CentOS 8 - Kickstart from USB key - Way too hard

Issues related to applications and software problems and general support
Post Reply
User avatar
penguinpages
Posts: 86
Joined: 2015/07/21 13:58:05

CentOS 8 - Kickstart from USB key - Way too hard

Post by penguinpages » 2021/01/19 15:33:16

Ok.. Been about three years sense I had to reload systems bear metal.

CentOS 8 seems to have made things much more different (difficult). Hoping to get input from community on how they did it to take learning curve off. I will update this thread to reflect final process so others don't have to suffer (as much) as I have in this setup.

Goal is to move more to Infrastructure as code. Three servers in HCI oVirt Cluster. Where rebuild is....
1) OS install from USB (UEFI set to boot from that device first.... so if I insert and reboot.. it nukes system and does re-install (done .. in UEFI and good)
2) Build USB boot key that uses ks.cfg file (so I can replace with host specifics saved from previous installation etc.)
3) Do minimal install from internet ftp/http site of CenOS8 Streams
4) Use Ansible and Playbooks to bring host back to fully functional state

But building this Kickstart USB key .. well.. is being a PITA.

RedHat's documentation is.. like many things.. a pile of options and commands but nobody does examples with end to end so you can do things.

#####
Steps To create above automation

1) Download ISO. I chose Netinstall Ex: wget http://mirror.atl.genesisadaptive.com/c ... 1-boot.iso

2) Create USB boot https://docs.centos.org/en-US/8-docs/st ... stallation Ex: (8GB Key that shows as /dev/sdd for my system)
Ex: dd if=/root/CentOS-Stream-8-x86_64-20201211-boot.iso of=/dev/sdd (Important: Make sure you use correct usb drive fortarget volume... so you don't delete your data )

3) Create Kickstart file: From scratch https://access.redhat.com/labs/kickstartconfig/ Or.. for those with previous installs like me.. just re-use from /root/anaconda-ks.cfg one way to build this for future re-use is to do GUI install manual and then layer on automation with this base kickstart. Here is a great example of steps to do GUI install from net. https://linuxhint.com/install_centos8_netboot_iso/

4) <BROKEN!!!!> Move kickstart file to USB to host Kickstart file .. make "OEMDRV" partition on usb key and put ks.cfg in this device.
Documentation with no examples: https://docs.centos.org/en-US/8-docs/ad ... tallations and Redhat's site https://access.redhat.com/documentation ... enced-user Both talk about options.. but are practically worthless on how to do it.
And here it refers to kickstart file in grub.. but not sure it even aligns with this "OEMDRV" use or logic. https://access.redhat.com/documentation ... ot-options Very disjointed documentation

5) <BROKEN!!!!> Modify Grub menu to set kickstart and NetBoot Path. Ex: vi <mount of usb drive>/EFI/BOOT modify first boot stanza and modify like below to add boot and kickstart reference
BROKEN!!!! -> usb when created with dd flags usb key "read only" and I have tried many paths to get it to mount read/write... <sigh> need this to modify grub menu.
menuentry 'Install Kickstart CentOS Stream 8-stream' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.repo=http://mirror.centos.org/centos/8-strea ... x86_64/os/ inst.ks=ks.cfg quiet
initrdefi /images/pxeboot/initrd.img
}

###Optional: Would like to add view of install via VNC remotely to get remote GUI watch of installation. Ex: inst.vnc inst.vncpassword=abc1234
###Optional: Also hard code IP so no need for DHCP ip=ip::gateway:netmask:hostname:interface:method: Ex: ip=172.16.100.101::172.16.100.1:255.255.255.0:enp8s0f0 nameserver=8.8.8.8

Questions:
1) With iso copied to usb. How do I get usb to mount read write. I have tried...
[root@odin ~]# hdparm -r0 /dev/sdd

/dev/sdd:
setting readonly to 0 (off)
readonly = 0 (off)
[root@odin ~]# mount -o rw /dev/sdd /media/nfs/
mount: /media/nfs: WARNING: device write-protected, mounted read-only.
[root@odin ~]# lsusb -v
<snip>
Bus 003 Device 003: ID 0e39:f100 Smart Modular Technologies, Inc.
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 2.10
bDeviceClass 0
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 64
idVendor 0x0e39 Smart Modular Technologies, Inc.
idProduct 0xf100
bcdDevice 2.5d
iManufacturer 1 SMART
iProduct 2 USB-IBM
iSerial 3 S78P3917YQ10DP53J1BY
bNumConfigurations 1
<snip>
[root@odin ~]# usb_modeswitch -d 0e39:f100
No default vendor/product ID given. Abort
# seems to be the tool to do this but is VERY poor in documentation and no examples so not sure what it expects for vendor ID etc..

2) How can you use shell command (vs old school fdisk) to create a new primary partition 5MB in side with label "OEMDRV" type vfat so I can write from Windows or the system specific ks.cfg file over.

3) Does anyone have example of how to modify grub to call this "OEMDRV" partition.. or is just now the way RHEL/CENTOS 8 does it and it just assumes boot device the install kernel and initrd booted from.

User avatar
TrevorH
Forum Moderator
Posts: 30358
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 8 - Kickstart from USB key - Way too hard

Post by TrevorH » 2021/01/19 15:55:44

The label is on the entire device not the partition so you would need the whole drive labeled as OEMDRV but that then conflicts with the installer requiring the label like "CentOS-8-2-2004-x86_64-dvd" on the install media. That means you need TWO USB drives...

Also, the USB stick is overwritten by the iso image and the iso image contains a *fake* partition table that you cannot modify.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
penguinpages
Posts: 86
Joined: 2015/07/21 13:58:05

Re: CentOS 8 - Kickstart from USB key - Way too hard

Post by penguinpages » 2021/01/19 17:30:19

Ok... so I read that totally wrong.

So.. How does one modify grub to reflect kickstart load.. And reference kickstart file?

This seems to be chicken and egg issue..

I can't be the only one who does not want to drag a monitor /keyboard to a system to reload it based on adding kickstart file (on key.. or ... maybe I will find way to host on common local HTTP server.. but still need to modify ISO transferred image to call that file

Ex: inst.ks=http://172.16.100.1/shares/kickstarts/ks.cfg

User avatar
penguinpages
Posts: 86
Joined: 2015/07/21 13:58:05

Re: CentOS 8 - Kickstart from USB key - Way too hard

Post by penguinpages » 2021/01/20 13:07:02

So working on piece of puzzle to build USB key.

Odd as it is to say it.. doing this on Windows works... but not on linux.

I used RUFUS to build boot key.... then edited normal (no read only garbage for USB mode).

edit D:\EFI\BOOT\grub.cfg
#############

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Install CentOS Stream 8-stream ks.cfg' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CENTOS-STRE inst.ks=https://admin:password@acme.ddns.net:64 ... ars/ks.cfg ip=172.16.100.101::172.16.100.1:255.255.255.0:thor.penguinpages.local:enp8s0f0:none nameserver=8.8.8.8 quiet
initrdefi /images/pxeboot/initrd.img
}


#############


I know above works as menu name changes.. so it is booting UEFI mode and so this is the correct configuration file to add kernel parameters.

Above example I pulled from a RHEL 7 build I did for PXE where it worked to get system to pull static IP on boot in a server with a lot of NICs so called out explicitly which to use and static IP

But I keep getting error that ks.cfg like the kernel is still looking for it in the path /run/install/ks.cfg

Question:
1) As this is an initial ignition of the cluster.. I have no http server up so I am using my router which requires username and password. I followed this article https://access.redhat.com/solutions/1987183 but not sure the command it does to get the file or how to test (it works in browser fine)

User avatar
penguinpages
Posts: 86
Joined: 2015/07/21 13:58:05

Re: CentOS 8 - Kickstart from USB key - Way too hard

Post by penguinpages » 2021/01/22 17:49:17

Here is update. I have included things that did NOT work.. to hopefully help others.

1) Don't know why.. or how to build USB boot key with Linux where you can mount read write.. Give up.. use RUFUS (3.x or better to get UEFI to work)


2) Calling Kickstart Notes ....
a) Edit /EFI/BOOT/grub.cfg and add stanzas:
###
set default="0" # Set this so it boots first menu item which is kickstart vs test
set timeout=5 # because I am impatient to start installation
### BEGIN /etc/grub.d/10_linux ### # ks.cfg must be in subdirectory "isolinux" refer to disk label to keep simple. Call install.repo or it also fails.
### BEGIN /etc/grub.d/10_linux ###
menuentry 'Install CentOS Stream 8-stream VNC HTTP Repo' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CENTOS-STRE inst.repo=http://www.gtlib.gatech.edu/pub/centos/ ... x86_64/os/ ip=172.16.100.101::172.16.100.1:255.255.255.0:thor.penguinpages.local:enp8s0f0:none nameserver=8.8.8.8 inst.vnc inst.vncpassword=PASSWORD ks=hd:LABEL=CENTOS-STRE:/isolinux/ks.cfg quiet
initrdefi /images/pxeboot/initrd.img
}
# Stanza explanation and why on linuxefi line each item does:
# inst.stage2=hd:LABEL=CENTOS-STRE -> real label is "CentOS-Stream-8-x86_64-dvd: but shortens it to 10 characters
# inst.repo=http://www.gtlib.gatech.edu/pub/centos/ ... x86_64/os/ -> this is due to some times usb key has issue remounting root and this works with any good internet connection to load OS with latest patch state.
# ip=172.16.100.101::172.16.100.1:255.255.255.0:thor.penguinpages.local:enp8s0f0:none nameserver=8.8.8.8 -> this is buried in documentation but is format to enable to hard code IP details so system boots up with internet access.
# inst.vnc inst.vncpassword=PASSWORD -> This allows me to put into headless server.. or in my case.. set UEFI on system to boot from my OS install USB key first.. then boot drive second.. so if I ever reboot it with key in server.. it will wipe and rebuild and I can watch deployment process remote and or capture if errors happen... if key not present.. boot normal
# ks=hd:LABEL=CENTOS-STRE:/isolinux/ks.cfg -> this is for local usb file path for kickstart file. By using "hd:LABEL=CENTOS-STRE" it finds by label the correct device. What caught me is that it CANNOT be in root of usb key. It fails to find it. It needs to be in /isolinux
#######


What is not working is to deploy on USB. I use to use USB 64GB keys for OS of my HCI stack.... but anaconda keeps puking with errors... and seems to be very inconsistent.. disk not found.. missing partition... hang during installation .. So... I am giving up on that and going to use SATA / M2 drives. I will post how that pans out.

Hopefully this will help others who are looking for means to use USB key.. and streamline bear metal layout that ends in system they can then ignite with IAC methods into HCI cluster. More to come ..

User avatar
penguinpages
Posts: 86
Joined: 2015/07/21 13:58:05

Re: CentOS 8 - Kickstart from USB key - Way too hard

Post by penguinpages » 2021/01/26 17:22:29

<< Updates and FYI / ideas>>

several things I have learned over the last few days about kickstart from USB.
Ex: EFI boot /etc/boot/grub.cfg

Stanza line for booting..
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CENTOS-STRE ks=hd:LABEL=CENTOS-STRE:/isolinux/ks.cfg ip=172.16.100.101::172.16.100.1:255.255.255.0:thor.penguinpages.local:enp8s0f0:none nameserver=8.8.8.8 inst.vnc inst.vncpassword=PASSWORD quiet

1) If you do not set static IP things halt and die...
a) If you do not specify IP and remove entire stanza ip=172.16.100.101::172.16.100.1:255.255.255.0:thor.penguinpages.local:enp8s0f0:none so it would then use DHCP.. it times out because the server has four NICs.. and only one has dhcp server listening on it.. and just hangs
b) If I set (as I would prefer) that the usb key is "generic" and the kickstart file defines which host I am building (which.. by the way IP set in grub.cfg is overwritten / changed when it ingests ks.cfg ... but... in doing so.. it delays the system scan of the http target (ex: --baseurl=http://mirror.centos.org/centos/8-strea ... /x86_64/os) for installing. so it then hangs having not read metadata media .. which hands install. So... as annoying as it is.. I have to hardcode the IP and make sure it matches the kickstart file to get it to install without touch. If your loading like me .. minimal install via http media from internet... you have to manually set the IP in boot menu AND it to match in ks.cfg or I think it introduces enough delay that the media scan fails. <sigh> Yes.. you can connect and just click on "scan" but .. it defeats automatic installation working.


2) https for kickstart is just fubar.. you can't get past no-auth. ... I have tried every option and website and could not figure it out. My router has https only .. and I have to pass username and password but... it will NOT work. never pulls file and complains about certificate

Ex: below is bad example... but shows BOTH "ignore certificate" options I tried. per websites: https://serverfault.com/questions/39146 ... downloadin https://serverfault.com/questions/39146 ... downloadin https://man7.org/linux/man-pages/man7/d ... ine.7.html I tried placing at different locations and one or both.. .. ya.. like 12+ reboots to test every pattern I could think of... and none work. Yes... I can use browser and download kicstart file as baseline test.
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CENTOS-STRE ks=https://admin:Summer2020@penguinpages.d ... ars/ks.cfg md.noverifyssl ip=172.16.100.105::172.16.100.1:255.255.255.0:ignite.penguinpages.local:enp8s0f0:none nameserver=8.8.8.8 inst.vnc inst.noverifyssl inst.vncpassword=PASSWORD quiet

I think kickstart uses curl.. so maybe someone out their can post example or maybe their is a means to put ks="blah" and so curl will use that string which avoids cert check.. but after two days.. I give up for now.

So my goal of one usb key.. booting and using ks.cfg from common site I can just switch out depending on which server I am mucking with.. is looking to be dead.. that.. or "Way too hard" for mere mortals such as I.

Questions:
1) Does anyone know means to get no cert to work from https://user:pass/foo.blah.com/folder/ks.cfg ?
2) Does anyone know means to get kernel boot option to use DHCP... but only ONE NIC... so it does not hang?
3) Does anyone know how to get anaconda installer NOT to hang on media scan if it gets IP from boot different then what is set in ks.cfg and so delays some scan of metadata from http load source.

Thanks,

Post Reply

Return to “CentOS 8 - General Support”