海运的博客

ipxe网络引导安装Proxmox 系统

发布时间:November 14, 2021 // 分类: // No Comments

下载Proxmox iso并制作initrd:

wget http://download.proxmox.com/iso/proxmox-ve_7.0-2.iso
wget https://raw.githubusercontent.com/morph027/pve-iso-2-pxe/master/pve-iso-2-pxe.sh
apt install zstd gzip genisoimage
bash pve-iso-2-pxe.sh proxmox-ve_7.0-2.iso

ipxe引导启动项:

#!ipxe
kernel http://192.168.1.8/pxeboot/linux26 ro vga=791 ramdisk_size=16777216 quiet splash=silent 
initrd http://192.168.1.8/pxeboot/initrd
boot

Intel i350网卡开启PXE和WOL

发布时间:November 10, 2021 // 分类: // No Comments

查看网卡信息,发现网卡运行闪存固件的功能被禁用:

tar zxf preboot_26.6.tar.gz 
cd APPS/BootUtil/
chmod +x Linux_x64/bootutil64e 

./Linux_x64/bootutil64e
Port Network Address Location Series  WOL Flash Firmware                Version
==== =============== ======== ======= === ============================= =======
  1   xxx     5:00.0 Gigabit YES FLASH Disabled
  2   xxx     5:00.1 Gigabit N/A FLASH Disabled

查看闪存固件信息,可见固件内包含PXE功能:

 ./Linux_x64/bootutil64e -IMAGEVERSION -nic 1
Flash firmware on port 1
PXE            v1.3.98

启用在端口1上运行闪存固件的功能:

./Linux_x64/bootutil64e -nic=1 -FLASHENABLE

重启系统就可以使用PXE引导了,查看网卡信息:

./Linux_x64/bootutil64e
Port Network Address Location Series  WOL Flash Firmware                Version
==== =============== ======== ======= === ============================= =======
  1   xxx     5:00.0 Gigabit YES PXE                           1.3.98
  2   xxx     5:00.1 Gigabit N/A FLASH Disabled

查看preboot自带BootIMG.FLB固件版本信息:

./Linux_x64/bootutil64e -IMAGEVERSION -FILE BootIMG.FLB 
Image versions in BootIMG.FLB

    Combo Image Version Name 1.3082.0

    Combo Rules                    v4.91.00
    Clp-Loader Option ROM          v3.1.30
    40G Interface Module           v1.0.88
    iSCSI Option ROM               v3.1.80
    iSCSI Setup Option ROM         v3.1.80
    Intel(R) Boot Agent GE         v1.5.89
    Intel(R) Boot Agent XE         v2.4.45
    Intel(R) Boot Agent XE (X550)  v2.4.45
    Intel(R) Boot Agent I40E       v1.1.31
    Intel(R) Boot Agent CL         v0.1.16
    Intel(R) Boot Agent ICE        v2.5.00
    UEFI x64 PCI-E gigabit driver  v9.7.06
    UEFI x64 10 gigabit driver     v8.1.00
    UEFI x64 40 gigabit driver     v4.8.08
    UEFI x64 100 gigabit driver    v3.0.11

更新PXE固件,未经测试。

./Linux_x64/bootutil64e -NIC=1 -up=pxe -FILE=BootIMG.FLB 

开启WOL:

./Linux_x64/bootutil64e -nic 1 -WOLE

参考:
https://www.intel.cn/content/www/cn/zh/support/articles/000005790/software/manageability-products.html
https://maple52046.github.io/posts/enable-pxe-boot-on-intel-nic-under-rhel/

dnsmasq dhcp ipxe网络安装系统

发布时间:December 2, 2020 // 分类: // 1 Comment

dnsmasq配置dhcp和tftp:

#dhcp-vendorclass=bios,PXEClient:Arch:00000
dhcp-match=set:bios,option:client-arch,0
dhcp-match=set:ipxe,175
dhcp-boot=tag:!ipxe,tag:bios,undionly.kpxe
dhcp-boot=tag:!ipxe,tag:!bios,ipxe.efi
dhcp-boot=tag:ipxe,boot.ipxe
#dhcp-boot=tag:ipxe,http://boot.netboot.xyz
enable-tftp
tftp-root=/srv/tftp/

下载pxe启动要加载的ipxe启动文件,也可自己编译ipxe开启相应的功能。

cd /srv/tftp/
wget https://boot.ipxe.org/undionly.kpxe
wget https://boot.ipxe.org/ipxe.efi

ipxe启动脚本boot.ipxe,更多见使用preseed和kickstart自动安装ubuntu和centos系统

#!ipxe
:start
menu PXE Boot Options
item shell iPXE shell
item ubuntu Ubuntu installation
item exit  Exit to BIOS
choose --default ubuntu --timeout 10000 option && goto ${option}
:shell
shell
:ubuntu
#chain --autofree http://boot.netboot.xyz
set mirror http://mirrors.aliyun.com/
set release focal
set arch amd64
set base-url ${mirror}/ubuntu/dists/${release}/main/installer-${arch}/current/legacy-images/netboot/ubuntu-installer/${arch}
kernel ${base-url}/linux auto=true url=https://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/do_not_use_netplan=true
initrd ${base-url}/initrd.gz
boot
:exit
exit

使用其它机器上tftp服务器,地址:192.168.1.6

#dhcp-vendorclass=bios,PXEClient:Arch:00000
dhcp-match=set:bios,option:client-arch,0
dhcp-match=set:ipxe,175
dhcp-boot=tag:!ipxe,tag:bios,undionly.kpxe,,192.168.1.6
dhcp-boot=tag:!ipxe,tag:!bios,ipxe.efi,,192.168.1.6
dhcp-boot=tag:ipxe,boot.ipxe,,192.168.1.6

ubuntu安装tftp服务器:

apt install tftpd-hpa

参考:
https://wiki.archlinux.org/index.php/dnsmasq#PXE_server
https://dev.to/arachan/ipxe-chainloading-to-use-dnsmasq-and-proxydhcp-4he
https://yangfeiffei.github.io/public/2019/08/12/net-install-centos7-with-ipxe.html

IPXE网络引导通过kickstart和preseed自动安装centos/ubuntu/debian系统

发布时间:September 28, 2018 // 分类: // No Comments

编译ipxe,也可从netboot.xyz下载编译好的,netboot默认包含一些常用系统的安装规则。

apt install git make gcc mtools binutils liblzma-dev -y
git clone git://git.ipxe.org/ipxe.git
cd ipxe/src
sed -i -e '/DOWNLOAD_PROTO_HTTPS/ s/#undef/#define/' config/general.h
sed -i 's/#undef\tDOWNLOAD_PROTO_NFS/#define\tDOWNLOAD_PROTO_NFS/' config/general.h
sed -i 's/\/\/#define\ PING_CMD/#define\ PING_CMD/' config/general.h
sed -i 's/\/\/#define\ IPSTAT_CMD/#define\ IPSTAT_CMD/' config/general.h
sed -i 's/\/\/#define\ REBOOT_CMD/#define\ REBOOT_CMD/' config/general.h
sed -i 's/\/\/#define\ POWEROFF/#define\ POWEROFF/' config/general.h
make bin/ipxe.lkrn

加入grub引导项,set root为boot目录所在分区,/ipxe.lkrn为文件相对于boot所在分区的绝对路径,如果boot为单独分区刚为/ipxe.lkrn,非单独分区为/boot/ipxe.lkrn,hd0为第一个硬盘,msdos1为第一个mbr分区,如果是gpt使用gpt1。

cat >> /etc/grub.d/40_custom <<EOF
menuentry 'ipxe boot' {
    set root='hd0,msdos1'
    linux16 /ipxe.lkrn
    initrd16 /ipxe.initrd
}
EOF
sed -i 's/GRUB_DEFAULT=.*/GRUB_DEFAULT="ipxe boot"/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg 

调用ipxe规则的几种方法:
1.grub引导参数和HTTP调用远程文件:

#ipxe启动后dhcp获取IP然后获取netboot规则。
linux16 /ipxe.lkrn dhcp && chain --autofree https://boot.netboot.xyz

2.本地文件ipxe.initrd:

#!ipxe
imgfree
set net0/ip 192.168.168.4
set net0/netmask 255.255.255.0
set net0/gateway 192.168.168.1
set dns 192.168.168.1
ifopen net0
chain --autofree https://boot.netboot.xyz

3.编译时也可将规则嵌入进去:

make bin/ipxe.lkrn EMBED=boot.ipxe

centos7 ipx网络安装规则:

#!ipxe
set base http://mirrors.aliyun.com/centos/7/os/x86_64
kernel ${base}/images/pxeboot/vmlinuz inst.repo=${base} ks=https://www.haiyun.me/centos7.cfg inst.vnc inst.vncpassword=12345678 net.ifnames=0 biosdevname=0 inst.headless ip=192.168.168.4::192.168.168.1:255.255.255.0::eth0:none nameserver=192.168.168.1
initrd ${base}/images/pxeboot/initrd.img
boot

生成ubuntu ipxe网络安装规则:

#!/bin/bash
set -x
network=dhcp
network=static
release=bionic
release=focal
address=192.168.1.9
netmask=255.255.255.0
gateway=192.168.1.1
nameserver=192.168.1.1
mirror="http://mirrors.aliyun.com"
mirror="http://archive.ubuntu.com"
cfg="https://www.haiyun.me/ubuntu.cfg"
file="ubuntu.ipxe"
#file="/www/ubuntu.ipxe"
if [ "$release" == 'focal' ]; then
  base=${mirror}/ubuntu/dists/${release}/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64
else
  base=${mirror}/ubuntu/dists/${release}/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64
fi

if [ "$network" == 'static' ]; then
  cat > $file << EOF
#!ipxe
kernel ${base}/linux auto=true url=${cfg} keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=${address} netcfg/get_netmask=${netmask} netcfg/get_gateway=${gateway} netcfg/get_nameservers=${nameserver} netcfg/disable_autoconfig=true netcfg/do_not_use_netplan=true
initrd ${base}/initrd.gz
boot
EOF
else
  cat > $file << EOF
#!ipxe
kernel ${base}/linux auto=true url=${cfg} keymap=us domain= hostname=ubuntu-server interface=auto netcfg/do_not_use_netplan=true
initrd ${base}/initrd.gz
boot
EOF
fi

kickstart文件:

install
#url --url="http://mirror.centos.org/centos/7/os/x86_64/"
url --url="http://mirrors.aliyun.com/centos/7/os/x86_64/"
text
skipx
unsupported_hardware
eula --agreed

#rootpw --plaintext 123456 
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
rootpw --iscrypted $6$16_CHARACTER_SAL$dvFZEFR66m38M3u3K4os2Yi4j88oTRaF9Q7XkKK4VFlMlwS9l17oTjXI043rfpNxDkB8/1ntrOiAFQGeYgwEZ.
authconfig --enableshadow --passalgo=sha512

keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
timezone Asia/Shanghai

firstboot --disable
firewall --disabled
selinux --disabled

#network --bootproto=static --device=eth0 --gateway=192.168.168.1 --ip=192.168.168.50 --nameserver=192.168.168.1 --netmask=255.255.255.0 --ipv6=auto --activate
network --hostname=centos7-x64

reboot
services --enabled="chronyd"

zerombr
clearpart --all --drives=sda
ignoredisk --only-use=sda
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
#autopart --type=lvm

#part / --asprimary --fstype ext4 --size=5120
#part swap --asprimary --size=1024
#part /home --asprimary --fstype ext4 --size=5120 --grow

part /boot --fstype ext4 --size 200 --asprimary
part swap  --size 1024 --asprimary 
part pv.01 --size 1 --grow --asprimary 
volgroup rootvg pv.01
logvol / --fstype ext4 --vgname=rootvg --size=1 --grow --name=rootlv

vnc --password=12345678

#repo --name=base --baseurl=http://mirror.centos.org/centos/7/os/x86_64/

%packages
@^minimal
@core
chrony
kexec-tools

%end

ubuntu18.04 ipx网络安装规则:

#!ipxe
set mirror https://mirrors.aliyun.com/
set release bionic
set arch amd64
set base-url ${mirror}/ubuntu/dists/${release}/main/installer-${arch}/current/images/netboot/ubuntu-installer/${arch}
kernel ${base-url}/linux auto=true url=https://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=192.168.168.4 netcfg/get_netmask=255.255.255.0 netcfg/get_gateway=192.168.168.1 netcfg/get_nameservers=192.168.168.1 netcfg/disable_dhcp=true
initrd ${base-url}/initrd.gz
boot

preseed文件:

d-i debian-installer/locale string en_US
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us

#使用静态IP
#d-i netcfg/choose_interface select auto
#d-i netcfg/disable_autoconfig boolean true
#d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select Configure network manually
#d-i netcfg/get_ipaddress string 192.168.168.4
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.168.1
#d-i netcfg/get_nameservers string 192.168.168.1
#d-i netcfg/confirm_static boolean true
#d-i netcfg/get_hostname string ubuntu-server
#d-i netcfg/get_domain string 
d-i hw-detect/load_firmware boolean true

d-i mirror/country string manual
#d-i mirror/http/hostname string mirrors.aliyun.com
d-i mirror/http/hostname string archive.ubuntu.com
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string

d-i passwd/root-login boolean ture
d-i passwd/make-user boolean false
#d-i passwd/root-password password 123456
#d-i passwd/root-password-again password 123456
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
d-i passwd/root-password-crypted password $6$16_CHARACTER_SAL$CIIxSZip5SHbUDtMlgweMCsEMqUsp4kGjo
d-i user-setup/allow-password-weak boolean true
d-i user-setup/encrypt-home boolean false

d-i clock-setup/utc boolean false
d-i time/zone string Asia/Shanghai
d-i clock-setup/ntp boolean true


#d-i partman-auto/disk string /dev/sda
d-i partman/early_command string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/default_filesystem string ext4
d-i partman/mount_style select uuid


d-i partman-auto/choose_recipe select boot-root
d-i partman-auto/method string regular
d-i partman-auto/expert_recipe string                         \
      boot-root ::                                            \
              5120 1 5120 ext4                                \
                     $primary{ } $bootable{ }                 \
                     method{ format } format{ }               \
                     use_filesystem{ } filesystem{ ext4 }     \
                     mountpoint{ / }                          \
              .                                               \
              1 3 -1 ext4                                     \
                      $primary{ }                             \
                      method{ format } format{ }              \
                      use_filesystem{ } filesystem{ ext4 }    \
                      mountpoint{ /home }                     \
              .                                               \
              1024 2 1024 linux-swap                          \
                      $primary{ }                             \
                      method{ swap } format{ }                \
              .

 
#d-i partman-auto/choose_recipe select boot-root
#d-i partman-auto/method string regular
#d-i partman-auto/expert_recipe string                         \
#      boot-root ::                                            \
#              1 2 -1 ext4                                     \
#                     $primary{ }                              \
#                     method{ format } format{ }               \
#                     use_filesystem{ } filesystem{ ext4 }     \
#                     mountpoint{ / }                          \
#              .                                               \
#              128 1 128 linux-swap                            \
#                      $primary{ }                             \
#                      method{ swap } format{ }                \
#              .


#d-i partman-auto/choose_recipe select boot-lvm
#d-i partman-auto/method string lvm
#d-i partman-auto-lvm/guided_size string 100%
#d-i partman-auto-lvm/new_vg_name string vg00
#d-i partman-lvm/confirm boolean true
#d-i partman-lvm/confirm_nooverwrite boolean true
#d-i partman-auto/expert_recipe string                         \
#      boot-lvm ::                                             \
#              1024 1 1024 ext4                                \
#                      $primary{ } $bootable{ }                \
#                      method{ format } format{ }              \
#                      use_filesystem{ } filesystem{ ext4 }    \
#                      mountpoint{ /boot }                     \
#              .                                               \
#              1 2 -1 ext4                                     \
#                      $primary{ }                             \
#                      $defaultignore{ }                       \
#                      method{ lvm }                           \
#                      device{ /dev/sda }                      \
#                      vg_name{ vg00 }                         \
#              .                                               \
#              1024 3 1024 swap                                \
#                      $lvmok{ } lv_name{ lv_swap } in_vg{ vg00 } \
#                      method{ swap } format{ }                   \
#          .                                                      \
#              1 4 -1 ext4                                        \
#                      $lvmok{} lv_name{ lv_root } in_vg{ vg00 }  \
#                      method{ format } format{ }                 \
#                      use_filesystem{ } filesystem{ ext4 }       \
#                      mountpoint{ / }                            \
#          .                                                      


tasksel tasksel/first multiselect minimal
d-i pkgsel/update-policy select none
d-i pkgsel/include string openssh-server vim wget tmux net-tools software-properties-common
d-i pkgsel/upgrade select none

d-i grub-installer/only_debian boolean true
d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
d-i debian-installer/exit/reboot boolean true
d-i preseed/late_command string cd /target/;\
    echo 'UseDNS no' >> etc/ssh/sshd_config;\
    echo 'AddressFamily inet' >> etc/ssh/sshd_config;\
    echo 'PermitRootLogin yes' >> etc/ssh/sshd_config;

#d-i anna/choose_modules string network-console
#d-i network-console/password password 123456
#d-i network-console/password-again password 123456

注:Centos7安装内存不得小于2G,可不使用ipxe直接下载centos/ubuntu网络安装文件到本地添加到grub自动安装,使用ipxe方便管理。
参考:
https://netboot.xyz/providers/digitalocean/
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/chap-anaconda-boot-options
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-syntax
https://help.ubuntu.com/lts/installation-guide/amd64/apbs02.html
https://help.ubuntu.com/lts/installation-guide/amd64/apbs04.html
https://help.ubuntu.com/lts/installation-guide/example-preseed.txt

PXE启动KickStart全自动安装系统

发布时间:November 4, 2012 // 分类:PXE // No Comments

关于PXE服务器配置、客户端引导见之前文章:使用TFTP/PXE引导安装Centos系统
通过KickStart自动安装只需修改最后PXE引导菜单配置文件:

cat /tftpboot/pxelinux.cfg/default 
#www.haiyun.me
timeout 5
default menu.c32

menu title ########## PXE Boot Menu ##########
label 1
   menu label ^1) Install CentOS 6
   kernel centos6/vmlinuz
   append initrd=centos6/initrd.img ks=nfs:192.168.1.3:/tftpboot/ks.cf 
#引导获取KickStart配置文件,然后在KickStart文件中配置安装源。

KickStart配置文件可使用图形化配置,需安装桌面或开启X-Windows环境转发

yum install system-config-kickstart 

kickstart图形化配置工具.png
KickStart配置文件示例:

text
install
nfs --server=192.168.1.3 --dir=/mnt
#光盘镜像挂载目录
#url --url=http://192.168.1.3/mnt/ #可使用http或ftp
keyboard us
lang zh_CN.UTF-8
network --device eth0 --bootproto static --ip 192.168.1.30 --netmask 255.255.255.0 
--gateway 192.168.1.1 --nameserver 192.168.1.1 --hostname centos5.7-x64
firewall --disabled
rootpw onovps
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Aisa/Shang_Hai
bootloader --location=mbr
zerombr
clearpart --all --initlabel
part /boot --fstype ext4 --fsoptions="noatime" --size=200
part pv.1 --size 1 --grow
volgroup vg0 --pesize=4096 pv.1
logvol / --fstype ext4 --fsoptions="noatime" --name=root --vgname=vg0 --grow --size=8192
logvol swap --fstype swap --name=swap --vgname=vg0 --size 2048
 
%post
%end
%packages
@base
%end

这样局域网下机器以PXE启动就自动安装为相应的系统了。

分类
最新文章
最近回复
  • crowjin: 你确定这能过滤??不是所有请求都返回空地址::?
  • : linux系统上单个网卡多条宽带拨号获取公网IP,外网可以访问这些IP,有偿! Q:25299...
  • 硅谷少年: 非常有用,感谢分享
  • spartan2: https://dashboard.hcaptcha.com/welcome_accessib...
  • 海运: 应该能,在购买页面先手工跳过cf机器验证,后续一定时间内不更换ip应该不会再次验证。
  • spartan: 大佬斯巴达开启了CF的机器识别验证,请问插件能自动跳过吗? 另外这个脚本有没有简单使用说明,新...
  • vincent: 膜拜大佬
  • 海运: proxy-header或proxy_protocol
  • liangjw: 如果是 内部调用 或者 中间存在 代理 而上一个代理又在内网 ,那怎么处理来自代理私有IP?
  • chainofhonor: 感谢,用dnsmasq设置自动判断BIOS和UEFI成功了