- Netbooting the Live Server Installer via UEFI PXE on Arm (aarch64, arm64) and x86_64 (amd64)
- Configuring TFTP
- Serving Files
- Necessary Files
- Examples
- Download and Serve Grub EFI Binary
- Download and Serve More Files
- Appendix
- Always Make Sure of the Serving File Names
- Booting Screenshots
- How to set up PXE boot for UEFI hardware
- Great Linux resources
- Tips regarding creating the grub.cfg
- Wrapping Up
Netbooting the Live Server Installer via UEFI PXE on Arm (aarch64, arm64) and x86_64 (amd64)
This document provides the steps needed to install an system via netbooting and subiquity in UEFI mode with Ubuntu 20.04 (or later). The process is applicable to both of the architectures, arm64 and amd64. This process is inpired by this Ubuntu Discourse post for legacy mode, which is UEFI’s predecessor. Focal (20.04, 20.04.5) and Groovy (20.10) have been tested with the following method.
Configuring TFTP
This article assumes that you have setup your tftp (and/or DHCP/bootp if necessary, depending on your LAN configuration) by following this Ubuntu Discourse post, or you could also consider build your own tftp in this way if your DNS and DHCP is already well configured:
$ sudo apt install tftpd-hpa
If the installation is successful, check the corresponding TFTP service is active by this command:
$ systemctl status tftpd-hpa.service
It is expected to show active (running) from the output messages. We will also assume your tftp root path is /var/lib/tftpboot in the remaining of this article.
Serving Files
You can skip the whole section of the following manual setup instruction by using this non-official tool. The tool will setup your TFTP server to serve necessary files for netbooting.
Necessary Files
There are several files needed for this process. The following files are needed:
- Ubuntu live server image
- For arm64 architecture, its image name has a -arm64 suffix. For example, ubuntu-20.04.5-live-server-arm64.iso.
- For amd64 architecture, its image name has a -amd64 suffix. For example, ubuntu-20.04.5-live-server-amd64.iso.
- For arm64 architecture, it is grubnetaa64.efi.signed .
- For amd64 architecture, it is grubnetx64.efi.signed .
Examples
In the following sections, we will take arm64 image as an example. This means the following files are used:
- Ubuntu 20.04.5 live server image ubuntu-20.04.5-live-server-arm64.iso from https://cdimage.ubuntu.com/ubuntu/releases/20.04.5/release/ubuntu-20.04.5-live-server-arm64.iso
- grub efi binary grubnetaa64.efi.signed from http://ports.ubuntu.com/ubuntu-ports/dists/focal/main/uefi/grub2-arm64/current/grubnetaa64.efi.signed
- initrd extracted from ubuntu-20.04.5-live-server-arm64.iso
- vmlinuz extracted from ubuntu-20.04.5-live-server-arm64.iso
Please replace the corresponding files when you want to work on amd64 image. For example, your files may be:
- Ubuntu 20.04.5 live server image ubuntu-20.04.5-live-server-amd64.iso from https://releases.ubuntu.com/20.04.5/ubuntu-20.04.5-live-server-amd64.iso
- grub efi binary grubnetx64.efi.signed from http://archive.ubuntu.com/ubuntu/dists/focal/main/uefi/grub2-amd64/current/grubnetx64.efi.signed
- initrd extracted from ubuntu-20.04.5-live-server-amd64.iso
- vmlinuz extracted from ubuntu-20.04.5-live-server-amd64.iso
Download and Serve Grub EFI Binary
The grub binary helps us redirect the downloading path to the target files via grub.cfg . You may refer to this discourse post to get more information about the PXE process and why we need this binary.
$ sudo wget http://ports.ubuntu.com/ubuntu-ports/dists/focal/main/uefi/grub2-arm64/current/grubnetaa64.efi.signed -O /var/lib/tftpboot/grubnetaa64.efi.signed
Please note you may need to change the archive dists name from focal to your target distribution name.
Download and Serve More Files
Fetch the installer by downloading a Ubuntu arm server iso, e.g. 20.04.5 live server arm64 iso. Please note the prefix live is significant. We will need the files available only in the live version.
Mount the iso and copy the target files we need to the TFTP folder
$ sudo mount ./ubuntu-20.04.5-live-server-arm64.iso /mnt $ sudo mkdir /var/lib/tftpboot/grub /var/lib/tftpboot/casper $ sudo cp /mnt/boot/grub/grub.cfg /var/lib/tftpboot/grub/ $ sudo cp /mnt/casper/initrd /var/lib/tftpboot/casper/ $ sudo cp /mnt/casper/vmlinuz /var/lib/tftpboot/casper/
So, the TFTP root folder should look like this now:
$ find /var/lib/tftpboot/ /var/lib/tftpboot/ /var/lib/tftpboot/grub /var/lib/tftpboot/grub/grub.cfg /var/lib/tftpboot/grubnetaa64.efi.signed /var/lib/tftpboot/casper /var/lib/tftpboot/casper/initrd /var/lib/tftpboot/casper/vmlinuz
Finally, let’s customize the grub menu so we could install our target image by fetching it directly over the internet.
$ sudo chmod +w /var/lib/tftpboot/grub/grub.cfg $ sudo vi /var/lib/tftpboot/grub/grub.cfg
menuentry "Install Ubuntu Server (Focal 20.04.5) (Pull the iso from web)" < set gfxpayload=keep linux /casper/vmlinuz url=http://cdimage.ubuntu.com/ubuntu/releases/20.04.5/release/ubuntu-20.04.5-live-server-arm64.iso only-ubiquity ip=dhcp --- initrd /casper/initrd >
ip=dhcp is for the dhcp management setup in the lab. url is used to point to your target image download url. Remember to change them according to your scenario.
If everything goes well, you should get into the expected grub menu of the ephemeral live prompt. Select the entry you just put in grub.cfg , which is Install Ubuntu Server (Focal 20.04.5) (Pull the iso from web) in our example. Waiting a bit for downloading the iso and then you will see the subiquity welcome message. Enjoy the installation!
Appendix
Always Make Sure of the Serving File Names
For example, please make sure the target file name for linux and initrd is correct. For example, the default initrd binary file name of 20.04.5 is initrd, and it is initrd.lz for 20.10. Always make sure you serve the right file names. This is a frequent troubleshooting issue. Pay attention on this detail could save a lot of your time.
Booting Screenshots
If your setup is correct, your grub.cfg should redirect the process to an ephemeral environment to download your target image assigned in the grub entry of grub.cfg . You will see a screen like this if you are able to access console or monitor device of your target machine:
Wait a bit to complete downloading. If you see this subiquity welcome page, the installer is successfully launched via your UEFI PXE setup. Configurations!!
How to set up PXE boot for UEFI hardware
Setting up a PXE system will streamline new system installs, but the process is lengthy and requires attention to detail. This part one of two articles walks you through the process.
Having Red Hat Virtualization (RHV) implemented in different networks requires some sort of automation to install new RHV hosts. It is particularly handy to automate the process when there are slight differences between different hosts in the same network.
In this article, I take you through the process of designing and setting up a Preboot Execute Environment (PXE) that includes setting up a PXE server, configuring a DHCP server, and installing a TFTP server. Setting up a PXE boot environment isn’t particularly difficult but does require multiple critical steps and each step contains a lot of detail.
Setting up one PXE server to provision different servers’ farms located in different networks is beneficial, especially if you are going to automate the provisioning later on.
In this setup, we configure one PXE server and two different servers’ farms. Each servers’ farm network has its own dedicated PXE network (called the «Provisioning Network» in this article), while the PXE server itself is not in any of these networks.
Below is the network diagram with sample IP ranges:
This design achieves the following:
- This setup is more secure rather than using regular management networks (i.e. ovirtmgmt).
- This setup protects management networks from the broadcast storm that might be caused by Dynamic Host Configuration Protocol (DHCP) requests.
- PXE servers need to reach a Satellite server or the Internet either via a DMZ interface or via a proxy server to download the needed packages. Having the PXE server(s) outside of the Provisioning Networks protects these networks from being compromised.
Great Linux resources
This article is based on the following assumptions for the sake of simplicity:
1. The PXE setup (DHCP, Trivial File Transfer Protocol (TFTP) and Hypertext Transfer Protocol (HTTP)) is hosted on a single server, although this is not required.
Installation the operating system (OS) on a server follows the order in the image below:
2. The PXE server can reach the internet via a proxy server, and if not then a Satellite server is used.
3. The PXE server is setup on Red Hat Enterprise Linux (RHEL) 7.x.
The PXE server is installed on a server with four core CPUs and four GB of memory, although servers with lower specifications can work.
The server has one network interface card (NIC) which is used for all types of traffic, although you can have different network interfaces if network segregation is needed.
RHEL7.6 ISO image is used to install the OS, with the minimal installation option.
After installation the OS registration and enabling the relevant repositories are needed:
2. In the section below add the relevant details of the proxy server:
#an http proxy server to use proxy_hostname = #port for http proxy server proxy_port = #user name for authenticating to an http proxy, if needed proxy_user = #password for basic http proxy auth, if needed proxy_password =
4. Register and attach the system:
#subscription-manager register --auto-attach username: your-rhsm-username password: your-rhsm-password
5. Enabling the needed repositories:
# subscription-manager repos --enable=rhel-7-server-rh-common-rpms --enable=rhel-7-server-rpms --enable=rhel-7-server-extras-rpms
Below are the steps to set up the DHCP to support PXE boot for UEFI servers:
1. Install the DHCP server:
2. Adjust the DHCP configuration file( /etc/dhcp/dhcpd.conf ). Here is a sample configuration file based on the network diagram above:
# DHCP Server Configuration File # #. see /usr/share/doc/dhcp*/dhcpd.conf.example # #. see dhcpd.conf(5) man page option rfc3442-classless-static-routes code 121 = array of integer 8; option ms-classless-static-routes code 249 = array of integer 8; option space pxelinux; option pxelinux.magic code 208 = string; option pxelinux.configfile code 209 = text; option pxelinux.pathprefix code 210 = text; option pxelinux.reboottime code 211 = unsigned integer 32; option architecture-type code 93 = unsigned integer 16; subnet 192.168.1.0 netmask 255.255.255.0 < option routers 192.168.1.0; option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; >subnet 192.168.2.0 netmask 255.255.255.0 < option routers 192.168.2.1; option subnet-mask 255.255.255.0; option broadcast-address 192.168.2.255; range 192.168.2.2 192.168.2.254; class "pxeclients" < match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; next-server 192.168.1.10; if option architecture-type = 00:07 < filename "shim.efi"; >else < filename "pxelinux/pxelinux.0"; >> > subnet 192.168.3.0 netmask 255.255.255.0 < option routers 192.168.3.1; option subnet-mask 255.255.255.0; option broadcast-address 192.168.3.255; range 192.168.3.2 192.168.3.254; class "pxeclients" < match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; next-server 192.168.1.10; if option architecture-type = 00:07 < filename "shim.efi"; >else < filename "pxelinux/pxelinux.0"; >> >
3. Enable and start the dhcpd service:
# systemctl enable dhcpd; systemctl start dhcpd
The TFTP server is needed to provide:
- initrd.img — The “boot loader” which will be loaded to a RAM disk
- vmlinuz — A compressed bootable Linux kernel
The setup of the TFTP server to support PXE boot for UEFI servers is a bit different from the setup to support the BIOS servers.
Below are the steps to set up a TFTP server to support PXE boot for UEFI servers:
1. Install the TFTP server:
2. Download the needed packages from the RHEL repositories:
# mkdir /root/packages # cd /root/packages # yumdownloader shim-version-architecture # yumdownloader grub2-efi- version-architecture
3. Extract the needed binaries:
# rpm2cpio shim-version-architecture.rpm | cpio -dimv # rpm2cpio grub2-efi- version-architecture.rpm | cpio -dimv # cp boot/efi/EFI/redhat/grubx64.efi /var/lib/tftpboot/ # cp boot/efi/EFI/redhat/shim.efi /var/lib/tftpboot/
4. Download ISO image and move it to the PXE server.
# mount -t iso9660 /path/iso-file.iso /mnt -o loop,ro
6. Create a subdirectory to store boot image files within /var/lib/tftpboot :
# mkdir -p /var/lib/tftp/images/rhv-4.3
7. Copy the boot image files:
# cp /mnt/pxeboot/ /var/lib/tftp/images/rhv-4.3/
8. Create a configuration file named grub.cfg in /var/lib/tftpboot . Here is a sample configuration file at /var/lib/tftpboot/grub.cfg :
set default=0 set timeout=60 menuentry 'Install RHVH 4.3' --class fedora --class gnu-linux --class gnu --class os < linuxefi images/rhv-4.3/vmlinuz inst.ks=http://192.168.1.10/kickstarts/ks.cfg inst.stage2=http:// 192.168.1.10/rhv4.3/ISO quiet initrdefi images/rhv-4.3/initrd.img >
9. Enable and start the tftp service:
#systemctl enable tftp; systemctl start tftp
Tips regarding creating the grub.cfg
Creating a grub.cfg might require some additional parameters dependent on the network. Here are some commonly used parameters which might be needed in the grub.cfg :
If this option is set, dhclient is called with -timeout , so it is useful if the DHCP server replies are delayed:
This is useful in case the server which is to be installed has multiple interfaces and only one is dedicated to the PXE boot.
For more options, you can refer to the man page for the Dracut Command Line.
Wrapping Up
It is a somewhat lengthy process to set up a PXE system, so we’ll continue next week with part two. At this point, you will have a functioning PXE server, a DHCP server configured for delivering IP addresses to PXE booted systems, and a TFTP server to deliver a bootable system and ISO images.
In part two, I will continue with the PXE setup by showing you how to set up the HTTP server, the Kickstart file, the host-based firewall, and the network. I also discuss troubleshooting your PXE setup and I cover some automation options.
[ Need to learn more about Linux system administration? Take a Red Hat system administration course. ]