Provisioning/Remote Access Flashcards
How provision bare metal?
- kickstart
- FAI
- Stacki (supposedly the fastest)
What is the process for provisioning?
- PXE - (Preboot eXecution Environment) Target Machine (either bare metal or with boot sector removed) is booted.
The Network Interface Card (NIC) of the machine triggers a DHCP request.
DHCP server intercepts the request and responds with standard information (IP, subnet mask, gateway, DNS etc.). In addition, it provides information about the location of a TFTP server and boot image (pxelinux.0).
When the client receives this information, it contacts the TFTP server for obtaining the boot image.
TFTP server sends the boot image (pxelinux.0), and the client executes it.
By default, the boot image searches the pxelinux.cfg directory on TFTP server for boot configuration files on the TFTP server using the following approach:
First, it searches for the boot configuration file that is named according to the MAC address represented in lower case hexadecimal digits with dash separators. For example, for the MAC Address “88:99:AA:BB:CC:DD”, it searches for the file 01-88-99-aa-bb-cc-dd.
Then, it searches for the configuration file using the IP address (of the machine that is being booted) in upper case hexadecimal digits. For example, for the IP Address “192.0.2.91”, it searches for the file “C000025B”.
If that file is not found, it removes one hexadecimal digit from the end and tries again. However, if the search is still not successful, it finally looks for a file named “default” (in lower case).
For example, if the boot file name is /tftpboot/pxelinux.0, the Ethernet MAC address is 88:99:AA:BB:CC:DD, and the IP address 192.0.2.91, the boot image looks for file names in the following order:
/tftpboot/pxelinux.cfg/01-88-99-aa-bb-cc-dd /tftpboot/pxelinux.cfg/C000025B /tftpboot/pxelinux.cfg/C000025 /tftpboot/pxelinux.cfg/C00002 /tftpboot/pxelinux.cfg/C0000 /tftpboot/pxelinux.cfg/C000 /tftpboot/pxelinux.cfg/C00 /tftpboot/pxelinux.cfg/C0 /tftpboot/pxelinux.cfg/C The client downloads all the files it needs (kernel and root file system), and then loads them.
Target Machine reboots.
The Provisioning application uses Redhat’s Kickstart method to automate the installation of Redhat Linux on target machines. Using kickstart, the system administrator can create a single file containing answers to all the questions that will usually be asked during a typical Red Hat Linux installation.
The host specific boot configuration file contains the location of the kickstart file. This kickstart file would have been created earlier by the stage directive of the OS image based on the input from user.
Alternate PXE Boot Setup…
When a machine uses the PXE (Pre-eXecution Environment) to boot directly off the network, it needs to get an IP address from a DHCP server.
The DHCP server can also give it the details of a TFTP server from which to retrieve an executable file. Typically for a Linux client, this file is called pxelinux.0.
NOTE:
If you use DNSMASQ then it takes care of pointing booting systems to the tftp server by providing the enable-tftp option in the dnsmasq configuration file and you do not need a separate DHCP server.
Once the client retrieves and executes pxelinux.0, it is hard-coded to look for a file from the pxelinux.cfg/ subdirectory relative to where pxelinux.0 was found.
Here we have a PXE file which will contain PXE boot menu and the location of the repository which will be used for the installation.
What is Anaconda?
Anaconda is a free and open-source system installer for Linux distributions. Anaconda is used by Red Hat Enterprise Linux, Oracle Linux, Scientific Linux, CentOS, Qubes OS, Fedora, Sabayon Linux and
When you install a Red Hat system, a file with the name anaconda-ks.cfg is created in the home directory of the root user. This file contains most settings that were used while installing your computer. It is a good starting point if you want to try out an automated Kickstart installation.
What is anycast?
Anycast is a network addressing and routing methodology in which a single destination address has multiple routing paths to two or more endpoint destinations. Routers will select the desired path on the basis of number of hops, distance, lowest cost, latency measurements or based on the least congested route. Anycast networks are widely used for content delivery network (CDN) products to bring their content closer to the end user.
What is BGP?
Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet.[1] The protocol is classified as a path vector protocol.[2] The Border Gateway Protocol makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator and is involved in making core routing decisions.
BGP may be used for routing within an autonomous system. In this application it is referred to as Interior Border Gateway Protocol, Internal BGP, or iBGP. In contrast, the Internet application of the protocol may be referred to as Exterior Border Gateway Protocol, External BGP, or eBGP.
what is ECMP?
Equal-cost multi-path routing (ECMP) is a routing strategy where packet forwarding to a single destination can occur over multiple “best paths” which tie for top place in routing metric calculations. Multi-path routing can be used in conjunction with most routing protocols, because it is a per-hop decision limited to a single router. It can substantially increase bandwidth by load-balancing traffic over multiple paths; however, there may be significant problems in deploying it in practice.
What is a VIP and what are the common scenarios where VIP can be used?
Virtual IPs (VIP) are one to many mappings of IP address that distinguish traffic based on port number to determine what IP address to send the traffic to. A common application of VIPs is to have one public IP address represent the Web server, email server and FTP server, each of which has a unique private IP address. This sharing of one external IP address provides a good way to conserve public IP addresses.
A Virtual IP can also be used for port forwarding. For example, assume you want to open web access to the Internet to a web server you have that is listening on port 80. However, due to security concerns, you only want users to be accessing this site using port 8080. You can use Virtual IP to accomplish this. Specify the Virtual IP, which is the IP address that the Internet will be using to access the web site. Then, specify the external port, and this combination of external IP and port will be mapped to an internal IP address and port.
What are TORs?
Top Of Rack Switches (which also do DHCP forwarding)
how setup kickstart?
Include the ks kernel boot option in the append line of a target in your pxelinux.cfg/default file to specify the location of a kickstart file on your network. The syntax of the ks option in a pxelinux.cfg/default file is identical to its syntax when used at the boot prompt. Refer to Section 32.11, “Starting a Kickstart Installation” for a description of the syntax and refer to Example 32.1, “Using the ks option in the pxelinux.cfg/default file” for an example of an append line.
If the dhcpd.conf file on the DHCP server is configured to point to /var/lib/tftpboot/pxelinux.0 on the BOOTP server (whether on the same physical machine or not), systems configured to boot over the network can load the kickstart file and commence installation.
Example 32.1. Using the ks option in the pxelinux.cfg/default file
For example, if foo.ks is a kickstart file available on an NFS share at 192.168.0.200:/export/kickstart/, part of your pxelinux.cfg/default file might include:
label 1
kernel RHEL6/vmlinuz
append initrd=RHEL6/initrd.img ramdisk_size=10000 ks=nfs:192.168.0.200:/export/kickstart/foo.ks
