pxe 安装 debian9
debian+pxe+preseed.cfg安装配置
服务 | 端口 | 作用 | 备注 |
---|---|---|---|
dhcp | 67(utp服务端)68(utp客户端) | ip地址自动获取 | |
tftp | 69(utp) | 系统启动引导文件下载 | |
http | 80(tcp) | preseed应答文件下载 |
下图详解
基础环境部署
dhcpd服务:
1、yum install -y dhcp
2、配置/etc/dhcp/dhcpd.conf文件,具体ip分配,根据生产环境需求决定,以下仅为参考;
allow booting;
allow bootp;
subnet 192.168.233.0 netmask 255.255.255.0 {
range 192.168.233.5 192.168.233.9;
option domain-name-servers 114.114.114.114;
option routers 192.168.233.2;
option broadcast-address 192.168.233.255;
next-server 192.168.233.129;
filename "pxelinux.0";
default-lease-time 600;
max-lease-time 7200;
}
3、重启生效
tftp服务:
1、yum -y install tftp-server
2、设置开机自动开启tftp服务器设置,下载官网netboot压缩文件,解压到/var/lib/tftpboot/下。
chmod -R a+r /var/lib/tftpboot
bios启动方式
3、修改defalut设置,超时时间为3秒,选择第一个
path debian-installer/amd64/boot-screens/
include debian-installer/amd64/boot-screens/menu.cfg
default debian-installer/amd64/boot-screens/vesamenu.c32
prompt 1
timeout 30
4、修改txt.cfg文件,设置自动装机的参数;
label install DEBAIN
kernel debian-installer/amd64/linux
append vga=normal initrd=debian-installer/amd64/initrd.gz auto=true interface=auto netcfg/dhcp_timeout=60 netcfg/choose_interface=auto priority=critical url=http://192.168.233.129/pxe/preseed.cfg DEBCONF_DEBUG=5
IPAPPEND 2
UEFI 启动方式
3、把bootnetx64.efi文件放到 /var/lib/tftpboot/下
4、修改grub.cfg文件,设置自动装机
insmod play
play 960 440 1 0 4 440 1
menuentry 'Install' {
set background_color=black
linux /debian-installer/amd64/linux vga=normal auto=true interface=auto netcfg/choose_interface=auto priority=critical url=http://119.188.9.133/pxe/preseed.cfg --- quiet
配置httpd服务
http
1、已经把服务搭建在一个拥有公网ip地址的服务器上,主要存放preseed和初始化脚本等重要文件
(搭建在180.76.169.48上,需要注意加入机房机器所在ip段的白名单)
以上基础环境搭建部分相对简单,已经完成脚本初始化一键部署(脚本比较简单,后期争取完善更好)
#/bin/bash
cd ~
curl ifconfig.me > ip.txt
if [ $? -eq 0 ]
then
ip=`cat /root/ip.txt |awk '{print $1}'`
ip_a=`cat /root/ip.txt |awk -F "." '{print $1}'`
ip_b=`cat /root/ip.txt |awk -F "." '{print $2}'`
ip_c=`cat /root/ip.txt |awk -F "." '{print $3}'`
else
echo "no ip !!!!"
exit 2
fi
yum -y install httpd dhcp tftp-server
#tftp设置
sed -i '/disable/{s/yes/no/g;}' /etc/xinetd.d/tftp&&service xinetd restart
cd ~
wget http://ftp.nl.debian.org/debian/dists/stretch/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xf netboot.tar.gz -C /var/lib/tftpboot && chmod a+r -R /var/lib/tftpboot
bios启动方式
sed -i '/prompt/{s/0/1/g;}' /var/lib/tftpboot/pxelinux.cfg/default
sed -i '/timeout/{s/0/30/g;}' /var/lib/tftpboot/pxelinux.cfg/default
echo "label install DEBAIN" >/var/lib/tftpboot/debian-installer/amd64/boot-screens/txt.cfg
echo -e "\tkernel debian-installer/amd64/linux" >>/var/lib/tftpboot/debian-installer/amd64/boot-screens/txt.cfg
echo -e "\tappend vga=normal initrd=debian-installer/amd64/initrd.gz auto=true interface=auto netcfg/dhcp_timeout=60 netcfg/choose_interface=auto priority=critical url=http://$ip/pxe/preseed.cfg DEBCONF_DEBUG=5">>/var/lib/tftpboot/debian-installer/amd64/boot-screens/txt.cfg
echo -e "\tIPAPPEND 2">>/var/lib/tftpboot/debian-installer/amd64/boot-screens/txt.cfg
cp -a /var/lib/tftpboot/debian-installer/amd64/bootnetx64.efi /var/lib/tftpboot/
old="linux /debian-installer/amd64/linux vga=788 --- quiet"
new="linux /debian-installer/amd64/linux vga=normal auto=true interface=auto netcfg/choose_interface=auto priority=critical url=http://180.76.169.48/pxe/preseed.cfg --- quiet"
sed -i "s#$old#$new#g" /var/lib/tftpboot/debian-installer/amd64/grub/grub.cfg
dhcp设置
#dhcpd设置
cat <<EOF >/etc/dhcp/dhcpd.conf
allow booting;
allow bootp;
subnet $ip_a.$ip_b.$ip_c.0 netmask 255.255.255.0 {
range $ip_a.$ip_b.$ip_c.2 $ip_a.$ip_b.$ip_c.3;
subnet $ip_a.$ip_b.$ip_c.0 netmask 255.255.255.0 {
range $ip_a.$ip_b.$ip_c.2 $ip_a.$ip_b.$ip_c.3;
option domain-name-servers 114.114.114.114;
option routers $ip_a.$ip_b.$ip_c.1;
option broadcast-address $ip_a.$ip_b.$ip_c.255;
next-server $ip;
filename "bootnetx64.efi";
default-lease-time 600;
max-lease-time 7200;
}
EOF
dchp设置
#http设置(该部分理应放在http公网服务器上,已经部署在180.76.169.48上,所以在此并没有写)
mkdir /var/www/html/pxe
service httpd restart
preseed配置
### Locale sets language and country.
d-i debian-installer/language string en
d-i debian-installer/country string US
d-i debian-installer/locale string en_US.UTF-8
### Keyboard selection.
#d-i console-tools/archs select at
d-i console-keymaps-at/keymap select us
d-i keyboard-configuration/xkb-keymap select us
console-data console-data/keymap/qwerty/layout select US american
d-i keymap select us
d-i keyboard-configuration/variant select English (US)
### Package selection
# You can choose to install any combination of tasks that are available.
# Available tasks as of this writing include: Desktop environment,
# Web server, Print server, DNS server, File server, Mail server,
# SQL database, manual package selection. The last of those will run
# aptitude. You can also choose to install no tasks, and force the
# installation of a set of packages in some other way.
# don't install any tasks
tasksel tasksel/first multiselect ssh-server
### Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# Many countries have only one time zone. If you told the installer you're
# in one of those countries, you can choose its standard time zone via this
# question.
base-config tzconfig/choose_country_zone_single boolean true
d-i time/zone select UTC
### keyboard layouts
console-data console-data/keymap/qwerty/layout select US american
#console-data console-data/keymap/family select qwerty
#console-common console-data/keymap/family select qwerty
### Account setup.
# To preseed the root password, you have to put it in the clear in this
# file. That is not a very good idea, use caution!
passwd passwd/root-password password Admin123
passwd passwd/root-password-again passwor Admin123
# If you want to skip creation of a normal user account.
passwd passwd/make-user boolean false
#### Network configuration.
d-i netcfg/get_domain string
d-i netcfg/get_nameservers string 114.114.114.114 8.8.8.8
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
### Partitioning
## Partitioning example
# If the system has free space you can choose to only partition that space.
# This is only honoured if partman-auto/method (below) is not set.
#d-i partman-auto/init_automatically_partition select biggest_free
# Alternatively, you may specify a disk to partition. If the system has only
# one disk the installer will default to using that, but otherwise the device
# name must be given in traditional, non-devfs format (so e.g. /dev/sda
# and not e.g. /dev/discs/disc0/disc).
# For example, to use the first SCSI/SATA hard disk:
#d-i partman-auto/disk string /dev/sda
# In addition, you'll need to specify the method to use.
# The presently available methods are:
# - regular: use the usual partition types for your architecture
# - lvm: use LVM to partition the disk
# - crypto: use LVM within an encrypted partition
#d-i partman-auto/method string lvm
# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /var, and /tmp partitions
#d-i partman-auto/choose_recipe select atomic
# Or provide a recipe of your own...
# If you have a way to get a recipe file into the d-i environment, you can
# just point at it.
#d-i partman-auto/expert_recipe_file string /hd-media/recipe
# If not, you can put an entire recipe into the preconfiguration file in one
# (logical) line. This example creates a small /boot partition, suitable
# swap, and uses the rest of the space for the root partition:
#d-i partman-auto/expert_recipe string \
# boot-root :: \
# 40 50 100 ext3 \
# $primary{ } $bootable{ } \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext3 } \
# mountpoint{ /boot } \
# . \
# 500 10000 1000000000 ext3 \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext3 } \
# mountpoint{ / } \
# . \
# 64 512 300% linux-swap \
# method{ swap } format{ } \
# .
# The full recipe format is documented in the file partman-auto-recipe.txt
# included in the 'debian-installer' package or available from D-I source
# repository. This also documents how to specify settings such as file
# system labels, volume group names and which physical devices to include
# in a volume group.
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# When disk encryption is enabled, skip wiping the partitions beforehand.
#d-i partman-auto-crypto/erase_disks boolean false
## Partitioning using RAID
# The method should be set to "raid".
d-i partman-auto/method string raid
# Specify the disks to be partitioned. They will all get the same layout,
# so this will only work if the disks are the same size.
d-i partman-auto/disk string /dev/nvme0n1 /dev/nvme1n1 /dev/sda /dev/sdb /dev/sdc
# Next you need to specify the physical partitions that will be used.
d-i partman-auto/expert_recipe string \
multiraid :: \
512 100 512 fat32 \
$gptonly{ } \
$primary{ } \
method{ efi } \
format{ } \
$lvmignore{ } \
mountpoint{ /boot/efi } \
. \
798720 10000 798720 raid \
method{ raid } \
$primary{ } \
. \
100 1000 1000000000 ext4 \
$primary{ } \
$bootable{ }
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ / }
# Last you need to specify how the previously defined partitions will be
# used in the RAID setup. Remember to use the correct partition numbers
# for logical partitions. RAID levels 0, 1, 5, 6 and 10 are supported;
# devices are separated using "#".
# Parameters are:
# <raidtype> <devcount> <sparecount> <fstype> <mountpoint> \
# <devices> <sparedevices>
d-i partman-auto-raid/recipe string \
1 2 0 ext4 / \
/dev/nvme0n1p2#/dev/nvme1n1p2
# For additional information see the file partman-auto-raid-recipe.txt
# included in the 'debian-installer' package or available from D-I source
# repository.
# This makes partman automatically partition without confirmation.
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
d-i partman-md/confirm boolean true
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i mdadm/boot_degraded boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-basicfilesystems/no_swap boolean false
d-i partman/choose_partition select finish
d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman-md/confirm_nooverwrite boolean true
#
d-i grub-installer/bootdev string /dev/nvme0n1 /dev/nvme1n1 /dev/sda /dev/sdb /dev/sdc
### Boot loader installation.
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean false
# This one makes grub-installer install to the MBR if if finds some other OS
# too, which is less safe as it might not be able to boot that other OS.
d-i grub-installer/with_other_os boolean true
### Apt setup.
# automatically set the CD as the installation media.
#base-config apt-setup/uri_type select http
base-config apt-setup/uri_type select cdrom
# only scan the first CD by default
#base-config apt-setup/cd/another boolean false
# don't ask to use additional mirrors
base-config apt-setup/another boolean false
# Use a network mirror?
apt-mirror-setup apt-setup/use_mirror boolean false
### Mirror settings
# If you select ftp, the mirror/country string does not need to be set.
#d-i mirror/protocol string ftp
#d-i mirror/country string manual
#d-i mirror/http/hostname string http.us.debian.org
#d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
# Do enable security updates.
#base-config apt-setup/security-updates boolean true
# You can choose to install non-free and contrib software.
#d-i apt-setup/non-free boolean true
#d-i apt-setup/contrib boolean true
# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean false
# NTP server to use. The default is almost always fine here.
#d-i clock-setup/ntp-server string ntp.example.com
### Mailer configuration.
# During a normal install, exim asks only two questions. Here's how to
# avoid even those. More complicated preseeding is possible.
exim4-config exim4/dc_eximconfig_configtype select no configuration at this time
# It's a good idea to set this to whatever user account you choose to
# create. Leaving the value blank results in postmaster mail going to
# /var/mail/mail.
exim4-config exim4/dc_postmaster string
### skip some annoying installation status notes
# Avoid that last message about the install being complete.
#d-i finish-install/reboot_in_progress note
# Avoid the introductory message.
base-config base-config/intro note
# Avoid the final message.
base-config base-config/login note
d-i popularity-contest/participate boolean false
### simple-cdd commands
# you may add to the following commands by including a ";" followed by your
# shell commands.
# loads the simple-cdd-profiles udeb to which asks for which profiles to use,
# load the debconf preseeding and queue packages for installation.
#d-i preseed/early_command string anna-install simple-cdd-profiles
#d-i preseed/late_command string /cdrom/cf/cf-post-install.sh
d-i preseed/late_command string \
sed -i '/PermitRootLogin / s/ .*/ yes/' /target/etc/ssh/sshd_config;\
echo "PermitRootLogin yes" >> /target/etc/ssh/sshd_config ; \
cd /target;\
chroot ./ apt-get install curl -y ;\
wget http://180.76.169.48/pxe/port_install/public_key.sh; chmod +x ./public_key.sh; chroot ./ ./public_key.sh;\
wget http://180.76.169.48/pxe/port_install/port_install.sh; chmod +x ./port_install.sh; chroot ./ ./port_install.sh;\
chroot ./ apt-get update;
port_install.sh
#!/bin/sh -x
curl ifconfig.me > /root/ip.txt
id=112
ip=$(cat /root/ip.txt)
gateway=$(ip route show | grep default|awk '{print $3}')
host=$(cat /root/ip.txt |awk -F "." '{print $4}')
let host=host-1
hostname ${id}r0$host
echo `hostname` > /etc/hostname
echo "127.0.0.1 hostname" >> /etc/hosts
echo “nameserver 114.114.114.114” > /etc/resolv.conf
#设置apt-list
wget -O - https://repo.saltstack.com/apt/debian/8/amd64/2018.3/SALTSTACK-GPG-KEY.pub | apt-key add -
curl -s http://apt-yjs.su.baidu.com/aptly.gpg.asc | apt-key add -
DEBIAN_VERSION=$(cat /etc/debian_version | awk -F'\.' '{print $1}')
echo "deb http://repo.saltstack.com/apt/debian/${DEBIAN_VERSION}/amd64/2018.3 stretch main" >/etc/apt/sources.list.d/saltstack.list
apt-get update
apt-get -y dist-upgrade
apt-get install -y vim
#设置网卡
cat << EOF > /target/etc/network/interfaces
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eno5
iface eno5 inet static
address $ip/24
gateway $gateway
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 114.114.114.114
dns-search ${xxx}r0$host
auto eno6
iface eno6 inet static
address 10.$xxx.15.2
netmask 255.255.255.0
broadcast 10.$xxx.15.255
up route add -net 10.$xxx.0.0/16 gateway 10.$xxx.0.1 dev eno6
auto eno6:0
iface eno6:0 inet static
address 10.$xxx.8.2
netmask 255.255.0.0
broadcast 10.$xxx.255.255
EOF
#设置salt
in-target apt-get install -y salt-minion
cat << EOF > /target/etc/salt/minion
master:
- salt.su.baidu.com
grains:
type: yjs-relay
tag: CDN
EOF
in-target salt-call -l debug state.apply