LINUX网络自动化安装
学习该知识点的目的是当项目要求短时间内上架大量服务器时的LINUX快速安装
服务端(192.168.1.107)
1.关闭iptables与selinux
service iptables stop
#chkconfig iptables off
setenforce 0
或vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
#SELINUX=enforcing注释掉
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
2.配置YUM源
cp /etc/yum.repos.d/rhel-debuginfo.repo /etc/yum.repos.d/yum.repo
vi /etc/yum.repos.d/yum.repo
[Base]
name=Red Hat Enterprise Linux
baseurl=file:///media/Server
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
3.安装DHCP TFTP VSFTP SYSLINUX SYSTEM-CONFIG-KICKSTART
先挂盘 mount /dev/cdrom /media/
yum install -y vsftpd*
yum install -y dhcp*
yum install -y system-config-kickstart
yum install -y tftp*
yum install -y syslinux*
4。配置DHCP
vi /etc/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
#
——一开始这个配置文件只有上面几行,按照提示输入冒号:
:r /usr/share/doc/dhcp*/dhcpd.conf.sample回车后下面就有了
ddns-update-style interim;
ignore client-updates;
# allow boot from network use PXE
allow booting;
allow bootp;
subnet 192.168.1.0 netmask 255.255.255.0 {
网关和子网掩码
# --- default gateway
option routers 192.168.1.1;为客户端设定默认网关
option subnet-mask 255.255.255.0;为客户端设定子网掩码
# option nis-domain "domain.org";为客户端配置NIS域
# option domain-name "domain.org";为客户端指明DNS名字
# option domain-name-servers 192.168.1.1;为客户端指明DNS服务器IP地址
option time-offset -18000; # Eastern Standard Time为客户端设定和格林威治时间的偏移时间,单位是秒
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.1.128 192.168.1.254;为客户端提供的ip起止范围
default-lease-time 21600;
max-lease-time 43200;
# next-server is the tftp server.
# filename is boot image file under tftp root
next-server 192.168.1.107;从这个主机找引导文件
filename "pxelinux.0";
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
5.配置TFTP
vi /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
disable = no
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -u nobody -s /tftpboot
per_source = 11
cps = 100 2
flags = IPv4
}
6.启动dhcp tftp
service dhcpd start
service xinetd start
chkconfig dhcpd on
chkconfig xinetd on
启动之后根目录下应该就会有/tftpboot目录了,没有就自己创建吧╮(╯_╰)╭
7.配置PXE
cp /usr/lib/syslinux/pxelinux.0 /tftpboot
cp /media/images/pxeboot/{vmlinuz,initrd.img} /tftpboot/
mkdir /tftpboot/pxelinux.cfg
cp /media/isolinux/isolinux.cfg /tftpboot/pxelinux.cfg/default
vi /tftpboot/pxelinux.cfg/default
default linux
prompt 1
#timeout 600
timeout 6
display boot.msg
F1 boot.msg
F2 options.msg
F3 general.msg
F4 param.msg
F5 rescue.msg
label linux
kernel vmlinuz
# append initrd=initrd.img
append ks=ftp://192.168.1.107/ks.cfg initrd=initrd.img
把这改了,注意ks.cfg文件位置,由于我们配置的是ftp,匿名用户登录的文件夹是/var/ftp/pub,所以之后的ks.cfg要放在这个目录下
label text
kernel vmlinuz
append initrd=initrd.img text
label ks
kernel vmlinuz
append ks initrd=initrd.img
label local
localboot 1
label memtest86
kernel memtest
append -
8.配置KICKSTART
系统安装完成后,默认会在/root下生成一个anaconda-ks.cfg
我们可以找一台服务器的拿下来改一改再用
cp /root/anaconda-ks.cfg /var/ftp/pub/ks.cfg
vi /var/ftp/pub/ks.cfg
# Kickstart file automatically generated by anaconda.
install
#cdrom
url —url=ftp://192.168.1.107/redhat/
我们使用的ftp,所以将cdrom注释掉,不然客户机会去cdrom找安装文件
我们的安装光盘文件之后要复制到/var/ftp/pub/redhat文件夹内
key --skip
lang zh_CN.UTF-8
keyboard us
xconfig --startxonboot
network --device eth0 --bootproto dhcp
rootpw oracle设置root密码
firewall --disabled
authconfig --enableshadow --enablemd5
selinux --disabled
timezone --utc Asia/Shanghai
bootloader --location=mbr --driveorder=sda --append="rhgb quiet"
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
#clearpart --all --drives=sda
clearpart --all —initlabel这行必须要加不然会让你手动点确认
———————————————————————————————
下面配置boot
还可以创建逻辑卷,前提是创建pv
part /boot --fstype ext3 --size=100 --ondisk=sda
part pv.2 --size=0 --grow --ondisk=sda
volgroup VolGroup00 --pesize=32768 pv.2
logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow
logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=1008 --grow --maxsize=2016
reboot安装后自动重启,不然又要手动点
%packages
@admin-tools
@base
@chinese-support
@core
@development-libs
@development-tools
@dialup
@editors
@ftp-server
@gnome-desktop
@gnome-software-development
@games
@graphical-internet
@graphics
@java
@java-development
@kde-desktop
@kde-software-development
@legacy-software-development
@legacy-software-support
@mail-server
@office
@printing
@ruby
@sound-and-video
@system-tools
@text-internet
@x-software-development
@base-x
kexec-tools
fipscheck
device-mapper-multipath
sgpio
python-dmidecode
imake
emacs
libsane-hpaio
audit
mesa-libGLU-devel
xorg-x11-utils
xorg-x11-server-Xnest
xorg-x11-server-Xvfb
我们还可以在安装后执行脚本去修改主机名等信息
通过
%post后面跟脚本
%post
ntpdate -b 172.16.0.1
hwclock --systohc –utc
cat > /etc/ntp.conf <<END
restrict default ignore
restrict 127.0.0.1
restrict 172.16.0.1
server 172.16.0.1
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
END
echo "172.16.0.1" >> /etc/ntp/step-tickers
chkconfig ntpd on
useradd student
echo "student" | passwd --stdin student
useradd visitor
echo "password" | passwd --stdin visitor
mkdir /home/student/Desktop
${httpget} -source http://172.16.0.1/pub/gls/ClassInteractives.desktop > /home/student/Desktop/Class\ Interactives.desktop
chown -R student:student /home/student/Desktop
perl -pi -e 's,DAILY_UPDATE=no,DAILY_UPDATE=yes,g' /etc/updatedb.conf
最后付一个kickstart配置详解:
http://blog.chinaunix.net/uid-17240700-id-2813881.html
9.最后拷贝安装文件至ftp目录
cp -r /media/* /var/ftp/pub/redhat/
之后就可以启动客户机安装了
安装原理:
1客户机的BIOS 设置为从网络启动
2 客户机从DHCP 服务器获取IP 地址
3 客户机从DHCP 服务器指定的TFTP 加载引导镜像
4 根据TFTP 服务器中的配置文件开始自动化安装。如果配置文件给的信息太少,将会进入交互的安装模式。交互安装模式中,可以选择安装介质在网络上的位置及访问方式。
DHCP服务器获取IP地址-TFTP获取引导镜像-TFTP中找pxe配置文件-pxe配置文件中获取ks.cfg文件-ks.cfg文件中获取安装信息和安装文件位置
客户机获取到IP 地址之后,会到TFTP 服务器的/tftpboot/pxelinux.cfg目录下寻找配置文件。
某台机器的 MAC地址是`88:99:AA:BB:CC:DD` ,获取到的 IP为192.0.2.91(对应的16进制数是C000025B),那么它会按照下面的顺序去查找它的配置文件:
/tftpboot/pxelinux.cfg/01-88-99-aa-bb-cc-dd
/tftpboot/pxelinux.cfg/C000025B
/tftpboot/pxelinux.cfg/C000025
/tftpboot/pxelinux.cfg/C00002
/tftpboot/pxelinux.cfg/C0000
/tftpboot/pxelinux.cfg/C000
/tftpboot/pxelinux.cfg/C00
/tftpboot/pxelinux.cfg/C0
/tftpboot/pxelinux.cfg/C
/tftpboot/pxelinux.cfg/default
可以看到它的顺序是先查找有没有和它的 MAC地址对应的配置文件,然后是IP地址,再到某个可能是它的子网,最后就是default了
那么,就很好分配了,例如:
192.0.2.0/24 这个网段的机器都装SLES,那么就修改对应的配置文件/tftpboot/pxelinux.cfg/C00002;
192.168.95.240/28 这个网段的机器都装RHEL,那么就修改对应的配置文件/tftpboot/pxelinux.cfg/C0A85FF;
这些配置文件可以复制 default再略作修改:
# cp /tftpboot/pxelinux.cfg/default /tftpboot/pxelinux.cfg/C00002
# vi /tftpboot/pxelinux.cfg/C00002