第九周

总结

第九周 

 

 

 

 

 

安装系统时要注意物理磁盘应该是NTFS分区,fat分区不支持4个G以上的大文件

点击光驱加载centos6的光盘

 

网卡设置成桥接

 

加电启动

 

在每一项按Tab可以添加内核参数

第一项安装或者升级一个系统

第二项如果选择第一项花瓶或者无法正常显示可以选择第二项,会加载一个基本得显卡。

第三项救援模式

第四项直接硬盘启动

第五项检测内存

可以在第一项后面加rescue来进入救援模式

按Exc 进入boot  输入linux对应的就是正常安装因为下面文件的定义所以可以进入安装模式

在boot界面下输入linux rescue也可以进入救援模式

在boot界面下输入rescue也可以进入救援模式

 

[root@centos6 boot]#cd /misc/cd

[root@centos6 cd]#ls

CentOS_BuildTag  GPL       Packages                  RPM-GPG-KEY-CentOS-6           RPM-GPG-KEY-CentOS-Testing-6

EFI              images    RELEASE-NOTES-en-US.html  RPM-GPG-KEY-CentOS-Debug-6     TRANS.TBL

EULA             isolinux  repodata                  RPM-GPG-KEY-CentOS-Security-6

[root@centos6 cd]#cd isolinux/

[root@centos6 isolinux]#ls

boot.cat  grub.conf   isolinux.bin  memtest     TRANS.TBL     vmlinuz

boot.msg  initrd.img  isolinux.cfg  splash.jpg  vesamenu.c32

[root@centos6 isolinux]#cat isolinux.cfg

default vesamenu.c32

#prompt 1

timeout 600

 

display boot.msg

 

menu background splash.jpg

menu title Welcome to CentOS 6.9!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

 

label linux

menu label ^Install or upgrade an existing system

menu default      默认启动菜单项

kernel vmlinuz

append initrd=initrd.img

label vesa

menu label Install system with ^basic video driver

kernel vmlinuz

append initrd=initrd.img nomodeset

label rescue

menu label ^Rescue installed system

kernel vmlinuz

append initrd=initrd.img rescue

label local

menu label Boot from ^local drive

localboot 0xffff

label memtest86

menu label ^Memory test

kernel memtest

append –

这个isolinux.cfg文件对应的就是安装菜单的每一项 ,将来可以自己定制这个文件来定制安装菜单的每一项。

每项中的^是快捷方式也是光标在这一样所在的位置

 

安装程序启动过程

MBR:isolinux/boot.cat

stage2: isolinux/isolinux.bin

配置文件:isolinux/isolinux.cfg

每个对应的菜单选项:

加载内核:isolinuz/vmlinuz

向内核传递参数:append initrd=initrd.img …

装载根文件系统,并启动anaconda

默认启动GUI接口

若是显式指定使用TUI接口:向内核传递text参数即可

(1)按tab键,在后面增加text

(2)按ESC键:boot: linux text

 

[root@centos6 isolinux]#ll

total 45306

-r–r–r– 1 root root     2048 Jun 17  2017 boot.cat   类似于MBR

-r–r–r– 1 root root       84 Mar 29  2017 boot.msg

-r–r–r– 1 root root      321 Mar 29  2017 grub.conf

-r–r–r– 1 root root 41587792 Mar 29  2017 initrd.img

-r–r–r– 1 root root    24576 Mar 29  2017 isolinux.bin  相当于GRUB的第二阶段

-r–r–r– 1 root root      923 Mar 29  2017 isolinux.cfg

-r–r–r– 1 root root   183012 Mar 29  2017 memtest

-r–r–r– 1 root root   151230 Mar 29  2017 splash.jpg

-r–r–r– 1 root root     2215 Jun 17  2017 TRANS.TBL

-r–r–r– 1 root root   163728 Mar 29  2017 vesamenu.c32

-r-xr-xr-x 1 root root  4274992 Mar 29  2017 vmlinuz       加载的内核文件

 

[root@centos6 isolinux]#hexdump -C boot.cat

00000000  01 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |…………….|

00000010  00 00 00 00 00 00 00 00  00 00 00 00 aa 55 55 aa  |………….UU.|

00000020  88 00 00 00 00 00 08 00  bc 03 00 00 00 00 00 00  |…………….|

00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |…………….|

*

00000800

纯字符界面安装

适用于自动化安装

 

boot.iso只能用来引导启动,不能安装系统。

如果想安装系统可以指定一个yum源

在centos6上

boot : linux ip=172.20.0.66 netmask=255.255.0.0 repo=http://172.20.0.1/centos/6

boot : linux askmethod  强制询问安装方法

在centos7上

boot : linux ip=172.20.0.66 netmask=255.255.0.0 inxt.repo=http://172.20.0.1/centos/6

 

 

系统安装

启动安装过程一般应位于引导设备;后续的anaconda及其安装用到的程序包等

可来自下面几种方式:

本地光盘

本地硬盘

NFS

URL:

ftp server: yum repository

http server: yum repostory

如果想手动指定安装源:

boot: linux askmethod

 

 

 

按Ctrl Alt F4

可以查看获取的地址

点击OK进入安装界面,这时的安装时基于网络的而不是本地光盘,按Ctrl Alt F2,输入 ip a可以查看地址

选择存储位置,1本地2远程实现无盘工作站

初始化硬盘

设置主机名和IP地址

选择时区,最下面的是格林尼治时间如果选择会与北京时间相差8个小时

给root设置密码

默认分区是逻辑卷,选择下面的对勾是预览

系统默认分区情况

boot分区不能是逻辑卷,因为grub不支持逻辑卷

boot分区500M大小ext4文件系统格式

将剩下的空间分成逻辑卷

 

设置root分区的大小文件系统等信息

划分swap分区

划分试验用的data分区

next format write change to disk

 

加载bootloader及单用户设置口令

选择安装的软件+add可以添加epel源中的软件customize添加一些软件

因为是最小化安装所以没有图形界面

安装图形界面

 

[root@centos6 ~]# cd !*

cd /etc/yum.repos.d/

[root@centos6 yum.repos.d]# ls

CentOS-Base.repo  CentOS-Debuginfo.repo  CentOS-fasttrack.repo  CentOS-Media.repo  CentOS-Vault.repo

[root@centos6 yum.repos.d]# mkdir bak

[root@centos6 yum.repos.d]# mv Cen* bak

[root@centos6 yum.repos.d]# ls

bak

[root@centos6 yum.repos.d]# touch base.repo

[root@centos6 yum.repos.d]# vim base.repo

-bash: vim: command not found

[root@centos6 yum.repos.d]# vi base.repo

[root@centos6 yum.repos.d]# mount /dev/sr0 /mnt

mount: block device /dev/sr0 is write-protected, mounting read-only

[root@centos6 yum.repos.d]# yum repolist

Loaded plugins: fastestmirror

base                                                                                             | 4.0 kB     00:00 …

base/primary_db                                                                                  | 4.7 MB     00:00 …

repo id                                                   repo name                                               status

base                                                      base                                                    6,706

repolist: 6,706

[root@centos6 yum.repos.d]# yum grouplist

Desktop

[root@centos6 yum.repos.d]# yum groupinstall  Desktop

 

为了使ssh连接速度变快

[root@centos6 yum.repos.d]# vi /etc/ssh/sshd_config

GSSAPIAuthentication yes    (应用接口证明)改成no

GSSAPIAuthentication no

UseDNS yes           使用DNS改成no

UseDNS no

 

想自动化安装就必须先配置好安装中的每一个步骤,这每一个步骤的配置就在anaconda中配置格式如下

 

[root@centos6 ~]#cat anaconda-ks.cfg

# Kickstart file automatically generated by anaconda.

 

#version=DEVEL

install

cdrom             通过光盘安装  url –url=http://172.20.0.1/centos/6   网络安装路径写法

 

lang en_US.UTF-8

keyboard us

network –onboot no –device eth0 –bootproto dhcp –noipv6

rootpw  –iscrypted $6$EulmJzD3GuV3Toj2$.oqwavfA9E8x1LfgW5QHIqpf6yInwkc/BOYZrw.Vg6avhYBOZUIJNxQCMRTYQDZHGuH.LCjdlhil2nncpVyQD1

firewall –service=ssh

authconfig –enableshadow –passalgo=sha512

selinux –enforcing

timezone Asia/Shanghai

bootloader –location=mbr –driveorder=sda –append=”crashkernel=auto rhgb quiet”

# The following is the partition information you requested

# Note that any partitions you deleted are not expressed

# here so unless you clear all partitions first, this is

# not guaranteed to work

#clearpart –none

 

#part /boot –fstype=ext4 –size=1024

#part / –fstype=ext4 –size=50000

#part /data –fstype=ext4 –size=30000

 

#part swap –size=2048

 

 

repo –name=”CentOS”  –baseurl=cdrom:sr0 –cost=100

 

%packages

@base

@core

@debugging

@basic-desktop

@desktop-debugging

@desktop-platform

@directory-client

@fonts

@general-desktop

@graphical-admin-tools

@input-methods

@internet-applications

@internet-browser

@java-platform

@kde-desktop

@legacy-x

@network-file-system-client

@office-suite

@print-client

@remote-desktop-clients

@server-platform

@server-policy

@workstation-policy

@x11

mtools

pax

python-dmidecode

oddjob

wodim

sgpio

genisoimage

device-mapper-persistent-data

abrt-gui

qt-mysql

samba-winbind

certmonger

pam_krb5

krb5-workstation

xterm

xorg-x11-xdm

libXmu

rdesktop

%end

当自己想要生成anaconda时可以将别的机器的修改一下

更多的是用system-config-kickstart 生成

[root@centos6 ~]#yum install system-config-kickstart

 

系统安装

安装boot引导选项:boot:

text: 文本安装方式

askmethod: 手动指定使用的安装方法

与网络相关的引导选项:

ip=IPADDR

netmask=MASK

gateway=GW

dns=DNS_SERVER_IP

ifname=NAME:MAC_ADDR

与远程访问功能相关的引导选项:

vnc       没有显示器,用vnc连接查看过程

vncpassword=’PASSWORD’

 

system-config-kickstart

 

kickstart使用方法

是否加密口令

是否需要CDK验证windows和redhat需要

cpu架构

不加载图形工具

安装时是否为交互式

安装方法

boot loader设置

分区策略

网卡编辑

验证方法默认本地验证就行

禁用selinux和firewalld

图形界面第一启动是否启动图形界面

选择想要安装的软件

安装前脚本

安装后脚本

 

编译完成后生成的文件

 

[root@centos6 ~]#cat ks6_mini.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Firewall configuration

firewall –disabled

# Install OS instead of upgrade

install

# Use network installation

url –url=”http://172.20.0.1/centos/6″

# Root password

rootpw –plaintext magedu

# System authorization information

auth  –useshadow  –passalgo=sha512

# Use text mode install

text

firstboot –disable

# System keyboard

keyboard us

# System language

lang en_US

# SELinux configuration

selinux –disabled

# Installation logging level

logging –level=info

# Reboot after installation

reboot

# System timezone

timezone  Asia/Shanghai

# Network information

network  –bootproto=static –device=eth0 –gateway=172.20.0.1 –ip=172.20.0.105 –netmask=255.255.0.0 –onboot=on

# System bootloader configuration

bootloader –append=”selinux=0″ –location=mbr

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart –all –initlabel

# Disk partitioning information

part /boot –fstype=”ext4″ –size=500

part / –fstype=”ext4″ –size=20480

part swap –fstype=”swap” –size=1024

 

%post

mkdir /etc/yum.repods.d/bak

mv /etc/yum.repos.d/Cen* /etc/yum.repos.d/bak

cat > /etc/yum.repos.d/base.repo << EOF

[base]

name=base

baseurl=http://172.20.0.1/centos/6

gpgcheck=0

EOF

useradd wang

echo 123456 | passwd –stdin wang

%end

 

%packages

@base

@core

@server-policy

@workstation-policy

 

@base

 

%end

[root@centos6 ~]#service httpd start

Starting httpd: httpd: apr_sockaddr_info_get() failed for centos6.localdomain

httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName

[  OK  ]

[root@centos6 ~]#ls /var/www/html

index.html

[root@centos6 ~]#mv ks6_mini.cfg  /var/www/html/

在网页中打开

http://172.20.102.175/ks6_mini.cfg

entos7安装完成后的选择

 

 

系统安装

 指明kickstart文件的位置: ks=

DVD drive: ks=cdrom:/ PATH/TO/KICKSTART_FILE

Hard drive: ks=hd:device:/directory/ KICKSTART_FILE

HTTP server: ks=http://host:port/path/to/ KICKSTART_FILE

FTP server: ks=ftp://host:port/path/to/ KICKSTART_FILE

HTTPS server: ks=https://host:port/path/to/ KICKSTART_FILE

NFS server:ks=nfs:host :/ path/to/ KICKSTART_FILE

 启动紧急救援模式:

rescue

 官方文档:《Installation Guide》

kickstart文件的格式

 命令段:指明各种安装前配置,如键盘类型等

 程序包段:指明要安装的程序包组或程序包,不安装的程序包等

%packages

@group_name

package

-package

%end

 脚本段:

%pre: 安装前脚本

运行环境:运行于安装介质上的微型Linux环境

%post: 安装后脚本

运行环境:安装完成的系统

kickstart文件的格式

 命令段中的命令:

 必备命令

authconfig: 认证方式配置

authconfig –useshadow –passalgo=sha512

bootloader:bootloader的安装位置及相关配置

bootloader –location=mbr –driveorder=sda –

append=”crashkernel=auto rhgb quiet”

keyboard: 设定键盘类型

lang: 语言类型

part: 创建分区

rootpw: 指明root的密码

timezone: 时区

kickstart文件的格式

 可选命令

install OR upgrade

text: 文本安装界面

network

firewall

selinux

halt

poweroff

reboot

repo

user:安装完成后为系统创建新用户

url: 指明安装源

key –skip 跳过安装号码,适用于rhel版本

kickstart文件创建

创建kickstart文件的方式

 直接手动编辑

依据某模板修改

 可使用创建工具:system-config-kickstart

依据某模板修改并生成新配置

/root/anaconda-ks.cfg

检查ks文件的语法错误:ksvalidator

ksvalidator /PATH/TO/KICKSTART_FILE

 

[root@centos6 ~]#ksvalidator /var/www/html/ks6_mini.cfg

File uses a deprecated option or command.

 

%packages does not end with %end.  This syntax has been deprecated.  It may be removed from future releases, which will result in a fatal error from kickstart.  Please modify your kickstart file to use this updated syntax.

 

想要修改文件可以在图形工具中输入system-config-kickstart

open file中找到之前生成的文件继续修改

 

在centos7上

[root@CENTOS7 ~]#system-config-kickstart 打开kickstart

发现包选项中没有包文件

解决办法:

修改/etc/yum.repos.d/cdrom.repo

 

[root@CENTOS7 yum.repos.d]#vim cdrom.repo

[base]              将base换成development

name=cdrom

baseurl=file:///misc/cd

gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-CentOS-7

 

[epel]

name=epel

baseurl=https://mirrors.aliyun.com/epel/7/x86_64/

gpgcheck=0

enabled=1

换成development后就好用了

root@centos6 html]#vim ks7_desktop.cfg

#version=DEVEL

# System authorization information

auth –enableshadow –passalgo=sha512

# Use CDROM installation media

url –url=”http://172.20.0.1/centos/7″

# Use graphical install

text

# Run the Setup Agent on first boot

firstboot –enable

ignoredisk –only-use=sda

# Keyboard layouts

keyboard –vckeymap=us –xlayouts=’us’

# System language

lang en_US.UTF-8

 

# Network information

network  –bootproto=dhcp –device=ens33 –onboot=on –ipv6=auto –activate

network  –hostname=CENTOS7.localdomain

 

# Root password

rootpw –iscrypted $6$s0muD70.E8JMzCGm$i1HesyCYdDcGxvrCDBHOgONe4mteYkizewl12iwxveVdq9TyGP.34c.6gagz0m46fR0Fc5tUz72EptcQ3sljf0

# System services

services –disabled=”chronyd”

# System timezone

timezone Asia/Shanghai –isUtc –nontp

user –name=wang –password=$6$h//NLnKbS9hhBfPr$r5ER6UNXVR9QlLorxZKT6jI5xX5Z4CwThVs3uLBfOtG7AOjI8xvVxm1ssfKwtYCDmKYipULOvw25f.3iyLy6l1 –iscrypted –gecos=”wang”

# X Window System configuration information

xconfig  –startxonboot

# System bootloader configuration

bootloader –append=” crashkernel=auto” –location=mbr –boot-drive=sda

# Partition clearing information

reboot

zerombr

clearpart –all –initlabel

# Disk partitioning information

part swap –fstype=”swap” –ondisk=sda –size=2048

part /boot –fstype=”xfs” –ondisk=sda –size=1024

part / –fstype=”xfs” –ondisk=sda –size=51200

part /data –fstype=”xfs” –ondisk=sda –size=30720

%packages

@^graphical-server-environment

@base

@core

@desktop-debugging

@dial-up

@fonts

@gnome-desktop

@guest-agents

@guest-desktop-agents

@hardware-monitoring

@input-methods

@internet-browser

@multimedia

@print-client

@x11

kexec-tools

 

%end

%addon com_redhat_kdump –enable –reserve-mb=’auto’

 

%end

 

%anaconda

pwpolicy root –minlen=6 –minquality=1 –notstrict –nochanges –notempty

pwpolicy user –minlen=6 –minquality=1 –notstrict –nochanges –emptyok

pwpolicy luks –minlen=6 –minquality=1 –notstrict –nochanges –notempty

%end

 

%post mkdir /etc/yum.repods.d/bak mv /etc/yum.repos.d/Cen* /etc/yum.repos.d/bak cat > /etc/yum.repos.d/base.repo << EOF

[base]

name=base

baseurl=http://172.20.0.1/centos/7

gpgcheck=0

EOF

useradd wang

echo 123456 | passwd –stdin wang

systemctl set-default multi-user.target

 

%end

将这个文件放到centos6的/var/www/html/下

改一下权限

chmod 644 ks7_desktop.cfg

网页中可以打开

centos7上的自动安装命令

 

 

系统光盘中isolinux目录列表

isolinux.bin:光盘引导程序,在mkisofs的选项中需要明确给出文件路径,这个

文件属于SYSLINUX项目

isolinux.cfg:isolinux.bin的配置文件,当光盘启动后(即运行isolinux.bin),

会自动去找isolinux.cfg文件

vesamenu.c32:是光盘启动后的安装图形界面,也属于SYSLINUX项目,

menu.c32版本是纯文本的菜单

Memtest:内存检测,这是一个独立的程序

splash.jgp:光盘启动界面的背景图

vmlinuz是内核映像

initrd.img是ramfs (先cpio,再gzip压缩)

 

制作一个启动光盘(将应答文件烧到光盘中)但是不包含安装包

[root@centos6 ~]#cd /data/nn

[root@centos6 nn]#mkdir myiso

 

[root@centos6 nn]#cp -r /misc/cd/isolinux/ /data/nn/myiso/

[root@centos6 nn]#tree

.

└── myiso

└── isolinux

├── boot.cat

├── boot.msg

├── grub.conf

├── initrd.img

├── isolinux.bin

├── isolinux.cfg

├── memtest

├── splash.jpg

├── TRANS.TBL

├── vesamenu.c32

└── vmlinuz

 

2 directories, 11 files

 

[root@centos6 nn]#mkdir /data/nn/myiso/ksdir

[root@centos6 nn]#cp /var/www/html/ks6_mini.cfg /data/nn/myiso/ksdir/

[root@centos6 nn]#ls /data/nn/myiso/ksdir

ks6_mini.cfg

[root@centos6 nn]#cp /var/www/html/ks6_mini.cfg /data/nn/myiso/ksdir/ks6_deskop.cfg

[root@centos6 nn]#ls /data/nn/myiso/ksdir

ks6_deskop.cfg  ks6_mini.cfg

[root@centos6 myiso]#cd isolinux

[root@centos6 isolinux]#ls

boot.cat  grub.conf   isolinux.bin  memtest     TRANS.TBL     vmlinuz

boot.msg  initrd.img  isolinux.cfg  splash.jpg  vesamenu.c32

 

 

[root@centos6 isolinux]#vim isolinux.cfg

 

default vesamenu.c32

#prompt 1

timeout 600

 

display boot.msg

 

menu background splash.jpg

menu title Welcome to CentOS 6.9!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

 

default vesamenu.c32

#prompt 1

timeout 600

 

display boot.msg

 

menu background splash.jpg

menu title Welcome to CentOS 6.9!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

 

label desktop

menu label Install an ^desktop system

kernel vmlinuz

append initrd=initrd.img ks=cdrom:ksdir/ks_6desktop.cfg

label mini

menu label Install a ^mini system

kernel vmlinuz

append initrd=initrd.img ks=cdrom:ksdir/ks6_mini.cfg

label local

menu default

menu label Boot from ^local drive

localboot 0xffff

 

[root@centos6 ksdir]#mkisofs -R -J -T -v –no-emul-boot –boot-load-size 4 –boot-info-table -V “CentOS 6.9 x86_64 boot” -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/boot.iso /data/myiso/

I: -input-charset not specified, using utf-8 (detected in locale settings)

genisoimage 1.1.9 (Linux)

Scanning /data/myiso/

Scanning /data/myiso/ksdir

Scanning /data/myiso/isolinux

Excluded by match: /data/myiso/isolinux/boot.cat

Excluded: /data/myiso/isolinux/TRANS.TBL

Writing:   Initial Padblock                        Start Block 0

Done with: Initial Padblock                        Block(s)    16

Writing:   Primary Volume Descriptor               Start Block 16

Done with: Primary Volume Descriptor               Block(s)    1

Writing:   Eltorito Volume Descriptor              Start Block 17

Size of boot image is 4 sectors -> No emulation

Done with: Eltorito Volume Descriptor              Block(s)    1

Writing:   Joliet Volume Descriptor                Start Block 18

Done with: Joliet Volume Descriptor                Block(s)    1

Writing:   End Volume Descriptor                   Start Block 19

Done with: End Volume Descriptor                   Block(s)    1

Writing:   Version block                           Start Block 20

Done with: Version block                           Block(s)    1

Writing:   Path table                              Start Block 21

Done with: Path table                              Block(s)    4

Writing:   Joliet path table                       Start Block 25

Done with: Joliet path table                       Block(s)    4

Writing:   Directory tree                          Start Block 29

Done with: Directory tree                          Block(s)    3

Writing:   Joliet directory tree                   Start Block 32

Done with: Joliet directory tree                   Block(s)    3

Writing:   Directory tree cleanup                  Start Block 35

Done with: Directory tree cleanup                  Block(s)    0

Writing:   Extension record                        Start Block 35

Done with: Extension record                        Block(s)    1

Writing:   The File(s)                             Start Block 36

21.95% done, estimate finish Thu May 24 19:36:01 2018

43.80% done, estimate finish Thu May 24 19:36:01 2018

65.72% done, estimate finish Thu May 24 19:36:01 2018

87.57% done, estimate finish Thu May 24 19:36:01 2018

Total translation table size: 5150

Total rockridge attributes bytes: 1822

Total directory bytes: 4698

Path table size(bytes): 40

Done with: The File(s)                             Block(s)    22661

Writing:   Ending Padblock                         Start Block 22697

Done with: Ending Padblock                         Block(s)    150

Max brk space used 1a000

22847 extents written (44 MB)

[root@centos6 ~]#ll boot.iso

-rw-r–r– 1 root root 46790656 May 24 19:36 boot.iso

 

 

制作引导光盘和U盘

创建引导光盘:

mkdir –pv /app/myiso

cp -r /misc/cd/isolinux/ /app/myiso/

vim /app/myiso/isolinux/isolinux.cfg

initrd=initrd.img text ks=cdrom:/myks.cfg

cp /root/myks.cfg /app/myiso/

[root@centos6 ksdir]#mkisofs -R -J -T -v –no-emul-boot –boot-load-size 4 –boot-info-table -V “CentOS 6.9 x86_64 boot” -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/boot.iso /data/myiso/

 

注意:以上相对路径都是相对于光盘的根,和工作目录无关

创建U盘启动盘

dd if=/dev/sr0 of=/dev/sdb

 

mkisofs选项

-o 指定映像文件的名称。

-b 指定在制作可开机光盘时所需的开机映像文件。

-c 制作可开机光盘时,会将开机映像文件中的 no-eltorito-catalog 全部内容

作成一个文件。

-no-emul-boot 非模拟模式启动。

-boot-load-size 4 设置载入部分的数量

-boot-info-table 在启动的图像中现实信息

-R 或 -rock 使用 Rock RidgeExtensions

-J 或 -joliet 使用 Joliet 格式的目录与文件名称

-v 或 -verbose 执行时显示详细的信息

-T 或 -translation-table 建立文件名的转换表,适用于不支持 Rock Ridge

Extensions 的系统上

 

将写好的boot.ios刻录硬盘

[root@centos6 ~]#echo “- – -” > /sys/class/scsi_host/host2/scan

[root@CENTOS7 ~]#yum install syslinux    安装syslinux

/usr/bin/isohybrid boot.iso    转换一下格式然后在刻录硬盘就可以了

 

[root@centos6 ~]#dd if=boot.iso of=/dev/sdd

91388+0 records in

91388+0 records out

46790656 bytes (47 MB) copied, 1.82669 s, 25.6 MB/s

将移动硬盘摘下插在别的机器上重新启动

进入

 

调节哪块硬盘作为系统启动盘

进入boot

 

制作一个完整的光盘

[root@centos6 ~]#cd /data

[root@centos6 data]#ls

beifen       dd  f2  fstab       loop8       mbr_bak  myiso  passwd  sdb1  sdb3        src       TRANS.TBL

cmd_copy.sh  f1  f3  install.sh  mbr_backup  mm       nn     raid    sdb2  splash.xpm  sshd.log

[root@centos6 data]#cd myiso

[root@centos6 myiso]#ls

isolinux  ksdir

[root@centos6 myiso]#cd isolinux

[root@centos6 isolinux]#ls

boot.cat  grub.conf   isolinux.bin  memtest     TRANS.TBL     vmlinuz

boot.msg  initrd.img  isolinux.cfg  splash.jpg  vesamenu.c32

[root@centos6 isolinux]#mv isolinux.cfg /root

[root@centos6 isolinux]#rm -f *

[root@centos6 isolinux]#ls

[root@centos6 isolinux]#

[root@centos6 data]#rm -rf myiso

[root@centos6 ~]#cp -rv /misc/cd/ /data/myiso

[root@centos6 myiso]#cp -r /root/ksdir/ /data/myiso/

[root@centos6 myiso]#ls

CentOS_BuildTag  EFI  EULA  GPL  images  isolinux  ksdir  Packages

挂第二张光盘

[root@centos6 ~]#cp -rv /misc/cd/* /data/myiso/

cp: overwrite `/data/myiso/CentOS_BuildTag’?

[root@centos6 ~]#cd /data

[root@centos6 data]#cd myiso

[root@centos6 myiso]#ls

CentOS_BuildTag  GPL       ksdir                     repodata                    RPM-GPG-KEY-CentOS-Security-6

EFI              images    Packages                  RPM-GPG-KEY-CentOS-6        RPM-GPG-KEY-CentOS-Testing-6

EULA             isolinux  RELEASE-NOTES-en-US.html  RPM-GPG-KEY-CentOS-Debug-6  TRANS.TBL

[root@centos6 myiso]#cd repodata/

[root@centos6 repodata]#ls

1cde788f77b08a7eb3dfdba12fa384a5f0214147a717a1e2d4504368037fba90-c6-x86_64-comps.xml.gz

43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml      记录包组的分组信息

[root@centos6 repodata]#cp 43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml /root

[root@centos6 repodata]#rm -rf *

[root@centos6 repodata]#ls

 

[root@centos6 repodata]#cp /root/43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml .

[root@centos6 repodata]#ls

43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml

[root@centos6 repodata]#cd ..

[root@centos6 myiso]#createrepo -g repodata/43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml .

Spawning worker 0 with 6706 pkgs

Workers Finished

Gathering worker results

 

Saving Primary metadata

Saving file lists metadata

Saving other metadata

Generating sqlite DBs

Sqlite DBs complete

 

找到并删除多有/TRANS.TBL(这个文件跟制作光盘有关)

[root@centos6 myiso]#find -name TRANS.TBL

./Packages/TRANS.TBL

./EFI/TRANS.TBL

./EFI/BOOT/TRANS.TBL

./TRANS.TBL

./isolinux/TRANS.TBL

./images/pxeboot/TRANS.TBL

./images/TRANS.TBL

[root@centos6 myiso]#find -name TRANS.TBL -exec rm {} \;

[root@centos6 myiso]#find -name TRANS.TBL

[root@centos6 myiso]#

[root@centos6 myiso]#vim ksdir/ks6_mini.cfg

url –url=”http://172.20.0.1/centos/6″ 改成cdrom

[root@centos6 myiso]#cd isolinux/

[root@centos6 isolinux]#ls

boot.cat  boot.msg  grub.conf  initrd.img  isolinux.bin  isolinux.cfg  memtest  splash.jpg  vesamenu.c32  vmlinuz

[root@centos6 isolinux]#cp /root/isolinux.cfg .

cp: overwrite `./isolinux.cfg’? y

mkisofs -R -J -T -v –no-emul-boot –boot-load-size 4 –boot-info-table -V “CentOS 6.9 x86_64 boot” -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/boot.iso /data/myiso/

 

DHCP服务

网络配置

静态指定

动态获取: bootp:boot protocol MAC与IP一一静态对应   ip与MAC绑定导致即使不开机ip也无法给别的,机器使用,早期用于无盘工作站

dhcp:增强的bootp,动态169.254.x.x

DHCP: (Dynamic Host Configuration Protocol) 在windows上如果网络中没有dhcp服务器而网络又写成自动获取会获得一个特殊的IP地址:

 动态主机配置协议

 局域网协议,UDP协议

主要用途:

 用于内部网络和网络服务供应商自动分配IP地址给用户

 用于内部网络管理员作为对所有电脑作集中管理的手段

使用场景

 自动化安装系统

 解决IPV4资源不足问题

 

 

DHCP服务

 DHCP共有八种报文

 DHCP DISCOVER:客户端到服务器

 DHCP OFFER :服务器到客户端

 DHCP REQUEST:客户端到服务器

 DHCP ACK :服务器到客户端

 DHCP NAK:服务器到客户端,通知用户无法分配合适的IP

地址

 DHCP DECLINE :客户端到服务器,指示地址已被使用

 DHCP RELEASE:客户端到服务器,放弃网络地址和取消

剩余的租约时间

 DHCP INFORM:客户端到服务器, 客户端如果需要从DHCP

服务器端获取更为详细的配置信息,则发送Inform报文向

服务器进行请求,极少用到

断开eth1和eth0

[root@centos6 network-scripts]#vim ifcfg-eth0   将eth0改成自动获取

 

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=dhcp

☐ IPADDR=192.168.30.102

PREFIX=24

GATEWAY=172.20.0.1

service network restart

连接eth0

dhclient -d 查看dhcp获取过程

cd /var/lib/dhclient

[root@centos6 dhclient]#cat dhclient.leases

lease {

interface “eth0”;

fixed-address 192.168.30.104;

option subnet-mask 255.255.255.0;

option dhcp-lease-time 1800;

option dhcp-message-type 5;

option domain-name-servers 192.168.30.1;

option dhcp-server-identifier 192.168.30.254;

option broadcast-address 192.168.30.255;

option domain-name “localdomain”;

renew 4 2018/05/24 13:30:33;

rebind 4 2018/05/24 13:42:01;

expire 4 2018/05/24 13:45:46;

}

lease {

interface “eth0”;

fixed-address 192.168.30.104;

option subnet-mask 255.255.255.0;

option dhcp-lease-time 1800;

option dhcp-message-type 5;

option domain-name-servers 192.168.30.1;

option dhcp-server-identifier 192.168.30.254;

option broadcast-address 192.168.30.255;

option domain-name “localdomain”;

renew 4 2018/05/24 13:44:28;

rebind 4 2018/05/24 13:56:48;

expire 4 2018/05/24 14:00:33;

}

 

 

 

 

 

DHCP服务

续租

50% :租赁时间达到50%时来续租,刚向DHCP服务器发向新的DHCPREQUEST

请求。如果dhcp服务没有拒绝的理由,则回应DHCPACK信息。当DHCP客户端

收到该应答信息后,就重新开始新的租用周期

87.5%:如果之前DHCP Server没有回应续租请求,等到租约期的7/8时,主机

会再发送一次广播请求

 

[root@CENTOS7 ~]#dhclient -d    强制获取了dhcp地址

Internet Systems Consortium DHCP Client 4.2.5

Copyright 2004-2013 Internet Systems Consortium.

All rights reserved.

For info, please visit https://www.isc.org/software/dhcp/

 

Listening on LPF/eth1/00:0c:29:45:bf:1e

Sending on   LPF/eth1/00:0c:29:45:bf:1e

Listening on LPF/eth0/00:0c:29:45:bf:14

Sending on   LPF/eth0/00:0c:29:45:bf:14

Sending on   Socket/fallback

DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 3 (xid=0x49fd92e7)

DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5 (xid=0x1c8bd5e3)

DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 8 (xid=0x49fd92e7)

DHCPREQUEST on eth1 to 255.255.255.255 port 67 (xid=0x49fd92e7)

DHCPOFFER from 172.20.0.1

DHCPACK from 172.20.0.1 (xid=0x49fd92e7)

bound to 172.20.113.7 — renewal in 37306 seconds.

DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13 (xid=0x1c8bd5e3)

DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x1c8bd5e3)

DHCPOFFER from 192.168.30.254

DHCPACK from 192.168.30.254 (xid=0x1c8bd5e3)

bound to 192.168.30.109 — renewal in 683 seconds.

^C

[root@CENTOS7 ~]#ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:45:bf:14 brd ff:ff:ff:ff:ff:ff

inet 192.168.30.101/24 brd 192.168.30.255 scope global dynamic eth0

valid_lft 1183sec preferred_lft 1183sec

inet 192.168.30.109/24 brd 192.168.30.255 scope global secondary dynamic eth0

valid_lft 1783sec preferred_lft 1783sec

inet6 fe80::f620:6ab3:e2e5:44/64 scope link

valid_lft forever preferred_lft forever

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:45:bf:1e brd ff:ff:ff:ff:ff:ff

inet 172.20.109.255/16 brd 172.20.255.255 scope global dynamic eth1

valid_lft 48149sec preferred_lft 48149sec

inet 172.20.113.7/16 brd 172.20.255.255 scope global secondary dynamic eth1

valid_lft 86379sec preferred_lft 86379sec

inet6 fe80::1ac:8bc5:45a2:ba5c/64 scope link

valid_lft forever preferred_lft forever

如果dhcp的租期是一天,但是电脑在租期到期前移动到了别的网段,那么会释放这个ip并获得新的ip地址

 

在windows上可以用命令ipconfig/renew(release)来获得和释放地址

用ifconfig/all查看地址详情。

 

DHCP服务简介

同网段多DHCP服务

 DHCP服务必须基于本地

 先到先得的原则

相关协议

 Arp

 rarp

跨网段

 RFC 1542 Compliant Routers

 dhcrelay: 中继

 

dhcp客户端端口是68,服务器端口是67

跨网段dhcp如何获得地址

1.RFC 1542 Compliant Routers(特殊的路由器只允许dhcp的广播通过)

2.启动代理服务,代理服务器提前知道dhcp服务器的地址,收集主机发来的dhcp请求,然后转发个dhcp服务器,得到地址后再发给主机

3.在路由器上启动代理功能,在同一网段的路由器上开起中级代理的功能

 

DHCP实现

Linux DHCP协议的实现程序:dhcp, dnsmasq(dhcp,dns)简化版的小工具包含简单的dhcp和dns

Dhcp Server

/usr/sbin/dhcpd

/etc/dhcp/dhcpd.conf –> /etc/rc.d/init.d/dhcpd

/etc/dhcp/dhcpd6.conf–> /etc/rc.d/init.d/dhcpd6

/usr/sbin/dhcrelay

/etc/rc.d/init.d/dhcrelay

dhcp server:67/udp

dhcp client: 68/udp

dhcpv6 client:546/udp

Dhcp client

dhclient

自动获取的IP信息:  /var/lib/dhclient

DHCP服务器(大部分服务器都是)是一个静态地址

 

关闭仅主机的dhcp

 

dhcp服务器如果服务器的地址是192.168.30.101/24那么服务器无法给客户机分配跨网段的地址如6.6.6.6/24

配置服务的流程:

步骤

0:selinux,iptables

1 安装包

2 启服务

3 修改配置文件;reload,restart

4 测试

[root@CENTOS7 ~]#getenforce

Disabled

[root@CENTOS7 ~]#iptables -vnL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target     prot opt in     out     source               destination

 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target     prot opt in     out     source               destination

 

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target     prot opt in     out     source               destination

 

[root@CENTOS7 ~]#yum install dhcp

 

[root@CENTOS7 ~]#rpm -ql dhcp

/etc/NetworkManager

/etc/NetworkManager/dispatcher.d

/etc/NetworkManager/dispatcher.d/12-dhcpd

/etc/dhcp/dhcpd.conf     主配置文件

/etc/dhcp/dhcpd6.conf

/etc/dhcp/scripts

/etc/dhcp/scripts/README.scripts

/etc/openldap/schema/dhcp.schema

/etc/sysconfig/dhcpd

/usr/bin/omshell

/usr/lib/systemd/system/dhcpd.service      服务

/usr/lib/systemd/system/dhcpd6.service

/usr/lib/systemd/system/dhcrelay.service

/usr/sbin/dhcpd                          主程序

/usr/sbin/dhcrelay

/usr/share/doc/dhcp-4.2.5

/usr/share/doc/dhcp-4.2.5/dhcpd.conf.example

/usr/share/doc/dhcp-4.2.5/dhcpd6.conf.example

/usr/share/doc/dhcp-4.2.5/ldap

/usr/share/doc/dhcp-4.2.5/ldap/README.ldap

/usr/share/doc/dhcp-4.2.5/ldap/dhcp.schema

/usr/share/doc/dhcp-4.2.5/ldap/dhcpd-conf-to-ldap

/usr/share/man/man1/omshell.1.gz

/usr/share/man/man5/dhcpd.conf.5.gz

/usr/share/man/man5/dhcpd.leases.5.gz

/usr/share/man/man8/dhcpd.8.gz

/usr/share/man/man8/dhcrelay.8.gz

/usr/share/systemtap/tapset/dhcpd.stp

/var/lib/dhcpd

/var/lib/dhcpd/dhcpd.leases     记录ip地址的发放情况

/var/lib/dhcpd/dhcpd6.leases

 

[root@CENTOS7 ~]#systemctl start dhcpd   无法直接启动

Job for dhcpd.service failed because the control process exited with error code. See “systemctl status dhcpd.service” and “journalctl -xe” for details.

无法启动的原因是配置文件不行。

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

#

# DHCP Server Configuration file.

#   see /usr/share/doc/dhcp*/dhcpd.conf.example

#   see dhcpd.conf(5) man page

#

[root@CENTOS7 ~]#cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

subnet 10.152.187.0 netmask 255.255.255.0 {

}

将上述行替换成

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

[root@CENTOS7 ~]#systemctl start dhcpd     启动失败因为其ip地址与分配的地址不在同一个网段

Job for dhcpd.service failed because the control process exited with error code. See “systemctl status dhcpd.service” and “journalctl -xe” for details.

subnet 10.152.187.0 netmask 255.255.255.0 {

将上述行替换成

subnet 192.168.30.0 netmask 255.255.255.0 {       这样就可以启动shcp服务了

}

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

这时从新启动centos6的网络服务是拿不到地址的因为光有网段但是没有范围

 

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

}

[root@CENTOS7 ~]#systemctl restart dhcpd

当将dhcp服务器内容修改成上述以后

[root@centos6 ~]#ifconfig     centos6的dhcp成功获取到地址

eth0      Link encap:Ethernet  HWaddr 00:0C:29:6B:0D:B3

inet addr:192.168.30.150  Bcast:192.168.30.255  Mask:255.255.255.0

inet6 addr: fe80::20c:29ff:fe6b:db3/64 Scope:Link

 

 

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

option domain-name “example.org”;

option domain-name-servers ns1.example.org, ns2.example.org;

 

default-lease-time 600;

max-lease-time 7200;

 

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

 

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

 

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

 

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

}

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

“/etc/dhcp/dhcpd.conf” 107L, 3366C written

[root@CENTOS7 ~]#systemctl restart dhcpd

[root@CENTOS7 ~]#ss -nutl

tid  State      Recv-Q Send-Q            Local Address:Port                           Peer Address:Port

▽dp    UNCONN     0      0                             *:56805                                     *:*

udp    UNCONN     0      0                             *:67                                        *:*

udp    UNCONN     0      0                             *:59594                                     *:*

udp    UNCONN     0      0                             *:5353                                      *:*

udp    UNCONN     0      0                     127.0.0.1:323                                       *:*

udp    UNCONN     0      0                            :::48650                                    :::*

udp    UNCONN     0      0                           ::1:323                                      :::*

tcp    LISTEN     0      128                           *:111                                       *:*

tcp    LISTEN     0      128                           *:22                                        *:*

tcp    LISTEN     0      128                   127.0.0.1:631                                       *:*

tcp    LISTEN     0      100                   127.0.0.1:25                                        *:*

tcp    LISTEN     0      128                          :::111                                      :::*

tcp    LISTEN     0      128                          :::22                                       :::*

tcp    LISTEN     0      128                         ::1:631                                      :::*

tcp    LISTEN     0      100                         ::1:25                                       :::*

 

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

# dhcpd.conf

#

# Sample configuration file for ISC dhcpd

#

 

# option definitions common to all supported networks…

option domain-name “example.org”;      域后缀

修改成option domain-name  “magedu.org”;

option domain-name-servers ns1.example.org, ns2.example.org;  地址解析(DNS)

应该写成option domain-name-servers 114.114.114.114,1.1.1.1;

default-lease-time 86400;      默认组期秒为单位

max-lease-time 100000;

 

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

 

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

 

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

 

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

option routers 192.168.30.1;

option domain-name-servers 8.8.8.8;

next-server 192.168.30.101;

filename “pxelinux.0”;

 

}

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

}

 

# This is a very basic subnet declaration.

 

subnet 10.254.239.0 netmask 255.255.255.224 {

range 10.254.239.10 10.254.239.20;

option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;

}

 

# This declaration allows BOOTP clients to get dynamic addresses,

# which we don’t really recommend.

 

subnet 10.254.239.32 netmask 255.255.255.224 {

range dynamic-bootp 10.254.239.40 10.254.239.60;

option broadcast-address 10.254.239.31;

option routers rtr-239-32-1.example.org;

}

 

# A slightly different configuration for an internal subnet.

subnet 10.5.5.0 netmask 255.255.255.224 {

range 10.5.5.26 10.5.5.30;

option domain-name-servers ns1.internal.example.org;

option domain-name “internal.example.org”;

option routers 10.5.5.1;

option broadcast-address 10.5.5.31;

default-lease-time 600;

max-lease-time 7200;

}

 

# Hosts which require special configuration options can be listed in

# host statements.   If no address is specified, the address will be

# allocated dynamically (if possible), but the host-specific information

# will still come from the host declaration.

 

host passacaglia {

hardware ethernet 0:0:c0:5d:bd:95;

filename “vmunix.passacaglia”;

server-name “toccata.fugue.com”;

}

 

# Fixed IP addresses can also be specified for hosts.   These addresses

# should not also be listed as being available for dynamic assignment.

# Hosts for which fixed IP addresses have been specified can boot using

# BOOTP or DHCP.   Hosts for which no fixed address is specified can only

# be booted with DHCP, unless there is an address range on the subnet

# to which a BOOTP client is connected which has the dynamic-bootp flag

# set.

host fantasia {

hardware ethernet 08:00:07:26:c0:a5;

fixed-address fantasia.fugue.com;

}

 

# You can declare a class of clients and then do address allocation

# based on that.   The example below shows a case where all clients

# in a certain class get addresses on the 10.17.224/24 subnet, and all

# other clients get addresses on the 10.0.29/24 subnet.

 

class “foo” {

match if substring (option vendor-class-identifier, 0, 4) = “SUNW”;

}

 

shared-network 224-29 {

subnet 10.17.224.0 netmask 255.255.255.0 {

option routers rtr-224.example.org;

}

subnet 10.0.29.0 netmask 255.255.255.0 {

option routers rtr-29.example.org;

}

pool {

allow members of “foo”;

range 10.17.224.10 10.17.224.250;

}

pool {

deny members of “foo”;

range 10.0.29.10 10.0.29.230;

}

}

 

[root@CENTOS7 ~]#cat /var/lib/dhcpd/dhcpd.leases

# The format of this file is documented in the dhcpd.leases(5) manual page.

# This lease file was written by isc-dhcp-4.2.5

 

lease 192.168.30.150 {

starts 6 2018/05/26 01:43:37;      记录的是格林尼治时间

ends 6 2018/05/26 04:30:17;

tstp 6 2018/05/26 04:30:17;

cltt 6 2018/05/26 01:43:37;

binding state active;

next binding state free;

rewind binding state free;

hardware ethernet 00:0c:29:6b:0d:b3;

client-hostname “centos6”;

}

server-duid “\000\001\000\001\”\233r\215\000\014)E\277\024”;

 

 

[root@centos6 ~]#cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search magedu.org

nameserver 114.114.114.114

nameserver 1.1.1.1

 

option domain-name “magedu.org”;

option domain-name-servers 114.114.114.114,1.1.1.1;

 

default-lease-time 86400;

max-lease-time 10000;

 

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

 

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

 

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

 

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

option routers 192.168.30.1;

option domain-name-servers 8.8.8.8;

当subnet里面和外面同时定义了DNS和网关的时候生效的是sebnet内定义的项

[root@centos6 ~]#cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search magedu.org

nameserver 8.8.8.8

绑定dhcp的ip地址

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

# to which a BOOTP client is connected which has the dynamic-bootp flag

# set.

host fantasia {

hardware ethernet 08:00:07:26:c0:a5;

fixed-address fantasia.fugue.com;

}

加入下面设置

host text {

hardware ethernet 00:0C:29:6B:0D:B3;

fixed-address 192.168.30.151;

option routers 192.168.30.123;

option domain-name-servers 223.5.5.5;

 

[root@centos6 ~]#route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.30.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0

0.0.0.0         192.168.30.123  0.0.0.0         UG    0      0        0 eth0

[root@centos6 ~]#cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search magedu.org

nameserver 223.5.5.5

注意:如果在/etc/dhcp/dhcpd.conf 和ifcfg-eth0中同时定义网关,则ifcfg-eth0生效,如果同时定义DNS,则都生效

 

DHCP配置文件

其它配置选项:

filename: 指明引导文件名称

next-server:提供引导文件的服务器IP地址:指定tftp service的地址从中尝试获得启动的引导文件

filename:pexlinux.0

想自动安装系统:

在/etc/dhcp/dhcpd.conf中

next-server 192.168.30.30;(tftp server的地址)

filename “pexlinux.0”;

示例:

filename “pxelinux.0”;

next-server 192.168.100.100;

检查语法

service dhcpd configtest

 

PXE介绍

PXE:

Preboot Excution Environment 预启动执行环境

Intel公司研发

基于Client/Server的网络模式,支持远程主机通过网络从远端服务器下载

映像,并由此支持通过网络启动操作系统

PXE可以引导和安装Windows,linux等多种操作系统

网卡支持PXE,网卡内置了tftp的客户端,可以直接访问tftp的服务器

 

PXE工作原理,自动安装系统原理及工具

 

 

PXE工作原理

 Client向PXE Server上的DHCP发送IP地址请求消息,DHCP检测Client是否合法(主要是检

测Client的网卡MAC地址),如果合法则返回Client的IP地址,同时将启动文件pxelinux.0的

位置信息一并传送给Client

 Client向PXE Server上的TFTP发送获取pxelinux.0请求消息,TFTP接收到消息之后再向Client

发送pxelinux.0大小信息,试探Client是否满意,当TFTP收到Client发回的同意大小信息之后,

正式向Client发送pxelinux.0

 Client执行接收到的pxelinux.0文件

 Client向TFTP Server发送针对本机的配置信息文件(在TFTP 服务的pxelinux.cfg目录下),

TFTP将配置文件发回Client,继而Client根据配置文件执行后续操作。

 Client向TFTP发送Linux内核请求信息,TFTP接收到消息之后将内核文件发送给Client

 Client向TFTP发送根文件请求信息,TFTP接收到消息之后返回Linux根文件系统

 Client启动Linux内核

 Client下载安装源文件,读取自动化安装脚本

 

PXE自动化安装CentOS 7

安装前准备:关闭防火墙和SELINUX,DHCP服务器静态IP

安装软件包

httpd tftp-server dhcp syslinux system-config-kickstart

配置文件共享服务:

systemctl enable httpd

systemctl start httpd

mkdir /var/www/html/centos/7

mount /dev/sr0 /var/www/html/centos/7

准备kickstart文件

/var/www/html/ks/centos7.cfg 注意:权限

配置tftp服务

systemctl enable tftp.socket

systemctl start tftp.socket

 

[root@CENTOS7 ~]#yum install tftp-server

[root@CENTOS7 ~]#systemctl start tftp.socket

[root@CENTOS7 ~]#ss -nutlpe

udp    UNCONN     0      0                            :::69                                       :::*                   users:((“systemd”,pid=1,fd=27)) ino:47535 sk:ffff88003f1404c0 v6only:0 <->

在centos+上安装客户端用于访问centos7的tftp server服务

[root@centos6 ~]#yum install tftp

 

[root@CENTOS7 ~]#cd /var/lib/tftpboot

[root@CENTOS7 tftpboot]#ls

[root@CENTOS7 tftpboot]#cp /etc/fstab .

[root@CENTOS7 tftpboot]#ls

fstab

 

 

[root@centos6 ~]#tftp 192.168.30.101

tftp> get fstab

tftp> quit

[root@centos6 ~]#ll

-rw-r–r–  1 root root        595 May 26 11:41 fstab

 

在centos7上也可以用chetos6的方法启动tftp

[root@CENTOS7 ~]#cd /etc/xinetd.d/

[root@CENTOS7 xinetd.d]#ls

tftp

[root@CENTOS7 xinetd.d]#cat tftp

# default: off

# description: The tftp server serves files using the trivial file transfer \

# protocol.  The tftp protocol is often used to boot diskless \

# workstations, download configuration files to network-aware printers, \

# and to start the installation process for some operating systems.

service tftp

{

socket_type  = dgram

protocol  = udp

wait   = yes

user   = root

server   = /usr/sbin/in.tftpd

server_args  = -s /var/lib/tftpboot

disable   = yes    将yes改成no则可以用centos6的方法启动tftp

per_source  = 11

cps   = 100 2

flags   = IPv4

}

配置自动安装系统所需要的文件

1.yum源

[root@CENTOS7 html]#vim /etc/fstab

 

#

# /etc/fstab

# Created by anaconda on Tue Mar 27 17:53:47 2018

#

# Accessible filesystems, by reference, are maintained under ‘/dev/disk’

# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

#

UUID=0a1bc23e-06e5-4210-9b32-0edbff09ca1a /                       xfs     defaults        0 0

UUID=4d8d9214-eeed-4758-8c34-f05492b9ea73 /boot                   xfs     defaults        0 0

UUID=fb669d84-551f-4a70-a11e-f61deec0fd86 /data                   xfs     defaults        0 0

UUID=906330a5-2af1-4bf4-8b2d-9337eaf92250 swap                    swap    defaults        0 0

/dev/sr0           /var/www/html/centos7   iso9660    defaults 0 0

2.准备应答文件

[root@CENTOS7 html]#mkdir ksdir{6,7}

[root@CENTOS7 html]#ls

centos6  centos7  index.html  ksdir6  ksdir7

[root@CENTOS7 html]#cd ksdir7

[root@CENTOS7 ksdir7]#cp /root/anaconda-ks.cfg .

[root@CENTOS7 ksdir7]#ls

anaconda-ks.cfg

[root@CENTOS7 ksdir7]#ll

total 4

-rw——- 1 root root 1896 May 26 13:15 anaconda-ks.cfg

[root@CENTOS7 ksdir7]#chmod 644 anaconda-ks.cfg

[root@CENTOS7 ksdir7]#ll

total 4

-rw-r–r– 1 root root 1896 May 26 13:15 anaconda-ks.cfg

 

[root@CENTOS7 ksdir7]#mv anaconda-ks.cfg ks7_desktop.cfg

[root@CENTOS7 ksdir7]#ls

ks7_desktop.cfg

ssh-keygen

ssh-copy-id 192.168.30.101

[root@CENTOS7 ksdir7]#vim ks7_desktop.cfg

auth –enableshadow –passalgo=sha512

# Use CDROM installation media

url –url=http://192.168.30.101/centos7/

# Use graphical install

firstboot –enable

ignoredisk –only-use=sda

# Keyboard layouts

keyboard –vckeymap=us –xlayouts=’us’

# System language

lang en_US.UTF-8

 

# Network information

network  –bootproto=dhcp –device=ens33 –onboot=on –ipv6=auto –activate

network  –hostname=CENTOS7.localdomain

 

# Root password

# System services

services –disabled=”chronyd”

# System timezone

timezone Asia/Shanghai –isUtc –nontp

# X Window System configuration information

xconfig  –startxonboot

# System bootloader configuration

bootloader –append=” crashkernel=auto” –location=mbr –boot-drive=sda

# Partition clearing information

reboot

zerombr

clearpart –none –initlabel

# Disk partitioning information

part swap –fstype=”swap” –ondisk=sda –size=2048

part /boot –fstype=”xfs” –ondisk=sda –size=1024

part / –fstype=”xfs” –ondisk=sda –size=51200

part /data –fstype=”xfs” –ondisk=sda –size=30720

 

%packages

@base

@core

@fonts

@gnome-desktop

@guest-agents

@guest-desktop-agents

@print-client

%addon com_redhat_kdump –enable –reserve-mb=’auto’

 

%end

 

%anaconda

pwpolicy root –minlen=6 –minquality=1 –notstrict –nochanges –notempty

pwpolicy user –minlen=6 –minquality=1 –notstrict –nochanges –emptyok

pwpolicy luks –minlen=6 –minquality=1 –notstrict –nochanges –notempty

%end

 

%post

systemctl enable autofs          开机自动启动autos

systemctl disable initial-setup-grahpical.service  禁止centos7安装后的选择选项

systemctl set-default multi-user.target    开机进入字符界面

mkdir /root/.ssh

cat > /root/.ssh/authorized_keys << EOF

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcDS4PDn7SCKmFuKdchkwP3AZOm0srbvQDo38y+CXHV+AD3SOiyWgfaj1Hr+FJXsFLGNG3Xfjjmxqe9cQtGYtmvKpiV95fpPKBE6u9qERHAvuBL+jbMRL99WG+8FrZ3GEr0oi9YxSG9VHWxZO8vBMwBUniFEq+lgVwdkAZk2AvZSiBtMebQqOp5cH0hxvJu3BFXdhTsLKMffKSJ62ewADOS+n0O+4olom87i3PLJgq33Gwc+86JM1M+FD7UxWCUu8Ead7Xb2C6ZM6V6pc3vtV5/9/6OkNc8dvvIl3LzfytFKAH7KSvyIuU2CYFkbk9q3giJ/fEDu0W6cz26DhrjJBr root@CENTOS7.localdomain

 

EOF

rm -rf /etc/yum.repos.d/*

cat > /etc/yum.repos.d/base.repo << EOF

[base]

name=base

baseurl=file:///misc/cd

gegcheck=0

EOF

 

%end

 

[root@CENTOS7 ksdir7]#ksvalidator ks7_desktop.cfg

 

[root@CENTOS7 ~]#cd /var/lin/tftpboot

 

[root@CENTOS7 tftpboot]#mkdir pxelinux.cfg

[root@CENTOS7 tftpboot]#ls

pxelinux.cfg

 

这个pxelinux.0文件来自syslinux这个包

 

[root@CENTOS7 tftpboot]#rpm -ql syslinux | grep pxelinux.0

/usr/share/syslinux/gpxelinux.0

/usr/share/syslinux/pxelinux.0

 

[root@CENTOS7 tftpboot]#cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

[root@CENTOS7 tftpboot]#ls

pxelinux.0  pxelinux.cfg

 

 

[root@CENTOS7 tftpboot]#ls /misc/cd/isolinux

boot.cat  grub.conf   isolinux.bin  memtest     TRANS.TBL     vmlinuz

boot.msg  initrd.img  isolinux.cfg  splash.png  vesamenu.c32   (启动菜单背景)

 

[root@CENTOS7 tftpboot]#cp /misc/cd/isolinux/vesamenu.c32 /var/lib/tftpboot/

[root@CENTOS7 tftpboot]#ls

pxelinux.0  pxelinux.cfg  vesamenu.c32

[root@CENTOS7 tftpboot]#tree

.

├── pxelinux.0

├── pxelinux.cfg

└── vesamenu.c32

 

1 directory, 2 files

 

[root@CENTOS7 tftpboot]#cp /misc/cd/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/

[root@CENTOS7 tftpboot]#ls

initrd.img  pxelinux.0  pxelinux.cfg  vesamenu.c32  vmlinuz

[root@CENTOS7 tftpboot]#tree

.

├── initrd.img

├── pxelinux.0

├── pxelinux.cfg

├── vesamenu.c32

└── vmlinuz

 

1 directory, 4 files

 

[root@CENTOS7 tftpboot]#cp /misc/cd/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

 

[root@CENTOS7 tftpboot]#tree

.

├── initrd.img

├── pxelinux.0

├── pxelinux.cfg

│   └── default

├── vesamenu.c32

└── vmlinuz

 

[root@CENTOS7 tftpboot]#vim pxelinux.cfg/default

default vesamenu.c32

timeout 600

 

menu titel Auto Install Centos

 

label desktop

menu label ^Install desjtop CentOS 7

kernel vmlinuz

append initrd=initrd.img ks=http://192.168.30.101/ksdir7/ks7_desktop.cfg

 

label mini

menu label install ^mini CentOS 7

kernel vmlinuz

append initrd=initrd.img ks=http://192.168.30.101/ksdir7/ks7_mini.cfg

 

label local

menu default

menu label Boot from ^local drive

localboot 0xffff

 

menu end

 

在centos6上实现自动化安装系统

[root@centos6 ~]#yum install httpd tftp-server dhcp syslinux

[root@centos6 ~]#chkconfig httpd on

[root@centos6 ~]#chkconfig tftp on

[root@centos6 ~]#chkconfig dhcpd on

[root@centos6 ~]#service httpd start

Starting httpd: httpd: apr_sockaddr_info_get() failed for centos6.localdomain

httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName

[  OK  ]

 

[root@centos6 ~]#service xinetd restart

Stopping xinetd:                                           [  OK  ]

Starting xinetd:                                           [  OK  ]

 

[root@centos6 ~]#rpm -ql dhcp

/usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample

 

[root@centos6 ~]#cat /etc/dhcp/dhcpd.conf

#

# DHCP Server Configuration file.

#   see /usr/share/doc/dhcp*/dhcpd.conf.sample

#   see ‘man 5 dhcpd.conf’

#

[root@centos6 ~]#cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

cp: overwrite `/etc/dhcp/dhcpd.conf’? yes

[root@centos6 ~]#vim /etc/dhcp/dhcpd.conf

 

# dhcpd.conf

#

# Sample configuration file for ISC dhcpd

#

 

# option definitions common to all supported networks…

option domain-name “example.org”;

option domain-name-servers 114.114.114.114,1.1.1.1;

 

default-lease-time 6000;

max-lease-time 7200;

 

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

 

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

 

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

 

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

 

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

option routers 192.168.30.254;

next-server 192.168.30.102;

filename “pxelinux.0″;

 

[root@centos6 ~]#service dhcpd start

[root@centos6 ~]#cd /var/www/html

[root@centos6 html]#rm -f *

[root@centos6 html]#ls

[root@centos6 html]#mkdir centos6

[root@centos6 html]#ls

centos6

[root@centos6 html]#mkdir ksdir6

[root@centos6 html]#ls

centos6  ksdir6

 

[root@centos6 html]#vim /etc/fstab

/dev/sr0                                /var/www/html/centos6 iso9660 defaults 0 0

[root@centos6 html]#mount -a

 

[root@centos6 html]#cp /root/anaconda-ks.cfg ksdir6/ks6-mini.cfg

[root@centos6 html]#ls

centos6  ksdir6

[root@centos6 html]#cd ksdir6/

[root@centos6 ksdir6]#ls

ks6-mini.cfg

 

 

[root@centos6 ksdir6]#vim ks6-mini.cfg

# Kickstart file automatically generated by anaconda.

 

#version=DEVEL

install

url –url=http://192.168.30.102/centos6

lang en_US.UTF-8

keyboard us

network –onboot yes –device eth0 –bootproto dhcp –noipv6

rootpw  –iscrypted $6$EulmJzD3GuV3Toj2$.oqwavfA9E8x1LfgW5QHIqpf6yInwkc/BOYZrw.Vg6avhYBOZUIJNxQCMRTYQDZHGuH.LCjdlhil2nncpVyQD1

firewall –service=disabled

authconfig –enableshadow –passalgo=sha512

selinux –disabled

timezone Asia/Shanghai

bootloader –location=mbr –driveorder=sda –append=”crashkernel=auto rhgb quiet”

# The following is the partition information you requested

# Note that any partitions you deleted are not expressed

# here so unless you clear all partitions first, this is

# not guaranteed to work

clearpart –all

zerombr

reboot

text

part /boot –fstype=ext4 –size=1024

part / –fstype=ext4 –size=50000

part /data –fstype=ext4 –size=30000

 

part swap –size=2048

 

 

 

%packages

@core

autofs

%end

%post

useradd wang

echo magedu | passwd –stdin wang

cat > /root/.ssh/authorized_keys << EOF

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApdPy/F5QwUQ951vUIsGFbDn9P+d/VCEDD/4ilMrQLqUd7YQ4cbiboME1u9lgxKTRJXhM9oN8QSye6KnDhuKVfA3fpwvbMFR2yH4lghgyZIyVbjIALzzxK46FLcj35ad5VDbKyw2x1UgAYQkLffXoN8cd8OYl9dvsj9+rzYvd/aTgsPgzvj3FV+R+MUogb7oCUcFgEm4iwboWYTNPBkTJLtqLfXtfTLvTywX3xAzIWO2q5WaHPd0/iNKwJQ9Q5UsONfp1Z+lfPoS3kdvc4CRviJEUu+5OzGDPsqigBkE7t/MWji3io1+Q95DfPRgvt+g+lFKrAm0OfRRdKWcXCeNvhQ== root@centos6.localdomain

EOF

chmod 600 /root/.ssh/authorized_key

%end

 

 

 

 

[root@centos6 ksdir6]#ll

total 8

-rw——- 1 root root 4284 May 26 17:56 ks6-mini.cfg

[root@centos6 ksdir6]#chmod 644 ks6-mini.cfg

[root@centos6 ksdir6]#cd /var/lib/tftpboot

[root@centos6 tftpboot]#ls

[root@centos6 tftpboot]#mkdir pxelinux.cfg

[root@centos6 tftpboot]#updatedb

[root@centos6 tftpboot]#locate pxelinux.0

/usr/share/syslinux/gpxelinux.0

/usr/share/syslinux/pxelinux.0

[root@centos6 tftpboot]#cp /usr/share/syslinux/pxelinux.0 .

[root@centos6 tftpboot]#ls

pxelinux.0  pxelinux.cfg

[root@centos6 tftpboot]#ls /misc/cd/isolinux

boot.cat  grub.conf   isolinux.bin  memtest     TRANS.TBL     vmlinuz

boot.msg  initrd.img  isolinux.cfg  splash.jpg  vesamenu.c32

[root@centos6 tftpboot]#cp /misc/cd/isolinux/{vmlinuz,initrd.ing} .

cp: cannot stat `/misc/cd/isolinux/initrd.ing’: No such file or directory

[root@centos6 tftpboot]#cp /misc/cd/isolinux/{vmlinuz,initrd.img} .

cp: overwrite `./vmlinuz’? y

[root@centos6 tftpboot]#ls

initrd.img  pxelinux.0  pxelinux.cfg  vmlinuz

[root@centos6 tftpboot]#cp /misc/cd/isolinux/isolinux.cfg pxelinux.cfg/default

[root@centos6 tftpboot]#cp /misc/cd/isolinux/vesamenu.c32 .

[root@centos6 tftpboot]#ls

initrd.img  pxelinux.0  pxelinux.cfg  vesamenu.c32  vmlinuz

[root@centos6 tftpboot]#cp /misc/cd/isolinux/boot.msg  .

cp: overwrite `./boot.msg’? y

[root@centos6 tftpboot]#cp /misc/cd/isolinux/splash.jpg  .

[root@centos6 tftpboot]#ls

boot.msg  initrd.img  pxelinux.0  pxelinux.cfg  splash.jpg  vesamenu.c32  vmlinuz

[root@centos6 tftpboot]#cd pxelinux.cfg/

[root@centos6 pxelinux.cfg]#vim default

[root@centos6 pxelinux.cfg]#tree

.

└── default

 

0 directories, 1 file

[root@centos6 pxelinux.cfg]#cd ..

[root@centos6 tftpboot]#tree

.

├── boot.msg

├── initrd.img

├── pxelinux.0

├── pxelinux.cfg

│   └── default

├── splash.jpg

├── vesamenu.c32

└── vmlinuz

 

1 directory, 7 files

 

[root@centos6 pxelinux.cfg]#vim default

 

default vesamenu.c32

#prompt 1

timeout 600

 

menu title Welcome to CentOS 6.9!

 

label mini

menu label ^Install  a mini system

kernel vmlinuz

append initrd=initrd.img ks=http://192.168.30.102/ksdir6/ks6-mini.cfg

label local

munu default

menu label Boot from ^local drive

localboot 0xffff

自动安装6,7系统

yum install httpd tftp-server dhcp syslinux

需要两块光盘光盘中放入cento7和centos6的everthing

systemctl enable httpd dhcpd tftp.socket

systemctl start httpd tftp.socket

cp /usr/share/doc/dhcp-4.2.5/dhcp.coonf.example /etc/dhcp/dhcpd.conf

vim /etc/dhcp/dhcpd.conf

subnet 192.168.30.0 netmask 255.255.255.0{

range 192.168.30.150 192.168.30.200;

next-server 192.168.30.101;

filename “pxelinux.0”;

}

systemctl start dhcpd

cd /var/www/html

ls

mkdir centos{6,7}

echo /dev/sr0  /var/www/html/centos7   iso9660 default 0 0 >> /etc/fstab

echo /dev/sr1  /var/www/html/centos6   iso9660 default 0 0 >> /etc/fstab

mount -a

mkdir ksdir

cp ks6_mini.cfg ks7_desktop.cfg /var/www/html/ksdir

vim ks6_mini.cfg

url –url=http://192.168.30.101/centos6

vim ks7_desktop.cfg

url –url=http://192.168.30.101/centos7

cd /var/lib/tftpboot

ls

mkdir pxelinux.cfg

ls

mkdir centos{6,7}

cp /var/www.html/centos6/isolinux/{initrd.img,vmlinuz} centos6/

cp /var/www.html/centos7/isolinux/{initrd.img,vmlinuz} centos7/

cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot

cp /var/www/html/centos7/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinuxcfg/default

vim /var/lib/tftpboot/pxelinuxcfg/default

default menu.c32

tineout 600

menu titel www.magedu

lable centos7

menu lable install ^desktop centos7

kernel centos7/vmlinuz

append initrd=centos7/initrd.img ks=http://192.168.30.101 /ksdir/ks7_desktop.cfg

lable centos6

menu lable install ^mini centos6

kernel centos6/vmlinuz

append initrd=centos6/initrd.img ks=http://192.168.30.101 /ksdir/ks6_mini.cfg

label local

munu default

menu label Boot from ^local drive

localboot 0xffff

menu end

cp /usr/share/syslinux/pexlinux.0 /var/lib/tftpboot/

 

实验:在centos7实现PXE安装centos6,7

 

0 selinux ,firewall 关闭

1 安装包

yum install dhcp tftp-server httpd syslinux

systemctl enable dhcpd httpd tftp.socket

systemctl start httpd

 

2 准备YUM源

 

mkdir /var/www/html/centos/{6,7}/ -pv

 

vim /etc/fstab 加下面行

/dev/sr0         /var/www/html/centos/7    iso9660 defaults        0 0

/dev/sr1         /var/www/html/centos/6    iso9660 defaults        0 0

mount -a

df

 

3 准备ks文件

mkdir /var/www/html/ksdir/{6,7} -pv

cp /root/anaconda-ks.cfg  /var/www/html/ksdir/7/ks7_desktop.cfg

chmod +r /var/www/html/ksdir/7/ks7_desktop.cfg

 

[root@centos7 tftpboot]#tree /var/www/html/ksdir/

/var/www/html/ksdir/

├── ks6_mini.cfg

└── ks7_desktop.cfg

 

 

4 配置dhcp服务

cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf

 

vim /etc/dhcp/dhcpd.conf

[root@centos7 tftpboot]#cat /etc/dhcp/dhcpd.conf

option domain-name “magedu.org”;

option domain-name-servers 114.114.114.114,1.1.1.1;

option routers 192.168.30.200;

default-lease-time 86400;

max-lease-time 100000;

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.10 192.168.30.100;

option routers 192.168.30.254;

option domain-name-servers 8.8.8.8;

next-server 192.168.30.17;

filename “pxelinux.0”;

}

systemctl start dhcpd

 

5 准备PXE相关文件

rpm -ql syslinux

mkdir /var/lib/tftpboot/pxelinux.cfg/

cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot/

mkdir /var/lib/tftpboot/centos{6,7}

 

cp  /var/www/html/centos/7/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7/

cp  /var/www/html/centos/6/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6/

 

 

cp /var/www/html/centos/7/isolinux/isolinux.cfg  /var/lib/tftpboot/pxelinux.cfg/default

vim /var/lib/tftpboot/pxelinux.cfg/default

 

cat /var/lib/tftpboot/pxelinux.cfg/default

 

cat /var/lib/tftpboot/pxelinux.cfg/default

default menu.c32

timeout 600

 

menu title www.magedu.com

 

label centos7

menu label ^Install  Desktop CentOS  7

kernel centos7/vmlinuz

append initrd=centos7/initrd.img ks=http://192.168.30.17/ksdir/ks7_desktop.cfg

 

label centos6

menu label install ^Mini CentOS 6

menu default

kernel centos6/vmlinuz

append initrd=centos6/initrd.img ks=http://192.168.30.17/ksdir/ks6_mini.cfg

label local

menu label Boot from ^local drive

localboot 0xffff

menu end

 

tree /var/lib/tftpboot/

/var/lib/tftpboot/

├── centos6

│?? ├── initrd.img

│?? └── vmlinuz

├── centos7

│?? ├── initrd.img

│?? └── vmlinuz

├── menu.c32

├── pxelinux.0

└── pxelinux.cfg

└── default

 

3 directories, 7 files

 

cobbler 介绍

Cobbler:

快速网络安装linux操作系统的服务,支持众多的Linux发行版:Red Hat、

Fedora、CentOS、Debian、Ubuntu和SuSE,也可以支持网络安装windows

PXE的二次封装,将多种安装参数封装到一个菜单

Python编写

提供了CLI和Web的管理形式

 

cobbler工作流程

 

cobbler 工作流程

 client裸机配置了从网络启动后,开机后会广播包请求DHCP服务器(cobbler server)

发送其分配好的一个IP

 DHCP服务器(cobbler server)收到请求后发送responese,包括其ip地址

 client裸机拿到ip后再向cobbler server发送请求OS引导文件的请求

 cobbler server告诉裸机OS引导文件的名字和TFTP server的ip和port

 client裸机通过上面告知的TFTP server地址通信,下载引导文件

 client裸机执行执行该引导文件,确定加载信息,选择要安装的os,期间会再向

cobbler server请求kickstart文件和os image

 cobbler server发送请求的kickstart和os iamge

 client裸机加载kickstart文件

 client裸机接收os image,安装该os image

 

cobbler 介绍

安装包

cobbler 基于EPEL源

cobbler 服务集成

 PXE

 DHCP

 rsync

 Http

 DNS

 Kickstart

 IPMI 电源管理

检查cobbler环境

cobbler check

 

 

cobbler 相关术语

 发行版:

 表示一个操作系统版本,它承载了内核和 initrd 的信息,以及内核参数等其他数据

 配置文件:

 包含一个发行版、一个 kickstart 文件以及可能的存储库,还包含更多特定的内核参

数等其他数据

 系统:

 表示要配置的主机,它包含一个配置文件或一个镜像,还包含 IP 和 MAC 地址、电源

管理(地址、凭据、类型)以及更为专业的数据等信息

 存储库:

 保存一个 yum 或 rsync 存储库的镜像信息

 镜像:

 可替换一个包含不属于此类别的文件的发行版对象(例如,无法分为内核和 initrd 的

对象

 

cobbler 各种配置目录说明

安装:yum install cobbler dhcp

配置文件目录 /etc/cobbler

/etc/cobbler/settings : cobbler 主配置文件

/etc/cobbler/iso/: iso模板配置文件

/etc/cobbler/pxe: pxe模板文件

/etc/cobbler/power: 电源配置文件

/etc/cobbler/user.conf: web服务授权配置文件

/etc/cobbler/users.digest: web访问的用户名密码配置文件

/etc/cobbler/dhcp.template : dhcp服务器的的配置末班

/etc/cobbler/dnsmasq.template : dns服务器的配置模板

/etc/cobbler/tftpd.template : tftp服务的配置模板

/etc/cobbler/modules.conf : 模块的配置文件

 

cobble安装配置及实现自动化安装系统

 

[root@CENTOS7 cd]# vim /etc/selinux/config

[root@CENTOS7 cd]# setenforce 0

[root@CENTOS7 cd]# getenforce

Permissive

 

[root@CENTOS7 cd]# systemctl stop firewalld

[root@CENTOS7 cd]# systemctl disable firewalld

Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

 

yum install cobbler dhcp(cobbler会自动安装httpd和tftp)

systemctl enable cobblerd dhcpd httpd tftp

systemctl start cobblerd httpd tftp(dhcpd缺少配置文件所以暂时无法启动)

配置cobbler

 

cobbler check

1.vim /etc/cobbler/setting

搜索server:127.0.0.1  (384行)

server:192.168.30.101

搜索next_server:127.0.0.1(272行)

next_server:192.168.30.101

搜索default_password(101行)

openssl passwd -1 生成新的密码并复制到101行

manage_dhcp(242hang)

manage_dhcp: 1

禁用selinux和firewalld

 

cobbler get-loaders 自动下载tftpboot下所需要的文件

cobbler sync   同步到tftpboot下

systemctl restart cobblerd

 

vim/etc/cobbler/dhcp.template    通过cobbler的dhcp模板生成dhcp的配置文件

修改

subnet 192.168.30.101 netmask 255.255.255.0{

option routers 192.168.30.1;

option domain-name-servers 8.8.8.8;

rangge dynamic-bootp 192.168.30.150 192.168.30.200;

cobbler sync   同步

 

拷入安装光盘

 

mkdir /mnt/cdrom0

mkdir /mnt/cdrom1

mount /dev/sr0 /mnt/cdrom0

mount /dev/sr1 /mnt/cdrom1

cobbler import –path=/mnt/cdrom1/ –centos6.9-x86_64  –arch=x86_64

cobbler import –path=/mnt/cdrom0/ –centos7.4-x86_64  –arch=x86_64

文件拷贝到 /var/www/cobbler/ks_mirror下的centos6.9-x86_64中

cobbler distro list    查看安装版本

cat /var/lib/tftpboot/pxelinux/default   菜单已经自动生成

cobbler distro –htlp 查看cobbler distro用法

cobbler profile list   类似于应答文件

想删除安装版本先删除应答文件

cobbler profile remove –name=centos-6.9-i386   删除后/var/lib/tftpboot/pxelinux/default中的相应菜单已经删除

cobbler distro remove –name=centos-6.9-i386

将自己自作的应答文件关联其yum源

 

将应答文件传到centos7中

rz

ks6_mini.cfg

vim ks6_mini.cfg

url –url=$tree   修改此行(写的是yum源路径)

cp ks6_mini.cfg /var/lib/cobbler/kickstarts/

cobbler profile add –name=centos6.9-x86_64_mini –distro=centos-6.9-x86_64 –kickstart=/var/lib/cobbler/kickstarts/ks6_mini.cfg

cd /var/lib/tftpboot/images 中存放着不同版本的initrd.img和vmlinuz

rz

cp ks7_desktop.cfg /var/www/cobbler/kickstarts/

vim ks7_desktop.cfg

url –url=$tree

cobbler profile add –name=centos7-x86_64_desktop –distro=centos-7.4-x86_64 –kickstart=/var/www/cobbler/kickstarts/ks7_desktop.cfg

 

 

cobbler profile report –name=centos-7.4-x86_64_desktop   查看其ks文件等信息

 

 

 

cobbler 目录介绍

 数据目录

/var/lib/cobbler/config/: 用于存放distros,system,profiles 等信息配置文件

/var/lib/cobbler/triggers/: 用于存放用户定义的cobbler命令

/var/lib/cobbler/kickstart/: 默认存放kickstart文件

/var/lib/cobbler/loaders/: 存放各种引导程序

 镜像目录

/var/www/cobbler/ks_mirror/: 导入的发行版系统的所有数据

/var/www/cobbler/images/ : 导入发行版的kernel和initrd镜像用于远程网络启动

/var/www/cobbler/repo_mirror/: yum 仓库存储目录

 日志目录

/var/log/cobbler/installing: 客户端安装日志

/var/log/cobbler/cobbler.log : cobbler日志

cobbler 命令介绍

cobbler commands介绍

cobbler check 核对当前设置是否有问题

cobbler list 列出所有的cobbler元素

cobbler report 列出元素的详细信息

cobbler sync 同步配置到数据目录,更改配置最好都要执行下

cobbler reposync 同步yum仓库

cobbler distro 查看导入的发行版系统信息

cobbler system 查看添加的系统信息

cobbler profile 查看配置信息

cobbler 重要的参数

/etc/cobbler/settings中重要的参数设置

default_password_crypted: “$1$gEc7ilpP$pg5iSOj/mlxTxEslhRvyp/”

manage_dhcp:1

manage_tftpd:1

pxe_just_once:1

next_server:< tftp服务器的 IP 地址>

server:<cobbler服务器的 IP 地址>

cobbler 环境检查

执行Cobbler check命令会报如下异常

 1 : The ‘server’ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This

should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

 2 : For PXE to be functional, the ‘next_server’ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should

match the IP of the boot server on the PXE network.

 3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders’ to download them, or, if you

only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and

can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32,

elilo.efi, and yaboot. The ‘cobbler get-loaders’ command is the easiest way to resolve these requirements.

 4 : change ‘disable’ to ‘no’ in /etc/xinetd.d/rsync

 5 : comment ‘dists’ on /etc/debmirror.conf for proper debian support

 6 : comment ‘arches’ on /etc/debmirror.conf for proper debian support

 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings)

is still set to ‘cobbler’ and should be changed, try: “openssl passwd -1 -salt ‘random-phrase-here’ ‘your-password-here’” to generate new

one

 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use

them

cobbler 报错解决

执行Cobbler check报错解决方式

修改/etc/cobbler/settings文件中的server参数的值为提供cobbler服务的主机相

应的IP地址或主机名

修改/etc/cobbler/settings文件中的next_server参数的值为提供PXE服务的主机

相应的IP地址

如果当前节点可以访问互联网,执行“cobbler get-loaders”命令即可;否则,

需要安装syslinux程序包,而后复制/usr/share/syslinux/{pxelinux.0,memu.c32}

等文件至/var/lib/cobbler/loaders/目录中

执行“chkconfig rsync on”命令即可

执行“openssl passwd -1 生成密码,并用其替换/etc/cobbler/settings文件中

default_password_crypted参数的值

cobbler 相关管理

下载启动菜单:

联网:cobbler get-loaders

不联网:cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot

管理distro

cobbler import –name=centos-6.9-x86_64 –path=/media/cdrom –arch=x86_64

管理profile

cobbler profile add –name=centos-6.9-x86_64-basic

–distro=centos-6.9-x86_64 –kickstart= /var/lib/cobbler/kickstarts/centos-6.9-

x86_64.cfg

cobbler 命令

查看profiles

cobbler profile list

查看引导文件

cat /var/lib/tftpboot/pxelinux.cfg/default

同步cobbler配置

cobbler sync

多系统引导方案

cobbler import –name=CentOS-7-x86_64 –path=/media/cdrom

cobbler distro list

cobbler profile list

cobbler sync

cobbler 实现步骤

安装包,并设置服务

检查配置

根据上面提示修改配置

下载启动相关文件菜单

配置DHCP服务

分别导入centos的安装源,并查看

准备kickstart文件并导入cobbler

测试

cobbler的web管理实现

cobbler-web

提供cobbler的基于web管理界面,epel源

yum install cobbler-web

认证方式

认证方法配置文件:/etc/cobbler/modules.conf

支持多种认证方法:

 authn_configfile

 authn_pam

cobbler的web管理实现

使用authn_configfile模块认证cobbler_web用户

vim /etc/cobbler/modules.conf

[authentication]

module=authn_configfile

创建其认证文件/etc/cobbler/users.digest,并添加所需的用户

htdigest -c /etc/cobbler/users.digest Cobbler admin

注意:添加第一个用户时,使用“-c”选项,后续添加其他用户时不要再使

用,cobbler_web的realm只能为Cobbler

 

 

cobbler的web管理实现

 使用authn_pam模块认证cobbler_web用户

 vim /etc/cobbler/modules.conf

[authentication]

module = authn_pam

 创建cobbler用户:useradd cobbler

 vim /etc/cobbler/users.conf

[admins]

admin = “cobbler“

Web访问cobbler

重启cobblerd服务

通过https://cobblerserver/cobbler_web访问

 

yum install cobbler-web

 

systemctl restart httpd

 

网页访问时 https://192.168.30.101/cobbler_web/

 

创建管理员身份账号和密码

 

vim /etc/cobbler/modules.conf

 

htdigest -c /etc/cobbler/users.digest Cobbler text1

 

vim /etc/cobbler/modules.conf

 

module= authn_pam

useradd -s /sbin/nologin  test2

ehco magedu |passwd –stdin test2

vim /etc/cobbler/users.conf

admin = “test2”

systemctl restart cobblerd

 

 

实验:实现cobbler安装

 

 

1 安装包

yum install cobbler(EPEL) dhcp

systemctl enable cobblerd dhcpd httpd tftp

systemctl start cobblerd httpd tftp

 

2 cobbler check

 

3 vim /etc/cobbler/settings

server:cobberserverip

next_server:cobberserverip

defaut_password_cryptd: “xxxxxxxxxx”   #openssl passwd -1 生成口令

manage_dhcp:1

 

4 cobber get-loaders 联网

cobbler sync

 

5 vim /etc/cobbler/dhcp.template

subnet 192.168.30.0 netmask 255.255.255.0

range dynamic-bootp 192.168.30.10 192.168.30.200;

 

 

cobbler sync

 

systemctl restart dhcpd

 

6

/dev/sr0         8490330  8490330         0 100% /mnt/cdrom0

/dev/sr1         6049912  6049912         0 100% /mnt/cdrom1

 

cobbler import –path=/mnt/cdrom0 –name=CentOS_7.4-x86_64   –arch=x86_64

cobbler import –path=/mnt/cdrom1 –name=CentOS_6.9-x86_64   –arch=x86_64

cobbler distro list

 

7

#cat ks6_mini.cfg

url –url=$tree

 

cp ks7_desktop.cfg  ks6_mini.cfg    /var/lib/cobbler/kicstarts/

 

cobbler profile add –name=CentOS_7.4-x86_64_Desktop –distro=CentOS_7.4-x86_64 –kickstart=/var/lib/cobbler/kicstarts/ks7_desktop.cfg

cobbler profile add –name=CentOS_6.9-x86_64_Mini –distro=CentOS_6.9-x86_64 –kickstart=/var/lib/cobbler/kicstarts/ks6_mini.cfg

 

删除自带的配置

cobbler profile remove –name=CentOS_7.4-x86_64

cobbler profile remove –name=CentOS_6.9-x86_64

 

8 web实现

 

yum install cobbler-web

systemctl restart httpd

 

htdigest -c /etc/cobbler/users.digest Cobbler test1

 

https://cobberserverip/cobbler_web/

本文来自投稿,不代表Linux运维部落立场,如若转载,请注明出处:http://www.178linux.com/99612

(0)
王仁兵王仁兵
上一篇 2018-05-27
下一篇 2018-05-27

相关推荐

  • hell脚本基础知识详细介绍

    Shell本身是一个用C语言编写的程序,它是用户使用Linux的桥梁。Shell既是一种命令语言,又是一种程序设计语言。作为命令语言,它交互式地解释和执行用户输入的命令;作为程序设计语言,它定义了各种变量和参数,并提供了许多在高级语言中才具有的控制结构,包括循环和分支。 它虽然不是Linux系统核心的一部分,但它调用了系统核心的大部分功能来执行程序、建立文件…

    Linux笔记 2018-05-14
  • Linux的文件管理和Bash的基础特性

    Linux文件管理,Bash的基础特性及练习

    2018-07-02
  • 网络管理 tcp/udp详解 (传输层)

    简介: TCP和UDP的区别 TCP是面向连接的传输控制协议,而UDP提供了无连接的数据报服务。 TCP具有高可靠性,确保传输数据的正确性,不出现丢失或乱序;UDP在传输数据前不建立连接,不对数据报进行检查与修改,无须等待对方的应答,所以会出现分组丢失、重复、乱序,应用程序需要负责传输可靠性方面的所有工作; UDP具有较好的实时性,工作效率较TCP协议高; …

    2018-05-01
  • Work Three

    1、列出当前系统上所有已经登录的用户的用户名,注意:同一个用户登录多次,则只显示一次即可。 who | cut -d’ ‘ -f1 | sort -u cut -d ‘ ‘ -f1:以空格为界显示每行第一列 sort -u :在输出行中去除重复行 例如:who | cut -d’ ‘ -…

    2018-07-15
  • 第十次笔记 二

    使用PEX和cobbleer实现网络服务器自动化安装系统

    2018-05-26