自動化運維實戰之——構建PXE無人值守自動安裝服務器
阿新 • • 發佈:2017-10-21
pxe 自動化
【企業案例】
某公司新增一個機房,需要大規模部署操作系統環境,由於手動部署操作系統效率極為低下,現需搭建一臺PXE服務器來自動化部署操作系統。
具體要求如下:
為節省硬件資源,PXE、DHCP、TFTP、FTP全部建立在一臺服務器上;
實現多個操作系統版本的自動部署;
構建自動應答文件ks.cfg,並對系統做初始化設置
l 實現ssh免密碼登錄配置
l 關閉防火墻和SElinux
l 配置yum倉庫
l ???(可根據實際環境做添加)
【實驗環境】
操作系統及內核版本
[root@pxe ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) [root@pxe ~]# uname -r 3.10.0-514.el7.x86_64
網絡地址
服務器 | 網絡地址 |
DHCP | 192.168.10.254/24 |
PXE | 192.168.10.254/24 |
TFTP | 192.168.10.254/24 |
FTP | 192.168.10.254/24 |
配置DHCP服務器
安裝DHCP服務器
[root@pxe ~]# yum -y install dhcp
配置DHCP服務器
[root@pxe ~]# cat >> /etc/dhcp/dhcpd.conf <<EOF
subnet 192.168.10.0 netmask 255.255.255.0 {
range 192.168.10.1 192.168.10.200;
next-server 192.168.10.254;
filename "pxelinux.0";
}
EOF
[root@pxe ~]# systemctl start dhcpd配置TFTP服務器
安裝TFTP服務和syslinux軟件包
[root@pxe ~]# yum -y install tftp-server syslinux
配置TFTP服務
[root@pxe ~]# cp -v /usr/share/syslinux/{menu.c32,pxelinux.0} /var/lib/tftpboot/
‘/usr/share/syslinux/menu.c32’ -> ‘/var/lib/tftpboot/menu.c32’
‘/usr/share/syslinux/pxelinux.0’ -> ‘/var/lib/tftpboot/pxelinux.0’
[root@pxe ~]# mkdir -v /var/lib/tftpboot/{pxelinux.cfg,centos7.3,centos6.9}
mkdir: created directory ‘/var/lib/tftpboot/pxelinux.cfg’
mkdir: created directory ‘/var/lib/tftpboot/centos7.3’
mkdir: created directory ‘/var/lib/tftpboot/centos6.9’[root@pxe ~]# cat > /var/lib/tftpboot/pxelinux.cfg/default <<EOF default menu.c32 timeout 300 menu title ########## PXE Boot Menu ########## label centos6.9 menu label ^Kickstart Inatall CentOS 6.9 menu default kernel centos6.9/vmlinuz append ks=ftp://192.168.10.254/pub/ks/ks6.cfg initrd=centos6.9/initrd.img label centos7.3 menu label ^Kickstart Inatall CentOS 7.3 menu default kernel centos7.3/vmlinuz append ks=ftp://192.168.10.254/pub/ks/ks7.cfg initrd=centos7.3/initrd.img EOF
配置FTP服務器
安裝ftp服務器
[root@pxe ~]# yum -y install vsftpd
配置ftp服務器
[root@pxe ~]# mkdir -pv /var/ftp/pub/centos/{6,7}
#光驅插入centos7鏡像
[root@pxe ~]# cp -Rv /misc/cd/* /var/ftp/pub/centos/7/
#光驅插入centos6鏡像
[root@pxe ~]# cp -Rv /misc/cd/* /var/ftp/pub/centos/6/
[root@pxe ~]# mkdir -v /var/ftp/pub//ks
mkdir: created directory ‘/var/ftp/pub/ks’復制內核和虛擬磁盤文件到tftp目錄
[root@pxe ~]# cp -v /var/ftp/pub/centos/6/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6.9/
[root@pxe ~]# cp -v /var/ftp/pub/centos/7/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7.3/設置自動應答文件
CentOS7.3 自動應答文件
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
url --url=ftp://192.168.10.254/pub/centos/7 # 指明安裝源的路徑
# Use graphical install
text # 將cdrom修改為text,基於字符界面安裝
selinux --disabled
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=us --xlayouts=‘us‘
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=ens33 --onboot=on --ipv6=auto --activate # --bootproto必須是dhcp獲取,--onboot=on
network --hostname=centos7.magedu.com
# Root password = zhyang
rootpw --iscrypted $6$wdMKFHGt773BoqCx$0TS.jHNyWO/T37yl9SdkFql0zC2TjeJQXil0/rI6CH6YbOc2tf3CtSEROtJFeHpGT0DXzEbrrqKhCAglVblwo1
# System services
services --disabled="chronyd"
# System timezone
timezone Asia/Shanghai --isUtc --nontp
user --name=wang --password=$6$v.VphW/puRblcrFB$uaSrdEhGAwMXap27WIKTn5lyOOfoFyB/SNxyyL3og6s9/VQoAKoL2KQjKmeYFmoYTuYkSNL7BBxgbJzeryKr9. --iscrypted --gecos="wang"
# X Window System configuration information
xconfig --startxonboot
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Partition clearing information
zerombr # 添加zerombr ,表示清除舊磁盤上原有的mbr,新磁盤安裝可不寫
clearpart --all # 清除所有分區信息,新磁盤安裝可不寫
# Disk partitioning information
part swap --fstype="swap" --ondisk=sda --size=2048 # 分區表信息,如果你想添加分區,可按照該格式添加
part /app --fstype="xfs" --ondisk=sda --size=51200
part / --fstype="xfs" --ondisk=sda --size=51200
part /boot --fstype="xfs" --ondisk=sda --size=1024
reboot # 安裝完成之後重啟
%packages # 安裝軟件包
@^minimal
@core
@base
@development tools
autofs # 安裝autofs服務包
vim
%end
%addon com_redhat_kdump --enable --reserve-mb=‘auto‘
%end
%anaconda
pwpolicy root --minlen=6 --minquality=50 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=50 --notstrict --nochanges --notempty
pwpolicy luks --minlen=6 --minquality=50 --notstrict --nochanges --notempty
%end
%post # 安裝後腳本,我配置了yum源和ssh密鑰登錄設置(復制用於管理的服務器公鑰)
systemctl enable autofs
systemctl disable firewalld.service
sed -i ‘s/linux16 \/vmlinuz-3.*/& net.ifnames=0/‘ /boot/grub2/grub.cfg
mv /etc/sysconfig/network-scripts/{ifcfg-ens33,ifcfg-eth0}
sed -i ‘s/DEVICE.*/DEVICE=eth0/‘ /etc/sysconfig/network-scripts/ifcfg-eth0
rm -rf /etc/yum.repos.d/*
cat > /etc/yum.repos.d/base.repo <<eof
[base]
name=base
baseurl=ftp://192.168.10.254/pub/centos/7/
gpgcheck=0
eof
mkdir /root/.ssh
cat >> /root/.ssh/authorized_keys << EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjog2/Glq8VVAe5fchc4UO7OhO609+f/NEO9TcYtzzxZx450bK/nHpfIg6l9ZLF8CVEfW5S+fV2uW2pxHY0XwDPGPVIH54tacw8ILeI6vZn00WGpEkDVgcW764svH8qDlgKcTBTaPZFJJDohUHh7XRWgnub8lvhk6L0+GRXzEUhW5hEyh7ht8LsxSTVXW3s2pqOEFNFzL4bC0JXzgJa720/J6izrxYhIGFm6fBpu9ljC+DmoJZQxbxcb8EfPKOo4BqZxdfzFI2Zwai1IxbutGcbe4gRZXSFuYzkDclwLcRV2CSbm60d9l/qcvsrq2vMEtQ04KqvPFfNO91vcze7f67 root@pxe
EOF
%end
CentOS6.9自動應答文件
#version=DEVEL
install
text # 基於字符界面安裝
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto dhcp --noipv6
# Root password = zhyang
rootpw --iscrypted $6$wdMKFHGt773BoqCx$0TS.jHNyWO/T37yl9SdkFql0zC2TjeJQXil0/rI6CH6YbOc2tf3CtSEROtJFeHpGT0DXzEbrrqKhCAglVblwo1
firewall --service=ssh
authconfig --enableshadow --passalgo=sha512
url --url=ftp://192.168.10.254/pub/centos/6 # yum源的路徑
selinux --disabled # 關閉selinux
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
zerombr # 清除mbr
clearpart --all # 清除分區信息
reboot # 安裝完成後重啟
part /boot --fstype=ext4 --size=1000 # 分區信息
part / --fstype=ext4 --size=50000
part /app --fstype=ext4 --size=40000
part swap --size=2048
#repo --name="CentOS" --baseurl=cdrom:sr0 --cost=100 # 註釋掉此行
%packages
@base
@core
@development tools
vim
autofs
%end
%post # 安裝後腳本,我配置了yum源和ssh密鑰登錄設置(復制用於管理的服務器公鑰)
chkconfig autofs on
chkconfig iptables off
rm -rf /etc/yum.repos.d/*
cat > /etc/yum.repos.d/base.repo <<eof
[base]
name=base
baseurl=ftp://192.168.10.254/pub/centos/6/
gpgcheck=0
eof
mkdir /root/.ssh
cat >> /root/.ssh/authorized_keys << EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjog2/Glq8VVAe5fchc4UO7OhO609+f/NEO9TcYtzzxZx450bK/nHpfIg6l9ZLF8CVEfW5S+fV2uW2pxHY0XwDPGPVIH54tacw8ILeI6vZn00WGpEkDVgcW764svH8qDlgKcTBTaPZFJJDohUHh7XRWgnub8lvhk6L0+GRXzEUhW5hEyh7ht8LsxSTVXW3s2pqOEFNFzL4bC0JXzgJa720/J6izrxYhIGFm6fBpu9ljC+DmoJZQxbxcb8EfPKOo4BqZxdfzFI2Zwai1IxbutGcbe4gRZXSFuYzkDclwLcRV2CSbm60d9l/qcvsrq2vMEtQ04KqvPFfNO91vcze7f67 root@pxe
EOF
%end復制應答文件到ftp共享目錄
[root@pxe ~]# cp -v ks7.cfg /var/ftp/pub/centos/ks/ ‘ks7.cfg’ -> ‘/var/ftp/pub/centos/ks/ks7.cfg’ [root@pxe ~]# cp -v ks6.cfg /var/ftp/pub/centos/ks/ ‘ks6.cfg’ -> ‘/var/ftp/pub/centos/ks/ks6.cfg’
設置相關服務啟動
[root@centos7 ~]# systemctl enable dhcpd.service [root@centos7 ~]# systemctl start dhcpd.service [root@centos7 ~]# systemctl enable tftp.socket [root@centos7 ~]# systemctl start tftp.socket [root@centos7 ~]# systemctl enable vsftpd.service [root@centos7 ~]# systemctl start vsftpd.service 關閉防火墻和SElinux [root@pxe ~]# systemctl disable firewalld.service [root@pxe ~]# systemctl stop firewalld.service [root@pxe ~]# sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/‘ /etc/selinux/config [root@pxe ~]# setenforce 0
本文出自 “Keep simple keep stupid” 博客,請務必保留此出處http://yangzhiheng.blog.51cto.com/11586378/1974519
自動化運維實戰之——構建PXE無人值守自動安裝服務器