시계 동기화와cobbler 자동화 설치 운영체제 구현

13303 단어 Centos7
1. chrony 서비스를 설정하여 서버 시간의 자동 동기화를 실현한다.
  • centos7에 기본적으로 chrony 서비스가 설치되어 있음:
  • [root@centos7 ~]# rpm -qa |grep chrony
    chrony-3.2-2.el7.x86_64
  • chrony 서비스 구성 및 시작
  • [root@centos7 ~]# cat /etc/chrony.conf |grep -v "#"
    server ntp1.aliyun.com iburst
    driftfile /var/lib/chrony/drift
    makestep 1.0 3
    rtcsync
    allow 0.0.0.0/0
    local stratum 10
    logdir /var/log/chrony
    [root@centos7 ~]# systemctl start chronyd
  • 테스트
  • [root@centos6 ~]# date
    Thu Mar 19 20:58:01 CST 2020
    [root@centos6 ~]# date -s "-1 day"
    Wed Mar 18 20:58:18 CST 2020
    [root@centos6 ~]# ntpdate 10.1.1.109
    19 Mar 21:14:55 ntpdate[18813]: step time server 10.1.1.109 offset 86400.000022 sec
    [root@centos6 ~]# date
    Thu Mar 19 21:15:03 CST 2020

    2,cobbler+pxe 자동화 설비 실현
  • cobbler,http,tftp,dhcp서비스
  • 설치 및 시작
    [root@centos7 ~]#yum install cobbler dhcp -y
    [root@centos7 ~]# systemctl start httpd cobblerd tftp
  • cobbler 환경검사
  • [root@centos7 ~]# cobbler check
    The following are potential configuration items that you may want to fix:
    
    1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
    2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
    3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
    4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    5 : enable and start rsyncd.service with systemctl
    6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
    7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
    8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
    
    Restart cobblerd and then run 'cobbler sync' to apply changes.

    1) 프롬프트(1, 2, 4, 7)로 구성 파일을 수정합니다.
    [root@centos7 ~]# grep -E "^server|^next_server|default_password_crypted|^manage_dhcp" /etc/cobbler/settings 
    default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac." #      root  
    manage_dhcp: 0
    next_server: 127.0.0.1
    server: 127.0.0.1

    ... 로 바꾸다
    [root@centos7 ~]# grep -E "^server|^next_server|default_password_crypted|^manage_dhcp" /etc/cobbler/settings 
    default_password_crypted: "$1$KFx0CqiI$z0WYvzWP3ixmlXnDIzdSt1" #    openssl    
    manage_dhcp: 1
    next_server: 10.1.1.109
    server: 10.1.1.109

    2) 암호를 생성하는 암호화 키:
    [root@centos7 ~]# openssl passwd -1
    Password: 
    Verifying - Password: 
    $1$KFx0CqiI$z0WYvzWP3ixmlXnDIzdSt1
    [root@centos7 ~]# systemctl restart cobblerd

    3) boot-loaders 다운로드 및 상대 디렉토리로 동기화하기
    [root@centos7 ~]#cobbler get-loaders
    [root@centos7 ~]#cobbler sync
    [root@centos7 ~]# tree /var/lib/tftpboot/
    /var/lib/tftpboot/
    ├── boot
    │   └── grub
    │       └── menu.lst
    ├── etc
    ├── grub
    │   ├── efidefault
    │   ├── grub-x86_64.efi
    │   ├── grub-x86.efi
    │   └── images -> ../images
    ├── images
    ├── images2
    ├── memdisk
    ├── menu.c32
    ├── ppc
    ├── pxelinux.0
    ├── pxelinux.cfg
    │   └── default
    ├── s390x
    │   └── profile_list
    └── yaboot

    4)dhcp에 대한 구성 파일을 준비합니다.
    [root@centos7 ~]# vim/etc/cobbler/dhcp.template
    subnet 192.168.1.0 netmask 255.255.255.0 {option routers 192.168.1.5;option domain-name-servers 192.168.1.1;option subnet-mask 255.255.255.0;range dynamic-bootp 192.168.1.100 192.168.1.254;default-lease-time 21600;max-lease-time 43200;next-server $next_server;
    다음으로 수정:
    subnet 10.1.1.0 netmask 255.255.255.0 {option routers 10.1.1.254;option domain-name-servers 202.96.128.166;option subnet-mask 255.255.255.0;range dynamic-bootp 10.1.1.240 10.1.1.250;default-lease-time 21600;max-lease-time 43200;next-server $next_server;
    5) dhcp 구성 파일을 동기화합니다.
    [root@centos7 ~]# cobbler sync
    [root@centos7 ~]# cat/etc/dhcp/dhcpd.conf# 구성 파일 확인
  • centos6, 7의 설치 파일을 가져오고yum원본을 생성
  • ###  centos7        /mnt
    [root@centos7 ~]# cobbler import --name=Centos7.3-x86_64 --path=/mnt --arch=x86_64
    task started: 2020-03-22_182915_import
    task started (id=Media import, time=Sun Mar 22 18:29:15 2020)
    Found a candidate signature: breed=redhat, version=rhel6
    Found a matching signature: breed=redhat, version=rhel6
    Adding distros from path /var/www/cobbler/ks_mirror/Centos7.3-x86_64:
    creating new distro: Centos7.3-x86_64
    trying symlink: /var/www/cobbler/ks_mirror/Centos7.3-x86_64 -> /var/www/cobbler/links/Centos7.3-x86_64
    creating new profile: Centos7.3-x86_64
    associating repos
    checking for rsync repo(s)
    checking for rhn repo(s)
    checking for yum repo(s)
    starting descent into /var/www/cobbler/ks_mirror/Centos7.3-x86_64 for Centos7.3-x86_64
    processing repo at : /var/www/cobbler/ks_mirror/Centos7.3-x86_64
    need to process repo/comps: /var/www/cobbler/ks_mirror/Centos7.3-x86_64
    looking for /var/www/cobbler/ks_mirror/Centos7.3-x86_64/repodata/*comps*.xml
    Keeping repodata as-is :/var/www/cobbler/ks_mirror/Centos7.3-x86_64/repodata
    *** TASK COMPLETE ***
    [root@centos7 ~]# cobbler import --name=Centos6.10-x86_64 --path=/misc/cd --arch=x86_64 
    task started: 2020-03-22_212758_import
    task started (id=Media import, time=Sun Mar 22 21:27:58 2020)
    Found a candidate signature: breed=redhat, version=rhel6
    Found a matching signature: breed=redhat, version=rhel6
    Adding distros from path /var/www/cobbler/ks_mirror/Centos6.10-x86_64:
    creating new distro: Centos6.10-x86_64
    trying symlink: /var/www/cobbler/ks_mirror/Centos6.10-x86_64 -> /var/www/cobbler/links/Centos6.10-x86_64
    creating new profile: Centos6.10-x86_64
    associating repos
    checking for rsync repo(s)
    checking for rhn repo(s)
    checking for yum repo(s)
    starting descent into /var/www/cobbler/ks_mirror/Centos6.10-x86_64 for Centos6.10-x86_64
    processing repo at : /var/www/cobbler/ks_mirror/Centos6.10-x86_64
    need to process repo/comps: /var/www/cobbler/ks_mirror/Centos6.10-x86_64
    looking for /var/www/cobbler/ks_mirror/Centos6.10-x86_64/repodata/*comps*.xml
    Keeping repodata as-is :/var/www/cobbler/ks_mirror/Centos6.10-x86_64/repodata
    *** TASK COMPLETE ***
    [root@centos7 ~]# cobbler distro list
       Centos6.10-x86_64
       Centos7.3-x86_64
    [root@centos7 ~]# cobbler profile list   #       
       Centos6.10-x86_64
       Centos7.3-x86_64
  • kickstart 파일을 준비하고 지정한yum원본
  • 에 연결
     :kickstart  centos7.3_ks.cfg,centos6.10_ks.cfg   centos7.3,centos6.10  system-config-kickstart    (      )
      kickstart  :
    [root@centos7 ~]# cat /var/lib/cobbler/kickstarts/centos7.3_ks.cfg 
    #platform=x86, AMD64, or Intel EM64T
    #version=DEVEL
    # Install OS instead of upgrade
    install
    # Keyboard layouts
    keyboard 'us'
    # Root password
    rootpw --iscrypted $1$2wqI4hYH$Yiw88hIOZN4pYghwSWgws0
    # System language
    lang en_US
    # System authorization information
    auth  --useshadow  --passalgo=sha512
    # Use network installation 
    url --url=$tree     ###      
    # Use text mode install
    text
    # SELinux configuration
    selinux --disabled
    # Do not configure the X Window System
    skipx
    
    # Firewall configuration
    firewall --disabled
    # Network information
    network  --bootproto=dhcp --device=eth0
    # Reboot after installation
    reboot
    # System timezone
    timezone Asia/Shanghai
    # System bootloader configuration
    bootloader --append="net.ifnames=0" --location=mbr
    # Partition clearing information
    clearpart --all
    # Disk partitioning information
    part /boot --asprimary --fstype="xfs" --size=500
    part swap --fstype="swap" --size=8192
    part / --asprimary --fstype="xfs" --grow --size=1
    
    %post
    %end 
    [root@centos7 ~]# cat /var/lib/cobbler/kickstarts/centos_6.10ks.cfg 
    #platform=x86, AMD64, or Intel EM64T
    #version=DEVEL
    # Firewall configuration
    firewall --disabled
    # Install OS instead of upgrade
    install
    # Use network installation
    url --url=$tree
    # Root password
    rootpw --iscrypted $1$Xs/QyzK3$ZPt802waNGe8mTJ/KXAX0.
    # System authorization information
    auth  --useshadow  --passalgo=sha512
    # Use text mode install
    text
    # System keyboard
    keyboard us
    # System language
    lang en_US
    # SELinux configuration
    selinux --disabled
    # Do not configure the X Window System
    skipx
    # Installation logging level
    logging --level=info
    # Reboot after installation
    reboot
    # System timezone
    timezone  Africa/Abidjan
    # Network information
    network  --bootproto=static --device=eth0 --gateway=10.0.1.254 --ip=10.0.1.250 --nameserver=202.96.128.166 --netmask=255.255.255.0 --onboot=on
    # System bootloader configuration
    bootloader --location=mbr
    # Clear the Master Boot Record
    zerombr
    # Partition clearing information
    clearpart --all --initlabel 
    # Disk partitioning information
    part /boot --asprimary --fstype="ext4" --size=500
    part swap --fstype="swap" --size=2048
    part / --asprimary --fstype="ext4" --grow --size=1
    
    %post
    yum install httpd -y
    %end
           kickstart  
    [root@centos7 ~]# cobbler profile add --name=Centos-7.3 --distro=Centos7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.3_ks.cfg
    [root@centos7 ~]# cobbler profile add --name=Centos-6.10 --distro=Centos6.10-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos_6.10ks.cfg
    [root@centos7 ~]# cobbler profile list
       Centos-6.10
       Centos-7.3
       Centos6.10-x86_64
       Centos7.3-x86_64
    
             :
    [root@centos7 pxe]# cat /etc/cobbler/pxe/pxedefault.template
    DEFAULT menu
    PROMPT 0
    MENU TITLE Cobbler | https://blog.51cto.com/rickzhu
    TIMEOUT 200
    TOTALTIMEOUT 6000
    ONTIMEOUT $pxe_timeout_profile
    
    LABEL local
            MENU LABEL (local)
            MENU DEFAULT
            LOCALBOOT -1
    
    $pxe_menu_items
    
    MENU end
    [root@centos7 pxe]# cobbler sync  #      
    [root@centos7 pxe]# cat /var/lib/tftpboot/pxelinux.cfg/default #        
    DEFAULT menu
    PROMPT 0
    MENU TITLE Cobbler | https://blog.51cto.com/rickzhu
    TIMEOUT 200
    TOTALTIMEOUT 6000
    ONTIMEOUT local
    
    LABEL local
            MENU LABEL (local)
            MENU DEFAULT
            LOCALBOOT -1
    
    LABEL Centos-7.3
            kernel /images/Centos7.3-x86_64/vmlinuz
            MENU LABEL Centos-7.3
            append initrd=/images/Centos7.3-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://10.0.1.109/cblr/svc/op/ks/profile/Centos-7.3
            ipappend 2
    
    MENU end
    
           :
    [root@centos7 ~]# cobbler profile remove --name=Centos7.3-x86_64
    [root@centos7 ~]# cobbler profile remove --name=Centos6.10-x86_64
    [root@centos7 ~]# cobbler profile list
       Centos-6.10
       Centos-7.3
  • 테스트
  • 1) 서비스가 시작되었는지 확인합니다.
    [root@centos7 tftpboot]# ss -tnluap |grep -E "dhcpd|httpd"
    udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcpd",pid=11950,fd=7))
    tcp    LISTEN     0      128      :::80                   :::*                   users:(("httpd",pid=11201,fd=4),("httpd",pid=11168,fd=4),("httpd",pid=11167,fd=4),("httpd",pid=11166,fd=4),("httpd",pid=11165,fd=4),("httpd",pid=11164,fd=4),("httpd",pid=11153,fd=4))
    [root@centos7 tftpboot]# systemctl status tftp.socket 
    ● tftp.socket - Tftp Server Activation Socket
       Loaded: loaded (/usr/lib/systemd/system/tftp.socket; disabled; vendor preset: disabled)
       Active: active (listening) since Sun 2020-03-22 17:04:36 CST; 3h 38min ago
       Listen: [::]:69 (Datagram)
    
    Mar 22 17:04:36 centos7.6 systemd[1]: Listening on Tftp Server Activation Socket.
    [root@centos7 tftpboot]# systemctl status cobblerd
    ● cobblerd.service - Cobbler Helper Daemon
       Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; disabled; vendor preset: disabled)
       Active: active (running) since Sun 2020-03-22 17:42:46 CST; 3h 0min ago
      Process: 11842 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=1/FAILURE)
     Main PID: 11841 (cobblerd)
        Tasks: 1
       CGroup: /system.slice/cobblerd.service
               └─11841 /usr/bin/python2 -s /usr/bin/cobblerd -F
    
    Mar 22 17:42:46 centos7.6 systemd[1]: Starting Cobbler Helper Daemon...
    Mar 22 17:42:46 centos7.6 touch[11842]: /usr/bin/touch: cannot touch ‘/usr/share/c…tory
    Mar 22 17:42:46 centos7.6 systemd[1]: Started Cobbler Helper Daemon.
    Mar 22 17:48:40 centos7.6 dhcpd[11939]: Not searching LDAP since ldap-server, ldap...le
    Hint: Some lines were ellipsized, use -l to show in full

    2) VMware Workstations에서 새 가상 머신을 만들고 가상 머신을 시작하고 네트워크에서 부팅을 선택하여 시스템이 자동으로 설치되었는지 확인합니다.

    좋은 웹페이지 즐겨찾기