Gineesh
- Pre-Requisites
- Customize Boot ISO
- Configure Utility Services
- Setup a PXE Server
- Boot from ISO and Use kickstart configuration
- Appendix
Pre-Requisites
Download the boot ISO from the Red Hat Download portal
Eg: rhel-9.6-x86_64-dvd.iso
Customize Boot ISO
$ mkdir /tmp/rhel9dvd-temp
$ mkdir /tmp/rhel9dvd-content
$ sudo mount -o loop ~/Downloads/rhel-9.6-x86_64-dvd.iso /tmp/rhel9dvd-temp
# Copy boot ISO content to temp location
$ sudo cp -a /tmp/rhel9dvd-temp/* /tmp/rhel9dvd-content
$ cd /tmp/rhel9dvd-content
$ ls -l
total 48
drwxr-xr-x. 4 gmadappa gmadappa 80 Apr 9 2025 AppStream
drwxr-xr-x. 4 gmadappa gmadappa 80 Apr 9 2025 BaseOS
drwxr-xr-x. 3 gmadappa gmadappa 60 Apr 9 2025 EFI
-rw-r--r--. 1 gmadappa gmadappa 8154 Apr 9 2025 EULA
-rw-r--r--. 1 gmadappa gmadappa 2135 Apr 9 2025 extra_files.json
-rw-r--r--. 1 gmadappa gmadappa 18092 Apr 9 2025 GPL
drwxr-xr-x. 3 gmadappa gmadappa 100 Apr 9 2025 images
drwxr-xr-x. 2 gmadappa gmadappa 300 Apr 9 2025 isolinux
-rw-r--r--. 1 gmadappa gmadappa 103 Apr 9 2025 media.repo
-rw-r--r--. 1 gmadappa gmadappa 1669 Apr 9 2025 RPM-GPG-KEY-redhat-beta
-rw-r--r--. 1 gmadappa gmadappa 3682 Apr 9 2025 RPM-GPG-KEY-redhat-release
Prepare the kickstart file
- Generate kickstart file using Kickstart Generator
- Add/modify content as needed (like post-scripts, Software RAID etc)
Sample ks-custom.cfg:
# Generated by Anaconda 34.25.5.17
# Generated by pykickstart v3.32
#version=RHEL9
# Use graphical install
graphical
repo --name="AppStream" --baseurl=file:///run/install/sources/mount-0000-cdrom/AppStream
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
# Keyboard layouts
keyboard --xlayouts='us'
# System language
lang en_SG.UTF-8
# Use CDROM installation media
cdrom
%packages
@^graphical-server-environment
%end
# Run the Setup Agent on first boot
firstboot --enable
# Generated using Blivet version 3.6.0
ignoredisk --only-use=sda
autopart
# Partition clearing information
clearpart --none --initlabel
# System timezone
timezone Asia/Singapore --utc
# Root password
rootpw --iscrypted $6$QLWj7ktNjw6xS.Nr$KVPs9xOw3ZlBGWbhWdqrjBxYgWpvQtGkEHdOZSCWoaV3K.DyjCMsIj24IJfQHdB4SIHMhbq.txYsY5vpHKkr20
# Initial user and password
user --groups=wheel --name=devops --password=$6$ByG.C.JB20hWY4eg$LsXQc7OqTp9fKGlBSwBknYN/E0gPLXpCCsUPzCczZrtTTtkKq38qPQct7FHQiLlbFHoTaDpcAz2TsILbjdXRI1 --iscrypted --gecos="devops"
Other Sample ks.cfg files
- kickstart basic sample
- kickstart with Software RAID1 + LVM
- Install PXE Boot server for automated install RHEL 8 and CentOS 8
Edit Boot Configuration Files
- Legacy BIOS:
isolinux/isolinux.cfg - UEFI:
EFI/BOOT/grub.cfg
In this case, nodify EFI/BOOT/grub.cfg for EFI.
- Use your own http server for
ks.cfgand repo path. - Use the correct IP for the new RHEL machine.
menuentry 'Node101-RHEL 9.6 Install (Static IP, Local KS))' --class fedora --class gnu-linux --class gnu --class os {
set gfxpayload=keep
linuxefi /images/pxeboot/vmlinuz \
inst.ks=cdrom:/ks-custom.cfg \
inst.repo=cdrom:LABEL=RHEL-9-6-0-BaseOS-x86_64 \
ip=192.168.57.191::192.168.57.1:255.255.255.0:rhel9-auto:enp0s3:none \
nameserver=8.8.8.8 \
console=tty0 quiet
initrdefi /images/pxeboot/initrd.img
}
Rebuild the Boot ISO
Use genisoimage, mkisofs or xorriso (both available in RHEL):
sudo genisoimage -U -r -v -T -J -joliet-long \
-V "RHEL-9-6-0-BaseOS-x86_64" \
-volset "RHEL-9-6-0-BaseOS-x86_64" \
-A "RHEL-9-6-0-BaseOS-x86_64" \
-b isolinux/isolinux.bin \
-c isolinux/boot.cat \
-no-emul-boot -boot-load-size 4 -boot-info-table \
-eltorito-alt-boot \
-e images/efiboot.img \
-no-emul-boot \
-o ~/Downloads/rhel9-auto.iso /tmp/rhel9dvd-content
Optional - Make it bootable with isohybrid (if available):
sudo isohybrid --uefi ~/Downloads/rhel9-auto.iso
Verify your output
After building, check that both boot entries exist:
$ isoinfo -d -i ~/Downloads/rhel9-auto.iso | grep -E "Boot|Volume"
Volume id: RHEL9AUTO
Volume set id: RHEL9AUTO
Volume set size is: 1
Volume set sequence number is: 1
Volume size is: 686373
Bootid 88 (bootable)
Boot media 0 (No Emulation Boot)
Bootoff E1B 3611
Configure Utility Services
Configure DHCP and DNS
- Configure DHCP server in same network : We need a dhcp server to provide initial IP for the machine to use, so that it can access the http servers for ISO, Packages and
kickstart.cfg - Configure a DNS server in same network (Optional)
Sample dhcpd.conf
ddns-update-style none;
option domain-name "lab.local";
ignore client-updates;
authoritative;
allow booting;
allow bootp;
allow unknown-clients;
# internal subnet for my DHCP Server
subnet 10.1.10.0 netmask 255.255.255.0 {
range 10.1.10.161 10.1.10.170;
option domain-name-servers 10.1.10.120 1.1.1.1;
option routers 10.1.10.120;
option broadcast-address 10.1.10.255;
default-lease-time 600;
max-lease-time 7200;
# IP of PXE Server
next-server 10.1.10.120;
filename "pxelinux.0";
}
Using DNSMASQ
# cat /etc/dnsmasq.conf |grep -v ^#|grep -v ^$
domain-needed
bogus-priv
server=1.1.1.1
server=8.8.8.8
address=/lab.local/127.0.0.1
address=/lab.local/10.1.10.120
interface=enp0s8,lo
listen-address=::1,127.0.0.1,10.1.10.120
bind-interfaces
expand-hosts
dhcp-range=10.1.10.150,10.1.10.160,255.255.255.0,12h
dhcp-option=3,10.1.10.254
dhcp-boot=pxelinux.0
enable-tftp
tftp-root=/tftpboot
pxe-prompt="Press F8 for menu.", 10
dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
dhcp-authoritative
domain=lab.local
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
Note:
## check dnsmasq logs
## find below line in dnsmasq.conf
dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
Configure a Web Server
- To keep the ISO for booting and also to store YUM repository.
- If using PXE, then need to setp tftp server on same.
- It can be on same machine as DHCP server.
Download and Preapre RHEL ISO
Refer : Product Downloads
- Download the minimal boot image ISO (eg:
Red Hat Enterprise Linux 8.2 Boot ISO) - Download the binary ISO and create a local repository server.
Configure Repo Server and ISO
- Deploy a server with http (web server)
- Copy RHEL7/8 content to a directory on server and enable repo (Refer how to setup local repo server)
- Copy RHEL7/8 Boot ISO (minimal one) to another directory (if planning remote ISO loading)
- Copy kickstart to Web server path (eg:
/var/www/html/ks/rhel/8/ks.cfg)
sudo mount -o loop rhel-9.x-x86_64-dvd.iso /mnt
sudo cp -av /mnt/BaseOS/* /var/www/html/rhel9/BaseOS/
sudo cp -av /mnt/AppStream/* /var/www/html/rhel9/AppStream/
sudo cp -av /mnt/media.repo /var/www/html/rhel9/
Setup a tftp server
TFTP server dnsmasq has built-in TFTP server.
To use it, create a root directory for TFTP (e.g. /srv/tftp) to put transferable files in.
enable-tftp tftp-root=/srv/tftp For increased security it is advised to use dnsmasq’s TFTP secure mode. In secure mode only files owned by the dnsmasq user will be served over TFTP. You will need to chown TFTP root and all files in it to dnsmasq user to use this feature.
tftp-secure
Setup a PXE Server
# yum install dhcp tftp tftp-server syslinux vsftpd xinetd
# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
Content of /tftpboot/pxelinux.cfg/default
default menu.c32
prompt 0
timeout 300
ONTIMEOUT local
label 1
menu label ^1) Install RHEL 8 with Local Repo
kernel rhel8/vmlinuz
append initrd=rhel8/initrd.img method=http://10.1.10.120/rhel/8 inst.ks=http://10.1.10.120/ks/rhel/8/ks.cfg devfs=nomount
# append initrd=rhel8/initrd.img inst.ks=http://10.1.10.120/ks/rhel/8/ks.cfg devfs=nomount
label 2
menu label ^2) Boot from local drive
Configure Firewall
# firewall-cmd --add-service=ftp --permanent
success
# firewall-cmd --add-service=dhcp --permanent
success
# firewall-cmd --add-port=69/tcp --permanent
success
# firewall-cmd --add-port=69/udp --permanent
success
# firewall-cmd --add-port=4011/udp --permanent
success
# firewall-cmd --reload
Boot from ISO and Use kickstart configuration
- If we are loading ISO manually to VM/Physical servers, the boot from “RHEL7/8 Boot ISO” (either attach to VM or fetch it from http path which you have stored in repo server setup previously)
- When the ISO installer asks for “Install”, press
Taband addinst.ks=http://10.1.10.120/ks/rhel/8/ks.cfg(your http path) and pressEnter - Installation will kickstart without asking for any answers (unless you missed anything in
ks.cfg)
Note : To load your Kickstart file automatically without having to specify the inst.ks= boot option, name the file ks.cfg and place it on a storage volume labeled OEMDRV.
Automated Booting and Installation
- If you are planning fully automated installation, you can use
PXEbooting; it will load basic boot ISO (need to create custom boot images). - You can mention the custom
ks.cfgin the boot command line itself and installation will not even ask forkickstartfile or any answers.
Warning: Only use this method with restricted IP/DHCP/MAC binded network, otherwise it may wipe-out other systems when it reboot !!!
Appendix
References
- PREPARING INSTALLATION SOURCES
- HOW DO YOU PERFORM A KICKSTART INSTALLATION?
- PREPARING FOR A NETWORK INSTALLATION
- RHEL/CentOS 8 Kickstart example
- SAMPLE KICKSTART CONFIGURATIONS
Validating Kickstart File - ksvalidator
# yum install pykickstart
$ ksvalidator /path/to/kickstart.ks
## Changes in Kickstart Syntax
$ ksverdiff -f RHEL6 -t RHEL7