Fedora network install via PXE boot
It is also possible to setup a Proxy DHCP service for PXE. Thus, the existing DHCP server does not need to be changed. A normal Linux system (e.g. a workstation) can then be used to host the preboot execution environment (PXE).
Following steps are necessary to setup a PXE for net-booting a Fedora network install image (assuming also a Fedora host):
Verify the Image
$ gpg --verify Fedora-Server-21-x86_64-CHECKSUM
$ sha256sum --check Fedora-Server-21-x86_64-CHECKSUM
Fedora-Server-netinst-x86_64-21.iso: OK
Mount the Image
mkdir /mnt/iso
mount -o loop Fedora-Server-netinst-x86_64-21.iso /mnt/iso
DHCP Setup
yum install dnsmasq tftp-server syslinux-tftpboot
The tftp-server
package is just for creating the directory /var/lib/tftpboot
, dnsmasq already has a tftp server integrated.
The config:
cat > /etc/dnsmasq.conf
interface=enp0s25
# and don't bind to 0.0.0.0
bind-interfaces
# extra logging
log-dhcp
dhcp-range=192.168.178.0,proxy
# first IP address is the one of the host
dhcp-boot=pxelinux.0,192.168.178.34,192.168.178.0
pxe-service=x86PC,"Automatic Network Boot",pxelinux
# Specify the IP address of another tftp server
enable-tftp
# default location of tftp-server on Fedora
tftp-root=/var/lib/tftpboot
# disable DNS
port=0
Start it:
systemctl start dnsmasq.service
Setup TFTP directory
Copy all needed files:
cp /mnt/iso/images/pxeboot/initrd.img /var/lib/tftpboot
cp /mnt/iso/images/pxeboot/vmlinuz /var/lib/tftpboot
cp /tftpboot/pxelinux.0 /var/lib/tftpboot
cp /tftpboot/vesamenu.c32 /var/lib/tftpboot
cp /tftpboot/ldlinux.c32 /var/lib/tftpboot
cp /tftpboot/libcom32.c32 /var/lib/tftpboot
cp /tftpboot/libutil.c32 /var/lib/tftpboot
Add config:
mkdir /var/lib/tftpboot/pxelinux.cfg
cat > /var/lib/tftpboot/pxelinux.cfg/default
default vesamenu.c32
prompt 0
# disable timeout
timeout 0
#timeout 600
# if file is missing, this is ignored
display boot.msg
label linux
menu label Install Fedora 21 Server x86-64
kernel vmlinuz
append initrd=initrd.img inst.stage2=http://workstation.example.org/
Setup HTTP Server
yum install nginx
Configure instance:
cat > /etc/nginx/conf.d/iso.conf
server {
listen 80 default_server;
server_name localhost;
root /mnt/iso ;
include /etc/nginx/default.d/*.conf;
}
Disable the default instance/move it to a different port:
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -43,7 +43,7 @@ http {
include /etc/nginx/conf.d/*.conf;
server {
- listen 80 default_server;
+ listen 8080 default_server;
server_name localhost;
root /usr/share/nginx/html;
start the server:
systemctl start nginx.service
The Fedora installer (dracut) basically just needs to get one file from that http server:
LiveOS/squashfs.img
Configure Firewalld
firewall-cmd --add-service=http
firewall-cmd --add-service=dhcp
firewall-cmd --add-service=tftp
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=dhcp --permanent
firewall-cmd --add-service=tftp --permanent
Boot Clients
That's it. Clients are know able to network boot via PXE and get the Fedora netinstall image.
Variations could be: Adding a kickstart file (and setting a timeout) for a fully automatic network install, configuring different PXE settings for different clients (based on the MAC address), etc.
Cleanup
The daemons can be stopped and the loopback image can be unmounted:
systemctl stop nginx.service
systemctl stop dnsmasq.service
umount /mnt/iso
Security Note
This method should only be executed in a trustful intranet because the netboot client gets its config and several images absolutely unsecured over TFTP and HTTP.
Related videos on Youtube
maxschlepzig
My name is Georg Sauthoff. 'Max Schlepzig' is just a silly old pseudonym (I am hesitant to change it because existing @-replies will not be updated) I studied computer science In my current line of work, I work on trading system software and thus care about low-latency
Updated on September 18, 2022Comments
-
maxschlepzig over 1 year
How do I install Fedora over the network using PXE boot?
Motivation: The BIOS of target system is simply not able to boot from USB mass storage devices. An alternative motivation is that booting over the network is just more convenient.
Challenge: The LAN already has a DHCP server that can't be changed, i.e. one that does not support configuring PXE related options (it is part of a Fritz Box router).
-
pipereset almost 9 yearsI am wondering why you are adding permanent firewall rules, when you are not permanently enabling ngnix or dnsmasq.
-
maxschlepzig almost 9 years@Sladjko, I added them such that I don't have to re-execute them when I need to PXE boot another install at some point in time when the host system was rebooted. I don't permanently enable nginx/dnsmasq because I don't need them all the time. Starting a PXE install is thus only two
systemctl start
commands away.
-
-
Sahil Chaudhary over 6 yearsnice clues but I'd suggest the readers to tale a look at official docs: docs-old.fedoraproject.org/en-US/Fedora/26/html/…
-
AkiRoss over 5 yearsThanks for this answer, which is the most complete I read so far, but can you clarify the dnsmasq options and the value you used, please? For example, is
192.168.178.34
the address of the server? What about the proxy? -
maxschlepzig over 5 years@AkiRoss With this configuration dnsmasq acts as a dhcp proxy to another dhcp server.
192.168.178.34
is the address of the workstation running dnsmasq and the tftp server.192.168.178.0
denotes the IP-range managed by the other dhcp server - in this case192.168.178.*
. Of course, you also have to adjust the interface name (i.e.enp0s25
). -
maxschlepzig over 5 years@akostadinov The link you have provided doesn't even mention Proxy DHCP PXE.
-
AkiRoss over 5 yearsThanks @maxschlepzig. I had a few problems with this, that I'm writing in the case it is useful to someone else. DHCP went ok, but then I got an error "PXE-E77: Bad or missing discovery server list", which was caused by the
pxe-service
option: after commenting it, the bootloader popped up. Sadly, I am now facing a kernel panic on boot, so I still have that to fix.