1、配置chrony服务,实现服务器时间自动同步
时间同步介绍
我们知道在网络中可以利用NTP(Network Time Protocol)协议使网络中的各计算机实践达到同步。NTP协议属于运维基础架构中必备的基本服务之一。
时间同步实现:ntp,chrony
chrony 的优势:
更快的同步只需要数分钟而非数小时时间,从而最大程度减少了时间和频率
误差,对于并非全天 24 小时运行的虚拟计算机而言非常有用
能够更好地响应时钟频率的快速变化,对于具备不稳定时钟的虚拟机或导致时钟频率发生变化的节能技术而言非常有用
在初始同步后,它不会停止时钟,以防对需要系统时间保持单调的应用程序造成影响
在应对临时非对称延迟时(例如,在大规模下载造成链接饱和时)提供了更好的稳定性
无需对服务器进行定期轮询,因此具备间歇性网络连接的系统仍然可以快速同步时钟
chrony软件包:
包:chrony
两个主要程序:chronyd和chronyc
chronyd:后台运行的守护进程,用于调整内核中运行的系统时钟和时钟服务
器同步。它确定计算机增减时间的比率,并对此进行补偿
chronyc:命令行用户工具,用于监控性能并进行多样化的配置。它可以在
chronyd实例控制的计算机上工作,也可在一台不同的远程计算机上工作
服务unit 文件: /usr/lib/systemd/system/chronyd.service
监听端口: 323/udp,123/udp
配置文件: /etc/chrony.conf
#C7演示
[root@c7-37-101-mini ~]# yum install chrony -y
#无此包,安装
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
base | 3.6 kB 00:00
epel | 4.7 kB 00:00
extras | 2.9 kB 00:00
updates | 2.9 kB 00:00
(1/3): epel/x86_64/updateinfo | 1.0 MB 00:00
(2/3): updates/7/x86_64/primary_db | 176 kB 00:00
(3/3): epel/x86_64/primary_db | 6.8 MB 00:01
Resolving Dependencies
--> Running transaction check
---> Package chrony.x86_64 0:3.4-1.el7 will be installed
--> Processing Dependency: libseccomp.so.2()(64bit) for package: chrony-3.4-1.el7.x86_64
--> Running transaction check
---> Package libseccomp.x86_64 0:2.3.1-4.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================
Package Arch Version Repository
Size
================================================================
Installing:
chrony x86_64 3.4-1.el7 base 251 k
Installing for dependencies:
libseccomp x86_64 2.3.1-4.el7 base 56 k
Transaction Summary
================================================================
Install 1 Package (+1 Dependent package)
Total download size: 307 k
Installed size: 788 k
Downloading packages:
(1/2): libseccomp-2.3.1-4.el7.x86_64.rpm | 56 kB 00:00
(2/2): chrony-3.4-1.el7.x86_64.rpm | 251 kB 00:00
----------------------------------------------------------------
Total 1.0 MB/s | 307 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libseccomp-2.3.1-4.el7.x86_64 1/2
Installing : chrony-3.4-1.el7.x86_64 2/2
Verifying : libseccomp-2.3.1-4.el7.x86_64 1/2
Verifying : chrony-3.4-1.el7.x86_64 2/2
Installed:
chrony.x86_64 0:3.4-1.el7
Dependency Installed:
libseccomp.x86_64 0:2.3.1-4.el7
Complete!
[root@c7-37-101-mini ~]# rpm -q chrony
chrony-3.4-1.el7.x86_64
[root@c7-37-101-mini ~]# rpm -ql chrony
/etc/NetworkManager/dispatcher.d/20-chrony
/etc/chrony.conf
#配置文件
/etc/chrony.keys
/etc/dhcp/dhclient.d/chrony.sh
/etc/logrotate.d/chrony
/etc/sysconfig/chronyd
#守护进程
/usr/bin/chronyc
/usr/lib/systemd/ntp-units.d/50-chronyd.list
/usr/lib/systemd/system/chrony-dnssrv@.service
/usr/lib/systemd/system/chrony-dnssrv@.timer
/usr/lib/systemd/system/chrony-wait.service
/usr/lib/systemd/system/chronyd.service
/usr/libexec/chrony-helper
/usr/sbin/chronyd
/usr/share/doc/chrony-3.4
/usr/share/doc/chrony-3.4/COPYING
/usr/share/doc/chrony-3.4/FAQ
/usr/share/doc/chrony-3.4/NEWS
/usr/share/doc/chrony-3.4/README
/usr/share/man/man1/chronyc.1.gz
/usr/share/man/man5/chrony.conf.5.gz
/usr/share/man/man8/chronyd.8.gz
/var/lib/chrony
/var/lib/chrony/drift
/var/lib/chrony/rtc
/var/log/chrony
[root@c7-37-101-mini ~]# ss -tnlup|grep 323
#chrony服务监听在udp的323端口
udp UNCONN 0 0 127.0.0.1:323 *:* users:(("chronyd",pid=2074,fd=5))
udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=2074,fd=6))
[root@c7-37-101-mini ~]# systemctl status chronyd
#默认chronyd服务启动只能和别人进行同步,不能让别人和它进行同步
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-05-13 03:13:50 CST; 7h ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 2076 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 2072 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
CGroup: /system.slice/chronyd.service
└─2074 /usr/sbin/chronyd
May 13 03:13:50 c7-37-101-mini systemd[1]: Sta...
May 13 03:13:50 c7-37-101-mini chronyd[2074]: ...
May 13 03:13:50 c7-37-101-mini systemd[1]: Per...
May 13 03:13:50 c7-37-101-mini systemd[1]: Sta...
May 13 03:13:57 c7-37-101-mini chronyd[2074]: ...
May 13 03:13:57 c7-37-101-mini chronyd[2074]: ...
May 13 10:22:20 c7-37-101-mini chronyd[2074]: ...
May 13 10:23:25 c7-37-101-mini chronyd[2074]: ...
Hint: Some lines were ellipsized, use -l to show in full.
#客户端,和服务端都需要持续运行
配置/etc/chrony.conf文件实现时间同步服务
1. 实现时间服务器与阿里云同步时间
#修改为阿里云国内的的时间服务
oot@c7-37-101-mini ~]# vim /etc/chrony.conf
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
#删除修改为aliyun
ol.ntp.org/join.html).
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
[root@c7-37-101-mini ~]# systemctl restart chronyd
[root@c7-37-101-mini ~]# chronyc -n sources -v
210 Number of sources = 2
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^+ 203.107.6.88 2 6 17 7 -12ms[ -12ms] +/- 36ms
^* 120.25.115.20 2 6 17 7 +7284us[+7114us] +/- 20ms
2. 实现此服务器可以让局域网中的机器同步时间
# Allow NTP client access from local network.
allow 192.168.37.0/24
#允许1912.168.37.0网段可以向自己同步时间
allow 172.16.0.0/16
#允许172.16.0.0网段可以向自己同步时间
#3.配置即使服务器断网也可以和我同步
# Serve time even if not synchronized to a time s
ource.
local stratum 10
#客户端配置
3.局域网中其它机器的设置
#C7
[root@C7-37-100-destop ~]# vim /etc/chrony.conf
# Use public servers from the pool.ntp.org projec
t.
# Please consider joining the pool (http://www.po
ol.ntp.org/join.html).
server 192.168.37.101 iburst
[root@C7-37-100-destop ~]# systemctl restart chronyd
[root@C7-37-100-destop ~]# chronyc sources -v
210 Number of sources = 2
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.37.101 3 6 17 5 +8341ns[ +31us] +/- 47ms
^- 192.168.37.128 3 6 17 5 +8376us[+8376us] +/- 145ms
[root@C7-37-100-destop ~]# date
Wed May 13 11:05:34 CST 2020
[root@C7-37-100-destop ~]# systemctl restart chronyd
[root@C7-37-100-destop ~]# chronyc sources -v
210 Number of sources = 2
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.37.101 3 6 17 5 +8341ns[ +31us] +/- 47ms
^- 192.168.37.128 3 6 17 5 +8376us[+8376us] +/- 145ms
[root@C7-37-100-destop ~]# date
Wed May 13 11:05:34 CST 2020
#客户端也需要开启chronyd服务,配置修改以后,重启,测试已能时间同步
2、实现cobbler+pxe自动化装机
cobbler介绍
Cobbler:
快速网络安装linux操作系统的服务,支持众多的Linux发行版:Red Hat、
Fedora、CentOS、Debian、Ubuntu和SuSE,也可以支持网络安装windows
PXE的二次封装,将多种安装参数封装到一个菜单 Python编写
提供了CLI和Web的管理形式
vmware实现cobbler自动化安装
1.准备工作
A. 准备一台虚拟机,做cobbler服务器,需要二块网卡,一块需要连接外网,一块需要和测试机在同一网段内;
B. 新建一台虚拟机,设置网卡启动;
C. 取消虚拟机自带的DHCP功能;
[root@c7-37-103-mini ~]# uname -r
3.10.0-1062.el7.x86_64
[root@c7-37-103-mini ~]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
[root@c7-37-103-mini ~]# ping www.baidu.com
#可以连接外网,cobbler中自动复制的文件依赖外网下载
PING www.a.shifen.com (180.101.49.12) 56(84) bytes of data.
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=1 ttl=128 time=7.84 ms
^C
--- www.a.shifen.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 7.840/7.840/7.840/0.000 ms
2.cobbler服务器安装配置
cobbler服务器所需要的服务安装,cobbler会自动安装tftp,httpd服务,所以只需要安装cobbler 和dhcpd服务。
[root@c7-37-103-mini ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:2b:f1:14 brd ff:ff:ff:ff:ff:ff
inet 192.168.37.103/24 brd 192.168.37.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:2b:f1:1e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.7/24 brd 192.168.1.255 scope global noprefixroute dynamic eth1
valid_lft 85902sec preferred_lft 85902sec
inet6 240e:3a1:101e:3a30:6dd9:32cc:f55f:7990/64 scope global noprefixroute dynamic
valid_lft 258813sec preferred_lft 172413sec
inet6 fe80::f6e7:f9b:c5a4:a37d/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::80d:ff82:ceea:9ec6/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::4340:9468:d44b:9a82/64 scope link noprefixroute
valid_lft forever preferred_lft forever
#cobbler依赖与epel源
#配置epel源 直接使用阿里云的epel源
[root@C7-37-100-destop ~]# ls /etc/yum.repos.d/
bak Base.repo epel.repo
[root@C7-37-100-destop ~]# cat /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://mirrors.aliyun.com/epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
#我们需要安装dhcp和cobbler,cobbler会自动安装tftp,httpd服务
[root@c7-37-103-mini ~]# yum install cobbler dhcp -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package cobbler.x86_64 0:2.8.5-0.3.el7 will be installed
--> Processing Dependency: createrepo for package: cobbler-2.8.5-0.3.el7.x86_64
--> Processing Dependency: genisoimage for package: cobbler-2.8.5-0.3.el7.x86_64
--> Processing Dependency: httpd for package: cobbler-2.8.5-0.3.el7.x86_64
......
Dependency Updated:
dhclient.x86_64 12:4.2.5-79.el7.centos
dhcp-common.x86_64 12:4.2.5-79.el7.centos
dhcp-libs.x86_64 12:4.2.5-79.el7.centos
libxml2.x86_64 0:2.9.1-6.el7.4
Complete!
#设置开机自启并且启动cobblerd服务
[root@c7-37-103-mini ~]# systemctl enable --now cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
[root@c7-37-103-mini ~]# systemctl status cobblerd
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2020-05-21 11:31:12 CST; 5s ago
Process: 1506 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=1/FAILURE)
Main PID: 1505 (cobblerd)
CGroup: /system.slice/cobblerd.service
└─1505 /usr/bin/python2 -s /usr/bin/cobblerd -F
May 21 11:31:12 c7-37-103-mini systemd[1]: Starting Cobbler Helper Daemon...
May 21 11:31:12 c7-37-103-mini touch[1506]: /usr/bin/touch: cannot touch ‘/usr/share/…tory
May 21 11:31:12 c7-37-103-mini systemd[1]: Started Cobbler Helper Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
#开启tftp http服务
[root@c7-37-103-mini ~]# systemctl start httpd tftp
[root@c7-37-103-mini ~]# ss -tnlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1155,fd=13))
LISTEN 0 5 127.0.0.1:25151 *:* users:(("cobblerd",pid=1017,fd=9))
LISTEN 0 128 *:22 *:* users:(("sshd",pid=1015,fd=3))
LISTEN 0 100 [::1]:25 [::]:* users:(("master",pid=1155,fd=14))
LISTEN 0 128 [::]:80 [::]:* users:(("httpd",pid=1322,fd=4),("httpd",pid=1321,fd=4),("httpd",pid=1320,fd=4),("httpd",pid=1319,fd=4),("httpd",pid=1318,fd=4),("httpd",pid=1317,fd=4))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=1015,fd=4))
[root@c7-37-103-mini ~]# systemctl status tftp
● tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
Active: active (running) since Thu 2020-05-21 11:46:05 CST; 1min 35s ago
Docs: man:in.tftpd
Main PID: 1307 (in.tftpd)
CGroup: /system.slice/tftp.service
└─1307 /usr/sbin/in.tftpd -s /var/lib/tftpboot
May 21 11:46:05 c7-37-103-mini systemd[1]: Started Tftp Server.
3.cobbler服务器配置
检查cobbler需要的环境,执行cobbler check,主要修改cobbler配置文件/etc/cobbler/settings
[root@c7-37-103-mini ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
#对应配置文件的server 指明cobbler服务器地址
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
#next_server指明tftp服务器地址
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
#xinetd.d是c6的总管,c7的总管是system,所以不需要设置
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
#执行cobbler get-loader下载相关boot-loader文件到tftpboot目录下
5 : enable and start rsyncd.service with systemctl
#不需要设置
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
#不需要设置
7 : ksvalidator was not found, install pykickstart
#ks文件没有发现
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
#修改默认密码 default_password
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
#集群相关不用设置
Restart cobblerd and then run 'cobbler sync' to apply changes.
#修改配置文件/etc/cobbler/settings,下面是主要4项
next_server: 192.168.37.103
#tftp服务器地址
server: 192.168.37.103
#cobbler服务器地址
default_password_crypted: "$1$uysJpRXK$0dltKcpBa1BXKApCuvWuM."
#默认密码
manage_dhcp: 1
#自动生成dhcp,依赖/etc/cobbler/modules.conf
#密码生成可以使用openssl
[root@c7-37-103-mini ~]# openssl passwd -1
Password:
Verifying - Password:
$1$uysJpRXK$0dltKcpBa1BXKApCuvWuM.
#改完以后重启cobblerd服务
4.cobbler服务器生成bootloader
cobbler会从网上自动下载所需loader文件
[root@c7-37-103-mini ~]# cobbler get-loaders
task started: 2020-05-21_122935_get_loaders
task started (id=Download Bootloader Content, time=Thu May 21 12:29:35 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
#修改模板文件/etc/cobbler/settings,改成自己的网段
[root@c7-37-103-mini ~]# vim /etc/cobbler/dhcp.template
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 192.168.37.0 netmask 255.255.255.0 {
option routers 192.168.37.2;
option domain-name-servers 192.168.37.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.37.100 192.168.37.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
#for dhcp_tag in $dhcp_tags.keys():
## group could be subnet if your dhcp tags line up with your subnets
## or really any valid dhcpd.conf construct ... if you only use the
## default dhcp tag in cobbler, the group block can be deleted for a
## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
#for mac in $dhcp_tags[$dhcp_tag].keys():
#set iface = $dhcp_tags[$dhcp_tag][$mac]
"/etc/cobbler/dhcp.template" 92L, 3181C written
#执行cobbler sync就可以同步到tftpboot目录里
[root@c7-37-103-mini ~]# cobbler sync
task started: 2020-05-21_123844_sync
task started (id=Sync, time=Thu May 21 12:38:44 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@c7-37-103-mini ~]# ll /var/lib/tftpboot/
#查看所需bootloader文件是否已经生成到位
total 300
drwxr-xr-x 3 root root 18 May 21 12:40 boot
drwxr-xr-x 2 root root 6 Oct 15 2019 etc
drwxr-xr-x 2 root root 81 May 21 12:40 grub
drwxr-xr-x 2 root root 6 Oct 15 2019 images
drwxr-xr-x 2 root root 6 Oct 15 2019 images2
-rw-r--r-- 2 root root 26140 Oct 31 2018 memdisk
-rw-r--r-- 2 root root 54964 May 14 21:14 menu.c32
drwxr-xr-x 2 root root 6 Oct 15 2019 ppc
-rw-r--r-- 2 root root 16794 May 14 21:14 pxelinux.0
drwxr-xr-x 2 root root 21 May 21 12:40 pxelinux.cfg
drwxr-xr-x 2 root root 26 May 21 12:40 s390x
-rw-r--r-- 2 root root 198236 May 14 21:14 yaboot
[root@c7-37-103-mini ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ ├── grub-x86_64.efi
│ ├── grub-x86.efi
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── yaboot
10 directories, 10 files
5.导入系统光盘
导入安装盘到指定cobbler目录下,并生成我们在pxe网卡启动时看到的菜单。
[root@c7-37-103-mini ~]# mount /dev/sr0 /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@c7-37-103-mini ~]# mount /dev/sr1 /media
mount: /dev/sr1 is write-protected, mounting read-only
[root@c7-37-103-mini ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 223M 0 223M 0% /dev
tmpfs 235M 0 235M 0% /dev/shm
tmpfs 235M 5.6M 229M 3% /run
tmpfs 235M 0 235M 0% /sys/fs/cgroup
/dev/mapper/centos-root 50G 1.4G 49G 3% /
/dev/sda1 1014M 137M 878M 14% /boot
/dev/mapper/centos-home 67G 33M 67G 1% /home
tmpfs 47M 0 47M 0% /run/user/0
/dev/sr0 11G 11G 0 100% /mnt
#sr0为c7安装盘,我这里是everything盘所以11g
/dev/sr1 3.8G 3.8G 0 100% /media
#sr1是c6光盘
#复制光盘内容生成到/var/www/cobbler/ks_mirror/CentOS6.10-x86_64里
[root@c7-37-103-mini ~]# cobbler import --path=/media --name=CentOS6.10-x86_64 --arch=x86_64
task started: 2020-05-21_130453_import
task started (id=Media import, time=Thu May 21 13:04:53 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/CentOS6.10-x86_64:
creating new distro: CentOS6.10-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS6.10-x86_64 -> /var/www/cobbler/links/CentOS6.10-x86_64
creating new profile: CentOS6.10-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS6.10-x86_64 for CentOS6.10-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS6.10-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS6.10-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS6.10-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS6.10-x86_64/repodata
*** TASK COMPLETE ***
[root@c7-37-103-mini ~]# cobbler import --path=/mnt --name=CentOS7.7-x86_64 --arch=x86_64
task started: 2020-05-21_130905_import
task started (id=Media import, time=Thu May 21 13:09:05 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS7.7-x86_64:
creating new distro: CentOS7.7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS7.7-x86_64 -> /var/www/cobbler/links/CentOS7.7-x86_64
creating new profile: CentOS7.7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS7.7-x86_64 for CentOS7.7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS7.7-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS7.7-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS7.7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS7.7-x86_64/repodata
*** TASK COMPLETE ***
#到此就可以实现自动化安装了,但是应答文件不是我们自己的
[root@c7-37-103-mini kstest]# cobbler distro list
#查看生成的菜单列表
CentOS6.10-x86_64
CentOS7.7-x86_64
6.使用自己的应答文件实现安装
应答文件的生成方式
A:使用system-config-kickstart工具来生成,需要桌面环境。
B:自己安装一个系统,在其家目录下anaconda-ks.cfg,可以修改修改就好。
[root@c7-37-103-mini kstest]# vim ks7_mini.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --plaintext centos
# Use network installation
url --url=$tree
#修改为变量tree
#将应答文件修改后,拷贝至/var/lib/cobbler/kickstarts/目录下
[root@c7-37-103-mini kstest]# cp ks7_mini.cfg /var/lib/cobbler/kickstarts/
[root@c7-37-103-mini kstest]# ls /var/lib/cobbler/kickstarts/
default.ks pxerescue.ks sample_esxi6.ks
esxi4-ks.cfg sample_autoyast.xml sample.ks
esxi5-ks.cfg sample_end.ks sample_old.seed
install_profiles sample_esx4.ks sample.seed
ks7_mini.cfg sample_esxi4.ks sample.seed.28
legacy.ks sample_esxi5.ks
[root@c7-37-103-mini kstest]# cobbler profile list
#查看现有的cobbler的ks文件
CentOS6.10-x86_64
CentOS7.7-x86_64
#添加我们自己的kickstart文件
[root@c7-37-103-mini kstest]# cobbler profile add --name CentOS7.7-x86_64-mini --distro=CentOS7.7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_mini.cfg
[root@c7-37-103-mini kstest]# cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS6.10-x86_64
kernel /images/CentOS6.10-x86_64/vmlinuz
MENU LABEL CentOS6.10-x86_64
append initrd=/images/CentOS6.10-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.103/cblr/svc/op/ks/profile/CentOS6.10-x86_64
ipappend 2
LABEL CentOS7.7-x86_64
kernel /images/CentOS7.7-x86_64/vmlinuz
MENU LABEL CentOS7.7-x86_64
append initrd=/images/CentOS7.7-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.103/cblr/svc/op/ks/profile/CentOS7.7-x86_64
ipappend 2
LABEL CentOS7.7-x86_64-mini
kernel /images/CentOS7.7-x86_64/vmlinuz
MENU LABEL CentOS7.7-x86_64-mini
append initrd=/images/CentOS7.7-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.37.103/cblr/svc/op/ks/profile/CentOS7.7-x86_64-mini
ipappend 2
MENU end
#删除菜单
[root@c7-37-103-mini kstest]# cobbler profile list
CentOS6.10-x86_64
CentOS7.7-x86_64
CentOS7.7-x86_64-mini
[root@c7-37-103-mini kstest]# cobbler profile remove --name=CentOS6.10-x86_64
[root@c7-37-103-mini kstest]# cobbler profile remove --name=CentOS7.7-x86_64
[root@c7-37-103-mini kstest]# cobbler profile list
CentOS7.7-x86_64-mini
7.测试机安装系统
图片.png
图片.png
