实验:PAM authenticator 身份验证器
sed -i 's/^server.*/#&/;1aserver 192.168.39.8 iburst' /etc/chrony.conf
实验:chrony 和ntp
实验:kickstart文件生成,system-config-kickstart 半自动化安装centos6,7,8 mini 安装
dhcp服务
[root@centos8 dhcp]#grep -v "^#" dhcpd.conf
option domain-name "magedu.org";
option domain-name-servers 180.76.76.76, 114.114.114.114;
default-lease-time 86400;
max-lease-time 100000;
log-facility local7;
subnet 192.168.39.0 netmask 255.255.255.0 {
range 192.168.39.10 192.168.39.100;
range 192.168.39.150 192.168.39.200;
option routers 192.168.39.2;
}
host test {
hardware ethernet 00:0c:29:58:4f:12;
fixed-address 192.168.39.120;
}
基于CentOS8 的PXE安装自动化安装centos6,7,8
1 dnf install dhcp-server tftp-server httpd syslinux-nonlinux
2 systemctl enable --now httpd tftp dhcpd
3 准备yum仓库 mkdir /var/www/html/centos/{6,7,8}/isos/x86_64/ -pv mount /dev/sr0 /var/www/html/centos/8/isos/x86_64/
4准备ks文件 mkdir /var/www/html/ksdir/ [root@centos8 ksdir]#grep -Ev "^#|^$" /var/www/html/ksdir/ks8.cfg ignoredisk --only-use=sda zerombr text reboot clearpart --all --initlabel selinux --disabled firewall --disabled url --url=http://192.168.39.8/centos/8/isos/x86_64/ keyboard --vckeymap=us --xlayouts='us' lang en_US.UTF-8 network --bootproto=dhcp --device=ens160 --ipv6=auto --activate network --hostname=centos8.magedu.com rootpw --iscrypted $6$nOPs5JTMlP4mhQeW$R/o62B6SXAh3RR.zrZ3U0X4xYX9/u5nSLrR/vqCB6kdO2XFfMk2a4yAgrHJQpXK/e4jzRb0jiLBv2nFMXaBjB/ firstboot --enable skipx services --disabled="chronyd" timezone Asia/Shanghai --isUtc --nontp user --name=wang --password=$6$oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="wang" part / --fstype="xfs" --ondisk=sda --size=102400 part /data --fstype="xfs" --ondisk=sda --size=51200 part swap --fstype="swap" --ondisk=sda --size=2048 part /boot --fstype="ext4" --ondisk=sda --size=1024 %packages @^minimal-environment kexec-tools %end %addon com_redhat_kdump --enable --reserve-mb='auto' %end %anaconda pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty %end
5 dhcp 配置 cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf vim /etc/dhcp/dhcpd.conf option domain-name "example.org"; option domain-name-servers 180.76.76.76,114.114.114.114; default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 192.168.39.0 netmask 255.255.255.0 { range 192.168.39.100 192.168.39.200; option routers 192.168.39.2; next-server 192.168.39.8; filename "pxelinux.0"; }
systemctl start dhcpd
6 准备tftp相关文件 cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot/ cp /misc/cd/isolinux/{ldlinux.c32,libcom32.c32,libutil.c32,vmlinuz,initrd.img} /var/lib/tftpboot/ mkdir /var/lib/tftpboot/pxelinux.cfg/ cp /misc/cd/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default mkdir /var/lib/tftpboot/{6,7,8} [root@centos8 tftpboot]#tree . ├── 6 │ ├── initrd.img │ └── vmlinuz ├── 7 │ ├── initrd.img │ └── vmlinuz ├── 8 │ ├── initrd.img │ └── vmlinuz ├── ldlinux.c32 ├── libcom32.c32 ├── libutil.c32 ├── menu.c32 ├── pxelinux.0 └── pxelinux.cfg └── default
4 directories, 12 files
7 创建安装菜单 vim /var/lib/tftpboot/pxelinux.cfg/default default menu.c32 timeout 600
menu title CentOS Linux
label linux8 menu label Auto Install CentOS Linux ^8.0 Mini kernel 8/vmlinuz append initrd=8/initrd.img ks=http://192.168.39.8/ksdir/ks8_mini.cfg
label linux7 menu label Auto Install CentOS Linux ^7 Mini kernel 7/vmlinuz append initrd=7/initrd.img ks=http://192.168.39.8/ksdir/ks7.cfg
label linux6 menu label Auto Install CentOS Linux ^6 Mini kernel 6/vmlinuz append initrd=6/initrd.img ks=http://192.168.39.8/ksdir/ks6.cfg
label manual menu label ^Manual Install CentOS Linux 8.0 kernel vmlinuz append initrd=initrd.img inst.repo=http://192.168.39.8/centos/8/isos/x86_64/
label local menu default menu label Boot from ^local drive localboot 0xffff
centos7 实现基于cobbler实现自动化安装
1 yum install cobbler dhcp systemctl enable --now cobblerd httpd tftp dhcpd
2 cobbler check vim /etc/cobbler/settings default_password_crypted: "$1$gEc7ilpP$pg5iSOj/mlxTxEslhRvyp/" manage_dhcp:1 next_server:< tftp服务器的 IP 地址> server:<cobbler服务器的 IP 地址>
systemctl restart cobblerd cobbler sync
3 下载相关文件 cobbler get-loaders cobbler sync
4 dhcp服务 vim /etc/cobbler/dhcp.template subnet 192.168.39.0 netmask 255.255.255.0 { option routers 192.168.39.2; option domain-name-servers 8.8.8.8; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.39.100 192.168.39.254;
cobbler sync systemctl start dhcpd
5导入系统安装文件 cobbler import --name=centos-8.0-x86_64 --path=/media/cdrom --arch=x86_64
6 准备 ks
[root@centos7 kickstarts]#cat /var/lib/cobbler/kickstarts/ks8.cfg #version=RHEL8 ignoredisk --only-use=sda zerombr text reboot
Partition clearing information
clearpart --all --initlabel selinux --disabled firewall --disabled
Use graphical install
#repo --name="Appstream" --baseurl=http://192.168.39.8/centos/8/isos/x86_64/AppStream url --url=$tree #repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream
Use CDROM installation media
Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
System language
lang en_US.UTF-8
Network information
network --bootproto=dhcp --device=ens160 --ipv6=auto --activate network --hostname=centos8.magedu.com
Root password
rootpw --iscrypted $6$nOPs5JTMlP4mhQeW$R/o62B6SXAh3RR.zrZ3U0X4xYX9/u5nSLrR/vqCB6kdO2XFfMk2a4yAgrHJQpXK/e4jzRb0jiLBv2nFMXaBjB/
Run the Setup Agent on first boot
firstboot --enable
Do not configure the X Window System
skipx
System services
services --disabled="chronyd"
System timezone
timezone Asia/Shanghai --isUtc --nontp user --name=wang --password=$6$oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="wang"
Disk partitioning information
part / --fstype="xfs" --ondisk=sda --size=102400 part /data --fstype="xfs" --ondisk=sda --size=51200 part swap --fstype="swap" --ondisk=sda --size=2048 part /boot --fstype="ext4" --ondisk=sda --size=1024
%packages @^minimal-environment kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty %end
cobbler profile add --name=CentOS8.0_mini --distro=CentOS8.0-x86_64 --kickstart= /var/lib/cobbler/kickstarts/ks8.cfg
cobbler profile remove --name=CentOS8.0-x86_64
实现cobbler 的web管理 yum install cobbler-web systemctl restart httpd
主DNS服务器实现
yum install python2-pip pip install Django==1.8.17