1、图形化最小安装debian7.5操作系统
2、更改debian的apt源配置文件/etc/apt/sources.list
root@duan:~#cat/etc/apt/sources.listdebhttp://ftp.de.debian.org/debianwheezymaincontribnon-freedeb-srchttp://ftp.de.debian.org/debianwheezymaincontribnon-free
3、更新apt,并配置网络安装所需要的服务(DHCP、TFTP、HTTP)
root@duan:~#apt-getupdateroot@duan:~#apt-getinstallisc-dhcp-servertftp-hpaapache2
修改相关配置文件并重启相关服务
#####DHCP#####cat/etc/dhcp/dhcpd.confdefault-lease-time600;max-lease-time7200;allowbooting;subnet192.168.100.0netmask255.255.255.0{range192.168.100.128192.168.100.253;optionbroadcast-address192.168.100.255;optionrouters192.168.100.100;#ourrouteroptiondomain-name-servers192.168.100.100;#ourrouter,againfilename"pxelinux.0";#(thiswewillprovidelater)group{next-server192.168.100.100;#ourServerhosttftpclient{filename"pxelinux.0";#(thiswewillprovidelater)}}
######TFTP#####root@debian:~#cat/etc/default/tftpd-hpa#/etc/default/tftpd-hpaTFTP_USERNAME="tftp"TFTP_DIRECTORY="/var/lib/tftpboot"TFTP_ADDRESS="0.0.0.0:69"TFTP_OPTIONS="--secure"
#####HTTP#####root@duan:~#mkdir-p/var/www/debian/root@duan:~#mkdir-p/var/www/pxe/root@duan:/var/www/pxe#ls/var/www/pxepreseed.cfgroot@duan:/var/www/pxe#ls/var/www/debian/autorun.infdistsg2ldrisolinuxREADME.htmlREADME.txtbootdocg2ldr.mbrmd5sum.txtREADME.mirrors.htmlsetup.execssefiinstallpicsREADME.mirrors.txttoolsdebianfirmwareinstall.amdpoolREADME.sourcewin32-loader.iniroot@duan:~#df-hFilesystemSizeUsedAvailUse%Mountedonrootfs38G7.7G29G22%/udev10M010M0%/devtmpfs100M660K99M1%/run/dev/disk/by-uuid/7b490b3d-5fe2-4929-bd37-7d97f893289038G7.7G29G22%/tmpfs5.0M05.0M0%/run/locktmpfs541M336K541M1%/run/shm/dev/loop03.7G3.7G0100%/var/www/debian
注:此处http的主要作用,就是将debian镜像及无人值守安装配置文件preseed.cfg,通过http服务提供给PXE客户端。
4、配置pxe开机引导文件
下载debian网络引导文件
root@duan:~#wgethttp://ftp.debian.org/debian/dists/Debian7.5/main/installer-amd64/current/images/netboot/netboot.tar.gz
将其解压到tftp根目录下
root@duan:~#tar-zxvfnetboot.tar.gz-C/var/lib/tftpboot
将其中pxelinux.0 pxelinux.cfg两个文件拷贝到tftp根目录下
root@duan:/var/lib/tftpboot#lsdebian-installerpxelinux.0pxelinux.cfg
编辑开机引导文件pxelinux.cfg/default
root@debian:/var/lib/tftpboot#catpxelinux.cfg/default#D-Iconfigversion2.0includedebian-installer/amd64/boot-screens/menu.cfgdefaultdebian-installer/amd64/boot-screens/vesamenu.c32prompt1timeout3DEFAULTwheezy_amd64LABELwheezy_amd64kerneldebian-installer/amd64/linuxappendvga=normalinitrd=debian-installer/amd64/initrd.gzauto=trueinterface=autonetcfg/dhcp_timeout=60netcfg/choose_interface=autopriority=criticalurl=http://192.168.100.100/pxe/preseed.cfgDEBCONF_DEBUG=5IPAPPEND2
编辑debian无人值守安装配置文件
配置文件比较详细的说明:http://www.debian.org/releases/stable/i386/apbs04.html.en
root@duan:~#cat/var/www/pxe/preseed.cfg
root@debian:~#cat/var/www/pxe/preseed.cfg####Contentsofthepreconfigurationfile###Localization#Localesetslanguageandcountry.d-idebian-installer/localestringen_USd-idebian-installer/languagestringend-idebian-installer/countrystringUSd-idebian-installer/localestringen_US.UTF-8d-ilocalechooser/supported-localesmultiselecten_US.UTF-8#d-idebian-installer/localestringen_US.UTF-8#Keyboardselection.#d-iconsole-keymaps-at/keymapselectusd-iconsole-keymaps-at/keymapselectusd-iconsole-tools/archsselectatd-ikeyboard-configuration/xkb-keymapselectus###Networkconfiguration#netcfgwillchooseaninterfacethathaslinkifpossible.Thismakesit#skipdisplayingalistifthereismorethanoneinterface.#doesn'tworkforbladeservers:(#d-inetcfg/choose_interfaceselectauto#Topickaparticularinterfaceinstead:#d-inetcfg/choose_interfaceselecteth0#d-inetcfg/choose_interfaceselecteth1#Ifyouhaveaslowdhcpserverandtheinstallertimesoutwaitingfor#it,thismightbeuseful.#d-inetcfg/dhcp_timeoutstring60###Mirrorsettingsd-imirror/countrystringmanuald-imirror/http/hostnamestring192.168.100.100d-imirror/http/directorystring/debian#d-imirror/http/proxystring http://web-proxy:3128/#Suitetoinstall.d-imirror/suitestringwheezy###Partitioning#Alternatively,youcanspecifyadisktopartition.Thedevicename#canbegivenineitherdevfsortraditionalnon-devfsformat.#Forexample,tousethefirstdisk:#Wehardcodethesmartarraydevice#d-ipartman-auto/diskstring/dev/sda#Inaddition,you'llneedtospecifythemethodtouse.#Thepresentlyavailablemethodsare:"regular","lvm"and"crypto"d-ipartman-auto/methodstringregulard-ipartman-auto/choose_recipeselectatomicd-ipartman-partitioning/confirm_write_new_labelbooleantrued-ipartman/choose_partitionselectfinishd-ipartman/confirmbooleantrued-ipartman/confirm_nooverwritebooleantrued-ipartman/mount_styleselectuuid#Ifoneofthedisksthataregoingtobeautomaticallypartitioned#containsanoldLVMconfiguration,theuserwillnormallyreceivea#warning.Thiscanbepreseededaway...#d-ipartman-auto/purge_lvm_from_devicebooleantrue#Andthesamegoesfortheconfirmationtowritethelvmpartitions.#d-ipartman-lvm/confirmbooleantrue#Youcanchoosefromanyofthepredefinedpartitioningrecipes.#Note:thismustbepreseededwithalocalized(translated)value.d-ipartman-auto/choose_recipe\selectAllfilesinonepartition(recommendedfornewusers)#d-ipartman-auto/choose_recipe\#selectSeparate/homepartition#d-ipartman-auto/choose_recipe\#selectSeparate/home,/usr,/var,and/tmppartitions#Orprovidearecipeofyourown...#Therecipeformatisdocumentedinthefiledevel/partman-auto-recipe.txt.#Ifyouhaveawaytogetarecipefileintothed-ienvironment,youcan#justpointatit.#d-ipartman-auto/expert_recipe_filestring/hd-media/recipe#Ifnot,youcanputanentirerecipeintothepreconfigurationfileinone#(logical)line.Thisexamplecreatesasmall/bootpartition,suitable#swap,andusestherestofthespacefortherootpartition:#d-ipartman-auto/expert_recipestring\#boot-root::\#4050100ext3\#$primary{}$bootable{}\#method{format}format{}\#use_filesystem{}filesystem{ext3}\#mountpoint{/boot}\#.\#500100001000000000ext3\#method{format}format{}\#use_filesystem{}filesystem{ext3}\#mountpoint{/}\#.\#64512300%linux-swap\#method{swap}format{}\#.#Thismakespartmanautomaticallypartitionwithoutconfirmation.d-ipartman/confirm_write_new_labelbooleantrued-ipartman/choose_partition\selectFinishpartitioningandwritechangestodiskd-ipartman/confirmbooleantrue###Clockandtimezonesetup#ControlswhetherornotthehardwareclockissettoUTC.d-iclock-setup/utcbooleantrue#Youmaysetthistoanyvalidsettingfor$TZ;seethecontentsof#/usr/share/zoneinfo/forvalidvalues.d-itime/zonestringAmerica/Caracas###Accountsetup#Skipcreationofarootaccount(normaluseraccountwillbeableto#usesudo).#d-ipasswd/root-loginbooleanfalse#Alternatively,toskipcreationofanormaluseraccount.#d-ipasswd/make-userbooleanfalse#Rootpassword,eitherincleartext#d-ipasswd/root-passwordpasswordr00tme#d-ipasswd/root-password-againpasswordr00tme#orencryptedusinganMD5hash.####d-ipasswd/root-password-cryptedpassword111111#Tocreateanormaluseraccount.####d-ipasswd/user-fullnamestringvit####d-ipasswd/usernamestringvit#Normaluser'spassword,eitherincleartext#d-ipasswd/user-passwordpasswordinsecure#d-ipasswd/user-password-againpasswordinsecure#orencryptedusinganMD5hash.####d-ipasswd/user-password-cryptedpassword111111#d-ipasswd/user-uidstring22223d-ipasswd/root-loginbooleanfalsed-ipasswd/user-fullnamestringd-ipasswd/usernamestringvitd-ipasswd/user-passwordpasswordvitd-ipasswd/user-password-againpasswordvit###Basesysteminstallation#Selecttheinitramfsgeneratorusedtogeneratetheinitrdfor2.6kernels.#d-ibase-installer/kernel/linux/initramfs-generatorsstringyaird###Aptsetup#Youcanchoosetoinstallnon-freeandcontribsoftware.#d-iapt-setup/non-freebooleantrue#d-iapt-setup/contribbooleantrue#Uncommentthisifyoudon'twanttouseanetworkmirror.#d-iapt-setup/use_mirrorbooleanfalse#Uncommentthistoavoidaddingsecuritysources,or#addahostnametouseadifferentseurverthansecurity.debian.org.#d-iapt-setup/security_hoststring#Additionalrepositories,local[0-9]available#d-iapt-setup/local0/repositorystring\#http://local.server/debianstablemain#d-iapt-setup/local0/commentstringlocalserver#Enabledeb-srclines#d-iapt-setup/local0/sourcebooleantrue#URLtothepublickeyofthelocalrepository;youmustprovideakeyor#aptwillcomplainabouttheunauthenticatedrepositoryandsothe#sources.listlinewillbeleftcommentedout#d-iapt-setup/local0/keystringhttp://local.server/key#Bydefaulttheinstallerrequiresthatrepositoriesbeauthenticated#usingaknowngpgkey.Thissettingcanbeusedtodisablethat#authentication.Warning:Insecure,notrecommended.d-idebian-installer/allow_unauthenticatedstringtrue###Packageselection#taskseltasksel/firstmultiselectstandard,web-server#Ifthedesktoptaskisselected,installthekdeandxfcedesktops#insteadofthedefaultgnomedesktop.#taskseltasksel/desktopmultiselectkde-desktop,xfce-desktoptaskseltasksel/firstmultiselectstandard,gnome-desktop#wedon'twantanytaskstaskseltasksel/firstmultiselect#Individualadditionalpackagestoinstalld-ipkgsel/includestringopenssh-serverbuild-essentialrsynclessfirmware-qlogicsudocron-aptntphostdebsumsdevscriptspciutilsethtoolopen-iscsid-ipkgsel/upgradeselectsafe-upgrade#Someversionsoftheinstallercanreportbackonwhatsoftwareyouhave#installed,andwhatsoftwareyouuse.Thedefaultisnottoreportback,#butsendingreportshelpstheprojectdeterminewhatsoftwareismost#popularandincludeitonCDs.popularity-contestpopularity-contest/participatebooleanfalse###Bootloaderinstallation#Grubisthedefaultbootloader(forx86).Ifyouwantliloinstalled#instead,uncommentthis:#d-igrub-installer/skipbooleantrue#Toalsoskipinstallinglilo,andinstallnobootloader,uncommentthis#too:#d-ililo-installer/skipbooleantrue#Thisisfairlysafetoset,itmakesgrubinstallautomaticallytotheMBR#ifnootheroperatingsystemisdetectedonthemachine.d-igrub-installer/only_debianbooleantrue#Thisonemakesgrub-installerinstalltotheMBRifitalsofindssomeother#OS,whichislesssafeasitmightnotbeabletobootthatotherOS.#d-igrub-installer/with_other_osbooleantrue#Alternatively,ifyouwanttoinstalltoalocationotherthanthembr,#uncommentandedittheselines:#d-igrub-installer/only_debianbooleantrue#d-igrub-installer/with_other_osbooleanfalse#d-igrub-installer/bootdevstring(hd0,0)#wehardcodeit,becauseotherwiseitmightenduponafiberchanneldevice#d-igrub-installer/bootdevstring/dev/cciss/c0d0#Toinstallgrubtomultipledisks:#d-igrub-installer/bootdevstring(hd0,0)(hd1,0)(hd2,0)###Finishingupthefirststageinstall#Avoidthatlastmessageabouttheinstallbeingcomplete.d-ifinish-install/reboot_in_progressnote#ThiswillpreventtheinstallerfromejectingtheCDduringthereboot,#whichisusefulinsomesituations.#d-icdrom-detect/ejectbooleanfalse##postfixpreseeding#Generaltypeofconfiguration?Default:InternetSite#Choices:Noconfiguration,InternetSite,Internetwithsmarthost,#Satellitesystem,Localonly#postfixpostfix/main_mailer_typeselectInternetwithsmarthost#Whereshouldmailforrootgo,Default:ifnotset,willspoollocally#postfixpostfix/root_addressstringfoo@bar.com#SMTPrelayhost?(blankfornone)Default:(none)#postfixpostfix/relayhoststringsmtp.example.com#Forcesynchronousupdatesonmailqueue?Default:false#postfixpostfix/chattrbooleantrue#Localnetworks?Default:"127.0.0.0/8"#blankusesthepostfixdefault(whichisbasedontheconnectedsubnets)#postfixpostfix/mynetworksstring#Useprocmailforlocaldelivery?Defaultstotrueif/usr/bin/procmailexists#postfixpostfix/procmailbooleanfalse#MailboxsizelimitDefault:0(unlimited),upstreamdefaultis51200000#postfixpostfix/mailbox_limitstring51200000#Localaddressextensioncharacter?Default:+#postfixpostfix/recipient_delimstring-#Internetprotocolstouse?Defaultisbasedoncheckingif#/proc/sys/net/ipv{4,6}exist#Choices:all,ipv6,ipv4#postfixpostfix/protocolsselectipv4###Preseedingotherpackages#Dependingonwhatsoftwareyouchoosetoinstall,orifthingsgowrong#duringtheinstallationprocess,it'spossiblethatotherquestionsmay#beasked.Youcanpreseedthosetoo,ofcourse.Togetalistofevery#possiblequestionthatcouldbeaskedduringaninstall,doan#installation,andthenrunthesecommands:#debconf-get-selections--installer file#debconf-get-selections file####Advancedoptions###Runningcustomcommandsduringtheinstallation#d-ipreseedingisinherentlynotsecure.Nothingintheinstallerchecks#forattemptsatbufferoverflowsorotherexploitsofthevaluesofa#preconfigurationfilelikethisone.Onlyusepreconfigurationfilesfrom#trustedlocations!Todrivethathome,andbecauseit'sgenerallyuseful,#here'sawaytorunanyshellcommandyou'dlikeinsidetheinstaller,#automatically.#Thisfirstcommandisrunasearlyaspossible,justafter#preseedingisread.#d-ipreseed/early_commandstringanna-installsome-udeb#Thiscommandisrunjustbeforetheinstallfinishes,butwhenthereis#stillausable/targetdirectory.Youcanchrootto/targetanduseit#directly,orusetheapt-installandin-targetcommandstoeasilyinstall#packagesandruncommandsinthetargetsystem.#d-ipreseed/late_commandstringapt-installzsh;in-targetchsh-s/bin/zsh#d-ipreseed/late_commandstringin-targetupdate-alternatives--seteditor/usr/bin/vim.tiny;echo"taggart ALL=(ALL)ALL" /target/etc/sudoers;sync
注意:用dvd搭建的局域网apt-mirror镜像源,在安装过程中需要Release及gpg认证,由于我们并不使用官方源安装系统,而我们自己的源又不含有公开的签名,在默认情况下,选择我们自己配置的源会出现错误,类似(在安装过程中可以按Ctrl+Alt+F4切换到第四个虚拟控制台,查看安装信息。按Ctrl+Alt+F1切换回安装界面)
dists/wheezy/Releaseisunsigned.
当时看到这个报错,我就跑偏了,在GPG加密这一块尝试了N久,还尝试了其他的无人值守FAI部署,其实要解决这个报错,我们只需要将两个配置文件做更改为如下即可:
root@duan:/var/lib/tftpboot/debian-installer/amd64/boot-screens#cattxt.cfgdefaultinstalllabelinstallmenulabel^Installmenudefaultkerneldebian-installer/amd64/linuxappendvga=788initrd=debian-installer/amd64/initrd.gzdebian-installer/allow_unauthenticated=true--quiet
cat/var/www/pxe/preseed.cfg|grepunauthenticated#aptwillcomplainabouttheunauthenticatedrepositoryandsothed-idebian-installer/allow_unauthenticatedstringtrue
也就是说忽略签名认证
5、安装
开机F12,并对preseed.cfg各选项做修改。
希望本篇文章能对大家有一定的启示,让大家尽量少走弯路,并实现在没有外网的情况下,快速完成debian的批量网络安装部署。
另:解决Debian PXE方式安装找不到硬盘的问题
是由于网络启动模式的initrd.gz中并未包含对应的驱动模块,导致无法发现硬盘。可以拿DVD光盘中install[.arch]目录下的initrd解压后获取驱动模块,与网络方式(netboot)安装的initrd合并后,重新制作新的initrd文件。
1. gunzip解压dvd中的initrd.gz并重命名为initrd-dvd
2. gunzip解压netboot中的initrd.gz并重命名为initrd-net
3. 解包initrd-dvd到dvd目录
mkdir dvd
cd dvd
cpio -i ../initrd-dvd
4. 解包initrd-net到net目录
mkdir net
cd net
cpio -i ../initrd-net
5. 将dvd版本中的驱动复制到net版(请调整目录名称)
cd ../dvd/lib/modules/3.2.0-4-amd64/kernel/drivers/
cp -a * ../../../../../../net/lib/modules/3.2.0-4-amd64/kernel/drivers/
6. 重新打包initrd
cd ../../../../../../net/#进入netboot解包目录
find | cpio -R 0:0 -o -H newc ../initrd
cd ..
gzip initrd
7. 复制initrd.gz到tftp目录测试PXE引导,Enjoy!
时间慢慢的流淌,人生有风雨阳光,
