[TRACKER] UEFI PXE support
|Triaged:||Fixed in Releases:|
|Bugzilla link:||1145653||Found in Releases:|
UEFI support to allow newer bios'es that don't support pxe to netboot as well.
This will be done via Grub2/Grub PXE support. More details at:
#2 Updated by Aaron Stone over 4 years ago
Oh hi I need this too. Here's what I see as the issues to work on:
1) when creating a DHCP entry, instead of "supersede server.filename = "pxelinux.0" I need grubnetx64.efi. The filename will vary by site and by architecture.
2) when creating the pxelinux.cfg/m-a-c-a-d-d-r files, well, don't create those, write out a grub config.
#3 Updated by Aaron Stone over 4 years ago
... on further thought, the easiest way to achieve 1) is to simply not supersede the filename. The logic can, and should, be done in the subnet, where it can be conditional on the client and always deliver the correct filename!
#6 Updated by Lukas Zapletal almost 4 years ago
Foreman and EFI and qemu/kvm
To get EFI working under QEMU, one needs 2.1.1 version with modified BIOS. The easiest approach after almost destroying my Fedora 20 QEMU intallation is to build from sources:
yum -y install spice-server-devel spice-protocol SDL-devel glibc-devel.i686 gnu-efi-devel.i686
./configure --target-list=x86_64-softmmu --enable-spice --prefix=/opt/qemu-2.1.1 --enable-debug --disable-gtk
chown root:root /opt/qemu-2.1.1/libexec/qemu-bridge-helper
chmod u=rwxs,g=rx,o=rx /opt/qemu-2.1.1/libexec/qemu-bridge-helper
echo 'allow virbr0' > /opt/qemu-2.1.1/etc/qemu/bridge.conf
echo 'allow virbr1' >> /opt/qemu-2.1.1/etc/qemu/bridge.conf
sudo wget https://www.kraxel.org/repos/firmware.repo -O /etc/yum.repos.d/kraxel-qemu-firmare.repo
yum install edk2.git-ovmf-x64
To boot an instance, one needs few parameters for qemu. Here is a nice snippet: http://fpaste.org/136085/68530141/raw/
I am able to boot EFI shell and Grub2 via PXE, but no luch with pxelinux so far. I tried latest stable (6.02) as well as my builds from git:
yum localinstall https://kojipkgs.fedoraproject.org//packages/gnu-efi/3.0u/0.2.fc20/i686/gnu-efi-3.0u-0.2.fc20.i686.rpm
git clone syslinux && cd syslinux
make install INSTALLROOT=/opt/pxelinux.git
I need to get back to this later. I suppose pxelinux is the preferred way to boot EFI systems because then we can reuse config templates in Foreman. I think I could get this working on Grub2 soon, but pxelinux is the issue currently. Maybe there is a bug in QEMU/OVMF and if I use VirtualBox or bare-metal EFI hardware, it would work. I don’t know now.
#9 Updated by Lukas Zapletal almost 4 years ago
Ok I almost gave us after two days of trial-and-error and folks from #syslinux helped me out!
I am currently looking at the PXELinux boot menu generated from Foreman in a QEMU EFI session, booted exclusively on EFI drivers :-)
This has one drawback, the only version that worked was: https://www.kernel.org/pub/linux/utils/boot/syslinux/Testing/6.03/syslinux-6.03-pre20.tar.gz
Now the issue is we can't use older versions of syslinux, all RHEL 6/7 and Debian 6/7 have legacy versions which will not work. I wonder if we can download the tarball in our installer until things are backported into distros. Syslinux folks said Debian-based distros will ship 6.03 backported versions due to bugs in older ones and I think RHEL will do the same. Then we can use files from packages. But if we want to start testing EFI today, we can use the tarball (it contains binaries as well as source files).
#11 Updated by Lukas Zapletal almost 4 years ago
Ok what I am gonna do is I am gonna modify our dhcpd.conf template so it configures the service in dual mode. Meaning that PXELinux will still work with BIOS, but if a host reports EFI everything will be set up to serve the files. I will add comments where to download files from and where to put them to get EFI working. Opinions?
#13 Updated by Konrad Scherer almost 4 years ago
I just wanted to put some notes about my recent success using Foreman to PXE boot some new Dell C6220 servers in UEFI mode.
I grabbed the latest syslinux git tree (b7edab) and built the latest syslinux.efi and ldlinux.e64. I copied these 2 files to /var/lib/tftpboot on tftp server.
I created the host entries as usual in Foreman webUI.
I stopped the isc-dhcp-server and edited /var/lib/dhcp/dhcpd.leases to change pxelinux.0 to syslinux.efi for the new UEFI machines. Then I restarted the dhcp server.
The only extra thing I had to do in the UEFI bios was set IPv4 as higher priority than IPv6 for network boot.
The initial provision and installation worked without problems. UEFI downloaded syslinux.efi and used it to read files in pxelinux.cfg and chainload the Ubuntu installer kernel.
On reboot the pxe menu for "Boot local disk" did not work because the menu.c32 in /var/lib/tftpboot was for pxelinux.0. Unfortunately creating a single pxe boot dir that can handle pxe, efi32 and efi64 seems to require a messy tftpboot layout:
I hope this information is useful to someone. Let me know if you want more information.
#14 Updated by Lukas Zapletal almost 4 years ago
Hello, thanks for your report.
First of all, you do not need to compile syslinux from git anymore. A new version 6.03 which contains many bugfixes in regard to PXE was released yesterday (https://lists.fedoraproject.org/pipermail/test/2014-October/123202.html). Just grab it, it contains also all the required binaries.
We managed to get PXELinux working using relative symlinks in the TFTP directory. Note they must be relative because TFTP runs under chroot. Then you can copy requred binaries into subdirectories while you can share your Foreman configuration via symlinks. Here is the document that describes it is here:
Also interesting read might be here:
Appreciate your comment, thanks.
#30 Updated by google flights about 1 month ago
I grabbed the latest syslinux git tree (b7edab) and built the latest syslinux.efi and ldlinux.e64. I copied these 2 files to /var/lib/tftpboot on TFTP server. I created the host entries as usual in Foreman webUI.I stopped the isc-dhcp-server and edited /var/lib/dhcp/dhcpd.leases to change pxelinux.0 to syslinux.efi for the new UEFI machines. Then I restarted the dhcp server.
edit: removed spam part