第九周

安裝系統時要注意物理磁盤應該是NTFS分區，fat分區不支持4個G以上的大文件

點擊光驅加載centos6的光盤

網卡設置成橋接

加電啟動

在每一項按Tab可以添加內核參數

第一項安裝或者升級一個系統

第二項如果選擇第一項花瓶或者無法正常顯示可以選擇第二項，會加載一個基本得顯卡。

第三項救援模式

第四項直接硬盤啟動

第五項檢測內存

可以在第一項后面加rescue來進入救援模式

按Exc 進入boot? 輸入linux對應的就是正常安裝因為下面文件的定義所以可以進入安裝模式

在boot界面下輸入linux rescue也可以進入救援模式

在boot界面下輸入rescue也可以進入救援模式

[root@centos6 boot]#cd /misc/cd

[root@centos6 cd]#ls

CentOS_BuildTag? GPL?????? Packages????????????????? RPM-GPG-KEY-CentOS-6?????????? RPM-GPG-KEY-CentOS-Testing-6

EFI????????????? images??? RELEASE-NOTES-en-US.html? RPM-GPG-KEY-CentOS-Debug-6???? TRANS.TBL

EULA???????????? isolinux? repodata????????????????? RPM-GPG-KEY-CentOS-Security-6

[root@centos6 cd]#cd isolinux/

[root@centos6 isolinux]#ls

boot.cat? grub.conf?? isolinux.bin? memtest???? TRANS.TBL???? vmlinuz

boot.msg? initrd.img? isolinux.cfg? splash.jpg? vesamenu.c32

[root@centos6 isolinux]#cat isolinux.cfg

default vesamenu.c32

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to CentOS 6.9!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

label linux

menu label ^Install or upgrade an existing system

menu default????? 默認啟動菜單項

kernel vmlinuz

append initrd=initrd.img

label vesa

menu label Install system with ^basic video driver

kernel vmlinuz

append initrd=initrd.img nomodeset

label rescue

menu label ^Rescue installed system

kernel vmlinuz

append initrd=initrd.img rescue

label local

menu label Boot from ^local drive

localboot 0xffff

label memtest86

menu label ^Memory test

kernel memtest

append –

這個isolinux.cfg文件對應的就是安裝菜單的每一項，將來可以自己定制這個文件來定制安裝菜單的每一項。

每項中的^是快捷方式也是光標在這一樣所在的位置

安裝程序啟動過程

?MBR：isolinux/boot.cat

?stage2: isolinux/isolinux.bin

?配置文件：isolinux/isolinux.cfg

每個對應的菜單選項：

加載內核：isolinuz/vmlinuz

向內核傳遞參數：append initrd=initrd.img …

?裝載根文件系統，并啟動anaconda

默認啟動GUI接口

若是顯式指定使用TUI接口：向內核傳遞text參數即可

(1)按tab鍵,在后面增加text

(2)按ESC鍵：boot: linux text

[root@centos6 isolinux]#ll

total 45306

-r–r–r– 1 root root???? 2048 Jun 17? 2017 boot.cat?? 類似于MBR

-r–r–r– 1 root root?????? 84 Mar 29? 2017 boot.msg

-r–r–r– 1 root root????? 321 Mar 29? 2017 grub.conf

-r–r–r– 1 root root 41587792 Mar 29? 2017 initrd.img

-r–r–r– 1 root root??? 24576 Mar 29? 2017 isolinux.bin? 相當于GRUB的第二階段

-r–r–r– 1 root root????? 923 Mar 29? 2017 isolinux.cfg

-r–r–r– 1 root root?? 183012 Mar 29? 2017 memtest

-r–r–r– 1 root root?? 151230 Mar 29? 2017 splash.jpg

-r–r–r– 1 root root???? 2215 Jun 17? 2017 TRANS.TBL

-r–r–r– 1 root root?? 163728 Mar 29? 2017 vesamenu.c32

-r-xr-xr-x 1 root root? 4274992 Mar 29? 2017 vmlinuz?????? 加載的內核文件

[root@centos6 isolinux]#hexdump -C boot.cat

00000000? 01 00 00 00 00 00 00 00? 00 00 00 00 00 00 00 00? |…………….|

00000010? 00 00 00 00 00 00 00 00? 00 00 00 00 aa 55 55 aa? |………….UU.|

00000020? 88 00 00 00 00 00 08 00? bc 03 00 00 00 00 00 00? |…………….|

00000030? 00 00 00 00 00 00 00 00? 00 00 00 00 00 00 00 00? |…………….|

00000800

純字符界面安裝

適用于自動化安裝

boot.iso只能用來引導啟動，不能安裝系統。

如果想安裝系統可以指定一個yum源

在centos6上

boot : linux ip=172.20.0.66 netmask=255.255.0.0 repo=http://172.20.0.1/centos/6

boot : linux askmethod? 強制詢問安裝方法

在centos7上

boot : linux ip=172.20.0.66 netmask=255.255.0.0 inxt.repo=http://172.20.0.1/centos/6

系統安裝

?啟動安裝過程一般應位于引導設備；后續的anaconda及其安裝用到的程序包等

可來自下面幾種方式:

本地光盤

本地硬盤

NFS

URL:

ftp server: yum repository

http server: yum repostory

?如果想手動指定安裝源：

boot: linux askmethod

按Ctrl Alt F4

可以查看獲取的地址

點擊OK進入安裝界面，這時的安裝時基于網絡的而不是本地光盤，按Ctrl Alt F2，輸入 ip a可以查看地址

選擇存儲位置，1本地2遠程實現無盤工作站

初始化硬盤

設置主機名和IP地址

選擇時區，最下面的是格林尼治時間如果選擇會與北京時間相差8個小時

給root設置密碼

默認分區是邏輯卷，選擇下面的對勾是預覽

系統默認分區情況

boot分區不能是邏輯卷，因為grub不支持邏輯卷

boot分區500M大小ext4文件系統格式

將剩下的空間分成邏輯卷

設置root分區的大小文件系統等信息

劃分swap分區

劃分試驗用的data分區

next format write change to disk

加載bootloader及單用戶設置口令

選擇安裝的軟件+add可以添加epel源中的軟件customize添加一些軟件

因為是最小化安裝所以沒有圖形界面

安裝圖形界面

[root@centos6 ~]# cd !*

cd /etc/yum.repos.d/

[root@centos6 yum.repos.d]# ls

CentOS-Base.repo? CentOS-Debuginfo.repo? CentOS-fasttrack.repo? CentOS-Media.repo? CentOS-Vault.repo

[root@centos6 yum.repos.d]# mkdir bak

[root@centos6 yum.repos.d]# mv Cen* bak

[root@centos6 yum.repos.d]# ls

bak

[root@centos6 yum.repos.d]# touch base.repo

[root@centos6 yum.repos.d]# vim base.repo

-bash: vim: command not found

[root@centos6 yum.repos.d]# vi base.repo

[root@centos6 yum.repos.d]# mount /dev/sr0 /mnt

mount: block device /dev/sr0 is write-protected, mounting read-only

[root@centos6 yum.repos.d]# yum repolist

Loaded plugins: fastestmirror

base???????????????????????????????????????????????????????????????????????????????????????????? | 4.0 kB???? 00:00 …

base/primary_db????????????????????????????????????????????????????????????????????????????????? | 4.7 MB???? 00:00 …

repo id?????????????????????????????????????????????????? repo name??????????????????????????????? ???????????????status

base????????????????????????????????????????????????????? base??????????????????????????????????????????????????? 6,706

repolist: 6,706

[root@centos6 yum.repos.d]# yum grouplist

Desktop

[root@centos6 yum.repos.d]# yum groupinstall? Desktop

為了使ssh連接速度變快

[root@centos6 yum.repos.d]# vi /etc/ssh/sshd_config

GSSAPIAuthentication yes??? （應用接口證明）改成no

GSSAPIAuthentication no

UseDNS yes?????????? 使用DNS改成no

UseDNS no

想自動化安裝就必須先配置好安裝中的每一個步驟，這每一個步驟的配置就在anaconda中配置格式如下

[root@centos6 ~]#cat anaconda-ks.cfg

# Kickstart file automatically generated by anaconda.

#version=DEVEL

install

cdrom???????????? 通過光盤安裝? url –url=http://172.20.0.1/centos/6?? 網絡安裝路徑寫法

lang en_US.UTF-8

keyboard us

network –onboot no –device eth0 –bootproto dhcp –noipv6

rootpw? –iscrypted $6$EulmJzD3GuV3Toj2$.oqwavfA9E8x1LfgW5QHIqpf6yInwkc/BOYZrw.Vg6avhYBOZUIJNxQCMRTYQDZHGuH.LCjdlhil2nncpVyQD1

firewall –service=ssh

authconfig –enableshadow –passalgo=sha512

selinux –enforcing

timezone Asia/Shanghai

bootloader –location=mbr –driveorder=sda –append=”crashkernel=auto rhgb quiet”

# The following is the partition information you requested

# Note that any partitions you deleted are not expressed

# here so unless you clear all partitions first, this is

# not guaranteed to work

#clearpart –none

#part /boot –fstype=ext4 –size=1024

#part / –fstype=ext4 –size=50000

#part /data –fstype=ext4 –size=30000

#part swap –size=2048

repo –name=”CentOS”? –baseurl=cdrom:sr0 –cost=100

%packages

@base

@core

@debugging

@basic-desktop

@desktop-debugging

@desktop-platform

@directory-client

@fonts

@general-desktop

@graphical-admin-tools

@input-methods

@internet-applications

@internet-browser

@java-platform

@kde-desktop

@legacy-x

@network-file-system-client

@office-suite

@print-client

@remote-desktop-clients

@server-platform

@server-policy

@workstation-policy

@x11

mtools

pax

python-dmidecode

oddjob

wodim

sgpio

genisoimage

device-mapper-persistent-data

abrt-gui

qt-mysql

samba-winbind

certmonger

pam_krb5

krb5-workstation

xterm

xorg-x11-xdm

libXmu

rdesktop

%end

當自己想要生成anaconda時可以將別的機器的修改一下

更多的是用system-config-kickstart 生成

[root@centos6 ~]#yum install system-config-kickstart

系統安裝

?安裝boot引導選項：boot:

?text: 文本安裝方式

?askmethod: 手動指定使用的安裝方法

?與網絡相關的引導選項：

ip=IPADDR

netmask=MASK

gateway=GW

dns=DNS_SERVER_IP

ifname=NAME:MAC_ADDR

?與遠程訪問功能相關的引導選項：

vnc?????? 沒有顯示器，用vnc連接查看過程

vncpassword=’PASSWORD’

system-config-kickstart

kickstart使用方法

是否加密口令

是否需要CDK驗證windows和redhat需要

cpu架構

不加載圖形工具

安裝時是否為交互式

安裝方法

boot loader設置

分區策略

網卡編輯

驗證方法默認本地驗證就行

禁用selinux和firewalld

圖形界面第一啟動是否啟動圖形界面

選擇想要安裝的軟件

安裝前腳本

安裝后腳本

編譯完成后生成的文件

[root@centos6 ~]#cat ks6_mini.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Firewall configuration

firewall –disabled

# Install OS instead of upgrade

install

# Use network installation

url –url=”http://172.20.0.1/centos/6″

# Root password

rootpw –plaintext magedu

# System authorization information

auth? –useshadow? –passalgo=sha512

# Use text mode install

text

firstboot –disable

# System keyboard

keyboard us

# System language

lang en_US

# SELinux configuration

selinux –disabled

# Installation logging level

logging –level=info

# Reboot after installation

reboot

# System timezone

timezone? Asia/Shanghai

# Network information

network? –bootproto=static –device=eth0 –gateway=172.20.0.1 –ip=172.20.0.105 –netmask=255.255.0.0 –onboot=on

# System bootloader configuration

bootloader –append=”selinux=0″ –location=mbr

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart –all –initlabel

# Disk partitioning information

part /boot –fstype=”ext4″ –size=500

part / –fstype=”ext4″ –size=20480

part swap –fstype=”swap” –size=1024

%post

mkdir /etc/yum.repods.d/bak

mv /etc/yum.repos.d/Cen* /etc/yum.repos.d/bak

cat > /etc/yum.repos.d/base.repo << EOF

[base]

name=base

baseurl=http://172.20.0.1/centos/6

gpgcheck=0

EOF

useradd wang

echo 123456 | passwd –stdin wang

%end

%packages

@base

@core

@server-policy

@workstation-policy

@base

%end

[root@centos6 ~]#service httpd start

Starting httpd: httpd: apr_sockaddr_info_get() failed for centos6.localdomain

httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName

[? OK? ]

[root@centos6 ~]#ls /var/www/html

index.html

[root@centos6 ~]#mv ks6_mini.cfg? /var/www/html/

在網頁中打開

http://172.20.102.175/ks6_mini.cfg

entos7安裝完成后的選擇

系統安裝

? 指明kickstart文件的位置： ks=

DVD drive: ks=cdrom:/ PATH/TO/KICKSTART_FILE

Hard drive: ks=hd:device:/directory/ KICKSTART_FILE

HTTP server: ks=http://host:port/path/to/ KICKSTART_FILE

FTP server: ks=ftp://host:port/path/to/ KICKSTART_FILE

HTTPS server: ks=https://host:port/path/to/ KICKSTART_FILE

NFS server:ks=nfs:host :/ path/to/ KICKSTART_FILE

? 啟動緊急救援模式：

rescue

? 官方文檔：《Installation Guide》

kickstart文件的格式

? 命令段：指明各種安裝前配置，如鍵盤類型等

? 程序包段：指明要安裝的程序包組或程序包，不安裝的程序包等

%packages

@group_name

package

-package

%end

? 腳本段：

%pre: 安裝前腳本

運行環境：運行于安裝介質上的微型Linux環境

%post: 安裝后腳本

運行環境：安裝完成的系統

kickstart文件的格式

? 命令段中的命令：

? 必備命令

authconfig: 認證方式配置

authconfig –useshadow –passalgo=sha512

bootloader：bootloader的安裝位置及相關配置

bootloader –location=mbr –driveorder=sda –

append=”crashkernel=auto rhgb quiet”

keyboard: 設定鍵盤類型

lang: 語言類型

part: 創建分區

rootpw: 指明root的密碼

timezone: 時區

kickstart文件的格式

? 可選命令

install OR upgrade

text: 文本安裝界面

network

firewall

selinux

halt

poweroff

reboot

repo

user：安裝完成后為系統創建新用戶

url: 指明安裝源

key –skip 跳過安裝號碼,適用于rhel版本

kickstart文件創建

?創建kickstart文件的方式

? 直接手動編輯

依據某模板修改

? 可使用創建工具：system-config-kickstart

依據某模板修改并生成新配置

/root/anaconda-ks.cfg

?檢查ks文件的語法錯誤：ksvalidator

ksvalidator /PATH/TO/KICKSTART_FILE

[root@centos6 ~]#ksvalidator /var/www/html/ks6_mini.cfg

File uses a deprecated option or command.

%packages does not end with %end.? This syntax has been deprecated.? It may be removed from future releases, which will result in a fatal error from kickstart.? Please modify your kickstart file to use this updated syntax.

想要修改文件可以在圖形工具中輸入system-config-kickstart

open file中找到之前生成的文件繼續修改

在centos7上

[root@CENTOS7 ~]#system-config-kickstart 打開kickstart

發現包選項中沒有包文件

解決辦法：

修改/etc/yum.repos.d/cdrom.repo

[root@CENTOS7 yum.repos.d]#vim cdrom.repo

[base]????????????? 將base換成development

name=cdrom

baseurl=file:///misc/cd

gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-CentOS-7

[epel]

name=epel

baseurl=https://mirrors.aliyun.com/epel/7/x86_64/

gpgcheck=0

enabled=1

換成development后就好用了

root@centos6 html]#vim ks7_desktop.cfg

#version=DEVEL

# System authorization information

auth –enableshadow –passalgo=sha512

# Use CDROM installation media

url –url=”http://172.20.0.1/centos/7″

# Use graphical install

text

# Run the Setup Agent on first boot

firstboot –enable

ignoredisk –only-use=sda

# Keyboard layouts

keyboard –vckeymap=us –xlayouts=’us’

# System language

lang en_US.UTF-8

# Network information

network? –bootproto=dhcp –device=ens33 –onboot=on –ipv6=auto –activate

network? –hostname=CENTOS7.localdomain

# Root password

rootpw –iscrypted $6$s0muD70.E8JMzCGm$i1HesyCYdDcGxvrCDBHOgONe4mteYkizewl12iwxveVdq9TyGP.34c.6gagz0m46fR0Fc5tUz72EptcQ3sljf0

# System services

services –disabled=”chronyd”

# System timezone

timezone Asia/Shanghai –isUtc –nontp

user –name=wang –password=$6$h//NLnKbS9hhBfPr$r5ER6UNXVR9QlLorxZKT6jI5xX5Z4CwThVs3uLBfOtG7AOjI8xvVxm1ssfKwtYCDmKYipULOvw25f.3iyLy6l1 –iscrypted –gecos=”wang”

# X Window System configuration information

xconfig? –startxonboot

# System bootloader configuration

bootloader –append=” crashkernel=auto” –location=mbr –boot-drive=sda

# Partition clearing information

reboot

zerombr

clearpart –all –initlabel

# Disk partitioning information

part swap –fstype=”swap” –ondisk=sda –size=2048

part /boot –fstype=”xfs” –ondisk=sda –size=1024

part / –fstype=”xfs” –ondisk=sda –size=51200

part /data –fstype=”xfs” –ondisk=sda –size=30720

%packages

@^graphical-server-environment

@base

@core

@desktop-debugging

@dial-up

@fonts

@gnome-desktop

@guest-agents

@guest-desktop-agents

@hardware-monitoring

@input-methods

@internet-browser

@multimedia

@print-client

@x11

kexec-tools

%end

%addon com_redhat_kdump –enable –reserve-mb=’auto’

%end

%anaconda

pwpolicy root –minlen=6 –minquality=1 –notstrict –nochanges –notempty

pwpolicy user –minlen=6 –minquality=1 –notstrict –nochanges –emptyok

pwpolicy luks –minlen=6 –minquality=1 –notstrict –nochanges –notempty

%end

%post mkdir /etc/yum.repods.d/bak mv /etc/yum.repos.d/Cen* /etc/yum.repos.d/bak cat > /etc/yum.repos.d/base.repo << EOF

[base]

name=base

baseurl=http://172.20.0.1/centos/7

gpgcheck=0

EOF

useradd wang

echo 123456 | passwd –stdin wang

systemctl set-default multi-user.target

%end

將這個文件放到centos6的/var/www/html/下

改一下權限

chmod 644 ks7_desktop.cfg

網頁中可以打開

centos7上的自動安裝命令

系統光盤中isolinux目錄列表

?isolinux.bin：光盤引導程序，在mkisofs的選項中需要明確給出文件路徑，這個

文件屬于SYSLINUX項目

?isolinux.cfg：isolinux.bin的配置文件，當光盤啟動后（即運行isolinux.bin），

會自動去找isolinux.cfg文件

?vesamenu.c32：是光盤啟動后的安裝圖形界面，也屬于SYSLINUX項目，

menu.c32版本是純文本的菜單

?Memtest：內存檢測，這是一個獨立的程序

?splash.jgp：光盤啟動界面的背景圖

?vmlinuz是內核映像

?initrd.img是ramfs (先cpio，再gzip壓縮)

制作一個啟動光盤（將應答文件燒到光盤中）但是不包含安裝包

[root@centos6 ~]#cd /data/nn

[root@centos6 nn]#mkdir myiso

[root@centos6 nn]#cp -r /misc/cd/isolinux/ /data/nn/myiso/

[root@centos6 nn]#tree

└── myiso

└── isolinux

├── boot.cat

├── boot.msg

├── grub.conf

├── initrd.img

├── isolinux.bin

├── isolinux.cfg

├── memtest

├── splash.jpg

├── TRANS.TBL

├── vesamenu.c32

└── vmlinuz

2 directories, 11 files

[root@centos6 nn]#mkdir /data/nn/myiso/ksdir

[root@centos6 nn]#cp /var/www/html/ks6_mini.cfg /data/nn/myiso/ksdir/

[root@centos6 nn]#ls /data/nn/myiso/ksdir

ks6_mini.cfg

[root@centos6 nn]#cp /var/www/html/ks6_mini.cfg /data/nn/myiso/ksdir/ks6_deskop.cfg

[root@centos6 nn]#ls /data/nn/myiso/ksdir

ks6_deskop.cfg? ks6_mini.cfg

[root@centos6 myiso]#cd isolinux

[root@centos6 isolinux]#ls

boot.cat? grub.conf?? isolinux.bin? memtest???? TRANS.TBL???? vmlinuz

boot.msg? initrd.img? isolinux.cfg? splash.jpg? vesamenu.c32

[root@centos6 isolinux]#vim isolinux.cfg

default vesamenu.c32

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to CentOS 6.9!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

default vesamenu.c32

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to CentOS 6.9!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

label desktop

menu label Install an ^desktop system

kernel vmlinuz

append initrd=initrd.img ks=cdrom:ksdir/ks_6desktop.cfg

label mini

menu label Install a ^mini system

kernel vmlinuz

append initrd=initrd.img ks=cdrom:ksdir/ks6_mini.cfg

label local

menu default

menu label Boot from ^local drive

localboot 0xffff

[root@centos6 ksdir]#mkisofs -R -J -T -v –no-emul-boot –boot-load-size 4 –boot-info-table -V “CentOS 6.9 x86_64 boot” -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/boot.iso /data/myiso/

I: -input-charset not specified, using utf-8 (detected in locale settings)

genisoimage 1.1.9 (Linux)

Scanning /data/myiso/

Scanning /data/myiso/ksdir

Scanning /data/myiso/isolinux

Excluded by match: /data/myiso/isolinux/boot.cat

Excluded: /data/myiso/isolinux/TRANS.TBL

Writing:?? Initial Padblock??????????????????????? Start Block 0

Done with: Initial Padblock??????????????????????? Block(s)??? 16

Writing:?? Primary Volume Descriptor?????????????? Start Block 16

Done with: Primary Volume Descriptor?????????????? Block(s)??? 1

Writing:?? Eltorito Volume Descriptor????????????? Start Block 17

Size of boot image is 4 sectors -> No emulation

Done with: Eltorito Volume Descriptor????????????? Block(s)??? 1

Writing:?? Joliet Volume Descriptor??????????????? Start Block 18

Done with: Joliet Volume Descriptor????? ??????????Block(s)??? 1

Writing:?? End Volume Descriptor?????????????????? Start Block 19

Done with: End Volume Descriptor?????????????????? Block(s)??? 1

Writing:?? Version block?????????????????????????? Start Block 20

Done with: Version block?????????????????????????? Block(s)??? 1

Writing:?? Path table???????????????????????? ?????Start Block 21

Done with: Path table????????????????????????????? Block(s)??? 4

Writing:?? Joliet path table?????????????????????? Start Block 25

Done with: Joliet path table?????????????????????? Block(s)??? 4

Writing:?? Directory tree????????????????????????? Start Block 29

Done with: Directory tree????????? ????????????????Block(s)??? 3

Writing:?? Joliet directory tree?????????????????? Start Block 32

Done with: Joliet directory tree?????????????????? Block(s)??? 3

Writing:?? Directory tree cleanup????????????????? Start Block 35

Done with: Directory tree cleanup????????????????? Block(s)??? 0

Writing:?? Extension record???????????? ???????????Start Block 35

Done with: Extension record??????????????????????? Block(s)??? 1

Writing:?? The File(s)???????????????????????????? Start Block 36

21.95% done, estimate finish Thu May 24 19:36:01 2018

43.80% done, estimate finish Thu May 24 19:36:01 2018

65.72% done, estimate finish Thu May 24 19:36:01 2018

87.57% done, estimate finish Thu May 24 19:36:01 2018

Total translation table size: 5150

Total rockridge attributes bytes: 1822

Total directory bytes: 4698

Path table size(bytes): 40

Done with: The File(s)???????????????????????????? Block(s)??? 22661

Writing:?? Ending Padblock???????????????????????? Start Block 22697

Done with: Ending Padblock???????????????????????? Block(s)??? 150

Max brk space used 1a000

22847 extents written (44 MB)

[root@centos6 ~]#ll boot.iso

-rw-r–r– 1 root root 46790656 May 24 19:36 boot.iso

制作引導光盤和U盤

?創建引導光盤：

?mkdir –pv /app/myiso

?cp -r /misc/cd/isolinux/ /app/myiso/

?vim /app/myiso/isolinux/isolinux.cfg

initrd=initrd.img text ks=cdrom:/myks.cfg

?cp /root/myks.cfg /app/myiso/

注意：以上相對路徑都是相對于光盤的根，和工作目錄無關

?創建U盤啟動盤

?dd if=/dev/sr0 of=/dev/sdb

mkisofs選項

?-o 指定映像文件的名稱。

?-b 指定在制作可開機光盤時所需的開機映像文件。

?-c 制作可開機光盤時，會將開機映像文件中的 no-eltorito-catalog 全部內容

作成一個文件。

?-no-emul-boot 非模擬模式啟動。

?-boot-load-size 4 設置載入部分的數量

?-boot-info-table 在啟動的圖像中現實信息

?-R 或 -rock 使用 Rock RidgeExtensions

?-J 或 -joliet 使用 Joliet 格式的目錄與文件名稱

?-v 或 -verbose 執行時顯示詳細的信息

?-T 或 -translation-table 建立文件名的轉換表，適用于不支持 Rock Ridge

Extensions 的系統上

將寫好的boot.ios刻錄硬盤

[root@centos6 ~]#echo “- – -” > /sys/class/scsi_host/host2/scan

[root@CENTOS7 ~]#yum install syslinux??? 安裝syslinux

/usr/bin/isohybrid boot.iso??? 轉換一下格式然后在刻錄硬盤就可以了

[root@centos6 ~]#dd if=boot.iso of=/dev/sdd

91388+0 records in

91388+0 records out

46790656 bytes (47 MB) copied, 1.82669 s, 25.6 MB/s

將移動硬盤摘下插在別的機器上重新啟動

進入

調節哪塊硬盤作為系統啟動盤

進入boot

制作一個完整的光盤

[root@centos6 ~]#cd /data

[root@centos6 data]#ls

beifen?????? dd? f2? fstab?????? loop8???? ??mbr_bak? myiso? passwd? sdb1? sdb3??????? src?????? TRANS.TBL

cmd_copy.sh? f1? f3? install.sh? mbr_backup? mm?????? nn???? raid??? sdb2? splash.xpm? sshd.log

[root@centos6 data]#cd myiso

[root@centos6 myiso]#ls

isolinux? ksdir

[root@centos6 myiso]#cd isolinux

[root@centos6 isolinux]#ls

boot.cat? grub.conf?? isolinux.bin? memtest???? TRANS.TBL???? vmlinuz

boot.msg? initrd.img? isolinux.cfg? splash.jpg? vesamenu.c32

[root@centos6 isolinux]#mv isolinux.cfg /root

[root@centos6 isolinux]#rm -f *

[root@centos6 isolinux]#ls

[root@centos6 isolinux]#

[root@centos6 data]#rm -rf myiso

[root@centos6 ~]#cp -rv /misc/cd/ /data/myiso

[root@centos6 myiso]#cp -r /root/ksdir/ /data/myiso/

[root@centos6 myiso]#ls

CentOS_BuildTag? EFI? EULA? GPL? images? isolinux? ksdir? Packages

掛第二張光盤

[root@centos6 ~]#cp -rv /misc/cd/* /data/myiso/

cp: overwrite `/data/myiso/CentOS_BuildTag’?

[root@centos6 ~]#cd /data

[root@centos6 data]#cd myiso

[root@centos6 myiso]#ls

CentOS_BuildTag? GPL?????? ksdir???????????????????? repodata??????????????????? RPM-GPG-KEY-CentOS-Security-6

EFI????????????? images??? Packages????????????????? RPM-GPG-KEY-CentOS-6??????? RPM-GPG-KEY-CentOS-Testing-6

EULA???????????? isolinux? RELEASE-NOTES-en-US.html? RPM-GPG-KEY-CentOS-Debug-6? TRANS.TBL

[root@centos6 myiso]#cd repodata/

[root@centos6 repodata]#ls

1cde788f77b08a7eb3dfdba12fa384a5f0214147a717a1e2d4504368037fba90-c6-x86_64-comps.xml.gz

43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml????? 記錄包組的分組信息

[root@centos6 repodata]#cp 43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml /root

[root@centos6 repodata]#rm -rf *

[root@centos6 repodata]#ls

[root@centos6 repodata]#cp /root/43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml .

[root@centos6 repodata]#ls

43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml

[root@centos6 repodata]#cd ..

[root@centos6 myiso]#createrepo -g repodata/43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml .

Spawning worker 0 with 6706 pkgs

Workers Finished

Gathering worker results

Saving Primary metadata

Saving file lists metadata

Saving other metadata

Generating sqlite DBs

Sqlite DBs complete

找到并刪除多有/TRANS.TBL（這個文件跟制作光盤有關）

[root@centos6 myiso]#find -name TRANS.TBL

./Packages/TRANS.TBL

./EFI/TRANS.TBL

./EFI/BOOT/TRANS.TBL

./TRANS.TBL

./isolinux/TRANS.TBL

./images/pxeboot/TRANS.TBL

./images/TRANS.TBL

[root@centos6 myiso]#find -name TRANS.TBL -exec rm {} \;

[root@centos6 myiso]#find -name TRANS.TBL

[root@centos6 myiso]#

[root@centos6 myiso]#vim ksdir/ks6_mini.cfg

url –url=”http://172.20.0.1/centos/6″ 改成cdrom

[root@centos6 myiso]#cd isolinux/

[root@centos6 isolinux]#ls

boot.cat? boot.msg? grub.conf? initrd.img? isolinux.bin? isolinux.cfg? memtest? splash.jpg? vesamenu.c32? vmlinuz

[root@centos6 isolinux]#cp /root/isolinux.cfg .

cp: overwrite `./isolinux.cfg’? y

mkisofs -R -J -T -v –no-emul-boot –boot-load-size 4 –boot-info-table -V “CentOS 6.9 x86_64 boot” -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/boot.iso /data/myiso/

DHCP服務

?網絡配置

靜態指定

動態獲取: bootp:boot protocol MAC與IP一一靜態對應?? ip與MAC綁定導致即使不開機ip也無法給別的，機器使用，早期用于無盤工作站

dhcp:增強的bootp，動態169.254.x.x

?DHCP: （Dynamic Host Configuration Protocol）在windows上如果網絡中沒有dhcp服務器而網絡又寫成自動獲取會獲得一個特殊的IP地址：

? 動態主機配置協議

? 局域網協議，UDP協議

?主要用途：

? 用于內部網絡和網絡服務供應商自動分配IP地址給用戶

? 用于內部網絡管理員作為對所有電腦作集中管理的手段

?使用場景

? 自動化安裝系統

? 解決IPV4資源不足問題

DHCP服務

? DHCP共有八種報文

? DHCP DISCOVER：客戶端到服務器

? DHCP OFFER ：服務器到客戶端

? DHCP REQUEST：客戶端到服務器

? DHCP ACK ：服務器到客戶端

? DHCP NAK：服務器到客戶端,通知用戶無法分配合適的IP

地址

? DHCP DECLINE ：客戶端到服務器，指示地址已被使用

? DHCP RELEASE：客戶端到服務器，放棄網絡地址和取消

剩余的租約時間

? DHCP INFORM：客戶端到服務器, 客戶端如果需要從DHCP

服務器端獲取更為詳細的配置信息，則發送Inform報文向

服務器進行請求，極少用到

斷開eth1和eth0

[root@centos6 network-scripts]#vim ifcfg-eth0?? 將eth0改成自動獲取

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=dhcp

? IPADDR=192.168.30.102

PREFIX=24

GATEWAY=172.20.0.1

service network restart

連接eth0

dhclient -d 查看dhcp獲取過程

cd /var/lib/dhclient

[root@centos6 dhclient]#cat dhclient.leases

lease {

interface “eth0”;

fixed-address 192.168.30.104;

option subnet-mask 255.255.255.0;

option dhcp-lease-time 1800;

option dhcp-message-type 5;

option domain-name-servers 192.168.30.1;

option dhcp-server-identifier 192.168.30.254;

option broadcast-address 192.168.30.255;

option domain-name “localdomain”;

renew 4 2018/05/24 13:30:33;

rebind 4 2018/05/24 13:42:01;

expire 4 2018/05/24 13:45:46;

}

lease {

interface “eth0”;

fixed-address 192.168.30.104;

option subnet-mask 255.255.255.0;

option dhcp-lease-time 1800;

option dhcp-message-type 5;

option domain-name-servers 192.168.30.1;

option dhcp-server-identifier 192.168.30.254;

option broadcast-address 192.168.30.255;

option domain-name “localdomain”;

renew 4 2018/05/24 13:44:28;

rebind 4 2018/05/24 13:56:48;

expire 4 2018/05/24 14:00:33;

}

DHCP服務

?續租

?50% ：租賃時間達到50%時來續租，剛向DHCP服務器發向新的DHCPREQUEST

請求。如果dhcp服務沒有拒絕的理由，則回應DHCPACK信息。當DHCP客戶端

收到該應答信息后，就重新開始新的租用周期

?87.5%：如果之前DHCP Server沒有回應續租請求，等到租約期的7/8時，主機

會再發送一次廣播請求

[root@CENTOS7 ~]#dhclient -d??? 強制獲取了dhcp地址

Internet Systems Consortium DHCP Client 4.2.5

For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth1/00:0c:29:45:bf:1e

Sending on?? LPF/eth1/00:0c:29:45:bf:1e

Listening on LPF/eth0/00:0c:29:45:bf:14

Sending on?? LPF/eth0/00:0c:29:45:bf:14

Sending on?? Socket/fallback

DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 3 (xid=0x49fd92e7)

DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5 (xid=0x1c8bd5e3)

DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 8 (xid=0x49fd92e7)

DHCPREQUEST on eth1 to 255.255.255.255 port 67 (xid=0x49fd92e7)

DHCPOFFER from 172.20.0.1

DHCPACK from 172.20.0.1 (xid=0x49fd92e7)

bound to 172.20.113.7 — renewal in 37306 seconds.

DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13 (xid=0x1c8bd5e3)

DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x1c8bd5e3)

DHCPOFFER from 192.168.30.254

DHCPACK from 192.168.30.254 (xid=0x1c8bd5e3)

bound to 192.168.30.109 — renewal in 683 seconds.

[root@CENTOS7 ~]#ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:45:bf:14 brd ff:ff:ff:ff:ff:ff

inet 192.168.30.101/24 brd 192.168.30.255 scope global dynamic eth0

valid_lft 1183sec preferred_lft 1183sec

inet 192.168.30.109/24 brd 192.168.30.255 scope global secondary dynamic eth0

valid_lft 1783sec preferred_lft 1783sec

inet6 fe80::f620:6ab3:e2e5:44/64 scope link

valid_lft forever preferred_lft forever

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:45:bf:1e brd ff:ff:ff:ff:ff:ff

inet 172.20.109.255/16 brd 172.20.255.255 scope global dynamic eth1

valid_lft 48149sec preferred_lft 48149sec

inet 172.20.113.7/16 brd 172.20.255.255 scope global secondary dynamic eth1

valid_lft 86379sec preferred_lft 86379sec

inet6 fe80::1ac:8bc5:45a2:ba5c/64 scope link

valid_lft forever preferred_lft forever

如果dhcp的租期是一天，但是電腦在租期到期前移動到了別的網段，那么會釋放這個ip并獲得新的ip地址

在windows上可以用命令ipconfig/renew（release）來獲得和釋放地址

用ifconfig/all查看地址詳情。

DHCP服務簡介

?同網段多DHCP服務

? DHCP服務必須基于本地

? 先到先得的原則

?相關協議

? Arp

? rarp

?跨網段

? RFC 1542 Compliant Routers

? dhcrelay: 中繼

dhcp客戶端端口是68，服務器端口是67

跨網段dhcp如何獲得地址

1.RFC 1542 Compliant Routers（特殊的路由器只允許dhcp的廣播通過）

2.啟動代理服務，代理服務器提前知道dhcp服務器的地址，收集主機發來的dhcp請求，然后轉發個dhcp服務器，得到地址后再發給主機

3.在路由器上啟動代理功能，在同一網段的路由器上開起中級代理的功能

DHCP實現

?Linux DHCP協議的實現程序：dhcp, dnsmasq（dhcp,dns）簡化版的小工具包含簡單的dhcp和dns

?Dhcp Server

/usr/sbin/dhcpd

/etc/dhcp/dhcpd.conf –> /etc/rc.d/init.d/dhcpd

/etc/dhcp/dhcpd6.conf–> /etc/rc.d/init.d/dhcpd6

/usr/sbin/dhcrelay

/etc/rc.d/init.d/dhcrelay

dhcp server:67/udp

dhcp client: 68/udp

dhcpv6 client:546/udp

?Dhcp client

dhclient

自動獲取的IP信息：? /var/lib/dhclient

DHCP服務器（大部分服務器都是）是一個靜態地址

關閉僅主機的dhcp

dhcp服務器如果服務器的地址是192.168.30.101/24那么服務器無法給客戶機分配跨網段的地址如6.6.6.6/24

配置服務的流程：

步驟

0：selinux,iptables

1 安裝包

2 啟服務

3 修改配置文件;reload,restart

4 測試

[root@CENTOS7 ~]#getenforce

Disabled

[root@CENTOS7 ~]#iptables -vnL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target???? prot opt in???? out???? source?????????????? destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target???? prot opt in???? out???? source?????????????? destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target???? prot opt in???? out???? source?????????????? destination

[root@CENTOS7 ~]#yum install dhcp

[root@CENTOS7 ~]#rpm -ql dhcp

/etc/NetworkManager

/etc/NetworkManager/dispatcher.d

/etc/NetworkManager/dispatcher.d/12-dhcpd

/etc/dhcp/dhcpd.conf???? 主配置文件

/etc/dhcp/dhcpd6.conf

/etc/dhcp/scripts

/etc/dhcp/scripts/README.scripts

/etc/openldap/schema/dhcp.schema

/etc/sysconfig/dhcpd

/usr/bin/omshell

/usr/lib/systemd/system/dhcpd.service????? 服務

/usr/lib/systemd/system/dhcpd6.service

/usr/lib/systemd/system/dhcrelay.service

/usr/sbin/dhcpd?????? ???????????????????主程序

/usr/sbin/dhcrelay

/usr/share/doc/dhcp-4.2.5

/usr/share/doc/dhcp-4.2.5/dhcpd.conf.example

/usr/share/doc/dhcp-4.2.5/dhcpd6.conf.example

/usr/share/doc/dhcp-4.2.5/ldap

/usr/share/doc/dhcp-4.2.5/ldap/README.ldap

/usr/share/doc/dhcp-4.2.5/ldap/dhcp.schema

/usr/share/doc/dhcp-4.2.5/ldap/dhcpd-conf-to-ldap

/usr/share/man/man1/omshell.1.gz

/usr/share/man/man5/dhcpd.conf.5.gz

/usr/share/man/man5/dhcpd.leases.5.gz

/usr/share/man/man8/dhcpd.8.gz

/usr/share/man/man8/dhcrelay.8.gz

/usr/share/systemtap/tapset/dhcpd.stp

/var/lib/dhcpd

/var/lib/dhcpd/dhcpd.leases???? 記錄ip地址的發放情況

/var/lib/dhcpd/dhcpd6.leases

[root@CENTOS7 ~]#systemctl start dhcpd?? 無法直接啟動

Job for dhcpd.service failed because the control process exited with error code. See “systemctl status dhcpd.service” and “journalctl -xe” for details.

無法啟動的原因是配置文件不行。

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

# DHCP Server Configuration file.

#?? see /usr/share/doc/dhcp*/dhcpd.conf.example

#?? see dhcpd.conf(5) man page

[root@CENTOS7 ~]#cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

subnet 10.152.187.0 netmask 255.255.255.0 {

}

將上述行替換成

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

[root@CENTOS7 ~]#systemctl start dhcpd???? 啟動失敗因為其ip地址與分配的地址不在同一個網段

Job for dhcpd.service failed because the control process exited with error code. See “systemctl status dhcpd.service” and “journalctl -xe” for details.

subnet 10.152.187.0 netmask 255.255.255.0 {

將上述行替換成

subnet 192.168.30.0 netmask 255.255.255.0 {?????? 這樣就可以啟動shcp服務了

}

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

這時從新啟動centos6的網絡服務是拿不到地址的因為光有網段但是沒有范圍

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

}

[root@CENTOS7 ~]#systemctl restart dhcpd

當將dhcp服務器內容修改成上述以后

[root@centos6 ~]#ifconfig???? centos6的dhcp成功獲取到地址

eth0????? Link encap:Ethernet? HWaddr 00:0C:29:6B:0D:B3

inet addr:192.168.30.150? Bcast:192.168.30.255? Mask:255.255.255.0

inet6 addr: fe80::20c:29ff:fe6b:db3/64 Scope:Link

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

option domain-name “example.org”;

option domain-name-servers ns1.example.org, ns2.example.org;

default-lease-time 600;

max-lease-time 7200;

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

}

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

“/etc/dhcp/dhcpd.conf” 107L, 3366C written

[root@CENTOS7 ~]#systemctl restart dhcpd

[root@CENTOS7 ~]#ss -nutl

tid? State????? Recv-Q Send-Q??????????? Local Address:Port?????????????????????????? Peer Address:Port

▽dp??? UNCONN???? 0????? 0???????????????????????????? *:56805???????????????????????????????????? *:*

udp??? UNCONN???? 0????? 0???????????????????????????? *:67??????????????????????????????????????? *:*

udp??? UNCONN???? 0????? 0???????????????????????????? *:59594???????????????????????????????????? *:*

udp??? UNCONN???? 0????? 0???????????????? ????????????*:5353????????????????????????????????????? *:*

udp??? UNCONN???? 0????? 0???????????????????? 127.0.0.1:323?????????????????????????????????????? *:*

udp??? UNCONN???? 0????? 0??????????????????????????? :::48650??????????????????????????????????? :::*

udp??? UNCONN???? 0????? 0?????????????????????????? ::1:323??????????????????????? ??????????????:::*

tcp??? LISTEN???? 0????? 128?????????????????????????? *:111?????????????????????????????????????? *:*

tcp??? LISTEN???? 0????? 128?????????????????????????? *:22??????????????????????????????????????? *:*

tcp??? LISTEN???? 0????? 128?????????????????? 127.0.0.1:631?????????????????????????????????????? *:*

tcp??? LISTEN???? 0????? 100?????????????????? 127.0.0.1:25??????????????????????????????????????? *:*

tcp??? LISTEN???? 0????? 128????????????????????????? :::111?????? ???????????????????????????????:::*

tcp??? LISTEN???? 0????? 128????????????????????????? :::22?????????????????????????????????????? :::*

tcp??? LISTEN???? 0????? 128???????????????????????? ::1:631????????????????????????????????????? :::*

tcp??? LISTEN???? 0????? 100???????????????????????? ::1:25?????????????????????????????????????? :::*

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

# dhcpd.conf

# Sample configuration file for ISC dhcpd

# option definitions common to all supported networks…

option domain-name “example.org”;????? 域后綴

修改成option domain-name? “magedu.org”;

option domain-name-servers ns1.example.org, ns2.example.org;? 地址解析（DNS）

應該寫成option domain-name-servers 114.114.114.114,1.1.1.1；

default-lease-time 86400;????? 默認組期秒為單位

max-lease-time 100000;

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

option routers 192.168.30.1;

option domain-name-servers 8.8.8.8;

next-server 192.168.30.101;

filename “pxelinux.0”;

}

subnet 6.6.6.0 netmask 255.255.255.0 {

range 6.6.6.1 6.6.6.100;

}

# This is a very basic subnet declaration.

subnet 10.254.239.0 netmask 255.255.255.224 {

range 10.254.239.10 10.254.239.20;

option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;

}

# This declaration allows BOOTP clients to get dynamic addresses,

# which we don’t really recommend.

subnet 10.254.239.32 netmask 255.255.255.224 {

range dynamic-bootp 10.254.239.40 10.254.239.60;

option broadcast-address 10.254.239.31;

option routers rtr-239-32-1.example.org;

}

# A slightly different configuration for an internal subnet.

subnet 10.5.5.0 netmask 255.255.255.224 {

range 10.5.5.26 10.5.5.30;

option domain-name-servers ns1.internal.example.org;

option domain-name “internal.example.org”;

option routers 10.5.5.1;

option broadcast-address 10.5.5.31;

default-lease-time 600;

max-lease-time 7200;

}

# Hosts which require special configuration options can be listed in

# host statements.?? If no address is specified, the address will be

# allocated dynamically (if possible), but the host-specific information

# will still come from the host declaration.

host passacaglia {

hardware ethernet 0:0:c0:5d:bd:95;

filename “vmunix.passacaglia”;

server-name “toccata.fugue.com”;

}

# Fixed IP addresses can also be specified for hosts.?? These addresses

# should not also be listed as being available for dynamic assignment.

# Hosts for which fixed IP addresses have been specified can boot using

# BOOTP or DHCP.?? Hosts for which no fixed address is specified can only

# be booted with DHCP, unless there is an address range on the subnet

# to which a BOOTP client is connected which has the dynamic-bootp flag

# set.

host fantasia {

hardware ethernet 08:00:07:26:c0:a5;

fixed-address fantasia.fugue.com;

}

# You can declare a class of clients and then do address allocation

# based on that.?? The example below shows a case where all clients

# in a certain class get addresses on the 10.17.224/24 subnet, and all

# other clients get addresses on the 10.0.29/24 subnet.

class “foo” {

match if substring (option vendor-class-identifier, 0, 4) = “SUNW”;

}

shared-network 224-29 {

subnet 10.17.224.0 netmask 255.255.255.0 {

option routers rtr-224.example.org;

}

subnet 10.0.29.0 netmask 255.255.255.0 {

option routers rtr-29.example.org;

}

pool {

allow members of “foo”;

range 10.17.224.10 10.17.224.250;

}

pool {

deny members of “foo”;

range 10.0.29.10 10.0.29.230;

}

[root@CENTOS7 ~]#cat /var/lib/dhcpd/dhcpd.leases

# The format of this file is documented in the dhcpd.leases(5) manual page.

# This lease file was written by isc-dhcp-4.2.5

lease 192.168.30.150 {

starts 6 2018/05/26 01:43:37;????? 記錄的是格林尼治時間

ends 6 2018/05/26 04:30:17;

tstp 6 2018/05/26 04:30:17;

cltt 6 2018/05/26 01:43:37;

binding state active;

next binding state free;

rewind binding state free;

hardware ethernet 00:0c:29:6b:0d:b3;

client-hostname “centos6”;

}

server-duid “\000\001\000\001\”\233r\215\000\014)E\277\024”;

[root@centos6 ~]#cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search magedu.org

nameserver 114.114.114.114

nameserver 1.1.1.1

option domain-name “magedu.org”;

option domain-name-servers 114.114.114.114,1.1.1.1;

default-lease-time 86400;

max-lease-time 10000;

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

option routers 192.168.30.1;

option domain-name-servers 8.8.8.8;

當subnet里面和外面同時定義了DNS和網關的時候生效的是sebnet內定義的項

[root@centos6 ~]#cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search magedu.org

nameserver 8.8.8.8

綁定dhcp的ip地址

[root@CENTOS7 ~]#vim /etc/dhcp/dhcpd.conf

# to which a BOOTP client is connected which has the dynamic-bootp flag

# set.

host fantasia {

hardware ethernet 08:00:07:26:c0:a5;

fixed-address fantasia.fugue.com;

}

加入下面設置

host text {

hardware ethernet 00:0C:29:6B:0D:B3;

fixed-address 192.168.30.151;

option routers 192.168.30.123;

option domain-name-servers 223.5.5.5;

[root@centos6 ~]#route -n

Kernel IP routing table

Destination???? Gateway???????? Genmask???????? Flags Metric Ref??? Use Iface

192.168.30.0??? 0.0.0.0???????? 255.255.255.0?? U???? 0????? 0??????? 0 eth0

169.254.0.0???? 0.0.0.0???????? 255.255.0.0???? U???? 1002?? 0??????? 0 eth0

0.0.0.0???????? 192.168.30.123? 0.0.0.0???????? UG??? 0????? 0??????? 0 eth0

[root@centos6 ~]#cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search magedu.org

nameserver 223.5.5.5

注意：如果在/etc/dhcp/dhcpd.conf 和ifcfg-eth0中同時定義網關，則ifcfg-eth0生效，如果同時定義DNS，則都生效

DHCP配置文件

?其它配置選項：

filename: 指明引導文件名稱

next-server：提供引導文件的服務器IP地址：指定tftp service的地址從中嘗試獲得啟動的引導文件

filename：pexlinux.0

想自動安裝系統：

在/etc/dhcp/dhcpd.conf中

next-server 192.168.30.30;（tftp server的地址）

filename “pexlinux.0”;

?示例：

filename “pxelinux.0”;

next-server 192.168.100.100;

?檢查語法

service dhcpd configtest

PXE介紹

?PXE：

Preboot Excution Environment 預啟動執行環境

Intel公司研發

基于Client/Server的網絡模式，支持遠程主機通過網絡從遠端服務器下載

映像，并由此支持通過網絡啟動操作系統

PXE可以引導和安裝Windows,linux等多種操作系統

網卡支持PXE，網卡內置了tftp的客戶端，可以直接訪問tftp的服務器

PXE工作原理，自動安裝系統原理及工具

PXE工作原理

? Client向PXE Server上的DHCP發送IP地址請求消息，DHCP檢測Client是否合法（主要是檢

測Client的網卡MAC地址），如果合法則返回Client的IP地址，同時將啟動文件pxelinux.0的

位置信息一并傳送給Client

? Client向PXE Server上的TFTP發送獲取pxelinux.0請求消息，TFTP接收到消息之后再向Client

發送pxelinux.0大小信息，試探Client是否滿意，當TFTP收到Client發回的同意大小信息之后，

正式向Client發送pxelinux.0

? Client執行接收到的pxelinux.0文件

? Client向TFTP Server發送針對本機的配置信息文件（在TFTP 服務的pxelinux.cfg目錄下），

TFTP將配置文件發回Client，繼而Client根據配置文件執行后續操作。

? Client向TFTP發送Linux內核請求信息，TFTP接收到消息之后將內核文件發送給Client

? Client向TFTP發送根文件請求信息，TFTP接收到消息之后返回Linux根文件系統

? Client啟動Linux內核

? Client下載安裝源文件，讀取自動化安裝腳本

PXE自動化安裝CentOS 7

?安裝前準備：關閉防火墻和SELINUX，DHCP服務器靜態IP

?安裝軟件包

httpd tftp-server dhcp syslinux system-config-kickstart

?配置文件共享服務：

systemctl enable httpd

systemctl start httpd

mkdir /var/www/html/centos/7

mount /dev/sr0 /var/www/html/centos/7

?準備kickstart文件

/var/www/html/ks/centos7.cfg 注意：權限

?配置tftp服務

systemctl enable tftp.socket

systemctl start tftp.socket

[root@CENTOS7 ~]#yum install tftp-server

[root@CENTOS7 ~]#systemctl start tftp.socket

[root@CENTOS7 ~]#ss -nutlpe

udp??? UNCONN???? 0????? 0??????????????????????????? :::69?????????????????????????????????????? :::*?????????????????? users:((“systemd”,pid=1,fd=27)) ino:47535 sk:ffff88003f1404c0 v6only:0 <->

在centos+上安裝客戶端用于訪問centos7的tftp server服務

[root@centos6 ~]#yum install tftp

[root@CENTOS7 ~]#cd /var/lib/tftpboot

[root@CENTOS7 tftpboot]#ls

[root@CENTOS7 tftpboot]#cp /etc/fstab .

[root@CENTOS7 tftpboot]#ls

fstab

[root@centos6 ~]#tftp 192.168.30.101

tftp> get fstab

tftp> quit

[root@centos6 ~]#ll

-rw-r–r–? 1 root root??????? 595 May 26 11:41 fstab

在centos7上也可以用chetos6的方法啟動tftp

[root@CENTOS7 ~]#cd /etc/xinetd.d/

[root@CENTOS7 xinetd.d]#ls

tftp

[root@CENTOS7 xinetd.d]#cat tftp

# default: off

# description: The tftp server serves files using the trivial file transfer \

# protocol.? The tftp protocol is often used to boot diskless \

# workstations, download configuration files to network-aware printers, \

# and to start the installation process for some operating systems.

service tftp

{

socket_type? = dgram

protocol? = udp

wait?? = yes

user?? = root

server?? = /usr/sbin/in.tftpd

server_args? = -s /var/lib/tftpboot

disable?? = yes??? 將yes改成no則可以用centos6的方法啟動tftp

per_source? = 11

cps?? = 100 2

flags?? = IPv4

}

配置自動安裝系統所需要的文件

1.yum源

[root@CENTOS7 html]#vim /etc/fstab

# /etc/fstab

# Created by anaconda on Tue Mar 27 17:53:47 2018

# Accessible filesystems, by reference, are maintained under ‘/dev/disk’

# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

UUID=0a1bc23e-06e5-4210-9b32-0edbff09ca1a /?????????????????????? xfs???? defaults??????? 0 0

UUID=4d8d9214-eeed-4758-8c34-f05492b9ea73 /boot?????????????????? xfs???? defaults??????? 0 0

UUID=fb669d84-551f-4a70-a11e-f61deec0fd86 /data?????????????????? xfs???? defaults??????? 0 0

UUID=906330a5-2af1-4bf4-8b2d-9337eaf92250 swap??????????????????? swap??? defaults??????? 0 0

/dev/sr0?????????? /var/www/html/centos7?? iso9660??? defaults 0 0

2.準備應答文件

[root@CENTOS7 html]#mkdir ksdir{6,7}

[root@CENTOS7 html]#ls

centos6? centos7? index.html? ksdir6? ksdir7

[root@CENTOS7 html]#cd ksdir7

[root@CENTOS7 ksdir7]#cp /root/anaconda-ks.cfg .

[root@CENTOS7 ksdir7]#ls

anaconda-ks.cfg

[root@CENTOS7 ksdir7]#ll

total 4

-rw——- 1 root root 1896 May 26 13:15 anaconda-ks.cfg

[root@CENTOS7 ksdir7]#chmod 644 anaconda-ks.cfg

[root@CENTOS7 ksdir7]#ll

total 4

-rw-r–r– 1 root root 1896 May 26 13:15 anaconda-ks.cfg

[root@CENTOS7 ksdir7]#mv anaconda-ks.cfg ks7_desktop.cfg

[root@CENTOS7 ksdir7]#ls

ks7_desktop.cfg

ssh-keygen

ssh-copy-id 192.168.30.101

[root@CENTOS7 ksdir7]#vim ks7_desktop.cfg

auth –enableshadow –passalgo=sha512

# Use CDROM installation media

url –url=http://192.168.30.101/centos7/

# Use graphical install

firstboot –enable

ignoredisk –only-use=sda

# Keyboard layouts

keyboard –vckeymap=us –xlayouts=’us’

# System language

lang en_US.UTF-8

# Network information

network? –bootproto=dhcp –device=ens33 –onboot=on –ipv6=auto –activate

network? –hostname=CENTOS7.localdomain

# Root password

# System services

services –disabled=”chronyd”

# System timezone

timezone Asia/Shanghai –isUtc –nontp

# X Window System configuration information

xconfig? –startxonboot

# System bootloader configuration

bootloader –append=” crashkernel=auto” –location=mbr –boot-drive=sda

# Partition clearing information

reboot

zerombr

clearpart –none –initlabel

# Disk partitioning information

part swap –fstype=”swap” –ondisk=sda –size=2048

part /boot –fstype=”xfs” –ondisk=sda –size=1024

part / –fstype=”xfs” –ondisk=sda –size=51200

part /data –fstype=”xfs” –ondisk=sda –size=30720

%packages

@base

@core

@fonts

@gnome-desktop

@guest-agents

@guest-desktop-agents

@print-client

%addon com_redhat_kdump –enable –reserve-mb=’auto’

%end

%anaconda

pwpolicy root –minlen=6 –minquality=1 –notstrict –nochanges –notempty

pwpolicy user –minlen=6 –minquality=1 –notstrict –nochanges –emptyok

pwpolicy luks –minlen=6 –minquality=1 –notstrict –nochanges –notempty

%end

%post

systemctl enable autofs????????? 開機自動啟動autos

systemctl disable initial-setup-grahpical.service? 禁止centos7安裝后的選擇選項

systemctl set-default multi-user.target??? 開機進入字符界面

mkdir /root/.ssh

cat > /root/.ssh/authorized_keys << EOF

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcDS4PDn7SCKmFuKdchkwP3AZOm0srbvQDo38y+CXHV+AD3SOiyWgfaj1Hr+FJXsFLGNG3Xfjjmxqe9cQtGYtmvKpiV95fpPKBE6u9qERHAvuBL+jbMRL99WG+8FrZ3GEr0oi9YxSG9VHWxZO8vBMwBUniFEq+lgVwdkAZk2AvZSiBtMebQqOp5cH0hxvJu3BFXdhTsLKMffKSJ62ewADOS+n0O+4olom87i3PLJgq33Gwc+86JM1M+FD7UxWCUu8Ead7Xb2C6ZM6V6pc3vtV5/9/6OkNc8dvvIl3LzfytFKAH7KSvyIuU2CYFkbk9q3giJ/fEDu0W6cz26DhrjJBr root@CENTOS7.localdomain

EOF

rm -rf /etc/yum.repos.d/*

cat > /etc/yum.repos.d/base.repo << EOF

[base]

name=base

baseurl=file:///misc/cd

gegcheck=0

EOF

%end

[root@CENTOS7 ksdir7]#ksvalidator ks7_desktop.cfg

[root@CENTOS7 ~]#cd /var/lin/tftpboot

[root@CENTOS7 tftpboot]#mkdir pxelinux.cfg

[root@CENTOS7 tftpboot]#ls

pxelinux.cfg

這個pxelinux.0文件來自syslinux這個包

[root@CENTOS7 tftpboot]#rpm -ql syslinux | grep pxelinux.0

/usr/share/syslinux/gpxelinux.0

/usr/share/syslinux/pxelinux.0

[root@CENTOS7 tftpboot]#cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

[root@CENTOS7 tftpboot]#ls

pxelinux.0? pxelinux.cfg

[root@CENTOS7 tftpboot]#ls /misc/cd/isolinux

boot.cat? grub.conf?? isolinux.bin? memtest???? TRANS.TBL???? vmlinuz

boot.msg? initrd.img? isolinux.cfg? splash.png? vesamenu.c32?? （啟動菜單背景）

[root@CENTOS7 tftpboot]#cp /misc/cd/isolinux/vesamenu.c32 /var/lib/tftpboot/

[root@CENTOS7 tftpboot]#ls

pxelinux.0? pxelinux.cfg? vesamenu.c32

[root@CENTOS7 tftpboot]#tree

├── pxelinux.0

├── pxelinux.cfg

└── vesamenu.c32

1 directory, 2 files

[root@CENTOS7 tftpboot]#cp /misc/cd/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/

[root@CENTOS7 tftpboot]#ls

initrd.img? pxelinux.0? pxelinux.cfg? vesamenu.c32? vmlinuz

[root@CENTOS7 tftpboot]#tree

├── initrd.img

├── pxelinux.0

├── pxelinux.cfg

├── vesamenu.c32

└── vmlinuz

1 directory, 4 files

[root@CENTOS7 tftpboot]#cp /misc/cd/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

[root@CENTOS7 tftpboot]#tree

├── initrd.img

├── pxelinux.0

├── pxelinux.cfg

│?? └── default

├── vesamenu.c32

└── vmlinuz

[root@CENTOS7 tftpboot]#vim pxelinux.cfg/default

default vesamenu.c32

timeout 600

menu titel Auto Install Centos

label desktop

menu label ^Install desjtop CentOS 7

kernel vmlinuz

append initrd=initrd.img ks=http://192.168.30.101/ksdir7/ks7_desktop.cfg

label mini

menu label install ^mini CentOS 7

kernel vmlinuz

append initrd=initrd.img ks=http://192.168.30.101/ksdir7/ks7_mini.cfg

label local

menu default

menu label Boot from ^local drive

localboot 0xffff

menu end

在centos6上實現自動化安裝系統

[root@centos6 ~]#yum install httpd tftp-server dhcp syslinux

[root@centos6 ~]#chkconfig httpd on

[root@centos6 ~]#chkconfig tftp on

[root@centos6 ~]#chkconfig dhcpd on

[root@centos6 ~]#service httpd start

Starting httpd: httpd: apr_sockaddr_info_get() failed for centos6.localdomain

httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName

[? OK? ]

[root@centos6 ~]#service xinetd restart

Stopping xinetd:?????????????????????????????????????????? [? OK? ]

Starting xinetd:?????????????????????????????????????????? [? OK? ]

[root@centos6 ~]#rpm -ql dhcp

/usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample

[root@centos6 ~]#cat /etc/dhcp/dhcpd.conf

# DHCP Server Configuration file.

#?? see /usr/share/doc/dhcp*/dhcpd.conf.sample

#?? see ‘man 5 dhcpd.conf’

[root@centos6 ~]#cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

cp: overwrite `/etc/dhcp/dhcpd.conf’? yes

[root@centos6 ~]#vim /etc/dhcp/dhcpd.conf

# dhcpd.conf

# Sample configuration file for ISC dhcpd

# option definitions common to all supported networks…

option domain-name “example.org”;

option domain-name-servers 114.114.114.114,1.1.1.1;

default-lease-time 6000;

max-lease-time 7200;

# Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

#authoritative;

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

# No service will be given on this subnet, but declaring it helps the

# DHCP server to understand the network topology.

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.150 192.168.30.250;

option routers 192.168.30.254;

next-server 192.168.30.102;

filename “pxelinux.0″；

[root@centos6 ~]#service dhcpd start

[root@centos6 ~]#cd /var/www/html

[root@centos6 html]#rm -f *

[root@centos6 html]#ls

[root@centos6 html]#mkdir centos6

[root@centos6 html]#ls

centos6

[root@centos6 html]#mkdir ksdir6

[root@centos6 html]#ls

centos6? ksdir6

[root@centos6 html]#vim /etc/fstab

/dev/sr0??????????????????????????????? /var/www/html/centos6 iso9660 defaults 0 0

[root@centos6 html]#mount -a

[root@centos6 html]#cp /root/anaconda-ks.cfg ksdir6/ks6-mini.cfg

[root@centos6 html]#ls

centos6? ksdir6

[root@centos6 html]#cd ksdir6/

[root@centos6 ksdir6]#ls

ks6-mini.cfg

[root@centos6 ksdir6]#vim ks6-mini.cfg

# Kickstart file automatically generated by anaconda.

#version=DEVEL

install

url –url=http://192.168.30.102/centos6

lang en_US.UTF-8

keyboard us

network –onboot yes –device eth0 –bootproto dhcp –noipv6

rootpw? –iscrypted $6$EulmJzD3GuV3Toj2$.oqwavfA9E8x1LfgW5QHIqpf6yInwkc/BOYZrw.Vg6avhYBOZUIJNxQCMRTYQDZHGuH.LCjdlhil2nncpVyQD1

firewall –service=disabled

authconfig –enableshadow –passalgo=sha512

selinux –disabled

timezone Asia/Shanghai

bootloader –location=mbr –driveorder=sda –append=”crashkernel=auto rhgb quiet”

# The following is the partition information you requested

# Note that any partitions you deleted are not expressed

# here so unless you clear all partitions first, this is

# not guaranteed to work

clearpart –all

zerombr

reboot

text

part /boot –fstype=ext4 –size=1024

part / –fstype=ext4 –size=50000

part /data –fstype=ext4 –size=30000

part swap –size=2048

%packages

@core

autofs

%end

%post

useradd wang

echo magedu | passwd –stdin wang

cat > /root/.ssh/authorized_keys << EOF

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApdPy/F5QwUQ951vUIsGFbDn9P+d/VCEDD/4ilMrQLqUd7YQ4cbiboME1u9lgxKTRJXhM9oN8QSye6KnDhuKVfA3fpwvbMFR2yH4lghgyZIyVbjIALzzxK46FLcj35ad5VDbKyw2x1UgAYQkLffXoN8cd8OYl9dvsj9+rzYvd/aTgsPgzvj3FV+R+MUogb7oCUcFgEm4iwboWYTNPBkTJLtqLfXtfTLvTywX3xAzIWO2q5WaHPd0/iNKwJQ9Q5UsONfp1Z+lfPoS3kdvc4CRviJEUu+5OzGDPsqigBkE7t/MWji3io1+Q95DfPRgvt+g+lFKrAm0OfRRdKWcXCeNvhQ== root@centos6.localdomain

EOF

chmod 600 /root/.ssh/authorized_key

%end

[root@centos6 ksdir6]#ll

total 8

-rw——- 1 root root 4284 May 26 17:56 ks6-mini.cfg

[root@centos6 ksdir6]#chmod 644 ks6-mini.cfg

[root@centos6 ksdir6]#cd /var/lib/tftpboot

[root@centos6 tftpboot]#ls

[root@centos6 tftpboot]#mkdir pxelinux.cfg

[root@centos6 tftpboot]#updatedb

[root@centos6 tftpboot]#locate pxelinux.0

/usr/share/syslinux/gpxelinux.0

/usr/share/syslinux/pxelinux.0

[root@centos6 tftpboot]#cp /usr/share/syslinux/pxelinux.0 .

[root@centos6 tftpboot]#ls

pxelinux.0? pxelinux.cfg

[root@centos6 tftpboot]#ls /misc/cd/isolinux

boot.cat? grub.conf?? isolinux.bin? memtest???? TRANS.TBL???? vmlinuz

boot.msg? initrd.img? isolinux.cfg? splash.jpg? vesamenu.c32

[root@centos6 tftpboot]#cp /misc/cd/isolinux/{vmlinuz,initrd.ing} .

cp: cannot stat `/misc/cd/isolinux/initrd.ing’: No such file or directory

[root@centos6 tftpboot]#cp /misc/cd/isolinux/{vmlinuz,initrd.img} .

cp: overwrite `./vmlinuz’? y

[root@centos6 tftpboot]#ls

initrd.img? pxelinux.0? pxelinux.cfg? vmlinuz

[root@centos6 tftpboot]#cp /misc/cd/isolinux/isolinux.cfg pxelinux.cfg/default

[root@centos6 tftpboot]#cp /misc/cd/isolinux/vesamenu.c32 .

[root@centos6 tftpboot]#ls

initrd.img? pxelinux.0? pxelinux.cfg? vesamenu.c32? vmlinuz

[root@centos6 tftpboot]#cp /misc/cd/isolinux/boot.msg? .

cp: overwrite `./boot.msg’? y

[root@centos6 tftpboot]#cp /misc/cd/isolinux/splash.jpg? .

[root@centos6 tftpboot]#ls

boot.msg? initrd.img? pxelinux.0? pxelinux.cfg? splash.jpg? vesamenu.c32? vmlinuz

[root@centos6 tftpboot]#cd pxelinux.cfg/

[root@centos6 pxelinux.cfg]#vim default

[root@centos6 pxelinux.cfg]#tree

└── default

0 directories, 1 file

[root@centos6 pxelinux.cfg]#cd ..

[root@centos6 tftpboot]#tree

├── boot.msg

├── initrd.img

├── pxelinux.0

├── pxelinux.cfg

│?? └── default

├── splash.jpg

├── vesamenu.c32

└── vmlinuz

1 directory, 7 files

[root@centos6 pxelinux.cfg]#vim default

default vesamenu.c32

#prompt 1

timeout 600

menu title Welcome to CentOS 6.9!

label mini

menu label ^Install? a mini system

kernel vmlinuz

append initrd=initrd.img ks=http://192.168.30.102/ksdir6/ks6-mini.cfg

label local

munu default

menu label Boot from ^local drive

localboot 0xffff

自動安裝6，7系統

yum install httpd tftp-server dhcp syslinux

需要兩塊光盤光盤中放入cento7和centos6的everthing

systemctl enable httpd dhcpd tftp.socket

systemctl start httpd tftp.socket

cp /usr/share/doc/dhcp-4.2.5/dhcp.coonf.example /etc/dhcp/dhcpd.conf

vim /etc/dhcp/dhcpd.conf

subnet 192.168.30.0 netmask 255.255.255.0{

range 192.168.30.150 192.168.30.200;

next-server 192.168.30.101;

filename “pxelinux.0”;

}

systemctl start dhcpd

cd /var/www/html

mkdir centos{6,7}

echo /dev/sr0? /var/www/html/centos7?? iso9660 default 0 0 >> /etc/fstab

echo /dev/sr1? /var/www/html/centos6?? iso9660 default 0 0 >> /etc/fstab

mount -a

mkdir ksdir

cp ks6_mini.cfg ks7_desktop.cfg /var/www/html/ksdir

vim ks6_mini.cfg

url –url=http://192.168.30.101/centos6

vim ks7_desktop.cfg

url –url=http://192.168.30.101/centos7

cd /var/lib/tftpboot

mkdir pxelinux.cfg

mkdir centos{6,7}

cp /var/www.html/centos6/isolinux/{initrd.img,vmlinuz} centos6/

cp /var/www.html/centos7/isolinux/{initrd.img,vmlinuz} centos7/

cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot

cp /var/www/html/centos7/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinuxcfg/default

vim /var/lib/tftpboot/pxelinuxcfg/default

default menu.c32

tineout 600

menu titel www.magedu

lable centos7

menu lable install ^desktop centos7

kernel centos7/vmlinuz

append initrd=centos7/initrd.img ks=http://192.168.30.101 /ksdir/ks7_desktop.cfg

lable centos6

menu lable install ^mini centos6

kernel centos6/vmlinuz

append initrd=centos6/initrd.img ks=http://192.168.30.101 /ksdir/ks6_mini.cfg

label local

munu default

menu label Boot from ^local drive

localboot 0xffff

menu end

cp /usr/share/syslinux/pexlinux.0 /var/lib/tftpboot/

實驗：在centos7實現PXE安裝centos6,7

0 selinux ,firewall 關閉

1 安裝包

yum install dhcp tftp-server httpd syslinux

systemctl enable dhcpd httpd tftp.socket

systemctl start httpd

2 準備YUM源

mkdir /var/www/html/centos/{6,7}/ -pv

vim /etc/fstab 加下面行

/dev/sr0 ????????/var/www/html/centos/7??? iso9660 defaults??????? 0 0

/dev/sr1???????? /var/www/html/centos/6??? iso9660 defaults??????? 0 0

mount -a

3 準備ks文件

mkdir /var/www/html/ksdir/{6,7} -pv

cp /root/anaconda-ks.cfg? /var/www/html/ksdir/7/ks7_desktop.cfg

chmod +r /var/www/html/ksdir/7/ks7_desktop.cfg

[root@centos7 tftpboot]#tree /var/www/html/ksdir/

/var/www/html/ksdir/

├── ks6_mini.cfg

└── ks7_desktop.cfg

4 配置dhcp服務

cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf

vim /etc/dhcp/dhcpd.conf

[root@centos7 tftpboot]#cat /etc/dhcp/dhcpd.conf

option domain-name “magedu.org”;

option domain-name-servers 114.114.114.114,1.1.1.1;

option routers 192.168.30.200;

default-lease-time 86400;

max-lease-time 100000;

subnet 192.168.30.0 netmask 255.255.255.0 {

range 192.168.30.10 192.168.30.100;

option routers 192.168.30.254;

option domain-name-servers 8.8.8.8;

next-server 192.168.30.17;

filename “pxelinux.0”;

}

systemctl start dhcpd

5 準備PXE相關文件

rpm -ql syslinux

mkdir /var/lib/tftpboot/pxelinux.cfg/

cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot/

mkdir /var/lib/tftpboot/centos{6,7}

cp? /var/www/html/centos/7/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7/

cp? /var/www/html/centos/6/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6/

cp /var/www/html/centos/7/isolinux/isolinux.cfg? /var/lib/tftpboot/pxelinux.cfg/default

vim /var/lib/tftpboot/pxelinux.cfg/default

cat /var/lib/tftpboot/pxelinux.cfg/default

default menu.c32

timeout 600

menu title www.magedu.com

label centos7

menu label ^Install? Desktop CentOS? 7

kernel centos7/vmlinuz

append initrd=centos7/initrd.img ks=http://192.168.30.17/ksdir/ks7_desktop.cfg

label centos6

menu label install ^Mini CentOS 6

menu default

kernel centos6/vmlinuz

append initrd=centos6/initrd.img ks=http://192.168.30.17/ksdir/ks6_mini.cfg

label local

menu label Boot from ^local drive

localboot 0xffff

menu end

tree /var/lib/tftpboot/

/var/lib/tftpboot/

├── centos6

│?? ├── initrd.img

│?? └── vmlinuz

├── centos7

│?? ├── initrd.img

│?? └── vmlinuz

├── menu.c32

├── pxelinux.0

└── pxelinux.cfg

└── default

3 directories, 7 files

cobbler 介紹

?Cobbler:

?快速網絡安裝linux操作系統的服務，支持眾多的Linux發行版：Red Hat、

Fedora、CentOS、Debian、Ubuntu和SuSE，也可以支持網絡安裝windows

?PXE的二次封裝，將多種安裝參數封裝到一個菜單

?Python編寫

?提供了CLI和Web的管理形式

cobbler工作流程

cobbler 工作流程

? client裸機配置了從網絡啟動后，開機后會廣播包請求DHCP服務器（cobbler server）

發送其分配好的一個IP

? DHCP服務器（cobbler server）收到請求后發送responese，包括其ip地址

? client裸機拿到ip后再向cobbler server發送請求OS引導文件的請求

? cobbler server告訴裸機OS引導文件的名字和TFTP server的ip和port

? client裸機通過上面告知的TFTP server地址通信，下載引導文件

? client裸機執行執行該引導文件，確定加載信息，選擇要安裝的os，期間會再向

cobbler server請求kickstart文件和os image

? cobbler server發送請求的kickstart和os iamge

? client裸機加載kickstart文件

? client裸機接收os image，安裝該os image

cobbler 介紹

?安裝包

?cobbler 基于EPEL源

?cobbler 服務集成

? PXE

? DHCP

? rsync

? Http

? DNS

? Kickstart

? IPMI 電源管理

?檢查cobbler環境

?cobbler check

cobbler 相關術語

? 發行版：

? 表示一個操作系統版本，它承載了內核和 initrd 的信息，以及內核參數等其他數據

? 配置文件：

? 包含一個發行版、一個 kickstart 文件以及可能的存儲庫，還包含更多特定的內核參

數等其他數據

? 系統：

? 表示要配置的主機，它包含一個配置文件或一個鏡像，還包含 IP 和 MAC 地址、電源

管理（地址、憑據、類型）以及更為專業的數據等信息

? 存儲庫：

? 保存一個 yum 或 rsync 存儲庫的鏡像信息

? 鏡像：

? 可替換一個包含不屬于此類別的文件的發行版對象（例如，無法分為內核和 initrd 的

對象

cobbler 各種配置目錄說明

?安裝：yum install cobbler dhcp

?配置文件目錄 /etc/cobbler

/etc/cobbler/settings : cobbler 主配置文件

/etc/cobbler/iso/: iso模板配置文件

/etc/cobbler/pxe: pxe模板文件

/etc/cobbler/power: 電源配置文件

/etc/cobbler/user.conf: web服務授權配置文件

/etc/cobbler/users.digest: web訪問的用戶名密碼配置文件

/etc/cobbler/dhcp.template : dhcp服務器的的配置末班

/etc/cobbler/dnsmasq.template : dns服務器的配置模板

/etc/cobbler/tftpd.template : tftp服務的配置模板

/etc/cobbler/modules.conf : 模塊的配置文件

cobble安裝配置及實現自動化安裝系統

[root@CENTOS7 cd]# vim /etc/selinux/config

[root@CENTOS7 cd]# setenforce 0

[root@CENTOS7 cd]# getenforce

Permissive

[root@CENTOS7 cd]# systemctl stop firewalld

[root@CENTOS7 cd]# systemctl disable firewalld

Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

yum install cobbler dhcp（cobbler會自動安裝httpd和tftp）

systemctl enable cobblerd dhcpd httpd tftp

systemctl start cobblerd httpd tftp(dhcpd缺少配置文件所以暫時無法啟動)

配置cobbler

cobbler check

1.vim /etc/cobbler/setting

搜索server：127.0.0.1? （384行）

server：192.168.30.101

搜索next_server：127.0.0.1（272行）

next_server:192.168.30.101

搜索default_password(101行)

openssl passwd -1 生成新的密碼并復制到101行

manage_dhcp(242hang)

manage_dhcp: 1

禁用selinux和firewalld

cobbler get-loaders 自動下載tftpboot下所需要的文件

cobbler sync?? 同步到tftpboot下

systemctl restart cobblerd

vim/etc/cobbler/dhcp.template??? 通過cobbler的dhcp模板生成dhcp的配置文件

修改

subnet 192.168.30.101 netmask 255.255.255.0{

option routers 192.168.30.1；

option domain-name-servers 8.8.8.8；

rangge dynamic-bootp 192.168.30.150 192.168.30.200；

cobbler sync?? 同步

拷入安裝光盤

mkdir /mnt/cdrom0

mkdir /mnt/cdrom1

mount /dev/sr0 /mnt/cdrom0

mount /dev/sr1 /mnt/cdrom1

cobbler import –path=/mnt/cdrom1/ –centos6.9-x86_64? –arch=x86_64

cobbler import –path=/mnt/cdrom0/ –centos7.4-x86_64? –arch=x86_64

文件拷貝到 /var/www/cobbler/ks_mirror下的centos6.9-x86_64中

cobbler distro list??? 查看安裝版本

cat /var/lib/tftpboot/pxelinux/default?? 菜單已經自動生成

cobbler distro –htlp 查看cobbler distro用法

cobbler profile list?? 類似于應答文件

想刪除安裝版本先刪除應答文件

cobbler profile remove –name=centos-6.9-i386?? 刪除后/var/lib/tftpboot/pxelinux/default中的相應菜單已經刪除

cobbler distro remove –name=centos-6.9-i386

將自己自作的應答文件關聯其yum源

將應答文件傳到centos7中

ks6_mini.cfg

vim ks6_mini.cfg

url –url=$tree?? 修改此行（寫的是yum源路徑）

cp ks6_mini.cfg /var/lib/cobbler/kickstarts/

cobbler profile add –name=centos6.9-x86_64_mini –distro=centos-6.9-x86_64 –kickstart=/var/lib/cobbler/kickstarts/ks6_mini.cfg

cd /var/lib/tftpboot/images 中存放著不同版本的initrd.img和vmlinuz

cp ks7_desktop.cfg /var/www/cobbler/kickstarts/

vim ks7_desktop.cfg

url –url=$tree

cobbler profile add –name=centos7-x86_64_desktop –distro=centos-7.4-x86_64 –kickstart=/var/www/cobbler/kickstarts/ks7_desktop.cfg

cobbler profile report –name=centos-7.4-x86_64_desktop?? 查看其ks文件等信息

cobbler 目錄介紹

? 數據目錄

/var/lib/cobbler/config/: 用于存放distros，system，profiles 等信息配置文件

/var/lib/cobbler/triggers/: 用于存放用戶定義的cobbler命令

/var/lib/cobbler/kickstart/: 默認存放kickstart文件

/var/lib/cobbler/loaders/: 存放各種引導程序

? 鏡像目錄

/var/www/cobbler/ks_mirror/: 導入的發行版系統的所有數據

/var/www/cobbler/images/ : 導入發行版的kernel和initrd鏡像用于遠程網絡啟動

/var/www/cobbler/repo_mirror/: yum 倉庫存儲目錄

? 日志目錄

/var/log/cobbler/installing: 客戶端安裝日志

/var/log/cobbler/cobbler.log : cobbler日志

cobbler 命令介紹

?cobbler commands介紹

cobbler check 核對當前設置是否有問題

cobbler list 列出所有的cobbler元素

cobbler report 列出元素的詳細信息

cobbler sync 同步配置到數據目錄,更改配置最好都要執行下

cobbler reposync 同步yum倉庫

cobbler distro 查看導入的發行版系統信息

cobbler system 查看添加的系統信息

cobbler profile 查看配置信息

cobbler 重要的參數

?/etc/cobbler/settings中重要的參數設置

?default_password_crypted: “$1$gEc7ilpP$pg5iSOj/mlxTxEslhRvyp/”

?manage_dhcp：1

?manage_tftpd：1

?pxe_just_once：1

?next_server：< tftp服務器的 IP 地址>

?server：<cobbler服務器的 IP 地址>

cobbler 環境檢查

?執行Cobbler check命令會報如下異常

? 1 : The ‘server’ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This

should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

? 2 : For PXE to be functional, the ‘next_server’ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should

match the IP of the boot server on the PXE network.

? 3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders’ to download them, or, if you

only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and

can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32,

elilo.efi, and yaboot. The ‘cobbler get-loaders’ command is the easiest way to resolve these requirements.

? 4 : change ‘disable’ to ‘no’ in /etc/xinetd.d/rsync

? 5 : comment ‘dists’ on /etc/debmirror.conf for proper debian support

? 6 : comment ‘arches’ on /etc/debmirror.conf for proper debian support

? 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings)

is still set to ‘cobbler’ and should be changed, try: “openssl passwd -1 -salt ‘random-phrase-here’ ‘your-password-here’” to generate new

one

? 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use

them

cobbler 報錯解決

?執行Cobbler check報錯解決方式

?修改/etc/cobbler/settings文件中的server參數的值為提供cobbler服務的主機相

應的IP地址或主機名

?修改/etc/cobbler/settings文件中的next_server參數的值為提供PXE服務的主機

相應的IP地址

?如果當前節點可以訪問互聯網，執行“cobbler get-loaders”命令即可；否則，

需要安裝syslinux程序包，而后復制/usr/share/syslinux/{pxelinux.0,memu.c32}

等文件至/var/lib/cobbler/loaders/目錄中

?執行“chkconfig rsync on”命令即可

?執行“openssl passwd -1 生成密碼，并用其替換/etc/cobbler/settings文件中

default_password_crypted參數的值

cobbler 相關管理

?下載啟動菜單：

聯網：cobbler get-loaders

不聯網：cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot

?管理distro

?cobbler import –name=centos-6.9-x86_64 –path=/media/cdrom –arch=x86_64

?管理profile

?cobbler profile add –name=centos-6.9-x86_64-basic

–distro=centos-6.9-x86_64 –kickstart= /var/lib/cobbler/kickstarts/centos-6.9-

x86_64.cfg

cobbler 命令

?查看profiles

?cobbler profile list

?查看引導文件

?cat /var/lib/tftpboot/pxelinux.cfg/default

?同步cobbler配置

?cobbler sync

?多系統引導方案

?cobbler import –name=CentOS-7-x86_64 –path=/media/cdrom

cobbler distro list

cobbler profile list

cobbler sync

cobbler 實現步驟

?安裝包，并設置服務

?檢查配置

?根據上面提示修改配置

?下載啟動相關文件菜單

?配置DHCP服務

?分別導入centos的安裝源,并查看

?準備kickstart文件并導入cobbler

?測試

cobbler的web管理實現

?cobbler-web

提供cobbler的基于web管理界面，epel源

yum install cobbler-web

?認證方式

?認證方法配置文件：/etc/cobbler/modules.conf

?支持多種認證方法：

? authn_configfile

? authn_pam

cobbler的web管理實現

?使用authn_configfile模塊認證cobbler_web用戶

?vim /etc/cobbler/modules.conf

[authentication]

module=authn_configfile

?創建其認證文件/etc/cobbler/users.digest，并添加所需的用戶

htdigest -c /etc/cobbler/users.digest Cobbler admin

注意:添加第一個用戶時,使用“-c”選項，后續添加其他用戶時不要再使

用，cobbler_web的realm只能為Cobbler

cobbler的web管理實現

? 使用authn_pam模塊認證cobbler_web用戶

? vim /etc/cobbler/modules.conf

[authentication]

module = authn_pam

? 創建cobbler用戶：useradd cobbler

? vim /etc/cobbler/users.conf

[admins]

admin = “cobbler“

?Web訪問cobbler

?重啟cobblerd服務

?通過https://cobblerserver/cobbler_web訪問

yum install cobbler-web

systemctl restart httpd

網頁訪問時 https：//192.168.30.101/cobbler_web/

創建管理員身份賬號和密碼

vim /etc/cobbler/modules.conf

htdigest -c /etc/cobbler/users.digest Cobbler text1

vim /etc/cobbler/modules.conf

module= authn_pam

useradd -s /sbin/nologin? test2

ehco magedu |passwd –stdin test2

vim /etc/cobbler/users.conf

admin = “test2”

systemctl restart cobblerd

實驗:實現cobbler安裝

1 安裝包

yum install cobbler(EPEL) dhcp

systemctl enable cobblerd dhcpd httpd tftp

systemctl start cobblerd httpd tftp

2 cobbler check

3 vim /etc/cobbler/settings

server:cobberserverip

next_server:cobberserverip

defaut_password_cryptd: “xxxxxxxxxx”?? #openssl passwd -1 生成口令

manage_dhcp:1

4 cobber get-loaders 聯網

cobbler sync

5 vim /etc/cobbler/dhcp.template

subnet 192.168.30.0 netmask 255.255.255.0

range dynamic-bootp 192.168.30.10 192.168.30.200;

cobbler sync

systemctl restart dhcpd

/dev/sr0???????? 8490330? 8490330???????? 0 100% /mnt/cdrom0

/dev/sr1???????? 6049912? 6049912???????? 0 100% /mnt/cdrom1

cobbler import –path=/mnt/cdrom0 –name=CentOS_7.4-x86_64?? –arch=x86_64

cobbler import –path=/mnt/cdrom1 –name=CentOS_6.9-x86_64?? –arch=x86_64

cobbler distro list

#cat ks6_mini.cfg

url –url=$tree

cp ks7_desktop.cfg? ks6_mini.cfg??? /var/lib/cobbler/kicstarts/

cobbler profile add –name=CentOS_7.4-x86_64_Desktop –distro=CentOS_7.4-x86_64 –kickstart=/var/lib/cobbler/kicstarts/ks7_desktop.cfg

cobbler profile add –name=CentOS_6.9-x86_64_Mini –distro=CentOS_6.9-x86_64 –kickstart=/var/lib/cobbler/kicstarts/ks6_mini.cfg

刪除自帶的配置

cobbler profile remove –name=CentOS_7.4-x86_64

cobbler profile remove –name=CentOS_6.9-x86_64

8 web實現

yum install cobbler-web

systemctl restart httpd

htdigest -c /etc/cobbler/users.digest Cobbler test1

https://cobberserverip/cobbler_web/

本文來自投稿，不代表Linux運維部落立場，如若轉載，請注明出處：http://www.www58058.com/99612

相關推薦

Linux文件權限詳解

linux系統命令行安裝軟件

Linux系統基礎目錄結構及功能說明

liunx 命令

磁盤管理（二）

學習筆記（2）