• 欢迎访问LLYCLOUD information technical share center (ITSC),Linux 安全,Linux 系统,推荐使用最新版火狐浏览器和Chrome浏览器访问本网站,欢迎加入LLYCLOUD QQ群
  • 如果您觉得本站非常有看点,那么赶紧使用Ctrl+D 收藏LLYCLOUD ITSC吧

12.YUM仓库服务与PXE网络装机

Linux安全与高级应用 Akide_Liu 10个月前 (02-01) 205次浏览 0个评论

需求描述:

搭建PXE装机服务器,为10台裸机安装系统

新装的客户机系统必须符合指定的要求

语言环境为中文,root密码设为redhat

包括基本组件、开发工具、LAMP平台

自动配置YUM软件仓库

实现思路:

构建PXE装机服务器

创建并部署ks.cfg自动应答文件

验证PXE批量自动装机

实验过程

1配置ip地址,关闭iptables,selinux

[[email protected] Desktop]# vim /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

HWADDR=00:0c:29:5b:3f:4e

TYPE=Ethernet

UUID=b52d7f37-153b-4221-8b99-956e62389dbf

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=none

IPADDR=192.168.1.16

NETMASK=255.255.255.0

IPV6INIT=no

USERCTL=no

[[email protected] Desktop]# iptables -F

[[email protected] Desktop]# iptables -X

[[email protected] Desktop]# setenforce 0

2.前期准备:

[[email protected] Desktop]# yum clean all

[[email protected] Desktop]# yum repolist

12.YUM仓库服务与PXE网络装机

需要配置yum

[[email protected] Desktop]# for i in vsftpd xinetd tftp-server syslinux dhcp; do yum -y install $i; done

3.配置tftp

[[email protected] Desktop]# vim /etc/xinetd.d/tftp

# default: off

# description: The tftp server serves files using the trivial file transfer \

# protocol. The tftp protocol is often used to boot diskless \

# workstations, download configuration files to network-aware printers, \

# and to start the installation process for some operating systems.

service tftp

{

socket_type = dgram

protocol = udp

wait = yes

user = root

server = /usr/sbin/in.tftpd

server_args = -s /var/lib/tftpboot

disable = no 【开启tftp】

per_source = 11

cps = 100 2

flags = IPv4

}

[[email protected] Desktop]# /etc/init.d/xinetd restart

停止 xinetd: [确定]

正在启动 xinetd: [确定]

4.准备应答文件

复制内核:

[[email protected] ~]# cd /Centos/images/pxeboot/

[[email protected] pxeboot]# cp vmlinuz initrd.img /var/lib/tftpboot/

复制引导程序:

[[email protected] pxeboot]# find / -name “pxelinux.0”

/usr/share/syslinux/pxelinux.0

[[email protected] pxeboot]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

[[email protected] ~]# mkdir /var/lib/tftpboot/pxelinux.cfg

[[email protected] ~]# cd /Centos/isolinux

[[email protected] isolinux]# cp isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

default linux

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to CentOS 6.6!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

label linux

menu label ^Install or upgrade an existing system

menu default

kernel vmlinuz

append initrd=initrd.img

label vesa

menu label Install system with ^basic video driver

kernel vmlinuz

append initrd=initrd.img xdriver=vesa nomodeset

label rescue

menu label ^Rescue installed system

kernel vmlinuz

append initrd=initrd.img rescue

label local

menu label Boot from ^local drive

localboot 0xffff

label memtest86

menu label ^Memory test

kernel memtest

append –

5.配置dhcp服务器

[[email protected] ~]# vim /etc/dhcp/dhcpd.conf

末行模式:

:r /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample

# This is a very basic subnet declaration.

subnet 192.168.1.0 netmask 255.255.255.0 {

range 192.168.1.100 192.168.1.200;

option routers 192.168.1.16;

filename “pxelinux.0”;

next-server  192.168.1.16;

}

# This declaration allows BOOTP clients to get dynamic addresses,

# which we don’t really recommend.

[[email protected] ~]# /etc/init.d/dhcpd restart

正在启动 dhcpd: [确定]

6.复制光盘内容到ftp根目录下

[[email protected] isolinux]# mkdir /var/ftp/CentOS6.x

[[email protected] isolinux]# cp -rvf /Centos /var/ftp/CentOS6.x/

[[email protected] isolinux]# /etc/init.d/vsftpd restart

关闭 vsftpd: [失败]

为 vsftpd 启动 vsftpd: [确定]

7.测试

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

8.使用kickstart进行无人值守

安装软件包:

[[email protected] pxeboot]# yum -y install system-config-kickstart

[[email protected] pxeboot]# system-config-kickstart

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

根据需要选择软件包

12.YUM仓库服务与PXE网络装机

12.YUM仓库服务与PXE网络装机

保存到/root/

12.YUM仓库服务与PXE网络装机

[[email protected] ~]# cp ks.cfg /var/ftp/CentOS/

[[email protected] ~]# vim /var/lib/tftpboot/pxelinux.cfg/default

default linux

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to CentOS 6.6!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

label linux

menu label ^Install or upgrade an existing system

menu default

kernel vmlinuz

append ks=ftp://192.168.1.16/CentOS/ks.cfg initrd=initrd.img

9.测试

成功

实验要求:

准备2个虚拟机

192.168.0.1 客户端 192.168.0.2服务器 相互ping通 (10分钟)

服务器需求,能使用本地yum库安装包(10分钟)

客户端指定服务器的FTP的yum库可安装包(20分钟)

配置自制yum库,客户端可用yum安装openvas(有安装过程,但安装不上)(30分钟)

实验过程:

1.配置ip地址,设置相同虚拟网卡,关闭iptables防火墙,关闭selinux

[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0

12.YUM仓库服务与PXE网络装机

[[email protected] ~]# iptables -F

[[email protected] ~]# iptables -X

[[email protected] ~]# setenforce 0

setenforce: SELinux is disabled

12.YUM仓库服务与PXE网络装机

服务器:

[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0

12.YUM仓库服务与PXE网络装机

[[email protected] ~]# /etc/init.d/network restart

关闭环回接口: [确定]

弹出环回接口: [确定]

弹出界面 eth0: [确定]

[[email protected] ~]# iptables -F

[[email protected] ~]# iptables -X

[[email protected] ~]# setenforce 0

测试网络连通性:

12.YUM仓库服务与PXE网络装机

2.配置服务器的本地yum源

挂载镜像

[[email protected] ~]# mount /dev/cdrom /media/

切换到repo目录,复制模板文件

[[email protected] ~]# cd /etc/yum.repos.d/

[[email protected] yum.repos.d]# ls

rhel-source.repo

[[email protected] yum.repos.d]# cp rhel-source.repo base.repo

[[email protected] yum.repos.d]# vim base.repo

[base] 库名

name=Red Hat Enterprise Linux y2t21 by lly 描述信息 ,自定义

baseurl=file:///media/ 设置yum库的位置

enabled=1 开启此库

gpgcheck=0 关闭校验

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

[[email protected] yum.repos.d]# yum clean all

12.YUM仓库服务与PXE网络装机

[[email protected] yum.repos.d]# yum -y install vsftpd

12.YUM仓库服务与PXE网络装机

3.配置服务端的网络yum源

[[email protected] ftp]# mkdir -p /var/ftp/rhel6/

[[email protected] ftp]# cp -rvf /media/* /var/ftp/rhel6

[[email protected] ftp]# /etc/init.d/vsftpd start

为 vsftpd 启动 vsftpd: [确定]

[[email protected] ftp]#

4.配置客户机的yum

[[email protected] ~]# cd /etc/yum.repos.d/

[[email protected] yum.repos.d]# ls

CentOS-Base.repo

[[email protected] yum.repos.d]# cp CentOS-Base.repo my.repo

[[email protected] yum.repos.d]# vim my.repo

# CentOS-Base.repo

#

# The mirror system uses the connecting IP address of the client and the

# update status of each mirror to pick mirrors that are updated to and

# geographically close to the client. You should use this for CentOS updates

# unless you are manually picking other mirrors.

#

# If the mirrorlist= does not work for you, as a fall back you can try the

# remarked out baseurl= line instead.

#

#

[base]

name=CentOS-$releasever – Base

#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os

baseurl=ftp://192.168.0.2/rhel6/

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

12.YUM仓库服务与PXE网络装机

yum配置成功

6.设置自定义库

[[email protected] yum.repos.d]# umount /dev/cdrom

[[email protected] yum.repos.d]# mount /dev/cdrom /media/

mount: block device /dev/sr0 is write-protected, mounting read-only

[[email protected] yum.repos.d]# cd /media/

[[email protected] media]# cd chapter10

[[email protected] chapter10]# ls

john-1.7.8.tar.gz nmap-5.51.tgz OpenVAS

[[email protected] chapter10]# cd OpenVAS/

[[email protected] OpenVAS]# cp CentOS_5.8_RPMS01_OK/* /openvas/

[[email protected] OpenVAS]# cp CentOS_5.8_RPMS02_OK/* /openvas/

[[email protected] OpenVAS]# cp CentOS_5.8_RPMS03_OK/* /openvas/

复制文件

建立rpm依赖关系

[[email protected] openvas]# pwd

/openvas

[[email protected] openvas]# createrepo -g /media/repodata/repomd.xml ./

12.YUM仓库服务与PXE网络装机

修改yum配置文件,添加库

[[email protected] openvas]# vim /etc/yum.repos.d/base.repo

添加语句

[openvas]

name=Openvas y2t21 by lly

baseurl=file:///openvas

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

测试:

[[email protected] openvas]# yum celan all

12.YUM仓库服务与PXE网络装机


Llycloud ITSC , 版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:12.YUM仓库服务与PXE网络装机
喜欢 (1)
[]
分享 (0)
发表我的评论
取消评论

表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址