实现centos系统的自动化安装部署

1.使用kickstart实现半自动化安装centos系统

 

实现过程

[root@centos8 ~]#mkdir –pv /data/myiso

[root@centos8 ~]#cp -r /mnt/isolinux/ /data/myiso/

[root@centos8 ~]#tree /data/myiso/

/data/myiso/

└── isolinux

├── boot.cat

  ├── boot.msg

  ├── grub.conf

  ├── initrd.img

  ├── isolinux.bin

  ├── isolinux.cfg

  ├── ldlinux.c32

  ├── libcom32.c32

  ├── libutil.c32

  ├── memtest

  ├── splash.png

  ├── TRANS.TBL

  ├── vesamenu.c32

  └── vmlinuz

1 directory, 14 files

[root@centos8 ~]#vim /data/myiso/isolinux/isolinux.cfg

#方法1：应答方件放在ISO文件里

label linux

menu label ^Auto Install CentOS Linux 8

kernel vmlinuz

 initrd=initrd.img text ks=cdrom:/myks.cfg

#方法2：应答方件放在http服务器上

label linux

menu label ^Auto Install CentOS Linux 8

kernel vmlinuz

append initrd=initrd.img quiet ks=http://10.0.0.8/ksdir/centos8.cfg

label rescue

menu label ^Rescue a CentOS Linux system

kernel vmlinuz

append initrd=initrd.img inst.repo=http://10.0.0.8/centos/8 rescue quiet

label local

menu default

menu label Boot from ^local drive

localboot 0xffff

[root@centos8 ~]#cp /root/myks.cfg /data/myiso/

[root@centos8 ~]#dnf -y install mkisofs

[root@centos8 ~]#mkisofs -R -J -T -v --no-emul-boot --boot-load-size 4 --boot

info-table -V "CentOS 8.0 x86_64 boot" -b isolinux/isolinux.bin -c

isolinux/boot.cat -o /root/boot.iso /data/myiso/

注意：以上相对路径都是相对于光盘的根，和工作目录无关

2.实现pxe自动化安装centos系统

pxe自动化安装流程

1. Client向PXE Server上的DHCP发送IP地址请求消息，DHCP检测Client是否合法（主要是检测Client的网卡MAC地址），如果合法则返回Client的IP地址，同时将启动文件pxelinux.0的所在TFTP服务器地址信息一并传送给Client
2. Client向TFTP服务器发送获取pxelinux.0请求消息，TFTP服务器接收到消息之后，向Client发送pxelinux.0大小信息，试探Client是否满意，当TFTP收到Client发回的同意大小信息之后，正式向Client发送pxelinux.0
3. Client执行接收到的pxelinux.0文件，并利用此文件启动
4. Client向TFTP 服务器发送请求针对本机的配置信息文件（在TFTP 服务器的pxelinux.cfg目录下），TFTP服务器将启动菜单配置文件发回Client，继而Client根据启动菜单配置文件执行后续操作
5. Client根据启动菜单配置文件里的信息，向TFTP发送Linux内核和initrd文件请求信息，TFTP接收到消息之后将内核和initrd文件发送给Client
6. Client向TFTP发送根文件请求信息，TFTP接收到消息之后返回Linux根文件系统
7. Client启动Linux内核,加载相关的内核参数
8. Client通过内核参数下载kickstart文件，并根据kickstart文件里的安装信息，下载安装源文件进行自动化安装

实现在cenots8上自动化安装centos6，7，8

1.安装前准备

#关闭防火墙和selinux，DHCP服务器静态IP
#网络要求：关闭vmware软件中的DHCP服务，基于NAT模式
#注意：centos7，8使用1G内存会显示空间不足，建议2G

2.安装相关包并启动

#下载安装dhcp，httpd，tftp服务
[root@centos8 ~]# yum -y install dhcp-server httpd tftp-server syslinux-nonlinux
#启动服务
[root@centos8 ~]# systemctl enable --now dhcpd tftp httpd
Created symlink /etc/systemd/system/multi-user.target.wants/dhcpd.service → /usr/lib/systemd/system/dhcpd.service.
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket → /usr/lib/systemd/system/tftp.socket.
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
Job for dhcpd.service failed because the control process exited with error code.
See "systemctl status dhcpd.service" and "journalctl -xe" for details.
#其中dhcp服务是启动不了的，原因是配置文件无内容，需要在修改配置文件后才可启动

3.配置dhcp服务

#写dhcp服务配置文件，可通过配置文件范例进行修改
[root@centos8 ~]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite '/etc/dhcp/dhcpd.conf'? yes #将范例配置文件拷贝当配置文件路径，覆盖原内容
#将拷贝的配置文件内容进行部分修改即可
[root@centos8 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp-server/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
#
option domain-name "example.com";
option domain-name-servers 180.76.76.76,223.6.6.6; #配置DNS地址
default-lease-time 600; #默认地址租期
max-lease-time 7200; #最大租期，无特殊要求给默认租期，有要求给最大租期
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 { #指定网段分配地址池
range 10.0.0.100 10.0.0.200; #分配地址范围
option routers 10.0.0.2; #指定网关
next-server 10.0.0.8; #指定tftp服务器地址，该实验tftp与dhcp服务都在8主机实现，因此只想8IP
filename "pxelinux.0"; #bootloader启动文件的名称
}
#将dhcp服务开启
[root@centos8 ~]# systemctl start dhcpd
[root@centos8 ~]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2020-09-10 16:42:29 CST; 1min 17s ago

4.准备yum源和相关目录

#在服务器的http服务上创建6，7，8对应的文件夹
[root@centos8 ~]# mkdir -pv /var/www/html/centos/{6,7,8}/os/x86_64/
mkdir: created directory '/var/www/html/centos'
mkdir: created directory '/var/www/html/centos/6'
mkdir: created directory '/var/www/html/centos/6/os'
mkdir: created directory '/var/www/html/centos/6/os/x86_64/'
mkdir: created directory '/var/www/html/centos/7'
mkdir: created directory '/var/www/html/centos/7/os'
mkdir: created directory '/var/www/html/centos/7/os/x86_64/'
mkdir: created directory '/var/www/html/centos/8'
mkdir: created directory '/var/www/html/centos/8/os'
mkdir: created directory '/var/www/html/centos/8/os/x86_64/'
#在服务器上添加光驱，分别添加光驱挂载光盘为6，7，8
[root@centos8 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
├─sda2 8:2 0 100G 0 part /
├─sda3 8:3 0 2G 0 part [SWAP]
├─sda4 8:4 0 1K 0 part
└─sda5 8:5 0 50G 0 part /data
sr0 11:0 1 7G 0 rom #通过大小查看为8光盘
sr1 11:1 1 10.3G 0 rom #7光盘
sr2 11:2 1 3.7G 0 rom #6光盘
#添加光驱之后识别不了执行echo --- > /sys/class/scsi_host/host0/scan进行扫描添加光驱，添加光驱之后需要分清三个光盘分别是哪个系统版本的光盘
#分别将挂光盘进行挂载在对应的文件夹，实现提供6，7，8的yum源
[root@centos8 ~]# mount /dev/sr0 /var/www/html/centos/8/os/x86_64/
mount: /var/www/html/centos/8/os/x86_64: WARNING: device write-protected, mounted read-only.
[root@centos8 ~]# mount /dev/sr1 /var/www/html/centos/7/os/x86_64/
mount: /var/www/html/centos/7/os/x86_64: WARNING: device write-protected, mounted read-only.
[root@centos8 ~]# mount /dev/sr2 /var/www/html/centos/6/os/x86_64/
mount: /var/www/html/centos/6/os/x86_64: WARNING: device write-protected, mounted read-only.

5.准备kickstart文件

#准备kickstart文件并放在http服务器上
#创建kickstart相关文件夹
[root@centos8 ~]# mkdir /var/www/html/ks/
#编辑6对应的kickstart文件
[root@centos8 ~]# cat /var/www/html/ks/centos6.cfg
install
text
reboot
url --url=http://10.0.0.8/centos/6/os/x86_64/
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto dhcp --noipv6
rootpw --iscrypted $6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRvgHBpqgc5n0RypMsPTQnVDcpO01
firewall --disabled
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
zerombr
clearpart --all --initlabel
part /boot --fstype=ext4 --size=1024
part / --fstype=ext4 --size=50000
part /data --fstype=ext4 --size=30000
part swap --size=2048
%packages
@core
@server-policy
@workstation-policy
autofs
vim-enhanced
%end
%post
useradd wang
echo magedu | passwd --stdin wang &> /dev/null
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
name=base
baseurl=file:///misc/cd
gpgcheck=0
EOF
%end
#编辑7对应的kickstart文件
[root@centos8 ~]# cat /var/www/html/ks/centos7.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --plaintext magedu
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled

# Firewall configuration
firewall --disabled
# Network information
network --bootproto=static --device=eth0 --ip=10.0.0.123 --netmask=255.255.255.0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Use network installation
url --url="http://10.0.0.8/centos/7/os/x86_64"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Partition clearing information
clearpart --all
# Disk partitioning information
part / --fstype="xfs" --size=100000

%post
useradd mage
echo magedu |passwd --stdin mage
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/
http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF
mkdir /root/.ssh -m 700
cat > /root/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4fLgICiPzngrZ3J55lqfGH/yAifTe39nHi/9Z/2kC0WLYyyLvQGmyXP2I+y0sIaIpqvGHSglrXpsMszu2YoO72ydm+baSCazoH3pBUKvNa34+nukm9kUXsuNchFSzJGt6yOMEZNfvdenFYAAkRo5/hYNy/jgaGbCSejxxBjx1oPB1ik7DQUXuZJKeNQEHYuQLMeNOatR7eQSWPH/e6vSgu6kERtn4QKvIa7VTt1hL8oE2VaxlmtuQEEhuuU1TELn5atkoGX2bSCxPjJxfBLqLKA75DGmaIKZl849JCOsQH/4nSGnGsF1BDrV/JqfeTsDBlt3/DKIlNZ+5/BVBg4UPgAnKWFrrE52ub3L87SsqteES5Zh1K6yv3qA4Xagf1UTKFA7KhGZA2y+AwUTglQMeoYB1CNDQQjf35RDqjW25FD2IzqFurnVSkVEOU7u9mdN6v6KVZjAadOrFhXRoWtsJnEbwD/Dh1g8RWt55xIE0f4RekLNsmfgQxp3MiZSv8XU= root@centos8.localdomain
EOF
chmod 600 /root/.ssh/authorized_keys
%end

%packages
@web-server

%end
#编辑8对应的kickstart文件
[root@centos8 ~]# cat /var/www/html/ks/centos8.cfg
ignoredisk --only-use=sda
zerombr
text
reboot
clearpart --all --initlabel
selinux --disabled
firewall --disabled
url --url=http://10.0.0.8/centos/8/os/x86_64/
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network --bootproto=dhcp --device=ens160 --ipv6=auto --activate
network --hostname=centos8.magedu.com
rootpw --iscrypted $6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRvgHBpqgc5n0RypMsPTQnVDcpO01
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=wang --password=6oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="wang"
part / --fstype="xfs" --ondisk=sda --size=102400
part /data --fstype="xfs" --ondisk=sda --size=51200
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="ext4" --ondisk=sda --size=1024
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

%post
useradd mage
echo magedu | passwd --stdin mage &> /dev/null
%end
#centos6，7，8的kickstart文件针对不同版本，内容不同，需要分别修改

6.准备PXE启动相关文件

#准备6，7，8的各自内核文件，内核文件在光盘中
[root@centos8 ~]# mkdir /var/lib/tftpboot/centos{6,7,8} #创建相关文件夹
#将内核文件及启动文件拷贝至对应文件夹
[root@centos8 ~]# cp /var/www/html/centos/6/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6/
[root@centos8 ~]# cp /var/www/html/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7/
[root@centos8 ~]# cp /var/www/html/centos/8/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos8/
#拷贝bootloader启动引导文件，这些文件由syslinux-nonlinux包提供，第一步已经安装
[root@centos8 ~]# cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot/
#以下3个文件centos8需要安装，6，7不需要安装
[root@centos8 ~]# cp /var/www/html/centos/8/os/x86_64/isolinux/{ldlinux.c32,libcom32.c32,libutil.c32} /var/lib/tftpboot/
#创建菜单文件
[root@centos8 ~]# mkdir /var/lib/tftpboot/pxelinux.cfg/
#将8的菜单文件复制到该目录
[root@centos8 ~]# cp /var/www/html/centos/8/os/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

7.准备启动菜单文件

#编辑菜单文件
[root@centos8 ~]# cat /var/lib/tftpboot/pxelinux.cfg/default
default menu.c32
timeout 600

menu title CentOS Linux Install

label linux7
menu label AUTO Install CentOS Linux ^7
kernel centos7/vmlinuz
append initrd=centos7/initrd.img ks=http://10.0.0.8/ks/centos7.cfg

label linux6
menu label AUTO Install CentOS Linux ^6
kernel centos6/vmlinuz
append initrd=centos6/initrd.img ks=http://10.0.0.8/ks/centos6.cfg

label manual
menu label ^Manual Install CentOS Linux 8.0
kernel centos8/vmlinuz
append initrd=centos8/initrd.img
inst.repo=http://10.0.0.8/centos/8/os/x86_64

label rescue
menu label ^Rescue a CentOS Linux system 8
kernel centos8/vmlinuz
append initrd=centos8/initrd.img
inst.repo=http://10.0.0.8/centos/8/os/x86_64/ rescue

label local
menu default
menu label Boot from ^local drive
localboot 0xffff

8.在客户端测试基于PXE自动安装

#准备一台新主机，设置网卡引导，可看到启动菜单，实现自动安装