全程和就业
1、配置chrony服务,实现服务器时间自动同步
- 编辑/etc/chrony.conf文件把ntp服务器指向国内的阿里云
[root@ntp ~]# grep -v "^#" /etc/chrony.conf
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
allow 10.0.0.0/24
logdir /var/log/chrony
[root@ntp ~]# systemctl restart chronyd
- 测试一下
[root@ntp ~]# date -s "-1 year"
Sun Jan 5 21:14:46 CST 2020
[root@ntp ~]# date
Sun Jan 5 21:14:51 CST 2020
[root@ntp ~]# systemctl restart chronyd
[root@ntp ~]# date
Tue Jan 5 21:16:31 CST 2021
[root@ntp ~]#
- 10.0.0.0/24网段内的主机可以把ntp服务器指向该服务器
[root@localhost ~]# grep -v "^#" /etc/chrony.conf
server 10.0.0.17 iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony
[root@localhost ~]#
- 也测试一下
[root@localhost ~]# date
Tue Jan 5 21:19:07 CST 2021
[root@localhost ~]# date -s '-1 year'
Sun Jan 5 21:19:16 CST 2020
[root@localhost ~]# systemctl restart chronyd
[root@localhost ~]# date
Tue Jan 5 21:28:19 CST 2021
[root@localhost ~]#
- chronc工具查看ntp服务器连接
[root@localhost ~]# chronyc
chrony version 3.4
Copyright (C) 1997-2003, 2007, 2009-2018 Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY. This is free software, and
you are welcome to redistribute it under certain conditions. See the
GNU General Public License version 2 for details.
chronyc> sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 10.0.0.17 3 6 177 9 +59us[ +542us] +/- 6494us
chronyc>
2、实现cobbler+pxe自动化装机
2.1 pxe自动化装机
- 安装相关软件包并启动
[root@localhost ~]# yum -y install httpd tftp-server dhcp syslinux system-config-kickstart
[root@localhost ~]# systemctl enable --now httpd tftp dhcpd #dhcp还没配置是无法启动的
- 创建本地yum源
[root@localhost ~]# mkdir -pv /var/www/html/centos/7/os/x86_64
[root@localhost ~]# mount /dev/sr0 /var/www/html/centos/7/os/x86_64/
- 准备kickstart文件
[root@localhost ~]# mkdir /var/www/html/ks/
[root@localhost ~]# vim /var/www/html/ks/centos7.cfg
[root@localhost ~]# cat /var/www/html/ks/centos7.cfg
install
xconfig --startxonboot
keyboard --vckeymap=us --xlayouts='us'
rootpw --iscrypted $1$bpNEv8S5$lK.CjNkf.YCpFPHskSNiN0
url --url="http://10.0.0.17/centos/7/os/x86_64"
lang en_US
auth --useshadow --passalgo=sha512
text
firstboot --enable
selinux --disabled
skipx
services --disabled="chronyd"
ignoredisk --only-use=sda
firewall --disabled
network --bootproto=dhcp --device=ens33
reboot
timezone Asia/Shanghai --nontp
bootloader --append="crashkernel=auto" --location=mbr --boot-drive=sda
zerombr
clearpart --all --initlabel
part swap --fstype="swap" --ondisk=sda --size=3072
part / --fstype="xfs" --ondisk=sda --size=51200
part /boot --fstype="xfs" --ondisk=sda --size=1024
part /data --fstype="xfs" --ondisk=sda --size=30720
%post
useradd zzz
%end
%packages
@core
%end
[root@localhost ~]#
- 配置dhcp服务
[root@localhost ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
option domain-name "example.com";
default-lease-time 600;
max-lease-time 7200;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.100 10.0.0.200;
option routers 10.0.0.2;
next-server 10.0.0.17;
filename "pxelinux.0";
}
[root@centos7 ~]#systemctl start dhcpd
- 准备pxe启动相关文件
[root@localhost ~]# mkdir /var/lib/tftpboot/pxelinux.cfg/
[root@localhost ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@localhost ~]# cp /usr/share/syslinux/menu.c32 /var/lib/tftpboot/
[root@localhost ~]# cd /misc/cd
-bash: cd: /misc/cd: No such file or directory
[root@localhost ~]# cp /var/www/html/
centos/ ks/
[root@localhost ~]# cp /var/www/html/centos/7/os/x86_64/
CentOS_BuildTag GPL Packages/ TRANS.TBL
.discinfo images/ repodata/ .treeinfo
EFI/ isolinux/ RPM-GPG-KEY-CentOS-7
EULA LiveOS/ RPM-GPG-KEY-CentOS-Testing-7
[root@localhost ~]# cp /var/www/html/centos/7/os/x86_64/isolinux/
boot.cat grub.conf isolinux.bin memtest TRANS.TBL vmlinuz
boot.msg initrd.img isolinux.cfg splash.png vesamenu.c32
[root@localhost ~]# cp /var/www/html/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/
[root@localhost ~]# cp /var/www/html/centos/7/os/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
- 准备启动菜单
[root@localhost ~]# cat /var/lib/tftpboot/pxelinux.cfg/default
default menu.c32
timeout 600
menu title PXE INSTALL MENU
label auto
menu label ^Auto Install CentOS 7
kernel vmlinuz
append initrd=initrd.img ks=http://10.0.0.17/ks/centos7.cfg
label manual
menu label ^Manual Install CentOS 7
kernel vmlinuz
append initrd=initrd.img inst.repo=http://10.0.0.17/centos/7/os/x86_64
label local
menu default
menu label ^Boot from local drive
localboot 0xffff
-
启动一个虚拟机测试自动安装
2.2 cobbler自动装机
- 安装并启动cobbler、httpd、dhcp、tftp
[root@localhost ~]# yum -y install cobbler dhcp tftp httpd
[root@localhost ~]# systemctl enable --now cobblerd dhcpd httpd tftp
- 修改cobbler设置
[root@localhost ~]# vim /etc/cobbler/settings
manage_dhcp: 1 #开启cobbler自动管理dhcp,会利用/etc/cobbler/dhcp.template文件生成dhcp的配置文件
next_server: 10.0.0.17 #tftp服务器地址
server: 10.0.0.17 #cobbler服务器地址
[root@localhost ~]#systemctl restart cobblerd
- 修改cobbler的dhcp.template文件,把网段地址改成dhcp要自动分配给机器的IP地址
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.2;
option domain-name-servers 223.6.6.6;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.100 10.0.0.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
- 同步cobbler
[root@localhost ~]# cobbler sync
task started: 2021-01-06_172713_sync
task started (id=Sync, time=Wed Jan 6 17:27:13 2021)
···
*** TASK COMPLETE ***
- 下载启动相关的文件
[root@localhost ~]# cobbler get-loaders
task started: 2021-01-06_173917_get_loaders
task started (id=Download Bootloader Content, time=Wed Jan 6 17:39:17 2021)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
[root@localhost ~]#cobbler sync
[root@localhost ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ ├── grub-x86_64.efi
│ ├── grub-x86.efi
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── yaboot
10 directories, 10 files
[root@localhost ~]#
- 挂载系统镜像,并导入cobbler,以centos7为例
[root@localhost ~]# mount /dev/sr0 /mnt/
mount: /dev/sr0 is write-protected, mounting read-only
[root@localhost ~]#
[root@localhost ~]# cobbler import --name=centos-7.8-x86_64 --path=/mnt --arch=x86_64
task started: 2021-01-06_180050_import
task started (id=Media import, time=Wed Jan 6 18:00:50 2021)
···
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-7.8-x86_64/repodata
*** TASK COMPLETE ***
[root@localhost ~]#
[root@localhost ~]# cobbler distro list
centos-7.8-x86_64
[root@localhost ~]#
[root@localhost ~]# cobbler profile list
centos-7.8-x86_64
[root@localhost ~]# #到这里自动化安装的系统是最小安装
- 准备kickstart文件
[root@localhost ~]# vim /var/lib/cobbler/kickstarts/centos7.cfg
install
xconfig --startxonboot
keyboard --vckeymap=us --xlayouts='us'
rootpw --iscrypted $1$bpNEv8S5$lK.CjNkf.YCpFPHskSNiN0
url --url=$tree #注意这个地方必须是$tree,是cobbler的变量
lang en_US
auth --useshadow --passalgo=sha512
text
firstboot --enable
selinux --disabled
skipx
services --disabled="chronyd"
ignoredisk --only-use=sda
firewall --disabled
network --bootproto=dhcp --device=ens33
reboot
timezone Asia/Shanghai --nontp
bootloader --append="crashkernel=auto" --location=mbr --boot-drive=sda
zerombr
clearpart --all --initlabel
part swap --fstype="swap" --ondisk=sda --size=3072
part / --fstype="xfs" --ondisk=sda --size=51200
part /boot --fstype="xfs" --ondisk=sda --size=1024
part /data --fstype="xfs" --ondisk=sda --size=30720
%post
useradd wang
%end
%packages
@core
%end
[root@localhost ~]# cobbler profile edit --name=centos-7.8-x86_64 \
--distro=centos-7.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg
[root@localhost ~]#cobbler sync
-
测试一下
-
安装成功
架构
1、安装配置jenkins
2、安装配置gitlab,并创建magedu仓库代码,分配mage用户对仓库有完全控制权限。