一、VMware 环境准备
1、准备一个虚拟交换机
PXE服务器和客户端在同一个虚拟交换机下通信。
如果是物理机的话就不用了,只要将PXE服务器和准备装机的设备网络打通就好了。
image.png
image.png
二、PXE 服务器端
1、添加一块网卡
编辑虚拟机设置 --> 添加 --> 网络适配器 --> 完成
指定该网卡使用新创建的VMnet2这个虚拟交换机
image.png
2、新网卡配置
[root@pxe_server ~]# ip a |grep ^[0-9] |awk '{print $2}'
lo:
ens33:
ens37: 新的网卡名字
[root@pxe_server ~]# cp /etc/sysconfig/network-scripts/{ifcfg-ens33,ifcfg-ens37}
[root@pxe_server ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE=Ethernet
DEVICE=ens37
PROXY_METHOD=none
BOOTPROTO=static
ONBOOT=yes
DEFROUTE=yes
IPADDR=192.168.88.8
# 该网卡是用的是VMnet2虚拟交换机,网段要注意是192.168.88.0
PREFIX=24
GATEWAY=192.168.88.2
DNS1=223.5.5.5
DNS2=114.114.114.114
重启网络服务
root@pxe_server ~]# systemctl restart network
3、关闭防火墙和selinux
systemctl stop firewalld && systemctl disable firewalld && \
setenforce 0 && \
sed -ri.bak 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
4、安装dhcp服务
[root@pxe_server ~]# yum -y install dhcp*
[root@pxe_server ~]# rpm -qc dhcp |grep dhcpd.conf
/etc/dhcp/dhcpd.conf 配置文件
这里暂时不对配置文件进行配置,后边装完cobbler服务之后,启用cobble管理dhcp,使用cobble自带的dhcp模板。
启动dhcp服务
[root@pxe_server ~]# systemctl restart dhcpd
5、部署tftp和xinetd服务
tftp服务不像ftp服务那样有单独的服务进程,它需要依赖于行xinetd服务来启动。或者说xinted是一个超级守护进程。
[root@pxe_server ~]# yum -y install xinetd tftp-server
[root@pxe_server ~]# rpm -qc tftp-server
/etc/xinetd.d/tftp tftp的配置文件
[root@pxe_server ~]# vim /etc/xinetd.d/tftp
service tftp
{
socket_type = dgram
protocol = udp
wait = no # 需要将yes修改为no
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot
disable = yes
per_source = 11
cps = 100 2
flags = IPv4
}
启动xinetd和tftp服务
[root@pxe_server ~]# systemctl start xinetd.service
[root@pxe_server ~]# systemctl start tftp.socket
[root@pxe_server ~]# ss -antpu |grep udp
udp UNCONN 0 0 *:67 *:* users:(("dhcpd",pid=1971,fd=7))
udp UNCONN 0 0 *:69 *:* users:(("xinetd",pid=1079,fd=5))
udp UNCONN 0 0 [::]:69 [::]:* users:(("systemd",pid=1,fd=40))
TFTP服务的读取和写入请求都是使用69端口,已经开启了
6、部署cobbler服务
cobbler的运行依赖于dhcp、tftp、rsync及dns服务,其中dhcp可由dhcpd(isc)提供,也可由dnsmasq提供;tftp可由tftp-server程序包提供,也可由cobbler功能提供,rsync有rsync程序包提供,dns可由bind提供,也可由dnsmasq提供。
cobbler可自行管理这些服务中的部分甚至是全部,但需要配置/etc/cobbler/settings文件中的“manange_dhcp”、“manager_tftpd”、“manager_rsync”、“manager_dns”分别来进行定义。
另外,由于各种服务都有着不同的实现方式,如若需要进行自定义,需要通过修改/etc/cobbler/modules.conf配置文件中各服务的模块参数的值来实现。
[root@pxe_server ~]# yum install cobbler cobbler-web pykickstart httpd -y
RPM包详解:
cobbler:cobbler程序包
cobbler-web:cobbler的web服务包
pykickstart:cobbler检查kickstart语法错误
httpd:Apache web服务
Cobbler目录详解
/etc/cobbler # 配置文件目录
/etc/cobbler/settings # cobbler主配置文件
/etc/cobbler/dhcp.template # DHCP服务的配置模板
/etc/cobbler/tftpd.template # tftp服务的配置模板
/etc/cobbler/rsync.template # rsync服务的配置模板
/etc/cobbler/iso # iso模板配置文件目录
/etc/cobbler/pxe # pxe模板文件目录
/etc/cobbler/power # 电源的配置文件目录
/etc/cobbler/users.conf # Web服务授权配置文件
/etc/cobbler/users.digest # web访问的用户名密码配置文件
/etc/cobbler/dnsmasq.template # DNS服务的配置模板
/etc/cobbler/modules.conf # Cobbler模块配置文件
/var/lib/cobbler # Cobbler数据目录
/var/lib/cobbler/config # 配置文件
/var/lib/cobbler/kickstarts # 默认存放kickstart文件
/var/lib/cobbler/loaders # 存放的各种引导程序
/var/www/cobbler # 系统安装镜像目录
/var/www/cobbler/ks_mirror # 导入的系统镜像列表
/var/www/cobbler/images # 导入的系统镜像启动文件
/var/www/cobbler/repo_mirror # yum源存储目录
/var/log/cobbler # 日志目录
/var/log/cobbler/install.log # 客户端系统安装日志
/var/log/cobbler/cobbler.log # cobbler日志
/var/www/cobbler/repo_mirror # repo源存放路径
cobbler常用命令
cobbler check #检查cobbler配置 ,主要用于检查cobbler配置是否有错
cobbler sync #同步配置到dhcp pxe和数据目录,更改某些配置后记得执行一下,同步一下配置。
cobbler list #列出所有的cobbler元素
cobbler import #导入安装的系统光盘镜像
cobbler report #列出各元素的详细信息
cobbler distro #查看导入的发行版系统信息,不但可以查看导入的发行版系统信息还可以增加与修改等
cobbler profile #查看配置信息 ,不但可以查看Kickstart文件而且还可以编辑与删除此文件
cobbler system #查看添加的系统信息
cobbler reposync #同步yum仓库到本地,同步远程的yum源到本地
cobbler signature update
cobbler --help #获得cobbler的帮助
cobbler distro --help #获得cobbler子命令的帮助
启动cobbler和httpd服务
[root@pxe_server ~]# systemctl start httpd.service
[root@pxe_server ~]# systemctl start cobblerd.service
一定要确保在启动httpd和cobbler服务的情况下检测cobbler,否则会报一堆python的找不到文件的错误
[root@pxe_server ~]# cobbler check
检测cobbler
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : comment out 'dists' on /etc/debmirror.conf for proper debian support
8 : comment out 'arches' on /etc/debmirror.conf for proper debian support
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
cobbler报错处理
问题1:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
1:必须将 /etc/cobbler/settings 中的'server'字段设置为localhost以外的字段,文件中是127.0.0.1,在/etc/hosts文件中被解析为localhost
要想对外提供服务,需要将 server: 该值设置为提供cobbler服务的主机(本文开始我们使用的是ens37网卡绑定在用作pxe装机的虚拟交换机上,这里就填写ens37网卡绑定的IP)
[root@pxe_server ~]# vim /etc/cobbler/settings cobbler的主配置文件
server: 192.168.88.8
问题二:
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
2:要使PXE正常运行,必须将 /etc/cobbler/settings 中的'next_server'字段设置为127.0.0.1以外的其他值,并且该字段应与PXE网络上的引导服务器的IP地址匹配。
[root@pxe_server ~]# vim /etc/cobbler/settings cobbler的主配置文件
next_server: 192.168.88.8 # 设置为TFTP服务器的IP地址
问题三:
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
[root@pxe_server ~]# vim /etc/xinetd.d/tftp
disable = no
问题四:
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
4:/var/lib/cobbler/loaders 中缺少某些网络启动加载程序,您可以运行'cobbler get-loaders'下载它们,balabala
/var/lib/cobbler/loaders 缺少pxe启动的一些引导文件,按照要求执行就完事了。执行完查看一下/var/lib/cobbler/loaders/是否有有生成文件。
[root@pxe_server cobbler]# cobbler get-loaders
[root@pxe_server ~]# ls /var/lib/cobbler/loaders/
COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README
COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot
问题五:
5 : enable and start rsyncd.service with systemctl
启动并且enable rsyncd服务
[root@pxe_server ~]# yum -y install rsync
[root@pxe_server ~]# systemctl start rsyncd && systemctl enable rsyncd
问题六:
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
未安装debmirror软件包,找到这个软件包,装它
[root@pxe_server ~]# yum provides debmirror |grep -ie debmirro
1:debmirror-2.30-4.el7.noarch : Debian partial mirror script, with ftp an
[root@pxe_server ~]# yum -y install debmirror-2.30-4.el7.noarch
问题七和八:
7 : comment out 'dists' on /etc/debmirror.conf for proper debian support
8 : comment out 'arches' on /etc/debmirror.conf for proper debian support
7:在/etc/debmirror.conf上注释掉“ dists”以获得适当的debian支持
8:在/etc/debmirror.conf上注释掉“ arches”以获得适当的debian支持
根据提示注释掉就完事了
[root@pxe_server ~]# vim /etc/debmirror.conf
#@dists="sid";
#@arches="i386";
问题九:
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9:样本模板为新安装的机器使用的默认密码(在 /etc/cobbler/settings 中的 default_password_crypted )仍然设置为'cobbler',并且应该更改,请尝试:“ openssl passwd -1 -salt'random-phrase- 在这里''您的密码在这里'”生成新的
让我们不要使用默认的密码,去修改密码,该密码是pxe_client装机之后的设置的root账户的密码
[root@pxe_server ~]# openssl passwd -1 -salt 'random-phrase-here'
Password: # 输入你要给pxe_client设置的root密码
$1$random-p$IO/fXG8fJj6WRStPMpzhU.
[root@pxe_server ~]# vim /etc/cobbler/settings
default_password_crypted: "$1$random-p$IO/fXG8fJj6WRStPMpzhU."
问题十:
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
可选)电源管理功能。 安装cman或fence-agents以使用它们
[root@pxe_server ~]# yum -y install fence-agents
同步cobbler
无论什么时候修改过cobber的任何配置文件,都需要执行cobbler sync 进行同步后才能生效
[root@pxe_server ~]# cobbler sync
[root@pxe_server ~]# systemctl restart cobblerd.service
同步完成之后再次核对cobbler
[root@pxe_server ~]# cobbler check
No configuration problems found. All systems go.
所有的问题都ok了。
让cobbler来管理dhcp
将manage_dhcp: 0改成manage_dhcp: 1即可
[root@pxe_server ~]# vim /etc/cobbler/settings
manage_dhcp: 1
修改cobbler的dhcp模板文件/etc/cobbler/dhcp.template再自动生成dhcp文件。修改如下几行即可
[root@pxe_server ~]# vim /etc/cobbler/dhcp.template
...
subnet 192.168.88.0 netmask 255.255.255.0 {
option routers 192.168.88.8; # 使用新添加的ens37网卡绑定的ip作为路由
option subnet-mask 255.255.255.0; # dhcp给客户端分配IP的子网掩码
range dynamic-bootp 192.168.88.10 192.168.88.100; # dhcp给客户端分配IP的范围
next-server 192.168.88.8; # tftp服务器的地址,同样使用新添加的ens37网卡绑定的ip,我们的tftp和dhcp等服务都是装在同一个设备上
...
[root@pxe_server ~]# systemctl restart cobblerd.service
[root@pxe_server ~]# cobbler check
[root@pxe_server ~]# cobbler sync # 执行完成之后同步dhcp服务,可以查看dhcp的服务的配置文件
[root@pxe_server ~]# cat /etc/dhcp/dhcpd.conf
# 其实是把我们cobbler的dhcp模板文件dhcp.template复制过去成为dhcp的配置文件
让cobbler管理tftp
tftp服务也可以通过cobbler的tftp模板配置文件/etc/cobbler/tftpd.template来统一修改,只要再cobbler的配置文件/etc/cobbler/settings 开启manage_tftpd: 1允许cobbler管理tftp即可
7、准备光盘或者镜像文件
如果是光盘的话,查看有没有/dev/sr0这个盘符。/dev/sr0 是光驱的设备名,虚拟机都是有的,在服务器上没有。在这里是为了后期的的生产环境的PXE装机准备,所以使用上传镜像挂载的方式。
[root@pxe_server ~]# ls /root/CentOS-7.6-x86_64-DVD-1810.iso
/root/CentOS-7.6-x86_64-DVD-1810.iso
挂载镜像
[root@pxe_server ~]# mkdir /mnt/centos7.6
[root@pxe_server ~]# mount /root/CentOS-7.6-x86_64-DVD-1810.iso /mnt/centos7.6/
mount: /dev/loop0 is write-protected, mounting read-only
8、导入iso镜像文件
使用cobbler的import命令从ISO安装镜像中导入安装所需要的程序包。数据文件较大,需等待。
--path:表示镜像所挂载的目录
--name:表示为安装源定义的名字
--arch:表示指定安装源是32位还是64位,目前支持的选项:x86,x86_64,ia64
[root@pxe_server ~]# cobbler import --path=/mnt/centos7.6/ --name=Centos-7.6-x86_64 --arch=x86_64
task started: 2021-03-15_171653_import
task started (id=Media import, time=Mon Mar 15 17:16:53 2021)
- 会把镜像导入/var/www/cobbler/ks_mirror/下。因此该目录所属的分区要有足够的空间(至少和你上传的镜像同样大小),我在因为根分区的空间不够导入失败,对根分区扩容后,执行cobbler distro remove --name=Centos-7.7-x86_64 将原来导入失败的删除。然后重新导入就好了。
[root@pxe_server ~]# du -sh /var/www/cobbler/ks_mirror/Centos-7.6-x86_64/
4.3G /var/www/cobbler/ks_mirror/Centos-7.6-x86_64/
镜像中的安装文件都在这个目录下,这个目录的大小和镜像文件一样大
[root@pxe_server ~]# ls /var/www/cobbler/ks_mirror/Centos-7.6-x86_64/
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
- 导入镜像后可以通过cobbler list 或者cobbler distro list来查看导入的结果
- distro 表示一个发行版本
- profile 则表示现有的镜像
[root@pxe_server ~]# cobbler distro list
Centos-7.6-x86_64
[root@pxe_server ~]# cobbler list
distros:
Centos-7.6-x86_64
profiles:
Centos-7.6-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
同时tftp服务的共享目录下也有了启动linux所需的文件,cobbler在导入镜像的时,同时会把内核vmlinuz和初始化镜像文件initrd.img复制到tftp共享目录下。
[root@pxe_server ~]# cd /var/lib/tftpboot/
[root@pxe_server tftpboot]# ls
boot grub images2 menu.c32 pxelinux.0 s390x
etc images memdisk ppc pxelinux.cfg yaboot
[root@pxe_server tftpboot]# ls images/Centos-7.6-x86_64/
initrd.img vmlinuz
9、最后的确认
[root@pxe_server ~]# systemctl restart httpd.service
[root@pxe_server ~]# systemctl restart dhcpd
[root@pxe_server ~]# systemctl restart tftp.socket
[root@pxe_server ~]# systemctl restart rsyncd
[root@pxe_server ~]# systemctl restart cobblerd.service
[root@pxe_server ~]# cobbler sync
确保所有的服务开启,以及所做过的修改都同步生效
[root@pxe_server ~]# systemctl enable httpd dhcpd tftp.socket rsyncd cobblerd.service
cobbler sync同步其中有个操作就是修改pxelinux.0的配置文件
[root@pxe_server ~]# vim /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL Centos-7.6-x86_64
kernel /images/Centos-7.6-x86_64/vmlinuz
MENU LABEL Centos-7.6-x86_64
append initrd=/images/Centos-7.6-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.88.8/cblr/svc/op/ks/profile/Centos-7.6-x86_64
ipappend 2
MENU end
三、PXE客户端装机验证
新建一台虚拟机进行验证(不要选择光盘镜像文件哦),使用最开始准备的VMnet2虚拟交换机。
如果是物理机就保证和服务器的网络畅通就好了。
image.png
image.png
开机,选择创建的distro发行版Centos-7.6-x86_64,接下来就是装机等待时间。
image.png
