|
|
示例拓扑如下,DHCP、TFTP、HTTP、PXE Server在1台主机上部署,KVM宿主机与NFS server分别在另2台主机上部署。
9 v* a# W$ S1 c4 A8 A$ }6 K7 ^' y- k
; J) J, a4 } G. T KVM虚机PXE方式自动安装示例-2629585-1* ?( w) s" I6 b4 q% Q- Y
$ O; }& S+ G3 f* i/ V+ o- D
确认主机CPU支持并打开了虚拟化支持(Intel/AMD),如果是多核CPU会有多个核的信息:
! B# k6 o. Z8 i6 \. E[root-KVM-1 ~]# egrep '(vmx|svm)' /proc/cpuinfo
) ^$ Z, m* q# A& l3 X! Sflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
- J" g( p% T& G2 }, j C2 dflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts2 T* X) T' ]. R% m9 I. I
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts) w4 ]. @% t3 G1 T# _
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts* ^, y( D9 t* ?" U- J
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
z- Z. t" ^" S6 L- C% Yflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
+ N" b6 [5 [% }% Z9 _* }, H) Tflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
" L/ ~) q; d% p: d1 E5 v9 eflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts, R- o" k; K, R+ ]7 m+ B2 y
" B. w* h1 }& Y% y$ v0 t确认主机加载了KVM内核模块并是在用状态:1 L( Q5 N/ H/ c' H
[root-KVM-1 ~]# lsmod | grep kvm
0 s/ T. E( @; m9 \( a) [kvm_intel 170086 8 / Z, v$ z5 j* A! v+ G% }& |! R
kvm 566340 1 kvm_intel
8 t/ h! g( K; Z5 y; ?irqbypass 13503 1 kvm
3 }. @2 v1 D; u, q2 { 1 _+ t" Q) [$ _
在KVM上创建2个虚机,本例中创建1个,另一个直接clone即可,虚机的网卡与系统网桥br0桥接:% F5 k3 e5 Y1 h1 f, f+ `
- l. I( q, k: \4 T1 X4 L[root-KVM-1 ~]# virsh list
Y5 W; c6 k3 U4 d) [1 F" d Id Name State: J) O9 `8 ~$ ^- y
----------------------------------------------------2 u) P$ S, Y% }% {9 \$ g1 I
7 centos7 running$ ^* N7 l$ }$ K- [8 A+ B8 M4 {4 N
8 centos7-clone running8 p8 z; u5 ~( H8 ^
[root-KVM-1 ~]# virsh domiflist centos71 O. ?8 u3 p" z; f7 Q3 p) p
Interface Type Source Model MAC) {. E0 p- B+ Q0 ]4 v0 t' a2 m; ]
-------------------------------------------------------
/ r" ?. y% ]. c! @; ivnet0 bridge br0 e1000 52:54:00:1c:c8:92
/ _1 n" S5 M! u1 d% o% s[root-KVM-1 ~]# virsh domiflist centos7-clone! [, {" I( [% v; A4 i
Interface Type Source Model MAC# l1 H% M: h7 z& t
-------------------------------------------------------
- [/ \" z# k: z8 o J! M7 y4 ]6 Wvnet1 bridge br0 e1000 52:54:00:ee:71:75
0 ]8 u' ~: s N. g+ Z% _3 W! f7 r! i6 S" |5 S2 |1 F
在dhcp server 的配置文件中主要包含下列内容:8 }# h" i! c% R. O8 a) C8 g
[root-PXE-server ~]# cat /etc/dhcp/dhcpd.conf " E; M: ?6 |1 ]6 U; @8 U( k7 T, {
#7 g8 Z7 T3 A/ f# R0 N
# DHCP Server Configuration file.
, H: T' x) @ }/ Q& C) n# see /usr/share/doc/dhcp*/dhcpd.conf.example$ Q( Z! T) u5 e' M4 A$ D
# see dhcpd.conf(5) man page
* W6 S8 t+ P( {# w5 T2 n! f#: ?, r4 Z! j/ y' Y* E
#ddns-uptate-style interim;! @# n2 U# K8 S4 Z' }
#ignore client-updates;
5 x- g0 g% D! Ffilename "pxelinux.0"; //pxe的引导镜像文件
: S! L4 }- h- E# g+ x8 `# l4 _, bnext-server 192.168.56.2;; l, E _3 a8 ]5 r5 W* y
subnet 192.168.56.0 netmask 255.255.255.0 {
6 y: _- E) o |option routers 192.168.56.2;
, g/ F! b4 Y% \+ O& p4 J2 Goption subnet-mask 255.255.255.0;
. ~, q f% b- B9 k3 e+ lrange dynamic-bootp 192.168.56.150 192.168.56.200;5 H' d$ s7 R$ S5 C$ ]1 f
default-lease-time 21600;
+ M$ c! h& r' ]; l* S4 u}
8 _3 _5 f9 `$ ]* g( S 需要将pxelinux.0镜像文件放到tftp server的目录中,该文件可以从系统光盘镜像或者系统中获得,同时还有内核文件、引导文件:9 w! q" R% W9 N: G1 s" e
[root-PXE-server ~]# ls /var/lib/tftpboot// Y( T+ }$ G/ q
boot.msg initrd.img pxelinux.0 pxelinux.cfg vesamenu.c32 vmlinuz/ [( N5 J- _9 Z
将CentOS7光盘复制到/var/www/html的mnt目录中:
: ]# d" L( ~" {$ L2 g) B[root-PXE-server html]# ls mnt
G; C, { h! R7 I; H) i3 I6 TCentOS_BuildTag EFI EULA GPL images isolinux LiveOS Packages repodata RPM-GPG-KEY-CentOS-7 RPM-GPG-KEY-CentOS-Testing-7 TRANS.TBL
; D5 ?% |* o, U 需要配置pxelinux.cfg目录下的default文件,已指示系统通过pxe加载镜像后进一步的动作,这里我们关注的是CentOS7标签,通过http方式结合kickstart自应答文件进行网络自动安装:
+ g* R# p0 H* J' b' I) B$ `# g) \2 c+ m( s7 y4 Z
[root-PXE-server pxelinux.cfg]# cat default ' m1 ~9 D* g" i) K0 P1 P* n
default CentOS7
6 ^: F# a- e% p" `#default vesamenu.c32
' G" P- W* g0 G2 `prompt 06 M, |3 g4 `' A+ X" p
timeout 300
0 d3 O$ R: [, m& kontimeout local
% G- |* h8 ~+ Z2 rdisplay boot.msg
5 E# o7 L7 ]) ~- ~6 MF1 boot.msg
% v) @, p9 D4 ^- |F2 options.msg) x7 e5 r# y" U. Z* K
F3 general.msg7 k3 h; x9 T& K# N$ f
F4 param.msg
9 Y' ?# L) m5 m7 T) C; vF5 rescue.msg: b! _- ]- \, B0 N
# Clear the screen when exiting the menu, instead of leaving the menu displayed.+ r0 x0 F' g6 z# E3 t7 H7 [1 o
# For vesamenu, this means the graphical background is still displayed without8 P4 F3 |) N/ u% _- \. l8 B0 Y5 s
# the menu itself for as long as the screen remains in graphics mode.
' `# b8 }7 W8 Nmenu clear
5 @6 c. y L0 Z, {menu background splash.png7 t' f0 n& f6 x {' n3 A
menu title CentOS 7
- \" l& S5 P; `menu vshift 8
0 p) I! j- c, _menu rows 18" H( c4 a \* b" D! B( l
menu margin 8
f6 ^+ W1 k6 Y& bmenu hidden3 x( @. E/ F. h; L& ^% E7 g, o/ y7 S1 U
menu helpmsgrow 15
, u$ C# S+ B; xmenu tabmsgrow 13
7 @7 L3 G2 f+ W. d# Border Area
) G: |4 U0 F, K8 jmenu color border * #00000000 #00000000 none9 s$ T. V" G4 n% S: w4 Z: t
# Selected item( R. S& m5 Z' r9 o* l& R
menu color sel 0 #ffffffff #00000000 none- g0 O4 A& ?1 Y+ X- l1 J- s
# Title bar
1 G- B! _3 G, R' k) _menu color title 0 #ff7ba3d0 #00000000 none9 |( g0 T7 V4 h% d' d' Q' k
# Press [Tab] message
# k7 H9 J2 t# xmenu color tabmsg 0 #ff3a6496 #00000000 none
' q4 v' Q" F6 e$ W2 O9 N- T5 o# Unselected menu item
4 z$ p4 A: {9 lmenu color unsel 0 #84b8ffff #00000000 none
( i! N6 Y9 R* r& s# Selected hotkey4 j, f6 e6 Q* ~) V# D" z
menu color hotsel 0 #84b8ffff #00000000 none
" S3 j. Y6 _" g! c. c* Y; l# Unselected hotkey
) S' W- m& J$ C- ]menu color hotkey 0 #ffffffff #00000000 none5 n$ U' y. q6 o5 N
# Help text/ c$ _, ~" H# M$ C: T6 K
menu color help 0 #ffffffff #00000000 none0 G) B5 L8 c) Z. @9 ^- o/ A3 V8 r
# A scrollbar of some type? Not sure.4 E6 y4 `4 B# {
menu color scrollbar 0 #ffffffff #ff355594 none
" {$ n' R6 D+ n! {& n# Timeout msg) e6 Z$ Q+ a+ Q, I
menu color timeout 0 #ffffffff #00000000 none
. ? H9 l: z" K- ~* Zmenu color timeout_msg 0 #ffffffff #00000000 none
% v' y+ w6 v% s4 r `# Command prompt text3 Z) Z, ], T2 _+ T
menu color cmdmark 0 #84b8ffff #00000000 none2 x7 R+ }( U# X! s) D9 p- A/ P
menu color cmdline 0 #ffffffff #00000000 none
7 @- I- F7 z& v7 [1 F6 O; j1 O# Do not display the actual menu unless the user presses a key. All that is displayed is a timeout message.
; k$ b& k8 Q' v X1 q2 imenu tabmsg Press Tab for full configuration options on menu items.# a8 F- s1 y9 t$ E
menu separator # insert an empty line& u" h5 W+ s- i- Z0 C
menu separator # insert an empty line* c! X& L5 H: i7 q2 g# E( N) r9 {
label CentOS7( {, k3 |- a8 C3 b9 p9 n% z. j6 t" W! o
kernel vmlinuz
6 t0 \& _2 M8 p, K( O$ Z" g append initrd=initrd.img ks=http://192.168.56.2/ks.cfg vga=normal devfs=nomount ramdisk_size=9216 nofb
- O& N8 w/ n5 f( N E9 ~ KS自应答文件可以通过system-config-kickstart工具生成,也可以复制系统中的anaconda目录中的样例,编辑生成:
, w' d1 q, n+ b) C8 u1 n* v2 T W KVM虚机PXE方式自动安装示例-2629585-2
( c/ {! `* G( h, Y( _, n. V9 u* @/ y8 S' b6 ]
本例中的ks应答文件主要配置了http网络安装的路径,以及root密码、硬盘分区、以及安装的基本软件包。& h2 \# q+ B$ `( n$ B! F$ M
[root-PXE-server pxelinux.cfg]# cat /var/www/html/ks.cfg
+ y# S5 x( A G, |- f* A5 t#platform=x86, AMD64, or Intel EM64T
3 B7 K3 @* e; R, h/ l" q, I- U7 n# s#version=DEVEL
2 D; B/ z- e! y/ V9 [2 Y1 ]0 G) \) b# Install OS instead of upgrade9 _. F' y, ]* u1 ~
install
" M7 W R) E# I' x/ I9 H# Keyboard layouts
) d- u( {% u2 z* |1 z# okeyboard 'us'
" i3 F9 g( F# q. e* _6 o# Root password
9 m( [2 @) w5 S2 [2 lrootpw --iscrypted $1$2g8RzvvY$YqlnUGED1Js5RAjnchHKK1# z. j% N) T7 O. U E3 P
# Use network installation
, Y1 h0 p i; t& i; H5 Qurl --url="http://192.168.56.2/mnt/"8 G, i. J y. b2 G# `" H1 {3 J u
# System language
2 ^, U' K/ Q' O& Tlang en_US0 i1 E' X2 N8 g e% ~6 G
# Firewall configuration! k6 g N; b4 \
firewall --disabled0 d* }( |' W+ z( a7 l" b) r) Z
# System authorization information
- u3 a4 _. G! E9 v* uauth --useshadow --passalgo=sha5129 n2 m; |) i4 H, Q+ c* ~
# Use graphical install
+ q5 v4 r2 x: M% ?& J5 [graphical
+ o6 O7 z; `+ ~& J0 T. R5 lfirstboot --disable9 p2 u8 H, H+ Q3 E* b& l! \
# SELinux configuration; O) P* {' _$ u: ^% R
selinux --disabled
2 m, j# X( t0 Q8 U2 s6 f4 [' Y; i# Network information; O/ V4 r" l" J! ]
network --bootproto=dhcp --device=eth0
) ?* S; z6 v! C7 L# Reboot after installation
8 @, j9 b3 j3 z- v$ o( ]/ Vreboot
% p. {6 }/ a" D# System timezone% r; H" ?! U9 T" }2 s
timezone Africa/Abidjan7 \# P! y' v# s2 ?" a
# System bootloader configuration [& }9 \: w+ P) O: {# v! y
bootloader --location=mbr , ~! W$ y! z0 j, m: j! v
# Clear the Master Boot Record
! S; h5 s1 G5 M) ^) a& [zerombr, F0 l1 ]" u5 R5 z4 Y* d8 ?) h
# Partition clearing information# N8 ~9 N' T& Z% c! p. r) l
clearpart --all --initlabel
5 Q8 Z6 f2 _ A0 A# Disk partitioning information
/ t2 q& Q% m8 o5 Rpart /boot --asprimary --fstype="ext3" --ondisk=sda --size=2000 ~. s& c0 A( Q0 d' m
part swap --fstype="swap" --ondisk=sda --size=1024
/ D1 E2 v& e4 s8 \# \3 q# X$ fpart / --fstype="ext3" --ondisk=sda --size=16384
0 a/ S8 I# y2 {( V" G8 i0 I%packages7 Y( {! ]% v1 u+ y: e: }7 r# W
@base9 v4 | R: i [) Z
%end! j, @# c8 Y3 \( e
! \- m* K( I9 j2 b* p3 P/ E/ V
在KVM中启动2个VM,虚机在启动的时候通过DHCP获得IP,同时活得PXE Server地址及启动镜像:( U1 @5 J0 r$ y
KVM虚机PXE方式自动安装示例-2629585-3! o3 Z( w0 i8 ~) S5 `
经过pxe引导过程后,开始加载配置文件中的linux内核及引导镜像:
# w3 M' P3 _% D# S* sKVM虚机PXE方式自动安装示例-2629585-4% \/ q+ d- i8 Q& ?; A+ F
内核与引导镜像加载完毕后,会进一步根据ks应道文件的指示通过http方式进行网络安装,可以看到root密码、硬盘分区、软件包安装都是根据应答文件中相应项目自动进行的,整个安装过程无需人工干预。6 K0 A* C7 l0 X- g% L
KVM虚机PXE方式自动安装示例-2629585-5; |; l# \; j3 F
安装过程结束后系统会根据自应答文件指示自动重启,系统就安装完毕了,最后附两个截图,图1为DHCP应答中关于next-server和file的;图2为PXE-kickstart 无人值守安装流程图。
9 n; ^" @8 h* S9 DKVM虚机PXE方式自动安装示例-2629585-6
! e7 ` r# {8 \- K- B/ `
' W0 O5 R% w! {# W( P! |0 ~KVM虚机PXE方式自动安装示例-2629585-7* r# |% i, ^3 }
谢谢。
0 _, ~& j" F* F) l {3 m' g0 X |
|
发表于 2022-4-11 16:19:12