{"id":248,"date":"2022-01-16T17:12:05","date_gmt":"2022-01-16T17:12:05","guid":{"rendered":"http:\/\/10.171.10.16:10000\/?p=248"},"modified":"2022-02-13T20:19:19","modified_gmt":"2022-02-13T20:19:19","slug":"rebuilding-a-pxe-boot-server-with-almalinux","status":"publish","type":"post","link":"https:\/\/dannypayne.me\/?p=248","title":{"rendered":"Rebuilding a PXE boot server with AlmaLinux"},"content":{"rendered":"\n

With the impending doom of CentOS, I figured now would be a great time to update the series of blog posts created in 2020 regarding building a PXE boot server, but for AlmaLinux.
<\/p>\n\n\n\n

This series of posts will be about rebuilding this server with AlmaLinux.
The main things I want to accomplish are:
– Rebuild the server with AlmaLinux
– Replicate the previous setup (booting memtest, gparted, clonezilla, etc)
– Replace the CentOS kickstart setup with something similar for AlmaLinux
– PXE boot Windows installations (MDT, unattend.xml, etc)<\/p>\n\n\n\n

In this post I’m going to cover initially setting the PXE server up, and booting the AlmaLinux setup.<\/p>\n\n\n\n

This post assumes that you’ve already downloaded and installed the latest AlmaLinux (8.5 at the time of writing) on a new VM within your environment. As before, here are the details of the VM within my environment:

Server IP<\/strong>: 10.179.1.10
Hostname<\/strong>: COLO-PXE
OS<\/strong>: AlmaLinux 8.5 (Artic Sphynx)
CPU<\/strong>: 4 cores
RAM<\/strong>: 4GB
Hard disk<\/strong>: 128GB (thin provisioned)
Firewalld is disabled, and SELinux is set to Permissive<\/strong>

The VM will be setup with a standard AlmaLinux Minimal install using the AlmaLinux-8.5-x86_64-minimal<\/a><\/strong> ISO obtained from the AlmaLinux Mirror List; boot the ISO, run through the setup, select Minimal Install<\/strong>, login at the console once the install has completed and set an IP and hostname, and also install open-vm-tools<\/strong>. Reboot the VM once more and then we can SSH into it. <\/p>\n\n\n\n

Install required packages<\/h3>\n\n\n\n

Once the VM is back online and we’re SSH’d in, we’re going to install the following packages\/run the following command:<\/p>\n\n\n\n

[root@COLO-PXE ~]# yum -y install tftp-server vsftpd xinetd httpd syslinux wget<\/code><\/pre>\n\n\n\n
As before, we’re not installing DNSMASQ<\/code> on our VM as our DHCP is handled on our router\/firewall in this example. <\/p>\n\n\n\n
Populate SYSLINUX bootloaders <\/h3>\n\n\n\n
Now that we’ve installed our packages, we’re ready to start editing configs and copying files around. To start, we’re going to copy all of the SYSLINUX bootloader files to our tftproot folder with the following commands:<\/p>\n\n\n\n
[root@COLO-PXE ~]# cp -v \/usr\/share\/syslinux\/{pxelinux.0,menu.c32,mboot.c32,chain.c32,memdisk,ldlinux.c32,libutil.c32,libcom32.c32} \/var\/lib\/tftpboot<\/code><\/pre>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n
Enable and start services<\/h3>\n\n\n\n
Before we can continue, we need to enable and start the services we just installed:<\/p>\n\n\n\n
[root@COLO-PXE ~]# systemctl enable xinetd vsftpd httpd\n[root@COLO-PXE ~]# systemctl start xinetd vsftpd httpd<\/code><\/pre>\n\n\n\n
We also need to create a TFTP server config file within \/etc\/xinetd.d\/<\/code>.
Create and edit the following file: \/etc\/xinetd.d\/tftp<\/code>:<\/p>\n\n\n\n
service tftp\n{\ndisable         = no\nsocket_type     = dgram\nprotocol        = udp\nwait            = yes\nuser            = root\nserver          = \/usr\/sbin\/in.tftpd\nserver_args     = -s \/var\/lib\/tftpboot\nper_source      = 11\ncps             = 100 2\nflags           = IPv4\n}<\/code><\/pre>\n\n\n\n
Copy AlmaLinux files to server<\/h3>\n\n\n\n
We’re now in a position whereby we can copy our AlmaLinux files and attempt to PXE boot our client. Mount the ISO file used to install the VM originally back to the VMs DVD drive if it’s been unmounted, and verify it’s seen by the OS:<\/p>\n\n\n\n
[root@COLO-PXE ~]# blkid | grep AlmaLinux\n\/dev\/sr0: BLOCK_SIZE=\"2048\" UUID=\"2021-11-11-16-16-25-00\" LABEL=\"AlmaLinux-8-5-x86_64-dvd\" TYPE=\"iso9660\" PTUUID=\"5c6fc0a3\" PTTYPE=\"dos\"<\/code><\/pre>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n
Next, we’re going to mount the DVD drive within our OS and verify it’s mounted correctly:<\/p>\n\n\n\n
[root@COLO-PXE ~]# mkdir \/media\/iso\n[root@COLO-PXE ~]# mount \/dev\/sr0 \/media\/iso\nmount: \/media\/iso: WARNING: device write-protected, mounted read-only.\n[root@COLO-PXE ~]# ls \/media\/iso\nBaseOS  EFI  images  isolinux  media.repo  Minimal  TRANS.TBL<\/code><\/pre>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n
Next, we’re going to copy the files from the DVD to our VM. 
I want these files to be accessible over both FTP and HTTP, so I’m going to go ahead and create a new directory at the \/<\/code> location for these – \/srv\/networkboot<\/code>
Inside this folder, we’re going to create directories for our OS, \/srv\/networkboot\/almalinux\/8.5<\/code> and copy the contents of the DVD to the above folder:
Finally, we’re going to create a symbolic link for \/srv\/networkboot\/<\/code> to \/var\/www\/html<\/code><\/p>\n\n\n\n
[root@COLO-PXE \/]# mkdir -p \/srv\/networkboot\/almalinux\/8.5\n[root@COLO-PXE \/]# cp -av \/media\/iso\/* \/srv\/networkboot\/almalinux\/8.5\/\n[root@COLO-PXE \/]# ln -s \/srv\/networkboot\/ \/var\/www\/html<\/code><\/pre>\n\n\n\n
We also need to copy the vmlinuz<\/code> and initrd.img<\/code> files from the DVD to the \/var\/lib\/tftpboot<\/code> folder. 
Within the above directory we’re going to create a new directory for the files, following the folder structure above, and then copy them:<\/p>\n\n\n\n
[root@COLO-PXE \/]# mkdir -p \/var\/lib\/tftpboot\/almalinux\/8.5\n[root@COLO-PXE \/]# cp \/media\/iso\/images\/pxeboot\/{vmlinuz,initrd.img} \/var\/lib\/tftpboot\/almalinux\/8.5\/\n[root@COLO-PXE \/]# ls -l \/var\/lib\/tftpboot\/almalinux\/8.5\/\ntotal 87844\n-r--r--r-- 1 root root 79740504 Jan  8 20:22 initrd.img\n-r-xr-xr-x 1 root root 10211208 Jan  8 20:22 vmlinuz<\/code><\/pre>\n\n\n\n
Next, if we run an ls<\/code> of the \/var\/www\/html<\/code> directory we can see the symlink as expected. When browsing to the servers IP within a browser and navigating to \/networkboot<\/code>, we should see our almalinux\/8.5<\/code> folder containing the ISO content as expected. <\/p>\n\n\n\n
[root@COLO-PXE \/]# ls -l \/var\/www\/html\ntotal 0\nlrwxrwxrwx 1 root root 17 Jan  3 17:16 networkboot -> \/srv\/networkboot\/<\/code><\/pre>\n\n\n\n
For our FTP to work, we need to enable Anonymous Access
Edit the file \/etc\/vsftpd\/vsftpd.conf<\/code> and change the following:
anonymous_enable=NO<\/code> to anonymous_enable=YES<\/code>
local_enable=YES<\/code> to local_enable=NO<\/code>

Finally we need to add the following line somewhere within the file:
anon_root=\/srv\/networkboot\/<\/code>

After making these changes, restart vsftpd<\/code> and verify all is working as expected. <\/p>\n\n\n\n
\"\/etc\/vsftpd\/vsftpd.conf\"<\/figure><\/div>\n\n\n\n
Create PXE boot menu file<\/h3>\n\n\n\n
We now need to create our PXE boot menu. For this, we’re going to add a single option so we can verify our server is working as expected, and once we’ve confirmed this works, we can add more as needed. 
To get started, we need to create the pxelinux.cfg<\/code> directory, and within that, the default<\/code> file:<\/p>\n\n\n\n
[root@COLO-PXE ~]# mkdir \/var\/lib\/tftpboot\/pxelinux.cfg \n[root@COLO-PXE ~]# touch \/var\/lib\/tftpboot\/pxelinux.cfg\/default<\/code><\/pre>\n\n\n\n
Next, we’re going to edit the pxelinux.cfg\/default<\/code> file with a boot menu option so we can verify our server is working as expected.<\/p>\n\n\n\n
default menu.c32\nprompt 0\ntimeout 300\nONTIMEOUT localboot\nMENU AUTOBOOT Booting from local drive in # seconds\n\nmenu title ########## PXE Boot Menu ##########\n\nLABEL Boot AlmaLinux 8.5 x64 with Network Repo\nMENU LABEL Boot AlmaLinux 8.5 x64 with Network Repo\nKERNEL almalinux\/8.5\/vmlinuz\nAPPEND initrd=almalinux\/8.5\/initrd.img method=ftp:\/\/10.179.1.10\/almalinux\/8.5 devfs=nomount\n\nLABEL localboot\nMENU LABEL Boot from local drive\nLOCALBOOT 1\nCOM32 chain.c32\nAPPEND hd0 0<\/code><\/pre>\n\n\n\n
Configure DHCP\/firewall for PXE booting<\/h3>\n\n\n\n
Finally, we need to configure our router for PXE booting. Within the DHCP settings of our router\/firewall we need to edit\/enable the following settings:
– TFTP Server
– Next Server
– Default file name
If we’re unable to configure them specific settings, we can also specify DHCP options 66<\/strong> and 67<\/strong>.<\/p>\n\n\n\n
In this example, we’re using PFSense.
On PFSense, we’re going to want to navigate to Services <\/strong>> DHCP Server<\/strong> > <Network name><\/strong><\/em>.
Scroll to the bottom of the page and find TFTP<\/strong>. Click Display Advanced<\/strong> and enter the IP of your PXE server – in this example, 10.179.1.10<\/strong>.
Next, scroll down to Network Booting<\/strong> and click Display Advanced<\/strong>. Tick the checkbox for Enables network booting<\/strong> and enter the IP of your PXE server in the Next Server<\/strong> box.
In the Default BIOS file name<\/strong> box we’re going to enterpxelinux.0<\/code> – This is one of the bootloader files we copied right at the beginning. <\/p>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n
Tidying up<\/h3>\n\n\n\n
At this point, we’ve completed our configuration and are ready to start testing.
Before doing anything, we need to tidy up our VM<\/p>\n\n\n\n
We’re going to do the following:
– Unmount \/media\/iso<\/code>
– Delete \/media\/iso<\/code> 
– Restart our services (xinetd<\/code>, vsftpd<\/code>, httpd<\/code>)
– Eject AlmaLinux DVD from our VMs DVD drive<\/p>\n\n\n\n
[root@COLO-PXE ~]# umount \/media\/iso\n[root@COLO-PXE ~]# rm -rf \/media\/iso\n[root@COLO-PXE ~]# systemctl restart xinetd vsftpd httpd\n<\/code><\/pre>\n\n\n\n
I would also recommend giving the VM a quick restart for good measure. <\/p>\n\n\n\n
Testing the boot<\/h3>\n\n\n\n
We’re now ready to test PXE booting a client device. <\/p>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n
If everything has worked successfully, we should be presented with our PXE boot menu, and then be able to select the first<\/strong> option on the menu. After a few moments, we’ll be prompted with the AlmaLinux setup screen.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Once the VM reaches this point, we’ll be able to install AlmaLinux as normal, and it’ll just work<\/em>. <\/p>\n\n\n\n
This concludes this post. 
In another post, I’m going to cover adding other bootable media to our boot menu, and customising it a little more. Stay tuned! <\/p>\n","protected":false},"excerpt":{"rendered":"
With the impending doom of CentOS, I figured now would be a great time to update the series of blog…<\/p>\n
Read moreRebuilding a PXE boot server with AlmaLinux<\/span><\/a><\/div>\n","protected":false},"author":1,"featured_media":273,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-homelab","excerpt","zoom","full-without-featured","even","excerpt-0"],"jetpack_featured_media_url":"https:\/\/dannypayne.me\/wp-content\/uploads\/2022\/01\/248-6.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/posts\/248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dannypayne.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=248"}],"version-history":[{"count":19,"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/posts\/248\/revisions"}],"predecessor-version":[{"id":305,"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/posts\/248\/revisions\/305"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dannypayne.me\/index.php?rest_route=\/wp\/v2\/media\/273"}],"wp:attachment":[{"href":"https:\/\/dannypayne.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dannypayne.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dannypayne.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}