MODOP – Boot Machines Linux Diskless via Machine Distante PXE

Le principe

Le but
Faire démarrer des machines Linux sans disque en centralisant les fichiers « bootloader » sur une machine distante PXE.

Inventaire des machines de notre MODOP

node-dhcpserver

vCPU : 2
Mémoire : 2 Go
Disque 1 : 8Go
Network : 172.16.186.2

node-dhcp-client01

vCPU : 2
Mémoire : 2 Go
Disque : Pas de Disque
Network Realtek RTL8139 :32:68:FB:51:F0:7E => 172.16.186.21 (Via PXE)

node-dhcp-client02

vCPU : 2
Mémoire : 2 Go
Disque : Pas de Disque
Network Realtek RTL8139 : 8A:3E:96:91:BB:E6 => 172.16.186.32 (Via PXE)

node-dhcp-client03

vCPU : 2
Mémoire : 2 Go
Disque : Pas de Disque
Network Realtek RTL8139 : 06:86:1D:34:F2:69 => 172.16.186.43 (Via PXE)

node-dhcp-client04

vCPU : 2
Mémoire : 2 Go
Disque : Pas de Disque
Network Realtek RTL8139 : 8E:2F:3B:D5:70:BC => 172.16.186.54 (Via PXE)

node-dhcp-client05

vCPU : 2
Mémoire : 2 Go
Disque : Pas de Disque
Network Realtek RTL8139 : 1E:65:A2:89:4E:E4 => 172.16.186.65 (Via PXE)

node-dhcp-client06

vCPU : 2
Mémoire : 2 Go
Disque : Pas de Disque
Network Realtek RTL8139 : EE:B7:EC:20:CE:CA => 172.16.186.76 (Via PXE)

1°) Mise à jour de la machine pxe

[root@node-dhcpserver ~]# yum -y update

2°) Installation/Configuration Dracut Network

[root@node-dhcpserver ~]# yum install -y dracut-network
[root@node-dhcpserver ~]# vi /etc/dracut.conf
add_dracutmodules+="nfs"

3°) Désactiver SELinux

[root@node-dhcpserver ~]#  sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
[root@node-dhcpserver ~]# cat /etc/selinux/config |grep SELINUX
# SELINUX= can take one of these three values:
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
SELINUXTYPE=targeted

[root@node-dhcpserver ~]# reboot

4°) Désactiver IPv6

[root@node-dhcpserver ~]# vi /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.all.autoconf = 0
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.default.autoconf = 0

[root@node-dhcpserver ~]# sysctl -p

5°) Installation/xinetd tftp

[root@node-dhcpserver ~]# yum install -y xinetd
[root@node-dhcpserver ~]# vi /etc/xinetd.d/tftp

service tftp
{
 socket_type = dgram
 protocol = udp
 wait = yes
 user = root
 server = /usr/sbin/in.tftpd
 server_args = -s /var/lib/tftpboot
 disable = no
 per_source = 11
 cps = 100 2
 flags = IPv4
}

[root@node-dhcpserver ~]# systemctl restart xinetd

6°) Installation/Configuration NFS

[root@node-dhcpserver ~]# yum install -y nfs-utils
[root@node-dhcpserver ~]# vi /etc/exports
/diskless 172.16.186.0/24(rw,async,no_root_squash)

[root@node-dhcpserver ~]# systemctl restart nfs
[root@node-dhcpserver ~]# exportfs -ra

7°) Installation/Configuration DHCP

[root@node-dhcpserver ~]# yum install -y dhcp
[root@node-dhcpserver ~]# vi /etc/dhcp/dhcpd.conf

#### Fichier de conf DHCP Server
option domain-name "house.cpb";
option domain-name-servers 192.168.1.1;

# Bail de 24H
default-lease-time 86400;

# Bail maxi de 48H
max-lease-time 172800;

# Définition du niveau de Log
log-facility local7;

allow booting;
allow bootp;
option time-offset -18000;

#Definition du réseau Subnet 172.16.186.0/24 dont va servir notre machine
subnet 172.16.186.0 netmask 255.255.255.0 {
 # Passerelle/Gateway
 option routers 172.16.186.201;
 option subnet-mask 255.255.255.0;

 ## Assigner les IP statique pour Subnet

 #Machine Client01
 host node-dhcp-client01 {
 option host-name "node-dhcp-client01";
 hardware ethernet 32:68:FB:51:F0:7E;
 fixed-address 172.16.186.21;
 }

 #Machine Client02
 host node-dhcp-client02 {
 option host-name "node-dhcp-client02";
 hardware ethernet 8A:3E:96:91:BB:E6;
 fixed-address 172.16.186.32;
 }

 #Machine Client03
 host node-dhcp-client03 {
 option host-name "node-dhcp-client03";
 hardware ethernet 06:86:1D:34:F2:69;
 fixed-address 172.16.186.43;
 }

 #Machine Client04
 host node-dhcp-client04 {
 option host-name "node-dhcp-client04";
 hardware ethernet 8E:2F:3B:D5:70:BC;
 fixed-address 172.16.186.54;
 }

 #Machine Client05
 host node-dhcp-client05 {
 option host-name "node-dhcp-client05";
 hardware ethernet 1E:65:A2:89:4E:E4;
 fixed-address 172.16.186.65;
 }

 #Machine Client06
 host node-dhcp-client06 {
 option host-name "node-dhcp-client06";
 hardware ethernet EE:B7:EC:20:CE:CA;
 fixed-address 172.16.186.76;
 }

 next-server 172.16.186.2;
 filename "pxelinux.0";
}

[root@node-dhcpserver ~]# systemctl restart dhcpd

8°) Installation repository base Centos7 sur la ressource /diskless NFS

[root@node-dhcpserver ~]# yum install @Base kernel dracut-network nfs-utils --installroot=/diskless/root --releasever=/

9°) Install/Désinstall paquet sur la ressource /diskless

[root@node-dhcpserver ~]# yum install nmap ---installroot=/diskless/root --releasever=/
[root@node-dhcpserver ~]# yum install epel-release ---installroot=/diskless/root --releasever=/
[root@node-dhcpserver ~]# yum install sshd ---installroot=/diskless/root --releasever=/

Ex : [root@node-dhcpserver ~]# yum erase nmap --installroot=/diskless/root --releasever=/

10°) Transfert Noyau VMLINUZ et initramfs sur la ressource /diskless

[root@node-dhcpserver ~]# cp /boot/vmlinuz-3.10.0-1160.45.1.el7.x86_64 /var/lib/tftpboot/
[root@node-dhcpserver ~]# dracut --add nfs /var/lib/tftpboot/initramfs-3.10.0-1160.45.1.el7.x86_64.img 3.10.0-1160.45.1.el7.x86_64
[root@node-dhcpserver ~]# chmod 644 /var/lib/tftpboot/initramfs-3.10.0-1160.45.1.el7.x86_64.img

11°) Menu Démarrage PXE via tftp

[root@node-dhcpserver ~]# yum -y install tftp-server syslinux
[root@node-dhcpserver ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@node-dhcpserver ~]# mkdir -p /var/lib/tftpboot/pxelinux.cfg

[root@node-dhcpserver ~]# vi /var/lib/tftpboot/pxelinux.cfg/default
default CentOS7.9
label CentOS7.9
 kernel vmlinuz-3.10.0-1160.45.1.el7.x86_64
 append initrd=initramfs-3.10.0-1160.45.1.el7.x86_64.img root=nfs:172.16.186.2:/diskless/root rw

12°) Création des points de Montage NFS /var pour les clients

[root@node-dhcpserver ~]# mkdir -p /diskless/nodes/node-dhcp-client01.house.cpb
[root@node-dhcpserver ~]# mkdir -p /diskless/nodes/node-dhcp-client02.house.cpb
[root@node-dhcpserver ~]# mkdir -p /diskless/nodes/node-dhcp-client03.house.cpb
[root@node-dhcpserver ~]# mkdir -p /diskless/nodes/node-dhcp-client04.house.cpb
[root@node-dhcpserver ~]# mkdir -p /diskless/nodes/node-dhcp-client05.house.cpb
[root@node-dhcpserver ~]# mkdir -p /diskless/nodes/node-dhcp-client06.house.cpb

13°) Copie des Structures/Datas de l’arborescence /var

[root@node-dhcpserver ~]# cp -a /diskless/root/var /diskless/nodes/node-dhcp-client01.house.cpb
[root@node-dhcpserver ~]# cp -a /diskless/root/var /diskless/nodes/node-dhcp-client02.house.cpb
[root@node-dhcpserver ~]# cp -a /diskless/root/var /diskless/nodes/node-dhcp-client03.house.cpb
[root@node-dhcpserver ~]# cp -a /diskless/root/var /diskless/nodes/node-dhcp-client04.house.cpb
[root@node-dhcpserver ~]# cp -a /diskless/root/var /diskless/nodes/node-dhcp-client05.house.cpb
[root@node-dhcpserver ~]# cp -a /diskless/root/var /diskless/nodes/node-dhcp-client06.house.cpb

14°) Script pour le montage NFS /var pour chaque Client

[root@node-dhcpserver ~]# vi /diskless/root/etc/rc.local

#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
touch /var/lock/subsys/local
for DIR in var
do
 mount -o rw 172.16.186.2:/diskless/nodes/$HOSTNAME/$DIR /$DIR
done
mount /dev/sda /tmp
if [ $? != 0 ]; then
 mkfs.xfs /dev/sda
 mount /dev/sda /tmp
fi
dhclient &

15°) Activation du Script au démarrage des Machines Clientes

[root@node-dhcpserver ~]# chroot /diskless/root/
bash-4.2# chmod +x /etc/rc.d/rc.local
bash-4.2# systemctl enable rc-local
bash-4.2# exit

16°) Activation du service SSH au démarrage des Machines Clientes

[root@node-dhcpserver ~]# chroot /diskless/root/
bash-4.2# systemctl enable sshd
bash-4.2# systemctl start sshd

17°) Définir un password pour le super Admin « Root »

[root@node-dhcpserver ~]# chroot /diskless/root/
bash-4.2#passwd root
password:
retype password:

18°) Activation des Rules Firewalld

[root@node-dhcpserver ~]# firewall-cmd --permanent --zone=public --add-service=nfs
[root@node-dhcpserver ~]# firewall-cmd --permanent --zone=public --add-service=tftp
[root@node-dhcpserver ~]# firewall-cmd --permanent --zone=public --add-service=dhcp
[root@node-dhcpserver ~]# firewall-cmd --reload

19°) Check les Clients

Client01
[root@node-dhcpserver ~]# ssh -l root 172.16.186.21

Client02
[root@node-dhcpserver ~]# ssh -l root 172.16.186.32

Client03
[root@node-dhcpserver ~]# ssh -l root 172.16.186.43

Client04
[root@node-dhcpserver ~]# ssh -l root 172.16.186.54

Client05
[root@node-dhcpserver ~]# ssh -l root 172.16.186.65

Client06
[root@node-dhcpserver ~]# ssh -l root 172.16.186.76

MODOP – Boot Machines Linux Diskless via Machine Distante PXE

Laisser un commentaire Annuler la réponse

Archives

Articles récents

Laisser un commentaire Annuler la réponse

Archives

Articles récents

Étiquettes