#######################
Build a PXE Boot Server
#######################

:Author: Dimitry Dukhovny


.. contents::


Installing a pre-boot execution environment (PXE) in your network takes some planning and should only exist in your DHCP sandbox, not in production.


Required packages under Centos/RHEL/Fedora
==========================================


.. code-block:: bash
	:linenos:

        yum -y install httpd xinetd syslinux tftp-server mtools
	# Do not forget SELinux
	setsebool -P tftp_anon_write 1
	setsebool -P tftp_home_dir 1


* httpd is the Apache web server

* xinetd is the extended inetd that will trigger the tftp server

* syslinux is a boot loader bundling ISO, PXE, and EXT Linux boots

* tftp-server is the trivial file transfer protocol server

* mtools is an MSDOS disk management suite

Stage OS disk
=============
For this example, we will use Centos7 from the DVD ISO.


.. code-block:: bash
	:linenos:

        mount -o loop /mnt/images/Centos7-DVD.iso /mnt/pxe/centos7


Web server
==========


.. code-block:: apache
	:linenos:
	:caption: /etc/httpd/conf.d/pxe.conf

	Alias /centos7 /mnt/pxe/centos7
	<Directory /mnt/pxe/centos7>
	Options Indexes FollowSymLinks
	Order Deny,Allow
	Allow from all
	<Directory>

Then, bounce Apache.

OS stage
========

* Copy boot loaders to TFTP server location


.. code-block:: bash
	:linenos:

        mkdir /var/lib/tftpboot
        ln -s /usr/share/syslinux/* /var/lib/tftpboot/
	mkdir /var/lib/tftpboot/centos7
	ln -s /mnt/pxe/centos7/images/pxeboot/* /var/lib/tftpboot/centos7/
	mkdir /var/lib/tftpboot/pxelinux.cfg
	touch /var/lib/tftpboot/pxelinux.cfg/default


.. code-block:: bash
	:linenos:
	:caption: /var/lib/tftpboot/pxelinux.cfg/default

        default menu.c32
	prompt 0
	timeout 300
	ONTIMEOUT 1
	
	menu title CentOS 7 PXE Menu
	
	label 1
	menu label ^1) Install CentOS 7
	menu default
	kernel centos7/vmlinuz
	append initrd=centos7/initrd.img method=http://10.168.123.11/centos7 devfs=nomount
	
	label 2
	menu label ^2) Boot from local drive
	localboot 0


Services
========

* Set "disable=yes" to be "disable=no" in xinetd.d/tftp

.. code-block:: bash
	:linenos:
	:caption: /etc/xinetd.d/tftp

        service tftp
	{
        	socket_type             = dgram
        	protocol                = udp
        	wait                    = yes
        	user                    = root
        	server                  = /usr/sbin/in.tftpd
        	server_args             = -s /var/lib/tftpboot
        	disable                 = no
        	per_source              = 11
        	cps                     = 100 2
        	flags                   = IPv4
	}


.. code-block:: bash
	:linenos:
	:caption: /usr/lib/systemd/system/tftp.service

	[Unit]
	Description=Tftp Server
	
	[Service]
	ExecStart=/usr/sbin/in.tftpd -c -s /tftpboot
	StandardInput=socket
	
	[Install]
	WantedBy=multi-user.target


.. code-block:: bash
	:linenos:

        systemctl restart xinetd
        systemctl enable xinetd
	systemctl restart httpd
	systemctl enable httpd
	# Open port 80 for fetching Linux bits
	firewall-cmd --permanent --add-service=http
	# Open port 69 for TFTP itself
	firewall-cmd --permanent --add-port=69/udp
	firewall-cmd --permanent --add-port=69/tcp
	firewall-cmd --reload