ESXi Server Deployment Made Easy: A Guide to Installing and Configuring with ESXi-Foreman PXE Deploy
09:06, 04.04.2024
ESXi is an enterprise-level virtualization tool. It can manage virtual machines more efficiently than some services we are accustomed to. VMware’s ESXi server is installed right onto the computer, without the host’s operating system. Then the server can direct the hardware resources, and generate copies of virtual hardware for their management.
There are two installation methods for ESXi: through Legacy or UEFI. For this guide, we’re going to use Legacy.
Simplifying ESXi Server Deployment: Legacy Installation Mode
Legacy mode needs to be installed for the older systems that don’t support UEFI (Unified Extensible Firmware Interface).
In this step, we are going to approach ESXi server deployment through Legacy mode installation through a VMware ESXi 8.0 hypervisor. You need to have Foreman software installed beforehand; if you don’t, you can follow the instruction manual for installing Foreman. But if you do have it installed, we’ll proceed.
First, we need to create an operating system. Open Foreman, and click on Create Operating System. There, insert the following:
Name - ESXi-6.7.0-8169922 (ESXi-{OS Version}-{Build Number})
Major version - 6
Minor version - 7
Description - ESXi-6.7.0-8169922
Family - Redhat
Root pass hash -SHA512
Architectures - x86_64
You have created an operating system image.
Configuring with Templates: A Descriptive Approach
Then, we need to create a PXELinux template (name - ESXi-6.7.0-8169922) and a kickstart template (name - ESXi Minimal Kickstart).
For the PXELinux template, insert the following:
DEFAULT ESXi
NOHALT 1
LABEL ESXi
KERNEL ../boot/ESXi-6.7.0-8169922/mboot.c32
APPEND -c ../boot-ESXi-6.7.0-8169922.cfg ks=<%= foreman_url("provision") %>
IPAPPEND 2
For the kickstart template, insert the following:
vmaccepteula
keyboard 'US Default'
reboot
rootpw --iscrypted <%= root_pass %>
install --firstdisk --overwritevmfs --novmfsondisk
# Set the network to DHCP on the first network adapter
network --bootproto=dhcp --device=<%= @host.mac %>
%post --interpreter=busybox
# Add temporary DNS resolution so the foreman call works
echo "nameserver <%= @host.subnet.dns_primary %>" >> /etc/resolv.conf
# Inform Foreman that we are done.
wget -O /dev/null <%= foreman_url('built') %>
echo "Done with Foreman call"
For this template, you need to change the template type to “Provisioning template” in the Type tab of the template settings.
Now we need to set both templates as default, by selecting them in the Templates section.
Then we need to the image of the operating system to the Foreman, but before we do that, we have to extract the contents of this image, which can be found through the /var/lib/tftpboot/tftpboot/boot/esxi/8.0 directory.
Instead of creating a separate instance of ESXi installation in Legacy mode, but made a few changes in configuration file (/usr/share/foreman/app/models/concerns/pxe_loader_support.rb.):
def all_loaders_map(precision = 'x64')
{
"None" => "",
"PXELinux BIOS" => "pxelinux.0",
"PXELinux UEFI" => "pxelinux.efi",
"PXELinux Alt BIOS" => "syslinux386/pxelinux.0", # Add this line
…
The configuration file looks the following way in Legacy:
TIMEOUT 10
DEFAULT default_PXELinux_ESXI
LABEL default_PXELinux_ESXI
KERNEL boot/esxi/8.0/mboot.c32
APPEND -c boot/esxi/8.0/boot2.cfg ks=http://address of the server from which we get the file with autosettings/unattended/provision
IPAPPEND 2
As for the bootloader, we used a universal one that is compatible with different operating systems. After the server reboots, the installation will start.
The system then will turn to the server hosting’s kickstart file (ks=http://server’s address/unattended/provision), which includes automated settings.
If ESXi supports your hardware, the installation will go smoothly. In the end, you get a fully operational OS with two users with root access.
What does the provisioning template do?
The provisioning template does the following:
- Allows managing network settings.
- Installs the system on the disk.
- Ignores errors.
- Specifies the name of the server and the password for the user with root access.
- Allows adding one more user for root privileges.
- Configures the firewall.
Streamlining the Process: Installing ESXi in UEFI Mode
VMware ESXi operating system can be installed in both Legacy and UEFI modes. So, if the name of the operating system image contains ESXi, the configuration will be copied and LiveCD will start running.
When LiveCD boots, you’ll see the script specifying the details of the disk the OS needs to be installed on. There, you need to specify the desired disk (preferably not that large, but with a minimum 20 GB of space), and check if it has parameters called “logical volume” or “volume group” - if they are present make sure to delete them from the disk.
After the disk is cleared, the system will create a partition for the UEFI bootloader to start running. The creation of the partition looks like this:
parted -s /dev/${INST_DRIVE} mklabel gpt mkpart fat32 1MiB 1GiB set 1 esp on
EFI_PART=$(lsblk -l | grep "${INST_DRIVE}" | grep part | awk '{print $1}')
mkdir -p /mnt/{iso,efipart,wim}
wget ${medium_uri}/${branch}/esxi${os_version}pe.iso
mount -o loop esxi${os_version}pe.iso /mnt/iso
mkfs.fat -F32 /dev/$EFI_PART
mount /dev/$EFI_PART /mnt/efipart
mkdir -p /mnt/efipart/EFI/redhat/
mkdir -p /mnt/efipart/kickstart
rsync -r /mnt/iso/ /mnt/efipart/
cp /mnt/efipart/EFI/BOOT/BOOTX64.EFI /mnt/efipart/EFI/redhat/grubx64.efi
cp /mnt/efipart/EFI/BOOT/CRYPTO64.EFI /mnt/efipart/EFI/redhat/crypto64.efi
cp /mnt/efipart/EFI/BOOT/SAFEBOOT.EFI /mnt/efipart/EFI/redhat/safeboot.efi
cp /mnt/efipart/boot.cfg /mnt/efipart/EFI/redhat/boot.cfg
curl -s "<http://$>{foreman_fqdn}/unattended/provision?token=${foreman_token}" >> /mnt/efipart/kickstart/ks.cfg
tar -czf /mnt/efipart/kickstart.gz --directory=/mnt/efipart kickstart
###sed -i "s#kernelopt=runweasel cdromBoot#kernelopt=ks=file://kickstart/ks.cfg#g" /mnt/efipart/EFI/redhat/boot.cfg ##for 7.3
sed -i "s#^kernelopt.*#kernelopt=ks=file://kickstart/ks.cfg#g" /mnt/efipart/EFI/redhat/boot.cfg
sed -ie 's#^modules.*$#& --- /kickstart.gz#g' /mnt/efipart/EFI/redhat/boot.cfg
umount /mnt/iso
rm esxi${os_version}pe.iso
/usr/bin/env wget --no-proxy --quiet --output-document=/dev/null --no-check-certificate "<http://$>{foreman_fqdn}/unattended/built?token=${foreman_token}"
umount /mnt/efipart
sync
fi
reboot
It does the following:
- Creates a 1 GB partition.
- Transfers an ISO image to /mnt/efipart/ and further mounts it in /mnt/iso.
- Ensures the correct functioning of the Foreman loader through a directory structure.
- Extracts the content of the provisioning template in Foreman and puts it in the /mnt/efipart/kickstart/ks.cfg configuration file.
- Archives the configuration file and adds it to the ESXi modules in the UEFI section.
- Adds new module information to the “boot” configuration file.
- Unmounts the partition and deletes an ISO image.
- Sends a request to the Foreman to start the installation process.
- Guides a server towards rebooting.
After the server reboots, the UEFI partition becomes a prioritized source of receiving the data. At this stage, Foreman starts searching for partition (in our case it’s RedHat, which we specified in the Family section when creating the OS).
Then the Foreman finds it (in this case, RedHat partition), it sends a signal to the system to start the ESXi installation. The system then will start to unpack updated modules and configuration files, which guide the system on how it should be installed and configured.
And again, if the hardware is supported by the ESXi hypervisor the system will be installed with no errors.
Key Takeaways on ESXi-Foreman PXE Deploy
With ESXi-Foreman PXE deployment, it is easy to automate the installation and configuration of ESXi virtual servers. It also provides stable grounds for managing and controlling all of the deployment stages (even if approached remotely).
ESXi-Foreman allows for shortening the time of deployment and reducing potential errors and provides extensive integration with other tools and systems for different virtualization scenarios.