前言
如果要給很多臺客戶端主機安裝操作系統,要是每一臺都拿張安裝光盤一臺一臺主機的去裝系統那就太浪費時間和精力了。在生產環境中也不實際。
今天我這裏準備了三種方式應對少量和大量機器安裝系統的方法:
- 全自動化安裝ISO鏡像
- PXE自動化安裝CentOS
- cobbler自動化安裝CentOS
如果只是安裝那麼幾臺機器,可以考慮使用全自動化安裝ISO鏡像,
如果是上百臺這種數量級的,可以使用PXE或是cobbler來自動化安裝。
製作全自動化安裝ISO光盤
在開始之前,我首先簡要介紹一下系統光盤中isolinux目錄列表
solinux.bin:光盤引導程序,在mkisofs的選項中需要明確給 出文件路徑,這個文件屬於SYSLINUX項目
isolinux.cfg:isolinux.bin的配置文件,當光盤啓動後(即運行isolinux.bin),會自動去找isolinux.cfg文件
vesamenu.c32:是光盤啓動後的安裝圖形界面,也屬於 SYSLINUX項目,menu.c32版本是純文本的菜單
Memtest:內存檢測,這是一個獨立的程序
splash.jgp:光盤啓動界面的背景圖
vmlinuz是內核映像
initrd.img是ramfs (先cpio,再gzip壓縮)準備kickstart文件
創建kickstart文件的方式:
1.直接手動編輯
2.依據某模版修改
3.可使用創建工具:system-config-kickstart這裏我選擇的是第三種方式system-config-kickstart來生成kickstart文件
第一步
準備一臺有圖形界面的機器,我這裏準備的是centos6
先把這個小工具安裝到虛擬機上
[ root@ygl ~ ]# yum install system-config-kickstart輸入命令
[ root@ygl ~ ]# system-config-kickstart彈出一個可輸入配置界面
下面這幾步,我用圖片我做實驗時的圖片來代替
注意:下面放的兩張圖是在7上實驗時會遇見的坑,6和7的包選擇那裏是不一樣的。
7的時候要把我們的yum源的配置文件裏面的base源名字設置爲development才能看見包選擇,不然是看不到界面的。
最後我把文件保存在root家目錄下,生成了一個ks.cfg文件
[ root@centos6 ~ ]# cat ks.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use network installation
url --url="http://172.18.1.1/centos/6"
# Root password
rootpw --iscrypted $1$TUQuZZcF$pdMUhBTFzd/xSZPQ08OXB0
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=info
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Network information
network --bootproto=static --device=eth0 --gateway=172.18.0.1 --ip=172.18.25.123 --netmask=255.255.0.0 --onboot=on
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="ext4" --size=300
part / --fstype="ext4" --size=20000
part swap --fstype="swap" --size=2048
%post
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*repo bak
cat > /etc/yum.repos.d/base.repo << EOF
[base]
baseurl=file:///misc/cd
gpgcheck=0
EOF
useradd ygl
echo 123456 | passwd --stdin ygl
%end
%packages
@base
@core
@workstation-policy
@server-policy
vim
autofs
%endcore
一些基本的包組是我自己加進去的
@core
@workstation-policy
@server-policy
vim
autofs比如,剛好你要做一個kickstart文件,直接複製我上面的代碼拿去修改就好了。
注意:kickstart文件配置好了,要使用命令查錯。
[ root@centos6 ~ ]# ksvalidator ks.cfg如果上面這些都準備好了,就可以進行下一步的操作了。
鏡像製作前準備
首先,要確定你的機器已經掛載了光盤,比如,我要做的是6的自動化安裝鏡像,那麼我這裏掛載的光盤就是6的鏡像文件。
1.把所掛載的光盤裏的所有文件全部複製出來,放到一個你指定的地方,我放在了/test/fulliso下面。
注意哦:有兩個是隱藏文件,別忘了複製出來哦。
[ root@ygl /misc/cd ]# cp -r * /test/fulliso/
[ root@ygl /misc/cd ]# cp .discinfo .treeinfo /test/fulliso/2.刪除所有的TRANS.TBL文件
[ root@ygl /misc/cd ]# cd /test/fulliso/
[ root@ygl /test/fulliso ]# find -name TRANS.TBL -exec rm {} \;3.刪除repodata文件,再把光盤裏的的源信息文件複製過來
注意:我這裏是拿的6.9版本的系統做的實驗,每個版本的名字可能都不同,
這個文件是,repodata目錄下的,以x86_64-comps結尾的文件,文件名老長老長的那個。
[ root@ygl /test/fulliso ]# rm -rf repodata
[ root@ygl /test/fulliso ]# mkdir repodata
[ root@ygl /test/fulliso ]# cp /misc/cd/repodata/43d8fd* repodata/4.再自己生成源文件
[ root@ygl /test/fulliso ]# createrepo -g repodata/43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml ./5.修改kickstart文件。
之前生成的kickstart文件是通用版的,現在我們進行修改成自己需要的。
我準備了兩個版本,最小需求版,和完整版。
這是一個最小化安裝的kickstart文件
[ root@ygl /test/fulliso ]# cat ks6-mini.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use CDROM installation media
cdrom
# Root password
rootpw --iscrypted $1$TUQuZZcF$pdMUhBTFzd/xSZPQ08OXB0
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=info
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Network information
network --bootproto=static --device=eth0 --gateway=172.18.0.1 --ip=172.18.25.123 --netmask=255.255.0.0 --onboot=on
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="ext4" --size=300
part / --fstype="ext4" --size=20000
part swap --fstype="swap" --size=2048
%post
rm -f /etc/yum.repo.d/*cat > /etc/yum.repos.d/base.repo << EOF
[base]
baseurl=file:///misc/cd
gpgcheck=0
EOF
useradd ygl
echo 123456 | passwd --stdin ygl
%end
%packages
@base
@core
vim
autofs
%end這是一個完整版的kickstart文件
[ root@ygl /test/fulliso ]# cat ks6.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use CDROM installation media
cdrom
# Root password
rootpw --iscrypted $1$TUQuZZcF$pdMUhBTFzd/xSZPQ08OXB0
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=info
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Network information
network --bootproto=static --device=eth0 --gateway=172.18.0.1 --ip=172.18.25.123 --netmask=255.255.0.0 --onboot=on
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="ext4" --size=300
part / --fstype="ext4" --size=20000
part swap --fstype="swap" --size=2048
%post
rm -f /etc/yum.repo.d/*
cat > /etc/yum.repos.d/base.repo << EOF
[base]
baseurl=file:///misc/cd
gpgcheck=0
EOF
useradd ygl
echo 123456 | passwd --stdin ygl
%end
%packages
@base
@core
@debugging
@basic-desktop
@desktop-debugging
@desktop-platform
@directory-client
@fonts
@general-desktop
@graphical-admin-tools
@input-methods
@internet-applications
@internet-browser
@java-platform
@kde-desktop
@legacy-x
@network-file-system-client
@office-suite
@print-client
@remote-desktop-clients
@server-platform
@x11
mtools
pax
python-dmidecode
oddjob
wodim
sgpio
genisoimage
device-mapper-persistent-data
abrt-gui
qt-mysql
samba-winbind
certmonger
pam_krb5
krb5-workstation
xterm
xorg-x11-xdm
libXmu
rdesktop
autofs
%end6.我們可以專門創建一個目錄來放kickstart文件
[ root@ygl /test/fulliso ]# mkdir kickstart
[ root@ygl /test/fulliso ]# mv ks6.cfg ks6-mini.cfg kickstart/7.接下來製作啓動菜單
[ root@ygl /test/fulliso ]# cd isolinux/
[ root@ygl /test/fulliso/isolinux ]# vim isolinux.cfg
[ root@ygl /test/fulliso/isolinux ]# cat isolinux.cfg
default vesamenu.c32
#prompt 1
timeout 600
display boot.msg
menu background splash.jpg
menu title Welcome to CentOS 6 Automatic Install!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color scrollbar 0 #ffffffff #00000000
label desktop
menu label Install ^desktop system
kernel vmlinuz
append initrd=initrd.img ks=cdrom:/kickstart/ks6.cfg
label mini
menu label Install an m^ini system
kernel vmlinuz
append initrd=initrd.img ks=cdrom:/kickstart/ks6-mini.cfg
label manual
menu label ^Manual install an system
kernel vmlinuz
append initrd=initrd.img
label local
menu label Boot from ^local drive
menu default
localboot 0xffff到這裏我們前面的準備工作都做好了。
製作光盤鏡像
注意:這條命令有點長…注意別寫錯了…
[ root@ygl ~ ]# mkisofs -R -J -T -v --no-emul-boot --boot-load-size 4 --boot-info-table -V "CentOS 6.9 autoinstall" -b isolinux/isolinux.bin -c isolinux/boot.cat -o /root/centos6_boot.iso /test/fulliso/到這裏,全自動化安裝鏡像製作完成了,導出來放在U盤裏,
去哪都可以開心的全自動化安裝了,但是這隻適合安裝一臺或少數幾臺的安裝。
如果成百上前呢?
那麼就要看接下來的兩種安裝方法了…
PXE
國際慣例,我先介紹一下PXE
PXE:
Preboot Excution Environment 預啓動執行環境
Intel公司研發
基於Client/Server的網絡模式,支持遠程主機通過網絡從遠端服務器下載映像,並由此支持通過網絡啓動操作系統
PXE可以引導和安裝Windows,linux等多種操作系統再介紹一下PXE工作原理
Client向PXE Server上的DHCP發送IP地址請求消息,DHCP檢測Client是 否合法(主要是檢測Client的網卡MAC地址),如果合法則返回Client的 IP地址,同時將啓動文件pxelinux.0的位置信息一併傳送給Client
Client向PXE Server上的TFTP發送獲取pxelinux.0請求消息,TFTP接收 到消息之後再向Client發送pxelinux.0大小信息,試探
Client是否滿意,當 TFTP收到Client發回的同意大小信息之後,正式向Client發送pxelinux.0
Client執行接收到的pxelinux.0文件
Client向TFTP Server發送針對本機的配置信息文件(在TFTP 服務的 pxelinux.cfg目錄下),TFTP將配置文件發回Client,繼而Client根據配 置文件執行後續操作。
Client向TFTP發送Linux內核請求信息,TFTP接收到消息之後將內核文件 發送給Client
Client向TFTP發送根文件請求信息,TFTP接收到消息之後返回Linux根文 件系統
Client啓動Linux內核
Client下載安裝源文件,讀取自動化安裝腳本 步入正題。
實驗準備部分
關閉防火牆和SELINUX
[ root@ygl ~ ]# systemctl stop iptables
[ root@ygl ~ ]# setenforce 0安裝軟件包
[ root@ygl ~ ]# yum install httpd tftp-server dhcp syslinux system-config-kickstart -y
[ root@ygl ~ ]# systemctl start httpd配置dhcp
把dhcp自帶的模版文件複製過來,在進行修改
[ root@ygl ~ ]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[ root@ygl ~ ]# vim /etc/dhcp/dhcpd.conf
主要是對這一段進行修改
# DHCP server to understand the network topology.
subnet 172.18.1.0 netmask 255.255.255.0 {
range 172.18.1.50 172.18.1.100;
next-server 172.18.1.1;
filename "pxelinux.0";
}準備yum源文件和應答文件
創建一系列的目錄,準備待會放文件
[ root@ygl ~ ]# cd /var/www/html
[ root@ygl /var/www/html ]# mkdir centos/
[ root@ygl /var/www/html ]# cd centos
[ root@ygl /var/www/html ]# mkdir 6 7 ks6 ks7
[ root@ygl ~ ]# mount /dev/sr0 /var/www/html/centos/7現在在準備kickstart文件,我就直接拿之前的kickstart文件來做了。
但是有個地方是必須要修改的。
# Use CDROM installation media
cdrom
上面這一段改成下面這一段
# Use net install
url --url=http://172.18.1.1/centos/7然後在tftp上面放東西
[ root@ygl ~ ]# cd /var/lib/tftpboot/
[ root@ygl /var/lib/tftpboot ]# rm -f * -r (有東西就刪了,沒東西就不用刪了)
[ root@ygl /var/lib/tftpboot ]# mkdir pxelinux.cfg
[ root@ygl /var/lib/tftpboot ]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[ root@ygl /var/lib/tftpboot ]# cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot/
[ root@ygl /var/lib/tftpboot ]# cp /misc/cd/isolinux/{vmlinuz,initrd.img} .
[ root@ygl /var/lib/tftpboot ]# ls
initrd.img menu.c32 pxelinux.0 pxelinux.cfg vmlinuz
[ root@ygl /var/lib/tftpboot ]# cp /misc/cd/isolinux/isolinux.cfg pxelinux.cfg/default
[ root@ygl /var/lib/tftpboot ]# tree
.
├── initrd.img
├── menu.c32
├── pxelinux.0
├── pxelinux.cfg
│ └── default
└── vmlinuz
1 directory, 5 files
現在再修改一下pxelinux.cfg目錄下的default文件
[ root@ygl /var/lib/tftpboot ]# vim pxelinux.cfg/default
[ root@ygl /var/lib/tftpboot ]# cat pxelinux.cfg/default
default menu.c32
timeout 600
menu title CentOS linux 7 PXE Install
label desktop
menu label Auto Install CentOS Linux 7 ^Desktop
kernel vmlinuz
append initrd=initrd.img ks=http://172.18.1.1/ks7/ks7.cfg
label mini
menu label Auto Install CentOS Linux 7 ^Mini
kernel vmlinuz
append initrd=initrd.img ks=http://172.18.1.1/ks7/ks7mini.cfg
label manual
menu label ^Auto Install CentOS Linux 7
kernel vmlinuz
append initrd=initrd.img inst.repo=http://172.18.1.1/centos/7
label label
menu default
menu label Boot from ^local drive
localboot 0xffff
menu end
刪掉了所有多餘的,到時候菜單會顯得很簡潔。
PXE總結
注意,權限很重要,真的很重要。把東西掛上去後一定要試一下,能不能看到。
新建一臺虛擬機,選擇dhcp相同網段就可以開機實驗一下,(我已經實驗過了,沒問題…)
是不是開機自動跳到選擇安裝類型的菜單上了。
我這個只是做了把自動化安裝7的PXE,其實我們還可以再掛載一個6的光盤當yum源,再做幾份6的kickstart文件,全部做在一個菜單裏面就好了。
這個PXE安裝,做完了後感覺步驟很簡單,說的簡單點,
就是把各種各樣的文件掛到網上,重點是kickstart文件,配置好dhcp服務。
思路一定要清晰。配置文件一定要仔細!!!
cobbler
國際慣例,我介紹一下這個工具
Cobbler:
快速網絡安裝linux操作系統的服務,支持衆多的Linux發行版:Red Hat、Fedora、CentOS、Debian、Ubuntu和SuSE,也可以支持網絡安裝windows
PXE的二次封裝,將多種安裝參數封裝到一個菜單
Python編寫
提供了CLI和Web的管理形式cobbler 工作流程
client裸機配置了從網絡啓動後,開機後會廣播包請求DHCP服務器(cobbler server)發送其分配好的一個IP
DHCP服務器(cobbler server)收到請求後發送responese,包括其ip地址
client裸機拿到ip後再向cobbler server發送請求OS引導文件的請求
cobbler server告訴裸機OS引導文件的名字和TFTP server的ip和port
client裸機通過上面告知的TFTP server地址通信,下載引導文件
client裸機執行執行該引導文件,確定加載信息,選擇要安裝的os,期間會再向cobbler server請求kickstart文件和os image
cobbler server發送請求的kickstart和os iamge
client裸機加載kickstart文件
client裸機接收os image,安裝該os imagecobbler 各種配置目錄說明
配置文件目錄 /etc/cobbler
/etc/cobbler/settings : cobbler 主配置文件
/etc/cobbler/iso/: iso模板配置文件
/etc/cobbler/pxe: pxe模板文件
/etc/cobbler/power: 電源配置文件
/etc/cobbler/user.conf: web服務授權配置文件
/etc/cobbler/users.digest: web訪問的用戶名密碼配置文件
/etc/cobbler/dhcp.template : dhcp服務器的的配置末班
/etc/cobbler/dnsmasq.template : dns服務器的配置模板
/etc/cobbler/tftpd.template : tftp服務的配置模板
/etc/cobbler/modules.conf : 模塊的配置文件好了準備開始實驗了。
安裝開啓服務
首先,肯定是先安裝cobbler。和啓動其他的服務。
[ root@ygl ~ ]# yum install cobbler
[ root@ygl ~ ]# systemctl start start cobblerd
[ root@ygl ~ ]# systemctl enble cobblerd
[ root@ygl ~ ]# systemctl enable tftp
[ root@ygl ~ ]# systemctl start tftp
[ root@ygl ~ ]# systemctl start httpd覈對當前設置是否有問題
[ root@ygl ~ ]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.注意:別慌,看起來爆出來的問題很多,其實沒有幾個。比如這一步還有可能會爆出,httpd沒有開啓,SELINUX是開啓狀態,按順序處理就好了
按提示順序解決問題
[ root@ygl ~ ]# vim /etc/cobbler/settings
# this is the address of the cobbler server -- as it is used
# by systems during the install process, it must be the address
# or hostname of the system as those systems can see the server.
# if you have a server that appears differently to different subnets
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
server: 172.18.1.1 就是修改server這一行,把IP改成自己的本機IP。不然別人不能訪問我的…
按提示我們要重啓服務,還有同步cobbler
這裏有個坑,我做實驗的時候,要分開寫,不能把重啓服務和同步寫到一條命令裏。
重啓服務,同步cobbler
[ root@ygl ~ ]# systemctl restart cobblerd
[ root@ygl ~ ]# cobbler sync
task started: 2017-09-18_100845_sync
task started (id=Sync, time=Mon Sep 18 10:08:45 2017)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***再次使用cobbler check檢查
少了兩個提示,只有六個了…
[ root@ygl ~ ]# cobbler check
The following are potential configuration items that you may want to fix:
1 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
2 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : enable and start rsyncd.service with systemctl
4 : debmirror package is not installed, it will be required to manage debian deployments and repositories
5 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
6 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.提示的是修改tftp服務器的地址,我們還是進入剛剛那個配置文件取進行修改。
[ root@ygl ~ ]# vim /etc/cobbler/settings
# if using cobbler with manage_dhcp, put the IP address
# of the cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 172.18.1.1 注意:和之前修改的類似,這裏是修改next_server的IP地址,說的簡單點就是把tftp服務器的地址寫進去。
還是和之前一樣的步驟,先重啓服務,同步,在檢查文件。
[ root@ygl ~ ]# systemctl restart cobblerd
[ root@ygl ~ ]# cobbler sync
task started: 2017-09-18_101845_sync
task started (id=Sync, time=Mon Sep 18 10:18:45 2017)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[ root@ygl ~ ]# cobbler check
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : enable and start rsyncd.service with systemctl
3 : debmirror package is not installed, it will be required to manage debian deployments and repositories
4 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
5 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.只有五個問題了…
繼續繼續…
這一步,有兩種方法處理,你的機器聯網沒,聯網可以偷懶.執行他說的命令,
直接從網上把這些配置文件從網上直接下來,
如果沒網,可以只複製兩個必須的文件到tftp的目錄下就可以了。
網絡偷懶版:
[ root@ygl /var/lib/tftpboot ]# cobbler get-loaders
task started: 2017-09-18_103044_get_loaders
task started (id=Download Bootloader Content, time=Mon Sep 18 10:30:44 2017)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
...苦逼沒網手動複製版:
[ root@ygl /var/lib/cobbler/loaders ]# cp /var/lib/tftpboot/{pxelinux.0,menu.c32} .
[ root@ygl /var/lib/cobbler/loaders ]# ls
menu.c32 pxelinux.0注意:最終我還是偷懶了,只複製了兩個必須的文件,
追求完美的話,其他的文件也應該按提示都複製過來。
再次重複重啓服務,同步,檢查。
[ root@ygl /var/lib/cobbler/loaders ]# systemctl restart cobblerd
[ root@ygl /var/lib/cobbler/loaders ]# cobbler sync
task started: 2017-09-18_104122_sync
task started (id=Sync, time=Mon Sep 18 10:41:22 2017)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[ root@ygl /var/lib/cobbler/loaders ]# cobbler check
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : enable and start rsyncd.service with systemctl
3 : debmirror package is not installed, it will be required to manage debian deployments and repositories
4 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
5 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.注意:雖然還是五個提示,但是第一個提示的必須文件已經複製過來了,可以忽略了…強迫症重度患者可以按要求都複製完成….
繼續接下里的步驟
[ root@ygl /var/lib/cobbler/loaders ]# yum install rsync
[ root@ygl /var/lib/cobbler/loaders ]# systemctl start rsyncd
[ root@ygl /var/lib/cobbler/loaders ]# systemctl restart cobblerd
[ root@ygl /var/lib/cobbler/loaders ]# systemctl enable rsyncd繼續重啓服務,同步,檢查
[ root@ygl /var/lib/cobbler/loaders ]# cobbler check
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
4 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.革命還在繼續,同志任努力,
debmirror package is not installed這一行的提示可以忽略,
也就說只有兩個提示了.
也就說下一個提示是要我沒改默認口令
先準備好你的口令
[ root@ygl ~ ]# openssl passwd -1
Password: 123456
Verifying - Password: 123456
$1$VvgAVIDh$Ug0WXzHN1Acj1loV.JBBl/接下來修改配置文件
[ root@ygl /var/lib/cobbler/loaders ]# !vim
vim /etc/cobbler/settings
# cobbler has various sample kickstart templates stored
# in /var/lib/cobbler/kickstarts/. This controls
# what install (root) password is set up for those
# systems that reference this variable. The factory
# default is "cobbler" and cobbler check will warn if
# this is not changed.
# The simplest way to change the password is to run
# openssl passwd -1
# and put the output between the "" below.
default_password_crypted: "$1$VvgAVIDh$Ug0WXzHN1Acj1loV.JBBl/"
只是修改默認密碼…
繼續重啓服務,同步,檢查
[ root@ygl /var/lib/cobbler/loaders ]# systemctl restart cobblerd
[ root@ygl /var/lib/cobbler/loaders ]# cobbler sync
[ root@ygl /var/lib/cobbler/loaders ]# cobbler check
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.這三個提示,第一個我們把必須的已經複製過去了,第二個和第三個可以忽略,到這裏我們按提示都修改完成了…接下來我們就要藉助cobbler配置dhcp服務
配置dhcpd
[ root@ygl /var/lib/cobbler/loaders ]# vim /etc/cobbler/settings
# set to 1 to enable Cobbler's DHCP management features.
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1 (這個地方從0改爲1)
[ root@ygl /var/lib/cobbler/loaders ]# systemctl restart cobblerd設置成1就是用cobbler管理dhcp的配置文件,重啓cobbler服務,同步。
[ root@ygl /var/lib/cobbler/loaders ]# vim /etc/cobbler/dhcp.template
subnet 172.18.1.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
range dynamic-bootp 172.18.1.50 172.18.1.100;
default-lease-time 21600;路由啊什麼都不需要,我們只是裝一個系統,配下子網網關,還有我分配的地址就好了
[ root@ygl /var/lib/cobbler/loaders ]# systemctl restart cobblerd
[ root@ygl /var/lib/cobbler/loaders ]# cobbler sync
[ root@ygl /var/lib/cobbler/loaders ]# cat /etc/dhcp/dhcpd.conf
# ******************************************************************
# Cobbler managed dhcpd.conf file
# generated from cobbler dhcp.conf template (Mon Sep 18 22:47:03 2017)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 172.18.1.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
range dynamic-bootp 172.18.1.50 172.18.1.100;
default-lease-time 21600;
max-lease-time 43200;
next-server 172.18.1.1;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
# group for Cobbler DHCP tag: default
group {
}可以看到cobbler已經幫dhcp把配置文件直接生成了…
準備yum源
這是7的系統,本來就掛載了7.3的光盤,再加一個光驅,掛載6.9的光盤。掛載在/media/cdrom目錄上
用cobbler導入yum源
[ root@ygl /misc/cd ]# cobbler import --path=/misc/cd --name=centos7.3
[ root@ygl ~ ]# cobbler import --path=/media/cdrom --name=centos6.9
我們用命令看一下有哪些已經可以自動安裝的版本
[ root@ygl /misc/cd ]# cobbler distro list
centos7.3-x86_64
centos6.9-x86_64生成kickstart文件
這裏可以使用之前準備好的kickstart文件,默認的也可以…
[ root@ygl /var/www/html/ks7 ]# cp ks7mini.cfg /var/lib/cobbler/kickstarts/
[ root@ygl /var/www/html/ks6 ]# cp ks6mini.cfg /var/lib/cobbler/kickstarts/
[ root@ygl /var/lib/cobbler/kickstarts ]# cobbler profile add --name=centos7.3-x86_64-mini --distro=centos7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7mini.cfg
[ root@ygl /var/lib/cobbler/kickstarts ]# cobbler profile add --name=centos6.9-x86_64-mini --distro=centos6.9-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks6mini.cfg
[ root@ygl /var/lib/cobbler/kickstarts ]# cobbler sync記得各項服務都要開啓,然後實驗到這裏就結束了,我試驗的時候確認可以安裝。
這個cobbler服務,其實就是起一個”王”的作用,
他來統一調配各項服務,實際上底層工作的還是各項小服務,
可以理解成給PXE上面加了一個二次封裝。
結尾
終於…終於…這三個實驗做完了,
因爲篇幅太長太長,很多實驗做的步驟都是最最基本的,必須的。
其他的地方還可以細細的打磨,
但是,最起碼已經能夠最基本的自動安裝了,批量的哦…
再有什麼其他的需求,就需要再去根據要求一點一點的修改了。
自動化運維的第一步,自動化安裝、批量安裝已經完成了。
今天就到這裏吧。
ღ ღ ღ 如果覺得文章對您有用,不妨贊一下ღ ღ ღ