dropdown menu

Red Hat - Netboot and Install from NIM server

A NIM server can boot up and install AIX servers from network using TFTP, BOOTP protocols. As other operating systems are using these same protocols for network boot (and install), our NIM server could be utilized for network booting and installing RHEL 6 or 7 servers as well. The process is basically the same on each environment, but the setup and configuration is different for AIX, RHEL 6 and RHEL 7. (In the Linux world there are many other methods to achieve this, like a Kickstart server, here wanted to show that NIM server is capable of doing these tasks.)

RHEL 6:
After network boot is started (tftp, bootp) the first reference on NIM is the /etc/yaboot.conf file, which points to a kickstart file (ks.cfg), which does the automatic install. For initiating a network boot we will use a fixed IP (172.23.72.15), but later during kickstart we will use dhcp (as it did not work with static ip, just with a local cdrom install) ks.cfg is configured to download install packages by HTTP (I tested with NFS and FTP but it did not really worked.)

RHEL 7:
Similar as above, just after network boot, /boot/grub/powerpc-ieee1275/grub.cfg file is used, this points to the kickstart config file as well.


Some additional details found on internet:
RHEL7 has moved to Grub2 as the boot loader, so there are a few things that are different... The biggest thing is that Grub2 will look for it's configuration in /boot on the TFTP server (not /etc like Yaboot does). RHEL7 is also smarter on NFS versions, so you shouldn't have to specify the version if using version 3 like you do on RHEL 6.

The Yaboot binary automatically looks for /etc in the TFTP directory. Since AIX doesn't chroot TFTP, you have to put things were Yaboot can find it. Similarly, if you are using Grub2 from and AIX boot system, it will look in /boot/grub2 for things it needs when network booting.


These steps will show how to install RH6 and RH7 servers via network from NIM:
1. HTTP access
2. Copy data from DVD
3. /etc/bootptab
4. Boot config files
5. /etc/tftpaccess.ctl
6. Kickstart file
7. Netboot

All the configuration will be done on the NIM server. A RH LPAR has been created earlier (same LPAR can be used for RH6 or RH7 install) and a fixed IP is reserved for this purpose:
172.23.72.15  - IP configured initially on RH for netboot
172.23.74.4   - IP of NIM server
172.23.72.1   - gateway
255.255.248.0 - subnet mask

----------------------------------------

1. HTTP access:

During installation we will use HTTP, so on our NIM server a webserver has been installed (Apache) and in httpd.conf this was needed to add at the end:

# vi /opt/freeware/etc/httpd/conf/httpd.conf
#RHEL image creation
Alias /export  "/export/"
<Directory "/export/">
    Options Indexes FollowSymLinks Includes MultiViews
    Require all granted
</Directory>


After that stop/start:
# /etc/rc.d/init.d/httpd start
# /etc/rc.d/init.d/httpd stop

----------------------------------------

2. Copy data from DVD

On the NIM server we need to copy the whole content of the RH DVD iso to a direrctory:
(this directory will be used during OS installation to install all the packages via http)

# loopmount….
# cp -prh /mnt /export/nim/rhel_6.10_ppc64
# cp -prh /mnt /export/nim/rhel_7.6_ppc64


For network boot we need to copy additional files from DVD, but there is a difference between RH6 and RH7, what files are needed on which locations:

RHEL 6:
- copy yaboot.conf from iso: /ppc/ppc64/yaboot.conf to /etc/yaboot.conf on NIM
- copy vmlinux (linux kernel) and initrd.img under /tftpboot directory
# mkdir -p /tftpboot/rhel6_ppc64
# cp /export/nim/rhel_6.10_ppc64/ppc/ppc64/initrd.img /tftpboot/rhel6_ppc64
# cp /export/nim/rhel_6.10_ppc64/ppc/ppc64/vmlinuz /tftpboot/rhel6_ppc64


RHEL 7:
the main directory is /boot,  which was copied from ISO image:
# cp -prh /export/nim/rhel_7.6_ppc64/boot /boot

Beside that initrd.img and vlinuz was also copied to /boot:
# cp /export/nim/rhel_7.6_ppc64/ppc/ppc6/initrd.img /boot
# cp /export/nim/rhel_7.6_ppc64/ppc/ppc6/vmlinuz /boot

----------------------------------------

3. /etc/bootptab

/etc/bootptab has to be updated manually so network communication is possible during netboot.

Added these lines at the end of bootptab file:
(yaboot and core.elf files have been copied earlier)

RHEL 6:
ls-rh-ppc64-base:bf=/export/nim/rhel_6.10_ppc64/ppc/chrp/yaboot:ip=172.23.72.15:ht=ethernet:sa=172.23.74.4:gw=172.23.72.1:sm=255.255.248.0:

RHEL 7:
ls-rh-ppc64-base:bf=/boot/grub/powerpc-ieee1275/core.elf:ip=172.23.72.15:ht=ethernet:sa=172.23.74.4:gw=172.23.72.1:sm=255.255.248.0:


After installation completed these lines should be removed manually.

----------------------------------------

4. Boot config files

The main config file for inital network boot is different for RHEL6 and 7:
RH6: yaboot.conf
RH7: grub.cfg

RHEL 6: /etc/yaboot.conf
During network boot a filename with MAC address is searched, if that file is missing, then boot process will check different MAC address and IP variations. For each variation there is a timeout if that file is not found… so we don’t want to wait 2 mins, create a link with MAC address to this file:
# cd /etc
# ln -s yaboot.conf 01-fa-8e-09-73-18-20

(I tried to use NFS which worked here, but later in the kickstart file it did not work NFS, so I changed to HTTP everywhere)
# cat /etc/yaboot.conf
init-message = "\nWelcome to the 64-bit Red Hat Enterprise Linux 6.10 installer!\nHit <TAB> for boot options.\n\n"
timeout=50
default=linux

image=rhel6_ppc64/vmlinuz
        label=linux
        initrd=rhel6_ppc64/initrd.img
#       append="ks=nfs:nfsvers=3:172.23.74.4:/export/nim/misc/rhel6_ppc64_ks.cfg ksdevice=eth0 ip=172.23.72.15 netmask=255.255.248.0 gateway=172.23.72.1"
        append="ks=http://172.23.74.4/export/nim/misc/rhel6_ppc64_ks.cfg ksdevice=eth0 ip=172.23.72.15 netmask=255.255.248.0 gateway=172.23.72.1"
        read-only



RHEL 7: /boot/grub/powerpc-ieee1275/grub.cfg
# cat /boot/grub/powerpc-ieee1275/grub.cfg
set default=0
set timeout=5

echo -e "\nWelcome to the Red Hat Enterprise Linux 7.6 installer!\n\n"

menuentry "RHEL for PowerPC" {
     linux /boot/vmlinuz ro ip=172.23.72.15::172.23.72.1:255.255.248.0:ls-rh-ppc64-base:eth0:none inst.repo=http://172.23.74.4/export/nim/rhel_7.6_ppc64/ inst.ks=http://172.23.74.4/export/nim/misc/rhel7_ppc64_ks.cfg
     initrd /boot/initrd.img
}

----------------------------------------

5. /etc/tftpaccess.ctl

On the NIM server we need to grant access to the needed resources. Some lines have been added to /etc/tftpaccess.ctl.

# cat /etc/tftpaccess.ctl
# NIM access for network boot
allow:/tftpboot
allow:/tftpboot/rhel6_ppc64
allow:/export/nim/rhel_6.10_ppc64
allow:/etc/yaboot.conf


Some side note:
NFS export is not needed as we use HTTP. I did some experiment with NFS and I leave here commands I used (just in case):
exportfs -i /export/nim/rhel_6.10_ppc64
exportfs -i /export/nim/misc

unexport:
exportfs -u /export/nim/rhel_6.10_ppc64
exportfs -u /export/nim/misc

----------------------------------------

6. Kickstart file:

Kickstart files are controlling what settings should be used during install (timezone, language...) 2 files have been created in /export/nim/misc, one for RH6 and one for RH7. (the url line contains the path on NIM sever for the install resources)

RHEL 6:
# cat rhel6_ppc64_ks.cfg
lang en_US
keyboard us
timezone Europe/Vienna --isUtc
rootpw $1$3Qm1F030$Q6ExOTiF/ndBk7neDKNZp1 --iscrypted
#platform IBM pSeries
reboot
text
#cdrom
url --url http://aix-mgmt.mydomain.org/export/nim/rhel_6.10_ppc64
bootloader --location=mbr --append="rhgb quiet crashkernel=auto"
zerombr
clearpart --all --initlabel
autopart
#network --device=eth0 --bootproto=static --ip=172.23.72.15 --netmask=255.255.248.0 --gateway=172.23.72.1
network --device eth0 --bootproto dhcp --hostname ls-rh-ppc64-base
auth --passalgo=sha512 --useshadow
selinux --disabled
firewall --disabled
skipx
firstboot --disable

%post
mkdir /root/.ssh
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDkG2Q00DnTLjXrU+gP7mxdrEMao55555555555Xs2HzfIjX73f7imMO5dEP7lWEFuKbXgTjgMsaWnFC6SCRiqCBFi9aPcTfTc12FVUHf2D18oqoi2LjqAslHSFUILRwhJi0dn0k6u8U1k7c7oV3VWb1bsMipn86/De+axa7endkXfTLOgWu3A1c/2H/Wf2nfpw2ElPOPZJJ3kVGqCJXFnHbOrWm9nw1GCDfQPNi82qySiuuCPBzjb953JdMrNVX++tmObFr6veH9775z4ucE/a67wp/XnGEy2lYogQcWj5lPULc6bUFSQvl0hT1HotvQlaywm2fB1eb6U88RSUV5VZ user@aix.mydomain.org' >> /root/.ssh/authorized_keys
%end

RHEL 7:
same as for RHEL 6, only the url line is different:
url --url http://aix-mgmt.lnz.lab.dynatrace.org/export/nim/rhel_7.6_ppc64

----------------------------------------

7. Netboot:

After all these steps have been prepared, netboot of RH LPAR can be initiated from HMC:
ssh hscroot@hmc01 "lpar_netboot -v -f -D -i -t ent -s auto -T off -d auto -S 172.23.74.4 -C 172.23.72.15 -G 172.23.72.1 -K 255.255.248.0 rh-ppc64-lpar default_profile man-sys-01"

----------------------------------------

if needed logging in yaboot.conf or grub.conf: https://wwoods.fedorapeople.org/doc/boot-options.html#_inst_syslog
user@aix-mgmt:/var/log $ tail -f user

----------------------------------------

No comments:

Post a Comment