十二、Linux 时间同步与自动化装机
1.配置chrony服务,实现服务器时间自动同步
[root@localhost ~]# dnf install -y chrony
[root@localhost ~]# systemctl enable --now chronyd
[root@localhost ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-11-11 13:40:00 CST; 6s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 12022 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 12018 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 12020 (chronyd)
Tasks: 1 (limit: 12333)
Memory: 1.7M
CGroup: /system.slice/chronyd.service
└─12020 /usr/sbin/chronyd
[root@localhost ~]# cat /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool ntp.aliyun.com iburst
[root@localhost ~]# systemctl stop chronyd
[root@localhost ~]# date
Thu Dec 24 14:21:50 CST 2020
[root@localhost ~]# date -s "3 year"
Sun Dec 24 14:22:05 CST 2023
[root@localhost ~]# clock -w
[root@localhost ~]# clock
2023-12-24 14:22:32.757015+08:00
[root@localhost ~]# systemctl start chronyd
[root@localhost ~]# date
Sun Dec 24 14:22:59 CST 2023
[root@localhost ~]# date
Thu Dec 24 14:23:18 CST 2020
2.实现cobbler+pxe自动化装机
[root@localhost ~]# yum install cobbler dhcp cobbler-web -y
[root@localhost ~]# systemctl enable --now cobblerd httpd tftp dhcpd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Created symlink from /etc/systemd/system/sockets.target.wants/tftp.socket to /usr/lib/systemd/system/tftp.socket.
Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
Job for dhcpd.service failed because the control process exited with error code. See "systemctl status dhcpd.service" and "journalctl -xe" for details.
[root@localhost ~]# systemctl status cobblerd httpd tftp dhcpd
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2020-12-24 14:53:26 CST; 32s ago
Process: 16833 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS)
Main PID: 16832 (cobblerd)
Tasks: 1
Memory: 22.4M
CGroup: /system.slice/cobblerd.service
└─16832 /usr/bin/python2 -s /usr/bin/cobblerd -F
12月 24 14:53:25 localhost.localdomain systemd[1]: Starting Cobbler Helper Daemon...
12月 24 14:53:26 localhost.localdomain systemd[1]: Started Cobbler Helper Daemon.
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2020-12-24 14:53:26 CST; 32s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 16835 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
Tasks: 24
Memory: 17.6M
CGroup: /system.slice/httpd.service
├─16835 /usr/sbin/httpd -DFOREGROUND
├─16838 (wsgi:cobbler_w -DFOREGROUND
├─16839 /usr/sbin/httpd -DFOREGROUND
├─16840 /usr/sbin/httpd -DFOREGROUND
├─16841 /usr/sbin/httpd -DFOREGROUND
├─16842 /usr/sbin/httpd -DFOREGROUND
└─16843 /usr/sbin/httpd -DFOREGROUND
12月 24 14:53:26 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
12月 24 14:53:26 localhost.localdomain httpd[16835]: AH00558: httpd: Could not reliably determine t...age
12月 24 14:53:26 localhost.localdomain systemd[1]: Started The Apache HTTP Server.
● tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
Active: active (running) since 四 2020-12-24 14:53:26 CST; 32s ago
Docs: man:in.tftpd
Main PID: 16836 (in.tftpd)
Tasks: 1
Memory: 124.0K
CGroup: /system.slice/tftp.service
└─16836 /usr/sbin/in.tftpd -s /var/lib/tftpboot
12月 24 14:53:26 localhost.localdomain systemd[1]: Started Tftp Server.
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since 四 2020-12-24 14:53:26 CST; 32s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Process: 16837 ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid (code=exited, status=1/FAILURE)
Main PID: 16837 (code=exited, status=1/FAILURE)
12月 24 14:53:26 localhost.localdomain dhcpd[16837]: Internet Systems Consortium DHCP Server 4.2.5
12月 24 14:53:26 localhost.localdomain dhcpd[16837]: Copyright 2004-2013 Internet Systems Consortium.
12月 24 14:53:26 localhost.localdomain dhcpd[16837]: All rights reserved.
12月 24 14:53:26 localhost.localdomain dhcpd[16837]: For info, please visit https://www.isc.org/sof...cp/
12月 24 14:53:26 localhost.localdomain dhcpd[16837]: Not searching LDAP since ldap-server, ldap-por...ile
12月 24 14:53:26 localhost.localdomain dhcpd[16837]: Wrote 0 leases to leases file.
12月 24 14:53:26 localhost.localdomain systemd[1]: dhcpd.service: main process exited, code=exited,...URE
12月 24 14:53:26 localhost.localdomain systemd[1]: Failed to start DHCPv4 Server Daemon.
12月 24 14:53:26 localhost.localdomain systemd[1]: Unit dhcpd.service entered failed state.
12月 24 14:53:26 localhost.localdomain systemd[1]: dhcpd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
##根据以上提示,只需要做1,2,8这三项即可。
[root@localhost ~]# vim /etc/cobbler/settings
242 manage_dhcp: 1
278 next_server: 10.0.0.111
390 server: 10.0.0.111
[root@localhost ~]# vim /etc/cobbler/dhcp.template
[root@localhost ~]# cat !*
cat /etc/cobbler/dhcp.template
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.2;
option domain-name-servers 180.76.76.76,223.6.6.6;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.100 10.0.0.200;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
[root@localhost ~]# cobbler sync
task started: 2020-12-24_151701_sync
task started (id=Sync, time=Thu Dec 24 15:17:01 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@localhost ~]# systemctl start dhcpd
[root@localhost ~]# cobbler get-loaders
task started: 2020-12-24_151846_get_loaders
task started (id=Download Bootloader Content, time=Thu Dec 24 15:18:46 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
[root@localhost ~]# ls /var/lib/cobbler/loaders
COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README
COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot
[root@localhost ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
└── s390x
└── profile_list
10 directories, 7 files
[root@localhost ~]# cobbler sync
task started: 2020-12-24_152236_sync
task started (id=Sync, time=Thu Dec 24 15:22:36 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@localhost ~]# tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ ├── grub-x86_64.efi
│ ├── grub-x86.efi
│ └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── yaboot
10 directories, 10 files
[root@localhost ~]# vim /etc/cobbler/pxe/pxedefault.template
[root@localhost ~]# cat !*
cat /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.hinsang.com.cn
[root@localhost ~]# cobbler sync
[root@localhost ~]# cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.hinsang.com.cn
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
MENU end
[root@localhost ~]# mount /dev/sr0 /mnt/centos7/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@localhost ~]# cobbler import --name=centos-7-x86_64 --path=/mnt/centos7 --arch=x86_64
task started: 2020-12-24_153600_import
task started (id=Media import, time=Thu Dec 24 15:36:00 2020)
[root@localhost ~]# du -sh /var/www/cobbler/ks_mirror/*
1.6G /var/www/cobbler/ks_mirror/centos-7-x86_64
0 /var/www/cobbler/ks_mirror/config
[root@localhost ~]# cobbler distro list
centos-7-x86_64
[root@localhost ~]# cobbler profile list
centos-7-x86_64
注意:VMware虚拟机需要关闭DHCP功能
客户端访问界面
[root@localhost ~]# vim /var/lib/cobbler/kickstarts/centos7.cfg
[root@localhost ~]# cat !*
cat /var/lib/cobbler/kickstarts/centos7.cfg
ignoredisk --only-use=sda
zerombr
text
reboot
clearpart --all --initlabel
selinux --disabled
firewall --disabled
url --url=$tree #注意此行必须指定
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network --bootproto=dhcp --device=ens160 --ipv6=auto --activate
network --hostname=centos7.hinsang.com
rootpw --iscrypted
$6$nOPs5JTMlP4mhQeW$R/o62B6SXAh3RR.zrZ3U0X4xYX9/u5nSLrR/vqCB6kdO2XFfMk2a4yAgrHJQ
pXK/e4jzRb0jiLBv2nFMXaBjB/
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=wang --
password=$6$oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv
9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="wang"
part / --fstype="xfs" --ondisk=sda --size=102400
part /data --fstype="xfs" --ondisk=sda --size=51200
part swap --fstype="swap" --ondisk=sda --size=2048
part /boot --fstype="ext4" --ondisk=sda --size=1024
%packages
@^minimal-environment
kexec-tools
vim-enhanced
tree
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
[root@localhost ~]# cobbler profile add --name=CentOS-7.7_test --distro=CentOS-7 --distro=centos-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg
测试客户端基于cobbler实现自动安装
安装成功