一个基于KVM虚拟机的PXE服务器的实现

Posted 2023-02-28 smstong

各位博友你们好，由于本人自去年5月份开始移居海外，事情繁多，一直没有更新CSDN博客。现在基本稳定下来了，于是又有心情开始写写博客了：）

鉴于目前工作原因，博文内容会多与Linux服务器运维有关，偶有编程小技巧。另外，我搭建了自己的wordpress系统，将来其博文会和CSDN同步。由于网络速度问题，会先发到我的workpress上，随后再同步到CSDN。

由于工作繁忙，基本上是随手记录，各种错误肯定不少，望大家指正！

点击进入—>我的workpress

0 PXE cheat-sheet

• PXE stands for Preboot eXecute Environment
• It’s a piece of code embedded in an NIC’s rom, which is
  loaded by Bios when a PC is booted.
• PXE downloads another piece of software call NBP (Network
  Bootstrap Program, e.g. syslinux) from network via tftp.
• Tftp server IP and NBP file path are given by a DHCP server.
• NBP (via tftp)loads OS installer which usually ships with distrubution DVD.
• OS installer is strong enough to support more secure/robust network
  protocol, like ftp,nfs,samba,http.
• OS installer downloads OS package via ftp/http/nfs/…

To summarize, a complete PXE system includes:

• client PC with PXE supported NIC
• tftp server to hold NBP and OS installer (kernel, initrd)
• ftp/http/nfs server to hold OS packages
• dhcp server to connect client and other servers

1 PXE server building on CentOS 7

If we test PXE install in physical environment, at least 2
physical PCs are needed.

• one PC as tftp server, ftp server, and dhcp server.
• one PC as client

I am not going to go with metal machines. Instead I will go on
virtual machines.

1.1 Hardware

One PC with:

• 16 GB RAM
• 200 GB Disk
• CentOS 7 (libvirt + QEMU + KVM)

1.2 Virtual lab topology

(1) Network
Two VMs in the same virtual network, nat1.
IP: 192.168.100.1/24, with DHCP disabled.

virsh # net-dumpxml nat1
<network>
  <name>nat1</name>
  <uuid>e8a61a4e-6405-4695-8656-f47f519e3808</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:f3:65:51'/>
  <domain name='nat1'/>
  <ip address='192.168.100.1' netmask='255.255.255.0'>
  </ip>
</network>

(2) VM1, named PXEServer
Runing as dhcp server, tftp server, ftp server.
IP: static 192.168.100.100/24

(3) VM2, named test
Running as a client to install CentOS 7 from VM1.

1.3 PXEServer setting

(1) dhcp server

steps:

yum install dhcp
modify /etc/dhcp/dhcp.config
firewall-cmd --permanent --add-service dhcp
firewall-cmd --reload
systemctl enable dhcp
systemctl start dhcp

config file:

cat /etc/dhcp/dhcp.config
subnet 192.168.100.0 netmask 255.255.255.0 
  range 192.168.100.101 192.168.100.200;
  option domain-name "smallstrong.ca";
  option domain-name-servers 8.8.8.8, 8.8.4.4;
  option routers 192.168.100.1;
  option broadcast-address 192.168.100.255;
  default-lease-time 600;
  max-lease-time 7200;

  # PXE tftp server IP
  next-server 192.168.100.100;

  # PXE NBP file on tftp server
  filename "pxelinux.0";

(2) tftp server

Steps:

yum install syslinux
yum install tftp-server xinetd

cp -r /usr/share/syslinux/* /var/lib/tftpboot/
mkdir /var/lib/tftpboot/pxelinux.cfg
touch /var/lib/tftpboot/pxelinux.cfg/default
mkdir /var/lib/tftpboot/centos7

cd ~/Download
curl -O http://mirror.esecuredata.com/centos/7/isos/x86_64
/CentOS-7-x86_64-Everything-1804.iso

mount -o loop,ro ~/Download/CentOS-7-x86_64-Everything-1804.iso /mnt
cp /mnt/images/pxeboot/vmlinuz /var/lib/tftp/centos7/
cp /mnt/images/pxeboot/initrd.img /var/lib/tftp/centos7/

firewall-cmd --permanent --add-service=tftp
friewall-cmd --reload
systemctl enable xinetd
systemctl start xinetd tftpd

config file:

/etc/xinetd.d/tftp:
service tftp

        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /var/lib/tftpboot
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4

/var/lib/tftpboot/pxelinux.cfg/default:

default menu.c32
prompt 1
timeout 600

label 1
menu label ^1) Install CentOS 7 x64 from ftp server
kernel centos7/vmlinuz
append initrd=centos7/initrd.img method=ftp://192.168.100.100/pub/centos7 devfs=nomount

label 2
menu label ^2) Boot from local drive

(3) ftp server

Steps:

yum install vsftpd
firewall-cmd --permanent --add-service=ftp
firewall-cmd --reload
systemctl enable vsftpd
systemctl start vsftpd

cp -r /mnt/ /var/ftp/pub/
mv /var/ftp/pub/mnt /var/ftp/pub/centos7

1.4 common faults

(1) missing hidden files .treeinfo from ISO DVD

RootCause:
cp -r /mnt/* /var/ftp/pub
this will noy copy /mnt/.treeinfo

(2) fail to test tftp
tftp client will not report error due to UDP under tftp.
but you can get 0 bytes file from tftp server, which is
error.

tftp client end needs to open UDP port 69 too.

firewall-cmd --permanent --add-service tftp-client
firewall-cmd --reload

(3) vsftp /var/ftp/pub/centos7 not visiable

RootCause:

SELINUX issue if:

cp -ar /mnt/ /var/ftp/pub/

The -a option of cp will retain the context which is not
right for vsftp.

2 eg: PXE install CentOS 7 as VM

2.1 VM requirement

Make sure NIC is in the bootable device list.
KVM’s vm uses NIC with iPXE which is an open sourced PXE.

2.2 common errors

(1) curl(23): Faild writing body’

RootCause:
VM’s memory is less than 1.5GB

Analysis:
RedHat official document says: Network / PXE install requires
at least 1.5 GB of RAM for the install procedure only.

This is because the LiveOS/squashfs.img needs to be downloaded
into memory to run. If the memory is not enough, download error
will occur, like ‘curl(23): Faild writing body’.

3 To do

• add more OS distributions, like Ubuntu, Windows 10, FreeBSD
• use a docker container instead of a virtual machine as PXE server