chrony服务与Cobbler自动化部署

1、配置chrony服务，实现服务器时间自动同步

~]# yum install chrony -y

# 修改时钟服务器
~]# vi /etc/chrony.conf 
...
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
...

# 启动 chronyd
~]# systemctl start chronyd.service
~]# systemctl enable chronyd.service

# 查看时间同步源
~]# chronyc sources -v   
210 Number of sources = 4

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6   177    61    +27us[ +181us] +/-   14ms
^- h199-182-204-197.ip4.unm>     2   6   177    60    +47ms[  +47ms] +/-  146ms
^? ntp8.flashdance.cx            2   6     3    59   +274us[ +274us] +/-  213ms
^- a.chl.la                      2   6   207    51    -20ms[  -20ms] +/-  130ms

# 查看时间同步源状态
~]# chronyc sourcestats -v    
210 Number of sources = 4
                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
203.107.6.88               11   6   460     +0.222     10.719    +14us  1079us
h199-182-204-197.ip4.unm>  11   6   464    +14.785     56.248    +45ms  6491us
ntp8.flashdance.cx          6   3   325    +30.213    217.331  +8413us  7201us
a.chl.la                    8   5   465    -20.530    233.250    -37ms    14ms

2、实现cobbler+pxe自动化装机

准备环境

准备一台 CentOS 7 虚拟机，分配两块虚拟网卡，一个桥接模式(ens33：可以联网安装软件)，一个仅主机模式（ens37：配置一个固定IP，关掉vmvare仅主机模式网络的DHCP服务）

~]# ifconfig
ens33: flags=4163  mtu 1500
        inet 192.168.58.149  netmask 255.255.255.0  broadcast 192.168.58.255
        inet6 fe80::e179:f714:a156:7d37  prefixlen 64  scopeid 0x20
        ether 00:0c:29:da:e9:ef  txqueuelen 1000  (Ethernet)
        RX packets 180  bytes 19350 (18.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 51  bytes 8075 (7.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens37: flags=4163  mtu 1500
        inet 192.168.146.10  netmask 255.255.255.0  broadcast 192.168.146.255
        inet6 fe80::20c:29ff:feda:e9f9  prefixlen 64  scopeid 0x20
        ether 00:0c:29:da:e9:f9  txqueuelen 1000  (Ethernet)
        RX packets 141  bytes 13512 (13.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 10  bytes 776 (776.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 4  bytes 348 (348.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 348 (348.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

image-20200229121041618.png

PXE

安装配置DHCP

~]# yum install dhcp -y

# 查看 dhcpd.conf 的帮助文档
~]# man dhcpd.conf

# 查看 dhcp 安装的文件列表
~]# rpm -ql dhcp

~]# cat /etc/dhcp/dhcpd.conf 
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
option domain-name "localhost";
option domain-name-servers 192.168.146.10, 8.8.8.8;

default-lease-time 600;
max-lease-time 7200;

log-facility local7;

subnet 192.168.146.0 netmask 255.255.255.0 {
  range  192.168.146.100 192.168.146.200;
  option routers 192.168.146.10;
}

next-server 192.168.146.10;
filename "pxelinux.0";

~]# systemctl enable dhcpd.service
~]# systemctl start dhcpd.service

安装配置PXE

# 挂载光盘镜像
~]# ll /dev/cdrom 
lrwxrwxrwx. 1 root root 3 Feb 29 21:10 /dev/cdrom -> sr0
~]# mkdir /media/cdrom
~]# mount -r -t iso9660 /dev/cdrom /media/cdrom
~]# ll /media/cdrom/
total 108
-rw-rw-r--. 1 root root    14 Nov 26  2018 CentOS_BuildTag
drwxr-xr-x. 3 root root  2048 Nov 26  2018 EFI
-rw-rw-r--. 1 root root   227 Aug 30  2017 EULA
-rw-rw-r--. 1 root root 18009 Dec 10  2015 GPL
drwxr-xr-x. 3 root root  2048 Nov 26  2018 images
drwxr-xr-x. 2 root root  2048 Nov 26  2018 isolinux
drwxr-xr-x. 2 root root  2048 Nov 26  2018 LiveOS
drwxrwxr-x. 2 root root 71680 Nov 26  2018 Packages
drwxr-xr-x. 2 root root  4096 Nov 26  2018 repodata
-rw-rw-r--. 1 root root  1690 Dec 10  2015 RPM-GPG-KEY-CentOS-7
-rw-rw-r--. 1 root root  1690 Dec 10  2015 RPM-GPG-KEY-CentOS-Testing-7
-r--r--r--. 1 root root  2883 Nov 26  2018 TRANS.TBL

# 配置 YUM 源服务
~]# yum install httpd -y
~]# ln -s /media/cdrom /var/www/html/centos7
~]# systemctl start httpd.service

# 生产 kickstart 配置文件
~]# yum install system-config-kickstart -y

# 使用 system-config-kickstart 工具生成 kickstart 配置文件
~]# system-config-kickstart centos7.cfg
~]# cp centos7.cfg /var/www/html/

# 安装PXE
~]# yum -y install syslinux tftp-server xinetd

# 复制PXE引导文件
~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
~]# cp /usr/share/syslinux/{chain.c32,mboot.c32,menu.c32,memdisk} /var/lib/tftpboot/
~]# cp /media/cdrom/images/pxeboot/{initrd.img,vmlinuz} /var/lib/tftpboot/

~]# mkdir /var/lib/tftpboot/pxelinux.cfg/
~]# vi /var/lib/tftpboot/pxelinux.cfg/default
default menu.c32
  prompt 5
  timeout 30
  MENU TITLE CentOS 7 PXE Menu

  LABEL linux
  MENU LABEL Install CentOS 7 x86_64
  KERNEL vmlinuz
  APPEND initrd=initrd.img inst.repo=http://192.168.146.10/centos7 ks=http://192.168.146.10/centos7.cfg
  
~]# systemctl start tftp.socket
~]# systemctl start tftp.service
~]# systemctl start xinetd.service

测试

注意客户机最小内存2G

pxe-01.png

pxe-02.png

Cobbler

安装配置Cobbler

~]# yum install epel-release -y

~]# yum install cobbler cobbler-web pykickstart httpd dhcp rsync xinetd -y

~]# systemctl enable httpd.service
~]# systemctl start httpd.service


# 配置 HDCP
~]# cat /etc/dhcp/dhcpd.conf 
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
option domain-name "localhost";
option domain-name-servers 192.168.146.10, 8.8.8.8;

default-lease-time 600;
max-lease-time 7200;

log-facility local7;

subnet 192.168.146.0 netmask 255.255.255.0 {
  range  192.168.146.100 192.168.146.200;
  option routers 192.168.146.10;
}

next-server 192.168.146.10;
filename "pxelinux.0";

~]# systemctl start dhcpd.service
~]# systemctl enable dhcpd.service

# 配置 Cobbler
~]# systemctl enable cobblerd.service
~]# systemctl start cobblerd.service

~]# cobbler check        
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
    https://github.com/cobbler/cobbler/wiki/Selinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
6 : enable and start rsyncd.service with systemctl
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

~]# systemctl start xinetd.service
~]# systemctl enable xinetd.service
~]# systemctl start rsyncd.service 
~]# systemctl enable rsyncd.service
~]# cobbler get-loaders
~]# cobbler sync
~]# systemctl restart cobblerd.service

管理 distro

# 挂载光盘
~]# mkdir /media/cdrom
~]# mount -r -t iso9660 /dev/cdrom /media/cdrom
~]# cobbler import --name=centos7-x86_64-1810 --path=/media/cdrom
task started: 2020-03-02_004519_import
task started (id=Media import, time=Mon Mar  2 00:45:19 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/centos7-x86_64-1810:
creating new distro: centos7-1810-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos7-x86_64-1810 -> /var/www/cobbler/links/centos7-1810-x86_64
creating new profile: centos7-1810-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos7-x86_64-1810 for centos7-1810-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos7-x86_64-1810
need to process repo/comps: /var/www/cobbler/ks_mirror/centos7-x86_64-1810
looking for /var/www/cobbler/ks_mirror/centos7-x86_64-1810/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7-x86_64-1810/repodata
*** TASK COMPLETE ***

~]# cobbler list       
distros:
   centos7-1810-x86_64

profiles:
   centos7-1810-x86_64


# 自定义 ks 配置文件   
~]# cp centos7-x86_64-1810-mini.cfg  /var/lib/cobbler/kickstarts/

~]# cobbler profile edit --name=centos7-1810-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7-x86_64-1810-mini.cfg

~]# cobbler profile report
Name                           : centos7-1810-x86_64
TFTP Boot Files                : {}
Comment                        : 
DHCP Tag                       : default
Distribution                   : centos7-1810-x86_64
Enable gPXE?                   : 0
Enable PXE Menu?               : 1
Fetchable Files                : {}
Kernel Options                 : {}
Kernel Options (Post Install)  : {}
Kickstart                      : /var/lib/cobbler/kickstarts/centos7-x86_64-1810-mini.cfg
Kickstart Metadata             : {}
Management Classes             : []
Management Parameters          : <>
Name Servers                   : []
Name Servers Search Path       : []
Owners                         : ['admin']
Parent Profile                 : 
Internal proxy                 : 
Red Hat Management Key         : <>
Red Hat Management Server      : <>
Repos                          : []
Server Override                : <>
Template Files                 : {}
Virt Auto Boot                 : 1
Virt Bridge                    : xenbr0
Virt CPUs                      : 1
Virt Disk Driver Type          : raw
Virt File Size(GB)             : 5
Virt Path                      : 
Virt RAM (MB)                  : 512
Virt Type                      : kvm

~]# cobbler sync

测试

注意客户机最小内存2G

image-20200301172140548.png

image-20200301172244609.png