1、图形化最小安装debian7.5操作系统
2、更改debian的apt源配置文件/etc/apt/sources.list
[email protected]:~# cat /etc/apt/sources.list deb http://ftp.de.debian.org/debian wheezy main contrib non-free deb-src http://ftp.de.debian.org/debian wheezy main contrib non-free
3、更新apt,并配置网络安装所需要的服务(DHCP、TFTP、HTTP)
[email protected]:~# apt-get update [email protected]:~# apt-get install isc-dhcp-server tftp-hpa apache2
修改相关配置文件并重启相关服务
##### DHCP #####
cat /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
allow booting;
subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.128 192.168.100.253;
option broadcast-address 192.168.100.255;
option routers 192.168.100.100; # our router
option domain-name-servers 192.168.100.100; # our router, again
filename "pxelinux.0"; # (this we will provide later)
}
group {
next-server 192.168.100.100; # our Server
host tftpclient {
filename "pxelinux.0"; # (this we will provide later)
}
}
###### TFTP ##### [email protected]:~# cat /etc/default/tftpd-hpa # /etc/default/tftpd-hpa TFTP_USERNAME="tftp" TFTP_DIRECTORY="/var/lib/tftpboot" TFTP_ADDRESS="0.0.0.0:69" TFTP_OPTIONS="--secure"
##### HTTP ##### [email protected]:~# mkdir -p /var/www/debian/ [email protected]:~# mkdir -p /var/www/pxe/ [email protected]:/var/www/pxe# ls /var/www/pxe preseed.cfg [email protected]:/var/www/pxe# ls /var/www/debian/ autorun.inf dists g2ldr isolinuxREADME.html README.txt boot doc g2ldr.mbr md5sum.txtREADME.mirrors.html setup.exe css efi install picsREADME.mirrors.txt tools debian firmware install.amd poolREADME.source win32-loader.ini [email protected]:~# df -h Filesystem Size Used Avail Use% Mounted on rootfs 38G 7.7G 29G 22% / udev 10M 0 10M 0% /dev tmpfs 100M 660K 99M 1% /run /dev/disk/by-uuid/7b490b3d-5fe2-4929-bd37-7d97f8932890 38G 7.7G 29G 22% / tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 541M 336K 541M 1% /run/shm /dev/loop0 3.7G 3.7G 0 100% /var/www/debian
注:此处http的主要作用,就是将debian镜像及无人值守安装配置文件preseed.cfg,通过http服务提供给PXE客户端。
4、配置pxe开机引导文件
下载debian网络引导文件
[email protected]:~# wget http://ftp.debian.org/debian/dists/Debian7.5/main/installer-amd64/current/images/netboot/netboot.tar.gz
将其解压到tftp根目录下
[email protected]:~# tar -zxvf netboot.tar.gz -C /var/lib/tftpboot
将其中 pxelinux.0 pxelinux.cfg两个文件拷贝到tftp根目录下
[email protected]:/var/lib/tftpboot# ls debian-installer pxelinux.0 pxelinux.cfg
编辑开机引导文件pxelinux.cfg/default
[email protected]:/var/lib/tftpboot# cat pxelinux.cfg/default # D-I config version 2.0 include debian-installer/amd64/boot-screens/menu.cfg default debian-installer/amd64/boot-screens/vesamenu.c32 prompt 1 timeout 3 DEFAULT wheezy_amd64 LABEL wheezy_amd64 kernel debian-installer/amd64/linux append vga=normal initrd=debian-installer/amd64/initrd.gz auto=true interface=auto netcfg/dhcp_timeout=60 netcfg/choose_interface=auto priority=critical url=http://192.168.100.100/pxe/preseed.cfg DEBCONF_DEBUG=5 IPAPPEND 2
编辑debian无人值守安装配置文件
[email protected]:~# cat /var/www/pxe/preseed.cfg
#### Contents of the preconfiguration file
### Localization
# Locale sets language and country.
d-i debian-installer/locale string en_US
# Keyboard selection.
d-i console-keymaps-at/keymap select us
### Network configuration
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
# doesn‘t work for blade servers :(
#d-i netcfg/choose_interface select auto
# To pick a particular interface instead:
#d-i netcfg/choose_interface select eth0
#d-i netcfg/choose_interface select eth1
# If you have a slow dhcp server and the installer times out waiting for
# it, this might be useful.
#d-i netcfg/dhcp_timeout string 60
### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string 192.168.100.100
d-i mirror/http/directory string /debian
#d-i mirror/http/proxy string http://web-proxy:3128/
# Suite to install.
d-i mirror/suite string etch
### Partitioning
# Alternatively, you can specify a disk to partition. The device name
# can be given in either devfs or traditional non-devfs format.
# For example, to use the first disk:
# We hard code the smartarray device
d-i partman-auto/disk string /dev/cciss/c0d0
# In addition, you‘ll need to specify the method to use.
# The presently available methods are: "regular", "lvm" and "crypto"
d-i partman-auto/method string regular
# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-auto/purge_lvm_from_device boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
# You can choose from any of the predefined partitioning recipes.
# Note: this must be preseeded with a localized (translated) value.
d-i partman-auto/choose_recipe select All files in one partition (recommended for new users)
#d-i partman-auto/choose_recipe # select Separate /home partition
#d-i partman-auto/choose_recipe # select Separate /home, /usr, /var, and /tmp partitions
# Or provide a recipe of your own...
# The recipe format is documented in the file devel/partman-auto-recipe.txt.
# If you have a way to get a recipe file into the d-i environment, you can
# just point at it.
#d-i partman-auto/expert_recipe_file string /hd-media/recipe
# If not, you can put an entire recipe into the preconfiguration file in one
# (logical) line. This example creates a small /boot partition, suitable
# swap, and uses the rest of the space for the root partition:
#d-i partman-auto/expert_recipe string # boot-root :: # 40 50 100 ext3 # $primary{ } $bootable{ } # method{ format } format{ } # use_filesystem{ } filesystem{ ext3 } # mountpoint{ /boot } # . # 500 10000 1000000000 ext3 # method{ format } format{ } # use_filesystem{ } filesystem{ ext3 } # mountpoint{ / } # . # 64 512 300% linux-swap # method{ swap } format{ } # .
# This makes partman automatically partition without confirmation.
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select Finish partitioning and write changes to disk
d-i partman/confirm boolean true
### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string US/Mountain
### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
#d-i passwd/root-login boolean false
# Alternatively, to skip creation of a normal user account.
#d-i passwd/make-user boolean false
# Root password, either in clear text
#d-i passwd/root-password password r00tme
#d-i passwd/root-password-again password r00tme
# or encrypted using an MD5 hash.
d-i passwd/root-password-crypted password xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# To create a normal user account.
d-i passwd/user-fullname string Matt Taggart
d-i passwd/username string taggart
# Normal user‘s password, either in clear text
#d-i passwd/user-password password insecure
#d-i passwd/user-password-again password insecure
# or encrypted using an MD5 hash.
d-i passwd/user-password-crypted password xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
d-i passwd/user-uid string 22223
### Base system installation
# Select the initramfs generator used to generate the initrd for 2.6 kernels.
#d-i base-installer/kernel/linux/initramfs-generators string yaird
### Apt setup
# You can choose to install non-free and contrib software.
d-i apt-setup/non-free boolean true
d-i apt-setup/contrib boolean true
# Uncomment this if you don‘t want to use a network mirror.
#d-i apt-setup/use_mirror boolean false
# Uncomment this to avoid adding security sources, or
# add a hostname to use a different server than security.debian.org.
#d-i apt-setup/security_host string
# Additional repositories, local[0-9] available
#d-i apt-setup/local0/repository string # http://local.server/debian stable main
#d-i apt-setup/local0/comment string local server
# Enable deb-src lines
#d-i apt-setup/local0/source boolean true
# URL to the public key of the local repository; you must provide a key or
# apt will complain about the unauthenticated repository and so the
# sources.list line will be left commented out
#d-i apt-setup/local0/key string http://local.server/key
# By default the installer requires that repositories be authenticated
# using a known gpg key. This setting can be used to disable that
# authentication. Warning: Insecure, not recommended.
#d-i debian-installer/allow_unauthenticated string true
### Package selection
#tasksel tasksel/first multiselect standard, web-server
# If the desktop task is selected, install the kde and xfce desktops
# instead of the default gnome desktop.
#tasksel tasksel/desktop multiselect kde-desktop, xfce-desktop
#tasksel tasksel/first multiselect standard, kde-desktop
# we don‘t want any tasks
tasksel tasksel/first multiselect
# Individual additional packages to install
d-i pkgsel/include string openssh-server build-essential rsync less firmware-qlogic sudo cron-apt ntp host debsums devscripts pciutils ethtool
# Some versions of the installer can report back on what software you have
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
popularity-contest popularity-contest/participate boolean false
### Boot loader installation
# Grub is the default boot loader (for x86). If you want lilo installed
# instead, uncomment this:
#d-i grub-installer/skip boolean true
# To also skip installing lilo, and install no bootloader, uncomment this
# too:
#d-i lilo-installer/skip boolean true
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true
# This one makes grub-installer install to the MBR if it also finds some other
# OS, which is less safe as it might not be able to boot that other OS.
d-i grub-installer/with_other_os boolean true
# Alternatively, if you want to install to a location other than the mbr,
# uncomment and edit these lines:
#d-i grub-installer/only_debian boolean false
#d-i grub-installer/with_other_os boolean false
#d-i grub-installer/bootdev string (hd0,0)
# we hardcode it, because otherwise it might end up on a fiber channel device
d-i grub-installer/bootdev string /dev/cciss/c0d0
# To install grub to multiple disks:
#d-i grub-installer/bootdev string (hd0,0) (hd1,0) (hd2,0)
### Finishing up the first stage install
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note
# This will prevent the installer from ejecting the CD during the reboot,
# which is useful in some situations.
#d-i cdrom-detect/eject boolean false
## postfix preseeding
# General type of configuration? Default:Internet Site
# Choices: No configuration, Internet Site, Internet with smarthost,
# Satellite system, Local only
#postfix postfix/main_mailer_type select Internet with smarthost
# Where should mail for root go, Default:if not set, will spool locally
postfix postfix/root_address string [email protected]
# SMTP relay host? (blank for none) Default:(none)
#postfix postfix/relayhost string smtp.example.com
# Force synchronous updates on mail queue? Default:false
#postfix postfix/chattr boolean true
# Local networks? Default:"127.0.0.0/8"
# blank uses the postfix default (which is based on the connected subnets)
#postfix postfix/mynetworks string
# Use procmail for local delivery? Defaults to true if /usr/bin/procmail exists
#postfix postfix/procmail boolean false
# Mailbox size limit Default:0 (unlimited), upstream default is 51200000
postfix postfix/mailbox_limit string 51200000
# Local address extension character? Default:+
#postfix postfix/recipient_delim string -
# Internet protocols to use? Default is based on checking if
# /proc/sys/net/ipv{4,6} exist
# Choices: all, ipv6, ipv4
postfix postfix/protocols select ipv4
### Preseeding other packages
# Depending on what software you choose to install, or if things go wrong
# during the installation process, it‘s possible that other questions may
# be asked. You can preseed those too, of course. To get a list of every
# possible question that could be asked during an install, do an
# installation, and then run these commands:
# debconf-get-selections --installer > file
# debconf-get-selections >> file
#### Advanced options
### Running custom commands during the installation
# d-i preseeding is inherently not secure. Nothing in the installer checks
# for attempts at buffer overflows or other exploits of the values of a
# preconfiguration file like this one. Only use preconfiguration files from
# trusted locations! To drive that home, and because it‘s generally useful,
# here‘s a way to run any shell command you‘d like inside the installer,
# automatically.
# This first command is run as early as possible, just after
# preseeding is read.
#d-i preseed/early_command string anna-install some-udeb
# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
#d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh
d-i preseed/late_command string in-target update-alternatives --set editor /usr/bin/vim.tiny;echo "taggart ALL=(ALL) ALL">>/target/etc/sudoers;sync
注意:用dvd搭建的局域网apt-mirror镜像源,在安装过程中需要Release及gpg认证,由于我们并不使用官方源安装系统,而我们自己的源又不含有公开的签名,在默认情况下,选择我们自己配置的源会出现错误,类似(在安装过程中可以按Ctrl+Alt+F4切换到第四个虚拟控制台,查看安装信息。按Ctrl+Alt+F1切换回安装界面)
dists/wheezy/Release is unsigned.
当时看到这个报错,我就跑偏了,在GPG加密这一块尝试了N久,还尝试了其他的无人值守FAI部署,其实要解决这个报错,我们只需要将两个配置文件做更改为如下即可:
[email protected]:/var/lib/tftpboot/debian-installer/amd64/boot-screens# cat txt.cfg default install label install menu label ^Install menu default kernel debian-installer/amd64/linux append vga=788 initrd=debian-installer/amd64/initrd.gz debian-installer/allow_unauthenticated=true -- quiet
cat /var/www/pxe/preseed.cfg |grep unauthenticated # apt will complain about the unauthenticated repository and so the d-i debian-installer/allow_unauthenticated string true
也就是说忽略签名认证
5、安装
开机F12,并对preseed.cfg各选项做修改。
希望本篇文章能对大家有一定的启示,让大家尽量少走弯路,并实现在没有外网的情况下,快速完成debian的批量网络安装部署。
用debian 7.5 cd/dvd 搭建局域网mirror镜像源来批量网络无人值守安装debian,布布扣,bubuko.com
时间: 2024-12-25 19:03:36