PXE + DHCP + Apache + Kickstart unattended installation of CentOS

Because the previous work requires building a red hat lab environment, due to the large number of machines, all systems need to be automatically installed in batches, so I tried to use RHEL5 + PXE + DHCP + Apache + Kickstart to install the RHCE5.1 i386 lab environment and succeeded, but the process was long, therefore, I specifically recorded the unattended installation process of PXE + DHCP + Apache + Kickstart. In addition, I published relevant articles in my blog. Many enthusiastic readers have successfully installed the Red Hat RHEL system or CentOS5.x in batches Based on the content, and have put forward many valuable opinions, thank you. At this stage, the CentOS5.8 x86_64 system needs to be applied to the cluster environment on a large scale. Therefore, this method is mainly used to install new server systems in batches on the company's intranet, this greatly simplifies the process of repeatedly installing CentOS5.8 x86_64 with a CD, coupled with the distributed automated O & M tool puppet for batch deployment, achieving the purpose of automated O & M and avoiding repetitive work, this greatly improves work efficiency. First, let's introduce the relevant principles and concepts. 1. What is PXE strictly speaking, PXE is not an installation method, but a boot method. A prerequisite for PXE installation is that the computer to be installed must contain a NIC supported by PXE, that is, a PXE Client must be included in the NIC. PXE (Pre-boot Execution Environment) protocol allows computers to start over the network. This Protocol is divided into Client and Server, while PXE Client is in the ROM of the NIC. During computer boot, the BIOS transfers the PXE Client to the memory for execution, and then the PXE Client downloads the files stored in the remote end to the local computer for running through the network. To run the PXE protocol, you must set the DHCP server and TFTP server. The DHCP server assigns an IP address to the PXE Client (the host on which the system is to be installed). Because the IP address is assigned to the PXE Client, you need to add relevant PXE settings when configuring the DHCP server. In addition, TFTP Client already exists in the PXE Client ROM, so it can download the required files to the TFTP Server through the TFTP protocol. 2. What is Kickstart? It is an unattended installation method. It works by recording typical parameters that require manual intervention during installation and generating a file named ks. cfg. If a parameter is required during the installation process (not limited to the machine that generates the Kickstart Installation File), the installer first searches for the file generated by Kickstart. If a proper parameter is found, the parameter is used. If no proper parameter is found, manual intervention is required by the installer. Therefore, if the Kickstart file contains all the parameters that may occur during the installation process, the installer can only tell the installer where to obtain ks. cfg file. After the installation is complete, the installation program restarts the system according to the settings in ks. cfg and ends the installation. 3. The installation conditions and detailed steps for PXE + Kickstart to install PXE + Kickstart: DHCP server. TFTP server. Ks. cfg configuration file generated by Kickstart. A server that stores system installation files, such as NFS, HTTP, or FTP servers. A host with a PXE Nic.
The system environment is introduced as follows: the server system is CentOS5.6 x86_64, And the IP is 192.168.11.29 (this server is not necessarily limited to CentOS5.8 x86_64), because the installation is minimized, we will use the system-config-kickstart tool later. It must depend on X windows. Therefore, we need to install X windows and gnome in advance and restart the system. The steps are as follows: first install X windows and GNOME desktop environments. The command is as follows: yum-y groupinstall 'x Window system' yum-y groupinstall 'gnome Desktop Environment ', modify the/etc/inittab file, and restart the server so that it runs in graphic mode, the main modification file content is as follows: id: 5: initdefault: restart the server command is as follows: After reboot completes the above preparation, PXE + DHC The steps for installing CentOS5.8 unattended on P + Apache + Kickstart are as follows: (1) download the CentOS5.8 x86_64 CD to/usr/local/src first, mount it to the/mnt/cdrom directory, and confirm that the httpd service has been installed in the system, as shown below: cd/usr/local/src wget http://mirror.neu.edu.cn/CentOS/5.8/isos/x86_64/CentOS-5.8-x86_64-bin-DVD-1of2.iso mkdir-p/mnt/cdrom next we mount the cd ISO file to the/mnt/cdrom directory, the following command: mount-o loop CentOS-5.8-x86_64-bin-DVD-1of2.iso/mnt/cdromCetnOS5.x x86_64 Series Installed Apache by default, we can use the command to see its version number, as shown below: rpm-q The httpd command shows the result as follows: httpd-2.2.3-65.el5.CentOS (2) Next we copy all the content under the CD (files and folders) to/var/html/www (this directory is the default DocumentRoot directory for Apache) whether it's a Red Hat system or CentOS 5. in the x system, if the installation is minimized, the first DVD file is enough. The Copy command is as follows: cp-rf/mnt/cdrom/var/html/www (3) install tftp-server, enable the tftp service, and start the xinetd process as follows. 1. we use the command to install tftp-server, the command is as follows: yum-y install tftp-server2. then modify/etc/xinetd. in the d/tftp file, change the disable value from yes to no. The content is as follows: service tftp
{
Socket_type = dgram
Protocol = udp
Wait = yes
User = root
Server =/usr/sbin/in. tftpd
Server_args =-s/tftpboot
Disable = no
Per_source = 11
CPIs = 100 2
Flags = IPv4
}
3. restart the xinetd process and run the following command: service xinetd restart (4) to configure the boot program that supports PXE (note: the content of the first CentOS5.8 x86_64 disc has been copied to the/var/www/html directory, therefore, you only need to copy the required files from the/var/www/html directory ). A) create a tftpboot folder, as shown below. If the folder already exists, do not create it. Mkdir-p/tftpboot B) copy the pxelinux.0 file to the tftpboot folder, as shown below. Cp/usr/lib/syslinux/pxelinux.0/tftpboot c) copy/image/pxeboot/initrd. img and vmlinux on the DVD disk to/tftpboot/, as shown below. Cp/var/www/html/images/pxeboot/vmlinuz/tftpboot d) copy the isolinux/* on the DVD disk /*. msg to the/tftpboot directory, as shown below: cp/var/www/html/isolinux /*. msg/tftpboot/e) Create a New pxelinux in tftpboot. cfg directory: mkdir pxelinux. cfg f. copy cfg to pxelinux. in the cfg directory, change the file name to default. The command is as follows: cd pxelinux. cfg cp/var/www/html/isolinux. cfg/tftpboot/pxelinux. cfg/default g) in the previous step, that is, do not modify the default file temporarily. At this step, although the network can be used to guide and Install Kickstart manually. However, this default file is not modified because it is discussed here for unattended installation. (5) install the dhcp service and modify the following configuration: yum-y install dhcp, copy the configuration template file to the specified directory, and rename it. Cp/usr/share/doc/dhcp-3.0.5/dhcpd. conf. sample/etc/dhcpd. conf and then modify/etc/dhcpd. conf configuration file. The last modification of the file is as follows: ddns-update-style interim;
Ignore client-updates;
Next-server 192.168.11.29;
Filename "/pxelinux.0 ";
Subnet 192.168.11.0 netmask 255.255.255.0 {
Option routers 192.168.11.1;
Option subnet-mask limit 255.0;
Option nis-domain "cn7788.com ";
Option domain-name "cn7788.com ";
Option domain-name-servers 192.168.11.252;
Option time-offset-18000; # Eastern Standard Time
Range dynamic-bootp 192.168.11.34 192.168.11.159;
Default-lease-time 21600;
Max-lease-time 43200;
}
Finally, start the dhcp service: service dhcpd start Note: if the number of machines is too large, pay attention to the address pool of the dhcp server. Do not use up the IP address to cause the dhcpd server to have no IP address release. (6) use the yum tool to automatically install Kickstart and configure system-config-kickstart. A) first, we need to install the Kickstart toolkit. This package is not installed by default when CentOS is minimal installed. The yum installation command is as follows: yum-y install system-config-kickstart B) Configure Kickstart In The gnome environment. The command is as follows: system-config-Kickstart: after running the preceding command, you can set some basic configurations of the system, such as selecting the time zone and setting the root password. C) install httpd. Do not enter any account, but install httpd anonymously. During the installation process, select the installation option based on the guidance, and do not need to make changes. D) Kickstart will let us select the CentOS5.8 partition information to be installed in batches. According to the installation method of CentOS5.5 x86_64 described in the previous section, we will create four partitions, that is, the/,/boot,/data, and swap partitions. E) When configuring the network, I use the static allocation address (also dynamic), which is the same as the previous CD installation. F) when setting the display configuration, you can choose according to our habits. G) for the software package selection, you can select the software package you need based on your actual work requirements. Because the use of the server after installation is different, we recommend that you minimize the installation. H) Select the default settings for all other settings and do not need to be modified. I) Finally, the generated file ks. cfg is saved to/var/www/html. This is a difficult issue for automated unattended installation. manual intervention is required if this file is improperly configured. If you encounter problems, we recommend that you refer to ks below. cfg configuration file. (7) Modify/tftpboot/pxelinux. cfg/default file, specifying to read ks. the cfg method is used to modify the content of the first line of the file. After modification, the content of the first line of the file is as follows: default text ks = http: // 192.168.11.29/ks. in addition, it is recommended that you change the timeout time from 600 to 1. The timeout time is the time waiting for the user to manually select during the boot. set it to "1" to direct the boot. (8)/var/www/html/ks. the content of the cfg file is as follows (this content is important and difficult during the experiment, please note): # platform = x86, AMD64, or Intel EM64T
# System authorization information
Auth -- useshadow -- enablemd5
# System bootloader configuration
Key -- skip
Bootloader -- location = mbr
# Partition clearing information
Clearpart -- none
# Use graphical install
Graphical
# Firewall configuration
Firewall -- disabled
# Run the Setup Agent on first boot
Firstboot -- disable
# System keyboard
Keyboard us
# System language
Lang en_US
# Installation logging level
Logging -- level = info
# Use network installation
Url -- url = http: // 192.168.11.29/
# Network information
Network -- bootproto = dhcp -- device = eth0 -- onboot = on
Reboot
# Root password
Rootpw -- iscrypted $1 $ biw2UUzu $/ZrtUhG9gGGGJn6edgUIQ1

# SELinux configuration
Selinux -- disabled
# System timezone
Timezone -- isUtc Asia/Shanghai
# Install OS instead of upgrade
Install
# X Window System configuration information
Xconfig -- defaultdesktop = GNOME -- depth = 8 -- resolution = 640x480
# Disk partitioning information
Bootloader -- location = mbr -- driveorder = sda
Clearpart -- all -- initlabel
Part/-- bytes-per-inode = 4096 -- fstype = "ext3" -- size = 5120
Part/boot -- bytes-per-inode = 4096 -- fstype = "ext3" -- size = 128
Part swap -- bytes-per-inode = 4096 -- fstype = "swap" -- size = 500
Part/data -- bytes-per-inode = 4096 -- fstype = "ext3" -- grow -- size = 1

% Packages
@ Base
@ Development-libs
@ Development-tools
In this configuration process, the key and difficulty are described here: partition operations are performed according to the current online partition, which is divided into/,/boot,/data, and swap partitions, the/data Partition stores data. Here we use the -- grow -- size = 1 parameter to allocate all the remaining space to the/data Partition. Key -- skip if it is a red hat system, this option can skip the process of entering the serial number; if it is CentOS 5. x Series, You can retain this item; reboot this option must exist, you must set the position in the text, otherwise kickstart displays a message and waits for the user to press any key to reboot, this is a question raised by many friends in the forum. I also encountered this problem during the experiment. We recommend that you do more experiments. The clearpart -- all -- initlabel command must be added, otherwise, the system will ask the user to manually select whether to clear all the data, which requires human intervention, resulting in automated process failure. Other options are easy to understand and I will not repeat them here. (9) after all the servers required for Kickstart are started, the automatic system installation process is completed. We can fully and automatically install the CentOS5.8 x86_64 System in the internal cabinet, run the following command on the server: service httpd start chkconfig httpd on service dhcpd start chkconfig dhcpd on service xinetd restart, you can optimize the system according to your company's actual situation. The optimization script init is minimized here. sh can also be pushed to the puppet server. The script content is as follows: #/bin/bash
# Add the epel repo
Cd/usr/local/src
Wget http://mirrors.ustc.edu.cn/fedora/epel//5/x86_64/epel-release-5-4.noarch.rpm
Rpm-ivh epel-release-5-4.noarch.rpm
# Add the rpmforge repo
Cd/usr/local/src
Wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
Rpm-ivh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm

# Yum install sysstat
Yum-y install gcc-c ++ vim-enhanced unzip unrar sysstat

# Set the ntp
Yum-y install ntp
Echo "01 01 ****/usr/sbin/ntpdate ntp. api. bz>/dev/null 2> & 1">/etc/crontab
Ntpdate ntp. api. bz
Service crond restart

# Set the file limit
Ulimit-SHn 65535
Echo "ulimit-SHn 65535">/etc/rc. local
Cat>/etc/security/limits. conf <EOF
* Soft nofile 60000
* Hard nofile 65535
EOF

# Tune kernel parametres
Cat>/etc/sysctl. conf <EOF
Net. ipv4.tcp _ syncookies = 1
Net. ipv4.tcp _ syn_retries = 1
Net. ipv4.tcp _ tw_recycle = 1
Net. ipv4.tcp _ tw_reuse = 1
Net. ipv4.tcp _ fin_timeout = 1
Net. ipv4.tcp _ keepalive_time = 1200
Net. ipv4.ip _ local_port_range = 1024 65535
EOF
/Sbin/sysctl-p

# Set the control-alt-delete to guard against the misuse
Sed-I's @ ca: ctrlaltdel:/sbin/shutdown-t3-r now @ # ca: ctrlaltdel: /sbin/shutdown-t3-r now @ '/etc/inittab

# Disable selinux
Sed-I's @ SELINUX = enforcing @ SELINUX = disabled @ '/etc/selinux/config

# Ssh setting
Sed-I-e '74 s/^/#/'-I-e' 76 s/^/#/'/etc/ssh/sshd_config
Sed-I's @ # UseDNS yes @ UseDNS no @ '/etc/ssh/sshd_config
Service sshd restart

# Disable ipv6
Echo "alias net-pf-10 off">/etc/modprobe. conf
Echo "alias ipv6 off">/etc/modprobe. conf
Echo "install ipv6/bin/true">/etc/modprobe. conf
Echo "IPV6INIT = no">/etc/sysconfig/network
Sed-I's @ NETWORKING_IPV6 = yes @ NETWORKING_IPV6 = no @ '/etc/sysconfig/network
Chkconfig ip6tables off

# Vim setting
Echo "syntax on">/root/. vimrc
Echo "set nohlsearch">/root/. vimrc

# Chkconfig off services
Chkconfig bluetooth off
Chkconfig sendmail off
Chkconfig kudzu off
Chkconfig nfslock off
Chkconfig portmap off
Chkconfig iptables off
Chkconfig autofs off
Chkconfig yum-updatesd off

# Reboot system
Reboot
Note: # tune kernel parametres is the kernel optimization part. Here I only perform basic processing and you can modify it as needed. Remember: everything is based on system stability. # The vim setting option is vim's personalized configuration. To highlight the vim syntax, you must install the vim-enhanced package. In addition, vim uses the search function to highlight the selected content, it is not very comfortable, so I used the set nohlsearch option here. If you don't mind this function, you don't need to add this statement; # I found that the disable ipv6 option was tested, in CentOS5.8 x86_64, if you do not add install ipv6/bin/true to/etc/modprobe. in the conf file, the ipv6 option cannot be disabled, but the tested CentOS5.5 | 5.6 can be disabled without adding this sentence. Please note that, of course, finally, you need to reboot the system to make this configuration take effect. Extended: I believe there should be many Xen virtual machines in the development environment. Although Xen has its own template file operations, we can also use Kickstart to quickly install the Xen virtual machine system unattended, the command is as follows: virt-install-n vm4-r 300-f/data/vm/vm4.img-s 8-p-l http: // 192.168.11.29-x ks = http: // 192.168.11.29/ks. cfg because the combination of Xen with Kickstart is not the focus of this document, you can study it on your own if you are interested. In addition, please note that:

This installation method is too intelligent. After the network boot is successful, the hard disk data is automatically cleared and the new system is re-installed. Therefore, we recommend that you separate the work area and network segment, you can also disable the Kickstart server after installation to avoid unnecessary troubles on normal servers.

Appendix: kickstartautomation script .rar