Fedora Server remote interactive installation guide

Peter Boy, Kevin Fenzi, Jan Kuparinen Версія F35-F40 Last review: 2024-11-10
With this method, the server is usually residing in a remote location, such as a data center. It boots from a prepared installation media into the Anaconda installation program configured to start and use a "virtual network console" (VNC) server instead of a local physical console. The system administrator connects using a VNC viewer on a local desktop to the server and runs through the Anaconda graphical installer. This method is best suited for servers without any or just cumbersome available direct console access.

1. How it works

Anaconda provides 2 ways to connect Fedora Sever and a remote desktop.

Direct mode

In this mode, Anaconda starts the installation and waits for an incoming connection  from a VNC viewer before proceeding. While waiting for an incoming connection, the console displays the system’s IP address and the port on which the installer expects the connection, if available; this implies that you need at least a serial console to connect using this mode, but you can work around this limitation if you know the default VNC port and the system’s IP address.

Connect mode

In this mode, the sysadmin first starts a VNC viewer on a desktop system in listening mode. The VNC viewer waits for an incoming connection on a specified port. After that, Anaconda starts and initiates a connection to the VNC Viewer. Again, a boot option or a kickstart command configures host name/IP address and port number. When the installation begins, the installation program establishes a connection with the listening VNC viewer using the specified host name/IP address and port number. Connect mode is always required if the server’s network does not allow any incoming connection. But it also may require additional preparation, because the viewer system must be able to accept incoming connections on the specified port, which usually requires changing firewall settings.

After a successful connection, both methods work the same.

2. Prerequisites

Proper install media availabe

You need one of the installation media variants ready to use as described in Server Installation

Accessible Firewall Configuration

Depending on which of the previous mentioned VNC variants you are to use, Firewalls on the desktop and any firewall along the connection path (the server to be installed doesn’t have an active firewall) must allow either a connection originating on the desktop (which should at least in case of public accessible servers work anyway) or a connection originating on the server (what is usually blocked and requires additional configuration and may induce security related issues).

VNC viewer

Performing a VNC installation requires a VNC viewer running on your workstation or another terminal computer. VNC viewers are available in the repositories of most Linux distributions; free VNC viewers are also available for other operating systems, such as Windows. On Linux systems, use your package manager to search for a viewer for your distribution.

The following VNC viewers are available in Fedora:

  • TigerVNC - A basic viewer independent of your desktop environment. Installed as the tigervnc package.

  • Vinagre - A viewer for the GNOME desktop environment. Installed as the vinagre package.

  • KRDC - A viewer integrated with the KDE desktop environment. Installed as the kdenetwork-krdc package.

    To install any of the viewers listed above, execute the following command as root:

    [...]# dnf install PACKAGE_NAME

    Replace package with the package name of the viewer you want to use (for example, Tigervnc).

3. Using direct mode

3.1. Booting the server

There are several options to boot the server, depending on the ethernet connection method and availability of at least some, maybe cumbersome and short living local console access.

3.1.1. Console access available

  1. Boot the server to be installed and wait for the boot menu to appear.

    Boot Menu

  2. In the menu, select the kernel you want to boot and type e to get access to the boot options and append

    inst.vnc  inst.vncpassword=PASSWORD

    to the end of the command line. Setting a password is not optional here. Replace PASSWORD with the password of your choice. It must be between 6 and 8 characters long.

    For security considerations, use a temporary password for the inst.vncpassword= option. It should not be a real or root password you use on any system.

    The above configuration requires an active DHCP server. With none available, you must provide a static interface configuration as well.

    ip=ip::gateway:netmask:hostname:interface:none  inst.vnc  inst.vncpassword=PASSWORD
  3. Leave the editing mode by <ctrl>-x or F10 to continue to boot and to start the installation using the selected kernel and the edited options. You get the message

      Booting a command list

    The system will initialize the installation program and start the necessary services. It takes some time. And after a lot of boot messages, when the system is ready, you get:

      Starting installer, one moment
      ...
      hh:mm:ss Starting VNC ...
      hh:mm:ss The VNC server us now running.
    
      You chose to execute vnc with a password
    
      hh:mm:ss Please manually connect your VNC viewer to 192.168.100.131:1 to begin the install.
      hh:mm:ss Attempting to start vncconfig

    Continue with 3.2. Connecting to the server.

3.1.2. No console access available – provide a kickstart medium

You can’t use this way to install release f41!

You have thre options:

  1. Organize a terminal and use the method described above.

  2. Install release f40 using this method and then update to f41 using the dnf upgrade method.

  3. Provide a kickstart file that completey describes your installation either by a ks.cfg file on an additional USB thumb drive named OEMDRV as described below or using PXE boot.

  1. On your desktop, connect an USB stick and format as FAT and with label OEMDRV. In Fedora use the graphical tool of the desktop UI or a terminal window.

    List the connected devices and identify the USB stick

    […]$ lsblk
    NAME                      MAJ:MIN RM    SIZE RO TYPE MOUNTPOINTS
    sda                         8:0    0  596.2G  0 disk
    ├─sda1                      8:1    0    600M  0 part /boot/efi
    ├─sda2                      8:2    0      1G  0 part /boot
    ├─sda3                      8:3    0     80G  0 part
    │ ├─fedora_fedora-root    253:0    0     15G  0 lvm  /
    │ └─fedora_fedora-var_log 253:2    0      5G  0 lvm  /var/log
    └─sda4                      8:4    0  514.6G  0 part
      ├─fedora_user-libvirt   253:3    0    120G  0 lvm  /var/lib/libvirt
      └─fedora_user-machines  253:4    0     80G  0 lvm  /var/lib/machines
    sdb                         8:16   1 1001.5M  0 disk
    └─sdb1                      8:17   1 1001.5M  0 part
    zram0                     252:0    0      8G  0 disk [SWAP]

    In the example above, the USB stick is sdb. Just in case it is mounted, unmount and then format and mount it at e.g. /mnt

    […]$ sudo umount /dev/sdb1
    […]$ sudo mkfs.vfat  -n 'OEMDRV' /dev/sdb1
    […]$ sudo mount /dev/sdb1  /mnt
  2. Create and edit a kickstart file ks.cfg in the root directory of the USB stick

    If possible, you should provide a static network configuration, so you’ll know the IP address.

    […]$ sudo vim /mnt/ks.cfg
    <INSERT>
    network --bootproto=static --ip=ww.xx.yy.zz --netmask=255.255.255.0 --gateway=ww.xx.yy.gg --nameserver=10.0.2.1
    vnc --password=PASSWORD
    <SAVE&QUIT>

    If the network configuration does not allow or enable static interface configuration, omit the 'network …' line and use DHCP.

  3. On your server, connect the installation medium as well as the OEMDRV medium and boot. The server will use the OEMDRV stick, configure the interface and start VNC. Just in case you have at least a monitor without keyboard and mouse, you will see the corresponding message. Otherwise, trust your configuration.

Continue with 3.2. Connecting to the server.

3.1.3. No console access available – patch installation medium

If none of the above options work with your server and network configuration, you could patch the installation media as a last resort. As an example, you can change the grub boot lines in /isolinux/grub.conf. You would need to add the vnc parameter and remove the integrity test, as this is the default line but would fail after patching.

We won’t go into this matter any further here. This is really the very last resort and is not recommended.

3.2. Connecting to the server

  1. In case of a server without a console attached determine the IP address.

    1. If possible, check the DHCP server for the IP of the server.

    2. Scan the network subnet the server is connected to for open port 5901. Adjust the network IP address accordingly!

      […]# dnf install nmap
      […]# nmap -Pn -p5901 192.168.158.0/24
      Starting Nmap 7.80 ( https://nmap.org ) at 2021-05-23 08:18 CEST
      Nmap scan report for example.com (192.168.158.1)
      Host is up (0.00052s latency).
      
      PORT     STATE  SERVICE
      5091/tcp closed nn-admin
      MAC Address: 34:81:C4:14:21:B4 (AVM GmbH)
      
      Nmap scan report for iMac.fritz.box (192.168.158.111)
      Host is up (0.00051s latency).
      ...
      ...
      PORT     STATE SERVICE
      5901/tcp open
      MAC Address: B8:27:EB:5A:EC:84
      
      Nmap scan report for 192.168.158.200
      Host is up (0.00068s latency).
      ...
      ...
      Nmap done: 256 IP addresses (12 hosts up) scanned in 2.38 seconds

      Look for an entry with open state of port 5901 and no hostname or unknown hostname. Among them you will probably find the device you are looking for. In the example above it is 192.168.158.200.

  2. On the desktop start the VNC viewer, enter the IP address obtained in the previous step and port 5901 into the Connection Details dialog. Then, click Connect. The VNC viewer will now connect to the installation system. If you set up a VNC password, enter it when prompted and press OK.

  3. When the connection is successfully established, a new window will open on the system running the VNC viewer, displaying the installation menu. You will be presented with the familiar language selection menu.

    The language selection installation window

    interactive remote 015

    This window will provide full remote access to the installer until the installation finishes and the system reboots for the first time.

    If the screen freezes after some mouse or keyboard actions, add the kernel option nomodeset before the term inst.vnc to the kernel commad line in step 3.1.1.

4. Using connect mode

4.1. Starting the VNC viewer

On the desktop, start the VNC viewer in listening mode. See the program documentation for details. If you need to specify a port, select 5901.

4.2. Booting the server

There are several options to boot the server, depending on availability of at least some, maybe cumbersome and short living local console access.

4.2.1. Console access available

  1. Boot the server to be installed and wait for the boot menu to appear. In the menu, type edit to get access to the boot options and append the option

    inst.vnc  inst.vncconnect=HOST:PORT

    to the end of the command line.

    That configuration requires an active DHCP server. With none available, you must provide a static interface configuration as well.

    ip=ip::gateway:netmask:hostname:interface:none  inst.vnc  inst.vncconnect=HOST:PORT
  2. Start the installation using the edited options. The system will initialize the installation program and start the necessary services. When the system is ready, Anaconda will attempt to connect to the IP address and port you provided in the previous step.

4.2.2. No console access available – provide a kickstart medium

  1. Connect an USB stick and format as FAT and with label OEMDRV. In Fedora use the graphical tool of the desktop UI or the Terminal

    List the connected devices and identify the USB stick

    […]$ lsblk
    NAME                      MAJ:MIN RM    SIZE RO TYPE MOUNTPOINTS
    sda                         8:0    0  596.2G  0 disk
    ├─sda1                      8:1    0    600M  0 part /boot/efi
    ├─sda2                      8:2    0      1G  0 part /boot
    ├─sda3                      8:3    0     80G  0 part
    │ ├─fedora_fedora-root    253:0    0     15G  0 lvm  /
    │ └─fedora_fedora-var_log 253:2    0      5G  0 lvm  /var/log
    └─sda4                      8:4    0  514.6G  0 part
      ├─fedora_user-libvirt   253:3    0    120G  0 lvm  /var/lib/libvirt
      └─fedora_user-machines  253:4    0     80G  0 lvm  /var/lib/machines
    sdb                         8:16   1 1001.5M  0 disk
    └─sdb1                      8:17   1 1001.5M  0 part
    zram0                     252:0    0      8G  0 disk [SWAP]

    In the example above, the USB stick is sdb. Just in case it is mounted, unmount and then format and mount it at e.g. /mnt

    […]$ sudo umount /dev/sdb1
    […]$ sudo mkfs.vfat  -n 'OEMDRV' /dev/sdb1
    […]$ sudo mount /dev/sdb1  /mnt
  2. Create and edit a kickstart file ks.cfg in the root directory of the USB stick

    […]$ sudo vim /mnt/ks.cfg
    <INSERT>
    vnc --host=HOSTNAME/IP  --port=5901
    <SAVE&QUIT>

    If there is no DHCP available you must provide a static network configuration as in the example above about a direct connection, probably including DNS server.

4.3. Connecting to the server

When the connection is successfully established, a new window will open on the desktop running the VNC viewer, displaying the installation menu. This window will provide full remote access to the installer until the installation finishes and the system reboots for the first time.