時間同步和系統(tǒng)自動化安裝

1、配置chrony服務(wù),實(shí)現(xiàn)服務(wù)器時間自動同步

時間同步介紹

我們知道在網(wǎng)絡(luò)中可以利用NTP(Network Time Protocol)協(xié)議使網(wǎng)絡(luò)中的各計(jì)算機(jī)實(shí)踐達(dá)到同步。NTP協(xié)議屬于運(yùn)維基礎(chǔ)架構(gòu)中必備的基本服務(wù)之一。

時間同步實(shí)現(xiàn):ntp,chrony

chrony 的優(yōu)勢:

更快的同步只需要數(shù)分鐘而非數(shù)小時時間,從而最大程度減少了時間和頻率
誤差,對于并非全天 24 小時運(yùn)行的虛擬計(jì)算機(jī)而言非常有用
能夠更好地響應(yīng)時鐘頻率的快速變化,對于具備不穩(wěn)定時鐘的虛擬機(jī)或?qū)е聲r鐘頻率發(fā)生變化的節(jié)能技術(shù)而言非常有用
在初始同步后,它不會停止時鐘,以防對需要系統(tǒng)時間保持單調(diào)的應(yīng)用程序造成影響
在應(yīng)對臨時非對稱延遲時(例如,在大規(guī)模下載造成鏈接飽和時)提供了更好的穩(wěn)定性
無需對服務(wù)器進(jìn)行定期輪詢,因此具備間歇性網(wǎng)絡(luò)連接的系統(tǒng)仍然可以快速同步時鐘

chrony軟件包:

包:chrony
兩個主要程序:chronyd和chronyc
chronyd:后臺運(yùn)行的守護(hù)進(jìn)程,用于調(diào)整內(nèi)核中運(yùn)行的系統(tǒng)時鐘和時鐘服務(wù)
器同步。它確定計(jì)算機(jī)增減時間的比率,并對此進(jìn)行補(bǔ)償
chronyc:命令行用戶工具,用于監(jiān)控性能并進(jìn)行多樣化的配置。它可以在
chronyd實(shí)例控制的計(jì)算機(jī)上工作,也可在一臺不同的遠(yuǎn)程計(jì)算機(jī)上工作
服務(wù)unit 文件: /usr/lib/systemd/system/chronyd.service
監(jiān)聽端口: 323/udp,123/udp
配置文件: /etc/chrony.conf

#C7演示
[root@c7-37-101-mini ~]# yum install chrony -y
#無此包,安裝
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
base                                     | 3.6 kB     00:00     
epel                                     | 4.7 kB     00:00     
extras                                   | 2.9 kB     00:00     
updates                                  | 2.9 kB     00:00     
(1/3): epel/x86_64/updateinfo              | 1.0 MB   00:00     
(2/3): updates/7/x86_64/primary_db         | 176 kB   00:00     
(3/3): epel/x86_64/primary_db              | 6.8 MB   00:01     
Resolving Dependencies
--> Running transaction check
---> Package chrony.x86_64 0:3.4-1.el7 will be installed
--> Processing Dependency: libseccomp.so.2()(64bit) for package: chrony-3.4-1.el7.x86_64
--> Running transaction check
---> Package libseccomp.x86_64 0:2.3.1-4.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================
 Package         Arch        Version            Repository
                                                           Size
================================================================
Installing:
 chrony          x86_64      3.4-1.el7          base      251 k
Installing for dependencies:
 libseccomp      x86_64      2.3.1-4.el7        base       56 k

Transaction Summary
================================================================
Install  1 Package (+1 Dependent package)

Total download size: 307 k
Installed size: 788 k
Downloading packages:
(1/2): libseccomp-2.3.1-4.el7.x86_64.rpm   |  56 kB   00:00     
(2/2): chrony-3.4-1.el7.x86_64.rpm         | 251 kB   00:00     
----------------------------------------------------------------
Total                              1.0 MB/s | 307 kB  00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : libseccomp-2.3.1-4.el7.x86_64                1/2 
  Installing : chrony-3.4-1.el7.x86_64                      2/2 
  Verifying  : libseccomp-2.3.1-4.el7.x86_64                1/2 
  Verifying  : chrony-3.4-1.el7.x86_64                      2/2 

Installed:
  chrony.x86_64 0:3.4-1.el7                                     

Dependency Installed:
  libseccomp.x86_64 0:2.3.1-4.el7                               

Complete!
[root@c7-37-101-mini ~]# rpm -q chrony
chrony-3.4-1.el7.x86_64

[root@c7-37-101-mini ~]# rpm -ql chrony
/etc/NetworkManager/dispatcher.d/20-chrony
/etc/chrony.conf
#配置文件
/etc/chrony.keys
/etc/dhcp/dhclient.d/chrony.sh
/etc/logrotate.d/chrony
/etc/sysconfig/chronyd
#守護(hù)進(jìn)程
/usr/bin/chronyc
/usr/lib/systemd/ntp-units.d/50-chronyd.list
/usr/lib/systemd/system/chrony-dnssrv@.service
/usr/lib/systemd/system/chrony-dnssrv@.timer
/usr/lib/systemd/system/chrony-wait.service
/usr/lib/systemd/system/chronyd.service
/usr/libexec/chrony-helper
/usr/sbin/chronyd
/usr/share/doc/chrony-3.4
/usr/share/doc/chrony-3.4/COPYING
/usr/share/doc/chrony-3.4/FAQ
/usr/share/doc/chrony-3.4/NEWS
/usr/share/doc/chrony-3.4/README
/usr/share/man/man1/chronyc.1.gz
/usr/share/man/man5/chrony.conf.5.gz
/usr/share/man/man8/chronyd.8.gz
/var/lib/chrony
/var/lib/chrony/drift
/var/lib/chrony/rtc
/var/log/chrony
[root@c7-37-101-mini ~]# ss -tnlup|grep 323
#chrony服務(wù)監(jiān)聽在udp的323端口
udp    UNCONN     0      0      127.0.0.1:323                   *:*                   users:(("chronyd",pid=2074,fd=5))
udp    UNCONN     0      0         [::1]:323                [::]:*                   users:(("chronyd",pid=2074,fd=6))


[root@c7-37-101-mini ~]# systemctl status chronyd
#默認(rèn)chronyd服務(wù)啟動只能和別人進(jìn)行同步,不能讓別人和它進(jìn)行同步
● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2020-05-13 03:13:50 CST; 7h ago
     Docs: man:chronyd(8)
           man:chrony.conf(5)
  Process: 2076 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
  Process: 2072 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/chronyd.service
           └─2074 /usr/sbin/chronyd

May 13 03:13:50 c7-37-101-mini systemd[1]: Sta...
May 13 03:13:50 c7-37-101-mini chronyd[2074]: ...
May 13 03:13:50 c7-37-101-mini systemd[1]: Per...
May 13 03:13:50 c7-37-101-mini systemd[1]: Sta...
May 13 03:13:57 c7-37-101-mini chronyd[2074]: ...
May 13 03:13:57 c7-37-101-mini chronyd[2074]: ...
May 13 10:22:20 c7-37-101-mini chronyd[2074]: ...
May 13 10:23:25 c7-37-101-mini chronyd[2074]: ...
Hint: Some lines were ellipsized, use -l to show in full.
#客戶端,和服務(wù)端都需要持續(xù)運(yùn)行

配置/etc/chrony.conf文件實(shí)現(xiàn)時間同步服務(wù)

1. 實(shí)現(xiàn)時間服務(wù)器與阿里云同步時間
#修改為阿里云國內(nèi)的的時間服務(wù)
  oot@c7-37-101-mini ~]# vim /etc/chrony.conf 
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
#刪除修改為aliyun
ol.ntp.org/join.html).
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst


[root@c7-37-101-mini ~]# systemctl restart chronyd
[root@c7-37-101-mini ~]# chronyc -n sources -v
210 Number of sources = 2

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^+ 203.107.6.88                  2   6    17     7    -12ms[  -12ms] +/-   36ms
^* 120.25.115.20                 2   6    17     7  +7284us[+7114us] +/-   20ms
2. 實(shí)現(xiàn)此服務(wù)器可以讓局域網(wǎng)中的機(jī)器同步時間
# Allow NTP client access from local network.
allow 192.168.37.0/24
#允許1912.168.37.0網(wǎng)段可以向自己同步時間
allow 172.16.0.0/16
#允許172.16.0.0網(wǎng)段可以向自己同步時間

#3.配置即使服務(wù)器斷網(wǎng)也可以和我同步
# Serve time even if not synchronized to a time s
ource.
local stratum 10
#客戶端配置
3.局域網(wǎng)中其它機(jī)器的設(shè)置
#C7
[root@C7-37-100-destop ~]# vim /etc/chrony.conf 

# Use public servers from the pool.ntp.org projec
t.
# Please consider joining the pool (http://www.po
ol.ntp.org/join.html).
server 192.168.37.101 iburst
[root@C7-37-100-destop ~]# systemctl restart chronyd
[root@C7-37-100-destop ~]# chronyc sources -v
210 Number of sources = 2

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.37.101                3   6    17     5  +8341ns[  +31us] +/-   47ms
^- 192.168.37.128                3   6    17     5  +8376us[+8376us] +/-  145ms
[root@C7-37-100-destop ~]# date
Wed May 13 11:05:34 CST 2020
[root@C7-37-100-destop ~]# systemctl restart chronyd
[root@C7-37-100-destop ~]# chronyc sources -v
210 Number of sources = 2

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.37.101                3   6    17     5  +8341ns[  +31us] +/-   47ms
^- 192.168.37.128                3   6    17     5  +8376us[+8376us] +/-  145ms
[root@C7-37-100-destop ~]# date
Wed May 13 11:05:34 CST 2020
#客戶端也需要開啟chronyd服務(wù),配置修改以后,重啟,測試已能時間同步

2、實(shí)現(xiàn)cobbler+pxe自動化裝機(jī)

cobbler介紹

Cobbler:
快速網(wǎng)絡(luò)安裝linux操作系統(tǒng)的服務(wù),支持眾多的Linux發(fā)行版:Red Hat、
Fedora、CentOS、Debian、Ubuntu和SuSE,也可以支持網(wǎng)絡(luò)安裝windows
PXE的二次封裝,將多種安裝參數(shù)封裝到一個菜單 Python編寫
提供了CLI和Web的管理形式

vmware實(shí)現(xiàn)cobbler自動化安裝

1.準(zhǔn)備工作

A. 準(zhǔn)備一臺虛擬機(jī),做cobbler服務(wù)器,需要二塊網(wǎng)卡,一塊需要連接外網(wǎng),一塊需要和測試機(jī)在同一網(wǎng)段內(nèi);
B. 新建一臺虛擬機(jī),設(shè)置網(wǎng)卡啟動;
C. 取消虛擬機(jī)自帶的DHCP功能;

[root@c7-37-103-mini ~]# uname -r
3.10.0-1062.el7.x86_64
[root@c7-37-103-mini ~]# cat /etc/redhat-release 
CentOS Linux release 7.7.1908 (Core)
[root@c7-37-103-mini ~]# ping www.baidu.com
#可以連接外網(wǎng),cobbler中自動復(fù)制的文件依賴外網(wǎng)下載
PING www.a.shifen.com (180.101.49.12) 56(84) bytes of data.
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=1 ttl=128 time=7.84 ms
^C
--- www.a.shifen.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 7.840/7.840/7.840/0.000 ms

2.cobbler服務(wù)器安裝配置

cobbler服務(wù)器所需要的服務(wù)安裝,cobbler會自動安裝tftp,httpd服務(wù),所以只需要安裝cobbler 和dhcpd服務(wù)。

[root@c7-37-103-mini ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:2b:f1:14 brd ff:ff:ff:ff:ff:ff
    inet 192.168.37.103/24 brd 192.168.37.255 scope global eth0
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:2b:f1:1e brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.7/24 brd 192.168.1.255 scope global noprefixroute dynamic eth1
       valid_lft 85902sec preferred_lft 85902sec
    inet6 240e:3a1:101e:3a30:6dd9:32cc:f55f:7990/64 scope global noprefixroute dynamic 
       valid_lft 258813sec preferred_lft 172413sec
    inet6 fe80::f6e7:f9b:c5a4:a37d/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::80d:ff82:ceea:9ec6/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::4340:9468:d44b:9a82/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
       
#cobbler依賴與epel源
#配置epel源 直接使用阿里云的epel源
[root@C7-37-100-destop ~]# ls /etc/yum.repos.d/
bak  Base.repo  epel.repo
[root@C7-37-100-destop ~]# cat /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
 
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
 
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://mirrors.aliyun.com/epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0


#我們需要安裝dhcp和cobbler,cobbler會自動安裝tftp,httpd服務(wù)
[root@c7-37-103-mini ~]# yum install cobbler dhcp -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package cobbler.x86_64 0:2.8.5-0.3.el7 will be installed
--> Processing Dependency: createrepo for package: cobbler-2.8.5-0.3.el7.x86_64
--> Processing Dependency: genisoimage for package: cobbler-2.8.5-0.3.el7.x86_64
--> Processing Dependency: httpd for package: cobbler-2.8.5-0.3.el7.x86_64 
......
Dependency Updated:
  dhclient.x86_64 12:4.2.5-79.el7.centos                                
  dhcp-common.x86_64 12:4.2.5-79.el7.centos                             
  dhcp-libs.x86_64 12:4.2.5-79.el7.centos                               
  libxml2.x86_64 0:2.9.1-6.el7.4                                        

Complete!

#設(shè)置開機(jī)自啟并且啟動cobblerd服務(wù)
[root@c7-37-103-mini ~]# systemctl  enable --now cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
[root@c7-37-103-mini ~]# systemctl status cobblerd        
● cobblerd.service - Cobbler Helper Daemon
   Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-05-21 11:31:12 CST; 5s ago
  Process: 1506 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=1/FAILURE)
 Main PID: 1505 (cobblerd)
   CGroup: /system.slice/cobblerd.service
           └─1505 /usr/bin/python2 -s /usr/bin/cobblerd -F

May 21 11:31:12 c7-37-103-mini systemd[1]: Starting Cobbler Helper Daemon...
May 21 11:31:12 c7-37-103-mini touch[1506]: /usr/bin/touch: cannot touch ‘/usr/share/…tory
May 21 11:31:12 c7-37-103-mini systemd[1]: Started Cobbler Helper Daemon.
Hint: Some lines were ellipsized, use -l to show in full.

#開啟tftp http服務(wù)
[root@c7-37-103-mini ~]# systemctl start httpd tftp
[root@c7-37-103-mini ~]# ss -tnlp
State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN     0      100    127.0.0.1:25                  *:*                   users:(("master",pid=1155,fd=13))
LISTEN     0      5      127.0.0.1:25151               *:*                   users:(("cobblerd",pid=1017,fd=9))
LISTEN     0      128     *:22                  *:*                   users:(("sshd",pid=1015,fd=3))
LISTEN     0      100     [::1]:25                   [::]:*                   users:(("master",pid=1155,fd=14))
LISTEN     0      128      [::]:80                   [::]:*                   users:(("httpd",pid=1322,fd=4),("httpd",pid=1321,fd=4),("httpd",pid=1320,fd=4),("httpd",pid=1319,fd=4),("httpd",pid=1318,fd=4),("httpd",pid=1317,fd=4))
LISTEN     0      128      [::]:22                   [::]:*                   users:(("sshd",pid=1015,fd=4))
[root@c7-37-103-mini ~]# systemctl status tftp
● tftp.service - Tftp Server
   Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
   Active: active (running) since Thu 2020-05-21 11:46:05 CST; 1min 35s ago
     Docs: man:in.tftpd
 Main PID: 1307 (in.tftpd)
   CGroup: /system.slice/tftp.service
           └─1307 /usr/sbin/in.tftpd -s /var/lib/tftpboot

May 21 11:46:05 c7-37-103-mini systemd[1]: Started Tftp Server.

3.cobbler服務(wù)器配置

檢查cobbler需要的環(huán)境,執(zhí)行cobbler check,主要修改cobbler配置文件/etc/cobbler/settings

[root@c7-37-103-mini ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
#對應(yīng)配置文件的server 指明cobbler服務(wù)器地址
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
#next_server指明tftp服務(wù)器地址
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
#xinetd.d是c6的總管,c7的總管是system,所以不需要設(shè)置
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
#執(zhí)行cobbler get-loader下載相關(guān)boot-loader文件到tftpboot目錄下
5 : enable and start rsyncd.service with systemctl
#不需要設(shè)置
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
#不需要設(shè)置
7 : ksvalidator was not found, install pykickstart
#ks文件沒有發(fā)現(xiàn)
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
#修改默認(rèn)密碼 default_password
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
#集群相關(guān)不用設(shè)置
Restart cobblerd and then run 'cobbler sync' to apply changes.

#修改配置文件/etc/cobbler/settings,下面是主要4項(xiàng)
next_server: 192.168.37.103
#tftp服務(wù)器地址
server: 192.168.37.103
#cobbler服務(wù)器地址
default_password_crypted: "$1$uysJpRXK$0dltKcpBa1BXKApCuvWuM."
#默認(rèn)密碼
manage_dhcp: 1
#自動生成dhcp,依賴/etc/cobbler/modules.conf

#密碼生成可以使用openssl
[root@c7-37-103-mini ~]# openssl passwd -1
Password: 
Verifying - Password: 
$1$uysJpRXK$0dltKcpBa1BXKApCuvWuM.

#改完以后重啟cobblerd服務(wù)

4.cobbler服務(wù)器生成bootloader

cobbler會從網(wǎng)上自動下載所需loader文件

[root@c7-37-103-mini ~]# cobbler get-loaders
task started: 2020-05-21_122935_get_loaders
task started (id=Download Bootloader Content, time=Thu May 21 12:29:35 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***

#修改模板文件/etc/cobbler/settings,改成自己的網(wǎng)段
[root@c7-37-103-mini ~]# vim /etc/cobbler/dhcp.template 
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************

ddns-update-style interim;

allow booting;
allow bootp;

ignore client-updates;
set vendorclass = option vendor-class-identifier;

option pxe-system-type code 93 = unsigned integer 16;

subnet 192.168.37.0 netmask 255.255.255.0 {
     option routers             192.168.37.2;
     option domain-name-servers 192.168.37.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.37.100 192.168.37.254;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
     class "pxeclients" {
          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
          if option pxe-system-type = 00:02 {
                  filename "ia64/elilo.efi";
          } else if option pxe-system-type = 00:06 {
                  filename "grub/grub-x86.efi";
          } else if option pxe-system-type = 00:07 {
                  filename "grub/grub-x86_64.efi";
          } else if option pxe-system-type = 00:09 {
                  filename "grub/grub-x86_64.efi";
          } else {
                  filename "pxelinux.0";
         }
     }

}

#for dhcp_tag in $dhcp_tags.keys():
    ## group could be subnet if your dhcp tags line up with your subnets
    ## or really any valid dhcpd.conf construct ... if you only use the
    ## default dhcp tag in cobbler, the group block can be deleted for a
    ## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
        #for mac in $dhcp_tags[$dhcp_tag].keys():
            #set iface = $dhcp_tags[$dhcp_tag][$mac]
"/etc/cobbler/dhcp.template" 92L, 3181C written
  
#執(zhí)行cobbler sync就可以同步到tftpboot目錄里                                                                                                                       
[root@c7-37-103-mini ~]# cobbler sync
task started: 2020-05-21_123844_sync
task started (id=Sync, time=Thu May 21 12:38:44 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout: 
received on stderr: 
running: service dhcpd restart
received on stdout: 
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@c7-37-103-mini ~]# ll /var/lib/tftpboot/
#查看所需bootloader文件是否已經(jīng)生成到位
total 300
drwxr-xr-x 3 root root     18 May 21 12:40 boot
drwxr-xr-x 2 root root      6 Oct 15  2019 etc
drwxr-xr-x 2 root root     81 May 21 12:40 grub
drwxr-xr-x 2 root root      6 Oct 15  2019 images
drwxr-xr-x 2 root root      6 Oct 15  2019 images2
-rw-r--r-- 2 root root  26140 Oct 31  2018 memdisk
-rw-r--r-- 2 root root  54964 May 14 21:14 menu.c32
drwxr-xr-x 2 root root      6 Oct 15  2019 ppc
-rw-r--r-- 2 root root  16794 May 14 21:14 pxelinux.0
drwxr-xr-x 2 root root     21 May 21 12:40 pxelinux.cfg
drwxr-xr-x 2 root root     26 May 21 12:40 s390x
-rw-r--r-- 2 root root 198236 May 14 21:14 yaboot
[root@c7-37-103-mini ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│   └── grub
│       └── menu.lst
├── etc
├── grub
│   ├── efidefault
│   ├── grub-x86_64.efi
│   ├── grub-x86.efi
│   └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│   └── default
├── s390x
│   └── profile_list
└── yaboot

10 directories, 10 files

5.導(dǎo)入系統(tǒng)光盤

導(dǎo)入安裝盤到指定cobbler目錄下,并生成我們在pxe網(wǎng)卡啟動時看到的菜單。

[root@c7-37-103-mini ~]# mount /dev/sr0 /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@c7-37-103-mini ~]# mount /dev/sr1 /media
mount: /dev/sr1 is write-protected, mounting read-only
[root@c7-37-103-mini ~]# df -h
Filesystem               Size  Used Avail Use% Mounted on
devtmpfs                 223M     0  223M   0% /dev
tmpfs                    235M     0  235M   0% /dev/shm
tmpfs                    235M  5.6M  229M   3% /run
tmpfs                    235M     0  235M   0% /sys/fs/cgroup
/dev/mapper/centos-root   50G  1.4G   49G   3% /
/dev/sda1               1014M  137M  878M  14% /boot
/dev/mapper/centos-home   67G   33M   67G   1% /home
tmpfs                     47M     0   47M   0% /run/user/0
/dev/sr0                  11G   11G     0 100% /mnt
#sr0為c7安裝盤,我這里是everything盤所以11g
/dev/sr1                 3.8G  3.8G     0 100% /media
#sr1是c6光盤

#復(fù)制光盤內(nèi)容生成到/var/www/cobbler/ks_mirror/CentOS6.10-x86_64里
[root@c7-37-103-mini ~]# cobbler import --path=/media --name=CentOS6.10-x86_64 --arch=x86_64
task started: 2020-05-21_130453_import
task started (id=Media import, time=Thu May 21 13:04:53 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/CentOS6.10-x86_64:
creating new distro: CentOS6.10-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS6.10-x86_64 -> /var/www/cobbler/links/CentOS6.10-x86_64
creating new profile: CentOS6.10-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS6.10-x86_64 for CentOS6.10-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS6.10-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS6.10-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS6.10-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS6.10-x86_64/repodata
*** TASK COMPLETE ***
[root@c7-37-103-mini ~]# cobbler import --path=/mnt --name=CentOS7.7-x86_64 --arch=x86_64         
task started: 2020-05-21_130905_import
task started (id=Media import, time=Thu May 21 13:09:05 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS7.7-x86_64:
creating new distro: CentOS7.7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS7.7-x86_64 -> /var/www/cobbler/links/CentOS7.7-x86_64
creating new profile: CentOS7.7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS7.7-x86_64 for CentOS7.7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS7.7-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS7.7-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS7.7-x86_64/repodata
*** TASK COMPLETE ***
#到此就可以實(shí)現(xiàn)自動化安裝了,但是應(yīng)答文件不是我們自己的

[root@c7-37-103-mini kstest]# cobbler distro list
#查看生成的菜單列表
   CentOS6.10-x86_64
   CentOS7.7-x86_64

6.使用自己的應(yīng)答文件實(shí)現(xiàn)安裝

應(yīng)答文件的生成方式
A:使用system-config-kickstart工具來生成,需要桌面環(huán)境。
B:自己安裝一個系統(tǒng),在其家目錄下anaconda-ks.cfg,可以修改修改就好。

[root@c7-37-103-mini kstest]# vim ks7_mini.cfg 
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --plaintext centos
# Use network installation
url --url=$tree
#修改為變量tree
#將應(yīng)答文件修改后,拷貝至/var/lib/cobbler/kickstarts/目錄下
[root@c7-37-103-mini kstest]# cp ks7_mini.cfg /var/lib/cobbler/kickstarts/
[root@c7-37-103-mini kstest]# ls /var/lib/cobbler/kickstarts/
default.ks        pxerescue.ks         sample_esxi6.ks
esxi4-ks.cfg      sample_autoyast.xml  sample.ks
esxi5-ks.cfg      sample_end.ks        sample_old.seed
install_profiles  sample_esx4.ks       sample.seed
ks7_mini.cfg      sample_esxi4.ks      sample.seed.28
legacy.ks         sample_esxi5.ks
[root@c7-37-103-mini kstest]# cobbler profile list
#查看現(xiàn)有的cobbler的ks文件
   CentOS6.10-x86_64
   CentOS7.7-x86_64
   
 #添加我們自己的kickstart文件
 [root@c7-37-103-mini kstest]# cobbler profile add --name CentOS7.7-x86_64-mini --distro=CentOS7.7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_mini.cfg 
[root@c7-37-103-mini kstest]# cat /var/lib/tftpboot/pxelinux.cfg/default 
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local

LABEL local
        MENU LABEL (local)
        MENU DEFAULT
        LOCALBOOT -1

LABEL CentOS6.10-x86_64
        kernel /images/CentOS6.10-x86_64/vmlinuz
        MENU LABEL CentOS6.10-x86_64
        append initrd=/images/CentOS6.10-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.37.103/cblr/svc/op/ks/profile/CentOS6.10-x86_64
        ipappend 2

LABEL CentOS7.7-x86_64
        kernel /images/CentOS7.7-x86_64/vmlinuz
        MENU LABEL CentOS7.7-x86_64
        append initrd=/images/CentOS7.7-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.37.103/cblr/svc/op/ks/profile/CentOS7.7-x86_64
        ipappend 2

LABEL CentOS7.7-x86_64-mini
        kernel /images/CentOS7.7-x86_64/vmlinuz
        MENU LABEL CentOS7.7-x86_64-mini
        append initrd=/images/CentOS7.7-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.37.103/cblr/svc/op/ks/profile/CentOS7.7-x86_64-mini
        ipappend 2



MENU end  

#刪除菜單
[root@c7-37-103-mini kstest]# cobbler profile list
   CentOS6.10-x86_64
   CentOS7.7-x86_64
   CentOS7.7-x86_64-mini
[root@c7-37-103-mini kstest]# cobbler profile remove --name=CentOS6.10-x86_64
[root@c7-37-103-mini kstest]# cobbler profile remove --name=CentOS7.7-x86_64
[root@c7-37-103-mini kstest]# cobbler profile list
   CentOS7.7-x86_64-mini

7.測試機(jī)安裝系統(tǒng)

圖片.png

圖片.png
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容