更多内容请点击:

Linux学习从入门到打死也不放弃,完全笔记整理(持续更新,求收藏,求点赞~~~~) 

https://blog.51cto.com/13683480/2095439


第19章,运维自动化之系统安装

 

本章内容:

               系统安装过程

               配置anaconda

               自动化安装系统

               制作引导光盘和U盘

               DHCP服务

               PXE安装系统

               cobbler企业级应用

 

运维自动化发展历程及技术应用:

               全人工阶段----> 工具化阶段----> 平台化阶段----> 自驱动阶段

               无流程规范----> 制定规范----> 完善规范----> 流程驱动

               人----> 工具---->  平台----> 制度

               

anaconda:系统安装程序

               gui :     图形窗口

               tui   :    基于图形库curses的文本窗口

               

安装程序启动过程:

               启动盘主要文件目录:isolinux

               MBR:     isolinux/boot.cat

               stage2:     isolinux/isolinux.bin

               配置文件:isolinux/isolinux.cfg

                             每个对应的菜单选项:

                                           内核:isolinux/vmlinuz

                                           向内核传递参数:append  initd=initrd.img...

               装载根文件系统,并启动anaconda

                     默认启动GUI接口

                     若是显示指定使用TUI接口,向内核传递text参数即可

                                   按tab键,在后面增加text

                                   按esc键,boot:linux  text

               

anaconda工作过程:

                      anaconda安装系统分为三个阶段:

                     安装前配置阶段:

                                    安装过程使用的语言

                                    键盘类型

                                    安装目标存储设备

                                                  Basic Storage:本地磁盘

                                                  特殊设备:iSCSI

                                    设备主机名

                                    配置网路接口

                                    时区

                                    管理员密码

                                    设定分区方式及MBR的安装位置

                                    创建一个普通用户

                                    选定要安装的程序包

                    

                     安装阶段:

                                    在目标磁盘创建分区,执行格式化操作等      

                                    (分区完成后会写入bootloader,系统无法从光盘启动,

                                           后面安装grub会不会覆盖次bootloader,未知。)

                                    将选定的程序包安装至目标位置

                                    安装bootloader和initramfs

                     图形模式首次启动:

                                    iptables

                                    selinux

                                   cor  dump

                             

系统安装过程:-------------------------------------------------------------------------

               启动安装过程一般应位于引导设备;后续的anaconda及其安装用到的程序包等可来自下面几种方式:

                            本地光盘

                            本地硬盘

                             NFS

                             URL

                            ftp server  :yum repository

                            http server     :yum  repostory

                             

               如果想手动指定安装源:

                            boot:linux askmethod

                             

               anaconda的配置方式:

                            1     交互式配置方式

                            2     通过读取事先给定的配置文件自动完成配置

                                                  按特定语法给出的配置选项

                                                  kickstart文件

               

               安装boot引到选项:boot:

                            默认gui图形界面,使用boot:linux text   进入字符界面安装

                             askmethod:手动指定使用的安装方法

                             与网络相关的引导选项

                                           ip=IPADDR

                                           netmask=MASK

                                           geteway=GW

                                           dns=DNS_SERVER_IP

                                           ifname=NAME:MAC_ADDR

                             与远程访问功能相关的引导选项:

                                           vnc

                                           vncpassword='PASSWORD'

                                           (暂不知如何实现)

               

               指明kickstart文件的位置:ks=

                            DVD drive:  ks=cdrom:/PATH/TO/KICKSTART_FILE

                            Hard drive:  ks=hd:device:/directory/KICKSTART_FILE

                            HTTP server:  ks=http://host:port/path/to/KICKSTART_FILE

                            FTP server:  ks=ftp://host:port/path/to/KICKSTART_FILE

                            HTTPS server:  ks=https://host:port/path/to/KICKSTART_FILE

                            NFS  server:ks=nfs:host:/path/to/KICKSTART_FILE

               

               启动经济救援模式:

                             rescue

                             

               官方文档:《Installation Guide》

                     远程安装yum源地址格式 有变化

                     Centos6  

                                   DVD drive  repo=cdrom:device

                                   Hard Drive  repo=hd:device/path

                                   HTTP Server  repo=http://host/path

                                   HTTPS Server  repo=https://host/path

                                   FTP Server  repo=ftp://username:password@ host/path

                                   NFS Server  repo=nfs:server:/path

                                   ISO  images  on an NFS

                                    Server

                                    repo=nfsiso:server:/path

 

                                    ip=192.168.1.10 netmask= 255.255.255.0 gateway=  192.168.1.1

                                   dns=  192.168.1.3 ksdevi ce= eth0 i fname= pri mary:01:23:4  5:67:89:ab

 

                      Centos7

                                   Any CD/DVD  drive inst.repo=cdrom

                                   Specific  CD/DVD

                                    drive

                                    inst.repo=cdrom:device

                                   Hard Drive  inst.repo=hd:device:/path

                                   HTTP Server  inst.repo=http://host/path

                                   HTTPS Server  inst.repo=https://host/path

                                   FTP Server  inst.repo=ftp://username:password@ host/path

                                   NFS Server  inst.repo=nfs:[options:]server:/path

 

kickstart:

               通过固定格式的文件保存系统安装时的各种选项

               在系统安装时使用ks=         来导入选项,做到自动化安装

               

               文件创建方式:

                            1     手动编辑

                            2     复制已有的*.ks.cfg,通过修改得到如:  /root/anaconda-ks.cfg

                            3     使用system-config-kickstart 生成

                                    需图形界面操作

               检查ks文件的语法错误:

                            ksvalidator  /path/ksfile

               格式:

                            命令段:        指明各种安装前配置,如键盘类型等

                            程序包段:     指明要安装的程序包组或程序包,不安装的程序包等

                                           %package

                                           @group_name

                                           package

                                           -package

                                           %end

                            脚本段:

                                           %pre

                                                         安装前脚本

                                           %end

                                           

                                           %post

                                                         安装后脚本

                                           %end

                                           

系统光盘中isolinux目录列表

                     boot.cat               启动过程mbr

                     isolinux.bin    启动过程中使用的grub

                     isolinux.cfg     isolinux.bin的配置文件,当光盘启动后(即运行ixolinux.bin)

                                                  会自动去找iso.isolinux.cfg

                     vesamenu.c32       光盘启动后的安装图形界面,也属于syslinux项目,menu.c32 版本是纯文本菜单

                     memtest               内存检测,这是一个独立的程序

                     splash.jpg:            光盘启动界面的背景图

                     vmlinuz                内核映像

                     initrd.img             ramfs      ()

 

 

 

 

 

实验1: 使用光盘引到,正常安装以及使用text选项进入字符界面安装   

               注意:

                     一旦分区完成,bootloader将随分区表写入磁盘(grub第二阶段没装),此时退出安装会从硬盘启动,无法开机

                      使用字符界面,无法手动分区,默认只有三个选项

                            1     replace existing linux  systems

                            2     use all space

                            3     use free space

                             

实验2: 光盘启动,远程安装,使用本地教学环境yum源

               光盘菜单项按esc

                            centos6 boot:linux  repo=http://172.20.0.1/centos/6

                            centos7          boot:linux  inst.repo=http://172.20.0.1/centos/7

               使用askmethod 选项配置网络后使用yum源安装

                    

实验3      使用kickstart 生成ks文件使用yum源安装

               boot:linux ks=http://172.20.110.182/ks6_mini.cfg

               boot:linux ks=http://172.20.110.182/ks7.mini.cfg

               

 

实验4      制作启动光盘,使用网络yum源安装

               步骤:     复制isolinux目录

                            修改isolinux.cfg文件

                            生成ks文件,放入制作目录

                            刻录iso文件

               centos6

                     使用system-config-kickstart 生成ks文件ks6_mini.cfg

                                    安装源http://172.20.0.1/centos/6

                     mkdir  /data/stcentos6

                     cp /misc/cd/isolinux/  /data/stcentos6/

                     mkdir  /data/stcentos/ksdir

                     cp /root/ks6_mini.cfg  /data/stcentos6/ksdir

                     vim  /data/stcentos/isolinux/isolinux.cfg

                                    适当修改标签项

                                    ks=cdrom:/ksdir/ks6_mini.cfg

                    

                     制作iso文件,此为一条命令,删除换行

                     mkisofs -R -J -T -v  --no-emul-boot --boot-load-size 4

                            --boot-info-table -V  "CentOS 6.9 x86_64 boot" -b isolinux/isolinux.bin

                            -c isolinux/boot.cat  -o /root/stcentos6.iso /data/stcentos6/           

                     生成的iso文件 stcentos.iso 即可启动安装系统

               

               centos7

                     ****

                     ****

                    

               

mkisofs -R -J -T -v --no-emul-boot  --boot-load-size 4 --boot-info-table -V "CentOS 6.9 x86_64 boot" -b  isolinux/isolinux.bin -c isolinux/boot.cat -o /root/stcentos7.iso  /data/stcentos7/                

                    

实验5      制作自动安装光盘

               复制光盘内容到目录/data/centos6

                             centos6.9,由于有两张光盘,所以需要分别复制

                            mount /dev/sr0  /mnt

                            cp /mnt  /data/centos6

                            umount /mnt      

                            更换光盘

                            mount /dev/sr0  /mnt

                            cp  /mnt/Packages/*      /data/centos6/Packages/

               生成repodata,先删除repeodata下除.xml之外的所有文件

                            cd  /data/centos6/repodata

                            cp  43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml  ..

                            rm -f  *

                            mv ../43d8f*  .

                            cd  ..

               使用命令生成repodata

                            createrepo -g  repodata/43d8fd068164b0f042845474d6a22262798b9f0d1f49ad1bf9f95b953089777d-c6-x86_64-comps.xml

               删除.TBL文件

                            find -name TRANS.TBL  -exec rm {} \;

               修改菜单文件        

                            vim  /data/centos6/isolinux/isolinux.cfg

                                           适当修改选项:

                                           ks=cdrom:/ksdir/ks6_mini.cfg

               生成、复制、修改kickstart文件

                            cp  /root/ks6_mini.cfg /data/centos/ksdir/

                            vim  /data/centos/ksdir/ks6_mini.cfg

                                           路径修改为

                                           cdrom

               刻录/data/centos6成.iso文件

               mkisofs -R -J -T -v --no-emul-boot --boot-load-size 4 --boot-info-table  -V "CentOS 6.9 x86_64 boot" -b isolinux/isolinux.bin -c isolinux/boot.cat -o  /root/stcentos7.iso /data/stcentos7/

                    

               使用生成的iso文件启动虚拟机,并自动化最小安装

 

mkisofs:

               mkisofs [options] /dir|file

               刻录文件或目录为iso文件

               选项:     -o                  指定映像文件的名称

                            -b                  指定在制作可开机光盘时所需的开机映像文件

                            -c                 制作可开机光盘时,会将开机映像文件中的no-eltorito-catalog

                                                  全部内容做成一个文件

                            -no-emul-boot           非模拟模式启动

                            -boot-load-size  4 设置载入部分的的数量

                            -boot-info-table  在启动的图像中显示信息

                            -R | -cock                    使用Rock RidgeExtensions

                            -J | -joliet              使用Joliet格式的目录与文件名称

                            -v | -verbose        执行时显示详细的信息

                            -T |  -translation-lable 建立文件名的转换表,适用于不支持Rock  RidgeExtensions

 

 

将iso文件, 写入硬盘或者u盘-,实测可以启动,但是不能安装

                     原因是ks文件使用cdrom:/ 无法找到

                     yum install  syslinux

                     isohybrid stcentos6.iso  

                     dd if=stcentos6.iso       of=/dev/sdb               

 

                    

DHCP: ------------------------------------------------------------------------

               dhcp:

                            Dynamic Host  Configuration Protocol

                            动态主机配置协议

                            局域网协议,使用udp协议

               主要用途:

                             用于内部网路和网络服务供应商自动分配ip地址给用户

                             用于内部网络管理员作为对所有电脑集中管理的手段

        

               DHCP共有八种报文:

                            DHCP DISCOVER  客户端广播到服务器,请求ip地址

                            DHCP OFFER        服务器单播给客户端,提供ip地址

                            DHCP REQUEST    客户端再次广播,表明已经接受ip

                            DHCP ACK            服务器单播,表示确认客户端已经接受ip 合约建立

                            DHCP NAK           服务器到客户端,通知用户无法分配合适的ip地址

                            DHCP DECLINE     客户端到服务器,指示地址已被使用

                            DHCP RELEASE     客户端到服务器,放弃网络地址和取消剩余的租约时间

                            DHCP INFORM            客户端到服务器,获取更为详细的配置信息,极少用到

                             

               租约:

                            50%时间:     租约时间到达50%来续租,向DHCP服务器发送新的DHCP REQUEST请求

                                                  如果dhcp服务没有拒绝的理由,则会用DHCP  ACK信息。当DHCP客户端

                                                  收到该应答信息后,就重新开始新的租用周期

                            87.5%:          如果之前的DHCP server没有回应续租请求,等到租期的7/8时,主机会再

                                                  发送一次广播请求

               

               同网段多dhcp服务: 

                             dhcp服务必须基于本地

                            先到先得的原则

               

               相关协议:

                            arp,rarp

               

               跨网段:

                            RFC 1542 Compliant  Routers             允许dhcp广播通过的route

                            使用中继代理

 

DHCP实现:

               Linux DHCP协议的实现程序:dhcp,dnsmasq(dhcp,dns  轻量级)

               DHCP Server:

                            主程序     /usr/sbin/dhcpd

                            代理服务器程序:/usr/sbin/dhcrelay

                            主配置文件 /etc/dhcp/dhcpd.conf

                            端口:    server 67  udp

                                          client  68 udp

                                          dhcp6  client 546 udp

                                           

               DHCP client:

                            命令:    dhclient 获取dhcp服务

                            /var/lib/dhclient    查看获取的ip信息

                             

DHCP 配置文件:

               /etc/dhcp/dhcpd.conf   默认为空文件,需要复制模板文件覆盖即可

                            全局配置:

                            option domain-name  "example.com";               域名后缀

                            option  domain-name-server IP1,IP2;         DNS配置

                            default-lease-time  86400;                      默认租期

                            max-lease-time  864000;                                   最大租期

                            subnet 192.168.65.0  netmask 255.255.255.0 {

                                          range  192.168.65.10 192.168.65.100;          地址范围

                                          option  routers 192.168.65.1;                   网关

                                           此处也可以单独配置options;

                                           

                                           filename pxelinux.0;

                                          next-server    192.168.65.128;

                                           这两项用于配置pxe自动安装系统

                             }

               地址分配记录:

                             /var/lib/dhcpd/dhcpd.leases

                             

tftp:

               服务器实现软件:        tftp-server

               服务器根文件路径:     /var/lib/tftpboot

               

                             

使用pxe实现自动安装:--------------------------------------------------------------

               

               使用的服务:dhcp,tftp,http(或者ftp)

               实现过程:

                     1     需要安装的主机和dhcp服务同一物理网段内,启动项选择网络服务

                     2     主机与DHCP服务器完成通信,地址分配       UDP

                     3     主机通过DHCP服务filiename和next-server 这一指向连接tftp服务器    UDP

                     4     通过tftp服务器获取pxelinux.0 文件并执行

                     5     从tftp服务器上获取内核,initrd 文件,配置文件 UDP

                     6     通过读取tftp服务器上的配置文件,找到存放在http或者ftp服务器上的yum

                            安装源,以及ks文件。完成系统安装      TCP

                     7     yum源与ks记录文件可以位于不同的服务器,也可以位于同一服务器

                    

 

实验6: 以centos6作为服务器,实现pxe自动安装centos6

               0     关闭selinux iptables   本机ip:192.168.65.128

               1     准备工作,

                            安装服务包:

                                          yum  install httpd tftp-server dhcp syslinux

                             如是生产环境长期使用,可以设置开机自启:

                                           chkconfig httpd dhcp xinetd on

               

               2     配置yum源:

                            使用http提供yum服务,先创建目录

                                          mkdir  -pv /var/www/html/centos/{6,7}

                             这里使用挂载光盘的方式提供yum源,生产环境需复制光盘内容到目录

                                          mount  /dev/sr0 /var/www/html/centos/6

                            创建kickstart文件,依然放在http服务目录下

                                          mkdir  /var/www/html/ksdir

                                          cp  /root/ks6_mini.cfg   /var/www/html/ksdir/

                            适当修改ks文件

                                          vim  /var/www/html/ksdir/ks6_mini.cfg

                                           注意 url  --url=http://192.168.65.128/centos/6

                            开启httpd

                            注意:kickstart文件权限

                             

               3     配置dhcp服务

                            修改配置文件:

                                          cp  /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf           

                                          vim  /etc/dhcp/dhcpd.conf

                                                  subnet 192.168.65.0 netmask 255.255.255.0 {

                                                         range 192.168.65.10 192.168.65.100;

                                                         filename "pxelinux.0";

                                                         next-server 192.168.65.128

                                                  }

                            启动dhcpd服务

                                           dhcpd

 

               4     配置tftp-server服务:

                            开启服务,由于tftp-server为非独立服务,受xinetd服务监管

                                          rpm  -ql tftp-server

                                           vim   /etc/xinetd.d/tftp

                                                         将disable 项改成no

                                           重启xinetd服务

                                           service xinetd restart

                            复制所需文件:

                                          cd  /var/lib/tftpboot/

                                          cp  /cd/isolinux/vmlinuz /cd/isolinux/initrd.img .

                                           updatedb

                                          locate  pxelinux.0

                                          cp  /usr/share/syslinux/pxelinux.0 .

                                          locate  menu.c32           简单菜单项文件

                                          cp  /usr/share/syslinux/menu.c32 .

                                          cp  /cd/isolinux/isolinux.cfg pxelinux.cfg/default

                            tree一下:

                                           [root@centos6 /var/lib/tftpboot]$tree

                                           .

                                          ├──  initrd.img

                                          ├──  menu.c32

                                          ├──  pxelinux.0

                                          ├──  pxelinux.cfg

                                          │    └── default

                                          └──  vmlinuz

                            编辑启动菜单:

                                           vim   pxelinux.cfg/default

                                           注意,ks=http://192.168.65.128/ksdir/ks6_mini.cfg

                                           使用wq!保存

               

               5     测试安装

                            先使用ss -tanul 查看67 69 80 端口是否已开启

                             使用一台新的虚拟机,开机即可进入选项,测试安装

                             

 

实验7: 以centos7,为服务器,同时提供centos6 和centos7

               0     关闭selinux,iptables 本机ip:192.168.65.132

               1     安装服务所需程序包

                            yum install httpd  tftp-server dhcp syslinux

               

               2     配置http服务,提供yum源和ks源

                             与之前有些不同,需要挂两张光盘

                                    [root@localhost /var/www/html]#tree -L 2

                                    .

                                   ├──  centos

                                   │   ├──  6

                                   │   └──  7

                                   └──  ksdir

                                          ├──  ks6_mini.cfg

                                          └──  ks7_mini.cfg

 

                                   4  directories, 2 files

               

               3     配置dhcp 方法相同

               

               4     配置tftp-server服务,有些不同

                                    [root@localhost /var/lib/tftpboot]#tree

                                           .

                                          ├──  boot.msg

                                          ├──  centos6

                                          │    ├── initrd.img

                                          │    └── vmlinuz

                                          ├──  centos7

                                          │    ├── initrd.img

                                          │    └── vmlinuz

                                          ├──  pxelinux.0

                                          ├──  pxelinux.cfg

                                          │    └── default

                                          ├──  splash.png

                                          └──  vesamenu.c32

 

                                          3  directories, 9 files

                     由于使用了vesamenu.c32菜单,所以需要多准备boot.msg splash.png  这两个文件

                     centos6 和centos7两个目录下为各自安装须有的vmlinuz 和initrd文件

                     需要在编辑菜单选项时写入路径

                    

               5     开启服务,并测试安装

                            需要注意centos7系统开启tftp-server的方式为

                                           systemctl start tftp.socket

                     同样使用ss -tanul 查看端口是否开启

                     新建虚拟机测试安装

 

 

cobbler:------------------------------------------------------------------------

               快速网络安装linux操作系统的服务,支持众多的linux发行版:redhat、fedora、

               centos debian、ubuntu和suse,也可以支持网络安装,windows

               PXE的二次封装,将多种安装参数封装到一个菜单

               python编写

               提供了cli 和web的管理形式

               服务集成:pxe,dhcp,rsync,http,dns,kickstart,ipmi电源管理

               

               安装:epel源

                            yum install cobbler  dhcp

 

               配置文件目录:/etc/cobbler

                             /etc/cobbler/settings            cobbler主配置文件

                             /etc/cobbler/iso                    iso模板配置文件

                             /etc/cobbler/pxe                   pxe模板文件

                             /etc/cobbler/power                     电源配置文件

                             /etc/cobbler/user.conf          web服务授权配置文件

                             /etc/cobbler/users.digest      访问的用户名密码配置文件

                             /etc/cobbler/dhcp.template   dhcp服务器的配置模板

                             /etc/cobbler/dnsmasq.template   dns服务的配置模板

                             /etc/cobbler/tftpd.template          tftp服务的配置模板

                             /etc/cobbler/modules.conf           模板的配置文件

               

               cobbler 目录介绍

               数据目录:

                             /var/lib/cobbler/config         用于存放distros,system,profile等信息配置文件

                             /var/lib/cobbler/triggers       用于存放用户定义的cobbler命令

                             /var/lib/cobbler/kickstart      默认存放kickstart文件

                             /var/lib/cobbler/loaders        存放各种引导程序

               镜像目录:

                             /var/www/cobbler/ks_mirror       导入的发行版系统的所有数据

                             /var/www/cobbler/images           导入发行版的kernel和initrd镜像用于远程网络启动

                             /var/www/cobbler/repo_mirrow yum  存储目录

               日志目录

                             /var/log/cobbler/installing           客户端安装日志

                             /var/log/cobbler/cobbler.log      cobbler日志

                             

               cobbler 命令介绍:

                            cobbler check       核对当前设置是否有问题

                            clbbler list            列出所有的cobbler元素

                            cobbler report              列出元素的详细信息

                            clbbler sync          同步配置到数据目录,更改配置最好都要执行下

                            cobbler  reposync  同步yum仓库

                            cobbler   distro             查看导入的发型版系统信息

                            clbbler system             查看添加的系统信息

                            cobbler profile             查看配置信息,安装菜单

                             

               /etc/cobbler/settings 中的重要参数设置

                             defarlt_password_crypted "---"   使用openssl password -1 生成

                            manage_dhcp       :1      默认为0 需要修改

                             manage——tftpd:1

                             pxe_just_once:1

                            next-server:  tftp服务器的IP地址

                            server:cobbler服务器的IP地址

                             

实验8:cobbler配置实现:

               centos7.5主机

               1     安装前准备,关闭selinux 关闭iptables

               

               2     安装服务:

                            yum install cobbler  dhcp

                            systemctl enable  cobblerd httpd dhcpd tftp rsyncd

                            systemctl start  cobblerd httpd tftp rsyncd

               

               3     执行cobbler check       务必确认httpd tftp rsyncd 保持开启状态

                     按照提示完成操作,大概包括

                            修改/etc/cobbler/settings 文件

                                           server:

                                           next_server:

                                           default_password_

                                           manage_dhcp:1

                    

                            执行cobbler get-loaders获取文件

                            执行cobbler sync 同步文件

                    

               4     修改dhcp配置文件:  /etc/cobbler/dhcp.template

                     主要修改

                                   subnet  192.168.65.0 netmast 255.255.255.0 {

                                          range  dynamic-bootp  192.168.65.100  192.168.65.254;

                                           

                                    }

                      执行cobbler sync同步(自动重启dhcpd)   

                    

               5     导入镜像文件:

                            cobbler import  --name=NAME --path=/PATH --arch=ARCH

                             

                             查看、删除导入镜像:

                                   cobbler  distro list|remove

                            查看菜单选项:

                                   cobbler  profile list|remove

                             注意如有需要删除,先删除profile在删除distro

                      默认情况下导入镜像会自动生成一个默认的菜单项,系统自动配置的,一般直接删除

               

               6     导入菜单:

                            cobbler profile add  --name=NAME --distro=DISTRO  --kickstarts=/etc/cobbler/kickstarts/ks*.cfg

                             

                     可以查看导入菜单profile的详细信息

                            cobbler profile  report --name=centos6.9-mini-x86_64

               

               7     如没有问题,使用ss -tanul 查看各服务端口是否正常开启

                     新建虚拟机,测试安装

        

 

cobbler 的web管理实现

               cobbler-web         提供cobbler基于web管理界面,epel源

                            yum install  cobbler-web

               

               管理界面登录地址:

                             https://HOST/cobber_web

               

               认证方式配置文件:/etc/cobbler/moduses.conf

               常用认证方式有两种:

               1.     module =  authn——configfile           默认

                             账号密码存放地址:/etc/cobbler/users.digest

                            使用命令:

                                           htdigest -c /etc/cobbler/users.digest Cobbler user1

                                           PASSWORD

                                           PASSWORD

                            添加管理员账号,Cobbler指明为账号服务类型

                     注意:    默认使用好听digest -c 会覆盖原有内容,所有如需添加多个账号,

                                    需使用临时文件,如:

                                   htdigest -c  /etc/cobbler/uses.digest1 Cobbler user2

                                   cat  /etc/cobbler/users.digest >>  /etc/cobbler/users.digest

                    

                    

               2     module =  authn_pam

                            配置文件地址:/etc/cobbler/users.conf

                            首先添加一个linux账号,然后将配置文件中

                                          admin  = "" 这一项改成此账号名即可

                             多个账号的情况,增加多行

                                          admin  = ""    


笔记整理完成时间:2018年5月27日21:49:11