Complete Guide to Setting Up PXE and Unattended Installation on ARM64 Architecture Servers

Environment Information

  • PXE Server IP: <span>10.1.100.97</span>

  • Gateway: <span>10.1.100.1</span>

  • DHCP Address Pool: <span>10.1.100.91</span> to <span>10.1.100.93</span>

  • System Architecture: aarch64 (ARM64)

Step 1: Environment Preparation

1.1 Set Static IP

Ensure your PXE server has a static IP <span>10.1.100.97</span>.

# Please replace eth0 with your actual network interface name
nmcli connection modify eth0 ipv4.addresses 10.1.100.97/24
nmcli connection modify eth0 ipv4.gateway 10.1.100.1
nmcli connection modify eth0 ipv4.dns "10.1.100.1"
nmcli connection modify eth0 ipv4.method manual
nmcli connection up eth0

1.2 Disable Firewall and SELinux (Testing Environment)

To simplify configuration, we will disable them. In a production environment, please open ports as needed.

setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

systemctl stop firewalld
systemctl disable firewalld

Step 2: Install and Configure Dnsmasq (DHCP + TFTP)

2.1 Install Required Software

You already have <span>dnsmasq</span>, we also need <span>httpd</span> to provide the installation source.

dnf install -y httpd

2.2 Configure Dnsmasq

Create a new, clean configuration file, ensuring correct syntax is used.

cat > /etc/dnsmasq.conf <<EOF
# Network interface to listen on (please replace eth0 with your actual network interface name)
interface=eth0

# DHCP configuration (use your specified address pool and gateway)
dhcp-range=10.1.100.91,10.1.100.93,12h
dhcp-option=option:router,10.1.100.1
dhcp-option=option:dns-server,10.1.100.1
# Use numeric code 28 to specify broadcast address for better compatibility
dhcp-option=28,10.1.100.255

# PXE Boot configuration (for aarch64 UEFI)
dhcp-match=set:efi-aarch64,option:client-arch,11
dhcp-match=set:efi-aarch64,option:client-arch,19
dhcp-boot=tag:efi-aarch64,efi/grubaa64.efi

# Enable TFTP service
enable-tftp
tftp-root=/var/lib/tftpboot

# Enable logging (optional, for troubleshooting)
log-queries
log-dhcp
EOF

2.3 Start Dnsmasq

systemctl enable --now dnsmasq
systemctl status dnsmasq  # Ensure status is active (running)

Step 3: Prepare Boot Files

3.1 Download and Mount boot.iso

# Download boot.iso
wget http://mirrors.aliyun.com/rockylinux/10.0/isos/aarch64/Rocky-10.0-aarch64-boot.iso

# Create mount point and mount
mkdir -p /mnt/iso
mount -o loop Rocky-10.0-aarch64-boot.iso /mnt/iso

3.2 Copy Boot Files to TFTP Directory

# Create TFTP directory and set permissions
mkdir -p /var/lib/tftpboot/efi
chown -R nobody:nobody /var/lib/tftpboot

# Copy UEFI bootloader, kernel, and initial RAM disk
cp /mnt/iso/EFI/BOOT/grubaa64.efi /var/lib/tftpboot/efi/
cp /mnt/iso/images/pxeboot/vmlinuz /var/lib/tftpboot/
cp /mnt/iso/images/pxeboot/initrd.img /var/lib/tftpboot/
chmod 755 /var/lib/tftpboot/efi/grubaa64.efi
mkdir /tftpboot/efi
ln -sf /var/lib/tftpboot/efi/grubaa64.efi /tftpboot/efi/grubaa64.efi

cp -r /mnt/iso/EFI/BOOT /var/lib/tftpboot/
chown -R nobody:nobody /var/lib/tftpboot/BOOT
chmod -R 755 /var/lib/tftpboot/BOOT

Step 4: Configure HTTP Installation Source

We will use <span>httpd</span> to provide the complete installation system files.

# Create installation source directory
mkdir -p /var/www/html/rocky10

# Copy all mounted ISO content
rsync -avzH /mnt/iso/ /var/www/html/rocky10/

# Change permissions, if you are using nginx, use chown -R nginx:nginx /var/www/html/rocky10
chown -R apache:apache /var/www/html/rocky10

# Start and enable httpd to run on boot
systemctl enable --now httpd

Step 5: Create Kickstart File (Core of Unattended Installation)

5.1 Create <span>ks.cfg</span> File

This is an “answer file” for automated installation.

cat > /var/www/html/ks.cfg << 'EOF'
# Rocky Linux 10 Unattended Installation Kickstart File (Final Successful Version v12 - Allows Root Remote Login)

# Main installation source points to BaseOS
url --url="http://10.1.100.97/rocky10/BaseOS/"
repo --name="AppStream" --baseurl="http://10.1.100.97/rocky10/AppStream/"

text
lang en_US.UTF-8
keyboard --vckeymap=us --xlayouts='us'
timezone Asia/Shanghai
services --disabled=chronyd

network --bootproto=dhcp --device=link --activate
rootpw --plaintext Apple2009@

# --- Correct bootloader command for UEFI ---
bootloader --location=none

# --- Disk partitioning configuration ---
ignoredisk --only-use=vda
clearpart --all --initlabel

# Create standard partitions
part /boot/efi --fstype=efi --size=500 --ondisk=vda
part /boot --fstype=ext4 --size=1024 --ondisk=vda

# Create LVM physical volume, using all remaining space
part pv.01 --grow --ondisk=vda

# Create volume group and logical volumes
volgroup rocky --pesize=4096 pv.01
logvol / --vgname=rocky --name=root --size=40960 --fstype=ext4
logvol swap --vgname=rocky --name=swap --size=2048 --fstype=swap
logvol /home --vgname=rocky --name=home --size=1024 --grow --fstype=ext4

%packages
@core
@standard
%end

%post --log=/root/ks-post.log
# --- Automatically configure SSH to allow root login after installation ---
# 1. Use sed command to modify /etc/ssh/sshd_config file
#    -i means to modify the file directly
#    's/^#\?PermitRootLogin.*/PermitRootLogin yes/' this regex will find
#      the line starting with '#' or not and replace it with 'PermitRootLogin yes'
sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config

# 2. Ensure SSH service starts automatically on system boot (although usually default, explicitly specifying is more reliable)
systemctl enable sshd

echo "Kickstart installation completed successfully!" > /etc/motd
%end

reboot
EOF

5.2 Set File Permissions

chmod 644 /var/www/html/ks.cfg
chown apache:apache /var/www/html/ks.cfg

Step 6: Configure GRUB Boot Menu

Create a GRUB configuration file that points to the Kickstart file.

cat > /var/lib/tftpboot/efi/grub.cfg <<EOF
setdefault="0"
settimeout=5

# Unattended installation menu item (default)
menuentry "Install Rocky Linux 10 aarch64 (Automated)" {
    linux /vmlinuz inst.repo=http://10.1.100.97/rocky10/ inst.ks=http://10.1.100.97/ks.cfg
    initrd /initrd.img
}

# Keep a manual installation menu item for emergencies
menuentry "Install Rocky Linux 10 aarch64 (Manual)" {
    linux /vmlinuz inst.repo=http://10.1.100.97/rocky10/
    initrd /initrd.img
}
EOF

chown nobody:nobody /var/lib/tftpboot/efi/grub.cfg
chmod 644 /var/lib/tftpboot/efi/grub.cfg

Step 7: Final Check and Client Testing

7.1 Check Service Status

Ensure all critical services are running:

systemctl status dnsmasq
systemctl status httpd

7.2 Verify File Accessibility

Run the following commands on the server to ensure clients can access critical files over the network:

# Check Kickstart file
curl http://10.1.100.97/ks.cfg

# Check installation source
curl http://10.1.100.97/rocky10/

7.3 Boot Client

  1. Connect your aarch64 client to the same network.

  2. Power on and enter BIOS/UEFI settings, select network boot (PXE Boot).

  3. The client will automatically obtain an IP (<span>10.1.100.91-93</span> one of them), load the GRUB menu, and default to selecting the “Automated” item to start the unattended installation.

  4. The entire process requires no manual intervention, and the system will automatically reboot after installation is complete.

Leave a Comment