DHCP及cobbler系统自动化部署

最新推荐文章于 2022-10-14 14:51:25 发布

FlamencaH

最新推荐文章于 2022-10-14 14:51:25 发布

阅读量3k

点赞数 1

分类专栏：基础作业文章标签： linux dhcp 网络

本文链接：https://blog.csdn.net/FlamencaH/article/details/106759521

版权

本文介绍了系统自动化部署的过程，包括使用system-config-kickstart工具，通过HTTP服务自动安装，搭建DHCP服务器以及PXE安装系统。详细讲解了DHCP服务的配置与工作流程，以及如何利用cobbler和PXE实现Linux系统的自动化安装。最后提到了cobbler-web的管理和账户认证方法。

摘要由CSDN通过智能技术生成

系统自动化系统部署

系统安装过程

# CentOS系统安装
系统启动流程：
bootloader --> kernel(initramfs) --> rootfs --> /sbin/init

system-config-kickstart工具

下载安装system-config-kickstart

[root@localhost ~]#yum install system-config-kickstart -y

运行system-config-kickstart

[root@localhost ~]#system-config-kickstart

在这里插入图片描述

/ 100000MB
swap 4000MB
/boot 1000MB

在这里插入图片描述

包选择竟然是空的，centos7该选择是禁用的

解决方法：修改yum源

[base]#将此处的base更改为development
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

在这里插入图片描述

在这里插入图片描述
配置anaconda(安装向导程序)

ks7_mini.cfg 文件

[root@centos7 ~]# cat ks7_mini.cfg 
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$MNh4wJLu$gUqsJa/UFTiRiO8tT/Hbr0
# System language
lang en_US
# System authorization information
auth  --useshadow  --passalgo=sha512
# Use text mode install
text
firstboot --disable
# SELinux configuration
selinux --disabled


# Firewall configuration
firewall --disabled
# Network information
network  --bootproto=dhcp --device=eth0
# Reboot after installation
reboot
# System timezone
timezone Africa/Abidjan
# Use network installation
url --url="http://192.168.33.130/centos/7/os/x86_64/"
# System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="xfs" --size=1000
part / --fstype="xfs" --size=100000
part swap --fstype="swap" --size=4000

%post
mkdir /root/.ssh
chmod 700 /root/.ssh
cat>/root/.ssh/authorized_keys <<EOF 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFGEy7Esw+RBOf4HAyob5hHpsLegLKDiLngwJB/1A7Zu3/NRbiPLAAMz3tH97HDjPfZpW4OCJCmLSQEUmh9uj9r58GEDHzaTfVvS39S6rFny5RcOzyPAIbozOlxpAyuiaFiea2xaMDHOY4KZeyTQ78ECwNCUm40o+be3nrxBwjk8WHVmfIeV9oiBHl+LWFbTrVNP0oiQjo/uIFoB6/GQ7/6e9iop/UV1qJaQ+X3ecfclAedEw7aqdjZCdWW9XLgSHzKsDBIX/Z5MRFNWeOd7PDrdX+edqVYi10nGEziInTUIJcmvRIw8XQ0Cj0DahaoA55zYQjDuq1WxmSDW61ve1b root@centos7
EOF
chmod 600 /root/.ssh/authorized_keys
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
cat > /etc/yum.repos.d/test.repo << EOF
[base]
baseurl=http://192.168.33.130/centos/7/os/x86_64/
gpgcheck=0
EOF
%end

%packages
@^minimal
autofs
%end

安装包组位置,和找到最小化安装选项位置

[root@localhost repodata]# pwd
/misc/repodata
[root@localhost repodata]# cat 521f322f05f9802f2438d8bb7d97558c64ff3ff74c03322d77787ade9152d8bb-c7-x86_64-comps.xml |grep minimal
      <packagereq type="mandatory">vim-minimal</packagereq>
      <packagereq type="mandatory">kdeutils-minimal</packagereq>
    <description xml:lang="fr">Installation minimale d'hôte de virtualisation.</description>
    <description xml:lang="fr">Hôte de virtualisation minimal.</description>
    <id>minimal</id># 最小化安装
    <name xml:lang="fr">Installation minimale</name>
# 我们将把他放入kickstart文件中

改好后的格式

...
%packages
@^minimal
autofs
%end

检查格式是否正确工具

[root@centos7 ~]# ksvalidator ks7_mini.cfg

使用kickstart文件

将kickstart文件放入网络共享文件中

[root@centos7 ~]# cd /var/www/html/
[root@centos7 html]# ls
centos
[root@centos7 html]# mkdir ksdir
[root@centos7 html]# mv /r
root/ run/  
[root@centos7 html]# cp /root/ks7_mini.cfg ksdir/
[root@centos7 html]# ll ksdir/
total 4
-rw-r--r-- 1 root root 1726 Jun 11 23:03 ks7_mini.cfg

在这里插入图片描述

活动文件位置

http://192.168.33.130/ksdir/ks7_mini.cfg

准备新机器

在这里插入图片描述

成功！

没有IP怎么办,可以在内核中输入以下参数临时拥有一个IP

ip=IPADDR
netmask=MASK
gateway=GW
dns=DNS_SERVER_IP
ifname=NAME:MAC_ADDR

通过HTTP服务自动安装配置

httpd服务安装

配置/var/html/www文件

挂载光盘至文件下

设置开机自动挂载

制作引导光盘和U盘

PXE安装系统

cobbler企业级应用

DHCP 服务实现

网络配置

静态指定
动态获取
- bootp：MAC与IP——静态对应
- dhcp：增强的bootp，动态

你的机器启动时就分配IP不启动则收回IP

搭建DHCP服务

DHCP服务申请过程

八种通讯报文：

DHCP DISCOVER：客户端到服务器
DHCP OFFER ：服务器到客户端
DHCP REQUEST：客户端到服务器
DHCP ACK ：服务器到客户端
DHCP NAK：服务器到客户端,通知用户无法分配合适的IP地址
DHCP DECLINE ：客户端到服务器，指示地址已被使用
DHCP RELEASE：客户端到服务器，放弃网络地址和取消剩余的租约时间
DHCP INFORM：客户端到服务器, 客户端如果需要从DHCP服务器端获取更为详细的配置信息，则发送Inform报文向服务器进行请求，极少用到

DHCP配置

更改完配置后重启服务

systemctl restart dhcpd

将网卡设置为自动获取

[root@centos7 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp  #设置为dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=13cd8e7b-5fce-46f1-a2cb-f4ee2469df6f
DEVICE=ens33
ONBOOT=yes

DHCP实现自动分配IP

更改IP设置后重新启动NetworkManager服务

service NetworkManager restart
# 或者
service network restart

dhclient进程自动获取IP

ps aux |grep dhclient
# 检查dhclient有无自动获取

dhclient -d#前台运行
[root@localhost ~]# dhclient -d
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/pan0/fe:2c:7b:44:fe:57
Sending on   LPF/pan0/fe:2c:7b:44:fe:57
Listening on LPF/eth0/00:0c:29:e5:c3:0b
Sending on   LPF/eth0/00:0c:29:e5:c3:0b
Sending on   Socket/fallback
DHCPDISCOVER on pan0 to 255.255.255.255 port 67 interval 8 (xid=0x3a2b410d)
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x6b190a07)
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8 (xid=0x6b190a07)
DHCPOFFER from 192.168.33.254
DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x6b190a07)
DHCPACK from 192.168.33.254 (xid=0x6b190a07)
bound to 192.168.33.133 -- renewal in 894 seconds.
DHCPDISCOVER on pan0 to 255.255.255.255 port 67 interval 13 (xid=0x3a2b410d)

查看过期时间

[root@localhost ~]# cd /var/lib/dhclient/
[root@localhost dhclient]# ll -t
total 12
-rw-r--r--. 1 root root 1820 Jun 13 06:01 dhclient-d057cd84-199a-4096-8ea9-3296e687d3ad-eth0.lease
-rw-r--r--. 1 root root  455 Jun 13 05:59 dhclient.leases
-rw-r--r--. 1 root root  910 Jun 13 05:34 dhclient-eth0.leases

# dhclient.leases

[root@localhost dhclient]# cat dhclient.leases 
lease {
  interface "eth0";
  fixed-address 192.168.33.133;
  option subnet-mask 255.255.255.0;
  option routers 192.168.33.2;
  option dhcp-lease-time 1800;
  option dhcp-message-type 5;
  option domain-name-servers 192.168.33.2;
  option dhcp-server-identifier 192.168.33.254;
  option broadcast-address 192.168.33.255;
  option domain-name "localdomain";
  renew 6 2020/06/13 13:14:34;
  rebind 6 2020/06/13 13:25:53;
  expire 6 2020/06/13 13:29:38;
}
# 该时间为格林尼治时间
[root@localhost dhclient]# date
Sat Jun 13 06:05:07 PDT 2020
# 转化格林尼治时间
[root@localhost dhclient]# date -u
Sat Jun 13 13:05:12 UTC 2020


# 租期30min

实验：安装DHCP服务器

要求：

VMnet下的NAT网络关闭dhcp功能
不要用桥接模式

在这里插入图片描述

安装DHCP服务

安装包

yum install dhcp -y

dhcp文件列表

[root@centos7 ~]# rpm -ql dhcp
/etc/NetworkManager
/etc/NetworkManager/dispatcher.d
/etc/NetworkManager/dispatcher.d/12-dhcpd
/etc/dhcp/dhcpd.conf	# 配置文件
/etc/dhcp/dhcpd6.conf
/etc/dhcp/scripts
/etc/dhcp/scripts/README.scripts
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/usr/bin/omshell
/usr/lib/systemd/system/dhcpd.service	# 服务名
/usr/lib/systemd/system/dhcpd6.service
/usr/lib/systemd/system/dhcrelay.service
/usr/sbin/dhcpd	# 主程序
/usr/sbin/dhcrelay
/usr/share/doc/dhcp-4.2.5
/usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
/usr/share/doc/dhcp-4.2.5/dhcpd6.conf.example
/usr/share/doc/dhcp-4.2.5/ldap
/usr/share/doc/dhcp-4.2.5/ldap/README.ldap
/usr/share/doc/dhcp-4.2.5/ldap/dhcp.schema
/usr/share/doc/dhcp-4.2.5/ldap/dhcpd-conf-to-ldap
/usr/share/man/man1/omshell.1.gz
/usr/share/man/man5/dhcpd.conf.5.gz
/usr/share/man/man5/dhcpd.leases.5.gz
/usr/share/man/man8/dhcpd.8.gz
/usr/share/man/man8/dhcrelay.8.gz
/usr/share/systemtap/tapset/dhcpd.stp
/var/lib/dhcpd
/var/lib/dhcpd/dhcpd.leases
/var/lib/dhcpd/dhcpd6.leases

启动服务，发现问题

[root@centos7 ~]# systemctl start dhcpd
Job for dhcpd.service failed because the control process exited with error code. See "systemctl status dhcpd.service" and "journalctl -xe" for details.

查看错误提示

[root@centos7 ~]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2020-06-13 13:14:34 CST; 46s ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
  Process: 10293 ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid (code=exited, status=1/FAILURE)
 Main PID: 10293 (code=exited, status=1/FAILURE)

Jun 13 13:14:34 centos7 systemd[1]: Starting DHCPv4 Server Daemon...
Jun 13 13:14:34 centos7 dhcpd[10293]: Copyright 2004-2013 Internet Systems Consortium.
Jun 13 13:14:34 centos7 dhcpd[10293]: All rights reserved.
Jun 13 13:14:34 centos7 dhcpd[10293]: For info, please visit https://www.isc.org/softwa...cp/
Jun 13 13:14:34 centos7 dhcpd[10293]: Not searching LDAP since ldap-server, ldap-port a...ile
Jun 13 13:14:34 centos7 dhcpd[10293]: Wrote 0 leases to leases file.
Jun 13 13:14:34 centos7 systemd[1]: dhcpd.service: main process exited, code=exited, st...URE
Jun 13 13:14:34 centos7 systemd[1]: Failed to start DHCPv4 Server Daemon.
Jun 13 13:14:34 centos7 systemd[1]: Unit dhcpd.service entered failed state.
Jun 13 13:14:34 centos7 systemd[1]: dhcpd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.

查看配置文件/etc/dhcp/dhcpd.conf

[root@centos7 ~]# cat /etc/dhcp/dhcpd.conf 
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example 
#	文件中啥也没有，下一步查看范例
#   see dhcpd.conf(5) man page
#

查看范例

[root@centos7 ~]# vim /usr/share/doc/dhcp*/dhcpd.conf.example

# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#

# option definitions common to all supported networks...
option domain-name "example.org";
# 配置dns,百度DNS为：180.76.76.76
# option domain-name-servers ns1.example.org, ns2.example.org;
option domain-name-servers 114.114.114.114,180.76.76.76;
# 租期默认600秒，现改为1day：86400
default-lease-time 86400;
# 最大租期改为10day
max-lease-time 864000;

# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

# No service will be given on this subnet, but declaring it helps the 
# DHCP server to understand the network topology.
# 加入本台主机的网段192.168.33.0，该网段变成地址池
subnet 192.168.33.0 netmask 255.255.255.0 {
 range 192.168.33.33 192.168.33.99;
 option routers 192.168.33.1;
	
}

# This is a very basic subnet declaration.
# 需要制定地址范围,网关
subnet 10.254.239.0 netmask 255.255.255.224 {
  range 10.254.239.10 10.254.239.20;
  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}

# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.

subnet 10.254.239.32 netmask 255.255.255.224 {
  range dynamic-bootp 10.254.239.40 10.254.239.60;
  option broadcast-address 10.254.239.31;
  option routers rtr-239-32-1.example.org;
}

# A slightly different configuration for an internal subnet.
subnet 10.5.5.0 netmask 255.255.255.224 {
  range 10.5.5.26 10.5.5.30;
  option domain-name-servers ns1.internal.example.org;
  option domain-name "internal.example.org";
  option routers 10.5.5.1;
  option broadcast-address 10.5.5.31;
  default-lease-time 600;
  max-lease-time 7200;
}

# Hosts which require special configuration options can be listed in
# host statements.   If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.

host passacaglia {
  hardware ethernet 0:0:c0:5d:bd:95;
  filename "vmunix.passacaglia";
  server-name "toccata.fugue.com";
}

# Fixed IP addresses can also be specified for hosts.   These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
##############################################################
# 当MAC地址为08:00:07:26:c0:a5时，IP就固定设置为fantasia.fugue.com
##############################################################
host fantasia {
  hardware ethernet 08:00:07:26:c0:a5;
  fixed-address fantasia.fugue.com;
}

# You can declare a class of clients and then do address allocation
# based on that.   The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.

class "foo" {
  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}

shared-network 224-29 {
  subnet 10.17.224.0 netmask 255.255.255.0 {
    option routers rtr-224.example.org;
  }
  subnet 10.0.29.0 netmask 255.255.255.0 {
    option routers rtr-29.example.org;
  }
  pool {
    allow members of "foo";
    range 10.17.224.10 10.17.224.250;
  }
  pool {
    deny members of "foo";
    range 10.0.29.10 10.0.29.230;
  }
}

直接先拷贝过来作为dhcp的配置文件

[root@centos7 ~]# cp /usr/share/doc/dhcp*/dhcpd.conf.example /etc/dhcp/dhcpd.conf 
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y

重新启动

[root@centos7 ~]# systemctl start dhcpd
# 成功

虽然启动成功，但还需要配置哪些地址是可以分配的以及其他信息

[root@centos7 ~]# ss -ntlup
Netid State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
...
udp   UNCONN     0      0                *:67                           *:*                   users:(("dhcpd",pid=10688,fd=7))

:67是dhcp服务器的端口号，:68是dhcp客户端的端口号

配置好后，在centos6中重启网络服务

[root@localhost Desktop]# service NetworkManager restart
Stopping NetworkManager daemon:                            [  OK  ]
Setting network parameters...                              [  OK  ]
Starting NetworkManager daemon:                            [  OK  ]
[root@localhost Desktop]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:e5:c3:0b brd ff:ff:ff:ff:ff:ff
    inet 192.168.33.50/24 brd 192.168.33.255 scope global eth0
    inet6 fe80::20c:29ff:fee5:c30b/64 scope link 
       valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether fe:2c:7b:44:fe:57 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc2c:7bff:fe44:fe57/64 scope link 
       valid_lft forever preferred_lft forever
# 获取地址成功


#######################
# 检查网关是否拿到
[root@localhost Desktop]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.33.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
0.0.0.0         192.168.33.1    0.0.0.0         UG    0      0        0 eth0
#######################
# 检查DNS
[root@localhost Desktop]# cat /etc/resolv.conf 
# Generated by NetworkManager
domain example.org
search example.org
nameserver 180.76.76.76
nameserver 114.114.114.114
#########################
# 查看租期
[root@l