@[TOC](第二十二章 自动化之系统安装)
实验一:使用kickstart半自动化安装CentOS系统【重点】
实验目的
理解kickstart文件的作用和编写格式。
KickStart是一种半自动化的安装方式。KickStart的工作原理是通过记录典型的安装过程中所需人工干预填写的各种参数,并生成一个名为ks.cfg的文件;在其后的安装过程中(不只局限于生成KickStart安装文件的机器)当出现要求填写参数的情况时,安装程序会首先去查找KickStart生成的文件,当找到合适的参数时,就采用找到的参数,当没有找到合适的参数时,才需要安装者手工干预。这样,如果KickStart文件涵盖了安装过程中出现的所有需要填写的参数时,安装者完全可以只告诉安装程序从何处取ks.cfg文件,然后去忙自己的事情。等安装完毕,安装程序会根据ks.cfg中设置的重启选项来重启系统,并结束安装。
KickStart⽂件格式与anaconda-ks.cfg⽂件格式⼗分类似,总体由三部分组成:
1)命令段:指明各种安装前配置,如键盘类型等
必备命令:
authconfig:认证方式配置
authconfig --useshadow --passalgo=sha512
bootloader:bootloader的安装位置及相关配置
bootloader --location=mbr --driveorder=sda –
append="crashkernel=auto rhgb quiet"
keyboard:设定键盘类型
ang:语言类型
part:创建分区
rootpw:指明root的密码
timezone:时区
可选命令:
install OR upgrade
text:文本安装界面
network
firewall
selinux
halt
poweroff
reboot
repo
user:安装完成后为系统创建新用户
url: 指明安装源
key –skip 跳过安装号码,适用于rhel版本
2)程序包段:指明要安装的程序包组或程序包,不安装的程序包等
%packages
@group_name
package
-package
%end
3)脚本段:
%pre:安装前脚本
运行环境:运行于安装介质上的微型Linux环境
%post:安装后脚本
运行环境:安装完成的系统
安装后脚本非常有用,我们可以在这里定义系统安装完成后自动安装yum源,创建一些普通用户等功能。
生成ks应答文件方法:
1.参照anaconda-ks.cfg文件修改(不常用)
2.利用system-config-kickstart图形工具制作(常用)
检查ks⽂件语法错误:
ksvalidator /path/to/ks.cfg
前提准备
系统安装程序anaconda以及光盘中isolinux目录的功能:
anaconda:系统安装程序
anaconda安装系统可分为三个阶段:
安装前配置阶段:
安装过程使用的语言;
键盘类型;
安装目标存储设备;
Basic Storage:本地磁盘;
特殊设备:iSCSI;
设定主机名;
配置网络接口;
时区;
管理员密码;
设定分区方式及MBR的安装位置;
创建一个普通用户;
选定要安装的程序包;
系统在完成安装后,会在⽤户家⽬录⾃动⽣成⼀个anaconda-ks.cfg配置⽂件,记录了安装系统时选择的各种参数,安装 包等内容。
系统光盘中isolinux目录列表文件说明: boot.cat:类似于系统启动时MBR的作用 grub.conf:grub.conf文件镜像 initrd.img:是ramfs虚拟文件系统(先cpio,再gzip压缩) isolinux.bin:相当于grub的第二阶段 isolinux.cfg:isolinux.bin的配置文件,当光盘启动,会自动去找isolinux.cfg文件 memtest:内存检测,这是一个独立程序 vesamenu.c32:菜单风格,菜单图标 vmlinuz:内核镜像。
可用的centos6系统。
实验步骤
虚拟机情况
1. 搭建yum源,制作kickstart文件时,需要选择安装源,我们要选择http,所以要先把基于http网络的yum源搭好
[root@centos7 ~]# yum install -y httpd
[root@centos7 ~]# cd /var/www/html/
[root@centos7 html]# mkdir -pv centos/{6,7}/os/x86_64
[root@centos7 html]# tree centos/
centos/
├── 6
│ └── os
│ └── x86_64
└── 7
└── os
└── x86_64
6 directories, 0 files
进行光盘挂载【如果永久挂载要写到配置文件‘/etc/fstab’】
#临时挂载
[root@centos7 html]# mount /dev/sr0 centos/7/os/x86_64/
#启动http服务
[root@centos7 html]# systemctl start httpd
2. centos7上实现【此步6可以忽略】
7版本的kickstart安装与6基本⼀致,仅需修改个别版本参数。需要注意的是,在可选安装包这⼀项,获取不到安装包信息
解决⽅法:将yum的base源名称改为development即可
3. 系统默认未安装system-config-kickstart先进⾏yum安装
[root@Magedu ~]# yum install -y system-config-kickstart
4. 运⾏kickstart、生成ks.cfg文件
[root@Magedu ~]# system-config-kickstart
安装之后的脚本,安装前的脚本可以不写
4.1 key验证
[root@centos7 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:HMtxW47V3cSKT2ZalGXokIqXQp1qG4cCEdc2yAq1rJg root@centos7.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| .++.o . . . =+|
| ...oo = o o.++o|
| .oo oo=.oo=..o|
| o .. .oB==*. B |
|E . oS*o .B |
| . . . |
| |
| |
| |
+----[SHA256]-----+
[root@centos7 ~]# ls .ssh/
id_rsa id_rsa.pub
[root@centos7 ~]# ll -d .ssh/
drwx------ 2 root root 38 Apr 18 01:45 .ssh/
[root@centos7 ~]# cd .ssh/
[root@centos7 .ssh]# ssh-copy-id 127.0.0.1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:2JJG7+vAfgbH3/NVyj1NUqzv7GBH4sl7/obqnBcHXZg.
ECDSA key fingerprint is MD5:44:31:08:ec:f4:41:f7:b2:67:b1:6d:f8:99:63:d6:8c.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@127.0.0.1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '127.0.0.1'"
and check to make sure that only the key(s) you wanted were added.
[root@centos7 .ssh]# ll
total 16
-rw------- 1 root root 406 Apr 18 01:46 authorized_keys
-rw------- 1 root root 1675 Apr 18 01:45 id_rsa
-rw-r--r-- 1 root root 406 Apr 18 01:45 id_rsa.pub
-rw-r--r-- 1 root root 171 Apr 18 01:46 known_hosts
#公钥
[root@centos7 .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmluMX8ky+cIonDYd/PMj9nfgVruyCbqL0Z3+DwcIZ9thW9S6LTOrCfmWLOfcz/Gwrh5M6onD7rLkragIGILDxVEcNe3/ZYOTQkprWqx/L+2uJQ9gisjjSAh2EHXNMxGc6cipUu29cgtl/nol4FOlvRy8WdnYFSNaPr9QI38LnfE9gEmAXI0ua/yhK29gsqwuDY/Dsw8jeSVSh/h5jZfF46V5MFEIZtimzI+KzlkucpCLgAUPXaQlZ8xmaJyERMeGp/5r7HHIXCKpjvKGXJWP9+7KwxiBi/GthmX2F9nwtMuPP5RO7i7E2CQ7kj6kUvjyehJByKqZXqrw5cZMr6qB5 root@centos7.localdomain
保存文件
#可以看到ks7_mini.cfg已生成
[root@centos7 ~]# ls
anaconda-ks.cfg Documents initial-setup-ks.cfg Music Public Videos
Desktop Downloads ks7_mini.cfg Pictures Templates
#检查ks文件语法是否错误
[root@centos7 ~]# ksvalidator ks7_mini.cfg
5.在本机打开httpd服务,并将fs.cfg⽂件上传到⽹页
[root@centos7 ~]# cd /var/www/html/
[root@centos7 html]# mkdir ksdir
[root@centos7 html]# mv /root/ks7_mini.cfg ksdir/
[root@centos7 html]# ll ksdir/
total 4
-rw-r--r-- 1 root root 1658 Apr 18 02:11 ks7_mini.cfg
6.创建一台新虚拟机
⽹卡设置为net模式,插入光盘作为安装引导,内存要2个G.进⼊光盘引导界⾯后,按ESC,出现下图界⾯,输⼊:
boot:linux ks=http://192.168.37.7/ksdir/ks7_mini.cfg
安装完成
#测试key验证
[root@centos7 html]# ssh 192.168.37.21
The authenticity of host '192.168.37.21 (192.168.37.21)' can't be established.
ECDSA key fingerprint is SHA256:AnI9FzLw++Bf9UGAuh6SZhNgJlqaarB5gECTd/UmKwc.
ECDSA key fingerprint is MD5:8f:e1:6b:d4:37:ed:87:2a:7f:89:11:fb:9c:06:84:cd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.37.21' (ECDSA) to the list of known hosts.
Last login: Mon Apr 18 05:41:31 2022
#key验证成功
[root@192 ~]#
实验二:基于centos7的PXE自动化安装centos7
实验目的
通过PXE安装centos7,了解dhcp服务器的搭建,TFTP服务器的搭建,以及安装菜单界面的制作
实验环境
一台DHCP,HTTPD,TFTP服务器(一个网卡,仅主机), 一台测试机(一个网卡,仅主机) 关闭仅主机的vmware中dhcp服务
注意:此实验切勿用桥接模式
实验步骤
1. 安装相应软件包【第四个中含有pxelinux.0文件】,启动http等服务
yum install httpd tftp-server dhcp syslinux -y
#设置开机启动
systemctl enable httpd tftp dhcpd
#启动http等服务
systemctl start httpd tftp
2. 准备yum源
#切换目录
cd /var/www/html/
#查看目录(结构参考阿里)
mkdir -pv centos/{7,6}/os/x86_64
#挂载方法、选一个即可
#挂载1:临时挂载(重启后失效)
mount /dev/sr0 /var/www/html/centos/7/os/x86_64/
mount /dev/sr1 /var/www/html/centos/6/os/x86_64/
#挂载2:永久挂载
vim /etc/fstab
/dev/sr0 /var/www/html/centos/7/os/x86_64/ iso9660 defaults 0 0
/dev/sr1 /var/www/html/centos/6/os/x86_64/ iso9660 defaults 0 0
#重新读取磁盘挂载
mount -a
访问网页测试:
3. 制作ks.cfg应答⽂件
方法有两种: :one:图形化工具system-config-kickstart生成应答文件、 :two:安装完系统后会生成一个anaconda-ks.cfg文件、复制加以修改后,生成新的ks文件也可以使用
下载Centos7脚本:ks7_desktops.cfg和ks7_mini.cfg 下载Centos6脚本:ks6_desktops.cfg和ks6_mini.cfg
#创建文件夹
mkdir -pv /var/www/html/ksdir/{7,6}
#7mini版
cp /root/ks7_mini.cfg /var/www/html/ksdir/7/
#7桌面版
cp /root/ks7_desktop.cfg /var/www/html/ksdir/7/
#6mini版
cp /root/ks6_mini.cfg /var/www/html/ksdir/6/
#6桌面版
cp /root/ks6_desktop.cfg /var/www/html/ksdir/6/
[root@7 7]# cd /var/www/html/ksdir/
#注意要有'r'权限、如没有用'chmod +r'添加'r'权限
[root@7 ksdir]# ll 7/
total 8
-rw-r--r-- 1 root root 1986 Apr 19 11:33 ks7_desktop.cfg
-rw-r--r-- 1 root root 1742 Apr 19 11:33 ks7_mini.cfg
[root@centos7 ksdir]# ll 6/
total 8
-rw-r--r-- 1 root root 1946 Apr 20 00:42 ks6_desktops.cfg
-rw-r--r-- 1 root root 1764 Apr 20 00:42 ks6_mini.cfg
浏览器确认能正常访问
ks7_desktops.cfg文件内容
//ks7_desktops.cfg文件内容//
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
#Root密码123123
rootpw --iscrypted $1$pPuSJnpG$kkaK9amY2bwmE5sbpMEM/.
# Use network installation
#http安装路径、路径可修改
url --url="http://192.168.37.7/centos/7/os/x86_64"
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
#时区上海
timezone Asia/Shanghai
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
#硬盘分区信息、类型、大小
part swap --fstype="swap" --size=4096
part / --fstype="xfs" --size=102400
part /boot --fstype="xfs" --size=2048
#安装包
%packages
@desktop-debugging
@fonts
@gnome-desktop
@input-methods
@kde-desktop
@legacy-x
@remote-desktop-clients
@x11
vinagre
xterm
%end
#安装后脚本
%post
#暂时没写
%end
ks7_mini.cfg文件内容
//ks7_mini.cfg文件内容//
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
#Root密码123123
rootpw --iscrypted $1$FgjDOuaw$krZKSu3yVNUB5QOsRHiZt0
# Use network installation
#http安装路径、路径可修改
url --url="http://192.168.37.7/centos/7/os/x86_64"
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
#硬盘分区信息、类型、大小
part /boot --fstype="xfs" --size=1024
part swap --fstype="swap" --size=2048
part / --fstype="xfs" --size=102400
#安装后脚本信息
%post
#key验证信息
mkdir /root/.ssh
chmod 700 /root/.ssh
#key验证公钥
cat > /root/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmluMX8ky+cIonDYd/PMj9nfgVruyCbqL0Z3+DwcIZ9thW9S6LTOrCfmWLOfcz/Gwrh5M6onD7rLkragIGILDxVEcNe3/ZYOTQkprWqx/L+2uJQ9gisjjSAh2EHXNMxGc6cipUu29cgtl/nol4FOlvRy8WdnYFSNaPr9QI38LnfE9gEmAXI0ua/yhK29gsqwuDY/Dsw8jeSVSh/h5jZfF46V5MFEIZtimzI+KzlkucpCLgAUPXaQlZ8xmaJyERMeGp/5r7HHIXCKpjvKGXJWP9+7KwxiBi/GthmX2F9nwtMuPP5RO7i7E2CQ7kj6kUvjyehJByKqZXqrw5cZMr6qB5 root@centos7.localdomain
EOF
chmod 600 /root/.ssh/authorized_keys
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
#搭建yum源
cat > /etc/yum.repos.d/test.repo <<EOF
[base]
baseurl=http://192.168.37.7/centos/7/os/x86_64
gpgcheck=0
EOF
%end
检查ks文件格式是否正确,有专门的命令ksvalidator
[root@centos7 ~]# ksvalidator /var/www/html/ksdir/7/ks7_desktops.cfg
[root@centos7 ~]# ksvalidator /var/www/html/ksdir/7/ks7_mini.cfg
[root@centos7 ~]# ksvalidator /var/www/html/ksdir/6/ks6_mini.cfg
[root@centos7 ~]# ksvalidator /var/www/html/ksdir/6/ks6_desktops.cfg
4. 配置dhcp服务
#dhcp范例文件
[root@centos7 7]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
#将范例文件拷贝过来、加以修改即可
[root@centos7 7]# cp /usr/share/doc/dhcp*/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
#编辑dhcp
vim /etc/dhcp/dhcpd.conf
也可以写成子网掩码形式【绑定MAC地址、并分配固定IP】如下:方便以后管理、此处和上图二选一即可
host ‘名称随便’ {
#MAC地址
hardware ethernet 00:0c:29:b9:37:61;
#固定IP地址
fixed-address 192.168.37.66;
...
}
#重启dhcp服务
~]# systemctl restart dhcpd
#客户端:执行reboot重启后IP会改变
#重启dhcp
systemctl start dhcpd
systemctl restart dhcpd
5.准备PXE相关⽂件
[root@centos7 7]# cd /var/lib/tftpboot/
[root@centos7 tftpboot]# mkdir -pv /var/lib/tftpboot/centos{6,7}
[root@centos7 tftpboot]# cp /var/www/html/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7
[root@centos7 tftpboot]# cp /var/www/html/centos/6/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6
[root@centos7 tftpboot]# tree .
.
├── centos6
│ ├── initrd.img
│ └── vmlinuz
└── centos7
├── initrd.img
└── vmlinuz
2 directories, 4 files
[root@centos7 tftpboot]# mkdir /var/lib/tftpboot/pxelinux.cfg/
[root@centos7 tftpboot]# cp /var/www/html/centos/7/os/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
[root@centos7 tftpboot]# tree .
.
├── centos6
│ ├── initrd.img
│ └── vmlinuz
├── centos7
│ ├── initrd.img
│ └── vmlinuz
└── pxelinux.cfg
└── default
3 directories, 5 files
[root@centos7 tftpboot]# cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot/
[root@centos7 tftpboot]# tree .
.
├── centos6
│ ├── initrd.img
│ └── vmlinuz
├── centos7
│ ├── initrd.img
│ └── vmlinuz
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg
└── default
3 directories, 7 files
6. 制作菜单
文件下载:default菜单
default菜单内容
//default菜单内容//
[root@centos7 tftpboot]# cat pxelinux.cfg/default
default menu.c32
timeout 600
menu title centos auto install
label Mini 7
menu label ^Install CentOS Mini 7
kernel centos7/vmlinuz
append initrd=centos7/initrd.img ks=http://192.168.37.7/ksdir/7/ks7_mini.cfg
label Desktop 7
menu label Install CentOS ^Desktops 7
kernel centos7/vmlinuz
append initrd=centos7/initrd.img ks=http://192.168.37.7/ksdir/7/ks7_desktops.cfg
label Mini 6
menu label Install CentOS Mi^ni 6
kernel centos6/vmlinuz
append initrd=centos6/initrd.img ks=http://192.168.37.7/ksdir/6/ks6_mini.cfg
label Desktop 6
menu label Install CentOS D^esktops 6
kernel centos7/vmlinuz
append initrd=centos6/initrd.img ks=http://192.168.37.7/ksdir/6/ks6_desktops.cfg
#本地硬盘启动、注意:此条不要删除
label local
menu default
menu label ^Boot from local drive
7. 开始测试:新建一个虚拟机(一张网卡,NAT模式 200g硬盘 内存大于2G 不需要插光盘)
四个模式都安装成功、已测试
实验三:基于cobbler自动化安装系统
实验条件
需要连接外网、查看网卡配置是否有DNS、网关配置挂载光盘
如果有新的,扫描硬件。不行就重启系统。 echo "- - -" > /sys/class/scsi_host/host0/scan echo "- - -" > /sys/class/scsi_host/host1/scan echo "- - -" > /sys/class/scsi_host/host2/scan
实验步骤
1. cobbler安装
yum install cobbler dhcp pykickstart -y
#启动服务
systemctl start tftp httpd cobblerd
#设置开机启动
systemctl enable tftp httpd cobblerd dhcpd
#查看服务信息 [n:不解析服务名 t:tcp u:udp l:列出所有打开的网络连接端口 p:显示监听端口的进程]
ss -ntulp
udp UNCONN 0 0 :::69 :::* users:(("in.tftpd",pid=10383,fd=0),("systemd",pid=1,fd=239))
tcp LISTEN 0 5 127.0.0.1:25151 *:* users:(("cobblerd",pid=10387,fd=9))
tcp LISTEN 0 128 :::80 :::* users:(("httpd",pid=10412,fd=4),("httpd",pid=10411,fd=4),("httpd",pid=10410,fd=4),("httpd",pid=10409,fd=4),("httpd",pid=10408,fd=4),("httpd",pid=10386,fd=4))
2.测试cobbler
#核对当前设置是否有问题
[root@centos7 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
执行Cobbler check报错解决方式
:one: 修改/etc/cobbler/settings文件中的server参数的值为提供cobbler服务的主机相应的IP地址或主机名 :two: 修改/etc/cobbler/settings文件中的next_server参数的值为提供PXE服务的 主机相应的IP地址 :three: 如果当前节点可以访问互联网,执行“cobbler get-loaders”命令即可;否则,需要安装syslinux程序包,而后复制 /usr/share/syslinux/{pxelinux.0,memu.c32}等文件至 /var/lib/cobbler/loaders/目录中 :four: 修改/etc/cobbler/settings文件,manage_dhcp:1,并修改下面文件 /etc/cobbler/dhcp.template :five: 执行“openssl passwd -1生成密码,并用其替换 /etc/cobbler/settings文件 中default_password_crypted参数的值
vim /etc/cobbler/settings
#生成密码:123123
[root@centos7 ~]# openssl passwd -1
Password:
Verifying - Password:
$1$HZFb43RA$/6XV9Tr98cM.huFBgV3pe0
#重启服务
[root@centos7 ~]# systemctl restart cobblerd
#此文件现在是空的
[root@centos7 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
#发现保错信息变了
[root@centos7 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : change 'disable' to 'no' in /etc/xinetd.d/tftp
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : enable and start rsyncd.service with systemctl
4 : debmirror package is not installed, it will be required to manage debian deployments and repositories
5 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
#此处如果出现404报错、多重复几次即可
[root@centos7 ~]# cobbler get-loaders
task started: 2022-04-22_114854_get_loaders
task started (id=Download Bootloader Content, time=Fri Apr 22 11:48:54 2022)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE ***
[root@centos7 ~]# ls /var/lib/tftpboot/
boot etc grub images images2 ppc pxelinux.cfg s390x
[root@centos7 ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
├── etc
├── grub
├── images
├── images2
├── ppc
├── pxelinux.cfg
└── s390x
8 directories, 0 files
#dhcp服务器的的配置模板
[root@centos7 ~]# vim /etc/cobbler/dhcp.template
#同步cobbler配置
[root@centos7 ~]# cobbler sync
task started: 2022-04-22_121758_sync
task started (id=Sync, time=Fri Apr 22 12:17:58 2022)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
查看dhcp配置文件
#再次查看dhcp配置文件、发现文件生成了
[root@centos7 ~]# cat /etc/dhcp/dhcpd.conf
# ******************************************************************
# Cobbler managed dhcpd.conf file
# generated from cobbler dhcp.conf template (Fri Apr 22 04:17:59 2022)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 192.168.37.0 netmask 255.255.255.0 {
option routers 192.168.37.2;
option domain-name-servers 192.168.37.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.37.100 192.168.37.254;
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.37.7;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
# group for Cobbler DHCP tag: default
group {
}
#重启dhcp
systemctl restart dhcpd
[root@centos7 ~]# ls /var/lib/tftpboot/
boot grub images2 menu.c32 pxelinux.0 s390x
etc images memdisk ppc pxelinux.cfg yaboot
[root@centos7 ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ ├── grub-x86_64.efi
│ ├── grub-x86.efi
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── yaboot
10 directories, 10 files
#挂载 7光盘
[root@centos7 ~]# mount /dev/sr0 /misc
mount: /dev/sr0 is write-protected, mounting read-only
#挂载 6光盘
[root@centos7 ~]# mount /dev/sr1 /mnt
mount: /dev/sr1 is write-protected, mounting read-only
注:导入时要注意硬盘空间是否够用
#导入 6光盘
cobbler import --path=/mnt --name=CentOS6.10-x86_64 --arch=x86_64
#导入 7光盘
cobbler import --path=/misc/ --name=CentOS7.6-x86_64 --arch=x86_64
#导入过程中此文件变大
du -sh /var/www/cobbler/*
default菜单
[root@centos7 ~]# cd /var/lib/tftpboot/pxelinux.cfg/
[root@centos7 pxelinux.cfg]# ls
default
#菜单信息如下
[root@centos7 pxelinux.cfg]# cat default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS6.10-x86_64
kernel /images/CentOS6.10-x86_64/vmlinuz
MENU LABEL CentOS6.10-x86_64
append initrd=/images/CentOS6.10-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.7/cblr/svc/op/ks/profile/CentOS6.10-x86_64
ipappend 2
LABEL CentOS7.6-x86_64
kernel /images/CentOS7.6-x86_64/vmlinuz
MENU LABEL CentOS7.6-x86_64
append initrd=/images/CentOS7.6-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.7/cblr/svc/op/ks/profile/CentOS7.6-x86_64
ipappend 2
MENU end
准备ks应答文件
下载Centos7脚本:ks7_desktops.cfg和ks7_mini.cfg 下载Centos6脚本:ks6_desktops.cfg和ks6_mini.cfg
#更改此处url --url="http://192.168.37.7/centos/6/os/x86_64"改为即可url --url=$tree
[root@centos7 ~]# vim ks6_mini.cfg
url --url=$tree
#拷贝文件
[root@centos7 ~]# cp ks6_mini.cfg /var/lib/cobbler/kickstarts/
[root@centos7 ~]# cp ks7_mini.cfg /var/lib/cobbler/kickstarts/
[root@centos7 ~]# cp ks6_desktops.cfg /var/lib/cobbler/kickstarts/
[root@centos7 ~]# cp ks7_desktops.cfg /var/lib/cobbler/kickstarts/
#表示有几套yum源
[root@centos7 kickstarts]# cobbler distro list
CentOS6.10-x86_64
CentOS7.6-x86_64
#表示kickstart文件
[root@centos7 kickstarts]# cobbler profile list
CentOS6.10-x86_64
CentOS7.6-x86_64
#报错了、原因是此次要写绝对路径
[root@centos7 kickstarts]# cobbler profile add --name=CentOS6.10-x86_64_mini --distro=CentOS6.10-x86_64 --kickstart=ks6_mini.cfg
exception on server: 'Invalid kickstart template file location ks6_mini.cfg'
[root@centos7 kickstarts]# pwd
/var/lib/cobbler/kickstarts
#导入6mini
[root@centos7 kickstarts]# cobbler profile add --name=CentOS6.10-x86_64_mini --distro=CentOS6.10-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks6_mini.cfg
#看菜单项中多一个选项(CentOS6.10-x86_64_mini)
[root@centos7 kickstarts]# cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS6.10-x86_64
kernel /images/CentOS6.10-x86_64/vmlinuz
MENU LABEL CentOS6.10-x86_64
append initrd=/images/CentOS6.10-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.7/cblr/svc/op/ks/profile/CentOS6.10-x86_64
ipappend 2
LABEL CentOS6.10-x86_64_mini
kernel /images/CentOS6.10-x86_64/vmlinuz
MENU LABEL CentOS6.10-x86_64_mini
append initrd=/images/CentOS6.10-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.7/cblr/svc/op/ks/profile/CentOS6.10-x86_64_mini
ipappend 2
LABEL CentOS7.6-x86_64
kernel /images/CentOS7.6-x86_64/vmlinuz
MENU LABEL CentOS7.6-x86_64
append initrd=/images/CentOS7.6-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.7/cblr/svc/op/ks/profile/CentOS7.6-x86_64
ipappend 2
MENU end
删除
[root@centos7 kickstarts]# cobbler profile list
CentOS6.10-x86_64
CentOS6.10-x86_64_mini
CentOS7.6-x86_64
[root@centos7 kickstarts]# cobbler profile remove --name=CentOS7.6-x86_64
[root@centos7 kickstarts]# cobbler profile remove --name=CentOS6.10-x86_64
#再次查看
[root@centos7 kickstarts]# cobbler profile list
CentOS6.10-x86_64_mini
添加
#导入6桌面版
[root@centos7 kickstarts]# cobbler profile add --name=CentOS6.10-x86_64_desktops --distro=CentOS6.10-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks6_desktops.cfg
#导入7mini
[root@centos7 kickstarts]# cobbler profile add --name=CentOS7.6-x86_64_mini --distro=CentOS7.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_mini.cfg
#导入7桌面版
[root@centos7 kickstarts]# cobbler profile add --name=CentOS7.6-x86_64_desktops --distro=CentOS7.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_desktops.cfg
#可以看到更改导入3个
[root@centos7 kickstarts]# cobbler profile list
CentOS6.10-x86_64_desktops
CentOS6.10-x86_64_mini
CentOS7.6-x86_64_desktops
CentOS7.6-x86_64_mini
新建客户机测试安装
