|
|
前言:这几天闲着没事来系统组玩玩,学点东西总是好的嘛。系统组系统组当然还是从学会装系统开始。花了两个小时折腾了一下用cobbler批量部署linux系统。第一次做当然中间遇到很多问题,不过都顺利解决了。完了总结一下写个帖子和大家分享一下。
系统版本:Centos6.5 32位
cobbler服务器IP:192.168.175.130
IP地址段:192.168.175.120-192.168.175.140
子网掩码:255.255.255.0
网关:192.168.175.2
DNS:8.8.8.8 8.8.4.4
1
2
3
4
5
| [iyunv@localhost ~]# ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":"
192.168.175.130
[iyunv@localhost ~]# netstat -r|grep default|cut -f 10 -d ' '
192.168.175.2
[iyunv@localhost ~]#
|
PS:所有服务器均支持PXE网络启动
具体操作步骤如下:
#1 关闭SELINUX
1
| [iyunv@localhost ~]# vim /etc/selinux/config
|
1
2
3
| #SELINUX=enforcing #注释
#SELINUXTYPE=targeted #注释
SELINUX=disabled #新增
|
1
2
3
| [iyunv@localhost ~]# setenforce 0
setenforce: SELinux is disabled
[iyunv@localhost ~]# #立即生效
|
#2 关闭防火墙
1
2
3
4
5
| [iyunv@localhost ~]# service iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
[iyunv@localhost ~]#
|
注:实际生产环境不建议直接关掉防火墙。设置相应的规则就好。
#3 安装服务
(PS:首先添加个epel源,然后使用yum安装。节省时间嘛~)
1
| [iyunv@localhost src]# rpm -ivh epel-release-6-8.noarch.rpm
|
1
| [iyunv@localhost src]# yum install cobbler httpd xinetd tftp-server rsync dhcp cman PyYAML debmirror python-ctypes pykickstart -y
|
#4 配置服务
@1 设置http
1
| [iyunv@localhost ~]# vim /etc/httpd/conf.d/wsgi.conf
|
1
| LoadModule wsgi_module modules/mod_wsgi.so #去掉前面的注释 但是6.5版本是没有注释的 别的版本如果有去掉即可
|
1
2
3
| [iyunv@localhost ~]# service httpd start
正在启动 httpd: [确定]
[iyunv@localhost ~]#
|
@2 设置tftp
1
| [iyunv@localhost ~]# vim /etc/cobbler/tftpd.template
|
1
2
3
4
5
6
7
8
9
10
11
12
13
| service tftp
{
disable = no #值改为no 这个6.5默认也是no 别的版本如果是yes改成no就好
socket_type = dgram
protocol = udp
wait = yes
user = $user
server = $binary
server_args = -B 1380 -v -s $args
per_source = 11
cps = 100 2
flags = IPv4
}
|
@3 设置rsync
1
| [iyunv@localhost ~]# vim /etc/xinetd.d/rsync
|
1
2
3
4
5
6
7
8
9
10
11
| service rsync
{
disable = no #值改为no
flags = IPv6
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
|
1
2
3
| [iyunv@localhost ~]# /etc/init.d/xinetd start #启动(centOS中是以xinetd来管理rsync和tftp的)
正在启动 xinetd: [确定]
[iyunv@localhost ~]#
|
@4 设置cobbler参数
1
| [iyunv@localhost ~]# vim /etc/debmirror.conf
|
找到下面两个变量将其注释。
1
2
| #@dists="sid";
#@arches="i386";
|
1
2
3
4
| 接下来设置root账号登陆密码。
[iyunv@localhost ~]# openssl passwd -1 -salt 'Sx4MKOS' '123456'
$1$Sx4MKOS$ShGNLwqvpS6l6C37h53Jc1 #将此秘钥记录下来 下面的操作会用到
[iyunv@localhost ~]#
|
继续修改配置。
1
| [iyunv@localhost ~]# vim /etc/cobbler/settings
|
1
2
3
4
5
| #查找如下字段进行修改
default_password_crypted: "$1$Sx4MKOS$ShGNLwqvpS6l6C37h53Jc1" #就是上步所生产的秘钥
next_server: 192.168.175.130 #本机IP
server: 192.168.175.130 #本机IP
manage_dhcp:1 #因为dhcp服务和cobbler是在一台机器上的所以设置为1
|
@5 设置dhcp
1
| [iyunv@localhost ~]# vim /etc/dhcp/dhcpd.conf
|
1
2
3
4
5
6
7
8
| subnet 192.168.175.0 netmask 255.255.255.0 {
option routers 192.168.175.255;
option domain-name-servers 8.8.8.8,8.8.4.4;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.175.130 192.168.175.140; #网段
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.175.130; #dhcp服务器IP
|
设置网络接口。
1
| [iyunv@localhost ~]# vim /etc/sysconfig/dhcpd
|
然后测试dhcp配置是否正确。正确则启动dhcp服务。有错误可根据提示信息进行排查。(PS:错误一般都是dhcpd.conf里面参数设置有误)
1
| [iyunv@localhost ~]# dhcpd
|
1
2
3
| [iyunv@localhost ~]# service dhcpd start
正在启动 dhcpd: [确定]
[iyunv@localhost ~]#
|
为了避免cobbler check出错,还需要安装一个工具包。
1
| [iyunv@localhost ~]# cobbler get-loaders
|
安装完了之后启动cobbler。
1
2
3
| [iyunv@localhost ~]# service cobblerd start
Starting cobbler daemon: [确定]
[iyunv@localhost ~]#
|
然后同步配置文件到dhcp服务。
1
| [iyunv@localhost ~]# cobbler sync
|
同步完后重启dhcp。
1
2
3
4
| [iyunv@localhost ~]# service dhcpd restart
关闭 dhcpd: [确定]
正在启动 dhcpd: [确定]
[iyunv@localhost ~]#
|
#5 设置cobbler启动脚本
1
| [iyunv@localhost ~]# vim /etc/rc.d/init.d/cobbler
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
| #!/bin/sh
#by:Sx4MK QQ808148844
case $1 in
start)
/etc/init.d/httpd start
/etc/init.d/xinetd start
/etc/init.d/dhcpd start
/etc/init.d/cobblerd start
;;
stop)
/etc/init.d/httpd stop
/etc/init.d/xinetd stop
/etc/init.d/dhcpd stop
/etc/init.d/cobblerd stop
;;
restart)
/etc/init.d/httpd restart
/etc/init.d/xinetd restart
/etc/init.d/dhcpd restart
/etc/init.d/cobblerd restart
;;
status)
/etc/init.d/httpd status
/etc/init.d/xinetd status
/etc/init.d/dhcpd status
/etc/init.d/cobblerd status
;;
sync)
cobbler sync
;;
*)
echo "Input error,please in put'start|stop|restart|status|sync'!";
exit 2>&1 >/dev/null &
;;
esac
|
给脚本添加执行权限并启动。
1
2
3
4
5
6
| [iyunv@localhost ~]# chmod +x /etc/rc.d/init.d/cobbler
[iyunv@localhost ~]# service cobbler start
正在启动 httpd:
正在启动 xinetd:
Starting cobbler daemon: [确定]
[iyunv@localhost ~]#
|
检查配置。
1
| [iyunv@localhost ~]# cobbler check
|
PS:如果按照我的步骤一步一步细心做下来这一步不会有错误输出的,不过难免有人粗心大意出错。关于错误信息还请自行百度,这里不再多说。
#6 挂载系统镜像
首先将你的系统镜像文件上传到cobbler服务器。(PS:不管用什么方式~)
1
2
3
| [iyunv@localhost ~]# ls /usr/local/src
CentOS-6.5-i386-bin-DVD1.iso epel-release-6-8.noarch.rpm
[iyunv@localhost ~]#
|
然后创建cobbler系统镜像目录将其挂载。
1
2
| [iyunv@localhost ~]# mkdir -p /var/www/html/os/CentOS-6.5-i386
[iyunv@localhost ~]# mount -t iso9660 -o loop /usr/local/src/CentOS-6.5-i386-bin-DVD1.iso /var/www/html/os/CentOS-6.5-i386
|
#7 创建kickstarts脚本
1
2
| [iyunv@localhost ~]# cd /var/lib/cobbler/kickstarts
[iyunv@localhost kickstarts]# vim CentOS-6.5-i386.ks
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
| #by:Sx4MK QQ806148844
#脚本是活的,可以根据自己的需求进行相关增删改。
install
url--url=http://192.168.175.130/cobbler/ks_mirror/CentOS-6.5-i386/
lang en_US.UTF-8
zerombr yes
key --skip
keyboard us
network --device eth0 --bootprotodhcp --onboot on
rootpw --iscrypted$1$QqobZZ1g$rYnrawi9kYlEeUuq1vcRS/
firewall --enabled --port=22:tcp
authconfig --enableshadow --enablemd5
selinux --disabled
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda
clearpart --all --initlabel
part / --bytes-per-inode=4096--fstype="ext3" --size=2048
part /boot --bytes-per-inode=4096--fstype="ext3" --size=128
part swap --bytes-per-inode=4096--fstype="swap" --size=500
part /data --bytes-per-inode=4096--fstype="ext3" --grow --size=1
reboot
%packages
ntp
@base
@core
@dialup
@editors
@text-internet
keyutils
trousers
fipscheck
device-mapper-multipath
%post
#同步系统时间
ntpdate cn.pool.ntp.org
hwclock --systohc
echo -e "0 1 * * * root/usr/sbin/ntpdate cn.pool.ntp.org > /dev/null" >>/etc/crontab
service crond restart
#禁止开机启动的服务
chkconfig acpid off
chkconfig atd off
chkconfig autofs off
chkconfig bluetooth off
chkconfig cpuspeed off
chkconfig firstboot off
chkconfig gpm off
chkconfig haldaemon off
chkconfig hidd off
chkconfig ip6tables off
chkconfig isdn off
chkconfig messagebus off
chkconfig nfslock off
chkconfig pcscd off
chkconfig portmap off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig yum-updatesd off
chkconfig sendmail off
#允许开机启动的服务
chkconfig crond on
chkconfig kudzu on
chkconfig network on
chkconfig readahead_early on
chkconfig sshd on
chkconfig syslog on
#禁止使用Ctrl+Alt+Del快捷键重启服务器
sed -i"s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -rnow/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/g" '/etc/inittab'
telinit q
#优化系统内核
echo -e "ulimit -cunlimited" >> /etc/profile
echo -e "ulimit -sunlimited" >> /etc/profile
echo -e "ulimit -SHn 65535" >> /etc/profile
source /etc/profile
sed -i "s/net.ipv4.ip_forward =0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf'
echo -e "net.core.somaxconn =262144" >> /etc/sysctl.conf
echo -e "net.core.netdev_max_backlog =262144" >> /etc/sysctl.conf
echo -e "net.core.wmem_default =8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_default =8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_max =16777216" >> /etc/sysctl.conf
echo -e "net.core.wmem_max =16777216" >> /etc/sysctl.conf
echo -e"net.ipv4.netfilter.ip_conntrack_max = 131072" >> /etc/sysctl.conf
echo -e"net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.conf
echo -e "net.ipv4.route.gc_timeout =20" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_conntrack_max =819200" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_local_port_range= 10024 65535" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_retries2 =5" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_fin_timeout =30" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_syn_retries =1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_synack_retries =1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_timestamps =0" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_recycle =1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_len =1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_reuse =1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_time =120" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_probes= 3" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_intvl= 15" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_tw_buckets =36000" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_orphans =3276800" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_syn_backlog= 262144" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_wmem = 8192131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_rmem = 32768131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_mem = 94500000915000000 927000000" >> /etc/sysctl.conf
/sbin/sysctl -p
#执行外部脚本
cd /root
wgethttp://192.168.175.130/cobbler/ks_mirror/config/autoip.sh
sh /root/autoip.sh
|
创建设置IP,网关,主机名等脚本。
1
| [iyunv@localhost kickstarts]# vim /var/www/cobbler/ks_mirror/config/autoip.sh
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
| #!/bin/sh
#by:Sx4MK QQ806148844
ROUTE=$(route -n|grep"^0.0.0.0"|awk '{print $2}')
BROADCAST=$(/sbin/ifconfig eth0|grep -ibcast|awk '{print $3}'|awk -F":" '{print $2}')
HWADDR=$(/sbin/ifconfig eth0|grep -iHWaddr|awk '{print $5}')
IPADDR=$(/sbin/ifconfig eth0|grep"inet addr"|awk '{print $2}'|awk -F":" '{print $2}')
NETMASK=$(/sbin/ifconfig eth0|grep"inet addr"|awk '{print $4}'|awk -F":" '{print $2}')
cat >/etc/sysconfig/network-scripts/ifcfg-eth0<<eof
DEVICE=eth0
BOOTPROTO=static
BROADCAST=$BROADCAST
HWADDR=$HWADDR
IPADDR=$IPADDR
NETMASK=$NETMASK
GATEWAY=$ROUTE
ONBOOT=yes
EOF
IPADDR1=$(echo $IPADDR|awk -F"."'{print $4}')
cat>/etc/sysconfig/network-scripts/ifcfg-eth1<<eof
DEVICE=eth1
BOOTPROTO=static
BROADCAST=10.0.0.255
HWADDR=$(/sbin/ifconfig eth1|grep -iHWaddr|awk '{print $5}')
IPADDR=10.0.0.$IPADDR1
NETMASK=255.255.255.0
ONBOOT=yes
EOF
HOSTNAME=Sx4MKOS_HZ_$(echo $IPADDR|awk-F"." '{print $4}')
cat >/etc/sysconfig/network<<eof
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=$HOSTNAME
GATEWAY=$ROUTE
EOF
echo "127.0.0.1 $HOSTNAME">> /etc/hosts
hostname=$HOSTNAME
echo "nameserver 8.8.8.8" > /etc/resolv.conf
echo "nameserver 8.8.4.4">> /etc/resolv.conf
|
#8 导入镜像到cobbler
1
| [iyunv@localhost ~]# cobbler import --path=/var/www/html/os/CentOS-6.5-i386/ --name=CentOS-6.5-i386 --arch=i386
|
PS:导入过程有点慢,抽支烟回来就好了~
完了进入目录查看一下。
1
2
3
4
5
6
7
| [iyunv@localhost ~]# cd /var/www/cobbler/ks_mirror
[iyunv@localhost ks_mirror]# ls
CentOS-6.5-i386 config
[iyunv@localhost ks_mirror]# ls CentOS-6.5-i386/
CentOS_BuildTag GPL isolinux RELEASE-NOTES-en-US.html RPM-GPG-KEY-CentOS-6 RPM-GPG-KEY-CentOS-Security-6 TRANS.TBL
EULA images Packages repodata RPM-GPG-KEY-CentOS-Debug-6 RPM-GPG-KEY-CentOS-Testing-6
[iyunv@localhost ks_mirror]#
|
OK,到现在为止呢所有环境已经设置完成。接下来就是客户端进行安装。不过最好还是做一次检查。确保你的所有相关服务都开启。配置文件配置正确。
废话不多说了。新建一个虚拟机,开始自动从cobbler服务器获取系统安装把~
见图:
本次教程到此结束。预知后事如何,请听下回分解~
</eof
</eof
</eof
|
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2014-12-19 08:31:51
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡