dcsimg

Complete Kickstart: How to Save Time Installing Linux

If you have to perform a lot of Linux installs, there's a fast and easy way to do so quickly and efficiently without having to babysit the installation process each time. By making use of Kickstart, you can save time and effort by setting up a Kickstart server and spend your time getting more useful work done.

We work in a lab environment at Cisco Systems in RTP, North Carolina, and are responsible for the care and feeding of many Intel, Sun, and Cisco boxes that make up the lab environment. Because it’s a lab, developers and testers require frequent re-installations of these systems to return them to a known state. We also need to install operating systems on new boxes fairly often.

All of these installations can be time-consuming, so we were tasked with creating a locally available kickstart server for Red Hat Enterprise Linux 5.1.

As we started to delve into the requirements for creating a kickstart server we discovered that, although much of the information required to do so is available from various places on the Internet, some necessary information is very difficult to find. This article will concentrate on the specific configuration details required for an unattended network Kickstart of Red Hat Enterprise Linux 5.1. It is intended to cover all aspects of setting up a Kickstart server, including some information that is not readily available.

The basic function of a kickstart server is to allow an administrator to perform a network installation of Linux. It provides a single location to store files for installation and allows for ease of updating those files instead of dealing with multiple copies of DVDs. It also allows for very fast and hands-free installation as well as the ability to provide a menu-driven interface for selection of the desired kickstart configuration from among two or more choices.

The Requirements

Our requirements were that kickstart, once launched and after making a menu selection to choose a particular kickstart configuration, needed to be completely unattended. We also needed to install some local tools and make configuration changes to the installed boxes before they would be ready for use. The Anaconda installer menu must provide us with options to install multiple versions of this kickstart or to boot from hard drive. If no menu selection is made after a short timeout, the Anaconda installer is configured to boot from the hard drive.

Here’s what you need in order to perform a kickstart:

  1. 1. A Web server and/or FTP Server for delivery of the RPMs that are to be installed.
  2. 1. A DHCP server for IP address assignments and to launch PXE Boot.
  3. 1. A TFTP server for download of PXE Boot components to the machines being kickstarted.
  4. 1. An PXE Boot capable network card.
  5. 1. The BIOSes on the computers to be kickstarted must be configured to allow a network boot.

Each of the required servers can be located on a different system, or they can be combined onto a single computer.

In addition, Cisco Core routers require special configuration to transport UDP PXE Boot packets across subnet boundaries. Our environment requires the use of a serial console during Kickstart for menu selection. This gives us the ability to select from two or more different kickstart installations.

Initial Decisions and Sizing

We chose to use HTTP for file delivery, but due to the possibility that some need might arise in the future for an FTP kickstart, we decided to configure our kickstart server directory structure so that both FTP and HTTP can be used. We also chose to house the HTTP, TFTP, and DHCP servers on a single computer.

For our environment, we had no reason not to have all of the servers on one box, and the number of simultaneous kickstarts we expect to experience is well within the capability of the hardware and network infrastructure we have available. When sizing a prospective kickstart server the limiting factors are most likely to be the hard drive data transfer rates and the network. Experience has shown up to 20 or so systems can be kickstarted simultaneously in about an hour with a very modest Pentium 4, a single IDE hard drive, and a 100Mb connection.

Using a 3.0GHz Intel Core-Duo with 4GB of RAM and dual 120GB hard drives in RAID 1 configuration on a Gigabit Ethernet connection should allow us to support multiple simultaneous kickstarts in numbers far larger than we currently expect. The only reason we used this particular hardware is that it is what we had available.

Kickstart Sequence of Events

A network-based kickstart can be initiated by an PXE Boot capable network card. The PXE Boot first requests an IP address from a DHCP server. It also obtains the location of a PXE Boot file from the DHCP server. PXELINUX is a bootloader for Linux using the PXE network booting protocol. The PXE Boot file is loaded from the TFTP server along with the contents of a file which defines the location and name of the installation kernel and initrd.img file as well as some parameters for the boot kernel and a menu for the Anaconda installer. This configuration file for Anaconda also contains the location of the kickstart configuration file to be used during the installation.

The PXE Boot file then loads the boot kernel and initrd image still using TFTP. After booting, Anaconda is started and Anaconda loads the menu and displays a window with a timer with several menu options. The Menu and time-out can be skipped if you do not need to make any choices here.

After choosing the desired kickstart installation, Anaconda locates the kickstart configuration file from the HTTP server and reads it. The kickstart configuration file has a default name of ks.cfg, but can be named anything. We use several for our different configurations, so provide unique names for each. If all of the data required to perform a complete installation is included in the kickstart configuration file, the installation completes without further intervention from the administrator. The RPM files used during the installation are downloaded from the HTTP server as they are needed.

The kickstart configuration file can also contain bash script commands that can be run both before and after the rest of the installation. We make extensive use of the post-installation bash scripts to perform installations of locally required RPM packages and tarballs as well as to make configuration changes before the first reboot.

Hardware configuration

In order to boot from the network it is necessary not only to have a network card that is capable of a network boot, but also to configure the BIOS to boot appropriately. You have a couple of options. The first is to always attempt to boot from the network as the first choice, then CD/DVD, and then from the hard drive. The second is to boot from the CD/DVD first, then the hard drive, and finally from the network. Choose the option that best fits your needs.

When booting from the hard drive prior to booting from the network, an additional step requiring some manual intervention would be required to force a boot from the network. It is necessary to overwrite the boot record to prevent booting from the hard drive. This can be done with a small script or from the command line using the dd command but it is another point of intervention.

We chose to configure BIOS to boot first from the network. We then set a short timeout for Anaconda so that the default is to boot to the hard drive if no other action is taken.

DHCP Configuration

The /etc/dhcpd.conf file must be configured correctly to provide an IP address for each client host as well as information necessary to initiate a PXE Boot sequence for each kickstart client host. DHCP determines the host name using the MAC address of the NIC making the request. Although the IP address can be specified in the dhcpd.conf file, we use DNS to maintain the addresses and DHCP does the lookup and then passes the address to the host.

DHCP can also serve a range of addresses rather than a specific address for each host, but that is outside the scope of this article.

#######################################################################
allow booting;allow bootp;dns-update-style ad-hoc;
option domain-name "cisco.com";
option domain-name-servers 109.99.6.247;
max-lease-time 604800;
default-lease-time 604800;
deny unknown-clients;

# The next-server line is required even though we point to ourselves.
# Resolves some issues relating to pxeboot across subnets.
next-server 109.99.101.74;

# 109.99.222 Subnets:
subnet 109.99.222.0   netmask 255.255.255.0
  { authoritative ; option routers 109.99.222.1 ; }

# Red Hat Enterprise Linux 5.1 Kickstart boxes
group {
filename "RHEL/pxelinux.0";
host ems-lnc100.cisco.com
  { hardware ethernet 00:15:17:1D:42:88 ; fixed-address ems-lnc100.cisco.com ;}
host ems-lnx118.cisco.com
  { hardware ethernet 00:04:23:B7:9A:15 ; fixed-address ems-lnx118.cisco.com ;}
host ems-lnx145.cisco.com
  { hardware ethernet 00:04:23:B5:6B:A9 ; fixed-address ems-lnx145.cisco.com ;}
}
#######################################################################

Listing 1: The very basic dhcpd.conf required to support kickstarts.

The filename RHEL/pxelinux.0; statement in the group stanza directs the PXE Boot to load the pxelinux.0 boot file from the specified directory, RHEL. The full path for this directory in our setup is /opt/tftpboot/RHEL where /opt/tftpboot is a symbolic link to /tftpboot. The TFTP root, /tftpboot, is defined in /etc/xinetd.d/tftp.

In each host stanza we specify the MAC address of the NIC in the respective hosts and the hostname. DHCP queries DNS for the IP address and passes it back to the host along with the router and DNS server information.

We discovered during configuration of our server for the kickstart role that the next-server line is required in dhcpd.conf to resolve some PXE Boot issues even though the next-server is really the same server in our case. You should use this statement no matter which box hosts the PXE Boot server, even if it is the same as the DHCP server. It took us a couple days to figure this out and it is one of the things we could not find documented anywhere.

The allow booting and allow bootp statements are both required for kickstarts to function.

All of the options pertaining to PXE Boot can be placed in the group or individual host stanzas as well as in the global section of the DHCP configuration. This allows you as much granularity as you need to have multiple servers and kickstart configurations as well as to ensure that only specific hosts or groups of hosts can be kickstarted.

The PXE Boot files

Three PXE Boot files are required to perform a network boot. The first is pxelinux.0, the network boot loader. The second is the network boot kernel, vmlinuz, and the third is the initial RAM disk image, initrd.img.

We placed pxelinux.0 in /opt/tftpboot/RHEL/ as this is the location we specified in dhcpd.conf. We also have discovered that this is the only place from which it works.

The kernel and RAM disk image files are placed in a distribution or release unique location such as /opt/tftpboot/RHEL/RHEL-server. We also have an RHEL workstation based release we use and place its files in /opt/tftpboot/RHEL/RHEL-workstation. This allows us to keep them separate and helps us to know which is which. We have seen configurations in which files for different distributions and releases are all located in a single directory and named differently. Our method works better for us because we like the additional organization it imposes.

For the most part one set of PXE Boot files is pretty much like another. Most Red Hat Enterprise based distributions currently provide a set of these files. Most of these files should work with most distributions. However we did find that the Red Hat Enterprise Linux 5.1 files are specific to that distribution and that PXE Boot files from other distributions such as CentOS do not work with RHEL 5.1.

TFTP Configuration

The TFTP configuration file, /etc/xinetd.d/tftp, should look like the sample configuration below. We changed disable = yes to disable = no and server_args = -s -c -v -v -v /tftpboot to server_args = -s -c -v -v -v /opt/tftpboot.

#######################################################################
# default: off
service tftp
{
	disable	= no
	socket_type		= dgram
	protocol		= udp
	wait			= yes
	user			= root
	server			= /usr/sbin/in.tftpd
	server_args		= -s -c -v -v -v /opt/tftpboot
	per_source		= 11
	cps			= 100 2
	flags			= IPv4
}
#######################################################################

Listing 2. The TFTP configuration file required only minor changes.

Creating the PXE Boot configuration file

Each host that is to be kickstarted requires a unique configuration file which is located in the /opt/tftpboot/RHEL/pxelinux.cfg directory. This file is used to specify the locations of specific files such as the kernel and the initrd image file. These files are named with the hexadecimal representation of the IP address of the computer to be kickstarted.

You’ll find an online IP to Hex converter at http://tinyurl.com/4lzthf and another tool, written in Perl, is available at http://tinyurl.com/4pz6g3. Usage is very straightforward for each of these tools.

For example, the IP address 192.168.0.55 converts to C0A80037 in hex, so in this case the name of the configuration file for the host with ip address 192.168.0.55 is C0A80037.

Loading the PXE Boot configuration file

The PXE Boot configuration files contain information that allows PXEBoot to locate the kernel and initrd image files for the kickstart process. They also specify the serial console parameters and provide a menu for selection of the desired kickstart. The kernel and initrd images are not the files that will be installed on the kickstarted machine, but are used only as the running operating system during the kickstart itself.

The PXE Boot process tries to load the correct file for the computer by using an interesting algorithm. First it tries to load a file with a name based on the MAC address of the system, then with names based on the hexadecimal IP address, removing one hex digit for each failure. The sequence would look like this:

/opt/tftpboot/RHEL/pxelinux.cfg/01-22-33-44-aa-cc-ee
/opt/tftpboot/RHEL/pxelinux.cfg/C0A80037
/opt/tftpboot/RHEL/pxelinux.cfg/C0A8003
/opt/tftpboot/RHEL/pxelinux.cfg/C0A800
/opt/tftpboot/RHEL/pxelinux.cfg/C0A80
/opt/tftpboot/RHEL/pxelinux.cfg/C0A8
/opt/tftpboot/RHEL/pxelinux.cfg/C0A
/opt/tftpboot/RHEL/pxelinux.cfg/C0
/opt/tftpboot/RHEL/pxelinux.cfg/C
/opt/tftpboot/RHEL/pxelinux.cfg/default

The contents of our files is identical for each of the installations this process is designed for, so only a single master file is located at /opt/tftpboot/RHEL/pxelinux.cfg. Then we use a soft link with the hexadecimal IP address as its name to point to a master file. We can do this because all of our Intel boxes have the same kickstart choices available. You could also use individual files if that suits your needs better.

The contents of our master file are shown below:

#######################################################################

# RHEL5 Kickstart configuration file.
#
# NOTE: The workstation and server versions of the RHEL 5.1 images require
# different initrd.img files.

default 1
prompt 1
timeout 200
display msgs/Main.msg
F1 msgs/Main.msg
F2 msgs/general.msg
F3 msgs/expert.msg
F4 msgs/param.msg
F5 msgs/rescue.msg

#F1 Main.msg

# Hard drive
label 1
    localboot 1

# RHEL5.1-MAX
label 2
    kernel RHEL-workstation/vmlinuz
    append ksdevice=eth0 initrd=RHEL-workstation/initrd.img \
    console=ttyS0,9600n8 ramdisk_size=6804 \
    ks=http://emstools2b.cisco.com/pub/kickstart/rhel-AP-Max-ks.cfg

# RHEL5.1-MIN
label 3
    kernel RHEL-server/vmlinuz
    append ksdevice=eth0 \
    initrd=RHEL-server/initrd.img console=ttyS0,9600n8 \
    ramdisk_size=6804
    ks=http://emstools2b.cisco.com/pub/kickstart/rhel-AP-Min-ks.cfg
#######################################################################

Listing 3. PXE Boot configuration files

In Listing 3 the PXE Boot configuration files contain data to create a menu for Anaconda and information that allows the PXE Boot process to locate the files needed to boot. The append lines have been split for formatting purposes, but should be on a single line when used.

Note that there are multiple stanzas in the file. One for each possible kickstart installation that is defined. Each stanza specifies different files for the vmlinuz, initrd.img and the location and name of the kickstart file to be used. Console parameters are also specified in the PXE Boot configuration file because we use the console to make the menu choice for the desired kickstart and to monitor the installation.

We also added the statement ksdevice=eth0 to the append line. This prevents manual intervention to choose the install NIC when more than one NIC is present. This information was also very hard to find.

This file also contains the definitions of the various menu options we want the Anaconda installer to provide, as well as the Function Key definitions for various help options. The menu options are created by Anaconda using the labels in each stanza. So the menu choices we have are 1, 2 and 3. Note that option 1 is local boot from the hard drive and that the “default 1″ line specifies that the system will boot to the hard drive after the timeout. The “timeout 200″ line specifies the length of the timeout in tenths of a second. This is a strange unit, but the value of 200 results in a timeout of twenty seconds.

The data to generate and display the menu itself is located in the file /tftpboot/RHEL/msgs/Main.msg. Separating the files that specify the options from the file that displays the available options allows us to define hidden options should we need to do that.

#######################################################################

       09Welcome to 0cThe Cisco Linux09 Installer!07
0a
                            |       |
                        . | | | . | | | .
                            '       '
                            C I S C O
07

Enter number of the Linux distribution you wish to install:

1. Cisco CEL 4
2. Red Hat Enterprise Linux MIN (Test)
3. Red Hat Enterprise Linux MAX (DEV test)

05[F1-Main] [F2-General] [F3-Expert] [F4-Kernel] [F5-Rescue]07

#######################################################################

Listing 4: The file /tftpboot/RHEL/msgs/Main.msg

You’ll see that Listing 4 contains the menu for the Anaconda installer. We have added our own options to the menu.

Cisco Core router configuration

The DHCP and TFTP protocols both use UDP rather then TCP packets. Most UDP packets are not forwarded across subnet boundaries and we have many different subnets in our network. Many Cisco routers with current versions of IOS have the ability to configure helper addresses for UDP packets. This enables the router to forward UDP packets to the DHCP and TFTP servers or to specific subnet(s).

Based on our experience, you should only configure this on the core router closest to your server.

#######################################################################
ip forward-protocol udp
!
interface ethernet 1
 ip helper-address 10.44.23.7
interface ethernet 2
 ip helper-address 192.168.1.19
#######################################################################

Listing 5. Sample Configuration

You’ll find a sample configuration from the Cisco IOS IP Configuration Guide, Release 12.2, in Listing 5 that provides an example of the commands required to set up a helper address.

If a protocol is not specified on your router, the helper address will forward all UDP packets to your kickstart server. If this is not what you want, be sure to specify only those protocols that need to be forwarded. This is another piece of information that was very hard to locate. Refer to the Cisco IOS IP Configuration Guide, Release 12.2, for details of this and related commands.

This will not be an issue if your DHCP and TFTP servers are located in the same subnet as all of the hosts you wish to kickstart.

Web Server (Apache) configuration

We chose Apache for our web server because it is supplied by all Red Hat distributions and because we use it on other internal servers so are familiar with its operation. Once you have Apache installed and running, nothing else needs to be done to the configuration to make it work for kickstarts. All you have to do is place the files in a location that is served by Apache.

Because we wanted our server to be as flexible as possible, we decided to plan for the eventuality that we would eventually support both FTP and HTTP kickstarts even though we are only using HTTP at this time. Therefore we chose a directory structure starting at /var/ftp/pub and created a symbolic link to this location from /var/www/html.

ln -s /var/ftp/pub /var/www/html/pub

Making the RPMs Available

While we wanted to make the ISO images of RHEL 5.1 available for download so that users can burn their own installation DVDs, it is also necessary to make the RPMs located in the ISO images available for the kickstarts. In order to accomplish this without having to store the files on the hard drive twice, we chose to keep only the ISO images on the hard drive and mount them using the loopback device to make the individual files in the ISO available to the kickstart.

To accomplish this, the following directories were created.

   /var/ftp/pub/rhel/5.1/isos/i386/
   /var/ftp/pub/rhel/5.1/os

The iso images for RHEL 5.1 client and server were copied to the /var/ftp/pub/rhel/5.1/isos/i386 directory. The following entries were added to /etc/fstab to mount the ISOs automatically at boot time.

#######################################################################
/var/ftp/pub/rhel/5.1/isos/i386/rhel-5.1-client-i386-dvd.iso \
        /var/ftp/pub/rhel/5.1/os/i386/workstation iso9660 \
        loop=/dev/loop1,ro  0 0

/var/ftp/pub/rhel/5.1/isos/i386/rhel-5.1-server-i386-dvd.iso \
        /var/ftp/pub/rhel/5.1/os/i386/server \
        iso9660 loop=/dev/loop2,ro  0 0
#######################################################################

Listing 6: /etc/fstab

The entries in Listing 6 for /etc/fstab mount the ISO images so that the files in the images can be available for the kickstarts.

Note that we chose to use the loop1 and loop2 devices instead of the loop0 device so that the loop0 device would be available to anyone wanting to use a loopback.

The Kickstart Configuration File

The kickstart configuration file, by default named ks.cfg, is used by Anaconda to define the parameters of the installation. This file provides the answers to all of the questions and entries to all of the fields required by the installation process. Only by having answers to each and every question can the kickstart be fully automated. If any of the required fields does not have an entry the installation halts and waits for input.

Creating the Starting ks.cfg File

We initially created the kickstart file using the kickstart GUI configurator. Using this configurator allowed selection of the major software groups to be installed. There are other ways to obtain a kickstart configuration file to use as a starting point. Each time Red Hat Linux is installed, a kickstart configuration is stored at /root/anaconda-ks.cfg. This file can be used to exactly recreate the installation as it was performed. You could generate a kickstart file by performing a manual installation with the exact configuration you want and then use the anaconda-ks.cfg file generated as the starting point.

We renamed our kickstart files from anaconda-ks.cfg to something more meaningful, rhel-AP-Max-ks.cfg, and rhel-AP-Min-ks.cfg. This enables us to know from the names which type of installation the file is for, and also to keep multiple files in the same directory.

The kickstart configuration files have several sections. Each section has statements pertaining to a specific portion of the installation. Some sections are optional.

We did not use the %pre section which allows running scripts before the installation begins, so we will start with the command section. Most of this should be relatively self-explanatory, but if you need more information on any portion, the Red Hat Enterprise Linux Installation Guide (see Resources) contains an excellent description of each section of a kickstart file and describes each of the possible statements and commands that can be used. For the sake of brevity we will only discuss certain key portions of our kickstart file.

#######################################################################
# This is an installation not an upgrade
install
# The location of the RPM files
url --url http://emstools2b.cisco.com/pub/rhel/server
key 9a09007d99b6cd00
lang en_US
# Use text mode install
text
keyboard us
xconfig --defaultdesktop kde --resolution 640x480 --depth 8
network --device eth0 --bootproto dhcp --onboot=on
rootpw --iscrypted $1$tihTg7ne$hohhkj87hGGddg9B4WkXV1
authconfig --useshadow --enablemd5
selinux --disabled
timezone America/New_York
firewall --disabled
firstboot --disable
# Reboot after installation
reboot
bootloader --location=mbr --append="console=ttyS0,9600n8"
clearpart --all --initlabel

# define partitions
part /boot --fstype ext3 --size=512
part /opt --fstype ext3 --size=10000 --grow
part /usr --fstype ext3 --size=10000
part /tmp --fstype ext3 --size=7500
part /var --fstype ext3 --size=7500
part /home --fstype ext3 --size=2500
part swap --size=2048
part / --fstype ext3 --size=2048
part /usr/local --fstype ext3 --size=2000

#######################################################################

Listing 7: The command section of our kickstart file.

We added a key line to this section. This is what Red Hat calls the Installation number and is required to enable all Linux functionality. Just what would not be enabled is not specified. If the key line is not included in the kickstart files, the installation stops and waits for input which is not what we want.

We specified a text mode install because, as mentioned before, we need to use the console for installation and a graphical installation would not work for us.

We specified our console parameters in the “bootloader” line to ensure that they matched those of our console servers.

Due to issues we had with creating LVMs using kickstart, we only created EXT3 partitions, not Logical Volumes. We intend to revisit this and determine whether Logical Volumes can be used. It may be that, because our procedures are to simply re-kickstart systems that have any significant issues, such an effort would be more trouble than it is worth.

The %packages section of our kickstart file defines which groups are installed. These are the names preceeded by an “@” sign. Individual RPM packages can also be specified just by placing the appropriate package name on a line by itself in this section.

You can specify RPM packages that are not to be installed even if they are part of a group that you otherwise need to install. These RPMs are specified on a line by themselves but are preceeded by a “-” sign.

#######################################################################
%packages
@engineering-and-scientific
@mysql
@development-libs
@editors
@system-tools
@gnome-software-development
@text-internet
@gnome-desktop
@core
@base
@ftp-server
@network-server
@legacy-software-development
@java-development
@printing
@kde-desktop
@mail-server
@server-cfg
@sql-server
@admin-tools
@development-tools
@graphical-internet
festival
audit
kexec-tools
bridge-utils
device-mapper-multipath
dnsmasq
imake
-sysreport
mc
festival
audit
libgnome-java
libgtk-java
libgconf-java
kexec-tools
xorg-x11-server-Xnest
xorg-x11-server-Xvfb
-compiz-kde
-knetworkmanager
-amarok
#######################################################################

Listing 8: The %packages section of the kickstart file defines the groups and packages to install.

Using Post-installation scripts

We invested a great deal of effort developing the post-install scripts defined in the %post section of the kickstart configuration file. These scripts allow us to perform installation and configuration of RPMs and tarballs that are not part of the Red Hat installation.

The important thing to remember about the post-installation scripts is that they are executed using the bash command interpreter in a chroot’ed environment that behaves as it will when rebooted after the installation. This allows virtually any action that you could possibly work into a script to be performed during the final stages of installation.

#######################################################################
%post
# Install the yum repository configuration files
cd /tmp
wget http://emstools2b.cisco.com/pub/local/lab-repos.tar
cd /
tar -xvf /tmp/lab-repos.tar

# Set an ID to be used for other scripts
touch /LINUX_RHEL_MINIMAL_INSTALL

# Install Kshell as a preference of some developers.
yum -y install ksh

# Configure some local NFS mount points
service portmap start
mount  emsnfs:/export/linux/post   /mnt
cat /mnt/auto_localnfs >> /etc/auto.misc
cat /mnt/auto_misc >> /etc/auto.misc

# Get the command to create the motd and create it for the first time.
cp /mnt/createMOTDLinux /etc/init.d/create_motd
mv /etc/motd /etc/motd.orig
/etc/init.d/create_motd > /etc/motd

umount /mnt

# Create symlinks for mount points
# the links to /localnfs are to work around the issue with Linux
# mount points not being browsable as they are in Unix
mkdir /localnfs
ln -s /misc/apps       /localnfs/apps
ln -s /misc/rtp-chaos  /localnfs/rtp-chaos
ln -s /misc/black-hole /localnfs/black-hole
ln -s /misc/tools      /localnfs/tools
ln -s /misc/tftpboot   /localnfs/tftpboot
mkdir /opt/scratch
ln -s /opt/scratch /scratch

# Create ssh authorized keys
# Make the directory
mkdir /root/.ssh

# Create the keys file
cat  << xxEOFxx >> /root/.ssh/authorized_keys
sh-dss AAAAB3NzaC1kc3MAAACBAKyW6vv6uHKGKL54765VBHKJHhbfvfhJ/rkspGK2pmAM7awj7EwB
/wUBZUucmQSYnyaOlbvS6NkdE+sUC/asU/mEZjzoQgP+kdahxfJvWATaJweVFjRdHrIZxPB4nlO+MEBb
cPmUP7cLLQ1KGbfUakr35qzb9RjpBPDcBSDW2GZRAAAAFQCD/qw8FCSfEyWAmtkXDioJBWUCOwAAAIAm
4czfxx+Srm7FxGDTsiL52ojKzZCzddTi6YclknBXYpa3jhjhDfgkbGfHc746cVXm3hJ9ZgA3RQpMypKn
WS6EHimjkjEeqfw/viqPR1NCvj1xVs9XDjRtCelwsxUNj31Y2RHCsusa6DDwG765bnlk/BO4lUGRQpNy
QAAjKyDhPwAAAIAPJQcSf0tc4OrqNxy/gjkhkhgghfTRerthkljhGuyKarrmWan9ZkkFJQYnp09GNasZ
zI7Zwau3oqfutPTWJFehBskFKvRpSjYd59vKjWpDyCE5xHYxZfDORTj4pzjRSyiXDP/viA5DBCUWieM4
zGWa1RKVdskjPFS56y5GAkEwcA== root@emsjumpsssh-dss AAAAB3NzaC1kc3MAAACBAOqZBr62GU
La+NwGUatvO7OVXqGDn4qXvR2GAUputz9uyYmcWTvoHG0D3eAQ2flqhpyhJQo63GyntUtmGkXIHFuM3z
4qDt19qcpFRj10ZzRbZGhf+QbJwkxA9fpOy/BmoYykW5l36Db/Dvlzk4zNgJAmGXb2rNv8RSqYC6kCZf
aNAAAAFQDTb8EsksyknY++4zXC3TPNrH/+MwAAAIEAz3OCUfZXo+e/lJ/KSFj1un378KGGo9qfGSpVMV
Tva/z58KAZ174tJpgnfA8+fQOwq/ip8s9UyHA2qR+BICjjZo1KatevFN7l4rpNSqdLivEasrGBu6fRTP
/kQ6vt+OLIAQyr8t9RqpZKUVdd9odFA9NLiuOhG//eh2cDSXmjFnkAAACAbgzdEMcCMeMT/XPJrkZ/md
TX/EJ6VNQEuTP3fhrjKKjccYobXPOQhvliIhPGFbtrRZlYRPPFAkAAse0qRPOsy8XHKD18WnQr5JNJx+
C5PYMkb8APY55Ydwwrt4EFeqnFpF3RXFhPY1eiZNAI33GopEGVTiLTO4ZW9mYC8EI7e28= root@emstools
xxEOFxx

# Copy the logbanner and change sshd_config
cat  << xxEOFxx >> /etc/LogBanner
                               WARNING!!!
                   READ THIS BEFORE ATTEMPTING TO LOGON                      

     This System is for the use of authorized users only.  Individuals
     using this computer without authority, or in excess of their
     authority, are subject to having all of their activities on this
     system monitored and recorded by system personnel.  In the course
     of monitoring individuals improperly using this system, or in the
     course of system maintenance, the activities of authorized users
     may also be monitored.  Anyone using this system expressly
     consents to such monitoring and is advised that if such
     monitoring reveals possible criminal activity, system personnel
     may provide the evidence of such monitoring to law enforcement
     officials.                                                              

     Cisco Acceptable Use Policy:                                            

http://wwwin.cisco.com/infosec/policies/acceptable_use.shtml

xxEOFxx

echo "Banner /etc/LogBanner" >> /etc/ssh/sshd_config

#######################################################################

Listing 9: Post-installation Script Example

You’ll see that Listing 9 contains a partial listing of our post-installation script which installs both RPMs and tarballs designed for our unique lab environment as well as performing other necessary tasks.

As you can see, our post-installation is quite extensive. In addition to performing installations of several software packages we require, it also sets up a login banner, creates the /root/.ssh directory and copies some public keys there. We have only shown one of these keys to save space.

Notice that we can also start services as in the line service portmap start and access files on NFS mounts during this last portion of the kickstart. Post-installation provides a very flexible environment for performing a great many automated tasks.

Perform the kickstart

Performing the kickstart is very easy because we have done all of the hard work in setting up the network kickstart. We have four basic steps to perform.

  1. Add the computer to DNS.
  2. Add the appropriate information to the dchpd.conf file.
  3. Boot the computer.
  4. Select the desired kickstart from the menu.

The automated kickstart does the rest. The first two steps only need to be performed the first time a computer is kickstarted; after that the DNS and DHCP information will already be there.

Troubleshooting a failing Kickstart

The most common problems with network kickstarts the way we have set it up are network failures, MAC addresses that are incorrectly entered in the dhcpd.conf file, using the MAC address for the wrong NIC. These problems will present themselves on the console with messages from PXE Boot on the NIC unable to obtain an IP address.

An incorrectly named hexadecimal IP address file for a system or a problem with the TFTP server will allow the NIC to obtain the network data, but fails to load the PXE Boot configuration file for the system. Be sure your TFTP server is configured correctly using the tftp file in the /etc/xinetd.d directory.

Comments on "Complete Kickstart: How to Save Time Installing Linux"

internetbummer

Great guide… except that it’s a little outdated now.

cobbler.et.redhat.com

Cobbler does all of that almost automatically on install, and gives you a lot more flexibility in terms of scripting additional install options.

Reply

    Thank You Guys for an absolute wonderful detailed document you have created, this should teach some lesson to Red Hat Doc people. I’m about to take RHCE myself. I just have one question in the paste below, what is the first line, i’m confused, and do we have to create all these file.

    /opt/tftpboot/RHEL/pxelinux.cfg/01-22-33-44-aa-cc-ee
    /opt/tftpboot/RHEL/pxelinux.cfg/C0A80037
    /opt/tftpboot/RHEL/pxelinux.cfg/C0A8003
    /opt/tftpboot/RHEL/pxelinux.cfg/C0A800
    /opt/tftpboot/RHEL/pxelinux.cfg/C0A80
    /opt/tftpboot/RHEL/pxelinux.cfg/C0A8
    /opt/tftpboot/RHEL/pxelinux.cfg/C0A
    /opt/tftpboot/RHEL/pxelinux.cfg/C0
    /opt/tftpboot/RHEL/pxelinux.cfg/C
    /opt/tftpboot/RHEL/pxelinux.cfg/default

    Reply
troll666

Well, as one of the authors, outdated is not quite the right word. The info is current, it is just that the authors didn’t find cobbler before rolling their own. Also, there are lots of admins out there that want to understand what is happening and why. when it breaks, they know the piece to fix on their own. Understanding the kickstart process can save hours of time debugging why the latest hardware fails to kick or to help trace a single byte error in a config file.

cobbler does look interesting and I will probably install it at some point and give it a whirl. It may be better for future deployments or it may have functions that we will build into our existing server.

BRuce

Reply
jrzagar

One of the main limitations I find in kickstart is in selecting the type of hard drive… Some systems use SATA (/dev/sd[a-z]), others use IDE (/dev/hd[a-z]), and some vendors’ controllers don’t follow either convention (e.g. HP raid controllers use /dev/cciss/…)

I use a %pre script to automatically generate the partition information:


######
# Disk configuration now handled by pre-install script
%include /tmp/partitions

...

%pre

######
# Auto-detect IDE/SATA/SCSI drive and adjust appropriately...

# Doesn't work with HP/Compaq SmartArray controller
# DISK="`egrep '[hs]d[a-z]( |$)' /proc/partitions | \
# awk 'NR==1 {print $4}'`"
# echo $DISK

# Regular expressions that match different kinds of disk drives
# The HP cciss driver does not assign /dev/sd[a-z] names...

# *** WARNING ***
# Entering deep Bash quotation hell...
# Work-around for busybox bug in RHEL-4.U3

DISK=""
REGEXP01="'[hs]d[a-z]( |$)'"
REGEXP02="'cciss/c[0-9]d[0-9]( |$)'"

for regexp in `set | grep ^REGEXP | cut -d= -f1`
do
eval EXPR=`eval "echo \$\{$regexp\}"`
CMD="egrep ${EXPR} /proc/partitions"
DISK="`eval "$CMD"| \
awk 'NR==1 {print $4}'`"
if [ -n "${DISK}" ]
then
echo $DISK
break
fi
done
# Now leaving Bash quotation hell...

# bug in RHEL-4 busybox-1.00rc1-5
#
# cat - > /tmp/regexp.partitions /tmp/partitions

Reply
jrzagar


# [hs]d[a-z]( |$)
# cciss/c[0-9]d[0-9]( |$)
# EOF
#
# DISK="`egrep -f /tmp/regexp.partitions /proc/partitions | \
# awk 'NR==1 {print $4}'`"

cat > /tmp/partitions

Reply
neiliss

You are not required to mount the .iso files to the loopback device. The installer is able to recognize and mount the .iso files.

Reply
jrzagar

ARGH, things keep gettng chopped off…


cat > /tmp/partitions &lt&ltEOF
clearpart --linux --drives=${DISK}
part /boot --fstype ext3 --size=256 --ondisk=${DISK}
part pv.6 --size=1 --grow --ondisk=${DISK}
volgroup vg00 --pesize=32768 pv.6
logvol / --fstype ext3 --name=rootfs --vgname=vg00 --size=20480
logvol swap --fstype swap --name=swapfs --vgname=vg00 --size=2048
logvol /opt/packages --fstype ext3 --name=packages --vgname=vg00 --size=8192
EOF

Reply
troll666

jrzagar, I am assuming you have a need to select the exact drive you want to kick start on. Since most of our machines have just one drive, we don’t specify anything. In systems with more than one drive it just uses the “first” one. the code looks like it has the same functionality that i used a long time ago in differentiating drives on Solaris machines during pre jumpstart processing.

Reply
troll666

thanks for the tip, we can simplify our config on the kickstart server.

Reply
lashby

A typical LVM partitioning entry for our kickstarts (with a large /home):


## Base hard drive partitioning with LVM
part /boot --fstype ext3 --size=128 --asprimary
part swap --fstype swap --size=4096 --asprimary
part pv.1 --size=1 --grow --asprimary

### LVM setup
volgroup vg01 --pesize=16384 pv.1
logvol / --fstype ext3 --vgname=vg01 --size=2048 --name=root
logvol /usr --fstype ext3 --vgname=vg01 --size=8192 --name=usr
logvol /opt --fstype ext3 --vgname=vg01 --size=4096 --name=opt
logvol /var --fstype ext3 --vgname=vg01 --size=4096 --name=var
logvol /tmp --fstype "ext3" --vgname=vg01 --size=4096 --name=tmp
logvol /home --fstype "ext3" --vgname=vg01 --size=1 --grow --name=home

Reply
mohanpoddar

Very Helpfull to me,

The information in this article is very useful. After reading this article, now i am able to implement installation using kickstart.

Reply
davidtangye

I have been doing similar stuff: autoinstalling Redhat years ago, and netbooting lately. I have not combined them yet.

I played with kickstart briefly under Redhat and see that it is an option still under Ubuntu.
I have done similar to you with pxe-netbooting. However I am using a separate bootp server instead of dhcp to assign the ip address and provide the pxe config adn menu files. (Details are recorded as the first section of this page.).

My main comment on your article:

In the section “Kickstart Sequence of Events” After “The PXE Boot file is loaded from the TFTP server…”, the rest of the section and the next section are confusing to me: I have done similar and still cannot follow you. The pxelinux boot kernel, and the ‘installer’ linux kernel are confused.

The former presents the ‘PXE Boot configuration file’, later referred to as ‘our master file’, and then within it as ‘RHEL5 Kickstart configuration file.’ I believe its best name is the ‘PXE Boot configuration file’, and 3 different terms are confusing.

The latter (the installer kernel and initrd chosen from the menu of the PXE Boot) actually runs the Anaconda installer does it not? So keep the terms clearly and consistently named.

As I understand it:

1. You boot a pxe program via netboot and its pxe extension facility.
2. Pxe uses tftp to get the ‘PXE Boot configuration file’ and its associated menu files and present them to you.
3. You choose an item based on a PXE menu file, and its boots whatever is in the associated relevant stanza of the ‘PXE Boot configuration file’. This is normally a linux kernel and its relevant initrd, which runs in this case Anaconda, the linux installer. The stanza in this case also includes a parameter to Anaconda which is the kickstart file Anaconda will use to automate itself, and thus automate an install.

Hmm… every time I write this stuff its gets written more clearly and concisely (I hope).

Other comments:

I also used ftp for a while, but dropped it and just stick with http now. I see no need for ftp at all anymore here. After installation I use mc too, and access remote hosts via its ssh mechanism (‘Shell link…’), so even nfs is dropping away for me too.

tftp is limited in its functionality. It seems that it will not access files across symbolic links that traverse mount points. It jails you somewhat, and this is possibly a deliberately-inbuilt security consideration. Like you I found information on some of these aspects difficult or impossible to find. Its a problem in the open-source world: good stuff badly presented or badly worded, or effectively hidden by omission to document at all.

Overall I found the article very good, and got a few good tips. (pxelinux.cfg/C0A80037 is based on the ip address (not the MAC address): good to know)

ps Ubuntu has an alternative to kickstart. It is similar in concept, supposedly more powerful, but its very unfriendly to generate its response file (eg there is no GUI) or make sense of what it produces during an installation run (comparable file to your /root/anaconda-ks.cfg).

Reply
dboth

Thanks for your comments. We are glad you were able to find some useful information.

Your understanding does seem correct. We found the terminology quite confusing also in the various documents we found and had hoped that we were able to fix that; apparently we were not completely successful in that.

Reply
kenshelby

Thank you! I found this to be a very helpful article. I thought that I must be going mad, until I read your comment, “…some necessary information is very difficult to find.”

Our field engineers need a way to update industrial compact-PCI machines that have no floppy and no CD/DVD, and while the BIOS supports PXE, it won’t boot from a USB drive. (Yes, the boxes are *that* old.) After I get all my kickstart kinks ironed out, I plan to create a VM out of my kickstart server and have our field engineers run that on their laptops.

Thanks again – very much! – for gathering all the disparate bits together in one easy-to-read place!

Reply
altrunemorph

Hi! I want to thank you both David Both and Bruce Garland for such a complete guide to get kickstart running. This is the best and most complete HOWTO refering to this subject. Great work.

Reply
challaa

Thanks, it was very useful for me

Reply

Heya i?m for the first time here. I found this board and I to find It truly helpful & it helped me out much. I’m hoping to present something again and aid others such as you aided me.

Reply

I believe that is among the most important information for me. And i am happy studying your article. But should observation on few common things, The website style is perfect, the articles is in point of fact excellent : D. Excellent activity, cheers

Reply

Wow, wonderful weblog structure! How lengthy have you ever been blogging for? you made running a blog look easy. The entire look of your web site is excellent, as neatly as the content!

Reply

Generally I do not read article on blogs, but I would like to say that this write-up very compelled me to take a look at and do so! Your writing style has been amazed me. Thank you, very nice article.

Reply

Pretty nice post. I simply stumbled upon your blog and wanted to mention that I have truly enjoyed browsing your weblog posts. In any case I?ll be subscribing on your rss feed and I’m hoping you write again soon!

Reply

You really make it appear really easy along with your presentation but I to find this matter to be actually one thing that I think I’d by no means understand. It seems too complex and very broad for me. I’m looking forward on your next post, I will try to get the grasp of it!

Reply

A person essentially lend a hand to make significantly posts I might state. This is the very first time I frequented your website page and so far? I amazed with the research you made to make this actual put up amazing. Fantastic task!

Reply

Hello there, just Free file games and programs on http://zabig.ru/

Reply

Great website. Lots of helpful information here. I’m sending it to a few pals ans also sharing in delicious. And obviously, thanks for your effort!

Reply

Helpful info. Fortunate me I discovered your web site by chance, and I’m stunned why this twist of fate did not happened earlier! I bookmarked it.

Reply

I don?t even know how I finished up right here, however I believed this submit was once great. I don’t understand who you might be however definitely you are going to a well-known blogger if you happen to aren’t already ;) Cheers!

Reply

hi!,I really like your writing very much! proportion we be in contact extra about your article on AOL? I need an expert in this space to resolve my problem. Maybe that is you! Having a look ahead to peer you.

Reply

We are a gaggle of volunteers and starting a brand new scheme in our community. Your site offered us with helpful info to work on. You’ve done a formidable process and our whole group will likely be grateful to you.

Reply

Pretty part of content. I simply stumbled upon your blog and in accession capital to assert that I get in fact enjoyed account your weblog posts. Any way I?ll be subscribing in your augment or even I fulfillment you get admission to consistently fast.

Reply

Simply desire to say your article is as amazing.
The clarity on your publish is simply excellent and that
i can assume you’re knowledgeable in this subject. Well together with your permission allow me to grasp your feed to keep updated with approaching post. Thanks a million and please carry on the rewarding work.|

Reply

Magnificent post, very informative. I wonder why the other specialists of this sector do not realize this. You must proceed your writing. I’m confident, you’ve a great readers’ base already!|What’s Happening i’m new to this, I stumbled upon this I have found It positively useful and it has aided me out loads. I am hoping to give a contribution & help other customers like its aided me. Great job.

Reply

Hi,

Can anyone tell me if dhcp is already in windows server. and rest the things how can we do in linux server without any modification to windows dhcp server.

i just want windws dhcp server for ip address and rest thing should be done from linux server.

Reply

Excellent post. I used to be checking constantly this weblog and I’m inspired! Extremely useful info particularly the closing part :) I take care of such information a lot. I was seeking this particular info for a very lengthy time. Thanks and best of luck.

Reply

Hello Bruce & David;
I too thank you for the great article and information. I am relatively new to Linux and am in need to create a kickstart server. Just wanted to check with you to see if this information is still current, as I will probably be using RH v6. I too just happened on your site and am just getting started in the process and have quite a ways to go in the info gathering process. Any updates would be greatly appreciated.

Regards.

Reply

Thank you a bunch for sharing this with all people you really know
what you’re speaking about! Bookmarked. Kindly additionally visit my web site =). We can have a hyperlink alternate arrangement between us

Reply

Wonderful whip! I have to beginner because you fix your website, how could possibly i sign up to for your blog site web-site? The particular bank account solved the problem any proper cope. I personally have been slightly acquainted of your ones transmitted provided shiny crystal clear notion

Reply

Wow! In the end I got a blog from where I can genuinely obtain useful data concerning my study and knowledge.

Reply

It’s not my first time to pay a visit this web site, i am browsing this website dailly and obtain fastidious information from here everyday.

Reply

Excellent website. Lots of helpful info here. I am sending it to some friends ans additionally sharing in delicious.
And naturally, thanks for your effort!

Reply

Even now having cobbler, this document is still very very useful to understand the underlying works. Great article! Thanks!

Reply

Say, you got a nice post.Thanks Again. Awesome.

Reply

If some one needs expert view about blogging afterward i advise him/her to visit this website,
Keep up the nice job.

Reply

I’m truly enjoying the design and layout of your website. It’s a very easy on the eyes which makes it much more pleasant for me to come here and visit more often. Did you hire out a developer to create your theme? Exceptional work!

Reply

Uso y búsqueda de perfiles

Reply

Complete Kickstart: How to Save Time Installing Linux | Linux Magazine
xqcvnlmjv http://www.g7aj33w36bpi64slda6z406261y3uy8ts.org/
axqcvnlmjv
[url=http://www.g7aj33w36bpi64slda6z406261y3uy8ts.org/]uxqcvnlmjv[/url]

Reply

I’ll gear this review to 2 types of people: current Zune owners who are considering an upgrade, and people trying to decide between a Zune and an iPod. (There are other players worth considering out there, like the Sony Walkman X, but I hope this gives you enough info to make an informed decision of the Zune vs players other than the iPod line as well.)

Reply

Sorry for the huge review, but I’m really loving the new Zune, and hope this, as well as the excellent reviews some other people have written, will help you decide if it’s the right choice for you.

Reply

Thank you a lot for providing individuals with an extremely memorable chance to check tips from this web site. It really is very useful and also jam-packed with a great time for me and my office peers to search your website at the very least 3 times per week to find out the new stuff you will have. And definitely, I’m also actually satisfied with your spectacular tips you give. Selected 1 points in this posting are rather the most impressive I have had.
telephoneol

Reply

Fine work, exquisite tailoring іs Thom Browne’s personal style whіch Moncler Gamme Bleu brand was moѕt vividly manifestation of weakened brand Moncler material brought heavy feeling. Milan in thіs season’s men’s Week all over again sаw he Legging bold appearance. Looking forword that outside thе show day-to-day activities seе the new “men’s” fashion.

Reply

I like what you guys are up also. Such smart work and reporting! Carry on the superb works guys I?¦ve incorporated you guys to my blogroll. I think it will improve the value of my site :)

Reply

I love the knowledge on your web sites. Thanks a ton.|

Reply

The winter wetsuit sale іѕ point уоu absolutely want in order tо become оn the lookout by. In thе northern hemisphere, winter іs usually stay іn one time whеn water sports are loads оf cash popular. It is usually during at thіѕ occassion that organizations thаt make water sports gear introduce thеir new models on the market. Those companies thаt sell theѕе water sports items must make room for brand new inventory. Attain this, numerous put thеіr existing inventory оn sale at substantial discounts tо quickly remove the wау kids items. This іѕ the type оf sale you want to bе hunting for.

Reply

Rather thаn search everywhere fоr an incredible pair of shoes, find them directly from a birkenstock retailer. With more than twо one раrtiсulаr hundred year оf shoemaking experience, Birkenstock іs vintage car to be recognized.

Reply

blackhawks camo jersey

Reply

It had a bad reputation аs ѕomеthіng which played by gamblers and аlso the type that face men thаt would frequent thеse halls, it’s popularity grew widely, and also now be a sport that аnyоne can moncler italia learn and tаke part in. However, the game іs ѕtill one which сan be played in halls, bars, аnd social establishments.

Reply

TT: I’ll saу acutely aware involving feeling i sense similar tо this iѕ certaіnly what thе twenty fіrst Century is. Absent аre you maу hаve heard when just hаve to tune inside a mad illegal radio station late аt evening to bе equipped to be handled by thе rapper оf уour option. That is certaіnly all adjusted these days. That’s аll gonе оut among the window. So i trulу such as I indicate thаt reinvent. I characterize the оf iPods and shuffle аnd essential things lіke that. And I take іnto account that іs cеrtаinly accurately buying аnd selling domains make mу music. I generally bear that in head. All of us in one day аnd age wherе by wе moncler italia in any probability аll have Jay-Z and Coldplay in оur report assortment, that is merely standard. I’m juѕt thе amalgamation of this two, I consider.

Reply

all air jordan shoes

Reply

Really pleased for you”Zissman replies: “I won!!!! Will pay you in the morning. The 2012 Passat is the initial auto VW has assembled inside the United States given that the 1980s, when the organization operated the very first so-called transplant ftory in Westmoreland, Pennsylvania. For the ext sa reason you’ll see bodybuilding and athletic attire ades on ESPN.VW’s new ftory ought to deliver considerable price savings, and also the firm promises a base Passat price of about $20,000.Consider using a popular method among writers that is known as “the future glimpse.
Wholesale NFL Jerseys

Reply

Surprisingly article,it is useful to me and others,please just keep it….

Reply

Hi there every one, here every person is sharing these familiarity, therefore it’s fastidious to read this blog, and I used to go to see this webpage daily.

Reply

I just couldn’t depart your web site before suggesting that I extremely enjoyed the standard information a person provide for your visitors? Is gonna be back often in order to check up on new posts
scooterol

Reply

Very few web-sites that take place to be detailed beneath, from our point of view are undoubtedly very well really worth checking out.

Reply

Spot on with this write-up, I honestly believe that this amazing site needs a great deal more attention.
I’ll probably be returning to read through more, thanks for
the advice!

Also visit my web page – lose 10 pounds in 7 days (Audry)

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>