|
|
示例拓扑如下,DHCP、TFTP、HTTP、PXE Server在1台主机上部署,KVM宿主机与NFS server分别在另2台主机上部署。
1 K6 @" z/ u# W; K: k* h# p
: {$ F8 S9 b6 U' L7 {; y KVM虚机PXE方式自动安装示例-2629585-1
; d7 N" v/ D) ?
; r0 P+ U. k! ?; r: e9 q确认主机CPU支持并打开了虚拟化支持(Intel/AMD),如果是多核CPU会有多个核的信息:
1 ]8 e7 x( e; Z[root-KVM-1 ~]# egrep '(vmx|svm)' /proc/cpuinfo ( a2 {' g: X3 X! S
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
! D {7 `' A( u- x) g2 c* z: x6 c. \flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts6 }# K! U3 ~6 }
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts- }; f2 y- j0 H6 L% u4 N6 [
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
3 s# g2 k5 a' g |* `: U. t1 Tflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts. m m0 {9 ?& r' [
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
5 ~$ b% ~0 u4 I4 ^8 a' Y4 I* w4 Qflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts' j) z' a* l7 i2 Y( h
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm epb tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep dtherm arat pln pts
/ S! U D9 @, d7 M/ w9 y* V5 o; M P* S H5 Y7 W
确认主机加载了KVM内核模块并是在用状态:* k) k0 J5 @$ u
[root-KVM-1 ~]# lsmod | grep kvm4 E2 B! D# @3 f: a! T5 g
kvm_intel 170086 8 : o4 z* C- N. F1 A( m. ]) o+ F
kvm 566340 1 kvm_intel
7 E$ |: M1 f$ s. |( b9 o% W( virqbypass 13503 1 kvm
/ R4 p0 ~2 Q4 ?/ d2 W 2 {# \" N! T! [( |
在KVM上创建2个虚机,本例中创建1个,另一个直接clone即可,虚机的网卡与系统网桥br0桥接:
% |/ b9 h4 S& m! o7 K/ Q5 z( b) |! y3 Y1 k6 H
[root-KVM-1 ~]# virsh list: E& k& }; T) j
Id Name State5 `) {" A% p1 |' Z
----------------------------------------------------
f1 t5 r' m# Z& K! y" z8 c 7 centos7 running# `8 Y6 B( ~' F! Q
8 centos7-clone running
- I9 M( k+ W; D* u) ^ p R[root-KVM-1 ~]# virsh domiflist centos7' D" x: [' P2 v6 V" C1 p
Interface Type Source Model MAC
- R9 Y+ O1 p! `. r( \( t-------------------------------------------------------
3 i8 n: O; f# c; ivnet0 bridge br0 e1000 52:54:00:1c:c8:929 O: L) Y3 g& J }" P) b
[root-KVM-1 ~]# virsh domiflist centos7-clone: d0 N2 D& d3 c; a7 G+ G
Interface Type Source Model MAC5 U9 H# @* I( i+ g; `, @1 W1 N
-------------------------------------------------------8 @7 `5 _5 {# h) V8 Q
vnet1 bridge br0 e1000 52:54:00:ee:71:75
/ M2 u; V z2 e4 T- s; ]9 B: V
. n. d+ n6 y; j8 Y在dhcp server 的配置文件中主要包含下列内容:. H8 T$ t7 T% x$ N- t. w: Z
[root-PXE-server ~]# cat /etc/dhcp/dhcpd.conf
4 e/ c( C- `. }#& J, |! L9 l/ }: Z2 g
# DHCP Server Configuration file.
4 n u8 ]2 I: }8 o0 V# see /usr/share/doc/dhcp*/dhcpd.conf.example5 y6 v v0 z! c) \, r6 z4 v
# see dhcpd.conf(5) man page
3 C" ?9 f9 H; t1 V* D& G#$ t5 W# K/ R& _, L9 J/ }% q
#ddns-uptate-style interim;, ]. [. P6 z& b1 o0 k' x8 y
#ignore client-updates;0 L) V g: l2 K! i6 K) c
filename "pxelinux.0"; //pxe的引导镜像文件
4 O+ W9 ?6 B& I1 K x# _next-server 192.168.56.2;
* {2 @, d, ~$ Z3 ?# e+ C, rsubnet 192.168.56.0 netmask 255.255.255.0 {
/ c+ j- Q# V2 i% u+ S( n. v* ], eoption routers 192.168.56.2;+ X( S0 T- b4 ], d2 d+ y" B3 M- A
option subnet-mask 255.255.255.0;: a6 V, O1 T0 [9 i' I' r( I
range dynamic-bootp 192.168.56.150 192.168.56.200;. X& R0 t' F9 _+ `
default-lease-time 21600;
. s7 {. v5 K! d& z+ [}; t7 E) k5 \6 B
需要将pxelinux.0镜像文件放到tftp server的目录中,该文件可以从系统光盘镜像或者系统中获得,同时还有内核文件、引导文件:7 i" ~$ b2 Y: H; g5 \; g
[root-PXE-server ~]# ls /var/lib/tftpboot/
7 A) o: ^3 u W8 K3 D7 @8 Jboot.msg initrd.img pxelinux.0 pxelinux.cfg vesamenu.c32 vmlinuz" M) s' E u. B1 q# f/ S8 v, @
将CentOS7光盘复制到/var/www/html的mnt目录中:
, d8 T! B6 {& e, U; d2 k0 y& F6 t# e[root-PXE-server html]# ls mnt
8 b; ^/ a) f1 \0 R' u, @CentOS_BuildTag EFI EULA GPL images isolinux LiveOS Packages repodata RPM-GPG-KEY-CentOS-7 RPM-GPG-KEY-CentOS-Testing-7 TRANS.TBL7 c/ V0 M" {6 q i; D
需要配置pxelinux.cfg目录下的default文件,已指示系统通过pxe加载镜像后进一步的动作,这里我们关注的是CentOS7标签,通过http方式结合kickstart自应答文件进行网络自动安装:
9 v- Q: {# G, ^8 X7 _3 a. d* [1 D/ q+ {, ?5 J
[root-PXE-server pxelinux.cfg]# cat default
! H( M6 A; u8 Y; i7 T$ k: Ddefault CentOS7
2 H& ~; L# l) c$ ?4 g#default vesamenu.c32
6 x Q, k5 X' s* Q2 }7 hprompt 0
" L0 Q6 j8 A7 N9 g$ Ttimeout 300* M1 Y2 U4 [, R( _
ontimeout local3 U6 q/ V1 e6 b* G6 @$ a
display boot.msg! {, x) y* w0 t9 i5 c) @% U
F1 boot.msg
6 ]3 R& D3 }0 E, E4 w; T b8 GF2 options.msg
$ l* R' u6 @ q# p; Z7 p0 oF3 general.msg: D6 d# `7 u' J* s" R2 Q5 l+ u# P4 r1 ~( J
F4 param.msg
. W& k0 I" o0 [. ]F5 rescue.msg
. b8 m# |: a; ^, ] Z# Clear the screen when exiting the menu, instead of leaving the menu displayed.
/ S& h( p2 Q! b/ L& v6 t- ^# For vesamenu, this means the graphical background is still displayed without4 b* y% C. \* v; x8 l6 U; _
# the menu itself for as long as the screen remains in graphics mode.
# _1 J) |4 x0 O ^. h3 ^menu clear% S0 \5 H5 C8 X1 r
menu background splash.png! k3 d. P# b w# \% |& m
menu title CentOS 7 {* o7 J* D5 s
menu vshift 8- n0 n0 s3 o+ N1 q
menu rows 186 q/ m$ r) L/ } ~. Y1 I7 Q4 \
menu margin 8! X& M: O; M( ~5 p7 s! U7 R
menu hidden
/ ?# B, r7 O( q! z- Hmenu helpmsgrow 15* t4 N5 Y0 L- y2 Z7 t+ d
menu tabmsgrow 13
1 _+ l% [" q/ T; y0 ^* {, E5 O' N% r# Border Area; D9 w& ?$ `! f
menu color border * #00000000 #00000000 none) W- @8 h2 t1 R+ Y$ _ E1 X$ K
# Selected item8 @; D n) A) j R6 e, J6 M. w
menu color sel 0 #ffffffff #00000000 none+ @& L$ v. u) m3 l
# Title bar: a$ m- P3 F l3 N/ o, t
menu color title 0 #ff7ba3d0 #00000000 none' o7 Z9 ^) P* C1 f! e6 S2 w
# Press [Tab] message0 y9 T0 i: N9 w' c
menu color tabmsg 0 #ff3a6496 #00000000 none
5 r* }- o3 F0 g$ k1 \7 _# Unselected menu item
; p6 Q% B; d) V o7 e3 `; f& bmenu color unsel 0 #84b8ffff #00000000 none
4 E; M6 k, X, X& e1 v) L, P# Selected hotkey
7 L. \! ^2 q' V, _menu color hotsel 0 #84b8ffff #00000000 none
, j+ x; X$ |2 D% o# Unselected hotkey& t/ t5 k1 c/ `/ p- K' D- C
menu color hotkey 0 #ffffffff #00000000 none, r' e0 |' [! p$ P
# Help text) U0 z% R% _, F
menu color help 0 #ffffffff #00000000 none
W: s7 W" r1 ?+ o2 Q# A scrollbar of some type? Not sure.
- g7 [2 t" B4 C; l( p: I" Hmenu color scrollbar 0 #ffffffff #ff355594 none4 I N# U+ e7 }& I
# Timeout msg
: ~# ^" S9 L& z' r; f* {: K: f0 l# T/ j7 Bmenu color timeout 0 #ffffffff #00000000 none4 x1 ]5 g! v* |
menu color timeout_msg 0 #ffffffff #00000000 none7 P& v( e( I1 H+ ^7 ?
# Command prompt text
9 H1 l) ^; o5 D* [, e% D" }" z$ imenu color cmdmark 0 #84b8ffff #00000000 none
1 F/ b! d; r$ @; ?/ Z8 Zmenu color cmdline 0 #ffffffff #00000000 none+ a- g% I" y# i7 U7 d# u& S+ M m
# Do not display the actual menu unless the user presses a key. All that is displayed is a timeout message.
/ u& X: S/ N B' z/ h$ umenu tabmsg Press Tab for full configuration options on menu items.
# c: i6 {+ k( [! x* i+ A% }: Fmenu separator # insert an empty line
3 w( M& P" f* J" s6 bmenu separator # insert an empty line4 J* [* F8 Q- t2 O& c' m
label CentOS7
1 D/ M1 x: B3 z; X" d# G- T3 ?5 D& I+ W kernel vmlinuz" K- X6 v! Y6 _$ q' z8 n$ @3 W1 b" Z3 b
append initrd=initrd.img ks=http://192.168.56.2/ks.cfg vga=normal devfs=nomount ramdisk_size=9216 nofb
/ o( Q9 s$ q) u! a1 j- m; o$ D6 g KS自应答文件可以通过system-config-kickstart工具生成,也可以复制系统中的anaconda目录中的样例,编辑生成:3 h+ @. b; O3 b1 a
KVM虚机PXE方式自动安装示例-2629585-2/ I$ B% I9 {2 V% {! ]' B
: W7 }6 r0 [0 ^# b
本例中的ks应答文件主要配置了http网络安装的路径,以及root密码、硬盘分区、以及安装的基本软件包。& i! q% }- R u4 A* U2 d' {3 }) @
[root-PXE-server pxelinux.cfg]# cat /var/www/html/ks.cfg ) l0 Q5 W0 y% c) e9 {5 e+ D9 j; V
#platform=x86, AMD64, or Intel EM64T
0 V- P, H* B' `6 z% b. @#version=DEVEL! j- o8 r& z4 N' N7 g, @4 X7 x
# Install OS instead of upgrade
$ b* k' l1 ?' L$ T( O I }$ }install
: L' N+ C- `5 I# Keyboard layouts; e e. c, @+ T" c6 K
keyboard 'us'$ z7 W$ h, I: |2 N7 p; P
# Root password) M8 |6 E; s; K' H' ?6 C. }
rootpw --iscrypted $1$2g8RzvvY$YqlnUGED1Js5RAjnchHKK1
# f. }+ b. n6 T8 W; y3 n# Use network installation
% S; S1 \) f- l! q9 D* }. v+ v. rurl --url="http://192.168.56.2/mnt/"
1 I% T$ ]( v2 Y, |% U4 u$ J+ W# t+ Q# System language- x2 B- x7 |. ]9 Z4 _2 v( k
lang en_US
* v. G# O/ E4 ?% H7 L' b# Firewall configuration7 M, |0 R/ Q2 Y/ u+ E( ]0 U E
firewall --disabled
8 I% `1 H/ n' L# System authorization information, ]7 K" n9 m9 a1 V, z, |, J
auth --useshadow --passalgo=sha512
5 l0 M- I( [' \2 f8 @4 @# Use graphical install
2 F5 x! g2 O* I" E/ l, N8 k8 m! \graphical$ G3 e( g# S6 ~1 z4 X* Y9 S+ K
firstboot --disable
c# _, r$ ~6 G+ q# SELinux configuration/ j Y: p' A$ X; J( c
selinux --disabled
5 y- u6 k; m1 n/ {& u/ K# Network information
8 o; T) H/ b) x+ w6 rnetwork --bootproto=dhcp --device=eth00 D; z2 l$ q! ?7 _9 m
# Reboot after installation
" M' v0 L% e5 Y; oreboot8 y$ ^0 A! H6 C
# System timezone# O% N8 C8 |" q! @2 ? U, X1 o6 U
timezone Africa/Abidjan: a, C9 O/ _0 I2 ~/ v, g+ u
# System bootloader configuration
+ ?0 g" i" c- Sbootloader --location=mbr
5 U! U+ W5 p( _# q6 H0 |7 h9 G9 l# Clear the Master Boot Record
' q2 {, J" ~" _; i: y/ C P lzerombr
4 e3 K0 g/ z) x# r, b a. z4 Y s W% |# Partition clearing information
$ C3 B( v6 ~- Z# |clearpart --all --initlabel; W' w: q. t' X
# Disk partitioning information
/ q. S1 N1 `' }3 a$ N! dpart /boot --asprimary --fstype="ext3" --ondisk=sda --size=200
, Y9 O/ u% r( {. Cpart swap --fstype="swap" --ondisk=sda --size=1024
% ]0 K& L7 X# {4 P0 T- F0 T9 e% l, Fpart / --fstype="ext3" --ondisk=sda --size=16384% e, C9 m0 M7 x# P6 z# v- e
%packages
# u5 I9 s# I0 ?- L& X$ {# q@base
& ]* H- S/ [$ F5 n%end, }# s, y3 h& ?3 j9 Z
7 i6 X$ N8 }; I8 t; D% x/ t
在KVM中启动2个VM,虚机在启动的时候通过DHCP获得IP,同时活得PXE Server地址及启动镜像:9 K- w; r! m, F# ]9 N# t! }
KVM虚机PXE方式自动安装示例-2629585-30 X; l! H+ s3 c: d ?: M
经过pxe引导过程后,开始加载配置文件中的linux内核及引导镜像:
# }8 t9 J+ l- a. G* f8 b( V& s3 BKVM虚机PXE方式自动安装示例-2629585-4; j. k$ @% |8 d2 A" w9 `% K
内核与引导镜像加载完毕后,会进一步根据ks应道文件的指示通过http方式进行网络安装,可以看到root密码、硬盘分区、软件包安装都是根据应答文件中相应项目自动进行的,整个安装过程无需人工干预。( {+ F9 p$ c7 B% j/ h0 ^
KVM虚机PXE方式自动安装示例-2629585-5
9 t5 {7 H; C( H 安装过程结束后系统会根据自应答文件指示自动重启,系统就安装完毕了,最后附两个截图,图1为DHCP应答中关于next-server和file的;图2为PXE-kickstart 无人值守安装流程图。
$ O( d' N, Q* s; Q& h- xKVM虚机PXE方式自动安装示例-2629585-6
$ U1 n! j$ y$ x( d* J* a2 {% ?1 H: k( v6 i) k& ^# R
KVM虚机PXE方式自动安装示例-2629585-7
- G4 A+ Y2 R# W8 P谢谢。
/ R8 g$ ]" T4 N( {1 } |
|
发表于 2022-4-11 16:19:12