PXE installation Centos7 and Centos8

The pre boot execution environment (PXE), also known as the pre execution environment, provides a mechanism for starting a computer using a Network Interface. This mechanism allows the computer to start without relying on local data storage devices (such as hard disks) or locally installed operating systems.  

  Deployment environment

PXE server192.168.1.130DHCP,TFTP,HTTP,PXE
client192.168.1.10Testing machine, installing OS through pxe

Installation components

Component function introduction

Kickstart: write the parameters of the installation process into the ks.cfg file to realize automatic installation configuration and unattended automatic installation;
TFTP: Download pxelinux.0 files, vmlinuz, initrd.img and other kernel boot files from the network card supporting PXE boot from the TFTP server;
DHCP: obtain the IP address and provide pxelinux.0 file location during PXE boot;
HTTP: used to download ks.cfg and system image files.

[root@server ~]# yum install nginx
[root@server ~]# yum install dhcp
[root@server ~]# yum install tftp-server
[root@server ~]# yum install syslinux

  HTTP configuration

Create 7 and 8 web directories

[root@server ~] # mkdir /dataweb/centos/{7,8}/os/x86_64 -p
[root@server /]# tree dataweb/
└── centos
    ├── 7
    │   └── os
    │       └── x86_64
    └── 8
        └── os
            └── x86_64
  • Mount the iso files of CentOS 7 and 8 to the server


  • nginx configuration
# Modify nginx configuration file
[root@server ~]# cat /etc/nginx/conf.d/repo.conf 
server {
    listen 80;
    server_name localhost;
    location / {
        root /dataweb;
        index index.html index.php index.htm;
        autoindex on;   # Allow directory display

# Mount the CD to the data web directory and change the mount point according to the actual needs
[root@server ~]# mount /dev/sr0 /dataweb/centos/8/os/x86_64/
mount: /dev/sr0 is write-protected, mounting read-only
[root@server ~]# mount /dev/sr1 /dataweb/centos/7/os/x86_64/
mount: /dev/sr1 is write-protected, mounting read-only

# Start nginx service
[root@server ~]# systemctl restart nginx

  Make kickstart response file

The anaconda-ks.cfg file generated after the installation of the original system is used, and the replica is modified again to generate a new KS file.

  •   Write response file
[root@server ~]# mkdir /dataweb/ksdir
# Copy answer template file
[root@server ~]# cp anaconda-ks.cfg /dataweb/ksdir/ks7-mini.cfg
[root@server ~]# cp anaconda-ks.cfg /dataweb/ksdir/ks8-mini.cfg
# Give the file read permission
[root@server ~]# chmod +r *
  •   If the generated key string (not required) is not modified, it is the installation password of the current system, or it can be modified to display the password in clear text. See the detailed description for the parameters.
[root@server ~]# python -c 'import crypt;print crypt.crypt("123456")'
  • The ks.cfg response file is configured in detail. In fact, the template can be common among various versions. During configuration, pay attention to modifying the installation source address and other configurations that need to be modified.
[root@server ~]# cd /dataweb/ksdir
[root@server ksdir]# cat ks7-mini.cfg
# System authorization information
auth --enableshadow --passalgo=sha512
# Install or update the system
# Installation source
url --url=
# Installing the system using the character interface
# Run the Setup Agent on first boot
firstboot --disable
# From the sda partition, pay attention to the modification of the online environment. Different types of disks display differently
ignoredisk --only-use=sda
# Keyboard layout
keyboard --vckeymap=us --xlayouts='us'
# System language, close selinux and firewall
lang en_US.UTF-8
selinux --disabled
firewall --disabled
# Network settings
network  --bootproto=dhcp --device=eth0 --onboot=on --ipv6=auto --no-activate
network  --hostname=localhost.localdomain
bootloader --append="net.ifnames=0" --location=mbr
# The root password is set in the form of key string. The password here is 123456. If it is not modified, it defaults to the password when the current system is installed
rootpw --iscrypted $6$lo6Yc9wZr0sQaIAv$Sx2u.hll/zm00Q88dNIEvY9jMSkfvyAq81fUJ0drU.Ty/g6BI7WolMHlJoJufOXYixQt6GSb1T4dkqByHuX7L.
# System services
services --disabled="chronyd"
# Set time zone
timezone Asia/Shanghai --isUtc --nontp
# Clear master boot record
clearpart --all
# Clear all partitions
# Partition information, the following is configured as a standard partition
part /boot --asprimary --fstype="xfs" --size=500
part swap --fstype="swap" --size=2048
part / --asprimary --fstype="xfs" --size=4096
# Install package @ as package group, @ ^ as environment package group, enter package name directly, - install a package in order

%addon com_redhat_kdump --enable --reserve-mb='auto'


pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty

ks8-mini.cfg configuration file

[root@server ksdir]# cp ks7-mini.cfg ks8-mini.cfg
[root@server ksdir]# cat ks8-mini.cfg
# System authorization information
auth --enableshadow --passalgo=sha512
# Install or update the system
# Installation source, modified to 8 installation file
url --url=

...... Other configurations remain unchanged ......

Detailed parameter description of kickstart

ignoredisk:   Control the connection to the disk during the installation process. If you use automatic partition, you can use it during the installation process   ignoredisk --driver=sdc   Specify the disks to be ignored by automatic partition. If you have multiple disks and want to use only one of them for automatic partition and install the operating system, you can use   ignoredisk --only-use=sda   Specifies that only SDA is used. It is almost impossible to use SDA online, and it should be modified according to the actual situation

autopart:   Automatically create root partition (/), swap partition (SWAP) and appropriate boot partition (/ boot), and create / home partition on a large enough drive; adopt  -- type=   Specify the partition type, such as the standard partition used in the example. You can also pass  -- fstype=   Specify the system file type, such as   xfs,ext4   Wait, the default is   xfs; You can also pass  -- encrypted   Option to encrypt all partitions.

clearpart:   Delete the existing partition before partition; Can pass  -- drives=   Specify the disk to delete the partition, or  -- all   Clear partitions for all devices.

graphical:   The installation process is carried out in a graphical way, just like manual installation; You can also use   text   Command to display the installation process in text.

reboot:   Restart after installation.

repo:   Specify additional package installation sources.

url:   When installing over a network, the location of the installation files.

keyboard:   Specify the keyboard layout; adopt  -- vckeymap=   Specify which VConsole keyboard mode should be used; adopt  -- xlayouts=   Specifies the layout of the keyboard.

firstboot:   Is it displayed when the system is started for the first time   Initial Setup; If enabled, the initial setup package must be installed. If not specified, this option is disabled by default-- enable   Indicates starting initial setup, -- disable   Indicates that initial setup is disabled; You can also use  -- reconfig   Option starts the reconfiguration mode when booting the system. In this mode, you can reconfigure the system language, keyboard and mouse, root password, system security level, time zone and network configuration.

lang:   Configure the system language.

network:   Network configuration, using  -- bootproto=   Specify how the computer obtains IP, yes   dchp   still   static. use  -- device=   Specify the device name to configure. use  -- activate   Activate the device. If your  -- bootproto=   If you use static, you can use   ip=   Specify the IP address, -- netmask=   Specify subnet mask, -- gateway=   Specify gateway, -- nameserver=   Specify DNS. use   ipv6=   Specify IPv6 configuration, use auto   Indicates automatic configuration. use  -- hostname   Configure the host name.

rootpw:   Specify the password of the root user, -- iscrypted   Indicates that the password is displayed in ciphertext, -- plaintext   Indicates that the password is displayed in clear text. You can also use  -- lock   Lock the root user.

When you use  -- iscrypted   You can generate the ciphertext of the password through python on a machine with the system installed (if it is Python 3, the corresponding command should be the syntax of Python 3).

$ python -c 'import crypt; print crypt.crypt("My Password")'

xconfig:   Configure X Windows system, -- startxonboot   Indicates logging in using the graphical interface on the installed system.

services:   Configure the default state of the service, -- disabled=   Specify the default disabled service, using  -- enabled=   Specifies the services that are enabled by default.

timezone:   Specify the time zone.

user:   Add additional users through  -- name=   Specify the user name by  -- groups=   Specify the group to be added by the user (except the default group)  -- password=   Specify the password for the user, -- iscrypted   Means in ciphertext, through -- GECOS=   Define user's GECOS information, such as user's full name, etc.

%packages   Indicates the package to install.

adopt  @  Specify a package group, such as:

@X Window System

adopt  @^  Specify an environment group, such as:


Directly enter the software package name and specify an independent software package, such as:


adopt  -  A package in the troubleshooting package group

@Development Tools

%package should end with% end.

%addon   Configure kdump-- enable   Indicates open and passed  -- reserve-mb=   Specify the memory size reserved for kdump, auto   Indicates automatic, to  % end.

%anaconda   Section specifies the password policy to  % end   end.

You can also pass  % pre   Specify the script to be executed before disk partition through  % post   Specify the script to execute after the system installation is completed. These modules are required  % end   end.

  DHCP configuration

Copy the dhcpd template file to / etc/dhcp/dhcpd.conf, and then modify the corresponding options, or write your own minimization template.

[root@server ~]# cat /etc/dhcp/dhcpd.conf 
# Set lease time and maximum lease time
default-lease-time 600;
max-lease-time 7200;
# Define domain name
option domain-name "localhost.com";
# Define the subnet, mask, gateway and address pool range of the address pool
subnet netmask {
      option routers;
# Define the boot server, that is, the boot file and tftp server address of the tftp server. Note that the filename here is targeted, and the file here is only valid based on the linux-x86 architecture.
      filename "pxelinux.0";

# Start service
[root@server ~]# systemctl restart dhcpd

  tftp configuration

vesamenu.c32 and menu.c32 are two of the many modules owned by syslinux. Their function is to determine what mode the initiator uses. vesamenu.c32 graphics mode, menu.c32 text mode. Select menu.c32 here. At the same time, pxelinux.0 file is also required. It plays the same role on the whole boot as the kernel plays on the system. It can explain each configuration item in the default file (file for configuring the boot menu), and make different responses according to the configuration items, such as waiting time, initiator background, boot menu, kernel boot, etc.

# Centos7 copies the following files
[root@server ~]# cd /var/lib/tftpboot
[root@server tftpboot]# mkdir 7 8
[root@server tftpboot]# mkdir pxelinux.cfg
[root@server tftpboot]# cp /usr/share/syslinux/{pxelinux.0,menu.c32} .                  
[root@server tftpboot]# cp /dataweb/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} 7

# Centos8 environment copies the following files
[root@server ~]# cd /var/lib/tftpboot/
[root@server tftpboot]# cp /dataweb/centos/8/os/x86_64/isolinux/{ldlinux.c32,libutil.c32,libcom32.c32} .
[root@server tftpboot]# cp /dataweb/centos/8/os/x86_64/isolinux/{vmlinuz,initrd.img} 8

# directory structure
[root@server lib]# tree tftpboot/
├── 7
│   ├── initrd.img
│   └── vmlinuz
├── 8
│   ├── initrd.img
│   └── vmlinuz
├── ldlinux.c32
├── libcom32.c32
├── libutil.c32
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg

# Start service
[root@server ~]# systemctl restart tftp

Start boot configuration

For other tutorials, copy the template and then modify it. Write it here to minimize boot startup.

[root@server tftpboot]# vim pxelinux.cfg/default
# If the value is modified to the body Mini tag, the mini tag is selected by default and will not be selected by the user
default menu.c32
timeout 600
# Background title
menu title ########## GXM-PXE Boot Menu ##########

label mini7
    menu label install centos mini 7
    kernel 7/vmlinuz
    append initrd=7/initrd.img ks=

label mini8
    menu label install centos mini 8
    kernel 8/vmlinuz
    append initrd=8/initrd.img ks=

label local
    menu default
    menu label ^Boot from local drive
    localboot 0xffff


Create a new virtual machine,   Test pxe installation for success.

  • bios is set to network startup
bios setting network startup
  •   Boot boot interface
    Boot boot interface

Tags: Linux Operation & Maintenance CentOS pxe

Posted on Sun, 07 Nov 2021 15:01:21 -0500 by tullmejs