1

I am trying to install OEL8 on ESXi 7 with a kickstart file. I have the ks.cfg hosted on an http server on the local subnet. The ks.cfg settings are taken from a manually installed OEL VM's anaconda-ks.cfg file. I have the OEL8 ISO mounted to the VM and am able to reach the initial boot menu and enter the kernel parameter for kickstart. Boot proceeds as normal initially before halting at "Reached target Basic System". If I remove the quiet boot parameter I see it halts at the following line: "8021q: adding VLAN 0 to HW filter on device ens192", which suggests to me it's an issue with the network settings.

I have all static network configurations specified in ks.cfg, and I've tried manually specifying the interface via --device as well as setting it to --device=link (only one NIC). The NIC is a VMXNET3 and is configured with the same (i.e. default) settings as the box that donated the anaconda-ks.cfg. I am not able to drop to a console at this point. Finally, the VM boots to the standard graphical installer without incident if I do not provide the kickstart parameter.

What am I missing? ks.cfg follows:

#version=OL8
# Use graphical install
#graphical
text

#repo --name="AppStream" --baseurl=file:///run/install/sources/mount-0000-cdrom/AppStream

%packages
@^minimal-environment
aide
audispd-plugins
audit
crypto-policies
dnf-automatic
fapolicyd
firewalld
iptables
kexec-tools
libcap-ng-utils
openscap
openscap-scanner
openssh-clients
openssh-server
policycoreutils
policycoreutils-python-utils
rng-tools
rsyslog
rsyslog-gnutls
scap-security-guide
sudo
tmux
usbguard
-abrt
-abrt-addon-ccpp
-abrt-addon-kerneloops
-abrt-addon-python
-abrt-cli
-abrt-plugin-logger
-abrt-plugin-sosreport
-gssproxy
-iprutils
-krb5-workstation
-nfs-utils
-pigz
-sendmail
-tuned

%end

# Keyboard layouts
keyboard --xlayouts='us'
# System language
lang en_US.UTF-8

# Network information
network  --bootproto=static --device=ens192 --ethtool="autoneg on" --gateway=<address> --ip=<address> --nameserver=<dns1>,<dns2> --netmask=<mask> --noipv6 --activate
network  --hostname=localhost.localdomain

# Use CDROM installation media
cdrom

# Run the Setup Agent on first boot
firstboot --enable

ignoredisk --only-use=sda
# Partition clearing information
clearpart --none --initlabel
# Disk partitioning information
part pv.150 --fstype="lvmpv" --ondisk=sda --size=96264
part /boot/efi --fstype="efi" --ondisk=sda --size=512 --fsoptions="umask=0077,shortname=winnt"
part /boot --fstype="xfs" --ondisk=sda --size=1024
volgroup ol --pesize=4096 pv.150
logvol /usr --fstype="xfs" --size=10240 --name=usr --vgname=ol
logvol /var/tmp --fstype="xfs" --size=1024 --name=var_tmp --vgname=ol
logvol /var/log/audit --fstype="xfs" --size=1024 --name=var_log_audit --vgname=ol
logvol /opt --fstype="xfs" --size=30720 --name=opt --vgname=ol
logvol swap --fstype="swap" --size=4096 --name=swap --vgname=ol
logvol /tmp --fstype="xfs" --size=8192 --name=tmp --vgname=ol
logvol /var --fstype="xfs" --size=20480 --name=var --vgname=ol
logvol /var/log --fstype="xfs" --size=5120 --name=var_log --vgname=ol
logvol /home --fstype="xfs" --size=10240 --name=home --vgname=ol
logvol / --fstype="xfs" --size=5120 --name=root --vgname=ol

# System timezone
timezone America/Los_Angeles --isUtc

# Root password
rootpw --iscrypted <hash>


%addon org_fedora_oscap
    content-type = scap-security-guide
    profile = xccdf_org.ssgproject.content_profile_stig
%end

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
ohlylo
  • 11
  • 2
  • Sounds like it's a vlan issue as you've suggested, how is tagging setup on your virtual networking? – Chopper3 Jan 13 '21 at 15:49
  • It's an open /24 network running on a port group assigned to the appropriate VLAN on the DSwitch. I'm dubious the VLAN itself is the issue for two reasons: one, a variety of other devices in this test environment are using this port group and VLAN without incident; and two, I can boot to the standard manual installer and have no issue accessing the network on the same VM with the same address and such I have configured. – ohlylo Jan 13 '21 at 15:59
  • Are you using a vSS or vDS? either way can you show us how you that's setup please – Chopper3 Jan 13 '21 at 16:02
  • This is a vDS. The setup is very basic, pretty much all defaults. There is a distributed port group on the vDS tagged to the VLAN in question to which the VM is assigned. If it matters, the vDS is v6.6.0 due to my mixed 6.7/7.0 ESXi env. Anything in particular that would help here? – ohlylo Jan 13 '21 at 16:14
  • Ok, so the PG is doing the untagging/tagging, so the VM should just have no .1q config at all, yet the message suggests it might be trying to tag its own traffic, or listing out for some - we've seen issues with pre-boot setups on RHEL struggling with this kind of setup, one option is to either change the setup of the PG to allow tagged traffic in and out without interference, the other is to see if you can disable the .1q support in the pre-boot config so you at least know that's not the problem. – Chopper3 Jan 13 '21 at 16:41
  • Halting at "Reached target Basic System" is usually a local problem rather than a network problem. You could verify this by leaving the NIC unconfigured during installation (comment the line out of the kickstart). Your filesystem layout seems ok, though it's unusual to create so many different volumes these days, unless of course you know one of them is likely to blow up and eat all its disk space before your monitoring system can catch the change in disk usage and alert you. It may be a good idea to simplify that. – Michael Hampton Jan 13 '21 at 21:05

2 Answers2

0

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/performing_a_standard_rhel_installation/custom-boot-options_installing-rhel see section C2, boot options have changed, for static IP use ip=ip::gateway:netmask:hostname:interface:none

user950833
  • 1
0

kickstart and packer worked correctly in rhel8.5.

vmlinuz initrd=initrd.img ip=192.168.1.2::192.168.1.1:255.255.255.0:myhostname:ens224:none nameserver=8.8.8.8 nameserver=8.8.4.4 text inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks8.cfg
Carlos Arce
  • 1