This is an article about Kickstart written by guest author, dos2unix from the Linux.org Forum. It’s the first of a few articles from them, so let’s give them a warm welcome and enjoy their article!
Kickstart Vol. I
Kickstart is really Redhat/CentOS/Fedora-centric. There are some attempts for parts of this work on Ubuntu and SuSE, but so far there is really little support for this. Kickstart does a lot of the mundane work for you. It sets up the filesystems for you, you control this size and format of them. It creates user accounts for you, sets up your network for you, and installs the packages you want to be installed (or not installed). You can even run a shell script automatically when everything is done.
Now if you only have one computer, and you only install the OS once a year, this isn’t going to save you much time. However if you have quite a few computers, for example a data-center with dozens or hundreds of servers. Or even a few test systems that have to be rebuilt every day or every few days. Then this can save you a lot of time.
The Kickstart computer itself doesn’t have to be anything fancy. In fact, it doesn’t even have to run one of Redhat type OS’s listed above. It can be Debian, Ubuntu, or whatever you like. It’s best if it has two LAN (Ethernet) interfaces. Most computers cannot be Kickstarted over WiFi yet. You can use a single network interface, but it makes things a little more difficult. If you have a lot of computers to Kickstart, I recommend that you get a small un-managed switch. 5 or 8 ports should be plenty, unless you’re at a data-center.I have worked in data-centers, but now I work at a place that writes software, and we test it over and over again, so I have to “rebuild” the OS sometimes several times a day.
Obviously you’ll need a computer to do this. If possible you’ll want a second computer to test on. One that will be the computer that’s being “Kickstarted”. You’ll need about 20 GB of free space on your Kickstart server to install .ISO images of the OS(es) you want to install.
Your Kickstart server will need three items installed. There are multiple ways to do this. We will discuss a couple of the most common ones. Perhaps a follow-up article will offer more options if there is enough interest.
First you need a web server like Apache httpd, or NGINX, you could even use the simple Python web-server, it doesn’t matter that much.
Second you’ll need a DHCP server, again you could use either BIND or dnsmasq, we will discuss both ways. Finally you’ll need a tftp server. If you use dnsmasq,it has a tftp server of sorts built-in.
It’s beyond the scope of this article to teach you how to install these items, it is assumed you already know how to install software.Note that this will have to be on a different network that your normal home/work/datacenter network.
You don’t want Kickstart erasing, wiping out, and re-installing the OS’s on your every day driver. This is why I recommend one with two interfaces. Otherwise, you’ll have to re-configure your network to download packages, install updates,and add more packages if necessary, and then re-configure it back to your Kickstart network. That gets old in a hurry, trust me.
I’m using Fedora as my Kickstart server. I currently have configurations to install Redhat 8, Redhat 9, CentOS 8, Fedora 33, Fedora 34, and Fedora 35. I install all of these on 3 different computer hardware types. You don’t have to install the same OS that your Kickstart server is running. For this first example, I’m going to use NGINX as my web server, dhcpd (BIND) as my DHCP server, and tftp-server, as well… My tftp server. My Kickstart has two LAN interfaces, it doesn’t really matter too much how you have the first interface configured.
Again, it’s beyond the scope of this article to tell you how to configure your network interfaces, it is assumed you already know how to do this. You’ll want a static IP on your second interface.A gateway isn’t required, for this article, we can just 192.168.7.227, try to pick something obscure that no one else will use in the environment you are in. I will go ahead a use a /24 subnet or 255.255.255.0 for those who aren’t familiar with CIDR subnet masks.
Remember this IP address, it will be used in quite a configuration files. Again you can use any IP you like,but remember what it is, because you’ll need it several times.
So for Fedora, it’s a simple dnf install -y nginx dhcpd-server tftp-server
, other OS’es may vary.
Once they are installed we will need to configure them.
The first one here is NGINX. On most Linux’s I have used, the nginx.conf file is located in /etc/nginx/nginx.conf. You have a “server section” in this file.It’ll say server with a { after it. Replace the contents of your server section with the content below. This assumes your web content will be at /usr/share/nginx/html you can adjust this accordingly. This will be where your extracted .iso images will live. So make sure you have space here (or do a soft link to another directory that has space). You can use SSL/HTTPS, but again that’s beyond the scope of this article.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | include /etc/NGINX/conf.d/*.conf; server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/NGINX/html; # Load configuration files for the default server block. include /etc/NGINX/default.d/*.conf; location / { autoindex on; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } |
I also recommend adding these two lines, below your access_log section. The other lines will likely already be there.
access_log /var/log/nginx/access.log main;
| sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; types_hash_bucket_size 64; include /etc/NGINX/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/NGINX/conf.d directory. # See http://NGINX.org/en/docs/ngx_core_module.html#include # for more information. |
Now enable and start your web server. For Fedora it’s
systemctl enable nginx
systemctl start nginx
Now we need to configure your DHCP server. For BIND (dhcpd) the conf file is usually located at /etc/dhcp/dhcpd.conf (not to be confused with dhcpd6.conf )
Just mv the dhcpd.conf to something like dhcpd.conf-original or whatever you like, just make sure it doesn’t end with “.conf”. Now make a new files and copy the following to it.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | ## Note /etc/xinetd.d/tftp is no longer needed, this path is set in the tftp.service file. allow booting; allow bootp; set vendorclass = option vendor-class-identifier; option pxe-system-type code 93 = unsigned integer 16; set pxetype = option pxe-system-type; option domain-name "Kickstart.com"; subnet 192.168.7.0 netmask 255.255.255.0 { option domain-name-servers 10.0.0.1; option broadcast-address 192.168.7.255; option routers 192.168.7.227; default-lease-time 14400; max-lease-time 28800; if substring(vendorclass, 0, 9)="PXEClient" { if pxetype=00:06 or pxetype=00:07 { filename "efi/shimx64.efi"; } else { filename "pxelinux/pxelinux.0"; } } pool { range 192.168.7.10 192.168.7.120; } next-server 192.168.7.227; } |
I’m using the entire 192.168.7.x subnet here. The IP address of my Kickstart server is 192.168.7.227.Edit this file and replace the values of your server/network accordingly. The range tells my DHCP server to only give out IP addresses between 10 and 120.
Now you may be wondering about that last line, what is the “next-server” and why does it have the same IP address as my Kickstart/DHCP server? The “next server” after I receive a DHCP address is the tftp server, it’s located at the same IP address. You could run it on a different server, but most people run it on the same server.
Again just like NGINX, let us enable and start the service.
systemctl enable dhcpdsystemctl start dhcpd
For the tftp server, you really don’t have to do much, by default tftp wants tftpboot to be at /var/lib , so…
| mkdir /var/lib/tftpboot systemctl enable tftp.socketsystemctl start tftp.socket |
Note this is a listening socket, not really a server per se.If you want to make sure that your tftp server if pointing to /var/lib/tftpboot you can run..
systemctl cat tftp.service
You should see a line like this somewhere:
ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot
I would recommend not changing this, as several configuration files will like in this directory.
Closure:
Honestly, I edited the above the best that I could – given that I know nothing about the subject. I appreciate the articles, but it means trusting dos2unix – and I’m perfectly willing to do that. If you have any questions, you can post them here or you can post them on the linux.org forum where I share this article (as that’s where dos2unix lives).
Either way, stay tuned – as this is just the first part of a series of articles handily written on this subject. I, for one, am going to probably use the break to get a few articles ahead so that the new year starts off right.
Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.