RHEL/CentOS 8 Kickstart example | Kickstart Generator

In the article I will share the list of RHEL/CentOS 8 kickstart example commands which you can use to automate the installation for Red Hat and CentOS. I have not covered %pre and %post installation stage in this article as that may just lengthen this already long article. Although I will try to cover the most used kickstart commands in real time production environment.

 

Kickstart Generator

You can use Red Hat's official Kickstart Generator Tool to create your kickstart file to automate the installation.

Just follow the onscreen options and you will get a sample kickstart file based in your choice.

 

Kickstart Validator

Before you initiate the installation using kickstart file, it is recommended to validate the content of the Kickstart configuration file. Install pykickstart to install the ksvalidator tool

NOTE:

On RHEL system you must have an active subscription to RHN or you can configure a local offline repository using which "yum" package manager can install the provided rpm and it's dependencies.
# dnf -y install pykickstart

To validate the kickstart file provide the absolute path and the kickstart file with ksvalidator:

# ksvalidator kickstart.conf

 

Below are the list of Kickstart commands which you can manually add and create your own Kickstart file to automate the entire Red Hat/CentOS installation process. At the end of the article I have attached a sample kickstart configuration file which I have used to install Virtual Machine in Oracle VirtualBox

 

Add Comment (Optional)

You can choose to add some comment to identify the Kickstart as I have added for identification. This optional and you can choose to ignore:

# version=RHEL8
# RHEL/CentOS 8 Kickstart Example

 

Perform Media Check

You can check the media before starting the installation

Kickstart command - mediacheck

This command forces the installation program to perform a media check before starting the installation.
This command requires that installations be attended, so it is disabled by default.

Syntax:

mediacheck

 

Mode of installation

For a fully automatic installation, you must either specify one of the available modes in Kickstart file:

Kickstart command - graphical

  • It performs the Kickstart installation in graphical mode.
  • You can also combine it with --non-interactive which performs the installation in a completely non-interactive mode.
  • This mode will terminate the installation when user interaction is required.

Kickstart command - text

  • It performs the Kickstart installation in text mode.
  • You can also combine it with --non-interactive which performs the installation in a completely non-interactive mode.
  • This mode will terminate the installation when user interaction is required.

Kickstart command - cmdline

  • It performs the installation in a completely non-interactive command line mode.
  • Any prompt for interaction halts the installation.
  • This command has no options.

 

In my RHEL/CentOS 8 kickstart example I choose text as the preferred installation method

# Install in text mode
text

 

Create additional repo

You can configure additional yum repositories that can be used as sources for package installation.

Kickstart command - repo

  • By default all the provided repos are automatically created and mounted on /run/install/repo/<repo_name>
  • You can add multiple repo lines.

Syntax:

repo --name=repoid [--baseurl=url|--mirrorlist=url|--metalink=url] [OPTIONS]

Here,

  • --baseurl= The URL to the repository.
  • --mirrorlist= The URL pointing at a list of mirrors for the repository.
  • --metalink= The URL with metalink for the repository.

For complete list of supported options check Red Hat's Guide for Advanced Installation

In my RHEL/CentOS 8 kickstart example I will also create AppStream repo which is part of the ISO image.

# Create additional repo during installation
repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream

 

Installation Method

There are different installation methods to choose from such as cdrom, harddrive, hmc, nfs, liveimg, or url.

We mostly use url, cdrom and nfs in production environment so I will explain these installation method:

Kickstart command - nfs

It performs the installation from a specified NFS server.

Syntax:

nfs OPTIONS

Options:

  • --server= Server from which to install (host name or IP).
  • --dir= Directory containing the variant directory of the installation tree.
  • --opts= Mount options to use for mounting the NFS export. (optional)

Kickstart command - url

It performs the installation from an installation tree image on a remote server using FTP, HTTP, or HTTPS.

Syntax:

url --url=FROM [OPTIONS]

Mandatory options:

  • --url= The location to install from. Supported protocols are HTTP, HTTPS, FTP, and file.

Optional options:

  • --proxy= Specify an HTTP, HTTPS or FTP proxy to use while performing the installation.

To get complete list of supported options check Red Hat's Guide for advanced installation

Kickstart command - cdrom

  • It performs the installation from the first optical drive on the system.
  • This command has no options.

In my RHEL/CentOS 8 kickstart example I will use NFS as my installation method

# Installation media
nfs --server=10.10.10.12 --dir=/images/

 

Keyboard Layouts

  • It sets one or more available keyboard layouts for the system.
  • All available layouts can be viewed on the xkeyboard-config(7) man page under Layouts.

Syntax:

keyboard --vckeymap|--xlayouts OPTIONS

Options:

  • --vckeymap= Specify a VConsole keymap which should be used. Valid names correspond to the list of files in the /usr/lib/kbd/keymaps/xkb/ directory, without the .map.gz extension.
  • --xlayouts= Specify a list of X layouts that should be used as a comma-separated list without spaces. Accepts values in the same format as setxkbmap(1), either in the layout format (such as cz), or in the layout (variant) format (such as cz (qwerty)).

In my RHEL/CentOS 8 kickstart example I will use English US as Keyboard layout

# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'

 

Set System Language

Kickstart command - lang

  • It sets the language to use during installation and the default language to use on the installed system.
  • You can use locale -a | grep _ or localectl list-locales to get the list of supported locales.

Syntax:

lang language [--addsupport=language,...]

In my RHEL/CentOS 8 kickstart example I will use en_US.UTF-8

# System language
lang en_US.UTF-8

 

Network Information

Kickstart command - network

  • It configures network information for the target system and activates network devices in the installation environment.
  • The device specified in the first network command is activated automatically.
  • Activation of the device can be also explicitly required by the --activate option.

Syntax:

network OPTIONS

Options:

  • --activate activate this device in the installation environment.
  • --no-activate do not activate this device in the installation environment.
  • --nodefroute prevent the device from using the default route.
  • --bootproto= One of dhcp, bootp, ibft, or static. The default option is dhcp;
  • --noipv4 Disable IPv4 on this device.
  • --noipv6 Disable IPv6 on this device.

In my RHEL/CentOS 8 kickstart example I will assign network to 2 interfaces eth0 and eth1

# Network information
network --bootproto=static --ip=10.10.10.15 --netmask=255.255.255.0 --gateway=10.10.10.1 --nameserver=8.8.8.8 --device=eth0 
network  --bootproto=dhcp --device=eth0  --activate
network  --bootproto=dhcp --device=eth1 --onboot=off  --activate
network  --hostname=centos8-4.example.com

 

Assign root password

  • It sets the system’s root password to the password argument.
  • You can provide root password either in plain text or encrypted
  • To create an encrypted password, you can use python:
$ python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'
  • This generates a sha512 crypt-compatible hash of your password using a random salt.

Syntax:

rootpw [--iscrypted|--plaintext] [--lock] password

Options:

  • --iscrypted If this option is present, the password argument is assumed to already be encrypted.
  • --plaintext If this option is present, the password argument is assumed to be in plain text.
  • --lock If this option is present, the root account is locked by default. This means that the root user will not be able to log in from the console.

In my RHEL/CentOS 8 kickstart example I have already created and assigned root password

# Root password
rootpw --iscrypted $6$w7El/FYx9mbTG6x9$Te.Yg6dq0TsQwGpdSjeDGSw4J9ZBAkLXzT9ODMV7I7lHvX3n5.9PCS4jIkS2GbVLZOpVRLvrua3wwbwA.cfWX.

 

Run the setup agent on first boot

Kickstart command - firstboot

  • It determines whether the Initial Setup application starts the first time the system is booted.
  • If enabled, the initial-setup package must be installed.
  • If not specified, this option is disabled by default.

Syntax:

firstboot OPTIONS

Options:

  • --enable or --enabled :Initial Setup is started the first time the system boots.
  • --disable or --disabled :Initial Setup is not started the first time the system boots.
  • --reconfig :Enable the Initial Setup to start at boot time in reconfiguration mode.

In my RHEL/CentOS 8 kickstart example I will enable firstboot

# Run the Setup Agent on first boot
firstboot --enable

 

Configure X Window System

You can either choose to install and configure X Window System or disable it

Kickstart command - xconfig

  • If you install a display manager among your package selection options, this package creates an X configuration, and the installed system defaults to graphical.target.
  • That overrides the effect of the skipx option.
  • To configure X Window System use "xconfig [--startxonboot]"

Kickstart command - skipx

To avoid configuring X Window System use skipx

In my RHEL/CentOS 8 kickstart example I will disable X Windows System

# Do not configure the X Window System
skipx

 

Enable or Disable system services

Kickstart command - services

  • It modifies the default set of services that will run under the default systemd target.
  • The list of disabled services is processed before the list of enabled services.
  • Therefore, if a service appears on both lists, it will be enabled.

Syntax:

services [--disabled=list] [--enabled=list]

In my RHEL/CentOS 8 kickstart example I will enable chronyd service

# System services
services --enabled="chronyd"

 

Set timezone

Kickstart command - timezone

  • It sets the system time zone.
  • You can use timedatectl list-timezones to get the list of supported timezone values

Syntax:

timezone timezone [OPTIONS]

Optional options:

  • --utc If present, the system assumes the hardware clock is set to UTC (Greenwich Mean) time.
  • --nontp Disable the NTP service automatic starting.
  • --ntpservers= Specify a list of NTP servers to be used as a comma-separated list without spaces.

In my RHEL/CentOS 8 kickstart example I will use Asia/Kolkata as my timezone

# System timezone
timezone Asia/Kolkata --isUtc

 

Handle reboot of the node

Kickstart command - reboot

  • The "reboot" instructs the installation program to reboot after the installation is successfully completed (no arguments).
  • Normally, Kickstart displays a message and waits for the user to press a key before rebooting.
  • Specify reboot to automate installation

In my RHEL/CentOS 8 kickstart example I will use reboot as I plan to automate the entire installation

# Reboot the node
reboot

 

Create Disk Partition

You can use different variables to configure your disk layout

Kickstart command - ignoredisk

  • It causes the installation program to ignore the specified disks.
  • This is useful if you use automatic partitioning and want to be sure that some disks are ignored.

In my RHEL/CentOS 8 kickstart example I only want to use sda disk for installation

# Choose the disks to be used
ignoredisk --only-use=sda

 

Kickstart command - clearpart

  • It removes partitions from the system, prior to creation of new partitions.
  • By default, no partitions are removed.

In my CentOS/RHEL 8 kickstart example I will remove all existing partitions:

# Partition clearing information
clearpart --all

 

Kickstart command - part or partition

  • It creates a partition on the system.
  • This topic is very vast and I plan to give different partition layout examples to install Linux

In my sample kickstart example I will install CentOS 8 using Logical Volume Manager. Here I will create

  • root logical volume
  • swap partition
  • boot partition
# Disk partitioning information
part pv.409 --fstype="lvmpv" --ondisk=sda --size=14847
part /boot --fstype="ext4" --ondisk=sda --size=512
volgroup rhel --pesize=4096 pv.409
logvol swap --fstype="swap" --size=953 --name=swap --vgname=rhel
logvol / --fstype="ext4" --size=13887 --name=root --vgname=rhel

 

Create new user (permanent)

You can also create new user using kickstart which will also be present after the installation

Kickstart command - user

Use user to create a new user using kickstart

Syntax:

user --name=username [OPTIONS]

In my RHEL/CentOS 8 kickstart example I will create one user deepak

# Create user
user --name=deepak --shell=/bin/bash --homedir=/home/deepak  --iscrypted --password=$6$uSejt/TeWMJVQ/F8$/oFsIanDHS/5b9ssy7gZbQwNkORgRjsQIw4JyFjlTWDh9TVsEXWEy2APpCUNTHipOOEe..ubg3qBZOwpaPtsB.

 

Create User (only for installation)

You can create user only to monitor the installation process. Once the installation is complete this user will be removed from the node

Kickstart command - sshpw

  • During the installation, you can interact with the installation program and monitor its progress over an SSH connection
  • Use the sshpw command to create temporary accounts through which to log on.
  • Each instance of the command creates a separate account that exists only in the installation environment.
  • These accounts are not transferred to the installed system.

Syntax:

sshpw --username=name [OPTIONS] password

In my CentOS/RHEL 8 kickstart example I am creating a user admin to monitor the installation:

sshpw --username=admin --iscrypted --password=$6$PMLcSXd.w5pBvC.u$D06Ip60h/iWExxQ09gMi5aAbFaDK.NtLOgOZ56uU6kw.uUy/9/Mmw6vYBjs8Hw50y0Rx4m0yMdH0Vt5EUEsRI.

 

Create new group

You can also create a new group using kickstart

Kickstart command - group

  • If a group with the given name or GID already exists, this command fails.
  • The user command can be used to create a new group for the newly created user.
  • It creates a new user group on the system.

Syntax:

group --name=name [--gid=gid]

Mandatory options

  • --name= Provides the name of the group.

 

Enable or Disable firewall

You can enable or disable firewall during installation stage

Kickstart command - firewall

It specifies the firewall configuration for the installed system.

Syntax:

firewall --enabled|--disabled [incoming] [OPTIONS]

Here,

  • --enabled or --enable - Reject incoming connections that are not in response to outbound requests, such as DNS replies or DHCP requests.
  • --disabled or --disable - Do not configure any iptables rules.

 

Enable a module

You can also enable a module using kickstart

Kickstart command - module

Use this command to enable a package module stream within kickstart script.

Syntax:

module --name=NAME [--stream=STREAM]

Mandatory options

  • --name= Specifies the name of the module to enable. Replace NAME with the actual name.

 

Enable or Disable SELinux

You can also enable or disable selinux using kickstart

Kickstart command - selinux

  • It sets the state of SELinux on the installed system.
  • The default SELinux policy is enforcing.

Syntax:

selinux [--disabled|--enforcing|--permissive]

Options:

  • --enforcing Enables SELinux with the default targeted policy being enforcing.
  • --permissive Outputs warnings based on the SELinux policy, but does not actually enforce the policy.
  • --disabled Disables SELinux completely on the system.

 

Package selection

Kickstart uses sections started by the %packages command for selecting packages to install.

Kickstart command - %packages

  • You can install packages, groups, environments, module streams, and module profiles this way.
  • Use the %packages command to begin a Kickstart section which describes the software packages to be installed.
  • The %packages section must end with the %end command.

Specifying groups

  • Specify groups, one entry to a line, starting with an @ symbol, and then the full group name or group id
  • You can get the list of supported options from the list of "dnf grouplist"
%packages
@X Window System
@Desktop
@Sound and Video
%end

Specifying individual packages

  • Specify individual packages by name, one entry to a line. You can use the asterisk character (*) as a wildcard in package names. For example:
%packages
sqlite
curl
aspell
docbook*
%end

In my RHEL/CentOS 8 kickstart example I have used "Virtualization Host"

%packages
@^Virtualization Host
kexec-tools
%end

 

Enable or Disable Kdump

Kickstart command - %addon com_redhat_kdump

This command configures the kdump kernel crash dumping mechanism.

Syntax:

%addon com_redhat_kdump [OPTIONS]
%end

Options:

  • --enable Enable kdump on the installed system.
  • --disable Disable kdump on the installed system.
  • --reserve-mb= The amount of memory you want to reserve for kdump, in MiB

In my RHEL/CentOS 8 kickstart example I have used auto to automatically reserve the required memory for kdump:

%addon com_redhat_kdump --enable --reserve-mb='auto'
%end

 

Apply Password Policy

Kickstart command - pwpolicy

  • Use this command to enforce a custom password policy during installation.
  • The policy requires you to create passwords for the root, users, or the luks user accounts.
  • The factors such as password length and strength decide the validity of a password.

For list of supported options check Red Hat's Guide for Advanced Installation

In my RHEL/CentOS 8 kickstart example I have used below password policy:

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

 

RHEL/CentOS 8 Kickstart Example File

Below is one sample kickstart file example from my server which I use to install Virtual Machine on Oracle VirtualBox

Red_Hat_CentOS_8_Kickstart_Example

 

Lastly I hope this article with CentOS/RHEL 8 kickstart example to automate installation on Linux was helpful. So, let me know your suggestions and feedback using the comment section.

 
References:
Perform Advanced Installation in Red Hat Enterprise Linux 8

 

Leave a Comment

Please use shortcodes <pre class=comments>your code</pre> for syntax highlighting when adding code.