第十二周作业

一、配置chrony服务，实现服务器时间自动同步

[aaa@qq.com cobbler]# yum install chrony -y
[aaa@qq.com cobbler]# cat /etc/chrony.conf
	# Please consider joining the pool (http://www.pool.ntp.org/join.html).
	server ntp1.aliyun.com iburst
	#server 1.centos.pool.ntp.org iburst
	#server 2.centos.pool.ntp.org iburst
	#server 3.centos.pool.ntp.org iburst
	###
	# Allow NTP client access from local network.
	allow 0.0.0.0/0
	#allow 192.168.0.0/16
	
	# Serve time even if not synchronized to a time source.
	local stratum 10
[aaa@qq.com ~]# systemctl restart chronyd
[aaa@qq.com ~]# chronyc sources -v
	210 Number of sources = 1

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 120.25.115.20                 2   6    17    21    -38us[ -274us] +/-   17ms

二、实现pxe自动化装机

pxe自动化安装centos7
环境：两台主机，一台做dhcp、httpd、tftp服务器（单网卡、NAT模式），一台测试机（单网卡、NAT模式）

1. 安装相关服务

[aaa@qq.com ~]# yum install httpd tftp-server dhcp syslinux -y
[aaa@qq.com ~]# systemctl start httpd tftp
[aaa@qq.com ~]# systemctl enable httpd tftp

2. 准备yum源

[aaa@qq.com ~]# mkdir /var/www/html/centos/{6,7}/os/x86_64 -pv
[aaa@qq.com ~]# mount /dev/cdrom /var/www/html/centos/7/os/x86_64
[aaa@qq.com ~]# mount /dev/sr1 /var/www/html/centos/6/os/x86_64

3. 安装和配置kickstart

[aaa@qq.com ~]# yum install -y system-config-kickstart
[aaa@qq.com ~]# system-config-kickstart
[aaa@qq.com ~]# mkdir  /var/www/html/ksdir/
[aaa@qq.com ~]# ls /var/www/html/ksdir/
[aaa@qq.com ~]# ks6_mini.cfg  ks7_mini.cfg

4. 配置dhcp服务

[aaa@qq.com ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
[aaa@qq.com ~]# vim /etc/dhcp/dhcpd.conf
	option domain-name "liuhua.com";
	option domain-name-servers 114.114.114.114;
	default-lease-time 86400;
	max-lease-time 864000;
	subnet 192.168.117.0 netmask 255.255.255.0 {
    	range 192.168.117.50 192.168.117.100;
   	 	option routers 192.168.117.1;
   		next-server 192.168.117.7;
   	 	filename "pxelinux.0";

}
[aaa@qq.com ~]# systemctl start dhcpd

5. 准备相关的文件

[aaa@qq.com ~]# cp /usr/share/syslinux/pxelinux.0  /var/lib/tftpboot/
[aaa@qq.com ~]# cp /usr/share/syslinux/menu.c32		/var/lib/tftpboot/
[aaa@qq.com ~]# mkdir /var/lib/tftpboot/centos{6,7}
[aaa@qq.com ~]# cp /var/www/html/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7
[aaa@qq.com ~]# cp /var/www/html/centos/6/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6
[aaa@qq.com ~]# mkdir /var/lib/tftpboot/pxelinux.cfg/
[aaa@qq.com ~]# cp /var/www/html/centos/7/os/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
[aaa@qq.com tftpboot]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── centos6
│   ├── initrd.img
│   └── vmlinuz
├── centos7
│   ├── initrd.img
│   └── vmlinuz
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg
    └── default
3 directories, 7 files

6. 准备启动菜单

[aaa@qq.com tftpboot]# cat /var/lib/tftpboot/pxelinux.cfg/default 
	default menu.c32
	timeout 600
	menu title CentOS Auto Install 
	
	label mini7
	  menu label Install CentOS ^Mini 7
	  kernel centos7/vmlinuz
	  append initrd=centos7/initrd.img ks=http://192.168.37.7/ksdir/ks7_mini.cfg
	
	label desktop
	  menu label Install CentOS ^Desktop 7
	  kernel centos7/vmlinuz
	  append initrd=centos7/initrd.img  ks=http://192.168.37.7/ksdir/ks7_desktop.cfg
	
	label mini6
	  menu label Install CentOS Mi^ni 6
	  kernel centos6/vmlinuz
	  append initrd=centos6/initrd.img ks=http://192.168.37.7/ksdir/ks6_mini.cfg
	
	label local
	  menu default
	  menu label Boot from ^local drive
	  localboot 0xffff

7. 测式机网卡启动

三、实现cobbler自动化装机

1.安装并启动cobbler、dhcp、tftp服务

[aaa@qq.com ~]# yum install cobbler dhcp
[aaa@qq.com ~]# systemctl start cobblerd httpd tftp

2.配置cobbler相关文件

[aaa@qq.com ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

[aaa@qq.com ~]# vim /etc/cobbler/settings
	default_password_crypted: "$1$RFO.hOYF$g79MJdrxFJMgpggQlhjev/" #openssl passwd -1
	###
	next_server: 192.168.117.17     #tftp服务器
	###
	manage_dhcp: 1
	###
	server: 192.168.117.17          #cobbler服务
[aaa@qq.com ~]# systemctl restart cobblerd

3.修改dhcp

[aaa@qq.com ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.117.0 netmask 255.255.255.0 {
     option routers             192.168.117.2;
     option domain-name-servers 192.168.117.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.117.100 192.168.117.254;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;

4.同步cobbler并下载相关loaders

[aaa@qq.com ~]# cobbler sync
[aaa@qq.com ~]# systemctl start dhcpd
[aaa@qq.com ~]# cobbler get-loaders
[aaa@qq.com ~]# cobbler sync

5.创建yum源

将cdrom挂载到/mnt目录下，

[aaa@qq.com ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 is write-protected, mounting read-only
导入到cobbler中，
[aaa@qq.com ~]# cobbler import --path=/mnt --name=CentOS7.6-x86_64 --arch=x86_64
[aaa@qq.com ~]# cobbler profile list
   CentOS7.6-x86_64
[aaa@qq.com ~]# cobbler distro list
   CentOS7.6-x86_64

6.准备ks文件

[aaa@qq.com kickstarts]# cp ks7_mini.cfg /var/lib/cobbler/kickstarts/
[aaa@qq.com kickstarts]# vim ks7_mini.cfg
url --url=$tree
创建cobbler的profile，包括指定yum源（distro）、（kickstart）
[aaa@qq.com kickstarts]# cobbler profile add --name CentOS7.6-x86_64_mini --distro=CentOS7.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_mini.cfg

将之前创建yum源而自动生成的profile移除，

[aaa@qq.com kickstarts]# cobbler profile list
   CentOS7.6-x86_64
   CentOS7.6-x86_64_mini
[aaa@qq.com kickstarts]# cobbler profile remove --name=CentOS7.6-x86_64

7.测试安装