Hi,
this post describes the silently installing of a ESXi server by a iPXE HTTP remote boot.
Installserver Debian 11 (10.10.220.10):
root@debdev ~ # apt install gnupg2 git root@debdev ~ # wget https://nginx.org/keys/nginx_signing.key root@debdev ~ # apt-key add nginx_signing.key
root@debdev ~ # vi /etc/apt/sources.list.d/nginx.list
deb https://nginx.org/packages/mainline/debian/ bullseye nginx
deb-src https://nginx.org/packages/mainline/debian/ bullseye nginx
root@debdev ~ # apt update root@debdev ~ # apt install nginx isc-dhcp-server
nginx root to /var/www/html and restrict access, allow access to /esxi and /esxi-ks for the whole subnet.
root@debdev ~ # vi /etc/nginx/conf.d/default.conf
...
location / {
# root /usr/share/nginx/html;
root /var/www/html;
deny all;
index index.html index.htm;
}
location ~ ^/esxi/ {
autoindex off;
root /var/www/html;
allow 10.10.220.0/24;
deny all;
}
location ~ ^/esxi-ks/ {
autoindex off;
root /var/www/html;
allow 10.10.220.0/24;
deny all;
}
...
Copy ESXi ISO to Installaserver
pscp D:\Install\VMware-ESXi-7.0.3.update03-19193900-Fujitsu-v530-1.iso root@10.10.220.10:/root
Extract files
root@debdev ~ # mkdir /mnt/loop root@debdev ~ # mount -o loop /root/VMware-ESXi-7.0.3.update03-19193900-Fujitsu-v530-1.iso /mnt/loop
Create folder in html root/esxi with version and build number
root@debdev ~ # mkdir -p /var/www/html/esxi/ESXi-7.0.3-19193900 root@debdev ~ # mkdir -p /var/www/html/esxi-ks/
Copy files from iso
root@debdev ~ # cp -r /mnt/loop/* /var/www/html/esxi/ESXi-7.0.3-19193900
Copy the bootloader. Copy bootx64.efi from the latest ESXi installationfiles. The bootloader has backward compatibility.
root@debdev ~ # cp /var/www/html/esxi/ESXi-7.0.3-19193900/efi/boot/bootx64.efi /var/www/html/esxi/mboot.efi
Modify boot.cfg, edit module pathes, kernel parameters, set prefix URL to your webserver server…
root@debdev ~ # chmod u+w /var/www/html/esxi/ESXi-7.0.3-19193900/boot.cfg root@debdev ~ # vi /var/www/html/esxi/ESXi-7.0.3-19193900/boot.cfg
Remove all leading slashes from the filenames at parameters kernel= and modules=. Example
kernel=/b.b00 to kernel=b.b00
modules=/jumpstrt.gz --- /useropts.gz --- /features.gz... to modules=jumpstrt.gz --- useropts.gz --- features.gz
Usually / are only used by these both options so you can simply replace them
root@debdev ~ # sed -e's/\///g' /var/www/html/esxi/ESXi-7.0.3-19193900/boot.cfg --in-place=.bak
Then add URL of the installation source
prefix=http://10.10.220.10/esxi/ESXi-7.0.3-19193900
From the kernelopt= option remove cdromBoot
kernelopt=runweasel
To use a silent/scripted installation add the ks= option to kernelopt= option and created the file (see above, later in the post)
kernelopt=runweasel ks=http://10.10.220.10/esxi-ks/ks.cfg
root@debdev ~ # touch /var/www/html/esxi-ks/ks.cfg
Setup Boot with UEFI, iPXE and http
The boot with iPXE has two steps. First iPXE must be booted by UEFI PXE from the computer, the second step iPXE sends also PXEboot request to the DHCP Serverwith a Userclass iPXE, dnsmasq recognize these requests and initiate the boot of mboot.efi.
Install dnsmasq and build tools.
root@debdev ~ # apt install dnsmasq build-essential
Get and build iPXE
michael@debdev ~ # git clone https://github.com/ipxe/ipxe.git michael@debdev ~ # cd ipxe/src michael@debdev ~/ipxe/src # make bin-x86_64-efi/snponly.efi ... [LD] bin-x86_64-efi/snponly.efi.tmp [FINISH] bin-x86_64-efi/snponly.efi
Create a /tftpboot folder and copy the file to
root@debdev ~ # mkdir /tftpboot root@debdev ~ # cp /home/michael/ipxe/src/bin-x86_64-efi/snponly.efi /tftpboot
also copy the ESXi boot loader bootx64.efi to mboot.efi
root@debdev ~ # cp /var/www/html/esxi/ESXi-7.0.3-19193900/efi/boot/bootx64.efi /tftpboot/mboot.efi
Create a dnsmasq config /etc/dnsmasq.conf
# Disable DNS Server
port=0
# Enable DHCP logging
log-dhcp
log-debug
log-facility=/tmp/dns.log
# Set the root directory for files available via FTP.
enable-tftp
tftp-root=/tftpboot
dhcp-no-override
# Respond to PXE requests for the specified network;
# run as DHCP proxy
dhcp-range=10.10.220.0,proxy,255.255.255.0
dhcp-match=set:efi-ipxe-http,option:client-arch,7
dhcp-match=set:efi-ipxe-http,option:client-arch,9
# set tag "iPXEBoot" if request comes from iPXE ("iPXE" user class)
dhcp-userclass=set:iPXEBoot,iPXE
# The boot filename, Server name, Server Ip Address
# BIOS
# dhcp-boottag:=bios-ipxe-http,undionly.kpxe,,10.10.220.10
# UEFI
# dhcp-boot=tag:efi-ipxe-http,snponly.efi
# If no server is specified then the PXE is used to search for the files, also http
# boot iPXE first
dhcp-boot=tag:!iPXEBoot,snponly.efi
pxe-service=tag:!iPXEBoot,BC_EFI, "Network boot", snponly.efi
pxe-service=tag:!iPXEBoot,X86-64_EFI, "Network boot", snponly.efi
# when iPXE has booted, boot mboot.efi as second stage
dhcp-boot=tag:iPXEBoot,mboot.efi -> boots http
pxe-service=tag:iPXEBoot,BC_EFI, "Network boot",mboot.efi
pxe-service=tag:iPXEBoot,X86-64_EFI, "Network boot",mboot.efi
There is an option to boot all Hosts from the same installer. Then copy boot.cfg and mboot.efi to the same directory
root@debdev ~ # cp /var/www/html/esxi/ESXi-7.0.3-19193900/boot.cfg /tftpboot
Or if want to create a boot directory for each host individually: Create an directory with the MAC Address and copy the boot.cfg file to it. Note the leading 01 prefix right before the MAC address in the folder name.
root@debdev ~ # mkdir /tftpboot/01-11-22-33-44-55-66 root@debdev ~ # cp /var/www/html/esxi/ESXi-7.0.3-19193900/boot.cfg /tftpboot/01-11-22-33-44-55-66
Then create a default ks script: /var/www/html/esxi-ks/ks.cfg.
# Accept the VMware End User License Agreement
vmaccepteula
# Set the root password for the DCUI and Tech Support Mode
rootpw myp@ssw0rd
# Install on the first local disk available on machine
install --firstdisk=local --overwritevmfs
keyboard German
# Set the network to DHCP on the first network adapter
network --bootproto=dhcp --device=vmnic0
To execute an individual ks script per host the script has to be created and the boot.cfg must modified. See dnsmasg log which file is requested. Folder name is usually 01-MACAddress
root@debdev ~ # vi grep dnsmasq-tftp /tmp/dns.log dnsmasq-tftp[1103]: File /tftpboot/01-11-22-33-44-55-66/boot.cfg not found root@debdev ~ # vi /tftpboot/01-11-22-33-44-55-66/boot.cfg
...
kernelopt=runweasel ks=http://10.10.220.10/esxi-ks/01-11-22-33-44-55-66/ks.cfg
...
root@debdev ~ # mkdir /var/www/html/esxi-ks/01-11-22-33-44-55-66 root@debdev ~ # vi /var/www/html/esxi-ks/01-11-22-33-44-55-66/ks.cfg
# Accept the VMware End User License Agreement
vmaccepteula
# Set the root password for the DCUI and Tech Support Mode
rootpw myp@ssw0rd
# Install on the first local disk available on machine
install --firstdisk=local --overwritevmfs
keyboard German
# Set the network to DHCP on the first network adapter
network --bootproto=dhcp --device=11:22:33:44:55:66
reboot
Michael
Thanks for the article Michls – I tried all the steps provided for but I get below error message –
Please help to resolve the issue.
TFTP prefix:
Trying to load: pxelinux.cfg/ec5db4c0-74fe-d511-b9e7-3d9235afe5a1
Trying to load: pxelinux.cfg/01-00-17-31-b6-5e-a8
Trying to load: pxelinux.cfg/0A64491E
Trying to load: pxelinux.cfg/0A64491
Trying to load: pxelinux.cfg/0A6449
Trying to load: pxelinux.cfg/0A644
Trying to load: pxelinux.cfg/0A64
Trying to load: pxelinux.cfg/0A6
Trying to load: pxelinux.cfg/0A
Trying to load: pxelinux.cfg/0
Trying to load: pxelinux.cfg/default
Unable to locate configuration file
Boot failed: press a key to retry or wait for reset
I tried the same with ESXi 8, but it just won’t like my prefix for some reasons. It still looks for the files via TFTP: