Red Hat Training

A Red Hat training course is available for RHEL 8

Chapter 20. Setting up a remote diskless system

In a network environment, you can setup multiple clients with the identical configuration by deploying a remote diskless system. By using current Red Hat Enterprise Linux server version, you can save the cost of hard drives for these clients as well as configure the gateway on a separate server.

The following diagram describes the connection of a diskless client with the server through Dynamic Host Configuration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP) services.

Figure 20.1. Remote diskless system settings diagram

Remote diskless system settings diagram

20.1. Preparing environments for the remote diskless system

Prepare your environment to be able to continue with remote diskless system implementation. The remote diskless system booting requires a Trivial File Transfer Protocol (TFTP) service (provided by tftp-server) and a Dynamic Host Configuration Protocol (DHCP) service (provided by dhcp). The system uses the tftp service to retrieve the kernel image and the initial RAM disk, initrd, over the network, through the Preboot Execution Environment (PXE) loader.

Important

To ensure correct functionality of the remote diskless system in your environment, configure services in the following order:

  1. tftp service for diskless clients
  2. the DHCP server
  3. the Network File System (NFS)
  4. the exported file system.

Prerequisites

  • You have installed the following package:

    • xinetd
  • You have set up your network connection.

Procedure

  1. Install the dracut-network package:

    # yum install dracut-network
  2. Add the following line to the /etc/dracut.conf.d/network.conf file:

    add_dracutmodules+=" nfs "

20.2. Configuring a TFTP service for diskless clients

For the remote diskless system to function correctly in your environment, you need to first configure a Trivial File Transfer Protocol (TFTP) service for diskless clients.

Note

This configuration does not boot over the Unified Extensible Firmware Interface (UEFI). For UEFI based installation. see Configuring a TFTP server for UEFI-based clients.

Prerequisites

  • You have installed the following packages:

    • tftp-server
    • syslinux
    • xinetd

Procedure

  1. Enable the tftp service:

    # systemctl enable --now tftp
  2. Create a pxelinux directory inside the tftp root directory:

    # mkdir -p /var/lib/tftpboot/pxelinux/
  3. Copy the /usr/share/syslinux/pxelinux.0 file to the /var/lib/tftpboot/pxelinux/ directory:

    # cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/pxelinux/
    • You can find the tftp root directory (chroot) in the /var/lib/tftpboot directory.
  4. Copy /usr/share/syslinux/ldlinux.c32 to /var/lib/tftpboot/pxelinux/:

    # cp /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/pxelinux/
  5. Create a pxelinux.cfg directory inside the tftp root directory:

    # mkdir -p /var/lib/tftpboot/pxelinux/pxelinux.cfg/

    This configuration does not boot over the Unified Extensible Firmware Interface (UEFI). To perform the installation for UEFI, follow the procedure in Configuring a TFTP server for UEFI-based clients.

Verification

  • Check status of service tftp:

    # systemctl status tftp
    ...
    Active: active (running)
    ...

20.3. Configuring a DHCP server for diskless clients

The remote diskless system requires several pre–installed services to enable correct functionality. First, you need to install the Trivial File Transfer Protocol (TFTP) service, and then configure the Dynamic Host Configuration Protocol (DHCP) server.

Prerequisites

Procedure

  1. Add the configuration to the /etc/dhcp/dhcpd.conf file to setup a DHCP server and enable Preboot Execution Environment (PXE) for booting:

    option space pxelinux;
    option pxelinux.magic code 208 = string;
    option pxelinux.configfile code 209 = text;
    option pxelinux.pathprefix code 210 = text;
    option pxelinux.reboottime code 211 = unsigned integer 32;
    option architecture-type code 93 = unsigned integer 16;
    
    subnet 192.168.205.0 netmask 255.255.255.0 {
      option routers 192.168.205.1;
      range 192.168.205.10 192.168.205.25;
    
      class "pxeclients" {
        match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
        next-server 192.168.205.1;
    
        if option architecture-type = 00:07 {
          filename "BOOTX64.efi";
          } else {
          filename "pxelinux/pxelinux.0";
        }
      }
    }
    • Your DHCP configuration might be different depending on your environment, like setting lease time or fixed address. For details, see Providing DHCP services.

      Note

      While using libvirt virtual machine as a diskless client, the libvirt daemon provides the DHCP service, and the standalone DHCP server is not used. In this situation, network booting must be enabled with the bootp file=<filename> option in the libvirt network configuration, virsh net-edit.

  2. Enable dhcpd.service:

    # systemctl enable --now dhcpd.service

Verification

  • Check the status of service dhcpd.service:

    # systemctl status dhcpd.service
    ...
    Active: active (running)
    ...

20.4. Configuring an exported file system for diskless clients

As a part of configuring a remote diskless system in your environment, you must configure an exported file system for diskless clients.

Prerequisites

Procedure

  1. Configure the Network File System (NFS) server to export the root directory by adding it to the /etc/exports directory. For the complete set of instructions see Deploying an NFS server.
  2. Install a complete version of Red Hat Enterprise Linux to the root directory to accommodate completely diskless clients. To do that you can either install a new base system or clone an existing installation.

    • Install Red Hat Enterprise Linux to the exported location by replacing exported-root-directory with the path to the exported file system:

      # yum install @Base kernel dracut-network nfs-utils --installroot=exported-root-directory --releasever=/

      By setting the releasever option to /, releasever is detected from the host (/) system.

    • Use the rsync utility to synchronize with a running system:

      # rsync -a -e ssh --exclude='/proc/' --exclude='/sys/' \ example.com:/ exported-root-directory
      • Replace example.com with the hostname of the running system with which to synchronize via the rsync utility.
      • Replace exported-root-directory with the path to the exported file system.

        Note, that for this option you must have a separate existing running system, which you will clone to the server by the command above.

You need to fully configure the file system, that is ready for export, before you can use it with diskless clients. Follow the procedure below to complete the configuration.

Configuring a File System

  1. Copy the diskless client supported kernel (vmlinuz-_kernel-version_pass:attributes) to the tftp boot directory:

    # cp /exported-root-directory/boot/vmlinuz-kernel-version /var/lib/tftpboot/pxelinux/
  2. Create the initramfs-kernel-version.img file locally and move it to the exported root directory with NFS support:

    # dracut --add nfs initramfs-kernel-version.img kernel-version

    For example:

    # dracut --add nfs /exports/root/boot/initramfs-5.14.0-202.el9.x86_64.img 5.14.0-202.el9.x86_64

    Example for creating initrd, using current running kernel version, and overwriting existing image:

    # dracut -f --add nfs "boot/initramfs-$(uname -r).img" "$(uname -r)"
  3. Change the file permissions for initrd to 0644:

    # chmod 0644 /exported-root-directory/boot/initramfs-kernel-version.img
    Warning

    If you do not change the initrd file permissions, the pxelinux.0 boot loader fails with a "file not found" error.

  4. Copy the resulting initramfs-kernel-version.img file into the tftp boot directory:

    # cp /exported-root-directory/boot/initramfs-kernel-version.img /var/lib/tftpboot/pxelinux/
  5. Add the following configuration in the /var/lib/tftpboot/pxelinux/pxelinux.cfg/default file to edit the default boot configuration for using the initrd and the kernel:

    default menu.c32
    prompt 0
    menu title PXE Boot Menu
    ontimeout rhel8-over-nfsv4.2
    timeout 120
    label rhel8-over-nfsv4.2
      menu label Install diskless rhel8{} nfsv4.2{}
      kernel $vmlinuz
      append initrd=$initramfs root=nfs4:$nfsserv:/:vers=4.2,rw rw panic=60 ipv6.disable=1 console=tty0 console=ttyS0,115200n8
    label rhel8-over-nfsv3
      menu label Install diskless rhel8{} nfsv3{}
      kernel $vmlinuz
      append initrd=$initramfs root=nfs:$nfsserv:$nfsroot:vers=3,rw rw panic=60 ipv6.disable=1 console=tty0 console=ttyS0,115200n8
    • This configuration instructs the diskless client root to mount the exported file system (/exported-root-directory) in a read/write format.
  6. Optional: Mount the file system in a read-only format by editing the /var/lib/tftpboot/pxelinux/pxelinux.cfg/default file with the following configuration:

    default rhel8
    
    label rhel8
      kernel vmlinuz-kernel-version
      append initrd=initramfs-kernel-version.img root=nfs:server-ip:/exported-root-directory ro
  7. Restart the NFS server:

    # systemctl restart nfs-server.service

You can now export the NFS share to diskless clients. These clients can boot over the network via Preboot Execution Environment (PXE).

20.5. Re-configuring a remote diskless system

If you want to install package updates, service restart, or debug the issues, you can reconfigure the system. The steps below show how to change the password for a user, how to install software on a system, describe how to split a system into a /usr that is in read-only mode and a /var that is in read-write mode.

Prerequisites

  • You have enabled the no_root_squash option in the exported file system.

Procedure

  1. To change the user password, follow the steps below:

    • Change the command line to /exported/root/directory:

      # chroot /exported/root/directory /bin/bash
    • Change the password for the user you want:

      # passwd <username>

      Replace the <username> with a real user to whom you want to change the password.

    • Exit the command line.
  2. Install software on a remote diskless system:

    # yum install <package> --installroot=/exported/root/directory --releasever=/ --config /etc/dnf/dnf.conf --setopt=reposdir=/etc/yum.repos.d/
    • Replace <package> with the actual package you want to install.
  3. Configure two separate exports to split a remote diskless system into a /usr and a /var. See Deploying an NFS server.

20.6. Troubleshooting common issues with loading a remote diskless system

Based on the earlier configuration, some issues can occur while loading the remote diskless system. Following are some examples of the most common issues and ways to troubleshoot them on a Red Hat Enterprise Linux server.

Example 20.1. The client does not get an IP address

  • Check if the Dynamic Host Configuration Protocol (DHCP) service is enabled on the server.

    • Check if the dhcp.service is running:

      # systemctl status dhcpd.service
    • If the dhcp.service is inactive, you must enable and start it:

      # systemctl enable dhcpd.service
      # systemctl start dhcpd.service
    • Reboot the diskless client.
    • Check the DHCP configuration file /etc/dhcp/dhcpd.conf. For details, see Configuring a DHCP server for diskless clients.
  • Check if the Firewall ports are opened.

    • Check if the dhcp.service is listed in active services:

      # firewall-cmd --get-active-zones
      # firewall-cmd --info-zone=public
    • If the dhcp.service is not listed in active services, add it to the list:

      # firewall-cmd --add-service=dhcp --permanent
    • Check if the nfs.service is listed in active services:

      # firewall-cmd --get-active-zones
      # firewall-cmd --info-zone=public
    • If the nfs.service is not listed in active services, add it to the list:

      # firewall-cmd --add-service=nfs --permanent

Example 20.2. The file is not available during the booting a remote diskless system

  1. Check if the file is in the /var/lib/tftpboot/ directory.
  2. If the file is in the directory, check the permission:

    # chmod 644 pxelinux.0
  3. Check if the Firewall ports are opened.

Example 20.3. System boot failed after loading kernel/initrd

  1. Check if the NFS service is enabled on a server.

    1. Check if nfs.service is running:

      # systemctl status nfs.service
    2. If the nfs.service is inactive, you must start and enable it:

      # systemctl start nfs.service
      # systemctl enable nfs.service
  2. Check if the parameters are correct in the /var/lib/tftpboot/pxelinux.cfg/ directory. For details, see Configuring an exported file system for diskless clients.
  3. Check if the Firewall ports are opened.