自动化安装linux

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了自动化安装linux相关的知识,希望对你有一定的参考价值。

(由于是从网卡启动安装,所以确保安装完成后,bios设置从硬盘启动,否则永远在安装)

下载linux7镜像文件
http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso
由于第一次安装的时候引用的CentOS-7-x86_64-DVD-1503-01.iso这个ISO包比较老(出现问题,无法排错),后来下载了CentOS-7-x86_64-DVD-1708.iso(http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso)就没问题了

pxe-kickstart
[root@linux-node1 ~]# mount /dev/cdrom /mnt
[root@linux-node1 ~]# yum install -y httpd createrepo (createrepo可以创建仓库)
[root@linux-node1 ~]# mkdir /var/www/html/CentOS-7.1-x86_64
[root@linux-node1 ~]# cp -a /mnt/* /var/www/html/CentOS-7.1-x86_64/ (把光盘数据复制到本地)

创建yum仓库
[root@linux-node1 ~]# createrepo -pdo/var/www/html/CentOS-7.1-x86_64/ /var/www/html/CentOS-7.1-x86_64/
Spawning worker 0 with 3576 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete

创建组信息
[root@linux-node1 ~]# createrepo -g ls /var/www/html/CentOS-7.1-x86_64/repodata/*-comps.xml /var/www/html/CentOS-7.1-x86_64/
Spawning worker 0 with 3576 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete

[root@linux-node1 ~]# yum install -y tftp-server dhcp xinetd
[root@linux-node1 ~]# vi /etc/xinetd.d/tftp
disable = no

[root@linux-node1 ~]# vi /var/www/html/CentOS-7.1-x86_64/CentOS-7.1-x86_64.cfg (应答文件)
#KickstartConfigurator by Reid
#platform=x86, AMD64,or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
#rootpw --iscrypted$default_password_crypted
rootpw --iscrypted $1$123456$RAzSeuiSEBl3TmLWT5f07.
#Use text mode install
text
#Install OS instead ofupgrade
install
#Use NFS installationMedia
#url --url=$tree
url --url=http://192.168.1.31/CentOS-7.1-x86_64
#System bootloaderconfiguration
bootloader --location=mbr
#Clear the Master BootRecord
zerombr
#Partition clearinginformation
clearpart --all --initlabel
#Disk partitioninginformation
part /boot --fstype xfs --size 1024 --ondisk sda
part swap --size 16384 --ondisk sda
part / --fstype xfs --size 1 --grow --ondisk sda
#System authorizationinfomation
auth --useshadow --enablemd5
#Network information
#$SNIPPET(‘network_config‘)
network --bootproto=dhcp --device=eth0 --onboot=on (第一次是使用了on,但是虚拟机启动后不能获得IP地址.后来改成network --bootproto=dhcp --device=eth0 --onboot=yes. 虚拟机启动后就能获取ip地址了 )(启动后不能获得IP地址,后面也有解决方法)

Reboot afterinstallation

reboot
#Firewallconfiguration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configureXWindows
skipx

#Package installinformation
%packages
@ base
@ core
sysstat
iptraf
ntp
lrzsz
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
mysql
nmap
screen
%end

%post
systemctl disable postfix.service
%end

上传kickstart的配置文件CentOS-7.1-x86_64.cfg到/var/www/html/CentOS-7.1-x86_64/
[root@linux-node1 ~]#cd /var/www/html/CentOS-7.1-x86_64/

rootpw的由来
[root@linux-node1]# openssl passwd -1 -salt ‘123456‘ ##注意‘123456’不是密码而是salt
Password: ##这里输入的是密码
$1$123456$RAzSeuiSEBl3TmLWT5f07. ##这是生成的密文密码
##将生成的密码串,手动添加到/etc/shadow中就可用作用户的登陆密码了。
openssl passwd常用的选项如下:
-1:表示采用的是MD5加密算法。
-salt:指定salt值,不使用随机产生的salt。在使用加密算法进行加密时,即使密码一样,salt不一样,所计算出来的hash值也不一样,除非密码一样,salt值也一样,计算出来的hash值才一样。

[root@linux-node1 ~]# cd /usr/share/doc/dhcp-4.2.5
[root@linux-node1 dhcp-4.2.5]# cp dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite ?etc/dhcp/dhcpd.conf? y
[root@linux-node1 ~]# vi /etc/dhcp/dhcpd.conf

which we don‘t really recommend.

subnet 192.168.1.0 netmask 255.255.255.0
range dynamic-bootp 192.168.1.130 192.168.1.140;
next-server 192.168.1.31;
filename "pxelinux.0";

[root@linux-node1 ~]# systemctl start dhcpd
[root@linux-node1 ~]# systemctl start httpd
[root@linux-node1 ~]# systemctl start xinetd
[root@linux-node1 ~]# netstat -ntulp |grep httpd,dhcpd,xintd
[root@linux-node1 ~]# netstat -ntulp |grep httpd
tcp6 0 0 :::35357 ::: LISTEN 2826/httpd
tcp6 0 0 :::80 :::
LISTEN 2826/httpd
tcp6 0 0 :::5001 ::: LISTEN 2826/httpd
[root@linux-node1 ~]# netstat -ntulp |grep dhcpd
udp 0 0 0.0.0.0:52620 0.0.0.0:
13924/dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0: 13924/dhcpd
udp6 0 0 :::57041 :::
13924/dhcpd
[root@linux-node1 ~]# netstat -ntulp |grep xinetd
udp 0 0 0.0.0.0:69 0.0.0.0:* 13955/xinetd

[root@linux-node1 ~]# vi /etc/httpd/conf/httpd.conf
Listen 80
[root@linux-node1 ~]# systemctl restart httpd

测试能不能访问
[root@linux-node1 ~]# curl --head http://192.168.1.31/CentOS-7.1-x86_64/CentOS-7.1-x86_64.cfg
HTTP/1.1 200 OK
Date: Thu, 30 Nov 2017 09:06:52 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
Last-Modified: Thu, 30 Nov 2017 08:40:08 GMT
ETag: "4ef-55f2f330aca00"
Accept-Ranges: bytes
Content-Length: 1263
Content-Type: text/plain; charset=UTF-8

tftp 里面一些准备文件,一些组信息,内核镜像,pxelinux.0
[root@linux-node1 ~]# yum install -y syslinux
[root@linux-node1 ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/ (把pxelinux.0拷贝到tftp的启动目录)
[root@linux-node1 ~]# cp /mnt/isolinux/* /var/lib/tftpboot/ (拷贝启动镜像:vmlinuz(内核) initrd.img(映像) boot.msg(启动选单))
[root@linux-node1 ~]# mkdir /var/lib/tftpboot/pxelinux.cfg
[root@linux-node1 ~]# cd /var/lib/tftpboot/pxelinux.cfg/
[root@linux-node1 pxelinux.cfg]# cp /mnt/isolinux/isolinux.cfg default
[root@linux-node1 pxelinux.cfg]# vi default
label linux
menu label ^Install CentOS Linux 7
kernel vmlinuz
append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 quiet

label ks
menu label ^AUTO CentOS 7
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.1.31/CentOS-7.1-x86_64/CentOS-7.1-x86_64.cfg

开始安装虚拟机
这里不要选从光盘安装,

安装Centos7虚拟机内存必须要超过1G,否则安装会出错。

一般网络连接都选桥接

安装的时候先选"AUTO Centos 7",再选Press Tab for full configuration options on menu items.

加启动参数net.ifnames=0 biosdevname=0

这样安装就会修改默认的网卡名称为eth0

[root@linux-node1 ~]# tail -f /var/log/messages (查看到正在分配ip地址,才能确定是从服务器上在安装客户端虚拟机)

出错:new value non-existent xfs filesystem is not valid as a default fs type Pane is dead

由于引用的CentOS-7-x86_64-DVD-1503-01.iso这个ISO包比较老,后来下载了CentOS-7-x86_64-DVD-1708.iso(http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso)就没问题了

安装后,虚拟机启动无IP地址

[root@linux-node1 ~]#cd /etc/sysconfig/network-scripts
[root@linux-node1 ~]#ll
[root@linux-node1 ~]#vi ifcfg-eth0
ONBOOT=yes
[root@linux-node1 ~]#systemctl restart nework
[root@linux-node1 ~]#ip add (eth0已经获取IP地址)

cobbler部署(实验机IP:192.168.1.103)
可以解决Kickstart繁琐的工作,实现自动化
安装需要的包
[root@linux-node1 ~]# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd -y
[root@linux-node1 ~]# systemctl restart httpd
[root@localhost ~]# systemctl status cobblerd
?cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2017-12-05 11:11:29 CST; 10s ago
Process: 2008 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS)
Main PID: 2007 (cobblerd)
CGroup: /system.slice/cobblerd.service
忖2007 /usr/bin/python2 -s /usr/bin/cobblerd -F

Dec 05 11:11:28 localhost.localdomain systemd[1]: Starting Cobbler Helper Dae...
Dec 05 11:11:29 localhost.localdomain systemd[1]: Started Cobbler Helper Daemon.
Hint: Some lines were ellipsized, use -l to show in full.

检查
[root@linux-node1 ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The ‘server‘ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the ‘next_server‘ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change ‘disable‘ to ‘no‘ in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders‘ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders‘ command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler‘ and should be changed, try: "openssl passwd -1 -salt ‘random-phrase-here‘ ‘your-password-here‘" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run ‘cobbler sync‘ to apply changes.

Step 1 + 2
[root@linux-node1 ~]# vi /etc/cobbler/settings
server: 192.168.1.31
next_server:192.168.1.31 ###PXE的东西放置在那里
manage_dhcp: 1 ##修改成1 ,cobbler管理dhcp

Step 7
[root@linux-node1 ~]# openssl passwd -1 -salt ‘oldboy‘ ‘oldboy‘ (cobbler新建虚拟机root密码:oldboy)
$1$oldboy$fXF8f078vI9J/q9XyXA8e/

[root@linux-node1 ~]# vi /etc/cobbler/settings
default_password_crypted: "$1$oldboy$fXF8f078vI9J/q9XyXA8e/"

Step 3
[root@linux-node1 ~]#vi /etc/xinetd.d/tftp #把tftp打开
disable = no

Step 4
[root@linux-node1 ~]# cobbler get-loaders

Step 5
[root@linux-node1 ~]# systemctl enable rsyncd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
[root@linux-node1 ~]# systemctl start rsyncd.service

Step 6,8不用处理

[root@linux-node1 ~]# systemctl restart cobblerd
[root@linux-node1 ~]# cobbler check

修改dchp.template,因为已经由cobbler修改
[root@linux-node1 ~]# vi /etc/cobbler/dhcp.template
subnet 192.168.1.0 netmask 255.255.255.0
option routers 192.168.1.1;
option domain-name-servers 223.6.6.6;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.1.130 192.168.1.140;

[root@linux-node1 ~]#cobbler sync ##修改完需要同步

[root@linux-node1 ~]# cobbler import --path=/mnt/ --name=CentOS-7.1-x86_64 --arch=x86_64
task started: 2017-12-01_132125_import
task started (id=Media import, time=Fri Dec 1 13:21:25 2017)
No signature matched in /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64
!!! TASK FAILED !!!

解决:(不是在/var/log/cobbler/cobbler.log中找到的问题)
[root@linux-node1 ~]# mount /dev/cdrom /mnt
[root@localhost ~]# ls /mnt (一定要确保mnt成功后才能导入)
CentOS_BuildTag GPL LiveOS RPM-GPG-KEY-CentOS-7
EFI images Packages RPM-GPG-KEY-CentOS-Testing-7
EULA isolinux repodata TRANS.TBL
[root@linux-node1 ~]# cobbler import --path=/mnt/ --name=CentOS-7.1-x86_64 --arch=x86_64
task started: 2017-12-05_130957_import
task started (id=Media import, time=Tue Dec 5 13:09:57 2017)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64:
creating new distro: CentOS-7.1-x86_64
creating new profile: CentOS-7.1-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64 for CentOS-7.1-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64/repodata/comps.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.1-x86_64/repodata
TASK COMPLETE
/var/www/cobbler/ks_mirror/ (以上镜像CentOS-7.1-x86_64的导入位置)

[root@localhost ~]# cobbler list
distros:
CentOS-7.1-x86_64 ##创建一个仓库

profiles: ##创建一个配置
CentOS-7.1-x86_64

kickstart文件放这里: cd /var/lib/cobbler/kickstarts/
[root@linux-node1 ~]#vi /var/lib/cobbler/kickstarts/CentOS-7.1-x86_64.cfg
#KickstartConfigurator by Reid
#platform=x86, AMD64,or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $default_password_crypted
#rootpw --iscrypted $1$123456$RAzSeuiSEBl3TmLWT5f07.
#Use text mode install
text
#Install OS instead ofupgrade
install
#Use NFS installationMedia
url --url=$tree
#url --url=http://192.168.1.103/CentOS-7.1-x86_64
#System bootloaderconfiguration
bootloader --location=mbr
#Clear the Master BootRecord
zerombr
#Partition clearinginformation
clearpart --all --initlabel
#Disk partitioninginformation
part /boot --fstype xfs --size 1024 --ondisk sda
part swap --size 16384 --ondisk sda
part / --fstype xfs --size 1 --grow --ondisk sda
#System authorizationinfomation
auth --useshadow --enablemd5
#Network information
$SNIPPET(‘network_config‘)
#network --bootproto=dhcp --device=eth0 --onboot=on

Reboot afterinstallation

reboot
#Firewallconfiguration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configureXWindows
skipx

%pre
$SNIPPET(‘log_ks_pre‘)
$SNIPPET(‘kickstart_start‘)
$SNIPPET(‘pre_install_network_config‘)

Enable installation monitoring

$SNIPPET(‘pre_anamon‘)
%end

#Package installinformation
%packages
@ base
@ core
sysstat
iptraf
ntp
lrzsz
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
mysql
nmap
screen
%end

%post
systemctl disable postfix.service
%end

[root@linux-node1 ~]#cobbler profile report ##多个要指定-name
Kernel Options : ###网卡要修改为eth0,所以要修改kernal参数
Kickstart :/var/lib/cobbler/kickstarts/sample_end.ks

修改内核参数
[root@linux-node1 ~]#cobbler profile edit --name=CentOS-7.1-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.1-x86_64.cfg
[root@linux-node1 ~]#cobbler profile edit --name=CentOS-7.1-x86_64 --kopts=‘net.ifnames=0 biosdevname=0‘ ##添加内核参数
[root@linux-node1 ~]#cobbler sync
[root@linux-node1 ~]#cobbler profile report
Kernel Options : ‘biosdevname‘: ‘0‘, ‘net.ifnames‘: ‘0‘
Kickstart : /var/lib/cobbler/kickstarts/CentOS-7.1-x86_64.cfg

修改Cobbler提示
[root@linux-node1 ~]#vi /etc/cobbler/pxe/pxedefault.template
MENU TITLE Cobbler by Norman Jin | http://cobbler.github.io/

[root@linux-node1 ~]#cobbler sync

开始安装虚拟机

无人值守安装出现 PXE-E32:TFTP open timeout的解决办法
[root@linux-node1 ~]#service iptables stop

再次安装虚拟机

安装Centos7虚拟机内存必须要超过1G,否则安装会出错。

再安装个绑定主机名,网卡MAC地址以及IP地址的虚拟机
记录MAC地址:00:0C:29:3B:FC:6A

[root@linux-node1 ~]#cobbler system add --name=norman --mac=00:0C:29:3B:FC:6A --profile=CentOS-7.1-x86_64 --ip-address=192.168.1.139 --subnet=255.255.255.0 --gateway=192.168.1.1 --interface=eth0 --static=1 --hostname=norman.example.com --name-servers="223.6.6.6 114.114.114.114"

[root@linux-node1 ~]#cobbler system list
norman
直接安装

cobbler web介面
[root@linux-node1 ~]#cat /etc/httpd/conf.d/cobbler_web.conf
https://192.168.1.103/cobbler_web ##新版默认是https
username:cobbler
passoword:cobbler

以上是关于自动化安装linux的主要内容,如果未能解决你的问题,请参考以下文章

红帽系Linux系统安装流程及自动化安装

自动化安装linux--cobbler

Linux学习之路-Linux自动化系统安装12---20171230

Linux-运维自动化之系统安装

自动化安装linux

Linux自动化批量部署安装系统