| |
Before using Cobbler set up automatic installation system, recently Cobbler site http://www.cobblerd.org/ unable to access, execute the command cobbler get-loaders for download PXE boot files needed Times 404, even if the download is successful, all the files are word 0 section, causing the server to install the system to automatically obtain IP address stuck. Last resort they want a solution, re-use Nginx DHCP TFTP Kickstart build an automated installation system. Nginx is simple to install and configure all kind, instead of Apache Cobbler used.
Virtual Environment
Segment: 192.168.200.0
Mask: 255.255.255.0
Gateway: 192.168.200.2
Automatically install system address: 192.168.200.10
DHCP assigned address range: 192.168.200.11 - 192.168.200.254
First, install Nginx configuration
Download compile and install Nginx
cd / App / src
wget http://nginx.org/download/nginx-1.8.0.tar.gz
tar zxf nginx-1.8.0.tar.gz
cd nginx-1.8.0
./configure \
--prefix = / App / nginx \
--without-http_access_module \
--without-http_auth_basic_module \
--without-http_browser_module \
--without-http_empty_gif_module \
--without-http_fastcgi_module \
--without-http_geo_module \
--without-http_limit_conn_module \
--without-http_limit_req_module \
--without-http_map_module \
--without-http_memcached_module \
--without-http_proxy_module \
--without-http_referer_module \
--without-http_rewrite_module \
--without-http_scgi_module \
--without-http_split_clients_module \
--without-http_ssi_module \
--without-http_upstream_hash_module \
--without-http_upstream_ip_hash_module \
--without-http_upstream_keepalive_module \
--without-http_upstream_least_conn_module \
--without-http_userid_module \
--without-http_uwsgi_module \
--without-mail_imap_module \
--without-mail_pop3_module \
--without-mail_smtp_module \
--without-pcre \
--without-poll_module \
--without-select_module
make && make install
Modify Nginx configuration file /App/nginx/conf/nginx.conf
user nginx nginx;
worker_processes auto;
error_log logs / error.log error;
pid logs / nginx.pid;
worker_rlimit_nofile 65536;
events
{
use epoll;
accept_mutex off;
worker_connections 65536;
}
http
{
include mime.types;
default_type text / html;
charset UTF-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 4k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
open_file_cache max = 65536 inactive = 60s;
open_file_cache_valid 80s;
open_file_cache_min_uses 1;
log_format main '$ remote_addr - $ remote_user [$ time_local] "$ request"'
'$ Status $ body_bytes_sent "$ http_referer"'
' "$ Http_user_agent" "$ http_x_forwarded_for"';
access_log logs / access.log main;
sendfile on;
server_tokens off;
keepalive_timeout 60;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 64k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text / plain text / css application / json application / javascript application / xml;
server
{
listen 80;
server_name localhost;
index index.html;
root / App / web;
autoindex on;
}
}
New Nginx running account and Web directories
useradd -s / bin / false -M nginx
mkdir -p / App / web
Download CentOS iso image file and import Web directory
cd / App / src
wget http://mirrors.aliyun.com/centos/6.6/isos/x86_64/CentOS-6.6-x86_64-bin-DVD1.iso
mount -o loop CentOS-6.6-x86_64-bin-DVD1.iso / mnt
rsync -avP / mnt / /App/web/CentOS-6.6-x86_64
Start Nginx
/ App / nginx / sbin / nginx
Second, the installation configuration DHCP
Yum install dhcp server
yum -y install dhcp
Modify the configuration of dhcp file /etc/dhcp/dhcpd.conf
allow booting;
allow bootp;
subnet 192.168.200.0 netmask 255.255.255.0 {
option routers 192.168.200.2;
option domain-name-servers 223.5.5.5,223.6.6.6;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.200.11 192.168.200.254;
filename "/pxelinux.0";
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.200.10;
}
Start dhcp service
/etc/init.d/dhcpd start
Third, the installation configuration TFTP
Yum install tftp server
yum -y install tftp-server
Modify the configuration and start the xinetd tftp service
sed -i '/ disable / s / yes / no /' /etc/xinetd.d/tftp
/etc/init.d/xinetd start
Yum install syslinux boot loader, copy the relevant files to the tftp root directory
yum -y install syslinux
cp /usr/share/syslinux/pxelinux.0 / var / lib / tftpboot /
cd /App/web/CentOS-6.6-x86_64/isolinux/
cp vesamenu.c32 boot.msg splash.jpg vmlinuz initrd.img memtest / var / lib / tftpboot /
mkdir -p /var/lib/tftpboot/pxelinux.cfg
cp isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
Modify the boot menu /var/lib/tftpboot/pxelinux.cfg/default, pay special attention to this menu default configuration determines the default boot option which, if it is [] under the label linux server once restarted will delete all partitions and format, very dangerous be sure to change this.
default vesamenu.c32
prompt 0
timeout 60
display boot.msg
menu background splash.jpg
menu title Welcome to CentOS 6.6!
menu color border 0 #ffffffff # 00000000
menu color sel 7 #ffffffff # ff000000
menu color title 0 #ffffffff # 00000000
menu color tabmsg 0 #ffffffff # 00000000
menu color unsel 0 #ffffffff # 00000000
menu color hotsel 0 # ff000000 #ffffffff
menu color hotkey 7 #ffffffff # ff000000
menu color scrollbar 0 #ffffffff # 00000000
label linux
menu label ^ Install or upgrade an existing system
kernel vmlinuz
append initrd = initrd.img ks = http: //192.168.200.10/CentOS-6.6-x86_64/ks.cfg ksdevice = em1
label vesa
menu label Install system with ^ basic video driver
kernel vmlinuz
append initrd = initrd.img xdriver = vesa nomodeset
label rescue
menu label ^ Rescue installed system
kernel vmlinuz
append initrd = initrd.img rescue
label local
menu label Boot from ^ local drive
menu default
localboot 0xffff
label memtest86
menu label ^ Memory test
kernel memtest
append -
4, Adding Kickstart configuration
Web Contents Add kickstart profile /App/web/CentOS-6.6-x86_64/ks.cfg
install
keyboard us
lang zh_CN
url --url = http: //192.168.200.10/CentOS-6.6-x86_64/
network --onboot yes --device eth0 --bootproto dhcp --noipv6
rootpw --iscrypted $ 6 $ y0UTGMGnCEgUJmUB $ IPcaQ8ipx24V8lAq.XepGoilvjXM9kFs5YrivQQoejYmLOmeVXSeM6IvzxtdsUJ0CFuTMzANEmlj5FOluuwy40
auth --useshadow --passalgo = sha512
reboot
firewall --disabled
firstboot --disable
selinux --disabled
logging --level = info
timezone Asia / Shanghai
bootloader --location = mbr
zerombr yes
clearpart --all --initlabel
part / boot --fstype ext4 --size = 200
part swap --size = 2048
part / --fstype ext4 --size = 200 --grow
% Packages
@ Chinese-support
@core
@ Server-policy
@ Workstation-policy
% End
% Post
ServiceList = `chkconfig --list | grep '0' | awk '{print $ 1}' | grep -Ev 'sshd | network | crond | syslog'`
for Service in $ ServiceList
do
/etc/init.d/$Service stop
chkconfig --level 0123456 $ Service off
done
cat >> /etc/sysctl.conf << EOF
vm.swappiness = 0
net.core.rmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_default = 262144
net.core.wmem_max = 16777216
net.core.somaxconn = 262144
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_max_tw_buckets = 10000
net.ipv4.ip_local_port_range = 1024 65500
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_mem = 786432 1048576 1572864
fs.aio-max-nr = 1048576
fs.file-max = 6815744
kernel.sem = 250 32000 100 128
fs.inotify.max_user_watches = 1048576
EOF
sysctl -p
cat >> /etc/security/limits.conf << EOF
* - Nofile 1048576
* - Nproc 65536
* - Stack 1024
EOF
cat >> / etc / profile << EOF
ulimit -n 1048576
ulimit -u 65536
ulimit -s 1024
alias grep = 'grep --color = auto'
export HISTTIMEFORMAT = "% Y-% m-% d% H:% M:% S"
EOF
sed -i 's / SELINUX = enforcing / SELINUX = disabled /' / etc / selinux / config
setenforce 0
sed -i 's /.* UseDNS yes / UseDNS no /' / etc / ssh / sshd_config
sed -i 's /.* GSSAPIAuthentication yes / GSSAPIAuthentication no /' / etc / ssh / sshd_config
/etc/init.d/sshd restart
cat >> $ HOME / .bash_profile << EOF
export PATH = / App / script: \ $ PATH
EOF
mkdir -p / App / script / App / src
mount --bind / dev / shm / tmp
echo "/ bin / mount --bind / dev / shm / tmp" >> /etc/rc.local
Fifth, check the relevant service listening port
http: 80, dhcp: 67, tftp: 69
netstat -tunlp | grep -E '(0.0.0.0:80|0.0.0.0:67|0.0.0.0:69)' |
|
|
|