Chainloading does not work on mirrored EFI partitions (w/mdadm) when provisioning a system via Red Hat Satellite 6.x

Solution Verified - Updated

Environment

  • Red Hat Satellite 6.15

Issue

  • When provisioning a discovered host via Red Hat Satellite 6.x, chainloading does not work on mirrored EFI partitions (w/mdadm), and provisioning fails with the following error:

      .
  .
  Trying /EFI/sles/grubx64.efi
  error: ../../grub-core/commands/search.c:315:no such device:
  /EFI/sles/grubx64.efi.
  Trying /EFI/opensuse/grubx64.efi
  error: ../../grub-core/commands/search.c:315:no such device:
  /EFI/opensuse/grubx64.efi.
  Trying /EFI/Microsoft/boot/bootmgfw.efi
  error: ../../grub-core/commands/search.c:315:no such device:
  /EFI/Microsoft/boot/bootmgfw.efi.
  Partition with known EFI file not found, you may want to drop to grub shell
  and investigate available files updating 'pxegrub2_chainload' template and
  the list of known filepaths for probing. Available device are:
  
  (lvm/rhel-swap) (lvm/rhel-root) (md/pv.01) (md/boot_efi) (md/0) (proc) (hd0)
  (hd0,msdos2) (hd1) (hd1,msdos2) (hd2) (hd2,gpt3) (hd2,gpt2) (hd2,gpt1) (hd3)
  (hd3,gpt3) (hd3,gpt2) (hd3,gpt1)

  If you cannot see the HDD, make sure the drive is marked as bootable in EFI and not hidden. Boot order must be the folowing:
  1) NETWORK
  2) HDD

  The system will poweroff in 2 minutes or press ESC to poweroff immediately.

Resolution

  • Follow the steps in the Diagnostic Steps. If the outcome from these steps match your case, apply one of the following resolutions:

Resolution 1:

  1. On your Satellite server, edit /usr/share/foreman/app/views/unattended/provisioning_templates/snippet/pxegrub2_chainload.erb. This snippet is being called by the /usr/share/foreman/app/views/unattended/provisioning_templates/PXEGrub2/pxegrub2_global_default.erb template during the provisioning.

  2. Look for the following lines in /usr/share/foreman/app/views/unattended/provisioning_templates/snippet/pxegrub2_chainload.erb:

  # add --efidisk-only when using Software RAID
  search --file --no-floppy --set=chroot /EFI/fedora/shim.efi

and replace them with:

  # add --efidisk-only when using Software RAID
  search --file --no-floppy --efidisk-only --set=chroot /EFI/fedora/shim.efi
  1. Restart Satellite services to apply the change:
# satellite-maintain service restart

Resolution 2:

  1. Log in to your Satellite's web UI:

  2. Navigate to: Hosts -> Templates -> Provisioning Templates

  3. Search for pxegrub2_chainload.

  4. In the Actions column of the table, click on Clone.

  5. In the Editor tab, find the following line:

    search --file --no-floppy --set=chroot <%= path %>

    and change it to:

    search --file --no-floppy --efidisk-only --set=chroot <%= path %>

  6. Click on the Submit button to save the modified snippet as pxegrub2_chainload clone (of course you can use a different name as per your preference).

  7. Navigate back to: Hosts -> Templates -> Provisioning Templates

  8. Search for pxegrub2_global_default.

  9. In the Actions column of the table, click on Clone.

  10. In the Editor tab, find the following line:

    <%= snippet "pxegrub2_chainload" %>

    and change it to:

    <%= snippet "pxegrub2_chainload clone" %>

  11. Click on the Submit button to save the modified template as PXEGrub2 global default clone (of course you can use a different name as per your preference).

  12. Use the PXEGrub2 global default clone template instead of the PXEGrub2 global default template to provision the discovered host.

For more KB articles/solutions related to Red Hat Satellite 6.x Provisioning Issues, please refer to the Consolidated Troubleshooting Article for Red Hat Satellite 6.x Provisioning related Issues

Diagnostic Steps

  1. If possible, try to install the system manually using a USB stick, and verify whether this works.

  2. If the installation in step (1) works as expected, run the following command on the system:

# lsblk -f -a -l

and examine the output of the command. Look for boot_efi in the output and confirm that EFI partitions are mirrored. For example:

  NAME      FSTYPE            FSVER            LABEL                    UUID                                   FSAVAIL FSUSE% MOUNTPOINTS

  .
  .
  sda                                                                                                                         
  sda1      linux_raid_member 1.2              <hostname>:0                  0bfaabb2-414e-0d52-f9ce-4e48efe5dfe7                  
  sda2      linux_raid_member 1.0              <hostname>:boot_efi           afc892a7-69bb-c298-2e00-0eadeb8985c1                  
  sda3      linux_raid_member 1.2              <hostname>:pv.01              dc0be400-d72e-81e4-ae20-d56c53260f29                  
  sdb                                                                                                                         
  sdb1      linux_raid_member 1.2              <hostname>:0                  0bfaabb2-414e-0d52-f9ce-4e48efe5dfe7                  
  sdb2      linux_raid_member 1.0              <hostname>:boot_efi           afc892a7-69bb-c298-2e00-0eadeb8985c1                  
  sdb3      linux_raid_member 1.2              <hostname>:pv.01              dc0be400-d72e-81e4-ae20-d56c53260f29                  
  sdc       iso9660           Joliet Extension RHEL-9-4-0-BaseOS-x86_64 2024-04-12-03-32-56-00                                
  sdc1      iso9660           Joliet Extension RHEL-9-4-0-BaseOS-x86_64 2024-04-12-03-32-56-00                                
  sdc2      vfat              FAT12            ANACONDA                 B609-3EB8                                             
  md0       xfs                                                         c22cd432-3774-4927-aa8e-52fbd7993904    689.7M    26% /boot
  md126     vfat              FAT16                                     2BC4-4826                               504.6M     1% /boot/efi
  md127     LVM2_member       LVM2 001                                  BgYbZj-wQT1-wVY3-Bt4c-mB2q-47cJ-D8YBiF                
  .
  .
  .
  1. Run the following command on the system installed in step (1), and note down the mac addresses of the network interfaces available on the system:
  # ip -d address

  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0  allmulti 0 minmtu 0 maxmtu 0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 tso_max_size 524280 tso_max_segs 65535 gro_max_size 
  65536 gso_ipv4_max_size 65536 gro_ipv4_max_size 65536 
      inet 127.0.0.1/8 scope host lo
         valid_lft forever preferred_lft forever
      inet6 ::1/128 scope host 
         valid_lft forever preferred_lft forever
  2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
      link/ether 0c:c4:7a:e6:aa:02 brd ff:ff:ff:ff:ff:ff promiscuity 0  allmulti 0 minmtu 68 maxmtu 9216 numtxqueues 8 numrxqueues 8 gso_max_size 65536 gso_max_segs 65535 tso_max_size 65536 tso_max_segs 65535 gro_max_size 
  65536 gso_ipv4_max_size 65536 gro_ipv4_max_size 65536 parentbus pci parentdev 0000:04:00.0 
      altname enp4s0
  3: eno2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
      link/ether 0c:c4:7a:e6:aa:03 brd ff:ff:ff:ff:ff:ff promiscuity 0  allmulti 0 minmtu 68 maxmtu 9216 numtxqueues 8 numrxqueues 8 gso_max_size 65536 gso_max_segs 65535 tso_max_size 65536 tso_max_segs 65535 gro_max_size 
  65536 gso_ipv4_max_size 65536 gro_ipv4_max_size 65536 parentbus pci parentdev 0000:05:00.0 
      altname enp5s0
  4: enp99s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
      link/ether ac:1f:6b:a4:98:9c brd ff:ff:ff:ff:ff:ff promiscuity 0  allmulti 0 minmtu 68 maxmtu 9710 numtxqueues 64 numrxqueues 64 gso_max_size 65536 gso_max_segs 65535 tso_max_size 65536 tso_max_segs 65535 
  gro_max_size 65536 gso_ipv4_max_size 65536 gro_ipv4_max_size 65536 parentbus pci parentdev 0000:63:00.0 
  5: enp99s0f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
      link/ether ac:1f:6b:a4:98:9d brd ff:ff:ff:ff:ff:ff promiscuity 0  allmulti 0 minmtu 68 maxmtu 9710 numtxqueues 64 numrxqueues 64 gso_max_size 65536 gso_max_segs 65535 tso_max_size 65536 tso_max_segs 65535 
  gro_max_size 65536 gso_ipv4_max_size 65536 gro_ipv4_max_size 65536 parentbus pci parentdev 0000:63:00.1 
      inet 172.21.15.72/22 brd 172.21.15.255 scope global dynamic noprefixroute enp99s0f1
         valid_lft 167sec preferred_lft 167sec
      inet6 fe80::7232:83a4:1879:343c/64 scope link noprefixroute 
         valid_lft forever preferred_lft forever
  1. Run the following command on the Satellite server, and look for grub.cfg-* files referring to one of the MAC addresses noted in step (3):
# ls -ltr /var/lib/tftpboot/grub2/
.
.
-rw-r--r--. 1 foreman-proxy foreman-proxy    8016 Oct 28 14:43 grub.cfg-01-ac-1f-6b-a4-98-9d
-rw-r--r--. 1 foreman-proxy foreman-proxy    8016 Oct 28 14:43 grub.cfg-ac:1f:6b:a4:98:9d
.
.

This will be the MAC address of the network interface used to provision the host via Satellite.

  1. Check the content of these files, and look for lines starting with the search command. For example:
  # add --efidisk-only when using Software RAID
  search --file --no-floppy --set=chroot /EFI/fedora/shim.efi
SBR
Product(s)
Components
Category
Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.