说明: #Cobbler 部署不在详细说明# Ubuntu版本: 18.04.3 及19.10# 测试机器: kvm 虚拟机# 测试ip:192.168.3.63#使用vnc 进行连接操作 cobbler distro 添加Ubuntu 最新系统支持 cp /var/lib/cobbler/distro_sig
#Cobbler 部署不在详细说明 # Ubuntu版本: 18.04.3 及19.10 # 测试机器: kvm 虚拟机 # 测试ip:192.168.3.63 #使用vnc 进行连接操作
cobbler distro 添加Ubuntu 最新系统支持
cp /var/lib/cobbler/distro_signatures.json /var/lib/cobbler/distro_signatures.json.bak vi /var/lib/cobbler/distro_signatures.json "bionic": { "signatures":["dists", ".disk"], "version_file":"Release|mini-info", "version_file_regex":"Codename: bionic|Ubuntu 18.04", "kernel_arch":"linux-headers-(.*)\\.deb", "kernel_arch_regex":null, "supported_arches":["i386","amd64"], "supported_repo_breeds":["apt"], "kernel_file":"linux(.*)", "initrd_file":"initrd(.*)\\.gz", "isolinux_ok":false, "default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed", "kernel_options":"", "kernel_options_post":"", "boot_files":[] }, "cosmic": { "signatures":["dists", ".disk"], "version_file":"Release|mini-info", "version_file_regex":"Codename: cosmic|Ubuntu 18.10", "kernel_arch":"linux-headers-(.*)\\.deb", "kernel_arch_regex":null, "supported_arches":["i386","amd64"], "supported_repo_breeds":["apt"], "kernel_file":"linux(.*)", "initrd_file":"initrd(.*)\\.gz", "isolinux_ok":false, "default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed", "kernel_options":"", "kernel_options_post":"", "boot_files":[] }, "disco": { "signatures":["dists", ".disk"], "version_file":"Release|mini-info", "version_file_regex":"Codename: disco|Ubuntu 19.04", "kernel_arch":"linux-headers-(.*)\\.deb", "kernel_arch_regex":null, "supported_arches":["i386","amd64"], "supported_repo_breeds":["apt"], "kernel_file":"linux(.*)", "initrd_file":"initrd(.*)\\.gz", "isolinux_ok":false, "default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed", "kernel_options":"", "kernel_options_post":"", "boot_files":[] }, "eoan": { "signatures":["dists", ".disk"], "version_file":"Release|mini-info", "version_file_regex":"Codename: eoan|Ubuntu 19.10", "kernel_arch":"linux-headers-(.*)\\.deb", "kernel_arch_regex":null, "supported_arches":["i386","amd64"], "supported_repo_breeds":["apt"], "kernel_file":"linux(.*)", "initrd_file":"initrd(.*)\\.gz", "isolinux_ok":false, "default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed", "kernel_options":"", "kernel_options_post":"", "boot_files":[] } }, # 这个括号一定要曾在旧的可能在16号版本左右记得一定要放到ubuntu 标签里面 # 保存 # 重启cobblerd service cobblerd restart
下载 Ubuntu 18.04.3 及19.10
#下载目录 /tmp cd /tmp wget https://mirror.tuna.tsinghua.edu.cn/ubuntu-cdimage/releases/18.04.3/release/ubuntu-18.04.3-server-amd64.iso wget https://mirror.tuna.tsinghua.edu.cn/ubuntu-cdimage/releases/19.10/release/ubuntu-19.10-server-amd64.iso # 说明 live 版本跟desktop 版本导入重启cobbler 会出错
挂载下载完成iso
mkdir -p /mnt/{ubuntu18,ubuntu19} mount -t iso9660 -r -o ro,loop /tmp/ubuntu-18.04.3-server-amd64.iso /mnt/ubuntu18 mount -t iso9660 -r -o ro,loop /tmp/ubuntu-19.10-server-amd64.iso /mnt/ubuntu19
创建seed自动安装脚本及初始化系统设置脚本shell 文件
#创建ubuntu18043.seed cd /var/lib/cobbler/kickstarts vi ubuntu18043.seed # Mostly based on the Ubuntu installation guide # https://help.ubuntu.com/18.04/installation-guide/ # Debian sample # https://www.debian.org/releases/stable/example-preseed.txt # Preseeding only locale sets language, country and locale. d-i debian-installer/locale string en_US # Keyboard selection. # Disable automatic (interactive) keymap detection. d-i console-setup/ask_detect boolean false d-i keyboard-configuration/xkb-keymap select us d-i keyboard-configuration/toggle select No toggling d-i keyboard-configuration/layoutcode string us d-i keyboard-configuration/variantcode string # netcfg will choose an interface that has link if possible. This makes it # skip displaying a list if there is more than one interface. #set $myhostname = $getVar(‘hostname‘,$getVar(‘name‘,‘cobbler‘)).replace("_","-") d-i netcfg/choose_interface select auto d-i netcfg/get_hostname string $myhostname # If non-free firmware is needed for the network or other hardware, you can # configure the installer to always try to load it, without prompting. Or # change to false to disable asking. # d-i hw-detect/load_firmware boolean true # NTP/Time Setup d-i time/zone string Asia/Shanghai d-i clock-setup/utc boolean true d-i clock-setup/ntp boolean true d-i clock-setup/ntp-server string pool.ntp.org # Setup the installation source d-i mirror/country string manual d-i mirror/http/hostname string $http_server d-i mirror/http/directory string $install_source_directory d-i mirror/http/proxy string #set $os_v = $getVar(‘os_version‘,‘‘) #if $breed == "ubuntu" and $os_v and $os_v.lower() != ‘precise‘ # Required at least for ubuntu 12.10+ , so test os_v is not precise. Olders versions are not supported anymore d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs #end if # Suite to install. # d-i mirror/suite string precise # d-i mirror/udeb/suite string precise # Components to use for loading installer components (optional). #d-i mirror/udeb/components multiselect main, restricted # Disk Partitioning # Use LVM, and wipe out anything that already exists # d-i partman-auto/disk string /dev/sda # 多块硬盘时指定系统安装到那块硬盘kvm 虚拟机 /dev/vda d-i partman/choose_partition select finish d-i partman/confirm boolean true d-i partman/confirm_nooverwrite boolean true d-i partman-auto/method string regular d-i partman-lvm/device_remove_lvm boolean true d-i partman-auto/choose_recipe select atomic d-i partman-md/device_remove_md boolean true d-i partman-partitioning/confirm_write_new_label boolean true d-i partman/default_filesystem string ext4 d-i partman/mount_style select uuid # You can choose one of the three predefined partitioning recipes: # - atomic: all files in one partition # - home: separate /home partition # - multi: separate /home, /usr, /var, and /tmp partitions d-i partman-auto/choose_recipe select atomic # If you just want to change the default filesystem from ext3 to something # else, you can do that without providing a full recipe. # d-i partman/default_filesystem string ext4 # root account and password d-i passwd/root-login boolean true d-i passwd/root-password-crypted password $default_password_crypted # skip creation of a normal user account. d-i passwd/make-user boolean false # Uncomment this if you don‘t want to use a network mirror. # d-i apt-setup/use_mirror boolean false # Select which update services to use; define the mirrors to be used. # Values shown below are the normal defaults. d-i apt-setup/services-select multiselect security d-i apt-setup/security_host string mirrors.aliyun.com d-i apt-setup/security_path string /ubuntu $SNIPPET(‘preseed_apt_repo_config‘) # Package selection # Default for minimal tasksel tasksel/first multiselect standard # Individual additional packages to install # wget is REQUIRED otherwise quite a few things won‘t work # later in the build (like late-command scripts) #d-i pkgsel/include string ntp ssh wget d-i pkgsel/include string ssh wget # Debian needs this for the installer to avoid any question for grub # Please verify that it suit your needs as it may overwrite any usb stick #if $breed == "debian" d-i grub-installer/grub2_instead_of_grub_legacy boolean true d-i grub-installer/bootdev string default #end if # Use the following option to add additional boot parameters for the # installed system (if supported by the bootloader installer). # Note: options passed to the installer will be added automatically. d-i debian-installer/add-kernel-opts string $kernel_options_post # Avoid that last message about the install being complete. d-i finish-install/reboot_in_progress note # This first command is run as early as possible, just after preseeding is read. # d-i preseed/early_command string [command] d-i preseed/early_command string wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s # This command is run just before the install finishes, but when there is # still a usable /target directory. You can chroot to /target and use it # directly, or use the apt-install and in-target commands to easily install # packages and run commands in the target system. # d-i preseed/late_command string [command] d-i preseed/late_command string mkdir -p /target/root/.ssh ; wget -O /target/etc/apt/sources.list http://192.168.2.56/cobbler/ks_mirror/bash/sources.list.18 ; wget -P /target/root/ http://192.168.2.56/cobbler/ks_mirror/bash/ubuntu18.sh ; wget -P /target/root/.ssh http://192.168.2.56/cobbler/ks_mirror/bash/authorized_keys ; chmod 400 /target/root/.ssh/authorized_keys; cd /target ; chroot ./ sh /root/ubuntu18.sh # 创建 ubuntu1910.seed vi ubuntu1910.seed # Mostly based on the Ubuntu installation guide # https://help.ubuntu.com/18.04/installation-guide/ # Debian sample # https://www.debian.org/releases/stable/example-preseed.txt # Preseeding only locale sets language, country and locale. d-i debian-installer/locale string en_US # Keyboard selection. # Disable automatic (interactive) keymap detection. d-i console-setup/ask_detect boolean false d-i keyboard-configuration/xkb-keymap select us d-i keyboard-configuration/toggle select No toggling d-i keyboard-configuration/layoutcode string us d-i keyboard-configuration/variantcode string # netcfg will choose an interface that has link if possible. This makes it # skip displaying a list if there is more than one interface. #set $myhostname = $getVar(‘hostname‘,$getVar(‘name‘,‘cobbler‘)).replace("_","-") d-i netcfg/choose_interface select auto d-i netcfg/get_hostname string $myhostname # If non-free firmware is needed for the network or other hardware, you can # configure the installer to always try to load it, without prompting. Or # change to false to disable asking. # d-i hw-detect/load_firmware boolean true # NTP/Time Setup d-i time/zone string Asia/Shanghai d-i clock-setup/utc boolean true d-i clock-setup/ntp boolean true d-i clock-setup/ntp-server string pool.ntp.org # Setup the installation source d-i mirror/country string manual d-i mirror/http/hostname string $http_server d-i mirror/http/directory string $install_source_directory d-i mirror/http/proxy string #set $os_v = $getVar(‘os_version‘,‘‘) #if $breed == "ubuntu" and $os_v and $os_v.lower() != ‘precise‘ # Required at least for ubuntu 12.10+ , so test os_v is not precise. Olders versions are not supported anymore d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs #end if # Suite to install. # d-i mirror/suite string precise # d-i mirror/udeb/suite string precise # Components to use for loading installer components (optional). #d-i mirror/udeb/components multiselect main, restricted # Disk Partitioning # Use LVM, and wipe out anything that already exists # d-i partman-auto/disk string /dev/sda # 多块硬盘时指定系统安装到那块硬盘 kvm 虚拟机 /dev/vda d-i partman/choose_partition select finish d-i partman/confirm boolean true d-i partman/confirm_nooverwrite boolean true d-i partman-auto/method string regular d-i partman-lvm/device_remove_lvm boolean true d-i partman-auto/choose_recipe select atomic d-i partman-md/device_remove_md boolean true d-i partman-partitioning/confirm_write_new_label boolean true d-i partman/default_filesystem string ext4 d-i partman/mount_style select uuid # You can choose one of the three predefined partitioning recipes: # - atomic: all files in one partition # - home: separate /home partition # - multi: separate /home, /usr, /var, and /tmp partitions d-i partman-auto/choose_recipe select atomic # If you just want to change the default filesystem from ext3 to something # else, you can do that without providing a full recipe. # d-i partman/default_filesystem string ext4 # root account and password d-i passwd/root-login boolean true d-i passwd/root-password-crypted password $default_password_crypted # skip creation of a normal user account. d-i passwd/make-user boolean false # Uncomment this if you don‘t want to use a network mirror. # d-i apt-setup/use_mirror boolean false # Select which update services to use; define the mirrors to be used. # Values shown below are the normal defaults. d-i apt-setup/services-select multiselect security d-i apt-setup/security_host string mirrors.aliyun.com d-i apt-setup/security_path string /ubuntu $SNIPPET(‘preseed_apt_repo_config‘) # Package selection # Default for minimal tasksel tasksel/first multiselect standard # Default for server # tasksel tasksel/first multiselect standard, web-server # Default for gnome-desktop # tasksel tasksel/first multiselect standard, gnome-desktop # Individual additional packages to install # wget is REQUIRED otherwise quite a few things won‘t work # later in the build (like late-command scripts) #d-i pkgsel/include string ntp ssh wget d-i pkgsel/include string ssh wget # Debian needs this for the installer to avoid any question for grub # Please verify that it suit your needs as it may overwrite any usb stick #if $breed == "debian" d-i grub-installer/grub2_instead_of_grub_legacy boolean true d-i grub-installer/bootdev string default #end if # Use the following option to add additional boot parameters for the # installed system (if supported by the bootloader installer). # Note: options passed to the installer will be added automatically. d-i debian-installer/add-kernel-opts string $kernel_options_post # Avoid that last message about the install being complete. d-i finish-install/reboot_in_progress note # This first command is run as early as possible, just after preseeding is read. # d-i preseed/early_command string [command] d-i preseed/early_command string wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s # This command is run just before the install finishes, but when there is # still a usable /target directory. You can chroot to /target and use it # directly, or use the apt-install and in-target commands to easily install # packages and run commands in the target system. # d-i preseed/late_command string [command] d-i preseed/late_command string mkdir -p /target/root/.ssh ; wget -O /target/etc/apt/sources.list http://192.168.2.56/cobbler/ks_mirror/bash/sources.list.19 ; wget -P /target/root/ http://192.168.2.56/cobbler/ks_mirror/bash/ubuntu19.sh ; wget -P /target/root/.ssh http://192.168.2.56/cobbler/ks_mirror/bash/authorized_keys ; chmod 400 /target/root/.ssh/authorized_keys; cd /target ; chroot ./ sh /root/ubuntu19.sh # 创建shell 文件 cd /var/www/cobbler/ks_mirror/bash/ # ubuntu18.sh vi ubuntu18.sh #!/bin/bash ###############################################set conf################################################# #set ulimit echo \#\!/bin/bash >> /etc/rc.local echo "ulimit -SHn 1024000" >> /etc/rc.local cat >> /etc/security/limits.conf << EOF * soft nofile 1024000 * hard nofile 1024000 * soft nproc 1024000 * hard nproc 1024000 EOF # set max service processes cat >> /etc/systemd/system.conf << EOF DefaultLimitNOFILE=1024000 DefaultLimitNPROC=1024000 EOF #set max user processes #set ssh sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/‘ /etc/ssh/sshd_config sed -i ‘s/#UseDNS yes/UseDNS no/‘ /etc/ssh/sshd_config #sed -i ‘s/#PermitRootLogin yes/#PermitRootLogin no/‘ /etc/ssh/sshd_config systemctl restart sshd #set sysctl true > /etc/sysctl.conf cat >> /etc/sysctl.conf << EOF net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 fs.file-max = 1024000 fs.nr_open = 1024000 vm.swappiness = 0 vm.max_map_count = 2048000 vm.overcommit_memory = 1 kernel.sem =5010 641280 5010 128 kernel.pid_max = 4194303 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_max_tw_buckets = 6000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_mem = 786432 1697152 1945728 net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 2048000 net.core.somaxconn = 65535 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 2048000 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65535 # net.ipv4.ip_local_reserved_ports = 8000-20000 net.ipv4.neigh.default.gc_stale_time=120 net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.all.arp_announce=2 net.ipv4.conf.lo.arp_announce=2 EOF /sbin/sysctl -p echo "sysctl set OK!!" #set profile cat >> /etc/profile << EOF ulimit -d unlimited ulimit -m unlimited ulimit -s unlimited ulimit -v unlimited ulimit -t unlimited ulimit -c unlimited EOF source /etc/profile #set dns echo DNS=192.168.1.169 >>/etc/systemd/resolved.conf echo DNS=192.168.1.8 >>/etc/systemd/resolved.conf systemctl restart systemd-resolved.service chmod +x /etc/rc.local netplan apply # 安装docker 使用 WARNING: No swap limit support # sed -i ‘s/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"/‘ /etc/default/grub #update-grub apt update -y systemctl stop ufw.service systemctl disable ufw.service rm -rf /root/ubuntu18.sh # 创建 ubuntu19.sh vi ubuntu19.sh #!/bin/bash ###############################################set conf################################################# #set ulimit echo \#\!/bin/bash >> /etc/rc.local echo "ulimit -SHn 1024000" >> /etc/rc.local cat >> /etc/security/limits.conf << EOF * soft nofile 1024000 * hard nofile 1024000 * soft nproc 1024000 * hard nproc 1024000 EOF # set max service processes cat >> /etc/systemd/system.conf << EOF DefaultLimitNOFILE=1024000 DefaultLimitNPROC=1024000 EOF #set max user processes #set ssh sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/‘ /etc/ssh/sshd_config sed -i ‘s/#UseDNS yes/UseDNS no/‘ /etc/ssh/sshd_config #sed -i ‘s/#PermitRootLogin yes/#PermitRootLogin no/‘ /etc/ssh/sshd_config systemctl restart sshd #set sysctl true > /etc/sysctl.conf cat >> /etc/sysctl.conf << EOF net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 fs.file-max = 1024000 fs.nr_open = 1024000 vm.swappiness = 0 vm.max_map_count = 2048000 vm.overcommit_memory = 1 kernel.sem =5010 641280 5010 128 kernel.pid_max = 4194303 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_max_tw_buckets = 6000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_mem = 786432 1697152 1945728 net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 2048000 net.core.somaxconn = 65535 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 2048000 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65535 # net.ipv4.ip_local_reserved_ports = 8000-20000 net.ipv4.neigh.default.gc_stale_time=120 net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.all.arp_announce=2 net.ipv4.conf.lo.arp_announce=2 EOF /sbin/sysctl -p echo "sysctl set OK!!" #set profile cat >> /etc/profile << EOF ulimit -d unlimited ulimit -m unlimited ulimit -s unlimited ulimit -v unlimited ulimit -t unlimited ulimit -c unlimited EOF source /etc/profile #set dns echo DNS=192.168.1.169 >>/etc/systemd/resolved.conf echo DNS=192.168.1.8 >>/etc/systemd/resolved.conf systemctl restart systemd-resolved.service chmod +x /etc/rc.local netplan apply systemctl stop ufw.service systemctl disable ufw.service # 设置在KVM vnc 不能进入系统出现 Starting Show Plymouth Boot Screen... # 实体机没测试 echo FRAMEBUFFER=y | sudo tee /etc/initramfs-tools/conf.d/splash sed -i ‘s/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/‘ /etc/default/grub # 安装docker 使用 WARNING: No swap limit support # sed -i ‘s/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"/‘ /etc/default/grub update-initramfs -u update-grub apt update -y rm -rf /root/ubuntu19.sh # 创建更新源 # ubuntu18 vi sources.list.18 deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse # ubuntu19 vi sources.list.19 deb http://mirrors.aliyun.com/ubuntu/ eoan main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ eoan main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ eoan-security main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ eoan-security main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ eoan-updates main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ eoan-updates main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ eoan-proposed main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ eoan-proposed main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ eoan-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ eoan-backports main restricted universe multiverse # 创建私钥登陆 可以CP 其它服务或者自己创建 vi authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCcDzu0/9zVFjrYf5QNQrxhmZ4OOp5MPaujQb5SvHHJmo3d70bPhN4ubu7eeU+/f52UOfg16/PsR+5VPpk1JLDZCT6s+a0tnVY5xZBs2XyXJt6g/yaTVZMAmvXj6WFv72okhAHZtEj9GemzVfp7s3ZahiWnNVtxZQm7gjpQlmR4w0+HYOSVrnXY260m/vfRGWkcjNUvjrYzjgxLg9zl+I8j9jlYxQQFq3hRezD4nvXXv/CJUPWYiZd+AvIBUHvsCf5/bQ3BFgWBw9FNPCJomsPm/FZymqA22tMqRFssq4KvLYdPJXsaBJTv454yPom8pkPCiUNe9pu4xpKbWPHbuOAj [email protected] #设置文件权限不然下载不成功 chmod 666 authorized_keys
导入镜像到cobbler
cobbler import --path=/mnt/ubuntu19 --name=ubuntu-19.10 --kickstart=/var/lib/cobbler/kickstarts/ubuntu1910.seed --arch=x86_64 cobbler import --path=/mnt/ubuntu18 --name=ubuntu-18.04.3 --kickstart=/var/lib/cobbler/kickstarts/ubuntu18043.seed --arch=x86_64 # 等待导入完成 cobbler list distros: ubuntu-18.04.3-hwe-x86_64 ubuntu-18.04.3-x86_64 ubuntu-19.10-x86_64 profiles: ubuntu-18.04.3-hwe-x86_64 ubuntu-18.04.3-x86_64 ubuntu-19.10-x86_64 systems: repos: ubuntu-18.04.3-hwe-x86_64 ubuntu-18.04.3-x86_64 ubuntu-19.10-x86_64 images: mgmtclasses: packages: files: # repos 可以删除也可以修改成国内源 这里我修改成国内阿里云源 cd /var/lib/cobbler/config/repos.d/ [[email protected] repos.d]# ls ubuntu-18.04.3-hwe-x86_64.json ubuntu-18.04.3-x86_64.json ubuntu-19.10-x86_64.json # 修改成阿里云源 # 重启cobbler 使修改生效 systemctl restart cobblerd.service
测试镜像是否能正常安装
# 在一台安装好kvm 集群创建硬破 mkdir -p /apps/vmfs # 创建硬盘 qemu-img create -f qcow2 /apps/vmfs/ubuntu18.img 500G qemu-img create -f qcow2 /apps/vmfs/ubuntu19.img 500G # 创建虚拟机 virt-install -n ubuntu18 --vcpus=8 --ram=16381 --os-type=liunx --os-variant=rhel7 --disk path=/apps/vmfs/ubuntu18.img,format=qcow2,bus=virtio --graphics vnc,listen=0.0.0.0 --network=bridge:br0 --pxe --cpu=host-passthrough --noautoconsole virt-install -n ubuntu19 --vcpus=8 --ram=16381 --os-type=liunx --os-variant=rhel7 --disk path=/apps/vmfs/ubuntu19.img,format=qcow2,bus=virtio --graphics vnc,listen=0.0.0.0 --network=bridge:br0 --pxe --cpu=host-passthrough --noautoconsole # 查看vnc 端口 [[email protected] ~]# netstat -tnulp| grep qemu-kvm tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 76089/qemu-kvm # 使用vnc 连接
# 检查自动优化是否成功 ssh 能否使用私钥登陆 [email protected]:~# ssh 192.168.3.63 Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-66-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Last login: Wed Oct 23 17:15:12 2019 [email protected]:~# # 能成功登陆 # dns 是否设置成功# 如果不设置是不能用域名连接外网的 [email protected]:~# more /etc/systemd/resolved.conf # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. # # Entries in this file show the compile time defaults. # You can change settings by editing this file. # Defaults can be restored by simply deleting this file. # # See resolved.conf(5) for details [Resolve] #DNS= #FallbackDNS= #Domains= #LLMNR=no #MulticastDNS=no #DNSSEC=no #Cache=yes #DNSStubListener=yes DNS=192.168.1.169 DNS=192.168.1.8 [email protected]:~# ping qq.com PING qq.com (58.60.9.21) 56(84) bytes of data. 64 bytes from 58.60.9.21 (58.60.9.21): icmp_seq=1 ttl=53 time=7.02 ms 64 bytes from 58.60.9.21 (58.60.9.21): icmp_seq=2 ttl=53 time=6.98 ms # 静态IP 设置 apt install vim -y #修改 vim 配置关闭自动缩进,不然修改yaml 文件会自动缩进错乱 在粘贴数据之前,输入下面指定开启paste模式 :set paste 粘贴完毕后,输入下面指定关闭paste模式 :set nopaste vim /etc/netplan/01-netcfg.yaml network: version: 2 renderer: networkd ethernets: ens3: dhcp4: no addresses: [192.168.3.63/23] gateway4: 192.168.2.2 dhcp6: yes # 检查配置是否有错误 netplan try [email protected]:~# netplan try Do you want to keep these settings? Press ENTER before the timeout to accept the new configuration Changes will revert in 116 seconds Configuration accepted. # 刷新配置 netplan apply [email protected]:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.2.2 0.0.0.0 UG 100 0 0 ens3 192.168.2.0 0.0.0.0 255.255.254.0 U 0 0 0 ens3 192.168.2.2 0.0.0.0 255.255.255.255 UH 100 0 0 ens3 [email protected]:~# [email protected]:~# netplan try Do you want to keep these settings? Press ENTER before the timeout to accept the new configuration Changes will revert in 120 seconds Configuration accepted. [email protected]:~# netplan apply [email protected]:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.2.2 0.0.0.0 UG 0 0 0 ens3 192.168.2.0 0.0.0.0 255.255.254.0 U 0 0 0 ens3
[email protected]:~# ssh 192.168.3.63 The authenticity of host ‘192.168.3.63 (192.168.3.63)‘ can‘t be established. ECDSA key fingerprint is SHA256:ENH403+PiVDKHbLyGZrgZ/7TeReYpyBsekTxP+lzzNQ. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘192.168.3.63‘ (ECDSA) to the list of known hosts. Welcome to Ubuntu 19.10 (GNU/Linux 5.3.0-19-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Last login: Wed Oct 23 18:03:44 2019 [email protected]:~# #ubuntu-19 网络 设置参考18 # Cobbler+preseed自动化安装Ubuntu18/19系统 完成