Installation & Kickstart

Learning Objectives

• Understand RHEL installation methods
  Boot media, installation sources, and deployment options
• Perform interactive installation
  Navigate Anaconda installer, configure storage and packages
• Create Kickstart configuration files
  Automate installations with ks.cfg files
• Deploy systems using Kickstart
  Boot with Kickstart files from various sources

Installation Overview

RHEL Installation uses the Anaconda installer — it can run interactively with a GUI or automatically using Kickstart configuration files.

Installation Flow

• Boot from installation media — typically a DVD ISO or USB drive
• Anaconda collects configuration — interactively or from a Kickstart file
• Partitions disks, installs packages, configures system, then reboots
• Interactive: one or a few unique systems, learning, or unclear requirements
• Kickstart: many identical systems, guaranteed consistency, automation pipelines

Installation Media Types

RHEL installation requires boot media and package sources. These can be the same (DVD) or separate (network boot + network repo).

Creating Bootable USB Media

# Create bootable USB from ISO (Linux)
[root@workstation ~]# dd if=rhel-9.3-x86_64-dvd.iso \
    of=/dev/sdb bs=4M status=progress
# Warning: This destroys all data on /dev/sdb!

# Always verify USB device name first
[root@workstation ~]# lsblk

⚠ Specifying the wrong device with dd destroys data. Always verify with lsblk first.

For RHCSA, focus on DVD/USB installations. PXE boot requires additional TFTP infrastructure and is more advanced.

Boot Menu Options

When you boot from RHEL installation media, you see a boot menu:

• Install Red Hat Enterprise Linux 9.3 — Start installer immediately
• Test this media & install — Verify media integrity first (recommended, especially for burned DVDs)
• Troubleshooting — Rescue mode, memory test

Press Tab to edit boot options on the selected entry.
Press e for full GRUB-style editing.

Key Boot Parameters

# Press Tab at boot menu, then append options:
vmlinuz initrd=initrd.img inst.stage2=hd:LABEL=RHEL-9-3 quiet \
    inst.ks=http://server/ks.cfg

# Common boot parameters:
# inst.ks=URL      - Kickstart file location
# inst.repo=URL    - Package repository location
# inst.vnc         - Enable VNC for remote installation
# inst.text        - Force text mode installation

• inst.ks — essential for Kickstart automation
• inst.vnc — graphical install on headless systems
• inst.text — text mode for systems without graphics

Anaconda Installation Summary

The hub-and-spoke design lets you configure items in any order. Items marked ⚠ require attention before installation can proceed.

Begin Installation is disabled until all required items are configured.

Installation Destination — Disk Partitioning

Select the disk, then choose automatic or custom partitioning.

/boot     - 1 GB (xfs)
/boot/efi - 600 MB (UEFI only)
/         - Remaining (LVM/xfs)
swap      - Based on RAM

/home - User data
      (survives reinstalls)
/var  - Logs, databases
/tmp  - Temporary files

RHEL 9 default: LVM with XFS filesystems — provides flexibility to resize volumes later.

Partitioning Requirements & Best Practices

• /boot must be outside LVM for BIOS boot systems
• /boot/efi is required on UEFI systems
• Automatic partitioning — good for most systems; Anaconda creates a reasonable layout
• Custom partitioning — full control; standard partitions, LVM logical volumes, or Btrfs
• Separate /home preserves user data across reinstalls
• Separate /var for systems with large logs or databases

For RHCSA, understand both automatic and custom partitioning and required vs. recommended partitions.

Software Selection

Choose a base environment — easier to add packages later than to remove unnecessary ones.

Best practice: Start minimal, add with dnf. Reduces attack surface and install time.

Network & Host Name Configuration

# Static IP configuration:
IPv4 Method: Manual
Address:     192.168.1.100
Netmask:     255.255.255.0  (or /24)
Gateway:     192.168.1.1
DNS:         192.168.1.1, 8.8.8.8

# Hostname — use FQDN when possible:
server1.example.com    (recommended)
webserver01            (short name)

⚠ Network interfaces are disabled by default during installation. Enable them here if needed.

When Network is Required During Installation

Network must be enabled during installation for:

• Network installation source — Boot ISO must download packages from network
• Red Hat subscription registration — register during installation
• Time synchronization — accurate clock via NTP
• Kickstart file retrieval — when ks.cfg is on a network server

Even when not strictly required, configuring network during installation saves post-installation work. Configuration persists to the installed system.

User Configuration

In enterprise environments, individual administrator accounts are preferred over shared root — each person logs in as themselves, gains privileges with sudo, and all actions are logged.

Begin Installation

# Installation sequence:
# 1. Disk partitioning applied (destructive!)
# 2. Filesystems created and formatted
# 3. Packages installed from source
# 4. GRUB2 bootloader installed
# 5. Initial configuration applied
# 6. Reboot button appears

⚠ Point of no return — disk changes applied immediately, destroying existing data on selected disks.

Remove installation media before rebooting so the system boots from the installed disk.

Introduction to Kickstart

Kickstart automates RHEL installation by providing answers to all installer questions in a configuration file. The system installs without human intervention.

Why Use Kickstart?

• Consistency — every system from the same Kickstart is identical; no forgotten settings
• Speed — no waiting for human input; deploy as fast as hardware allows
• Reliability — no human errors, fat-fingered settings, or missed steps
• Repeatability — deploy the same configuration a year later, same result
• Documentation — the Kickstart file documents exactly how systems are configured
• Infrastructure as Code — configuration in version control, reviewable, reproducible

Kickstart File Structure

Kickstart files have four main sections — order matters:

1. Command section — installation mode, locale, passwords, network
2. Disk configuration — partitioning commands
3. Package section — between %packages and %end
4. Scripts section — %pre (before install) and %post (after install)

Comments start with # and are ignored. Each Kickstart command maps to an Anaconda screen option.

Kickstart File Example

# 1. Command Section
text
url --url="http://repo/rhel9"
keyboard --vckeymap=us
lang en_US.UTF-8
timezone America/New_York
rootpw --iscrypted $6$...

# 2. Disk Configuration
clearpart --all --initlabel
autopart
bootloader --location=mbr

# 3. Package Section
%packages
@^minimal-environment
vim-enhanced
-plymouth
%end

# 4. Scripts (optional)
%post
echo "Post-install script"
%end

Essential Commands: Source & Network

# Installation source
url --url="http://server/rhel9/BaseOS"
cdrom                          # Use attached DVD/ISO
nfs --server=nfs.example.com --dir=/exports/rhel9

# Network — DHCP
network --bootproto=dhcp --device=eth0 --activate

# Network — Static IP
network --bootproto=static \
  --ip=192.168.1.100 \
  --netmask=255.255.255.0 \
  --gateway=192.168.1.1 \
  --nameserver=8.8.8.8 \
  --hostname=server1.example.com

Include --activate to bring up the interface during installation.

Essential Commands: Users & Behavior

# User accounts
rootpw --plaintext redhat123       # Not recommended
rootpw --iscrypted $6$rounds=...   # Use this in production
rootpw --lock                      # Lock root account

user --name=alice \
     --iscrypted --password=$6$... \
     --groups=wheel

# Installation behavior
text                      # Text mode (faster)
graphical                 # GUI mode
reboot                    # Auto-reboot when done
poweroff                  # Shut down when done
firstboot --disabled      # Skip first-boot wizard

Generate hashes: python3 -c "import crypt; print(crypt.crypt('password'))"

Kickstart Disk Configuration

# Clear and initialize disk
zerombr                        # Clear MBR if invalid
clearpart --all --initlabel    # Remove all partitions
clearpart --drives=sda         # Clear specific disk only

# Automatic partitioning (recommended for most)
autopart                       # Default LVM layout
autopart --type=lvm            # Explicitly use LVM
autopart --type=plain          # Standard partitions, no LVM

# Bootloader
bootloader --location=mbr --boot-drive=sda

Always include --initlabel with clearpart to create a new partition table.

Manual LVM Partition Layout

# Physical partitions
part /boot --fstype=xfs --size=1024
part /boot/efi --fstype=efi --size=600   # UEFI systems
part pv.01 --size=1 --grow               # LVM physical volume

# Volume group and logical volumes
volgroup rhel pv.01
logvol / --vgname=rhel --name=root \
    --fstype=xfs --size=10240
logvol /home --vgname=rhel --name=home \
    --fstype=xfs --size=5120
logvol swap --vgname=rhel --name=swap \
    --size=2048

Sizes in megabytes. Use --grow to fill remaining space. Bad disk config fails immediately — verify carefully.

Package Selection

%packages
# Environment groups (@^ prefix)
@^minimal-environment          # Minimal install
@^server-product-environment   # Server

# Package groups (@ prefix)
@development                   # Development Tools
@security-tools                # Security tools

# Individual packages
vim-enhanced
tmux
httpd

# Exclude packages (- prefix)
-plymouth                      # Remove boot splash
-iwl*firmware                  # Remove WiFi firmware
%end

Find group names: dnf group list --hidden on an existing RHEL system.

%pre and %post Scripts

You can have multiple %post sections with different options. Default interpreter is bash; use --interpreter=/usr/bin/python3 for Python scripts.

Script Examples

%pre
echo "Starting at $(date)" > /tmp/install.log
%end

%post
# Enable services
systemctl enable httpd
systemctl enable firewalld

# Create message of the day
cat > /etc/motd << EOF
Deployed via Kickstart on $(date)
EOF

dnf -y update
%end

%post --nochroot
# Copy from installer environment to new system
cp /tmp/install.log /mnt/sysimage/root/
%end

Creating Kickstart Files

Three approaches — easiest to hardest:

1. Copy anaconda-ks.cfg — every RHEL install creates this in /root/, recording exactly what was done
2. system-config-kickstart — graphical tool (install from repos) walks through options and generates the file
3. Write from scratch — possible but tedious; many options to remember correctly

For enterprise use: start from a known-good config, maintain in version control, and modify incrementally.

Validating Kickstart Files

# View auto-generated Kickstart from completed install
[root@server ~]# cat /root/anaconda-ks.cfg

# Copy and customize for new deployments
[root@server ~]# cp /root/anaconda-ks.cfg /var/www/html/ks.cfg
[root@server ~]# vi /var/www/html/ks.cfg

# Install validation tools
[root@server ~]# dnf install pykickstart

# Validate syntax (no output = valid)
[root@server ~]# ksvalidator /var/www/html/ks.cfg

# Compare two Kickstart files
[root@server ~]# ksdiff ks1.cfg ks2.cfg

Always run ksvalidator before deploying. Better to find errors before booting systems.

Kickstart File Locations

# Boot parameter to specify Kickstart location:
inst.ks=URL

# HTTP server (most common)
inst.ks=http://192.168.1.10/ks.cfg
inst.ks=http://server.example.com/kickstart/webserver.cfg

# NFS share
inst.ks=nfs:server.example.com:/exports/ks.cfg

# USB drive or DVD
inst.ks=hd:sdb1:/ks.cfg
inst.ks=cdrom:/ks.cfg

HTTP is most common — easy to update centrally, version control, and serve multiple configs for different server roles.

Specifying Kickstart at Boot

At the boot menu, press Tab and append the Kickstart parameter:

vmlinuz initrd=initrd.img inst.stage2=hd:LABEL=RHEL-9-3 \
    inst.ks=http://server/ks.cfg

If using a Boot ISO (no packages on media), also specify the repo:

inst.ks=http://server/ks.cfg inst.repo=http://server/rhel9/

• With a complete Kickstart, no human interaction is needed
• If items are missing, Anaconda prompts for just the missing information

Complete Example: Web Server Kickstart (1/2)

# Installation settings
text
url --url="http://repo.example.com/rhel9/BaseOS"
repo --name="AppStream" \
     --baseurl="http://repo.example.com/rhel9/AppStream"

keyboard --vckeymap=us
lang en_US.UTF-8
timezone America/New_York --utc

network --bootproto=dhcp --device=eth0 --activate
network --hostname=webserver1.example.com

rootpw --iscrypted $6$rounds=4096$salt$hashedpassword
user --name=admin --groups=wheel \
     --iscrypted --password=$6$...

Complete Example: Web Server Kickstart (2/2)

zerombr
clearpart --all --initlabel
autopart
bootloader --location=mbr

firewall --enabled \
    --service=ssh --service=http --service=https
selinux --enforcing
firstboot --disabled
reboot

%packages
@^minimal-environment
httpd
mod_ssl
vim-enhanced
%end

%post
systemctl enable httpd
%end

Boot with inst.ks pointing to this file and get a consistent, secure web server every time.

Key Takeaways

• Interactive Install
  Boot from media, configure through Anaconda GUI. Good for unique systems and learning.
• Key Decisions
  Disk partitioning (auto or custom), software selection, network, and user accounts.
• Kickstart
  Text file with all installation answers. Use inst.ks=URL at boot for consistent automated deployment.
• Kickstart Creation
  Copy /root/anaconda-ks.cfg from an existing install. Validate with ksvalidator.

Lab Exercises

• Perform interactive RHEL installation in a VM
• Use custom partitioning with a separate /home partition
• Copy and examine anaconda-ks.cfg from the completed install
• Create a Kickstart for a minimal server with specific packages
• Deploy a VM using Kickstart from an HTTP server
• Add a %post script to enable services and create configuration files

Next: Managing Software with DNF and Repositories