Full Guide: Automatically install Linux by network


The installation is based on a debian jessie (server) with two network interface. eth0( connects to internet, eth1( for intranet configured for with fai server.

dhcp server

Firstly, configure fai server with a static ip, edit /etc/network/interfaces

iface eth1 inet static

Install isc-dhcp-server using the following command

apt-get install isc-dhcp-server

edit the config file /etc/dhcp/dhcpd.conf

subnet netmask {
  option routers;
  option broadcast-address;
  option domain-name-servers;
  filename "pxelinux.0";}

After modify the config file, restart DHCP server with

/etc/init.d/isc-dhcp-server restart

tftp server

Install tfptd-hpa

apt-get install tfptd-hpa

Mkdir /srv/tftp/fai for pxe files, and edit the config file /etc/default/tftpd-hpa


restart tftp server

/etc/init.d/tftpd-hpa restart

NFS server

apt-get install nfs-kernel-server rpcbind

Mkdir /srv/fai/config and /srv/fai/nfsroot and edit configuration file /etc/exports


Reload nfs configuration

exportfs -a

Test mount nfs with


configure linux server as gateway (optional)

In order to install additional packages and update packages, client must be able to install and update packages from public Debian mirror, or local mirror. Mirror Debian packages may cost lots of time, so I prefer to configure the fai server as a network gateway which allow the client to update from public Debian mirror.

Enable ip forward in kernel

echo 1 > /proc/sys/net/ipv4/ip_forward
cat /proc/sys/net/ipv6/ip_forward

Config iptable rules

# clean existing rules
iptables -Fiptables -t nat -F
iptables -t mangle -F
iptables -X

# accept loopback traffic
iptables -A INPUT -i lo -j ACCEPT

# allow ip forward from eth1 to eth0  
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

# allow establish connection from eth0 to eth1
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

# Masquerade.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

# Don't forward from the outside to the inside.
# iptables -A FORWARD -i eth0 -o eth1 -j REJECT

# save
iptables-save > /etc/iptables-rule 

# restore
iptables-restore < /etc/iptables-rule

Step 1: Build basic files

Install fai packages fai-quickstart which contains whole fai necessay packages.

apt-get install fai-quickstart

Edit /etc/fai/fai.conf

# Account for saving log files and calling fai-chboot.

# URL to access the fai config space

Edit nfsroot conf /etc/fai/nfsroot.conf which is named as nfs.conf in older fai version

# "<suite> <mirror>" for debootstrap
FAI_DEBOOTSTRAP="jessie http://http.debian.net/debian"

FAI_DEBOOTSTRAP_OPTS="--exclude=info --include=aptitude"

# Configuration space

Then preparing a cup of coffee, and run fai-setup -v. All the necessary files for a Debian system are downloaded from internet, and store in /srv/fai/nfsroot as predefined.

Step 2: Customize your system

Copy the sample configurations to configuration space:

cp -a /usr/share/doc/fai-doc/examples/simple/* /srv/fai/config/

Generate PXE boot files with

fai-chboot -IFv
fai-chboot -IFv

Step 3: Boot Client with PXE support

Change boot priority to PXE when booting client, then wait the installation finished. When errors occur, check the error log /tmp/fai/error.log on client side.


Install more packages

Edit /srv/fai/config/package_config/FAIBASE, add packages you want to install during the automation installation process.

Execute scripts

Edit /srv/fai/config/scripts/*, put the shell script in it. For example, we want to add a user test with passwd test. Edit scripts/DEBIAN/10-rootpw

$ROOTCMD groupadd test
$ROOTCMD useradd test -p "\$1\$RjwFEEb9\$uBBen8wcr4p41hSY2FGuu1" -m -d /home/test -g test -s /bin/bash

$1$RjwFEEb9$uBBen8wcr4p41hSY2FGuu1 refers to the crypt passwd test with

mkpasswd -Hmd5 -s "test"

mkpasswd command is involved in package whois

Beside, other optimization tasks can be added to scripts/LAST/50-misc

Disk Partition

refer to the files in disk_config


comments powered by Disqus