A link to the PDF of this article can be found here:     Linux Imaging - KACE SDA

Introduction

With the introduction of SDA version 7.0, Quest KACE now supports deploying Linux operating systems.  Linux is very configurable and this document will cover only the basics of deploying Linux with the KACE SDA.  The KACE SDA supports Red Hat, CentOS, and Ubuntu deployments. Here we will focus on two free flavors of Linux, Ubuntu and CentOS. Red Hat Linux is a paid distribution of Linux and is very similar to CentOS in the commands and syntax.

Glossary of Terms

Preseed File – Similar to a sysprep answer file in Windows, the preseed file is used in Ubuntu to configure the setup of the Ubuntu Operating system during the deployment.  

Kickstart File – Same as a Preseed file but used for configuring CentOS and RedHat deployments

Package Repository – Linux distributions have online files for the operating system that are updated regularly.  KACE can pull files from online repository and store them on the SDA server for faster deployment

Boot Environment – Operating system that is loaded via network boot and used to deploy the operating system, KACE SDA will automatically create these when uploading the operating system (unlike Windows Boot environments which are created separately from the operating system upload)


Document Assumptions

KACE SDA is installed and upgraded to at least 7.0

You have downloaded and installed KACE Media Manager on a Windows system (for Ubuntu) and a Mac system (for CentOS only).

Internet access is needed to download the Linux distributions

Optional but highly recommended – KACE SDA has internet access to download and update the repository for the distribution(s) you plan to use

Note:  For ALL Linux installations the KACE SDA only supports scripted installations.  It is not possible to capture a disk image of Linux operating systems

Ubuntu Imaging

Ubuntu is a popular distribution of Linux that is used in desktops and servers.  Ubuntu has many variants that can also be installed with the base Ubuntu system.  Common variants of Ubuntu are KUbuntu,, Lubuntu, and XUbuntu.


Uploading Ubuntu Media to the SDA

KACE SDA supports Ubuntu 16.04 and version 18.04 64 bit versions only.  When uploading Ubuntu media to the KACE SDA, you MUST have the correct version downloaded before you begin.  Ubuntu has many different download options and in order to utilize the SDA deployment functionality, you need to get the full server version of the Ubuntu operating system.  KACE does NOT support the Desktop version of Ubuntu.  If you want to use Ubuntu as a desktop/laptop, the desktop OS features can still be installed from the server media. You cannot use live or interactive installation media.  If you look at the ubuntu.com site it is not the main option for download.  The CDs are available to download from here:

Ubuntu 18:  http://cdimage.ubuntu.com/releases/18.04.3/release/

Ubuntu 16:  http://cdimage.ubuntu.com/releases/16.04.6/release/ 


Ubuntu Server Download

 



Full Ubuntu Server ISO Download

Once the server ISO is downloaded, the administrator must mount the ISO file and upload the media via KACE Media Manager.


Uploading Ubuntu Source Media

During the Media Manager upload, the KACE SDA will create the source media record for Ubuntu as well as automatically build the boot environment for Ubuntu that will be used to network boot and install Ubuntu.  The boot environment will be labeled with “BE” at the end of the name provided when uploading the source media.

 

Ubuntu Source Media and Boot Environment


If desired, the administrator can rename the boot environment and/or the Source media in the SDA console.

 

Renamed Ubuntu Boot Environment


Configure Ubuntu Mirror

Linux distributions allow for live updating of the image deployment and often require a connection to a package repository distribution (mirror) server to install packages and updates during the deployment.  In the KACE SDA we can specify the repository mirrors to use and how often we will update the cached installation files on the SDA.  While the mirror server is not required, it is recommended as the OS will be able to get the latest patches and updates during the installation process.

To setup an Ubuntu Package Repository server, open the Source Media for the Ubuntu media.  

Enter the mirror server you wish to use.  Large organizations might have a mirror server they have internally.  Typically, administrators will just use the package repositories from Ubuntu.  The two most common mirrors are: 

http://us.archive.ubuntu.com/ubuntu/

http://us2.archive.ubuntu.com/ubuntu/


 

Ubuntu Repositories added to Source Media


Once we have added the repository, we can setup the KACE SDA to cache the update files so future installations use packages downloaded from Ubuntu and stored on the SDA instead of updating through the package repositories on each installation.  In order to enable repository caching, go to the SDA console and navigate to Settings  General Settings and scroll down to the Linux Repository Caching setting. 

 

Linux Repository Caching


When repository caching is enabled, packages used by Linux during the install process are saved locally to speed up deployments and decrease bandwidth usage. 

The cache duration is how long a package will be cached on the server before a refresh of the package is requested from the original source.

Now that we have setup package repositories and configured caching on the SDA, we can begin to build a scripted installation of Ubuntu. 


Ubuntu Scripted Installation

Now that we have the Ubuntu media and boot environment on the SDA, we can start to build a scripted installation for Ubuntu using the KACE SDA Scripted installation wizard. In the Deployments  Scripted Installations menu, select new scripted installation.  Enter the name of the scripted installation and select the uploaded media to use.


Scripted Installation – Enter Name and Select OS

Next, we define the parameters of the installation, either with a pre-configured preseed file, or by creating one.  In this example we will walk through creating a preseed file from scratch.  The preseed file can always be edited later after we create the scripted installation.

 

Selecting Preseed File Setup


Select the Ubuntu Server option, and enter the root password to be used in the image.


Select Preseed Template and enter Root Password


By default, there will be no tasks in the installation plan.  For a simple setup, this is typically fine. In this example we have added two tasks to the installation, the first installs OpenVM tools (for virtual machines) and the second installs the KACE SMA Agent.

 

Post-Installation Tasks (optional)


Click next and the SDA will complete the setup of the scripted installation. 

 

Completed Scripted Installation 


Modifying the Ubuntu Configuration

Once you have the scripted installation created, you will be able to edit the deployment and make changes to the installation plan (if you have post install tasks created) or edit the configuration file.  We will look at the default preseed file here and discuss options to further customize the scripted installation. In order to view the preseed file contents, open the scripted installation and show the Setup Configuration (hidden by default).


 

Show Setup Configuration in Scripted Installation 


Here is the default preseed file created by the SDA.

# Mostly based on the Ubuntu installation guide
# https://help.ubuntu.com/16.04/installation-guide/
# Debian sample
# https://www.debian.org/releases/stable/example-preseed.txt
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US

# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select us
d-i keyboard-configuration/xkb-keymap select us
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/toggle select No toggling
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string

# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_domain string unassigned-domain

# uncomment this line to manually set the hostname
#d-i netcfg/hostname string unassigned-hostname

# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
# d-i hw-detect/load_firmware boolean true

# NTP/Time Setup
d-i time/zone string US/Eastern
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server  string ntp.ubuntu.com

# Setup the installation source
#d-i mirror/country string manual
#d-i mirror/http/hostname string 192.168.2.170
#d-i mirror/http/directory string /repocache/ubuntu/
#d-i mirror/http/proxy string
%%K2_REPO_URL%%

# Suite to install.
# d-i mirror/suite string precise
# d-i mirror/udeb/suite string precise

# Components to use for loading installer components (optional).
#d-i mirror/udeb/components multiselect main, restricted

# Disk Partitioning
# Use LVM, and wipe out anything that already exists
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-auto/method string lvm
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-efi/non_efi_system boolean true

# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home:   separate /home partition
# - multi:  separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select atomic

# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
# d-i partman/default_filesystem string ext4

# root account and password
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password %%K2_ENCRYPTED_ROOT_PASSWORD%%
d-i user-setup/allow-password-weak boolean true

# skip creation of a normal user account.
d-i passwd/make-user boolean false

# You can choose to install restricted and universe software, or to install
# software from the backports repository.
# d-i apt-setup/restricted boolean true
# d-i apt-setup/universe boolean true
# d-i apt-setup/backports boolean true

# Uncomment this if you don't want to use a network mirror.
# d-i apt-setup/use_mirror boolean false

# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
# d-i apt-setup/services-select multiselect security
# d-i apt-setup/security_host string security.ubuntu.com
# d-i apt-setup/security_path string /ubuntu

# Enable deb-src lines
# d-i apt-setup/local0/source boolean true

# URL to the public key of the local repository; you must provide a key or
# apt will complain about the unauthenticated repository and so the
# sources.list line will be left commented out
# d-i apt-setup/local0/key string http://local.server/key

# By default the installer requires that repositories be authenticated
# using a known gpg key. This setting can be used to disable that
# authentication. Warning: Insecure, not recommended.
# d-i debian-installer/allow_unauthenticated boolean true

# Package selection
# Default for minimal
tasksel tasksel/first multiselect standard
# Default for server
# tasksel tasksel/first multiselect standard, web-server
# Default for gnome-desktop
# tasksel tasksel/first multiselect standard, ubuntu-desktop

d-i pkgsel/update-policy select none

# Individual additional packages to install
# wget is REQUIRED otherwise quite a few things won't work
# later in the build (like late-command scripts)
d-i pkgsel/include string ssh wget

# Debian needs this for the installer to avoid any question for grub
# Please verify that it suit your needs as it may overwrite any usb stick
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
d-i grub-installer/bootdev string default

# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
# d-i debian-installer/add-kernel-opts string $kernel_options_post

# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note

# This first command is run as early as possible, just after preseeding is read.
# d-i preseed/early_command string [command]
%%K2_PRE_INSTALL_TASKS%%

# This command is run immediately before the partitioner starts. It may be
# useful to apply dynamic partitioner preseeding that depends on the state
# of the disks (which may not be visible when preseed/early_command runs).
# d-i partman/early_command \
#       string debconf-set partman-auto/disk "\$(list-devices disk | head -n1)"

# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
# d-i preseed/late_command string [command]
%%K2_MID_LEVEL_TASKS%%
Default Preseed File

The default preseed file will install Ubuntu Server in text mode, there will be no GUI.  For many Linux admins, this is all that is needed.  They will be able to configure the system as they normally would. But many customers are starting to use Ubuntu as a desktop/workstation platform and desire GUI based operating systems.  In order to accomplish a GUI installation of Ubuntu, we can simply modify the preseed file to add GUI components and even pick a specific Ubuntu distribution to deploy.
There is a large amount of options that can be added to the preseed file and this document cannot cover all these options.  A good starting point for Ubuntu preseed options can be found on the ubuntu site.


Below is an example of an Ubuntu preseed file that will install a graphical interface and add some users to the system.  Quick note about reading the preseed file, when looking at the options in the preseed, anything with a # in the beginning of the line is considered a comment and is not actually being processed during installation.  We will highlight the sections that you should look at and potentially change to fit the options you need during the installation.

# Mostly based on the Ubuntu installation guide
# https://help.ubuntu.com/16.04/installation-guide/
# Debian sample
# https://www.debian.org/releases/stable/example-preseed.txt
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US

# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select us
d-i keyboard-configuration/xkb-keymap select us
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/toggle select No toggling
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string

# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_domain string unassigned-domain

# uncomment this line to manually set the hostname
d-i netcfg/hostname string UbuntuImage

# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
# d-i hw-detect/load_firmware boolean true

# NTP/Time Setup
d-i time/zone string US/Eastern
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server  string server 0.us.pool.ntp.org

# Setup the installation source
#d-i mirror/country string manual
#d-i mirror/http/hostname string 192.168.2.170
#d-i mirror/http/directory string /repocache/ubuntu/
#d-i mirror/http/proxy string
%%K2_REPO_URL%%

# Suite to install.
# d-i mirror/suite string precise
# d-i mirror/udeb/suite string precise

# Components to use for loading installer components (optional).
#d-i mirror/udeb/components multiselect main, restricted

# Disk Partitioning
# Use LVM, and wipe out anything that already exists
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-auto/method string lvm
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-efi/non_efi_system boolean true

# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home:   separate /home partition
# - multi:  separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select atomic

# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
# d-i partman/default_filesystem string ext4

# root account and password
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password %%K2_ENCRYPTED_ROOT_PASSWORD%%
d-i user-setup/allow-password-weak boolean true

# Skip creation of a root account (normal user account will be able to
# use sudo). The default is false; preseed this to true if you want to set
# a root password.
#d-i passwd/root-login boolean false

# Alternatively, to skip creation of a normal user account.
#d-i passwd/make-user boolean false

# Root password, either in clear text
#d-i passwd/root-password password r00tme
#d-i passwd/root-password-again password r00tme
# or encrypted using a crypt(3)  hash.
#d-i passwd/root-password-crypted password [crypt(3) hash]

# To create a normal user account.
d-i passwd/user-fullname string Admin User
d-i passwd/username string adminuser
# Normal user's password, either in clear text
d-i passwd/user-password password Admin123
d-i passwd/user-password-again password Admin123
# or encrypted using a crypt(3) hash.
#d-i passwd/user-password-crypted password [crypt(3) hash]
# Create the first user with the specified UID instead of the default.
#d-i passwd/user-uid string 1010
# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
d-i user-setup/allow-password-weak boolean true

# The user account will be added to some standard initial groups. To
# override that, use this.
#d-i passwd/user-default-groups string audio cdrom video

# Set to true if you want to encrypt the first user's home directory.
d-i user-setup/encrypt-home boolean false

# You can choose to install restricted and universe software, or to install
# software from the backports repository.
# d-i apt-setup/restricted boolean true
# d-i apt-setup/universe boolean true
# d-i apt-setup/backports boolean true

# Uncomment this if you don't want to use a network mirror.
# d-i apt-setup/use_mirror boolean false

# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
# d-i apt-setup/services-select multiselect security
# d-i apt-setup/security_host string security.ubuntu.com
# d-i apt-setup/security_path string /ubuntu

# Enable deb-src lines
# d-i apt-setup/local0/source boolean true

# URL to the public key of the local repository; you must provide a key or
# apt will complain about the unauthenticated repository and so the
# sources.list line will be left commented out
# d-i apt-setup/local0/key string http://local.server/key

# By default the installer requires that repositories be authenticated
# using a known gpg key. This setting can be used to disable that
# authentication. Warning: Insecure, not recommended.
# d-i debian-installer/allow_unauthenticated boolean true

# Package selection
# Default for minimal
# tasksel tasksel/first multiselect standard
# Default for server
# tasksel tasksel/first multiselect standard, web-server
# Define which Ubuntu Desktop to use
tasksel tasksel/first multiselect standard, ubuntu-desktop

#Ubuntu Desktops
#standard (standard tools)
#ubuntu-desktop
#kubuntu-desktop
#edubuntu-desktop
#lubuntu-desktop
#ubuntu-gnome-desktop
#xubuntu-desktop
#ubuntu-mate-desktop
#lamp-server
#print-server (print server)

#d-i pkgsel/update-policy select none
d-i pkgsel/update-policy select unattended-upgrades

# Individual additional packages to install
# wget is REQUIRED otherwise quite a few things won't work
# later in the build (like late-command scripts)
d-i pkgsel/include string ssh wget

# Debian needs this for the installer to avoid any question for grub
# Please verify that it suit your needs as it may overwrite any usb stick
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
d-i grub-installer/bootdev string default

# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
# d-i debian-installer/add-kernel-opts string $kernel_options_post

# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note

# This first command is run as early as possible, just after preseeding is read.
# d-i preseed/early_command string [command]
%%K2_PRE_INSTALL_TASKS%%

# This command is run immediately before the partitioner starts. It may be
# useful to apply dynamic partitioner preseeding that depends on the state
# of the disks (which may not be visible when preseed/early_command runs).
# d-i partman/early_command \
#       string debconf-set partman-auto/disk "\$(list-devices disk | head -n1)"

# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
# d-i preseed/late_command string [command]
%%K2_MID_LEVEL_TASKS%%
Example Ubuntu GUI preseed file

Ubuntu variants can be selected in the above file in the desktop section.  KACE does not test each desktop variant but we have successfully tested a few of the desktops and the syntax appears in the above file.  The default desktop for Ubuntu is selected here in this section:
# Define which Ubuntu Desktop to use
tasksel tasksel/first multiselect standard, ubuntu-desktop

There are some examples in this file that can be used if desired. Substitute the desktop desired (without the #) in the preseed file. These desktops are options available to Ubuntu but not all have been tested.
#Ubuntu Desktops
#standard (standard tools)
#ubuntu-desktop
#kubuntu-desktop
#edubuntu-desktop
#lubuntu-desktop
#xubuntu-desktop
#ubuntu-mate-desktop
#lamp-server
#print-server (print server)

Example syntax for kubuntu
tasksel tasksel/first multiselect standard, kubuntu-desktop
Selecting KUbuntu Desktop in preseed file


Deploying any Linux Scripted Installation 

Unlike Windows deployments, all Linux deployments MUST be scheduled. In order to schedule a Linux deployment, you can open the scripted installation and select new boot action.

 
Scheduling a Boot Action to Deploy Linux Scripted Installation


When selecting the deployment from the Scripted Installation, you will then name the deployment and then assign to a MAC address already in the SDA, or paste the MAC address of the machine to be imaged.
 

Naming and Selecting Deployment

 

Assigning MAC address to Deployment

Save the deployment and PXE boot the selected machine.
 


Ubuntu Deployment Running

 
Completed Ubuntu Deployment

Now that we have a working Ubuntu device, we will look at how to create a Post-Installation task to install the KACE Agent.  Administrators who are familiar with Linux scripting can add software and packages as needed either in the preseed file or by adding scripts in a Post-Installation task.


Post-Installation Task for SMA Agent – Ubuntu

To install the SMA Agent as a Post-Installation task in the SDA, you will need to download the agent installer file for Ubuntu 64 bit from the SDA.  In your SMA interface, navigate to Settings --> Provisioning --> Update Agents Settings and click the version number next to Ubuntu 64 bit.

 

SMA Agent Download


Agent File Download

Notice in the name of the file the server name is embedded in the name.  So your agent will automatically have your server name appended to the file after the _ character. Save that file and then create a new Post-Installation task in the SDA.

 
New SMA Agent Post-Installation Task

Select Linux (Ubuntu/Debian) and upload the agent file you downloaded from your SMA.  Make sure you change the file name in the command line to match your agent installer file.  The command to install should look like this (where the server is k1000.demo.vm.local ) 

dpkg -i ampagent-10.0.113.ubuntu.64_k1000.demo.vm.local.deb

 
Ubuntu SMA Agent Installation Task

Save the Post-Installation task and then edit the Scripted Installation and add the agent installer to your Ubuntu Scripted Installation as a Post-Install Task.

 

Post Install task added to Ubuntu Deployment


At this point we should have a fully functioning Ubuntu desktop with a KACE SMA Agent.  

Other Considerations / Settings

In some cases, you may need to install Ubuntu without having access to a mirror repository (if the systems are on a dark network perhaps).  By default, Ubuntu always wants to install updates and will try to install updates from an ubuntu repository server on the internet.  If you want to force to install Ubuntu from only the installation media that was uploaded to the SDA, then you can alter the boot environment to not download live updates.  To do this, edit the boot environment from the SDA console by going to Deployments  Boot Environments.  Edit the Ubuntu boot environment and alter the setting for pxeinitrd file.  Set to /install/initrd.gz and save.