2016-12-10
cobbler:一个自动网络安装系统的工具,集成PXE、dhcp、dns、tftpd、sync等服务。可以供大家管理安装操作系统
kvm:Linux系统自带的虚拟化软件,自行找资料学习。
环境描述: cobbler: 系统:CentOS_x86 6.8 网卡: eth0:vm1 (管理)10.10.100.131 ech1:NAT (上网)DHCP kvm: 系统:CentOS_x86 6.8 网卡: eth0:vm1 (管理)10.10.100.130 ech1:NAT (上网)DHCP 系统环境准备:(两台主机上配置) epel源配置: yum -y install wget wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo 初始化配置: yum -y install vim lrzsz ntp htop 防火墙:selinux配置: service iptables stop chkconfig iptables off sed -i 's/^SELINUX/SELINUX=disabled/' /etc/selinux/config crond配置同步系统时间: # rsync sys time 0 */2 * * * /usr/sbin/ntpdate time.windows.com cobbler: 安装相关cobbler组件: yum -y install cobbler dhcp httpd xinetd tftp-server syslinux pykickstart debmirror cman fence-agents 配置相关选项: sed -i "s/server: 127.0.0.1/server: $(ifconfig eth0 | awk -F'[ :]+' 'NR==2{print $4}')/g" /etc/cobbler/settings grep --color "server:" /etc/cobbler/settings sed -i "s/manage_dhcp: 0/manage_dhcp: 1/g" /etc/cobbler/settings sed -i "s/manage_rsync: 0/manage_rsync: 1/g" /etc/cobbler/settings grep --color '^manage_[a-zA-Z]{4,}:' /etc/cobbler/settings sed -i "s/disable = yes/disable = no/g" /etc/xinetd.d/tftp sed -i "s/disable = yes/disable = no/g" /etc/xinetd.d/rsync grep --color "disable" /etc/xinetd.d/tftp /etc/xinetd.d/rsync cp /etc/cobbler/dhcp.template{,.bak} sed -i "s/192.168.1.[0-9]{0,3}/10.10.100.0/g" /etc/cobbler/dhcp.template dhcp配置说明一下,这里只是修改为自己的网段:全局修改后,在单独修改配置 sed -i 's/@dists="sid"/#@dists="sid"/' /etc/debmirror.conf sed -i 's/@arches/#@arches;/' /etc/debmirror.conf 启动服务: service httpd start service cobblerd start cobbler get-loaders # 配置安装好后的系统root初始密码,这里命令比较繁琐;因为都可以直接使用;所以不修改。同学们可以修改为自己想要的。 # 注意,这里生成的字符串码:不单单要配置到settings文件中,还需要替换到 kickstarts (sample_end.ks )文件中rootpw项 sed -i "s@$(grep --color -o '$[0-9A-Za-z]{0,}$[0-9A-Za-z]{0,}/[0-9A-Za-z]{0,}$[0-9A-Za-z]{0,}.' /etc/cobbler/settings)@$(openssl passwd -1 -salt 'random-phrase-here' '12345678')@" /etc/cobbler/settings 检查配置: service cobblerd restart cobbler check 创建镜像: mount /dev/cdrom /media/ cobbler import --path=/media --name=CentOS-6.8-x86_64-minimal --arch=x86_64 ln -s /var/www/cobbler/links/CentOS-6.8-minimal-x86_64/ /var/www/cobbler/links/CentOS-6.8-x86_64 cobbler distro edit --name=CentOS-6.8-minimal-x86_64 --ksmeta="tree=http://@@http_server@@/cobbler/links/CentOS-6.8-x86_64" 创建profile: cobbler profile add --name=CentOS-6.8-x86_64-minimal_base --distro=CentOS-6.8-minimal-x86_64 --kickstart=/var/lib/cobbler/kickstarts/sample_end.ks 同步数据: cobbler sync 创建system:(同学们注意下,这里创建system;主要目的是无人工干预安装操作系统。mac是kvm创建好后的虚拟机copy过来的。我这里是先前配置好的,写文档直接写了) cobbler system add --profile=CentOS-6.8-x86_64-minimal_base --name=CentOS-6.8-x86_64-minimal_base --interface=eth0 --mac=52:54:00:96:af:34 --ip-address=10.10.100.241 --netmask=255.255.255.0 --gateway=10.10.100.131 --static=1 --dns-name=10.10.100.131 kvm(前提:cpu支持虚拟化): 查看cpu是否支持虚拟化: Intel:vmx AMC:svm grep -Ei --color "(vmx|svm)" /proc/cpuinfo 配置网卡桥接: 这里使用eth0: cp ifcfg-eth0 ifcfg-br0 配置: [root@kvm network-scripts]# cat ifcfg-eth0 DEVICE=eth0 ONBOOT=yes BRIDGE="br0" [root@kvm network-scripts]# cat ifcfg-br0 DEVICE="br0" TYPE="Bridge" ONBOOT="yes" BOOTPROTO=static IPADDR=10.10.100.130 PREFIX=24 DELAY=0 重启网卡,生效 安装相关组件: yum -y install kvm qemu-kvm qemu-kvm-tools libvirt && ln -sv /usr/libexec/qemu-kvm /usr/sbin/ && service libvirtd start && chkconfig libvirtd on 注意:这里所有主机都是最小化安装、为了使用管理kvm方便;这边在kvm主机上安装了virtual machine manager 安装组件: virtual machine manager 虚拟机管理控制台 linux安装 yum -y install virt-manager xwindows linux安装 yum groupinstall "X Window System" -y 到这里cobbler和kvm基本都已安装好:还有注意一点kvm启动网卡桥接:需要关闭网络管理工具:NetworkManager,这里是因为没有安装此工具。 操作端: win系统: 这里需要连接kvm使用virtual machine manager管理kvm虚拟机,所有需要在win端安装xmanage控制台。网上有 连接:配置:
创建虚拟主机:copy mac地址到cobbler上创建 cobbler system 运行即可实现无人值守安装系统 一些小坑: 1、dhcp:获取不到地址,正确配置好dhcp;确定dhcp服务启动。dhcp是要cobbler sync之后才会启动的。 2、安装系统找不到kickstarts 文件,创建profile文件的时候;确保文件名正确 3、xamnage 启动安装提示sda 问题。创建的时候,硬盘资源不要给太小。运维同学都知道默认分配系统盘资源空间
附带kickstarts文件:注意:密码字符串
# kickstart template for Fedora 8 and later. # (includes %end blocks) # do not use with earlier distros #platform=x86, AMD64, or Intel EM64T # System authorization information auth --useshadow --enablemd5 # System bootloader configuration bootloader --location=mbr # Partition clearing information clearpart --all --initlabel # Use text mode install text # Firewall configuration firewall --service=ssh # Run the Setup Agent on first boot firstboot --disable # System keyboard keyboard us # System language lang en_US # Use network installation url --url=$tree # If any cobbler repo definitions were referenced in the kickstart profile, include them here. $yum_repo_stanza # Network information $SNIPPET('network_config') # Reboot after installation reboot network --onboot yes --device eth0 --bootproto dhcp --noipv6 rootpw --iscrypted $1$random-p$hWRi.9FanNH4IXjhdupym/ firewall --service=ssh authconfig --enableshadow --passalgo=sha512 selinux --disabled timezone --utc Asia/Shanghai bootloader --location=mbr --driveorder=sda --append="nomodeset crashkernel=auto rhgb quiet" # The following is the partition information you requested # Note that any partitions you deleted are not expressed # here so unless you clear all partitions first, this is # not guaranteed to work #clearpart --linux --drives=sda zerombr yes clearpart --all --drives=sda --initlabel #volgroup VolGroup --pesize=4096 pv.008002 part /boot --fstype=ext4 --size=200 part swap --size=512 part / --fstype=ext4 --grow --size=1 %packages --nobase @core openssh-clients curl %end %pre $SNIPPET('log_ks_pre') $SNIPPET('kickstart_start') $SNIPPET('pre_install_network_config') # Enable installation monitoring $SNIPPET('pre_anamon') %end %packages --nobase @core openssh-clients $SNIPPET('func_install_if_enabled') %end %post $SNIPPET('log_ks_post') # Start yum configuration $yum_config_stanza # End yum configuration $SNIPPET('post_install_kernel_options') $SNIPPET('post_install_network_config') $SNIPPET('func_register_if_enabled') $SNIPPET('download_config_files') $SNIPPET('koan_environment') $SNIPPET('redhat_register') $SNIPPET('cobbler_register') # Enable post-install boot notification $SNIPPET('post_anamon') # Start final steps $SNIPPET('kickstart_done') # End final steps iptables -F chkconfig iptables off rm -rf /etc/security/limits.d/90-nproc.conf cat >>/etc/hosts<<EOF 127.0.0.1 localhost.localdomain localhost ::1 localhost.localdomain localhost EOF cat >>/etc/resolv.conf<<EOF ; generated by /sbin/dhclient-script nameserver 202.96.134.133 nameserver 202.96.128.68 EOF yum -y install ntp echo '01 */2 * * * ntpdate time.windows.com' > /var/spool/cron/root %end