PXE
- DHCP伺服器
- DHCP的實作
-
- DHCP服務
- DHCP伺服器
-
- 安裝DHCP伺服器
- 配置檔案
- 示例
- PXE安裝
-
- PXE原理
- centos7
- centos6
PXE(preboot execute environment,預啟動執行環境)是由Intel公司開發的最新技術,工作于Client/Server的網絡模式,支援工作站通過網絡從遠端伺服器下載下傳映像,并由此支援通過網絡啟動作業系統,在啟動過程中,終端要求伺服器配置設定IP位址,再用TFTP(trivial file transfer protocol)或MTFTP(multicast trivial file transfer protocol)協定下載下傳一個啟動軟體包到本機記憶體中執行,由這個啟動軟體包完成終端(用戶端)基本軟體設定,進而引導預先安裝在伺服器中的終端作業系統。
簡單來說PXE是可以基于網絡功能來為一個沒有作業系統的用戶端來安裝系統,它所依賴的服務有dhcp,tftp,fileserver以及kickstart。
DHCP伺服器
動态主機設定協定(英語:Dynamic Host Configuration Protocol,DHCP)是一個區域網路的網絡協定,使用UDP協定工作,主要有兩個用途:用于内部網或網絡服務供應商自動配置設定IP位址;給使用者用于内部網管理者作為對所有計算機作中央管理的手段。
DHCP工作原理:
- 用戶端使用mac位址向DHCP伺服器發送廣播,請求DHCP伺服器配置設定位址
- DHCP伺服器在收到請求之後,最先拿到請求的那台DHCP伺服器會向用戶端發送一個offer封包,其中包含用戶端能夠使用的位址。當然其他DHCP伺服器上的offer也會陸續到達。
- 但是用戶端隻能處理一個offer,是以它就向最先得到請求的DHCP服務發送響應封包。這時候用戶端還沒有真正得到位址,隻是将帶有ip位址的結果回複給伺服器。是以用戶端以廣播的形式再次發送給所有DHCP伺服器,DHCP伺服器根據用戶端發來的封包進行比對,如果一樣,就給用戶端位址響應,如果不一樣,直接丢棄
- DHCP伺服器向用戶端發送一個ACK封包
- 用戶端拿到位址。如果位址可用,就會加入到租約池中。到期自動釋放位址。如果位址不可用,将給DCP伺服器發送DHCP Decline封包,通知DHCP Server禁用這個IP位址,然後DHCP Client開始新的位址申請過程。
- 在租期到50%的時候,用戶端會以單點傳播的形式向DHCP發送request封包來續租位址,如果用戶端成功收到DHCP的ACK封包,則續約成功。如果沒有續約成功就繼續使用目前這個位址。
- 在使用租期到87.5%的時候,用戶端會以廣播的形式向DHCP伺服器發送REQUEST封包,如果收到DHCP的ACK封包,則續約成功,如果沒有就繼續使用,直到ip位址到期,用戶端向DCHP伺服器發送release封包來釋放這個位址,并開始申請新的ip位址
DHCP的實作
兩種服務:
- DHCP
- dnsmaq
DHCP服務
- 伺服器:
dhcp-server
67/udp
- 用戶端:
dhcpclient
68/udp
DHCP伺服器
安裝DHCP伺服器
[[email protected] ~]# yum install -y dhcp
配置檔案
[[email protected] ~]# rpm -ql dhcp
/etc/dhcp/dhcpd.conf
/usr/lib/systemd/system/dhcpd.service
/usr/lib/systemd/system/dhcrelay.service
....
dhcpd.conf是沒有内容的,需要将示例拷貝過來使用
[[email protected] ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
[[email protected] ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp:是否覆寫"/etc/dhcp/dhcpd.conf"? y
[[email protected] dhcp]# vim dhcpd.conf
1 # dhcpd.conf
2 #
3 # Sample configuration file for ISC dhcpd
4 #
5
6 # option definitions common to all supported networks...
7 option domain-name "example.org"; # 搜尋域。比如說你隻www,你在這邊定義了一個,它會自動給你不全後面的example.org
8 option domain-name-servers ns1.example.org, ns2.example.org;#DNS伺服器
9
10 default-lease-time 600; #預設租期
11 max-lease-time 7200; #最大租期
12
13 # Use this to enble / disable dynamic dns updates globally.
14 #ddns-update-style none;
15
16 # If this DHCP server is the official DHCP server for the local
17 # network, the authoritative directive should be uncommented.
18 #authoritative;
19
20 # Use this to send dhcp log messages to a different log file (you also
21 # have to hack syslog.conf to complete the redirection).
22 log-facility local7;
23
24 # No service will be given on this subnet, but declaring it helps the
25 # DHCP server to understand the network topology.
26
27 subnet 10.152.187.0 netmask 255.255.255.0 {#這個隻是個示例,不用填寫,隻給你一個參考
28 }
29
30 # This is a very basic subnet declaration. 這是一個基本的子網生命
31
32 subnet 10.254.239.0 netmask 255.255.255.224 {
33 range 10.254.239.10 10.254.239.20; #起始的網址
34 option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; #指明一些選項
35 }
36
37 # This declaration allows BOOTP clients to get dynamic addresses,
38 # which we don't really recommend.
39
40 subnet 10.254.239.32 netmask 255.255.255.224 {
41 range dynamic-bootp 10.254.239.40 10.254.239.60;
42 option broadcast-address 10.254.239.31;
43 option routers rtr-239-32-1.example.org;
44 }
45
46 # A slightly different configuration for an internal subnet.
47 subnet 10.5.5.0 netmask 255.255.255.224 { #一些選項的參考
48 range 10.5.5.26 10.5.5.30;
49 option domain-name-servers ns1.internal.example.org;
50 option domain-name "internal.example.org";
51 option routers 10.5.5.1;
52 option broadcast-address 10.5.5.31;
53 default-lease-time 600;
54 max-lease-time 7200;
55 }
56
57 # Hosts which require special configuration options can be listed in
58 # host statements. If no address is specified, the address will be
59 # allocated dynamically (if possible), but the host-specific information
60 # will still come from the host declaration.
61
62 host passacaglia {
63 hardware ethernet 0:0:c0:5d:bd:95;
64 filename "vmunix.passacaglia"; #指明主機的引導檔案,相當于bootloader,一會兒pxe會用到
65 server-name "toccata.fugue.com"; #指明引導檔案的ip位址。
66 }
67
68 # Fixed IP addresses can also be specified for hosts. These addresses
69 # should not also be listed as being available for dynamic assignment.
70 # Hosts for which fixed IP addresses have been specified can boot using
71 # BOOTP or DHCP. Hosts for which no fixed address is specified can only
72 # be booted with DHCP, unless there is an address range on the subnet
73 # to which a BOOTP client is connected which has the dynamic-bootp flag
74 # set.
75 host fantasia { # 為特定的主機綁定位址
76 hardware ethernet 08:00:07:26:c0:a5; #主機的mac位址
77 fixed-address fantasia.fugue.com; #配置設定的ip位址
78 }
79
80 # You can declare a class of clients and then do address allocation
81 # based on that. The example below shows a case where all clients
82 # in a certain class get addresses on the 10.17.224/24 subnet, and all
83 # other clients get addresses on the 10.0.29/24 subnet.
84
85 class "foo" {
86 match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
87 }
88
89 shared-network 224-29 {
90 subnet 10.17.224.0 netmask 255.255.255.0 {
91 option routers rtr-224.example.org;
92 }
93 subnet 10.0.29.0 netmask 255.255.255.0 {
94 option routers rtr-29.example.org;
95 }
96 pool {
97 allow members of "foo";
98 range 10.17.224.10 10.17.224.250;
99 }
100 pool {
101 deny members of "foo";
102 range 10.0.29.10 10.0.29.230;
103 }
104 }
示例
1)伺服器端
2)檢視伺服器端綁定的位址
3)檢視用戶端擷取情況
4)使用dhclient檢視
PXE安裝
PXE原理
- client向PXE server上的DHCP伺服器發送ip位址請求資訊,DHCP檢測client是否合法(主要是檢測client的網卡位址),如果合法就傳回client的ip位址,同時将啟動檔案pxelinux.0的位置消息一并傳給client
- client向PXE server上的TFTP伺服器發送擷取pelinux.0的請求消息,TFTP接收到請求之後在向client發送pelinux.0的大小資訊,試探client是否滿意,當TFTP收到client傳回的同意消息之後,向client發送pxelinux.0
- client接受到pxelinux.0
- client向TFTP server發送針對本機的配置資訊檔案(在FTP伺服器的pxelinux.cfg目錄下),TFTP将配置檔案發回client,繼而client根據配置檔案執行後繼續操作。
- client向TFTP發送linux核心請求資訊,TFTP收到消息後将核心檔案發送給client
- client向TFTP發送根檔案請求資訊,TFTP收到消息後将根檔案發送給client
- client啟動核心檔案
- client下載下傳安裝源檔案,讀取自動化安裝腳本
centos7
需要準備的前期工作:
- 服務:
tftp-server,httpd,dhcp
- 關閉iptables,selinux
1)檢查iptables和selinux
[[email protected] ~]# iptables -vnL
Chain INPUT (policy ACCEPT 2295 packets, 6442K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2085 packets, 153K bytes)
pkts bytes target prot opt in out source destination
[[email protected] ~]# getenforce
Disabled
2)安裝tftp-server httpd dhcp
[[email protected] ~]# yum install -y httpd tftp-server dhcp
3)測試tftp-server是否能連接配接
[[email protected] ~]# tftp 192.168.199.123
tftp> get fs111
tftp> exit
?Invalid command
tftp> quit
[[email protected] ~]# ls
anaconda-ks.cfg f1 fs111 install.log install.log.syslog
4)挂載CD光牒到httpd服務裡
[[email protected] ~]# mkdir /var/www/html/centos/7 -pv
mkdir: 已建立目錄 "/var/www/html/centos"
mkdir: 已建立目錄 "/var/www/html/centos/7"
[[email protected] ~]# mount /dev/sr0 /var/www/html/centos/7
mount: /dev/sr0 寫保護,将以隻讀方式挂載
5)建立ks檔案,放到httpd服務下
[[email protected] ~]# ls /var/www/html
centos ks7.cfg
#測試下是否可通路
6)準備DHCP伺服器
[[email protected] ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
[[email protected] dhcp]# cat dhcpd.conf
This is a very basic subnet declaration.
subnet 192.168.30.0 netmask 255.255.255.0 {
range 192.168.30.10 192.168.30.20;
option routers 192.168.30.1;
filename "pxelinux.0";
next-server 192.168.30.2;#位址一定要寫成同網段的,要不然沒法連
option domain-name-servers 1.1.1.1,114.114.114.114;
option domain-name "ydong.com";
default-lease-time 600;
max-lease-time 7200;
}
#隻修改了此處
- 安裝syslinux包為擷取pxelinux.0檔案
[[email protected] tftpboot]# yum install -y syslinux
8)将pxeliinux.0(相當于bootloader) 和menu.c32(菜單背景) 到tftp的預設/var/lib/tftpboot目錄下
[[email protected] tftpboot]# cp /usr/share/syslinux/{menu.c32,pxelinux.0} ./
[[email protected] tftpboot]# ls
menu.c32 pxelinux.0
9)複制CD光牒裡的核心
vmlinuz
和initrd檔案
initrd.image
到tftpboot目錄下
[[email protected] tftpboot]# cp /var/www/html/centos7/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/
[[email protected] tftpboot]# ls
initrd.img menu.c32 pxelinux.0 vmlinuz
10)複制CD光牒裡的isolinux.cfg(菜單選項)到tftpboot目錄下的
pxelinux.cfg檔案夾
裡。并且改名為default
[[email protected] tftpboot]# mkdir pxelinux.cfg
[[email protected] tftpboot]# ls
initrd.img menu.c32 pxelinux.0 pxelinux.cfg vmlinuz
[[email protected] tftpboot]# cp /var/www/html/centos7/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
[[email protected] tftpboot]# ls pxelinux.cfg
default
11)準備centos7的啟動菜單
[[email protected] isolinux]# cp vesamenu.c32 splash.png /var/lib/tftpboot/
[[email protected] tftpboot]# cat pxelinux.cfg/default
default vesamenu.c32 #由于menu.c32太醜了,我又重新複制了vesamenu.c32背景做菜單選項。
timeout 600
display boot.msg
# Clear the screen when exiting the menu, instead of leaving the menu displayed.
# For vesamenu, this means the graphical background is still displayed without
# the menu itself for as long as the screen remains in graphics mode.
menu clear
menu background splash.png
menu title CentOS 7
menu vshift 8
menu rows 18
menu margin 8
#menu hidden
menu helpmsgrow 15
menu tabmsgrow 13
# Border Area
menu color border * #00000000 #00000000 none
# Selected item
menu color sel 0 #ffffffff #00000000 none
# Title bar
menu color title 0 #ff7ba3d0 #00000000 none
# Press [Tab] message
menu color tabmsg 0 #ff3a6496 #00000000 none
# Unselected menu item
menu color unsel 0 #84b8ffff #00000000 none
# Selected hotkey
menu color hotsel 0 #84b8ffff #00000000 none
# Unselected hotkey
menu color hotkey 0 #ffffffff #00000000 none
# Help text
menu color help 0 #ffffffff #00000000 none
# A scrollbar of some type? Not sure.
menu color scrollbar 0 #ffffffff #ff355594 none
# Timeout msg
menu color timeout 0 #ffffffff #00000000 none
menu color timeout_msg 0 #ffffffff #00000000 none
# Command prompt text
menu color cmdmark 0 #84b8ffff #00000000 none
menu color cmdline 0 #ffffffff #00000000 none
# Do not display the actual menu unless the user presses a key. All that is displayed is a timeout message.
menu tabmsg Press Tab for full configuration options on menu items.
menu separator # insert an empty line
menu separator # insert an empty line
label linux
menu label ^Install CentOS 7
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.30.2/ks7.cfg quiet #這邊應該寫跟dhcp同網段的位址。
label local
menu label Boot from ^local drive
localboot 0xffff
menu separator # insert an empty line
menu separator # insert an empty line
label returntomain
menu label Return to ^main menu
menu exit
menu end
12)測試
安裝期間出了錯誤,都是将位址寫成了接外網的網卡位址,如果使用pxe安裝的話,一定都要基于本地的方式連接配接。
centos6
centos6和centos7差不多,隻是指令上的差別而已。為了不讓centos7上的DHCP影響,關閉7的dhcp服務。
添加網卡之後centos6報錯:
使用
ip a
指令檢視eth1的mac位址,然後添加到對應的配置檔案中即可
1)安裝服務
[[email protected] ~]# yum install -y httpd tftp-server dhcp
2)測試tftp-server能否使用
3)将CD光牒檔案挂載至httpd服務目錄下
[[email protected] html]# cat /etc/fstab
/dev/sr0 /var/www/html/centos6 iso9660 defaults 0 0
[[email protected] html]# mount -a
mount: block device /dev/sr0 is write-protected, mounting read-only
4)制作兩個ks檔案
[[email protected] html]# ls /var/www/html
centos6 ks6_desktop.cfg ks6_mini.cfg
5)配置dhcp伺服器
[[email protected] ~]# service dhcpd start
正在啟動 dhcpd: [确定]
32 subnet 192.168.30.0 netmask 255.255.255.0 {
33 range 192.168.30.10 192.168.30.20;
34 option routers 192.168.30.1;
35 filename "pxelinux.0";
36 next-server 192.168.30.2;
37 option domain-name-servers 114.114.114.114;
38 option domain-name "ydong.com";
39 default-lease-time 600;
40 max-lease-time 7200;
41 }
6)複制所需的檔案到tftpboot目錄下
1)
[[email protected] ~]# mkdir /var/lib/tftpboot/pxelinux.cfg
[[email protected] tftpboot]# ls /var/lib/tftpboot/
pxelinux.cfg
2)
[[email protected] tftpboot]# cp /usr/share/syslinux/{pxelinux.0,vesamenu.c32} /var/lib/tftpboot/
[[email protected] tftpboot]# ls
pxelinux.0 pxelinux.cfg vesamenu.c32
3)
[[email protected] tftpboot]# cp /var/www/html/centos6/isolinux/{boot.msg,initrd.img,vmlinuz} /var/lib/tftpboot/
[[email protected] tftpboot]# ls
boot.msg initrd.img pxelinux.0 pxelinux.cfg vesamenu.c32 vmlinuz
[[email protected] tftpboot]# cp /var/www/html/centos6/isolinux/splash.jpg /var/lib/tftpboot/
#因為在isolinux.cfg檔案中調用了這個圖檔,是以還得複制圖檔
4)
[[email protected] tftpboot]# cp /var/www/html/centos6/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
[[email protected] tftpboot]# cat /var/lib/tftpboot/pxelinux.cfg/default
default vesamenu.c32
#prompt 1
timeout 600
display boot.msg
menu background splash.jpg
menu title Welcome to CentOS 6.9!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color scrollbar 0 #ffffffff #00000000
label PXE_mini linux
menu label Instal ^mini system
menu default
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.30.2/ks6_mini.cfg
label PXE_desktop linux
menu label install ^desktop system
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.39.2/ks6_desktop.cfg
label local
menu label Boot from ^local drive
localboot 0xffff
7)測試