Automated OS Installation PXE server using iPXE - Part 2 - DHCP server

DHCP Server Configuration:

DHCP server setup is part of  PXE server setup. We need to configure DHCP server in such a way that it will fulfill our requirements. I have taken templates from robinsmidrod's portal. The scripts in that portal are beautifully configured hence reduces of efforts to configure them from scratch. 

We use multiple scripts in for DHCP configuration. The first file is as mentioned below.

/etc/dhcp/dhcpd.conf and content of the file is:

ddns-update-style none;
deny bootp;     #default
authoritative;
include "/etc/dhcp/ipxe-option-space.conf";

# GREEN 
subnet 172.20.0.0 netmask 255.255.0.0 {
        range 172.20.10.11 172.20.100.254;
        option subnet-mask 255.255.0.0;
        option routers 172.20.10.10;

        default-lease-time 3600;
        max-lease-time 4800;

    include "/etc/dhcp/ipxe-green.conf";
}

In this file you can edit the dhcp range and other details as per your requirements. The other files we are going to create are already mentioned in the dhcpd.conf file. The second file is /etc/dhcp/ipxe-option-space.conf file. Please find the contents of the file below.

# Declare the iPXE/gPXE/Etherboot option space
option space ipxe;
option ipxe-encap-opts code 175 = encapsulate ipxe;

# iPXE options, can be set in DHCP response packet
option ipxe.priority         code   1 = signed integer 8;
option ipxe.keep-san         code   8 = unsigned integer 8;
option ipxe.skip-san-boot    code   9 = unsigned integer 8;
option ipxe.syslogs          code  85 = string;
option ipxe.cert             code  91 = string;
option ipxe.privkey          code  92 = string;
option ipxe.crosscert        code  93 = string;
option ipxe.no-pxedhcp       code 176 = unsigned integer 8;
option ipxe.bus-id           code 177 = string;
option ipxe.bios-drive       code 189 = unsigned integer 8;
option ipxe.username         code 190 = string;
option ipxe.password         code 191 = string;
option ipxe.reverse-username code 192 = string;
option ipxe.reverse-password code 193 = string;
option ipxe.version          code 235 = string;
option iscsi-initiator-iqn   code 203 = string;

# iPXE feature flags, set in DHCP request packet
option ipxe.pxeext    code 16 = unsigned integer 8;
option ipxe.iscsi     code 17 = unsigned integer 8;
option ipxe.aoe       code 18 = unsigned integer 8;
option ipxe.http      code 19 = unsigned integer 8;
option ipxe.https     code 20 = unsigned integer 8;
option ipxe.tftp      code 21 = unsigned integer 8;
option ipxe.ftp       code 22 = unsigned integer 8;
option ipxe.dns       code 23 = unsigned integer 8;
option ipxe.bzimage   code 24 = unsigned integer 8;
option ipxe.multiboot code 25 = unsigned integer 8;
option ipxe.slam      code 26 = unsigned integer 8;
option ipxe.srp       code 27 = unsigned integer 8;
option ipxe.nbi       code 32 = unsigned integer 8;
option ipxe.pxe       code 33 = unsigned integer 8;
option ipxe.elf       code 34 = unsigned integer 8;
option ipxe.comboot   code 35 = unsigned integer 8;
option ipxe.efi       code 36 = unsigned integer 8;
option ipxe.fcoe      code 37 = unsigned integer 8;
option ipxe.vlan      code 38 = unsigned integer 8;
option ipxe.menu      code 39 = unsigned integer 8;
option ipxe.sdi       code 40 = unsigned integer 8;
option ipxe.nfs       code 41 = unsigned integer 8;

# Other useful general options
# http://www.ietf.org/assignments/dhcpv6-parameters/dhcpv6-parameters.txt

option arch code 93 = unsigned integer 16;

This file mainly concentrates on declaring the ipxe options. The last file in dhcp folder is /etc/dhcp/ipxe-green.conf and contents are mentioned below.

allow bootp;
allow booting;
next-server 172.20.10.10; # core.smidsrod.lan

# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;


if not exists ipxe.bus-id {
next-server 172.20.10.10;
#filename "undionly.kpxe";
     if option arch = 00:06 {
         filename "grub/ipxe-x86.efi";
     } elsif option arch = 00:07 {
         #filename "grub/ipxe-x64.efi";
filename "grub/ipxe.efi"; 
#filename "grub/snponly.efi";  
     } elsif option arch = 00:00 {
         filename "undionly.kpxe";
}
}
else {
next-server 172.20.10.10;
filename "ipxe/boot.ipxe"; #Provide configuration file path

}

These 3 files reside in /etc/dhcp folder. Configure your static ip (next-server ip)  based on the dhcp range and restart the server. You should be able to start your dhcp server without any issues.

If you find any issues while starting the DHCP service, check in /var/log/messages and resolve the issue.

We have configured dhcp server with this and check the next post to configure ipxe server.

Automated OS Installation PXE server using iPXE - Part 1

Hello There,

In this series of posts, I will be explaining PXE server setup using iPXE and some other tools. By end of this tutorial, you will be having a PXE server which can accomplish the tasks for you.

1. a PXE server capable of installing all OSes like Windows, Linux and VMware.
2. Every OS will be installed with a single touch and no human intervention is required.
3. You can install OS on iSCSI or FCoE LUN and driver update to discover LUN is automated as well
4. The PXE sersver is capable of working on Legacy and UEFI modes.

As this setup needs some amount of configuration which we will do it in Parts, so that it will be easy to us to understand. I am dividing the configuration into below steps.

1. We will be configuring a DHCP server which will work for Legacy and UEFI boots.
2. We will install iPXE in DHCP server and configure iPXE boot loaders for Legacy and UEFI.
3. We setup a Cobbler server and configure the Kickstart files for Automated OS installation
4. We setup a Windows WDS server configure OSes for Automated OS installation
5. We will create scripts in iPXE to install the different OSes from different locations.

I hope it will fulfill you requirement. If I miss anything you can leave a comment so that I can try to explain that. 

IET - iSCSI Enterprise target

Hi,

This post is a simple tutorial on how to use IET software target. IET stands for iSCSI Enterprise Target. There are few Software targets available for Linux operating system and IET is one of the best and easy to configure software target.

You can download the IET target from the Sourceforge.net. The installation is pretty easy. In this tutorial I am not covering installation process.

Checking iSCSI Target service:
Once you install the IET target software in your Linux System, you need to check the IET service status using the below command to confirm that target service is running.

service iscsi-target status

If the service is not running you can start the service using the below command.

service iscsi-target start

We can create and delete targets and LUNs through command line or by editing the configuration file /etc/iet/ietd.conf. I will cover the command line configuration in this tutorial. IETADM is the tool to configure IET target.

Creating a New Target: 
We can create a new target using the below command.

ietadm --op new --tid=1 --params --name= iqn.2009-10.com.iet:target

In the above command, --op is the operation. We can mention different operations like new, delete and show.

--tid is the target ID. You can create multiple targets by providing different Target IDs with Unique Target IQN names for each target ID.

--params is the Parameters required to complete the command.

Once you create the target, you can check view the target details by the below command

cat /proc/net/iet/session

Deleting the existing Target:
To delete the existing target you can use the below command

ietadm --op delete --tid=1

You don't need to provide any parameters except Target ID to delete a target.

Creating a new LUN:
You can create a new LUN using the below command. I use dd command to create a LUN file in Linux. Make sure that you have enough space to create a Virtual LUN file in your Linux system. In this example I want to create the LUN file in /home directory.

dd if=/dev/zero of=/home/IET/target1/LUN0 bs=1G count=60

In the above example, bs stands for Block size and count is the multiplication of Block size to create the LUN with required size. So I will be creating 60 X 1G = 60G LUN. You can try Block size as 1k, 1m etc. It will take sometime based on the LUN size you have mentioned.

Now we have a LUN and Target created and we will see how to map the LUN to the target.

Mapping the LUN to Target:
You can map a LUN to the target using the below command.

ietadm --op new --tid=1 --lun=0 --params=path=/home/IET/target1/LUN0,Type=fileio

As per the above command, we are creating mapping a LUN as LUN id 0 with the LUN placed in /home/IET/target1 folder. Type is fileio as it needs to perform Input and Output operations. 

To check LUNs mapped to targets, use the below command.

cat /proc/net/iet/volume

It will list the available targets and LUNs mapped to the particular targets. 

Configuring CHAP:
CHAP provides security for the targets to be accessible by Initiators. CHAP is two types.

1. One way CHAP 
2. mutual CHAP

Use the below command to configure One way CHAP

ietadm --op new --tid=1 --user --params=IncomingUser=incuser,password=xxxxxxxxxxxx

Use the below command to configure mutual CHAP

ietadm --op new --tid=1 --user --params=OutgoingUser=ouruser,password=xxxxxxxxxxxx

Once you configure the One way and mutual CHAP, use the below command to check

ietadm --op show --tid=1 --user

This is the tutorial on IET software target usage. Please leave a comment if you have any query on this post. 

Thank you...

PXE Continuous Reboot using iPXE

Hi,

In this post, I will be explaining how to put a machine on PXE continuous reboot using iPXE. I am assuming that you are having the basic knowledge PXE functionality.

PXE continuous reboot works with the simple steps which I mentioned below.

1. First we will include a reboot script in PXE boot image.
2. Server boots from a pxe device and download the PXE boot image.
3. PXE boot image got executed and server will be rebooted
4. Server will reboot continuously as it follows the steps 1 to 3.

I will be using iPXE image for this task. iPXE is an extension to the PXE and it has more advantages like scripting which helps us in accomplish our task easily.

You need the below stuff to configure a iPXE server.

1. One Linux system which is having DHCP and TFTP configured.
2. IPXE ROM image and script files.

1. Configure DHCP server: 
Configuring DHCP server in linux is simple. Assign a static IP for one of the Linux system's port on which you want to configure DHCP server. 

Static IP: 172.20.10.20
Netmast: 255.255.255.0

Copy the below content to your dhcpd.conf in /etc/dhcp folder.

ddns-update-style interim;
option space ipxe;
option ipxe-encap-opts code 175 = encapsulate ipxe;
option ipxe.bus-id code 177 = string;

subnet 172.20.10.0 netmask 255.255.255.0 {
        default-lease-time 3600;
        max-lease-time 4800;
        option routers 172.20.10.20;
        option subnet-mask 255.255.255.0;
        range dynamic-bootp 172.20.10.21 172.20.10.254;
        option time-offset -8;
if not exists ipxe.bus-id {
next-server 172.20.10.20;
filename "undionly.kpxe";
}
else {
next-server 172.20.10.20;
filename "ipxe/menu.ipxe";      #Provide configuration file path
}
server-name "pxe_reboot_server";
server-identifier 172.20.10.20;
}

After editing the dhcpd.conf file, restart the dhcpd server and check for errors.

Configure IPXE:
Configure the tftp folder in the same linux server. You can get many online tutorials to configure a tftp folder so I am assuming that you have configured tftp server and make sure that tftp service is running.

I have my tftpserver share is pointing to /var/lib/tftpboot folder. Now I will place "undionly.kpxe" file directly in tftpboot folder. Now create a folder named "ipxe" in tftpboot folder and create a menu.ipxe file in "ipxe" folder.

We are having the file hierarchy as below. 
/tftpboot/undionly.kpxe
/tftpboot/ipxe/menu.ipxe

Now add the below code to menu.ipxe file.

#!ipxe
echo Server will reboot in 60 seconds
sleep 60
reboot

Now reboot the DHCP and TFTP services and check for errors. If you find any errors please leave comment explaining the error so that I can help.

Now enable PXE for the adapter and make sure to bring the PXE device up in the Boot order list to make sure that server will boot PXE first. Disable harddisk or any other boot-able device if required.  Reboot the server and you can see that server is going for continuous reboot after pxe boot.

How to perform iBFT?

As discussed in previous post, We can perform iBFT in three ways. I will be explaining that in brief below.


iBFT though System ROM (Native iBFT):
Many servers supporting iBFT through system ROM. As per my knowledge most of the UEFI boot supported servers support iBFT through their ROM. In these servers iBFT is implemented in UEFI ROM. To perform this type of iBFT boot, all we need is a iBFT supported Server ROM and a network adapter. Normally UEFI Firmware will contain the required iBFT drivers.

Here is the way to perform iBFT in this method.

1. Configure a server with a network adapter
2. Enter System UEFI interface. Here, in Network settings you can find iSCSI configuration field.
3. Select the iSCSI Configuration option and provide the Initiator and Target details.
4. Now Reboot the system
5. You will be able to see an iSCSI session is established in iSCSI Target.
6. Enter UEFI Shell. If inbuilt system UEFI shell is not available, Copy required UEFI kernel files into a USB and boot from the UEFI kernel.
7. In UEFI Shell, Enter the command “drivers –b” à It will list all the drivers loaded
8. You can find “ISCSIDXE” driver file which is the inbox iBFT supported driver file.
9. Now you can check all the iSCSI target and initiator details using the command “Map -r"
10. You can see the iSCSI target details in the output.
11. Now proceed to install OS and provide Network drivers if LUN not detected.

iBFT though Adapter's Firmware:
Many HBA adapters and CNA Adapters available now with Inbuilt iBFT support. To perform the iBFT using Adapters Firmware, we should be having the required drivers. We need to keep the Boot Mode as disabled and Personality should be NIC. Here are the simple steps to perform:

1.  In UEFI supported system, Go to the Network settings in System BIOS settings and change the personality to “NIC” only.
2.  Reboot the system
3.  Enter system settings and select iSCSI configuration for particular adapter’s network settings.
4. Provide all the required initiator and Target information to boot from iSCSI and save it.
5. Enter UEFI Shell. If inbuilt system UEFI shell is not available, Copy required UEFI files into a USB and boot from the file.
6. Select the boot from file in Boot options and provide the UEFI file “UEFIx64”
7.  Take a USB and copy all required UEFI shell files and drivers to that and connect it to the server (Applicable to Network adapter supported iBFT)
8.  Now Reboot the system.
9. You will be able to see an iSCSI session is established in iSCSI Target.
10. Enter UEFI Shell. If inbuilt system UEFI shell is not available, Copy required UEFI files into a USB and boot from the file.
11. Select the boot from file in Boot options and provide the UEFI file “UEFIx64”
12. It will load the UEFI shell
13. Enter the command “drivers –b” à It will list all the drivers loadedYou can find “ISCSIDXE” driver file which is an inbox iBFT supported driver file.
14. Now you can check all the iSCSI target and initiator details using the command “Map –r”
15. You can see the below output if the LUN detected successfully.
16. Select the boot from file and provide the UEFI file “UEFIx64”
17. It will load the UEFI shell
18. drivers -b à It will list all the drivers loaded
19. unload XX <Where “XX” is handle for iscsidxe driver>
20. And for loading go to directory where driver is, eg:- fs0: or fs1:
21. Then “load <driver name>”
22. Load iSCSIConfig first then DXEdisk driver. Once you load the drivers
23. Don’t reboot the server because it will lose all the drivers you have loaded previously.
24. Just try to boot from DVD from RBSU itself.

What is iBFT?

Hello All...

I have worked on iBFT for more than a year during its initial time. I was surprised to do Software iSCSI during OS boot using this new technology on non iSCSI adapters. Why it is different from normal Software iSCSI? In Normal Software iSCSI, we need a OS installed on which we can install this iSCSI initiator software. In iBFT there is no need of OS to install. It works in preboot environment.

I have performed Native iBFT, System ROM iBFT and using iPXE. I have worked on different scenarios as it was at the initial time. Let me explain this in brief.

We have two different ways to perform an iSCSI configuration.

1. Hardware iSCSI
2. Software iSCSI

In Hardware iSCSI, iSCSI feature is implemented in the Converged Network Adapter and we will be able to perform the iSCSI in Hardware level by using UEFI or Legacy boot methods.

When it comes to Software iSCSI, we will install an application called Software iSCSI initiator which will help in passing the iSCSI parameters.

Briefly, in Hardware iSCSI the adapter will take care of most of work. It will convert SCSI commands to iSCSI CBD while sending requests and converts iSCSI CBDs into SCSI commands. It will take care of the CPU offload, so that less load will be there on CPU. So in Hardware iSCSI, the iSCSI HBA is the one man army.

In software iSCSI, It is all nothing but a software. Here Software will take care of all the work. So To run this software there will be extra load on CPU. The iSCSI initiator software will take care of passing the parameters.

iBFT stands for iSCSI Boot Firmware Table. It provides a standard way to boot from software initiated iSCSI. The iSCSI Boot Firmware (iBF) Table (iBFT) is a block of information that contains various parameters that are useful to the iSCSI Boot process. The iBFT is the mechanism by which iBF parameter values are conveyed to the operating system. The iBF builds and fills in the iBFT. The iBFT is available to the operating system to enable a consistent flow of the boot process.

iBFT can be performed in 3 ways.

1.   Through System ROM

2.      Through Network Adapter Firmware

3.      Through NBP boot program (iPXE)

The first post

Hi Techies,

I am Shanky and I work in a Network product based company. I have a bachelors degree in Computers and Electronics. I do like writing, however being lazy for these many days to start my own blog to share my thoughts.

In my every day office life I come across lot of doubts and the Great Google solves it most of the time. Some times I won't find enough details and proper solution from Internet, then I will do my own investigation and the result may be positive or negative. If it is positive and working good for me I really want to share them to others so that it can be helpful and saves time.

I love to explore new technologies and since it is new I will find less data in Internet and rest I will find by myself or my colleagues help me out. I am a bad student and I take time to understand things but I will learn in depth. I will explain the things in the same way, I mean very clear to understand.

I hope I will continue to be a good writer and laziness won't beat me :)