CentOS7.2下PXE+kickstart自动化安装系统
注意:我只是一篇笔记,不是教程!不求甚解的可以一步步跟着做出来,想搞清楚原理的自己研究
温故而知新,虽然工作中用到的系统都是 CentOS 6.X
,但我们不能一直沉浸在过去的经验中,要跟上时代的节奏
一、实验环境
- 操作系统:CentOS Linux release 7.2.1511 (Core)
- 网卡地址:192.168.100.147/24
- 光盘镜像:CentOS-7-x86_64-Minimal-1511.iso
- 安装工具:kickstart + dhcp + tftp + ftp
二、准备工作
2.1 关闭防火墙
[root@localhost ~]# systemctl stop iptables [root@localhost ~]# systemctl stop firewalld
2.2 关闭selinux
[root@localhost ~]# setenforce 0 [root@localhost ~]# getenforce Permissive
三、原理和流程图
四、DHCP服务安装及配置
4.1 安装dhcp
[root@localhost ~]# yum install dhcp -y
4.2 配置dhcpd
[root@localhost ~]# vi /etc/dhcp/dhcpd.conf default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 192.168.100.0 netmask 255.255.255.0 { option routers 192.168.100.2; option subnet-mask 255.255.255.0; option domain-name-servers 192.168.100.2; option time-offset -18000; # Eastern Standard Time range dynamic-bootp 192.168.100.60 192.168.100.100; default-lease-time 21600; max-lease-time 43200; next-server 192.168.100.147; filename "pxelinux.0"; }
4.3 启动dhcpd
[root@localhost ~]# systemctl start dhcpd
4.4 dhcp服务测试
[root@localhost ~]# ss -nulp | grep dhcpd UNCONN 0 0 *:67 *:* users:(("dhcpd",pid=8769,fd=7)) UNCONN 0 0 *:7773 *:* users:(("dhcpd",fd=20)) UNCONN 0 0 :::55406 :::* users:(("dhcpd",fd=21))
也可以启动新服务器,看看能否获取到IP地址
4.5 设置开机自启动(可选)
[root@localhost ~]# systemctl enable dhcpd Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
五、ftp服务安装及配置
5.1 安装vsftpd
[root@localhost ~]# yum install -y vsftpd
5.2 配置vsftpd
使用默认配置即可
5.3 挂载系统盘
系统安装盘挂载到 /var/ftp/pub
目录下,不要挂载到其它地方,因为 /var/ftp
是 anonymous
匿名用户的家目录
如果是光驱,可以这样挂
[root@localhost ~]# mount /dev/cdrom /var/ftp/pub mount: /dev/sr0 is write-protected,mounting read-only
如果是光盘镜像,可以这样挂
[root@localhost ~]# mount /opt/CentOS-7-x86_64-Minimal-1511.iso /var/ftp/pub -o loop mount: /dev/loop0 is write-protected,mounting read-only
查看光盘内容
[root@localhost ~]# ls /var/ftp/pub CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7 EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
5.4 启动vsftpd服务
[root@localhost ~]# systemctl start vsftpd
5.5 ftp服务器测试
[root@localhost ~]# ftp 192.168.100.147 Connected to 192.168.100.147 (192.168.100.147). 220 (vsFTPd 3.0.2) Name (192.168.100.147:root): anonymous 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (192,168,100,147,113,88). 150 Here comes the directory listing. -rw-r--r-- 1 0 0 1068 Aug 09 08:56 ks.cfg dr-xr-xr-x 8 0 0 2048 Dec 09 2015 pub 226 Directory send OK. ftp> get ks.cfg local: ks.cfg remote: ks.cfg 227 Entering Passive Mode (192,126,155). 150 opening BINARY mode data connection for ks.cfg (1068 bytes). 226 Transfer complete. 1068 bytes received in 6.8e-05 secs (15705.88 Kbytes/sec) ftp> quit 221 Goodbye. [root@localhost ~]# ls anaconda-ks.cfg ks.cfg
成功拿到 ks.cfg
则表示 ftp
服务正常
5.6 设置开机自启动(可选)
[root@localhost ~]# systemctl enable vsftpd Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
六、tftp服务安装及配置
6.1 安装tftp和xinetd服务
[root@localhost ~]# yum install -y xinetd [root@localhost ~]# yum install -y tftp-server tftp syslinux-tftpboot
6.2 配置xinetd
[root@localhost ~]# vi /etc/xinetd.d/tftp service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /var/lib/tftpboot #默认disable是yes的,把它改为no即可 disable = no per_source = 11 cps = 100 2 flags = IPv4 }
6.3 配置tftp-server
[root@localhost ~]# cp /var/ftp/pub/images/pxeboot/initrd.img /var/lib/tftpboot/ [root@localhost ~]# cp /var/ftp/pub/images/pxeboot/vmlinuz /var/lib/tftpboot/ [root@localhost ~]# mkdir /var/lib/tftpboot/pxelinux.cfg [root@localhost ~]# vi /var/lib/tftpboot/pxelinux.cfg/default default linux prompt 1 timeout 60 display boot.msg label linux kernel vmlinuz append initrd=initrd.img text ks=ftp://192.168.100.147/ks.cfg
6.4 配置kickstart
以 ~/anaconda-ks.cfg
为模板,再做一些适当的修改
[root@localhost ~]# cp ~/anaconda-ks.cfg /var/ftp/ks.cfg [root@localhost ~]# vi /var/ftp/ks.cfg #version=DEVEL # System authorization information auth --enableshadow --passalgo=sha512 # Install OS instead of upgrade install # Use network installation url --url=ftp://192.168.100.147/pub # Use graphical install graphical # Run the Setup Agent on first boot firstboot --enable # Keyboard layouts keyboard --vckeymap=us --xlayouts='us' # System language lang en_US.UTF-8 --addsupport=zh_CN.UTF-8 # Network information network --bootproto=dhcp --device=eno16777736 --onboot=yes --ipv6=auto network --hostname=localhost.localdomain # Root password # root密码是: rootroot rootpw --iscrypted $6$7gdZF8XhDef10LyT$2uRiP4qFYaBBTgpggKU/BXKgMDJLWN/BriXXgBwyzkjaz9G9YP/xD08I1OJfgBcPMoURsE5inVIoX.J6aERmR0 # System services services --disabled="chronyd" # System timezone timezone Asia/Shanghai --isUtc --nontp # System bootloader configuration bootloader --location=mbr --boot-drive=sda autopart --type=lvm # Partition clearing information clearpart --none --initlabel %packages @^minimal @core %end %addon com_redhat_kdump --disable --reserve-mb='auto' %end
修改访问权限
[root@localhost ~]# ll /var/ftp/ks.cfg -rw-------. 1 root root 1083 Aug 8 16:39 /var/ftp/ks.cfg [root@localhost ~]# chmod +r /var/ftp/ks.cfg [root@localhost ~]# ll /var/ftp/ks.cfg -rw-r--r--. 1 root root 1083 Aug 8 16:39 /var/ftp/ks.cfg
6.5 启动tftp服务
[root@localhost ~]# systemctl start xinetd
6.6 测试tftp服务
[root@localhost ~]# ls anaconda-ks.cfg ks.cfg [root@localhost ~]# tftp 192.168.100.147 tftp> get vmlinuz tftp> quit [root@localhost ~]# ls anaconda-ks.cfg ks.cfg vmlinuz
如果能成功拿到 vmlinuz
文件,则表示 tftp
服务器状态正常
6.7 设置开机自启动(可选)
[root@localhost ~]# systemctl enable xinetd Created symlink from /etc/systemd/system/multi-user.target.wants/xinetd.service to /usr/lib/systemd/system/xinetd.service.
七、启动安装
到这里已经配置完成了。
系统安装前,需要设置BIOS从网卡启动,安装完后马上改回去
八、注意事项
- 注意dhcp冲突
- 注意权限
- 注意防火墙
- 注意selinux
九、进阶参考
- 百度关键词:
Cobbler
- Kickstart自动化攻略:如何制作KS文件 —— http://jingyan.baidu.com/article/5d368d1eedc8ac3f60c057e1.html
- kickstart配置文件详解和system-config-kickstart —— http://blog.chinaunix.net/uid-30936525-id-5719207.html