海运的博客

centos/debian自动通过网络远程安装系统配置脚本

发布时间:September 30, 2018 // 分类: // No Comments

此脚本用于生成ubuntu和centos网络重装引导项,ks和pressed配置文件见前文,上传到http服务器并替换脚本中内容,在centos7和ubuntu18.04上测试安装centos7和ubuntu18.04通过。

#!/bin/bash
#set -x
install=ubuntu
network=static
stage2="nfs:nfsvers=4:www.haiyun.me:/"
cidr2mask () {
  set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
  [ $1 -gt 1 ] && shift $1 || shift
  echo ${1-0}.${2-0}.${3-0}.${4-0}
}
 
function valid_ip() {
local  ip=$1
local  stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
  OIFS=$IFS
  IFS='.'; ip=($ip); IFS=$OIFS
  [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
  stat=$?
fi
return $stat
}
 
which wget &> /dev/null && which ip &> /dev/null || {
echo '请先安装wget和ip'
exit;
 }
 
 if [ "$network" == 'static' ]; then
   address=`ip -o -f inet addr show | awk '/scope global/ {print $4}'`
   ip=`echo $address|awk -F'/' '{print $1}'`
   cidr=`echo $address|awk -F'/' '{print $2}'`
   rou=`ip rou|awk '/default via/ {print $3}'`
   mask=`cidr2mask $cidr`
   echo 'ip:' $ip
   echo 'route:' $rou
   echo 'netmask:' $mask
   valid_ip "$ip"  && valid_ip "$mask"  &&  valid_ip "$rou"  || {
   echo '获取网络信息失败'
   exit;
 }
 echo '请核对以上IP信息是否正确'
fi
 
if [  -f "/etc/redhat-release" ]; then
  dist="centos"
  grubfile=/boot/grub2/grub.cfg
  grubcmd=grub2-mkconfig 
else
  grubfile=/boot/grub/grub.cfg
  grubcmd=grub-mkconfig 
  dist="ubuntu"
fi
#root=`grep "set root" $grubfile|sed -e 's/^[ \t]*//'|head -n 1`
root=`grep 'set root' $grubfile |sed -e 's/^[ \t]*//'|sort|uniq -c|head -n 1|awk '{print $2,$3}'`
if mount|grep -q /boot; then
  dir=/
else
  dir=/boot/
fi
vmlinuzfile=${dir}vmlinuz
initrdfile=${dir}initrd.img
rm -rf /boot/vmlinuz
rm -rf /boot/initrd.img
 
if [ "$install" == 'centos' ]; then
  mem=`free -m | grep Mem | awk '{print  $2}'` 
  if [ ! $stage2 ] && (($mem < 1500)); then
    echo '内存小于1.5G要通过网络安装centos7可能会失败'
    exit;
  fi
  base=https://mirrors.aliyun.com/centos/7/os/x86_64
  wget -q ${base}/isolinux/vmlinuz -O /boot/vmlinuz || exit;
  wget -q ${base}/isolinux/initrd.img -O /boot/initrd.img || exit;
  if [ "$network" == 'static' ]; then
    linux16="$vmlinuzfile inst.ks=http://www.haiyun.me/centos7.cfg net.ifnames=0 biosdevname=0 inst.headless ip=${ip}::${rou}:${mask}::eth0:none nameserver=8.8.8.8"
  else
    linux16="$vmlinuzfile inst.ks=http://www.haiyun.me/centos7.cfg net.ifnames=0 biosdevname=0 inst.headless ip=dhcp"
  fi
  if [ $stage2 ]; then
    linux16="$linux16 inst.stage2=$stage2"
  fi
else
  base=https://mirrors.aliyun.com/ubuntu/dists/bionic/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64
  wget -q ${base}/linux -O /boot/vmlinuz || exit;
  wget -q ${base}/initrd.gz -O /boot/initrd.img || exit;
  if [ "$network" == 'static' ]; then
    #linux16="$vmlinuzfile ks=http://www.haiyun.me/ubuntu-ks.cfg domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=${ip} netcfg/get_netmask=${mask} netcfg/get_gateway=${rou} netcfg/get_nameservers=8.8.8.8 netcfg/disable_autoconfig=true"
    linux16="$vmlinuzfile auto=true url=http://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=${ip} netcfg/get_netmask=${mask} netcfg/get_gateway=${rou} netcfg/get_nameservers=8.8.8.8 netcfg/disable_autoconfig=true"
  else
    #linux16="$vmlinuzfile ks=http://www.haiyun.me/ubuntu-ks.cfg domain= hostname=ubuntu-server interface=auto"
    linux16="$vmlinuzfile auto=true url=http://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto"
  fi
fi
 
[[ -f /boot/vmlinuz ]] && [[ -f /boot/initrd.img ]] || {
echo '引导文件不存在'
exit;
}
 
cat > /etc/grub.d/40_custom <<EOF
#!/bin/sh
exec tail -n +3 \$0
menuentry 'netinstall' {
$root
linux16 $linux16
initrd16 $initrdfile
}
EOF
sed -i 's/GRUB_DEFAULT=.*/GRUB_DEFAULT="netinstall"/' /etc/default/grub
$grubcmd -o $grubfile
cat /etc/grub.d/40_custom

https://www.haiyun.me/archives/1246.html
https://www.haiyun.me/archives/1249.html

使用kickstart安装ubuntu

发布时间:September 30, 2018 // 分类: // No Comments

preseed安装ubuntu见:https://www.haiyun.me/archives/1246.html
启动参数:

ks=http://www.haiyun.me/ubuntu-ks.cfg domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=${ip} netcfg/get_netmask=${mask} netcfg/get_gateway=${rou} netcfg/get_nameservers=8.8.8.8 netcfg/disable_autoconfig=true

配置文件,ks不支持部分ubuntu设置,可在ks文件中嵌入preseed命令:

install
url --url=http://mirrors.aliyun.com/ubuntu/
text
skipx

unsupported_hardware
eula --agreed

#rootpw --plaintext 123456 
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
rootpw --iscrypted $6$16_CHARACTER_SAL$dvFZEFR66m38M3u3K4os2Yi4j88oTRaF9Q7XkKK4VFlMlwS9l17oTjXI043rfpNxDkB8/1ntrOiAFQGeYgwEZ.
authconfig --enableshadow --passalgo=sha512
preseed passwd/make-user boolean false

keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
timezone Asia/Shanghai

firstboot --disable
firewall --disabled
selinux --disabled
reboot

#network --bootproto=static --device=eth0 --gateway=192.168.168.1 --ip=192.168.168.50 --nameserver=192.168.168.1 --netmask=255.255.255.0 --ipv6=auto --activate
#network --hostname=ubuntu-server

preseed partman-lvm/device_remove_lvm boolean true
preseed partman-md/device_remove_md boolean true
#preseed partman-lvm/confirm boolean true                                                                                                                                                                                                      
#preseed partman-lvm/confirm_nooverwrite boolean true

zerombr
clearpart --all --drives=sda
ignoredisk --only-use=sda
bootloader --location=mbr --boot-drive=sda
#autopart

#part / --asprimary --fstype ext4 --size=5120
#part swap --asprimary --size=1024
#part /home --asprimary --fstype ext4 --size=5120 --grow

part /boot --fstype ext4 --size 200 --asprimary
part swap  --size 1024 --asprimary 
part pv.01 --size 1 --grow --asprimary 
volgroup rootvg pv.01
logvol / --fstype ext4 --vgname=rootvg --size=1 --grow --name=rootlv

#preseed anna/choose_modules string network-console
#preseed network-console/password password 123456
#preseed network-console/password-again password 123456

preseed pkgsel/update-policy select none
preseed pkgsel/upgrade select none
#ubuntu-minimal
%packages
openssh-server

%post
sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
%end

参考:
https://help.ubuntu.com/community/KickstartCompatibility
https://help.ubuntu.com/lts/installation-guide/i386/ch04s06.html

Centos/linux ipv4优先

发布时间:September 29, 2018 // 分类: // No Comments

cp /usr/share/doc/glibc-common-2.17/gai.conf /etc/
echo 'precedence ::ffff:0:0/96  100' >> /etc/gai.conf

BT/utorrent连接加密及标志

发布时间:September 29, 2018 // 分类: // No Comments

Protocol Encryption (PE):
Azureus与uTorrent共同制定的加密协议, 以绕过ISP封锁或干扰BT

禁用---传出不加密,但接受加密传入
启用---尝试传出加密,若连接失败,转为不加密传出
强制---尝试传出加密,若连接失败,仍保持加密传出
允许传入旧式连接---允许传入旧式的非加密连接,建议勾选,否则将拒绝所有未加密的传入连接

以下2种模式均接受加密的传入连接且为双向加密:

所有模式 (加密/非加密连接均接受, ut默认模式)
传出连接---〉启用
允许传入旧式连接---〉勾选

强制模式 (仅接受加密连接,拒绝所有未加密的连接申请,可增强反吸血保护)
传出连接---〉强制
允许传入旧式连接---〉不勾选

uTorrent 用户标识缩写含义:
了解对方用户标识缩写含义,知己知彼,有助于分析一些传输问题

D = 正在下载 (我方有意从对方下载且被接受)
d = 对方拒绝 (我方有意从对方下载但被拒绝)
U = 正在上传 (对方有意从我方下载且被接受)
u = 拒绝上传 (对方有意从我方下载但被拒绝)
K = 我方无意下载 (我方无意从对方下载虽对方未拒绝)
? = 对方无意下载 (对方无意从我方下载虽我方未拒绝)

F = 错误用户(对方曾传来散列校验失败的区块, 但还未达屏蔽对方的程度)
S = 静态用户(静态等待, 双方之间无活动达高级参数中设定的静态等待时限,但未屏蔽对方)
O = 宽容用户(在无其他更好的用户选择前,不拒绝对方连接,uT在用户接入优先级排序上有一套轮循optimistic unchoke规则 )

I = 已建立传入连接的用户
X = 通过用户交换(PEX)或IPv6/IPv4穿遂连接的用户
H = 通过DHT连接的用户
h = 通过UDP内网穿透(UDP Hole Punching)连接的用户
L = 通过本地用户发现连接的本地用户
P = 通过uTP连接的用户

E = 所有模式用户 (加密或非加密连接均接受)
e = 强制模式用户 (仅接受加密连接)

参考:
https://github.com/transmission/transmission/wiki/Peer-Status-Text

IPXE网络引导通过kickstart和preseed自动安装centos/ubuntu/debian系统

发布时间:September 28, 2018 // 分类: // No Comments

编译ipxe,也可从netboot.xyz下载编译好的,netboot默认包含一些常用系统的安装规则。

git clone git://git.ipxe.org/ipxe.git
cd ipxe/src
sed -i -e '/DOWNLOAD_PROTO_HTTPS/ s/#undef/#define/' config/general.h
sed -i -e '/define IMAGE_TRUST_CMD/ s/\/\///' config/general.h
sed -i -e '/define IPSTAT/ s/\/\///' config/general.h
make bin/ipxe.lkrn

加入grub引导项,set root为boot目录所在分区,/ipxe.lkrn为文件相对于boot所在分区的绝对路径,如果boot为单独分区刚为/ipxe.lkrn,非单独分区为/boot/ipxe.lkrn,hd0为第一个硬盘,msdos1为第一个mbr分区,如果是gpt使用gpt1。

cat >> /etc/grub.d/40_custom <<EOF
menuentry 'ipxe boot' {
    set root='hd0,msdos1'
    linux16 /ipxe.lkrn
    initrd16 /ipxe.initrd
}
EOF
sed -i 's/GRUB_DEFAULT=.*/GRUB_DEFAULT="ipxe boot"/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg 

调用ipxe规则的几种方法:
1.grub引导参数和HTTP调用远程文件:

#ipxe启动后dhcp获取IP然后获取netboot规则。
linux16 /ipxe.lkrn dhcp && chain --autofree https://boot.netboot.xyz

2.本地文件ipxe.initrd:

#!ipxe
imgfree
set net0/ip 192.168.168.4
set net0/netmask 255.255.255.0
set net0/gateway 192.168.168.1
set dns 192.168.168.1
ifopen net0
chain --autofree https://boot.netboot.xyz

3.编译时也可将规则嵌入进去:

make bin/ipxe.lkrn EMBED=boot.ipxe

centos7 ipx网络安装规则:

#!ipxe
set base http://mirrors.aliyun.com/centos/7/os/x86_64
kernel ${base}/images/pxeboot/vmlinuz inst.repo=${base} ks=http://www.haiyun.me/centos7.cfg inst.vnc inst.vncpassword=12345678 net.ifnames=0 biosdevname=0 inst.headless ip=192.168.168.4::192.168.168.1:255.255.255.0::eth0:none nameserver=192.168.168.1
initrd ${base}/images/pxeboot/initrd.img
boot

kickstart文件:

install
#url --url="http://mirror.centos.org/centos/7/os/x86_64/"
url --url="http://mirrors.aliyun.com/centos/7/os/x86_64/"
text
skipx
unsupported_hardware
eula --agreed

#rootpw --plaintext 123456 
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
rootpw --iscrypted $6$16_CHARACTER_SAL$dvFZEFR66m38M3u3K4os2Yi4j88oTRaF9Q7XkKK4VFlMlwS9l17oTjXI043rfpNxDkB8/1ntrOiAFQGeYgwEZ.
authconfig --enableshadow --passalgo=sha512

keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
timezone Asia/Shanghai

firstboot --disable
firewall --disabled
selinux --disabled

#network --bootproto=static --device=eth0 --gateway=192.168.168.1 --ip=192.168.168.50 --nameserver=192.168.168.1 --netmask=255.255.255.0 --ipv6=auto --activate
network --hostname=centos7-x64

reboot
services --enabled="chronyd"

zerombr
clearpart --all --drives=sda
ignoredisk --only-use=sda
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
#autopart --type=lvm

#part / --asprimary --fstype ext4 --size=5120
#part swap --asprimary --size=1024
#part /home --asprimary --fstype ext4 --size=5120 --grow

part /boot --fstype ext4 --size 200 --asprimary
part swap  --size 1024 --asprimary 
part pv.01 --size 1 --grow --asprimary 
volgroup rootvg pv.01
logvol / --fstype ext4 --vgname=rootvg --size=1 --grow --name=rootlv

vnc --password=12345678

#repo --name=base --baseurl=http://mirror.centos.org/centos/7/os/x86_64/

%packages
@^minimal
@core
chrony
kexec-tools

%end

ubuntu18.04 ipx网络安装规则:

#!ipxe
set mirror https://mirrors.aliyun.com/
set release bionic
set arch amd64
set base-url ${mirror}/ubuntu/dists/${release}/main/installer-${arch}/current/images/netboot/ubuntu-installer/${arch}
kernel ${base-url}/linux auto=true url=http://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=192.168.168.4 netcfg/get_netmask=255.255.255.0 netcfg/get_gateway=192.168.168.1 netcfg/get_nameservers=192.168.168.1 netcfg/disable_dhcp=true
initrd ${base-url}/initrd.gz
boot

preseed文件:

d-i debian-installer/locale string en_US
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us

#使用静态IP
#d-i netcfg/choose_interface select auto
#d-i netcfg/disable_autoconfig boolean true
#d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select Configure network manually
#d-i netcfg/get_ipaddress string 192.168.168.4
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.168.1
#d-i netcfg/get_nameservers string 192.168.168.1
#d-i netcfg/confirm_static boolean true
#d-i netcfg/get_hostname string ubuntu-server
#d-i netcfg/get_domain string 
d-i hw-detect/load_firmware boolean true

d-i mirror/country string manual
#d-i mirror/http/hostname string mirrors.aliyun.com
d-i mirror/http/hostname string archive.ubuntu.com
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string

d-i passwd/root-login boolean ture
d-i passwd/make-user boolean false
#d-i passwd/root-password password 123456
#d-i passwd/root-password-again password 123456
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
d-i passwd/root-password-crypted password $6$16_CHARACTER_SAL$CIIxSZip5SHbUDtMlgweMCsEMqUsp4kGjo
d-i user-setup/allow-password-weak boolean true
d-i user-setup/encrypt-home boolean false

d-i clock-setup/utc boolean false
d-i time/zone string Asia/Shanghai
d-i clock-setup/ntp boolean true


#d-i partman-auto/disk string /dev/sda
d-i partman/early_command string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/default_filesystem string ext4
d-i partman/mount_style select uuid


d-i partman-auto/choose_recipe select boot-root
d-i partman-auto/method string regular
d-i partman-auto/expert_recipe string                         \
      boot-root ::                                            \
              5120 1 5120 ext4                                \
                     $primary{ } $bootable{ }                 \
                     method{ format } format{ }               \
                     use_filesystem{ } filesystem{ ext4 }     \
                     mountpoint{ / }                          \
              .                                               \
              1 3 -1 ext4                                     \
                      $primary{ }                             \
                      method{ format } format{ }              \
                      use_filesystem{ } filesystem{ ext4 }    \
                      mountpoint{ /home }                     \
              .                                               \
              1024 2 1024 linux-swap                          \
                      $primary{ }                             \
                      method{ swap } format{ }                \
              .

 
#d-i partman-auto/choose_recipe select boot-root
#d-i partman-auto/method string regular
#d-i partman-auto/expert_recipe string                         \
#      boot-root ::                                            \
#              1 2 -1 ext4                                     \
#                     $primary{ }                              \
#                     method{ format } format{ }               \
#                     use_filesystem{ } filesystem{ ext4 }     \
#                     mountpoint{ / }                          \
#              .                                               \
#              128 1 128 linux-swap                            \
#                      $primary{ }                             \
#                      method{ swap } format{ }                \
#              .


#d-i partman-auto/choose_recipe select boot-lvm
#d-i partman-auto/method string lvm
#d-i partman-auto-lvm/guided_size string 100%
#d-i partman-auto-lvm/new_vg_name string vg00
#d-i partman-lvm/confirm boolean true
#d-i partman-lvm/confirm_nooverwrite boolean true
#d-i partman-auto/expert_recipe string                         \
#      boot-lvm ::                                             \
#              1024 1 1024 ext4                                \
#                      $primary{ } $bootable{ }                \
#                      method{ format } format{ }              \
#                      use_filesystem{ } filesystem{ ext4 }    \
#                      mountpoint{ /boot }                     \
#              .                                               \
#              1 2 -1 ext4                                     \
#                      $primary{ }                             \
#                      $defaultignore{ }                       \
#                      method{ lvm }                           \
#                      device{ /dev/sda }                      \
#                      vg_name{ vg00 }                         \
#              .                                               \
#              1024 3 1024 swap                                \
#                      $lvmok{ } lv_name{ lv_swap } in_vg{ vg00 } \
#                      method{ swap } format{ }                   \
#          .                                                      \
#              1 4 -1 ext4                                        \
#                      $lvmok{} lv_name{ lv_root } in_vg{ vg00 }  \
#                      method{ format } format{ }                 \
#                      use_filesystem{ } filesystem{ ext4 }       \
#                      mountpoint{ / }                            \
#          .                                                      


tasksel tasksel/first multiselect minimal
d-i pkgsel/update-policy select none
d-i pkgsel/include string openssh-server vim wget tmux net-tools software-properties-common
d-i pkgsel/upgrade select none

d-i grub-installer/only_debian boolean true
d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
d-i debian-installer/exit/reboot boolean true
d-i preseed/late_command string cd /target/;\
    echo 'UseDNS no' >> etc/ssh/sshd_config;\
    echo 'AddressFamily inet' >> etc/ssh/sshd_config;\
    echo 'PermitRootLogin yes' >> etc/ssh/sshd_config;

#d-i anna/choose_modules string network-console
#d-i network-console/password password 123456
#d-i network-console/password-again password 123456

注:Centos7安装内存不得小于2G,可不使用ipxe直接下载centos/ubuntu网络安装文件到本地添加到grub自动安装,使用ipxe方便管理。
参考:
https://netboot.xyz/providers/digitalocean/
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/chap-anaconda-boot-options
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-syntax
https://help.ubuntu.com/lts/installation-guide/amd64/apbs02.html
https://help.ubuntu.com/lts/installation-guide/amd64/apbs04.html
https://help.ubuntu.com/lts/installation-guide/example-preseed.txt

分类
最新文章
最近回复
  • 海运: 可以试试删除~/.goodsync/accounts-bookmarks.tic,再不行就是配...
  • k: hi 請問一下我也遇到No Server Account at Key file://@ 問題...
  • 404NTF: 交叉编译的作用是?
  • 404NTF: 请教一下 CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go ...
  • 小智: 安利个PHP开发以太坊区块链的教程: http://xc.hubwiz.com/course/...
  • 陈浩南: 您好,您教程中的 dev.openwrt.org.cn 现在似乎不可用了。请问现在应该在哪里下...
  • 斑马斑马: 怎么查看虚拟机CPU 内存使用情况
  • zzg: http://downloads.openwrt.org.cn/PandoraBox/rali...
  • xiongrui: 看图
  • 傻狍子: filebrowser好像和这功能一样? https://github.com/filebro...
页面执行耗时:0.0361秒。-->