Shulou(Shulou.com)06/02 Report--

System deployment cobbler for Operation and maintenance Automation

The so-called scheduler when the user visits are particularly large, our single server can no longer provide sufficient service capacity, and the performance is not up to the requirements. At this time, we will buy several more servers, but when users go to visit, they do not know which server to visit, so it is necessary to have a front-end scheduler to assign users to access that server. These servers are grouped when the enterprise is serving the outside world. There is a general scheduler on the outside and there are layers of scheduling in the molecular scheduler, of course, in order to add access, we usually can't do without caching.

Anaconda tui installer

Text analysis in the process of installation startup

The reason why the CD can be booted is that these two files (isolinux/boot.cat) (isolinux/isolinux.bin) also have boot function.

When the installation CD starts, the CD boot has a menu that allows the user to install normally or enter rescue mode. Menu profile: isolinux/isolinux.cfg

Each corresponding menu option:

Load kernel: isolinuz/vmlinuz

Pass parameters to the kernel: append initrd=initrd.img...

So when the CD is booted, it actually loads a small linux CD. The reason why it can boot up is to start an installation wizard because it also starts its own kernel and starts initrd.img. Some files like this have the same meaning as operating system startup. However, his boot goal is not to start an operating system but to load an installation wizard. But the installation wizard is a piece of software that runs on the operating system, so you have to load the linux kernel before you load it. You can add some different kernel parameters later.

Menu label ^ Install or upgrade an existing system this is the installation wizard

Kernel vmlinuz this is the kernel file that needs to be loaded.

Append initrd=initrd.img this is the kernel parameter that needs to be followed by the kernel

The essential difference between the first menu and the third menu rescue mode is the kernel parameter rescue.

The isolinux/isolinux.cfg file is the startup menu.

When installing linux, it is supported to install based on other methods in addition to CD-ROM installation.

Multiple ways to enter the rescue mode: the following figure

Enter an askmethod to manually select the installation method

Then type OK and he will go to this address of the network to look for the installation package, but this depends on the pre-built network sharing.

Mount the root file system and start anaconda

Start the GUI interface by default

If you explicitly specify to use the TUI interface: pass the text parameter to the kernel

(1) Press the tab key and add text after it

(2) Press the ESC key: boot: linux text

Enter the character installation process

Anaconde manual installation system phase

In the process of installation, manual installation of a system needs to provide those items, in the future automatic installation must give him a designated number of those items, otherwise it will stop there, not even without one, so it is necessary to prepare the items that should be set up for him at all.

The items that must be specified during installation:

1. The language should be specified

2. Keyboard layout should be specified.

3. Select the hard disk to specify (initialize the hard disk)

4. Specify the hostname

5. the setting of the network card needs to be set to obtain automatically and enable the network card.

6. Select the time zone to remove the time zone synchronization of UTC

7. Enter the root password

8. The partition is divided by default, which automatically divides the logical volume.

9. Choose to minimize installation

In order to realize the automatic installation, you must tell the above information to the installation wizard. How to tell the above information to the installation wizard, the way is to write an answer file, and this answer file is to write to him the various settings during the installation and tell the installation wizard what options to use in order to automate the installation. But although this answer file is a text file, it has a request.

Format requirements for Cnetos7 (6) answer files

The generated answer file centos6 and centos7 are not common, and the format of the answer file on 7 is different from that of 6.

There are two ways to generate an answer file, and another method is that when you install the operating system, the system will generate an answer file that will be set up for your entire operation during installation. The answer file will be placed in the home directory of your root account and named anconda-ks.cfg. In fact, this file is the standard format of kickstart. This file contains some of the settings that were made when the system was installed. The anaconda file is a kickstart file that can already be used, but the format of this configuration file is complex, so we usually use the Xmanager method.

Centos7 minimizes the method of installing Xmanager to make ks response file (to realize automatic installation of linux)

System-config-kickstart is generated through a tool, but this tool is not installed by default, and it has a lot of dependent packages, so it is necessary to install this tool.

An answer file can be made through such a graphical menu.

The pre-installation script is to run a script to do the initialization before the installation is initialized (left empty by default)

The script after installation is a script that runs automatically after the operating system is installed.

At this time, the answer file has been generated, a better way to put the answer file on the Internet. Or build your own http server.

Of course, you can't leave the CD now, but when you re-enter, type in the answer file and forget it. What we are doing now is the answer file of 7, and the answer file of 7 must be sure to be used on 7. Moreover, if there is a problem with the format of the answer file in 7, it will cause the answer file to be unavailable, but enter the ksvalidator command and the answer file, which will automatically check the script syntax.

Invocation of answer file

But at this time, the new machine does not have an ip address, so he will go to two places to get ip.

1. If he joins the http service, he will go back to the http service to get the ip.

2. If not, you need to assign the address manually.

Then put the answer file written by yourself

If there is no httpd service, it will be stuck there to manually add the httpd service. After adding it, enter the car and let him install it himself.

Automatic installation of U disk linux makes U disk replace CD to realize automatic installation

Automatic installation steps of Centos7 minimization (mini) answer file on USB disk

Of course, after writing this, you can also write multiple menus to start a variety of linux system services, including (centos6 ubantu).

But the kernel versions of 6 and 7 are different, and if you want to implement 6 and 7 in the same menu, you have to copy two kernels. So you have to create different operating system kernels in this configuration file.

Automatic installation of 6 and 7 in a configuration file at the same time

Go to the / data/myiso/isolinux directory

Of course, you can't copy it with the same name, so you have to create a separate folder to store two different kernels and other configuration files.

But since 6 does not have an answer file, you need to create an answer file for 6 now

Because the http service page won't open if you don't change it. So permission attributes are important.

Modify centso6's vim/var/www/html/ksdir ks6_desktop.cfg answer file: ↓↓

After modification, go to the configuration file vim / data/myiso/isolinux/isolinux.cfg to add the boot menu.

Now that the configuration files are done, you are ready to carve the whole directory into a flash drive. So now we need to make an iso file first.

This string of commands can carve the entire directory into an iso file: ↓↓

Mkisofs-R-J-T-v-no-emul-boot-- boot-load-size 4-- boot-info-table-V "CentOS boot"-b isolinux/isolinux.bin-c isolinux/boot.cat-o / root/boot.iso / data/myiso/

Then carve the boot.iso file into a USB drive.

+

After you have finished, try to see if the U disk can start normally. First, shut down the virtual machine that made the U disk, and then unplug the U disk.

Looking for a new virtual machine to plug in a new hard drive.

Press F10 to exit saving at the same time

DHCP service

DHCP logic

On the DHCP server, DHCP only allocates an address segment, and when a host gets the ip of this address segment, there is a usage time lease of 1 day. When the host is no longer in use and shuts down, and then the day is up and the lease expires, the address used by the host will be recycled immediately. After recycling, this address can be used by others again. All virtually realized to use less ip for more computers to use.

DHCP working process

The working process of DHCP is based on UDP protocol. In UDP protocol, the server takes port 67 and the client takes port 68.

If you want to use DHCP to get the address, make sure that the firewall opens port 67j68. Of course, we have turned off the firewall now, so don't forget to open port 67pc68 when you join. The working process of DHCP involves eight messages.

DHCP message

First of all, the user will send a DISCOVER message to the network before he gets the address. This DISCOVER message declares that I do not have a network address now. Who is the DHCP server in the network? The DISCOVER message is based on the broadcast mechanism, so many machines on the network have received the request. After receiving the request, the server sees that you need IP. I happen to have a DHCP server, so I will find my own IP address that no one uses and give it to the user. This stage is called OFFER. After it is assigned to the user, when the client receives this address, it may not necessarily choose this address because there may be multiple servers in the network. He will choose a response to the server, I choose whose server to give me the address, naturally others do not want my address, in the future DHCP will be able to recycle the unwanted address. Assigned to other computers. If the server looks at the user and asks for his own address. Finally, it is necessary to confirm that this stage is the ACKNOWLEDGE stage. After these four procedures, the client gets the address from the server. These are the four processes that we usually see, and these four processes are relatively normal.

Of course, there may also be other special messages for DHCP, such as NAK,DECLINE,RELEASE,INFORM and so on. NAK: the server sent a client saying that I don't have a suitable address for you. Do you want to apply for an address or not?

DECLINE: the client gives it to the server, saying that DHCP the address you gave me turns out to be occupied by someone on the network. For example, someone statically configures this address. It conflicts with the address I got.

RELEASE (release): the client sent a request to the server. I don't want the address you gave me. I want to give up this address.

INFORM: sent by the client to the server. Say that the client I want to get more detailed information.

When the renewal of IP address DHCP renewal IP lease term reaches 50%, the DHCP client will request to renew the IP address lease when the IP lease term reaches 87.5%, but has not received a response from the server, and will apply for re-binding IP. When the lease term is not specified when the IP address is assigned, the default is one day.

IP address release

​ IP address release

If the IP address lease expires and does not receive the corresponding server, the client stops using this IP address

If the DHCP client is no longer using the assigned IP address, it can also actively send DHCP to the DHCP server

Renew time is valid time: this time is the lease term. The lease term determines when the address will expire. Normally, if the address is not renewed to renew, it will expire after obtaining the address.

Expire is the expiration time: this time is not Beijing time, it is UTC time, which means that the current time should be converted into UTC time and calculated with them.

These are all broadcasts.

How to build DHCP Service configuration for Linux

DHCP services, like other services, require software packages to be installed.

There are several ways to realize DHCP server address allocation across network segments.

First: you can use a special router: RFC 1542

The characteristic of a router like RFC1542 is to allow specific broadcasts of dhcp. If our router conforms to the standard of RFC1542, it allows packets like DHCP to pass. Although DHCP is a broadcast, it allows it. It only allows DHCP broadcasts to pass through other broadcasts. But this kind of router is a bit demanding, and not all routers can meet this requirement. RFC is called local request for assistance.

The second way:

We can prepare a relay agent called DHCP for him at this end where there is no DHCP service, called DHCPRELAY relay agent. He has configured this RELAY beforehand to know who is the DHCP server in the network. Assuming that this server is represented by A, this relay agent usually listens in the network. She found that a DHCP client broadcasts to the network. After receiving the broadcast, the RELAY saw that someone applied for an address in the network. Although I am not a DHCP server, I am a relay agent. RELAY will collect this kind of DHCP application, collect the address you applied for, and forward it for DHCP. This forwarding is a unicast, not a broadcast. It can forward the user's application and tell A that there is a user application address. Because A has a lot of configured address pools for DHCP servers, A will give RELAY an address to unicast and come back, and then RELAY will transfer the address to the user. This process is unicast, so it can easily pass through the router. But the relay agent must configure the address of the DCHP server in advance, otherwise RELAY will not know who the server is. And then point-to-point turn around, this is the relay agent.

In order to solve the problem of single point of failure, at least prepare two groups of DHCP servers to back up each other.

In the experiment, users can get the IP address through DHCP service.

To do this experiment, it must be clear: because DHCP allocates addresses based on broadcasts. And DHCP will not selectively assign addresses to whoever asks DHCP for the address first, so when configuring the DHCP experiment, you must not bridge it. So there must be a separate network segment when doing this experiment.

Before you do this experiment, you have to find a network segment that no one uses.

In the later experiment, only the host in the VNnet17 network can obtain the DHCPip configured by myself. Later, there will be a client. If the client wants to obtain the DHCP service, it must have a network segment with the server.

The experiment has been prepared.

Change the host acting as the server to dhcp automatic acquisition

To be a dhcp server is static ip, and then assign dynamic addresses to others.

In the future, we hope that the host of another client will also obtain the address in the VMnet17 network segment, so it is the same network segment as the server, and the final configuration range is also the range of 10 network segments.

Dhcp installation

Dhcp details

Introduction of important documents of Dhcp

Start of the Dhcp service

General services can be started as soon as they are installed, but the dhcp service is special because there are some missing configuration items in the dhcp configuration file. The reason is that there is something wrong with the configuration file of dhcp

As a dhcp server, if you want a host in a network segment to assign an address, you must assign an ip address range to the dhcp service. That network segment goes to that network segment, which means you must assign a network segment to your network card, otherwise the server will not come. Since there are two network cards and only one ip network segment is needed.

You need to restart the service after modification.

When I went to the client to restart the network, I found that I still couldn't get the address.

But at this time, the client still can't get the dhcp address, so the configuration file has to be further modified.

Set the default renewal time

If you look at this directory, you can see that the host got the ip from me.

How to make the client get not only ip but also gateway, DNS and other information: the following figure modifies the configuration file

This location allows him to obtain other information in addition to specifying ip and network segment.

Option routers: the so-called gateway

Option domain-name-servers: DNS address

Option domain-name "magedu.org"; domain suffix

Therefore, we use these settings to let the DHCP client get the address as well as the gateway DNS address and domain suffix.

Automatic installation through dhcp

Dhcp in the automated installation of this process is to let our client in the case of no installed system from the server to get an IP, this is a prerequisite for the client to have the network function, but the network function alone is not useful because we get an IP from the network, it is not enough to start the computer, I can only start up to activate the anaconda-ks.cfg installation wizard boot file. Because anaconda-ks.cfg is the startup file of the installation wizard, the subsequent installation can be achieved.

Other configuration options:

Filename: indicates the name of the boot file

Next-server: the IP address of the server that provides the boot file

U example:

Filename "pxelinux.0"

Next-server 192.168.1.100

U check syntax

Service dhcpd configtest

Next, after letting the client get the address, there are some things to get, two of which are critical:

1:pxelinux.0

2:next-server

These two items are related to automatic installation, and if you want to automate the installation, you need to ask him to download key configuration files on the server. Bootlorc needs to be provided by the pxelinux.0 file, which needs to be put on a server in advance so that the client can download it from the server.

Next-server: followed by the TFTP server IP. This server is the so-called TFTP server. The TFTP server is similar to the FTP server, which allows us to download files from the TFTP server, and then download the pxelinux.0 file after downloading the file, and this file plays the role of bootlocrm. After downloading the bootlocrm, you can go to the server to download the kernel to download initrd.img. Then load the menu and load the subsequent automated installation wizard. So we need to cooperate with these two items.

Next-server TFTP (TFTP server address)

TFTP service allows us to download resources and upload resources from the server, but its function is not as powerful as FTP. TFTP is a simplified FTP service TFTP can also provide basic file sharing functions.

Set up TFTP service

TFTP can implement simple server construction and download some small files on TFTP. Tftp is also a non-stand-alone service.

1. Installation of tftp software centos6

Installation on Centos7: ↓↓

Installation on Centos6

/ usr/sbin/in.tftpd this is his main program: ↓

Then start the tftp service: ↓↓

/ var/lib/ftfpboot this directory stores the shared resources that provide downloads.

PXE combines DHCP and tftp to realize automatic installation of linux

Working principle and experiment of PXE

This process requires us to prepare multiple servers in advance, the first dhcp server and the second tftp server. We all know that dhcp can assign ip and tftp can share files so that users can connect to the tftp server to download files. With this, we need to set up the two servers beforehand. After setting up, our client machine assumes that it is a computer that wants to install linux. As soon as this computer turns on the power, it will automatically send a request to the network when it starts, and someone needs to assign an address to me. At this time, the host of the client will send a DHCP request message, and there happens to be a dhcp server in our network that will give the address to the client. At the same time, it not only gives the IP address to the client, but also assigns TFTP to the client. At this time, the client will look for the tftp server. Because the client still needs to start linux and requires kernel files and load menu startup items, and the client is now a new host with nothing, he needs to get the address of the tftp server through the dhcp server. When the client knows the address of the tftp, it will send a request to the tftp server and say, "tftp server now I hope to be able to download the bootlorm file from you so that I can start." At this point, tftp can download a file he has stored in advance as a bootlorm function, which is pxelinux.0 by default.

The ip address of the tftp server and the pxelinux.0 file downloaded from the tftp server. All need to be informed to the client host through the dhcp server, so we will continue to improve what we have just said and left undone:

PEX Automation steps to install the linux operating system:

How to tell the client to download the file and connect to the tftp server ip address through the dhcp server:

1. Download the dhcp service package

2. The server host downloads the tftp service package

3. The client host downloads the tftp service package

4. Modify the content of dhcp service configuration file

Enter the dhcp service configuration file, modify the dhcp network machine and add the dhcp network ip address and pxelinux.0 folder of the tftp server host.

Add the IP address of the dhcp service of the tftp server to him here. Now I want to connect to the tftp server and the ip of the tftp server is 10.0.0.1

Now the client is connected to the tftp server via the dhcp service link, but at this point you have to download pxelinux.0 from the / var/lib/tftpboot folder on the tftp server.

5. Create a directory of pxelinux.0 files:

Command: yum search looks for software packages. Pxelinux package, you need to download syslinux.x86_64 because the pxelinux.0 file needs this package to generate

Set up the DHCP

6. Install centos7 to minimize the installation of operating system

It's no use just starting. Because you need to get the relevant kernel configuration files when installing the linux system, and you also want to pop up a menu to install the operating system after getting it. Only with the menu can you choose which menu to install. In short, the work of DHCP has been done, and the work of tftp has been able to achieve file sharing. However, it is not enough to just get the pxelinux.0 file through TFTP, it is necessary to copy other related kernel and boot files.

Now the operating system installed 6 needs to transfer the centos6 kernel-related files to the / var/lib/tftpboot directory on the tftp server.

In order to install this function automatically, the network card must have PXE function.

Now create a folder under the / var/lib/tftpboot file, build it, put the menu file in it, and copy the menu directory to the pxelinux.cfg/default directory

Because we don't need such a fancy background picture in a system, we want to use this simple and simple style picture.

Just use the picture when we installed syslinux just now.

Of course, now we need to use the background picture of this menu, so we need to write down the default file we just wrote clearly.

You can delete all the useless things with the file, and then change the headline to the format you want to write.

Configure the answer file on the server side of tftp. The answer file also has to cooperate with the http service, so you also have to call a http service.

Then start the http service and go to the / var/www/html directory because this is the directory where the http service downloaded the file, then create a folder for the ks reply file and put the ks reply file you created above into this directory.

Then we have to call a yum source, let the server's machine do everything, tftp services do everything, dhcp services do it, http services do it all, and then let the machine build a yum source. Build a yum source in / var/www/html, which is the yum source directory format of the http service

Then hang the CD of 7 to him.

Of course, this is a temporary mount. If you want to boot and mount automatically, you have to write it to the vim / etc/fstab configuration file.

This is the iso9660 format, the work is not usually CD-ROM but to copy the entire iso file to a directory, and then hang out the iso file. We still have to install 6 later, so by the way, let's fix the mount of 6.

Then drag the first CD of the whole 6 to the tftp server

Open another terminal to view the file

Then paste the file name into the vim / etc/fstab configuration file

Because the file is under root and it needs to be mounted to the / var/www/html/centos/6/os/x86_64/ directory to save and exit.

View source code source address

Write the yum source of 7 to the ks configuration file.

Then add the answer configuration file of 6 to the built yum source

Set menu launcher add ks answer file

That's it, then go back to the configuration file of the startup menu, vim / var/lib/tftpboot/pxelinux.cfg/default.

Now we know to look for vmlinuz (kernel files) and initrd startup files through the menu. But if you don't have these two documents now, you have to make a copy. So from this / misc/cd/isolinux/ {vmlinuz,initrd.img}. Copy to the current directory. Think that the tftpboot directory is a directory that can be downloaded by tfpt services.

Modify the default default menu configuration file in / var/lib/tftpboot/pxelinux.cfg/pxelinux.cfg to the following figure: ↓↓

Next, you can use a computer to install, and if the functions on this computer support PXE, you can install it normally.

Find a new computer installation process this new computer requirements and our DHCP service will be on the same network segment

Create a new virtual machine:

Cobbler workflow

Introduction to cobbler

Cobbler is a Linux server installation service, which can quickly install and reinstall physical servers and virtual machines through network startup (PXE), as well as manage DHCP,DNS and so on.

Cobbler can be managed by command line, and it also provides Web-based interface management tool (cobbler-web) and API interface, which is convenient for secondary development.

Cobbler is an upgraded version of the earlier kickstart, which has the advantage of being relatively easy to configure and easy to manage with its own web interface.

Cobbler has a lightweight configuration management system built in, but it also supports integration with other configuration management systems, such as Puppet, but does not support SaltStack for the time being.

Cobbler Integration Services

PXE service supports DHCP service management DNS service management (optional bind,dnsmasq) Power management Kickstart service supports YUM warehouse management TFTP (required for PXE startup) Apache (provides installation source for kickstart and provides customized kickstart configuration)

Cobbler configuration file details cobbler configuration file directory is at / etc/cobbler

The role of profile

/ etc/cobbler/settings cobbler main configuration file

/ etc/cobbler/iso/ iso template profile

/ etc/cobbler/pxe pxe template profile

/ etc/cobbler/power Power profile

/ etc/cobbler/user.conf web Service Authorization profile

User name and password profile accessed by / etc/cobbler/users.digest web

Configuration template for / etc/cobbler/dhcp.template dhcp server

Configuration template for / etc/cobbler/dnsmasq.template dns server

/ configuration template for etc/cobbler/tftpd.template tftp service

Configuration file for / etc/cobbler/modules.conf module

Cobbler data directory

Catalogue function

/ var/lib/cobbler/config/ is used to store configuration files such as distros,system,profiles.

/ var/lib/cobbler/triggers/ is used to store user-defined cobbler commands

/ var/lib/cobbler/kickstart/ stores kickstart files by default

/ var/lib/cobbler/loaders/ stores various bootstrap programs and image directories

/ var/www/cobbler/ks_mirror/ imports all the data of the distribution system

/ var/www/cobbler/images/ imported kernel and initrd images of the distribution for remote network startup

/ var/www/cobbler/repo_mirror/ yum warehouse storage directory

Cobbler log file

Log file path description

/ var/log/cobbler/installing client installation log

/ var/log/cobbler/cobbler.log cobbler log

Detailed explanation of cobbler command

Cobbler check / / check whether there is a problem with the current setting

Cobbler list / / lists all cobbler elements

Cobbler report / / list details of elements

Cobbler sync / / synchronize the configuration to the data directory, and it is best to change the configuration.

Cobbler reposync / / synchronous yum repository

Cobbler distro / / View the imported release system information

Cobbler system / / View the added system information

Cobbler profile / / View configuration information

/ etc/cobbler/settings this file will title cobbler to do a lot of things. This is a configuration file.

Find this line and replace it with the ip of the current host

Change the search next_server to the current IP

Use this command to download the necessary yum sources

Performing cobbler sync

Generate an encrypted password

If you find this line in the open configuration file / etc/cobbler/settings, you will have the password.

Open the configuration file to find this line and automatically generate DHCP

Restarting the cobbler service

Find the dhcp template profile to modify the network

Modify these lines the same as the current host ip

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.