无人值守安装(自动按定制的需求来批量安装linux系统)
kickstart
cobbler
linux安装系统的方法:
1,光盘 把iso镜像刻录(windows下有类似nero这类软件)到光盘里,通过光驱,再修改BIOS第一启动顺序为光驱进行安装
2,u盘 把iso镜像刻录(windows下有类似nero这类软件)到U盘里(具体过程请上网自已查),通过USB接口,再修改BIOS第一启动顺序为U盘进行安装
3,硬盘 在linux硬盘上有iso镜像,可以通过grub进行硬盘安装第二个操作系统,或者重装系统(只重格根分区,不要重格iso所在的分区)
4,网络
======================================================================
/share/soft/rhel-server-6.5-x86_64-dvd.iso 3.6G 3.6G 0 100% /yum rhel6的iso镜像里的基本文件说明: Packages:这个目录是存放rhel6所有的rpm包(但不代表其它的linux也都一样,比如rhel5是分为四个目录来存放rpm包的) repodata: (repository data软件仓库数据目录,你可以把它比喻成一个仓库货物清单),在yum仓库里找软件包不是直接去找包在哪,而是找repodata(这是配置yum要知道的一个关键知识点) images和isolinux目录:简单来说和启动引导系统有关(包括vmlinuz和initrd.img启动内核的文件) EFI:简单来说EFI是BIOS的升级版 =========================================================
硬盘安装linux系统
# df -h
/dev/sda6 47G 4.0G 40G 9% /share
准备下面这些东西,最好都放到一个专门的分区挂载目录,我这里是/dev/sda6
/share/rhel-server-6.5-x86_64-dvd.iso
/share/isolinux/
/share/images/
/share/vmlinuz
/share/initrd.img
重启你的操作系统,在grub界面按C键,
grub > root (hd0,5)
grub > kernel /vmlinuz
grub > initrd /initrd.img
grub > boot
就会进入装系统的界面,和以前装系统的过程几乎一样,只有一个地方不一样就是有一步它会问你你的安装方式,你选择hard drive,然后再会问你iso的路径,你选择/dev/sda6就可以了;
========================================================
基于pxe(preboot execute environment)技术
pxe是intel公司的技术,工作server/client的网络模式,支持客户端从服务端下载软件,再使用tftp(trival file tranfer protocol) 协议下载一个启动软件包到客户端内存中执行。 tftp 简单文件传输协议,提供简单的,不可靠的文件传输。基于UDP的69端口。 要求的技术和服务: 1。nfs服务器或者用http,ftp三种协议之一 (共享安装光盘目录文件)
2。tftp服务器 --共享启动相关文件
3。dhcp服务器 --客户端获取IP,网关,DNS指向,主机名,NIS域,NTP
4。kickstart程序生成的ks.cfg配置文件(此文件就定义了安装系统如何分区,如何格式化,root密码等等) 取一个安装名字,可以由客户端自动选择是否用此安装名安装 满足上面的1,2,3三点,就是安装服务器(类似第一天来学习时的安装系统的网络服务器) 客户端(支持pxe的网卡)选择网络启动--通过dhcp获取IP可以和服务器通迅--通过tftp下载系统引导文件--按照ks.cfg配置文件里的方式来自动安装操作系统--在安装最后一步要安装软件包,会按照ks.cfg里配置的软件包来安装 我们这里用一个虚拟机做服务器,另一个虚拟机做客户端,并使用host-only(vmnet1)网络,防止都在同一个网络造成dhcp获取混乱(我这里的用的网段为192.168.100.0/24,这是一个公网网段,我在这里只是实验测试为了方便而已) cobbler server ------- client
192.168.100.2/24
安装前准备: (这里特别要注意一点:你的虚拟机的cobbler-server的/var目录空间最少要有4G以上空间)
1,关闭iptables,selinux
2,配置静态IP
3,设置主机名
4,时间同步
5,配置本地iso镜像里的yum仓库
====================================================
此为Redhat6版本的安装及配置方法
我这里直接把宿主机里的镜像/share/iso/rhel-server-6.5-x86_64-dvd.iso直接放到cobbler server虚拟机的光驱里
# mkdir /yum
# mount /dev/cdrom /yum 第一大步:在cobbler server上安装cobbler
软件包路径共享在 笔记目录/program/cobbler_soft/
cobbler-2.6.3-1.el6.noarch.rpm koan-2.6.9-1.el6.noarch.rpm repodata
cobbler-web-2.6.3-1.el6.noarch.rpm libyaml-0.1.4-2.3.x86_64.rpm
Django14-1.4.20-1.el6.noarch.rpm PyYAML-3.10-3.1.el6.x86_64.rpm # vim /etc/yum.repos.d/rhel-source.repo --在你原来的yum的配置基础上,再加上下面这一段
[cobbler]
name=cobbler
baseurl=file:///cobbler_soft
enabled=1
gpgcheck=0 确认配置好yum后,直接下面一条命令把相关软件包全安装上
# yum install cobbler cobbler-web tftp* rsync xinetd http* syslinux dhcp* pykickstart 第二大步:基本配置
# cobbler check --查看cobbler潜在的需要修改的选项(有可能因为你的httpd启不来,而选成无法显示下面的结果;按报错去解决它)
The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
6 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes. --说明:上面我这里是有9个需求(不同的机器和环境可能会不一样,按照它的说明去解决就可以了) 解决需求1,需求2,需求8:
# openssl passwd -1 -salt 'werwqerwqr' '123456' --123456为密码(这是自动安装客户端系统成功后的root登录密码),werwqerwqr为随机字节干扰码(随便写)
$1$werwqerw$.prcfrYFbwuvkD8XspayN. # vim /etc/cobbler/settings
384 server: 192.168.100.2 --换成cobbler服务器端的IP
272 next_server: 192.168.100.2 --同上
101 default_password_crypted: "$1$werwqerw$.prcfrYFbwuvkD8XspayN." --把密码字符串换成你上面产生的字符串(此密码为客户机安装后的root登录密码) # /etc/init.d/cobblerd restart --修改后重启 解决需求3
关闭selinux
# vim /etc/selinux/config --把下面的改成disabled,然后reboot你的系统
SELINUX=disabled --如果真的要完全关闭,必须按上面的操作并重启生效;如果你觉得麻烦,可以使用setenforce 0暂时代替 解决需求5
# vim /etc/xinetd.d/rsync
disable = no --yes改为no 解决需求6
# /etc/init.d/iptables stop
# chkconfig iptables off
或者开启iptables,但要开放69, 80/443, 25151这几个端口 解决需求9
# yum install fence-agents 解决了上面的问题后,再次cobbler check
# cobbler check --解决了上面的问题,只余下两个问题了(问题1可以使用cobbler get-loaders解决,但需要有外网和外网的yum源;问题2是关于debian系统的,我们这里可以忽略)
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
Restart cobblerd and then run 'cobbler sync' to apply changes. 第三大步:导入镜像
# ls /var/www/cobbler/ks_mirror/
config # cobbler import --path=/yum/ --name=rhel6.5-x86-64 --将挂载的镜像目录/yum位置导入到cobbler,name后面接的是你取的一个名称
。。。。。。
*** TASK COMPLETE *** # ls /var/www/cobbler/ks_mirror/ --导入完后,这里会多了刚导入的镜像目录
config rhel6.5-x86-64 # cobbler distro list --列表你cobbler导入的镜像
rhel6.5-64-x86_64 # cobbler profile list --列表你的cobbler自动安装方案(从这里看到你导入一个镜像会默认做一个与它同名的安装方案)
rhel6.5-64-x86_64 --cobbler可以实现多种不同的iso镜像导入,并且每个iso镜像还可以对应多种不同安装方法(也就是说一个distro可以对应多个profile) 第四大步:
修改dhcp,让cobbler来管理dhcp,并进行cobbler配置同步
修改/etc/cobbler/dhcp.template,此文件是cobbler管理dhcp的模板(不需要象kickstart那样去修改/etc/dhcp/dhcpd.conf,修改了也没用,它会在后面做cobbler sync时把/etc/cobbler/dhcp.template拷过去覆盖/etc/dhcp/dhcpd.conf文件,并启动dhcp) 只修改下面这一段,改成你自己对应的IP和网段就可以了
# vim /etc/cobbler/dhcp.template
subnet 192.168.100.0 netmask 255.255.255.0 { --改你分配的网段,掩码
option routers 192.168.100.2; --改你分配的网关
option domain-name-servers 192.168.100.2; --改你分配的DNS指向
option subnet-mask 255.255.255.0; --改你分配的IP的掩码
range dynamic-bootp 192.168.100.200 192.168.100.254; --改你分配的IP的范围
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
} # vim /etc/cobbler/settings --再去修改这个配置文件,改成dhcp服务由cobbler来管理
242 manage_dhcp: 1 --把0改为1 # /etc/init.d/cobblerd restart --保存后,再重启此服务 # cobbler sync --同步cobbler配置,并初始化,帮你启动dhcp等
。。。。。。
*** TASK COMPLETE *** # /etc/init.d/xinetd restart --把xinetd服务重启一下 第五大步:
测试验证:新建一个vmnet1网段(因为我前面配置的是这个网段)的虚拟机,然后启动,会出现cobbler的引导安装界面,选择并自动安装(这里自动安装的系统没有图形界面,默认只安装417个包而已)
====================================================================================
centos7.3下搭建cobbler
centos7.3下使用私有网络(我这里使用kvm自建的default1网络,网段为192.168.100.0/24)实现cobbler自动安装 cobbler server ------- client
192.168.100.2/24
第一步:
先安装cobbler相关软件包 (需要epel源,local源,centos163源;但因为需要用私有网络来做实验,但私有网络又不能和我的共享源连接,所以先可以使用桥接网络把下面的包装上,再换成私有网络)
# yum install cobbler cobbler-web tftp* rsync xinetd http* syslinux dhcp* pykickstart fence-agents xinetd debmirror system-config-kickstart
(--这里注意一个问题:我写的笔记有些时候是用中文五笔输入法打的空格,在这个文本编辑器里看不出什么问题,但你复制粘贴到centos7.3终端的时候可能会出现问题;所以请自己留个心眼,看清楚是否是所有要求的包都安装了) 第二步:启动服务,并使用cobbler check查询哪些需要修改
# systemctl restart cobblerd.service
# systemctl restart httpd.service
# systemctl enable cobblerd.service
# systemctl enable httpd.service
# cobbler check 第三步:按照cobbler check对应的信息修改
# sed -i 272s/127.0.0.1/192.168.100.2/ /etc/cobbler/settings
# sed -i 384s/127.0.0.1/192.168.100.2/ /etc/cobbler/settings
# sed -i 242s/0/1/ /etc/cobbler/settings
# openssl passwd -1 -salt 'xcvsfdsdfwq' '123456'
$1$xcvsfdsd$cGxdcHuQGCnu5vJw5M7zX1
# vim /etc/cobbler/settings --在101行把上面产生的密码字符串粘贴到""里替代原来的字符串
default_password_crypted: "$1$xcvsfdsd$cGxdcHuQGCnu5vJw5M7zX1"
# systemctl restart cobblerd.service
# sed -i /disable/s/yes/no/ /etc/xinetd.d/tftp
# systemctl restart rsyncd.service
# systemctl enable rsyncd.service 第四步:导入centos7.3的iso镜像
# cobbler import --path=/yum/ --name=centos7.3
# cobbler distro list --导入成功后,确认导入的镜像名
centos7.3-x86_64
# cobbler profile list --导入成功后,确认默认的profile名
centos7.3-x86_64 第五步:修改dhcp配置
# vim /etc/cobbler/dhcp.template --在此文件的第21行到第25行修改成你对应的网段和ip
subnet 192.168.100.0 netmask 255.255.255.0 {
option routers 192.168.100.2;
option domain-name-servers 192.168.100.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.100.100 192.168.100.254; 第六步:使用cobbler sync同步,并启动xinetd服务
# cobbler sync
# systemctl restart xinetd.service
# systemctl enable xinetd.service 第七步:新建另一个虚拟机(保证相同私有网络,并且最好2G内存,内存小的话会在安装时报空间不够的错误),进行安装测试
(注意:新建的虚拟机需要选择已网络为优先启动项。不然会提示获取不到安装文件)
==============================================================================
自定义ks文件
自动安装我们已经实现了,但如何自定义我们想安装的profile
重点就是你需要自定义一个ks文件
自定义ks文件的方法
1,如果你很熟悉此文件,直接拷别人的模版修改或者直接使用/root/anaconda-ks.cfg来修改
2,使用一个图形工具system-config-kickstart来帮助你配置(下面我就是使用这种方法) # yum install system-config-kickstart
# system-config-kickstart
# vim /etc/yum.repos.d/local.repo --这里有个小问题,需要把软件仓库里改成development,图形才能选择包,否则图形在选择软件包那一步看不到
[development]
name=development
baseurl=file:///yum/
enabled=1
gpgcheck=0
--图形的操作过程这里省略 给大家两个做好的ks.cfg文件参考: 第一个文件就是大家用来安装centos7.3宿主机的ks文件,内容如下:
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$6RbFC2nC$GBugZL7ACuGhck8DbUZgM/
# Use network installation
url --url="http://172.16.13.250/cobbler/ks_mirror/centos7.3/"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai --isUtc
# System bootloader configuration
bootloader --append="rhgb quiet" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="xfs" --size=300
part swap --fstype="swap" --size=4000
part / --fstype="xfs" --size=150000
part /data --fstype="xfs" --size=80000
%packages
@additional-devel
@desktop-debugging
@development
@fonts
@gnome-desktop
@input-methods
@kde-desktop
@legacy-x
@platform-devel
@remote-desktop-clients
@x11
initial-setup
initial-setup-gui
vinagre
%end 第二个文件是用来宿主机安装双系统的ks文件
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$6RbFC2nC$GBugZL7ACuGhck8DbUZgM/
# Use network installation
url --url="http://172.16.13.250/cobbler/ks_mirror/centos7.3/"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai --isUtc
# System bootloader configuration
bootloader --append="rhgb quiet" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --none
# Disk partitioning information
part swap --fstype="swap" --size=4000
part / --fstype="xfs" --grow --size=1
%packages
@additional-devel
@desktop-debugging
@development
@fonts
@gnome-desktop
@input-methods
@kde-desktop
@legacy-x
@platform-devel
@remote-desktop-clients
@x11
initial-setup
initial-setup-gui
vinagre
%end =========================================================================
# cobbler profile help --查看帮助
# cobbler profile list --查看有哪些profile
centos7.3-x86_64 # cobbler profile report --name=centos7.3-x86_64 |grep Kickstart
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks --这就是这个安装方案的kickstart文件
Kickstart Metadata : {} 我现在自定义一个ks文件,也想做成一个profile,步骤如下:
步骤一:
自定义ks文件(使用system-config-kickstart或直接找一个模版文件修改),得到如下的文件 # vim /var/lib/cobbler/kickstarts/centos7.3.ks --复制下面一大段信息,粘到此文件里
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$6RbFC2nC$GBugZL7ACuGhck8DbUZgM/
# Use network installation
url --url="http://192.168.100.2/cobbler/ks_mirror/centos7.3/"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled
# Network information
network --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai --isUtc
# System bootloader configuration
bootloader --append="rhgb quiet" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="xfs" --size=300
part swap --fstype="swap" --size=2000
part / --fstype="xfs" --grow --size=1
%post
rm /etc/yum.repos.d/* -rf
cat > /etc/yum.repos.d/local.repo << EOF
[base]
name=base
baseurl=file:///yum
enabled=1
gpgcheck=0
EOF
%end
%packages
@additional-devel
@desktop-debugging
@development
@fonts
@gnome-desktop
@input-methods
@kde-desktop
@legacy-x
@platform-devel
@remote-desktop-clients
@x11
initial-setup
initial-setup-gui
vinagre
%end
步骤二:把准备好的ks文件做成一个新的profile
# cobbler profile add --name=new_centos7.3 --distro=centos7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.3.ks
# cobbler profile list --在原来基础上就多了自定义的安装方案
centos7.3-x86_64
new_centos7.3 步骤三:
测试
然后就可以新建一个客户端虚拟机,使用上面的new_centos7.3安装名字来测试了 ==================================================================
对上面操作的扩展(仅供参考)
# cobbler profile edit --name=new_centos7.3 --kickstart=/var/lib/cobbler/kickstarts/xxx.ks
# cobbler profile remove --name=new_centos7.3
====================================================================== 客户端使用koan与服务器的cobbler联系,实现自动重装系统
客户端需要安装koan软件包(epel源里就有)
# yum install koan
# koan --server=192.168.100.2 --list=profiles --192.168.100.2为cobbler服务器IP,得到的结果和在cobbler服务器上cobbler profile list命令得到的结果一样
centos7.3-x86_64
new_centos7.3
# koan --replace-self --server=192.168.100.2 --profile=new_centos7.3 --指定本客户端按照名为new_centos7.3的profile重装系统
# reboot --敲完上面的命令,使用reboot,就会重装了(没敲上面的命令那reboot就是重启) =====================================================================================