文章目錄
- 一、CentOS8實作PXE自動化安裝
-
- 1、安裝前準備:
- 2、安裝相關軟體包
- 3、配置dhcp服務
- 4、準備yum源和相關目錄
- 5、準備kickstart檔案
- 6、準備PXE啟動相關檔案
- 7、準備啟動菜單檔案
- 8、測試用戶端基于PXE實作自動安裝
- 二、利用cobbler實作自動化安裝
-
- 1、環境準備
- 2、安裝相關包并啟動服務
- 3、修改cobbler相關的配置
- 4、實作dhcp服務
- 5、下載下傳啟動的相關檔案
- 6、修改菜單的标題資訊
- 7、導入centos系統的安裝檔案,生成相應的yum源
- 8、準備kickstart檔案,并關聯至指定的yum源
- 9、支援UEFI安裝
- 10、實作cobbler web 管理
- 11、建立cobbler自定義使用者
一、CentOS8實作PXE自動化安裝
1、安裝前準備:
關閉防火牆和selinux 確定dhcp伺服器位址是靜态IP
2、安裝相關軟體包
[[email protected] ~]#dnf -y install dhcp-server tftp-server httpd syslinuxnonlinux(或者syslinux-tftpboot)
[[email protected] ~]#systemctl enable --now httpd tftp dhcpd
3、配置dhcp服務
[[email protected] ~]#cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
[[email protected] ~]#vim /etc/dhcp/dhcpd.conf
option domain-name "example.com";
option domain-name-servers 180.76.76.76,223.6.6.6;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.1 10.0.0.200;
option routers 10.0.0.1;
next-server 10.0.0.100;
filename "pxelinux.0";
}
[[email protected] ~]#systemctl start dhcpd
4、準備yum源和相關目錄
[[email protected] ~]#mkdir -pv /var/www/html/centos/{6,7,8}/os/x86_64/
[[email protected] ~]#mount /dev/sr0 /var/www/html/centos/6/os/x86_64/
[[email protected] ~]#mount /dev/sr1 /var/www/html/centos/7/os/x86_64/
[r[email protected] ~]#mount /dev/sr2 /var/www/html/centos/8/os/x86_64/
5、準備kickstart檔案
[[email protected] ~]#mkdir /var/www/html/ks/
[[email protected] ~]#vim /var/www/html/ks/centos6.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$ALS9TIDA$V2TkFpdeH24/B/2Y/ILtJ0
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Africa/Abidjan
# Use network installation
url --url="http://10.0.0.7/centos/6/os/x86_64"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="ext4" --size=20480
part /boot --fstype="ext4" --size=1024
part swap --fstype="swap" --size=2048
%packages
@core
@server-policy
@workstation-policy
autofs
vim-enhanced
%end
%post
useradd wang
echo magedu | passwd --stdin wang &> /dev/null
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
name=base
baseurl=file:///misc/cd
gpgcheck=0
EOF
%end
[[email protected] ~]#vim /var/www/html/ks/centos7.cfg
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$hf5nFgTY$cjAfchGqSckksjZccDZr30
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Use network installation
url --url="http://10.0.0.7/centos/7/os/x86_64"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="xfs" --size=10240
part /boot --fstype="xfs" --size=1024
part swap --fstype="swap" --size=2048
%post
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
name=CentOS
baseurl=file:///misc/cd
https://mirrors.aliyun.com/centos/$releasever/os/$basearch
https://mirrors.cloud.tencent.com/centos/$releasever/os/$basearch
https://repo.huaweicloud.com/centos/$releasever/os/$basearch
https://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/os/$basearch
gpgcheck=0
[extras]
name=extras
baseurl=https://mirrors.aliyun.com/centos/$releasever/extras/$basearch
https://mirrors.cloud.tencent.com/centos/$releasever/extras/$basearch
https://repo.huaweicloud.com/centos/$releasever/extras/$basearch
https://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/extras/$basearch
gpgcheck=0
enabled=1
[epel]
name=EPEL
baseurl=https://mirrors.aliyun.com/epel/$releasever/$basearch
https://mirrors.cloud.tencent.com/epel/$releasever/$basearch
https://repo.huaweicloud.com/epel/$releasever/$basearch
https://mirrors.tuna.tsinghua.edu.cn/epel/$releasever/$basearch
gpgcheck=0
enabled=1
EOF
mkdir /root/.ssh -m 700
useradd linux44
echo 123456|passwd --stdin linux44
%end
[[email protected] ~]#vim /var/www/html/ks/centos8.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$EP3HI3x1$wl6XOHQmmsm.MVcTZUiMJ.
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Use network installation
url --url="http://10.0.0.7/centos/8/os/x86_64"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="xfs" --size=20480
part /boot --fstype="xfs" --size=1024
part swap --fstype="swap" --size=2048
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
6、準備PXE啟動相關檔案
[[email protected] ~]#mkdir /var/lib/tftpboot/centos{6,7,8}
#準備CentOS6,7,8各自的核心相關檔案
[[email protected] ~]#cp /var/www/html/centos/6/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6
[[email protected] ~]#cp /var/www/html/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7
[[email protected] ~]#cp /var/www/html/centos/8/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos8
[[email protected] ~]#cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot/
#以下三個檔案是CentOS8安裝所必須檔案,CentOS6,7則不需要
[[email protected] ~]#cp /var/www/html/centos/8/os/x86_64/isolinux/{ldlinux.c32,libcom32.c32,libutil.c32} /var/lib/tftpboot/
#生成安裝菜單檔案
[[email protected] ~]#mkdir /var/lib/tftpboot/pxelinux.cfg/
[[email protected] ~]#cp /var/www/html/centos/8/os/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
#最終目錄結構如下
[[email protected] ~]#tree /var/lib/tftpboot
.
├── centos6
│ ├── initrd.img
│ └── vmlinuz
├── centos7
│ ├── initrd.img
│ └── vmlinuz
├── centos8
│ ├── initrd.img
│ └── vmlinuz
├── ldlinux.c32
├── libcom32.c32
├── libutil.c32
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg
└── default
4 directories, 12 files
7、準備啟動菜單檔案
[[email protected] ~]#vim /var/lib/tftpboot/pxelinux.cfg/default
default menu.c32
timeout 600
menu title Install CentOS Linux
label linux8
menu label Auto Install CentOS Linux ^8
kernel centos8/vmlinuz
append initrd=centos8/initrd.img ks=http://10.0.0.100/ks/centos8.cfg
label linux7
menu label Auto Install CentOS Linux ^7
kernel centos7/vmlinuz
append initrd=centos7/initrd.img ks=http://10.0.0.100/ks/centos7.cfg
label linux6
menu label Auto Install CentOS Linux ^6
kernel centos6/vmlinuz
append initrd=centos6/initrd.img ks=http://10.0.0.100/ks/centos6.cfg
label manual
menu label ^Manual Install CentOS Linux 8.0
kernel centos8/vmlinuz
append initrd=centos8/initrd.img
inst.repo=http://10.0.0.100/centos/8/os/x86_64/
label rescue
menu label ^Rescue a CentOS Linux system 8
kernel centos8/vmlinuz
append initrd=centos8/initrd.img
inst.repo=http://10.0.0.100/centos/8/os/x86_64/ rescue
label local
menu default
menu label Boot from ^local drive
localboot 0xffff
8、測試用戶端基于PXE實作自動安裝
新準備一台主機,設定網卡引導,可看到看啟動菜單,并實作自動安裝
注意:VMware workstation 對于不同的CentOS 版本,生成的虛拟機的硬體并不相容
二、利用cobbler實作自動化安裝
1、環境準備
兩台主機
一台主機:CentOS 7 充當 Cobbler,http,dhcp,tftp 伺服器,并關閉防火牆和SELinux
一台主機:充當測試機,用于實作自動化安裝Linux系統
網絡要求:關閉Vmware軟體中的NAT模式中的DHCP服務,兩個主機網卡基于NAT模式
2、安裝相關包并啟動服務
[[email protected] ~]#yum install cobbler dhcp -y
[r[email protected] ~]#systemctl enable --now cobblerd httpd tftp dhcpd
3、修改cobbler相關的配置
[[email protected] ~]#cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other
than localhost, or kickstarting features will not work. This should be a
resolvable hostname or IP for the boot server as reachable by all machines that
will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings
must be set to something other than 127.0.0.1, and should match the IP of the
boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may
run 'cobbler get-loaders' to download them, or, if you only want to handle
x86/x86_64 netbooting, you may ensure that you have installed a *recent* version
of the syslinux package installed and can ignore this message entirely. Files
in this directory, should you want to support all architectures, should include
pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is
the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian
deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed
machines (default_password_crypted in /etc/cobbler/settings) is still set to
'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrasehere'
'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power
management features. install cman or fence-agents to use them
#生成新密碼,預設安裝好的系統root密碼為cobbler
[[email protected] ~]#openssl passwd -1 'magedu'
$1$1spuisnh$j34LNmyTQWs3l6xKxCZY60
#根據以上提示,隻需要做1,2,8這三項即可,修改下面四行
[[email protected] ~]#vim /etc/cobbler/settings
default_password_crypted: "$1$1spuisnh$j34LNmyTQWs3l6xKxCZY60"
next_server:< tftp伺服器的 IP 位址>
server:<cobbler伺服器的 IP 位址>
manage_dhcp:1 #設定為1,表示通過cobbler生成dhcpd.conf配置檔案
pxe_just_once: 1 #設定為1,防止重複安裝系統
[[email protected] ~]#systemctl restart cobblerd
4、實作dhcp服務
#修改dhcp的模版檔案下面的行,用來生成dhcp的配置檔案
[[email protected] ~]#vim /etc/cobbler/dhcp.template
subnet 192.168.100.0 netmask 255.255.255.0 {
option routers 192.168.100.1;
option domain-name-servers 180.76.76.76,223.6.6.6;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.100.1 192.168.100.200;
#自動生成dhcp配置檔案并啟動
[[email protected] ~]#cobbler sync
5、下載下傳啟動的相關檔案
[[email protected] ~]#cobbler get-loaders
task started: 2020-02-10_163111_get_loaders
task started (id=Download Bootloader Content, time=Mon Feb 10 16:31:11 2020)
downloading https://cobbler.github.io/loaders/README to
/var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to
/var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to
/var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to
/var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to
/var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to
/var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to
/var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to
/var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to
/var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to
/var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
[[email protected] ~]#ls /var/lib/cobbler/loaders
COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README
COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot
[[email protected] ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
├── etc
├── grub
├── images
├── images2
├── ppc
├── pxelinux.cfg
└── s390x
8 directories, 0 files
[[email protected] ~]#cobbler sync
task started: 2020-02-10_163219_sync
task started (id=Sync, time=Mon Feb 10 16:32:19 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 ->
/var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi ->
/var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi ->
/var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[[email protected] ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ ├── grub-x86_64.efi
│ ├── grub-x86.efi
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── yaboot
10 directories, 10 files
6、修改菜單的标題資訊
[[email protected] ~]#vim /etc/cobbler/pxe/pxedefault.template
MENU TITLE Cobbler | http://www.magedu.com/
[[email protected] ~]#cobbler sync
[[email protected] ~]#cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.magedu.com/ #預設為:http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
MENU end
[[email protected] ~]#cobbler sync
7、導入centos系統的安裝檔案,生成相應的yum源
#導入yum源時,會自動生成菜單項并自動關聯最小化安裝系統的檔案kickstart檔案,預設root密碼為cobbler
[[email protected] ~]#cobbler import --name=centos-8.1-x86_64 --path=/misc/cd --arch=x86_64
[[email protected] ~]#mount /dev/sr1 /mnt
mount: /dev/sr1 is write-protected, mounting read-only
#也可以在導入yum源的同時進行關聯自定義的kickstart檔案
[[email protected] ~]#cobbler import --name=centos-7.7-x86_64 --path=/mnt --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg
[[email protected] ~]#du -sh /var/www/cobbler/ks_mirror/*
11G /var/www/cobbler/ks_mirror/centos-7.7-x86_64
7.2G /var/www/cobbler/ks_mirror/centos-8.1-x86_64
12K /var/www/cobbler/ks_mirror/config
[[email protected] ~]#cobbler distro list
centos-7.7-x86_64
centos-8.1-x86_64
[[email protected] ~]#cobbler profile listsh
centos-7.7-x86_64
centos-8.1-x86_64
注意:CentOS8.3 的導入出錯,需要修改檔案
#預設直接導入CentOS8.3會出現下面錯誤
[[email protected] ~]#cobbler import --name=centos-8.3-x86_64 --path=/mnt --
arch=x86_64
task started: 2021-01-18_162855_import
task started (id=Media import, time=Mon Jan 18 16:28:55 2021)
Found a candidate signature: breed=redhat, version=rhel8
No signature matched in /var/www/cobbler/ks_mirror/centos-8.3-x86_64
!!! TASK FAILED !!!
#解決方法
[[email protected] ~]#vim /var/lib/cobbler/distro_signatures.json
#修改第70行添加centos-linux
68 "rhel8": {
69 "signatures":["BaseOS"],
70 "version_file":"(redhat|sl|slf|centos-linux|centos|oraclelinux|vzlinux)-
release-(?!notes)([\\w]*-)*8(Server)*[\\.-]+(.*)\\.rpm",
[[email protected] ~]#systemctl restart cobblerd
[[email protected] ~]#cobbler sync
8、準備kickstart檔案,并關聯至指定的yum源
#将kickstart檔案,關聯指定的YUM源和生成菜單清單
[[email protected] ~]#cobbler profile add --name=CentOS-8.1_test --distro=CentOS-8.1-
x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos8.cfg
[[email protected] ~]#cobbler profile add --name=CentOS-7.7_test --distro=CentOS-7.7-
x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg
#删除預設生成的菜單
[[email protected] ~]#cobbler profile remove --name=centos-8.1-x86_64
[[email protected] ~]#cobbler profile remove --name=centos-7.7-x86_64
[[email protected] ~]#cobbler profile list
CentOS-7.7_test
CentOS-8.1_test
#删除預設的菜單清單
[[email protected] ~]#cobbler profile remove --name=CentOS8.0-x86_64
#設定預設安裝菜單, 這樣未裝系統的裝置會自動從pxe引導啟動你需要安裝的系統, 不需要再手動接顯示器
選了
[[email protected] ~]#cobbler system add --name=default --profile=centos-8.1-x86_64
9、支援UEFI安裝
注意:CentOS 6 的虛拟機不支援UEFI
修改檔案設定時間,預設不顯示菜單
#修改模版檔案
[[email protected] ~]#vim /etc/cobbler/pxe/efidefault.template
[[email protected] ~]#cat /var/lib/tftpboot/grub/efidefault
default=0
timeout=60
$grub_menu_items
#使模版生效
[[email protected] ~]#cobbler sync
#驗證生效
[[email protected] ~]#head -n 2 /var/lib/tftpboot/grub/efidefault
default=0
timeout=60
10、實作cobbler web 管理
[[email protected] ~]#yum -y install cobbler-web
[[email protected] ~]#systemctl restart httpd
通過浏覽器通路下面位址: https://10.0.0.7/cobbler_web
使用者名:cobbler
密碼:cobbler
11、建立cobbler自定義使用者
[[email protected] ~]#cat /etc/cobbler/users.digest
cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3
[[email protected] ~]#htdigest -c /etc/cobbler/users.digest Cobbler admin
Adding password for admin in realm Cobbler.
New password:
Re-type new password:
[[email protected] ~]#cat /etc/cobbler/users.digest
admin:Cobbler:461941848a17e1b412f94c100a79bf75
3
[[email protected] ~]#htdigest /etc/cobbler/users.digest Cobbler admin2
Adding user admin2 in realm Cobbler
New password:
Re-type new password:
[[email protected] ~]#cat /etc/cobbler/users.digest
admin:Cobbler:461941848a17e1b412f94c100a79bf75
3
admin2:Cobbler:8e3ab6cc196fac11dcf0512c200a672f