The most complete automatic system installation centos., kickstar+PXE. Automatic installation of centos system (middle)

Make bootable CD and U disk

Customized installation CD can be combined with kickstart to achieve semi-automatic installation based on CD boot

Implementation process

[root@centos8 ~]#mkdir –pv /data/myiso
[root@centos8 ~]#cp -r /mnt/isolinux/ /data/myiso/ #复制目录到光盘文件 -r 递归复制
[root@centos8 ~]#tree /data/myiso/
/data/myiso/
└── isolinux
 ├── boot.cat
 ├── boot.msg
 ├── grub.conf
 ├── initrd.img
 ├── isolinux.bin
 ├── isolinux.cfg
 ├── ldlinux.c32
 ├── libcom32.c32
 ├── libutil.c32
 ├── memtest
 ├── splash.png
 ├── TRANS.TBL
 ├── vesamenu.c32
 └── vmlinuz
1 directory, 14 files
[root@centos8 ~]#vim /data/myiso/isolinux/isolinux.cfg
#方法1：应答方件放在ISO文件里
label linux
menu label ^Auto Install CentOS Linux 8
kernel vmlinuz
 initrd=initrd.img text ks=cdrom:/myks.cfg
 
#方法2：应答方件放在http服务器上
label linux
menu label ^Auto Install CentOS Linux 8
kernel vmlinuz
append initrd=initrd.img quiet ks=http://10.0.0.80/ksdir/centos8.cfg

label rescue #  救援模式
menu label ^Rescue a CentOS Linux system
kernel vmlinuz
append initrd=initrd.img inst.repo=http://10.0.0.80/centos/8/os/x86_64/ rescue
quiet

label local     #本地硬盘启动
menu default
menu label Boot from ^local drive
localboot 0xffff

[root@centos8 ~]#cp /root/myks.cfg /data/myiso/
[root@centos8 ~]#dnf -y install mkisofs
[root@centos8 ~]#mkisofs -R -J -T -v --no-emul-boot --boot-load-size 4 --boot-info-table -V "CentOS 8.0 x86_64 boot" -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/boot.iso /data/myiso/
注意：以上相对路径都是相对于光盘的根，和工作目录无关

mkisofs option description

Implement DHCP service

The host can obtain the network configuration in two ways:

• Static assignment

• Dynamic acquisition:

  ​ bootp: boot protocol MAC and IP correspond one-to-one statically

  ​ dhcp: enhanced bootp, support static and dynamic

4.1 Working Principle of DHCP

DHCP: Dynamic Host Configuration Protocol, dynamic host configuration protocol
UDP protocol, C/S mode, dhcp server: 67/udp, dhcpv4c server

​ client: 68/udp, dhcpv6 client: 546/udp client

The main purpose:

• Used for internal networks and network service providers to automatically assign IP addresses to users
• Used for internal network administrators as a means of centralized management of all computers
• Automated installation system
• Solve the problem of insufficient IPV4 resources

There are eight types of DHCP messages

• DHCP DISCOVER: client to server
• DHCP OFFER: server to client
• DHCP REQUEST: client to server
• DHCP ACK: server to client
• DHCP NAK: server to client, notifying the user that the appropriate IP address cannot be assigned
• DHCP DECLINE: client to server, indicating that the address has been used
• DHCP RELEASE: client to server, give up the network address and cancel the remaining lease time
• DHCP INFORM: client to server, if the client needs to obtain more detailed configuration information from the DHCP server, it will send an Inform message to the server to request it, which is rarely used

DHCP service lease renewal

• 50%: The lease is renewed when the lease time reaches 50%, and a new DHCPREQUEST request has just been sent to the DHCP server. If the dhcp service has no reason for rejection, it will respond with a DHCPACK message. When the DHCP client receives the response message, it restarts a new lease period
• 87.5%: If the DHCP Server did not respond to the lease renewal request before, the host will send another broadcast request after 7/8 of the lease period

Multiple DHCP services on the same network segment

• DHCP service must be based on local
• First come first served principle

Cross network segment

• RFC 1542 Compliant Routers
• dhcp relay agent: relay agent

Related agreements

• arp
• rarp

Lease period:

• Long lease period: IP is relatively stable and consumes less network resources, but IP resources are wasted

• Short lease: IP is relatively unstable, more network resource consumption, but can take advantage of IP resources, can achieve little more IP-host
  service

DHCP implementation

Note: Before implementing the DHCP service, first turn off the existing DHCP service on the network, such as: disable DHCP in the malware to prevent conflicts

DHCP service implementation software:

• dhcp (pre-CentOS 7) or dhcp-server (package name in CentOS 8)
• dnsmasq: small service software that can provide dhcp and dns functions

Composition of DHCP related documents

dhcp or dhcp-server package file composition

• /usr/sbin/dhcpd dhcp service main program
• /etc/dhcp/dhcpd.conf dhcp service configuration file
• /usr/share/doc/dhcp-server/dhcpd.conf.example #dhcp service configuration example file
• /usr/lib/systemd/system/dhcpd.service #dhcp service service file
• /var/lib/dhcpd/dhcpd.leases address allocation record

dhcp-client client package

• /usr/sbin/dhclient #Client program

• /var/lib/dhclient #Automatically obtain IP information
  windows tool

• ipconfig /release #Release the IP obtained by DHCP and apply for IP again
• ipconfig/renew #Refresh lease, renew

DHCP server configuration file

Help reference: man 5 dhcpd.conf
/etc/dhcp/dhcpd.conf format
global configuration
subnet {
...
}
host {
}
Check syntax command: service dhcpd configtest (supported by CentOS 6 and earlier versions)
Example: dhcpd.conf

#安装服务
[root@Centos8 ~]#dnf install dhcp-server    #centos7 yum -y install dhcp 
[root@centos8 ~]#grep -v "#" /etc/dhcp/dhcpd.conf
option domain-name "magedu.org";
option domain-name-servers 180.76.76.76, 223.6.6.6;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.10  10.0.0.100;
range 10.0.0.110 10.0.0.200;
option routers 10.0.0.2;
next-server 10.0.0.8; 
filename "pxelinux.0";
}
host testclient {
hardware ethernet 00:0c:29:33:b4:1a;  #固定主机ip和DHCp 分配的地址
fixed-address 10.0.0.106;
default-lease-time 86400;  
max-lease-time 864000;
option routers 10.0.0.254;
option domain-name-servers 114.114.114.114,8.8.8.8 ;
option domain-name "magedu.net";
}

Note the fields that are not needed under vim, pay attention to starting from the cursor

.,$s/^\([^#]\)/#\1/

Other configuration options of DHCP configuration file:

• next-server: IP address of the server that provides the boot file

• filename: indicates the name of the boot file

  example

subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.10  192.168.100.100;
range 192.168.100.150  192.168.100.200;
option routers 192.168.100.1;
next-server 192.168.1.100; #TFTP服务器地址
filename "pxelinux.0";   #bootloader启动文件的名称
}

Example: The process of dhcp client application address

[root@centos7 ~]#dhclient -d
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/eth0/00:0c:29:01:f9:48
Sending on  LPF/eth0/00:0c:29:01:f9:48
Sending on  Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8 (xid=0x4147178b)
DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x4147178b)
DHCPOFFER from 10.0.0.8
DHCPACK from 10.0.0.8 (xid=0x4147178b)
bound to 10.0.0.100 -- renewal in 32740 seconds.

#DHCP客户端的日志
[root@centos7 ~]#ls /var/lib/dhclient/
dhclient.leases
[root@centos7 ~]#cat /var/lib/dhclient/dhclient.leases
lease {
interface "eth0";
fixed-address 10.0.0.100;
option subnet-mask 255.255.255.0;
option routers 10.0.0.2;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 180.76.76.76,223.5.5.5,223.6.6.6;
option dhcp-server-identifier 10.0.0.8;
option domain-name "magedu.com";
renew 3 2020/05/27 16:18:15;
rebind 4 2020/05/28 04:12:33;
expire 4 2020/05/28 07:12:33;
}
#DHCP服务器的日志
[root@centos8 ~]#tail -f /var/lib/dhcpd/dhcpd.leases
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.3.6
# authoring-byte-order entry is generated, DO NOT DELETE
authoring-byte-order little-endian;
server-duid "\000\001\000\001&`\315\277\000\014)?s\225";
lease 10.0.0.100 {
starts 3 2020/05/27 07:12:33;
ends 4 2020/05/28 07:12:33;
cltt 3 2020/05/27 07:12:33;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:0c:29:01:f9:48;
}

Example: DHCP server assigns fixed IP to specified host

[root@centos8 ~]#vim /etc/dhcp/dhcpd.conf
subnet 10.0.0.0 netmask 255.255.255.0 {
 range 10.0.0.50 10.0.0.100;
 range 10.0.0.150 10.0.0.200;
 option routers 10.0.0.2;
 next-server 10.0.0.8;
 filename "pxelinux.0";
}
host test {
hardware ethernet 00:0c:29:cd:90:10;
fixed-address 10.0.0.123;
}

Implement TFTP service

TFTP introduction

TFTP: Trivial File Transfer Protocol, a simple high-level protocol for transferring files, is
a simplified version of the File Transfer Protocol (FTP) . Used to transfer files that are easier to use but less functional than the file transfer protocol (FTP)
. The difference between TFTP and FTP

1. The difference in security
FTP supports login security, with appropriate authentication and encryption protocols. It needs to communicate with FTP authentication during the establishment of a connection.
TFTP is an open protocol, lacks security, has no encryption mechanism, and does not need to communicate with TFTP Certification

2. The difference between the transport layer protocol
FTP uses TCP as the transport layer protocol, TFTP uses UDP as the transport layer protocol

3. The difference between using ports
FTP uses 2 ports: TCP port 21, which is a listening port; TCP port 20 or higher, TCP port 1024 or higher for source connection.
TFTP uses only one port with stop and wait mode: port: 69 /udp

4. The difference between RFC
FTP is based on RFC 959 document with other RFC covering security measures; TFTP is based on RFC 1350 document

5. Differences in executing commands
FTP has many executable commands (get, put, ls, dir, lcd) and can list directories, etc.
TFTP has only 5 commands that can be executed (rrq, wrq, data, ack, error)

Install and use TFTP

Installation package:

• tftp-server #server package
• tftp #client package

Example: Install and download files using tftp

#安装tftp服务器包
[root@centos8 ~]#dnf install tftp-server -y
[root@centos8 ~]#rpm -ql tftp-server
/usr/lib/.build-id
/usr/lib/.build-id/8c
/usr/lib/.build-id/8c/6921a9fb21d66da4fb299d516bce9ee6afea34
/usr/lib/systemd/system/tftp.service #tftp service文件
/usr/lib/systemd/system/tftp.socket #tftp socket文件
/usr/sbin/in.tftpd  #tftp主程序
/usr/share/doc/tftp-server
/usr/share/doc/tftp-server/CHANGES
/usr/share/doc/tftp-server/README
/usr/share/doc/tftp-server/README.security
/usr/share/man/man8/in.tftpd.8.gz
/usr/share/man/man8/tftpd.8.gz
/var/lib/tftpboot  #TFTP服务数据目录
#启动服务
[root@centos8 ~]#systemctl enable --now tftp.service
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket →
/usr/lib/systemd/system/tftp.socket.
[root@centos8 ~]#ss -nulp|grep tftp
UNCONN  0     0             *:69           *:*   
users:(("in.tftpd",pid=10100,fd=0),("systemd",pid=1,fd=32))
#准备测试文件
[root@centos8 ~]#cp /etc/fstab /var/lib/tftpboot/f1.txt
[root@centos8 ~]#mkdir /var/lib/tftpboot/dir
[root@centos8 ~]#cp /etc/password /var/lib/tftpboot/dir/f2.txt
#安装tftp客户端包
[root@centos7 ~]#yum -y install tftp
#客户端通过tftp测试下载文件
[root@centos7 ~]#tftp 10.0.0.8
tftp> help
tftp-hpa 5.2
Commands may be abbreviated. Commands are:
connect connect to remote tftp
mode  set file transfer mode
put   send file
get   receive file
quit  exit tftp
verbose toggle verbose mode
trace  toggle packet tracing
literal toggle literal mode, ignore ':' in file name
status show current status
binary set mode to octet
ascii  set mode to netascii
rexmt  set per-packet transmission timeout
timeout set total retransmission timeout
?    print help information
help  print help information
tftp> get f1.txt
tftp> get dir/f2.txt
tftp> quit
[root@centos7 ~]#ls
anaconda-ks.cfg f1.txt f2.txt
#以下在tftp服务器执行，当用户下载文件后，可以观察到服务器端自动打开in.tftpd主程序
[root@centos8 tftpboot]#ps aux|grep in.tftp
root    1276  0.0  0.2  14912  1720 ?    Ss  12:03  0:00
/usr/sbin/in.tftpd -s /var/lib/tftpboot
root    1282  0.0  0.1  12108  960 pts/0  R+  12:04  0:00 grep --
color=auto in.tftp