Nginx DHCP TFTP Kickstart build automatic installation system

Before using cobbler to build automatic installation system, recently cobbler website http://www.cobblerd.org/inaccessible, execute command cobbler get-loaders download get PXE boot required file times 404 , even if the download succeeds, all files are 0 bytes, causing the server installation system to automatically obtain the IP address after it gets stuck. Have to find a way to solve their own, re-use Nginx DHCP TFTP Kickstart built a set of automatic installation system. Nginx installation and configuration are quite simple, instead of the Apache used in the cobbler.

Virtual Environments

Network segment: 192.168.200.0

Mask: 255.255.255.0

Gateway: 192.168.200.2

Automatic installation system address: 192.168.200.10

DHCP assigned address range:192.168.200.11- 192.168.200.254

First, install the configuration Nginx

• Download compile and install Nginx

Cd /app/srcwget tar zxf nginx-1.8.0.tar.gzcd nginx-1.8.0./configure ./configure  --prefix= $AppDir  --with-http_stub_status_module --without-http_access_module -- without-http_auth_basic_module --without-http_browser_module --without-http_empty_gif_module -- without-http_fastcgi_module --without-http_geo_module --without-http_limit_conn_module -- without-http_limit_req_module --without-http_map_module --without-http_memcached_module -- without-http_proxy_module --without-http_referer_module --without-http_rewrite_module -- without-http_scgi_module --without-http_split_clients_module --without-http_ssi_module -- Without-http_upstream_hash_module --without-http_upstream_ip_hash_module --without-http_upstream_ keepalive_module --without-http_upstream_least_conn_module --without-http_userid_module -- Without-http_uwsgi_module --without-mail_imap_moDule --without-mail_pop3_module --without-mail_smtp_module --without-pcre --without-poll_ Module --without-select_modulemake && make install

• Modify Nginx configuration file/app/nginx/conf/nginx.conf

user  nginx nginx;worker_processes  auto;error_log  logs/error.log  error;pid        logs/nginx.pid;worker_rlimit_nofile     65536;events{    use epoll;    accept_mutex off;     worker_connections  65536;} http{    include       mime.types;     default_type  text/html;    charsetutf-8;    server_ Names_hash_bucket_size128;    client_header_buffer_size4k;    large_ client_header_buffers 432k;    client_max_body_size             8m;    open_file_cache max=65536   inactive=60s;    open_file_cache_valid      80s;    open_file_cache_min_uses   1;     log_format  main   ' $remote _addr -  $remote _user [$time _local]  "$ Request " "                         ' $status   $body _bytes_sent  "$http _referer   '                          "$http _user_agent"   "$http _x_forwarded_for" ';    access_log   logs/access.log  main;    sendfile    on;     server_tokens off;    keepalive_timeout  60;     gzip  on;    gzip_min_length1k;    gzip_buffers   464k;   &nBsp;gzip_http_version1.1;    gzip_comp_level2;    gzip_types text /plain text/css application/json application/javascript application/xml;     server    {        listen        80;        server_name  localhost;         index         index.html;        root          /App/web;        autoindex    on;     }}

• New Nginx run account and web directory

Useradd-s/bin/false-m nginxmkdir-p/app/web

• Download the CentOS image ISO file and import the Web directory

Wget Mount-o Loop centos-6.6-x86_64-bin-dvd1.iso/mntrsync-avp/mnt//app/web/centos-6.6-x86_64

• Start Nginx

/app/nginx/sbin/nginx

Second, install the configuration DHCP

• Yum installs DHCP service side

Yum-y Install DHCP

• Modify configuration dhcp file/etc/dhcp/dhcpd.conf

allow booting;allow bootp;subnet 192.168.200.0 netmask 255.255.255.0 {      option routers              192.168.200.2;     option domain-name-servers  223.5.5.5,223.6.6.6;     option subnet-mask          255.255.255.0;     range dynamic-bootp         192.168.200.11 192.168.200.254;     filename                     "/ pxelinux.0 ";     default-lease-time          21600;     max-lease-time              43200;     next-server                 192.168.200.10;}

• Start the DHCP service

/ETC/INIT.D/DHCPD start

Third, installation configuration TFTP

• Yum installs TFTP service side
  

Yum-y Install Tftp-server

• Modify the TFTP configuration and start the XINETD service

Sed-i '/disable/s/yes/no/'/etc/xinetd.d/tftp/etc/init.d/xinetd start

• Copy related files to the TFTP root directory

CP/USR/SHARE/SYSLINUX/PXELINUX.0/VAR/LIB/TFTPBOOT//APP/WEB/CENTOS-6.6-X86_64/ISOLINUX/CP VESAMENU.C32 boot.msg Splash.jpg vmlinuz initrd.img memtest/var/lib/tftpboot/mkdir-p/VAR/LIB/TFTPBOOT/PXELINUX.CFGCP isolinux.cfg/var/ Lib/tftpboot/pxelinux.cfg/default

• To modify the boot menu/var/lib/tftpboot/pxelinux.cfg/default, pay particular attention to the menu default configuration which determines which option is started by default, if "label Linux" Once the server restarts, it will delete all partitions and format them, which is very dangerous and must be modified.

default vesamenu.c32prompt 0timeout 60display boot.msgmenu background  splash.jpgmenu title welcome to centos 6.6!menu color border 0 # ffffffff  #00000000menu  color sel 7  #ffffffff   #ff000000menu  color title  0  #ffffffff   #00000000menu  color tabmsg 0  #ffffffff   #00000000menu  color unsel 0  #ffffffff   #00000000menu  color hotsel 0  #ff000000   #ffffffffmenu  color hotkey 7  #ffffffff   #ff000000menu  color scrollbar  0  #ffffffff   #00000000label  linux  menu label ^Install or  upgrade an existing system  kernel vmlinuz  append initrd= Initrd.img ks=http://192.168.200.10/centos-6.6-x86_64/ks.cfglabel vesa  menu label  Install system with ^basic video driver  kernel vmlinuz  append initrd=initrd.img  xdriver=vesa nomodesetlabel rescue  menu label ^rescue installed  System  kernel vmlinuz  append initrd=initrd.img rescuelabel local   menu label Boot from ^local drive  menu default   localboot 0xfffflabel memtest86  menu label ^Memory test   kernel memtest  append -

Iv. Adding Kickstart Configuration

• Add the Kickstart profile to the Web directory/app/web/centos-6.6-x86_64/ks.cfg

installkeyboard uslang zh_cnurl --url=http://192.168.200.10/centos-6.6-x86_64/network -- onboot yes --device eth0 --bootproto dhcp --noipv6rootpw  --iscrypted  $6$y0utgmgncegujmub$ Ipcaq8ipx24v8laq.xepgoilvjxm9kfs5yrivqqoejymlomevxsem6ivzxtdsuj0cfutmzanemlj5foluuwy40auth --useshadow  --passalgo=sha512rebootfirewall --disabledfirstboot --disableselinux --disabledlogging  --level=infotimezone  asia/shanghaibootloader --location=mbrzerombr yesclearpart  --all --initlabelpart /boot --fstype ext4 --size=200part swap --size= 2048part / --fstype ext4 --size=200 --grow% Packages@chinese-support@core@server-policy@workstation-policy%end%postservicelist= ' Chkconfig --list  | grep  ' 0 '  | awk  ' {print $1} '  | grep -Ev  ' Sshd|network |crond|syslog ' for service in  $ServiceListdo/etc/init.d/$Service  stopchkconfig --level 0123456  $Service  offdonecat  >> /etc/sysctl.conf << eofvm.swappiness = 0net.core.rmem_default  = 262144net.core.rmem_max = 16777216net.core.wmem_default = 262144net.core.wmem _max = 16777216net.core.somaxconn = 262144net.core.netdev_max_backlog =  262144net.ipv4.tcp_max_orphans = 262144net.ipv4.tcp_max_syn_backlog = 262144net.ipv4.tcp_ Max_tw_buckets = 10000net.ipv4.ip_local_port_range = 1024 65500net.ipv4.tcp_tw_ Recycle = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_syncookies = 1net.ipv4.tcp_ synack_retries = 1net.ipv4.tcp_syn_retries = 1net.ipv4.tcp_fin_timeout =  30net.ipv4.tcp_keepalive_time = 1200net.ipv4.tcp_mem = 786432 1048576  1572864fs.aio-max-nr = 1048576fs.file-max = 6815744kernel.sem = 250 32000 100 128fs.inotify.max_user_watches  = 1048576eofsysctl -pcat >> /etc/security/limits.conf << eof* -  nofile 1048576* - nproc  65536* - stack  1024EOFcat  >> /etc/profile << eofulimit -n 1048576ulimit -u 65536ulimit  -s 1024alias grep= ' Grep --color=auto ' export histtimeformat= "%Y-%m-%d %H:%M:%S   "eofsed -i  ' s/selinux=enforcing/selinux=disabled/'  /etc/selinux/configsetenforce  0sed -i  ' s/.*usedns yes/usedns no/'  /etc/ssh/sshd_configsed -i  ' s/.* gssapiauthentication yes/gssapiauthentication no/'  /etc/ssh/sshd_config/etc/init.d/sshd  restartcat >>  $HOME/.bash_profile << eofexport path=/app/script:\$ Patheofmkdir -p /app/script /app/srcmount --bind /dev/shm /tmpecho  "/bin/mount --bind /dev/shm / TMP " >> /etc/rc.local

V. Check the relevant service listening port

• HTTP:80, dhcp:67, tftp:69

NETSTAT-TUNLP | Grep-e ' (0.0.0.0:80|0.0.0.0:67|0.0.0.0:69) '

If the service has been monitored

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/70/37/wKioL1W0emDyXQ6DAAHbEjM4D5A745.jpg "title=" Netstat.png "alt=" Wkiol1w0emdyxq6daahbejm4d5a745.jpg "/>

This article is from the "Pine" blog, be sure to keep this source http://dongsong.blog.51cto.com/916653/1678460

Nginx DHCP TFTP Kickstart build automatic installation system