1、配置chrony服务,实现服务器时间自动同步
- centos7默认已经安装chrony服务:
[[email protected] ~]# rpm -qa |grep chrony
chrony-3.2-2.el7.x86_64
- 配置并启动chrony服务
[[email protected] ~]# cat /etc/chrony.conf |grep -v "#"
server ntp1.aliyun.com iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
allow 0.0.0.0/0
local stratum 10
logdir /var/log/chrony
[[email protected] ~]# systemctl start chronyd
- 测试
[[email protected] ~]# date
Thu Mar 19 20:58:01 CST 2020
[[email protected] ~]# date -s "-1 day"
Wed Mar 18 20:58:18 CST 2020
[[email protected] ~]# ntpdate 10.1.1.109
19 Mar 21:14:55 ntpdate[18813]: step time server 10.1.1.109 offset 86400.000022 sec
[[email protected] ~]# date
Thu Mar 19 21:15:03 CST 2020
2、实现cobbler+pxe自动化装机
- 安装并启动cobbler、http、tftp、dhcp服务
[[email protected] ~]#yum install cobbler dhcp -y
[[email protected] ~]# systemctl start httpd cobblerd tftp
- cobbler 环境检查
[[email protected] ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The ‘server‘ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the ‘next_server‘ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change ‘disable‘ to ‘no‘ in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders‘ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders‘ command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler‘ and should be changed, try: "openssl passwd -1 -salt ‘random-phrase-here‘ ‘your-password-here‘" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run ‘cobbler sync‘ to apply changes.
1) 按提示(1、2、4、7)修改配置文件:
[[email protected] ~]# grep -E "^server|^next_server|default_password_crypted|^manage_dhcp" /etc/cobbler/settings
default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac." #系统安装完后root密码
manage_dhcp: 0
next_server: 127.0.0.1
server: 127.0.0.1
改成
[[email protected] ~]# grep -E "^server|^next_server|default_password_crypted|^manage_dhcp" /etc/cobbler/settings
default_password_crypted: "$1$KFx0CqiI$z0WYvzWP3ixmlXnDIzdSt1" #此密钥用openssl工具生成
manage_dhcp: 1
next_server: 10.1.1.109
server: 10.1.1.109
2) 生成密码的加密密钥:
[[email protected] ~]# openssl passwd -1
Password:
Verifying - Password:
$1$KFx0CqiI$z0WYvzWP3ixmlXnDIzdSt1
[[email protected] ~]# systemctl restart cobblerd
3) 下载boot-loaders并同步到相对应目录:
[[email protected] ~]#cobbler get-loaders
[[email protected] ~]#cobbler sync
[[email protected] ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│?? └── grub
│?? └── menu.lst
├── etc
├── grub
│?? ├── efidefault
│?? ├── grub-x86_64.efi
│?? ├── grub-x86.efi
│?? └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│?? └── default
├── s390x
│?? └── profile_list
└── yaboot
4) 准备dhcp的配置文件:
[[email protected] ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.5;
option domain-name-servers 192.168.1.1;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.1.100 192.168.1.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
修改为:
subnet 10.1.1.0 netmask 255.255.255.0 {
option routers 10.1.1.254;
option domain-name-servers 202.96.128.166;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.1.1.240 10.1.1.250;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
5) 同步dhcp配置文件:
[[email protected] ~]# cobbler sync
[[email protected] ~]# cat /etc/dhcp/dhcpd.conf #验证配置文件
- 导入centos6、7的相关安装文件并生成yum源
[[email protected] ~]# cobbler import --name=Centos7.3-x86_64 --path=/mnt --arch=x86_64
task started: 2020-03-22_182915_import
task started (id=Media import, time=Sun Mar 22 18:29:15 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/Centos7.3-x86_64:
creating new distro: Centos7.3-x86_64
trying symlink: /var/www/cobbler/ks_mirror/Centos7.3-x86_64 -> /var/www/cobbler/links/Centos7.3-x86_64
creating new profile: Centos7.3-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/Centos7.3-x86_64 for Centos7.3-x86_64
processing repo at : /var/www/cobbler/ks_mirror/Centos7.3-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/Centos7.3-x86_64
looking for /var/www/cobbler/ks_mirror/Centos7.3-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/Centos7.3-x86_64/repodata
*** TASK COMPLETE ***
[[email protected] ~]# cobbler import --name=Centos6.10-x86_64 --path=/misc/cd --arch=x86_64
task started: 2020-03-22_212758_import
task started (id=Media import, time=Sun Mar 22 21:27:58 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/Centos6.10-x86_64:
creating new distro: Centos6.10-x86_64
trying symlink: /var/www/cobbler/ks_mirror/Centos6.10-x86_64 -> /var/www/cobbler/links/Centos6.10-x86_64
creating new profile: Centos6.10-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/Centos6.10-x86_64 for Centos6.10-x86_64
processing repo at : /var/www/cobbler/ks_mirror/Centos6.10-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/Centos6.10-x86_64
looking for /var/www/cobbler/ks_mirror/Centos6.10-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/Centos6.10-x86_64/repodata
*** TASK COMPLETE ***
[[email protected] ~]# cobbler distro list
Centos6.10-x86_64
Centos7.3-x86_64
[[email protected] ~]# cobbler profile list #默认的安装菜单
Centos6.10-x86_64
Centos7.3-x86_64
- 准备kickstart文件,并关联到指定的yum源
注:kickstart文件centos7.3_ks.cfg,centos6.10_ks.cfg分别在centos7.3,centos6.10使用system-config-kickstart工具生成(需要图形界面)
修改kickstart文件:
[[email protected] ~]# cat /var/lib/cobbler/kickstarts/centos7.3_ks.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard ‘us‘
# Root password
rootpw --iscrypted $1$2wqI4hYH$Yiw88hIOZN4pYghwSWgws0
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use network installation
url --url=$tree ###此处需要修改
# Use text mode install
text
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Partition clearing information
clearpart --all
# Disk partitioning information
part /boot --asprimary --fstype="xfs" --size=500
part swap --fstype="swap" --size=8192
part / --asprimary --fstype="xfs" --grow --size=1
%post
%end
[[email protected] ~]# cat /var/lib/cobbler/kickstarts/centos_6.10ks.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use network installation
url --url=$tree
# Root password
rootpw --iscrypted $1$Xs/QyzK3$ZPt802waNGe8mTJ/KXAX0.
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# Installation logging level
logging --level=info
# Reboot after installation
reboot
# System timezone
timezone Africa/Abidjan
# Network information
network --bootproto=static --device=eth0 --gateway=10.0.1.254 --ip=10.0.1.250 --nameserver=202.96.128.166 --netmask=255.255.255.0 --onboot=on
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=2048
part / --asprimary --fstype="ext4" --grow --size=1
%post
yum install httpd -y
%end
关联到自定义的kickstart文件
[[email protected] ~]# cobbler profile add --name=Centos-7.3 --distro=Centos7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.3_ks.cfg
[[email protected] ~]# cobbler profile add --name=Centos-6.10 --distro=Centos6.10-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos_6.10ks.cfg
[[email protected] ~]# cobbler profile list
Centos-6.10
Centos-7.3
Centos6.10-x86_64
Centos7.3-x86_64
修改菜单的默认标题:
[[email protected] pxe]# cat /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | https://blog.51cto.com/rickzhu
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
[[email protected] pxe]# cobbler sync #同步菜单文件
[[email protected] pxe]# cat /var/lib/tftpboot/pxelinux.cfg/default #检查是否同步成功
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | https://blog.51cto.com/rickzhu
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL Centos-7.3
kernel /images/Centos7.3-x86_64/vmlinuz
MENU LABEL Centos-7.3
append initrd=/images/Centos7.3-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://10.0.1.109/cblr/svc/op/ks/profile/Centos-7.3
ipappend 2
MENU end
删除默认的菜单:
[[email protected] ~]# cobbler profile remove --name=Centos7.3-x86_64
[[email protected] ~]# cobbler profile remove --name=Centos6.10-x86_64
[[email protected] ~]# cobbler profile list
Centos-6.10
Centos-7.3
- 测试
1) 检查相应服务是否启动:
[[email protected] tftpboot]# ss -tnluap |grep -E "dhcpd|httpd"
udp UNCONN 0 0 *:67 *:* users:(("dhcpd",pid=11950,fd=7))
tcp LISTEN 0 128 :::80 :::* users:(("httpd",pid=11201,fd=4),("httpd",pid=11168,fd=4),("httpd",pid=11167,fd=4),("httpd",pid=11166,fd=4),("httpd",pid=11165,fd=4),("httpd",pid=11164,fd=4),("httpd",pid=11153,fd=4))
[[email protected] tftpboot]# systemctl status tftp.socket
● tftp.socket - Tftp Server Activation Socket
Loaded: loaded (/usr/lib/systemd/system/tftp.socket; disabled; vendor preset: disabled)
Active: active (listening) since Sun 2020-03-22 17:04:36 CST; 3h 38min ago
Listen: [::]:69 (Datagram)
Mar 22 17:04:36 centos7.6 systemd[1]: Listening on Tftp Server Activation Socket.
[[email protected] tftpboot]# systemctl status cobblerd
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2020-03-22 17:42:46 CST; 3h 0min ago
Process: 11842 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=1/FAILURE)
Main PID: 11841 (cobblerd)
Tasks: 1
CGroup: /system.slice/cobblerd.service
└─11841 /usr/bin/python2 -s /usr/bin/cobblerd -F
Mar 22 17:42:46 centos7.6 systemd[1]: Starting Cobbler Helper Daemon...
Mar 22 17:42:46 centos7.6 touch[11842]: /usr/bin/touch: cannot touch ‘/usr/share/c…tory
Mar 22 17:42:46 centos7.6 systemd[1]: Started Cobbler Helper Daemon.
Mar 22 17:48:40 centos7.6 dhcpd[11939]: Not searching LDAP since ldap-server, ldap...le
Hint: Some lines were ellipsized, use -l to show in full
2) VMware Workstations新建一个虚拟机,启动虚拟机,选择从网络中启动,看是否自动安装系统成功。
原文地址:https://blog.51cto.com/rickzhu/2480863