Using iPXE to reduce provisioning times
iPXE is an open-source network-boot firmware. It provides a full PXE implementation enhanced with additional features, such as booting from an HTTP server. For more information about iPXE, see iPXE website.
You can use iPXE if the following restrictions prevent you from using PXE:
-
A network with unmanaged DHCP servers.
-
A PXE service that is unreachable because of, for example, a firewall restriction.
-
A TFTP UDP-based protocol that is unreliable because of, for example, a low-bandwidth network.
Prerequisites for using iPXE
You can use iPXE to boot virtual machines in the following cases:
-
Your virtual machines run on a hypervisor that uses iPXE as primary firmware.
-
Your virtual machines are in BIOS mode. In this case, you can configure PXELinux to chainboot iPXE and boot by using the HTTP protocol.
For booting virtual machines in UEFI mode by using HTTP, you can follow Creating Hosts with UEFI HTTP Boot Provisioning instead.
ATIX AG does not officially support iPXE in orcharhino.
-
The MAC address of the provisioning interface matches the host configuration.
-
The provisioning interface of the host has a valid DHCP reservation.
-
The NIC is capable of PXE booting. For more information, see supported hardware on ipxe.org for a list of hardware drivers expected to work with an iPXE-based boot disk.
-
The NIC is compatible with iPXE.
Configuring iPXE environment
Configure an iPXE environment on all orcharhino Proxies that you want to use for iPXE provisioning.
In CentOS Stream, security-related features of iPXE are not supported and the iPXE binary is built without security features. For this reason, you can only use HTTP but not HTTPS. You can recompile iPXE from source to use security features such as HTTPS. |
-
If you want to use orcharhino Proxy Servers instead of your orcharhino Server, ensure that you have configured your orcharhino Proxy Servers accordingly. For more information, see Configuring orcharhino Proxy for Host Registration and Provisioning in Installing orcharhino Proxy Server.
-
Enable the TFTP and HTTPboot services on your orcharhino Proxy:
# orcharhino-installer \ --foreman-proxy-httpboot true \ --foreman-proxy-tftp true
-
Install the
ipxe-bootimgs
package on your orcharhino Proxy:# dnf install ipxe-bootimgs
-
Copy iPXE firmware to the TFTP directory.
-
Copy the iPXE firmware with the Linux kernel header:
# cp /usr/share/ipxe/ipxe.lkrn /var/lib/tftpboot/
-
Copy the UNDI iPXE firmware:
# cp /usr/share/ipxe/undionly.kpxe /var/lib/tftpboot/undionly-ipxe.0
-
-
Correct the SELinux file contexts:
# restorecon -RvF /var/lib/tftpboot/
-
Set the HTTP URL.
-
If you want to use orcharhino Server for booting, run the following command on orcharhino Server:
# orcharhino-installer \ --foreman-proxy-dhcp-ipxefilename "http://orcharhino.example.com/unattended/iPXE?bootstrap=1"
-
If you want to use orcharhino Proxy Server for booting, run the following command on orcharhino Proxy Server:
# orcharhino-installer --foreman-proxy-dhcp-ipxe-bootstrap true
-
Booting virtual machines
Some virtualization hypervisors use iPXE as primary firmware for PXE booting. If you use such a hypervisor, you can boot virtual machines without TFTP and PXELinux.
Booting a virtual machine has the following workflow:
-
Virtual machine starts.
-
iPXE retrieves the network credentials, including an HTTP URL, by using DHCP.
-
iPXE loads the iPXE bootstrap template from orcharhino Proxy.
-
iPXE loads the iPXE template with MAC as a URL parameter from orcharhino Proxy.
-
iPXE loads the kernel and initial RAM disk of the installer.
-
Your hypervisor must support iPXE. The following virtualization hypervisors support iPXE:
-
libvirt
-
oVirt (deprecated)
-
VMWare (via custom firmware)
-
-
You have configured your iPXE environment. For more information, see Configuring iPXE Environment.
You can use the original templates shipped in orcharhino as described below. If you require modification to an original template, clone the template, edit the clone, and associate the clone instead of the original template. For more information, see cloning provisioning templates. |
-
In the orcharhino management UI, navigate to Hosts > Templates > Provisioning Templates.
-
Search for the required template:
-
The
AutoYaST default iPXE
template for SUSE Linux Enterprise Server hosts. -
The
Kickstart default iPXE
template for CentOS Stream hosts. -
The
Preseed default iPXE
template for Debian/Ubuntu hosts.
-
-
Click the name of the template.
-
Click the Association tab and select the operating systems that your host uses.
-
Click the Locations tab and add the location where the host resides.
-
Click the Organizations tab and add the organization that the host belongs to.
-
Click Submit to save the changes.
-
In the orcharhino management UI, navigate to Hosts > Operating systems and select the operating system of your host.
-
Click the Templates tab.
-
From the iPXE template list, select the required template:
-
The
AutoYaST default iPXE
template for SUSE Linux Enterprise Server hosts. -
The
Kickstart default iPXE
template for CentOS Stream hosts. -
The
Preseed default iPXE
template for Debian/Ubuntu hosts.
-
-
Click Submit to save the changes.
-
In the orcharhino management UI, navigate to Hosts > All Hosts.
-
In the Hosts page, select the host that you want to use.
-
Select the Operating System tab.
-
Set PXE Loader to
iPXE Embedded
. -
Select the Templates tab.
-
In Provisioning Templates, click Resolve and verify that the iPXE template resolves to the required template.
-
Click Submit to save host settings.
Chainbooting iPXE from PXELinux
You can set up iPXE to use a built-in driver for network communication (ipxe.lkrn
) or Universal Network Device Interface (UNDI) (undionly-ipxe.0
).
You can choose to load either file depending on the networking hardware capabilities and iPXE driver availability.
UNDI is a minimalistic UDP/IP stack that implements TFTP client.
However, UNDI cannot support other protocols like HTTP.
To use HTTP with iPXE, use the iPXE build with built-in drivers (ipxe.lkrn
).
Chainbooting iPXE has the following workflow:
-
Host powers on.
-
PXE driver retrieves the network credentials by using DHCP.
-
PXE driver retrieves the PXELinux firmware
pxelinux.0
by using TFTP. -
PXELinux searches for the configuration file on the TFTP server.
-
PXELinux chainloads iPXE
ipxe.lkrn
orundionly-ipxe.0
. -
iPXE retrieves the network credentials, including an HTTP URL, by using DHCP again.
-
iPXE chainloads the iPXE template from your Templates orcharhino Proxy.
-
iPXE loads the kernel and initial RAM disk of the installer.
-
You have configured your iPXE environment. For more information, see Configuring iPXE Environment.
You can use the original templates shipped in orcharhino as described below. If you require modification to an original template, clone the template, edit the clone, and associate the clone instead of the original template. For more information, see cloning provisioning templates. |
-
In the orcharhino management UI, navigate to Hosts > Templates > Provisioning Templates.
-
Search for the required PXELinux template:
-
PXELinux chain iPXE
to useipxe.lkrn
-
PXELinux chain iPXE UNDI
to useundionly-ipxe.0
-
-
Click the name of the template you want to use.
-
Click the Association tab and select the operating systems that your host uses.
-
Click the Locations tab and add the location where the host resides.
-
Click the Organizations tab and add the organization that the host belongs to.
-
Click Submit to save the changes.
-
On the Provisioning Templates page, search for the required template:
-
The
AutoYaST default iPXE
template for SUSE Linux Enterprise Server hosts. -
The
Kickstart default iPXE
template for CentOS Stream hosts. -
The
Preseed default iPXE
template for Debian/Ubuntu hosts.
-
-
Click the name of the template.
-
Click the Association tab and associate the template with the operating system that your host uses.
-
Click the Locations tab and add the location where the host resides.
-
Click the Organizations tab and add the organization that the host belongs to.
-
Click Submit to save the changes.
-
In the orcharhino management UI, navigate to Hosts > Operating systems and select the operating system of your host.
-
Click the Templates tab.
-
From the PXELinux template list, select the template you want to use.
-
From the iPXE template list, select the required template:
-
The
AutoYaST default iPXE
template for SUSE Linux Enterprise Server hosts. -
The
Kickstart default iPXE
template for CentOS Stream hosts. -
The
Preseed default iPXE
template for Debian/Ubuntu hosts.
-
-
Click Submit to save the changes.
-
In the orcharhino management UI, navigate to Configure > Host Groups, and select the host group you want to configure.
-
Select the Operating System tab.
-
Select the Architecture and Operating system.
-
Set the PXE Loader:
-
Select
PXELinux BIOS
to chainboot iPXE (ipxe.lkrn
) from PXELinux. -
Select
iPXE Chain BIOS
to loadundionly-ipxe.0
directly.
-
The text and illustrations on this page are licensed by ATIX AG under a Creative Commons Attribution Share Alike 4.0 International ("CC BY-SA 4.0") license. This page also contains text from the official Foreman documentation which uses the same license ("CC BY-SA 4.0"). |