【就业班作业】【第十二周】2、实现kickstart+pxe自动化装机
一、安装环境准备---提供DHCP服务
yum -y install dhcp
[root@localhost /]# cat /etc/dhcp/dhcpd.conf # dhcpd.conf # # Sample configuration file for ISC dhcpd # option domain-name "sankeya.com"; option domain-name-servers 114.114.114.114,180.76.76.76; default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.202 192.168.0.209; option routers 192.168.0.201; filename "pxelinux.0"; 指定TFTP服务器pxe程序文件名字 next-server 192.168.0.201; 指定TFTP服务器 } [root@localhost /]#
获取地址的规则:
广播报文从哪个接口(含中继接口)进来,将从池中获取该接口配置的IP同网段的的地址
二、安装环境准备---提供TFTP服务
(1)、tftp服务安装:
yum -y install tftp-server
(2)、tftp下文件准备:
[root@localhost tftpboot]# tree . ├── centos │ ├── 6 │ │ ├── initrd.img │ │ └── vmlinuz │ └── 7 │ ├── initrd.img │ └── vmlinuz ├── menu.c32 //该文件来自yum -y install syslinux ├── pxelinux.0 //该文件来自yum -y install syslinux └── pxelinux.cfg └── default //来自isolinux.cfg的修改 4 directories, 7 files
(3)、default文件内容
default menu.c32 timeout 600 menu title PXE INSTALL CentOS 6/7 MENU label linux7 menu label ^Install CentOS 7 mini from local source kernel centos/7/vmlinuz append initrd=centos/7/initrd.img ks=http://192.168.0.201/ksfile/7/localkscli.cfg label linux7_desktop menu label Install ^CentOS 7 desktop from local source kernel centos/7/vmlinuz append centos/7/initrd=initrd.img ks=http://192.168.0.201/ksfile/7/localksgui.cfg label linux6 menu label ^Install CentOS 6 mini from internet source kernel centos/6/vmlinuz append initrd=centos/6/initrd.img ks=http://192.168.0.201/ksfile/6/internetkscli.cfg label linux6_desktop menu label Install ^CentOS 6 desktop from internet source kernel centos/6/vmlinuz append centos/6/initrd=initrd.img ks=http://192.168.0.201/ksfile/6/internetksgui.cfg label local menu default menu label Boot from ^local drive localboot 0xffff
多个系统版本安装时,注意vmlinuz、initrd、ks文件的路径。
三、安装环境准备---提供HTTP服务
(1)、/var/www/html文件组成
yum -y install httpd
tree /var/www/html
└── html ├── centos │ ├── 6 │ │ └── os │ │ └── x86_64 //本次实验使用互联网安装源文件(这里暂不放文件) │ └── 7 │ └── os │ └── x86_64 //挂载本地安装源文件(本次实验使用) └── ksfile ├── 6 │ ├── internetkscli.cfg │ ├── internetksgui.cfg │ ├── localkscli.cfg │ └── localksgui.cfg └── 7 ├── internetkscli.cfg ├── internetksgui.cfg ├── localkscli.cfg └── localksgui.cfg
(2)、安装环境准备---kickstart文件(centos6\7预安装文件)
install url --url="https://mirrors.aliyun.com/centos/6/os/x86_64/" //centos6使用互联网上的安装源 text lang en_US.UTF-8 keyboard us zerombr bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet" network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS6 timezone --utc Asia/Shanghai authconfig --enableshadow --passalgo=sha512
#root密码123456 rootpw --iscrypted $6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/ clearpart --all --initlabel part /boot --fstype=ext4 --asprimary --size=200 part swap --size=1024 part / --fstype=ext4 --grow --asprimary --size=200 firstboot --disable selinux --disabled firewall --disabled logging --level=info reboot %packages @base @compat-libraries @debugging @development tree nmap sysstat lrzsz dos2unix %end &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& install url --url="http://192.168.48.7/centos/7/os/x86_64" //centos7使用本地盘上的安装源 text lang en_US.UTF-8 keyboard us zerombr bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet " network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS7 timezone Asia/Shanghai --isUtc --nontp authconfig --enableshadow --passalgo=sha512 rootpw --iscrypted $6$5Fh7ZqUDjFQnD7bS$OoMUqqMPCJb.j7GpKTlGQ2TxmMIi.f2ZsJURcXc9ZZpxJmubIu8rLrz5aG4XOudoSa/zvhFw351NkLP1nvqt/. clearpart --all --initlabel part /boot --fstype xfs --size 1024 part swap --size 1024 part / --fstype xfs --size 1 --grow firstboot --disable selinux --disabled firewall --disabled logging --level=info reboot %packages @^minimal @core %end %post %end
ksvalidator localkscli.cfg
本次实验centos7使用本地网络中的源文件,centos6使用互联网中的源文件,注意一下url的区别。
四、各服务启动验证
[root@localhost /]# systemctl restart httpd [root@localhost /]# systemctl restart dhcpd [root@localhost /]# systemctl restart tftp.socket [root@localhost /]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2020-10-27 12:27:35 CST; 29s ago Docs: man:httpd(8) man:apachectl(8) Process: 2099 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS) Main PID: 2102 (httpd) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: /system.slice/httpd.service ├─2102 /usr/sbin/httpd -DFOREGROUND ├─2103 /usr/sbin/httpd -DFOREGROUND ├─2104 /usr/sbin/httpd -DFOREGROUND ├─2105 /usr/sbin/httpd -DFOREGROUND ├─2106 /usr/sbin/httpd -DFOREGROUND └─2107 /usr/sbin/httpd -DFOREGROUND Oct 27 12:27:35 localhost systemd[1]: Stopped The Apache HTTP Server. Oct 27 12:27:35 localhost systemd[1]: Starting The Apache HTTP Server... Oct 27 12:27:35 localhost httpd[2102]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using ::1. Set the 'Serv...is message Oct 27 12:27:35 localhost systemd[1]: Started The Apache HTTP Server. Hint: Some lines were ellipsized, use -l to show in full. [root@localhost /]# systemctl status dhcpd ● dhcpd.service - DHCPv4 Server Daemon Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2020-10-27 12:27:39 CST; 31s ago Docs: man:dhcpd(8) man:dhcpd.conf(5) Main PID: 2115 (dhcpd) Status: "Dispatching packets..." CGroup: /system.slice/dhcpd.service └─2115 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid Oct 27 12:27:39 localhost dhcpd[2115]: No subnet declaration for eth1 (192.168.48.14). Oct 27 12:27:39 localhost dhcpd[2115]: ** Ignoring requests on eth1. If this is not what Oct 27 12:27:39 localhost dhcpd[2115]: you want, please write a subnet declaration Oct 27 12:27:39 localhost dhcpd[2115]: in your dhcpd.conf file for the network segment Oct 27 12:27:39 localhost dhcpd[2115]: to which interface eth1 is attached. ** Oct 27 12:27:39 localhost dhcpd[2115]: Oct 27 12:27:39 localhost dhcpd[2115]: Listening on LPF/eth0/00:0c:29:a8:b3:23/192.168.0.0/24 Oct 27 12:27:39 localhost dhcpd[2115]: Sending on LPF/eth0/00:0c:29:a8:b3:23/192.168.0.0/24 Oct 27 12:27:39 localhost dhcpd[2115]: Sending on Socket/fallback/fallback-net Oct 27 12:27:39 localhost systemd[1]: Started DHCPv4 Server Daemon. [root@localhost /]# systemctl status tftp.socket ● tftp.socket - Tftp Server Activation Socket Loaded: loaded (/usr/lib/systemd/system/tftp.socket; enabled; vendor preset: disabled) Active: active (listening) since Tue 2020-10-27 12:27:56 CST; 28s ago Listen: [::]:69 (Datagram) Oct 27 12:27:56 localhost systemd[1]: Closed Tftp Server Activation Socket. Oct 27 12:27:56 localhost systemd[1]: Stopping Tftp Server Activation Socket. Oct 27 12:27:56 localhost systemd[1]: Listening on Tftp Server Activation Socket. [root@localhost /]# ss -tunl Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 *:67 *:* udp UNCONN 0 0 *:68 *:* udp UNCONN 0 0 *:123 *:* udp UNCONN 0 0 127.0.0.1:323 *:* udp UNCONN 0 0 [::]:69 [::]:* udp UNCONN 0 0 [::1]:323 [::]:* tcp LISTEN 0 100 192.168.0.201:25 *:* tcp LISTEN 0 100 127.0.0.1:25 *:* tcp LISTEN 0 128 192.168.0.201:80 *:* tcp LISTEN 0 128 *:22 *:* tcp LISTEN 0 100 [::1]:25 [::]:* tcp LISTEN 0 128 [::]:22 [::]:* [root@localhost /]#
关注:http服务端口tcp 80、DHCP服务器服务端口udp 67,以及tftp服务端口udp 323(本次效果) 的开放.
五、防火墙主要端口放通
firewall-cmd --zone=public --add-service=http --permanent firewall-cmd --zone=public --add-service=dhcp --permanent firewall-cmd --zone=public --add-service=tftp --permanent [root@localhost ~]# systemctl restart firewalld [root@localhost ~]# firewall-cmd --list-service dhcp dhcpv6-client http ntp ssh tftp
部分服务放通需要重启防火墙服务在生效。
六、启动测试效果
(结束)