Setting up a ‘PXE Network Boot Server’ for Multiple Linux Distribution Installations in RHEL/CentOS 7
PXE Server – Preboot eXecution Environment – instructs a client computer to boot, run or install an operating system directly form a network interface, eliminating the need to burn a CD/DVD or use a physical medium, or, can ease the job of installing Linux distributions on your network infrastructure on multiple machines the same time.
Requirements
- CentOS 7 Minimal Installation Procedure
- RHEL 7 Minimal Installation Procedure
- Configure Static IP Address in RHEL/CentOS 7
- Remove Unwanted Services in RHEL/CentOS 7
- Install NTP Server to Set Correct System Time in RHEL/CentOS 7
Which provides DNS and DHCP services, Syslinux package which provides bootloaders for network booting, TFTP-Server, which makes bootable images available to be downloaded via network using Trivial File Transfer Protocol (TFTP) and VSFTPD Server which will host the local mounted mirrored DVD image – which will act as an official RHEL/CentOS 7 mirror installation repository from where the installer will extract its required packages.
Step 1: Install and configure DNSMASQ Server
1. No need to remind you that is absolutely demanding that one of your network card interface, in case your server poses more NICs, must be configured with a static IP address from the same IP range that belongs to the network segment that will provide PXE services.So, after you have configured your static IP Address, updated your system and performed other initial settings, use the following command to install DNSMASQ daemon.
# yum install dnsmasq2. DNSMASQ main default configuration file located in /etc directory is self-explanatory but intends to be quite difficult to edit, do to its highly commented explanations.
First make sure you backup this file in case you need to review it later and, then, create a new blank configuration file using your favorite text editor by issuing the following commands.
# mv /etc/dnsmasq.conf /etc/dnsmasq.conf.backup # nano /etc/dnsmasq.conf3. Now, copy and paste the following configurations on dnsmasq.conf file and assure that you change the below explained statements to match your network settings accordingly.
interface=eno16777736,lo #bind-interfaces domain=centos7.lan # DHCP range-leases dhcp-range= eno16777736,192.168.1.3,192.168.1.253,255.255.255.0,1h # PXE dhcp-boot=pxelinux.0,pxeserver,192.168.1.20 # Gateway dhcp-option=3,192.168.1.1 # DNS dhcp-option=6,92.168.1.1, 8.8.8.8 server=8.8.4.4 # Broadcast Address dhcp-option=28,10.0.0.255 # NTP Server dhcp-option=42,0.0.0.0 pxe-prompt="Press F8 for menu.", 60 pxe-service=x86PC, "Install CentOS 7 from network server 192.168.1.20", pxelinux enable-tftp tftp-root=/var/lib/tftpbootThe statements that you need to change are follows:
- interface – Interfaces that the server should listen and provide services.
- bind-interfaces – Uncomment to bind only on this interface.
- domain – Replace it with your domain name.
- dhcp-range – Replace it with IP range defined by your network mask on this segment.
- dhcp-boot – Replace the IP statement with your interface IP Address.
- dhcp-option=3,192.168.1.1 – Replace the IP Address with your network segment Gateway.
- dhcp-option=6,92.168.1.1 – Replace the IP Address with your DNS Server IP – several DNS IPs can be defined.
- server=8.8.4.4 – Put your DNS forwarders IPs Addresses.
- dhcp-option=28,10.0.0.255 – Replace the IP Address with network broadcast address –optionally.
- dhcp-option=42,0.0.0.0 – Put your network time servers – optionally (0.0.0.0 Address is for self-reference).
- pxe-prompt – Leave it as default – means to hit F8 key for entering menu 60 with seconds wait time..
- pxe=service – Use x86PC for 32-bit/64-bit architectures and enter a menu description prompt under string quotes. Other values types can be: PC98, IA64_EFI, Alpha, Arc_x86, Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI.
- enable-tftp – Enables the build-in TFTP server.
- tftp-root – Use /var/lib/tftpboot – the location for all netbooting files.
Step 2: Install SYSLINUX Bootloaders
4. After you have edited and saved DNSMASQ main configuration file, go ahead and install Syslinx PXE bootloader package by issuing the following command.# yum install syslinux5. The PXE bootloaders files reside in /usr/share/syslinux absolute system path, so you can check it by listing this path content. This step is optional, but you might need to be aware of this path because on the next step, we will copy of all its content to TFTP Server path.
# ls /usr/share/syslinux
Step 3: Install TFTP-Server and Populate it with SYSLINUX Bootloaders
6. Now, let’s move to next step and install TFTP-Server and, then, copy all bootloders files provided by Syslinux package from the above listed location to /var/lib/tftpboot path by issuing the following commands.# yum install tftp-server # cp -r /usr/share/syslinux/* /var/lib/tftpboot
Step 4: Setup PXE Server Configuration File
7. Typically the PXE Server reads its configuration from a group of specific files (GUID files – first, MAC files – next, Default file – last) hosted in a folder called pxelinux.cfg, which must be located in the directory specified in tftp-root statement from DNSMASQ main configuration file.Create the required directory pxelinux.cfg and populate it with a default file by issuing the following commands.
# mkdir /var/lib/tftpboot/pxelinux.cfg # touch /var/lib/tftpboot/pxelinux.cfg/default8. Now it’s time to edit PXE Server configuration file with valid Linux distributions installation options. Also note that all paths used in this file must be relative to the /var/lib/tftpboot directory.
Below you can see an example configuration file that you can use it, but modify the installation images (kernel and initrd files), protocols (FTP, HTTP, HTTPS, NFS) and IPs to reflect your network installation source repositories and paths accordingly.
# nano /var/lib/tftpboot/pxelinux.cfg/defaultAdd the following whole excerpt to the file.
default menu.c32 prompt 0 timeout 300 ONTIMEOUT local menu title ########## PXE Boot Menu ########## label 1 menu label ^1) Install CentOS 7 x64 with Local Repo kernel centos7/vmlinuz append initrd=centos7/initrd.img method=ftp://192.168.1.20/pub devfs=nomount label 2 menu label ^2) Install CentOS 7 x64 with http://mirror.centos.org Repo kernel centos7/vmlinuz append initrd=centos7/initrd.img method=http://mirror.centos.org/centos/7/os/x86_64/ devfs=nomount ip=dhcp label 3 menu label ^3) Install CentOS 7 x64 with Local Repo using VNC kernel centos7/vmlinuz append initrd=centos7/initrd.img method=ftp://192.168.1.20/pub devfs=nomount inst.vnc inst.vncpassword=password label 4 menu label ^4) Boot from local driveAs you can see CentOS 7 boot images (kernel and initrd) reside in a directory named centos7 relative to /var/lib/tftpboot (on an absolute system path this would mean /var/lib/tftpboot/centos7) and the installer repositories can be reached by using FTP protocol on 192.168.1.20/pub network location – in this case the repos are hosted locally because the IP address is the same as the PXE server address).
Also menu label 3 specifies that the client installation should be done from a remote location via VNC (here replace VNC password with a strong password) in case you install on a headless client and the menu label 2 specifies as
installation sources a CentOS 7 official Internet mirror (this case requires an Internet connection available on client through DHCP and NAT).
Important: As you see in the above configuration, we’ve used CentOS 7 for demonstration purpose, but you can also define RHEL 7 images, and following whole instructions and configurations are based on CentOS 7 only, so be careful while choosing distribution.
Step 5: Add CentOS 7 Boot Images to PXE Server
9. For this step CentOS kernel and initrd files are required. To get those files you need the CentOS 7 DVD ISO Image. So, go ahead and download CentOS DVD Image, put it in your DVD drive and mount the image to /mnt system path by issuing the below command.The reason for using the DVD and not a Minimal CD Image is the fact that later this DVD content would be used to create the
locally installer repositories for FTP sources.
# mount -o loop /dev/cdrom /mnt # ls /mntIf your machine has no DVD drive you can also download CentOS 7 DVD ISO locally using wget or curl utilities from a CentOS mirror and mount it.
# wget http://mirrors.xservers.ro/centos/7.0.1406/isos/x86_64/CentOS-7.0-1406-x86_64-DVD.iso # mount -o loop /path/to/centos-dvd.iso /mnt10. After the DVD content is made available, create the centos7 directory and copy CentOS 7 bootable kernel and initrd images from the DVD mounted location to centos7 folder structure.
# mkdir /var/lib/tftpboot/centos7 # cp /mnt/images/pxeboot/vmlinuz /var/lib/tftpboot/centos7 # cp /mnt/images/pxeboot/initrd.img /var/lib/tftpboot/centos7The reason for using this approach is that, later you can create new separate directories in /var/lib/tftpboot path and add other Linux distributions to PXE menu without messing up the entire directory structure.
Step 6: Create CentOS 7 Local Mirror Installation Source
11. Although you can setup Installation Source Mirrors via a variety of protocols such as HTTP, HTTPS or NFS, for this guide, I have chosen FTP protocol because is very reliable and easy to setup with the help of vsftpd server.Further install vsftpd daemon, copy all DVD mounted content to vsftpd default server path (/var/ftp/pub) – this can take a while depending on your system resources and append readable permissions to this path by issuing the following commands.
# yum install vsftpd # cp -r /mnt/* /var/ftp/pub/ # chmod -R 755 /var/ftp/pub
Step 7: Start and Enable Daemons System-Wide
12. Now that the PXE server configuration is finally finished, start DNSMASQ and VSFTPD servers, verify their status and enable it system-wide, to automatically start after every system reboot, by running the below commands.# systemctl start dnsmasq # systemctl status dnsmasq # systemctl start vsftpd # systemctl status vsftpd # systemctl enable dnsmasq # systemctl enable vsftpd
Step 8: Open Firewall and Test FTP Installation Source
13. To get a list of all ports that needs to be open on your Firewall in order for client machines to reach and boot from PXE server, run netstat command and add CentOS 7 Firewalld rules accordingly to dnsmasq and vsftpd listening ports.# netstat -tulpn # firewall-cmd --add-service=ftp --permanent ## Port 21 # firewall-cmd --add-service=dns --permanent ## Port 53 # firewall-cmd --add-service=dhcp --permanent ## Port 67 # firewall-cmd --add-port=69/udp --permanent ## Port for TFTP # firewall-cmd --add-port=4011/udp --permanent ## Port for ProxyDHCP # firewall-cmd --reload ## Apply rules14. To test FTP Installation Source network path open a browser locally (lynx should do it) or on a different computer and type the IP Address of your PXE server with
FTP protocol followed by /pub network location on URL filed and the result should be as presented in the below screenshot.
ftp://192.168.1.20/pub15. To debug PXE server for eventual misconfigurations or other information and diagnostics in live mode run the following command.
# tailf /var/log/messages16. Finally, the last required step that you need to do is to unmount CentOS 7 DVD and remove the physical medium.
# umount /mnt
Step 9: Configure Clients to Boot from Network
17. Now your clients can boot and install CentOS 7 on their machines by configuring Network Boot as primary boot device from their systems BIOS or by hitting a specified key during BIOS POST operations as specified in motherboard manual.In order to choose network booting. After first PXE prompt appears, press F8 key to enter presentation and then hit Enter key to proceed forward to PXE menu.
18. Once you have reached PXE menu, choose your CentOS 7 installation type, hit Enter key and continue with the installation procedure the same way as you might install it from a local media boot device.
Please note down that using variant 2 from this menu requires an active Internet connection on the target client. Also, on below
screenshots you can see an example of a client remote installation via VNC.
That’s all for setting up a minimal PXE Server on CentOS 7. On my next article from this series, I will discuss other issues concerning this PXE server configuration such as how to setup automated installations of CentOS 7 using Kickstart files and adding other Linux distributions to PXE menu – Ubuntu Server and Debian 7.
Requirements
- CentOS 7.0 DVD ISO
CentOS 7.0 Installation Process
1. After downloading the last version of CentOS using above links or using official CentOS download page. Burn it to a DVD or create a bootable USB stick using LiveUSB Creator called Unetbootin.2. After you have created the installer bootable media, place your DVD/USB into your system appropriate drive, start the computer, select your bootable unit and the first CentOS 7 prompt should appear. At the prompt choose Install CentOS 7 and press [Enter] key.
4. The next step, present screen prompt is Installation Summary. It contains a lot of options to fully customize your system. First thing you may want to setup is your time settings. Click on Date & Time and select your server physical location from the provided map and hit on upper Done button to apply configuration.
5. The next step is to choose your Language Support and Keyboard settings. Choose your main and extra language for your system and when you’re finished hit on Done button.
6. The same way choose your Keyboard Layout by hitting the plus button and test your keyboard configuration using the right input filed. After you finish setting up your keyboard, again hit on upper Done button to apply changes and go back to main screen on Installation Summary.
7. On the next step you can customize your installation by using other Installation Sources than your local DVD/USB media, such as a network locations using HTTP, HTTPS, FTP or NFS protocols and even add some additional repositories, but use this methods only if you know what you’re doing. So leave the default Auto-detected installation media and hit on Done to continue.
8. On the next step you can choose your system installation software. On this step CentOS offers a lot of Server and Desktop platform environments that you choose from, but, if you want a high degree of customization, especially if you are going to use CentOS 7 to run as a server platform, then I suggest you select Minimal Install with Compatibility Libraries as Add-ons, which will install a minimal basic system software and later you can add other packages as your needs require using yum groupinstall command.
9. Now it’s time to partition your hard-drive. Click on Installation Destination menu, select your disk and choose I will configure partitioning.
10. On the next screen, choose LVM (Logical Volume Manager) as partition layout and, then, click on Click here to create them automatically, option which will create three system partition using XFS filesystem, automatically redistributing your hard-disk space and gathering all LVS into one big Volume Group named centos.
- /boot – Non LVM
- /(root) – LVM
- Swap – LVM
NOTE: For those users, who have hard-disks more than 2TB in size, the installer automatically will convert partition table to GPT, but if you wish to use GPT table on smaller disks than 2TB, then you should use the argument inst.gpt to the installer boot command line in order to change the default behaviour.
12. The next step is to set your system hostname and enable networking. Click on Network & Hostname label and type your system FQDN (Fully Qualified Domain Name) on Hostname filed, then enable your Network interface, switching the top Ethernet button to ON.
If you have a functional DHCP server on you network then it will automatically configure all your network setting for enabled NIC, which should appear under your active interface.
13. If your system will be destined as a server it’s better to set static network configuration on Ethernet NIC by clicking on Configure button and add all your static interface settings like in the screenshot below, and when you’re finished hit on Save button, disable and enable Ethernet card by switching the button to OFF and ON, and, then hit on Done to apply setting and go back to main menu.
14. Now it’s time to start installation process by pressing on Begin Installation button and set up a strong password for root account.
15. After you finish setting up a strong password for root account move to User Creation and create your first system user. You can designate this user to become a System Admin with root privileges using sudo command by checking the box Make this user administrator, then click on Done to go back on main menu and wait for the installation process to finish.
16. After the installation process finishes, the installer will show a successfully message on screen, demanding to reboot your system in order to use it.
Congratulation! You have now installed last version of CentOS on your bare new machine. Remove any installation media and reboot your computer so you can login to your new minimal CentOS 7 environment and perform other system tasks, such as update you system and install other useful software needed to run day to day tasks.
Disable and Remove Unwanted Services on RHEL/CentOS 7 Minimal Installation
RHEL/CentOS 7 minimal installation for servers comes with some default pre-installed services, such as Postfix Mail Transfer Agent daemon, Avahi mdns daemon (multicast Domain Name System) and Chrony service, which is responsible to maintain system clock.
Now comes to the question.. Why wed need to disable all these services. if they are pre-installed? One of the main reason would be to increase system security level degree, the second reason is system final destination and the third is system resources.
Requirements
If you are planning to use your newly installed RHEL/CentOS 7 to host, let’s say, a small website which runs on Apache or Nginx, or to provide network services like DNS, DHCP, PXE boot, FTP server, etc or other services that don’t require to run Postifx MTA daemon, Chrony or Avahi daemon, then why we should keep all these unnecessary daemons installed or even running on your server.The main external services that your server truly requires to run after you perform a minimal installation would be just a SSH daemon, in order to allow remote logins on system, and, in some cases, NTP service, to accurately synchronize your server internal clock with external NTP servers.
Disable/Remove Postfix MTA, Avahi and Chrony Services
# yum upgrade2. The next step would be to install some useful system utilities using YUM Package Manager, such as net-tools (this package provides the older
but good ifconfig command), nano text editor, wget and curl for URL transfers, lsof (to list your open files) and bash-completion, which auto completes typed commands.
# yum install nano bash-completion net-tools wget curl lsof3. Now you can start disabling and remove pre-installed unwanted services. First of all get a list of all your enabled and running services by running netstat command against TCP, UDP and Listen state network sockets.
# netstat -tulpn ## To output numerical service sockets # netstat -tulp ## To output literal service sockets4. As you can see Postfix is started and listens on localhost on port 25, Avahi daemon binds on all network Interfaces and Chronyd service binds on localhost and all network interfaces on different ports. Proceed with Postfix MTA service removal by issuing the following commands.
# systemctl stop postfix # yum remove postfix5. Next remove Chronyd service, which will be replaced by NTP server, by issuing the following commands.
# systemctl stop chronyd # yum remove chrony6. Now it’s time to remove Avahi daemon. Looks like in RHEL/CentOS 7 Avahi daemon is strongly tight and depends on Network Manager service. Performing Avahi daemon removal can leave your system without any network connections.
So, pay extra attention to this step. If you really need automatic network configuration provided by Network Manager or you need to edit your interfaces
through nmtui network and interface utility, then you should only stop and disable Avahi daemon and perform no removal at all.
If you still want to completely remove this service then you must manually edit network configuration files located in /etc/sysconfig/network-scripts/ifcfg-interface_name, then start and enable networking service.
Issue the following commands to remove Avahi mdns daemon. Caution: Do not attempt to remove Avahi daemon if you connected through SSH.
# systemctl stop avahi-daemon.socket avahi-daemon.service # systemctl disable avahi-daemon.socket avahi-daemon.service
--------- Stop here if you don't want removal --------- # yum remove avahi-autoipd avahi-libs avahi7. This step is required only if you removed Avahi daemon and your network connections crashed and you need to manually configure Network Interface Card again.
To edit your NIC to use IPv6 and static IP Address, go to /etc/sysconfig/network-scripts/ path, open NIC interface file (usually the first card is named ifcfg-eno1677776 and is already configured by Network Manager) and use the following excerpt as a guide in case your
network interface has no configuration.
IPV6INIT=no IPV6_AUTOCONF=yes BOOTPROTO=none DEVICE=eno16777736 ONBOOT=yes UUID=c3f0dc21-d2eb-48eb-aadf-10a520b13df0 TYPE=Ethernet #DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no NAME="System eno16777736" IPV6_PEERDNS=yes IPV6_PEERROUTES=yes HWADDR=00:0C:29:E2:06:E9 IPADDR=192.168.1.25 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 DNS1=192.168.1.1 DNS2=8.8.8.8The most important settings here you should take into consideration are:
- BOOTPROTO – Set to none or static – for static IP Address.
- ONBOOT – Set to yes – to bring up your interface after reboot.
- DEFROUTE – Statement commented with a # or completely removed – do not use default route (If you use it here you should add “DEFROUTE: no” to all network interfaces, not used as the default route).
IPV6INIT=no IPV6_AUTOCONF=yes BOOTPROTO=dhcp DEVICE=eno16777736 ONBOOT=yes UUID=c3f0dc21-d2eb-48eb-aadf-10a520b13df0 TYPE=Ethernet ##DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no NAME="System eno16777736" IPV6_PEERDNS=yes IPV6_PEERROUTES=yes HWADDR=00:0C:29:E2:06:E9Same as the configuration with Static IP Address, assure that BOOTPROTO is set to dhcp, DEFROUTE statement is commented or removed and the device is configured to automatically start on boot. If you don’t use IPv6 just remove or comment all the lines containing IPV6.
9. In order to apply the new configurations for your network interfaces you must restart network service. After you restart network daemon use ifconfig
or ip addr show command to get your interface settings and try to ping a domain name to see if network is functional.
# service network restart ## Use this command before systemctl # chkconfig network on # systemctl restart network # ifconfig # ping domain.tld10. As a final setting make sure you set up a name for system hostname using hostnamectl utility and review your configuration with hostname command.
# hostnamectl set-hostname FQDN_system_name # hostnamectl status # hostname # hostname -s ## Short name # hostname -f ## FQDN name11. That’s all! As a final test run netstat command again to get a look of what services are running on your system.
# netstat -tulpn # netstat -tulp12. Besides SSH server, if your network uses DHCP to pull dynamic IP configurations, a DHCP Client should run and be active on UDP ports.
# netstat -tulpn13. As an alternative to netstat utility you can output your running network sockets with the help of Sockets Statistics command.
# ss -tulpn14. Reboot your server and run systemd-analize command to determine your system boot-up time performance and, also, use free and Disk
Free command to display RAM and HDD statistics and top command to see a top of the most used system resources.
# free -h # df -h # topCongratulations! Now you have a clean minimal RHEL/CentOS 7 system environment with less services installed and running and more resources available for future configurations.
Setting Up “NTP (Network Time Protocol) Server” in RHEL/CentOS 7
Network Time Protocol – NTP- is a protocol which runs
over port 123 UDP at Transport Layer and allows computers to synchronize
time over networks for an accurate time. While time is passing by,
computers internal clocks tend to drift which can lead to inconsistent
time issues, especially on servers and clients logs files or if you want
to replicate servers resources or databases.
3. Then open NTP daemon main configuration file for editing, comment the default list of Public Servers from pool.ntp.org project and replace it with the list provided for your country like in the screenshot below.
4. Further, you need to allow clients from your networks to synchronize time with this server. To accomplish this, add the following line to NTP configuration file, where restrict statement controls, what network is allowed to query and sync time – replace network IPs accordingly.
5. If you need additional information for troubleshooting in case there are problems with your NTP daemon add a log file statement which will record all NTP server issues into one dedicated log file.
That’s all! Setting up a local NTP Server on your network ensures that all your servers and clients have the same time set in case of an Internet connectivity failure and they all are synchronized with each other.
Requirements:
Additional Requirements:
- Register and Enbale RHEL 7 Subscription for Updates
- Configure Static IP Address on CentOS/Rhel 7
- Disable and Remove Unwanted Services in CentOS/RHEL 7
Step 1: Install and configure NTP daemon
1. NTP server package is provided by default from official CentOS /RHEL 7 repositories and can be installed by issuing the following command.# yum install ntp2. After the server is installed, first go to official NTP Public Pool Time Servers, choose your Continent area where the server physically is located, then search for your Country location and a list of NTP servers should appear.
4. Further, you need to allow clients from your networks to synchronize time with this server. To accomplish this, add the following line to NTP configuration file, where restrict statement controls, what network is allowed to query and sync time – replace network IPs accordingly.
restrict 192.168.1.0 netmask 255.255.255.0 nomodify notrapThe nomodify notrap statements suggest that your clients are not allowed to configure the server or be used as peers for time sync.
5. If you need additional information for troubleshooting in case there are problems with your NTP daemon add a log file statement which will record all NTP server issues into one dedicated log file.
logfile /var/log/ntp.log6. After you have edited the file with all configuration explained above save and close ntp.conf file. Your final configuration should look like in the screenshot below.
Step 2: Add Firewall Rules and Start NTP Daemon
7. NTP service uses UDP port 123 on OSI transport layer (layer 4). It is designed particularly to resist the effects of variable latency (jitter). To open this port on RHEL/CentOS 7 run the following commands against Firewalld service.# firewall-cmd --add-service=ntp --permanent # firewall-cmd --reload8. After you have opened Firewall port 123, start NTP server and make sure you enable it system-wide. Use the following commands to manage the service.
# systemctl start ntpd # systemctl enable ntpd # systemctl status ntpd
Step 3: Verify Server Time Sync
9. After NTP daemon has been started, wait a few minutes for the server to synchronize time with its pool list servers, then run the following commands to verify NTP peers synchronization status and your system time.# ntpq -p # date -R10. If you want to query and synchronize against a pool of your choice use ntpdate command, followed by the server or servers addresses, as suggested in the following command line example.
# ntpdate -q 0.ro.pool.ntp.org 1.ro.pool.ntp.org
Step 4: Setup Windows NTP Client
11. If your windows machine is not a part of a Domain Controller you can configure Windows to synchronize time with your NTP server by going to Time from the right side of Taskbar -> Change Date and Time Settings -> Internet Time tab -> Change Settings -> Check Synchronize with an Internet time server -> put your server’s IP or FQDN on Server filed -> Update now -> OK.That’s all! Setting up a local NTP Server on your network ensures that all your servers and clients have the same time set in case of an Internet connectivity failure and they all are synchronized with each other.
Setting Up Prerequisites to ‘Install Windows 7’ over ‘PXE Network Boot Server’ on RHEL/CentOS 7 – Part 1
Continuing the series of tutorials regarding RHEL/CentOS 7 PXE Network Boot Server Environment, where so far I have only discussed integrating and installing Linux distributions over PXE Server.This tutorial will be concentrate around Windows based systems and will show you how to add and manually install Windows 7, both 32-bit and 64-bit architectures, over a PXE Server and Samba shares.
Requirements
- Install PXE Network Boot Server for Multiple OS Installations in RHEL/CentOS 7
- A Samba fully accessed directory share setup on PXE Server machine.
- A computer with Windows 7 operating system installed.
- Windows Automated Installation Kit (AIK) installed on Windows 7 computer.
- Both Windows 7 32-bit/64-bit DVD ISO Images.
The first part will cover the configurations needed to setup the environment on RHEL/CentOS 7 PXE Server premises, by installing and configuring a Samba fully accessed shared directory with no authentication needed, where both Windows 7 system architecture images will be deployed, and, also, editing PXE Server default configuration file with the options needed to boot WinPE ISO Image in order to manually proceed with Windows installation process.
The next steps that should be made on the client-side in order to boot, access and install Windows 7 over network.
Step 1: Install and Setup Samba Share on PXE Server
1. On the first step, login to PXE Server with root account and setup a fully accessed Samba share, where Windows 7 DVD installation sources will be deployed. Install Samba daemon by issuing the following command.# yum install samba samba-common samba-winbind2. Next, backup samba main configuration file and create a new configuration file with your favourite text editor by running the following commands.
# mv /etc/samba/smb.conf /etc/samba/smb.conf.backup # nano /etc/samba/smb.conf3. Now add the following configurations to samba main file as presented in the below file excerpt.
[global] workgroup = PXESERVER server string = Samba Server Version %v log file = /var/log/samba/log.%m max log size = 50 idmap config * : backend = tdb cups options = raw netbios name = pxe map to guest = bad user dns proxy = no public = yes ## For multiple installations the same time - not lock kernel kernel oplocks = no nt acl support = no security = user guest account = nobody [install] comment = Windows 7 Image path = /windows read only = no browseable = yes public = yes printable = no guest ok = yes oplocks = no level2 oplocks = no locking = noAs you can see from this configuration file, I have created a shared folder named install which is located under /windows system path (on this path will copy Windows 7 DVD installation sources).
4. After finishing editing main samba configuration file run testparm command in order to check and validate the file for eventual errors or misconfigurations.
# testparm5. On the next step create the /windows directory under root path (the directory defined in samba conf file) and add SELinux contextual rules in
order to be fully accessed in case your system has enforced SELinux security.
# mkdir /windows # semanage fcontext -a -t samba_share_t ‘/windows(/.*)?’ # restorecon -R -v /windows
Step 2: Deploy Windows 7 Installation Sources on PXE Server
6. For this step both Windows 7 ISO DVD Images are needed. But before mounting and copy DVD content create two directories under /windows pathto separate Windows installation sources architectures.
# mkdir /windows/x32 # mkdir /windows/x647. Now it’s time to copy Windows Installation Sources to the paths created above. First put Windows 7 32-bit DVD Image ISO on your machine DVD drive, mount the image to /mnt path and copy all DVD mounted content to samba shared directory /windows/x32/. The transfer process can take a while depending on your system resources, and, after it finishes, unmount Windows 7 32-bit DVD Image.
# mount -o loop /dev/cdrom /mnt # cp -rf /mnt/* /windows/x32/ # umount /mnt8. Repeat the above process with Windows 7 64-bit DVD Image, but this time copy DVD mounted content to /windows/x64/ shared path.
# mount -o loop /dev/cdrom /mnt # cp -rf /mnt/* /windows/x64/ # umount /mntNote: If your PXE server machine doesn’t have a DVD drive you can copy both Windows DVDs contents after you start samba server and access the “install” shared folder from a Windows computer.
9. After both DVD’s images are copied, issue the following commands to setup the right owner and permissions in order to make the share readable and fully accessible without authentication.
# chmod -R 0755 /windows # chown -R nobody:nobody /windows
Step 3: Add Firewall Rules, Start and Enable Samba System-Wide
10. If you are using a Firewall on your PXE Server premises, add the following rule to Firewalld service to open Samba to outside connections.# firewall-cmd --add-service=samba --permanent # firewall-cmd --reload11. Now, start Samba daemons and enable it system wide, to automatically start after every reboot, by issuing the following commands.
# systemctl restart smb # systemctl enable smb # systemctl restart winbind # systemctl enable winbind # systemctl restart nmb # systemctl enable nmb # systemctl status smb12. To test Samba configuration move to a Windows computer and add the IP Address of your Samba server followed by the shared path name in Windows Explorer address bar and the shared folders should appear.
\\192.168.1.20\installAt this point you can now use the alternate method explained in the above note, and put Windows 7 ISO Images in your DVD drive and copy their content, depending on the system architecture, to x32 and x64 folders.
Step 4: Configure PXE Server
13. Before editing PXE Menu configuration file, create a new directory named windows on TFTP server default system path. Under this directory you will later copy WinPE ISO image, created on the Windows 7 computer using Windows Automated Installation Kit program.# mkdir /var/lib/tftpboot/windows14. Now, open PXE Server default configuration file and add Windows Installation label to PXE menu, as described in the below menu excerpt.
# nano /var/lib/tftpboot/pxelinux.cfg/defaultWindows 7 menu label configuration.
label 9 menu label ^9) Install Windows 7 x32/x64 KERNEL memdisk INITRD windows/winpe_x86.iso APPEND iso rawThat’s all you need to setup on RHEL/CentOS 7 PXE Server side. Still, don’t close the console yet, because you will need it later to copy WinPE ISO image to /var/lib/tftpboot/windows/ directory.
Further let’s continue with the procedure and move onto a Windows 7 Installation on PXE Network – Part 2 of this series
Installing Windows 7 over PXE Network Boot Server on RHEL/CentOS 7 using WinPE ISO Image – Part 2
Continuing the series regarding installing Windows 7 over RHEL/CentOS 7
PXE Network Boot, where in the first part I have only covered setting
up prerequisites on PXE Server, now in this article will be going to
discuss how to build WinPE ISO image with the help of Windows Automated Installation Kit on Windows and then move the build image to PXE Server TFTP default location to access and install Windows 7 over PXE network.
2. After AIK ISO image finishes downloading, mount the image using a Windows mount software (Daemon Tools Lite Free Edition will do the job) and install Windows Automated Installation Kit software.
4. Now it’s time to build the Windows 7 Preinstallation Environment (WinPE) x86 boot image by issuing the following commands on Deployment Tools Command Prompt.
7. After WinPE x86 ISO file is completely transferred to Samba “install” shared directory go back to PXE Server console and move this image from root’s /windows directory to TFTP windows directory path to complete the entire installation process.
After the first PXE prompt appears press F8 and Enter keys to continue and then select Install Windows 7 from PXE menu.
9. After WinPE image finishes loading, a customized minimal image of windows starts and a Command Prompt window will be displayed on screen.
10. In order to install Windows 7 over a Network Share, in the Command Prompt window, map the Windows installation sources (use the architecture
path you want to install), configured on PXE Samba share directory, as a Network drive.
Then enter network drive share, by specifying the drive letter, and run setup.exe utility. Use the following commands to start the installation process (replace the samba network address location and network drive letter accordingly) and continue with the installation process as you normally do it from a local DVD media.
Thats all! Performing Windows installations over PXE and network has a lot of advantages, such as cutting down the installation time drastically, allowing the installation process to take place the same time on multiple machines without the need to use a physical installation media.
You can also setup multiple Windows Installation Sources (using Windows or Samba shares) on different machines over your network to avoid a bottleneck on RHEL/CentOS PXE Server, in case you install Windows on multiple machines the same time, and direct the network drive maps to use those specific network sources on installation process.
Requirements
Step 1: Download and Install Windows Automated Installation Kit
1. On this second part, logon to a Windows 7 Operating System computer, go to Microsoft Download Center and download Windows Automated Installation Kit ISO image file by using the following link.2. After AIK ISO image finishes downloading, mount the image using a Windows mount software (Daemon Tools Lite Free Edition will do the job) and install Windows Automated Installation Kit software.
Step 2: Create WinPE ISO Image on Windows 7
3. After Windows AIK software is installed on your system go to Windows Start -> All Programs -> Microsoft Windows AIK -> right click on Deployment Tools Command Prompt and select Run as Administrator and a new Windows Shell console should open on your screen.copype x86 C:\winPE_x86 copy "C:\Program Files\Windows AIK\Tools\PETools\x86\winpe.wim" C:\winpe_x86\ISO\Sources\Boot.wim copy "C:\Program Files\Windows AIK\Tools\x86\Imagex.exe" C:\winpe_x86\ISO\ oscdimg -n -bC:\winpe_x86\etfsboot.com C:\winpe_x86\ISO C:\winpe_x86\winpe_x86.iso5. Although for this tutorial just the WinPE x86 Boot ISO Image is required, below you can find the commands to build PE Images for Windows 7 64-bit and Windows 8 architectures also.
To build WinPE Boot images for Windows 7 64-bit use the following commands:
copype amd64 C:\winPE_amd64 copy "C:\Program Files\Windows AIK\Tools\PETools\amd64\winpe.wim" C:\winpe_amd64\ISO\Sources\Boot.wim copy "C:\Program Files\Windows AIK\Tools\amd64\Imagex.exe" C:\winpe_amd64\ISO\ oscdimg -n -bC:\winpe_amd64\etfsboot.com C:\winpe_amd64\ISO C:\winpe_amd64\winpe_amd64.iso
To build Windows 8 32-bit WinPE bootable images run the following commands:
copype x86 C:\Win8PE_x86 MakeWinPEMedia /ISO C:\Win8PE_x86 C:\Win8PE_x86\WinPE_x86.iso
To build Windows 8 64-bit WinPE bootable images run the following commands:
copype amd64 C:\Win8PE_amd64 MakeWinPEMedia /ISO C:\Win8PE_amd64 C:\Win8PE_amd64\Win8PE_amd64.iso
Step 3: Copy WinPE ISO Image to CentOS PXE Server
6. After Windows 7 Preinstallation Environment (WinPE) x86 boot image has been created, use Windows Explorer to copy winpe_x86.iso image located in C:\winpe_x86\ windows path to PXE Samba shared directory at \\192.168.1.20\install network location.7. After WinPE x86 ISO file is completely transferred to Samba “install” shared directory go back to PXE Server console and move this image from root’s /windows directory to TFTP windows directory path to complete the entire installation process.
# mv /windows/winpe_x86.iso /var/lib/tftpboot/windows/
Step 4: Boot and Install Windows 7 over PXE Network on Client Side
8. In order to boot and install Windows 7 via network and PXE server, first instruct the clients machines to boot over network by modifying BIOS device boot order or hit a custom key during BIOS post to select a network boot device.After the first PXE prompt appears press F8 and Enter keys to continue and then select Install Windows 7 from PXE menu.
9. After WinPE image finishes loading, a customized minimal image of windows starts and a Command Prompt window will be displayed on screen.
10. In order to install Windows 7 over a Network Share, in the Command Prompt window, map the Windows installation sources (use the architecture
path you want to install), configured on PXE Samba share directory, as a Network drive.
Then enter network drive share, by specifying the drive letter, and run setup.exe utility. Use the following commands to start the installation process (replace the samba network address location and network drive letter accordingly) and continue with the installation process as you normally do it from a local DVD media.
net use z: \\192.168.1.20\install\x32 Z: setup.exe11. If you want to install the 64-bit architecture, map the specific 64-bit network path using a different letter and continue the installation procedure by following the same steps explained above.
net use y : \\192.168.1.20\install\x64 Y: setup.exe12. In case the installation sources are configured with authentication use the following command switch to specify the username.
net use y : \\192.168.1.20\install\x64 /user:samba_username13. After both architectures installation sources had been mapped you can change between them by switching to the designated network drive letter as presented in the screenshot below.
Thats all! Performing Windows installations over PXE and network has a lot of advantages, such as cutting down the installation time drastically, allowing the installation process to take place the same time on multiple machines without the need to use a physical installation media.
You can also setup multiple Windows Installation Sources (using Windows or Samba shares) on different machines over your network to avoid a bottleneck on RHEL/CentOS PXE Server, in case you install Windows on multiple machines the same time, and direct the network drive maps to use those specific network sources on installation process.