海运的博客

dnsmasq dhcp ipxe网络安装系统

发布时间:December 2, 2020 // 分类: // 1 Comment

dnsmasq配置dhcp和tftp:

#dhcp-vendorclass=bios,PXEClient:Arch:00000
dhcp-match=set:bios,option:client-arch,0
dhcp-match=set:ipxe,175
dhcp-boot=tag:!ipxe,tag:bios,undionly.kpxe
dhcp-boot=tag:!ipxe,tag:!bios,ipxe.efi
dhcp-boot=tag:ipxe,boot.ipxe
#dhcp-boot=tag:ipxe,http://boot.netboot.xyz
enable-tftp
tftp-root=/srv/tftp/

下载pxe启动要加载的ipxe启动文件,也可自己编译ipxe开启相应的功能。

cd /srv/tftp/
wget https://boot.ipxe.org/undionly.kpxe
wget https://boot.ipxe.org/ipxe.efi

ipxe启动脚本boot.ipxe,更多见使用preseed和kickstart自动安装ubuntu和centos系统

#!ipxe
:start
menu PXE Boot Options
item shell iPXE shell
item ubuntu Ubuntu installation
item exit  Exit to BIOS
choose --default ubuntu --timeout 10000 option && goto ${option}
:shell
shell
:ubuntu
#chain --autofree http://boot.netboot.xyz
set mirror http://mirrors.aliyun.com/
set release focal
set arch amd64
set base-url ${mirror}/ubuntu/dists/${release}/main/installer-${arch}/current/legacy-images/netboot/ubuntu-installer/${arch}
kernel ${base-url}/linux auto=true url=https://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/do_not_use_netplan=true
initrd ${base-url}/initrd.gz
boot
:exit
exit

使用其它机器上tftp服务器,地址:192.168.1.6

#dhcp-vendorclass=bios,PXEClient:Arch:00000
dhcp-match=set:bios,option:client-arch,0
dhcp-match=set:ipxe,175
dhcp-boot=tag:!ipxe,tag:bios,undionly.kpxe,,192.168.1.6
dhcp-boot=tag:!ipxe,tag:!bios,ipxe.efi,,192.168.1.6
dhcp-boot=tag:ipxe,boot.ipxe,,192.168.1.6

ubuntu安装tftp服务器:

apt install tftpd-hpa

参考:
https://wiki.archlinux.org/index.php/dnsmasq#PXE_server
https://dev.to/arachan/ipxe-chainloading-to-use-dnsmasq-and-proxydhcp-4he
https://yangfeiffei.github.io/public/2019/08/12/net-install-centos7-with-ipxe.html

IPXE网络引导通过kickstart和preseed自动安装centos/ubuntu/debian系统

发布时间:September 28, 2018 // 分类: // No Comments

编译ipxe,也可从netboot.xyz下载编译好的,netboot默认包含一些常用系统的安装规则。

apt install git make gcc mtools binutils liblzma-dev -y
git clone git://git.ipxe.org/ipxe.git
cd ipxe/src
sed -i -e '/DOWNLOAD_PROTO_HTTPS/ s/#undef/#define/' config/general.h
sed -i 's/#undef\tDOWNLOAD_PROTO_NFS/#define\tDOWNLOAD_PROTO_NFS/' config/general.h
sed -i 's/\/\/#define\ PING_CMD/#define\ PING_CMD/' config/general.h
sed -i 's/\/\/#define\ IPSTAT_CMD/#define\ IPSTAT_CMD/' config/general.h
sed -i 's/\/\/#define\ REBOOT_CMD/#define\ REBOOT_CMD/' config/general.h
sed -i 's/\/\/#define\ POWEROFF/#define\ POWEROFF/' config/general.h
make bin/ipxe.lkrn

加入grub引导项,set root为boot目录所在分区,/ipxe.lkrn为文件相对于boot所在分区的绝对路径,如果boot为单独分区刚为/ipxe.lkrn,非单独分区为/boot/ipxe.lkrn,hd0为第一个硬盘,msdos1为第一个mbr分区,如果是gpt使用gpt1。

cat >> /etc/grub.d/40_custom <<EOF
menuentry 'ipxe boot' {
    set root='hd0,msdos1'
    linux16 /ipxe.lkrn
    initrd16 /ipxe.initrd
}
EOF
sed -i 's/GRUB_DEFAULT=.*/GRUB_DEFAULT="ipxe boot"/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg 

调用ipxe规则的几种方法:
1.grub引导参数和HTTP调用远程文件:

#ipxe启动后dhcp获取IP然后获取netboot规则。
linux16 /ipxe.lkrn dhcp && chain --autofree https://boot.netboot.xyz

2.本地文件ipxe.initrd:

#!ipxe
imgfree
set net0/ip 192.168.168.4
set net0/netmask 255.255.255.0
set net0/gateway 192.168.168.1
set dns 192.168.168.1
ifopen net0
chain --autofree https://boot.netboot.xyz

3.编译时也可将规则嵌入进去:

make bin/ipxe.lkrn EMBED=boot.ipxe

centos7 ipx网络安装规则:

#!ipxe
set base http://mirrors.aliyun.com/centos/7/os/x86_64
kernel ${base}/images/pxeboot/vmlinuz inst.repo=${base} ks=https://www.haiyun.me/centos7.cfg inst.vnc inst.vncpassword=12345678 net.ifnames=0 biosdevname=0 inst.headless ip=192.168.168.4::192.168.168.1:255.255.255.0::eth0:none nameserver=192.168.168.1
initrd ${base}/images/pxeboot/initrd.img
boot

生成ubuntu ipxe网络安装规则:

#!/bin/bash
set -x
network=dhcp
network=static
release=bionic
release=focal
address=192.168.1.9
netmask=255.255.255.0
gateway=192.168.1.1
nameserver=192.168.1.1
mirror="http://mirrors.aliyun.com"
mirror="http://archive.ubuntu.com"
cfg="https://www.haiyun.me/ubuntu.cfg"
file="ubuntu.ipxe"
#file="/www/ubuntu.ipxe"
if [ "$release" == 'focal' ]; then
  base=${mirror}/ubuntu/dists/${release}/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64
else
  base=${mirror}/ubuntu/dists/${release}/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64
fi

if [ "$network" == 'static' ]; then
  cat > $file << EOF
#!ipxe
kernel ${base}/linux auto=true url=${cfg} keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=${address} netcfg/get_netmask=${netmask} netcfg/get_gateway=${gateway} netcfg/get_nameservers=${nameserver} netcfg/disable_autoconfig=true netcfg/do_not_use_netplan=true
initrd ${base}/initrd.gz
boot
EOF
else
  cat > $file << EOF
#!ipxe
kernel ${base}/linux auto=true url=${cfg} keymap=us domain= hostname=ubuntu-server interface=auto netcfg/do_not_use_netplan=true
initrd ${base}/initrd.gz
boot
EOF
fi

kickstart文件:

install
#url --url="http://mirror.centos.org/centos/7/os/x86_64/"
url --url="http://mirrors.aliyun.com/centos/7/os/x86_64/"
text
skipx
unsupported_hardware
eula --agreed

#rootpw --plaintext 123456 
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
rootpw --iscrypted $6$16_CHARACTER_SAL$dvFZEFR66m38M3u3K4os2Yi4j88oTRaF9Q7XkKK4VFlMlwS9l17oTjXI043rfpNxDkB8/1ntrOiAFQGeYgwEZ.
authconfig --enableshadow --passalgo=sha512

keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
timezone Asia/Shanghai

firstboot --disable
firewall --disabled
selinux --disabled

#network --bootproto=static --device=eth0 --gateway=192.168.168.1 --ip=192.168.168.50 --nameserver=192.168.168.1 --netmask=255.255.255.0 --ipv6=auto --activate
network --hostname=centos7-x64

reboot
services --enabled="chronyd"

zerombr
clearpart --all --drives=sda
ignoredisk --only-use=sda
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
#autopart --type=lvm

#part / --asprimary --fstype ext4 --size=5120
#part swap --asprimary --size=1024
#part /home --asprimary --fstype ext4 --size=5120 --grow

part /boot --fstype ext4 --size 200 --asprimary
part swap  --size 1024 --asprimary 
part pv.01 --size 1 --grow --asprimary 
volgroup rootvg pv.01
logvol / --fstype ext4 --vgname=rootvg --size=1 --grow --name=rootlv

vnc --password=12345678

#repo --name=base --baseurl=http://mirror.centos.org/centos/7/os/x86_64/

%packages
@^minimal
@core
chrony
kexec-tools

%end

ubuntu18.04 ipx网络安装规则:

#!ipxe
set mirror https://mirrors.aliyun.com/
set release bionic
set arch amd64
set base-url ${mirror}/ubuntu/dists/${release}/main/installer-${arch}/current/images/netboot/ubuntu-installer/${arch}
kernel ${base-url}/linux auto=true url=https://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=192.168.168.4 netcfg/get_netmask=255.255.255.0 netcfg/get_gateway=192.168.168.1 netcfg/get_nameservers=192.168.168.1 netcfg/disable_dhcp=true
initrd ${base-url}/initrd.gz
boot

preseed文件:

d-i debian-installer/locale string en_US
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us

#使用静态IP
#d-i netcfg/choose_interface select auto
#d-i netcfg/disable_autoconfig boolean true
#d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select Configure network manually
#d-i netcfg/get_ipaddress string 192.168.168.4
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.168.1
#d-i netcfg/get_nameservers string 192.168.168.1
#d-i netcfg/confirm_static boolean true
#d-i netcfg/get_hostname string ubuntu-server
#d-i netcfg/get_domain string 
d-i hw-detect/load_firmware boolean true

d-i mirror/country string manual
#d-i mirror/http/hostname string mirrors.aliyun.com
d-i mirror/http/hostname string archive.ubuntu.com
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string

d-i passwd/root-login boolean ture
d-i passwd/make-user boolean false
#d-i passwd/root-password password 123456
#d-i passwd/root-password-again password 123456
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
d-i passwd/root-password-crypted password $6$16_CHARACTER_SAL$CIIxSZip5SHbUDtMlgweMCsEMqUsp4kGjo
d-i user-setup/allow-password-weak boolean true
d-i user-setup/encrypt-home boolean false

d-i clock-setup/utc boolean false
d-i time/zone string Asia/Shanghai
d-i clock-setup/ntp boolean true


#d-i partman-auto/disk string /dev/sda
d-i partman/early_command string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/default_filesystem string ext4
d-i partman/mount_style select uuid


d-i partman-auto/choose_recipe select boot-root
d-i partman-auto/method string regular
d-i partman-auto/expert_recipe string                         \
      boot-root ::                                            \
              5120 1 5120 ext4                                \
                     $primary{ } $bootable{ }                 \
                     method{ format } format{ }               \
                     use_filesystem{ } filesystem{ ext4 }     \
                     mountpoint{ / }                          \
              .                                               \
              1 3 -1 ext4                                     \
                      $primary{ }                             \
                      method{ format } format{ }              \
                      use_filesystem{ } filesystem{ ext4 }    \
                      mountpoint{ /home }                     \
              .                                               \
              1024 2 1024 linux-swap                          \
                      $primary{ }                             \
                      method{ swap } format{ }                \
              .

 
#d-i partman-auto/choose_recipe select boot-root
#d-i partman-auto/method string regular
#d-i partman-auto/expert_recipe string                         \
#      boot-root ::                                            \
#              1 2 -1 ext4                                     \
#                     $primary{ }                              \
#                     method{ format } format{ }               \
#                     use_filesystem{ } filesystem{ ext4 }     \
#                     mountpoint{ / }                          \
#              .                                               \
#              128 1 128 linux-swap                            \
#                      $primary{ }                             \
#                      method{ swap } format{ }                \
#              .


#d-i partman-auto/choose_recipe select boot-lvm
#d-i partman-auto/method string lvm
#d-i partman-auto-lvm/guided_size string 100%
#d-i partman-auto-lvm/new_vg_name string vg00
#d-i partman-lvm/confirm boolean true
#d-i partman-lvm/confirm_nooverwrite boolean true
#d-i partman-auto/expert_recipe string                         \
#      boot-lvm ::                                             \
#              1024 1 1024 ext4                                \
#                      $primary{ } $bootable{ }                \
#                      method{ format } format{ }              \
#                      use_filesystem{ } filesystem{ ext4 }    \
#                      mountpoint{ /boot }                     \
#              .                                               \
#              1 2 -1 ext4                                     \
#                      $primary{ }                             \
#                      $defaultignore{ }                       \
#                      method{ lvm }                           \
#                      device{ /dev/sda }                      \
#                      vg_name{ vg00 }                         \
#              .                                               \
#              1024 3 1024 swap                                \
#                      $lvmok{ } lv_name{ lv_swap } in_vg{ vg00 } \
#                      method{ swap } format{ }                   \
#          .                                                      \
#              1 4 -1 ext4                                        \
#                      $lvmok{} lv_name{ lv_root } in_vg{ vg00 }  \
#                      method{ format } format{ }                 \
#                      use_filesystem{ } filesystem{ ext4 }       \
#                      mountpoint{ / }                            \
#          .                                                      


tasksel tasksel/first multiselect minimal
d-i pkgsel/update-policy select none
d-i pkgsel/include string openssh-server vim wget tmux net-tools software-properties-common
d-i pkgsel/upgrade select none

d-i grub-installer/only_debian boolean true
d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
d-i debian-installer/exit/reboot boolean true
d-i preseed/late_command string cd /target/;\
    echo 'UseDNS no' >> etc/ssh/sshd_config;\
    echo 'AddressFamily inet' >> etc/ssh/sshd_config;\
    echo 'PermitRootLogin yes' >> etc/ssh/sshd_config;

#d-i anna/choose_modules string network-console
#d-i network-console/password password 123456
#d-i network-console/password-again password 123456

注:Centos7安装内存不得小于2G,可不使用ipxe直接下载centos/ubuntu网络安装文件到本地添加到grub自动安装,使用ipxe方便管理。
参考:
https://netboot.xyz/providers/digitalocean/
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/chap-anaconda-boot-options
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-syntax
https://help.ubuntu.com/lts/installation-guide/amd64/apbs02.html
https://help.ubuntu.com/lts/installation-guide/amd64/apbs04.html
https://help.ubuntu.com/lts/installation-guide/example-preseed.txt

PXE启动KickStart全自动安装系统

发布时间:November 4, 2012 // 分类:PXE // No Comments

关于PXE服务器配置、客户端引导见之前文章:使用TFTP/PXE引导安装Centos系统
通过KickStart自动安装只需修改最后PXE引导菜单配置文件:

cat /tftpboot/pxelinux.cfg/default 
#www.haiyun.me
timeout 5
default menu.c32

menu title ########## PXE Boot Menu ##########
label 1
   menu label ^1) Install CentOS 6
   kernel centos6/vmlinuz
   append initrd=centos6/initrd.img ks=nfs:192.168.1.3:/tftpboot/ks.cf 
#引导获取KickStart配置文件,然后在KickStart文件中配置安装源。

KickStart配置文件可使用图形化配置,需安装桌面或开启X-Windows环境转发

yum install system-config-kickstart 

kickstart图形化配置工具.png
KickStart配置文件示例:

text
install
nfs --server=192.168.1.3 --dir=/mnt
#光盘镜像挂载目录
#url --url=http://192.168.1.3/mnt/ #可使用http或ftp
keyboard us
lang zh_CN.UTF-8
network --device eth0 --bootproto static --ip 192.168.1.30 --netmask 255.255.255.0 
--gateway 192.168.1.1 --nameserver 192.168.1.1 --hostname centos5.7-x64
firewall --disabled
rootpw onovps
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Aisa/Shang_Hai
bootloader --location=mbr
zerombr
clearpart --all --initlabel
part /boot --fstype ext4 --fsoptions="noatime" --size=200
part pv.1 --size 1 --grow
volgroup vg0 --pesize=4096 pv.1
logvol / --fstype ext4 --fsoptions="noatime" --name=root --vgname=vg0 --grow --size=8192
logvol swap --fstype swap --name=swap --vgname=vg0 --size 2048
 
%post
%end
%packages
@base
%end

这样局域网下机器以PXE启动就自动安装为相应的系统了。

Centos安装TFTP/NFS/PXE服务器网络引导安装系统

发布时间:November 3, 2012 // 分类:PXE // No Comments

客户端网卡要求支持以PXE启动,配置都在服务端进行,通过PXE网络启动安装系统流程:

客户端以PXE启动发送DHCP请求;
服务器DHCP应答,包括客户端的IP地址,引导文件所在TFTP服务器;
客户端通过TFTP会话下载网络引导文件;
进入PXE引导菜单选项,加载镜像启动安装进程。

1.安装DHCP服务器:

yum install dhcp

DHCP配置:

cat /etc/dhcpd.conf 
#www.haiyun.me
ddns-update-style none;
ignore client-updates; 
default-lease-time           259200;
max-lease-time               518400;
option routers               192.168.1.254;
option domain   www.haiyun.me;
option domain-name-servers   192.168.1.254;

subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.101 192.168.1.200; 
    next-server 192.168.1.3; #TFTP服务器
    allow booting;
    allow bootp;
    filename "pxelinux.0"; #启动引导文件,后续会介绍。
}

host pc {
    hardware ethernet    08:00:27:11:EB:C2;
    fixed-address        192.168.1.130;
    option root-path     "/client/pc01";
    }

2.安装TFTP服务器:

yum install tftp-server

TFTP以xinetd启动,配置如下:

cat /etc/xinetd.d/tftp 
service tftp
{
    socket_type        = dgram
    protocol        = udp
    wait            = yes
    user            = root
    server            = /usr/sbin/in.tftpd
    server_args        = -s /tftpboot
    disable            = no
    per_source        = 11
    cps            = 100 2
    flags            = IPv4
}

3.NFS服务器安装,挂载ISO安装光盘:

yum install nfs
mount -t iso9660 -o loop /dev/cdrom /mnt/
cp /mnt/images/pxeboot/* /tftpboot/

NFS配置:

cat /etc/exports 
/mnt *(rw,no_root_squash)

4.安装syslinux配置网络启动,相当于GRUB。

yum install syslinux
cp /usr/lib/syslinux/pxelinux.0 /tftpboot/

5.PXE引导菜单配置,相当于GRUB配置文件,可根据客户端MAC定义名称。

cp /usr/lib/syslinux/menu.c32 /tftpboot/
mkdir /tftpboot/pxelinux.cfg/
cat /tftpboot/pxelinux.cfg/default 
timeout 100
default menu.c32

menu title ########## PXE Boot Menu ##########
label 1
   menu label ^1) Install CentOS 6
   kernel vmlinuz
   append initrd=initrd.img method=nfs:192.168.1.3:/mnt
   #method为安装光盘目录,可使用FTP/HTTP多种方式
label 2
   menu label ^2) Boot from local drive
   localboot

6.客户端开机以PXE引导启动即可进入Centos安装界面。
PXE网络引导安装Centos.png
后续可通过kickstart无人值守安装系统

分类
最新文章
最近回复
  • chainofhonor: 感谢,用dnsmasq设置自动判断BIOS和UEFI成功了
  • 海运: 不好意思,这个是很多年前的,现在也许已经不适用,我现在也不用多线了。
  • CQ: -m state --state NEW 替换成-m conntrack --ctstate NEW
  • CQ: 你好,我入站已经成功分流,但是不知道出站怎么设置,PREROUTING替换成POSTROUTI...
  • K: 好的,谢谢,我去试试!
  • 海运: 可以试试3proxy
  • daha: PHP的怎么使用???
  • 海运: 换回了5.3内核,5.8用5.3 dtb虽然能开机且负载正常,但也有其它问题,不建议使用。
  • shangyatsen: 后面的内核高精度计时器的问题使用5.4或者5.3的dtb会正常吗?我也发现有这个日志出现。感觉...
  • 海运: 缺少相应模块?