运维自动化之系统部署
常见的内核参数:
安装光盘的启动菜单配置文件:isolinux/isolinux.cfg中设置相关的内核加载参数,实现不同的安装过程
isolinux.cfg文件中每个安装对应菜单选项:
- 加载内核:isolinuz/vmlinuz
- 向内核传递参数:append initrd=initrd.img 参数设置
指定内核参数方法 - 在启动菜单界面,选中一项安装方法,按tab键,在后面增加参数
- 在启动菜单界面,任意选中一项安装方法,按ESC键:boot: linux 参数设置
常见的内核参数 - text:默认启动GUI安装接口,可以指定文本方式的安装界面
- rescue:进入救援模式
- inst.repo=path:指定安装源文件的路径,可以是以下格式
Centos 6
DVD drive repo=cdrom :device
Hard Drive repo=hd:device/path
HTTP Server repo=http://host/path
HTTPS Server repo=https://host/path
FTP Server repo=ftp://username:password@host/path
NFS Server repo=nfs:server:/path
ISO images on an NFS Server repo=nfsiso:server:/path
Centos 7
Any CD/DVD drive inst.repo=cdrom
Hard Drive inst.repo=hd:device:/path
HTTP Server inst.repo=http://host/path
HTTPS Server inst.repo=https://host/path
FTP Server inst.repo=ftp://username:password@host/path
NFS Server inst.repo=nfs:[options:]server:/path - askmethod:选择安装源文件的获取方法,提供了光盘,本地硬盘,NFS,FTP,HTTP多种安装
源,此项Centos 7 以后版已废弃 - ks=path: 指定自动化安装应答文件路径,如:initrd=initrd.img inst.ks=http://192.168.8.8/ksdir/
ks8.cfg - ip= : 指定IP地址信息
ip=method,method 可以为dhcp
ip=interface:method 指定特定接口
ip=ip::gateway:netmask:hostname:interface:none 静态IP
anaconda安装向导
anaconda是Linux系统安装程序,可以提供两种风格的安装界面 - gui:图形窗口
- tui: 基于图形库curses的文本窗口
anaconda工作过程 - 安装过程使用的语言
- 键盘类型
- 时区和时间
- 安装源文件路径
- 选定要安装的程序包
- 安装目标存储设备及分区设置
Basic Storage:本地磁盘
特殊设备:iSCSI - KDUMP功能
- 设定主机名和配置网络接口
- 安全策略
- 管理员密码
- 创建一个普通用户
- anaconda的配置方式:
- 交互式配置方式
- 通过读取事先给定的配置文件自动完成配置,加内核参数:ks=/path实现指明kickstart文件的位
置,各种路径格式如下:
DVD drive: ks=cdrom:/PATH/TO/KICKSTART_FILE
Hard drive: ks=hd:device:/directory/KICKSTART_FILE
HTTP server: ks=http://host:port/path/to/KICKSTART_FILE
FTP server: ks=ftp://host:port/path/to/KICKSTART_FILE
HTTPS server: ks=https://host:port/path/to/KICKSTART_FILE
NFS server:ks=nfs:host:/path/to/KICKSTART_FILE
自动安装的应答文件
实现自动安装前,需要制作对应的安装应答文件,称为kickstart文件,用于保存安装过程需要指定的选
项。
1 kickstart文件使用过程
- Create a Kickstart file.
- Make the Kickstart file available on removable media, a hard drive or a network location.
- Create boot media, which will be used to begin the installation.
- Make the installation source available.
- Start the Kickstart installation.
kickstart文件的格式
Kickstart文件格式官方说明
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/installation_gui
de/sect-kickstart-syntax
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/installation_gui
de/s1-kickstart2-options
kickstart文件格式说明
kickstart文件主要包括三个部分:命令段,程序包段,脚本段
- 命令段:指明各种安装前配置,如键盘类型等
命令段中的常见命令:
keyboard: 设定键盘类型
lang: 语言类型
zerombr:清除mbr
clearpart:清除分区
part: 创建分区
rootpw: 指明root的密码
timezone: 时区
text: 文本安装界面
network:指定网络设置
firewall:设置防火墙设置
selinux:设置selinux设置
reboot:安装完自动重启
user:安装完成后为系统创建新用户
url: 指明安装源 - 程序包段:指明要安装的程序包组或程序包,不安装的程序包等
%packages
@^environment group: 指定环境包组,如:@^minimal-environment
@group_name
package
-package
%end - 脚本段:
%pre: 安装前脚本
%post: 安装后脚本
注意: - CentOS 8,7,6 不同版本的kickstart文件格式不尽相同,不可混用
- %addon, %packages, %onerror, %pre 、 %post 必须以%end结束,否则安装失败
kickstart文件创建
- 创建kickstart文件的方式
可使用创建工具:system-config-kickstart ,注意:此方法 CentOS 8 不再支持 - 依据某模板修改并生成新配置,CentOS安装完后,会自动参考当前系统的安装过程,生成一个kickstart文件 /root/anaconda-ks.cfg
检查ks文件的语法错误:
使用 ksvalidator 工具可以检查kickstart的文件格式是否有语法错误,来自于 pykickstart 包格式:
ksvalidator /PATH/TO/KICKSTART_FILE
图形化界面制作应答文件
centos7
安装制作应答文件的软件
yum install -y system-config-kickstart
基于网络安装使用8作为服务器
centos8添加光盘
[root@centos8|2|~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 19G 0 part
├─cl-root 253:0 0 17G 0 lvm /
└─cl-swap 253:1 0 2G 0 lvm [SWAP]
sr0 11:0 1 10.3G 0 rom #centos7
sr1 11:1 1 3.7G 0 rom #centos6
sr2 11:2 1 7G 0 rom #centos8
[root@centos8|3|~]#yum install -y httpd ;mkdir -p /var/www/html/centos/{6,7,8}/os/x86_64/
[root@centos8|3|~]#mkdir /var/www/html/centos/8/os/x86_64/ksdir
[root@centos8|10|~]#mount /dev/sr1 /var/www/html/centos/6/os/x86_64/
mount: /var/www/html/centos/6/os/x86_64: WARNING: device write-protected, mounted read-only.
[root@centos8|11|~]#mount /dev/sr0 /var/www/html/centos/7/os/x86_64/
mount: /var/www/html/centos/7/os/x86_64: WARNING: device write-protected, mounted read-only.
[root@centos8|12|~]#mount /dev/sr2 /var/www/html/centos/8/os/x86_64/
mount: /var/www/html/centos/8/os/x86_64: WARNING: device write-protected, mounted read-only.
[root@centos8|34|~]#systemctl start httpd
[root@centos8|37|~]#ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
[root@centos7 ~]# system-config-kickstart
[root@centos7 ~]# vim ks.cfg
[root@centos7 ~]# cat ks.cfg
#platform=x86, AMD64, 或 Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$wjOXrzIx$8baqr6LbZNhc8IbKQKK.b.
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Use network installation
url --url="http://10.0.0.8/centos/7/os/x86_64/"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Partition clearing information
clearpart --all
# Disk partitioning information
part / --fstype="xfs" --size=10000
part /boot --fstype="xfs" --size=1000
part swap --fstype="swap" --size=2048
%pre
useradd lin
echo 123456 | passwd --stdin lin
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/*.repo backup/
%end
%packages
@web-server
%end
[root@centos7 ~]#scp ks.cfg 10.0.0.8:/var/www/html/ksdir 应答文件制作好后放在服务器上 这个文件所有人必须有读权限否则用户无法访问安装方法
浏览器打开10.0.0.8/ksdir/ks.cfg是否可以打开
安装系统时选择 CDROM光盘引导
ESC
boot: linux ks=http://10.0.0.8/ksdir/ks.cfg #安装
## centos8应答文件
```bash
[root@VM_0_3_centos|28|~]#cat centos8.cfg
ignoredisk --only-use=sda
zerombr
text
reboot
clearpart --all --initlabel #格式化
selinux --disabled #禁用selinux
firewall --disabled #禁用防火墙
url --url=http://10.0.0.8/centos/8/os/x86_64/ #仓库路径
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network --bootproto=dhcp --device=ens160 --ipv6=auto --activate #网卡名
network --hostname=centos8.magedu.com #主机名
rootpw --iscrypted $6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYj0kA9fpxAo9qYotjGGBUclCGoP1TRvgHBpqgc5n0RypMsPTQnVDcpO01 #加密过的密码
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=wang --password=6oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="wang"
part / --fstype="xfs" --ondisk=sda --size=102400
part /data --fstype="xfs" --ondisk=sda --size=51200
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="ext4" --ondisk=sda --size=1024
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
%post
useradd mage
echo magedu | passwd --stdin mage &> /dev/null
%end
centos7应答文件
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --plaintext magedu
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=static --device=eth0 --ip=10.0.0.123 --netmask=255.255.255.0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Use network installation
url --url="http://10.0.0.8/centos/7/os/x86_64"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Partition clearing information
clearpart --all
# Disk partitioning information
part / --fstype="xfs" --size=100000
%post
useradd mage
echo magedu |passwd --stdin mage
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/
http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF
mkdir /root/.ssh -m 700
cat > /root/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4fLgICiPzngrZ3J55lqfGH/yAifTe39nHi/9Z/2kC0WLYyyLvQGmyXP2I+y0sIaIpqvGHSglrXpsMszu2YoO72ydm+baSCazoH3pBUKvNa34+nukm9kUXsuNchFSzJGt6yOMEZNfvdenFYAAkRo5/hYNy/jgaGbCSejxxBjx1oPB1ik7DQUXuZJKeNQEHYuQLMeNOatR7eQSWPH/e6vSgu6kERtn4QKvIa7VTt1hL8oE2VaxlmtuQEEhuuU1TELn5atkoGX2bSCxPjJxfBLqLKA75DGmaIKZl849JCOsQH/4nSGnGsF1BDrV/JqfeTsDBlt3/DKIlNZ+5/BVBg4UPgAnKWFrrE52ub3L87SsqteES5Zh1K6yv3qA4Xagf1UTKFA7KhGZA2y+AwUTglQMeoYB1CNDQQjf35RDqjW25FD2IzqFurnVSkVEOU7u9mdN6v6KVZjAadOrFhXRoWtsJnEbwD/Dh1g8RWt55xIE0f4RekLNsmfgQxp3MiZSv8XU= root@centos8.localdomain
EOF
chmod 600 /root/.ssh/authorized_keys
%end
%packages
@web-server
%endcentos6应答文件
install
text
reboot
url --url=http://10.0.0.8/centos/6/isos/x86_64/
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto dhcp --noipv6
rootpw --iscrypted $6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRvgHBpqgc5n0RypMsPTQnVDcpO01
firewall --disabled
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
zerombr
clearpart --all --initlabel
part /boot --fstype=ext4 --size=1024
part / --fstype=ext4 --size=50000
part /data --fstype=ext4 --size=30000
part swap --size=2048
%packages
@core
@server-policy
@workstation-policy
autofs
vim-enhanced
%end
%post
useradd wang
echo magedu | passwd --stdin wang &> /dev/null
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
name=base
baseurl=file:///misc/cd
gpgcheck=0
EOF
%end拷贝各种应答文件到centos8/var/www/html/centos/8/os/x86_64/ksdir
制作引导光盘和U盘
可以将定制安装光盘,并结合kickstart实现基于光盘启动的半自动化安装
实现过程
[root@centos8 ~]#mkdir –pv /data/myiso
[root@centos8 ~]#cp -r /mnt/isolinux/ /data/myiso/
[root@centos8 ~]#tree /data/myiso/
/data/myiso/
└── isolinux
├── boot.cat
├── boot.msg
├── grub.conf
├── initrd.img
├── isolinux.bin
├── isolinux.cfg
├── ldlinux.c32
├── libcom32.c32
├── libutil.c32
├── memtest
├── splash.png
├── TRANS.TBL
├── vesamenu.c32
└── vmlinuz
1 directory, 14 files
[root@centos8 ~]#vim /data/myiso/isolinux/isolinux.cfg
menu separator # insert an empty line
menu separator # insert an empty line
#修改
label mini #最小安装
menu label ^Mini CentOS Linux 8
kernel vmlinuz
append initrd=initrd.img ks=http://10.0.0.8/ksdir/centos8.cfg
label desktop #带图形的
menu label Test this ^Desktop CentOS Linux 8
menu default
kernel vmlinuz
append initrd=initrd.img ks=http://10.0.0.8/ksdir/centos8_2.cfg
menu separator # insert an empty line
----------------------------------------------------------------------------------------------------------------------------------------
#如果是本地路径的
initrd=initrd.img text ks=cdrom:/myks.cfg
[root@centos8 ~]#cp /root/myks.cfg /data/myiso/
----------------------------------------------------------------------------------------------------------------------------------------
#制作iso光盘
[root@centos8 ~]#dnf -y install mkisofs
[root@centos8 ~]#mkisofs -R -J -T -v --no-emul-boot --boot-load-size 4 --bootinfo-table -V "CentOS 8.1 x86_64 boot" -b isolinux/isolinux.bin -c
isolinux/boot.cat -o /root/boot.iso /data/myiso/
注意:以上相对路径都是相对于光盘的根,和工作目录无关mkisofs选项说明
[OPTION] 意义
-o #指定映像文件的名称。
-b #指定在制作可开机光盘时所需的开机映像文件。
-c
#制作可开机光盘时,会将开机映像文件中的 no-eltorito-catalog 全部内容作成一个文件。
-no-emul-boot #非模拟模式启动。
-boot-load-size 4 #设置载入部分的数量
-boot-info-table #在启动的图像中现实信息
-R 或 -rock #使用 Rock RidgeExtensions
-J 或 -joliet #使用 Joliet 格式的目录与文件名称
-v 或 -verbose #执行时显示详细的信息
-T 或 -translationtable
#建立文件名的转换表,适用于不支持 Rock Ridge Extensions 的系统上DHCP实现
客户端口号:67 服务器端口号:68
DHCP服务的实现软件:
- dhcp 或 dhcp-server(CentOS 8 中的包名)
- dnsmasq:小型服务软件,可以提供dhcp和dns功能
跨网段
- RFC 1542 Compliant Routers
- dhcrelay: 中继代理
DHCP相关文件组成
- dhcp-server 包文件组成
/usr/sbin/dhcpd dhcp服务主程序
/etc/dhcp/dhcpd.conf dhcp服务配置文件
/usr/share/doc/dhcp-server/dhcpd.conf.example #dhcp服务配置范例文件
/usr/lib/systemd/system/dhcpd.service #dhcp服务service文件
/var/lib/dhcpd/dhcpd.leases 地址分配记录 - dhcp-client客户端包
/usr/sbin/dhclient #客户端程序
/var/lib/dhclient #自动获取的IP信息
dhcp-client客户端包
/usr/sbin/dhclient #客户端程序
/var/lib/dhclient #自动获取的IP信息
DHCP服务器配置文件
帮助参考:man 5 dhcpd.conf
/etc/dhcp/dhcpd.conf 格式
DHCP配置文件其它配置选项: - next-server:提供引导文件的服务器IP地址
- filename: 指明引导文件名称
检查语法:service dhcpd configtest
服务器端配置
[root@centos8|59|etc]#yum install -y dhcp-server 装包
[root@centos8|62|etc]#rpm -ql dhcp-server 查看包组
/etc/NetworkManager
/etc/NetworkManager/dispatcher.d
/etc/NetworkManager/dispatcher.d/12-dhcpd
/etc/dhcp
/etc/dhcp/dhcpd.conf #dhcp配置文件
/etc/dhcp/dhcpd6.conf
/etc/openldap/schema
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/usr/bin/omshell
/usr/lib/.build-id
/usr/lib/.build-id/74
/usr/lib/.build-id/74/8ab67eaa906abed382614c986a4bf3aded9b3a
/usr/lib/.build-id/95
/usr/lib/.build-id/95/4fe81cc6ea0ba819deadc51dcc1f19496fde02
/usr/lib/systemd/system/dhcpd.service
/usr/lib/systemd/system/dhcpd6.service
/usr/sbin/dhcpd
/usr/share/doc/dhcp-server
/usr/share/doc/dhcp-server/dhcp-lease-list.pl
/usr/share/doc/dhcp-server/dhcpd.conf.example
/usr/share/doc/dhcp-server/dhcpd6.conf.example
/usr/share/doc/dhcp-server/ldap
/usr/share/doc/dhcp-server/ldap/README.ldap
/usr/share/doc/dhcp-server/ldap/dhcp.schema
/usr/share/doc/dhcp-server/ldap/dhcpd-conf-to-ldap
/usr/share/man/man1/omshell.1.gz
/usr/share/man/man5/dhcpd.conf.5.gz
/usr/share/man/man5/dhcpd.leases.5.gz
/usr/share/man/man8/dhcpd.8.gz
/var/lib/dhcpd
/var/lib/dhcpd/dhcpd.leases
/var/lib/dhcpd/dhcpd6.leases
[root@centos8|85|~]#cat /etc/dhcp/dhcpd.conf 修改dncp配置文件
#配置DNS 路由 可分配的地址范围 如果希望获取固定的IP地址
root@centos7|~]#ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:87:be:8d brd ff:ff:ff:ff:ff:ff
inet 10.0.0.7/24 brd 10.0.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
#拷贝eth0 MAC地址
[root@centos8|93|dhclient]#grep -v "^#" /etc/dhcp/dhcpd.conf
option domain-name "example.org"; #domain
option domain-name-servers 180.76.76.76,223.6.6.6; #DNS
default-lease-time 600; #租期
max-lease-time 7200; #连接时长
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 { #加上以下三行
range 10.0.0.10 10.0.0.100; #可分配的网段
range 10.0.0.110 10.0.0.200; #可分配的网段
option routers 10.0.0.2 ; #路由
}
subnet 10.254.239.0 netmask 255.255.255.224 { #以下为范例
range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
subnet 10.254.239.32 netmask 255.255.255.224 {
range dynamic-bootp 10.254.239.40 10.254.239.60; #以下为范例
option broadcast-address 10.254.239.31;
option routers rtr-239-32-1.example.org;
}
subnet 10.5.5.0 netmask 255.255.255.224 {
range 10.5.5.26 10.5.5.30;
option domain-name-servers ns1.internal.example.org;
option domain-name "internal.example.org";
option routers 10.5.5.1;
option broadcast-address 10.5.5.31;
default-lease-time 600;
max-lease-time 7200;
}
host testclient {
hardware ethernet 00:0c:29:87:be:8d; #MAC地址
fixed-address 10.0.0.106; #除上面分配的地址的其他任意地址,还可设置DNS网关租期等
default-lease-time 600; # 租期
max-lease-time 7200; #连接时长
option routers 10.0.0.254; #网关
option domain-name "magedu.net"; #后缀
option domain-name-servers 114.114.114.114,8.8.8.8;
}
host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.example.com;
}
class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}
shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
}
subnet 10.0.29.0 netmask 255.255.255.0 {
option routers rtr-29.example.org;
}
pool {
allow members of "foo";
range 10.17.224.10 10.17.224.250;
}
pool {
deny members of "foo";
range 10.0.29.10 10.0.29.230;
}
}
[root@centos8|85|~]#systemctl start dhcpd 启动dhcp服务
关闭VMware DHCP服务客户端配置文件
[root@centos7|~]#vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
BOOTPROTO=dncp
IPADDR=10.0.0.7
PREFIX=24
GATEWAY=10.0.0.2
DNS1=192.168.1.1
DNS2=8.8.8.8
ONBOOT=yes
[root@centos7|~]#nmcli connection reload
[root@centos7|~]#dhclient
[root@centos7 ~]# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:87:be:8d brd ff:ff:ff:ff:ff:ff
inet 10.0.0.106/24 brd 10.0.0.255 scope global noprefixroute dynamic eth0
valid_lft 513sec preferred_lft 513sec
inet6 fe80::1538:c2c9:4617:ad49/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@centos7|~]#route -n 网关
[root@centos7|~]#cat /etc/resolv.conf DNS
#查看详细信息
[root@centos7|~]#nmcli connection show eth0
#看是否获取
[root@centos7|~]#cat /var/lib/dhclient/dhclient.leases
实现TFTP服务
- 传输层协议的区别
FTP使用TCP作为传输层协议,TFTP使用UDP作为传输层协议 - 使用端口的区别
FTP使用2个端口:TCP端口21,是个侦听端口;TCP端口20或更高TCP端口1024以上用于源连接
TFTP仅使用一个具有停止和等待模式的端口:端口69/udp
安装包:
tftp-server #服务器包
tftp #客户端包
#安装tftp服务器包
[root@centos8 ~]#dnf install tftp-server -y
[root@centos8 ~]#rpm -ql tftp-server
/usr/lib/.build-id
/usr/lib/.build-id/8c
/usr/lib/.build-id/8c/6921a9fb21d66da4fb299d516bce9ee6afea34
/usr/lib/systemd/system/tftp.service
/usr/lib/systemd/system/tftp.socket
/usr/sbin/in.tftpd #tftp主程序
/usr/share/doc/tftp-server
/usr/share/doc/tftp-server/CHANGES
/usr/share/doc/tftp-server/README
/usr/share/doc/tftp-server/README.security
/usr/share/man/man8/in.tftpd.8.gz
/usr/share/man/man8/tftpd.8.gz
/var/lib/tftpboot
#启动服务
[root@centos8 ~]#systemctl enable --now tftp.service
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket →
/usr/lib/systemd/system/tftp.socket.
[root@centos8 ~]#ss -nulp|grep tftp
UNCONN 0 0 *:69 *:*
users:(("in.tftpd",pid=10100,fd=0),("systemd",pid=1,fd=32))
#准备测试文件
[root@centos8 ~]#cp /etc/fstab /var/lib/tftpboot/f1.txt
#安装tftp客户端包
[root@centos7 ~]#yum -y install tftp
#客户端通过tftp测试下载文件
[root@centos7 ~]#tftp 10.0.0.8
tftp> ls
?Invalid command
tftp> help
tftp-hpa 5.2
Commands may be abbreviated. Commands are:
connect connect to remote tftp
mode set file transfer mode
put send file
get receive file
quit exit tftp
verbose toggle verbose mode
trace toggle packet tracing
literal toggle literal mode, ignore ':' in file name
status show current status
binary set mode to octet
ascii set mode to netascii
rexmt set per-packet transmission timeout
timeout set total retransmission timeout
? print help information
help print help information
tftp> get f1.txt
tftp> get dir/f2.txt
tftp> quit
[root@centos7 ~]#ls
anaconda-ks.cfg f1.txt f2.txt
#以下在tftp服务器执行,当用户下载文件后,可以观察到服务器端自动打开in.tftpd主程序
[root@centos8 tftpboot]#ps aux|grep in.tftp
root 1276 0.0 0.2 14912 1720 ? Ss 12:03 0:00
/usr/sbin/in.tftpd -s /var/lib/tftpboot
root 1282 0.0 0.1 12108 960 pts/0 R+ 12:04 0:00 grep --
color=auto in.tftpwindows
ipconfig/release 释放获取的地址,重新申请
ipconfig/renew 刷新租约,续约
利用 PXE 实现自动化系统部署
在CentOS 8 上实现PXE自动化安装CentOS 6,7,8
安装前准备
关闭防火墙和SELINUX,DHCP服务器静态IP
关闭VMware 中DHCP服务
安装相关软件包并启动
安装相关软件包并启动
[root@centos8 ~]#dnf -y install dhcp-server tftp-server httpd syslinux-nonlinux
[root@centos8 ~]#systemctl enable --now httpd tftp dhcpd准备yum 源和相关目录
[root@centos8 ~]#mkdir -pv /var/www/html/centos/{6,7,8}/os/x86_64/
[root@centos8 ~]#mount /dev/sr0 /var/www/html/centos/6/os/x86_64/
[root@centos8 ~]#mount /dev/sr1 /var/www/html/centos/7/os/x86_64/
[root@centos8 ~]#mount /dev/sr2 /var/www/html/centos/8/os/x86_64/准备kickstart文件
[root@centos8 ~]#mkdir /var/www/html/ks/
[root@centos8 ~]#vim /var/www/html/ks/centos6.cfg
[root@centos8 ~]#vim /var/www/html/ks/centos7.cfg
[root@centos8 ~]#vim /var/www/html/ks/centos8.cfg
[root@centos8 ~]#grep -Ev " (#|)" /var/www/html/ks/centos8.cfg
ignoredisk --only-use=sda
zerombr
text
reboot
clearpart --all --initlabel
selinux --disabled
firewall --disabled
url --url=http://10.0.0.100/centos/8/os/x86_64/
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network --bootproto=dhcp --device=ens160 --ipv6=auto --activate
network --hostname=centos8.magedu.com
rootpw --iscrypted
$6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRv
gHBpqgc5n0RypMsPTQnVDcpO01
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=wang --
password=6oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9p
TogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="wang"
part / --fstype="xfs" --ondisk=sda --size=102400
part /data --fstype="xfs" --ondisk=sda --size=51200
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="ext4" --ondisk=sda --size=1024
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end注意应答文件权限必须所有人都有读权限
[root@centos8|192|ks]#ll
总用量 12
-rw-r--r--. 1 root root 953 2月 10 21:09 centos6.cfg
-rw-r--r--. 1 root root 2046 2月 7 19:29 centos7.cfg
-rw-r--r--. 1 root root 1321 2月 7 19:29 centos8.cfg配置DHCP服务
[root@centos8 ~]#cp /usr/share/doc/dhcp-server/dhcpd.conf.example
/etc/dhcp/dhcpd.conf
[root@centos8 ~]#vim /etc/dhcp/dhcpd.conf
option domain-name "example.com";
option domain-name-servers 180.76.76.76,223.6.6.6;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.1 10.0.0.200;
option routers 10.0.0.2;
next-server 10.0.0.8;
filename "pxelinux.0"; }
[root@centos8 ~]#systemctl start dhcpd准备PXE启动相关文件
[root@centos8 ~]#mkdir /var/lib/tftpboot/centos{6,7,8}
#准备CentOS6,7,8各自的内核相关文件
[root@centos8 ~]#cp
/var/www/html/centos/6/os/x86_64/isolinux/{vmlinuz,initrd.img}
/var/lib/tftpboot/centos6
[root@centos8 ~]#cp
/var/www/html/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img}
/var/lib/tftpboot/centos7
[root@centos8 ~]#cp
/var/www/html/centos/8/os/x86_64/isolinux/{vmlinuz,initrd.img}
/var/lib/tftpboot/centos8
[root@centos8 ~]#cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot/ #以下三个文件是CentOS8安装所必须文件,CentOS6,7则不需要
[root@centos8 ~]#cp
/var/www/html/centos/8/os/x86_64/isolinux/{ldlinux.c32,libcom32.c32,libutil.c32}
/var/lib/tftpboot/
#生成安装菜单文件
[root@centos8 ~]#mkdir /var/lib/tftpboot/pxelinux.cfg/
[root@centos8 ~]#cp /var/www/html/centos/8/os/x86_64/isolinux/isolinux.cfg
/var/lib/tftpboot/pxelinux.cfg/default
#最终目录结构如下
[root@centos8 ~]#tree /var/lib/tftpboot
.
├── centos6
│ ├── initrd.img
│ └── vmlinuz
├── centos7
│ ├── initrd.img
│ └── vmlinuz
├── centos8
│ ├── initrd.img
│ └── vmlinuz
├── ldlinux.c32
├── libcom32.c32
├── libutil.c32
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg
└── default
4 directories, 12 files准备启动菜单文件
[root@centos8 ~]#vim /var/lib/tftpboot/pxelinux.cfg/default
default menu.c32
timeout 600
menu title Install CentOS Linux
label linux8
menu label Auto Install CentOS Linux ^8
kernel centos8/vmlinuz
append initrd=centos8/initrd.img ks=http://10.0.0.8/ks/centos8.cfg
label linux7
menu label Auto Install CentOS Linux ^7
kernel centos7/vmlinuz
append initrd=centos7/initrd.img ks=http://10.0.0.8/ks/centos7.cfg
label linux6
menu label Auto Install CentOS Linux ^6
kernel centos6/vmlinuz
append initrd=centos6/initrd.img ks=http://10.0.0.8/ks/centos6.cfg
label manual
menu label ^Manual Install CentOS Linux 8.0
kernel vmlinuz
append initrd=initrd.img inst.repo=http://10.0.0.8/centos/8/os/x86_64/
label rescue
menu label ^Rescue a CentOS Linux system 8
kernel centos8/vmlinuz
append initrd=centos8/initrd.img
inst.repo=http://10.0.0.8/centos/8/os/x86_64/ rescue
label local
menu default
menu label Boot from ^local drive
localboot 0xffff网卡启动安装
可能遇到的错误 :
1,如果无法进入菜单项,DHCP设置的IP地址有问题
2,进入菜单项无法安装
- 内存不足
- VMware虚拟机硬盘空间不足
- 应答文件文件配置问题
- 启动菜单项配置问题
利用cobbler实现自动化安装
环境准备
两台主机
一台主机:CentOS 7.7 充当Cobbler,http,dhcp,tftp服务器,并关闭防火墙和SELinux
一台主机:充当测试机,用于实现自动化安装Linux系统
网络要求:关闭Vmware软件中的NAT模式中的DHCP服务,两个主机网卡基于NAT模式
安装相关包并启动服务
安装相关包并启动服务
[root@centos7 ~]#yum install cobbler dhcp
[root@centos7 ~]#systemctl enable --now cobblerd httpd tftp dhcpd修改dhcp配置文件
修改cobbler相关的配置
[root@centos7 ~]#cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
6 : enable and start rsyncd.service with systemctl
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
#根据以上提示,只需要做1,2,8这三项即可,修改下面四行
[root@centos7 ~]#vim /etc/cobbler/settings
default_password_crypted: "$1$gEc7ilpP$pg5iSOj/mlxTxEslhRvyp/" #密码
next_server:< tftp服务器的 IP 地址> 10.0.0.7
server:<cobbler服务器的 IP 地址> 10.0.0.7
manage_dhcp:1 #设置为1,表示通过cobbler生成dhcpd.conf配置文件
[root@centos7 ~]#systemctl restart cobblerd
[root@centos7 ~]#cobbler sync
**下载启动的相关文件**
```bash
[root@centos7 ~]#cobbler get-loaders
task started: 2020-02-10_163111_get_loaders
task started (id=Download Bootloader Content, time=Mon Feb 10 16:31:11 2020)
downloading https://cobbler.github.io/loaders/README to
/var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to
/var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to
/var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to
/var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to
/var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to
/var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to
/var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to
/var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to
/var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to
/var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
[root@centos7 ~]#ls /var/lib/cobbler/loaders
COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README
COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot
[root@centos7 ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
├── etc
├── grub
├── images
├── images2
├── ppc
├── pxelinux.cfg
└── s390x
8 directories, 0 files
[root@centos7 ~]#cobbler sync
task started: 2020-02-10_163219_sync
task started (id=Sync, time=Mon Feb 10 16:32:19 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 ->
/var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi ->
/var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi ->
/var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@centos7 ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ ├── grub-x86_64.efi
│ ├── grub-x86.efi
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── yaboot
10 directories, 10 files实现dhcp服务
#修改dhcp的模版文件下面的行,用来生成dhcp的配置文件
[root@centos7 ~]#vim /etc/cobbler/dhcp.template
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.2;
option domain-name-servers 180.76.76.76,223.6.6.6;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.10 10.0.0.200;
[root@centos7 ~]#systemctl restart cobblerd
[root@centos7 ~]#cobbler sync
[root@centos7 ~]#cat /etc/dhcp/dhcpd.conf 查看dhcp文件是否生成
# ******************************************************************
# Cobbler managed dhcpd.conf file
# generated from cobbler dhcp.conf template (Tue Feb 11 01:22:58 2020)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.2;
option domain-name-servers 180.76.76.76;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.10 10.0.0.200;
default-lease-time 21600;
max-lease-time 43200;
next-server 10.0.0.7;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
# group for Cobbler DHCP tag: default
group {
}
[root@centos7|cobbler]#systemctl start dhcpd修改菜单的标题信息
[root@centos7 ~]#vim /etc/cobbler/pxe/pxedefault.template
MENU TITLE Cobbler | http://www.magedu.com/
[root@centos7 ~]#cobbler sync
[root@centos7 ~]#cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.magedu.com/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
MENU end到这步可以测试一下网卡启动看是否成功
导入CentOS系统的安装文件,生成相应的YUM源
[root@centos7 ~]#cobbler distro list 查看列表没有任何系统
这里只用centos6做演示
[root@centos7|~]#echo '- - -' > /sys/class/scsi_host/host0/scan 加入光驱
[root@centos7|~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
├─sda2 8:2 0 100G 0 part /
├─sda3 8:3 0 50G 0 part /data
├─sda4 8:4 0 1K 0 part
└─sda5 8:5 0 4G 0 part [SWAP]
sr0 11:0 1 10.3G 0 rom /mnt
sr1 11:1 1 6.7G 0 rom
sr2 11:2 1 3.7G 0 rom
[root@centos7 ~]#mount /dev/sr2 /mnt
mount: /dev/sr1 is write-protected, mounting read-only
[root@centos7 ~]#cobbler import --name=centos-6.1-x86_64 --path=/mnt --arch=x86_64
[root@centos7|~]#du -sh /var/www/cobbler/ks_mirror/*
1.4G /var/www/cobbler/ks_mirror/centos-6.1-x86_64
0 /var/www/cobbler/ks_mirror/config
[root@centos7|~]#du -sh /var/www/cobbler/ks_mirror/*
1.8G /var/www/cobbler/ks_mirror/centos-6.1-x86_64
0 /var/www/cobbler/ks_mirror/config
[root@centos7|~]#cobbler distro list
centos-6.1-x86_64
[root@centos7|~]#cobbler profile list 查看菜单
centos-6.1-x86_64
[root@centos7|~]#cobbler profile report
Name : centos-6.1-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos-6.1-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
[root@centos7|~]#cd /var/lib/tftpboot/pxelinux.cfg/
[root@centos7|pxelinux.cfg]#cat default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.magedu.com/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL centos-6.1-x86_64
kernel /images/centos-6.1-x86_64/vmlinuz
MENU LABEL centos-6.1-x86_64
append initrd=/images/centos-6.1-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://10.0.0.7/cblr/svc/op/ks/profile/centos-6.1-x86_64
ipappend 2
MENU end以上就可以进行网卡启动最小化安装(系统自动成应答文件)
如果用自己的应答文件的化进行以下步骤
准备 kickstart文件,并关联至指定的YUM源
自己定制应答文件
[root@centos7 ~]#vim /var/lib/cobbler/kickstarts/centos6.cfg 放应答文件的路径
[root@centos7 ~]#cat /var/lib/cobbler/kickstarts/centos6.cfg
install
text
reboot
url --url=$tree #这一项必须改
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto dhcp --noipv6
rootpw --iscrypted $6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRvgHBpqgc5n0RypMsPTQnVDcpO01
firewall --disabled
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
zerombr
clearpart --all --initlabel
part /boot --fstype=ext4 --size=1024
part / --fstype=ext4 --size=50000
part /data --fstype=ext4 --size=30000
part swap --size=2048
%packages
@core
@server-policy
@workstation-policy
autofs
vim-enhanced
%end
%post
useradd wang
echo magedu | passwd --stdin wang &> /dev/null
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
cat > /etc/yum.repos.d/base.repo <<EOF
[base]
name=base
baseurl=file:///misc/cd
gpgcheck=0
EOF
%end
#将kickstart文件,关联指定的YUM源和生成菜单列表
[root@centos7|~]#cobbler profile list
centos-6.1-x86_64
[root@centos7|~]#cobbler profile add --name=CentOS-6.1_test --distro=CentOS-6.1-x86_64 --kickstart= /var/lib/cobbler/kickstarts/centos6.cfg
观察以下文件看是否生成菜单
[root@centos7|~]#vim /var/lib/tftpboot/pxelinux.cfg/default
[root@centos7|~]#cobbler profile list
CentOS-6.1_test
centos-6.1-x86_64
#可以删除默认的菜单列表
[root@centos7|~]#cobbler profile remove --name=centos-6.1-x86_64
[root@centos7|~]#cobbler profile list
CentOS-6.1_test实现cobbler 的web管理
[root@centos7 ~]#yum -y install cobbler-web
[root@centos7 ~]#systemctl restart httpd
进入https://10.0.0.7/cobbler_web #测试创建cobbler的自定义的web用户
[root@centos7 ~]#cat /etc/cobbler/users.digest
cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3
[root@centos7 ~]#htdigest -c /etc/cobbler/users.digest Cobbler admin
Adding password for admin in realm Cobbler.
New password:
Re-type new password:
[root@centos7 ~]#cat /etc/cobbler/users.digest
admin:Cobbler:461941848a17e1b412f94c100a79bf75
3
[root@centos7 ~]#htdigest /etc/cobbler/users.digest Cobbler admin2
Adding user admin2 in realm Cobbler
New password:
Re-type new password:
[root@centos7 ~]#cat /etc/cobbler/users.digest
admin:Cobbler:461941848a17e1b412f94c100a79bf75
3
admin2:Cobbler:8e3ab6cc196fac11dcf0512c200a672flinux常见服务端口号
ftp 21
ssh 22
telnet 23
DNS 53
http(web端) 80
https 443
tomcat 8005
ntp 123
nfs 2049
smaba 137,138,139/tcp
rsyslog 514 tcp/udp
pop3 110/tcp
pop3s 995/tcp
postfix 25
smtp 25/tcp
smtps 465/tcp
imap 143/tcp
imaps 993/tcp
dhcp 服务器67 客户端68
iscsi 3260
redis 6379
memcached 3360
mysql 3306
zabbix-server 10051
zabbix-agent 10050
snmp 使用udp 161
php-fpm 9000
rsync 873
nginx 80
时间同步服务chrony 323
tftp 69来源:CSDN
作者:你是遥远的星河
链接:https://blog.csdn.net/qq_45414629/article/details/104259906