1、图形化最小安装debian7.5操作系统
2、更改debian的apt源配置文件/etc/apt/sources.list
root@duan:~# cat /etc/apt/sources.list deb http://ftp.de.debian.org/debian wheezy main contrib non-free deb-src http://ftp.de.debian.org/debian wheezy main contrib non-free3、更新apt,并配置网络安装所需要的服务(DHCP、TFTP、HTTP)
root@duan:~# apt-get update root@duan:~# apt-get install isc-dhcp-server tftp-hpa apache2修改相关配置文件并重启相关服务
注:此处http的主要作用,就是将debian镜像及无人值守安装配置文件preseed.cfg,通过http服务提供给PXE客户端。
4、配置pxe开机引导文件
下载debian网络引导文件
root@duan:~# wget http://ftp.debian.org/debian/dists/Debian7.5/main/installer-amd64/current/p_w_picpaths/netboot/netboot.tar.gz将其解压到tftp根目录下
将其中 pxelinux.0 pxelinux.cfg两个文件拷贝到tftp根目录下
root@duan:/var/lib/tftpboot# ls debian-installer pxelinux.0 pxelinux.cfg编辑开机引导文件pxelinux.cfg/default
root@debian:/var/lib/tftpboot# cat pxelinux.cfg/default # D-I config version 2.0 include debian-installer/amd64/boot-screens/menu.cfg default debian-installer/amd64/boot-screens/vesamenu.c32 prompt 1 timeout 3 DEFAULT wheezy_amd64 LABEL wheezy_amd64 kernel debian-installer/amd64/linux append vga=normal initrd=debian-installer/amd64/initrd.gz auto=true interface=auto netcfg/dhcp_timeout=60 netcfg/choose_interface=auto priority=critical url=http://192.168.100.100/pxe/preseed.cfg DEBCONF_DEBUG=5 IPAPPEND 2编辑debian无人值守安装配置文件
配置文件比较详细的说明:http://www.debian.org/releases/stable/i386/apbs04.html.en
root@duan:~# cat /var/www/pxe/preseed.cfgroot@debian:~# cat /var/www/pxe/preseed.cfg #### Contents of the preconfiguration file ### Localization # Locale sets language and country. d-i debian-installer/locale string en_US d-i debian-installer/language string en d-i debian-installer/country string US d-i debian-installer/locale string en_US.UTF-8 d-i localechooser/supported-locales multiselect en_US.UTF-8 #d-i debian-installer/locale string en_US.UTF-8 # Keyboard selection. #d-i console-keymaps-at/keymap select us d-i console-keymaps-at/keymap select us d-i console-tools/archs select at d-i keyboard-configuration/xkb-keymap select us ### Network configuration # netcfg will choose an interface that has link if possible. This makes it # skip displaying a list if there is more than one interface. # doesn't work for blade servers :( #d-i netcfg/choose_interface select auto # To pick a particular interface instead: #d-i netcfg/choose_interface select eth0 #d-i netcfg/choose_interface select eth1 # If you have a slow dhcp server and the installer times out waiting for # it, this might be useful. #d-i netcfg/dhcp_timeout string 60 ### Mirror settings d-i mirror/country string manual d-i mirror/http/hostname string 192.168.100.100 d-i mirror/http/directory string /debian #d-i mirror/http/proxy string http://web-proxy:3128/ # Suite to install. d-i mirror/suite string wheezy ### Partitioning # Alternatively, you can specify a disk to partition. The device name # can be given in either devfs or traditional non-devfs format. # For example, to use the first disk: # We hard code the smartarray device #d-i partman-auto/disk string /dev/sda # In addition, you'll need to specify the method to use. # The presently available methods are: "regular", "lvm" and "crypto" d-i partman-auto/method string regular d-i partman-auto/choose_recipe select atomic d-i partman-partitioning/confirm_write_new_label boolean true d-i partman/choose_partition select finish d-i partman/confirm boolean true d-i partman/confirm_nooverwrite boolean true d-i partman/mount_style select uuid # If one of the disks that are going to be automatically partitioned # contains an old LVM configuration, the user will normally receive a # warning. This can be preseeded away... #d-i partman-auto/purge_lvm_from_device boolean true # And the same goes for the confirmation to write the lvm partitions. #d-i partman-lvm/confirm boolean true # You can choose from any of the predefined partitioning recipes. # Note: this must be preseeded with a localized (translated) value. d-i partman-auto/choose_recipe \ select All files in one partition (recommended for new users) #d-i partman-auto/choose_recipe \ # select Separate /home partition #d-i partman-auto/choose_recipe \ # select Separate /home, /usr, /var, and /tmp partitions # Or provide a recipe of your own... # The recipe format is documented in the file devel/partman-auto-recipe.txt. # If you have a way to get a recipe file into the d-i environment, you can # just point at it. #d-i partman-auto/expert_recipe_file string /hd-media/recipe # If not, you can put an entire recipe into the preconfiguration file in one # (logical) line. This example creates a small /boot partition, suitable # swap, and uses the rest of the space for the root partition: #d-i partman-auto/expert_recipe string \ # boot-root :: \ # 40 50 100 ext3 \ # $primary{ } $bootable{ } \ # method{ format } format{ } \ # use_filesystem{ } filesystem{ ext3 } \ # mountpoint{ /boot } \ # . \ # 500 10000 1000000000 ext3 \ # method{ format } format{ } \ # use_filesystem{ } filesystem{ ext3 } \ # mountpoint{ / } \ # . \ # 64 512 300% linux-swap \ # method{ swap } format{ } \ # . # This makes partman automatically partition without confirmation. d-i partman/confirm_write_new_label boolean true d-i partman/choose_partition \ select Finish partitioning and write changes to disk d-i partman/confirm boolean true ### Clock and time zone setup # Controls whether or not the hardware clock is set to UTC. d-i clock-setup/utc boolean true # You may set this to any valid setting for $TZ; see the contents of # /usr/share/zoneinfo/ for valid values. d-i time/zone string America/Caracas ### Account setup # Skip creation of a root account (normal user account will be able to # use sudo). #d-i passwd/root-login boolean false # Alternatively, to skip creation of a normal user account. #d-i passwd/make-user boolean false # Root password, either in clear text #d-i passwd/root-password password r00tme #d-i passwd/root-password-again password r00tme # or encrypted using an MD5 hash. ####d-i passwd/root-password-crypted password 111111 # To create a normal user account. ####d-i passwd/user-fullname string vit ####d-i passwd/username string vit # Normal user's password, either in clear text #d-i passwd/user-password password insecure #d-i passwd/user-password-again password insecure # or encrypted using an MD5 hash. ####d-i passwd/user-password-crypted password 111111 #d-i passwd/user-uid string 22223 d-i passwd/root-login boolean false d-i passwd/user-fullname string d-i passwd/username string vit d-i passwd/user-password password vit d-i passwd/user-password-again password vit ### Base system installation # Select the initramfs generator used to generate the initrd for 2.6 kernels. #d-i base-installer/kernel/linux/initramfs-generators string yaird ### Apt setup # You can choose to install non-free and contrib software. #d-i apt-setup/non-free boolean true #d-i apt-setup/contrib boolean true # Uncomment this if you don't want to use a network mirror. #d-i apt-setup/use_mirror boolean false # Uncomment this to avoid adding security sources, or # add a hostname to use a different seurver than security.debian.org. #d-i apt-setup/security_host string # Additional repositories, local[0-9] available #d-i apt-setup/local0/repository string \ # http://local.server/debian stable main #d-i apt-setup/local0/comment string local server # Enable deb-src lines #d-i apt-setup/local0/source boolean true # URL to the public key of the local repository; you must provide a key or # apt will complain about the unauthenticated repository and so the # sources.list line will be left commented out #d-i apt-setup/local0/key string http://local.server/key # By default the installer requires that repositories be authenticated # using a known gpg key. This setting can be used to disable that # authentication. Warning: Insecure, not recommended. d-i debian-installer/allow_unauthenticated string true ### Package selection #tasksel tasksel/first multiselect standard, web-server # If the desktop task is selected, install the kde and xfce desktops # instead of the default gnome desktop. #tasksel tasksel/desktop multiselect kde-desktop, xfce-desktop tasksel tasksel/first multiselect standard, gnome-desktop # we don't want any tasks tasksel tasksel/first multiselect # Individual additional packages to install d-i pkgsel/include string openssh-server build-essential rsync less firmware-qlogic sudo cron-apt ntp host debsums devscripts pciutils ethtool open-iscsi d-i pkgsel/upgrade select safe-upgrade # Some versions of the installer can report back on what software you have # installed, and what software you use. The default is not to report back, # but sending reports helps the project determine what software is most # popular and include it on CDs. popularity-contest popularity-contest/participate boolean false ### Boot loader installation # Grub is the default boot loader (for x86). If you want lilo installed # instead, uncomment this: #d-i grub-installer/skip boolean true # To also skip installing lilo, and install no bootloader, uncomment this # too: #d-i lilo-installer/skip boolean true # This is fairly safe to set, it makes grub install automatically to the MBR # if no other operating system is detected on the machine. d-i grub-installer/only_debian boolean true # This one makes grub-installer install to the MBR if it also finds some other # OS, which is less safe as it might not be able to boot that other OS. #d-i grub-installer/with_other_os boolean true # Alternatively, if you want to install to a location other than the mbr, # uncomment and edit these lines: #d-i grub-installer/only_debian boolean true #d-i grub-installer/with_other_os boolean false #d-i grub-installer/bootdev string (hd0,0) # we hardcode it, because otherwise it might end up on a fiber channel device #d-i grub-installer/bootdev string /dev/cciss/c0d0 # To install grub to multiple disks: #d-i grub-installer/bootdev string (hd0,0) (hd1,0) (hd2,0) ### Finishing up the first stage install # Avoid that last message about the install being complete. d-i finish-install/reboot_in_progress note # This will prevent the installer from ejecting the CD during the reboot, # which is useful in some situations. #d-i cdrom-detect/eject boolean false ## postfix preseeding # General type of configuration? Default:Internet Site # Choices: No configuration, Internet Site, Internet with smarthost, # Satellite system, Local only #postfix postfix/main_mailer_type select Internet with smarthost # Where should mail for root go, Default:if not set, will spool locally #postfix postfix/root_address string foo@bar.com # SMTP relay host? (blank for none) Default:(none) #postfix postfix/relayhost string smtp.example.com # Force synchronous updates on mail queue? Default:false #postfix postfix/chattr boolean true # Local networks? Default:"127.0.0.0/8" # blank uses the postfix default (which is based on the connected subnets) #postfix postfix/mynetworks string # Use procmail for local delivery? Defaults to true if /usr/bin/procmail exists #postfix postfix/procmail boolean false # Mailbox size limit Default:0 (unlimited), upstream default is 51200000 #postfix postfix/mailbox_limit string 51200000 # Local address extension character? Default:+ #postfix postfix/recipient_delim string - # Internet protocols to use? Default is based on checking if # /proc/sys/net/ipv{4,6} exist # Choices: all, ipv6, ipv4 #postfix postfix/protocols select ipv4 ### Preseeding other packages # Depending on what software you choose to install, or if things go wrong # during the installation process, it's possible that other questions may # be asked. You can preseed those too, of course. To get a list of every # possible question that could be asked during an install, do an # installation, and then run these commands: # debconf-get-selections --installer > file # debconf-get-selections >> file #### Advanced options ### Running custom commands during the installation # d-i preseeding is inherently not secure. Nothing in the installer checks # for attempts at buffer overflows or other exploits of the values of a # preconfiguration file like this one. Only use preconfiguration files from # trusted locations! To drive that home, and because it's generally useful, # here's a way to run any shell command you'd like inside the installer, # automatically. # This first command is run as early as possible, just after # preseeding is read. #d-i preseed/early_command string anna-install some-udeb # This command is run just before the install finishes, but when there is # still a usable /target directory. You can chroot to /target and use it # directly, or use the apt-install and in-target commands to easily install # packages and run commands in the target system. #d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh #d-i preseed/late_command string in-target update-alternatives --set editor /usr/bin/vim.tiny;echo "taggart ALL=(ALL) ALL">>/target/etc/sudoers;sync注意:用dvd搭建的局域网apt-mirror镜像源,在安装过程中需要Release及gpg认证,由于我们并不使用官方源安装系统,而我们自己的源又不含有公开的签名,在默认情况下,选择我们自己配置的源会出现错误,类似(在安装过程中可以按Ctrl+Alt+F4切换到第四个虚拟控制台,查看安装信息。按Ctrl+Alt+F1切换回安装界面)
dists/wheezy/Release is unsigned.当时看到这个报错,我就跑偏了,在GPG加密这一块尝试了N久,还尝试了其他的无人值守FAI部署,其实要解决这个报错,我们只需要将两个配置文件做更改为如下即可:
root@duan:/var/lib/tftpboot/debian-installer/amd64/boot-screens# cat txt.cfg default install label install menu label ^Install menu default kernel debian-installer/amd64/linux append vga=788 initrd=debian-installer/amd64/initrd.gz debian-installer/allow_unauthenticated=true -- quietcat /var/www/pxe/preseed.cfg |grep unauthenticated # apt will complain about the unauthenticated repository and so the d-i debian-installer/allow_unauthenticated string true也就是说忽略签名认证
5、安装
开机F12,并对preseed.cfg各选项做修改。
希望本篇文章能对大家有一定的启示,让大家尽量少走弯路,并实现在没有外网的情况下,快速完成debian的批量网络安装部署。
另:解决Debian PXE方式安装找不到硬盘的问题
是由于网络启动模式的initrd.gz中并未包含对应的驱动模块,导致无法发现硬盘。可以拿DVD光盘中install[.arch]目录下的initrd解压后获取驱动模块,与网络方式(netboot)安装的initrd合并后,重新制作新的initrd文件。
1. gunzip解压dvd中的initrd.gz并重命名为initrd-dvd
2. gunzip解压netboot中的initrd.gz并重命名为initrd-net
3. 解包initrd-dvd到dvd目录
mkdir dvd
cd dvd
cpio -i < ../initrd-dvd
4. 解包initrd-net到net目录
mkdir net
cd net
cpio -i < ../initrd-net
5. 将dvd版本中的驱动复制到net版(请调整目录名称)
cd ../dvd/lib/modules/3.2.0-4-amd64/kernel/drivers/
cp -a * ../../../../../../net/lib/modules/3.2.0-4-amd64/kernel/drivers/
6. 重新打包initrd
cd ../../../../../../net/#进入netboot解包目录
find | cpio -R 0:0 -o -H newc > ../initrd
cd ..
gzip initrd
7. 复制initrd.gz到tftp目录测试PXE引导,Enjoy!