Monday, August 11, 2014

How to Install Oracle Linux 7 with Kickstart, PXE and Dnsmasq

Assuming you've synchronized an Oracle Linux 7 repository and you publish it from an HTTP server, you are just missing dnsmasq and a few files to perform an installation of Oracle Linux 7 with Kickstart and PXE. It will not take you more than 15 minutes to configure the whole thing...

dnsmasq is the perfect tool for that. It includes a DHCP server, a basic TFTP server and it is very simple to configure.

This article shows an example of configuration. It explains the few files that are required and come from the distribution. You should be able to add or modify the other files manually to get the work done...

Yum Repository Index

First and foremost, install an HTTP server to publish RPMs and a few other files. One of the easiest way to go is to install an Apache HTTP server and to make it point to the directory that contains the YUM repositories.
Note:
Oracle does not provide the Oracle Linux 7 group description file (comps.xml) on public-yum.oracle.com. Instead, the default comps.xml that is published in the ol7_latest channel is the one from Redhat. If you proceed with a kickstart installation with that file, it will not include the UEK3 kernel but only the RHCK kernel. That is one of the reasons you will want to use your own repository. It allows to include the comps.xml file from the Oracle Linux distribution that contains the right group description.
For this article, I synchronize the 2 main Oracle Linux 7 repositories in /u01/app/oracle/distribs/oraclelinux and I use /yum/ as an alias in my 2.4 Apache HTTP server. The server can be accessed from the 192.168.56.2 IP address on my network. To shorten this article, I did not configure the DNS but you should! And dnsmasq does that part too. Change those values to match your configuration.

Below are the /etc/httpd/conf/httpd.conf lines that have been included to publish my directory in Apache:
<Directory "/u01/app/oracle/distribs/oraclelinux">
    Options +Indexes +FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

Alias /yum/ /u01/app/oracle/distribs/oraclelinux/
To synchronize the repositories, assuming they are correctly configured for the host in /etc/yum.repo.d, run reposync root:
yum install yum-utils
reposync --repoid=ol7_latest \
         --repoid=ol7_UEKR3 \
         -p /u01/app/oracle/distribs/oraclelinux
The installer needs to access those 2 repositories as one. Use createrepo to index the 2 of them together:
cd /u01/app/oracle/distribs/oraclelinux/
find . -iname "*.rpm" > rpms.lst
createrepo -i rpms.lst .
It creates the repodata directory in /u01/app/oracle/distribs/oraclelinux and it indexes RPMs. You can test the URL by running curl http://192.168.56.2/yum/ from a remote host on the same network. Make sure you can access the web server and there is no firewall rule that prevent the access. If there is, fix the issue...

RPM Group Description

For kickstart to work as expected, it should be able to search for groups. As mentioned earlier, you can not rely on the public-yum.oracle.com comps.xml file. Instead, use the one that comes from the Oracle Linux 7 distribution:
mkdir /mnt/cdrom
mount OracleLinux-R7-U0-Server-x86_64-dvd.iso /mnt/cdrom
cp -p /mnt/cdrom/repodata/*-comps-Server.xml \
      /u01/app/oracle/distribs/oraclelinux/repodata/comps.xml 
People from Oracle have made a weird choice regarding the naming of the dtrace-modules rpm because it includes the kernel version in its name. As a result, you must change also change the content of comps.xml. Find the latest release:
cd /u01/app/oracle/distribs/oraclelinux/ol7_UEKR3/
ls dtrace-modules-3*.rpm
dtrace-modules-3.8.13-35.3.1.el7uek-0.4.3-4.el7.x86_64.rpm
dtrace-modules-3.8.13-35.3.2.el7uek-0.4.3-4.el7.x86_64.rpm
dtrace-modules-3.8.13-35.3.3.el7uek-0.4.3-4.el7.x86_64.rpm
dtrace-modules-3.8.13-35.3.4.el7uek-0.4.3-4.el7.x86_64.rpm
Replace the string in comps.xml from dtrace-modules-3.8.13-35.2.1.el7uek to the latest one or, at the time I'm writing this post, dtrace-modules-3.8.13-35.3.4.el7uek. Once done, test the checksum and add it to the repomd.xml file :
cd /u01/app/oracle/distribs/oraclelinux/repodata
sha256sum comps.xml
62f1b1bc89947d8b1592df8343ccb43c4e62105cacad081d41936a68fb744f11 comps.xml
ls -l --time-style=+%s comps.xml
-rw-r--r-- 1 root root 632924 1407758377 comps.xml
Depending on the checksum and date for comps.xml, add the lines below to repomd.xml:
<data type="group">
  <checksum type="sha256">62f1b1bc89947d8b1592df8343ccb43c4e62105cacad081d41936a68fb744f11</checksum>
  <location href="repodata/comps.xml"/>
  <timestamp>1407758377</timestamp>
  <size>632924</size>
</data>

Dnsmasq Installation

Install and configure dnsmasq for DHCP and TFTP:
yum install dnsmasq
Edit /etc/dnsmasq.conf and add the following parameters:
enable-tftp
tftp-root=/tftpboot
dhcp-range=enp0s3,192.168.56.101,192.168.56.199,4h
dhcp-boot=pxelinux.0
pxe-prompt="Press F8 for boot menu", 10
pxe-service=X86PC, "Boot from network", pxelinux
pxe-service=X86PC, "Boot from local disk", 0
For a full description of the options, check [1] Configuration file for dnsmasq:
  • enable-tftp enables the TFTP server
  • tftp-root defines the root directory containing the files for the TFTP server
  • dhcp-range defines the range of addresses, e.g. from 192.168.56.101,192.168.56.199. It also defines the interface to use, e.g. enp0s3 and the lease time, e.g. 4 hours
  • dhcp-boot defines the program to be used to boot from the network card, here pxelinux.0
  • pxe-prompt and pxe-service create a small menu to be used from the interface BIOS to choose between a PXE boot (pxelinux) or a boot from local disk (0)
Once dnsmasq configured, you can create the root directory and start the service:
mkdir /tftpboot
systemctl start dnsmasq
systemctl status dnsmasq
Note:
Before you continue check the firewall does not block TFTP and DHCP.

TFTP menu and files

The content of TFTP root directory can be slightly adapted but should look like below:
  • menu.c32 is a 32-bit COM the file that is used to execute the menu. It is part of syslinux and can be replaced by vesamenu.c32 
  • pxelinux.0 is syslinux program used to boot from PXE.
  • images/ol7/vmlinuz is a linux kernel executable and used to start the installation. It can be used from the images/pxelinux distribution directory
  • images/ol7/initrd.img is a linux initial Ram disk used to boot Linux. It can be used from the images/pxelinux distribution directory
  • pxelinux.cfg/01-08-00-27-82-66-c4 is a text file that contains the initial menu. Create it and adapt it for every server. This file is the default file in case the MAC address is 08:00:27:82:66:C4 ; mind the 01- prefix to the address as well as the lower case as explained in How do I Configure PXELINUX? [2].
To install menu.c32 and pxelinux.0, install syslinux and copy the files from /usr/share/syslinux:
yum install syslinux
cp -f /usr/share/syslinux/pxelinux.0 /tftpboot/.
cp /usr/share/syslinux/pxelinux.0 /tftpboot/.
You can add the vmlinuz and initrd.img from the distribution:
mkdir /mnt/cdrom 
mount OracleLinux-R7-U0-Server-x86_64-dvd.iso /mnt/cdrom
mkdir -p /tftpboot/images/ol7
cp /mnt/cdrom/images/pxeboot/vmlinuz /tftpboot/images/ol7
cp /mnt/cdrom/images/pxeboot/initrd.img /tftpboot/images/ol7
umount /mnt/cdrom
To finish, create a menu to use with those files:
mkdir /tftpboot/pxelinux.cfg
cd /tftpboot/pxelinux.cfg
cat >01-08-00-27-82-66-c4 <<EOF
default menu.c32
timeout 50

menu title PXE Boot Menu

label OL7-x86_64
  menu label Oracle Linux 7 - Purple Intallation
  kernel images/ol7/vmlinuz
  append initrd=images/ol7/initrd.img inst.ks=http://192.168.56.2/yum/purple.ks inst.stage2=http://192.168.56.2/yum

EOF
In the example above, the menu references a kickstart file as well as the location of the installer, i.e. inst.stage2. The next section explains how to add them both.
Note:
You can verify the TFTP server is working as expected by installing the tftp client on a remote host with "yum install tftp" and downloading the pxelinux.0 file with "tftp yellow 69 -c get pxelinux.0".

Installer and Kickstart files

To finish the configuration, you need the installer (squashfs.img) to be accessible from the HTTP server. Add the file from the distribution:
mkdir /mnt/cdrom 
mount OracleLinux-R7-U0-Server-x86_64-dvd.iso /mnt/cdrom
cd /u01/app/oracle/distribs/oraclelinux
mkdir LiveOS
cp /mnt/cdrom/LiveOS/squashfs.img LiveOS
umount /mnt/cdrom
Create the .treeinfo file that references the installer:
cat >.treeinfo <<EOF
[header]
version = 0.3

[product]
name = Oracle Linux
short = OL
version = 7.0 

[stage2]
mainimage = LiveOS/squashfs.img
EOF
That's it! You can now add a kickstart file that matches your needs and add it to the HTTP server:
cd /u01/app/oracle/distribs/oraclelinux/
cat >purple.ks <<EOF
install
url --url="http://192.168.56.2/yum/"
lang en_US.UTF-8
keyboard fr
network --onboot yes --device link --bootproto dhcp --noipv6 --hostname purple.resetlogs.com
rootpw manager
firewall --service=ssh
authconfig --enabledhadow --passalgo=sha512
selinux --disabled
timezone Europe/Paris --isUtc --nontp
bootloader --location=mbr --boot-drive=sda
text
skipx
zerombr
clearpart --all --initlabel
autopart
firstboot --disabled
poweroff

%packages
@core
%end
EOF

Test the Provisioning

You should be all good to provision the purple machine: guest or host. This examples uses a virtualbox machine. Change the boot setup as below to boot from PXE:


After a few seconds, the installer shows up and you can install Oracle Linux 7 with the latest RPMs:


3 more minutes and your server should be all up and running! To proceed with other servers, all you need to do is to create more TFTP boot menus and kickstart configuration files. Add a few more steps for naming servers, also from dnsmasq, and you have a nice and serious configuration for local deployments... Not as powerful as what you can get from Puppet/Foreman but enough for many scenarios...
References:
[1] Configuration file for dnsmasq
[2] How do I Configure PXELINUX?

1 comment:

  1. Hi,

    I'm currently working on kickstart for centos7 via spacewalk and i run the following issue :

    Unable to retrieve http://ip.../squashfs.img.

    In installation log i can see : Failed writing receive data to disk / application.

    Have you ever encountered this issue ?

    Regards

    ReplyDelete