Tuesday, July 19, 2016

install ubuntu on uefi mode over network

*** on server

1- install necessary packages
$ sudo apt-get install dnsmasq ipxe apache2

2- create a working directory and copying file
$ mkdir ~/ubuntunetinstall-efi && cd ~/ubuntunetinstall-efi
$ cp /usr/lib/ipxe/ipxe.efi ~/ubuntunetinstall-efi 

3- create script file to start our tftp, dhcp name it as ~/ubuntunetinstall-efi /dnsmasq-ipxe.sh with content below
 #/bin/bash
dnsmasq -i vmnet2 --dhcp-range=192.168.13.100,192.168.13.200 \
    --dhcp-boot=ipxe.efi \
    --enable-tftp --tftp-root=~/ubuntunetinstall-efi/ -d -p0 -K --log-dhcp --bootp-dynamic


4- run the script to start ipxe server
$ sudo sh ~/ubuntunetinstall-efi/dnsmasq-ipxe.sh

5- ipxe will get kernel and initram from http server, so we will put the kernel and initram in the apache2 root directory (/var/www/html)
$ cd /var/www/html/

- download linux kernel and initram from ubuntu repository:
ubuntu have released serveral versions of ubuntu,  so you choose the one of them, some of the latest are precise, trusty, xenial and yakkety

- example downloading yakkety
$ export dist=yakkety
$ wget wget http://archive.ubuntu.com/ubuntu/dists/$dist/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux
$ wget http://archive.ubuntu.com/dists/$dist/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz


6- create ipxe boot file /var/www/html/boot.ipxe with the following content
#!ipxe
kernel linux initrd=initrd.gz
initrd initrd.gz initrd=initrd.gz
boot


*** on client
when you use uefi (secure boot)  and boot from network
the you will get ipxe message, then press ctrl+b to get to ipxe shell
on the shell use the following command
ipxe> ifconf   (get ip assigned from dhcp server)
ipxe> kernel http://192.168.13.1/boot.ipxe (file we create in the previous step)
ipxe> boot

-screenshot of ipxe shell


***note
- if you test with vmware add the following line to file vmx
firmware="efi"

- you can use command below to check whether the kernel is efi signed or not
$ sbverify --no-verify /var/www/html/linux
Signature verification OK



No comments:

Post a Comment