Shulou(Shulou.com)06/01 Report--

1 demand analysis

With the continuous growth of Internet technology, the number of servers is also increasing. IT operation and maintenance has become an important part of IT service connotation. In the face of more and more complex business and more and more diverse user needs, expanding IT applications need more and more reasonable models to ensure that IT services can be guaranteed flexibly, conveniently, securely and stably. The guarantee factor in this model is IT operation and maintenance. From several initial servers to a huge data center, manual work alone has been unable to meet the requirements of technology, business, management and so on. Then standardization, automation, architecture optimization, process optimization and other factors to reduce the cost of IT services have been paid more and more attention. How to automate batch deployment and install a stable system is the first step to achieve automation.

2 introduction to PXE

PXE, the pre-boot execution environment, is a way to boot. This kind of protocol generally consists of two parts, one is the server side and the other is the client side. To put it simply, we can create our own "installation source" in this way, and as long as we can find this "source" when installing the system, we can install the system. Before implementing unattended installation, we must build some services to implement the establishment of "installation source", such as ftp, http, tftp, dhcp and so on. When a host starts up, the standard input and output will call the PXE client into our memory for related operations, and prompt for the relevant options, where we can choose. The client of PXE starts the file to run locally through network download (download). The specific process is that the PXE client sends the ip request to the local area network through the network card, and then the DHCP server will provide it with an ip address and the files needed for system installation, and then use the received files for system installation. The installation process requires resources provided by other servers, such as: Yumsource, kernel files, etc., when the host gets these resources, it can be installed smoothly. After that, the automatic installation begins, and the process does not require anyone to do anything.

PXE installation advantages, this way of installing the system can not be limited by optical drives, CDs and some external equipment, but also can be unattended, greatly reducing the workload of operation and maintenance personnel, such as a large number of mainframes in the computer room for batch installation, PXE will be your best choice.

3 the overall plan

In this section, we mainly introduce the choice of solutions, and let's take a look at the PXE deployment ideas before we talk about the solution. In fact, the deployment idea is not difficult, in order to implement PXE automatic batch installation system, we first need a DHCP server to provide us with IP addresses. If you can't even get IP addresses in a network, how can you talk about automation? Secondly, we want to install a system, then the necessary files must be provided for us, because it is automatically installed on the network, there are no local resources, we can use HTTP,FTP services to achieve. Finally, to get our installation files, these files will guide our computer how to start, how to configure, we choose the TFTP service to provide. The overall framework is shown below:

Solution 1: select a host to build HTTP, TFTP and DHCP services at the same time to provide services for the hosts in the subnet.

Scheme 2: select a host to build HTTP and TFTP services, act as a server to provide resources, and provide a single DHCP service for a host with an IP address.

The above provides two solutions, of course, if you are not afraid of resource waste, you can also choose to build each service on a host to provide the corresponding service, but personally do not recommend it. Considering the purpose of saving resources, we choose option one.

4 Service selection

4.1 DHCP Services

Since we are implementing automated batch installation and deployment, being able to communicate with other hosts is a prerequisite, and in order to obtain IP and achieve communication, we must have a DHCP server to provide ip addresses for a large number of hosts.

DHCP is a dynamic host setting protocol, which mainly distributes IP for clients and automatically distributes IP. The address obtained by a host through DHCP is dynamic, and the address obtained each time may be different. The address change is temporarily assigned to the user by the DHCP server. When the host shuts down, it will return this ip address. If other users request it, the DHCP server will assign the IP address to him. Each host in the LAN can act as a DHCP server, as long as we install the DHCP service and configure it accordingly. The configuration here is mainly the configuration of the subnet, which configures the range of IP addresses that other hosts can use. For example, the subnet is 192.168.14.0, and the range of IP obtained by the hosts in this subnet is 192.168.14.1, 192.168.14.100. Then we can open the configuration file / etc/dhcp/dhcpd.conf of DHCP to configure as follows:

Subnet 192.168.14.0 netmask 255.255.255.0 {

Range 192.168.25.50 192.168.25.100

Next-server 192.168.25.107; # indicates the address of the tftp server

Filename "pxelinux.0"; # specify the PXE file

}

4.2 HTTP Services

Because we want to get the yum source of the installation system service, as well as kernel files, virtual root files, these files are large files, we must ensure that they can be safely transferred, so we chose the HTTP service, of course, it is also possible to choose the FTP service.

HTTP is the abbreviation of Hyper Text Transfer Protocol (Hypertext transfer Protocol). It is a widely tried protocol on the Internet. Is a transport protocol for transferring hypertext from a WWW server to a local browser. It can make browsers more efficient and reduce network transmission. It not only ensures that the computer transmits hypertext documents correctly and quickly, but also determines which part of the document to transmit. HTTP contains commands and transmission information, which can be used not only for Web access, but also for communication between other Internet / intranet application systems, so as to realize the integration of hypermedia access to all kinds of application resources.

4.3 TFTP Services

TFTP is a file transfer service, which is used to transfer files between the server and the client, but it can only transfer simple files, and this service costs little, so it can not transfer large files, but mostly for small files. It is not as powerful as FTP, but TFTP uses the UDP protocol to transmit data, which is sometimes more convenient than FTP, listening on port 69. Because we are in the local area network, the system is relatively secure, and the data provided is not very large, so TFTP is the only choice to achieve PXE.

5 function realization

5.1 preparation before installation

Because it involves different communication between hosts based on different protocols, in order to avoid unnecessary trouble, we choose to turn off the firewall and selinux. This is not recommended in production scenarios.

[root@vinsent] # iptables-F # turn off the firewall

[root@vinsent ~] # setenforce 0 # temporarily shut down selinux

[root@vinsent ~] # vim / etc/selinux/config # modify file to permanently close selinux

... Preceding omission

SELINUX=disabled # set the SELINUX value to disabled

... Followed by omission

5.2 configure a static IP address

Since we chose scenario 1 in the previous scenario analysis, all services are built on the same server. Since the IP address of the host doing the DHCP service must be fixed, we need to configure the IP address of the server first. Because I built the server on the CentOS7 system, there are many commands that only CentOS7 can use. Please consult the relevant documentation for CentOS6 and previous versions.

[root@vinsent ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33 # set static IP

DEVICE=ens33

BOOTPROTO=static

IPADDR=192.168.14.201

PREFIX=24

ONBOOT=yes

[root@vinsent ~] # systemctl restart network.service # restart the network service

[root@vinsent ~] # ip a # check whether your IP is set successfully

5.3 install Services

Because we need HTTP, TFTP, DHCP services to provide the corresponding services, so we must install the corresponding services in the system. It should be noted here that if your system minimizes installation, it is recommended that you install some package groups, GCC, etc. If there is a package dependency problem during the installation process, install the corresponding package in turn.

[root@vinsent ~] # yum-y install dhcp tftp-server httpd syslimux # install the corresponding service pack

[root@vinsent ~] # yum-y install xinetd # install the super daemon xinetd

[root@vinsent ~] # systemctl enable dhcp # set dhcp to boot

[root@vinsent ~] # systemctl enable tftp # set tftp to boot

[root@vinsent ~] # systemctl start tftp # start the tftp service

[root@vinsent ~] # systemctl enable httpd

[root@vinsent ~] # systemctl start httpd # start the http service

[root@vinsent ~] # chkconfig tftp on # if the command is not available on this day, please modify the configuration file

[root@vinsent ~] # vim / etc/xinetd.d/tftp

Service tftp

{

...

Disable = yes # modify this item to "disable = no"

...

}

After [root@vinsent ~] # systemctl restart xinetd # is modified, be sure to restart the xinetd service

5.4Configuring DHCP services

DHCP service is a prerequisite to ensure that we can automate batch installation. The configuration of dhcp has been mentioned above, which is supplemented here and explained in detail. The main purpose is to configure the subnet range for ip address allocation.

[root@vinsent ~] # rpm-ql dhcp # query dhcp related files

... Preceding omission

/ usr/share/doc/dhcp-4.2.5/dhcpd.conf.example

/ usr/share/doc/dhcp-4.2.5/dhcpd6.conf.example

... Followed by omission

[root@vinsent ~] # cd / etc/dhcp/

[root@vinsent] # cp / usr/share/doc/dhcp-4.2.5/dhcpd.conf.example. # copy template configuration file

[root@vinsent ~] # mv dhcpd.conf.example dhcpd.conf # renamed to dhcpd.conf to replace the previous configuration file

[root@vinsent ~] # vim dhcpd.conf # Open the template file and add the following

... The preceding ellipsis.

Subnet 192.168.14.0 netmask 255.255.255.0 {# the ip address written here is the address of the subnet, so it is 192.168.14.0

The range of range 192.168.14.10 192.168.14.200; # subnet, one of which is the ip address requested by the host

Next-server 192.168.14.201; # indicates the address of the tftp server

Filename "pxelinux.0" # indicates the location of the PXE file, which will be sent to the installation host when applying for ip

}

... The following is omitted.

[root@vinsent ~] # systemctl dhcpd start # restart the service

Note: if there is a problem with the subnet you set, then you will not be able to restart the dhcp service, please check that the subnet you configured is correct. The address of the dhcp server must be fixed and cannot be an automatically learned ip.

5.5 prepare yum source files and kickstart files

We put the yum source files on the http server and are provided by the http service, so we have to copy the corresponding files to the http server. And the host system we installed may be CentOS 6 or CentOS7 or Ubantu, etc., so when we prepare yum files, we need to prepare different systems and different versions of files, we only provide the installation of CentOS 6 and CentOS7 systems. Plan the catalog file for us first and copy it. As shown below.

We have planned the directory structure, and the next step is to create these directory structures and provide the corresponding files.

[root@vinsent ~] # cd / var/www/html

[root@vinsent html] # mkdir-p centos/ {6jie 7}

[root@vinsent html] # mkdir ksdir

[root@vinsent html] #

Provide yum source files. There are two solutions to provide yum source files. Scheme 1: we mount the shutdown of CentOS 6 and CentOS 7 respectively and copy the Packages directory and repodata directory in the CD to the corresponding directory (if copying, it is recommended to copy all) Solution 2: we create two shutdown drives, one adding ISO image of CentOS 6 and the other ISO image of CentOS 7, and then we mount the corresponding shutdown drive to the corresponding directory under / var/www/html/centos. To sum up, we choose option 2. The following is a scheme 2 based on the implementation.

[root@vinsent html] # mount / dev/sr0 centos/6 # Mount CentOS 6 CD value 6 directory

Mount: / dev/sr0 is write-protected,mounting read-only

[root@vinsent html] # mount / dev/sr1 centos/7 # Mount CentOS 7 CD value 7 directory

Mount: / dev/sr1 is write-protected,mounting read-only

Next, prepare the installation boot file ks#.cfg in the ksdir directory. There are two ways to obtain ks#.cfg files, one is to generate them through tools. However, this tool needs to be installed by yourself:

[root@vinsent ~] # yum install-y system-config-kickstart

[root@vinsent ~] # system-config-kickstart

Another way is to copy the anaconda-ks.cfg file in the / root directory and modify it. We choose the latter.

[root@vinsent html] # cp / root/anaconda-ks.cfg ksdir/ks7.cfg

[root@vinsent html] # vim ksdir/ks7.cfg

....

[root@vinsent html] # chmod + r ksdir/ks7.cfg # "the files here need read permissions, which is very important"

[root@vinsent html] # cat ksdir/ks7.cfg # centos 7 kickstart file

# version=DEVEL

# System authorization information

Auth-enableshadow-passalgo=sha512

# Use CDROM installation media

Url-- url= # indicates the path to the yum source

# Use graphical install

Text # changes cdrom to text. We don't install it based on CD-ROM, we install it based on character interface.

# Run the Setup Agent on first boot

Firstboot-enable

Ignoredisk-only-use=sda

# Keyboard layouts

Keyboard-vckeymap=us-xlayouts='us'

# System language

Lang en_US.UTF-8

# Network information

Network-- bootproto=dhcp-- device=ens33-- onboot=on-- ipv6=auto-- activate #-- bootproto must be obtained by dhcp,-- onboot=on

Network-hostname=centos7.magedu.com

# Root password

Rootpw-- iscrypted $6 $Z7LBEUpwj3iQdYZ3 $olYQ.Lj1xV2VAGS1UiNflKF0oMGip3b6tU9QFcp0i2JBjwKlY/Yaexul57NHpIJc.Y2V1hWAOueaqwjuWDGMk0

# System services

Services-disabled= "chronyd"

# System timezone

Timezone Asia/Shanghai-isUtc-nontp

User-name=wang-password=$6$ v.VphW/puRblcrFB$uaSrdEhGAwMXap27WIKTn5lyOOfoFyB/SNxyyL3og6s9/VQoAKoL2KQjKmeYFmoYTuYkSNL7BBxgbJzeryKr9. -iscrypted-gecos= "wang"

# X Window System configuration information

Xconfig-startxonboot

# System bootloader configuration

Bootloader-append= "crashkernel=auto"-location=mbr-boot-drive=sda

# Partition clearing information

Zerombr # add zerombr, which means to clear the existing mbr on the old disk, but not to write the new disk installation.

# Disk partitioning information

Part swap-- fstype= "swap"-- ondisk=sda-- size=2048 # partition table information. If you want to add partitions, you can add them in this format.

Part / app-fstype= "xfs"-ondisk=sda-size=51200

Part /-- fstype= "xfs"-- ondisk=sda-- size=51200

Part / boot-fstype= "xfs"-ondisk=sda-size=1024

Restart after reboot # installation is complete

% packages # installation package

@ ^ passport-server-environment

@ base

@ core

@ desktop-debugging

@ dial-up

@ fonts

@ gnome-desktop

@ guest-agents

@ guest-desktop-agents

@ hardware-monitoring

@ input-methods

@ internet-browser

@ multimedia

@ print-client

@ x11

Kexec-tools

Autofs # install autofs service pack

% end

% end

% anaconda

Pwpolicy root-minlen=6-minquality=50-notstrict-nochanges-notempty

Pwpolicy user-minlen=6-minquality=50-notstrict-nochanges-notempty

Pwpolicy luks-minlen=6-minquality=50-notstrict-nochanges-notempty

% end

Systemctl enable autofs

Rm-rf / etc/yum.repos.d/*

Cat > / etc/yum.repos.d/base.repo

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.