了解kickstart
what's kickstartkickstart 是使用一個标準的站點為一些機器安裝統一配置的linux 作業系統。
kickstart的配置檔案的獲得方式:
手動寫入
使用GUI system-config-kickstart 工具
使用标準的Red Hat安裝程式Anaconda
anaconda-ks.cfg檔案每次CentOS linux 系統安裝完畢後,Anaconda将會在ROOT家目錄下生成一個anaconda-ks.cfg檔案,使用它可以完成相同設定的自動安裝,也可以用system-config-kickstart工具進行編輯該檔案進行修改。對anaconda-ks.cfg檔案修改可以生成自己需要的系統安裝自應答檔案。
kickstart檔案kickstart檔案可以包含系統安裝所有需要的互動,也包含系統安裝前需要執行的腳本及系統安裝後執行的腳本。
kickstart部署實驗圖
環境:
selinux關閉,防火牆關閉
Server:192.168.2.100
Step 1 配置dnf源
[[email protected] ~]# cat server.repo
[serverApp]
name=app
enabled=1
gpgcheck=0
baseurl=file:///mnt/AppStream
[serverOS]
name=os
enabled=1
gpgcheck=0
baseurl=file:///mnt/BaseOS
Step 2 安裝軟體包
[[email protected] ~]# dnf install dhcp-server tftp-server httpd syslinux -y
app 74 MB/s | 5.2 MB 00:00
os 75 MB/s | 2.2 MB 00:00
上次中繼資料過期檢查:0:00:01 前,執行于 2019年12月01日 星期日 20時49分26秒。
依賴關系解決。
===============================================================================================================================
軟體包 架構 版本 倉庫 大小
===============================================================================================================================
Installing:
httpd x86_64 2.4.37-11.module_el8.0.0+172+85fc1f40 serverApp 1.7 M
tftp-server x86_64 5.2-24.el8 serverApp 50 k
dhcp-server x86_64 12:4.3.6-30.el8 serverOS 529 k
syslinux x86_64 6.04-1.el8 serverOS 576 k
安裝依賴關系:
apr x86_64 1.6.3-9.el8 serverApp 125 k
apr-util x86_64 1.6.1-6.el8 serverApp 105 k
centos-logos-httpd noarch 80.5-2.el8 serverApp 24 k
httpd-filesystem noarch 2.4.37-11.module_el8.0.0+172+85fc1f40 serverApp 34 k
httpd-tools x86_64 2.4.37-11.module_el8.0.0+172+85fc1f40 serverApp 102 k
mod_http2 x86_64 1.11.3-2.module_el8.0.0+10+abf51267 serverApp 156 k
syslinux-nonlinux noarch 6.04-1.el8 serverOS 551 k
安裝弱的依賴:
apr-util-bdb x86_64 1.6.1-6.el8 serverApp 25 k
apr-util-openssl x86_64 1.6.1-6.el8 serverApp 27 k
Enabling module streams:
httpd 2.4
事務概要
===============================================================================================================================
安裝 13 軟體包
總計:3.9 M
安裝大小:9.9 M
下載下傳軟體包:
運作事務檢查
事務檢查成功。
運作事務測試
事務測試成功。
運作事務
準備中 : 1/1
Installing : apr-1.6.3-9.el8.x86_64 1/13
運作腳本 : apr-1.6.3-9.el8.x86_64 1/13
Installing : apr-util-bdb-1.6.1-6.el8.x86_64 2/13
Installing : apr-util-openssl-1.6.1-6.el8.x86_64 3/13
Installing : apr-util-1.6.1-6.el8.x86_64 4/13
運作腳本 : apr-util-1.6.1-6.el8.x86_64 4/13
Installing : httpd-tools-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 5/13
Installing : syslinux-nonlinux-6.04-1.el8.noarch 6/13
Installing : syslinux-6.04-1.el8.x86_64 7/13
運作腳本 : httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch 8/13
Installing : httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch 8/13
Installing : centos-logos-httpd-80.5-2.el8.noarch 9/13
Installing : mod_http2-1.11.3-2.module_el8.0.0+10+abf51267.x86_64 10/13
Installing : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 11/13
運作腳本 : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 11/13
運作腳本 : dhcp-server-12:4.3.6-30.el8.x86_64 12/13
Installing : dhcp-server-12:4.3.6-30.el8.x86_64 12/13
運作腳本 : dhcp-server-12:4.3.6-30.el8.x86_64 12/13
Installing : tftp-server-5.2-24.el8.x86_64 13/13
運作腳本 : tftp-server-5.2-24.el8.x86_64 13/13
運作腳本 : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 13/13
運作腳本 : tftp-server-5.2-24.el8.x86_64 13/13
驗證 : apr-1.6.3-9.el8.x86_64 1/13
驗證 : apr-util-1.6.1-6.el8.x86_64 2/13
驗證 : apr-util-bdb-1.6.1-6.el8.x86_64 3/13
驗證 : apr-util-openssl-1.6.1-6.el8.x86_64 4/13
驗證 : centos-logos-httpd-80.5-2.el8.noarch 5/13
驗證 : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 6/13
驗證 : httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch 7/13
驗證 : httpd-tools-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 8/13
驗證 : mod_http2-1.11.3-2.module_el8.0.0+10+abf51267.x86_64 9/13
驗證 : tftp-server-5.2-24.el8.x86_64 10/13
驗證 : dhcp-server-12:4.3.6-30.el8.x86_64 11/13
驗證 : syslinux-6.04-1.el8.x86_64 12/13
驗證 : syslinux-nonlinux-6.04-1.el8.noarch 13/13
已安裝:
httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 tftp-server-5.2-24.el8.x86_64
dhcp-server-12:4.3.6-30.el8.x86_64 syslinux-6.04-1.el8.x86_64
apr-util-bdb-1.6.1-6.el8.x86_64 apr-util-openssl-1.6.1-6.el8.x86_64
apr-1.6.3-9.el8.x86_64 apr-util-1.6.1-6.el8.x86_64
centos-logos-httpd-80.5-2.el8.noarch httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch
httpd-tools-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64 mod_http2-1.11.3-2.module_el8.0.0+10+abf51267.x86_64
syslinux-nonlinux-6.04-1.el8.noarch
完畢!
Step 3 搭建并啟動DHCP
[[email protected] ~]# vim /etc/dhcp/dhcpd.conf
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.100;
range 192.168.2.10 192.168.2.20;
next-server 192.168.2.100;
filename "pxelinux.0";
}
[[email protected] ~]# systemctl start dhcpd
[[email protected] ~]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2019-12-01 20:58:49 EST; 3s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 31465 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1 (limit: 50687)
Memory: 5.0M
CGroup: /system.slice/dhcpd.service
└─31465 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: ** Ignoring requests on virbr0. If this is not what
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: you want, please write a subnet declaration
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: in your dhcpd.conf file for the network segment
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: to which interface virbr0 is attached. **
12月 01 20:58:49 localhost.localdomain dhcpd[31465]:
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Listening on LPF/ens33/00:0c:29:11:47:97/192.168.2.0/24
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Sending on LPF/ens33/00:0c:29:11:47:97/192.168.2.0/24
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Sending on Socket/fallback/fallback-net
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Server starting service.
12月 01 20:58:49 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.
[[email protected] ~]# netstat -antlup | grep :67
udp 0 0 0.0.0.0:67 0.0.0.0:* 31465/dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0:* 1345/dnsmasq
Step 4 生成需要的檔案并啟動tftp服務
[[email protected] ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[[email protected] ~]# cp /mnt/isolinux/{vmlinuz,ldlinux.c32,initrd.img} /var/lib/tftpboot/
[[email protected] ~]# mkdir /var/lib/tftpboot/pxelinux.cfg
[[email protected] ~]# vim /var/lib/tftpboot/pxelinux.cfg/default #生成default檔案
default linux
timeout 3
label linux
kernel vmlinuz
append initrd=initrd.img ip=dhcp method=http://192.168.2.100/RHEL ks=http://192.168.2.100/ks.cfg
[[email protected] mnt]# systemctl start tftp #啟動tftp服務
[[email protected] mnt]# systemctl status tftp
● tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
Active: active (running) since Sun 2019-12-01 21:44:06 EST; 5s ago
Docs: man:in.tftpd
Main PID: 33477 (in.tftpd)
Tasks: 1 (limit: 50687)
Memory: 252.0K
CGroup: /system.slice/tftp.service
└─33477 /usr/sbin/in.tftpd -s /var/lib/tftpboot
12月 01 21:44:06 localhost.localdomain systemd[1]: Started Tftp Server.
[[email protected] mnt]# netstat -antulp | grep :69
udp6 0 0 :::69 :::* 1/systemd
Step 5 搭建并啟動http服務
[[email protected] ~]# mkdir /var/www/html/RHEL #建立軟體包存放目錄
[[email protected] ~]# mount /dev/cdrom /var/www/html/RHEL #将CD光牒挂載到對應目錄中
Step 6 生成ks.cfg檔案
由于CentOS8.0中沒有system-config-kickstart包,是以無法通過工具生成ks檔案,需要手動生成,例子中root使用者和建立的gongjh使用者的密碼都為‘`123qwe’
如果需要自己額外指定密碼,請使用其它工具進行轉換,例如doveadm指令
cp /root/anaconda-ks.cfg /var/www/html/ks.cfg #生成ks.cfg檔案
[[email protected] ~]# vim /var/www/html/ks.cfg
#version=RHEL8
ignoredisk --only-use=sda
autopart --type=lvm
# Partition clearing information
clearpart --all #删除所有分區
# Use graphical install
graphical
url --url="http://192.168.2.100/RHEL/" #指定安裝URL
# Keyboard layouts
keyboard --vckeymap=cn --xlayouts='cn'
# System language
lang zh_CN.UTF-8
# Network information
network --bootproto=dhcp --device=ens33 --ipv6=auto --activate
network --hostname=localhost.localdomain
# Root password “`123qwe” #root使用者的密碼"`123qwe"
rootpw --iscrypted $6$lYV8xqOfEWbJZ/8Y$YXDve/YNwljyh6BnrMHkKm.18kyUqZkHBpA4DHA/nEhXckJfNPLpclgNcQUS64XQSDZRAdlWzjPsI8sCe1dPo0
# X Window System configuration information
xconfig --startxonboot
# Run the Setup Agent on first boot
#firstboot disable #初次啟動設定
firstboot --disable
# System services
services --enabled="chronyd"
# System timezone
timezone America/New_York --isUtc
#Reboot after installation #安裝完成後自動重新開機
reboot
# License agreement #同意授權協定
eula --agreed
#Add a new user named tyschool password “`123qwe” group whell #普通使用者名字為tyschool密碼"`123qwe"
user --groups=wheel --name=tyschool --password=$6$GnUoYHa8rYy7XfrK$0OSNtZwn7.mq4mTeEXQvebx8AEKMV7/PYBS0qfLXUUMJFQozCVMGZY3c0gYcfaKhkCDVQAcxCpi01A5f6a9XC. --iscrypted --gecos="tyschool_com_cn"
%packages
@^graphical-server-environment
%end
%addon com_redhat_kdump --disable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
Step 7 修改檔案權限,啟動http服務
[[email protected] ~]# chmod a+r /var/www/html/ks.cfg
[[email protected] ~]# systemctl start httpd
[[email protected] ~]# systemctl start httpd
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2019-12-01 22:00:58 EST; 10s ago
Docs: man:httpd.service(8)
Main PID: 33976 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 50687)
Memory: 40.4M
CGroup: /system.slice/httpd.service
├─33976 /usr/sbin/httpd -DFOREGROUND
├─33977 /usr/sbin/httpd -DFOREGROUND
├─33978 /usr/sbin/httpd -DFOREGROUND
├─33979 /usr/sbin/httpd -DFOREGROUND
└─33980 /usr/sbin/httpd -DFOREGROUND
12月 01 22:00:58 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
12月 01 22:00:58 localhost.localdomain httpd[33976]: AH00558: httpd: Could not reliably determine the server's fully qualified>
12月 01 22:00:58 localhost.localdomain httpd[33976]: Server configured, listening on: port 80
12月 01 22:00:58 localhost.localdomain systemd[1]: Started The Apache HTTP Server.
[[email protected] ~]# netstat -antlp | grep :80
tcp6 0 0 :::80 :::* LISTEN 33976/httpd
Step 8 測試
選擇網絡啟動
擷取IP和相關檔案
開啟安裝程序
安裝完成後自動重新開機
樹明的技術交流群
白樹明技術圈4群:320990728
白樹明技術圈9群:643736601