(由于是从网卡启动安装,所以确保安装完成后,bios设置从硬盘启动,否则永远在安装)
下载linux7镜像文件 http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso 由于第一次安装的时候引用的CentOS-7-x86_64-DVD-1503-01.iso这个ISO包比较老(出现问题,无法排错),后来下载了CentOS-7-x86_64-DVD-1708.iso(http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso)就没问题了。
pxe-kickstart [root@linux-node1 ~]# mount /dev/cdrom /mnt [root@linux-node1 ~]# yum install -y httpd createrepo (createrepo可以创建仓库) [root@linux-node1 ~]# mkdir /var/www/html/CentOS-7.1-x86_64 [root@linux-node1 ~]# cp -a /mnt/* /var/www/html/CentOS-7.1-x86_64/ (把光盘数据复制到本地)
创建yum仓库 [root@linux-node1 ~]# createrepo -pdo/var/www/html/CentOS-7.1-x86_64/ /var/www/html/CentOS-7.1-x86_64/ Spawning worker 0 with 3576 pkgs Workers Finished Saving Primary metadata Saving file lists metadata Saving other metadata Generating sqlite DBs Sqlite DBs complete
创建组信息
[root@linux-node1 ~]# createrepo -g ls /var/www/html/CentOS-7.1-x86_64/repodata/*-comps.xml /var/www/html/CentOS-7.1-x86_64/
Spawning worker 0 with 3576 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@linux-node1 ~]# yum install -y tftp-server dhcp xinetd [root@linux-node1 ~]# vi /etc/xinetd.d/tftp disable = no
[root@linux-node1 ~]# vi /var/www/html/CentOS-7.1-x86_64/CentOS-7.1-x86_64.cfg (应答文件) #KickstartConfigurator by Reid #platform=x86, AMD64,or Intel EM64T #System language lang en_US #System keyboard keyboard us #Sytem timezone timezone Asia/Shanghai #Root password #rootpw --iscrypted$default_password_crypted rootpw --iscrypted $1$123456$RAzSeuiSEBl3TmLWT5f07. #Use text mode install text #Install OS instead ofupgrade install #Use NFS installationMedia #url --url=$tree url --url=http://192.168.1.31/CentOS-7.1-x86_64 #System bootloaderconfiguration bootloader --location=mbr #Clear the Master BootRecord zerombr #Partition clearinginformation clearpart --all --initlabel #Disk partitioninginformation part /boot --fstype xfs --size 1024 --ondisk sda part swap --size 16384 --ondisk sda part / --fstype xfs --size 1 --grow --ondisk sda #System authorizationinfomation auth --useshadow --enablemd5 #Network information #$SNIPPET('network_config') network --bootproto=dhcp --device=eth0 --onboot=on (第一次是使用了on,但是虚拟机启动后不能获得IP地址.后来改成network --bootproto=dhcp --device=eth0 --onboot=yes. 虚拟机启动后就能获取ip地址了 )(启动后不能获得IP地址,后面也有解决方法)
Reboot afterinstallation
reboot #Firewallconfiguration firewall --disabled #SELinux configuration selinux --disabled #Do not configureXWindows skipx
#Package installinformation %packages @ base @ core sysstat iptraf ntp lrzsz ncurses-devel openssl-devel zlib-devel OpenIPMI-tools mysql nmap screen %end
%post systemctl disable postfix.service %end
上传kickstart的配置文件CentOS-7.1-x86_64.cfg到/var/www/html/CentOS-7.1-x86_64/ [root@linux-node1 ~]#cd /var/www/html/CentOS-7.1-x86_64/
rootpw的由来
[root@linux-node1]# openssl passwd -1 -salt '123456' ##注意‘123456’不是密码而是salt
Password: ##这里输入的是密码
$1$123456$RAzSeuiSEBl3TmLWT5f07. ##这是生成的密文密码
##将生成的密码串,手动添加到/etc/shadow中就可用作用户的登陆密码了。
openssl passwd常用的选项如下:
-1:表示采用的是MD5加密算法。
-salt:指定salt值,不使用随机产生的salt。在使用加密算法进行加密时,即使密码一样,salt不一样,所计算出来的hash值也不一样,除非密码一样,salt值也一样,计算出来的hash值才一样。
[root@linux-node1 ~]# cd /usr/share/doc/dhcp-4.2.5 [root@linux-node1 dhcp-4.2.5]# cp dhcpd.conf.example /etc/dhcp/dhcpd.conf cp: overwrite ?etc/dhcp/dhcpd.conf? y [root@linux-node1 ~]# vi /etc/dhcp/dhcpd.conf
which we don't really recommend.
subnet 192.168.1.0 netmask 255.255.255.0 { range dynamic-bootp 192.168.1.130 192.168.1.140; next-server 192.168.1.31; filename "pxelinux.0"; }
[root@linux-node1 ~]# systemctl start dhcpd
[root@linux-node1 ~]# systemctl start httpd
[root@linux-node1 ~]# systemctl start xinetd
[root@linux-node1 ~]# netstat -ntulp |grep httpd,dhcpd,xintd
[root@linux-node1 ~]# netstat -ntulp |grep httpd
tcp6 0 0 :::35357 :::* LISTEN 2826/httpd
tcp6 0 0 :::80 :::* LISTEN 2826/httpd
tcp6 0 0 :::5001 :::* LISTEN 2826/httpd
[root@linux-node1 ~]# netstat -ntulp |grep dhcpd
udp 0 0 0.0.0.0:52620 0.0.0.0:* 13924/dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0:* 13924/dhcpd
udp6 0 0 :::57041 :::* 13924/dhcpd
[root@linux-node1 ~]# netstat -ntulp |grep xinetd
udp 0 0 0.0.0.0:69 0.0.0.0:* 13955/xinetd
[root@linux-node1 ~]# vi /etc/httpd/conf/httpd.conf Listen 80 [root@linux-node1 ~]# systemctl restart httpd
测试能不能访问 [root@linux-node1 ~]# curl --head http://192.168.1.31/CentOS-7.1-x86_64/CentOS-7.1-x86_64.cfg HTTP/1.1 200 OK Date: Thu, 30 Nov 2017 09:06:52 GMT Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5 Last-Modified: Thu, 30 Nov 2017 08:40:08 GMT ETag: "4ef-55f2f330aca00" Accept-Ranges: bytes Content-Length: 1263 Content-Type: text/plain; charset=UTF-8
tftp 里面一些准备文件,一些组信息,内核镜像,pxelinux.0 [root@linux-node1 ~]# yum install -y syslinux [root@linux-node1 ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/ (把pxelinux.0拷贝到tftp的启动目录) [root@linux-node1 ~]# cp /mnt/isolinux/* /var/lib/tftpboot/ (拷贝启动镜像:vmlinuz(内核) initrd.img(映像) boot.msg(启动选单)) [root@linux-node1 ~]# mkdir /var/lib/tftpboot/pxelinux.cfg [root@linux-node1 ~]# cd /var/lib/tftpboot/pxelinux.cfg/ [root@linux-node1 pxelinux.cfg]# cp /mnt/isolinux/isolinux.cfg default [root@linux-node1 pxelinux.cfg]# vi default label linux menu label ^Install CentOS Linux 7 kernel vmlinuz append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 quiet
label ks menu label ^AUTO CentOS 7 kernel vmlinuz append initrd=initrd.img ks=http://192.168.1.31/CentOS-7.1-x86_64/CentOS-7.1-x86_64.cfg
开始安装虚拟机 这里不要选从光盘安装,
安装Centos7虚拟机内存必须要超过1G,否则安装会出错。
一般网络连接都选桥接
安装的时候先选"AUTO Centos 7",再选Press Tab for full configuration options on menu items.
加启动参数net.ifnames=0 biosdevname=0
这样安装就会修改默认的网卡名称为eth0
[root@linux-node1 ~]# tail -f /var/log/messages (查看到正在分配ip地址,才能确定是从服务器上在安装客户端虚拟机)
出错:new value non-existent xfs filesystem is not valid as a default fs type Pane is dead
由于引用的CentOS-7-x86_64-DVD-1503-01.iso这个ISO包比较老,后来下载了CentOS-7-x86_64-DVD-1708.iso(http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso)就没问题了。
安装后,虚拟机启动无IP地址
[root@linux-node1 ~]#cd /etc/sysconfig/network-scripts [root@linux-node1 ~]#ll [root@linux-node1 ~]#vi ifcfg-eth0 ONBOOT=yes [root@linux-node1 ~]#systemctl restart nework [root@linux-node1 ~]#ip add (eth0已经获取IP地址)
cobbler部署(实验机IP:192.168.1.103) 可以解决Kickstart繁琐的工作,实现自动化 安装需要的包 [root@linux-node1 ~]# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd -y [root@linux-node1 ~]# systemctl restart httpd [root@localhost ~]# systemctl status cobblerd ?cobblerd.service - Cobbler Helper Daemon Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2017-12-05 11:11:29 CST; 10s ago Process: 2008 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS) Main PID: 2007 (cobblerd) CGroup: /system.slice/cobblerd.service 忖2007 /usr/bin/python2 -s /usr/bin/cobblerd -F
Dec 05 11:11:28 localhost.localdomain systemd[1]: Starting Cobbler Helper Dae... Dec 05 11:11:29 localhost.localdomain systemd[1]: Started Cobbler Helper Daemon. Hint: Some lines were ellipsized, use -l to show in full.
检查
[root@linux-node1 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp 4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : enable and start rsyncd.service with systemctl 6 : debmirror package is not installed, it will be required to manage debian deployments and repositories 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
Step 1 + 2
[root@linux-node1 ~]# vi /etc/cobbler/settings
server: 192.168.1.31
next_server:192.168.1.31 ###PXE的东西放置在那里
manage_dhcp: 1 ##修改成1 ,cobbler管理dhcp
Step 7 [root@linux-node1 ~]# openssl passwd -1 -salt 'oldboy' 'oldboy' (cobbler新建虚拟机root密码:oldboy) $1$oldboy$fXF8f078vI9J/q9XyXA8e/
[root@linux-node1 ~]# vi /etc/cobbler/settings default_password_crypted: "$1$oldboy$fXF8f078vI9J/q9XyXA8e/"
Step 3 [root@linux-node1 ~]#vi /etc/xinetd.d/tftp #把tftp打开 disable = no
Step 4 [root@linux-node1 ~]# cobbler get-loaders
Step 5 [root@linux-node1 ~]# systemctl enable rsyncd.service Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service. [root@linux-node1 ~]# systemctl start rsyncd.service
Step 6,8不用处理
[root@linux-node1 ~]# systemctl restart cobblerd [root@linux-node1 ~]# cobbler check
修改dchp.template,因为已经由cobbler修改 [root@linux-node1 ~]# vi /etc/cobbler/dhcp.template subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option domain-name-servers 223.6.6.6; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.1.130 192.168.1.140;
[root@linux-node1 ~]#cobbler sync ##修改完需要同步
[root@linux-node1 ~]# cobbler import --path=/mnt/ --name=CentOS-7.1-x86_64 --arch=x86_64 task started: 2017-12-01_132125_import task started (id=Media import, time=Fri Dec 1 13:21:25 2017) No signature matched in /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64 !!! TASK FAILED !!!
解决:(不是在/var/log/cobbler/cobbler.log中找到的问题)
[root@linux-node1 ~]# mount /dev/cdrom /mnt
[root@localhost ~]# ls /mnt (一定要确保mnt成功后才能导入)
CentOS_BuildTag GPL LiveOS RPM-GPG-KEY-CentOS-7
EFI images Packages RPM-GPG-KEY-CentOS-Testing-7
EULA isolinux repodata TRANS.TBL
[root@linux-node1 ~]# cobbler import --path=/mnt/ --name=CentOS-7.1-x86_64 --arch=x86_64
task started: 2017-12-05_130957_import
task started (id=Media import, time=Tue Dec 5 13:09:57 2017)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64:
creating new distro: CentOS-7.1-x86_64
creating new profile: CentOS-7.1-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64 for CentOS-7.1-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.1-x86_64/repodata/comps.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.1-x86_64/repodata
*** TASK COMPLETE ***
/var/www/cobbler/ks_mirror/ (以上镜像CentOS-7.1-x86_64的导入位置)
[root@localhost ~]# cobbler list distros: CentOS-7.1-x86_64 ##创建一个仓库
profiles: ##创建一个配置 CentOS-7.1-x86_64
kickstart文件放这里: cd /var/lib/cobbler/kickstarts/ [root@linux-node1 ~]#vi /var/lib/cobbler/kickstarts/CentOS-7.1-x86_64.cfg #KickstartConfigurator by Reid #platform=x86, AMD64,or Intel EM64T #System language lang en_US #System keyboard keyboard us #Sytem timezone timezone Asia/Shanghai #Root password rootpw --iscrypted $default_password_crypted #rootpw --iscrypted $1$123456$RAzSeuiSEBl3TmLWT5f07. #Use text mode install text #Install OS instead ofupgrade install #Use NFS installationMedia url --url=$tree #url --url=http://192.168.1.103/CentOS-7.1-x86_64 #System bootloaderconfiguration bootloader --location=mbr #Clear the Master BootRecord zerombr #Partition clearinginformation clearpart --all --initlabel #Disk partitioninginformation part /boot --fstype xfs --size 1024 --ondisk sda part swap --size 16384 --ondisk sda part / --fstype xfs --size 1 --grow --ondisk sda #System authorizationinfomation auth --useshadow --enablemd5 #Network information $SNIPPET('network_config') #network --bootproto=dhcp --device=eth0 --onboot=on
Reboot afterinstallation
reboot #Firewallconfiguration firewall --disabled #SELinux configuration selinux --disabled #Do not configureXWindows skipx
%pre $SNIPPET('log_ks_pre') $SNIPPET('kickstart_start') $SNIPPET('pre_install_network_config')
Enable installation monitoring
$SNIPPET('pre_anamon') %end
#Package installinformation %packages @ base @ core sysstat iptraf ntp lrzsz ncurses-devel openssl-devel zlib-devel OpenIPMI-tools mysql nmap screen %end
%post systemctl disable postfix.service %end
[root@linux-node1 ~]#cobbler profile report ##多个要指定-name Kernel Options : {} ###网卡要修改为eth0,所以要修改kernal参数 Kickstart :/var/lib/cobbler/kickstarts/sample_end.ks
修改内核参数 [root@linux-node1 ~]#cobbler profile edit --name=CentOS-7.1-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.1-x86_64.cfg [root@linux-node1 ~]#cobbler profile edit --name=CentOS-7.1-x86_64 --kopts='net.ifnames=0 biosdevname=0' ##添加内核参数 [root@linux-node1 ~]#cobbler sync [root@linux-node1 ~]#cobbler profile report Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'} Kickstart : /var/lib/cobbler/kickstarts/CentOS-7.1-x86_64.cfg
修改Cobbler提示 [root@linux-node1 ~]#vi /etc/cobbler/pxe/pxedefault.template MENU TITLE Cobbler by Norman Jin | http://cobbler.github.io/
[root@linux-node1 ~]#cobbler sync
开始安装虚拟机
无人值守安装出现 PXE-E32:TFTP open timeout的解决办法 [root@linux-node1 ~]#service iptables stop
再次安装虚拟机
安装Centos7虚拟机内存必须要超过1G,否则安装会出错。
再安装个绑定主机名,网卡MAC地址以及IP地址的虚拟机 记录MAC地址:00:0C:29:3B:FC:6A
[root@linux-node1 ~]#cobbler system add --name=norman --mac=00:0C:29:3B:FC:6A --profile=CentOS-7.1-x86_64 --ip-address=192.168.1.139 --subnet=255.255.255.0 --gateway=192.168.1.1 --interface=eth0 --static=1 --hostname=norman.example.com --name-servers="223.6.6.6 114.114.114.114"
[root@linux-node1 ~]#cobbler system list norman 直接安装
cobbler web介面
[root@linux-node1 ~]#cat /etc/httpd/conf.d/cobbler_web.conf
https://192.168.1.103/cobbler_web ##新版默认是https
username:cobbler
passoword:cobbler
