Red Hat Training

A Red Hat training course is available for RHEL 8

Chapter 8. Performing an automated installation using Kickstart

8.1. Kickstart installation basics

The following provides basic information about Kickstart and how to use it to automate installing Red Hat Enterprise Linux.

8.1.1. What are Kickstart installations

Kickstart provides a way to automate the RHEL installation process, either partially or fully.

Kickstart files contain some or all of the RHEL installation options. For example, the time zone, how the drives should be partitioned, or which packages should be installed. Providing a prepared Kickstart file allows an installation without the need for any user intervention. This is especially useful when deploying Red Hat Enterprise Linux on a large number of systems at once.

Kickstart files also provide more options regarding software selection. When installing Red Hat Enterprise Linux manually using the graphical installation interface, the software selection is limited to pre-defined environments and add-ons. A Kickstart file allows you to install or remove individual packages as well.

Kickstart files can be kept on a single server system and read by individual computers during the installation. This installation method supports the use of a single Kickstart file to install Red Hat Enterprise Linux on multiple machines, making it ideal for network and system administrators.

All Kickstart scripts and log files of their execution are stored in the /tmp directory of the newly installed system to assist with debugging installation issues.

Note

In previous versions of Red Hat Enterprise Linux, Kickstart could be used for upgrading systems. Starting with Red Hat Enterprise Linux 7, this functionality has been removed and system upgrades are instead handled by specialized tools. For details on upgrading to Red Hat Enterprise Linux 8, see Upgrading from RHEL 7 to RHEL 8 and Considerations in adopting RHEL 8.

8.1.2. Automated installation workflow

Kickstart installations can be performed using a local DVD, a local hard drive, or a NFS, FTP, HTTP, or HTTPS server. This section provides a high level overview of Kickstart usage.

  1. Create a Kickstart file. You can write it by hand, copy a Kickstart file saved after a manual installation, or use an online generator tool to create the file, and edit it afterward. See Creating Kickstart files.
  2. Make the Kickstart file available to the installation program on removable media, a hard drive or a network location using an HTTP(S), FTP, or NFS server. See Making Kickstart files available to the installation program.
  3. Create the boot medium which will be used to begin the installation. See Creating a bootable installation medium and Preparing to install from the network using PXE.
  4. Make the installation source available to the installation program. See Creating installation sources for Kickstart installations.
  5. Start the installation using the boot medium and the Kickstart file. See Starting Kickstart installations.

If the Kickstart file contains all mandatory commands and sections, the installation finishes automatically. If one or more of these mandatory parts are missing, or if an error occurs, the installation requires manual intervention to finish.

Note

If you plan to install a Beta release of Red Hat Enterprise Linux, on systems having UEFI Secure Boot enabled, then first disable the UEFI Secure Boot option and then begin the installation.

UEFI Secure Boot requires that the operating system kernel is signed with a recognized private key, which the system’s firware verifies using the corresponding public key. For Red Hat Enterprise Linux Beta releases, the kernel is signed with a Red Hat Beta-specific private key, which the system fails to recognize by default. As a result, the system fails to boot the installation media.

8.2. Creating Kickstart files

You can create a Kickstart file using the following methods:

  • Use the online Kickstart configuration tool.
  • Copy the Kickstart file created as a result of a manual installation.
  • Write the entire Kickstart file manually. Note that editing an already existing file from the other methods is faster, so this method is not recommended.
  • Convert the Red Hat Enterprise Linux 7 Kickstart file for Red Hat Enterprise Linux 8 installation.
  • In case of virtual and cloud environment, create a custom system image, using Image Builder.

Note that some highly specific installation options can be configured only by manual editing of the Kickstart file.

8.2.1. Creating a Kickstart file with the Kickstart configuration tool

Users with a Red Hat Customer Portal account can use the Kickstart Generator tool in the Customer Portal Labs to generate Kickstart files online. This tool will walk you through the basic configuration and enables you to download the resulting Kickstart file.

Note

The tool currently does not support any advanced partitioning.

Prerequisites

  • You must have a Red Hat Customer Portal account and an active Red Hat subscription.

Procedure

  1. Open the Kickstart generator lab information page at https://access.redhat.com/labsinfo/kickstartconfig
  2. Click the Go to Application button to the left of heading and wait for the next page to load.
  3. Select Red Hat Enterprise Linux 8 in the drop-down menu and wait for the page to update.
  4. Describe the system to be installed using the fields in the form.

    You can use the links on the left side of the form to quickly navigate between sections of the form.

  5. To download the generated Kickstart file, click the red Download button at the top of the page.

    Your web browser saves the file.

8.2.2. Creating a Kickstart file by performing a manual installation

The recommended approach to creating Kickstart files is to use the file created by a manual installation of Red Hat Enterprise Linux. After an installation completes, all choices made during the installation are saved into a Kickstart file named anaconda-ks.cfg, located in the /root/ directory on the installed system. You can use this file to reproduce the installation in the same way as before. Alternatively, copy this file, make any changes you need, and use the resulting configuration file for further installations.

Procedure

  1. Install RHEL. For more details, see Performing a standard RHEL installation.

    During the installation, create a user with administrator privileges.

  2. Finish the installation and reboot into the installed system.
  3. Log into the system with the administrator account.
  4. Copy the file /root/anaconda-ks.cfg to a location of your choice.

    • To display the file contents in terminal:

      # cat /root/anaconda-ks.cfg

      You can copy the output and save to another file of your choice.

    • To copy the file to another location, use the file manager. Remember to change permissions on the copy, so that the file can be read by non-root users.
    Caution

    The file contains information about users and passwords.

8.2.3. Converting a RHEL 7 Kickstart file for RHEL 8 installation

You can use the Kickstart Converter tool to convert a RHEL 7 Kickstart file for use in a new RHEL 8 installation. For more information about the tool and how to use it to convert a RHEL 7 Kickstart file, see https://access.redhat.com/labs/kickstartconvert/

8.2.4. Creating a custom image using Image Builder

You can use Red Hat Image Builder to create a customized system image for virtual and cloud deployments.

For more information about creating customized images, using Image Builder, see Composing a customized RHEL system image document.

8.3. Making Kickstart files available to the installation program

The following provides information about making the Kickstart file available to the installation program on the target system.

8.3.1. Ports for network-based installation

The following table lists the ports that must be open on the server providing the files for each type of network-based installation.

Table 8.1. Ports for network-based installation

Protocol usedPorts to open

HTTP

80

HTTPS

443

FTP

21

NFS

2049, 111, 20048

TFTP

69

Additional resources

8.3.2. Making a Kickstart file available on an NFS server

This procedure describes how to store the Kickstart script file on an NFS server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.

Prerequisites

  • You must have administrator level access to a server with Red Hat Enterprise Linux 8 on the local network.
  • The system to be installed must be able to connect to the server.
  • Firewall on the server must allow connections from the system you are installing to.

Procedure

  1. Install the nfs-utils package by running the following command as root:

    # yum install nfs-utils
  2. Copy the Kickstart file to a directory on the NFS server.
  3. Open the /etc/exports file using a text editor and add a line with the following syntax:

    /exported_directory/ clients
  4. Replace /exported_directory/ with the full path to the directory holding the Kickstart file. Instead of clients, use the host name or IP address of the computer that is to be installed from this NFS server, the subnetwork from which all computers are to have access the ISO image, or the asterisk sign (*) if you want to allow any computer with network access to the NFS server to use the ISO image. See the exports(5) man page for detailed information about the format of this field.

    A basic configuration that makes the /rhel8-install/ directory available as read-only to all clients is:

    /rhel8-install *
  5. Save the /etc/exports file and exit the text editor.
  6. Start the nfs service:

    # systemctl start nfs-server.service

    If the service was running before you changed the /etc/exports file, enter the following command, in order for the running NFS server to reload its configuration:

    # systemctl reload nfs-server.service

    The Kickstart file is now accessible over NFS and ready to be used for installation.

Note

When specifying the Kickstart source, use nfs: as the protocol, the server’s host name or IP address, the colon sign (:), and the path inside directory holding the file. For example, if the server’s host name is myserver.example.com and you have saved the file in /rhel8-install/my-ks.cfg, specify inst.ks=nfs:myserver.example.com:/rhel8-install/my-ks.cfg as the installation source boot option.

Additional resources

8.3.3. Making a Kickstart file available on an HTTP or HTTPS server

This procedure describes how to store the Kickstart script file on an HTTP or HTTPS server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.

Prerequisites

  • You must have administrator level access to a server with Red Hat Enterprise Linux 8 on the local network.
  • The system to be installed must be able to connect to the server.
  • Firewall on the server must allow connections from the system you are installing to.

Procedure

  1. Install the httpd package by running the following command as root:

    # yum install httpd
    Warning

    If your Apache web server configuration enables SSL security, verify that you only enable the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1232413 for details.

    Important

    If you use an HTTPS server with a self-signed certificate, you must boot the installation program with the inst.noverifyssl option.

  2. Copy the Kickstart file to the HTTP(S) server into a subdirectory of the /var/www/html/ directory.
  3. Start the httpd service:

    # systemctl start httpd.service

    The Kickstart file is now accessible and ready to be used for installation.

    Note

    When specifying the location of the Kickstart file, use http:// or https:// as the protocol, the server’s host name or IP address, and the path of the Kickstart file, relative to the HTTP server root. For example, if you are using HTTP, the server’s host name is myserver.example.com, and you have copied the Kickstart file as /var/www/html/rhel8-install/my-ks.cfg, specify http://myserver.example.com/rhel8-install/my-ks.cfg as the file location.

Additional resources

8.3.4. Making a Kickstart file available on an FTP server

This procedure describes how to store the Kickstart script file on an FTP server. This method enables you to install multiple systems from a single source without having to use physical media for the Kickstart file.

Prerequisites

  • You must have administrator level access to a server with Red Hat Enterprise Linux 8 on the local network.
  • The system to be installed must be able to connect to the server.
  • Firewall on the server must allow connections from the system you are installing to.

Procedure

  1. Install the vsftpd package by running the following command as root:

    # yum install vsftpd
  2. Open and edit the /etc/vsftpd/vsftpd.conf configuration file in a text editor.

    1. Change the line anonymous_enable=NO to anonymous_enable=YES
    2. Change the line write_enable=YES to write_enable=NO.
    3. Add lines pasv_min_port=min_port and pasv_max_port=max_port. Replace min_port and max_port with the port number range used by FTP server in passive mode, e. g. 10021 and 10031.

      This step can be necessary in network environments featuring various firewall/NAT setups.

    4. Optionally, add custom changes to your configuration. For available options, see the vsftpd.conf(5) man page. This procedure assumes that default options are used.

      Warning

      If you configured SSL/TLS security in your vsftpd.conf file, ensure that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1234773 for details.

  3. Configure the server firewall.

    1. Enable the firewall:

      # systemctl enable firewalld
      # systemctl start firewalld
    2. Enable in your firewall the FTP port and port range from previous step:

      # firewall-cmd --add-port min_port-max_port/tcp --permanent
      # firewall-cmd --add-service ftp --permanent
      # firewall-cmd --reload

      Replace min_port-max_port with the port numbers you entered into the /etc/vsftpd/vsftpd.conf configuration file.

  4. Copy the Kickstart file to the FTP server into the /var/ftp/ directory or its subdirectory.
  5. Make sure that the correct SELinux context and access mode is set on the file:

    # restorecon -r /var/ftp/your-kickstart-file.ks
    # chmod 444 /var/ftp/your-kickstart-file.ks
  6. Start the vsftpd service:

    # systemctl start vsftpd.service

    If the service was running before you changed the /etc/vsftpd/vsftpd.conf file, restart the service to load the edited file:

    # systemctl restart vsftpd.service

    Enable the vsftpd service to start during the boot process:

    # systemctl enable vsftpd

    The Kickstart file is now accessible and ready to be used for installations by systems on the same network.

    Note

    When configuring the installation source, use ftp:// as the protocol, the server’s host name or IP address, and the path of the Kickstart file, relative to the FTP server root. For example, if the server’s host name is myserver.example.com and you have copied the file to /var/ftp/my-ks.cfg, specify ftp://myserver.example.com/my-ks.cfg as the installation source.

8.3.5. Making a Kickstart file available on a local volume

This procedure describes how to store the Kickstart script file on a volume on the system to be installed. This method enables you to bypass the need for another system.

Prerequisites

  • You must have a drive that can be moved to the machine to be installed, such as a USB stick.
  • The drive must contain a partition that can be read by the installation program. The supported types are ext2, ext3, ext4, xfs, and fat.
  • The drive must be already connected to the system and its volumes mounted.

Procedure

  1. List volume information and note the UUID of the volume to which you want to copy the Kickstart file.

    # lsblk -l -p -o name,rm,ro,hotplug,size,type,mountpoint,uuid
  2. Navigate to the file system on the volume.
  3. Copy the Kickstart file to this file system.
  4. Make a note of the string to use later with the inst.ks= option. This string is in the form hd:UUID=volume-UUID:path/to/kickstart-file.cfg. Note that the path is relative to the file system root, not to the / root of file system hierarchy. Replace volume-UUID with the UUID you noted earlier.
  5. Unmount all drive volumes:

    # umount /dev/xyz ...

    Add all the volumes to the command, separated by spaces.

8.3.6. Making a Kickstart file available on a local volume for automatic loading

A specially named Kickstart file can be present in the root of a specially named volume on the system to be installed. This lets you bypass the need for another system, and makes the installation program load the file automatically.

Prerequisites

  • You must have a drive that can be moved to the machine to be installed, such as a USB stick.
  • The drive must contain a partition that can be read by the installation program. The supported types are ext2, ext3, ext4, xfs, and fat.
  • The drive must be already connected to the system and its volumes mounted.

Procedure

  1. List volume information and note the UUID of the volume to which you want to copy the Kickstart file.

    # lsblk -l -p
  2. Navigate to the file system on the volume.
  3. Copy the Kickstart file into the root of this file system.
  4. Rename the Kickstart file to ks.cfg.
  5. Rename the volume as OEMDRV:

    • For ext2, ext3, and ext4 file systems:

      # e2label /dev/xyz OEMDRV
    • For the XFS file system:

      # xfs_admin -L OEMDRV /dev/xyz

    Replace /dev/xyz with the path to the volume’s block device.

  6. Unmount all drive volumes:

    # umount /dev/xyz ...

    Add all the volumes to the command, separated by spaces.

8.4. Creating installation sources for Kickstart installations

This section describes how to create an installation source for the Boot ISO image using the Binary DVD ISO image that contains the required repositories and software packages.

8.4.1. Types of installation source

You can use one of the following installation sources for minimal boot images:

  • DVD: Burn the Binary DVD ISO image to a DVD. The installation program will automatically install the software packages from the DVD.
  • Hard drive or USB drive: Copy the Binary DVD ISO image to the drive and configure the installation program to install the software packages from the drive. If you use a USB drive, verify that it is connected to the system before the installation begins. The installation program cannot detect media after the installation begins.

    • Hard drive limitation: The Binary DVD ISO image on the hard drive must be on a partition with a file system that the installation program can mount. The supported file systems are xfs, ext2, ext3, ext4, and vfat (FAT32).
    Warning

    On Microsoft Windows systems, the default file system used when formatting hard drives is NTFS. The exFAT file system is also available. However, neither of these file systems can be mounted during the installation. If you are creating a hard drive or a USB drive as an installation source on Microsoft Windows, verify that you formatted the drive as FAT32. Note that the FAT32 file system cannot store files larger than 4 GiB.

    In Red Hat Enterprise Linux 8, you can enable installation from a directory on a local hard drive. To do so, you need to copy the contents of the DVD ISO image to a directory on a hard drive and then specify the directory as the installation source instead of the ISO image. For example: inst.repo=hd:<device>:<path to the directory>

  • Network location: Copy the Binary DVD ISO image or the installation tree (extracted contents of the Binary DVD ISO image) to a network location and perform the installation over the network using the following protocols:

    • NFS: The Binary DVD ISO image is in a Network File System (NFS) share.
    • HTTPS, HTTP or FTP: The installation tree is on a network location that is accessible over HTTP, HTTPS or FTP.

8.4.2. Ports for network-based installation

The following table lists the ports that must be open on the server providing the files for each type of network-based installation.

Table 8.2. Ports for network-based installation

Protocol usedPorts to open

HTTP

80

HTTPS

443

FTP

21

NFS

2049, 111, 20048

TFTP

69

Additional resources

8.4.3. Creating an installation source on an NFS server

Follow the steps in this procedure to place the installation source on an NFS server. Use this installation method to install multiple systems from a single source, without having to connect to physical media.

Prerequisites

  • You have administor level access to a server with Red Hat Enterprise Linux8, and this server is on the same network as the system to be installed.
  • You have downloaded a Binary DVD image. See Downloading the installation ISO image from the Performing a standard RHEL installation document for more information.
  • You have created a bootable CD, DVD, or USB device from the image file. See Creating installation media from the Performing a standard RHEL installation document for more information.
  • You have verified that your firewall allows the system you are installing to access the remote installation source. See Ports for network-based installation from the Performing a standard RHEL installation document for more information.

Procedure

  1. Install the nfs-utils package:

    # yum install nfs-utils
  2. Copy the Binary DVD ISO image to a directory on the NFS server.
  3. Open the /etc/exports file using a text editor and add a line with the following syntax:

    /exported_directory/ clients
  4. Replace /exported_directory/ with the full path to the directory with the ISO image. Replace clients with the host name or IP address of the target system, the subnetwork that all target systems can use to access the ISO image, or the asterisk sign (*) if you want to allow any system with network access to the NFS server to use the ISO image. See the exports(5) man page for detailed information about the format of this field.

    A basic configuration that makes the /rhel8-install/ directory available as read-only to all clients is:

    /rhel8-install *
  5. Save the /etc/exports file and exit the text editor.
  6. Start the nfs service:

    # systemctl start nfs-server.service

    If the service was running before you changed the /etc/exports file, run the following command for the running NFS server to reload its configuration:

    # systemctl reload nfs-server.service

    The ISO image is now accessible over NFS and ready to be used as an installation source.

Note

When configuring the installation source, use nfs: as the protocol, the server host name or IP address, the colon sign (:), and the directory holding the ISO image. For example, if the server host name is myserver.example.com and you have saved the ISO image in /rhel8-install/, specify nfs:myserver.example.com:/rhel8-install/ as the installation source.

8.4.4. Creating an installation source using HTTP or HTTPS

Follow the steps in this procedure to create an installation source for a network-based installation using an installation tree, which is a directory containing extracted contents of the Binary DVD ISO image and a valid .treeinfo file. The installation source is accessed over HTTP or HTTPS.

Prerequisites

  • You have administrator level access to a server with Red Hat Enterprise Linux8, and this server is on the same network as the system to be installed.
  • You have downloaded a Binary DVD image. See Downloading the installation ISO image from the Performing a standard RHEL installation document for more information.
  • You have created a bootable CD, DVD, or USB device from the image file. See Creating installation media from the Performing a standard RHEL installation document for more information.
  • You have verified that your firewall allows the system you are installing to access the remote installation source. See Ports for network-based installation from the Performing a standard RHEL installation document for more information.

Procedure

  1. Install the httpd package:

    # yum install httpd
    Warning

    If your Apache web server configuration enables SSL security, verify that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1232413 for details.

    Important

    If you use an HTTPS server with a self-signed certificate, you must boot the installation program with the noverifyssl option.

  2. Copy the Binary DVD ISO image to the HTTP(S) server.
  3. Mount the Binary DVD ISO image, using the mount command, to a suitable directory:

    # mkdir /mnt/rhel8-install/
    # mount -o loop,ro -t iso9660 /image_directory/image.iso /mnt/rhel8-install/

    Replace /image_directory/image.iso with the path to the Binary DVD ISO image.

  4. Copy the files from the mounted image to the HTTP(S) server root. This command creates the /var/www/html/rhel8-install/ directory with the contents of the image.

    # cp -r /mnt/rhel8-install/ /var/www/html/

    This command creates the /var/www/html/rhel8-install/ directory with the content of the image. Note that some copying methods can skip the .treeinfo file which is required for a valid installation source. Running the cp command for whole directories as shown in this procedure will copy .treeinfo correctly.

  5. Start the httpd service:

    # systemctl start httpd.service

    The installation tree is now accessible and ready to be used as the installation source.

    Note

    When configuring the installation source, use http:// or https:// as the protocol, the server host name or IP address, and the directory that contains the files from the ISO image, relative to the HTTP server root. For example, if you are using HTTP, the server host name is myserver.example.com, and you have copied the files from the image to /var/www/html/rhel8-install/, specify http://myserver.example.com/rhel8-install/ as the installation source.

8.4.5. Creating an installation source using FTP

Follow the steps in this procedure to create an installation source for a network-based installation using an installation tree, which is a directory containing extracted contents of the Binary DVD ISO image and a valid .treeinfo file. The installation source is accessed over FTP.

Prerequisites

  • You have administor level access to a server with Red Hat Enterprise Linux8, and this server is on the same network as the system to be installed.
  • You have downloaded a Binary DVD image. See Downloading the installation ISO image from the Performing a standard RHEL installation document for more information.
  • You have created a bootable CD, DVD, or USB device from the image file. See Creating installation media from the Performing a standard RHEL installation document for more information.
  • You have verified that your firewall allows the system you are installing to access the remote installation source. See Ports for network-based installation from the Performing a standard RHEL installation document for more information.

Procedure

  1. Install the vsftpd package by running the following command as root:

    # yum install vsftpd
  2. Open and edit the /etc/vsftpd/vsftpd.conf configuration file in a text editor.

    1. Change the line anonymous_enable=NO to anonymous_enable=YES
    2. Change the line write_enable=YES to write_enable=NO.
    3. Add lines pasv_min_port=min_port and pasv_max_port=max_port. Replace min_port and max_port with the port number range used by FTP server in passive mode, e. g. 10021 and 10031.

      This step can be necessary in network environments featuring various firewall/NAT setups.

    4. Optionally, add custom changes to your configuration. For available options, see the vsftpd.conf(5) man page. This procedure assumes that default options are used.

      Warning

      If you configured SSL/TLS security in your vsftpd.conf file, ensure that you enable only the TLSv1 protocol, and disable SSLv2 and SSLv3. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1234773 for details.

  3. Configure the server firewall.

    1. Enable the firewall:

      # systemctl enable firewalld
      # systemctl start firewalld
    2. Enable in your firewall the FTP port and port range from previous step:

      # firewall-cmd --add-port min_port-max_port/tcp --permanent
      # firewall-cmd --add-service ftp --permanent
      # firewall-cmd --reload

      Replace min_port-max_port with the port numbers you entered into the /etc/vsftpd/vsftpd.conf configuration file.

  4. Copy the Binary DVD ISO image to the FTP server.
  5. Mount the Binary DVD ISO image, using the mount command, to a suitable directory:

    # mkdir /mnt/rhel8-install
    # mount -o loop,ro -t iso9660 /image-directory/image.iso /mnt/rhel8-install

    Replace /image-directory/image.iso with the path to the Binary DVD ISO image.

  6. Copy the files from the mounted image to the FTP server root:

    # mkdir /var/ftp/rhel8-install
    # cp -r /mnt/rhel8-install/ /var/ftp/

    This command creates the /var/ftp/rhel8-install/ directory with the content of the image. Note that some copying methods can skip the .treeinfo file which is required for a valid installation source. Running the cp command for whole directories as shown in this procedure will copy .treeinfo correctly.

  7. Make sure that the correct SELinux context and access mode is set on the copied content:

    # restorecon -r /var/ftp/rhel8-install
    # find /var/ftp/rhel8-install -type f -exec chmod 444 {} \;
    # find /var/ftp/rhel8-install -type d -exec chmod 755 {} \;
  8. Start the vsftpd service:

    # systemctl start vsftpd.service

    If the service was running before you changed the /etc/vsftpd/vsftpd.conf file, restart the service to load the edited file:

    # systemctl restart vsftpd.service

    Enable the vsftpd service to start during the boot process:

    # systemctl enable vsftpd

    The installation tree is now accessible and ready to be used as the installation source.

    Note

    When configuring the installation source, use ftp:// as the protocol, the server host name or IP address, and the directory in which you have stored the files from the ISO image, relative to the FTP server root. For example, if the server host name is myserver.example.com and you have copied the files from the image to /var/ftp/rhel8-install/, specify ftp://myserver.example.com/rhel8-install/ as the installation source.

8.5. Starting Kickstart installations

You can start Kickstart installations in multiple ways:

  • Manually by entering the installation program boot menu and specifying the options including Kickstart file there.
  • Automatically by editing the boot options in PXE boot.
  • Automatically by providing the file on a volume with specific name.

Learn how to perform each of these methods in the following sections.

8.5.1. Starting a Kickstart installation manually

This section explains how to start a Kickstart installation manually, which means some user interaction is required (adding boot options at the boot: prompt). Use the boot option inst.ks=location when booting the installation system, replacing location with the location of your Kickstart file. The exact way to specify the boot option depends on your system’s architecture.

Prerequisites

  • You have a Kickstart file ready in a location accessible from the system to be installed

Procedure

  1. Boot the system using a local media (a CD, DVD, or a USB flash drive).
  2. At the boot prompt, specify the required boot options.

    1. If the Kickstart file or a required repository is in a network location, you may need to configure the network using the ip= option. The installer tries to configure all network devices using the DHCP protocol by default without this option.
    2. Add the inst.ks= boot option and the location of the Kickstart file.
    3. In order to access a software source from which necessary packages will be installed, you may need to add the inst.repo= option. If you do not specify this option, you must specify the installation source in the Kickstart file.

    For information about editing boot options, see Section 9.4.2, “Editing boot options”.

  3. Start the installation by confirming your added boot options.

    The installation begins now, using the options specified in the Kickstart file. If the Kickstart file is valid and contains all required commands, the installation is completely automated from this point forward.

Note

If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list. For more information about UEFI Secure Boot and Red Hat Enterprise Linux Beta releases, see the Completing post-installation tasks section of the Performing a standard RHEL installation document.

8.5.2. Starting a Kickstart installation automatically using PXE

AMD64, Intel 64, and 64-bit ARM systems and IBM Power Systems servers have the ability to boot using a PXE server. When you configure the PXE server, you can add the boot option into the boot loader configuration file, which in turn lets you start the installation automatically. Using this approach, it is possible to automate the installation completely, including the boot process.

This procedure is intended as a general reference; detailed steps differ based on your system’s architecture, and not all options are available on all architectures (for example, you cannot use PXE boot on IBM Z).

Prerequisites

  • You must have a Kickstart file ready in a location accessible from the system to be installed.
  • You must have a PXE server which can be used to boot the system and begin the installation.

Procedure

  1. Open the boot loader configuration file on your PXE server, and add the inst.ks= boot option to the appropriate line. The name of the file and its syntax depends on your system’s architecture and hardware:

    • On AMD64 and Intel 64 systems with BIOS, the file name can be either default or based on your system’s IP address. In this case, add the inst.ks= option to the append line in the installation entry. A sample append line in the configuration file looks similar to the following:

      append initrd=initrd.img inst.ks=http://10.32.5.1/mnt/archive/RHEL-8/8.x/x86_64/kickstarts/ks.cfg
    • On systems using the GRUB2 boot loader (AMD64, Intel 64, and 64-bit ARM systems with UEFI firmware and IBM Power Systems servers), the file name will be grub.cfg. In this file, append the inst.ks= option to the kernel line in the installation entry. A sample kernel line in the configuration file will look similar to the following:

      kernel vmlinuz inst.ks=http://10.32.5.1/mnt/archive/RHEL-8/8.x/x86_64/kickstarts/ks.cfg
  2. Boot the installation from the network server.

    The installation begins now, using the installation options specified in the Kickstart file. If the Kickstart file is valid and contains all required commands, the installation is completely automated.

Note

If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list. For more information about UEFI Secure Boot and Red Hat Enterprise Linux Beta releases, see the Completing post-installation tasks section of the Performing a standard RHEL installation document.

8.5.3. Starting a Kickstart installation automatically using a local volume

You can start a Kickstart installation by putting a Kickstart file with a specific name on a specifically labelled storage volume.

Prerequisites

  • You must have a volume prepared with label OEMDRV and the Kickstart file present in its root as ks.cfg.
  • A drive containing this volume must be available on the system as the installation program boots.

Procedure

  1. Boot the system using a local media (a CD, DVD, or a USB flash drive).
  2. At the boot prompt, specify the required boot options.

    1. If a required repository is in a network location, you may need to configure the network using the ip= option. The installer tries to configure all network devices using the DHCP protocol by default without this option.
    2. In order to access a software source from which necessary packages will be installed, you may need to add the inst.repo= option. If you do not specify this option, you must specify the installation source in the Kickstart file.
  3. Start the installation by confirming your added boot options.

    The installation begins now, and the Kickstart file is automatically detected and used to start an automated Kickstart installation.

Note

If you have installed a Red Hat Enterprise Linux Beta release, on systems having UEFI Secure Boot enabled, then add the Beta public key to the system’s Machine Owner Key (MOK) list. For more information about UEFI Secure Boot and Red Hat Enterprise Linux Beta releases, see the Completing post-installation tasks section of the Performing a standard RHEL installation document.

8.6. Consoles and logging during installation

The Red Hat Enterprise Linux installer uses the tmux terminal multiplexer to display and control several windows in addition to the main interface. Each of these windows serve a different purpose; they display several different logs, which can be used to troubleshoot issues during the installation process. One of the windows provides an interactive shell prompt with root privileges, unless this prompt was specifically disabled using a boot option or a Kickstart command.

Note

In general, there is no reason to leave the default graphical installation environment unless you need to diagnose an installation problem.

The terminal multiplexer is running in virtual console 1. To switch from the actual installation environment to tmux, press Ctrl+Alt+F1. To go back to the main installation interface which runs in virtual console 6, press Ctrl+Alt+F6.

Note

If you choose text mode installation, you will start in virtual console 1 (tmux), and switching to console 6 will open a shell prompt instead of a graphical interface.

The console running tmux has five available windows; their contents are described in the following table, along with keyboard shortcuts. Note that the keyboard shortcuts are two-part: first press Ctrl+b, then release both keys, and press the number key for the window you want to use.

You can also use Ctrl+b n, Alt+ Tab, and Ctrl+b p to switch to the next or previous tmux window, respectively.

Table 8.3. Available tmux windows

ShortcutContents

Ctrl+b 1

Main installation program window. Contains text-based prompts (during text mode installation or if you use VNC direct mode), and also some debugging information.

Ctrl+b 2

Interactive shell prompt with root privileges.

Ctrl+b 3

Installation log; displays messages stored in /tmp/anaconda.log.

Ctrl+b 4

Storage log; displays messages related to storage devices and configuration, stored in /tmp/storage.log.

Ctrl+b 5

Program log; displays messages from utilities executed during the installation process, stored in /tmp/program.log.

8.7. Maintaining Kickstart files

You can run automated checks on Kickstart files. Typically, you will want to verify that a new or problematic Kickstart file is valid.

8.7.1. Installing Kickstart maintenance tools

To use the Kickstart maintenance tools, you must install the package that contains them.

Procedure

  • Install the pykickstart package:

    # yum install pykickstart

8.7.2. Verifying a Kickstart file

Use the ksvalidator command line utility to verify that your Kickstart file is valid. This is useful when you make extensive changes to a Kickstart file.

Procedure

  • Run ksvalidator on your Kickstart file:

    $ ksvalidator /path/to/kickstart.ks

    Replace /path/to/kickstart.ks with the path to the Kickstart file you want to verify.

Important

The validation tool cannot guarantee the installation will be successful. It ensures only that the syntax is correct and that the file does not include deprecated options. It does not attempt to validate the %pre, %post and %packages sections of the Kickstart file.

Additional resources

  • The ksvalidator(1) manual page.

8.8. Registering and installing RHEL from the CDN using Kickstart

This section contains information about how to register your system, attach RHEL subscriptions, and install from the Red Hat Content Delivery Network (CDN) using Kickstart.

8.8.1. Registering and installing RHEL from the CDN

Use this procedure to register your system, attach RHEL subscriptions, and install from the Red Hat Content Delivery Network (CDN) using the rhsm Kickstart command, which supports the syspurpose command as well as Red Hat Insights. The rhsm Kickstart command removes the requirement of using custom %post scripts when registering the system.

Important

The CDN feature is supported by the Boot ISO and Binary DVD ISO image files. However, it is recommended that you use the Boot ISO image file as the installation source defaults to CDN for the Boot ISO image file.

Prerequisites

  • Your system is connected to a network that can access the CDN.
  • You created a Kickstart file and made it available to the installation program on removable media, a hard drive or a network location using an HTTP(S), FTP, or NFS server.
  • The Kickstart file is in a location that is accessible by the system that is to be installed.
  • You created the boot media used to begin the installation and made the installation source available to the installation program.
Important
  • The installation source repository used after system registration is dependent on how the system was booted. For more information, see the Installation source repository after system registration section in the Performing a standard RHEL installation document.
  • Repository configuration is not required in a Kickstart file as your subscription governs which CDN subset and repositories the system can access.

Procedure

  1. Open the Kickstart file.
  2. Edit the file to add the rhsm Kickstart command and its options to the file:

    Organization (required)

    Enter the organization id. An example is:

    --organization=1234567
    Note

    For security reasons, Red Hat username and password account details are not supported by Kickstart when registering and installing from the CDN.

    Activation Key (required)

    Enter the Activation Key. You can enter multiple keys as long as the activation keys are registered to your subscription. An example is:

    --activation-key="Test_key_1" --activation-key="Test_key_2"
    Red Hat Insights (optional)

    Connect the target system to Red Hat Insights.

    Note

    Red Hat Insights is a Software-as-a-Service (SaaS) offering that provides continuous, in-depth analysis of registered Red Hat-based systems to proactively identify threats to security, performance and stability across physical, virtual and cloud environments, and container deployments. Unlike the GUI setting, connecting to Red Hat Insights is not enabled by default when using Kickstart.

    An example is:

    --connect-to-insights
    HTTP proxy (optional)

    Set the HTTP proxy. An example is:

    --proxy="user:password@hostname:9000"
    Note

    Only the hostname is mandatory. If the proxy is required to run on a default port with no authentication, then the option is: --proxy="hostname"

    Server hostname (optional)
    Note

    The Server hostname does not require the HTTP protocol, for example, nameofhost.com.

    Set the server hostname if you are running Satellite Server or performing internal testing. An example is:

    --server-hostname="nameofhost.com"
    rhsm baseurl (optional)
    Note

    The rhsm baseurl requires the HTTP protocol.

    Set the rhsm baseurl option if you are running Satellite Server or performing internal testing. An example is:

    --rhsm-baseurl="http://nameofhost.com"
    System Purpose (optional)

    Set the System Purpose role, SLA, and usage using the command:

    syspurpose --role="Red Hat Enterprise Linux Server" --sla="Premium" --usage="Production"
    Example

    The following example displays a minimal Kickstart file with all rhsm Kickstart command options.

    graphical
    lang en_US.UTF-8
    keyboard us
    rootpw 12345
    timezone America/New_York
    zerombr
    clearpart --all --initlabel
    autopart
    syspurpose --role="Red Hat Enterprise Linux Server" --sla="Premium" --usage="Production"
    rhsm --organization="12345" --activation-key="test_key" --connect-to-insights --server-hostname="nameofhost.com"
    --rhsm-baseurl="http://nameofhost.com" --proxy="user:password@hostname:9000"
    %packages
    vim
    %end
  3. Save the Kickstart file and start the installation process.

Additional resources

  • For more information about System Purpose, see the Configuring System Purpose section of this document.
  • For more information about how to start a Kickstart installation, see Starting Kickstart installations.
  • For information about Red Hat Insights, see the Red Hat Insights product documentation.
  • For information about Activation Keys, see the Understanding Activation Keys chapter of the Using Red Hat Subscription Management document.
  • For information about how to set up an HTTP proxy for Subscription Manager, see the Using an HTTP proxy chapter of the Using and Configuring Red Hat Subscription Manager document.

8.8.2. Verifying your system registration from the CDN

Use this procedure to verify that your system is registered to the CDN.

Prerequisites

Procedure

  1. From the terminal window, log in as a root user and verify the registration:

    # subscription-manager list

    The output displays the attached subscription details, for example:

    Installed Product Status
    
    Product Name: Red Hat Enterprise Linux for x86_64
    Product ID: 486
    Version: 8.2
    Arch: x86_64
    Status: Subscribed
    Status Details
    Starts: 11/4/2019
    Ends: 11/4/2020
  2. To view a detailed report, run the command:

    # subscription-manager list --consumed

8.8.3. Unregistering your system from the CDN

Use this procedure to unregister your system from the Red Hat CDN.

Prerequisites

Procedure

  1. From the terminal window, log in as a root user and unregister:

    # subscription-manager unregister

    The attached subscription is unregistered from the system and the connection to CDN is removed.

8.9. Performing a remote RHEL installation using VNC

This section describes how to perform a remote RHEL installation using Virtual Network Computing (VNC).

8.9.1. Overview

The graphical user interface is the recommended method of installing RHEL when you boot the system from a CD, DVD, or USB flash drive, or from a network using PXE. However, many enterprise systems, for example, IBM Power Systems and IBM Z, are located in remote data center environments that are run autonomously and are not connected to a display, keyboard, and mouse. These systems are often referred to as headless systems and they are typically controlled over a network connection. The RHEL installation program includes a Virtual Network Computing (VNC) installation that runs the graphical installation on the target machine, but control of the graphical installation is handled by another system on the network. The RHEL installation program offers two VNC installation modes: Direct and Connect. Once a connection is established, the two modes do not differ. The mode you select depends on your environment.

Direct mode
In Direct mode, the RHEL installation program is configured to start on the target system and wait for a VNC viewer that is installed on another system before proceeding. As part of the Direct mode installation, the IP address and port are displayed on the target system. You can use the VNC viewer to connect to the target system remotely using the IP address and port, and complete the graphical installation.
Connect mode
In Connect mode, the VNC viewer is started on a remote system in listening mode. The VNC viewer waits for an incoming connection from the target system on a specified port. When the RHEL installation program starts on the target system, the system host name and port number are provided by using a boot option or a Kickstart command. The installation program then establishes a connection with the listening VNC viewer using the specified system host name and port number. To use Connect mode, the system with the listening VNC viewer must be able to accept incoming network connections.

8.9.2. Considerations

Consider the following items when performing a remote RHEL installation using VNC:

  • VNC client application: A VNC client application is required to perform both a VNC Direct and Connect installation. VNC client applications are available in the repositories of most Linux distributions, and free VNC client applications are also available for other operating systems such as Windows. The following VNC client applications are available in RHEL:

    • tigervnc is independent of your desktop environment and is installed as part of the tigervnc package.
    • vinagre is part of the GNOME desktop environment and is installed as part of the vinagre package.
Note

A VNC server is included in the installation program and doesn’t need to be installed.

  • Network and firewall:

    • If the target system is not allowed inbound connections by a firewall, then you must use Connect mode or disable the firewall. Disabling a firewall can have security implications.
    • If the system that is running the VNC viewer is not allowed incoming connections by a firewall, then you must use Direct mode, or disable the firewall. Disabling a firewall can have security implications. See the Security hardening document for more information on configuring the firewall.
  • Custom Boot Options: You must specify custom boot options to start a VNC installation and the installation instructions might differ depending on your system architecture.
  • VNC in Kickstart installations: You can use VNC-specific commands in Kickstart installations. Using only the vnc command runs a RHEL installation in Direct mode. Additional options are available to set up an installation using Connect mode. For more information about Kickstart installations, see Section 8.1.1, “What are Kickstart installations”.

8.9.3. Performing a remote RHEL installation in VNC Direct mode

Use this procedure to perform a remote RHEL installation in VNC Direct mode. Direct mode expects the VNC viewer to initiate a connection to the target system that is being installed with RHEL. In this procedure, the system with the VNC viewer is called the remote system. You are prompted by the RHEL installation program to initiate the connection from the VNC viewer on the remote system to the target system.

Note

This procedure uses TigerVNC as the VNC viewer. Specific instructions for other viewers might differ, but the general principles apply.

Prerequisites

  • As root, you have installed a VNC viewer on a remote system, for example:

    # yum install tigervnc
  • You have set up a network boot server and booted the installation on the target system. For more information, see Section 9.3.1, “Network install overview”.

Procedure

  1. From the RHEL boot menu on the target system, press the Tab key on your keyboard to edit the boot options.
  2. Append the inst.vnc option to the end of the command line.

    1. If you want to restrict VNC access to the system that is being installed, add the inst.vncpassword=PASSWORD boot option to the end of the command line. Replace PASSWORD with the password you want to use for the installation. The VNC password must be between 6 and 8 characters long.

      Important

      Use a temporary password for the inst.vncpassword= option. It should not be an existing or root password.

  3. Press Enter to start the installation. The target system initializes the installation program and starts the necessary services. When the system is ready, a message is displayed providing the IP address and port number of the system.
  4. Open the VNC viewer on the remote system.
  5. Enter the IP address and the port number into the VNC server field.
  6. Click Connect.
  7. Enter the VNC password and click OK. A new window opens with the VNC connection established, displaying the RHEL installation menu. From this window, you can install RHEL on the target system using the graphical user interface.

Additional resources

  • For more information on how to perform a RHEL installation using the graphical user interface, see the Installing RHEL using the Graphical User Interface section in the Performing a standard RHEL installation document.

8.9.4. Performing a remote RHEL installation in VNC Connect mode

Use this procedure to perform a remote RHEL installation in VNC Connect mode. In Connect mode, the target system that is being installed with RHEL initiates a connect to the VNC viewer that is installed on another system. In this procedure, the system with the VNC viewer is called the remote system.

Note

This procedure uses TigerVNC as the VNC viewer. Specific instructions for other viewers might differ, but the general principles apply.

Prerequisites

  • As root, you have installed a VNC viewer on a remote system, for example:

    # yum install tigervnc
  • You have set up a network boot server to start the installation on the target system. For more information, see Section 9.3.1, “Network install overview”.
  • You have configured the target system to use the boot options for a VNC Connect installation.
  • You have verified that the remote system with the VNC viewer is configured to accept an incoming connection on the required port. Verification is dependent on your network and system configuration. For more information, see the Security hardening and Securing networks documents.

Procedure

  1. Start the VNC viewer on the remote system in listening mode by running the following command:

    $ vncviewer -listen PORT
  2. Replace PORT with the port number used for the connection.
  3. The terminal displays a message indicating that it is waiting for an incoming connection from the target system.

    TigerVNC Viewer 64-bit v1.8.0
    Built on: 2017-10-12 09:20
    Copyright (C) 1999-2017 TigerVNC Team and many others (see README.txt)
    See http://www.tigervnc.org for information on TigerVNC.
    
    Thu Jun 27 11:30:57 2019
     main:        Listening on port 5500
  4. Boot the target system from the network.
  5. From the RHEL boot menu on the target system, press the Tab key on your keyboard to edit the boot options.
  6. Append the inst.vnc inst.vncconnect=HOST:PORT option to the end of the command line.
  7. Replace HOST with the IP address of the remote system that is running the listening VNC viewer, and PORT with the port number that the VNC viewer is listening on.
  8. Press Enter to start the installation. The system initializes the installation program and starts the necessary services. When the initialization process is finished, the installation program attempts to connect to the IP address and port provided.
  9. When the connection is successful, a new window opens with the VNC connection established, displaying the RHEL installation menu. From this window, you can install RHEL on the target system using the graphical user interface.

Additional resources

  • For more information on how to perform a RHEL installation using the graphical user interface, see the Installing RHEL using the Graphical User Interface section in the Performing a standard RHEL installation document.