Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2009 HP Confidential 1 ©2010 HP / Intel / Red Hat restricted 1 Bruno CornecHP, Open Source Profession Lead Linux Security.

Published bySimon Williamson Modified over 7 years ago

Similar presentations

Presentation on theme: "©2009 HP Confidential 1 ©2010 HP / Intel / Red Hat restricted 1 Bruno CornecHP, Open Source Profession Lead Linux Security."— Presentation transcript:

1 ©2009 HP Confidential 1 ©2010 HP / Intel / Red Hat restricted 1 Bruno CornecHP, Open Source Profession Lead Linux Security

2 Bruno Cornec 2 2 Introducing Myself ● Software engineering and Unices since 1988 ● Mostly Configuration Management Systems (CMS), Build systems, quality tools, on multiple commercial Unix systems ● Discover Open Source & Linux (OSL) & first contributions in 1993 ● Full time on OSL since 1995, first as HP reseller then @HP ● Currently : ● Master Technology Architect on OSL for the HP/Intel Solution Center, Grenoble ● OSL HP Advocate ● EMEA OSL HP Profession Lead ● Solutions Linux Conference and OWF board member ● MondoRescue, Dploy.org, Project-Builder.org project lead ● LinuxCOE, mrepo, tellico, rinse, fossology, collectl contributor ● FOSSBazaar and OSL Governance enthusiast ● Mandriva, Mageia, Fedora packager

3 ©2009 HP Confidential 3 ©2010 HP / Intel / Red Hat restricted 3 Agenda

4 ©2009 HP Confidential 4 ©2010 HP / Intel / Red Hat restricted 4 Objective and Agenda Objective: To describe how security is managed on Red Hat Enterprise Linux Clients with Intel based HP ProLiant servers Agenda: Definitions Automatic media deployment Automatic network deployment Automatic images deployment

5 ©2009 HP Confidential 5 ©2010 HP / Intel / Red Hat restricted 5 Deployment definition The deployment consists of all the means (both software and hardware) to install and configure firmware, operating system and all needed applications on a computer or a set of computers, minimizing manual interactions and creating an homogeneous and reproduceable setup PXE (Intel): Pre-boot eXecution Environment Allows a PC to boot through the network iLO (hp):Integrated Lights Out Management Card Allows firmware update and management through a dedicated LAN interface Software tools: ether-wake/wol, DHCP server, TFTP server, NFS/FTP server, syslinux/isolinux/pxelinux, kickstart and Satellite (RHEL), MondoRescue

6 ©2009 HP Confidential 6 ©2010 HP / Intel / Red Hat restricted 6 Deployment approaches Automatic system deployment: ● Hardware neutral ● Update process quick ● Distribution dependant ● Installation quick ● Excellent customisation System Images deployment : ● Distribution/OS neutral ● Installation quicker ● Update process longer ● Hardware dependant ● Good customization ● You need BOTH !!

7 ©2009 HP Confidential 7 ©2010 HP / Intel / Red Hat restricted 7 Installation detailed ● PC power-on (POST) ● BIOS pass control to boot device (floppy / bootable CD) ● Most boot floopy use syslinux with a syslinux.cfg config file ● syslinux loads initrd and boots the kernel with params default linux prompt 1 timeout 600 display boot.msg label linux kernel vmlinuz append initrd=initrd.img lang= devfs=nomount ramdisk_size=7168 vga=788 label ks kernel vmlinuz append ks=floppy initrd=initrd.img lang= devfs=nomount ramdisk_size=7168 ● The kernel launch the install

8 ©2009 HP Confidential 8 ©2010 HP / Intel / Red Hat restricted 8 Deployment detailed (step 1) ● PC power-on (POST) ● BIOS pass control to boot device (PXE firmware) ● DHCP request from PXE client ● DHCP server provides an IP configuration ● allow bootp; ● allow booting; ● subnet 192.168.8.0 netmask 255.255.255.0 { ● option routers192.168.8.20; ● option subnet-mask255.255.255.0; ● default-lease-time 21600; ● max-lease-time 43200; ● group { ● next-server 192.168.8.20;# tftp server ● filename "pxelinux.0"; ● host test3 { ● hardware ethernet 00:01:02:06:25:F1; ● fixed-address 192.168.8.26; ● }

9 ©2009 HP Confidential 9 ©2010 HP / Intel / Red Hat restricted 9 Deployment detailed (step 2) ● PXE request from PXE client ● DHCP server provides boot file name and boot server ● TFTP request from PXE client ● pxelinux.0 loaded on client ● pxelinux reads its config file from pxelinux.cfg/ip-addr default ks Prompt 0 display boot.msg label ks kernel kernel/vmlinuz-rh7.2 append initrd=initrd/initrd-rh7.2.img devfs=nomount lang= ramdisk_size=7168 ks=nfs:192.168.8.20:/tftpboot/ks/ks72.cfg label mdk81-auto kernel kernel/vmlinuz-mdk8.1 append initrd=initrd/initrd-mdk8.1.img ramdisk_size=32000 kickstart=floppy automatic=method:ftp,network:dhcp,server:192.168.8.20,directory:/pub/mandrake/8.1 auto_install=/pub/mandrake/auto_inst.pl

10 ©2009 HP Confidential 1010 ©2010 HP / Intel / Red Hat restricted 1010 Deployment detailed (step 3) ● pxelinux loads initrd and boots the kernel with params ● default ks ● lang fr_FR ● langsupport --default fr_FR fr_FR en_US ● network --bootproto bootp --device eth0 ● url --url ftp://192.168.8.20/pub/rrhel/6/x86_64 ● keyboard "fr-latin1" ● zerombr yes ● clearpart --all ● part /boot --size 50 ● part swap --size 512 ● part / --size 1000 ● part /usr --size 3000 ● part /var --size 256 ● part /opt --size 512 ● part /home --size 1 --grow ● install ● mouse --device psaux genericps/2 --emulthree ● timezone Europe/Paris ● xconfig --monitor "HP D2807A Ultra VGA 1280 17" ● rootpw linux1 ● auth --useshadow --enablemd5 ● lilo --location mbr ● Reboot ● %packages ● @ Server ● %post ● exec > /tmp/postinstall.log 2>&1 ● cat > /tmp/postinstall << FINI ● echo "End postinstall" ● FINI ● chmod 755 /tmp/postinstall ; /tmp/postinstall

11 ©2009 HP Confidential1 ©2010 HP / Intel / Red Hat restricted1 Imaging deployment ● Install the distribution ● Apply updates, configure... ● Install mondo/mindi/mindi-busybox/afio/buffer ● Create ISO images of the installed system through NFS ● mondoarchive -d /images -E '/home|/tmp' -9 -s 4380m -n 192.168.8.20 /home/ftp/images ● Integrate the content of the mondo restore image in the previous configuration label mondo kernel kernel/vmlinuz-mondo append initrd=initrd/initrd-mondo.img devfs=nomount ramdisk=23352 ramdisk_size=23352 expert_mode root=/dev/ram0 ● Details available in README.pxe

12 ©2009 HP Confidential 1212 ©2010 HP / Intel / Red Hat restricted 1212 How to get in contact with us HP Linux Profession Lead EMEA Open Source Advocate Bruno.Cornec@hp.com +33 672 99 3109 Intel Account Manager for HP EMEA TSG/ISS Stefanie Schütze stefanie.schuetze@intel.com + 39 335 215 479 Red Hat Alliance Manager HP EMEA Michaela Weissensteiner mweissen@redhat.com mweissen@redhat.com +49 (0) 177 4444 150 hp-intel-redhat-program@lists.hp.com http://www.hpintelco.net/hp-intel-redhat.htm

13 ©2009 HP Confidential 1313 ©2010 HP / Intel / Red Hat restricted 1313 Thank you ! Q&A

Download ppt "©2009 HP Confidential 1 ©2010 HP / Intel / Red Hat restricted 1 Bruno CornecHP, Open Source Profession Lead Linux Security."

Similar presentations

Scientific Linux Network Installation Pete Gronbech: April 2005 RAL.

Scientific Linux Network Installation Pete Gronbech: April 2005 RAL.
INSTALLING LINUX.  Identify the proper Hardware  Methods for installing Linux  Determine a purpose for the Linux Machine  Linux File Systems  Linux.

INSTALLING LINUX.  Identify the proper Hardware  Methods for installing Linux  Determine a purpose for the Linux Machine  Linux File Systems  Linux.
PXE netboot installation of Linux/SuSE

PXE netboot installation of Linux/SuSE
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 5.1 © Copyright IBM Corporation 2008 Unit 2 Installing.

Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 5.1 © Copyright IBM Corporation 2008 Unit 2 Installing.
Creating a [legacy & EFI] PXE server using pxelinux

Creating a [legacy & EFI] PXE server using pxelinux
Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of Development | Altiris, Inc.

Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of Development | Altiris, Inc.
1 Web Server Administration Chapter 3 Installing the Server.

1 Web Server Administration Chapter 3 Installing the Server.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
1 CMPT 471 Networking II DHCP © Janice Regan, 2006-2013.

1 CMPT 471 Networking II DHCP © Janice Regan,
Automating Linux Installations at CERN G. Cancio, L. Cons, P. Defert, M. Olive, I. Reguero, C. Rossi IT/PDP, CERN presented by G. Cancio.

Automating Linux Installations at CERN G. Cancio, L. Cons, P. Defert, M. Olive, I. Reguero, C. Rossi IT/PDP, CERN presented by G. Cancio.
Installing Linux Redhat: A how to guide in installing and configuring Redhat 6.2.

Installing Linux Redhat: A how to guide in installing and configuring Redhat 6.2.
Installing Windows Deployment Service

Installing Windows Deployment Service
DHCP server & Client Objectives Contents

DHCP server & Client Objectives Contents
Installing and maintaining clusters of FreeBSD servers using PXE and Rsync Cor Bosman XS4ALL

Installing and maintaining clusters of FreeBSD servers using PXE and Rsync Cor Bosman XS4ALL
Linux+ Guide to Linux Certification Chapter Three Linux Installation and Usage.

Linux+ Guide to Linux Certification Chapter Three Linux Installation and Usage.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
Configuration of Linux Terminal Server Group: LNS10A6 Thebe Laxmi, Sharma Prabhakar, Patrick Appiah.

Configuration of Linux Terminal Server Group: LNS10A6 Thebe Laxmi, Sharma Prabhakar, Patrick Appiah.
Guide to Linux Installation and Administration, 2e1 Chapter 3 Installing Linux.

Guide to Linux Installation and Administration, 2e1 Chapter 3 Installing Linux.
IT:NETWORK:MICROSOFT SERVER 2 DHCP AND WINDOWS DEPLOYMENT SERVICES.

IT:NETWORK:MICROSOFT SERVER 2 DHCP AND WINDOWS DEPLOYMENT SERVICES.
DYNES: Building a Distributed Networking Instrument Ben Meekhof ATLAS Great Lakes Tier2 University of Michigan HEPiX 2012, Oct 15-19 2012.

DYNES: Building a Distributed Networking Instrument Ben Meekhof ATLAS Great Lakes Tier2 University of Michigan HEPiX 2012, Oct

Similar presentations

Ads by Google