Setting Up a PXE Boot Server on SUSE Linux

Have you ever needed to install operating systems on multiple machines without using physical media like USB drives or DVDs? PXE (Preboot Execution Environment) booting allows computers to boot and load their operating system over a network connection. This comprehensive guide walks you through building a complete PXE boot server on SUSE Linux using dnsmasq, TFTP, and HTTP.

Why PXE Boot?

PXE booting is incredibly useful for various scenarios:

• Mass Deployments: Install OS on multiple machines simultaneously
• Diskless Workstations: Run computers without local hard drives
• Recovery Environments: Boot into diagnostic or recovery tools
• HCI Clusters: Deploy hyperconverged infrastructure like Harvester across multiple nodes
• Testing: Quickly test different OS images without reinstalling

Architecture Overview

Understanding how PXE boot works is essential. Here's the flow:

Client Machine                PXE Server
     |                             |
     |---(1) DHCP Request-------->|
     |<--(2) DHCP Offer + PXE-----|  (dnsmasq)
     |                             |
     |---(3) TFTP Request-------->|
     |<--(4) Boot Files------------|  (TFTP)
     |                             |
     |---(5) HTTP Request-------->|
     |<--(6) OS Image/Kernel------|  (HTTP)
     |                             |
     [System Boots]

Why dnsmasq?

dnsmasq is a lightweight, all-in-one DNS and DHCP server perfect for PXE environments. It combines multiple services in a single daemon, reducing complexity and making maintenance simpler. It even includes an optional built-in TFTP server!

Installation

Let's start by installing all necessary software:

# Update system packages
sudo zypper refresh && sudo zypper update

# Install required packages
sudo zypper install dnsmasq tftp atftp apache2 syslinux

Configuring dnsmasq (DNS and DHCP)

dnsmasq will handle both DNS and DHCP services. First, backup the default configuration:

sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.backup

Basic Configuration

Create /etc/dnsmasq.conf with the following:

# Network interface
interface=eth0
bind-interfaces

# Domain
domain=smclab.local

# DHCP range and lease time
dhcp-range=192.168.1.100,192.168.1.200,255.255.255.0,12h

# Gateway
dhcp-option=3,192.168.1.1

# DNS servers
dhcp-option=6,192.168.1.10,8.8.8.8

# Enable DHCP logging
log-dhcp

# PXE boot configuration
dhcp-boot=pxelinux.0,pxeserver,192.168.1.10

# TFTP server address
dhcp-option=66,192.168.1.10

UEFI and BIOS Support

For environments with both UEFI and legacy BIOS systems, add architecture detection:

# Detect client architecture
dhcp-match=set:efi-x86_64,option:client-arch,7
dhcp-match=set:efi-x86_64,option:client-arch,9
dhcp-match=set:bios,option:client-arch,0

# Boot files
dhcp-boot=tag:efi-x86_64,bootx64.efi
dhcp-boot=tag:bios,pxelinux.0

Start dnsmasq

# Enable and start service
sudo systemctl enable dnsmasq
sudo systemctl start dnsmasq

# Configure firewall
sudo firewall-cmd --permanent --add-service=dns
sudo firewall-cmd --permanent --add-service=dhcp
sudo firewall-cmd --reload

TFTP Server Configuration

TFTP delivers the initial boot files to clients. Configure the TFTP server:

# Edit /etc/sysconfig/atftp
ATFTPD_OPTIONS="--daemon --no-multicast"
ATFTPD_DIRECTORY="/srv/tftpboot"
ATFTPD_BIND_ADDRESSES="192.168.1.10"

Create TFTP Structure

# Create directories
sudo mkdir -p /srv/tftpboot/pxelinux.cfg

# Copy boot files
sudo cp /usr/share/syslinux/pxelinux.0 /srv/tftpboot/
sudo cp /usr/share/syslinux/menu.c32 /srv/tftpboot/
sudo cp /usr/share/syslinux/ldlinux.c32 /srv/tftpboot/
sudo cp /usr/share/syslinux/libutil.c32 /srv/tftpboot/

# Set permissions
sudo chmod -R 755 /srv/tftpboot

Create Boot Menu

Create /srv/tftpboot/pxelinux.cfg/default:

DEFAULT menu.c32
PROMPT 0
TIMEOUT 300
ONTIMEOUT local

MENU TITLE PXE Boot Menu

LABEL local
    MENU LABEL Boot from ^Local Drive
    MENU DEFAULT
    LOCALBOOT 0

LABEL opensuse-leap
    MENU LABEL Install ^openSUSE Leap 15.6
    KERNEL opensuse/linux
    APPEND initrd=opensuse/initrd install=http://192.168.1.10/images/opensuse-leap-15.6

Enable TFTP Service

sudo systemctl enable atftpd
sudo systemctl start atftpd
sudo firewall-cmd --permanent --add-service=tftp
sudo firewall-cmd --reload

HTTP Server for OS Images

While TFTP handles boot files, HTTP is much faster for large installation images.

# Create directory structure
sudo mkdir -p /srv/www/htdocs/images/opensuse-leap-15.6
sudo mkdir -p /srv/www/htdocs/images/harvester

# Enable Apache
sudo systemctl enable apache2
sudo systemctl start apache2

# Configure firewall
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload

Prepare OS Images

Example for openSUSE Leap:

# Download ISO
wget https://download.opensuse.org/distribution/leap/15.6/iso/openSUSE-Leap-15.6-NET-x86_64.iso

# Mount and copy
sudo mkdir -p /mnt/iso
sudo mount -o loop openSUSE-Leap-15.6-NET-x86_64.iso /mnt/iso

# Copy kernel and initrd
sudo mkdir -p /srv/tftpboot/opensuse
sudo cp /mnt/iso/boot/x86_64/loader/linux /srv/tftpboot/opensuse/
sudo cp /mnt/iso/boot/x86_64/loader/initrd /srv/tftpboot/opensuse/

# Copy full image
sudo cp -r /mnt/iso/* /srv/www/htdocs/images/opensuse-leap-15.6/

sudo umount /mnt/iso

Automation with Harvester HCI

Harvester is a hyperconverged infrastructure platform built on Kubernetes. You can automate cluster deployment using YAML configuration files.

CREATE Mode (First Node)

Create /srv/www/htdocs/harvester/config-create.yaml:

scheme_version: 1
token: my-secret-token-change-this
os:
  hostname: harvester-node1
  password: MySecurePassword123!
  
install:
  mode: create
  management_interface:
    method: dhcp
  device: /dev/sda
  data_disk: /dev/sda

JOIN Mode (Additional Nodes)

Create /srv/www/htdocs/harvester/config-join.yaml:

scheme_version: 1
server_url: https://192.168.1.100:443
token: my-secret-token-change-this
os:
  hostname: harvester-node2
  password: MySecurePassword123!
  
install:
  mode: join
  management_interface:
    method: dhcp
  device: /dev/sda
  data_disk: /dev/sda

Troubleshooting

Client Doesn't Get IP Address

Solutions:

• Verify dnsmasq is running: systemctl status dnsmasq
• Check firewall: firewall-cmd --list-services
• Verify network interface in dnsmasq.conf
• Check logs: journalctl -u dnsmasq -f

TFTP Timeout Errors

Solutions:

• Verify TFTP server is running: systemctl status atftpd
• Check TFTP directory permissions: ls -la /srv/tftpboot
• Verify boot files exist: ls -la /srv/tftpboot/pxelinux.0
• Test TFTP: tftp 192.168.1.10 -c get pxelinux.0

Installation Fails

Solutions:

• Verify HTTP server is running: systemctl status apache2
• Test URL: curl http://192.168.1.10/images/
• Check Apache logs: tail -f /var/log/apache2/error_log

Monitoring and Maintenance

Keep your PXE server healthy with regular monitoring:

# Monitor all services
sudo journalctl -f -u dnsmasq -u atftpd -u apache2

# Check DHCP leases
sudo cat /var/lib/misc/dnsmasq.leases

# Test configuration
sudo dnsmasq --test

# View disk usage
df -h /srv/tftpboot /srv/www/htdocs

Conclusion

You now have a fully functional PXE boot server capable of deploying operating systems across your infrastructure. This setup is perfect for mass deployments, diskless workstations, and building hyperconverged infrastructure clusters with Harvester HCI.

Next Steps:

• Deploy a Harvester HCI cluster using PXE automation
• Customize AutoYaST profiles for different system roles
• Add more operating systems to your boot menu
• Integrate with configuration management tools
• Set up monitoring and alerting for PXE activity