( UTF-8 Encoding. This page contains Chinese characters.) |

本網站是"非商業"(non-commercial)。
当前位置: 主页 > Technical Information Center > Linux > linux系统管理 >

Kickstart+HTTP+DHCP+TFTP全自动批量安装部署Linux系统

本文发布时间: 2019-Mar-22
说明:Kickstart服务器系统:CentOS 5.10 64位IP地址:192.168.21.128需要安装部署的Linux系统:CentOS 5.10 64位eth0(第一块网卡,用于外网)IP地址段:192.168.21.160-192.168.21.200eth1(第二块网卡,用于内网)IP地址段:10.0.0.160-10.0.0.200子网掩码:255.255.255.0网关:192.168.21.2DNS:8.8.8.8 8.8.4.4所有服务器均支持PXE网络启动实现目的:通过配置Kickstart服务器,全自动批量安装部署Linux系统具体操作:第一部分:在Kickstart服务器系统操作一、关闭SELINUXvi /etc/selinux/config#SELINUX=enforcing #注释掉#SELINUXTYPE=targeted #注释掉SELINUX=disabled #增加:wq! #保存退出setenforce 0 #使配置立即生效二、配置防火墙,开启TCP:80端口、UDP:69端口vi /etc/sysconfig/iptables #编辑-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #http服务需要此端口-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT #tftp服务需要此端口/etc/init.d/iptables restart #最后重启防火墙使配置生效三、安装http服务器yum install httpd #安装chkconfig httpd on #设置开机启动service httpd start #启动四、挂载系统安装镜像到http服务器站点目录上传系统安装镜像文件CentOS-5.10-x86_64-bin-DVD-1of2.iso到/usr/local/src/目录mkdir -p /var/www/html/os #创建挂载目录mount -t iso9660 -o loop /usr/local/src/CentOS-5.10-x86_64-bin-DVD-1of2.iso /var/www/html/os #挂载系统镜像vi /etc/fstab #添加以下代码。实现开机自动挂载/usr/local/src/CentOS-5.10-x86_64-bin-DVD-1of2.iso /var/www/html/os iso9660 defaults,ro,loop 0 0:wq! #保存退出备注:iso9660使用df -T 查看设备 卸载:umount /var/www/html/os五、安装tftp服务器yum install tftp tftp-server #安装vi /etc/xinetd.d/tftp #编辑service tftp{socket_type = dgramprotocol = udpwait = yesuser = rootserver = /usr/sbin/in.tftpdserver_args = -s /var/lib/tftpbootdisable = noper_source = 11cps = 100 2flags = IPv4}:wq! #保存退出service xinetd start #启动mkdir -p /var/lib/tftpbootcp /var/www/html/os/images/pxeboot/vmlinuz /var/lib/tftpbootcp /var/www/html/os/images/pxeboot/initrd.img /var/lib/tftpbootmkdir -p /var/lib/tftpboot/pxelinux.cfgcp /var/www/html/os/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default #拷贝启动菜单vi /var/lib/tftpboot/pxelinux.cfg/default #编辑修改default linuxprompt 0timeout 600display boot.msgF1 boot.msgF2 options.msgF3 general.msgF4 param.msgF5 rescue.msglabel linuxkernel vmlinuzappend initrd=initrd.img ks=http://192.168.21.128/ks.cfg ksdevice=eth0 ip=dhcplabel textkernel vmlinuzappend initrd=initrd.img textlabel kskernel vmlinuzappend ks initrd=initrd.imglabel locallocalboot 1label memtest86kernel memtestappend -:wq! #保存退出chmod 644 /var/lib/tftpboot/pxelinux.cfg/default #设置文件权限yum install syslinux #安装引导程序cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/ #拷贝引导文件到tftp服务器根目录六、安装DHCP服务器yum install dhcp #安装cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample /etc/dhcpd.conf #复制配置文件模板vi /etc/dhcpd.conf #编辑配置文件ddns-update-style interim; #设置DHCP服务器模式ignore client-updates; #禁止客户端更新subnet 192.168.21.0 netmask 255.255.255.0 { #设置网段option routers 192.168.21.2; #设置网关option subnet-mask 255.255.255.0; #设置子网掩码option domain-name-servers 8.8.8.8,8.8.4.4; #设置dns服务器地址range dynamic-bootp 192.168.21.160 192.168.21.200; #设置dhcp服务器IP地址租用的范围default-lease-time 21600; #默认租约时间max-lease-time 43200; #最大租约时间next-server 192.168.21.128; #tftp服务器地址filename "pxelinux.0"; #tftp服务器根目录下面的文件名}:wq! #保存退出vi /etc/sysconfig/dhcpd #指定DHCP服务的网络接口DHCPDARGS=eth0:wq! #保存退出dhcpd #测试dhcp服务器配置是否正确service dhcpd start #启动dhcp服务chkconfig dhcpd on #设置开机启动系统运维 www.osyunwei.com 温馨提醒:qihang01原创内容©版权所有,转载请注明出处及原文链接七、配置kickstart自动安装文件yum install system-config-kickstart #安装工具包cd /var/www/htmlvi ks.cfg #编辑# Kickstart file automatically generated by anaconda.installurl --url=http://192.168.21.128/os/lang en_US.UTF-8zerombr yeskey --skipkeyboard usnetwork --device eth0 --bootproto dhcp --onboot on#network --device eth0 --bootproto static --ip 192.168.21.250 --netmask 255.255.255.0 --gateway 192.168.21.2 --nameserver 8.8.8.8 --hostname CentOS5.10rootpw --iscrypted $1$QqobZZ1g$rYnrawi9kYlEeUuq1vcRS/firewall --enabled --port=22:tcpauthconfig --enableshadow --enablemd5selinux --disabledtimezone Asia/Shanghaibootloader --location=mbr --driveorder=sda# The following is the partition information you requested# Note that any partitions you deleted are not expressed# here so unless you clear all partitions first, this is# not guaranteed to work#clearpart --linuxclearpart --all --initlabelpart / --bytes-per-inode=4096 --fstype="ext3" --size=2048part /boot --bytes-per-inode=4096 --fstype="ext3" --size=128part swap --bytes-per-inode=4096 --fstype="swap" --size=500part /data --bytes-per-inode=4096 --fstype="ext3" --grow --size=1reboot%packagesntpexpect@base@core@dialup@editors@text-internetkeyutilstrousersfipscheckdevice-mapper-multipath%post#同步系统时间ntpdate cn.pool.ntp.orghwclock --systohcecho -e "0 1 * * * root /usr/sbin/ntpdate cn.pool.ntp.org > /dev/null" >> /etc/crontabservice crond restart#添加用户组groupadd maintaingroupadd developmkdir -p /home/maintainmkdir -p /home/develop#添加用户useradd -g maintain user01 -d /home/maintain/user01 -mecho "123456"|passwd user01 --stdinuseradd -g maintain user02 -d /home/maintain/user02 -mecho "123456"|passwd user02 --stdinuseradd -g maintain user03 -d /home/maintain/user03 -mecho "123456"|passwd user03 --stdinuseradd -g maintain user04 -d /home/maintain/user04 -mecho "123456"|passwd user04 --stdin#禁止root用户直接登录系统sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" '/etc/ssh/sshd_config'service sshd restart#禁止开机启动的服务chkconfig acpid offchkconfig atd offchkconfig autofs offchkconfig bluetooth offchkconfig cpuspeed offchkconfig firstboot offchkconfig gpm offchkconfig haldaemon offchkconfig hidd offchkconfig ip6tables offchkconfig isdn offchkconfig messagebus offchkconfig nfslock offchkconfig pcscd offchkconfig portmap offchkconfig rpcgssd offchkconfig rpcidmapd offchkconfig yum-updatesd offchkconfig sendmail off#允许开机启动的服务chkconfig crond onchkconfig kudzu onchkconfig network onchkconfig readahead_early onchkconfig sshd onchkconfig syslog on#禁止使用Ctrl+Alt+Del快捷键重启服务器sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/g" '/etc/inittab'telinit q#优化系统内核echo -e "ulimit -c unlimited" >> /etc/profileecho -e "ulimit -s unlimited" >> /etc/profileecho -e "ulimit -SHn 65535" >> /etc/profilesource /etc/profilesed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf'echo -e "net.core.somaxconn = 262144" >> /etc/sysctl.confecho -e "net.core.netdev_max_backlog = 262144" >> /etc/sysctl.confecho -e "net.core.wmem_default = 8388608" >> /etc/sysctl.confecho -e "net.core.rmem_default = 8388608" >> /etc/sysctl.confecho -e "net.core.rmem_max = 16777216" >> /etc/sysctl.confecho -e "net.core.wmem_max = 16777216" >> /etc/sysctl.confecho -e "net.ipv4.netfilter.ip_conntrack_max = 131072" >> /etc/sysctl.confecho -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.confecho -e "net.ipv4.route.gc_timeout = 20" >> /etc/sysctl.confecho -e "net.ipv4.ip_conntrack_max = 819200" >> /etc/sysctl.confecho -e "net.ipv4.ip_local_port_range = 10024 65535" >> /etc/sysctl.confecho -e "net.ipv4.tcp_retries2 = 5" >> /etc/sysctl.confecho -e "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.confecho -e "net.ipv4.tcp_syn_retries = 1" >> /etc/sysctl.confecho -e "net.ipv4.tcp_synack_retries = 1" >> /etc/sysctl.confecho -e "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.confecho -e "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.confecho -e "net.ipv4.tcp_tw_len = 1" >> /etc/sysctl.confecho -e "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.confecho -e "net.ipv4.tcp_keepalive_time = 120" >> /etc/sysctl.confecho -e "net.ipv4.tcp_keepalive_probes = 3" >> /etc/sysctl.confecho -e "net.ipv4.tcp_keepalive_intvl = 15" >> /etc/sysctl.confecho -e "net.ipv4.tcp_max_tw_buckets = 36000" >> /etc/sysctl.confecho -e "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.confecho -e "net.ipv4.tcp_max_syn_backlog = 262144" >> /etc/sysctl.confecho -e "net.ipv4.tcp_wmem = 8192 131072 16777216" >> /etc/sysctl.confecho -e "net.ipv4.tcp_rmem = 32768 131072 16777216" >> /etc/sysctl.confecho -e "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf/sbin/sysctl -p#执行外部脚本cd /rootwget http://192.168.21.128/autoip.shsh /root/autoip.sh:wq! #保存退出八、添加脚本,自动设置Linux系统静态IP地址、DNS、网关、计算机名称cd /var/www/htmlvi autoip.sh #编辑#!/bin/shROUTE=$(route -n|grep "^0.0.0.0"|awk '{print $2}')BROADCAST=$(/sbin/ifconfig eth0|grep -i bcast|awk '{print $3}'|awk -F":" '{print $2}')HWADDR=$(/sbin/ifconfig eth0|grep -i HWaddr|awk '{print $5}')IPADDR=$(/sbin/ifconfig eth0|grep "inet addr"|awk '{print $2}'|awk -F":" '{print $2}')NETMASK=$(/sbin/ifconfig eth0|grep "inet addr"|awk '{print $4}'|awk -F":" '{print $2}')cat >/etc/sysconfig/network-scripts/ifcfg-eth0<<EOFDEVICE=eth0BOOTPROTO=staticBROADCAST=$BROADCASTHWADDR=$HWADDRIPADDR=$IPADDRNETMASK=$NETMASKGATEWAY=$ROUTEONBOOT=yesEOFIPADDR1=$(echo $IPADDR|awk -F"." '{print $4}')cat >/etc/sysconfig/network-scripts/ifcfg-eth1<<EOFDEVICE=eth1BOOTPROTO=staticBROADCAST=10.0.0.255HWADDR=$(/sbin/ifconfig eth1|grep -i HWaddr|awk '{print $5}')IPADDR=10.0.0.$IPADDR1NETMASK=255.255.255.0ONBOOT=yesEOFHOSTNAME=OsYunWei_HZ_$(echo $IPADDR|awk -F"." '{print $4}')cat >/etc/sysconfig/network<<EOFNETWORKING=yesNETWORKING_IPV6=noHOSTNAME=$HOSTNAMEGATEWAY=$ROUTEEOFecho "127.0.0.1 $HOSTNAME" >> /etc/hostshostname=$HOSTNAMEecho "nameserver 8.8.8.8" > /etc/resolv.confecho "nameserver 8.8.4.4" >> /etc/resolv.conf:wq! #保存退出第二部分:设置要安装的服务器从网络启动开机之后,如下图所示,系统已经自动安装系统运维 www.osyunwei.com 温馨提醒:qihang01原创内容©版权所有,转载请注明出处及原文链接备注:系统安装完成之后,第一启动请设置为硬盘,否则系统重新之后又自动安装系统了!至此,Kickstart+HTTP+DHCP+TFTP全自动批量安装部署Linux系统安装完成!


(以上内容不代表本站观点。)
---------------------------------
本网站以及域名有仲裁协议。
本網站以及域名有仲裁協議。

2024-Mar-04 02:10pm
栏目列表
不定时随机显示的文章

本网站以及域名有仲裁协议。本網站以及域名有仲裁協議。
2024-Mar-04 02:10pm
法律代表的电邮Email: [email protected]