Tracker #431

[TRACKER] UEFI PXE support

Added by Bill Peck over 6 years ago. Updated 7 months ago.

Status:Assigned% Done:

0%

Priority:Normal
Assigned To:Lukas Zapletal
Category:Unattended installations
Target version:Team Daniel backlog
Difficulty: Bugzilla link:1145653
Found in release:
Story points-
Velocity based estimate-

Description

UEFI support to allow newer bios'es that don't support pxe to netboot as well.

This will be done via Grub2/Grub PXE support. More details at:

https://github.com/theforeman/rfcs/blob/master/text/0001-PXE-Booting-UEFI.md


Related issues

Related to Boot disk - Feature #4413: Make full-host bootdisk image UEFI compatible Ready For Testing 02/22/2014
Related to Smart Proxy - Feature #12633: Add Pxegrub2 variant and allow multiple TFTP config files Closed 11/30/2015
Related to Foreman - Feature #12634: New HW Model flag pxe_loader in UI/API Closed 11/30/2015
Related to Installer - Feature #12635: Options to deploy Grub and PXELinux EFI loaders in TFTP root Closed 11/30/2015
Related to Installer - Feature #14920: Change dhcpd.conf to support EFI loaders Closed 05/04/2016
Related to Foreman - Feature #14921: ComputeResource should pass host loader flag to VM New 05/04/2016
Related to Discovery - Feature #14922: Discovery can detect BIOS/EFI and report it back New 05/04/2016
Related to Foreman - Feature #12434: Allow override of filename options in DHCP host entry Rejected 11/10/2015
Related to Smart Proxy - Refactor #15864: Pxelinux kind as an alias for Syslinux Closed 07/27/2016
Related to Foreman - Bug #16532: Selecting architecture in hostgroup doesn't update operat... Closed 09/13/2016

History

#1 Updated by Ohad Levy over 6 years ago

  • Category set to Unattended installations

#2 Updated by Aaron Stone over 3 years ago

Oh hi I need this too. Here's what I see as the issues to work on:

1) when creating a DHCP entry, instead of "supersede server.filename = "pxelinux.0" I need grubnetx64.efi. The filename will vary by site and by architecture.
2) when creating the pxelinux.cfg/m-a-c-a-d-d-r files, well, don't create those, write out a grub config.

#3 Updated by Aaron Stone over 3 years ago

... on further thought, the easiest way to achieve 1) is to simply not supersede the filename. The logic can, and should, be done in the subnet, where it can be conditional on the client and always deliver the correct filename!

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-netboot-pxe-config-efi.html

#4 Updated by Dominic Cleal over 2 years ago

  • Bugzilla link set to 1145653

#5 Updated by Dominic Cleal over 2 years ago

  • Status changed from New to Assigned
  • Assigned To set to Lukas Zapletal
  • Target version set to Sprint 29

#6 Updated by Lukas Zapletal over 2 years ago

Foreman and EFI and qemu/kvm

To get EFI working under QEMU, one needs 2.1.1 version with modified BIOS. The easiest approach after almost destroying my Fedora 20 QEMU intallation is to build from sources:

http://wiki.qemu-project.org/download/qemu-2.1.1.tar.bz2
yum -y install spice-server-devel spice-protocol SDL-devel glibc-devel.i686 gnu-efi-devel.i686
./configure --target-list=x86_64-softmmu --enable-spice --prefix=/opt/qemu-2.1.1 --enable-debug --disable-gtk
make install
chown root:root /opt/qemu-2.1.1/libexec/qemu-bridge-helper
chmod u=rwxs,g=rx,o=rx /opt/qemu-2.1.1/libexec/qemu-bridge-helper
echo 'allow virbr0' > /opt/qemu-2.1.1/etc/qemu/bridge.conf
echo 'allow virbr1' >> /opt/qemu-2.1.1/etc/qemu/bridge.conf

sudo wget https://www.kraxel.org/repos/firmware.repo -O /etc/yum.repos.d/kraxel-qemu-firmare.repo
yum install edk2.git-ovmf-x64

To boot an instance, one needs few parameters for qemu. Here is a nice snippet: http://fpaste.org/136085/68530141/raw/

I am able to boot EFI shell and Grub2 via PXE, but no luch with pxelinux so far. I tried latest stable (6.02) as well as my builds from git:

yum localinstall https://kojipkgs.fedoraproject.org//packages/gnu-efi/3.0u/0.2.fc20/i686/gnu-efi-3.0u-0.2.fc20.i686.rpm
git clone syslinux && cd syslinux
make install INSTALLROOT=/opt/pxelinux.git

I need to get back to this later. I suppose pxelinux is the preferred way to boot EFI systems because then we can reuse config templates in Foreman. I think I could get this working on Grub2 soon, but pxelinux is the issue currently. Maybe there is a bug in QEMU/OVMF and if I use VirtualBox or bare-metal EFI hardware, it would work. I don’t know now.

#7 Updated by Lukas Zapletal over 2 years ago

  • Related to Feature #4413: Make full-host bootdisk image UEFI compatible added

#8 Updated by Bill Peck over 2 years ago

Pretty sure it's not possible to boot pxelinux.0 under uefi, hance this RFE.

#9 Updated by Lukas Zapletal over 2 years ago

Ok I almost gave us after two days of trial-and-error and folks from #syslinux helped me out!

I am currently looking at the PXELinux boot menu generated from Foreman in a QEMU EFI session, booted exclusively on EFI drivers :-)

This has one drawback, the only version that worked was: https://www.kernel.org/pub/linux/utils/boot/syslinux/Testing/6.03/syslinux-6.03-pre20.tar.gz

Now the issue is we can't use older versions of syslinux, all RHEL 6/7 and Debian 6/7 have legacy versions which will not work. I wonder if we can download the tarball in our installer until things are backported into distros. Syslinux folks said Debian-based distros will ship 6.03 backported versions due to bugs in older ones and I think RHEL will do the same. Then we can use files from packages. But if we want to start testing EFI today, we can use the tarball (it contains binaries as well as source files).

Opinions?

#10 Updated by Lukas Zapletal over 2 years ago

Bill: It is possible, not pxelinux.0 of course, you need to use efi64/pxelinux.efi and respective COM32 binaries from that tree.

#11 Updated by Lukas Zapletal over 2 years ago

Ok what I am gonna do is I am gonna modify our dhcpd.conf template so it configures the service in dual mode. Meaning that PXELinux will still work with BIOS, but if a host reports EFI everything will be set up to serve the files. I will add comments where to download files from and where to put them to get EFI working. Opinions?

#12 Updated by Dominic Cleal over 2 years ago

  • Target version changed from Sprint 29 to Sprint 30

#13 Updated by Konrad Scherer over 2 years ago

I just wanted to put some notes about my recent success using Foreman to PXE boot some new Dell C6220 servers in UEFI mode.

I grabbed the latest syslinux git tree (b7edab) and built the latest syslinux.efi and ldlinux.e64. I copied these 2 files to /var/lib/tftpboot on tftp server.

I created the host entries as usual in Foreman webUI.

I stopped the isc-dhcp-server and edited /var/lib/dhcp/dhcpd.leases to change pxelinux.0 to syslinux.efi for the new UEFI machines. Then I restarted the dhcp server.

The only extra thing I had to do in the UEFI bios was set IPv4 as higher priority than IPv6 for network boot.

The initial provision and installation worked without problems. UEFI downloaded syslinux.efi and used it to read files in pxelinux.cfg and chainload the Ubuntu installer kernel.

On reboot the pxe menu for "Boot local disk" did not work because the menu.c32 in /var/lib/tftpboot was for pxelinux.0. Unfortunately creating a single pxe boot dir that can handle pxe, efi32 and efi64 seems to require a messy tftpboot layout:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720589

I hope this information is useful to someone. Let me know if you want more information.

#14 Updated by Lukas Zapletal over 2 years ago

Hello, thanks for your report.

First of all, you do not need to compile syslinux from git anymore. A new version 6.03 which contains many bugfixes in regard to PXE was released yesterday (https://lists.fedoraproject.org/pipermail/test/2014-October/123202.html). Just grab it, it contains also all the required binaries.

We managed to get PXELinux working using relative symlinks in the TFTP directory. Note they must be relative because TFTP runs under chroot. Then you can copy requred binaries into subdirectories while you can share your Foreman configuration via symlinks. Here is the document that describes it is here:

http://lukas.zapletalovi.com/2014/09/efi-in-qemu-kvm-on-fedora-20.html

Also interesting read might be here:

http://projects.theforeman.org/projects/foreman/wiki/PXE_Booting_UEFI

Appreciate your comment, thanks.

#15 Updated by Lukas Zapletal over 1 year ago

  • Subject changed from uefi support to [FEATURE] UEFI support
  • Target version deleted (Sprint 30)

I will be adding sub-tickets to this one in a minute.

#16 Updated by Lukas Zapletal over 1 year ago

  • Related to Feature #12633: Add Pxegrub2 variant and allow multiple TFTP config files added

#17 Updated by Lukas Zapletal over 1 year ago

  • Related to Feature #12634: New HW Model flag pxe_loader in UI/API added

#18 Updated by Lukas Zapletal over 1 year ago

  • Related to Feature #12635: Options to deploy Grub and PXELinux EFI loaders in TFTP root added

#19 Updated by Lukas Zapletal over 1 year ago

DOCUMENTATION NOTES:

  • ISC DHCP and dnsmasq configuration
  • Upgrade instructions

#20 Updated by Lukas Zapletal 12 months ago

  • Related to Feature #14920: Change dhcpd.conf to support EFI loaders added

#21 Updated by Lukas Zapletal 12 months ago

  • Related to Feature #14921: ComputeResource should pass host loader flag to VM added

#22 Updated by Lukas Zapletal 12 months ago

  • Related to Feature #14922: Discovery can detect BIOS/EFI and report it back added

#23 Updated by Lukas Zapletal 9 months ago

  • Subject changed from [FEATURE] UEFI support to [FEATURE] UEFI PXE support
  • Description updated (diff)
  • Target version set to Team Daniel - iteration 2

#24 Updated by Lukas Zapletal 9 months ago

  • Tracker changed from Feature to Tracker
  • Subject changed from [FEATURE] UEFI PXE support to [TRACKER] UEFI PXE support

#25 Updated by Lukas Zapletal 9 months ago

  • Target version changed from Team Daniel - iteration 2 to Team Daniel backlog

#26 Updated by Lukas Zapletal 8 months ago

  • Related to Feature #12434: Allow override of filename options in DHCP host entry added

#27 Updated by Lukas Zapletal 8 months ago

#28 Updated by Lukas Zapletal 8 months ago

  • Related to Bug #16532: Selecting architecture in hostgroup doesn't update operating system added

#29 Updated by Lukas Zapletal 7 months ago

Just for the record, I opened RFC on HTTP EFI booting, no ticket yet: https://github.com/theforeman/rfcs/pull/14/files

Also available in: Atom PDF