Chapter 15. Preparing to install from the network using PXE

This section describes how to configure TFTP and DHCP on a PXE server to enable PXE boot and network installation.

15.1. Network install overview

A network installation allows you to install Red Hat Enterprise Linux to a system that has access to an installation server. At a minimum, two systems are required for a network installation:

Server
A system running a DHCP server, an HTTP, HTTPS, FTP, or NFS server, and in the PXE boot case, a TFTP server. Although each server can run on a different physical system, the procedures in this section assume a single system is running all servers.
Client
The system to which you are installing Red Hat Enterprise Linux. Once installation starts, the client queries the DHCP server, receives the boot files from the HTTP or TFTP server, and downloads the installation image from the HTTP, HTTPS, FTP or NFS server. Unlike other installation methods, the client does not require any physical boot media for the installation to start.
Note

To boot a client from the network, enable network boot in the firmware or in a quick boot menu on the client. On some hardware, the option to boot from a network might be disabled, or not available.

The workflow steps to prepare to install Red Hat Enterprise Linux from a network using HTTP or PXE are as follows:

Steps

  1. Export the installation ISO image or the installation tree to an NFS, HTTPS, HTTP, or FTP server.
  2. Configure the HTTP or TFTP server and DHCP server, and start the HTTP or TFTP service on the server.
  3. Boot the client and start the installation.

You can choose between the following network boot protocols:

HTTP
Red Hat recommends using HTTP boot if your client UEFI supports it. HTTP boot is usually more reliable.
PXE (TFTP)
PXE boot is more widely supported by client systems, but sending the boot files over this protocol might be slow and result in timeout failures.

Additional resources

15.2. Configuring the DHCPv4 server for HTTP and PXE boot

Enable the DHCP version 4 (DHCPv4) service on your server, so that it can provide network boot functionality.

Prerequisites

  • You are preparing network installation over the IPv4 protocol.

    For IPv6, see Configuring the DHCPv6 server for HTTP and PXE boot instead.

  • Find the network addresses of the server.

    In the following examples, the server has a network card with this configuration:

    IPv4 address
    192.168.124.2/24
    IPv4 gateway
    192.168.124.1

Procedure

  1. Install the DHCP server: 

    yum install dhcp-server

  2. Set up a DHCPv4 server. Enter the following configuration in the /etc/dhcp/dhcpd.conf file. Replace the addresses to match your network card. 

    option architecture-type code 93 = unsigned integer 16;

subnet 192.168.124.0 netmask 255.255.255.0 {
  option routers 192.168.124.1;
  option domain-name-servers 192.168.124.1;
  range 192.168.124.100 192.168.124.200;
  class "pxeclients" {
    match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
    next-server 192.168.124.2;
          if option architecture-type = 00:07 {
            filename "redhat/EFI/BOOT/BOOTX64.EFI";
          }
          else {
            filename "pxelinux/pxelinux.0";
          }
  }
  class "httpclients" {
    match if substring (option vendor-class-identifier, 0, 10) = "HTTPClient";
    option vendor-class-identifier "HTTPClient";
    filename "http://192.168.124.2/redhat/EFI/BOOT/BOOTX64.EFI";
  }
}

  3. Start the DHCPv4 service: 

    # systemctl enable --now dhcpd

15.3. Configuring the DHCPv6 server for HTTP and PXE boot

Enable the DHCP version 6 (DHCPv4) service on your server, so that it can provide network boot functionality.

Prerequisites

  • You are preparing network installation over the IPv6 protocol.

    For IPv4, see Configuring the DHCPv4 server for HTTP and PXE boot instead.

  • Find the network addresses of the server.

    In the following examples, the server has a network card with this configuration:

    IPv6 address
    fd33:eb1b:9b36::2/64
    IPv6 gateway
    fd33:eb1b:9b36::1

Procedure

  1. Install the DHCP server: 

    yum install dhcp-server

  2. Set up a DHCPv6 server. Enter the following configuration in the /etc/dhcp/dhcpd6.conf file. Replace the addresses to match your network card. 

    option dhcp6.bootfile-url code 59 = string;
option dhcp6.vendor-class code 16 = {integer 32, integer 16, string};

subnet6 fd33:eb1b:9b36::/64 {
        range6 fd33:eb1b:9b36::64 fd33:eb1b:9b36::c8;

        class "PXEClient" {
                match substring (option dhcp6.vendor-class, 6, 9);
        }

        subclass "PXEClient" "PXEClient" {
                option dhcp6.bootfile-url "tftp://[fd33:eb1b:9b36::2]/redhat/EFI/BOOT/BOOTX64.EFI";
        }

        class "HTTPClient" {
                match substring (option dhcp6.vendor-class, 6, 10);
        }

        subclass "HTTPClient" "HTTPClient" {
                option dhcp6.bootfile-url "http://[fd33:eb1b:9b36::2]/redhat/EFI/BOOT/BOOTX64.EFI";
                option dhcp6.vendor-class 0 10 "HTTPClient";
        }
}

  3. Start the DHCPv6 service: 

    # systemctl enable --now dhcpd6

  4. If DHCPv6 packets are dropped by the RP filter in the firewall, check its log. If the log contains the rpfilter_DROP entry, disable the filter using the following configuration in the /etc/firewalld/firewalld.conf file: 

    IPv6_rpfilter=no

15.4. Configuring a TFTP server for BIOS-based clients

Use this procedure to configure a TFTP server and DHCP server and start the TFTP service on the PXE server for BIOS-based AMD and Intel 64-bit systems.

Important

All configuration files in this section are examples. Configuration details vary and are dependent on the architecture and specific requirements.

Procedure

  1. As root, install the following package. 

    # yum install tftp-server

  2. Allow incoming connections to the tftp service in the firewall: 

    # firewall-cmd --add-service=tftp
    Note
    • This command enables temporary access until the next server reboot. To enable permanent access, add the --permanent option to the command.
    • Depending on the location of the installation ISO file, you might have to allow incoming connections for HTTP or other services.

  3. Access the pxelinux.0 file from the SYSLINUX package in the DVD ISO image file, where my_local_directory is the name of the directory that you create: 

    # mount -t iso9660 /path_to_image/name_of_image.iso /mount_point -o loop,ro
    # cp -pr /mount_point/BaseOS/Packages/syslinux-tftpboot-version-architecture.rpm /my_local_directory
    # umount /mount_point

  4. Extract the package: 

    # rpm2cpio syslinux-tftpboot-version-architecture.rpm | cpio -dimv

  5. Create a pxelinux/ directory in tftpboot/ and copy all the files from the directory into the pxelinux/ directory: 

    # mkdir /var/lib/tftpboot/pxelinux
    # cp /my_local_directory/tftpboot/* /var/lib/tftpboot/pxelinux

  6. Create the directory pxelinux.cfg/ in the pxelinux/ directory: 

    # mkdir /var/lib/tftpboot/pxelinux/pxelinux.cfg

  7. Create a configuration file named default and add it to the pxelinux.cfg/ directory as shown in the following example: 

    default vesamenu.c32
prompt 1
timeout 600

display boot.msg

label linux
  menu label ^Install system
  menu default
  kernel images/RHEL-8/vmlinuz
  append initrd=images/RHEL-8/initrd.img ip=dhcp inst.repo=http://192.168.124.2/RHEL-8/x86_64/iso-contents-root/
label vesa
  menu label Install system with ^basic video driver
  kernel images/RHEL-8/vmlinuz
  append initrd=images/RHEL-8/initrd.img ip=dhcp inst.xdriver=vesa nomodeset inst.repo=http://192.168.124.2/RHEL-8/x86_64/iso-contents-root/
label rescue
  menu label ^Rescue installed system
  kernel images/RHEL-8/vmlinuz
  append initrd=images/RHEL-8/initrd.img inst.rescue
  inst.repo=http:///192.168.124.2/RHEL-8/x86_64/iso-contents-root/
label local
  menu label Boot from ^local drive
  localboot 0xffff
    Note
    • The installation program cannot boot without its runtime image. Use the inst.stage2 boot option to specify location of the image. Alternatively, you can use the inst.repo= option to specify the image as well as the installation source.
    • The installation source location used with inst.repo must contain a valid .treeinfo file.
    • When you select the RHEL8 installation DVD as the installation source, the .treeinfo file points to the BaseOS and the AppStream repositories. You can use a single inst.repo option to load both repositories.

  8. Create a subdirectory to store the boot image files in the /var/lib/tftpboot/ directory, and copy the boot image files to the directory. In this example, the directory is /var/lib/tftpboot/pxelinux/images/RHEL-8/: 

    # mkdir -p /var/lib/tftpboot/pxelinux/images/RHEL-8/
# cp /path_to_x86_64_images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/pxelinux/images/RHEL-8/

  9. Start and enable the tftp.socket service: 

    # systemctl enable --now tftp.socket

    The PXE boot server is now ready to serve PXE clients. You can start the client, which is the system to which you are installing Red Hat Enterprise Linux, select PXE Boot when prompted to specify a boot source, and start the network installation.

15.5. Configuring a TFTP server for UEFI-based clients

Use this procedure to configure a TFTP server and DHCP server and start the TFTP service on the PXE server for UEFI-based AMD64, Intel 64, and 64-bit ARM systems.

Important
  • All configuration files in this section are examples. Configuration details vary and are dependent on the architecture and specific requirements.
  • Red Hat Enterprise Linux 8 UEFI PXE boot supports a lowercase file format for a MAC-based grub menu file. For example, the MAC address file format for grub2 is grub.cfg-01-aa-bb-cc-dd-ee-ff

Procedure

  1. As root, install the following package. 

    # yum install tftp-server

  2. Allow incoming connections to the tftp service in the firewall: 

    # firewall-cmd --add-service=tftp
    Note
    • This command enables temporary access until the next server reboot. To enable permanent access, add the --permanent option to the command.
    • Depending on the location of the installation ISO file, you might have to allow incoming connections for HTTP or other services.

  3. Access the EFI boot image files from the DVD ISO image: 

    # mount -t iso9660 /path_to_image/name_of_image.iso /mount_point -o loop,ro

  4. Copy the EFI boot images from the DVD ISO image: 

    # mkdir /var/lib/tftpboot/redhat
# cp -r /mount_point/EFI /var/lib/tftpboot/redhat/
# umount /mount_point

  5. Fix the permissions of the copied files: 

    # chmod -R 755 /var/lib/tftpboot/redhat/

  6. Replace the content of /var/lib/tftpboot/redhat/EFI/BOOT/grub.cfg with the following example: 

    set timeout=60
menuentry 'RHEL 8' {
  linuxefi images/RHEL-8/vmlinuz ip=dhcp inst.repo=http://192.168.124.2/RHEL-8/x86_64/iso-contents-root/
  initrdefi images/RHEL-8/initrd.img
}
    Note
    • The installation program cannot boot without its runtime image. Use the inst.stage2 boot option to specify location of the image. Alternatively, you can use the inst.repo= option to specify the image as well as the installation source.
    • The installation source location used with inst.repo must contain a valid .treeinfo file.
    • When you select the RHEL8 installation DVD as the installation source, the .treeinfo file points to the BaseOS and the AppStream repositories. You can use a single inst.repo option to load both repositories.

  7. Create a subdirectory to store the boot image files in the /var/lib/tftpboot/ directory, and copy the boot image files to the directory. In this example, the directory is /var/lib/tftpboot/images/RHEL-8/: 

    # mkdir -p /var/lib/tftpboot/images/RHEL-8/
# cp /path_to_x86_64_images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/images/RHEL-8/

  8. Start and enable the tftp.socket service: 

    # systemctl enable --now tftp.socket

    The PXE boot server is now ready to serve PXE clients. You can start the client, which is the system to which you are installing Red Hat Enterprise Linux, select PXE Boot when prompted to specify a boot source, and start the network installation.

Additional resources

15.6. Configuring a network server for IBM Power systems

Use this procedure to configure a network boot server for IBM Power systems using GRUB2.

Important

All configuration files in this section are examples. Configuration details vary and are dependent on the architecture and specific requirements.

Procedure

  1. As root, install the following packages: 

    # yum install tftp-server dhcp-server

  2. Allow incoming connections to the tftp service in the firewall: 

    # firewall-cmd --add-service=tftp
    Note
    • This command enables temporary access until the next server reboot. To enable permanent access, add the --permanent option to the command.
    • Depending on the location of the installation ISO file, you might have to allow incoming connections for HTTP or other services.

  3. Create a GRUB2 network boot directory inside the TFTP root: 

    # grub2-mknetdir --net-directory=/var/lib/tftpboot
Netboot directory for powerpc-ieee1275 created. Configure your DHCP server to point to /boot/grub2/powerpc-ieee1275/core.elf
    Note

    The command output informs you of the file name that needs to be configured in your DHCP configuration, described in this procedure.

    1. If the PXE server runs on an x86 machine, the grub2-ppc64-modules must be installed before creating a GRUB2 network boot directory inside the tftp root: 

      # yum install grub2-ppc64-modules

  4. Create a GRUB2 configuration file: /var/lib/tftpboot/boot/grub2/grub.cfg as shown in the following example: 

    set default=0
set timeout=5

echo -e "\nWelcome to the Red Hat Enterprise Linux 8 installer!\n\n"

menuentry 'Red Hat Enterprise Linux 8' {
  linux grub2-ppc64/vmlinuz ro ip=dhcp inst.repo=http://192.168.124.2/RHEL-8/x86_64/iso-contents-root/
  initrd grub2-ppc64/initrd.img
}
    Note
    • The installation program cannot boot without its runtime image. Use the inst.stage2 boot option to specify location of the image. Alternatively, you can use the inst.repo= option to specify the image as well as the installation source.
    • The installation source location used with inst.repo must contain a valid .treeinfo file.
    • When you select the RHEL8 installation DVD as the installation source, the .treeinfo file points to the BaseOS and the AppStream repositories. You can use a single inst.repo option to load both repositories.

  5. Mount the DVD ISO image using the command: 

    # mount -t iso9660 /path_to_image/name_of_iso/ /mount_point -o loop,ro

  6. Create a directory and copy the initrd.img and vmlinuz files from DVD ISO image into it, for example: 

    # cp /mount_point/ppc/ppc64/{initrd.img,vmlinuz} /var/lib/tftpboot/grub2-ppc64/

  7. Configure your DHCP server to use the boot images packaged with GRUB2 as shown in the following example. Note that if you already have a DHCP server configured, then perform this step on the DHCP server.

    TODO: This DHCP configuration must be different from the other, regular BIOS and UEFI entries, right? 

    subnet 192.168.0.1 netmask 255.255.255.0 {
  allow bootp;
  option routers 192.168.0.5;
  group { #BOOTP POWER clients
    filename "boot/grub2/powerpc-ieee1275/core.elf";
    host client1 {
    hardware ethernet 01:23:45:67:89:ab;
    fixed-address 192.168.0.112;
    }
  }
}
  8. Adjust the sample parameters subnet, netmask, routers, fixed-address and hardware ethernet to fit your network configuration. Note the file name parameter; this is the file name that was outputted by the grub2-mknetdir command earlier in this procedure.

  9. On the DHCP server, start and enable the dhcpd service. If you have configured a DHCP server on the localhost, then start and enable the dhcpd service on the localhost. 

    # systemctl enable --now dhcpd

  10. Start and enable the tftp.socket service: 

    # systemctl enable --now tftp.socket

    The PXE boot server is now ready to serve PXE clients. You can start the client, which is the system to which you are installing Red Hat Enterprise Linux, select PXE Boot when prompted to specify a boot source, and start the network installation.