前言:这几天闲着没事来系统组玩玩,学点东西总是好的嘛。系统组系统组当然还是从学会装系统开始。花了两个小时折腾了一下用cobbler批量部署linux系统。第一次做当然中间遇到很多问题,不过都顺利解决了。完了总结一下写个帖子和大家分享一下。
系统版本:Centos6.5 32位
cobbler服务器IP:192.168.175.130
IP地址段:192.168.175.120-192.168.175.140
子网掩码:255.255.255.0
网关:192.168.175.2
DNS:8.8.8.8 8.8.4.4
[root@localhost ~]# ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":" 192.168.175.130 [root@localhost ~]# netstat -r|grep default|cut -f 10 -d ' ' 192.168.175.2 [root@localhost ~]#
PS:所有服务器均支持PXE网络启动
具体操作步骤如下:
#1 关闭SELINUX
[root@localhost ~]# vim /etc/selinux/config
#SELINUX=enforcing #注释 #SELINUXTYPE=targeted #注释 SELINUX=disabled #新增
[root@localhost ~]# setenforce 0 setenforce: SELinux is disabled [root@localhost ~]# #立即生效
#2 关闭防火墙
[root@localhost ~]# service iptables stop iptables:将链设置为政策 ACCEPT:filter [确定] iptables:清除防火墙规则: [确定] iptables:正在卸载模块: [确定] [root@localhost ~]#
注:实际生产环境不建议直接关掉防火墙。设置相应的规则就好。
#3 安装服务
(PS:首先添加个epel源,然后使用yum安装。节省时间嘛~)
[root@localhost src]# wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
[root@localhost src]# rpm -ivh epel-release-6-8.noarch.rpm
[root@localhost src]# yum install cobbler httpd xinetd tftp-server rsync dhcp cman PyYAML debmirror python-ctypes pykickstart -y
#4 配置服务
@1 设置http
[root@localhost ~]# vim /etc/httpd/conf.d/wsgi.conf
LoadModule wsgi_module modules/mod_wsgi.so #去掉前面的注释 但是6.5版本是没有注释的 别的版本如果有去掉即可
[root@localhost ~]# service httpd start 正在启动 httpd: [确定] [root@localhost ~]#
@2 设置tftp
[root@localhost ~]# vim /etc/cobbler/tftpd.template
service tftp { disable = no #值改为no 这个6.5默认也是no 别的版本如果是yes改成no就好 socket_type = dgram protocol = udp wait = yes user = $user server = $binary server_args = -B 1380 -v -s $args per_source = 11 cps = 100 2 flags = IPv4 }
@3 设置rsync
[root@localhost ~]# vim /etc/xinetd.d/rsync
service rsync { disable = no #值改为no flags = IPv6 socket_type = stream wait = no user = root server = /usr/bin/rsync server_args = --daemon log_on_failure += USERID }
[root@localhost ~]# /etc/init.d/xinetd start #启动(centOS中是以xinetd来管理rsync和tftp的) 正在启动 xinetd: [确定] [root@localhost ~]#
@4 设置cobbler参数
[root@localhost ~]# vim /etc/debmirror.conf
找到下面两个变量将其注释。
#@dists="sid"; #@arches="i386";
接下来设置root账号登陆密码。 [root@localhost ~]# openssl passwd -1 -salt 'Sx4MKOS' '123456' $1$Sx4MKOS$ShGNLwqvpS6l6C37h53Jc1 #将此秘钥记录下来 下面的操作会用到 [root@localhost ~]#
继续修改配置。
[root@localhost ~]# vim /etc/cobbler/settings
#查找如下字段进行修改 default_password_crypted: "$1$Sx4MKOS$ShGNLwqvpS6l6C37h53Jc1" #就是上步所生产的秘钥 next_server: 192.168.175.130 #本机IP server: 192.168.175.130 #本机IP manage_dhcp:1 #因为dhcp服务和cobbler是在一台机器上的所以设置为1
@5 设置dhcp
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf
subnet 192.168.175.0 netmask 255.255.255.0 { option routers 192.168.175.255; option domain-name-servers 8.8.8.8,8.8.4.4; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.175.130 192.168.175.140; #网段 default-lease-time 21600; max-lease-time 43200; next-server 192.168.175.130; #dhcp服务器IP
设置网络接口。
[root@localhost ~]# vim /etc/sysconfig/dhcpd
DHCPDARGS=eth0
然后测试dhcp配置是否正确。正确则启动dhcp服务。有错误可根据提示信息进行排查。(PS:错误一般都是dhcpd.conf里面参数设置有误)
[root@localhost ~]# dhcpd
[root@localhost ~]# service dhcpd start 正在启动 dhcpd: [确定] [root@localhost ~]#
为了避免cobbler check出错,还需要安装一个工具包。
[root@localhost ~]# cobbler get-loaders
安装完了之后启动cobbler。
[root@localhost ~]# service cobblerd start Starting cobbler daemon: [确定] [root@localhost ~]#
然后同步配置文件到dhcp服务。
[root@localhost ~]# cobbler sync
同步完后重启dhcp。
[root@localhost ~]# service dhcpd restart 关闭 dhcpd: [确定] 正在启动 dhcpd: [确定] [root@localhost ~]#
#5 设置cobbler启动脚本
[root@localhost ~]# vim /etc/rc.d/init.d/cobbler
#!/bin/sh #by:Sx4MK QQ808148844 case $1 in start) /etc/init.d/httpd start /etc/init.d/xinetd start /etc/init.d/dhcpd start /etc/init.d/cobblerd start ;; stop) /etc/init.d/httpd stop /etc/init.d/xinetd stop /etc/init.d/dhcpd stop /etc/init.d/cobblerd stop ;; restart) /etc/init.d/httpd restart /etc/init.d/xinetd restart /etc/init.d/dhcpd restart /etc/init.d/cobblerd restart ;; status) /etc/init.d/httpd status /etc/init.d/xinetd status /etc/init.d/dhcpd status /etc/init.d/cobblerd status ;; sync) cobbler sync ;; *) echo "Input error,please in put'start|stop|restart|status|sync'!"; exit 2>&1 >/dev/null & ;; esac
给脚本添加执行权限并启动。
[root@localhost ~]# chmod +x /etc/rc.d/init.d/cobbler [root@localhost ~]# service cobbler start 正在启动 httpd: 正在启动 xinetd: Starting cobbler daemon: [确定] [root@localhost ~]#
检查配置。
[root@localhost ~]# cobbler check
PS:如果按照我的步骤一步一步细心做下来这一步不会有错误输出的,不过难免有人粗心大意出错。关于错误信息还请自行百度,这里不再多说。
#6 挂载系统镜像
首先将你的系统镜像文件上传到cobbler服务器。(PS:不管用什么方式~)
[root@localhost ~]# ls /usr/local/src CentOS-6.5-i386-bin-DVD1.iso epel-release-6-8.noarch.rpm [root@localhost ~]#
然后创建cobbler系统镜像目录将其挂载。
[root@localhost ~]# mkdir -p /var/www/html/os/CentOS-6.5-i386 [root@localhost ~]# mount -t iso9660 -o loop /usr/local/src/CentOS-6.5-i386-bin-DVD1.iso /var/www/html/os/CentOS-6.5-i386
#7 创建kickstarts脚本
[root@localhost ~]# cd /var/lib/cobbler/kickstarts [root@localhost kickstarts]# vim CentOS-6.5-i386.ks
#by:Sx4MK QQ806148844 #脚本是活的,可以根据自己的需求进行相关增删改。 install url--url=http://192.168.175.130/cobbler/ks_mirror/CentOS-6.5-i386/ lang en_US.UTF-8 zerombr yes key --skip keyboard us network --device eth0 --bootprotodhcp --onboot on rootpw --iscrypted$1$QqobZZ1g$rYnrawi9kYlEeUuq1vcRS/ firewall --enabled --port=22:tcp authconfig --enableshadow --enablemd5 selinux --disabled timezone Asia/Shanghai bootloader --location=mbr --driveorder=sda clearpart --all --initlabel part / --bytes-per-inode=4096--fstype="ext3" --size=2048 part /boot --bytes-per-inode=4096--fstype="ext3" --size=128 part swap --bytes-per-inode=4096--fstype="swap" --size=500 part /data --bytes-per-inode=4096--fstype="ext3" --grow --size=1 reboot %packages ntp @base @core @dialup @editors @text-internet keyutils trousers fipscheck device-mapper-multipath %post #同步系统时间 ntpdate cn.pool.ntp.org hwclock --systohc echo -e "0 1 * * * root/usr/sbin/ntpdate cn.pool.ntp.org > /dev/null" >>/etc/crontab service crond restart #禁止开机启动的服务 chkconfig acpid off chkconfig atd off chkconfig autofs off chkconfig bluetooth off chkconfig cpuspeed off chkconfig firstboot off chkconfig gpm off chkconfig haldaemon off chkconfig hidd off chkconfig ip6tables off chkconfig isdn off chkconfig messagebus off chkconfig nfslock off chkconfig pcscd off chkconfig portmap off chkconfig rpcgssd off chkconfig rpcidmapd off chkconfig yum-updatesd off chkconfig sendmail off #允许开机启动的服务 chkconfig crond on chkconfig kudzu on chkconfig network on chkconfig readahead_early on chkconfig sshd on chkconfig syslog on #禁止使用Ctrl+Alt+Del快捷键重启服务器 sed -i"s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -rnow/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/g" '/etc/inittab' telinit q #优化系统内核 echo -e "ulimit -cunlimited" >> /etc/profile echo -e "ulimit -sunlimited" >> /etc/profile echo -e "ulimit -SHn 65535" >> /etc/profile source /etc/profile sed -i "s/net.ipv4.ip_forward =0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf' echo -e "net.core.somaxconn =262144" >> /etc/sysctl.conf echo -e "net.core.netdev_max_backlog =262144" >> /etc/sysctl.conf echo -e "net.core.wmem_default =8388608" >> /etc/sysctl.conf echo -e "net.core.rmem_default =8388608" >> /etc/sysctl.conf echo -e "net.core.rmem_max =16777216" >> /etc/sysctl.conf echo -e "net.core.wmem_max =16777216" >> /etc/sysctl.conf echo -e"net.ipv4.netfilter.ip_conntrack_max = 131072" >> /etc/sysctl.conf echo -e"net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.conf echo -e "net.ipv4.route.gc_timeout =20" >> /etc/sysctl.conf echo -e "net.ipv4.ip_conntrack_max =819200" >> /etc/sysctl.conf echo -e "net.ipv4.ip_local_port_range= 10024 65535" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_retries2 =5" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_fin_timeout =30" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_syn_retries =1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_synack_retries =1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_timestamps =0" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_tw_recycle =1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_tw_len =1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_tw_reuse =1" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_keepalive_time =120" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_keepalive_probes= 3" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_keepalive_intvl= 15" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_max_tw_buckets =36000" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_max_orphans =3276800" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_max_syn_backlog= 262144" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_wmem = 8192131072 16777216" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_rmem = 32768131072 16777216" >> /etc/sysctl.conf echo -e "net.ipv4.tcp_mem = 94500000915000000 927000000" >> /etc/sysctl.conf /sbin/sysctl -p #执行外部脚本 cd /root wgethttp://192.168.175.130/cobbler/ks_mirror/config/autoip.sh sh /root/autoip.sh
创建设置IP,网关,主机名等脚本。
[root@localhost kickstarts]# vim /var/www/cobbler/ks_mirror/config/autoip.sh
#!/bin/sh #by:Sx4MK QQ806148844 ROUTE=$(route -n|grep"^0.0.0.0"|awk '{print $2}') BROADCAST=$(/sbin/ifconfig eth0|grep -ibcast|awk '{print $3}'|awk -F":" '{print $2}') HWADDR=$(/sbin/ifconfig eth0|grep -iHWaddr|awk '{print $5}') IPADDR=$(/sbin/ifconfig eth0|grep"inet addr"|awk '{print $2}'|awk -F":" '{print $2}') NETMASK=$(/sbin/ifconfig eth0|grep"inet addr"|awk '{print $4}'|awk -F":" '{print $2}') cat >/etc/sysconfig/network-scripts/ifcfg-eth0<<EOF DEVICE=eth0 BOOTPROTO=static BROADCAST=$BROADCAST HWADDR=$HWADDR IPADDR=$IPADDR NETMASK=$NETMASK GATEWAY=$ROUTE ONBOOT=yes EOF IPADDR1=$(echo $IPADDR|awk -F"."'{print $4}') cat>/etc/sysconfig/network-scripts/ifcfg-eth1<<EOF DEVICE=eth1 BOOTPROTO=static BROADCAST=10.0.0.255 HWADDR=$(/sbin/ifconfig eth1|grep -iHWaddr|awk '{print $5}') IPADDR=10.0.0.$IPADDR1 NETMASK=255.255.255.0 ONBOOT=yes EOF HOSTNAME=Sx4MKOS_HZ_$(echo $IPADDR|awk-F"." '{print $4}') cat >/etc/sysconfig/network<<EOF NETWORKING=yes NETWORKING_IPV6=no HOSTNAME=$HOSTNAME GATEWAY=$ROUTE EOF echo "127.0.0.1 $HOSTNAME">> /etc/hosts hostname=$HOSTNAME echo "nameserver 8.8.8.8" > /etc/resolv.conf echo "nameserver 8.8.4.4">> /etc/resolv.conf
#8 导入镜像到cobbler
[root@localhost ~]# cobbler import --path=/var/www/html/os/CentOS-6.5-i386/ --name=CentOS-6.5-i386 --arch=i386
PS:导入过程有点慢,抽支烟回来就好了~
完了进入目录查看一下。
[root@localhost ~]# cd /var/www/cobbler/ks_mirror [root@localhost ks_mirror]# ls CentOS-6.5-i386 config [root@localhost ks_mirror]# ls CentOS-6.5-i386/ CentOS_BuildTag GPL isolinux RELEASE-NOTES-en-US.html RPM-GPG-KEY-CentOS-6 RPM-GPG-KEY-CentOS-Security-6 TRANS.TBL EULA images Packages repodata RPM-GPG-KEY-CentOS-Debug-6 RPM-GPG-KEY-CentOS-Testing-6 [root@localhost ks_mirror]#
OK,到现在为止呢所有环境已经设置完成。接下来就是客户端进行安装。不过最好还是做一次检查。确保你的所有相关服务都开启。配置文件配置正确。
废话不多说了。新建一个虚拟机,开始自动从cobbler服务器获取系统安装把~
见图:
本次教程到此结束。预知后事如何,请听下回分解~