous command, and assign it to an environment variable:

    $ KEY1=value
  8. Create a storage container:

    $ CONTAINER=storage-account-name
    $ az storage container create --account-name $ACCOUNT \
    --account-key $KEY1 --name $CONTAINER

    Replace storage-account-name with name of the storage account.

Additional resources

7.5.5. Uploading VHD images to Azure

This describes steps to upload an VHD image to Azure.

Prerequisites

  • Your system must be set up for uploading Azure VHD images.
  • You must have an Azure VHD image created by Image Builder. Use the vhd output type in CLI or Azure Disk Image (.vhd) in GUI when creating the image.

Procedure

  1. Push the image to Azure and create an instance from it:

    $ VHD=25ccb8dd-3872-477f-9e3d-c2970cd4bbaf-disk.vhd
    $ az storage blob upload --account-name $ACCOUNT --container-name $CONTAINER --file $VHD --name $VHD --type page
    ...
  2. Once the upload to the Azure BLOB completes, create an Azure image from it:

    $ az image create --resource-group $GROUP --name $VHD --os-type linux --location eastus --source https://$ACCOUNT.blob.core.windows.net/$CONTAINER/$VHD
     - Running ...
  3. Create an instance either with the Azure portal, or a command similar to the following:

    $ az vm create --resource-group $GROUP --location eastus --name $VHD --image $VHD --admin-username azure-user --generate-ssh-keys
     - Running ...
  4. Use your private key via SSH to access the resulting instance. Log in as azure-user.

7.5.6. Uploading VMDK images to vSphere

Image Builder can generate images suitable for uploading to a VMware ESXi or vSphere system. This describes steps to upload an VMDK image to VMware vSphere.

Note

Because VMWare deployments typically does not have cloud-init configured to inject user credentials to virtual machines, we must perform that task ourselves on the blueprint.

Prerequisites

  • You must have an VMDK image created by Image Builder. Use the vmdk output type in CLI or VMware Virtual Machine Disk (.vmdk) in GUI when creating the image.

Procedure

  1. Upload the image into vSphere via HTTP. Click on Upload Files in the vCenter:

    composer vmware upload image

  2. When you create a VM, on the Device Configuration, delete the default New Hard Disk and use the drop-down to select an Existing Hard Disk disk image:

    composer vmware existing disk

  3. Make sure you use an IDE device as the Virtual Device Node for the disk you create. The default value SCSI results in an unbootable virtual machine.

    composer vmware existing ide

7.5.7. Pushing VMWare images to vSphere

You can build VMWare images and push them directly to your vSphere instance, to avoid having to download the image file and push it manually. This describes steps to push .vmdk images you create using Image Builder directly to vSphere instances service provider.

Prerequisites

  • You have root or wheel group user access to the system.
  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • You have a vSphere Account.

Procedure

  1. Click Create blueprint.

    See Creating an Image Builder blueprint in the web console interface.

  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A pop-up on the upper right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the Customizations tab to create a user account for the blueprint.

    See Creating a user account for a blueprint.

  6. Select the Images tab .
  7. Click Create Image to create your customized image.

    The Image type window opens.

  8. In the Image type window:

    1. From the dropdown menu, select the Type: VMWare VSphere (.vmdk).
    2. Check the Upload to VMware checkbox to upload your image to the vSphere.
    3. Optional: Set the size of the image you want to instantiate. The minimal default size is 2GB.
    4. Click Next.
  9. In the Upload to VMWare window, under Authentication, enter the following details:

    1. Username: username of the vSphere account.
    2. Password: pasword of the vSphere account.
  10. In the Upload to VMWare window, under Destination, enter the following details:

    1. Image name: a name for the image to be uploaded.
    2. Host: The URL of your VMWare vSphere where the image will be uploaded.
    3. Cluster: The name of the cluster where the image will be uploaded.
    4. Data center: The name of the datacenter where the image will be uploaded.
    5. Data store:The name of the Data store where the image will be uploaded.
    6. Click Next.
  11. In the Review window, review the details about the image creation. Once you are satisfied, click Finish.

    You can click Back to modify any incorrect detail.

    Image Builder adds the compose of a RHEL 8.4 vSphere image to the queue, and creates and uploads the image to the Cluster on the vSphere instance you specified.

    Note

    The image build and upload processes take a few minutes to complete.

    Once the process is complete, you can see the Image build complete status.

Verification

After the image status upload is completed successfully, you can create a Virtual Machine (VM) from the image you uploaded and login into it. Follow the steps for that:

  1. Access VMWare vSphere Client.
  2. Search for the image in the Cluster on the vSphere instance you specified.
  3. You can create a new Virtual Machine from the image you uploaded. For that:

    1. Select the image you uploaded.
    2. Click the right button on the selected image.
    3. Click New Virtual Machine.

      A New Virtual Machine window opens.

      In the New Virtual Machine window, provide the following details:

      1. Select a creation type: You can choose to create a New Virtual Machine.
      2. Select a name and a folder: For example, Virtual Machine name: vSphere Virtual Machine and location of your choice inside vSphere Client.
      3. Select a computer resource: choose a destination computer resource for this operation.
      4. Select storage: For example, select NFS-Node1
      5. Select compatibility: The image should be BIOS only.
      6. Select a guest OS: For example, select Linux and _Red Hat Fedora (64-bit).
      7. Customize hardware: When you create a VM, on the Device Configuration button on the upper right, delete the default New Hard Disk and use the drop-down to select an Existing Hard Disk disk image:
      8. Ready to complete: Review the details and click Finish to create the image.
    4. Navigate to the VMs tab.

      1. From the list, select the VM you created.
      2. Click the Start button from the panel. A new window appears, showing the VM image loading.
      3. Log in with the credentials you created for the blueprint.
      4. You can verify if the packages you added to the blueprint are installed. For example:

        $ rpm -qa | grep firefox

Additional resources

7.5.8. Pushing VHD images to Azure cloud

The ability to push the output image you create to the Azure Blob Storage is available. This section describes steps to push .vhd images you create using Image Builder to Azure Cloud service provider.

Prerequisites

  • You must have root access to the system.
  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • You must have a Storage Account created.
  • You must have a writable Blob Storage prepared.

Procedure

  1. Click Create blueprint to create a blueprint. See more at Creating an Image Builder blueprint in the web console interface.
  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A small pop-up on the upper right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the tab Images.
  6. Click Create Image to create your customized image.

    A pop-up window opens.

    1. From the "Type" drop-down menu list, select the Azure Disk Image (.vhd) image.
    2. Check the "Upload to Azure" check box to upload your image to the Azure Cloud and click Next.
    3. To authenticate your access to Azure, type your "Storage account" and "Storage access key" in the corresponding fields. Click Next.

      You can find your Storage account details in the Settings→Access Key menu list.

    4. Type a "Image name" to be used for the image file that will be uploaded and the Blob "Storage container" in which the image file you want to push the image into. Click Next.
    5. Review the information you provided and once you are satisfied, click Finish.

      Optionally, you can click Back to modify any incorrect detail.

  7. A small pop-up on the upper right side displays when the image creation process starts with the message: "Image creation has been added to the queue".

    Once the image process creation is complete, click the blueprint you created an image from. You can see the "Image build complete" status for the image you created within the Images tab.

  8. To access the image you pushed into Azure Cloud, access Azure Portal.
  9. On the search bar, type Images and select the first entry under Services. You are redirected to the Image dashboard.
  10. Click +Add. You are redirected to the Create an Image dashboard.

    Insert the below details:

    1. Name: Choose a name for your new image.
    2. Resource Group: Select a resource group.
    3. Location: Select the location that matches the regions assigned to your storage account. Otherwise you will not be able to select a blob.
    4. OS Type: Set the OS type to Linux.
    5. VM Generation: Keep the VM generation set on Gen 1.
    6. Storage Blob: Click Browse on the right of Storage blob input. Use the dialog to find the image you uploaded earlier.

      Keep the remaining fields as in the defaults choice.

  11. Click Create to create the image. Once the image is created, you can see the message "Successfully created image" in the upper right corner.
  12. Click Refresh to see your new image and open your newly created image.
  13. Click + Create VM. You are redirected to the Create a virtual machine dashboard.
  14. In the Basic tab, under Project Details, your *Subscription and the Resource Group are already pre-set.

    If you want to create a new resource Group

    1. Click Create new.

      A pop-up prompts you to create the Resource Group Name container.

    2. Insert a name and click OK.

      If you want to keep the Resource Group that are already pre-set.

  15. Under Instance Details, insert:

    1. Virtual machine name
    2. Region
    3. Image: The image you created is pre-selected by default.
    4. Size: Choose a VM size that better suits your needs.

      Keep the remaining fields as in the defaults choice.

  16. Under Administrator account, enter the below details:

    1. Username: the name of the account administrator.
    2. SSH public key source: from the drop-down menu, select Generate new key pair.

      You can either use the key pair you already have or you can create a new key pair. Alternatively, you can use Image Builder to add a user to the image with a preset public key. See Creating a user account with SSH key for more details.

    3. Key pair name: insert a name for the key pair.
  17. Under Inbound port rules, select:

    1. Public inbound ports: Allow selected ports.
    2. Select inbound ports: Use the default set SSH (22).
  18. Click Review + Create. You are redirected to the Review + create tab and receive a confirmation that the validation passed.
  19. Review the details and click Create.

    Optionally, you can click Previous to fix previous options selected.

  20. A pop-up generates new key pair window opens. Click Download private key and create resources.

    Save the key file as "yourKey.pem".

  21. Once the deployment is complete, click Go to resource.
  22. You are redirected to a new window with your VM details. Select the public IP address on the top right side of the page and copy it to your clipboard.

Now, to create an SSH connection with the VM to connect to the Virtual Machine.

  1. Open a terminal.
  2. At your prompt, open an SSH connection to your virtual machine. Replace the IP address with the one from your VM, and replace the path to the .pem with the path to where the key file was downloaded.

    # ssh -i ./Downloads/yourKey.pem azureuser@10.111.12.123
  3. You are required to confirm if you want to continue to connect. Type yes to continue.

As a result, the output image you pushed to the Azure Storage Blob is ready to be provisioned.

7.5.9. Uploading QCOW2 image to OpenStack

Image Builder can generate images suitable for uploading to OpenStack cloud deployments, and starting instances there. This describes steps to upload an QCOW2 image to OpenStack.

Prerequisites

  • You must have an OpenStack-specific image created by Image Builder. Use the openstack output type in CLI or OpenStack Image (.qcow2) in GUI when creating the image.

    Warning

    Image Builder also offers a generic QCOW2 image type output format as qcow2 or QEMU QCOW2 Image (.qcow2). Do not mistake it with the OpenStack image type which is also in the QCOW2 format, but contains further changes specific to OpenStack.

Procedure

  1. Upload the image to OpenStack and start an instance from it. Use the Images interface to do this:

    composer openstack upload image

  2. Start an instance with that image:

    composer openstack start instance

  3. You can run the instance using any mechanism (CLI or OpenStack web UI) from the snapshot. Use your private key via SSH to access the resulting instance. Log in as cloud-user.

7.5.10. Preparing for uploading images to Alibaba

This section describes steps to verify custom images that you can deploy on Alibaba Cloud. The images will need a specific configuration to boot successfully, because Alibaba Cloud requests the custom images to meet certain requirements before you use it. For this, it is recommended that you use the Alibaba image_check tool.

Note

The custom image verification is an optional task. Image Builder generates images that conform to Alibaba’s requirements.

Prerequisites

  • You must have an Alibaba image created by Image Builder.

Procedure

  1. Connect to the system containing the image you want to check it by the Alibaba image_check tool.
  2. Download the image_check tool:

    $ curl -O http://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/assets/attach/73848/cn_zh/1557459863884/image_check
  3. Change the file permission of the image compliance tool:

    # chmod +x image_check
  4. Run the command to start the image compliance tool checkup:

    # ./image_check

    The tool verifies the system configuration and generate a report that is displayed on your screen. The image_check tool saves this report in the same folder where the image compliance tool is running.

  5. If any of the Detection Items fail, follow the instructions to correct it. For more information, see link: Detection items section.

Additional resources

7.5.11. Uploading images to Alibaba

This section describes how to upload an Alibaba image to Object Storage Service (OSS).

Prerequisites

  • Your system is set up for uploading Alibaba images.
  • You must have an Alibaba image created by Image Builder. Use the ami output type on RHEL 7 or Alibaba on RHEL 8 when creating the image.
  • You have a bucket. See Creating a bucket.
  • You have an active Alibaba Account.
  • You activated OSS.

Procedure

  1. Log in to the OSS console.
  2. On the left side Bucket menu, select the bucket to which you want to upload an image.
  3. On the right upper menu, click Files tab.
  4. Click Upload. A window dialog opens on the right side. Choose the following information:

    • Upload To: Choose to upload the file to the Current directory or to a Specified directory.
    • File ACL: Choose the type of permission of the uploaded file.
  5. Click Upload.
  6. Choose the image you want to upload.
  7. Click Open.

As a result, the custom image is uploaded to OSS Console.

7.5.12. Importing images to Alibaba

This section describes how to import an Alibaba image to Elastic Cloud Console (ECS).

Prerequisites

  • You have uploaded the image to Object Storage Service (OSS).

Procedure

  1. Log in to the ECS console.

    1. On the left side menu, click Images.
    2. On the right upper side, click Import Image. A window dialog opens.
    3. Confirm that you have set up the correct region where the image is located. Enter the following information:

      1. OSS Object Address: See how to obtain OSS Object Address.
      2. Image Name:
      3. Operating System:
      4. System Disk Size:
      5. System Architecture:
      6. Platform: Red Hat
    4. Optionally, provide the following details:

      1. Image Format: qcow2 or ami, depending on the uploaded image format.
      2. Image Description:
      3. Add Images of Data Disks:

        The address can be determined in the OSS management console after selecting the required bucket in the left menu, select Files section and then click on Details link on the right for the appropriate image. A window will appear on the right side of the screen, showing image details. The OSS object address is in the URL box.

  2. Click OK.

    Note

    The importing process time can vary depending on the image size.

As a result, the custom image is imported to ECS Console. You can create an instance from the custom image.

7.5.13. Creating an instance of a custom image using Alibaba

You can create instances of the custom image using Alibaba ECS Console.

Prerequisites

  • You have activated OSS and uploaded your custom image.
  • You have successfully imported your image to ECS Console.

Procedure

  1. Log in to the ECS console.
  2. On the left side menu, choose Instances.
  3. In the top corner, click Create Instance. You are redirected to a new window.
  4. Fill in all the required information. See Creating an instance by using the wizard for more details.
  5. Click Create Instance and confirm the order.

    Note

    You can see the option Create Order instead of Create Instace, depending on your subscription.

As a result, you have an active instance ready for deployment.

Chapter 8. Performing an automated installation using Kickstart

8.1. Kickstart installation basics

The following provides basic information about Kickstart and how to use it to automate installing Red Hat Enterprise Linux.

8.1.1. What are Kickstart installations

Kickstart provides a way to automate the RHEL installation process, either partially or fully.

Kickstart files contain some or all of the RHEL installation options. For example, the time zone, how the drives should be partitioned, or which packages should be installed. Providing a prepared Kickstart file allows an installation without the need for any user intervention. This is especially useful when deploying Red Hat Enterprise Linux on a large number of systems at once.

Kickstart files also provide more options regarding software selection. When installing Red Hat Enterprise Linux manually using the graphical installation interface, the software selection is limited to pre-defined environments and add-ons. A Kickstart file allows you to install or remove individual packages as well.

Kickstart files can be kept on a single server system and read by individual computers during the installation. This installation method supports the use of a single Kickstart file to install Red Hat Enterprise Linux on multiple machines, making it ideal for network and system administrators.

All Kickstart scripts and log files of their execution are stored in the /tmp directory of the newly installed system to assist with debugging installation issues.

Note

In previous versions of Red Hat Enterprise Linux, Kickstart could be used for upgrading systems. Starting with Red Hat Enterprise Linux 7, this functionality has been removed and system upgrades are instead handled by specialized tools. For details on upgrading to Red Hat Enterprise Linux 8, see Upgrading from RHEL 7 to RHEL 8 and Considerations in adopting RHEL 8.

8.1.2. Automated installation workflow

Kickstart installations can be performed using a local DVD, a local hard drive, or a NFS, FTP, HTTP, or HTTPS server. This section provides a high level overview of Kickstart usage.

  1. Create a Kickstart file. You can write it by hand, copy a Kickstart file saved after a manual installation, or use an online generator tool to create the file, and edit it afterward. See Creating Kickstart files.
  2. Make the Kickstart file available to the installation program on removable media, a hard drive or a network location using an HTTP(S), FTP, or NFS server. See Making Kickstart files available to the installation program.
  3. Create the boot medium which will be used to begin the installation. See Creating a bootable installation medium and Preparing to install from the network using PXE.
  4. Make the installation source available to the installation program. See Creating installation sources for Kickstart installations.
  5. Start the installation using the boot medium and the Kickstart file. See Starting Kickstart installations.

If the Kickstart file contains all mandatory commands and sections, the installation finishes automatically. If one or more of these mandatory parts are missing, or if an error occurs, the installation requires manual intervention to finish.

Note

If you plan to install a Beta release of Red Hat Enterprise Linux, on systems having UEFI Secure Boot enabled, then first disable the UEFI Secure Boot option and then begin the installation.

UEFI Secure Boot requires that the operating system kernel is signed with a recognized private key, which the system’s firware verifies using the corresponding public key. For Red Hat Enterprise Linux Beta releases, the kernel is signed with a Red Hat Beta-specific private key, which the system fails to recognize by default. As a result, the system fails to boot the installation media.

8.2. Creating Kickstart files

You can create a Kickstart file using the following methods:

  • Use the online Kickstart configuration tool.
  • Copy the Kickstart file created as a result of a manual installation.
  • Write the entire Kickstart file manually. Note that editing an already existing file from the other methods is faster, so this method is not recommended.
  • Convert the Red Hat Enterprise Linux 7 Kickstart file for Red Hat Enterprise Linux 8 installation.
  • In case of virtual and cloud environment, create a custom system image, using Image Builder.

Note that some highly specific installation options can be configured only by manual editing of the Kickstart file.

8.2.1. Creating a Kickstart file with the Kickstart configuration tool

Users with a Red Hat Customer Portal account can use the Kickstart Generator tool in the Customer Portal Labs to generate Kickstart files online. This tool will walk you through the basic configuration and enables you to download the resulting Kickstart file.

Note

The tool currently does not support any advanced partitioning.

Prerequisites

  • You must have a Red Hat Customer Portal account and an active Red Hat subscription.

Procedure

  1. Open the Kickstart generator lab information page at https://access.redhat.com/labsinfo/kickstartconfig
  2. Click the Go to Application button to the left of heading and wait for the next page to load.
  3. Select Red Hat Enterprise Linux 8 in the drop-down menu and wait for the page to update.
  4. Describe the system to be installed using the fields in the form.

    You can use the links on the left side of the form to quickly navigate between sections of the form.

  5. To download the generated Kickstart file, click the red Download button at the top of the page.

    Your web browser saves the file.

8.2.2. Creating a Kickstart file by performing a manual installation

The recommended approach to creating Kickstart files is to use the file created by a manual installation of Red Hat Enterprise Linux. After an installation completes, all choices made during the installation are saved into a Kickstart file named anaconda-ks.cfg, located in the /root/ directory on the installed system. You can use this file to reproduce the installation in the same way as before. Alternatively, copy this file, make any changes you need, and use the resulting configuration file for further installations.

Procedure

  1. Install RHEL. For more details, see Performing a standard RHEL installation.

    During the installation, create a user with administrator privileges.

  2. Finish the installation and reboot into the installed system.
  3. Log into the system with the administrator account.
  4. Copy the file /root/anaconda-ks.cfg to a location of your choice.

    • To display the file contents in terminal:

      # cat /root/anaconda-ks.cfg

      You can copy the output and save to another file of your choice.

    • To copy the file to another location, use the file manager. Remember to change permissions on the copy, so that the file can be read by non-root users.
    Caution

    The file contains information about users and passwords.

8.2.3. Converting a RHEL 7 Kickstart file for RHEL 8 installation

You can use the Kickstart Converter tool to convert a RHEL 7 Kickstart file for use in a new RHEL 8 installation. For more information about the tool and how to use it to convert a RHEL 7 Kickstart file, see https://access.redhat.com/labs/kickstartconvert/

8.2.4. Creating a custom image using Image Builder

You can use Red Hat Image Builder to create a customized system image for virtual and cloud deployments.

For more information about creating customized images, using Image Builder, see Composing a customized RHEL system image document.

8.3. Making Kickstart files available to the installation program

The following provides information about making the Kickstart file available to the installation program on the target system.

8.3.1. Ports for network-based installation

The following table lists the ports that must be open on the server providing the files for each type of network-based installation.

Table 8.1. Ports for network-based installation

Protocol usedPorts to open

HTTP

80

HTTPS

443

FTP

21

NFS

2049, 111, 20048

TFTP

69

Additional resources

8.3.2. Making a Kickstart file available on an NFS server

This procedure describes how to store the Kickstart script file on an NFS server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.

Prerequisites

  • You must have administrator level access to a server with Red Hat Enterprise Linux 8 on the local network.
  • The system to be installed must be able to connect to the server.
  • Firewall on the server must allow connections from the system you are installing to.

Procedure

  1. Install the nfs-utils package by running the following command as root:

    # yum install nfs-utils
  2. Copy the Kickstart file to a directory on the NFS server.
  3. Open the /etc/exports file using a text editor and add a line with the following syntax:

    /exported_directory/ clients
  4. Replace /exported_directory/ with the full path to the directory holding the Kickstart file. Instead of clients, use the host name or IP address of the computer that is to be installed from this NFS server, the subnetwork from which all computers are to have access the ISO image, or the asterisk sign (*) if you want to allow any computer with network access to the NFS server to use the ISO image. See the exports(5) man page for detailed information about the format of this field.

    A basic configuration that makes the /rhel8-install/ directory available as read-only to all clients is:

    /rhel8-install *
  5. Save the /etc/exports file and exit the text editor.
  6. Start the nfs service:

    # systemctl start nfs-server.service

    If the service was running before you changed the /etc/exports file, enter the following command, in order for the running NFS server to reload its configuration:

    # systemctl reload nfs-server.service

    The Kickstart file is now accessible over NFS and ready to be used for installation.

Note

When specifying the Kickstart source, use nfs: as the protocol, the server’s host name or IP address, the colon sign (:), and the path inside directory holding the file. For example, if the server’s host name is myserver.example.com and you have saved the file in /rhel8-install/my-ks.cfg, specify inst.ks=nfs:myserver.example.com:/rhel8-install/my-ks.cfg as the installation source boot option.

Additional resources

8.3.3. Making a Kickstart file available on an HTTP or HTTPS server

This procedure describes how to store the Kickstart script file on an HTTP or HTTPS server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.

Prerequisites

  • You must have administrator level access to a server with Red Hat Enterprise Linux 8 on the local network.
  • The system to be installed must be able to connect to the server.
  • Firewall on the server must allow connections from the system you are installing to.

Procedure

  1. Install the httpd package by running the following command as root:

    # yum install httpd
    Warning

    If your Apache web server configuration enables SSL security, verify that you only enable the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1232413 for details.

    Important

    If you use an HTTPS server with a self-signed certificate, you must boot the installation program with the inst.noverifyssl option.

  2. Copy the Kickstart file to the HTTP(S) server into a subdirectory of the /var/www/html/ directory.
  3. Start the httpd service:

    # systemctl start httpd.service

    The Kickstart file is now accessible and ready to be used for installation.

    Note

    When specifying the location of the Kickstart file, use http:// or https:// as the protocol, the server’s host name or IP address, and the path of the Kickstart file, relative to the HTTP server root. For example, if you are using HTTP, the server’s host name is myserver.example.com, and you have copied the Kickstart file as /var/www/html/rhel8-install/my-ks.cfg, specify http://myserver.example.com/rhel8-install/my-ks.cfg as the file location.

Additional resources

8.3.4. Making a Kickstart file available on an FTP server

This procedure describes how to store the Kickstart script file on an FTP server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.

Prerequisites

  • You must have administrator level access to a server with Red Hat Enterprise Linux 8 on the local network.
  • The system to be installed must be able to connect to the server.
  • Firewall on the server must allow connections from the system you are installing to.

Procedure

  1. Install the vsftpd package by running the following command as root:

    # yum install vsftpd
  2. Open and edit the /etc/vsftpd/vsftpd.conf configuration file in