|  |     | 
| (9 intermediate revisions by the same user not shown) | 
| Line 1: | Line 1: | 
|  |  | == Configure DHCP server on RHEL9 == | 
|  | 
 |  | 
 | 
|  | '''How to add new client to the system'''
 |  |  yum install dhcp-server | 
|  | 
 |  | 
 | 
|  | Add new record to:
 |  | In this example, server on subnet 167 (129.57.167.139), and client on subnet 86. | 
|  |  /var/named/10.168.192.in-addr.arpa.db
 |  | 
|  |  /var/named/clontest.com
 |  | 
|  |  /etc/dhcp/dhcpd.conf
 |  | 
|  | 
 |  | 
 | 
|  | Restart corresponding services:
 |  | Config file /etc/dhcp/dhcpd.conf should looks like this (replace 129.57.167.139 with the server address): | 
|  |  systemctl restart dhcpd
 |  | 
|  |  systemctl restart named
 |  | 
|  | 
 |  | 
 | 
|  | Check services status:
 |  |  # | 
|  |   systemctl status dhcpd |  |  # DHCP Server Configuration file. | 
|  |   systemctl status named |  |  #   see /usr/share/doc/dhcp-server/dhcpd.conf.example | 
|  |   |  |   #   see dhcpd.conf(5) man page | 
|  |   |  |  # | 
|  | '''IPTABLES'''
 |  |   | 
|  |   |  |  option domain-name "jlab.org"; | 
|  | Do not forget:
 |  |  option domain-name-servers 129.57.90.255, 129.57.32.101; | 
|  |   chattr +i /etc/resolv.conf |  |   default-lease-time 600; | 
|  |   |  |  max-lease-time 7200; | 
|  | Show tables:
 |  |   | 
|  |   iptables -vL -t filter |  |  # subnet 167 | 
|  |   iptables -vL -t nat |  |  subnet 129.57.167.0 netmask 255.255.255.0 { | 
|  |   iptables -vL -t mangle |  |        option routers 129.57.167.99; | 
|  |   iptables -vL -t raw |  |        deny unknown-clients; | 
|  |   iptables -vL -t security |  |  } | 
|  |  |   | 
|  |  |  # subnet 86 | 
|  |  |   subnet 129.57.86.0 netmask 255.255.255.0 { | 
|  |  |        option broadcast-address 129.57.86.255; | 
|  |  |        option subnet-mask 255.255.255.0; | 
|  |  |        option routers 129.57.86.1; | 
|  |  |        deny unknown-clients; | 
|  |  |        allow declines; | 
|  |  |  } | 
|  |  |   | 
|  |  |  # important settings to recognize PXE boot from UEFI boot controllers | 
|  |  |   set vendorclass = option vendor-class-identifier; | 
|  |  |   option pxe-system-type code 93 = unsigned integer 16; | 
|  |  |   set pxetype = option pxe-system-type; | 
|  |  |     | 
|  |  |  # DISKLESS Clients in here | 
|  |  |  group | 
|  |  |  { | 
|  |  |      if substring(vendorclass, 0, 9)="PXEClient" { | 
|  |  |          if pxetype=00:06 or pxetype=00:07 { | 
|  |  |              filename   "efi/boot/grub2/x86_64-efi/core.efi"; | 
|  |  |          } else { | 
|  |  |              filename "linux-install/pxelinux.0"; | 
|  |  |          } | 
|  |  |      } | 
|  |  |   | 
|  |  |      next-server 129.57.167.4; | 
|  |  |     | 
|  |  |      host test333 { | 
|  |  |          hardware ethernet 00:20:38:04:3a:8a; | 
|  |  |          fixed-address 129.57.86.7; | 
|  |  |      } | 
|  |  |       | 
|  |  |      host test444 { | 
|  |  |          hardware ethernet 00:20:38:10:15:03; | 
|  |  |          fixed-address 129.57.86.5; | 
|  |  |      } | 
|  |     |  |     | 
|  | Only first two seems relevant. Clear them:
 |  |   } # Diskless clients group | 
|  |   iptables -t filter -F |  | 
|  |  iptables -t nat -F
 |  | 
|  |   
 |  | 
|  | Set needed settings (we assumes loval network port is 'enp_bond', and uplink port is 'em1'):
 |  | 
|  |  iptables -A INPUT -i lo -j ACCEPT
 |  | 
|  |  iptables -A INPUT -i enp_bond -j ACCEPT
 |  | 
|  |  iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 |  | 
|  |  iptables -t nat -A POSTROUTING -o em1 -j MASQUERADE
 |  | 
|  |  iptables -A FORWARD -i em1 -o enp_bond -m state --state RELATED,ESTABLISHED -j ACCEPT
 |  | 
|  |  iptables -A FORWARD -i enp_bond -o em1 -j ACCEPT
 |  | 
|  | 
 |  | 
 | 
|  | Save rules and restart service:
 |  | 
|  |  iptables-save > /etc/sysconfig/iptables
 |  | 
|  |  systemctl enable iptables
 |  | 
|  |  systemctl start iptables
 |  | 
|  | 
 |  | 
 | 
|  | '''MODIFY /diskless/CentOS7/x86_64/root/etc/sysconfig/readonly-root''':
 |  | Enable and start service: | 
|  |  ...
 |  | 
|  |  CLIENTSTATE=192.168.10.1:/diskless/CentOS7/x86_64/snapshot
 |  | 
|  |  ...
 |  | 
|  | 
 |  | 
 | 
|  | '''In controller's snapshot area, sshd_config (to allow remote ssh)'''
 |  |  systemctl enable dhcpd | 
|  |  |  systemctl start dhcpd | 
|  | 
 |  | 
 | 
|  |  HostbasedAuthentication yes
 |  | Check service status, fix errors if any: | 
|  |  #HostbasedAuthentication no
 |  | 
|  | 
 |  | 
 | 
|  |   IgnoreRhosts no |  |   systemctl status dhcpd | 
|  |  #IgnoreRhosts yes
 |  | 
|  |   |  | 
|  |  PasswordAuthentication yes
 |  | 
|  |  #PasswordAuthentication yes
 |  | 
|  |  PasswordAuthentication yes
 |  | 
|  |   |  | 
|  |  #UsePAM yes
 |  | 
|  |  UsePAM yes
 |  | 
|  | 
 |  | 
 | 
|  |  #UsePrivilegeSeparation sandbox		# Default for new installations.
 |  | == Configure local DHCP server on RHEL7 == | 
|  |  UsePrivilegeSeparation sandbox		# Default for new installations.
 |  | 
|  | 
 |  | 
 | 
|  |  |  yum install dhcp | 
|  | 
 |  | 
 | 
|  | '''old gefvme removal'''
 |  | Config file ''/etc/dhcp/dhcpd.conf'' should looks like this: | 
|  |   |  |   # | 
|  |  yum remove kmod-gefvme gefvme-library
 |  |   # DHCP Server Configuration file. | 
|  |   |  |   #   see /usr/share/doc/dhcp*/dhcpd.conf.example | 
|  | If failed on 'gefvme-library', do
 |  |   #   see dhcpd.conf(5) man page | 
|  |  rpm -e --noscripts gefvme-library
 |  |   # | 
|  |   |  | 
|  | If file ''/etc/modules-load.d/gefvme.conf'' was not removed by above commands, remove it manually (if working from ''chroot ...'' then everything is done in ''root'' area, but ''gefvme.conf'' may survive in ''snapshot'' area, in that case remove it on controller and not in ''chroot'').
 |  | 
|  |   |  | 
|  | File ''/etc/modules-load.d/vme.conf''with contents
 |  | 
|  |  cmem_rcc
 |  | 
|  |  jvme
 |  | 
|  |  vme_vivo
 |  | 
|  |  vme_ca91cx42
 |  | 
|  |  vme_tsi148
 |  | 
|  |  vme
 |  | 
|  | may not be needed (if modules already in kernel ?).
 |  | 
|  |   |  | 
|  | '''new jvme (not sure if module installation is needed, maybe in kernel already ?) '''
 |  | 
|  |   |  | 
|  | '''On VME controller in BIOS, make sure VME memry size is set to 512M'''
 |  | 
|  |   |  | 
|  | Project git link:https://code.jlab.org/fedaq/drivers/jvme/-/tree/release-3.0
 |  | 
|  |   |  | 
|  | On vme controller as ''boiarino'', copy ''jvme-release-3.0.tar'' to ''$CODA/src'' and untar it.
 |  | 
|  |   |  | 
|  | Create two environment scripts:
 |  | 
|  |   |  | 
|  | jvme_bash:
 |  | 
|  |   #!/bin/bash |  | 
|  |  export LINUXVME=${CODA}/src/jvme-release-3.0/linuxvme
 |  | 
|  |  export LINUXVME_INC=${LINUXVME}/include
 |  | 
|  |  export LINUXVME_LIB=${LINUXVME}/Linux_`uname -m`_vme/lib
 |  | 
|  |  export LINUXVME_BIN=${LINUXVME}/Linux_`uname -m`_vme/bin
 |  | 
|  |  export LD_LIBRARY_PATH=${LINUXVME_LIB}:${LD_LIBRARY_PATH}
 |  | 
|  |  export KERNELRELEASE=3.10.0-1062.9.1.el7.x86_64
 |  | 
|  |   |  | 
|  | jvme_tcsh:
 |  | 
|  |   #!/bin/tcsh |  | 
|  |  setenv LINUXVME ${CODA}/src/jvme-release-3.0/linuxvme
 |  | 
|  |  setenv LINUXVME_INC ${LINUXVME}/include
 |  | 
|  |  setenv LINUXVME_LIB ${LINUXVME}/Linux_`uname -m`_vme/lib
 |  | 
|  |  setenv LINUXVME_BIN ${LINUXVME}/Linux_`uname -m`_vme/bin
 |  | 
|  |  setenv LD_LIBRARY_PATH ${LINUXVME_LIB}:${LD_LIBRARY_PATH}
 |  | 
|  |  setenv KERNELRELEASE 3.10.0-1062.9.1.el7.x86_64
 |  | 
|  |   |  | 
|  | Run ''source jvme_tcsh''.
 |  | 
|  | Go inside ''jvme-release-3.0''.
 |  | 
|  | In two files ''CMakeLists.txt'' and ''src/CMakeLists.txt'', change
 |  | 
|  |  set(libpath Linux-${CMAKE_SYSTEM_PROCESSOR}/lib)
 |  | 
|  |  set(libpath Linux-${CMAKE_SYSTEM_PROCESSOR}/bin)
 |  | 
|  | to
 |  | 
|  |  set(libpath Linux_${CMAKE_SYSTEM_PROCESSOR}_vme/lib)
 |  | 
|  |  set(libpath Linux_${CMAKE_SYSTEM_PROCESSOR}_vme/bin)
 |  | 
|  |   |  | 
|  | Type ''cmake -B build -S . -DCMAKE_INSTALL_PREFIX=$LINUXVME''
 |  | 
|  |   |  | 
|  | Fix Makefile in ''kernel_driver'' and three it's subdirectories, it must have following in the beginning:
 |  | 
|  |  KVERSION := $(KERNELRELEASE)
 |  | 
|  |  ifeq ($(origin KERNELRELEASE), undefined)
 |  | 
|  |  KVERSION := $(shell uname -r)
 |  | 
|  |  endif
 |  | 
|  |   |  | 
|  | In directory ''jvme-release-3.0'', type ''make'' and ''make install'', 
 |  | 
|  |   |  | 
|  | Do ''cd kernel_driver'' and ''make'' (do NOT do ''make install'').
 |  | 
|  |   |  | 
|  | On the server, do
 |  | 
|  |   |  | 
|  |  mount -o bind /usr/clas12 /diskless/CentOS7/x86_64/root/usr/clas12
 |  | 
|  |  mount -o bind /usr/local /diskless/CentOS7/x86_64/root/usr/local
 |  | 
|  |  mount -o bind /home /diskless/CentOS7/x86_64/root/home
 |  | 
|  |  chroot /diskless/CentOS7/x86_64/root
 |  | 
|  |  cd /usr/clas12/release/2.0.0/coda/src
 |  | 
|  |   source jvme_bash |  | 
|  |  cd jvme-release-3.0/kernel_driver
 |  | 
|  |  make install
 |  | 
|  |   |  | 
|  | Still on server, add two files to ''/etc/udev/rules.d'' directory:
 |  | 
|  |   |  | 
|  | 99-cmem.rules:
 |  | 
|  |  KERNEL=="cmem_rcc", MODE="0666"
 |  | 
|  |   |  | 
|  | 99-vme.rules:
 |  | 
|  |  KERNEL=="bus/vme/ctl", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/m_a16", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/m_a24", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/m_a32", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/m_crcsr", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/s_a32", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/s_rsvd1", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/s_rsvd2", MODE="0666"
 |  | 
|  |  KERNEL=="bus/vme/s_rsvd3", MODE="0666"
 |  | 
|  |   |  | 
|  | Reboot controller, check if everything is good.
 |  | 
|  |   |  | 
|  | '''NOTE''': if changing something in kernel module(s), it is not needed to reboot every time after make/make install is done in ''jvme-release-3.0/kernel_driver'' directory. Just run ''./load_driver.sh'' as root on controller, and all modules will be reloaded.
 |  | 
|  |   |  | 
|  |   |  | 
|  | '''NOTE''': to add ''/et'' to snapshot area: on server, create /et directories in both root and snapshot areas, then add line '/et' to /etc/statetab file in root area, then reboot controller.
 |  | 
|  |   |  | 
|  |   |  | 
|  |   |  | 
|  |   |  | 
|  | '''Enable systemd log persistency (remember all reboots, not only last one)'''
 |  | 
|  |   |  | 
|  | Run ''emacs /etc/systemd/journald.conf'', set
 |  | 
|  |   |  | 
|  |  Storage=persistent
 |  | 
|  |   |  | 
|  | Do following:
 |  | 
|  |   |  | 
|  |  mkdir /var/log/journal
 |  | 
|  |  systemd-tmpfiles --create --prefix /var/log/journal
 |  | 
|  |  systemctl restart systemd-journald
 |  | 
|  |   |  | 
|  | '''yum'''
 |  | 
|  |   |  | 
|  | On server where vme is loading from (as root; ''/zzz'' will be needed for mysqltcl installation below):
 |  | 
|  |   |  | 
|  |  mkdir /diskless/CentOS7/x86_64/root/zzz
 |  | 
|  |   #mount -o bind /usr/local/src /diskless/CentOS7/x86_64/root/zzz |  | 
|  |  mount -o bind /usr/local /diskless/CentOS7/x86_64/root/usr/local
 |  | 
|  |  mount -o bind /usr/clas12 /diskless/CentOS7/x86_64/root/usr/clas12
 |  | 
|  |  chroot /diskless/CentOS7/x86_64/root
 |  | 
|  |   |  | 
|  | Add ''multilib_policy=all'' to ''/etc/yum.conf''.
 |  | 
|  |   |  | 
|  | Add (and remove the rest ?) following to ''/etc/yum.repos.d/CentOS-Base.repo'':
 |  | 
|  |   |  | 
|  |  [base]
 |  | 
|  |  name=CentOS-$releasever - Base
 |  | 
|  |  baseurl=http://archive.kernel.org/centos-vault/centos/$releasever/os/$basearch/
 |  | 
|  |   |  | 
|  | Clean yum database:
 |  | 
|  |   |  | 
|  |  rm /var/lib/rpm/__db.*
 |  | 
|  |   |  | 
|  | Install following using yum:
 |  | 
|  |   |  | 
|  |  yum install motif-devel tcl-devel tk-devel libXpm-devel apr-devel libXaw-devel ncurses-devel 
 |  | 
|  |   |  | 
|  | Install following for ''dbedit'':
 |  | 
|  |   |  | 
|  |  yum install tix itcl itk
 |  | 
|  |   |  | 
|  | Install remaining tcl stuff from ''/usr/local/src'', mounted as ''/zzz'' above:
 |  | 
|  |     |  |     | 
|  |  cd /zzz/mysqltcl-3.052
 |  | 
|  |  make install
 |  | 
|  |  ln -s /usr/lib/mysqltcl-3.052 /usr/lib64/tcl8.5/mysqltcl-3.052
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | '''To enable remove ssh login, in 'sshd_config comment out this: #UsePAM yes'''
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | ''' Gateway'''
 |  | 
|  | 
 |  | 
|  | Add
 |  | 
|  |  net.ipv4.ip_forward=1
 |  | 
|  | to ''/etc/sysctl.conf'' and execute
 |  | 
|  |  sysctl -p
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | ''' NIS server'''
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  |  yum install ypserv rpcbind
 |  | 
|  | 
 |  | 
|  |  systemctl start ypserv
 |  | 
|  | 
 |  | 
|  | ''/etc/hosts'':
 |  | 
|  | 
 |  | 
|  |  192.168.10.1           clondaq15daq1.clontest.com    clondaq15daq1
 |  | 
|  |  192.168.10.5           test5.clontest.com    test5
 |  | 
|  |  192.168.10.6           test6.clontest.com    test6
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | On clondaq15:
 |  | 
|  |  route add -net 192.168.10.0 netmask 255.255.255.0 gw 129.57.86.1
 |  | 
|  | ''route'':
 |  | 
|  |   Kernel IP routing table
 |  | 
|  |  Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
 |  | 
|  |  default         gw-86.jlab.org  0.0.0.0         UG    101    0        0 em1
 |  | 
|  |  129.57.86.0     0.0.0.0         255.255.255.0   U     101    0        0 em1
 |  | 
|  |  192.168.10.0    gw-86.jlab.org  255.255.255.0   UG    0      0        0 em1
 |  | 
|  |  192.168.10.0    0.0.0.0         255.255.255.0   U     102    0        0 p2p1
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | '''Setting DHCP server on clon10new (RHEL7)'''
 |  | 
|  | 
 |  | 
|  |  yum install dhcp tftp tftp-server
 |  | 
|  | 
 |  | 
|  | Bryan:
 |  | 
|  | 
 |  | 
|  |  yum install nfs-utils tftp-server syslinux-tftpboot syslinux
 |  | 
|  | 
 |  | 
|  |  yum install dnsmasq
 |  | 
|  | 
 |  | 
|  |  mkdir /tftpboot
 |  | 
|  | 
 |  | 
|  |  grub2-mknetdir --net-directory=/tftpboot/efi
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | Create file ''/etc/systemd/system/tftp.service'':
 |  | 
|  | 
 |  | 
|  |  [Unit]
 |  | 
|  |  Description=Tftp Server
 |  | 
|  |  Requires=tftp.socket
 |  | 
|  |  Documentation=man:in.tftpd
 |  | 
|  | 
 |  | 
|  |  [Service]
 |  | 
|  |  #ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot
 |  | 
|  |  ExecStart=/usr/sbin/in.tftpd -s /tftpboot
 |  | 
|  |  StandardInput=socket
 |  | 
|  | 
 |  | 
|  |  [Install]
 |  | 
|  |  Also=tftp.socket
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  | Start tftp:
 |  | 
|  | 
 |  | 
|  |  systemctl start tftp
 |  | 
|  |  #systemctl start tftp.socket ??
 |  | 
|  | 
 |  | 
|  | Create file ''/tftpboot/efi/boot/grub2/grub.cfg'' with following contents:
 |  | 
|  | 
 |  | 
|  | 
 |  | 
|  |  function load_video {
 |  | 
|  |  insmod efi_gop
 |  | 
|  |  insmod efi_uga
 |  | 
|  |  insmod video_bochs
 |  | 
|  |  insmod video_cirrus
 |  | 
|  |  insmod all_video
 |  | 
|  |  }
 |  | 
|  | 
 |  | 
|  |  load_video
 |  | 
|  |  set gfxpayload=keep
 |  | 
|  |  insmod gzio
 |  | 
|  |  set timeout=2
 |  | 
|  |  menuentry 'Diskless CentOS7 x86_64, any network device'  --class redhat --class gnu-linux --class gnu --class os {
 |  | 
|  |  linuxefi linux-install/CentOS7-x86_64-Diskless/vmlinuz-3.10.0-1062.9.1.el7.x86_64 zram=1 ip=::::::dhcp root=nfs:192.168.10.1:/diskless/CentOS7-devel/x86_64/root ro vga=0x305 module_blacklist=ipmi_si,ipmi_msghandler,ipmi_devintf,w83977f_wdt
 |  | 
|  |  initrdefi linux-install/CentOS7-x86_64-Diskless/initramfs-jvme-3.10.0-1062.9.1.el7.x86_64.img
 |  | 
|  |  }
 |  | 
|  | 
 |  | 
|  | Edit file ''/etc/dhcp/dhcpd.conf'':
 |  | 
|  | 
 |  | 
|  |   subnet 192.168.10.0 netmask 255.255.255.0 { |  |   subnet 192.168.10.0 netmask 255.255.255.0 { | 
|  |         option domain-name "jlab.org";
 |  |          option domain-name "clontest.com jlab.org"; | 
|  |         option domain-name-servers129.57.32.100, 129.57.32.101;
 |  |          option domain-name-servers 192.168.10.1; | 
|  |         option routers 192.168.10.1;
 |  |          option routers 192.168.10.1; | 
|  |         use-host-decl-names true;
 |  |          use-host-decl-names true; | 
|  |   	pool { |  |   	pool { | 
|  |   	     range 192.168.10.2 192.168.10.20; |  |   	     range 192.168.10.2 192.168.10.20; | 
| Line 332: | Line 95: | 
|  |   	     } |  |   	     } | 
|  |   } |  |   } | 
|  |   |  |   | 
|  |   set vendorclass = option vendor-class-identifier; |  |   set vendorclass = option vendor-class-identifier; | 
|  |   option pxe-system-type code 93 = unsigned integer 16; |  |   option pxe-system-type code 93 = unsigned integer 16; | 
|  |   set pxetype = option pxe-system-type; |  |   set pxetype = option pxe-system-type; | 
|  |   |  |   | 
|  |   # DISKLESS Clients in here |  |   # DISKLESS Clients in here | 
|  |   group |  |   group | 
| Line 348: | Line 111: | 
|  |   	} |  |   	} | 
|  |     	next-server 192.168.10.1; |  |     	next-server 192.168.10.1; | 
|  |  	host test1 {
 |  |   | 
|  |  	 hardware ethernet 00:20:38:03:10:34;
 |  |   	host test5 { | 
|  |  	 fixed-address 192.168.10.4;
 |  | 
|  |  	}
 |  | 
|  |   	host test4 { |  | 
|  |   	 hardware ethernet 00:20:38:10:14:f7; |  |   	 hardware ethernet 00:20:38:10:14:f7; | 
|  |   	 fixed-address 192.168.10.5; |  |   	 fixed-address 192.168.10.5; | 
|  |   	} |  |   	} | 
|  |  |   | 
|  |  |  	host test6 { | 
|  |  |  	 hardware ethernet 00:20:38:0A:07:D7; | 
|  |  |  	 fixed-address 192.168.10.6; | 
|  |  |  	} | 
|  |  |   | 
|  |  |  	host test7 { | 
|  |  |  	 hardware ethernet 00:20:38:0F:2C:0D; | 
|  |  |  	 fixed-address 192.168.10.7; | 
|  |  |  	} | 
|  |  |   | 
|  |   } # Diskless clients group |  |   } # Diskless clients group | 
|  |  
 |  | 
|  | 
 |  | 
|  | Start dhcp:
 |  | 
|  | 
 |  | 
 | 
|  |  | Enable and start service: | 
|  |  |  systemctl enable dhcpd | 
|  |   systemctl start dhcpd |  |   systemctl start dhcpd | 
|  | 
 |  | 
 | 
|  |   |  | Check service status, fix errors if any: | 
|  | Install nfs:
 |  |   systemctl status dhcpd | 
|  |   |  | 
|  |  yum install nfs-utils
 |  | 
|  |   |  | 
|  | Configure file ''/etc/exports'':
 |  | 
|  |   |  | 
|  |  /diskless 192.168.10.0/24(rw,no_root_squash,sync)
 |  | 
|  |   |  | 
|  | Start NFS server:
 |  | 
|  |   |  | 
|  |  systemctl status nfs-server
 |  | 
|  |   |  | 
|  | Check that NFS is exporting. Command |  | 
|  |   |  | 
|  |  showmount -e
 |  | 
|  |   |  | 
|  | have to show following:
 |  | 
|  |   |  | 
|  |  Export list for clondaq15.jlab.org:
 |  | 
|  |  /diskless 192.168.10.0/24
 |  | 
|  |   |  | 
|  |   |  | 
|  | To use local name server, install bind:
 |  | 
|  |   |  | 
|  |  yum install bind
 |  | 
|  |   |  | 
|  |   |  | 
|  |   |  | 
|  | Login from console may not work because of file ''/etc/securetty'' permissions, it must be 644.
 |  | 
|  |   |  | 
|  |   |  | 
|  | THere is a servicePAM,it may prevent login from console ifsome required services did not start. To work around, comment out some lines in ''/etc/pam.d/system-auth-ac'' file:
 |  | 
|  |   |  | 
|  |   #%PAM-1.0 |  | 
|  |  # This file is auto-generated.
 |  | 
|  |  # User changes will be destroyed the next time authconfig is run.
 |  | 
|  |  #auth        required      pam_env.so
 |  | 
|  |  auth        sufficient    pam_unix.so nullok try_first_pass
 |  | 
|  |  #auth        requisite     pam_succeed_if.so uid >= 1000 quiet_success
 |  | 
|  |  #auth        required      pam_deny.so
 |  | 
|  |  
 |  | 
|  |  #account     required      pam_unix.so
 |  | 
|  |  account     sufficient    pam_localuser.so
 |  | 
|  |  account     sufficient    pam_succeed_if.so uid < 1000 quiet
 |  | 
|  |  #account     required      pam_permit.so
 |  | 
|  |  
 |  | 
|  |  password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
 |  | 
|  |  password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
 |  | 
|  |  #password    required      pam_deny.so
 |  | 
|  |  
 |  | 
|  |  session     optional      pam_keyinit.so revoke
 |  | 
|  |  #session     required      pam_limits.so
 |  | 
|  |  -session     optional      pam_systemd.so
 |  | 
|  |  session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
 |  | 
|  |  #session     required      pam_unix.so
 |  | 
Configure DHCP server on RHEL9
yum install dhcp-server
In this example, server on subnet 167 (129.57.167.139), and client on subnet 86.
Config file /etc/dhcp/dhcpd.conf should looks like this (replace 129.57.167.139 with the server address):
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp-server/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
option domain-name "jlab.org";
option domain-name-servers 129.57.90.255, 129.57.32.101;
default-lease-time 600;
max-lease-time 7200;
# subnet 167
subnet 129.57.167.0 netmask 255.255.255.0 {
      option routers 129.57.167.99;
      deny unknown-clients;
}
# subnet 86
subnet 129.57.86.0 netmask 255.255.255.0 {
      option broadcast-address 129.57.86.255;
      option subnet-mask 255.255.255.0;
      option routers 129.57.86.1;
      deny unknown-clients;
      allow declines;
}
# important settings to recognize PXE boot from UEFI boot controllers
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
set pxetype = option pxe-system-type;
# DISKLESS Clients in here
group
{
    if substring(vendorclass, 0, 9)="PXEClient" {
        if pxetype=00:06 or pxetype=00:07 {
            filename   "efi/boot/grub2/x86_64-efi/core.efi";
        } else {
            filename "linux-install/pxelinux.0";
        }
    }
    next-server 129.57.167.4;
    host test333 {
        hardware ethernet 00:20:38:04:3a:8a;
        fixed-address 129.57.86.7;
    }
    
    host test444 {
        hardware ethernet 00:20:38:10:15:03;
        fixed-address 129.57.86.5;
    }
} # Diskless clients group
Enable and start service:
systemctl enable dhcpd
systemctl start dhcpd
Check service status, fix errors if any:
systemctl status dhcpd
Configure local DHCP server on RHEL7
yum install dhcp
Config file /etc/dhcp/dhcpd.conf should looks like this:
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
subnet 192.168.10.0 netmask 255.255.255.0 {
        option domain-name "clontest.com jlab.org";
        option domain-name-servers 192.168.10.1;
        option routers 192.168.10.1;
        use-host-decl-names true;
	pool {
	     range 192.168.10.2 192.168.10.20;
	     deny dynamic bootp clients;
	     allow unknown clients;
	     }
}
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
set pxetype = option pxe-system-type;
# DISKLESS Clients in here
group
{
	if substring(vendorclass, 0, 9)="PXEClient" {
	   if pxetype=00:06 or pxetype=00:07 {
	      filename   "efi/boot/grub2/x86_64-efi/core.efi";
	   } else {
	      filename "linux-install/pxelinux.0";
	   }
	}
  	next-server 192.168.10.1;
	host test5 {
	 hardware ethernet 00:20:38:10:14:f7;
	 fixed-address 192.168.10.5;
	}
	host test6 {
	 hardware ethernet 00:20:38:0A:07:D7;
	 fixed-address 192.168.10.6;
	}
	host test7 {
	 hardware ethernet 00:20:38:0F:2C:0D;
	 fixed-address 192.168.10.7;
	}
} # Diskless clients group
Enable and start service:
systemctl enable dhcpd
systemctl start dhcpd
Check service status, fix errors if any:
systemctl status dhcpd