PXE(Preboot eXecution Environment,预启动执行环境)是一种网络启动协议,允许计算机通过网络启动而不是使用本地硬盘。PXE服务器是实现这一功能的服务器,它提供了启动镜像和引导加载程序,使得客户端计算机可以通过网络启动并安装操作系统或运行其他软件。
在Debian系统中,要设置一个PXE服务器,您需要以下几个组件:
在Debian中,可以使用以下软件包来设置PXE服务器:
debian | debian 历史版 | debian 发行版 | debian 安装 | debian preseed.cfg自动化编排 | debian dhcp 配置 | netboot 下载 | Debian 全球镜像站 |
download | download | 参考 | 参考 | 参考 | 参考 | download | download |
d-i mirror/http/hostname string 192.168.11.70 内网镜像挂载安装方式配置参考 d-i mirror/http/directory string /debian12 d-i mirror/http/proxy string
vim /pxe_server_install.sh
#!/bin/bash # -*- coding: utf-8 -*- # Author: make.han # Email: CIASM@CIASM # Date: 2024/07/12 # install PXE Server debian 12 # preseed.cfg 编排 #https://www.debian.org/releases/stable/amd64/apbs04.zh-cn.html#ftn.idm3455 # TFTP 网络引导准备文件 #https://www.debian.org/releases/stable/amd64/ch04s05.zh-cn.html # 安装手册 #https://www.debian.org/releases/stable #dhcp ip address nic_network_name=`ifconfig -s | awk 'NR>1 && !/^lo/ && !/^idrac/ && !/^br/ && !/^veth/ && !/^docker/{print $1; exit}'` host_IP=`ifconfig -a | grep inet | grep -v '127.0.0.1' | awk '{ print $2}' | awk 'NR==1'` IP="192.168.11.69" MASK="255.255.255.0" BROADCAST_ADDRESS="192.168.11.255" ROUTERS="192.168.11.1" SUBNET="192.168.11.0" DNS="8.8.8.8" RANGE="192.168.11.56 192.168.11.250" # root用户,普通用户 密码使用crypt(3)哈希进行加密(apt install -y whois) (mkpasswd -m sha-512 生成密钥) root_password='$6$5vShu8v/wRoByWOr$0uGqOl9W40u.hXXZwLBrP6jGFubcw.UM3JE13eOkdm7RsfcnseVsCe1YBR6VawPtFH4rNROi2sJ35X98dNO.C/' host_name=debian common_user=debian common_password='$6$5vShu8v/wRoByWOr$0uGqOl9W40u.hXXZwLBrP6jGFubcw.UM3JE13eOkdm7RsfcnseVsCe1YBR6VawPtFH4rNROi2sJ35X98dNO.C/' time_zone="Asia/Shanghai" mirror="ftp.cn.debian.org" tftp_port=69 install_pxe_server (){ if ! [ -x "$(command -v dhcpd)" ]; then if [ $? -eq 0 ];then echo "install firewalld" apt install -y firewalld curl firewall-cmd --zone=public --add-port=$tftp_port/tcp --permanent && firewall-cmd --reload firewall-cmd --zone=public --add-port=$tftp_port/udp --permanent && firewall-cmd --reload echo "install whois mkpasswd" apt install -y whois echo "install dhcp" apt install -y isc-dhcp-server echo "isc-dhcp-server add nic" sed -i "s/^INTERFACESv4=.*$/INTERFACESv4=\"$nic_network_name\"/" /etc/default/isc-dhcp-server echo "configuration dhcpd.conf" rm -rf /etc/dhcp/dhcpd.conf cat <>/etc/dhcp/dhcpd.conf option domain-name "$DNS"; option domain-name-servers $DNS; default-lease-time 2592000; max-lease-time 2592000; authoritative; # add follows option space pxelinux; option pxelinux.magic code 208 = string; option pxelinux.configfile code 209 = text; option pxelinux.pathprefix code 210 = text; option pxelinux.reboottime code 211 = unsigned integer 32; option architecture-type code 93 = unsigned integer 16; subnet $SUBNET netmask $MASK { range dynamic-bootp $RANGE; option broadcast-address $BROADCAST_ADDRESS; option routers $ROUTERS; #add follows class "pxeclients" { match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; # PXE servers hostname or IP address next-server $IP; if option architecture-type = 00:07 { filename "debian-installer/amd64/bootnetx64.efi"; } else { filename "pxelinux.0"; } } } EOF echo "install tftpd-hpa" apt install -y tftpd-hpa echo "configuration tftpd-hpa" rm -rf /etc/default/tftpd-hpa cat <>/etc/default/tftpd-hpa TFTP_USERNAME="tftp" TFTP_DIRECTORY="/var/lib/tftp/" TFTP_ADDRESS=":69" TFTP_OPTIONS="--secure" EOF echo "Create a new tftp directory" mkdir -p /var/lib/tftp/ echo "start tftpd-hpa" systemctl enable tftpd-hpa systemctl start tftpd-hpa echo "downlaod netboot" curl -o /var/lib/tftp/netboot.tar.gz http://mirrors.ustc.edu.cn/debian/dists/bookworm/main/installer-amd64/current/images/netboot/netboot.tar.gz tar -xf /var/lib/tftp/netboot.tar.gz -C /var/lib/tftp/ echo "bios configuration default" rm -rf /var/lib/tftp/pxelinux.cfg/default cat <>/var/lib/tftp/debian-installer/amd64/grub/grub.cfg set default=3 set timeout=10 set gfxpayload=keep set menu_color_highlight=cyan/black set menu_color_normal=white/black set color_normal=white/black function load_video { insmod efi_gop insmod efi_uga insmod video_bochs insmod video_cirrus insmod all_video } load_video insmod gzio insmod part_msdos insmod part_gpt insmod ext2 insmod xfs insmod png insmod gfxterm insmod gfxmenu terminal_output gfxterm background_image -m stretch bg.png menuentry 'EFI Firmware System Setup' 'uefi-firmware' { fwsetup } menuentry 'Reboot System' { reboot } menuentry 'Shutdown System' { halt } menuentry 'Auto Install debian 12 shell' { linuxefi debian-installer/amd64/linux ip=dhcp auto=true priority=critical vga=788 preseed/url=tftp://${host_IP}/preseed/debian-12-preseed.cfg initrdefi debian-installer/amd64/initrd.gz } EOF echo "bios+ uefi establish debian-12-preseed.cfg" cat <>/var/lib/tftp/preseed/debian-12-preseed.cfg # 地区设置语言、国家和地区 d-i debian-installer/locale string en_US d-i debian-installer/language string en d-i debian-installer/country string CN d-i debian-installer/locale string en_GB.UTF-8 d-i localechooser/supported-locales multiselect en_US.UTF-8, zh_CN.UTF-8 # 配置键盘 d-i keyboard-configuration/xkb-keymap select us # 配置自动配置网络DHCP d-i netcfg/choose_interface select auto # 配置hostname和domain d-i netcfg/get_hostname string $host_name d-i netcfg/get_domain string $host_name # 指定软件包镜像源的设置 d-i mirror/country string manual d-i mirror/protocol string http d-i mirror/http/hostname string $mirror d-i mirror/http/directory string /debian d-i mirror/http/proxy string # 内网软件包镜像源的设置 #d-i mirror/http/hostname string 192.168.11.70 #d-i mirror/http/directory string /debian12 #d-i mirror/http/proxy string # 选择软件包,标准系统实用程序 tasksel tasksel/first multiselect standard ssh-server #开启root登录并设置root密码,关闭普通用户创建 d-i passwd/root-login boolean true d-i passwd/make-user boolean false # Root密码,可以是明文 #d-i passwd/root-password password $root_password #d-i passwd/root-password-again password $root_password # root用户密码使用crypt(3)哈希进行加密(apt install -y whois) (mkpasswd -m sha-512 生成密钥) d-i passwd/root-password-crypted password $root_password # 普通用户创建 #d-i passwd/make-user boolean true #d-i passwd/user-fullname string Debian User #d-i passwd/username string $common_user # 普通用户密码,可以是明文 #d-i passwd/user-password password $common_password #d-i passwd/user-password-again password $common_password # 普通用户密码使用crypt(3)哈希进行加密(apt install -y whois) (mkpasswd -m sha-512 生成密钥) #d-i passwd/user-password-crypted password $common_password #允许弱密码在用户账户创建时被接受 d-i user-setup/allow-password-weak boolean true # 时钟与时区设置 d-i clock-setup/utc boolean true d-i time/zone string $time_zone d-i clock-setup/ntp boolean false #d-i clock-setup/ntp-server string ntp.example.com # uefi引导,强制使用gpt分区表 #d-i partman-efi/non_efi_system boolean true #d-i partman-partitioning/choose_label string gpt #d-i partman-partitioning/default_label string gpt # 配置磁盘 LVM xfs d-i partman-auto/method string lvm d-i partman-auto/disk string /dev/sda d-i partman-lvm/device_remove_lvm boolean true d-i partman-lvm/confirm boolean true d-i partman-lvm/confirm_nooverwrite boolean true d-i partman-auto/choose_recipe select atomic d-i partman/default_filesystem string xfs # partman在没有确认的情况下自动分区 d-i partman-partitioning/confirm_write_new_label boolean true d-i partman/choose_partition select finish d-i partman/confirm boolean true d-i partman/confirm_nooverwrite boolean true # 基本系统安装 #d-i base-installer/kernel/p_w_picpath string linux-server #设置apt #d-i apt-setup/security_host string mirrors.aliyun.com #d-i apt-setup/security_path string /ubuntu #d-i debian-installer/allow_unauthenticated string false #d-i pkgsel/upgrade select safe-upgrade #d-i pkgsel/language-packs multiselect #d-i pkgsel/update-policy select none #d-i pkgsel/updatedb boolean trueb # 禁止在安装的时候弹出CD/DVD扫描提示 d-i apt-setup/non-free boolean true d-i apt-setup/contrib boolean true d-i apt-setup/cdrom/set-first boolean false d-i apt-setup/cdrom/set-next boolean false d-i apt-setup/cdrom/set-failed boolean false # 安装额外的软件包,不更新系统 d-i pkgsel/include string openssh-server vim vim-tiny sudo whois git firewalld curl d-i pkgsel/upgrade select none # grub安装 d-i grub-installer/only_debian boolean true d-i grub-installer/with_other_os boolean true d-i grub-installer/bootdev string default d-i grub-installer/skip boolean false d-i grub-installer/bootdev string /dev/sda #d-i lilo-installer/skip boolean false # 安装完成之后不要弹出安装完成的界面,直接重启 d-i finish-install/reboot_in_progress note # 允许ssh服务使用root用户登录 d-i preseed/late_command string in-target sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config EOF echo "restart dhcp" systemctl enable isc-dhcp-server echo "restart tftpd-hpa isc-dhcp-server" systemctl restart tftpd-hpa isc-dhcp-server echo -e "\033[32mThe pxe server Install Sussess...\033[0m" else echo -e "\033[33mThe pxe server Install Failed...\033[0m" exit 1 fi else echo -e "\033[31mThe pxe server Install already...\033[0m" fi } main (){ install_pxe_server } main
bash /pxe_server_install.sh