Red Hat Training

A Red Hat training course is available for RHEL 8

Chapter 16. Setting up a remote diskless system

The following sections outline the necessary procedures for deploying remote diskless systems in a network environment. It is useful to implement this solution when you require multiple clients with identical configuration. Also, that will save the cost for hard drives for the number of the clients. Assuming, the server has Red Hat Enterprise Linux 8 operating system installed.

Figure 16.1. Remote diskless system settings diagram

Remote diskless system settings diagram

Note, that gateway might be configured on a separate server.

16.1. Preparing an environment for the remote diskless system

This procedure describes the preparation of the environment for the remote diskless system.

Remote diskless system booting requires both a tftp service (provided by tftp-server) and a DHCP service (provided by dhcp). The tftp service is used to retrieve kernel image and initrd over the network via the PXE loader.

Prerequisites

  • Install the following packages:

    • tftp-server
    • xinetd
    • dhcp-server
    • syslinux
  • Set up the network connection.

Procedure

  1. Install the dracut-network package: 

    # yum install dracut-network

  2. After installing the dracut-network package, add the following line to /etc/dracut.conf: 

    add_dracutmodules+="nfs"
Important

Some RPM packages have started using file capabilities (such as setcap and getcap). However, NFS does not currently support these so attempting to install or update any packages that use file capabilities will fail.

At this point you have the server ready to continue with remote diskless system implementation.

16.2. Configuring a tftp service for diskless clients

This procedure describes how to configure a tftp service for a diskless client.

Prerequisites

To Configure tftp

  1. Enable PXE booting over the network: 

    # systemctl enable --now tftp

  2. The tftp root directory (chroot) is located in /var/lib/tftpboot. Copy /usr/share/syslinux/pxelinux.0 to /var/lib/tftpboot/: 

    # cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

  3. Copy /usr/share/syslinux/ldlinux.c32 to /var/lib/tftpboot/: 

    # cp /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/

  4. Create a pxelinux.cfg directory inside the tftp root directory: 

    # mkdir -p /var/lib/tftpboot/pxelinux.cfg/
  5. After configuring tftp for diskless clients, configure DHCP, NFS, and the exported file system accordingly.

16.3. Configuring DHCP server for diskless clients

This procedure describes how to configure DHCP for a diskless system.

Prerequisites

Procedure

  1. Set up a DHCP server and enable PXE booting by adding the following configuration to /etc/dhcp/dhcpd.conf: 

    allow booting;
allow bootp;
subnet 192.168.205.0 netmask 255.255.255.0 {
  pool
  {
    range 192.168.205.10 192.168.205.25;
  }

  option subnet-mask 255.255.255.0;
  option routers 192.168.205.1;
}
class "pxeclients" {
   match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
   next-server server-ip;
   filename "pxelinux.0";
}

    This configuration will not boot over UEFI. To perform installation for UEFI, follow the procedure from this documentation: Configuring a TFTP server for UEFI-based clients. Also, note that the /etc/dhcp/dhcpd.conf is an example file.

    Note

    When libvirt virtual machines are used as a diskless client, libvirt provides the DHCP service and the stand alone DHCP server is not used. In this situation, network booting must be enabled with the bootp file='filename' option in the libvirt network configuration, virsh net-edit.

  2. Enable dhcpd.service by entering the following command: 

    # systemctl enable --now dhcpd.service

16.4. Configuring an exported file system for diskless clients

This procedure describes how to configure an exported file system for diskless client.

Prerequisites

Procedure

  1. Configure the NFS server to export the root directory by adding it to /etc/exports. For the instructions see NFS server configuration.

  2. To accommodate completely diskless clients, the root directory should contain a complete Red Hat Enterprise Linux installation. You can either install a new base system or clone an existing installation:

    • To install Red Hat Enterprise Linux to the exported location, use the yum utility with the --installroot option: 

      # yum install @Base kernel dracut-network nfs-utils \
      --installroot=exported-root-directory --releasever=/

    • To synchronize with a running system, use the rsync utility: 

      # rsync -a -e ssh --exclude='/proc/' --exclude='/sys/' \
       example.com:/  exported-root-directory
      • Replace example.com with the hostname of the running system with which to synchronize via the rsync utility.

      • Replace exported-root-directory with the path to the exported file system.

        Note, that for this option you must have a separate existing running system, which you will clone to the server by the command above.

The file system to be exported still needs to be configured further before it can be used by diskless clients. To do this, perform the following procedure:

Configure File System

  1. Select the kernel that diskless clients should use (vmlinuz-kernel-version) and copy it to the tftp boot directory: 

    # cp /exported-root-directory/boot/vmlinuz-kernel-version /var/lib/tftpboot/

  2. Create the initrd (that is, initramfs-kernel-version.img) with NFS support: 

    # dracut --add nfs initramfs-kernel-version.img kernel-version

  3. Change file permissions for initrd to 644 using the following command: 

    # chmod 644 /exported-root-directory/boot/initramfs-<kernel-version>.img
    Warning

    If you do not change the initrd’s file permissions, the pxelinux.0 boot loader will fail with a "file not found" error.

  4. Copy the resulting initramfs-kernel-version.img into the tftp boot directory: 

    # cp /exported-root-directory/boot/initramfs-kernel-version.img /var/lib/tftpboot/

  5. Edit the default boot configuration to use the initrd and kernel in the /var/lib/tftpboot/ directory. This configuration should instruct the diskless client’s root to mount the exported file system (/exported-root-directory) as read-write. Add the following configuration in the /var/lib/tftpboot/pxelinux.cfg/default file: 

    default rhel8

label rhel8
  kernel vmlinuz-kernel-version
  append initrd=initramfs-kernel-version.img root=nfs:server-ip:/exported-root-directory rw

    Replace server-ip with the IP address of the host machine on which the tftp and DHCP services reside.

  6. Optionally, you can mount the system in read-only format by using the following configuration in the /var/lib/tftpboot/pxelinux.cfg/default file: 

    default rhel8

label rhel8
  kernel vmlinuz-kernel-version
  append initrd=initramfs-kernel-version.img root=nfs:server-ip:/exported-root-directory ro
  7. Reboot the NFS server.

The NFS share is now ready for exporting to diskless clients. These clients can boot over the network via PXE.

16.5. Re-configuring a remote diskless system

You need to re-configure the system in some cases. The steps below show how to change the password for a user, how to install software on a system and describe how to split system into a /usr that is in read-only mode and a /var that is in read-write mode.

Prerequisites

  • no_root_squash option is enabled in the exported file system.

Procedure

  1. To change the user password, follow the steps below:

    • Change the command line to /exported/root/directory: 

      # chroot /exported/root/directory /bin/bash

    • Change the password for the user you want: 

      # passwd <username>

      Replace the <username> with a real user to whom you want to change the password.

    • Exit the command line: 

      # exit

  2. To install software to a remote diskless system, use the following command: 

    # yum install <package> --installroot=/exported/root/directory --releasever=/ --config /etc/dnf/dnf.conf --setopt=reposdir=/etc/yum.repos.d/

    Replace <package> with the actual package you want to install.

  3. To split a remote diskless system into a /usr and a /var you must configure two separate exports. Read NFS server configuration documentation for details.

16.6. The most common issues with loading a remote diskless system

The following section describes the issues during loading the remote diskless system on a diskless client and shows the possible solution for them.

16.6.1. The client does not get an IP address

To troubleshoot that problem:

  1. Check if the DHCP service is enabled on the server.

    • Check if the dhcp.service is running: 

      # systemctl status dhcpd.service

    • If the dhcp.service is inactive, you must enable and start it: 

      # systemctl enable dhcpd.service
# systemctl start dhcpd.service

      Reboot the diskless client.

  2. If the problem remains, check the DHCP configurational file /etc/dhcp/dhcpd.conf on a server. For more information, see Section 16.3, “Configuring DHCP server for diskless clients”.

  3. Check if the Firewall ports are opened.

    • Check if the tftp.service is listed in active services: 

      # firewall-cmd --get-active-zones
# firewall-cmd --info-zone=public

    • If the tftp.service is not listed in active services, add it to the list: 

      # firewall-cmd --add-service=tftp

    • Check if the nfs.service is listed in active services: 

      # firewall-cmd --get-active-zones
# firewall-cmd --info-zone=public

    • If the nfs.service is not listed in active services, add it to the list: 

      # firewall-cmd --add-service=nfs

16.6.2. The files are not available during the booting a remote diskless system

To troubleshoot this problem:

  1. Check if the file is in place. The location on a server /var/lib/tftpboot/.

  2. If the file is in place, check its permissions: 

    # chmod 644 pxelinux.0
  3. Check if the Firewall ports are opened.

16.6.3. System boot failed after loading kernel/initrd

To troubleshoot this problem:

  1. Check if NFS service is enabled on a server.

    • Check if nfs.service is running: 

      # systemctl status nfs.service

    • If the nfs.service is inactive, you must enable and start it: 

      # systemctl enable nfs.service
# systemctl start nfs.service
  2. Check if the parameters are correct in pxelinux.cfg. For more details, see Section 16.4, “Configuring an exported file system for diskless clients”.
  3. Check if the Firewall ports are opened.