CentOS7使用iPXE批量安装ESXi7

使用iPXE批量安装ESXi

一、环境准备

此次使用CentOS7.9，已关闭selinux和防火墙，已配置CentOS-7-x86_64-Everything-2009.iso本地镜像源。使用yum install dnsmasq httpd安装好dnsmasq和httpd

准备iPXE启动文件：UEFI使用的snponly.efi，Legacy使用的undionly.kpxe 可以从http://boot.ipxe.org/直接下载

准备ESXi安装镜像挂载到/iso

二、配置dnsmasq

1. 修改dnsmasq配置文件/etc/dnsmasq.conf配置DHCP,TFTP服务

   interface=ens192
   #dnsmasq使用的网卡
   
   log-dhcp
   log-facility=/var/log/dnsmasq.log
   #记录DHCP日志
   
   dhcp-range=192.168.199.150,192.168.199.220,255.255.255.0,12h
   #dhcp地址池及租期
   
   dhcp-option=option:router,192.168.199.254
   #dhcp网关（直连交换机其实可以不配置网关）
   
   dhcp-option=66,192.168.199.20
   #TFTPserver地址（修改为本机的地址）
   
   dhcp-match=set:efi-x86_64,option:client-arch,7
   dhcp-match=set:efi-x86_64,option:client-arch,9
   dhcp-match=set:efi-x86,option:client-arch,6
   dhcp-match=set:bios,option:client-arch,0
   #使用架构标签
   
   dhcp-userclass=set:iPXEBoot,iPXE
   # set tag "iPXEBoot" if request comes from iPXE ("iPXE" user class)
   
   dhcp-boot=tag:efi-x86_64,snponly.efi
   dhcp-boot=tag:bios,undionly.kpxe
   #使TFTP按架构标签提供启动文件
   
   dhcp-boot=tag:iPXEBoot,http://192.168.199.20/esxi/ipxe.script
   #当iPXE启动后，使iPXE启动http服务器上的脚本
   
   enable-tftp
   #开启TFTP
   
   tftp-root=/var/tftpd
   #TFTP根目录
   conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
   

2. 创建配置文件中的TFTP根目录,放入ipxe文件

   mkdir /var/tftpd
   

3. 查看下文件，是这样的

   [root@localhost tftpd]# tree
   .
   ├── snponly.efi
   └── undionly.kpxe
   
   0 directories, 2 files
   

三、配置httpd

1. httpd默认文件路径为/var/www/html，创建一个/var/www/html/esxi目录

   mkdir /var/www/html/esxi
   

2. 将挂载的/iso目录链接到此目录下

   ln -s /iso /var/www/html/esxi
   

3. 创建ipx.script文件，放入/var/www/html/esxi

   [root@localhost]# cat ipxe.script
   #!ipxe
   iseq ${platform} efi && goto is_efi ||
   kernel http://192.168.199.20/esxi/iso/mboot.c32 -c http://192.168.199.20/esxi/boot.cfg
   boot
   
   :is_efi
   kernel http://192.168.199.20/esxi/iso/efi/boot/bootx64.efi -c http://192.168.199.20/esxi/boot.cfg
   boot
   

四、修改boot.cfg，可选添加ks.cfg

1. 将镜像挂载/iso目录中的boot.cfg复制一份到/var/www/html/esxi下并修改

   cp /iso/efi/boot/boot.cfg /var/www/html/esxi
   #参考vmware官网文档
   #将 kernel= 和 modules= 行中的文件名前正斜杠 (/) 字符删除。
   #添加prefix行
   #删除kernelopt= 行中字符串 cdromBoot
   #添加kernelopt=ks=http://192.168.199.20/esxi/ks.cfg（可选）
   vim /var/www/html/esxi/boot.cfg
   #以下为vim操作批量删除斜杠 (/) 
   :%s/\///g
   

   修改完后的boot.cfg

   bootstate=0
   title=Loading ESXi installer By Hol
   timeout=5
   prefix=http://192.168.199.20/esxi/iso
   kernel=b.b00
   kernelopt=runweasel ks=http://192.168.199.20/esxi/ks.cfg
   modules=jumpstrt.gz --- useropts.gz --- features.gz --- k.b00 --- uc_intel.b00 --- uc_amd.b00 --- uc_hygon.b00 --- procfs.b00 --- vmx.v00 --- vim.v00 --- tpm.v00 --- sb.v00 --- s.v00 --- bnxtnet.v00 --- bnxtroce.v00 --- lsimr3.v00 --- lsimsgpt.v00 --- lpfc.v00 --- i40en.v00 --- iavmd.v00 --- icen.v00 --- igbn.v00 --- irdman.v00 --- ixgben.v00 --- payload.v00 --- nmlx5cor.v00 --- nmlx5rdm.v00 --- smartpqi.v00 --- qlnative.v00 --- qcnic.v00 --- qedentv.v00 --- qedf.v00 --- qedi.v00 --- qedrntv.v00 --- qfle3.v00 --- qfle3f.v00 --- qfle3i.v00 --- atlantic.v00 --- brcmfcoe.v00 --- elxiscsi.v00 --- elxnet.v00 --- ionic_en.v00 --- iser.v00 --- lpnic.v00 --- lsi_msgp.v00 --- lsi_msgp.v01 --- mtip32xx.v00 --- ne1000.v00 --- nenic.v00 --- nfnic.v00 --- nhpsa.v00 --- nmlx4_co.v00 --- nmlx4_en.v00 --- nmlx4_rd.v00 --- ntg3.v00 --- nvme_pci.v00 --- nvmerdma.v00 --- nvmetcp.v00 --- nvmxnet3.v00 --- nvmxnet3.v01 --- pvscsi.v00 --- qflge.v00 --- rste.v00 --- sfvmk.v00 --- vmkata.v00 --- vmkfcoe.v00 --- vmkusb.v00 --- vmw_ahci.v00 --- bmcal.v00 --- crx.v00 --- elx_esx_.v00 --- btldr.v00 --- esx_dvfi.v00 --- esx_ui.v00 --- esxupdt.v00 --- tpmesxup.v00 --- weaselin.v00 --- esxio_co.v00 --- loadesx.v00 --- lsuv2_hp.v00 --- lsuv2_in.v00 --- lsuv2_ls.v00 --- lsuv2_nv.v00 --- lsuv2_oe.v00 --- lsuv2_oe.v01 --- lsuv2_oe.v02 --- lsuv2_sm.v00 --- native_m.v00 --- trx.v00 --- vdfs.v00 --- vmware_e.v00 --- vsan.v00 --- vsanheal.v00 --- vsanmgmt.v00 --- tools.t00 --- lnvcusto.v00 --- xorg.v00 --- gc.v00 --- imgdb.tgz --- basemisc.tgz --- resvibs.tgz --- imgpayld.tgz
   build=7.0.3-0.50.20036589
   updated=0
   

2. 修改后的ks.cfg（安装完成的ESXi的/etc/vmware/weasel目录下有此文件）

   #
   # Sample scripted installation file
   #
   
   # Accept the VMware End User License Agreement
   vmaccepteula
   
   # Set the root password for the DCUI and Tech Support Mode
   rootpw admin@123
   
   # The install media is in the CD-ROM drive
   install --firstdisk --overwritevmfs
   
   # Set the network to DHCP on the first network adapter
   network --bootproto=dhcp --device=vmnic0
   
   #添加安装完自动重启
   reboot
   
   # A sample post-install script
   %post --interpreter=python --ignorefailure=true
   import time
   stampFile = open('/finished.stamp', mode='w')
   stampFile.write( time.asctime() )
   

3. 最后查看下文件，是这样的

   [root@localhost esxi]# tree
   .
   ├── boot.cfg
   ├── ipxe.script
   ├── iso -> /iso
   └── ks.cfg
   
   1 directory, 3 files
   

五、测试

1. 重启httpd，dnsmasq服务

   systemctl restart httpd dnsmasq
   

2. 两个测试机分别从UEFI和legacy的pxe启动

3. pxe获取到ip地址

4. pxe从tftp获取ipxe文件并启动ipxe

5. ipxe获取ip地址

6. ipxe从http获取script脚本并执行，开始自动安装

7. 测试机从http获取镜像文件，自动安装完成自动重启

8. 查看httpd日志

   tail -f /var/log/httpd/access_log
   

9. 查看dnsmasq日志

   tail -f /var/log/dnsmasq.log
   

可能遇到的问题：Legacy启动可能会出现卡在mboot.c32，原因是网站下载的undionly.kpxe不包含COMBOOT功能。修改ipxe源码中general.h，取消注释#define IMAGE_COMBOOT 重新编译ipxe生成undionly.kpxe即可正常。

参考链接

vmware官网

C0reFast记事本

dnsmasq - Arch Linux 中文维基

Michls Tech Blog