自動化運維體系
1. 系統預備
自動化安裝作業系統及常用軟體包---(PXE kickstart---ks.cfg)
2. 配置管理
自動化部署業務系統軟體包并完成配置 --- puppet
遠端管理伺服器(開關服務等)
變更復原
3. 監控報警 (cacti|ngioas|zabbix)
伺服器可用性、性能、安全監控
向管理者發送報警資訊
PXE 無人職守安裝(kickstart|Cobbler)
工作原理
PXE.client的網卡晶片裡面内置一個dhcp.client,tfpt.client,會從server端下載下傳一個PXEOS(裡面有各種安裝選項标簽),選擇特定安裝标簽後,
會通過tftp傳輸一個臨時核心(vmlinuz,initrd.img),接着傳一個ks.cfg自動安裝配置檔案過去
1、客戶機可以通過服務端dhcp在擷取IP位址,并且dhcpd伺服器會告訴用戶端tftp伺服器IP位址。
2、pxe用戶端會從tftp伺服器上下載下傳pxelinux.0作業系統和這個作業系統對應的配置檔案(default)至本機,在本機上運作pxelinux.0這個作業系統,
這個作業系統會加載自己的配置檔案:default.
default加載後會彈出一個安裝系統選擇界面,讓使用者去選擇要安裝哪個作業系統
tftp的作用是實作安裝檔案UDP快速傳輸
3、啟動第三個臨時系統(vmlinuz/initrd.img),構造安裝之前一個臨時系統環境,在這裡會重新
擷取IP位址,并且會讀取ks.cfg這個配置檔案
4、nfs/http/ftp用來導出紅帽系統安裝目錄樹
5、根據ks.cfg來自動完成作業系統的安裝
部署PXE
1. Configure the network (NFS, FTP, HTTP) server to export the installation tree.
2. Configure the files on the tftp server necessary for PXE booting.
3. Configure DHCP.
4. Boot the client, and start the installation.
1 配置服務(NFS, FTP, HTTP) 導出安裝樹
[root@node1 ~]# lftp 192.168.0.254
lftp 192.168.0.254:~> cd notes/iso/
lftp 192.168.0.254:/notes/iso> get rhel-server-6.3-x86_64-dvd.iso
lftp 192.168.0.254:/notes/iso> exit
[root@node1 ~]# vim /etc/fstab
/root/rhel-server-6.3-x86_64-dvd.iso /mnt/rhel6 iso9660 ro,loop 0 0
[root@node1 ~]# mkdir /mnt/rhel6
[root@node1 ~]# mount -a
本地YUM源
[root@node1 ~]# rm -fr /etc/yum.repos.d/*
[root@node1 ~]# vim /etc/yum.repos.d/local.repo
[local]
name=this's local YUM
baseurl=file:///mnt/rhel6
enabled=1
gpgcheck=0
安裝服務
[root@node1 ~]# yum -y install vsftpd httpd
通過ftp釋出安裝樹
[root@node1 ~]# mkdir /var/ftp/pub/rhel6/dvd -p
/root/rhel-server-6.3-x86_64-dvd.iso /var/ftp/pub/rhel6/dvd iso9660 ro,loop 0 0
[root@node1 ~]# service vsftpd start
[root@node1 ~]# chkconfig vsftpd on
通過http釋出安裝樹
[root@node1 ~]# ln -s /var/ftp/pub/rhel6/dvd/ /var/www/html/rhel6
[root@node1 ~]# service httpd start
[root@node1 ~]# chkconfig httpd on
測試
[root@node1 ~]# wget http://192.168.0.1/rhel6/GPL &> /dev/null && echo 'HTTP測試成功'
HTTP測試成功
[root@node1 ~]# wget ftp://192.168.0.1/pub/rhel6/dvd/README
2 配置tftp服務(pxe相關的啟動檔案)
1> 安裝tftp-server
[root@node1 ~]# yum -y install tftp-server
[root@node1 ~]# chkconfig tftp on
[root@node1 ~]# chkconfig xinetd on
[root@node1 ~]# service xinetd start
2> 安裝pxelinux.0作業系統
[root@node1 ~]# yum -y install syslinux
[root@node1 ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
3> pxelinux.0的配置檔案(default)
[root@node1 ~]# mkdir /var/lib/tftpboot/pxelinux.cfg/
[root@node1 ~]# cd /var/ftp/pub/rhel6/dvd/isolinux/
[root@node1 isolinux]# cp isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
4> 安裝那個系統的版本核心檔案
[root@node1 isolinux]# mkdir /var/lib/tftpboot/rhel6.3
[root@node1 isolinux]# cp vmlinuz initrd.img /var/lib/tftpboot/rhel6.3/
5> 增強圖形化菜單
vesamenu.c32 --- 圖形菜單編譯器
splash.jpg --- 背景圖
boot.msg --- 字元菜單
[root@node1 isolinux]# cp boot.msg vesamenu.c32 splash.jpg /var/lib/tftpboot/
3 安裝dhcp服務
[root@node1 ~]# yum -y install dhcp
[root@node1 ~]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
cp:是否覆寫"/etc/dhcp/dhcpd.conf"? y
option domain-name "hugo.cc";
option domain-name-servers 192.168.0.1, 8.8.8.8;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.100 192.168.0.110;
option routers 192.168.0.1;
option broadcast-address 192.168.0.255;
next-server 192.168.0.1; ---找尋tftp服務主機
filename "pexlinux.0"; ---下載下傳pex系統
}
[root@node1 ~]# service dhcpd start
[root@node1 ~]# chkconfig dhcpd on
4 通過kickstart工具 生成安裝系統的腳本 ks.cfg
[root@node1 ~]# yum -y install system-config-kickstart
/root/ks.cfg
[root@node1 ~]# cat /root/ks.cfg
#platform=x86, AMD64, 或 Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use network installation
url --url="ftp://192.168.0.1/pub/rhel6/dvd"
# Root password
rootpw --iscrypted $1$.DW5qqTM$NjQgYUCnhuhW2sXM9jcgJ0
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang zh_CN
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=info
# Reboot after installation
reboot
# System timezone
timezone --isUtc Asia/Shanghai
# Network information
network --bootproto=dhcp --device=eth0 --onboot=on
# System bootloader configuration
bootloader --append="selinux=0" --location=mbr --md5pass="$1$r/9QfvC3$wWRxW4VFEu/WtEY1JKTdR0"
# Clear the Master Boot Record
zerombr
clearpart --all
part /boot --fstype ext4 --size=100
part pv.100000 --size=10000
part swap --size=512
volgroup vg --pesize=32768 pv.100000
logvol /home --fstype ext4 --name=lv_home --vgname=vg --size=480
logvol / --fstype ext4 --name=lv_root --vgname=vg --size=8192
%end
%post
rm -fr /etc/yum.repos.d/*
cat > /etc/yum.repos.d/dvd.repo << EOT
[dvd]
name=this's PXE source
baseurl=ftp://192.168.0.1/pub/rhel6/dvd
gpgchec=0
EOT
sed -i s/id:[0-9]:initdefault:/id:5:initdefault:/ /etc/inittab
%packages
@basic-desktop
@chinese-support
@desktop-debugging
@desktop-platform
@development
@fonts
@graphical-admin-tools
@input-methods
@legacy-x
@remote-desktop-clients
@x11
httpd
php
mysql-server
mysql
php-mysql
lftp
ftp
openssh
----------------------------------------------------------
<釋出ks.cfg檔案>定義default菜單 如何連接配接ks.cfg
[root@node1 ~]# cp /root/ks.cfg /var/www/html/rhel6.cfg
[root@node1 ~]# vim /var/lib/tftpboot/pxelinux.cfg/default
default vesamenu.c32
#prompt 1
timeout 600
display boot.msg
menu background splash.jpg
menu title Welcome to Red Hat Enterprise Linux 6.3!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color scrollbar 0 #ffffffff #00000000
label local
menu label Boot from ^local drive
menu default
localboot 0xffff
label linux
menu label Install RHEL6.3
menu default
kernel rhel6.3/vmlinuz
append initrd=rhel6/initrd.img
label auto
menu label Auto RHEL6.3
append initrd=rhel6/initrd.img ks=http://192.168.0.1/rhel6.cfg noipv6
label rescue
menu label ^Rescue installed system
append initrd=rhel6.3/initrd.img rescue
保證區域網路内 隻有一個DHCP服務
配置DNS
正向解析 hugo.cc
反向解析 192.168.0.0/24
[root@node1 isolinux]# yum -y install bind
[root@node1 ~]# vim /etc/named.conf
options {
listen-on port 53 { 127.0.0.1; 192.168.0.1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
recursion yes;
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
[root@node1 ~]# vim /etc/named.rfc1912.zones
zone "hugo.cc" IN {
type master;
file "hugo.cc.zone";
allow-update { none; };
zone "0.168.192.in-addr.arpa" IN {
file "192.168.0.rev";
[root@node1 ~]# cd /var/named/
[root@node1 named]# cp -a named.localhost hugo.cc.zone
[root@node1 named]# vim hugo.cc.zone
$TTL 1D
@ IN SOA ns1.hugo.cc. root.hugo.cc. (
10 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS ns1.hugo.cc.
ns1 A 192.168.0.1
[root@node1 named]# for a in {2..254}; do echo -e "desktop$a\tA\t192.168.$a" >> /var/named/hugo.cc.zone ; done
[root@node1 named]# cp hugo.cc.zone 192.168.0.rev -a
1 PTR ns1.hugo.cc.
[root@node1 named]# for a in {2..254}; do echo -e "$a\tPTR\tdesktop$a.hugo.cc." >> /var/named/192.168.0.rev ; done
[root@node1 named]# service named start
[root@node1 ~]# echo "nameserver 192.168.0.1" > /etc/resolv.conf
[root@node1 ~]# dig -t axfr hugo.cc
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
增加一個标簽RHEL5.4
<導入安裝樹|生成ks.cfg腳本|拷貝核心檔案|添加标簽>
1. 通過FTP|HTTP|NFS 釋出RHEL5.4安裝樹
mkdir /var/ftp/pub/rhel5.4
mount -o loop /root/rhel-server-5.4-i386-dvd.iso /var/ftp/pub/rhel5.4/
wget ftp://192.168.0.1/pub/rhel5.4/GPL
2.生成rhel5.4的kickstart檔案
vim /root/ks_rhel5.4.cfg
key --skip
auth --useshadow --enablemd5
bootloader --location=mbr --md5pass=$1$MUnByNpz$WVFU9CQ.cnLdHPjOjfKvO/
# Partition clearing information
clearpart --all --initlabel
# Run the Setup Agent on first boot
lang en_US
url --url=ftp://192.168.0.1/pub/rhel5.4
network --bootproto=dhcp --device=eth0 --onboot=on
#Root password
rootpw --iscrypted $1$dTFnL7xR$f6xjhRJbxoKxPt69HLv2V0
# X Window System configuration information
xconfig --defaultdesktop=GNOME --depth=8 --resolution=800x600 --startxonboot
# Disk partitioning information
part /boot --bytes-per-inode=4096 --fstype="ext3" --size=100
part / --bytes-per-inode=4096 --fstype="ext3" --size=15000
part swap --bytes-per-inode=4096 --fstype="swap" --size=512
%pre
#clearpart --linux
#part /boot --fstype ext3 --size=200
#part pv.3 --size=20000
#part swap --size=1024
#volgroup vol0 --pesize=32768 pv.3
#logvol / --fstype ext3 --name=root --vgname=vol0 --size=15000
#logvol /home --fstype ext3 --name=home --vgname=vol0 --size=992
%post
echo "nameserver 192.168.0.1" >> /etc/resolv.conf
@gnome-desktop
@development-libs
@development-tools
@graphical-internet
@graphics
@editors
wget
firefox
elinks
拷貝到http 家目錄
cp /root/ks_rhel5.4.cfg /var/www/html/rhel5_4.cfg
3 拷貝rhel5.4的核心檔案
mkdir /var/lib/tftpboot/rhel5.4/
cd /var/ftp/pub/rhel5.4/isolinux/
cp vmlinuz initrd.img /var/lib/tftpboot/rhel5.4/
4 定義RHEL5.4的菜單選項
vim /var/lib/tftpboot/pxelinux.cfg/default
label auto5
menu label ^Auto RHEL5.4
kernel rhel5.4/vmlinuz