project01 PXE 无人职守安装(kickstart|Cobbler)

自动化运维体系

1. 系统预备

自动化安装操作系统及常用软件包---(PXE kickstart---ks.cfg)

2. 配置管理

自动化部署业务系统软件包并完成配置  --- puppet

远程管理服务器(开关服务等)

变更回滚

3. 监控报警   (cacti|ngioas|zabbix)

服务器可用性、性能、安全监控

向管理员发送报警信息

PXE 无人职守安装(kickstart|Cobbler)

工作原理

PXE.client的网卡芯片里面内置一个dhcp.client,tfpt.client,会从server端下载一个PXEOS（里面有各种安装选项标签），选择特定安装标签后，

会通过tftp传输一个临时内核（vmlinuz，initrd.img），接着传一个ks.cfg自动安装配置文件过去

1、客户机可以通过服务端dhcp在获取IP地址，并且dhcpd服务器会告诉客户端tftp服务器IP地址。

2、pxe客户端会从tftp服务器上下载pxelinux.0操作系统和这个操作系统对应的配置文件(default)至本机，在本机上运行pxelinux.0这个操作系统，

这个操作系统会加载自己的配置文件:default.

default加载后会弹出一个安装系统选择界面，让用户去选择要安装哪个操作系统

tftp的作用是实现安装文件UDP快速传输

3、启动第三个临时系统（vmlinuz/initrd.img）,构造安装之前一个临时系统环境，在这里会重新

获取IP地址，并且会读取ks.cfg这个配置文件

4、nfs/http/ftp用来导出红帽系统安装目录树

5、根据ks.cfg来自动完成操作系统的安装

部署PXE

1.      Configure the network (NFS, FTP, HTTP) server to export the installation tree.

2.      Configure the files on the tftp server necessary for PXE booting.

3.      Configure DHCP.

4.      Boot the client, and start the installation.

1 配置服务(NFS, FTP, HTTP) 导出安装树

[[email protected] ~]# lftp 192.168.0.254

lftp 192.168.0.254:~> cd notes/iso/

lftp 192.168.0.254:/notes/iso> get rhel-server-6.3-x86_64-dvd.iso

lftp 192.168.0.254:/notes/iso> exit

[[email protected] ~]# vim /etc/fstab

/root/rhel-server-6.3-x86_64-dvd.iso  /mnt/rhel6  iso9660  ro,loop      0 0

[[email protected] ~]# mkdir /mnt/rhel6

[[email protected] ~]# mount -a

本地YUM源

[[email protected] ~]# rm -fr /etc/yum.repos.d/*

[[email protected] ~]# vim  /etc/yum.repos.d/local.repo

[local]

name=this‘s local YUM

baseurl=file:///mnt/rhel6

enabled=1

gpgcheck=0

安装服务

[[email protected] ~]# yum -y install vsftpd httpd

通过ftp发布安装树

[[email protected] ~]# mkdir /var/ftp/pub/rhel6/dvd -p

[[email protected] ~]# vim /etc/fstab

/root/rhel-server-6.3-x86_64-dvd.iso  /var/ftp/pub/rhel6/dvd  iso9660  ro,loop      0 0

[[email protected] ~]# mount -a

[[email protected] ~]# service vsftpd start

[[email protected] ~]# chkconfig vsftpd on

通过http发布安装树

[[email protected] ~]# ln -s /var/ftp/pub/rhel6/dvd/ /var/www/html/rhel6

[[email protected] ~]# service httpd start

[[email protected] ~]# chkconfig httpd on

测试

[[email protected] ~]# wget http://192.168.0.1/rhel6/GPL &> /dev/null  && echo  ‘HTTP测试成功‘

HTTP测试成功

[[email protected] ~]# wget ftp://192.168.0.1/pub/rhel6/dvd/README

2  配置tftp服务(pxe相关的启动文件)

1> 安装tftp-server

[[email protected] ~]# yum -y install tftp-server

[[email protected] ~]# chkconfig tftp on

[[email protected] ~]# chkconfig xinetd on

[[email protected] ~]# service xinetd start

2> 安装pxelinux.0操作系统

[[email protected] ~]# yum -y install syslinux

[[email protected] ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

3> pxelinux.0的配置文件(default)

[[email protected] ~]# mkdir /var/lib/tftpboot/pxelinux.cfg/

[[email protected] ~]# cd /var/ftp/pub/rhel6/dvd/isolinux/

[[email protected] isolinux]# cp isolinux.cfg  /var/lib/tftpboot/pxelinux.cfg/default

4> 安装那个系统的版本内核文件

[[email protected] isolinux]# mkdir /var/lib/tftpboot/rhel6.3

[[email protected] isolinux]# cp vmlinuz initrd.img /var/lib/tftpboot/rhel6.3/

5> 增强图形化菜单

vesamenu.c32  --- 图形菜单编译器

splash.jpg    --- 背景图

boot.msg      --- 字符菜单

[[email protected] isolinux]# cp boot.msg vesamenu.c32 splash.jpg  /var/lib/tftpboot/

3 安装dhcp服务

[[email protected] ~]# yum -y install dhcp

[[email protected] ~]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample  /etc/dhcp/dhcpd.conf

cp：是否覆盖"/etc/dhcp/dhcpd.conf"？ y

option domain-name "hugo.cc";

option domain-name-servers 192.168.0.1, 8.8.8.8;

default-lease-time 600;

max-lease-time 7200;

log-facility local7;

subnet 192.168.0.0 netmask 255.255.255.0 {

range 192.168.0.100 192.168.0.110;

option routers 192.168.0.1;

option broadcast-address 192.168.0.255;

next-server 192.168.0.1;  ---找寻tftp服务主机

filename "pexlinux.0";     ---下载pex系统

}

[[email protected] ~]# service dhcpd start

[[email protected] ~]# chkconfig dhcpd on

4 通过kickstart工具 生成安装系统的脚本 ks.cfg

[[email protected] ~]# yum -y install system-config-kickstart

/root/ks.cfg

[[email protected] ~]# cat /root/ks.cfg

#platform=x86, AMD64, 或 Intel EM64T

#version=DEVEL

# Firewall configuration

firewall --disabled

# Install OS instead of upgrade

install

# Use network installation

url --url="ftp://192.168.0.1/pub/rhel6/dvd"

# Root password

rootpw --iscrypted $1$.DW5qqTM$NjQgYUCnhuhW2sXM9jcgJ0

# System authorization information

auth  --useshadow  --passalgo=sha512

# Use text mode install

text

firstboot --disable

# System keyboard

keyboard us

# System language

lang zh_CN

# SELinux configuration

selinux --disabled

# Installation logging level

logging --level=info

# Reboot after installation

reboot

# System timezone

timezone --isUtc Asia/Shanghai

# Network information

network  --bootproto=dhcp --device=eth0 --onboot=on

# System bootloader configuration

bootloader --append="selinux=0" --location=mbr --md5pass="$1$r/9QfvC3$wWRxW4VFEu/WtEY1JKTdR0"

# Clear the Master Boot Record

zerombr

clearpart --all

part /boot --fstype ext4 --size=100

part pv.100000 --size=10000

part swap --size=512

volgroup vg --pesize=32768 pv.100000

logvol /home --fstype ext4 --name=lv_home --vgname=vg --size=480

logvol / --fstype ext4 --name=lv_root --vgname=vg --size=8192

%end

%post

rm -fr /etc/yum.repos.d/*

cat > /etc/yum.repos.d/dvd.repo << EOT

[dvd]

name=this‘s PXE source

baseurl=ftp://192.168.0.1/pub/rhel6/dvd

enabled=1

gpgchec=0

EOT

sed -i  s/id:[0-9]:initdefault:/id:5:initdefault:/ /etc/inittab

%end

%packages

@basic-desktop

@chinese-support

@desktop-debugging

@desktop-platform

@development

@fonts

@graphical-admin-tools

@input-methods

@legacy-x

@remote-desktop-clients

@x11

httpd

php

mysql-server

mysql

php-mysql

lftp

ftp

openssh

%end

----------------------------------------------------------

<发布ks.cfg文件>定义default菜单  如何连接ks.cfg

[[email protected] ~]# cp /root/ks.cfg /var/www/html/rhel6.cfg

[[email protected] ~]# vim /var/lib/tftpboot/pxelinux.cfg/default

default vesamenu.c32

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to Red Hat Enterprise Linux 6.3!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

label local

menu label Boot from ^local drive

menu default

localboot 0xffff

label linux

menu label Install RHEL6.3

menu default

kernel rhel6.3/vmlinuz

append initrd=rhel6/initrd.img

label auto

menu label Auto RHEL6.3

kernel rhel6.3/vmlinuz

append initrd=rhel6/initrd.img ks=http://192.168.0.1/rhel6.cfg noipv6

label rescue

menu label ^Rescue installed system

kernel rhel6.3/vmlinuz

append initrd=rhel6.3/initrd.img rescue

保证局域网内 只有一个DHCP服务

配置DNS

正向解析 hugo.cc

反向解析 192.168.0.0/24

[[email protected] isolinux]# yum -y install bind

[[email protected] ~]# vim /etc/named.conf

options {

listen-on port 53 { 127.0.0.1; 192.168.0.1; };

directory       "/var/named";

dump-file       "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query     { localhost;  any; };

recursion yes;

dnssec-enable no;

dnssec-validation no;

dnssec-lookaside auto;

bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

};

[[email protected] ~]# vim /etc/named.rfc1912.zones

zone "hugo.cc" IN {

type master;

file "hugo.cc.zone";

allow-update { none; };

};

zone "0.168.192.in-addr.arpa" IN {

type master;

file "192.168.0.rev";

allow-update { none; };

};

[[email protected] ~]# cd /var/named/

[[email protected] named]# cp -a named.localhost hugo.cc.zone

[[email protected] named]# vim hugo.cc.zone

$TTL 1D

@       IN SOA ns1.hugo.cc. root.hugo.cc. (

10      ; serial

1D      ; refresh

1H      ; retry

1W      ; expire

3H )    ; minimum

@       NS      ns1.hugo.cc.

ns1     A       192.168.0.1

[[email protected] named]# for a in {2..254}; do echo -e "desktop$a\tA\t192.168.$a" >> /var/named/hugo.cc.zone ; done

[[email protected] named]# cp hugo.cc.zone 192.168.0.rev -a

$TTL 1D

@       IN SOA ns1.hugo.cc. root.hugo.cc. (

10      ; serial

1D      ; refresh

1H      ; retry

1W      ; expire

3H )    ; minimum

@       NS      ns1.hugo.cc.

1       PTR     ns1.hugo.cc.

[[email protected] named]# for a in {2..254}; do echo -e "$a\tPTR\tdesktop$a.hugo.cc." >> /var/named/192.168.0.rev ; done

[[email protected] named]# service named start

[[email protected] ~]# echo "nameserver 192.168.0.1" >  /etc/resolv.conf

[[email protected] ~]# dig -t axfr hugo.cc

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++

增加一个标签RHEL5.4

<导入安装树|生成ks.cfg脚本|拷贝内核文件|添加标签>

1. 通过FTP|HTTP|NFS 发布RHEL5.4安装树

mkdir /var/ftp/pub/rhel5.4

mount -o loop /root/rhel-server-5.4-i386-dvd.iso /var/ftp/pub/rhel5.4/

wget ftp://192.168.0.1/pub/rhel5.4/GPL

2.生成rhel5.4的kickstart文件

vim /root/ks_rhel5.4.cfg

#platform=x86, AMD64, 或 Intel EM64T

key --skip

# System authorization information

auth  --useshadow  --enablemd5

# System bootloader configuration

bootloader --location=mbr --md5pass=$1$MUnByNpz$WVFU9CQ.cnLdHPjOjfKvO/

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart --all --initlabel

# Use text mode install

text

# Firewall configuration

firewall --disabled

# Run the Setup Agent on first boot

firstboot --disable

# System keyboard

keyboard us

# System language

lang en_US

# Installation logging level

logging --level=info

# Use network installation

url --url=ftp://192.168.0.1/pub/rhel5.4

# Network information

network --bootproto=dhcp --device=eth0 --onboot=on

# Reboot after installation

reboot

#Root password

rootpw --iscrypted $1$dTFnL7xR$f6xjhRJbxoKxPt69HLv2V0

# SELinux configuration

selinux --disabled

# System timezone

timezone --isUtc Asia/Shanghai

# Install OS instead of upgrade

install

# X Window System configuration information

xconfig  --defaultdesktop=GNOME --depth=8 --resolution=800x600 --startxonboot

# Disk partitioning information

part /boot --bytes-per-inode=4096 --fstype="ext3" --size=100

part / --bytes-per-inode=4096 --fstype="ext3" --size=15000

part swap --bytes-per-inode=4096 --fstype="swap" --size=512

%pre

#clearpart --linux

#part /boot --fstype ext3 --size=200

#part pv.3 --size=20000

#part swap --size=1024

#volgroup vol0 --pesize=32768 pv.3

#logvol / --fstype ext3 --name=root --vgname=vol0 --size=15000

#logvol /home --fstype ext3 --name=home --vgname=vol0 --size=992

%post

echo "nameserver 192.168.0.1"  >> /etc/resolv.conf

%packages

@gnome-desktop

@development-libs

@development-tools

@graphical-internet

@graphics

@chinese-support

@editors

lftp

openssh

wget

firefox

elinks

拷贝到http 家目录

cp /root/ks_rhel5.4.cfg /var/www/html/rhel5_4.cfg

3 拷贝rhel5.4的内核文件

mkdir /var/lib/tftpboot/rhel5.4/

cd /var/ftp/pub/rhel5.4/isolinux/

cp vmlinuz initrd.img /var/lib/tftpboot/rhel5.4/

4 定义RHEL5.4的菜单选项

vim /var/lib/tftpboot/pxelinux.cfg/default

label auto5

menu label ^Auto RHEL5.4

kernel rhel5.4/vmlinuz

append initrd=rhel5.4/initrd.img network noipv6 ks=http://192.168.0.1/rhel5_4.cfg

测试