本文共 8829 字,大约阅读时间需要 29 分钟。
PXE全自动化部署1、部署安装环境 1.1安装http [root@NTP ~]# yum install httpd –y [root@NTP ~]# chkconfig httpd on [root@NTP ~]# service httpd start 1.2安装tftp [root@NTP ~]# yum -y install tftp-server [root@NTP ~]# vi /etc/xinetd.d/tftp service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /var/lib/tftpboot disable = no #yes改为no per_source = 11 cps = 100 2 flags = IPv4 } [root@NTP ~]# /etc/init.d/xinetd restart [root@NTP ~]# chkconfig xinetd on 1.3安装selinux [root@NTP ~]# yum -y install syslinux 1.4安装DHCP [root@NTP ~]# yum -y install dhcp [root@NTP ~]# vi /etc/dhcp/dhcpd.conf ddns-update-style none; ignore client-updates; subnet 10.11.22.0 netmask 255.255.255.0 { option routers 10.11.22.189; #// dhcp地址 option subnet-mask 255.255.255.0; default-lease-time 21600; max-lease-time 43200; range 10.11.22.240 10.11.22.250; filename "pxelinux.0"; next-server 10.11.22.189; #//http 地址 host server1 { server-name "192.168.1.152"; next-server 192.168.1.152; hardware ethernet A4:BA:DB:36:10:41; fixed-address 192.168.1.241; filename "/pxelinux.0"; } } [root@NTP ~]# service dhcpd restart 1.5挂在光盘 [root@NTP ~]# mount /dev/cdrom /mnt [root@NTP ~]# cp -a /mnt/cdrom/* /var/www/html/ #复制光盘内容 1.6复制启动所需文件 [root@NTP ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/ [root@NTP ~]# cp /mnt/p_w_picpaths/pxeboot/initrd.img /var/lib/tftpboot/ [root@NTP ~]# cp /mnt/p_w_picpaths/pxeboot/vmlinuz /var/lib/tftpboot/ [root@NTP ~]# cp /mnt/isolinux/*.msg /var/lib/tftpboot/ [root@NTP ~]# mkdir /var/lib/tftpboot/pxelinux.cfg [root@NTP ~]# cp /mnt/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default2、配置default文件 [root@NTP ~]# vi /var/lib/tftpboot/pxelinux.cfg/default default ks #默认启动的是 'label ks' 中标记的启动内核 prompt 1 #显示 'boot: ' 提示符。为 '0' 时则不提示,将会直接启动 'default' 参数中指定的内容。 timeout 6 #在用户输入之前的超时时间,单位为 1/10 秒。 display boot.msg #显示某个文件的内容,注意文件的路径。默认是在/var/lib/tftpboot/ 目录下。 F1 boot.msg #按下 'F1' 这样的键后显示的文件。 F2 options.msg F3 general.msg F4 param.msg F5 rescue.msg label linux #'label' 指定你在 'boot:' 提示符下输入的关键字,比如boot: linux[ENTER] ,这个会启动'label linux' 下标记的kernel 和initrd.img 文件。 kernel vmlinuz #kernel 参数指定要启动的内核。 append initrd=initrd.img #append指定追加给内核的参数,能够在grub里使用的追加给 内核的参数,在这里也都可以使用。 label text kernel vmlinuz append initrd=initrd.img text label ks kernel vmlinuz append ks=http://10.11.22.189/ks.cfg initrd=initrd.img #告诉系统,从哪里获取ks.cfg文件 label local localboot 1 label memtest86 kernel memtest append - 3、配置KS.CFG文件 [root@NTP ~]# vi /var/www/html/ks.cfg #version=DEVEL # Firewall configuration firewall --disabled #关闭防火墙 # Install OS instead of upgrade install #表示安装系统而不是升级 text #text安装 # Use network installation url --url=http://10.11.22.189/ #安装介质的路径 # Root password rootpw 13790583593 #使用明文密码 #rootpw --iscrypted #密文密码 # System authorization information auth --useshadow --enablemd5 #系统认证信息 # Use graphical install graphical firstboot --disable #禁止安装后的Agent设置 # System keyboard keyboard us #键盘布局 # System language lang en_US #字符集设置 # SELinux configuration selinux --disabled #关闭selinux # Installation logging level logging --level=info #设置日志级别 # System timezone timezone --isUtc Asia/Shanghai #设置系统时区 # Network information network --bootproto=dhcp --device=eth0 --onboot=on #network --device eth0 --bootproto static --ip 10.11.22.250 --netmask 255.255.255.0 --gateway 10.11.22.1 --nameserver 202.96.128.86 --hostname leamon #网卡设置,主机名 # System bootloader configuration #key --skip #跳过秘钥认证,centos可以不用此项 bootloader --append="rhgb quiet" --location=mbr --driveorder=sda #系统引导相关设置 # Clear the Master Boot Record zerombr #清除MBR引导信息 # Partition clearing information clearpart --all --initlabel #clearpart --all #清除所有分区 #clearpart --all --drives=sda #清除sda上的所有分区 #clearpart --linux #清除llinux分区 # Disk partitioning information part swap --fstype="swap" --size=1024 part /boot --fstype="ext4" --size=200 part / --fstype="ext4" --size=1 --grow --asprimary # Reboot after installation reboot %packages #ntp #experct @base @core %post #设置DNS echo "nameserver 202.96.128.86" > /etc/resolv.conf #echo "nameserver 8.8.4.4" >> /etc/resolv.conf #同步时间 ntpdate cn.pool.ntp.org hwclock --systohc echo -e "*/3 * * * * root /usr/sbin/ntpdate cn.pool.ntp.org > /dev/null" >> /etc/crontab service crond restart #添加组 #groupadd maintain #groupadd develop #mkdir -p /home/maintain #mkdir -p /home/develop #添加用户 useradd user01 echo "123456"|passwd --stdin user01 #禁止root用户直接登录系统 #sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" '/etc/ssh/sshd_config' #service sshd restart #优化系统内核 echo -e "ulimit -c unlimited" >> /etc/profile echo -e "ulimit -s unlimited" >> /etc/profile echo -e "ulimit -SHn 65535" >> /etc/profile source /etc/profile sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf' echo -e "net.core.somaxconn = 262144" >> /etc/sysctl.conf echo -e "net.core.netdev_max_backlog = 262144" >> /etc/sysctl.conf echo -e "net.core.wmem_default = 8388608" >> /etc/sysctl.conf echo -e "net.core.rmem_default = 8388608" >> /etc/sysctl.conf echo -e "net.core.rmem_max = 16777216" >> /etc/sysctl.conf echo -e "net.core.wmem_max = 16777216" >> /etc/sysctl.conf echo -e "net.ipv4.netfilter.ip_conntrack_max = 131072" >> /etc/sysctl.conf echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.conf echo -e "net.ipv4.route.gc_timeout = 20" >> /etc/sysctl.conf echo -e "net.ipv4.ip_conntrack_max = 819200" >> /etc/sysctl.conf echo -e "net.ipv4.ip_local_port_range = 10024 65535" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_retries2 = 5" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_syn_retries = 1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_synack_retries = 1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_tw_len = 1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_keepalive_time = 120" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_keepalive_probes = 3" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_keepalive_intvl = 15" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_max_tw_buckets = 36000" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_max_syn_backlog = 262144" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_wmem = 8192 131072 16777216" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_rmem = 32768 131072 16777216" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf /sbin/sysctl -p #执行外部脚本 #cd /root #wget http://10.11.22.189/autoip.sh #sh /root/autoip.sh #:wq! #保存退出 #%end 转载于:https://blog.51cto.com/leamonzhang/1775091