Configuring PXE booting for virtual machines
PXE booting, or network booting, is available in OpenShift Virtualization. Network booting allows a computer to boot and load an operating system or other program without requiring a locally attached storage device. For example, you can use it to choose your desired OS image from a PXE server when deploying a new host.
PXE booting with a specified MAC address
As an administrator, you can boot a client over the network by first creating a NetworkAttachmentDefinition object for your PXE network.
Then, reference the network attachment definition in your virtual machine instance configuration file before you start the virtual machine instance.
You can also specify a MAC address in the virtual machine instance configuration file, if required by the PXE server.
-
A Linux bridge must be connected.
-
The PXE server must be connected to the same VLAN as the bridge.
-
You have installed the OpenShift CLI (
oc).
-
Configure a PXE network on the cluster:
-
Create the network attachment definition file for PXE network
pxe-net-conf:apiVersion: "k8s.cni.cncf.io/v1" kind: NetworkAttachmentDefinition metadata: name: pxe-net-conf spec: config: | { "cniVersion": "0.3.1", "name": "pxe-net-conf", "type": "bridge", "bridge": "bridge-interface", "macspoofchk": false, "vlan": 100, "disableContainerInterface": true, "preserveDefaultVlan": false }-
metadata.namespecifies the name for theNetworkAttachmentDefinitionobject. -
spec.config.namespecifies the name for the configuration. It is recommended to match the configuration name to thenamevalue of the network attachment definition. -
spec.config.typespecifies the actual name of the Container Network Interface (CNI) plugin that provides the network for this network attachment definition. This example uses a Linux bridge CNI plugin. You can also use an OVN-Kubernetes localnet or an SR-IOV CNI plugin. -
spec.config.bridgespecifies the name of the Linux bridge configured on the node. -
spec.config.macspoofchkis an optional flag to enable the MAC spoof check. When set totrue, you cannot change the MAC address of the pod or guest interface. This attribute allows only a single MAC address to exit the pod, which provides security against a MAC spoofing attack. -
spec.config.vlanis an optional VLAN tag. No additional VLAN configuration is required on the node network configuration policy. -
spec.config.preserveDefaultVlanis an optional flag that indicates whether the VM connects to the bridge through the default VLAN. The default value istrue.
-
-
-
Create the network attachment definition by using the file you created in the previous step:
$ oc create -f pxe-net-conf.yaml -
Edit the virtual machine instance configuration file to include the details of the interface and network.
-
Specify the network and MAC address, if required by the PXE server. If the MAC address is not specified, a value is assigned automatically.
Ensure that
bootOrderis set to1so that the interface boots first. In this example, the interface is connected to a network called<pxe-net>:interfaces: - masquerade: {} name: default - bridge: {} name: pxe-net macAddress: de:00:00:00:00:de bootOrder: 1Note
Boot order is global for interfaces and disks.
-
Assign a boot device number to the disk to ensure proper booting after operating system provisioning.
Set the disk
bootOrdervalue to2:devices: disks: - disk: bus: virtio name: containerdisk bootOrder: 2 -
Specify that the network is connected to the previously created network attachment definition. In this scenario,
<pxe-net>is connected to the network attachment definition called<pxe-net-conf>:networks: - name: default pod: {} - name: pxe-net multus: networkName: pxe-net-conf
-
-
Create the virtual machine instance:
$ oc create -f vmi-pxe-boot.yamlExample output:
virtualmachineinstance.kubevirt.io "vmi-pxe-boot" created -
Wait for the virtual machine instance to run:
$ oc get vmi vmi-pxe-boot -o yaml | grep -i phase phase: Running -
View the virtual machine instance using VNC:
$ virtctl vnc vmi-pxe-boot -
Watch the boot screen to verify that the PXE boot is successful.
-
Log in to the virtual machine instance:
$ virtctl console vmi-pxe-boot
-
Verify the interfaces and MAC address on the virtual machine and that the interface connected to the bridge has the specified MAC address. In this case, we used
eth1for the PXE boot, without an IP address. The other interface,eth0, got an IP address from OpenShift Container Platform.$ ip addrExample output:
... 3. eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether de:00:00:00:00:de brd ff:ff:ff:ff:ff:ff
OpenShift Virtualization networking glossary
The following terms are used throughout OpenShift Virtualization documentation.
- Container Network Interface (CNI)
-
A Cloud Native Computing Foundation project, focused on container network connectivity. OpenShift Virtualization uses CNI plugins to build upon the basic Kubernetes networking functionality.
- Multus
-
A "meta" CNI plugin that allows multiple CNIs to exist so that a pod or virtual machine can use the interfaces it needs.
- Custom resource definition (CRD)
-
A Kubernetes API resource that allows you to define custom resources, or an object defined by using the CRD API resource.
NetworkAttachmentDefinition-
A CRD introduced by the Multus project that allows you to attach pods, virtual machines, and virtual machine instances to one or more networks.
UserDefinedNetwork-
A namespace-scoped CRD introduced by the user-defined network (UDN) API that can be used to create a tenant network that isolates the tenant namespace from other namespaces.
ClusterUserDefinedNetwork-
A cluster-scoped CRD introduced by the user-defined network API that cluster administrators can use to create a shared network across multiple namespaces.
- Node network configuration policy (NNCP)
-
A CRD introduced by the nmstate project, describing the requested network configuration on nodes. You update the node network configuration, including adding and removing interfaces, by applying a
NodeNetworkConfigurationPolicymanifest to the cluster.