Automating the Debian installer with PXE and preseeding

Posted by Steve on Sat 23 Aug 2014 at 12:34

This article is designed to introduce the process of PXE-booting a host directly into the Debian installer, and then automating the installation via the Debian PreSeed configuration. Both of these topics have been covered in the past, but not together - and we'll also include notes on testing this setup with KVM.

The basics of PXE booting have been covered upon this site in the past, but that was a long time ago. Although updating old articles here hasn't generally been done I'm always happy to see new submissions and testing older documentation against new releases, updating where appropriate, is definitely a useful thing to do.

In brief booting from the network, via PXE, requires three things:

  • A local DHCP server, such that hosts can request an IP address.
  • A TFTP server, which will serve files to the clients.
  • A host which supports the ability to actually boot over the network.

Setting up a DHCP server should be a simple process, as should setting up a TFTP server, however to avoid installing two new services I recommend the use of the dnsmasq package which provides both services.

Installing dnsmasq is as simple as you'd expect:

root@host:~# aptitude install dnsmasq

Once installed you'll find a fully-commented configuration file at /etc/dnsmasq.conf. Most of the options will be commented out, and this is fine. For my personal network I need to merely configure these values:

#
#  Allocate IPs from the range 192.168.0.100-150, which are valid for 12 hours
#
dhcp-range=192.168.0.100,192.168.0.150,255.255.255.0,12h

#
#  Configure the filename that network booting clients will use.
#
dhcp-boot=pxelinux.0

#
#  Enable the TFTP server, from the local directory /srv/tftp
#
enable-tftp
tftp-root=/srv/tftp

With those settings in-place restarting the service so that it takes effect is as simple as:

root@host:~# service restart dnsmasq

Now we need to populate the /srv/tftp directory with the files that are required to boot into the installer. Thankfully this is a simple process as the Debian project releases appropriate files:

root@host:~# mkdir -p /srv/tftp
root@host:~# cd /srv/tftp
root@host:/srv/tftp wget http://ftp.debian.org/debian/dists/wheezy/main/installer-amd64/current/images/netboot/netboot.tar.gz
root@host:/srv/tftp tar zxf netboot.tar.gz && rm netboot.tar.gz

Now you should have the following contents present:

root@shelob:/srv/tftp# tree -d
.
|-- debian-installer
|   `-- amd64
|       |-- boot-screens
|       |   |-- kde
|       |   |-- lxde
|       |   `-- xfce
|       `-- pxelinux.cfg
`-- pxelinux.cfg -> debian-installer/amd64/pxelinux.cfg

8 directories

At this point we probably have a working configuration, but how do we test it? Well you could attempt to network-boot a real host, or you could try it out using KVM.

KVM stands for the Kernel Virtual Machine, and it is a virtualization tool which allows you to create virtual machines with ease. We can't, and won't even try, cover everything about how this is configure, or used, but we can demonstrate quickly how to use it to test a network-booting system.

KVM allows you several choices when it comes to the virtual hardware it presents to guests, this includes different models of network cards along with different drivers for I/O devices. (In short it offers "virtio", or fast, drivers along with emulation of real hardware.)

Taking advantage of this we can start a virtual machine just to test things. We'll tell that virtual machine it has no disk, and it should boot via the network:

root@shelob:~# /usr/bin/kvm  -boot n -option-rom /usr/share/kvm/pxe-rtl8139.rom -net nic,model=rtl8139,vlan=0,macaddr=00:16:5e:25:05:17 -net tap,ifname=tap1,script=/etc/kvm/kvm-ifup -m 1024

If all is well you'll find the virtual machine boots up, and after a few seconds obtains an IP address, then quickly boots to the first step of the Debian installer.

Potential Problems

The most obvious problem you're going to run into if you try this is if you have a local DHCP server:

  • Your real, or virtual, machine will boot, ask for an IP address.
  • dnsmasq might answer - giving you the network boot you want.
  • Or your other/real DHCP server might answer - giving you nothing.

It is possible to handle this case, but the simplest solutions are often the best. My advice? Reboot again until it works!

So now we've done half the job - A device can boot over the network, and can start the Debian installer.

If you stopped here you'd have a system which would let you quickly and easily install the latest Debian stable release upon a new machine, albeit you'd have to manually walk through the installer. Happily the Debian installer allows itself to be automated via PreSeeding - which is a fancy way of saying you can write down the answers to the questions it will ask in advance, and ensure that the installer will operate from start to finish without any user interaction.

To use preseeding you need to do two things:

  • Start the installer with a special argument.
  • Ensure you have somewhere hosting the answers you intend to use.

Although it is possible to bake the answers into the actual network-booting image, via the initrd.gz the installer loads, we'll not cover that here. Instead we'll demonstrate how to provide the answers over a local HTTP-server.

We'll assume you probably have a HTTP-server somewhere on your network, so the simplest approach is to simply upload the answers-file, or preseeed file, there. Once you've hosted your preseed file somewhere the netbooted hosts can reach it you merely need to ensure the installer knows about it.

For example I have a webserver already running upon my PXE/TFTP server, so I can create the file /var/www/seed.txt, which will then be visible as http://192.168.0.2/seed.txt.

If you don't have a webserver installed locally then installing one should be pretty straight-forward, and we'll not document it.

Once you have a configuration file you'll be able to actually use it. The way you do that is to boot into the installer, as we did previously, then:

  • When the graphical menu comes up press "Esc".
  • Enter into the prompt: "auto url=http://192.168.0.2/seed.txt"

NOTE: The URL there should point to your configuration file.

So, the configuration file? This is the meat of the installer-automation, and it must provide answers to all the questions you'll encounter:

  • Whether to install the system with a DHCP-configured IP, or a static one.
  • The root password to set.
  • How to partition the disk(s).
  • etc, etc.

Obviously your tastes and preferences will vary from mine, and writing these configuration files is a very personal thing. I have a sample configuration file you can download here:

This file will configure the system such that:

  • The disk will be partitioned as one large partition, no LVM or RAID.
  • The root password will be set to "r00tme".
  • The system will get its IP address via DHCP.
  • The system will use the UK Debian mirror.
  • All the keyboard setup will be configured for the UK.
  • The system will have openssh-server installed upon it.

I tested this sytem by creating a new disk partition, using LVM:

root@shelob:~# lvcreate  --name tmp --size=5g shelob-vol
Logical volume "tmp" created

Then launching a virtual machine using that as the disk:

root@shelob:~# /usr/bin/kvm -hda /dev/shelob-vol/tmp -boot n -option-rom /usr/share/kvm/pxe-rtl8139.rom  -net nic,model=rtl8139,vlan=0,macaddr=00:16:5e:25:05:17 -net tap,ifname=tap1,script=/etc/kvm/kvm-ifup -m 1024

Five minutes later I had a working system, which I could reconfigure to use a static IP, based on the role.

Restarting it to boot from the disk, rather than the network, just required:

root@shelob:~# /usr/bin/kvm -hda /dev/shelob-vol/tmp -boot c  -net nic,model=rtl8139,vlan=0,macaddr=00:16:5e:25:05:17 -net tap,ifname=tap1,script=/etc/kvm/kvm-ifup -m 1024

If you're interested in reading further about preseeding the Debian installer the Debian wiki is the perfect starting point:

 

 


Posted by rjc (86.22.xx.xx) on Mon 25 Aug 2014 at 02:12
seed.txt -> seed.cfg - looks like a typo in either case.

rjc

[ Parent | Reply to this comment ]

Posted by Steve (2.126.xx.xx) on Mon 25 Aug 2014 at 08:10
[ View Steve's Scratchpad | View Weblogs ]

Good catch, thanks.

Steve

[ Parent | Reply to this comment ]

Posted by ajt (79.77.xx.xx) on Thu 18 Sep 2014 at 19:13
[ View Weblogs ]

Cool a friend has always wanted to do automated system set-up and this is a good place to start.

Unless I'm mistaken the actual seed.txt file you link to will set up US keyboard and American rather than UK and English as you say the article.

--
"It's Not Magic, It's Work"
Adam

[ Parent | Reply to this comment ]

Posted by Anonymous (95.25.xx.xx) on Fri 31 Oct 2014 at 02:58
this didnt work for me at all "root@wheezy:/home/tester# cd /srv/tftp
root@wheezy:/srv/tftp# tar zxf netboot.tar.gz && rm netboot.tar.gz
root@wheezy:/srv/tftp# service dnsmasq start
/etc/init.d/dnsmasq: 37: /etc/default/dnsmasq: dhcp-range=192.168.0.100,192.168.0.150,255.255.255.0,12h: not found
/etc/init.d/dnsmasq: 42: /etc/default/dnsmasq: dhcp-boot=pxelinux.0: not found
/etc/init.d/dnsmasq: 47: /etc/default/dnsmasq: enable-tftp: not found
/etc/init.d/dnsmasq: 48: /etc/default/dnsmasq: tftp-root=/srv/tftp: not found
[ ok ] Starting DNS forwarder and DHCP server: dnsmasq."

[ Parent | Reply to this comment ]

Posted by Anonymous (2.126.xx.xx) on Fri 31 Oct 2014 at 08:03

That looks like you're trying to run /etc/default/dnsmasq as a shell command - which suggests something is very broken!

[ Parent | Reply to this comment ]

Sign In

Username:

Password:

[Register|Advanced]

 

Flattr

 

Current Poll

What do you use for configuration management?








( 838 votes ~ 10 comments )