티스토리 뷰
[CentOS] UEFI Kickstart 만들기(Hyper-V2세대 - PXELinux)
UEFI란?
BIOS를 대체하는 펌웨어 규격입니다. 사용자가 느끼는 BIOS와 UEFI의 가장 큰 차이점은 사용자 인터페이스 GUI와 GPT 파티션 지원입니다. 그 이외에 보안부팅, 빠른부팅 등을 지원합니다. Hyper-V를 통해 가상컴퓨터 생성 시 1세대는 BIOS, 2세대는 UEFI를 지원합니다.
UEFI Mode Kickstart 구성
기존에 PXELinux를 통한 Kickstart는 BIOS Mode의 서버에서 작동하며 UEFI Mode를 사용하는 서버에서 작동하지 않습니다. 따라서 UEFI Mode에 맞는 Kickstart 환경을 구성해야 합니다.
PXELinux(BIOS Mode) Kickstart 구성은 아래의 포스팅을 참조 부탁드립니다.
- [Linux] CentOS 6.x 자동설치 Kickstart 만들기
FTP Service 과정은 Linux Install Image에 대한 전송 부분으로 NFS 또는 기타 파일공유 및 전송 어플리케이션을 사용해도 무방합니다.
BIOS Mode & UEFI Mode Kickstart 만들기
Kickstart 환경구성
- Kickstart Server
- OS : CentOS 7.5
- IP : 192.168.137.10/24
- DHCP : 192.168.137.100 ~ 200/24 Range
- TFTP : /var/lib/tftpboot/
- FTP : /var/ftp/pub
- Client Server
- UEFI Mode Server
Kickstart Server - Service Install
SELinux 비 활성화
[root@kickstart_server ~]# vi /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted |
Firewall 비 활성화
[root@kickstart_server ~]# systemctl stop firewalld [root@kickstart_server ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@kickstart_server ~]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) Oct 16 00:59:22 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... Oct 16 00:59:22 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon. Oct 16 01:03:06 kickstart_server systemd[1]: Stopping firewalld - dynamic firewall daemon... Oct 16 01:03:07 kickstart_server systemd[1]: Stopped firewalld - dynamic firewall daemon. |
DHCP, TFTP, FTP, SYSLinux Service 설치
[root@kickstart_server ~]# yum install -y dhcp tftp tftp-server syslinux vsftpd xinetd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.mirror.cdnetworks.com * extras: centos.mirror.cdnetworks.com ... Installed: dhcp.x86_64 12:4.2.5-68.el7.centos.1 syslinux.x86_64 0:4.05-13.el7 tftp.x86_64 0:5.2-22.el7 tftp-server.x86_64 0:5.2-22.el7 vsftpd.x86_64 0:3.0.2-22.el7 xinetd.x86_64 2:2.3.15-13.el7 Dependency Installed: mtools.x86_64 0:4.0.18-5.el7 Dependency Updated: dhclient.x86_64 12:4.2.5-68.el7.centos.1 dhcp-common.x86_64 12:4.2.5-68.el7.centos.1 dhcp-libs.x86_64 12:4.2.5-68.el7.centos.1 Complete! |
TFTP Config 설정
[root@kickstart_server pxelinux.cfg]# vi /etc/xinetd.d/tftp # default: off # description: The tftp server serves files using the trivial file transfer \ # protocol. The tftp protocol is often used to boot diskless \ # workstations, download configuration files to network-aware printers, \ # and to start the installation process for some operating systems. service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /var/lib/tftpboot disable = no per_source = 11 cps = 100 2 flags = IPv4 } |
PXE Booting을 위한 디렉토리 생성
[root@kickstart_server ~]# mkdir /var/lib/tftpboot/pxelinux [root@kickstart_server ~]# mkdir /var/lib/tftpboot/pxelinux/centos7.5 [root@kickstart_server ~]# mkdir /var/lib/tftpboot/pxelinux/iso [root@kickstart_server ~]# mkdir /var/lib/tftpboot/pxelinux/mnt [root@kickstart_server ~]# mkdir /var/lib/tftpboot/pxelinux/pxelinux.cfg [root@kickstart_server ~]# mkdir /var/ftp/pub/centos7.5 |
KickStart CentOS 7.5 Image Download
[root@kickstart_server iso]# wget http://mirror.kakao.com/centos/7.5.1804/isos/x86_64/CentOS-7-x86_64-DVD-1804.iso --2018-10-16 01:09:12-- http://mirror.kakao.com/centos/7.5.1804/isos/x86_64/CentOS-7-x86_64-DVD-1804.iso Resolving mirror.kakao.com (mirror.kakao.com)... 113.29.189.165 Connecting to mirror.kakao.com (mirror.kakao.com)|113.29.189.165|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4470079488 (4.2G) [application/octet-stream] Saving to: ‘CentOS-7-x86_64-DVD-1804.iso’ 100%[=========================================================================>] 4,470,079,488 9.11MB/s in 6m 54s 2018-10-16 01:16:06 (10.3 MB/s) - ‘CentOS-7-x86_64-DVD-1804.iso’ saved [4470079488/4470079488] |
KickStart CentOS 7.5 Image Mount & Copy
# CentOS Image Mount [root@kickstart_server iso]# mount CentOS-7-x86_64-DVD-1804.iso /var/lib/tftpboot/pxelinux/mnt/ mount: /dev/loop0 is write-protected, mounting read-only # CentOS Image Copy To FTP Location [root@kickstart_server pxelinux]# cp -R mnt/* /var/ftp/pub/centos7.5/ |
UEFI & BIOS Boot loader & Boot Image Copy
# UEFI Boot Loader Copy [root@kickstart_server mnt]# cp EFI/BOOT/grubx64.efi /var/lib/tftpboot/pxelinux/BOOTX64.EFI [root@kickstart_server mnt]# cp EFI/BOOT/grub.cfg /var/lib/tftpboot/pxelinux/grub.cfg # BIOS Boot Loader Copy [root@kickstart_server mnt]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/pxelinux/pxelinux.0 [root@kickstart_server mnt]# cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot/pxelinux/menu.c32 # Boot Image Copy [root@kickstart_server mnt]# cp images/pxeboot/vmlinuz /var/lib/tftpboot/pxelinux/centos7.5/ [root@kickstart_server mnt]# cp images/pxeboot/initrd.img /var/lib/tftpboot/pxelinux/centos7.5/ |
grub.cfg - UEFI Boot 편집
[root@kickstart_server pxelinux]# vi grub.cfg set default="1" function load_video { insmod efi_gop insmod efi_uga insmod video_bochs insmod video_cirrus insmod all_video } load_video set gfxpayload=keep insmod gzio insmod part_gpt insmod ext2 set timeout=60 ### END /etc/grub.d/00_header ### search --no-floppy --set=root -l 'CentOS 7 x86_64' ### BEGIN /etc/grub.d/10_linux ### menuentry 'Install CentOS 7' --class fedora --class gnu-linux --class gnu --class os { linuxefi /pxelinux/centos7.5/vmlinuz ip=dhcp inst.repo=ftp://192.168.137.10/pub/centos7.5 initrdefi /pxelinux/centos7.5/initrd.img } |
default - BIOS Boot 생성 및 편집
[root@kickstart_server pxelinux.cfg]# vi default default menu.c32 timeout 100 menu background splash.jpg menu color border 0 #ffffffff #00000000 menu color sel 7 #ffffffff #ff000000 menu color title 0 #ffffffff #00000000 menu color tabmsg 0 #ffffffff #00000000 menu color unsel 0 #ffffffff #00000000 menu color hotsel 0 #ff000000 #ffffffff menu color hotkey 7 #ffffffff #ff000000 menu color timeout_msg 0 #ffffffff #00000000 menu color timeout 0 #ffffffff #00000000 menu color cmdline 0 #ffffffff #00000000 menu tabmsg Press ENTER to Install or TAB to edit a menu entry menu title #### OS Installer Boot Menu #### label 1 menu label CentOS 7.5 Install kernel centos7.5/vmlinuz append initrd=centos7.5/initrd.img ramdisk_size=65536 inst.repo=ftp://192.168.137.10/pub/centos7.5 ks=ftp://192.168.137.10/pub/centos7.5/ks.cfg |
ks.cfg 생성 및 편집
[root@kickstart_server ~]# vi /var/ftp/pub/centos7.5/ks.cfg #platform=x86, AMD64, or Intel EM64T #version=DEVEL # Firewall configuration firewall --disabled # Install OS instead of upgrade install # Use NFS installation media url --url="ftp://192.168.137.10/pub/centos7.5" # Root password (change the value to the value above) rootpw --iscrypted $1$JagGKmgC$Mi3cHtb2cIm62SOtbHvxA1 # System authorization information auth useshadow passalgo=sha512 # Use graphical install graphical firstboot disable # System keyboard keyboard us # System language lang en_US # SELinux configuration selinux disabled # Installation logging level logging level=info # System timezone timezone Europe/Amsterdam # System bootloader configuration bootloader location=mbr clearpart --all --initlabel part swap --asprimary --fstype="swap" --size=1024 part /boot --fstype xfs --size=200 part pv.01 --size=1 --grow volgroup rootvg01 pv.01 logvol / --fstype xfs --name=lv01 --vgname=rootvg01 --size=1 --grow %packages @core wget net-tools %end %post %end |
dhcpd.conf 설정
# # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.example # see dhcpd.conf(5) man page # option arch code 93 = unsigned integer 16; # RFC4578 allow booting; allow bootp; # MAC Address Filter class "pxeboot_clinet" { match if ((substring (hardware, 1, 8) = 00:00:00:00:00:01) or (substring (hardware, 1, 8) = 00:00:00:00:00:02) ); } # Pxelinux Network Range subnet 192.168.137.0 netmask 255.255.255.0 { pool { allow members of "pxeboot_clinet"; option routers 192.168.137.1; option domain-name-servers 8.8.8.8; range 192.168.137.100 192.168.137.120; next-server 192.168.137.10; host pxe_client { hardware ethernet 00:00:00:00:00:01; fixed-address 192.168.137.110; if option arch = 00:07 { filename "/pxelinux/BOOTX64.EFI"; } else { filename "/pxelinux/pxelinux.0"; } } } } |
Service Restart 및 시작프로그램 등록
# Service 재시작 [root@kickstart_server centos7.5]# systemctl restart dhcpd [root@kickstart_server centos7.5]# systemctl restart vsftpd [root@kickstart_server centos7.5]# systemctl restart tftp [root@kickstart_server centos7.5]# systemctl restart xinetd # Service 시작프로그램 등록 [root@kickstart_server centos7.5]# systemctl enable dhcpd Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service. [root@kickstart_server centos7.5]# systemctl enable vsftpd Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service. [root@kickstart_server centos7.5]# systemctl enable vsftpd [root@kickstart_server centos7.5]# systemctl enable xinetd |
'[Server Story] > Linux' 카테고리의 다른 글
| [CentOS] Linux Package Management - RPM (0) | 2018.06.22 |
|---|---|
| [CentOS] Yum Repository(저장소) 추가 / 삭제 (0) | 2018.06.21 |
| [CentOS] Linux Package Management - Yum (0) | 2018.06.19 |
| [CentOS] Linux 반복 예약작업(스케줄러) - Crontab (1) | 2018.05.28 |
| [Linux] LVM 구성 - 디스크 추가 LVM 구성 (3) | 2017.11.14 |
Comments
Related Articles
more
최근에 올라온 글