The Preboot Execution Environment (PXE) is an industry standard client/server interface that allows networked computers that are not yet loaded with an operating system to be configured and booted remotely by an administrator. The PXE code is typically delivered with a new computer on a read-only memory chip or boot disk that allows the computer (a client) to communicate with the network server so that the client machine can be remotely configured and its operating system can be remotely booted. PXE provides three things:
- The Dynamic Host Configuration Protocol (DHCP), which allows the client to receive an IP address to gain access to the network servers.
- A set of application program interfaces (API) that are used by the client’s Basic Input/Output Operating System (BIOS) or a downloaded Network Bootstrap Program (NBP) that automates the booting of the operating system and other configuration steps.
- A standard method of initializing the PXE code in the PXE ROM chip or boot disk.
The PXE process consists of the client notifying the server that it uses PXE. If the server uses PXE, it sends the client a list of boot servers that contain the operating systems available. The client finds the boot server it needs and receives the name of the file to download. The client then downloads the file using Trivial File Transfer Protocol (Trivia File Transfer Protocol) and executes it, which loads the operating system. If a client is equipped with PXE and the server is not, the server ignores the PXE code preventing disruption in the DHCP and Bootstrap Protocol (BP) operations.
Why would you want to boot a PC from the network?
Having PXE Server opens the door to booting diskless workstations, eg: Internet Cafe PC’s, or if you regularly install tens or hundreds of PC’s, you can start the installer on all those machines at once without needing to have individual boot/install media for each machine. You can even use Linux PXE for starting Microsoft Windows network installers and tools.
Install DHCP & TFTP packages
sudo apt-get install dhcp3-server inetutils-inetd tftpd-hpa
DHCP Setup
Edit /etc/default/dhcp3-server, Ethernet interface for DHCP service
INTERFACES="eth0"
Edit /etc/dhcp3/dhcpd.conf DHCP service configuration PXE specific configurations: filename & next-server
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.100;
option subnet-mask 255.255.255.0;
option routers 192.168.1.150;
option broadcast-address 192.168.1.255;
filename "pxelinux.0";
next-server 192.168.1.150;
}
Setup a static IP for eth0 - 192.168.1.150
Start service
sudo /etc/init.d/dhcp3-server restart
Check status
netstat -lu
Output
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 *:bootpc *:*
TFTP Setup
Edit /etc/inetd.conf, remove #<off># from the beginning of tftp line.
tftp dgram udp wait root /usr/sbin/in.tftpd /usr/sbin/in.tftpd -s /var/lib/tftpboot
Enable boot service for inetd
sudo update-inetd --enable BOOT
Open UDP port 69 to allow clients in the 192.168.1.0/24 network to connect to the TFTP server.
sudo ufw allow proto udp from 192.168.1.0/24 to any port 69
Start service
sudo /etc/init.d/tftpd-hpa restart
Check status
netstat -lu
Output
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 *:tftp *:*
PXE boot files setup
Your tftpboot should look like this:
/var/lib/tftpboot/
|-- pxelinux.0
|-- pxelinux.cfg/
| `-- default
`-- Ubuntu/
|-- initrd.gz
`-- vmlinuz
SYSLINUX is a boot loader for the Linux operating system. We can use it to display a menu during system boot. To proceed, install SYSLINUX.
sudo apt-get -y install syslinux
When the client boots, DHCP will provide it with the TFTP server and filename (pxelinux.0). In order to boot from the file, copy it to the TFTP boot folder.
sudo cp /usr/lib/syslinux/pxelinux.0 /var/lib/tftpboot
The “vesamenu.c32” is used to display a graphical menu, so lets copy it from the syslinux folder to the TFTP boot folder
sudo cp /usr/lib/syslinux/vesamenu.c32 /var/lib/tftpboot/
SYSLINUX will read its configuration from the “pxelinux.cfg” directory.
sudo mkdir -p /var/lib/tftpboot/pxelinux.cfg/
Create the PXE configuration file
sudo nano /var/lib/tftpboot/pxelinux.cfg/pxe.conf
Add the following content
MENU TITLE PXE Server
NOESCAPE 1
ALLOWOPTIONS 1
PROMPT 0
MENU WIDTH 80
MENU ROWS 14
MENU TABMSGROW 24
MENU MARGIN 10
MENU COLOR border 30;44 #ffffffff #00000000 std
Its possible to customise the menu based on the MAC address and IP address of the client. In this case, we’ll create a default menu for all TFTP clients.
sudo nano /var/lib/tftpboot/pxelinux.cfg/default
Add the following content. It creates an Ubuntu menu, allowing us to add more Linux distributions to TFTP.
DEFAULT vesamenu.c32
TIMEOUT 600
ONTIMEOUT BootLocal
PROMPT 0
MENU INCLUDE pxelinux.cfg/pxe.conf
NOESCAPE 1
LABEL BootLocal
localboot 0
TEXT HELP
Boot to local hard disk
ENDTEXT
MENU BEGIN Ubuntu
MENU TITLE Ubuntu
LABEL Previous
MENU LABEL Previous Menu
TEXT HELP
Return to previous menu
ENDTEXT
MENU EXIT
MENU SEPARATOR
MENU INCLUDE Ubuntu/Ubuntu.menu
MENU END
Create the folder where we’ll store Ubuntu menus.
sudo mkdir /var/lib/tftpboot/Ubuntu/
Create the Ubuntu Menu. The file is being referenced by “/var/lib/tftpboot/pxelinux.cfg/default”.
sudo nano /var/lib/tftpboot/Ubuntu/Ubuntu.menu
Add the following content. Notice the TFTP server IP Addresses as well as the paths the kernel and preseed.cfg is loaded from. Change it to suit your environment.
LABEL 2
MENU LABEL Ubuntu 14.04 (64-bit)
kernel tftp://192.168.1.150/Ubuntu/14.04/amd64/install/netboot/ubuntu-installer/amd64/linux
append auto=true priority=critical vga=788 initrd=tftp://192.168.1.150/Ubuntu/14.04/amd64/install/netboot/ubuntu-installer/amd64/initrd.gz locale=en_US.UTF-8 kbd-chooser/method=us netcfg/choose_interface=auto url=tftp://192.168.1.150/preseed.cfg
TEXT HELP
Boot the Ubuntu 14.04 64-bit DVD
ENDTEXT
Create directories to store the media. If you recall, we exported an NFS share /srv/install.
sudo mkdir -p /var/lib/tftpboot/Ubuntu/14.04/amd64
Download Ubuntu Server 14.04 ISO
wget http://releases.ubuntu.com/14.04/ubuntu-14.04-server-amd64.iso
Mount the ISO and copy all the files to the TFTP folder.
sudo mkdir /mnt/loop
sudo mount -o loop -t iso9660 ~/ubuntu-14.04-server-amd64.iso /mnt/loop
sudo cp -R /mnt/loop/* /var/lib/tftpboot/Ubuntu/14.04/amd64
sudo cp -R /mnt/loop/.disk /var/lib/tftpboot/Ubuntu/14.04/amd64
sudo umount /mnt/loop
Create a preseed.cfg to automate the Ubuntu 14.04 installation. The following file was copied from the Ubuntu Site.
wget -O /var/lib/tftpboot/preseed.cfg https://help.ubuntu.com/lts/installation-guide/example-preseed.txt
It is also possible to make separate directories within tftp root folder.
You can use Netboot as template, where pxelinux.cfg/default includes display_ubuntu/menu.cfg which by itself includes display_ubuntu/text.cfg which contains the main menu of Ubuntu boot:
$ tree -L 2
.
├── bios_flash.img
├── clonezilla
│ ├── filesystem.squashfs
│ ├── initrd.img
│ ├── parameters.txt
│ └── vmlinuz
├── display_ubuntu
│ ├── adtext.cfg
│ ├── f10.txt
│ ├── f1.txt
│ ├── f2.txt
│ ├── f3.txt
│ ├── f4.txt
│ ├── f5.txt
│ ├── f6.txt
│ ├── f7.txt
│ ├── f8.txt
│ ├── f9.txt
│ ├── menu.cfg
│ ├── po4a.cfg
│ ├── prompt.cfg
│ ├── splash0.png
│ ├── splash1.png
│ ├── splash.png
│ ├── splash.xcf
│ ├── stdmenu.cfg
│ ├── text.cfg
│ └── vesamenu.c32
├── etc
│ └── boot.conf
├── FDSTD.144
├── hello.boot
├── memdisk
├── Notes.txt
├── openbsd
│ ├── bsd
│ ├── bsd.mp
│ ├── bsd.rd
│ └── pxeboot.0
├── pxechain.com
├── pxelinux.0
├── pxelinux.cfg
│ ├── default
│ └── default.backup
├── ubuntu_14.04
│ ├── initrd.gz
│ └── vmlinuz
├── ubuntu_mini.iso
Example: of pxelinux.cfg/default
include display_ubuntu/menu.cfg
default display_ubuntu/vesamenu.c32
prompt 0
timeout 0
Example: display_ubuntu/menu.cfg
menu hshift 7
menu width 65
menu margin 5
menu title GNU/Linux Rescue Collection
include display_ubuntu/stdmenu.cfg
include display_ubuntu/text.cfg
menu begin advanced
menu title Advanced options
label mainmenu
menu label ^Back..
menu exit
include display_ubuntu/stdmenu.cfg
include display_ubuntu/adtext.cfg
menu end
label help
menu label ^Help
config display_ubuntu/prompt.cfg
Example: display_ubuntu/text.cfg
DEFAULT ubuntu_14.04_install
LABEL test_kernel
MENU LABEL ^Test Kernel
KERNEL hello.boot
LABEL clonezilla
MENU LABEL ^CloneZilla
KERNEL clonezilla/vmlinuz
APPEND initrd=clonezilla/initrd.img boot=live union=aufs noswap noprompt vga=788 ocs_live_keymap=NONE ocs_lang=en_US.UTF-8 fetch=tftp://192.168.1.150/clonezilla/filesystem.squashfs
LABEL mini_ubuntu
MENU LABEL Mini-Ubuntu
KERNEL memdisk
APPEND initrd=ubuntu_mini.iso
LABEL freedos
MENU LABEL ^FreeDOS
TEXT HELP
Testing boot from Floppy IMG.
ENDTEXT
KERNEL memdisk
APPEND initrd=FDSTD.144
LABEL bios_flash
MENU LABEL Bios Flash
KERNEL memdisk
APPEND initrd=bios_flash.img
LABEL openbsd
MENU LABEL ^OpenBSD
KERNEL openbsd/pxeboot.0
LABEL ubuntu_14.04_install
menu label ^Ubuntu 14.04 net install
kernel ubuntu_14.04/vmlinuz
append vga=normal initrd=ubuntu_14.04/initrd.gz -- quiet
LABEL ubuntu_14.04_cli
menu label Ubuntu 14.04 ^command-line net install
kernel ubuntu_14.04/vmlinuz
append tasks=standard pkgsel/language-pack-patterns= pkgsel/install-language-support=false vga=normal initrd=ubuntu_14.04/initrd.gz -- quiet
LABEL pxeserver2
menu label Switch to 2nd PXE server...
kernel pxechain.com
append 192.168.1.151::pxelinux.0
Over http ?
For that we need a webserver: Install apache package
apt-get install apache2
Copying… Ubuntu files
Create an ubuntu directory under your freshly installed apache’s document root and copy all of the contents of the Ubuntu Alternate CD to that directory
mkdir /var/www/ubuntu
cp -r /media/cdrom/* /var/www/ubuntu/
Customising the install
There is a package called system-config-kickstart which is a GUI frontend to creating kickstart files. The kickstart file tells the installer where to get its packages from, what to install and a number of other useful settings.
This package does not have to be installed on your install server, it can be on a convenient Ubuntu desktop somewhere.
Create a custom ks.cfg with system-config-kickstart, be sure to specify HTTP under “Installation Method”. Provide the IP of you install server and make the HTTP Directory /ubuntu/ Save the file and copy it to your install server under /var/www/html/
A very minimalist ks.cfg file which only uses the installation files on the install server and asks for all other questions might look like this
install
url --url http://192.168.1.150/ubuntu/
Use your ks.cfg
In order for your network Ubuntu install to use your kickstart file, you have to tell it where to find it.
Edit /var/lib/tftpboot/pxelinux.cfg/default and add ks=http://<installserver>/ks.cfg to the append line. It should then look something like this (note that the append line is one line)
label linux
kernel ubuntu-installer/i386/linux
append ks=http://192.168.1.150/ks.cfg vga=normal initrd=ubuntu-installer/i386/initrd.gz ramdisk_size=16432 root=/dev/rd/0 rw --
In Jaunty the default file has been broken up into includes. The append line can be found in /ubuntu-installer/i386/boot-screens/text.cfg
label install
menu label ^Install (from my http server)
menu default
kernel ubuntu-installer/i386/linux
append ks=http://192.168.1.150/ks.cfg vga=normal initrd=ubuntu-installer/i386/initrd.gz -- quiet
Make Your PXE Server really useful with Clonezilla
Besides Clonezilla Live CD and Live USB, Clonezilla Live can be put on a PXE server so that a client can be booted via network to use Clonezilla live. This is how:
- Prepare a PXE server. We assume the pxelinux config file is /tftpboot/nbi_img/pxelinux.cfg/default, and the image files are in /tftpboot/nbi_img/.
- Download Clonezilla live zip file (You have to use Clonezilla live 1.2.0-25 or later), and unzip the required files (vmlinuz, initrd.img, and filesystem.squashfs in dir live) to /tftpboot/nbi_img/. You can make it by something like: “unzip -j clonezilla-live-*.zip live/vmlinuz live/initrd.img live/filesystem.squashfs -d /tftpboot/nbi_img/” (Replace clonezilla-live-*.zip with the file name you just downloaded).
- Edit your PXElinux config file /tftpboot/nbi_img/pxelinux.cfg/default, and append the following:
label Clonezilla-live
MENU LABEL Clonezilla Live (Ramdisk)
KERNEL vmlinuz
APPEND initrd=initrd.img boot=live config noswap nolocales edd=on nomodeset ocs_live_run="ocs-live-general" ocs_live_extra_param="" keyboard-layouts="" ocs_live_batch="no" locales="" vga=788 nosplash noprompt fetch=tftp://$serverIP/filesystem.squashfs
Note:
- Replace $serverIP with your IP address of tftp (DRBL) server.
- Remember to check kernel, initrd file names and boot parameters in syslinux/syslinux.cfg from the zip file, copy them to here. It might be different from here, say vmlinuz path maybe different.
For more info about pxelinux, you can refere to here.
- Here we do not put “ip=frommedia” in the boot parameters because the /etc/resolv.conf get in live-initramfs won’t exist in the system after initramfs is done.
- “fetch” also supports http or ftp, if you want to use http or ftp instead of tftp, you have to put the file filesystem.squashfs in your http or ftp server and the corresponding path.
- If you want to do unattended clone, you can assign clonezilla live parameters (ocs_live_run, ocs_live_extra_param, ocs_live_keymap, ocs_live_batch and ocs_lang) in kernel parameters. For example, you can use:
append initrd=initrd.img boot=live union=aufs noswap noprompt vga=788 keyboard-layouts=NONE locales=en_US.UTF-8 fetch=tftp://$serverIP/filesystem.squashfs
in the above example to assign your PXE client to use default keymap (US) and English environment. For more info about those parameters, you can refer to CloneZilla live documentation
Never Ending Security 