Ubuntu 20.04 搭建 PXE/iPXE Server

Ubuntu 20.04 搭建 PXE ServerIntroductionPXE Server组件Configure DHCP Service功能快捷键合理的创建标题，有助于目录的生成如何改变文本的样式插入链接与图片如何插入一段漂亮的代码片生成一个适合你的列表创建一个表格设定内容居中、居左、居右SmartyPants创建一个自定义列表如何创建一个注脚注释也是必不可少的KaTeX数学公式新的甘特图

wbcuc

11707人浏览 · 2021-04-25 13:27:38

wbcuc · 2021-04-25 13:27:38 发布

Ubuntu 20.04 搭建 PXE iPXE Server

Introduction
- PXE Server组件
Configure Static IP Address
Configure DHCP Service
Configure TFTP Service
PXE验证
- Configure FTP Service
- Configure Syslinux for PXE verification
iPXE验证
- Install HTTP Server
- iPXE verification

Introduction

验证网卡的PXE功能，需要搭建PXE server，PXE是网卡从服务器端启动，然后下载系统镜像，从来实现远程系统启动或者系统安装到本地。

PXE Server组件

DHCP Server
负责给PXE网卡分配网络IP地址，并通过网络提供指定的系统启动文件。
TFTP Server
PXE网卡通过TFTP协议获取启动文件，例如：pxelinux.0，vmlinuz，initrd.img, undionly.kpxe等。
FTP Server
PXE网卡通过FTP协议下载系统镜像文件，包含一个完整的系统。
Syslinux
是一个启动加载器集合，可以从硬盘、光盘或通过 PXE 的网络引导启动系统。
iPXE
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:

boot from a web server via HTTP
boot from an iSCSI SAN
boot from a Fibre Channel SAN via FCoE
boot from an AoE SAN
boot from a wireless network
boot from a wide-area network
boot from an Infiniband network
control the boot process with a script

下面以 Ubuntu 20.04 为例来示例如何搭建一个自用的PXE Server的过程。

Configure Static IP Address

选定一个网卡作为接下来DHCP Server的外接端口，此处选定网卡 enp1s0 配置静态IP 192.168.10.10。

root@pxe-server:/home/pxe/Desktop# cat /etc/netplan/01-network-manager-all.yaml 
# Let NetworkManager manage all devices on this system
network:
 # version: 2
 # renderer: NetworkManager
  ethernets:
    enp1s0:
      dhcp4: no
      dhcp6: no
      addresses: [192.168.10.10/24]
      gateway4: 192.168.10.1
      nameservers:
        addresses: [114.114.114.114]

root@pxe-server:/home/pxe/Desktop# ifconfig
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.10  netmask 255.255.255.0  broadcast 192.168.10.255
        ether xx:xx:xx:xx:xx:xx  txqueuelen 1000  (Ethernet)

也可以通过ifconfig的方法来配置临时IP，系统重启需要重新配置。有时发现重新开机后，之前配置的静态IP没有成功，那就手动配置一次，然后重新启动DHCP Server即可。

root@pxe-server:/home/pxe/Desktop# ifconfig enp1s0 192.168.10.10

Configure DHCP Service

安装DHCP Server

root@pxe-server:/home/pxe/Desktop# apt install isc-dhcp-server

编辑/etc/default/isc-dhcp-server
此处选择DHCP Server要绑定的网卡 enp1s0.

root@pxe-server:/home/pxe/Desktop# cat /etc/default/isc-dhcp-server
# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)

# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf

# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
#DHCPDv4_PID=/var/run/dhcpd.pid
#DHCPDv6_PID=/var/run/dhcpd6.pid

# Additional options to start dhcpd with.
#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""

# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
#INTERFACESv4=""
#INTERFACESv6=""
INTERFACES="enp1s0" #可以用这个参数设置，避免后续报出Error/warning.

编辑/etc/dhcp/dhcpd.conf
此处配置DHCP Server的关键信息，包括IP地址段，路由，针对PXE Server，还需要包括pxe启动image, next-server.

root@pxe-server:/home/pxe/Desktop# cat /etc/dhcp/dhcpd.conf
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
# configuration file instead of this file.
#

# option definitions common to all supported networks...
option domain-name "example.org";
#option domain-name-servers ns1.example.org, ns2.example.org;#这行注释掉，有时导致DHCP client获取IP失败

default-lease-time 600;
max-lease-time 7200;

# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
#log-facility local7;

# No service will be given on this subnet, but declaring it helps the 
# DHCP server to understand the network topology.

#subnet 10.152.187.0 netmask 255.255.255.0 {
#}

# This is a very basic subnet declaration.

#subnet 10.254.239.0 netmask 255.255.255.224 {
#  range 10.254.239.10 10.254.239.20;
#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}

# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.

#subnet 10.254.239.32 netmask 255.255.255.224 {
#  range dynamic-bootp 10.254.239.40 10.254.239.60;
#  option broadcast-address 10.254.239.31;
#  option routers rtr-239-32-1.example.org;
#}

# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
#  range 10.5.5.26 10.5.5.30;
#  option domain-name-servers ns1.internal.example.org;
#  option domain-name "internal.example.org";
#  option subnet-mask 255.255.255.224;
#  option routers 10.5.5.1;
#  option broadcast-address 10.5.5.31;
#  default-lease-time 600;
#  max-lease-time 7200;
#}
option client-architecture code 93 = unsigned integer 16;
subnet 192.168.10.0 netmask 255.255.255.0 {
  range 192.168.10.11 192.168.10.30;
#  option domain-name-servers 192.168.10.2, 192.168.10.3;
#  option domain-name "internal.example.org";
#  option subnet-mask 255.255.255.0;
  option routers 192.168.10.1;
#  option broadcast-address 192.168.10.2;
#  default-lease-time 600;
#  max-lease-time 7200;
  # tftp server IP Address
  next-server 192.168.10.10;
  
  # ++++++++++++++++++++++++ For PXE Boot file
  #filename "pxelinux.0";
  # ------------------------ For PXE Boot file
  
  # ++++++++++++++++++++++++ For iPXE Boot files
  if exists user-class and option user-class = "iPXE" {
      filename "ipxe.script";   # for iPXE booting scripts
  } elsif option client-architecture = 00:00 {
      filename "undionly.kpxe"; # for booting legacy PXE
  } else {
      filename "ipxe.efi";      # for booting UFEI PXE
  }
  # ------------------------ For iPXE Boot files
}


# Hosts which require special configuration options can be listed in
# host statements.   If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.

#host passacaglia {
#  hardware ethernet 0:0:c0:5d:bd:95;
#  filename "vmunix.passacaglia";
#  server-name "toccata.example.com";
#}

# Fixed IP addresses can also be specified for hosts.   These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
#  hardware ethernet 08:00:07:26:c0:a5;
#  fixed-address fantasia.example.com;
#}

# You can declare a class of clients and then do address allocation
# based on that.   The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.

#class "foo" {
#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}

#shared-network 224-29 {
#  subnet 10.17.224.0 netmask 255.255.255.0 {
#    option routers rtr-224.example.org;
#  }
#  subnet 10.0.29.0 netmask 255.255.255.0 {
#    option routers rtr-29.example.org;
#  }
#  pool {
#    allow members of "foo";
#    range 10.17.224.10 10.17.224.250;
#  }
#  pool {
#    deny members of "foo";
#    range 10.0.29.10 10.0.29.230;
#  }
#}

Enable DHCP service
配置完成后，重启DHCP service，之后如果发现DHCP不工作的时候，都可以通过这种方式重启来修正。

root@pxe-server:/home/pxe/Desktop# service isc-dhcp-server restart
root@pxe-server:/home/pxe/Desktop# service isc-dhcp-server status
● isc-dhcp-server.service - ISC DHCP IPv4 server
     Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2021-04-22 17:16:17 CST; 1s ago
       Docs: man:dhcpd(8)
   Main PID: 2827 (dhcpd)
      Tasks: 4 (limit: 8778)
     Memory: 4.8M
     CGroup: /system.slice/isc-dhcp-server.service
             └─2827 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf enp1s0

4月 22 17:16:17 pxe-server sh[2827]: Wrote 1 leases to leases file.
4月 22 17:16:17 pxe-server dhcpd[2827]: Listening on LPF/enp1s0/xx:xx:xx:xx:xx:xx/192.168.10.0/24
4月 22 17:16:17 pxe-server sh[2827]: Listening on LPF/enp1s0/xx:xx:xx:xx:xx:xx/192.168.10.0/24
4月 22 17:16:17 pxe-server sh[2827]: Sending on   LPF/enp1s0/xx:xx:xx:xx:xx:xx/192.168.10.0/24
4月 22 17:16:17 pxe-server sh[2827]: Sending on   Socket/fallback/fallback-net
4月 22 17:16:17 pxe-server dhcpd[2827]: Sending on   LPF/enp1s0/xx:xx:xx:xx:xx:xx/192.168.10.0/24
4月 22 17:16:17 pxe-server dhcpd[2827]: Sending on   Socket/fallback/fallback-net
4月 22 17:16:17 pxe-server dhcpd[2827]: Server starting service.
4月 22 17:16:18 pxe-server dhcpd[2827]: reuse_lease: lease age 118 (secs) under 25% threshold, reply with unaltered, existing lease for 192.168.10.11
4月 22 17:16:18 pxe-server dhcpd[2827]: DHCPREQUEST for 192.168.10.11 from xx:xx:xx:xx:xx:xx ( ) via enp1s0

Configure TFTP Service

安装TFTP服务

root@pxe-server:/home/pxe/Desktop# apt install tftpd-hpa

配置/etc/default/tftpd-hpa

root@pxe-server:/home/pxe/Desktop# cat /etc/default/tftpd-hpa
# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp" #下载文件目录
TFTP_ADDRESS=":69"
TFTP_OPTIONS="--secure"

Enable TFTP service

root@pxe-server:/home/pxe/Desktop# service tftpd-hpa restart
root@pxe-server:/home/pxe/Desktop# service tftpd-hpa status
● tftpd-hpa.service - LSB: HPAs tftp server
     Loaded: loaded (/etc/init.d/tftpd-hpa; generated)
     Active: active (running) since Thu 2021-04-22 17:44:09 CST; 1s ago
       Docs: man:systemd-sysv-generator(8)
    Process: 1817 ExecStart=/etc/init.d/tftpd-hpa start (code=exited, status=0/SUCCESS)
      Tasks: 1 (limit: 8778)
     Memory: 1.0M
     CGroup: /system.slice/tftpd-hpa.service
             └─1825 /usr/sbin/in.tftpd --listen --user tftp --address :69 --secure /srv/tftp

4月 22 17:44:09 pxe-server systemd[1]: Starting LSB: HPAs tftp server...
4月 22 17:44:09 pxe-server tftpd-hpa[1817]:  * Starting HPAs tftpd in.tftpd
4月 22 17:44:09 pxe-server tftpd-hpa[1817]:    ...done.
4月 22 17:44:09 pxe-server systemd[1]: Started LSB: HPA's tftp server.

PXE验证

Configure FTP Service

用来下载系统安装镜像的服务有几种选项，FTP，HTTP，NFS等，此处选择FTP.

安装 FTP Server

root@pxe-server:/home/pxe/Desktop# apt install vsftpd

FTP的默认文件夹为"/srv/ftp/"，需要把OS Image copy到这个目录，以下为redhat8.1的OS images.

root@pxe-server:/home/pxe/Desktop# ls /srv/
ftp  tftp
root@pxe-server:/home/pxe/Desktop# ls /srv/ftp/
AppStream  EFI   extra_files.json  images    media.repo               RPM-GPG-KEY-redhat-release
BaseOS     EULA  GPL               isolinux  RPM-GPG-KEY-redhat-beta  TRANS.TBL

配置/etc/vsftpd.conf
Enable FTP service

root@pxe-server:/home/pxe/Desktop#service vsftpd status
● vsftpd.service - vsftpd FTP server
     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2021-04-13 05:36:40 CST; 12h ago
   Main PID: 32304 (vsftpd)
      Tasks: 1 (limit: 154342)
     Memory: 21.5M
     CGroup: /system.slice/vsftpd.service
             └─32304 /usr/sbin/vsftpd /etc/vsftpd.conf

4 13 05:36:40 pxeserver systemd[1]: Starting vsftpd FTP server...
4 13 05:36:40 pxeserver systemd[1]: Started vsftpd FTP server.

Configure Syslinux for PXE verification

如果不需要验证PXE，这一章节的操作可以略过，直接到下一章节，可以配置iPXE。

install Syslinux

root@pxe-server:/home/pxe/Desktop# apt install syslinux

安装完成后，可以从下列目录中找到legacy/uefi启动image

root@pxe-server:/home/pxe/Desktop# ls /usr/lib/syslinux
mbr  memdisk  modules
root@pxe-server:/home/pxe/Desktop# ls /usr/lib/syslinux/modules
bios  efi32  efi6

Copy pxelinux.0文件到"/srv/tftp/“目录，此处应该包含所有用到的boot image,包括iPXE的，这几个文件名字都包含在”/etc/dhcp/dhcpd.conf".
从OS image文件中copy initrd.img,vmlinuz到tftp/pxeboot/目录中

root@pxe-server:/home/pxe/Desktop# ls /srv/ftp/images/pxeboot/ #redhat8.1的OS images
initrd.img  vmlinuz
root@pxe-server:/home/pxe/Desktop# ls /srv/tftp/pxeboot/
initrd.img  vmlinuz

配置pxelinux.cfg/default文件

root@pxe-server:/home/pxe/Desktop# cat /srv/tftp/pxelinux.cfg/default
default redhat81
timeout 3
prompt 0
label redhat81
menu title redhat 8.1 pxe installtion
kernel /pxeboot/vmlinuz
append initrd=/pxeboot/initrd.img inst.stage2=ftp://192.168.10.10/

此时，legacy PXE的配置完成，可以用来验证PXE的功能了。

iPXE验证

Install HTTP Server

iPXE默认不是support FTP server，需要安装HTTP Server来完成安装文件的传输，安装过程十分简单。

root@pxe-server:/home/pxe/Desktop# apt install apache2
root@pxe-server:/home/pxe/Desktop# service apache2 status

安装完成后，把安装文件copy到/var/www/html目录，把默认的index.html删除即可。

root@pxe-server:/home/pxe/Desktop# ls /var/www/html
RHEL8.3

iPXE verification

此处用来配置iPXE，iPXE可以同时support legacy and uefi PXE。

root@pxe-server:/home/pxe/Desktop# apt install ipxe
root@pxe-server:/home/pxe/Desktop# cp /usr/lib/ipxe/{ipxe.efi,undionly.kpxe} /srv/tftp/ 
root@pxe-server:/home/pxe/Desktop# ls /srv/tftp/ 
ipxe.efi undionly.kpxe ipxe.script

针对ipxe.script，此处给出一个示例：

#!ipxe

:start
menu iPXE Boot Options
item shell iPXE shell
item linux-net Linux OS installation
item exit  Exit to BIOS
choose --default linux-net --timeout 10000 option && goto ${option}
:shell
shell
:linux-net
set server_root http://192.168.10.10/
initrd ${server_root}/RHEL8.3/images/pxeboot/initrd.img
kernel ${server_root}/RHEL8.3/images/pxeboot/vmlinuz inst.repo=${server_root}/RHEL8.3/ initrd=initrd.img
boot
:exit
exit