环境说明:
服务端:虚拟机,4核,8G,双千兆网卡(1个用于管理,1个桥接到内网交换机做DHCP),100G硬盘(实际占用5G,开启后约12G),CentOS 7.9 mini
客户机:浪潮NF5468M6,8358*2,32G*16,双口25G*1,双口千兆*1(仅连接1个端口,用于PXE),3.84T NVME*1,ubuntu-18.04.6-server-amd64.iso(注意:不是live版本!!!live版本测试不通过!!!)
EFI引导:
[root@pxe efi]# cat grub.cfg
set default="0"
function load_video {
insmod efi_gop
insmod efi_uga
insmod video_bochs
insmod video_cirrus
insmod all_video
}
load_video
set gfxpayload=keep
insmod net
insmod efinet
insmod tftp
insmod gzio
insmod part_gpt
insmod ext4
set timeout=1
### BEGIN /etc/grub.d/10_linux ###
menuentry 'Ubuntu 18.04.6 For inspur With seed' --class fedora --class gnu-linux --class gnu --class os {
linuxefi (tftp)inspur/linux vga=788 ip=dhcp preseed/url=http://172.17.251.200/tftp/inspur/inspur.seed ks=http://172.17.251.200/tftp/inspur/ks.cfg live-installer/net-image=http://172.17.251.200/tftp/inspur/filesystem.squashfs ksdevice=bootif clock-setup/ntp=false - quit
initrdefi (tftp)inspur/initrd.gz
}
ks.cfg部分:
install
lang en_US
keyboard --vckeymap=us --xlayouts='us'
url --url="http://172.17.251.200/iso/inspur/"
text
timezone Asia/Shanghai --isUtc
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
skipx
reboot
ubuntu.seed部分:
### Preseed for inspur ChengDu @ Ubuntu 18.04
### Unattended Installation
d-i auto-install/enable boolean true
d-i debconf/priority select critical
d-i live-installer/net-image string http://172.17.251.200/tftp/inspur/filesystem.squashfs
### Localization
d-i debian-installer/locale string en_US.UTF-8
d-i localechooser/supported-locales multiselect en_US.UTF-8, de_DE.UTF-8
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us
### Network configuration(设置主机名为inspur)
d-i netcfg/choose_interface select auto
d-i netcfg/hostname string inspur
d-i netcfg/get_hostname string inspur
d-i netcfg/get_domain string unnamed
d-i hw-detect/load_firmware boolean true
### Mirror settings (使用http的镜像源)
d-i mirror/protocol string http
d-i mirror/http/hostname string 172.17.251.200
d-i mirror/http/directory string /iso/inspur
### Account setup (设置root用户和新建inspur用户的密码,密码生成方法附后)
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password ********
d-i passwd/make-user boolean true
d-i passwd/user-fullname string inspur User
d-i passwd/username string inspur
d-i passwd/user-password-crypted password ********
d-i passwd/user-uid string 1000
### Clock and time zone setup (配置时区和NTP服务器地址)
d-i clock-setup/utc boolean true
d-i time/zone string Etc/UTC
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string 172.17.180.21
(避免在U盘上装系统,来自网络,可删除)
d-i partman/early_command string \
USBDEV_LIST="$(mktemp)"; \
list-devices usb-partition | sed "s/\(.*\)./\1/" > "$USBDEV_LIST"; \
BOOTDEV="$(list-devices disk | grep -vf "$USBDEV_LIST" | head -n 1)"; \
debconf-set partman-auto/disk "$BOOTDEV"; \
debconf-set grub-installer/bootdev "$BOOTDEV"; \
while /bin/true; do sleep 0.01; rm -f /target/etc/grub.d/30_os-prober; done &
### Partitioning (在nvme0n1上做常规分区)
d-i partman-auto/disk string nvme0n1
d-i partman-auto/method string regular
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
### Disk layout (efi 510M,/分区 1024G,剩余空间给/inspur)
d-i partman-auto/choose_recipe select boot-root
d-i partman-auto/expert_recipe string \
boot-root :: \
536 512 536 fat32 $primary{ } method{ efi } device{ nvme0n1 } format{ } . \
1099511 1024 1099511 ext4 $bootable{ } method{ formart } device{ nvme0n1 } format{ } use_filesystem{ } filesystem{ ext4 } mountpoint{ / } . \
2048 2048 -1 ext4 method{ formart } device{ nvme0n1 } format{ } use_filesystem{ } filesystem{ ext4 } mountpoint{ /inspur } .
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
### GPT (大于2T硬盘,强制使用GPT)
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
### EFI (使用UEFI引导)
d-i partman-efi/non_efi_system boolean true
### Grub (安装grub)
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string /dev/nvme0n1
### Base system installation (安装linux-generic基础内核)
d-i base-installer/install-recommends boolean true
d-i base-installer/kernel/image string linux-generic
### Apt setup (配置apt-get用的源)
d-i apt-setup/restricted boolean true
d-i apt-setup/universe boolean true
d-i apt-setup/backports boolean true
d-i apt-setup/use_mirror boolean false
d-i apt-setup/services-select main
d-i apt-setup/security_host string 172.17.251.200
d-i apt-setup/security_path string /iso/inspur
d-i apt-setup/local0/repository string http://172.17.251.200/iso/inspur bionic main
d-i apt-setup/local0/source boolean false
d-i apt-setup/local0/key string http://172.17.251.200/iso/inspur/dists/bionic/Release.gpg
d-i debian-installer/allow_unauthenticated boolean true
### Package selection (配置apt-get安装的包)
d-i tasksel/first multiselect
d-i pkgsel/include string openssh-server vim net-tools
d-i pkgsel/update-policy select none
##### Finishing up the installation (定制post脚本,根据实际需要来)
d-i preseed/late_command string \
## cp -r /custom /target/custom; \
in-target sh -c 'cat /etc/fstab | grep -v inspur > /tmp/fstab'; \
in-target sh -c 'mv /etc/fstab /etc/fstab.default'; \
in-target sh -c 'mv /tmp/fstab /etc/fstab'; \
in-target sh -c 'echo "PermitRootLogin Yes" >> /etc/ssh/sshd_config'; \ (开启root的ssh登录)
in-target sh -c 'wget -P /tmp/ http://172.17.251.200/tftp/inspur/update.tgz'; \ (下载离线软件包。适用于无互联网环境。有互联网环境直接apt-get就行)
in-target sh -c 'cd /tmp/;tar -zxvf update.tgz'; \
in-target sh -c 'echo "deb [trusted=yes] file:// /tmp/update/archives/" > /etc/apt/sources.list'; \
in-target sh -c 'apt-get clean && apt-get update'; \
in-target sh -c 'apt-get install -y sshpass ntp ipmitool linux-image-5.4.0-113-generic linux-headers-5.4.0-113-generic linux-modules-extra-5.4.0-113-generic build-essential'; \
in-target sh -c 'dpkg --get-selections | grep linux-image'; \
in-target sh -c 'apt-mark hold linux-image-5.4.0-113-generic'; \
in-target sh -c 'dpkg --get-selections | grep linux-image'; \
in-target sh -c 'systemctl disable ufw'; \
in-target sh -c 'ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime'; \
in-target sh -c 'mv /etc/ntp.conf /etc/ntp.conf.default'; \
in-target sh -c 'wget -P /etc/ http://172.17.251.200/tftp/inspur/ntp.conf && chmod 644 /etc/ntp.conf'; \
in-target sh -c 'systemctl enable ntp'; \
in-target sh -c 'wget -P /etc/apt/ http://172.17.251.200/tftp/inspur/sources.list'; \ (wget在已有文件的情况下,新下载的文件会命名为XX.1。建议在这个步骤前增加mv命令。)
in-target sh -c 'wget -P /root/ http://172.17.251.200/tftp/inspur/Pre.sh'; \
in-target sh -c 'chmod 755 /root/Pre.sh'; \
in-target sh -c 'rm -rf /tmp/update*'; \
in-target sh -c 'mkdir -p --mode=0700 /root/.ssh'; \
in-target sh -c 'wget -P /root/.ssh/ http://172.17.251.200/tftp/inspur/key.pub'; \
in-target sh -c 'cat /root/.ssh/key.pub > /root/.ssh/authorized_keys && chmod 0600 /root/.ssh/authorized_keys'; \
in-target sh -c 'wget -P /tmp/ http://172.17.251.200/tftp/inspur/e810_ice.tgz'; \
in-target sh -c 'cd /tmp && tar -zxvf e810_ice.tgz'; \
in-target sh -c 'cd /tmp/ice-1.8.9/src && make install'; \
in-target sh -c 'modinfo ice && modprobe ice'; \
#in-target sh -c ''; \
#in-target sh -c ''; \
#in-target sh -c ''; \
#in-target sh -c ''; \
#in-target sh -c ''; \
#in-target sh -c ''; \
in-target sh -c 'eject || true';
d-i debian-installer/splash boolean false
d-i cdrom-detect/eject boolean true
### Shutdown machine
d-i finish-install/reboot_in_progress note
d-i debian-installer/exit/poweroff boolean true (安装完成后关机)
密码生成
mkpasswd -m sha-512