pxe服务器——麒麟信安OS部署PXE

#!/bin/bash
osversion=kylinsec_HPC
cdromdir="/mnt"
tftpdir="/var/lib/tftpboot"
dhcpNet="168.7.10.0"
netMask="255.255.255.0"
dhcpRange="168.7.10.100 168.7.10.200"
nextServer="168.7.10.123"
isoimage="/root/*.iso"
httpServer=$nextServer

#-----------------------------------------------------------
function v_base(){
iptables -F || echo ""
systemctl stop firewalld
systemctl disable firewalld
sed -i '/SELINUX=/ s#enforcing#disabled#g' /etc/selinux/config
setenforce 0 || echo ""
mkdir -p $cdromdir
mount $isoimage $cdromdir || echo ""
cat>/etc/yum.repos.d/${osversion}_http.repo<<EOF
[${osversion}_http]
name=${osversion}_http
baseurl=file:///$cdromdir
#baseurl=http://$nextServer
enabled=1
gpgcheck=0
EOF
yum --disablerepo="*" --enablerepo="${osversion}_http" install -y httpd net-tools vim vsftpd tftp tftp-server dhcp 
cd /var/www/html || mkdir -p /var/www/html/ 
cp -r $cdromdir/* /var/www/html/
sed -i '/http:/ s,#baseurl,baseurl,g' /etc/yum.repos.d/${osversion}_http.repo
sed -i '/file:/ s,baseurl,#baseurl=,g' /etc/yum.repos.d/${osversion}_http.repo
systemctl enable httpd && systemctl start httpd
systemctl enable tftp && systemctl start tftp
}

function v_dhcp(){
#-- dhcp
yum --disablerepo="*" --enablerepo="${osversion}_http" install -y dhcp 
cat>/etc/dhcp/dhcpd.conf<<EOF
subnet $dhcpNet netmask $netMask {
        range $dhcpRange;
        option subnet-mask $netMask;
        default-lease-time 21600;
        max-lease-time 43200;
        next-server $nextServer;
        filename "grubaa64.efi";
}
EOF
systemctl start dhcpd && systemctl enable dhcpd
}

function v_tftp(){
#-- tftp
yum --disablerepo="*" --enablerepo="${osversion}_http" install -y tftp tftp-server 
cp -r $cdromdir/EFI/BOOT/*  $tftpdir/
cp -r $cdromdir/images/pxeboot/*    $tftpdir/
cd /var/www/html || mkdir -p /var/www/html/ 
sed -i '/disable/ s#yes#no#g' /etc/xinetd.d/tftp || echo ""
systemctl start tftp  && systemctl enable tftp

cat>$tftpdir/grub.cfg<<'EOF'
set default="0"

function load_video {
  if [ x$feature_all_video_module = xy ]; then
    insmod all_video
  else
    insmod efi_gop
    insmod efi_uga
    insmod ieee1275_fb
    insmod vbe
    insmod vga
    insmod video_bochs
    insmod video_cirrus
  fi
}

load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
set timeout=3
### END /etc/grub.d/00_header ###
EOF

cat>>$tftpdir/grub.cfg<<EOF
search --no-floppy --set=root -1 '$osversion'

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Install ${osversion}' --class red --class gnu-linux --class gnu --class os {
set root=(tftp,$nextServer)
 linux  /vmlinuz ro inst.ks=http://$httpServer/ks/${osversion}-ks.cfg
#linux  /vmlinuz ro inst.geoloc=0 console=ttyAMA0 console=tty0 rd.iscsi.waitnet=0 inst.ks=http://$httpServer/ks/${osversion}-ks.cfg
 initrd /initrd.img
}
EOF
chmod 777 -R /var/lib/tftpboot/
}


function v_ks(){
yum --disablerepo="*" --enablerepo="${osversion}_http" install -y httpd net-tools vim vsftpd tftp tftp-server dhcp 
mkdir -p /var/www/html/ks/
systemctl start httpd && systemctl enable httpd
cat>/var/www/html/ks/${osversion}-ks.cfg<<EOFF
graphical
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
clearpart --all --initlabel
timezone Asia/Shanghai --utc
firstboot --enable
firewall --disabled
selinux --disabled
reboot
eula --agreed
network  --hostname=localhost.localdomain

%packages
#@^graphical-server-environment
@development
@system-tools
%end

url --url=http://$httpServer
network  --bootproto=dhcp --device=enp4s0 --onboot=on  --ipv6=auto --activate
#network  --bootproto=static --device=enp4s0 --gateway=168.7.10.1 --ip=168.7.10.105 --nameserver=114.114.114.114 --netmask=255.255.255.0 --onboot=off --ipv6=off --activate

##################################################################################################
ignoredisk --only-use=vda

# Disk partitioning information
part /boot/efi --fstype="efi" --ondisk=vda --size=1024 --fsoptions="umask=0077,shortname=winnt"
#part /backup --fstype="ext4" --ondisk=vda --size=14330
part pv.992 --fstype="lvmpv" --ondisk=vda --size=81924
part /var/log --fstype="ext4" --ondisk=vda --size=51200
part swap --fstype="swap" --ondisk=vda --size=4096
part /boot --fstype="ext4" --ondisk=vda --size=1024
volgroup ko --pesize=4096 pv.992
logvol / --fstype="ext4" --size=81920 --name=root --vgname=ko

# Root password
rootpw --iscrypted $y$j9T$9Vz91cephr1I19Xx7Yp2N06T$CL5kJU4.eqBEJc83SJHI05JqjDjsvShxqRmObSmXzN7

%post
cat >/etc/yum.repos.d/local.repo<<EOF
[kylinsec_HPC_http]
name=kylinsec_HPC_http
baseurl=http://$nextServer
enabled=1
gpgcheck=0
EOF

cat>/root/inst.sh<<EOF
#!/bin/bash 
echo hello >/root/info.txt
EOF

if [ -e /root/inst.sh ];then
/bin/bash -x /root/inst.sh
fi
%end
EOFF
chmod 777 -R /var/www/html/ks
}

v_base
v_dhcp
v_tftp
v_ks