第一节:背景介绍
作为运维,在公司经常遇到一些机械性重复工作要做,例如:为新机器装系统,一台两台机器装系统,可以用光盘、U 盘等介质安装,1小时也完成了,但是如果有成百台的服务器还要用光盘、U盘去安装,就显得有些力不从心了。PXE技术就 能很好的解决这个问题,本文将会对PXE的工作原理有所介绍,而cobbler则是基于PXE技术的工作原理的二次封装,通过命 令的方式简化了PXE配置过程。
第二节:安装系统的方法
光盘(ISO文件,光盘的镜像文件)===>>每一台物理机都得给一个光驱,如果用外置光驱的话,是不是每台机器都 需要插一下
U盘:ISO镜像刻录到U盘==>>需要每台机器都需要插一下
并行安装==>>网络安装
自动化安装
第三节:PXE说明
PXE:全名Pre-boot Execution Environment,预启动执行环境;
通过网络接口启动计算机,不依赖本地存储设备(如硬盘)或本地已安装的操作系统;
由Intel和Systemsoft公司于1999年9月20日公布的技术;
客户端/Server的工作模式;
PXE客户端会调用网际协议(IP)、用户数据报协议(UDP)、动态主机设定协议(DHCP)、小型文件传输协议(TFTP)等网 络协议;
PXE客户端(客户端)这个术语是指机器在PXE启动过程中的角色。一个PXE客户端可以是一台服务器、笔记本电脑或者其 他装有PXE启动代码的机器(我们电脑的网卡)
PXE+cobbler工作步骤图
img
第四节:cobbler安装系统实践
1.环境准备
[root@cobbler ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core) [root@cobbler ~]# uname -r
3.10.0-862.el7.x86_64
[root@cobbler ~]# hostname
cobbler
[root@cobbler ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead)
Docs: man:firewalld(1)
[root@cobbler ~]# getenforce
Disabled
[root@cobbler ~]# hostname -I 10.0.0.202 172.16.1.202
2.安装cobbler
[root@cobbler ~]# yum install -y cobbler cobbler-web dhcp tftp-server pykickstart httpd python-django
3.启动服务
[root@cobbler ~]# systemctl start httpd.service cobblerd.service
4.检测cobbler
[root@cobbler ~]# cobbler check
img
第五节:检查出8个问题,需要修改
1.cobbler配置文件中server参数信息要改为相应的指定信息,不能使用默认localhosts
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.
This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2.cobbler配置文件中next_server参数信息要改为相应指定的tftp服务器地址信息,不能使用默认的127.0.0.1
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1,
and should match the IP of the boot server on the PXE network.
3.让tftp服务可以被xinetd服务管理
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4.需要进行下载系统启动时所需使用的启动引导文件信息,使用'cobbler get-loaders'命令
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5.需要启动rsync服务,并且设置开机自启动
5 : enable and start rsyncd.service with systemctl
6.debian系统的一个管理软件包需要安装 debmirror
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7.cobbler配置文件中default_password_crypted参数信息要改为相应指定的密码信息,不能使用默认
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8.智能电源管理工具没有找到
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
第六节:解决相关检查问题
01. 解决问题一
[root@cobbler ~]# cp /etc/cobbler/settings{,.ori} #备份配置文件 [root@cobbler ~]# vim +384 /etc/cobbler/settings
[root@cobbler ~]# sed -i 's/server: 127.0.0.1/server: 172.16.1.202/' /etc/cobbler/settings
02. 解决问题二
[root@cobbler ~]# sed -i 's/next_server: 127.0.0.1/next_server: 172.16.1.202/' /etc/cobbler/settings
03. 解决问题三
[root@cobbler ~]# sed -i '/disabled/s#yes#no#' /etc/xinetd.d/tftp
04. 解决问题四
[root@cobbler ~]# cobbler get-loaders
[root@cobbler ~]# tree /var/lib/cobbler/loaders/
05. 解决问题五
[root@cobbler ~]# systemctl start rsyncd
[root@cobbler ~]# systemctl enable rsyncd
[root@cobbler ~]# systemctl status rsyncd
06. 解决问题六
debian系统才需要安装相应软件包, 课程使用centos系统无需安装
07. 解决问题七
[root@cobbler ~]# sed -ri "/default_password_crypted/s#(.*: ).*#\1\"`openssl passwd -1 -salt 'oldboy' '123456'`\"#" /etc/cobbler/settings
[root@cobbler ~]# openssl passwd -1 -salt 'oldboy' '123456'
08. 解决问题八 需要解决一些脑裂问题,需要安装智能电源软件(暂时无需处理)
重启服务!!!
解决完成后,再次的进行配置检查
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
修改dhcp服务配置文件
01. 修改配置文件信息
[root@cobbler ~]# vim /etc/cobbler/dhcp.template
22 # option routers 172.16.1.5;
23 # option domain-name-servers 172.16.1.1;
:%s#192.168.1#172.16.1#g
#说明: 修改模板配置文件的时候,即可把/etc/dhcp/dhcpd.conf文件进行修改 [root@cobbler ~]#grep 172.16.1 /etc/cobbler/dhcp.template
subnet 172.16.1.0 netmask 255.255.255.0 {
# option routers 172.16.1.5;
# option domain-name-servers 172.16.1.1;
range dynamic-bootp 172.16.1.100 172.16.1.254;
02. 使用cobbler服务管理dhcp服务
[root@cobbler ~]# sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings [root@cobbler ~]# vim /etc/cobbler/settings
242 manage_dhcp: 1 #将默认数值0改为1,即表示使用cobbler服务管理dhcp服务
启动应有cbbler服务
[root@cobbler ~]# systemctl restart httpd.service rsyncd.service tftp.socket cobblerd.service dhcpd
[root@cobbler ~]# cobbler sync
第七节:cobbler软件web页面配置
加载cobbler网页信息
img
解决方法
[root@cobbler ~]# tailf /var/log/httpd/ssl_error_log #查看日志
img
image.png
初步判断应该是python-django版本问题
#下载pip.py
[root@cobbler ~]# wget https://bootstrap.pypa.io/get-pip.py
#安装pip
[root@cobbler ~]# yum install python-pip -y
#调用本地python运行pip.py脚本
[root@cobbler ~]# python get-pip.py
#安装Django
[root@cobbler ~]# pip install Django==1.8.9
#查看Django版本号
[root@cobbler ~]# python -c "import django; print(django.get_version())"
#重启httpd
[root@cobbler ~]# systemctl restart httpd
web界面再重新加载
登录cobbler
默认用户名:cobbler 默认密码:cobbler
将光盘导入到系统
img
image.png
进行改在光盘镜像
[root@cobbler ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@cobbler ~]# df -h
web界面进行导入
img
image.png
检查到如情况
[root@cobbler ~]# ps -ef|grep rsync
img
image.png
已经同步成功了
[root@cobbler ~]# du -sh /var/www/cobbler/ks_mirror/centos7.5_x86_64bit-x86_64/
4.2G /var/www/cobbler/ks_mirror/centos7.5_x86_64bit-x86_64/
img
image.png
第八节:系统安装过程的配置
1.修改网络系统安装后主机网卡信息
img
2.设置centos网卡名称规则
img
3.编写网络安装系统时的自动应答文件信息
img
4.配置Filename
img
具体文件
配置文件
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
#Network information
$SNIPPET('network_config')
#network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS7
#network --bootproto=dhcp --device=eth1 --onboot=yes --noipv6 --hostname=CentOS7
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype xfs --size 1024
part swap --size 1024
part / --fstype xfs --size 1 --grow
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@^minimal
@compat-libraries
@core
@debugging
@development
bash-completion
chrony
net-tools
lrzsz
nmap
sysstat
telnet
tree
vim
wget
%end
%post
systemctl disable postfix.service
%end
5.加载配置完成的自动应答配置文件
img
img
6.配置主机安装系统完成后获取的IP地址信息
img
7.配置系统
img
8.配置主机名和DNS
img
9.配置网卡
img
10.获取网课mac地址
img
img
img
img
11.配置完成
img
12.使之所有配置信息生效
img
img
img