文章目錄
-
- 寫在開頭的話
- pxe+kickstart | cobbler
-
- 00. 前提概述
-
- 0.1 需要安裝的軟體
- 0.2 軟體介紹
- 0.3 軟體起到的作用
- 0.4 實作過程
- 0.5 什麼是 PXE
- 0.6 PXE的工作過程
- 0.7 Kickstart和Cobbler 的介紹
- 01. 準備工作
-
- 1.1 主機環境
- 1.2 網絡配置
- 1.3 關閉防火牆
- 1.4 關閉Selinux
- 1.5 挂載鏡像檔案,配置yum源為CD光牒擷取
- 02. 安裝所需軟體
-
- 2.1 安裝配置 DHCP
- 2.2 安裝配置xinetd 服務和 tftp 服務
- 2.3 安裝syslinux
- 2.4 複制引導檔案到tftp的主目錄下
- 2.5 安裝httpd 服務
- 2.6 作業系統安裝配置檔案設定
- 2.7 設定網絡安裝
- 03. 關于ks.cfg檔案與kickstart
-
- 3.1 ks.cfg 檔案詳解
- 3.2 ks腳本示範
- 3.3 編輯default 檔案
- 3.4 圖形化界面設定ks.cfg
- 04. 關于PXE 配置檔案default
- 05. cobbler 自動部署
-
- 5.1 cobbler介紹
- 5.2 cobbler對應關系
- 5.3 cobbler內建的服務
- 5.4 cobbler工作原理
- 5.5 cobbler安裝
- 5.6 配置cobbler
- 5.7 `Cobbler`配置安裝`Centos7.x`
- 5.8 cobbler Web管理界面配置
- 5.9 定制化安裝
- 5.10 到此,自動化安裝已經完成,現在測試
- 寫在最後的話:
這裡是一段防爬蟲文本,請讀者忽略。
本文原創首發于CSDN,作者IDYS
部落格首頁:https://blog.csdn.net/weixin_41633902/
本文連結:https://blog.csdn.net/weixin_41633902/article/details/107751713
未經授權,禁止轉載!惡意轉載,後果自負!尊重原創,遠離剽竊!
寫在開頭的話
- 請記住:實踐是掌握知識的最快方法
- 如果你隻是懷着看看的态度去快速浏覽文章,而不去認認真真的把文章裡面講的任何一個知識點去實踐一遍,那麼你永遠也掌握不了它
- 生命不息,折騰不止!
pxe+kickstart | cobbler
00. 前提概述
0.1 需要安裝的軟體
-
DHCP
-
http
-
tftp
-
xinetd
-
syslinux
-
kickstart
0.2 軟體介紹
-
DHCP
(DHCP
,動态主機設定協定)是用于區域網路動态配置設定Dynamic Host Configuration Protocol
位址的工具,主機發送請求消息給IP
伺服器的DHCP
端口,68
伺服器回應應答消息給主機的DHCP
号端口67
-
http
HTTP協定(,超文本傳輸協定)是網際網路上應用最為廣泛的一種網絡傳輸協定,HyperText Transfer Protocol
是一個基于HTTP
通信協定來傳遞資料(TCP/IP
檔案, 圖檔檔案, 查詢結果等)HTML
-
tftp
(TFTP
,簡單檔案傳輸協定))是Trivial File Transfer Protocol
協定族中的一個用來在客戶機與伺服器之間進行簡單檔案傳輸的協定,提供不複雜、開銷不大的檔案傳輸服務。端口号為TCP/IP
。69
-
xinetd
是新一代的網絡守護程序服務程式,又叫超級Internet伺服器,常用來管理多種輕量級xinetd
服務。Internet
提供類似于xinetd
的功能,但是更加強大和安全。inetd+tcp_wrapper
-
syslinux
是一個功能強大的引導加載程式,而且相容各種媒體。它的目的是簡化首次安裝syslinux
的時間,并建立修護或其它特殊用途的啟動盤。它的安裝很簡單,一旦安裝Linux
好之後,sysLinux啟動盤就可以引導各種基于syslinux
的工具,以及DOS
/MS-DOS
或者任何其它作業系統。不僅支援采用Windows
結構的主機闆,而且從BIOS
版也開始支援采用6.0
結構的新型主機闆。EFI
-
kickstart
是一個定義了kickstart
安裝過程的配置檔案, 其工作原理是預先把原本需要手工填寫的參數儲存成一個Linux
檔案,當安裝過程中出現需要填寫參數情況下,安裝程式會先找ks.cfg
檔案,找到合适的參數則自動執行,找不到合适的參數則需要手動填寫ks.cfg
0.3 軟體起到的作用
-
PXE
-
Kickstart
ks.cfg
-
TFTP
PXE
tftp
pxelinux.0
vmlinuz
initrd.img
-
DHCP
PXE
pxelinux.0
-
HTTP
ks.cfg
0.4 實作過程
- 用戶端(沒有裝系統的計算機)通過在區域網路内尋找DHCP伺服器
-
DHCP
IP
TFTP
- 用戶端向
TFTP
BootLoader
-
TFTP
pxelinux.0
- 用戶端向TFTP伺服器要核心檔案和
initrd.img
-
TFTP
- 用戶端通過
TFTP
http
ks.cfg
- 用戶端根據
ks.cfg
0.5 什麼是 PXE
-
PXE
Pre-boot Execution Environment
- 通過網絡接口啟動計算機,不依賴本地儲存設備(如硬碟)或本地已安裝的作業系統;
- 由
Intel
Systemsoft
-
Client
Server
-
PXE
IP
UDP
DHCP
TFTP
-
PXE
client
PXE
PXE
PXE
0.6 PXE的工作過程
-
PXE Client
DHCP
PXE Client
PXE
PXE BootROM
UDP
DHCP
IP
-
DHCP
DHCP
PXE Client
IP
pxelinux
TFTP
-
PXE
pxelinux.0
pxelinux.cfg/default
vmlinuz
initrd.img
-
Boot Server
BootROM
TFTP
Boot Server
pxelinux.0
pxelinux.cfg/default
default
Linux
- 請求下載下傳自動應答檔案 用戶端通過
pxelinux.cfg
default
Linux
linux
NFS
FTP
HTTP
default
ks.cfg
這裡有個問題,在第2步和第5步初始化2次網絡了,這是由于PXE擷取的是安裝用的核心以及安裝程式等,而安裝程式要擷取的是安裝系統所需的二進制包以及配置檔案。是以PXE子產品和安裝程式是相對獨立的,
PXE
IP
DHCP
- 用戶端安裝作業系統 将
ks.cfg
OS Server
OS Server
0.7 Kickstart和Cobbler 的介紹
- Redhat系主要有兩種
Kickstart
Cobbler
-
Kickstart
ks.cfg
ks.cfg
ks.cfg
ks.cfg
ks.cfg
-
Cobbler
DHCP
TFTP
DNS
Cobbler
Web
Cobbler
Puppet
SaltStack
簡單的說,Cobbler是對kickstart的封裝,簡化安裝步驟、使用流程,降低使用者的門檻。
01. 準備工作
1.1 主機環境
- 主機環境說明
[[email protected] ~] cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
[[email protected] ~] uname -r
3.10.0-1062.el7.x86_64
[[email protected] ~] uname -m
x86_64
1.2 網絡配置
- 虛拟機上的虛拟網絡編輯器上關閉本地
DHCP
- 克隆一台虛拟機
- 編輯網卡檔案,删除
UUID
ip
dns
ONBOOT
ip擷取方式
static
[[email protected] ~] vi /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens32"
DEVICE="ens32"
ONBOOT="yes"
IPADDR="192.168.200.172"
PREFIX="24"
GATEWAY="192.168.200.2"
DNS1="114.114.114.114"
DNS2="8.8.8.8"
IPV6_PRIVACY="no"
- 重新開機網卡
[[email protected] ~] systemctl restart network
- 檢視網絡是否為開機自啟動
[[email protected] ~] chkconfig --list
Note: This output shows SysV services only and does not include native
systemd services. SysV configuration data might be overridden by native
systemd configuration.
If you want to list systemd services use 'systemctl list-unit-files'.
To see services enabled on particular target use
'systemctl list-dependencies [target]'.
netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
- 檢視網絡運作狀态
[[email protected] ~] systemctl status network
● network.service - LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: active (exited) since Fri 2020-07-31 18:08:34 CST; 7min ago
Docs: man:systemd-sysv-generator(8)
Process: 1719 ExecStop=/etc/rc.d/init.d/network stop (code=exited, status=0/SUCCESS)
Process: 1874 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=0/SUCCESS)
Jul 31 18:08:34 idys.com systemd[1]: Starting LSB: Bring up/down networki....
Jul 31 18:08:34 idys.com network[1874]: Bringing up loopback interface: ...]
Jul 31 18:08:34 idys.com network[1874]: Bringing up interface ens32: Con...)
Jul 31 18:08:34 idys.com network[1874]: [ OK ]
Jul 31 18:08:34 idys.com systemd[1]: Started LSB: Bring up/down networking.
Hint: Some lines were ellipsized, use -l to show in full.
1.3 關閉防火牆
- 檢視防火牆運作狀态
[[email protected] ~] systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-07-31 17:58:38 CST; 20min ago
Docs: man:firewalld(1)
Main PID: 640 (firewalld)
CGroup: /system.slice/firewalld.service
└─640 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid...
Jul 31 17:58:37 idys.com systemd[1]: Starting firewalld - dynamic firewal....
Jul 31 17:58:38 idys.com systemd[1]: Started firewalld - dynamic firewall....
Hint: Some lines were ellipsized, use -l to show in full.
- 關閉防火牆
[[email protected] ~] systemctl stop firewalld
- 關閉防火牆開機自啟動
[[email protected] ~] systemctl disable firewalld
- 再次檢視防火牆的運作狀态
[[email protected] ~] systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
Jul 31 17:58:37 idys.com systemd[1]: Starting firewalld - dynamic firewal....
Jul 31 17:58:38 idys.com systemd[1]: Started firewalld - dynamic firewall....
Jul 31 18:18:53 idys.com systemd[1]: Stopping firewalld - dynamic firewal....
Jul 31 18:18:53 idys.com systemd[1]: Stopped firewalld - dynamic firewall....
Hint: Some lines were ellipsized, use -l to show in full.
1.4 關閉Selinux
- 檢視
Selinux
[[email protected] ~] getenforce
Enforcing
- 關閉
Selinux
[[email protected] ~] setenforce 0
- 再次檢視
Selinux
[[email protected] ~] getenforce
Permissive
- 設定
Selinux
[[email protected] ~] vi /etc/selinux/config
SELINUX=disabled
1.5 挂載鏡像檔案,配置yum源為CD光牒擷取
- 挂載CD光牒
[[email protected] yum.repos.d] vim /etc/fstab # 添加如下内容,讓CD光牒自動開機挂載
UUID=2019-09-09-19-08-41-00 /media/cdrom iso9660 defaults 0 0
[[email protected] yum.repos.d] mount -a # 檢測fstab檔案,然後自動挂載
mount: /dev/sr0 is write-protected, mounting read-only
- 配置
yum
[[email protected] yum.repos.d] vi CentOS-Media.repo
[c7-media]
name=CentOS-$releasever - Media
baseurl= file:///media/cdrom/ # 設定CD光牒源的位置
# file:///media/CentOS/
# file:///media/cdrecorder/
gpgcheck=1
enabled=1 # enable 設定為 1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- 将
yum
[[email protected] yum.repos.d] mv CentOS-Base.repo CentOS-Base.repo.bak
- 删除原來的緩存,然後生成緩存
[[email protected] yum.repos.d] yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
[[email protected] yum.repos.d] yum makecache
Loaded plugins: fastestmirror
Determining fastest mirrors
c7-media | 3.6 kB 00:00
(1/4): c7-media/group_gz | 165 kB 00:00
(2/4): c7-media/primary_db | 6.0 MB 00:00
(3/4): c7-media/filelists_db | 7.3 MB 00:00
(4/4): c7-media/other_db | 2.6 MB 00:00
02. 安裝所需軟體
2.1 安裝配置 DHCP
- 安裝
DHCP
[[email protected] yum.repos.d] yum -y install dhcp
- 配置
DHCP
[[email protected] yum.repos.d] vim /etc/dhcp/dhcpd.conf # 添加如下内容
allow booting; #==》是否響應使用者查詢
allow bootp; #==》是否響應激活查詢
ddns-update-style interim; #==》配置DHCP-DNS 互動更新模式
ignore client-updates;
subnet 192.168.200.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.200.180 192.168.200.250; #==》指定IP位址池
option subnet-mask 255.255.255.0; #==》指定子網路遮罩
option domain-name-servers 192.168.200.172; #==》指定DNS伺服器IP位址
default-lease-time 21600; #==》指定預設租約時間,機關秒
max-lease-time 43200; #=》最大租約時間,機關秒
next-server 192.168.200.172; #=》設定伺服器從引導檔案中安裝的位置
filename "pxelinux.0"; #=》開始啟動檔案名稱
}
- 開啟
DHCP
DHCP
[[email protected] yum.repos.d] systemctl status dhcpd # 檢視DHCP服務啟動狀态
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
[[email protected] yum.repos.d] systemctl start dhcpd #開啟 dhcp服務
[[email protected] yum.repos.d] systemctl enable dhcpd # 設定 dhcp服務,開機自啟動
Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
2.2 安裝配置xinetd 服務和 tftp 服務
- 安裝
xinetd
[[email protected] yum.repos.d] yum -y install xinetd
- 安裝
tftp
[[email protected] yum.repos.d] yum -y install tftp-server
- 配置
tftp
[[email protected] yum.repos.d] vi /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot
disable = no # 此行把yes 改為no,開啟tftp服務
per_source = 11
cps = 100 2
flags = IPv4
}
- 開始
xinetd
[[email protected] yum.repos.d] systemctl start xinetd
[[email protected] yum.repos.d] systemctl enable xinetd
- 檢視開機自啟動狀态
[[email protected] yum.repos.d] chkconfig --list
****
tftp: on
****
2.3 安裝syslinux
- 安裝
syslinux
[[email protected] yum.repos.d] yum -y install syslinux
- 檢視
syslinux
[[email protected] yum.repos.d] rpm -ql syslinux
/usr/bin/gethostip
/usr/bin/isohybrid
/usr/bin/memdiskfind
/usr/bin/syslinux
/usr/share/doc/syslinux-4.05
/usr/share/doc/syslinux-4.05/COPYING
/usr/share/doc/syslinux-4.05/CodingStyle.txt
/usr/share/doc/syslinux-4.05/NEWS
/usr/share/doc/syslinux-4.05/README
/usr/share/doc/syslinux-4.05/SubmittingPatches.txt
/usr/share/doc/syslinux-4.05/comboot.txt
/usr/share/doc/syslinux-4.05/distrib.txt
/usr/share/doc/syslinux-4.05/extlinux.txt
/usr/share/doc/syslinux-4.05/gpt.txt
/usr/share/doc/syslinux-4.05/isolinux.txt
/usr/share/doc/syslinux-4.05/keytab-lilo.txt
/usr/share/doc/syslinux-4.05/logo
/usr/share/doc/syslinux-4.05/logo/syslinux-100.png
/usr/share/doc/syslinux-4.05/mboot.txt
/usr/share/doc/syslinux-4.05/memdisk.txt
/usr/share/doc/syslinux-4.05/menu.txt
/usr/share/doc/syslinux-4.05/pxelinux.txt
/usr/share/doc/syslinux-4.05/rfc5071.txt
/usr/share/doc/syslinux-4.05/sample
/usr/share/doc/syslinux-4.05/sample/Makefile
/usr/share/doc/syslinux-4.05/sample/m16-640x640-syslinux.jpg
/usr/share/doc/syslinux-4.05/sample/sample.msg
/usr/share/doc/syslinux-4.05/sample/syslinux_splash.jpg
/usr/share/doc/syslinux-4.05/sample/syslogo.lss
/usr/share/doc/syslinux-4.05/sample/syslogo.ppm.gz
/usr/share/doc/syslinux-4.05/sdi.txt
/usr/share/doc/syslinux-4.05/syslinux.txt
/usr/share/doc/syslinux-4.05/usbkey.txt
/usr/share/man/man1/gethostip.1.gz
/usr/share/man/man1/isohybrid.1.gz
/usr/share/man/man1/memdiskfind.1.gz
/usr/share/man/man1/syslinux.1.gz
/usr/share/man/man1/syslinux2ansi.1.gz
/usr/share/syslinux
/usr/share/syslinux/altmbr.bin
/usr/share/syslinux/altmbr_c.bin
/usr/share/syslinux/altmbr_f.bin
/usr/share/syslinux/cat.c32
/usr/share/syslinux/chain.c32
/usr/share/syslinux/cmd.c32
/usr/share/syslinux/config.c32
/usr/share/syslinux/cpuid.c32
/usr/share/syslinux/cpuidtest.c32
/usr/share/syslinux/diag
/usr/share/syslinux/diag/geodsp1s.img.xz
/usr/share/syslinux/diag/geodspms.img.xz
/usr/share/syslinux/diag/handoff.bin
/usr/share/syslinux/disk.c32
/usr/share/syslinux/dmitest.c32
/usr/share/syslinux/dosutil
/usr/share/syslinux/dosutil/copybs.com
/usr/share/syslinux/dosutil/eltorito.sys
/usr/share/syslinux/dosutil/mdiskchk.com
/usr/share/syslinux/elf.c32
/usr/share/syslinux/ethersel.c32
/usr/share/syslinux/gfxboot.c32
/usr/share/syslinux/gptmbr.bin
/usr/share/syslinux/gptmbr_c.bin
/usr/share/syslinux/gptmbr_f.bin
/usr/share/syslinux/gpxecmd.c32
/usr/share/syslinux/gpxelinux.0
/usr/share/syslinux/gpxelinuxk.0
/usr/share/syslinux/hdt.c32
/usr/share/syslinux/host.c32
/usr/share/syslinux/ifcpu.c32
/usr/share/syslinux/ifcpu64.c32
/usr/share/syslinux/ifplop.c32
/usr/share/syslinux/int18.com
/usr/share/syslinux/isohdpfx.bin
/usr/share/syslinux/isohdpfx_c.bin
/usr/share/syslinux/isohdpfx_f.bin
/usr/share/syslinux/isohdppx.bin
/usr/share/syslinux/isohdppx_c.bin
/usr/share/syslinux/isohdppx_f.bin
/usr/share/syslinux/isolinux-debug.bin
/usr/share/syslinux/isolinux.bin
/usr/share/syslinux/kbdmap.c32
/usr/share/syslinux/linux.c32
/usr/share/syslinux/ls.c32
/usr/share/syslinux/lua.c32
/usr/share/syslinux/mboot.c32
/usr/share/syslinux/mbr.bin
/usr/share/syslinux/mbr_c.bin
/usr/share/syslinux/mbr_f.bin
/usr/share/syslinux/memdisk
/usr/share/syslinux/memdump.com
/usr/share/syslinux/meminfo.c32
/usr/share/syslinux/menu.c32
/usr/share/syslinux/pcitest.c32
/usr/share/syslinux/pmload.c32
/usr/share/syslinux/poweroff.com
/usr/share/syslinux/pwd.c32
/usr/share/syslinux/pxechain.com
/usr/share/syslinux/pxelinux.0
/usr/share/syslinux/reboot.c32
/usr/share/syslinux/rosh.c32
/usr/share/syslinux/sanboot.c32
/usr/share/syslinux/sdi.c32
/usr/share/syslinux/sysdump.c32
/usr/share/syslinux/syslinux.com
/usr/share/syslinux/syslinux.exe
/usr/share/syslinux/syslinux64.exe
/usr/share/syslinux/ver.com
/usr/share/syslinux/vesainfo.c32
/usr/share/syslinux/vesamenu.c32
/usr/share/syslinux/vpdtest.c32
/usr/share/syslinux/whichsys.c32
/usr/share/syslinux/zzjson.c32
2.4 複制引導檔案到tftp的主目錄下
- 複制
/usr/share/syslinux/
pxelinux.0
/var/lib/tftpboot/
[[email protected] yum.repos.d] cp -a /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
- 複制
/media/cdrom/images/pxeboot/
initrd.img
vmlinuz
/var/lib/tftpboot
[[email protected] yum.repos.d] cp -a /media/cdrom/images/pxeboot/{initrd.img,vmlinuz} /var/lib/tftpboot/
- 複制系統CD光牒下的
boot.msg
vesamenu.c32
/var/lib/tftpboot
[[email protected] yum.repos.d] cp -a /media/cdrom/isolinux/{boot.msg,vesamenu.c32} /var/lib/tftpboot/
- 在
tftp
pxelinux.cfg
[[email protected] yum.repos.d] mkdir /var/lib/tftpboot/pxelinux.cfg
- 複制系統CD光牒下的
isolinux.cfg
pxelinux.cfg
[[email protected] yum.repos.d] cp -a /media/cdrom/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/
- 改名
[[email protected] yum.repos.d] cd /var/lib/tftpboot/pxelinux.cfg/
[[email protected] pxelinux.cfg] ls
isolinux.cfg
[[email protected] pxelinux.cfg] mv isolinux.cfg default
- 修改
default
[[email protected] pxelinux.cfg] vim default
default linux # 第一行把 default vesamenu.c32 改為 default linux
#default vesamenu.c32
label linux
menu label ^Install CentOS 7
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.200.172/ks.cfg # 加上這一行,把下面一行注釋掉
# append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 quiet
2.5 安裝httpd 服務
- 安裝
httpd
[[email protected] pxelinux.cfg] yum -y install httpd
- 設定開啟服務。同時設定,開機自啟動。
[[email protected] pxelinux.cfg] systemctl start httpd
[[email protected] pxelinux.cfg] systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
2.6 作業系統安裝配置檔案設定
- 從
/root/
anaconda-ks.cfg
/var/www/html
ks.cfg
[[email protected] pxelinux.cfg] cp -a ~/anaconda-ks.cfg /var/www/html/ks.cfg
- 修改
ks.cfg
# 将開頭的cdrom 修改為 url --url=http://192.168.200.172/cdrom
[[email protected] pxelinux.cfg] vim /var/www/html/ks.cfg
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
url --url=http://192.168.200.172/cdrom
# Use graphical install
*******************
- 設定權限
[[email protected] pxelinux.cfg] chown apache:apache /var/www/html/ks.cfg
- 挂載鏡像到
http
cdrom
[[email protected] html] blkid /dev/sr0 # 檢視CDCD光牒資訊
/dev/sr0: UUID="2019-09-09-19-08-41-00" LABEL="CentOS 7 x86_64" TYPE="iso9660" PTTYPE="dos"
[[email protected] cdrom] vim /etc/fstab # 編輯系統挂載檔案,添加如下行
UUID=2019-09-09-19-08-41-00 /var/www/html/cdrom iso9660 defaults 0 0
[[email protected] html] mount -a # 重新檢測挂載
這個時候已經可以可以自動化安裝作業系統了,如果安裝過程出錯,可以通過 Alt+F2-F5
2.7 設定網絡安裝
- 現在我們要開始自動安裝作業系統了,再次之前,我們需要設定安裝方式為網絡
03. 關于ks.cfg檔案與kickstart
- 通常,我們在安裝作業系統的過程中,需要大量的和伺服器互動操作,為了減少這個互動過程,
kickstart
kickstart
Kickstart
ks.cfg
- 生成
kickstart
- 方法1、 每安裝好一台
Centos
Centos
kickstart
kickstart
kickstart
anaconda-ks.cfg
/root/anaconda-ks.cfg
- 方法2、
Centos
kickstart
Linux
kickstart
kickstart
redhat-config-kickstart
system-config-kickstart
CentOS
ks
- 方法3、閱讀
kickstart
kickstart
3.1 ks.cfg 檔案詳解
- 指令段 鍵盤類型,語言,安裝方式等系統的配置,有必選項和可選項,如果缺少某項必選項,安裝時會中斷并提示使用者選擇此項的選項
- 軟體包段
%packages
@groupname:指定安裝的包組
package_name:指定安裝的包
-package_name:指定不安裝的包
在安裝過程中預設安裝的軟體包,安裝軟體時會自動分析依賴關系。
- 腳本段(可選)
%pre:安裝系統前執行的指令或腳本(由于隻依賴于啟動鏡像,支援的指令很少)
%post:安裝系統後執行的指令或腳本(基本支援所有指令)
- 參數說明
| 關鍵字 | 含義 |
|---|---|
| 告知安裝程式,這是一次全新安裝,而不是更新 |
| 通過 |
| 從指定的 |
| 使用文本模式安裝。 |
| 設定在安裝過程中使用的語言以及系統的預設語言。 |
| 設定系統鍵盤類型。 |
| 清除 |
| 系統引導相關配置。 |
| 為通過網絡的 |
| 設定系統時區。 |
| 系統認證資訊。 |
| |
| 清空分區。 |
| 磁盤分區。 |
| 負責協助配置redhat一些重要的資訊。 |
| 關閉 |
| 關閉防火牆。 |
| 設定日志級别。 |
| 設定安裝完成後重新開機,此選項必須存在,不然kickstart顯示一條消息,并等待使用者按任意鍵後才重新開機,也可以選擇 |
3.2 ks腳本示範
- 腳本1示範
[[email protected] ~]# vim /var/www/html/ks_config/CentOS-6.7-ks.cfg
# Kickstart Configurator for CentOS 6.7 by idys
install
url --url="http://10.0.0.7/CentOS-6.7/"
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS6
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=200
part swap --size=1024
part / --fstype=ext4 --grow --asprimary --size=200
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
%post
wget -O /tmp/optimization.sh http://10.0.0.7/ks_config/optimization.sh &>/dev/null
/bin/sh /tmp/optimization.sh # 代表之後執行一個腳本
%end
- 腳本2示範
# Kickstart file automatically generated by anaconda.
install
url --url=http://192.168.21.128/os/
lang en_US.UTF-8
zerombr yes
key --skip
keyboard us
network --device eth0 --bootproto dhcp --onboot on
#network --device eth0 --bootproto static --ip 192.168.21.250 --netmask 255.255.255.0 --gateway 192.168.21.2 --nameserver 8.8.8.8 --hostname CentOS5.10
rootpw --iscrypted $1$QqobZZ1g$rYnrawi9kYlEeUuq1vcRS/
firewall --enabled --port=22:tcp
authconfig --enableshadow --enablemd5
selinux --disabled
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
#clearpart --linux
clearpart --all --initlabel
part / --bytes-per-inode=4096 --fstype="ext3" --size=2048
part /boot --bytes-per-inode=4096 --fstype="ext3" --size=128
part swap --bytes-per-inode=4096 --fstype="swap" --size=500
part /data --bytes-per-inode=4096 --fstype="ext3" --grow --size=1
reboot
%packages
ntp
expect
@base
@core
@dialup
@editors
@text-internet
keyutils
trousers
fipscheck
device-mapper-multipath
%post
#同步系統時間
ntpdate cn.pool.ntp.org
hwclock --systohc
echo -e "0 1 * * * root /usr/sbin/ntpdate cn.pool.ntp.org > /dev/null" >> /etc/crontab
service crond restart
#添加使用者組
groupadd maintain
groupadd develop
mkdir -p /home/maintain
mkdir -p /home/develop
#添加使用者
useradd -g maintain user01 -d /home/maintain/user01 -m
echo "123456"|passwd user01 --stdin
useradd -g maintain user02 -d /home/maintain/user02 -m
echo "123456"|passwd user02 --stdin
useradd -g maintain user03 -d /home/maintain/user03 -m
echo "123456"|passwd user03 --stdin
useradd -g maintain user04 -d /home/maintain/user04 -m
echo "123456"|passwd user04 --stdin
#禁止root使用者直接登入系統
sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" '/etc/ssh/sshd_config'
service sshd restart
#禁止開機啟動的服務
chkconfig acpid off
chkconfig atd off
chkconfig autofs off
chkconfig bluetooth off
chkconfig cpuspeed off
chkconfig firstboot off
chkconfig gpm off
chkconfig haldaemon off
chkconfig hidd off
chkconfig ip6tables off
chkconfig isdn off
chkconfig messagebus off
chkconfig nfslock off
chkconfig pcscd off
chkconfig portmap off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig yum-updatesd off
chkconfig sendmail off
#允許開機啟動的服務
chkconfig crond on
chkconfig kudzu on
chkconfig network on
chkconfig readahead_early on
chkconfig sshd on
chkconfig syslog on
#禁止使用Ctrl+Alt+Del快捷鍵重新開機伺服器
sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/g" '/etc/inittab'
telinit q
#優化系統核心
echo -e "ulimit -c unlimited" >> /etc/profile
echo -e "ulimit -s unlimited" >> /etc/profile
echo -e "ulimit -SHn 65535" >> /etc/profile
source /etc/profile
sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf'
echo -e "net.core.somaxconn = 262144" >> /etc/sysctl.conf
echo -e "net.core.netdev_max_backlog = 262144" >> /etc/sysctl.conf
echo -e "net.core.wmem_default = 8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_default = 8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_max = 16777216" >> /etc/sysctl.conf
echo -e "net.core.wmem_max = 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_max = 131072" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.conf
echo -e "net.ipv4.route.gc_timeout = 20" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_conntrack_max = 819200" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_local_port_range = 10024 65535" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_retries2 = 5" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_syn_retries = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_synack_retries = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_len = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_time = 120" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_probes = 3" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_intvl = 15" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_tw_buckets = 36000" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_syn_backlog = 262144" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_wmem = 8192 131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_rmem = 32768 131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf
/sbin/sysctl -p
#執行外部腳本
cd /root
wget http://192.168.21.128/autoip.sh
sh /root/autoip.sh
3.3 編輯default 檔案
- 内容如下
# 最精簡配置
[[email protected] ~]# vim /var/lib/tftpboot/pxelinux.cfg/default
default ks
prompt 0 # 開啟會顯示指令行'boot: '提示符。prompt值為0時則不提示,将會直接啟動'default'參數中指定的内容。
label ks
kernel vmlinuz
append initrd=initrd.img ks=http://10.0.0.7/ks_config/CentOS-6.7-ks.cfg # 告訴安裝程式ks.cfg檔案在哪裡
# append initrd=initrd.img ks=http://10.0.0.7/ks_config/CentOS-6.7-ks.cfg ksdevice=eth0
# ksdevice=eth0代表當用戶端有多塊網卡的時候,要實作自動化需要設定從eth1安裝,不指定的話,安裝的時候系統會讓你選擇,那就不叫全自動化了。
3.4 圖形化界面設定ks.cfg
- 首先我們應該安裝GNOME圖形界面,因為隻要這樣我們才能使用
system-config-kickstart
[[email protected] html] yum groupinstall -y "X Window System"
[[email protected] html] yum grouplist # 檢視軟體包組
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Installed Environment Groups:
GNOME Desktop
Available Environment Groups:
Minimal Install
Compute Node
Infrastructure Server
File and Print Server
Basic Web Server
Virtualization Host
Server with GUI
KDE Plasma Workspaces
Development and Creative Workstation
Installed Groups:
Graphical Administration Tools
Available Groups:
Compatibility Libraries
Console Internet Tools
Development Tools
Legacy UNIX Compatibility
Scientific Support
Security Tools
Smart Card Support
System Administration Tools
System Management
Done
[[email protected] html] yum -y groupinstall "Graphical Administration Tools" "GNOME Desktop" #安裝GNOME 桌面
[[email protected] html] yum -y install system-config-kickstart # 安裝kickstart 圖形化配置界面
[[email protected] html] system-config-kickstart # 啟動圖形化的界面配置ks.cfg檔案
- 接下來便可以通過圖形界面設定
ks.cfg
04. 關于PXE 配置檔案default
由于多個用戶端可以從一個PXE伺服器引導,
PXE
引導映像使用了一個複雜的配置檔案搜尋方式來查找針對客戶機的配置檔案。如果客戶機的網卡的
MAC
位址為
8F:3H:AA:6B:CC:5D
,對應的IP位址為
10.0.0.195
,那麼客戶機首先嘗試以MAC位址為檔案名比對的配置檔案,如果不存在就以
IP
位址來查找。根據上述環境針對這台主機要查找的以一個配置檔案就是
/tftpboot/pxelinux.cfg/01-8F:3H:AA:6B:CC:5D
。如果該檔案不存在,就會根據
IP
位址來查找配置檔案了,這個算法更複雜些,
PXE
映像查找會根據
IP
位址
16
進制命名的客戶機配置檔案。例如:
10.0.0.195
對應的
16
進制的形式為
C0A801C3
。(可以通過
syslinux
軟體包提供的
gethostip
指令将
10
進制的
IP
轉換為
16
進制)
如果
C0A801C3
檔案不存在,就嘗試查找
C0A801C
檔案,如果
C0A801C
也不存在,那麼就嘗試
C0A801
檔案,依次類推,直到查找
C
檔案,如果
C
也不存在的話,那麼最後嘗試
default
檔案。
總體來說,
pxelinux
搜尋的檔案的順序是:
/tftpboot/pxelinux.cfg/01-88-99-aa-bb-cc-dd
/tftpboot/pxelinux.cfg/C0A801C3
/tftpboot/pxelinux.cfg/C0A801C
/tftpboot/pxelinux.cfg/C0A801
/tftpboot/pxelinux.cfg/C0A80
/tftpboot/pxelinux.cfg/C0A8
/tftpboot/pxelinux.cfg/C0A
/tftpboot/pxelinux.cfg/C0
/tftpboot/pxelinux.cfg/C
/tftpboot/pxelinux.cfg/default
- 應用:如果已經從廠商擷取了伺服器MAC位址,就可以差異化定制安裝伺服器了。
05. cobbler 自動部署
5.1 cobbler介紹
-
Cobbler
Linux
PXE
DHCP
DNS
-
Cobbler
cobbler-web
API
-
Cobbler
kickstart
-
Cobbler
Puppet
5.2 cobbler對應關系
- 圖檔示範
Cobbler
的配置結構基于一組注冊的對象。每個對象表示一個與另一個實體相關聯的實體。當一個對象指向另一個對象時,它就繼承了被指向對象的資料,并可覆寫或添加更多特定資訊。
- 發行版(
distros
initrd
- 配置檔案(
profiles
kickstart
- 系統(
systems
IP
MAC
- 鏡像(
images
initrd
5.3 cobbler內建的服務
-
PXE
-
DHCP
-
DNS
- 電源管理
-
Kickstart
-
YUM
-
TFTP
-
Apache
5.4 cobbler工作原理
- 圖檔示範
Server端
- 啟動
Cobbler
- 進行
Cobbler
cobbler check
- 進行配置同步,執行
cobbler sync
- 複制相關啟動檔案到
TFTP
- 啟動
DHCP
-
DHCP
-
TFTP
-
Server
-
Server
ISO
Kickstart
Client端
- 用戶端以
PXE
- 用戶端擷取
IP
- 通過
TFTP
- 進入
Cobbler
- 根據配置資訊準備安裝系統
- 加載
Kickstart
- 傳輸系統安裝的其它檔案
- 進行安裝系統
5.5 cobbler安裝
- 主要虛拟機關閉
DHCP
NAT
- 網絡環境
[[email protected] ~] cat /etc/redhat-release #CentOS 7.7 的作業系統
CentOS Linux release 7.7.1908 (Core)
[[email protected] ~] uname -r # 3.10 的核心
3.10.0-1062.el7.x86_64
[[email protected] ~] uname -m
x86_64
- 從虛拟機克隆出一台新的機器出來,設定網卡,删除
uuid
[[email protected] ~] vi /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE="Ethernet"
PROXY_METHOD="static"
# 将網絡擷取方式設定為 static
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens32"
DEVICE="ens32"
# 删除UUID
ONBOOT="yes"
# 設定網卡開機自啟動
IPADDR="192.168.200.171"
# 修改ip位址
PREFIX="24"
GATEWAY="192.168.200.2"
# 修改網關
DNS1="114.114.114.114"
DNS2="8.8.8.8"
# 設定dns
IPV6_PRIVACY="no"
- 關閉防火牆、
SElinux
[[email protected] ~] systemctl stop firewalld # 關閉防火牆
[[email protected] ~] systemctl disable firewalld #設定開機不自動啟動
[[email protected] ~] setenforce 0 # 臨時關閉Selinux
[[email protected] ~] getenforce
Permissive
[[email protected] ~] sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config #永久關閉selinux
[[email protected] ~] blkid /dev/sr0
/dev/sr0: UUID="2019-09-09-19-08-41-00" LABEL="CentOS 7 x86_64" TYPE="iso9660" PTTYPE="dos" # 檢視鏡像挂載情況
[[email protected] ~] vi /etc/fstab # 編輯鏡像檔案,将Centos7 的系統盤挂載在/media/cdrom下
#
# /etc/fstab
# Created by anaconda on Mon May 18 18:18:33 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=64dc3aa5-03c8-4087-a410-5d324b56dcb9 / xfs defaults 0 0
UUID=f5da9f3b-36f9-4be9-b435-8f05c36aa437 /boot xfs defaults 0 0
UUID=8b92b2a4-2545-413a-944a-ce22c851feec swap swap defaults 0 0
UUID=2019-09-09-19-08-41-00 /media/cdrom iso9660 defaults 0 0
[[email protected] ~] mount -a # 重新挂載
mount: /dev/sr0 is write-protected, mounting read-only
# 更換為中科大鏡像源
[[email protected] ~] sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://mirror.centos.org/centos|baseurl=https://mirrors.ustc.edu.cn/centos|g' \
-i.bak \
/etc/yum.repos.d/CentOS-Base.repo
[[email protected] ~] yum clean all #清楚緩存
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
[[email protected] ~] yum makecache # 重新編譯緩存
- 配置
epel
cobbler
[[email protected] ~] yum -y install epel-release #配置epel源
[[email protected] ~] yum -y install cobbler cobbler-web tftp-server dhcp httpd xinetd pykickstart
*************************************************
rsync.x86_64 0:3.1.2-10.el7
syslinux.x86_64 0:4.05-15.el7
yum-utils.noarch 0:1.1.31-54.el7_8
Dependency Updated:
dhclient.x86_64 12:4.2.5-79.el7.centos dhcp-common.x86_64 12:4.2.5-79.el7.centos
dhcp-libs.x86_64 12:4.2.5-79.el7.centos libxml2.x86_64 0:2.9.1-6.el7.4
Complete!
#安裝 cobbler cobbler-web tftp-server dhcp httpd xinetd pykickstart
[[email protected] ~]# rpm -ql cobbler # 檢視安裝的檔案,下面列出部分。
/etc/cobbler # 配置檔案目錄
/etc/cobbler/settings # cobbler主配置檔案,這個檔案是YAML格式,Cobbler是python寫的程式。
********
/etc/cobbler/dhcp.template # DHCP服務的配置模闆
/etc/cobbler/tftpd.template # tftp服務的配置模闆
/etc/cobbler/rsync.template # rsync服務的配置模闆
/etc/cobbler/iso # iso模闆配置檔案目錄
/etc/cobbler/pxe # pxe模闆檔案目錄
/etc/cobbler/power # 電源的配置檔案目錄
/etc/cobbler/users.conf # Web服務授權配置檔案
/etc/cobbler/users.digest # 用于web通路的使用者名密碼配置檔案
/etc/cobbler/dnsmasq.template # DNS服務的配置模闆
/etc/cobbler/modules.conf # Cobbler子產品配置檔案
****************
/var/lib/cobbler # Cobbler資料目錄
/var/lib/cobbler/config # 配置檔案
/var/lib/cobbler/kickstarts # 預設存放kickstart檔案
/var/lib/cobbler/loaders # 存放的各種引導程式
**************
/var/www/cobbler # 系統安裝鏡像目錄
/var/www/cobbler/ks_mirror # 導入的系統鏡像清單
/var/www/cobbler/images # 導入的系統鏡像啟動檔案
/var/www/cobbler/repo_mirror # yum源存儲目錄
*************
/var/log/cobbler # 日志目錄
/var/log/cobbler/install.log # 用戶端系統安裝日志
/var/log/cobbler/cobbler.log # cobbler日志
- 啟動
Cobbler
httpd
[[email protected] ~] systemctl start httpd cobblerd
[[email protected] ~]
[[email protected] ~] systemctl enable httpd cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
5.6 配置cobbler
檢查
Cobbler
的配置,如果看不到下面的結果,再次重新開機
cobbler
:
systemctl restart cobbler
- 配置
cobbler
- 設定動态修改配置檔案
[[email protected] ~] sed -ri '/allow_dynamic_settings:/c\allow_dynamic_settings: 1' /etc/cobbler/settings
[[email protected] ~] grep allow_dynamic_settings /etc/cobbler/settings
allow_dynamic_settings: 1
[[email protected] ~] systemctl restart cobblerd # 重新開機cobbler服務
- 設定
Cobbler
IP
[[email protected] ~] cobbler setting edit --name=server --value=192.168.200.171
[[email protected] ~] grep ^server: /etc/cobbler/settings
server: 192.168.200.171
- 設定
next_server
Cobbler
DHCP
kickstart
[[email protected] ~] cobbler setting edit --name=next_server --value=192.168.200.171
[[email protected] ~] grep ^next_server:.* /etc/cobbler/settings
next_server: 192.168.200.171
- 設定用
cobbler
DHCP
[[email protected] ~] cobbler setting edit --name=manage_dhcp --value=1
[[email protected] ~] grep ^manage_dhcp: /etc/cobbler/settings
manage_dhcp: 1
- 防止循環裝系統,适用于伺服器第一啟動項是
PXE
[[email protected] ~] cobbler setting edit --name=pxe_just_once --value=1
[[email protected] ~] grep ^pxe_just_once: /etc/cobbler/settings
pxe_just_once: 1
- 開啟
tftp server
[[email protected] ~] sed -ri '/disable/c\disable = no' /etc/xinetd.d/tftp
[[email protected] ~] systemctl enable xinetd
[[email protected] ~] systemctl restart xinetd
- 下載下傳
boot-loader
boot-loader
[[email protected] ~] cobbler get-loaders
task started: 2020-08-02_161756_get_loaders
task started (id=Download Bootloader Content, time=Sun Aug 2 16:17:56 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
- 解決下載下傳
boot-loader
[[email protected] ~] yum -y install syslinux
[[email protected] ~] cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
[[email protected] ~] cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
[[email protected] ~] systemctl restart cobblerd # 重新開機cobbler
[[email protected] ~] cd /var/lib/cobbler/loaders/
[[email protected] loaders] ls #檢視loader内容
COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README
COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot
- 開啟
rsyncd
[[email protected] ~] systemctl start rsyncd
[[email protected] ~] systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
- 設定新裝系統的預設
root
150722
random-phrase-here
[[email protected] ~] openssl passwd -1 -salt 'idys' '150722' #設定幹擾碼為idys
$1$idys$GnFZqOWqoDOT4lRj8o95r0
[[email protected] ~] cobbler setting edit --name=default_password_crypted --value='$1$idys$GnFZqOWqoDOT4lRj8o95r0'
- 下載下傳
fence-agents
[[email protected] ~] yum -y install fence-agents
- 再次檢視檢查
cobbler
[[email protected] loaders] cobbler check
The following are potential configuration items that you may want to fix:
1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
- 配置
dhcp
cobbler
dhcp
dhcp
cobbler
[[email protected] loaders] grep ^manage_dhcp /etc/cobbler/settings # 檢視是否設定cobbler 管理dhcp
manage_dhcp: 1
[[email protected] loaders] vim /etc/cobbler/dhcp.template #僅列出修改項
******************
******************
******************
subnet 192.168.200.0 netmask 255.255.255.0 {
option routers 192.168.200.2; #網關
option domain-name-servers 114.114.114.114; #dns
option subnet-mask 255.255.255.0; #掩碼
range dynamic-bootp 192.168.200.180 192.168.200.250; #ip位址池
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
- 同步
cobbler
[[email protected] loaders] cobbler sync #同步cobbler配置
task started: 2020-08-02_165906_sync
task started (id=Sync, time=Sun Aug 2 16:59:06 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
-
cobbler
| 指令 | 說明 |
|---|---|
| cobbler check | 核對目前設定是否有問題 |
| cobbler list | 列出所有的cobbler元素 |
| cobbler report | 列出元素的詳細資訊 |
| cobbler sync | 同步配置到資料目錄,更改配置最好都執行一下 |
| cobbler reposync | 同步yum倉庫 |
| cobbler distro | 檢視導入的發行版系統資訊 |
| cobbler system | 檢視添加的系統資訊 |
| cobbler profile | 檢視配置資訊 |
5.7 Cobbler
Centos7.x
Cobbler
Centos7.x
- 建立挂載點,并進行挂載(前面已經做過了,是以不需要了)
- 檢視挂載後的目錄
[[email protected] loaders] ls /media/cdrom/
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
- 導入鏡像
[[email protected] loaders] cobbler import --path=/media/cdrom --name=CentOS7.7 --arch=x86_64
# --path 鏡像路徑
# --name 為安裝源定義一個名字
# --arch 指定安裝源是32位、64位、ia64, 目前支援的選項有: x86│x86_64│ia64
# 安裝源的唯一标示就是根據name參數來定義,本例導入成功後,安裝源的唯一标示就是:CentOS7.7,如果重複,系統會提示導入失敗。
- 檢視導入後鏡像資訊
[[email protected] ~] cobbler distro report --name=CentOS7.7-x86_64
Name : CentOS7.7-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@[email protected]@/cblr/links/CentOS7.7-x86_64'}
Management Classes : []
OS Version : rhel7
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
- 檢視
profile
[[email protected] ~] cobbler profile report --name=CentOS7.7-x86_64
Name : CentOS7.7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS7.7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
-
copy
profile
ks
[[email protected] kickstarts] cp sample_end.ks CentOS7.ks
[[email protected] kickstarts] ls
CentOS7.ks install_profiles sample_end.ks sample_esxi6.ks sample.seed.28
default.ks legacy.ks sample_esx4.ks sample.ks
esxi4-ks.cfg pxerescue.ks sample_esxi4.ks sample_old.seed
esxi5-ks.cfg sample_autoyast.xml sample_esxi5.ks sample.seed
[[email protected] kickstarts] vim CentOS7.ks
# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --enabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone America/New_York
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="xfs" --ondisk=sda --size=200
part / --fstype="xfs" --ondisk=sda --size=10240
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
- 編輯
CentOS7.7
kickstart
[[email protected] kickstarts] cobbler profile edit --name=CentOS7.7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS7.ks
[[email protected] kickstarts] cobbler profile report --name=CentOS7.7-x86_64 | grep kickstart
Kickstart : /var/lib/cobbler/kickstarts/CentOS7.ks
- 同步配置
[[email protected] loaders] cobbler sync
task started: 2020-08-02_174040_sync
task started (id=Sync, time=Sun Aug 2 17:40:40 2020)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/CentOS7.7-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/CentOS7.7-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: CentOS7.7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS7.7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS7.7-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: CentOS7.7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS7.7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS7.7-x86_64/initrd.img
Writing template files for CentOS7.7-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS7.7-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
說明:在端系統安裝時,可以在client
服務端上檢視日志cobbler
,觀察安裝的每一個流程/var/log/messages
- 檢視鏡像清單
[[email protected] loaders] cobbler distro list # 檢視鏡像清單
CentOS7.7-x86_64
- 鏡像存放目錄,
cobbler
/var/www/cobbler/ks_mirror
CentOS7.7-x86_64
/var/www/cobbler
[[email protected] loaders] cd /var/www/cobbler/ks_mirror/
[[email protected] ks_mirror] ls
CentOS7.7-x86_64 config
[[email protected] ks_mirror] du -sh CentOS7.7-x86_64/
11G CentOS7.7-x86_64/
- 修改安裝系統的核心參數,在
CentOS7
eno16777736
eth0
CentOS7
CentOS6
[[email protected] ~] cobbler profile edit --name=CentOS7.7-x86_64 --kopts='net.ifnames=0 biosdevname=0
- 打開一台等待安裝系統的機器,設定安裝方式為網絡,然後會看到這個界面
發現網址不是自己的可以修改
- 修改顯示的網址
[[email protected] ks_mirror] vim /etc/cobbler/pxe/pxedefault.template # 修改網址顯示的配置檔案
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.idayuanshuai.com/ #修改的位置
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
~ **********
"/etc/cobbler/pxe/pxedefault.template" 15L, 242C written
[[email protected] ks_mirror] cobbler sync
task started: 2020-08-02_181832_sync
task started (id=Sync, time=Sun Aug 2 18:18:32 2020)
running pre-sync triggers
***************
- 再次檢視,網址已經是自己的啦
-
kickstart
kickstart自動應答檔案選項非常多,以下隻說明CentOS 6下幾個常用的可能用到的選項。另外,CentOS 6和CentOS 7的選項有不小差別,是以請注意使用,可以檢視官方安裝文檔。
以下是CentOS 6上kickstart選項說明:在最後還給出了一個kickstart檔案的示例。
#檔案由三部分組成
#一是選項指令段,用于自動應答圖形界面安裝時除包選擇外的所有手動操作
#二是package選擇段,使用%packages引導該功能
#三是腳本段,該段可有可無,分為兩種:
# (1) %pre 預安裝腳本段,在安裝系統之前就執行的腳本,該段很少使用,因為可用的指令太少
# (2) %post 後安裝腳本段,在系統安裝完成後執行的腳本
# kickstart選項指令段的說明:
【必須的選項】:
1.auth或者authconfig :驗證選項
--useshadow或者--enableshadow啟用shadow檔案來驗證
--passalgo=sha512使用sha512算法
2.bootloader: 指定如何安裝引導程式,要求必須已選擇分區、已選擇引導程式、已選擇軟體包,如果沒選擇将會停止而不會詢問
--location=mbr 指定引導程式的位置,預設為mbr,還可以指定none或者包含bootloader的引導塊所在分區
--driveorder=sda 指定grub安裝在哪個分區以及指定尋找順序,--driverorder=sda sdc sdb
--append="crashkernel=auto rhgb quiet" 指定核心參數
3.keyboard:指定鍵盤類型,一般使用美式鍵盤"keyboard us",新版的kickstart的格式有所變化,但也支援"keyboard us"這樣的老格式
4.lang:指定語言,如"lang en_US.UTF-8"5.rootpw:設定root使用者的密碼
--iscrypted:使用加密密碼,可以使用MD5,SHA-256,sha-512等。
如:rootpw --iscrypted $6$kxEBpy0HqHiY2Tsx$FTAqbjHs6x0VruChfYKxVeKLlxPuY0LXK7RxAVdu3uUivGclMUEz.i4ARlsMpqe1bf379uEgWOSFqGtZxqrwg.
其中SHA-512位的加密密碼在CentOS 6上可以使用"grub-crypt --sha-512"生成,CentOS7上可以使用python等工具來生成,如下:
python -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'
【可選的選項】:
1.selinux:設定selinux,值為enforcing,permissice,disable之一
2.autostep: 互動式,和interactive類似
3.interactive: 使用kickstart檔案指定的參數互動式安裝,但仍會給出每一步的選擇項,如果直接下一步就使用kickstart參數
4.cmdline:在完全非互動的指令行模式下進行安裝
5.driverdisk:指定驅動程式所在位置
drvierdisk --source=
6.firewall:設定firewall
--disable禁用防火牆
7.firstboot:
--disable:安裝後第一次啟動預設會給出很多需要手動配置的界面,禁用它
8.graphical:在圖形模式下根據kickstart執行安裝,預設該選項
9.text:文本模式下根據kickstart執行安裝(既然使用kickstart了,當然建議選擇使用純文字模式而不是圖形模式了)
9.1 skipx:不安裝圖形工具
10.halt/reboot:安裝完成後關機還是reboot,預設是halt
11.ignoredisk:指定忽略的磁盤
12.install/upgrade:指定是安裝還是更新系統
對于install,還必須指定下面幾種安裝方式之一:
cdrom:指定從第一個CD光牒驅動器安裝
harddrive:指定從本地硬碟安裝,要求硬碟必須是vfat或者ext2檔案系統格式
--biospart:指定從bios類型的分區來安裝,如82檔案系統類型号的分區
--partition:從某個分區安裝
--dir:指定從包含install-tree(安裝樹)的目錄安裝
例如:harddrive --partition=hdb2 --dir=/tmp/install-tree
nfs:指定從nfs路徑安裝
--server:指定nfs伺服器主機名或IP
--dir:指定包含install-tree的目錄
--opts:指定挂載NFS的mount選項
如:nfs --server=172.16.10.10 --dir=/export_path
url:指定從ftp、http、https安裝
例如:url --url ftp://172.16.10.10
13.loggin:指定安裝過程中的錯誤日志位置
--host:指定日志将發送到那台主機上
--port:如果遠端主機的rsyslog使用非預設端口,則應該指定該端口選項
--levle:指定日志級别
13.network:為系統配置網絡資訊,并在安裝過程中激活該網絡裝置。可多次使用network指令,例如既設定網絡,又設定主機名
--bootproto:dhcp或static;對于static則必須指定IP位址、子網路遮罩、網關和DNS
--device:網卡名,可以使用eth0類似的名稱來指定
--hostname:指定主機名
--onboot:是否在引導系統時啟用指定的裝置
如:
network --bootproto=static --ip=192.168.100.2 --netmask=255.255.255.0 --gateway=192.168.100.254 --nameserver=8.8.8.8
network --bootproto=dhcp --device=eth0 --noipv6
network --hostname=node1.xuexi.com
15.autopart: 自動建立幾個分區:大于1G的根分區,250M的boot分區和swap分區
16.zerombr:清除磁盤的mbr
17.clearpart: 在安裝系統前清除分區,如果指定該選項則必須指定正确
--all:清除所有分區
--Linux:清除Linux分區
--none:不清除分區
--initlabel:建立标簽,對于沒有MBR或者GPT的新硬碟,該選項是必須的
--drivers=sdb:清除指定的分區
是以,clearpart --all --initlabel是常見的方式
18.part:建立分區
--asprimary:強制指定為主分區
--grow:使用所有可用空間,即為其配置設定所有剩餘空間。對于根分區至少需要3G空間(即使是--grow,也還是需要指定--size)
--ondisk:指定在哪塊磁盤上建立分區。如果有多塊磁盤,則需要指定在哪塊磁盤上建立哪個分區,隻有一塊硬碟時可以省略該選項
如:
#part /boot --fstype=ext4 --asprimary --size=200 #boot分區200-250M足以
#part swap --fstype=swap --asprimary --size=2048
#part / --fstype=ext4 --grow --asprimary --size=2000
LVM的分區方法:
part /boot --fstype ext4 --size=100
part swap --fstype=swap --size=2048
part pv26 --size=100 --grow
volgroup VG00 --pesize=32768 pv26
logvol / --fstype ext4 --name=LVroot --vgname=VG00 --size=29984
logvol /data --fstype ext4 --name=LVdata --vgname=VG00 --size=100 --grow
19.repo:指定除自帶的yum源外的其他yum源,可以指定多行yum源(既然是第一次裝系統,基本都不會去加這項)
如:repo --name="CentOS" --baseurl=cdrom:sr0 --cost=100
20.services:設定預設運作級别下開機自啟動的服務
--disable
--enable
disable先處理enable後處理
如services --disable auditd,cups,atd
21.timezone:指定時區
如:Asia/Shanghai
22.user:在系統中生成一個新使用者
--name:指定使用者名
--groups:指定輔助組,非預設組
--homedir:使用者家目錄,如果不指定則預設為/home/<username>
--password:該使用者的密碼,如果不指定或省略則建立後該使用者處于鎖定狀态
--shell:使用者的shell,不指定則預設
--uid:使用者UID,不指定則自動配置設定一個非系統使用者的UID
23.key:輸入序列号,隻在RedHat中有,CentOS系統沒有該項
--skip 跳過key選項
# kickstart軟體包或包組選項:
使用"%packages"表示該段内容,@表示選擇的包組,最前面使用橫杠表示取反,即不選擇的包或包組。
@base和@core兩個包組總是被預設選擇,是以不必在%packages中指定它們
%packages
@base
@core
@debugging
@development
@dial-up
@hardware-monitoring
@performance
@server-policy
@workstation-policy
sgpio
device-mapper-persistent-data
systemtap-client
lrzsz
tree
%end
以下是CentOS 6.6下的ks檔案示例。
install
text
nfs --server=192.168.100.100 --dir=/install
#url --url=http://192.168.100.100/centos6.6
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto quiet"
lang en_US.UTF-8
keyboard us
network --onboot=yes --device=eth0 --bootproto=dhcp --noipv6
rootpw --iscrypted $6$x4u9sIfSQsO7ddk5$/.0Xe6tFBY0uUmFFtyvAeY9YVPtcn8zl21fFNgmAoYtepQHRYDthQ4T1ZE12kDfAT6O3oXfRb7uv214t3Bb3K1
firewall --service=ssh
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Asia/Shanghai
reboot #安裝結束後重新開機
#make partitions
zerombr
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=250
part / --fstype=ext4 --asprimary --grow --size=2000
part swap --fstype=swap --size=2000
%packages
@base
@core
@debugging
@development
@dial-up
@hardware-monitoring
@performance
@server-policy
@workstation-policy
sgpio
device-mapper-persistent-data
systemtap-client
%end
%post #結束後做的事
cat >>/etc/yum.repos.d/base.repo<<eof
[base]
name=sohu
baseurl=http://mirrors.sohu.com/centos/$releasever/os/$basearch/
gpgcheck=0
enable=1
[epel]
name=epel
baseurl=http://mirrors.sohu.com/Fedora-epel/6Server/x86_64/
enable=1
gpgcheck=0
eof
sed -i "s/ONBOOT.*$/ONBOOT=yes/" /etc/sysconfig/network-scripts/ifcfg-eth0 #設定網卡為啟動
sed -i "s/rhgb //" /boot/grub/grub.conf # 設定啟動系統時不使用圖形進度條方式
sed -i "s/HOSTNAME=.*$/HOSTNAME=xuexi.longshuai.com/" /etc/sysconfig/network #設定主機名
%end
5.8 cobbler Web管理界面配置
-
web
kickstart
web
- 在上面已經安裝了
cobbler-web
https://IP/cobbler_web
cobbler
cobbler
- 檔案說明
/etc/cobbler/users.conf #Web服務授權配置檔案
/etc/cobbler/users.digest #用于web通路的使用者名密碼
- 檢視web的使用者名密碼
[[email protected] loaders] cat /etc/cobbler/users.digest
cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3
- 設定密碼,在
Cobbler
idys
2
[[email protected] loaders] htdigest /etc/cobbler/users.digest "Cobbler" idys
Adding user idys in realm Cobbler
New password:
Re-type new password:
[[email protected] loaders] cobbler sync # 配置檔案同步
task started: 2020-08-02_175359_sync
task started (id=Sync, time=Sun Aug 2 17:53:59 2020)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/CentOS7.7-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/CentOS7.7-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: CentOS7.7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS7.7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS7.7-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: CentOS7.7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS7.7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS7.7-x86_64/initrd.img
Writing template files for CentOS7.7-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS7.7-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[[email protected] loaders] systemctl restart httpd cobblerd #重新開機httpd 服務和 cobbler 服務
現在你可以通過使用者名為idys使用者登入 cobbler-web界面了
5.9 定制化安裝
- 可能從學習
kickstart
ks
kickstart
Cobbler
- 區分一台伺服器的最簡單的方法就是實體
MAC
- 實體伺服器的
MAC
- 虛拟機的MAC檢視
- 填上
mac
[[email protected] ks_mirror] cobbler system add --name=CentOS7-test --mac=00:0C:29:06:7D:4D --profile=CentOS7.7-x86_64 --ip-address=192.168.200.200 --subnet=255.255.255.0 --gateway=192.168.200.2 --interface=eth0 --static=1 --hostname=idayuanshuai.com --name-servers="114.114.114.114 8.8.8.8" # 指定網卡,mac位址,和網卡的各個選項
[[email protected] ks_mirror] cobbler system list
CentOS7-test
[[email protected] ks_mirror] cobbler sync
task started: 2020-08-02_185019_sync
task started (id=Sync, time=Sun Aug 2 18:50:19 2020)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/CentOS7.7-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/pxelinux.cfg/01-00-0c-29-06-7d-4d
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/grub/01-00-0C-29-06-7D-4D
removing: /var/lib/tftpboot/images/CentOS7.7-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: CentOS7.7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS7.7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS7.7-x86_64/initrd.img
copying images
generating PXE configuration files
generating: /var/lib/tftpboot/pxelinux.cfg/01-00-0c-29-06-7d-4d
generating: /var/lib/tftpboot/grub/01-00-0C-29-06-7D-4D
generating PXE menu structure
copying files for distro: CentOS7.7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS7.7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS7.7-x86_64/initrd.img
Writing template files for CentOS7.7-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS7.7-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
5.10 到此,自動化安裝已經完成,現在測試
- 檢視安裝的配置情況
[[email protected] ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 900M 0 900M 0% /dev
tmpfs 910M 0 910M 0% /dev/shm
tmpfs 910M 9.6M 901M 2% /run
tmpfs 910M 0 910M 0% /sys/fs/cgroup
/dev/sda2 10G 1.2G 8.9G 12% /
/dev/sda1 197M 120M 78M 61% /boot
tmpfs 182M 0 182M 0% /run/user/0
[[email protected] ~]# ping taobao.com
PING taobao.com (140.205.220.96) 56(84) bytes of data.
64 bytes from 140.205.220.96 (140.205.220.96): icmp_seq=1 ttl=128 time=47.7 ms
64 bytes from 140.205.220.96 (140.205.220.96): icmp_seq=2 ttl=128 time=46.1 ms
64 bytes from 140.205.220.96 (140.205.220.96): icmp_seq=3 ttl=128 time=51.1 ms
64 bytes from 140.205.220.96 (140.205.220.96): icmp_seq=4 ttl=128 time=51.1 ms
64 bytes from 140.205.220.96 (140.205.220.96): icmp_seq=5 ttl=128 time=47.8 ms
[[email protected] ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:06:7d:4d brd ff:ff:ff:ff:ff:ff
inet 192.168.200.180/24 brd 192.168.200.255 scope global noprefixroute dynamic eth0
valid_lft 14793sec preferred_lft 14793sec
inet6 fe80::20c:29ff:fe06:7d4d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
寫在最後的話:
- 無論每個知識點的難易程度如何,我都會盡力将它描繪得足夠細緻
- 歡迎關注我的CSDN部落格,IDYS’BLOG
-
持續更新内容:
linux基礎 | 資料通信(路由交換,WLAN) | Python基礎 | 雲計算
- 如果你有什麼疑問,或者是難題。歡迎評論或者私信我。你若留言,我必回複!
- 雖然我現在還很渺小,但我會做好每一篇内容。謝謝關注!