Saturday, March 8, 2008

Installing Linux over the network (or how I installed Centos without a single CD-ROM and still stayed relatively sane)

My cool new server came in from Dell without a CD-ROM or DVD and only one disk. Lesson: Be very careful before hitting that "OK" button.

Anyway, I was eager to get started, and got my tiny Linux server to act as the install server. Both the target and install servers were running CentOS 5, but the principles should work for any Linux distro. Here is how:

1. First set up DHCPD on the install server. I got source from:
http://ftp.isc.org/isc/dhcp/dhcp-3.1.1b1.tar.gz. No issues with the build.
a. touch /var/state/dhcp/dhcpd.leases
b. Update /etc/dhcpd.conf. My dhcpd.conf looks like this, but use your own IPs where you see "<>":

# Only use for new Dell Server and Kickstart
ddns-update-style ad-hoc;
option domain-name-servers <><><><>;
option subnet-mask 255.255.255.0;
option broadcast-address <><><>255;
option routers <><><><>;
allow bootp;
allow booting;

option ip-forwarding false;
option mask-supplier false;

# On the specified subnet with the specified netmask,
# serve out IP addresses between 155 and 160
subnet <><><>0 netmask 255.255.255.0 {
range <><><>155 <><><>160;
}

host loki {
hardware ethernet 00:1e:c8:2b:50:73;
fixed-address <><><>155;
next-server <><><>150;
filename "pxelinux.0";
}

The last section just says my new server will be host "loki" with the specified MAC address, and will be assigned IP 155. Next-server is the server to get the bootfile specified in filename, which is pxelinux.0 (thats a zero, not an "oh"). More about this later.

Start up dhcpd on your server in debug mode:
dhcpd -d
so you know when your target server is asking for info.

2. Now set up tftp.
a. yum install tftp
b. In /etc/xinetd.d/tftp change disabled = yes to disabled = no
c. Restart xinetd: /etc/init.d/xinetd restart
d. The yum install should have created /tftpboot, otherwise create it.

3. Get pxelinux distribution from: http://syslinux.zytor.com.
You'll be redirected to kernel.org's download site. bunzip2 and untar: syslinux-3.62.tar.bz2, and copy pxelinux.0 to /tftpboot.

4. Setup remaining files in /tftpboot
Copy vmlinuz and initrd.img FOR the architecture of the server you are installing. If your target server is AMD x86_64 and your install server is an ancient Pentium II you can't copy over the Pentium's vmlinuz and hope for the best.

5. Create pxelinux.cfg.
mkdir /tftpboot/pxelinux.cfg

This is the file PXE looks at to figure out how to boot up the target server. There's a cool algorithm PXE follows to get the file, but default is an OK name if you only have 1 or 2 servers to install. Otherwise check out the docs in your PXE distro. Net net, if you have > 1 system or various flavors of systems, you'll need to get their IP address and link it to the appropriate pxeconfig file. PXE reads the IP of a target server in hex, so make sure you have a hex calculator as well.

Remember, when you do the network install, you do a PXE boot from the target server, which asks DHCPD for its IP, after which it contacts the tftp server for the bootloader (pxelinux.0). This is where we are now. But you want to make sure you have a system where after your target server has its OS installed, it doesn't do an OS re-install when you reboot it after say 3 months of work. That would suck.

So my pxelinux.cfg/default looked like:
default linux
label linux
kernel vmlinuz
append ksdevice=eth0 load_ramdisk=1 initrd=initrd.img network ks=nfs:<><><>.150:/install/Kickstart/<><><>155-kickstart

The stuff in the "append" line should be on only line, Linux kernel doesn't understand word-wrap.

You should now have the following:
[root@install_server CentOS]# ls -lR /tftpboot/
/tftpboot/:
total 6828
-rw-r--r-- 1 root root 5139482 Mar 7 22:07 initrd.img
-rw-r--r-- 1 root root 14630 Mar 7 20:33 pxelinux.0
drwxr-xr-x 2 root root 4096 Mar 7 22:08 pxelinux.cfg/
-rw-r--r-- 1 root root 1812988 Mar 7 22:07 vmlinuz

/tftpboot/pxelinux.cfg:
total 4
-rw-r--r-- 1 root root 171 Mar 7 22:08 default

Test tftp by running it from a Windows box:
C:\Documents and Settings\scariapa>tftp <><><>150 get pxelinux.0
Transfer successful: 14785 bytes in 1 second, 14785 bytes/s

6. Set up your kickstart config file. I used a cool little utility called system-config-kickstart on my little install server to do this. The kickstart config file must be saved in the same spot indicated by /tftpboot/pxelinux.cfg/default in the previous step, which was /install/Kickstart/<><><>155-kickstart. I named my kickstart config with the IP of the target server embedded in it, but I didn't have to. I could have called it Bob, but if you have a lot of systems, it would make sense to make a practice out of embedding your system's IP address in the kickstart file.

So your kickstart file tells the target server a couple of things:
a. Locale info: language, keyboard, timezone etc.
b. Filesystem layout
c. What you want to install...not at the rpm level though, so don't get too ambitious.
d. Where you want to install from. Here is where you add the IP of the NFS server you're installing from and the export. My NFS server was the same as the DHCPD server, and the tftpd server, IP 150. The export must be a tree where if you ls, you see the "CentOS" directory. More below.

For more information on kickstart configs, see:
http://www.faqs.org/docs/Linux-HOWTO/KickStart-HOWTO.html

7. Set up your install tree. I downloaded the CentOS ISOs, saved them to disk, mounted them back, and then copied the files in there to disk:
mount -t iso9660 -o loop /install/CentOS-5.0-x86_64-bin-1of7.iso /export/cd1
mkdir /export/cdrom1
cp -pr /export/cd1/* /export/cdrom1

Do this for all the ISOs.
Now make sure all the RPMS (ie from cdrom2/CentOS, cdrom3/CentOS, etc) are all in cdrom1/CentOS. Move all of them there. Otherwise after anaconda completes the first ISO, it will complain of a corrupted distribution because it couldn't read redhat-rpm-config-8.0.45-17.el5.centos.noarch.rpm...which is the first file it reads from the second CD if you're doing a CD install.

Make sure your install server exports both the tree with the distro on it and the kickstart config file. I exported /export/cdrom1 and /install. If the target server can't read the kickstart config file, then it'll prompt you for the right location during the boot process. You will also have a chance to skip kickstart and go interactive if you want.

8. Now make sure you have a network connection to the target server, power it on, select PXE boot, and go!

There are a bazillion security issues that I have not addressed. Tftp is a very very easy way for bad guys to mess around. My suggestion if you have an install server is to only turn on dhcpd and tftpd when you have a new system, and turn them off after you're done.

Labels:

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home