運維自動化之系統安裝

實現方式

1 使用kickstart半自動化安裝CentOS系統（CentOS6）

1.1 什麼是kickstart安裝？

安裝系統時的應答文件，其中包括在典型安裝過程中可能會問的所有問題的答案。

1.2 KICKSTART Configurator（配置器）

Kickstart Configurator 允許使用圖形用戶界面創建和修改 kickstart 文件，這樣就需要記住文件的正確語法。

默認情況下，不會在 Red Hat Enterprise Linux 6 中安裝 Kickstart Configurator。運行yum install system-config-kickstart，或使用圖形化軟件包管理器安裝這個軟件。

要啓動 Kickstart Configurator，請將系統引導至圖形環境，然後運行 system-config-kickstart，或在 GNOME 桌面上點擊應用程序 → 系統工具 → Kickstart，或者在 KDE 桌面上點擊開始應用程序啓動器+應用程序 → 系統 → Kickstart。

創建 kickstart 文件時，可以在任何時候選擇 File → Preview 查看當前的選擇。

要修改現有的 kickstart 文件，選擇 File → Open File，並選擇文件。

1.2.1 基本配置

1.2.2 安裝方法

1.2.3 引導裝載程序選項

1.2.4 分區信息

1.2.5 網絡配置

1.2.6 認證

1.2.7 防火牆和selinux配置

1.2.8 顯示配置

1.2.9 軟件包選擇

1.2.10 安裝前腳本

1.2.11 安裝後腳本

1.2.12 保存文件

1.2.13 在瀏覽器中打開kickstart文件

1.3 新建一個虛擬機，使用剛纔創建好的kickstart文件來完成安裝

1.3.1 基本信息填寫

1.3.2 開機進入光盤引導界面後，按ESC鍵，然後填寫kickstart文件的位置信息

1.3.3 開始使用kickstart應答文件進行自動安裝

2 基於CentOS8的PXE自動化安裝CentOS系統

2.1 前提準備

selinux：關閉
firewalld：關閉
os：centos7
ip：192.168.7.81

2.2 安裝必要軟件包，並啓動

[root@CentOS8 yum.repos.d]# dnf install dhcp-server tftp-server httpd syslinux-nonlinux -y

注：syslinux-nonlinux這個包，在6,7系統上叫syslinux
[root@CentOS8 ~]# systemctl enable --now httpd tftp dhcpd

2.3 準備yum源

[root@CentOS8 ~]# mkdir /var/www/html/centos/{6,7,8}/isos/x86_64/ -p
[root@CentOS8 ~]# mount /dev/sr0 /var/www/html/centos/8/isos/x86_64/

2.4 準備ks文件

[root@CentOS8 ~]# mkdir /var/www/html/ksdir
[root@CentOS8 ~]# cat /var/www/html/ksdir/ks8.cfg 
ignoredisk --only-use=sda
zerombr
text
reboot
clearpart --all --initlabel
selinux --disabled
firewall --disabled
url --url=http://192.168.7.81/centos/8/isos/x86_64/
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network  --bootproto=dhcp --device=ens160 --ipv6=auto --activate
network  --hostname=centos8-pxe
rootpw --iscrypted $6$nOPs5JTMlP4mhQeW$R/o62B6SXAh3RR.zrZ3U0X4xYX9/u5nSLrR/vqCB6kdO2XFfMk2a4yAgrHJQpXK/e4jzRb0jiLBv2nFMXaBjB/
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=hechunping --password=$6$oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="hechunping"
part / --fstype="xfs" --ondisk=sda --size=102400
part /data --fstype="xfs" --ondisk=sda --size=51200
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="ext4" --ondisk=sda --size=1024
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

2.5 dhcp配置

[root@CentOS8 ~]# cp -p /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
[root@CentOS8 ~]# grep -Ev "^#|^$" /etc/dhcp/dhcpd.conf 
option domain-name "example.org";
option domain-name-servers 180.76.76.76,223.5.5.5;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 192.168.7.0 netmask 255.255.255.0 {
    range 192.168.7.100 192.168.7.200;
    option routers 192.168.7.2;
    next-server 192.168.7.81;
    filename "pxelinux.0";
}
[root@CentOS8 ~]# systemctl restart dhcpd

2.6 準備tftp相關文件

[root@CentOS8 ~]# cp -p /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot/
[root@CentOS8 ~]# cp -p /var/www/html/centos/8/isos/x86_64/isolinux/{ldlinux.c32,libcom32.c32,libutil.c32} /var/lib/tftpboot/
[root@CentOS8 ~]# mkdir /var/lib/tftpboot/pxelinux.cfg/
[root@CentOS8 ~]# cp -p /var/www/html/centos/8/isos/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
[root@CentOS8 ~]# cp -p /var/www/html/centos/6/isos/x86_64/isolinux/{initrd.img,vmlinuz} /var/lib/tftpboot/6/ 
[root@CentOS8 ~]# cp -p /var/www/html/centos/7/isos/x86_64/isolinux/{initrd.img,vmlinuz} /var/lib/tftpboot/7/ 
[root@CentOS8 ~]# cp -p /var/www/html/centos/8/isos/x86_64/isolinux/{initrd.img,vmlinuz} /var/lib/tftpboot/8/

[root@CentOS8 ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── 6
│   ├── initrd.img
│   └── vmlinuz
├── 7
│   ├── initrd.img
│   └── vmlinuz
├── 8
│   ├── initrd.img
│   └── vmlinuz
├── ldlinux.c32
├── libcom32.c32
├── libutil.c32
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg
    └── default

2.7 創建安裝菜單

[root@CentOS8 ~]# cat /var/lib/tftpboot/pxelinux.cfg/default 
default menu.c32
timeout 600

menu title CentOS Linux 

label linux8
  menu label Auto Install CentOS Linux ^8.0 Mini
  kernel 8/vmlinuz
  append initrd=8/initrd.img ks=http://192.168.7.81/ksdir/ks8.cfg

label linux7
  menu label Auto Install CentOS Linux ^7 Mini
  kernel 7/vmlinuz
  append initrd=7/initrd.img ks=http://192.168.7.81/ksdir/ks7.cfg

label linux6
  menu label Auto Install CentOS Linux ^6 Mini
  kernel 6/vmlinuz
  append initrd=6/initrd.img ks=http://192.168.7.81/ksdir/ks6.cfg

label manual
  menu label  ^Manual  Install CentOS Linux 8.0 
  kernel vmlinuz
  append initrd=initrd.img inst.repo=http://192.168.7.81/centos/8/isos/x86_64/

label local
  menu default
  menu label Boot from ^local drive
  localboot 0xffff

[root@CentOS8 ~]# systemctl restart tftp

2.8 開始自動安裝centos8

2.8.1 系統硬件基本配置

2.8.2 開機啓動在菜單選擇安裝CentOS8，後面讓它自己安裝就行了

6，7的安裝基本類似，這裏不再展開

3 CentOS7基於Cobbler自動化安裝系統

3.1 基本包的安裝和啓動

[root@CentOS7-01 ~]#yum install cobbler dhcp tftp httpd -y
[root@CentOS7-01 ~]#systemctl enable --now cobblerd httpd tftp dhcpd
這裏報dhcpd服務錯誤，是因爲還沒有配置相關文件，先不用管，繼續往下做

3.2 cobbler環境檢查

[root@CentOS7-01 ~]#cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

3.2.1 cobbler報錯解決

3.2.1.1 修改/etc/cobbler/settings文件中的server參數的值爲提供cobbler服務的主機相應的IP地址或主機名

server: 192.168.7.71

3.2.1.2 修改/etc/cobbler/settings文件中的next_server參數的值爲提供PXE服務的主機相應的IP地址

next_server: 192.168.7.71

3.2.1.3 在/etc/xinetd.d/tftp中將'disable'更改爲'no'

disable         = no

3.2.1.4 修改/etc/cobbler/settings文件，啓用Cobbler的DHCP管理功能。並修改下面文件/etc/cobbler/dhcp.template

manage_dhcp: 1

3.3 下載啓動菜單

[root@CentOS7-01 ~]#cobbler get-loaders

3.4 配置dhcp服務

subnet 192.168.7.0 netmask 255.255.255.0 {
     option routers             192.168.7.2;
     option domain-name-servers 8.8.8.8;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.7.100 192.168.7.254;

3.5 同步cobbler配置，並且重啓dhcp服務

[root@CentOS7-01 ~]#cobbler sync
...中間省略信息...
*** TASK COMPLETE ***

[root@CentOS7-01 ~]#systemctl restart dhcpd

3.6 管理distro

[root@CentOS7-01 ~]#mount /dev/sr0 /mnt
[root@CentOS7-01 ~]#cobbler import --name=centos8-x86_64 --path=/mnt --arch=x86_64

3.7 準備kickstart文件

[root@CentOS7-01 ~]#cat /var/lib/cobbler/kickstarts/ks8.cfg
#version=RHEL8 
ignoredisk --only-use=sda
zerombr
text
reboot
# Partition clearing information
clearpart --all --initlabel
selinux --disabled
firewall --disabled

# Use graphical install
url --url=$tree 
# Use CDROM installation media
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8

# Network information
network  --bootproto=dhcp --device=ens160 --ipv6=auto --activate
network  --hostname=centos8
# Root password
rootpw --iscrypted $6$nOPs5JTMlP4mhQeW$R/o62B6SXAh3RR.zrZ3U0X4xYX9/u5nSLrR/vqCB6kdO2XFfMk2a4yAgrHJQpXK/e4jzRb0jiLBv2nFMXaBjB/
# Run the Setup Agent on first boot
firstboot --enable
# Do not configure the X Window System
skipx
# System services
services --disabled="chronyd"
# System timezone
timezone Asia/Shanghai --isUtc --nontp
user --name=hechunping --password=$6$oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="hechunping"
# Disk partitioning information
part / --fstype="xfs" --ondisk=sda --size=102400
part /data --fstype="xfs" --ondisk=sda --size=51200
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="ext4" --ondisk=sda --size=1024

%packages
@^minimal-environment
kexec-tools
%end

%addon com_redhat_kdump --enable --reserve-mb='auto'
%end

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

3.8 管理profile

[root@CentOS7-01 ~]#cobbler profile add --name=centos8 --distro=centos8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks8.cfg

3.9 查看profiles

[root@CentOS7-01 ~]#cobbler profile list

3.10 查看引導文件

[root@CentOS7-01 ~]#cat /var/lib/tftpboot/pxelinux.cfg/default