HTTP+UEFI Katello

Problem: Templates using with HTTP +UEFI boot

Foreman and Proxy versions:3.16

Hello,
I’m planning to use HTTP+UEFI for loading CentOS8.
Please let me know which Templates I have to use, how to setup httpboot and how to setup dhcp for http boot

Thanks
Laxman

Hello,

https://docs.theforeman.org/master/Provisioning_Guide/index-foreman.html#creating-hosts-with-uefi-http-boot-provisioning_provisioning

however we have just discovered that our installer does not set up everything for DHCP correctly, there is a fix:

We will likely backport this into the release. In the meantime, you can modify your dhcpd.conf manually to have this snippet:

1 Like

I’ll try and let you know

Thanks
Laxman

still not working.
I changed dhcpd.conf as below

[root@ol07stl00 ~]# cat /etc/dhcp/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
authoritative;
allow booting;
allow bootp;

option space pxelinux;
option pxelinux.magic code 208 = string;
option pxelinux.configfile code 209 = text;
option pxelinux.pathprefix code 210 = text;
option pxelinux.reboottime code 211 = unsigned integer 32;
option architecture-type code 93 = unsigned integer 16;


omapi-port 7911;
#Optional key:
key omapi_key {
algorithm HMAC-MD5;
         secret "HW5mZLCh4oUX0YjwKSOPBw/QFgrPJV9fghMAFx4om9T2uaTCXlfDyXZTr8SdSsjysYkGNsjAVViLB2Q2ti5wAQ==";
            }
omapi-key omapi_key;

subnet 201.201.9.0 netmask 255.255.255.0 {
  option routers 201.201.9.2;
  range 201.201.9.180  201.201.9.250;

  if exists user-class and option user-class = "iPXE" {
           filename "https://ol07stl00.sstech.com/unattended/iPXE";
          } else {
                  filename "pxelinux.0";
          }

  class "pxeclients" {
      match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
      next-server 201.201.9.18;

       if option architecture-type = 00:00 {
         filename "pxelinux.0";
       } else if option architecture-type = 00:09 {
             filename "grub2/grubx64.efi";
       } else if option architecture-type = 00:07 {
            filename "grub2/grubx64.efi";
       } else if option architecture-type = 00:06 {
            filename "grub2/grubx64.efi";
       } else {
            filename "pxelinux.0";
       }

   }

   set vendor-string = option vendor-class-identifier;
    log-facility local7;
    include "/etc/dhcp/dhcpd.hosts";



   class "httpclients" {
        match if substring(option vendor-class-identifier, 0, 10) = "HTTPClient";
        option vendor-class-identifier "HTTPClient";
        if option architecture-type = 00:0F {
           filename "http://201.201.9.18:8000/EFI/grub2/shimia32.efi";
         } else if option architecture-type = 00:10 {
        filename "http://201.201.9.18:8000/EFI/grub2/shim.efi";
        }
     }


      default-lease-time 21600;
      max-lease-time 43200;
      next-server 201.201.9.18;

 }

I used Kickstart Default PXEGRUB2 and kickstart templates for provision.Added HTTPBoot Proxy to subnet. httpboot is enabled in foreman-proxy.

Got below when load OS. didn’t get IP and load OS.

used pxe loader as Grub2 UEFI HTTP

Please let me know where I did missing

Thanks
Laxman

I don’t know VMWare, but for QEMU/KVM EFI HTTP Boot is a separate boot option. EFI Network usually means PXE/EFI while HTTPBoot is a different booting method. Quick google does not give me any results, is HTTP Boot even supported by VMWare? @ezr-ondrej would you mind taking a look in a VM BIOS/EFI for such option?

To the best of my knowledge no, at leas not easily: https://ipxe.org/howto/vmware

We currently use the iPXE chainload method, as the above steps seemed too cumbersome in a large and dynamic setup.
My todo is to just test/use the iPXE binary directly instead of the pxelinux.0, and then my plan was to test the HTTPBoot feature, as we have more and more physical servers that doesn’t ship with BIOS support anymore.

Wait, you are mixing two things.

HTTP UEFI boot is a tech present in EFI 2.1 or higher specification and allows booting over DHCP/HTTP. No PXE/TFTP required.

iPXE HTTP boot is something completely different, that works both for BIOS and EFI.

This thread is about the former. At least my responses :slight_smile:

HTTP support was first added in the EFI 2.5 specification, together with DNS, TLS and other stuff, right?
But it is still only able to fetch a Network Boot Program (NBP), such as “grub2” or iPXE, which in turn may use its supported methods to fetch the needed kernel.

It is likely that I have mixed something. But I believe that I just wasn’t explicitly enough about what I was trying to say.

OP mentioned he used “pxe loader as Grub2 UEFI HTTP”, so I assume that he is PXE loading the grub2 shim and then using it to download the kernel through its HTTP URI method?

I guess what I was trying to say was just that: VMware’s EFI firmware doesn’t support HTTP boot, as suggested by the iPXE wiki, the lack of documentation on the feature in their GitHub repo and my limited personal experience.
The only option that I know of, is regular TFTP, and thus it doesn’t make sense to talk about HTTP UEFI boot, at least in the context of VMware EFI firmware.

The rest of my comment was just me rambling on how I’m doing it now, and how I’m planning to migrate to pure iPXE, which I guess doesn’t really adds value to this thread, so just disregard that part :slight_smile:

Well, from what I can see in the codebase VMWare firmware is based on EDK2 and that project is capable of UEFI HTTP boot for sure. I’ve tested this myself on libvirt or oVirt. However, they might be using an old version or turning that capability off.

Anyway, my point was just that iPXE and HTTP UEFI boot are two different things. I like others to be explicit so I don’t spend time investigating something when a reporter actually mean something else.

Yeah, 2.5 or 2.1… sometime near that version, don’t remember :slight_smile: