How to use Kickstart (Anaconda's remote control)
Anaconda is an extremely flexible install program used by the Fedora Project and Red Hat Enterprise Linux. In addition to supporting installation from local media (like a hard drive, CD/DVD, or USB key), Anaconda can also install from network sources like FTP, HTTP, or NFS. It also features an automated mechanism, called kickstart, which lets users perform scripted hands-off installations. With support for VNC calls, an administrator has a powerful utility for remote server installation. This article will explore a couple methods that use the Anaconda installer remotely, monitoring the install progress in real time.
Anaconda is primarily Python-based, with some modules written in C. It has two stages. The first stage loads all the kernel modules so that the second stage can be mounted with access to the installation source. In the second stage, the python installer executes and the X Window install screens become visible (if it is a graphical install). If this was a local installation, the user would start answering questions about the install source, timezone, keyboard, and more. For remote installs this information is provided before the second stage using Anaconda command line options. These options can be specified using the GRUB boot loader and will depend on the network configuration and remote install type (interactive or kickstart).
The first step is to copy the
initrd.img (RAM disk) and
vmlinuz (kernel) files from the installation source (isolinux directory) to the
/boot directory of the target remote server. You will need to be root to do this. You can find the
isolinux directory in the root directory of the first Fedora CD.
Create a new entry in
/etc/grub.conf to pass Anaconda's command line options from GRUB. The following table describes some of the Anaconda command line options:
||Force GUI installer to run at 640x480.|
|vnc||Enable VNC-based installation. You will need to connect to the machine using a VNC client application.|
|vncpassword=<password>||Enable a password for the VNC connection. This will prevent someone from inadvertantly connecting to the VNC-based installation. Requires 'vnc' option to be specified as well.|
|vncconnect=<host>[:<port>]||Once installation is up and running, connect to the VNC client named <host>, and optionally use port <port>. Requires 'vnc' option to be specified as well.|
|ks=cdrom:||Kickstart from CDROM.|
|ks=nfs:<path>||Kickstart from NFS.|
|ks=<url>||Kickstart via HTTP.|
|ks=hd:<dev>||Kickstart via harddrive (dev = 'hda1', for example)|
|ks=file:<path>||Kickstart from a file (path = 'fd0/ks.cfg').|
|ks=ftp://<path>||Kickstart from FTP.|
|ks=http://<path>||Kickstart from HTTP.|
|lang=<lang>||Language to use for the installation. This should be a language which is valid to be used with the 'lang' kickstart command.|
|keymap=<keymap>||Keyboard layout to use. Valid values are those which can be used for the 'keyboard' kickstart command.|
|ip=<ip>||IP to use for a network installation, use 'dhcp' for DHCP.|
|netmask=<nm>||Netmask to use for a network installation.|
|gateway=<gw>||Gateway to use for a network installation.|
|dns=<dns>||Comma separated list of nameservers to use for a network installation.|
|method=nfs:<path>||Use <path> for an NFS installation.|
|method=http://<path>||Use <path> for an HTTP installation.|
|method=ftp://<path>||Use <path> for an FTP installation.|
|method=hd://<dev>/<path>||Use <path> for an NFS installation.|
|method=<cdrom>||Do a CDROM based installation.|
For interactive remote installs, use the lang, keymap, method, vnc, vncconnect and ip options. For example, an interactive remote install using a http source tree and dynamic ip assignment would be similar to the following:
default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title Red Hat Enterprise Linux AS (2.6.9-5.ELsmp) root (hd0,0) kernel /vmlinuz-2.6.9-5.ELsmp ro root=/dev/VolGroup00/LogVol00 initrd /initrd-2.6.9-5.ELsmp.img title Remote Install root (hd0,0) kernel /vmlinuz_remote lang=en_US keymap=us method=http://<server>/<path_to_tree>/i386/tree vnc vncconnect=
ip=dhcp initrd /initrd_remote.img
vncconnectdefaults to port 5500. If you are running a firewall, make sure the observing server allows access to this port. If
vncconnectis not specified, anaconda will accept
vncclientconnections on its hostname without a password.
We can reduce the amount of Anaconda options passed when performing a remote kickstart since most of the information Anaconda needs is already in the kickstart configuration:
title Remote Install root (hd0,0) kernel /vmlinuz_remote ks=http://<server>/<path_to_file>/<kickstart_config> vnc vncconnect=<observing_ip> initrd /initrd_remote.img # Barebones demo remote kickstart configuration # install network --bootproto dhcp url --url http://<server>/<path_to_tree>/i386/tree lang en_US langsupport --default en_US en_US keyboard us mouse none zerombr yes clearpart --all part pv.01 --size=1000 --grow part /boot --fstype=ext3 --size=200 part swap --size=1000 --maxsize=2000 volgroup myvg pv.01 logvol / --vgname=myvg --name=rootvol --size=1000 --grow bootloader --location mbr timezone America/New_York auth --enablemd5 --enableshadow rootpw --iscrypted <encryptedpasswdstring> selinux --permissive reboot firewall --enabled --http --ssh --smtp skipx %packages --resolvedeps @ Base %post # MOTD echo << /etc/motd echo "Remote kickstart on $(date +'%Y-%m-%d')" << /etc/motd echo << /etc/motd
rootpw mypasswdif you would rather use an encrypted password, use
openssl passwdmodule to generate MD5-hashed passwords. For example, to generate an encrypted password using
opensslenter the following:
openssl passwd -1 -salt "shaker" "your_password"Entries in the
/etc/shadowfile also contain MD5-hashed passwords. Now add the
--iscryptedoption and encrypted password to the kickstart file as follows:
rootpw --iscrypted encryptedpasswdstring
Save the new grub.conf file without restarting the remote server. GRUB offers a safety precaution that we will take advantage of in the next section.
GRUB boots one or more entries when a default boot entry fails. Usually the fallback entries are kernel entries that the system expects will boot successfully in case we boot to a kernel that does not agree with the system. For a remote install, GRUB only needs to set the default entry and boot to it once.
Rather then modifying the
grub.conf file, save the default entry with the GRUB command line tool and then boot to it. As
root, enter the command
grub from the command line. This will load a bash-like grub tool. GRUB entries are indexed from 0. If the remote install is the second entry in
grub.conf, then enter the following commands:
grub> savedefault --default=1 --once grub> quit
GRUB will now only boot to the remote install entry one time.
grub> help savedefault savedefault: savedefault [--stage2=STAGE2_FILE] [--default=DEFAULT] [--once] Save DEFAULT as the default boot entry in STAGE2_FILE. If '--once' is specified, the default is reset after the next reboot.
So when we save the default grub entry to boot to, the --once flag will reset the default after the next reboot. This helps if the boot was not successful so we can go back to a known good boot entry.
Flip The Switch
vncviewer on your observing system like so:
Now reboot the server so the client can accept the VNC connection:
shutdown -r now
It takes a few minutes for the remote server to reboot and for the kernel params to be read and excuted--you may feel like a NASA engineer sitting in Houston Control Center waiting for Space Shuttle re-entry. When the wait is over, the Anaconda loader will start and hit the second stage where the actual vnc connection becomes active. When the VNC connection is made, a VNC window will open on the observing system. Now you can interact with the remote install or, in the case of a remote kickstart, monitor the install progress.
Your remote install should now be well on its way to successful completion. Go grab you favorite beverage and use those extra install discs as a coaster.
Original article: Red Hat Magazine
Original author: Shannon Hughes