使用Dnsmasq 部署GPXE 安裝 Centos7

實驗環境 1臺Centos7.6的虛擬機 ip: 192.168.148.17/24 配置PXE環境；新建一臺虛擬機作爲測試機

本次實驗採用 dnsmasq作爲dhcp、tftp服務器; vsftpd 提供安裝源

# 關閉防火牆
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
#syslinux 提供pxe啓動的引導文件
[root@localhost ~]# yum -y install dnsmasq vsftpd syslinux
[root@localhost ~]# mkdir /var/ftp/pub/centos7
[root@localhost ~]# systemctl enable dnsmasq vsftpd 
[root@localhost ~]# systemctl start  vsftpd 
[root@localhost ~]# mkdir /var/ftp/pub/centos7
[root@localhost ~]# mount /dev/sr0 /var/ftp/pub/centos7/
# 創建tftp服務目錄
[root@localhost ~]# mkdir /var/lib/dnsmasq/tftpboot/
[root@localhost ~]# cd /var/lib/dnsmasq/tftpboot/
[root@localhost tftpboot]# cp /usr/share/syslinux/{menu.c32,gpxelinux.0} .
[root@localhost tftpboot]# mkdir pxelinux.cfg
[root@localhost tftpboot]# cp /var/ftp/pub/centos7/isolinux/isolinux.cfg pxelinux.cfg/default
# 編輯default文件最終內容如下 Gpxe除了支持傳統的tftp還支持ftp,http方式下載文件
default menu.c32
timeout 600
menu title CentOS 7

label linux
  menu label ^Install CentOS 7
  kernel ftp://192.168.148.17/pub/centos7/isolinux/vmlinuz
  append initrd=ftp://192.168.148.17/pub/centos7/isolinux/initrd.img  inst.repo=ftp://192.168.148.17/pub/centos7/

label local
  menu label Boot from ^local drive
  menu default
  localboot 0xffff

# 在/etc/dnsmasq.d/ 創建pxe.conf  ;指定 dhcp地址池的範圍，啓用tftp功能,指定tftp服務器地址和引導文件；文件內容如下:
[root@localhost ~]# cat /etc/dnsmasq.d/pxe.conf 
dhcp-range=192.168.148.50,192.168.148.100,255.255.255.0,12h
enable-tftp
dhcp-boot=/var/lib/dnsmasq/tftpboot/gpxelinux.0,192.168.148.17

[root@localhost ~]# systemctl start dnsmasq
# 檢測ipv4 監聽的udp端口
[root@localhost ~]# ss -4  -unl
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
UNCONN     0      0                                       *:53                                                  *:*                  
UNCONN     0      0                                       *:67                                                  *:*                          
UNCONN     0      0                                       *:69                                                  *:* 

# 所需端口都正常開啓
# 如果需要開啓防火牆 需要添加對應的服務
[root@localhost ~]# systemctl enable firewalld
[root@localhost ~]# systemctl start firewalld
[root@localhost ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: ssh dhcpv6-client
  ports: 
  protocols: 

[root@localhost ~]#  firewall-cmd  --permanent --add-service=ftp
[root@localhost ~]#  firewall-cmd  --permanent --add-service=tftp
[root@localhost ~]#  firewall-cmd  --permanent --add-service=dhcp
[root@localhost ~]# firewall-cmd --reload
[root@localhost ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: ssh dhcpv6-client dhcp ftp tftp

啓動另一臺新的虛擬默認從網絡啓動進行系統安裝