参考
一. 原理
目前市场上稍微有些实力的交换机厂商,均支持自动化的批量开局部署,虽然具体实现有些区别,但实现原理基本一致。如下图:
1.交换机加电启动,检测到没有配置文件则进入自动化配置模式,从dhcp服务器获取地址;
2.交换机从dhcp的option信息中获取文件服务器相关信息(文件服务器地址,需要下载的文件信息等);
3.交换机从文件服务器下载image,patch,配置文件等;
4.交换机加载配置(是否重启根据厂商不同而不同),完成配置。
二. 设置DHCP & TFTP 服务器
2.1 DHCP服务器
2.1.1 iptables
# dhcp server: udp 67
# dhcp client: udp 68
vim /etc/sysconfig/iptables
-A INPUT -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 68 -j ACCEPT
# 重启服务
service iptables restart
2.1.2 安装配置
# 安装
yum install dhcp -y
# 范例:/usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
cat /etc/dhcp/dhcpd.conf
ddns-update-style none; # interim为DNS互动更新模式,ad-hoc为特殊DNS更新模式,none为不支持动态更新模式
ignore client-updates; # 忽略客户端更新
# option domain-name "centos.org"; # 默认搜索域
# option domain-name-servers 100.64.191.11;
# option ntp-servers 100.64.191.25;
option time-offset -18000; # Eastern Standard Time
default-lease-time 21600; # The default is 43200 seconds
max-lease-time 43200; # If not defined, the default maximum lease time is 86400
#allow booting; # The booting flag is used to tell dhcpd whether or not to respond to queries from a particular client. This keyword only has meaning when it appears in a host declaration. By default, booting is allowed, but if it is disabled for a particular client, then that client will not be able to get an address from the DHCP server.
#allow bootp; # The bootp flag is used to tell dhcpd whether or not to respond to bootp queries. Bootp queries are allowed by default.
option tftp-server-address code 150 = ip-address; # isc-dhcp-server中并没有"tftp-server-address"的option参数,需要提起指定
subnet 100.64.191.0 netmask 255.255.255.0 {
range 100.64.191.101 100.64.191.200;
# option subnet-mask 255.255.255.0;
option routers 100.64.191.1; # 如果在二层网络下操作,是否设置网关并不重要
# next-server 100.64.191.10; # 一般操作系统的自动安装使用option66指向tftp服务器
# filename "/pxelinux.0"; # tftp根目录下的启动引导文件
option tftp-server-address