RHEL9.4上搭建支持PXE启动环境的TFTP服务
日期:2024.12.1
计划:在RHEL9.4上搭建TFTP(Trivial File Transfer Protocol)服务,当环境内新创建的虚拟机通过网络PXE(Preboot eXecution Environment)启动时,首先通过DHCP服务器获取IP地址,然后获取TFTP服务器的地址和pxelinux.0文件的路径。在通过TFTP服务器获取安装操作系统的相关文件,实现操作系统的自动化安装。
参照:
- 马哥教育王老师课程
- 7.4. 为基于 BIOS 的客户端配置 TFTP 服务器
https://docs.redhat.com/zh-cn/documentation/red_hat_enterprise_linux/9/html/interactively_installing_rhel_over_the_network/configuring-a-tftp-server-for-bios-based-clients_preparing-for-a-network-install#configuring-a-tftp-server-for-bios-based-clients_preparing-for-a-network-install - How to netboot the server installer on amd64
https://ubuntu.com/server/docs/how-to-netboot-the-server-installer-on-amd64
看下RHEL9的防火墙,把tftp端口打开
[root@RHEL9 ~]# firewall-cmd --list-services
http ssh
[root@RHEL9 ~]# firewall-cmd --info-service=tftp
tftp
ports: 69/udp
protocols:
source-ports:
modules:
destination:
includes:
helpers: tftp
[root@RHEL9 ~]# firewall-cmd --query-service=tftp
no
[root@RHEL9 ~]# firewall-cmd --query-service=tftp || firewall-cmd --add-service=tftp --permanent
no
success
[root@RHEL9 ~]# firewall-cmd --reload
success
[root@RHEL9 ~]# firewall-cmd --query-service=tftp
yes
[root@RHEL9 ~]# firewall-cmd --list-services
http ssh tftp
tftp服务是tftp-server包提供的,tftp包是客户端包
[root@RHEL9 ~]# dnf search tftp
Updating Subscription Management repositories.
Last metadata expiration check: 4:19:43 ago on Sun 01 Dec 2024 11:12:33 AM CST.
=================================== Name & Summary Matched: tftp ===================================
tftp.x86_64 : The client for the Trivial File Transfer Protocol (TFTP)
erlang-tftp.x86_64 : TFTP client
syslinux-tftpboot.noarch : SYSLINUX modules in /tftpboot, available for network booting
tftp-server.x86_64 : The server for the Trivial File Transfer Protocol (TFTP)
[root@RHEL9 ~]# dnf install -y tftp-server
/var/lib/tftpboot 是tftp对外提供文件的默认根目录
[root@RHEL9 ~]# rpm -ql tftp-server
/usr/lib/.build-id
/usr/lib/.build-id/8d
/usr/lib/.build-id/8d/0627af37fd237ae842dcdcf5f0f61c540aab48
/usr/lib/systemd/system/tftp.service
/usr/lib/systemd/system/tftp.socket
/usr/sbin/in.tftpd
/usr/share/doc/tftp-server
/usr/share/doc/tftp-server/CHANGES
/usr/share/doc/tftp-server/README
/usr/share/doc/tftp-server/README.security
/usr/share/man/man8/in.tftpd.8.gz
/usr/share/man/man8/tftpd.8.gz
/var/lib/tftpboot
-s可以指定启动时的根目录
[root@RHEL9 ~]# man tftpd
NAME
tftpd - Trivial File Transfer Protocol server
SYNOPSIS
in.tftpd [options...] directory...
--secure, -s
Change root directory on startup. This means the remote host does not need to pass
along the directory as part of the transfer, and may add security. When --secure
is specified, exactly one directory should be specified on the command line. The
use of this option is recommended for security as well as compatibility with some
boot ROMs which cannot be easily made to include a directory name in its request.
可以在 /usr/lib/systemd/system/tftp.service 修改启动的默认根目录
[root@RHEL9 ~]# cat /usr/lib/systemd/system/tftp.service
[Unit]
Description=Tftp Server
Requires=tftp.socket
Documentation=man:in.tftpd
[Service]
ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot
StandardInput=socket
[Install]
Also=tftp.socket
可执行程序是 /usr/sbin/in.tftpd 并没有名为 tftpd 的可执行程序
两个man帮助是软链接的关系
[root@RHEL9 ~]# which tftpd
/usr/bin/which: no tftpd in (/root/.local/bin:/root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin)
[root@RHEL9 ~]# which in.tftpd
/usr/sbin/in.tftpd
[root@RHEL9 ~]# diff /usr/share/man/man8/{,in.}tftpd.8.gz
[root@RHEL9 ~]# ll /usr/share/man/man8/{,in.}tftpd.8.gz
-rw-r--r--. 1 root root 5432 Jan 5 2024 /usr/share/man/man8/in.tftpd.8.gz
lrwxrwxrwx. 1 root root 13 Jan 5 2024 /usr/share/man/man8/tftpd.8.gz -> in.tftpd.8.gz
tftp.service无用户访问时并不启动,仅由ssytemd运行tftp.socket监听69端口,有请求访问69端口时再唤醒tftp.service
直接启动tftp.socket并设置开机自启
[root@RHEL9 ~]# ll /usr/lib/systemd/system/tftp.*
-rw-r--r--. 1 root root 189 Jan 5 2024 /usr/lib/systemd/system/tftp.service
-rw-r--r--. 1 root root 112 Jan 5 2024 /usr/lib/systemd/system/tftp.socket
[root@RHEL9 ~]# cat /usr/lib/systemd/system/tftp.socket
[Unit]
Description=Tftp Server Activation Socket
[Socket]
ListenDatagram=69
[Install]
WantedBy=sockets.target
[root@RHEL9 ~]# systemctl enable --now tftp.socket
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket → /usr/lib/systemd/system/tftp.socket.
参照红帽的帮助文档准备用于PXE启动的相关文件,文件存放在RHEL9的镜像下的 /AppStream/Packages/syslinux-tftpboot-version-architecture.rpm 包里,RHEL9上的HTTP服务已经搭好了,正好试下通过HTTP把这个包下载下来,wget可以看网页源码,curl也能下载文件
[root@RHEL9 ~]# man wget
NAME
Wget - The non-interactive network downloader.
SYNOPSIS
wget [option]... [URL]...
-q
--quiet
Turn off Wget's output.
-O file
--output-document=file
The documents will not be written to the appropriate files, but all will be concatenated together and written to file.
If - is used as file, documents will be printed to standard output, disabling link conversion.
[root@RHEL9 ~]# wget -qO - http://192.168.5.253/iso/rhel9/AppStream/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<title>Index of /iso/rhel9/AppStream</title>
</head>
<body>
<h1>Index of /iso/rhel9/AppStream</h1>
<table>
<tr><th valign="top"><img src="/icons/blank.gif" alt="[ICO]"></th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr>
<tr><th colspan="5"><hr></th></tr>
<tr><td valign="top"><img src="/icons/back.gif" alt="[PARENTDIR]"></td><td><a href="/iso/rhel9/">Parent Directory</a> </td><td> </td><td align="right"> - </td><td> </td></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="Packages/">Packages/</a> </td><td align="right">2024-03-22 19:20 </td><td align="right"> - </td><td> </td></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="repodata/">repodata/</a> </td><td align="right">2024-04-19 15:53 </td><td align="right"> - </td><td> </td></tr>
<tr><th colspan="5"><hr></th></tr>
</table>
</body></html>
[root@RHEL9 ~]# curl http://192.168.5.253/iso/rhel9/AppStream/Packages/syslinux-tftpboot-6.04-0.20.el9.noarch.rpm
Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output
Warning: <FILE>" to save to a file.
[root@RHEL9 ~]# curl http://192.168.5.253/iso/rhel9/AppStream/Packages/syslinux-tftpboot-6.04-0.20.el9.noarch.rpm --output syslinux-tftpboot-6.04-0.20.el9.noarch.rpm
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 475k 100 475k 0 0 464M 0 --:--:-- --:--:-- --:--:-- 464M
[root@RHEL9 ~]# ll -h syslinux-tftpboot-6.04-0.20.el9.noarch.rpm
-rw-r--r--. 1 root root 476K Dec 1 23:46 syslinux-tftpboot-6.04-0.20.el9.noarch.rpm
解压下载下来的软件包
[root@RHEL9 ~]# man cpio
NAME
cpio - copy files to and from archives
-i, --extract
Extract files from an archive (run in copy-in mode)
-d, --make-directories
Create leading directories where needed
-m, --preserve-modification-time
Retain previous file modification times when creating files
-v, --verbose
List the files processed, or with `-t', give an `ls -l' style table of contents listing. In a verbose table of
contents of a ustar archive, user and group names in the archive that do not exist on the local system are replaced
by the names that correspond locally to the numeric UID and GID stored in the archive.
[root@RHEL9 ~]# rpm2cpio syslinux-tftpboot-6.04-0.20.el9.noarch.rpm | cpio -idmv
./tftpboot
./tftpboot/cat.c32
./tftpboot/chain.c32
./tftpboot/cmd.c32
./tftpboot/cmenu.c32
./tftpboot/config.c32
... ...
[root@RHEL9 ~]# ls ./tftpboot/
cat.c32 cpuid.c32 dmitest.c32 host.c32 ldlinux.c32 linux.c32 menu.c32 pxechn.c32 syslinux.c32
chain.c32 cpuidtest.c32 elf.c32 ifcpu64.c32 lfs.c32 lpxelinux.0 pci.c32 pxelinux.0 vesa.c32
cmd.c32 debug.c32 ethersel.c32 ifcpu.c32 libcom32.c32 ls.c32 pcitest.c32 reboot.c32 vesainfo.c32
cmenu.c32 dhcp.c32 gfxboot.c32 ifmemdsk.c32 libgpl.c32 lua.c32 pmload.c32 rosh.c32 vesamenu.c32
config.c32 dir.c32 gpxecmd.c32 ifplop.c32 liblua.c32 mboot.c32 poweroff.c32 sanboot.c32 vpdtest.c32
cptime.c32 disk.c32 hdt.c32 kbdmap.c32 libmenu.c32 memdisk prdhcp.c32 sdi.c32 whichsys.c32
cpu.c32 dmi.c32 hexdump.c32 kontron_wdt.c32 libutil.c32 meminfo.c32 pwd.c32 sysdump.c32 zzjson.c32
在 /var/lib/tftpboot/ 目录下创建 pxelinux 目录,并将刚解压的文件拷贝进去
[root@RHEL9 ~]# pxedir=/var/lib/tftpboot/pxelinux/
[root@RHEL9 ~]# [ -d ${pxedir} ];echo $?
1
[root@RHEL9 ~]# [ -d ${pxedir} ] || mkdir ${pxedir}
[root@RHEL9 ~]# [ -d ${pxedir} ];echo $?
0
[root@RHEL9 ~]# ll -d ${pxedir}
drwxr-xr-x. 2 root root 6 Dec 2 00:20 /var/lib/tftpboot/pxelinux
[root@RHEL9 ~]# cp -pr ./tftpboot/* ${pxedir}
[root@RHEL9 ~]# ls ${pxedir}
cat.c32 cpuid.c32 dmitest.c32 host.c32 ldlinux.c32 linux.c32 menu.c32 pxechn.c32 syslinux.c32
chain.c32 cpuidtest.c32 elf.c32 ifcpu64.c32 lfs.c32 lpxelinux.0 pci.c32 pxelinux.0 vesa.c32
cmd.c32 debug.c32 ethersel.c32 ifcpu.c32 libcom32.c32 ls.c32 pcitest.c32 reboot.c32 vesainfo.c32
cmenu.c32 dhcp.c32 gfxboot.c32 ifmemdsk.c32 libgpl.c32 lua.c32 pmload.c32 rosh.c32 vesamenu.c32
config.c32 dir.c32 gpxecmd.c32 ifplop.c32 liblua.c32 mboot.c32 poweroff.c32 sanboot.c32 vpdtest.c32
cptime.c32 disk.c32 hdt.c32 kbdmap.c32 libmenu.c32 memdisk prdhcp.c32 sdi.c32 whichsys.c32
cpu.c32 dmi.c32 hexdump.c32 kontron_wdt.c32 libutil.c32 meminfo.c32 pwd.c32 sysdump.c32 zzjson.c32
在 /var/lib/tftpboot/pxelinux/ 目录下创建 pxelinux.cfg 目录,并在 pxelinux.cfg 目录下创建名为 default 的启动菜单配置文件
[root@RHEL9 ~]# pxepath=${pxedir}pxelinux.cfg/
[root@RHEL9 ~]# pxefile=${pxepath}default
[root@RHEL9 ~]# echo $pxe{dir,path,file}
/var/lib/tftpboot/pxelinux/ /var/lib/tftpboot/pxelinux/pxelinux.cfg/ /var/lib/tftpboot/pxelinux/pxelinux.cfg/default
[root@RHEL9 ~]# [ -d ${pxepath} ] || mkdir ${pxepath} && touch ${pxefile}
[root@RHEL9 ~]# ll ${pxefile}
-rw-r--r--. 1 root root 0 Dec 2 00:33 /var/lib/tftpboot/pxelinux/pxelinux.cfg/default
在 /var/lib/tftpboot/pxelinux/ 目录下根据各个linux发行版本的名称创建相对应的目录,并将相对应发行版本的引导镜像文件(vmlinuz,initrd.img)拷贝到相对应的目录当中,先把红帽家族的发行版都配置上去,其他发行版以后再研究,一个个拷贝太麻烦,脚本走起
[root@RHEL9 ~]# man curl
NAME
curl - transfer a URL
OUTPUT
If not told otherwise, curl writes the received data to stdout. It can be instructed to instead save that data into a lo‐
cal file, using the -o, --output or -O, --remote-name options. If curl is given multiple URLs to transfer on the command
line, it similarly needs multiple options for where to save them.
[root@RHEL9 ~]# cat iso2tftp.sh
#iso2tftp.sh
#Date: 2024-11-25
#!/bin/bash
pxedir=/var/lib/tftpboot/pxelinux
isodir=192.168.5.253/iso
distribution=('rhel9' 'rhel8' 'rocky9' 'rocky8' 'alma9' 'alma8' 'euro9' 'euro8' 'oracle9' 'oracle8' 'miracle9' 'miracle8' 'centos7' 'centos8' )
for dir in ${distribution[@]};do
[ -d ${pxedir}/${dir} ] || mkdir ${pxedir}/${dir} && curl ${isodir}/${dir}/isolinux/{vmlinuz,initrd.img} --output ${pxedir}/${dir}/vmlinuz --output ${pxedir}/${dir}/initrd.img
done
[root@RHEL9 ~]# sh -n iso2tftp.sh
[root@RHEL9 ~]# sh -x iso2tftp.sh
+ pxedir=/var/lib/tftpboot/pxelinux
+ isodir=192.168.5.253/iso
+ distribution=('rhel9' 'rhel8' 'rocky9' 'rocky8' 'alma9' 'alma8' 'euro9' 'euro8' 'oracle9' 'oracle8' 'miracle9' 'miracle8' 'centos7' 'centos8')
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/rhel9 ']'
+ mkdir /var/lib/tftpboot/pxelinux/rhel9
+ curl 192.168.5.253/iso/rhel9/isolinux/vmlinuz 192.168.5.253/iso/rhel9/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/rhel9/vmlinuz --output /var/lib/tftpboot/pxelinux/rhel9/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12.9M 100 12.9M 0 0 864M 0 --:--:-- --:--:-- --:--:-- 926M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101M 100 101M 0 0 1519M 0 --:--:-- --:--:-- --:--:-- 1519M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/rhel8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/rhel8
+ curl 192.168.5.253/iso/rhel8/isolinux/vmlinuz 192.168.5.253/iso/rhel8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/rhel8/vmlinuz --output /var/lib/tftpboot/pxelinux/rhel8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 942M 0 --:--:-- --:--:-- --:--:-- 942M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 87.0M 100 87.0M 0 0 1527M 0 --:--:-- --:--:-- --:--:-- 1527M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/rocky9 ']'
+ mkdir /var/lib/tftpboot/pxelinux/rocky9
+ curl 192.168.5.253/iso/rocky9/isolinux/vmlinuz 192.168.5.253/iso/rocky9/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/rocky9/vmlinuz --output /var/lib/tftpboot/pxelinux/rocky9/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12.9M 100 12.9M 0 0 926M 0 --:--:-- --:--:-- --:--:-- 926M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101M 100 101M 0 0 1520M 0 --:--:-- --:--:-- --:--:-- 1520M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/rocky8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/rocky8
+ curl 192.168.5.253/iso/rocky8/isolinux/vmlinuz 192.168.5.253/iso/rocky8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/rocky8/vmlinuz --output /var/lib/tftpboot/pxelinux/rocky8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 942M 0 --:--:-- --:--:-- --:--:-- 942M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 87.0M 100 87.0M 0 0 1553M 0 --:--:-- --:--:-- --:--:-- 1526M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/alma9 ']'
+ mkdir /var/lib/tftpboot/pxelinux/alma9
+ curl 192.168.5.253/iso/alma9/isolinux/vmlinuz 192.168.5.253/iso/alma9/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/alma9/vmlinuz --output /var/lib/tftpboot/pxelinux/alma9/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12.9M 100 12.9M 0 0 998M 0 --:--:-- --:--:-- --:--:-- 1081M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101M 100 101M 0 0 1567M 0 --:--:-- --:--:-- --:--:-- 1567M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/alma8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/alma8
+ curl 192.168.5.253/iso/alma8/isolinux/vmlinuz 192.168.5.253/iso/alma8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/alma8/vmlinuz --output /var/lib/tftpboot/pxelinux/alma8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 1037M 0 --:--:-- --:--:-- --:--:-- 1037M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 87.0M 100 87.0M 0 0 1527M 0 --:--:-- --:--:-- --:--:-- 1554M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/euro9 ']'
+ mkdir /var/lib/tftpboot/pxelinux/euro9
+ curl 192.168.5.253/iso/euro9/isolinux/vmlinuz 192.168.5.253/iso/euro9/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/euro9/vmlinuz --output /var/lib/tftpboot/pxelinux/euro9/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12.9M 100 12.9M 0 0 1081M 0 --:--:-- --:--:-- --:--:-- 1081M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101M 100 101M 0 0 1536M 0 --:--:-- --:--:-- --:--:-- 1536M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/euro8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/euro8
+ curl 192.168.5.253/iso/euro8/isolinux/vmlinuz 192.168.5.253/iso/euro8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/euro8/vmlinuz --output /var/lib/tftpboot/pxelinux/euro8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 1036M 0 --:--:-- --:--:-- --:--:-- 1036M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 86.5M 100 86.5M 0 0 1518M 0 --:--:-- --:--:-- --:--:-- 1518M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/oracle9 ']'
+ mkdir /var/lib/tftpboot/pxelinux/oracle9
+ curl 192.168.5.253/iso/oracle9/isolinux/vmlinuz 192.168.5.253/iso/oracle9/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/oracle9/vmlinuz --output /var/lib/tftpboot/pxelinux/oracle9/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12.9M 100 12.9M 0 0 1082M 0 --:--:-- --:--:-- --:--:-- 1082M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101M 100 101M 0 0 1536M 0 --:--:-- --:--:-- --:--:-- 1536M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/oracle8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/oracle8
+ curl 192.168.5.253/iso/oracle8/isolinux/vmlinuz 192.168.5.253/iso/oracle8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/oracle8/vmlinuz --output /var/lib/tftpboot/pxelinux/oracle8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 1037M 0 --:--:-- --:--:-- --:--:-- 1037M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 87.3M 100 87.3M 0 0 1560M 0 --:--:-- --:--:-- --:--:-- 1560M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/miracle9 ']'
+ mkdir /var/lib/tftpboot/pxelinux/miracle9
+ curl 192.168.5.253/iso/miracle9/isolinux/vmlinuz 192.168.5.253/iso/miracle9/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/miracle9/vmlinuz --output /var/lib/tftpboot/pxelinux/miracle9/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12.9M 100 12.9M 0 0 1081M 0 --:--:-- --:--:-- --:--:-- 1081M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101M 100 101M 0 0 347M 0 --:--:-- --:--:-- --:--:-- 347M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/miracle8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/miracle8
+ curl 192.168.5.253/iso/miracle8/isolinux/vmlinuz 192.168.5.253/iso/miracle8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/miracle8/vmlinuz --output /var/lib/tftpboot/pxelinux/miracle8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 143M 0 --:--:-- --:--:-- --:--:-- 145M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 87.0M 100 87.0M 0 0 201M 0 --:--:-- --:--:-- --:--:-- 200M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/centos7 ']'
+ mkdir /var/lib/tftpboot/pxelinux/centos7
+ curl 192.168.5.253/iso/centos7/isolinux/vmlinuz 192.168.5.253/iso/centos7/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/centos7/vmlinuz --output /var/lib/tftpboot/pxelinux/centos7/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6610k 100 6610k 0 0 717M 0 --:--:-- --:--:-- --:--:-- 717M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 52.5M 100 52.5M 0 0 1546M 0 --:--:-- --:--:-- --:--:-- 1546M
+ for dir in ${distribution[@]}
+ '[' -d /var/lib/tftpboot/pxelinux/centos8 ']'
+ mkdir /var/lib/tftpboot/pxelinux/centos8
+ curl 192.168.5.253/iso/centos8/isolinux/vmlinuz 192.168.5.253/iso/centos8/isolinux/initrd.img --output /var/lib/tftpboot/pxelinux/centos8/vmlinuz --output /var/lib/tftpboot/pxelinux/centos8/initrd.img
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 9.7M 100 9.7M 0 0 816M 0 --:--:-- --:--:-- --:--:-- 816M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 76.0M 100 76.0M 0 0 1551M 0 --:--:-- --:--:-- --:--:-- 1551M
查看结果,tree -I pattern 可以排除不想看的文件
[root@RHEL9 ~]# man tree
NAME
tree - list contents of directories in a tree-like format.
-I pattern
Do not list those files that match the wild-card pattern.
[root@RHEL9 ~]# tree -I *.c32 /var/lib/tftpboot/pxelinux/
/var/lib/tftpboot/pxelinux/
├── alma8
│ ├── initrd.img
│ └── vmlinuz
├── alma9
│ ├── initrd.img
│ └── vmlinuz
├── centos7
│ ├── initrd.img
│ └── vmlinuz
├── centos8
│ ├── initrd.img
│ └── vmlinuz
├── euro8
│ ├── initrd.img
│ └── vmlinuz
├── euro9
│ ├── initrd.img
│ └── vmlinuz
├── lpxelinux.0
├── memdisk
├── miracle8
│ ├── initrd.img
│ └── vmlinuz
├── miracle9
│ ├── initrd.img
│ └── vmlinuz
├── oracle8
│ ├── initrd.img
│ └── vmlinuz
├── oracle9
│ ├── initrd.img
│ └── vmlinuz
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── rhel8
│ ├── initrd.img
│ └── vmlinuz
├── rhel9
│ ├── initrd.img
│ └── vmlinuz
├── rocky8
│ ├── initrd.img
│ └── vmlinuz
└── rocky9
├── initrd.img
└── vmlinuz
15 directories, 32 files
编辑启动菜单配置文件 /var/lib/tftpboot/pxelinux/pxelinux.cfg/default 还是脚本
[root@RHEL9 ~]# cat pxemenu.sh
#pxemenu.sh
#Date: 2024-11-25
#!/bin/bash
distribution=('rhel9' 'rhel8' 'rocky9' 'rocky8' 'alma9' 'alma8' 'euro9' 'euro8' 'oracle9' 'oracle8' 'miracle9' 'miracle8' 'centos7' 'centos8')
pxepath=/var/lib/tftpboot/pxelinux/
pxefile=${pxepath}pxelinux.cfg/default
repopath=http://192.168.5.253/iso/
cat << EOF >> ${pxefile}
default vesamenu.c32
prompt 1
timeout 600
display boot.msg
EOF
for distr in ${distribution[@]} ; do
cat << EOF >> ${pxefile}
label ${distr}
menu label Install ${distr}
kernel ${distr}/vmlinuz
append initrd=${distr}/initrd.img ip=dhcp inst.repo=${repopath}${distr}
EOF
done
cat << EOF >> ${pxefile}
label local
menu label Boot from local drive
menu default
localboot 0xffff
EOF
[root@RHEL9 ~]# sh -n pxemenu.sh
[root@RHEL9 ~]# sh -x pxemenu.sh
+ distribution=('rhel9' 'rhel8' 'rocky9' 'rocky8' 'alma9' 'alma8' 'euro9' 'euro8' 'oracle9' 'oracle8' 'miracle9' 'miracle8' 'centos7' 'centos8')
+ pxepath=/var/lib/tftpboot/pxelinux/
+ pxefile=/var/lib/tftpboot/pxelinux/pxelinux.cfg/default
+ repopath=http://192.168.5.253/iso/
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ for distr in ${distribution[@]}
+ cat
+ cat
[root@RHEL9 ~]# cat /var/lib/tftpboot/pxelinux/pxelinux.cfg/default
default vesamenu.c32
prompt 1
timeout 600
display boot.msg
label rhel9
menu label Install rhel9
kernel rhel9/vmlinuz
append initrd=rhel9/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/rhel9
label rhel8
menu label Install rhel8
kernel rhel8/vmlinuz
append initrd=rhel8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/rhel8
label rocky9
menu label Install rocky9
kernel rocky9/vmlinuz
append initrd=rocky9/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/rocky9
label rocky8
menu label Install rocky8
kernel rocky8/vmlinuz
append initrd=rocky8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/rocky8
label alma9
menu label Install alma9
kernel alma9/vmlinuz
append initrd=alma9/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/alma9
label alma8
menu label Install alma8
kernel alma8/vmlinuz
append initrd=alma8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/alma8
label euro9
menu label Install euro9
kernel euro9/vmlinuz
append initrd=euro9/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/euro9
label euro8
menu label Install euro8
kernel euro8/vmlinuz
append initrd=euro8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/euro8
label oracle9
menu label Install oracle9
kernel oracle9/vmlinuz
append initrd=oracle9/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/oracle9
label oracle8
menu label Install oracle8
kernel oracle8/vmlinuz
append initrd=oracle8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/oracle8
label miracle9
menu label Install miracle9
kernel miracle9/vmlinuz
append initrd=miracle9/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/miracle9
label miracle8
menu label Install miracle8
kernel miracle8/vmlinuz
append initrd=miracle8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/miracle8
label centos7
menu label Install centos7
kernel centos7/vmlinuz
append initrd=centos7/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/centos7
label centos8
menu label Install centos8
kernel centos8/vmlinuz
append initrd=centos8/initrd.img ip=dhcp inst.repo=http://192.168.5.253/iso/centos8
label local
menu label Boot from local drive
menu default
localboot 0xffff
在rocky9上编辑dhcp配置文件 /etc/dhcp/dhcpd.conf,在里面指明 next-server 地址 192.168.5.253 和文件路径 pxelinux/pxelinux.0
[root@ROCKY9 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp-server/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
log-facility local6;
default-lease-time 60000;
max-lease-time 600000;
option domain-name-servers 218.2.2.2, 218.4.4.4;
authoritativ;
shared-network dmz{
subnet 172.31.0.0 netmask 255.255.255.0 {
range 172.31.0.100 172.31.0.199;
option routers 172.31.0.254;
}
}
subnet 10.31.0.0 netmask 255.255.255.0 {
range 10.31.0.100 10.31.0.199;
option routers 10.31.0.254;
}
[root@ROCKY9 ~]# sed -Ei.bak '/authoritativ;/i next-server 192.168.5.253;\nfilename "pxelinux/pxelinux.0";\n' /etc/dhcp/dhcpd.conf
[root@ROCKY9 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp-server/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
log-facility local6;
default-lease-time 60000;
max-lease-time 600000;
option domain-name-servers 218.2.2.2, 218.4.4.4;
next-server 192.168.5.253;
filename "pxelinux/pxelinux.0";
authoritativ;
shared-network dmz{
subnet 172.31.0.0 netmask 255.255.255.0 {
range 172.31.0.100 172.31.0.199;
option routers 172.31.0.254;
}
}
subnet 10.31.0.0 netmask 255.255.255.0 {
range 10.31.0.100 10.31.0.199;
option routers 10.31.0.254;
}
对修改后的配置文件进行语法检测,重启服务
[root@ROCKY9 ~]# dhcpd -T
Internet Systems Consortium DHCP Server 4.4.2b1
Copyright 2004-2019 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
ldap_gssapi_principal is not set,GSSAPI Authentication for LDAP will not be used
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Config file: /etc/dhcp/dhcpd.conf
Database file: /var/lib/dhcpd/dhcpd.leases
PID file: /var/run/dhcpd.pid
Source compiled to use binary-leases
Wrote 4 leases to leases file.
Lease file test successful, removing temp lease file: /var/lib/dhcpd/dhcpd.leases.1734103572
[root@ROCKY9 ~]# systemctl restart dhcpd.service
[root@ROCKY9 ~]# systemctl status dhcpd.service
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; preset: disabled)
Active: active (running) since Fri 2024-12-13 23:26:40 CST; 9s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 1268 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1 (limit: 5885)
Memory: 4.6M
CPU: 8ms
CGroup: /system.slice/dhcpd.service
└─1268 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Copyright 2004-2019 Internet Systems Consortium.
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: All rights reserved.
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: For info, please visit https://www.isc.org/software/dhcp/
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Source compiled to use binary-leases
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Wrote 4 leases to leases file.
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Listening on LPF/enp1s0/52:54:00:10:31:01/10.31.0.0/24
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Sending on LPF/enp1s0/52:54:00:10:31:01/10.31.0.0/24
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Sending on Socket/fallback/fallback-net
Dec 13 23:26:40 ROCKY9 dhcpd[1268]: Server starting service.
Dec 13 23:26:40 ROCKY9 systemd[1]: Started DHCPv4 Server Daemon.
创建一个测试用的虚拟机,在dmz网段,先跨网段连接DHCP服务器,再跨网段连接TFTP和HTTP服务器
内存分大一点,我测试用的2.5G可行,cpu也先给分俩核回头再改回单核
创建test虚拟机脚本
[root@RHEL9 ~]# cat testcreate.sh
#guestcreate.sh
#Date: 2024-11-08
#!/bin/bash
bootdev=network
#bootdev=cdrom
#isopath=/data/ISO/
guestname=test
guestmem=2621440
guestcups=2
hddir=/kvm/
hdsize=10G
hdpath=${hddir}${guestname}.img
vncport=5902
vncpasswd=hatred
#wanmac='52:54:00:92:31:FE'
dmzmac='52:54:00:72:31:A0'
#lanmac='52:54:00:10:31:FE'
xmldir=/data/xml/
xmlpath=${xmldir}${guestname}.xml
[ -f ${hdpath} ] || qemu-img create -f qcow2 ${hdpath} ${hdsize}
cat > ${xmlpath} << EOF
<domain type="kvm">
<name>${guestname}</name>
<uuid>$(uuidgen)</uuid>
<memory>${guestmem}</memory>
<vcpu>${guestcups}</vcpu>
<os>
<type arch="x86_64" machine="q35">hvm</type>
<boot dev="hd"/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode="host-passthrough"/>
<clock offset="utc">
<timer name="rtc" tickpolicy="catchup"/>
<timer name="pit" tickpolicy="delay"/>
<timer name="hpet" present="no"/>
</clock>
<pm>
<suspend-to-mem enabled="no"/>
<suspend-to-disk enabled="no"/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type="file" device="disk">
<driver name="qemu" type="qcow2" discard="unmap"/>
<source file="${hdpath}"/>
<target dev="vda" bus="virtio"/>
</disk>
<controller type="usb" model="qemu-xhci" ports="15"/>
<controller type="pci" model="pcie-root"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<console type="pty"/>
<channel type="unix">
<source mode="bind"/>
<target type="virtio" name="org.qemu.guest_agent.0"/>
</channel>
<input type="tablet" bus="usb"/>
<graphics type="vnc" port="${vncport}" listen="0.0.0.0" passwd="${vncpasswd}"/>
<video>
<model type="virtio"/>
</video>
<memballoon model="virtio"/>
<rng model="virtio">
<backend model="random">/dev/urandom</backend>
</rng>
</devices>
</domain>
EOF
[[ -n ${bootdev} ]] && sed -Ei '/ <boot dev="hd"\/>/a \ <boot dev="'''${bootdev}'''"\/>' ${xmlpath}
[[ -n ${isopath} ]] && sed -Ei '/ <controller type="usb" model="qemu-xhci" ports="15"\/>/i \ <disk type="file" device="cdrom">\n <driver name="qemu" type="raw"\/>\n <source file="'''${isopath}'''"\/>\n <target dev="sda" bus="sata"\/>\n <readonly\/>\n <\/disk>' ${xmlpath}
[[ -n ${wanmac} ]] && sed -Ei '/ <console type="pty"\/>/i \ <interface type="bridge">\n <source bridge="WANbridge"/>\n <mac address="'''${wanmac}'''"\/>\n <model type="virtio"\/>\n <\/interface>' ${xmlpath}
[[ -n ${dmzmac} ]] && sed -Ei '/ <console type="pty"\/>/i \ <interface type="bridge">\n <source bridge="DMZbridge"/>\n <mac address="'''${dmzmac}'''"\/>\n <model type="virtio"\/>\n <\/interface>' ${xmlpath}
[[ -n ${lanmac} ]] && sed -Ei '/ <console type="pty"\/>/i \ <interface type="bridge">\n <source bridge="LANbridge"/>\n <mac address="'''${lanmac}'''"\/>\n <model type="virtio"\/>\n <\/interface>' ${xmlpath}
virsh create ${xmlpath}
test虚拟机xml文件
[root@RHEL9 ~]# cat /data/xml/test.xml
<domain type="kvm">
<name>test</name>
<uuid>02904703-fb28-411b-a38d-145ae9917858</uuid>
<memory>2621440</memory>
<vcpu>2</vcpu>
<os>
<type arch="x86_64" machine="q35">hvm</type>
<boot dev="hd"/>
<boot dev="network"/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode="host-passthrough"/>
<clock offset="utc">
<timer name="rtc" tickpolicy="catchup"/>
<timer name="pit" tickpolicy="delay"/>
<timer name="hpet" present="no"/>
</clock>
<pm>
<suspend-to-mem enabled="no"/>
<suspend-to-disk enabled="no"/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type="file" device="disk">
<driver name="qemu" type="qcow2" discard="unmap"/>
<source file="/kvm/test.img"/>
<target dev="vda" bus="virtio"/>
</disk>
<controller type="usb" model="qemu-xhci" ports="15"/>
<controller type="pci" model="pcie-root"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<controller type="pci" model="pcie-root-port"/>
<interface type="bridge">
<source bridge="DMZbridge"/>
<mac address="52:54:00:72:31:A0"/>
<model type="virtio"/>
</interface>
<console type="pty"/>
<channel type="unix">
<source mode="bind"/>
<target type="virtio" name="org.qemu.guest_agent.0"/>
</channel>
<input type="tablet" bus="usb"/>
<graphics type="vnc" port="5902" listen="0.0.0.0" passwd="hatred"/>
<video>
<model type="virtio"/>
</video>
<memballoon model="virtio"/>
<rng model="virtio">
<backend model="random">/dev/urandom</backend>
</rng>
</devices>
</domain>
激动人心的时刻,vnc发起连接
通过网络启动在dhcp服务器上获取网络参数和next-server地址及pxelinux.0路径
在tftp上获取启动文件及菜单文件后进入到菜单界面
连接到http服务器获取安装系统所需的程序
成功进入到安装界面
RHEL9TFTP配置脚本
[root@RHEL9 ~]# cat rhel9tftp.sh
#rhel9tftp.sh
#Date: 2024-12-14
#!/bin/bash
repository=http://192.168.5.253/iso/
tftp_rpm_path=${repository}rhel9/AppStream/Packages/syslinux-tftpboot-6.04-0.20.el9.noarch.rpm
pxedir=/var/lib/tftpboot/pxelinux/
pxepath=${pxedir}pxelinux.cfg/
pxefile=${pxepath}default
#确保firewalld防火墙tftp端口打开
firewall-cmd --query-service=tftp || firewall-cmd --add-service=tftp --permanent
firewall-cmd --reload
#确保tftp-server包已安装
rpm -q tftp-server || yum install -y tftp-server
#启动并配置tftp.socket开机自启
systemctl enable --now tftp.socket
#获取syslinux-tftpboot的rpm包并解压
curl ${tftp_rpm_path} --output /tmp/tftpboot.rpm
rpm2cpio /tmp/tftpboot.rpm | cpio -idmv
#创建存放tftpboot的目录并拷贝
[ -d ${pxedir} ] || mkdir ${pxedir}
cp -pr /tmp/tftpboot/* ${pxedir}
#创建启动菜单文件
[ -d ${pxepath} ] || mkdir ${pxepath} && touch ${pxefile}
#下载各发行启动版镜像至各自文件夹
distribution=('rhel9' 'rhel8' 'rocky9' 'rocky8' 'alma9' 'alma8' 'euro9' 'euro8' 'oracle9' 'oracle8' 'miracle9' 'miracle8' 'centos8' 'centos7' )
for dir in ${distribution[@]};do
[ -d ${pxedir}${dir} ] || mkdir ${pxedir}${dir} && curl ${repository}${dir}/isolinux/{vmlinuz,initrd.img} --output ${pxedir}${dir}/vmlinuz --output ${pxedir}${dir}/initrd.img
done
#编写启动菜单文件
cat << EOF >> ${pxefile}
default vesamenu.c32
prompt 1
timeout 600
display boot.msg
EOF
for distr in ${distribution[@]} ; do
cat << EOF >> ${pxefile}
label ${distr}
menu label Install ${distr}
kernel ${distr}/vmlinuz
append initrd=${distr}/initrd.img ip=dhcp inst.repo=${repository}${distr}
EOF
done
cat << EOF >> ${pxefile}
label local
menu label Boot from local drive
menu default
localboot 0xffff
EOF
修改后的ROCKY9上的DHCP配置文件
[root@RHEL9 ~]# cat /data/sh/rocky9dhcp.sh
#rocky9dhcp.sh
#Date: 2024-11-19
#!/bin/bash
dns1='218.2.2.2'
dns2=',218.4.4.4'
#用于配置pex服务
next_server='192.168.5.253'
pxe_path='pxelinux/pxelinux.0'
#安装dhcp服务
rpm -q dhcp-server || yum install -y dhcp-server
#备份配置文件
cp /etc/dhcp/dhcpd.conf{,.bak}
#编写配置文件
cat << EOF >> /etc/dhcp/dhcpd.conf
log-facility local6;
default-lease-time 60000;
max-lease-time 600000;
option domain-name-servers ${dns1}${dns2};
shared-network dmz{
subnet 172.31.0.0 netmask 255.255.255.0 {
range 172.31.0.100 172.31.0.199;
option routers 172.31.0.254;
}
}
subnet 10.31.0.0 netmask 255.255.255.0 {
range 10.31.0.100 10.31.0.199;
option routers 10.31.0.254;
}
EOF
[[ -n ${next_server} ]] && sed -Ei "/authoritativ;/i next-server ${next_server};" /etc/dhcp/dhcpd.conf
[[ -n ${pxe_path} ]] && sed -Ei '/authoritativ;/i filename "'''${pxe_path}'''";\n' /etc/dhcp/dhcpd.conf
#指定日志路径
echo 'local6.* /var/log/dhcp.log' > /etc/rsyslog.d/dhcp.conf
#重启日志服务
systemctl restart rsyslog.service
#启动dhcp服务
systemctl enable --now dhcpd.service
#配置防火墙
firewall-cmd --permanent --add-service=dhcp
firewall-cmd --reload
浙公网安备 33010602011771号