安全前装备

# sed -i "s/\=enforcing/\=disabled/g" /etc/selinux/config

# setenforce 0

[[email protected] ~]# vi /etc/selinux/config

 [[email protected] ~]# systemctl stop firewalld

[[email protected] ~]# systemctl disable firewalld

# mkdir /etc/yum.repos.d/bak_repo_bak

# mv  /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak_repo_bak

 

cat <<END >/etc/yum.repos.d/kickstart.repo

[kickstart]

name=repo

baseurl=http://192.168.43.30:8080/YUMKickstart/

gpgcheck=0

enabled=1

proxy=_none_

END

[[email protected] ~]# yum repolist

Loaded plugins: fastestmirror

kickstart                                                                         | 3.0 kB  00:00:00    

kickstart/primary_db                                                              | 782 kB  00:00:00    

Determining fastest mirrors

repo id                                             repo name                                      status

kickstart                                           repo                                           418

repolist: 418

[[email protected] ~]# yum update -y   安装更新后再更改YUM源

 

# mkdir /etc/yum.repos.d/bak_repo_bak1

# mv  /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak_repo_bak1

 

cat <<END >/etc/yum.repos.d/kickstart.repo

[kickstart]

name=repo

baseurl=http://192.168.43.30:8080/YUMKickstart/

gpgcheck=0

enabled=1

proxy=_none_

END

[[email protected] ~]# yum repolist

Loaded plugins: fastestmirror

kickstart                                                                         | 3.0 kB  00:00:00    

kickstart/primary_db                                                              | 782 kB  00:00:00    

Determining fastest mirrors

repo id                                             repo name                                      status

kickstart                                           repo                                           418

repolist: 418

 

[[email protected] ~]# yum install -y vim net-tools

[[email protected] ~]# reboot

 

DHCP部署

[[email protected] ~]# yum -y install dhcp

[[email protected] ~]# rpm -ql dhcp |grep "dhcpd.conf"

/etc/dhcp/dhcpd.conf   # 查看配置文件位置

[[email protected] ~]# vim /etc/dhcp/dhcpd.conf

subnet 10.10.43.0 netmask 255.255.255.0 {

        range 10.10.43.100 10.10.43.200;

        option subnet-mask 255.255.255.0;

        default-lease-time 21600;

        max-lease-time 43200;

        next-server 10.10.43.110;

        filename "pxelinux.0";

}

[[email protected] ~]# cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/

[[email protected] ~]# vi /etc/systemd/system/dhcpd.service

[Unit]

Description=DHCPv4 Server Daemon

Documentation=man:dhcpd(8) man:dhcpd.conf(5)

Wants=network-online.target

After=network-online.target

After=time-sync.target

[Service]

Type=notify

#指定监听网卡ens34

ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid ens34

[Install]

WantedBy=multi-user.target

 

 

[[email protected] ~]# systemctl daemon-reload

[[email protected] ~]# systemctl restart dhcpd

[[email protected] ~]# systemctl enable dhcpd

[[email protected] ~]#  systemctl status dhcpd

[[email protected] ~]# netstat -tunlp|grep dhcp

[[email protected] ~]# tailf -30 /var/log/messages   #查看监听情况

 

 

 

 

 

TFTP部署

1. [[email protected] ~]# yum install -y tftp-server xinetd

1. [[email protected] ~]# vim /etc/xinetd.d/tftp

1. # default: off
2. # description: The tftp server serves files using the trivial file transfer \
3. #       protocol.  The tftp protocol is often used to boot diskless \
4. #       workstations, download configuration files to network-aware printers, \
5. #       and to start the installation process for some operating systems.
6. service tftp
7. {
8.         socket_type             = dgram
9.         protocol                = udp
10.         wait                    = yes
11.         user                    = root
12.         server                  = /usr/sbin/in.tftpd
13.         server_args             = -s /var/lib/tftpboot # 指定目录，保持默认，不用修改
14.         disable                 = no # 由原来的yes改为no
15.         per_source              = 11
16.         cps                     = 100 2
17.         flags                   = IPv4
18. }
19.  

#systemctl enable xinetd.service

#systemctl start xinetd.service

# systemctl status xinetd.service

# netstat -tunlp|grep 69

 

HTTP部署

1. # yum -y install httpd

1. # sed -i "277i ServerName 127.0.0.1:80" /etc/httpd/conf/httpd.conf

[[email protected] ~]# systemctl enable httpd

[[email protected] ~]# systemctl  restart httpd

[[email protected] ~]# systemctl status httpd

[[email protected] ~]# netstat -tunlp | grep 80

# mkdir /var/www/html/CentOS7

# mount /dev/cdrom /var/www/html/CentOS7

# 不管怎么弄，只要把安装光盘内容能通过web发布即可。因为是演示，如果复制镜像就有点浪费时间。但生产环境就一定要复制了，光盘读取速度是有限的。

 

浏览器访问 http://10.10.43.110/CentOS7   检验配置是否正确

 

PXE部署

 1.1 PXE引导配置（bootstrap）

syslinux是一个功能强大的引导加载程序，而且兼容各种介质。SYSLINUX是一个小型的Linux操作系统，它的目的是简化首次安装Linux的时间，并建立修护或其它特殊用途的启动盘。如果没有找到pxelinux.0这个文件,可以安装一下

 

1. [[email protected] ~]# yum -y install syslinux

1. [[email protected] ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
2. # 复制启动菜单程序文件
3. [[email protected] ~]# cp -a /var/www/html/CentOS7/isolinux/* /var/lib/tftpboot/
4. [[email protected] ~]# ls /var/lib/tftpboot/
5. boot.cat  grub.conf   isolinux.bin  memtest     splash.jpg  vesamenu.c32
6. boot.msg  initrd.img  isolinux.cfg  pxelinux.0  TRANS.TBL   vmlinuz
7. # 新建一个pxelinux.cfg目录，存放客户端的配置文件。
8. [[email protected] ~]# mkdir -p /var/lib/tftpboot/pxelinux.cfg
9. [[email protected] ~]# cp /var/www/html/CentOS7/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

 

 

 

编辑default文件，增加我们设置的PXE启动项

vi /var/lib/tftpboot/pxelinux.cfg/default

 

在一堆label 上面添加如下内容

 

label linux-nidey

menu label ^Install CentOS 7 by YZNU

kernel vmlinuz

append initrd=initrd.img inst.repo=http://10.10.43.110/CentOS7 quiet  

 

下面是KS才用的，先不要复制

menu label ^Install CentOS 7 by nidey
  menu default
  kernel vmlinuz
 append initrd=initrd.img inst.stage2=http://10.10.10.11/CentOS7 inst.ks=http://10.10.10.11/ks.cfg quiet

 

PXE配置文件default解析

配合虚拟机演示讲解default文件。新建一个虚拟机，注意内存需要给1G

KS#.cfg部署

[[email protected] html]# mkdir /var/www/html/ksdir

[[email protected] html]# cp /root/anaconda-ks.cfg ksdir/ks7.cfg        #可以不用这条

[[email protected] ksdir]# touch /var/www/html/ksdir/ks7.cfg

[[email protected] ksdir]#  chmod +r /var/www/html/ksdir/ks7.cfg        #非常重要

[[email protected] ksdir]# sudo vim /var/www/html/ksdir/ks7.cfg

# Kickstart Configurator for CentOS 7 by YZNU

install

url --url="http://10.10.43.110/CentOS7/"

text

lang en_US.UTF-8

keyboard us

zerombr

bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"

network  --bootproto=dhcp --device=ens33 --onboot=yes --ipv6=auto

network  --bootproto=dhcp --device=ens34 --onboot=yes --ipv6=auto

network  --hostname=localhost.localdomain

#network --bootproto=dhcp --device=eth1 --onboot=yes --noipv6 --hostname=CentOS7

timezone --utc Asia/Shanghai

authconfig --enableshadow --passalgo=sha512

rootpw  --iscrypted $6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/

#123456

clearpart --all --initlabel

part /boot --fstype xfs --size 1024

part swap --size 1024

part / --fstype xfs --size 1 --grow

firstboot --disable

selinux --disabled

firewall --disabled

logging --level=info

reboot

 

%packages

@^minimal

@core

%end

%post   

systemctl disable postfix.service

%end

 

修改/var/lib/tftpboot/pxelinux.cfg/default 文档

root&Centos7: ~#vim /var/lib/tftpboot/pxelinux.cfg/default

default vesamenu.c32

timeout 600

menu title CentOS Linux  PXE Install

 

label centos7   

      menu label Auto Install CentOS Linux ^7

      kernel vmlinuz

      append initrd=initrd.img ks=http://10.10.43.110/ksdir/ks7.cfg

 

label manual7    

      menu label ^Manual Install CentOS Linux 7

      kernel vmlinuz

      append initrd= initrd.img inst.repo=http://10.10.43.110/CentOS7 quiet

 

label local    

     menu default   

     menu label Boot from ^local drive

     localboot 0xffff

menu end