说明: #Cobbler 部署不在详细说明# Ubuntu版本: 18.04.3 及19.10# 测试机器: kvm 虚拟机# 测试ip:192.168.3.63#使用vnc 进行连接操作 cobbler distro 添加Ubuntu 最新系统支持 cp /var/lib/cobbler/distro_sig
#Cobbler 部署不在详细说明 # Ubuntu版本: 18.04.3 及19.10 # 测试机器: kvm 虚拟机 # 测试ip:192.168.3.63 #使用vnc 进行连接操作
cobbler distro 添加Ubuntu 最新系统支持
cp /var/lib/cobbler/distro_signatures.json /var/lib/cobbler/distro_signatures.json.bak
vi /var/lib/cobbler/distro_signatures.json
"bionic": {
"signatures":["dists", ".disk"],
"version_file":"Release|mini-info",
"version_file_regex":"Codename: bionic|Ubuntu 18.04",
"kernel_arch":"linux-headers-(.*)\\.deb",
"kernel_arch_regex":null,
"supported_arches":["i386","amd64"],
"supported_repo_breeds":["apt"],
"kernel_file":"linux(.*)",
"initrd_file":"initrd(.*)\\.gz",
"isolinux_ok":false,
"default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed",
"kernel_options":"",
"kernel_options_post":"",
"boot_files":[]
},
"cosmic": {
"signatures":["dists", ".disk"],
"version_file":"Release|mini-info",
"version_file_regex":"Codename: cosmic|Ubuntu 18.10",
"kernel_arch":"linux-headers-(.*)\\.deb",
"kernel_arch_regex":null,
"supported_arches":["i386","amd64"],
"supported_repo_breeds":["apt"],
"kernel_file":"linux(.*)",
"initrd_file":"initrd(.*)\\.gz",
"isolinux_ok":false,
"default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed",
"kernel_options":"",
"kernel_options_post":"",
"boot_files":[]
},
"disco": {
"signatures":["dists", ".disk"],
"version_file":"Release|mini-info",
"version_file_regex":"Codename: disco|Ubuntu 19.04",
"kernel_arch":"linux-headers-(.*)\\.deb",
"kernel_arch_regex":null,
"supported_arches":["i386","amd64"],
"supported_repo_breeds":["apt"],
"kernel_file":"linux(.*)",
"initrd_file":"initrd(.*)\\.gz",
"isolinux_ok":false,
"default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed",
"kernel_options":"",
"kernel_options_post":"",
"boot_files":[]
},
"eoan": {
"signatures":["dists", ".disk"],
"version_file":"Release|mini-info",
"version_file_regex":"Codename: eoan|Ubuntu 19.10",
"kernel_arch":"linux-headers-(.*)\\.deb",
"kernel_arch_regex":null,
"supported_arches":["i386","amd64"],
"supported_repo_breeds":["apt"],
"kernel_file":"linux(.*)",
"initrd_file":"initrd(.*)\\.gz",
"isolinux_ok":false,
"default_kickstart":"/var/lib/cobbler/kickstarts/sample.seed",
"kernel_options":"",
"kernel_options_post":"",
"boot_files":[]
}
}, # 这个括号一定要曾在旧的可能在16号版本左右记得一定要放到ubuntu 标签里面
# 保存
# 重启cobblerd
service cobblerd restart
下载 Ubuntu 18.04.3 及19.10
#下载目录 /tmp cd /tmp wget https://mirror.tuna.tsinghua.edu.cn/ubuntu-cdimage/releases/18.04.3/release/ubuntu-18.04.3-server-amd64.iso wget https://mirror.tuna.tsinghua.edu.cn/ubuntu-cdimage/releases/19.10/release/ubuntu-19.10-server-amd64.iso # 说明 live 版本跟desktop 版本导入重启cobbler 会出错
挂载下载完成iso
mkdir -p /mnt/{ubuntu18,ubuntu19}
mount -t iso9660 -r -o ro,loop /tmp/ubuntu-18.04.3-server-amd64.iso /mnt/ubuntu18
mount -t iso9660 -r -o ro,loop /tmp/ubuntu-19.10-server-amd64.iso /mnt/ubuntu19
创建seed自动安装脚本及初始化系统设置脚本shell 文件
#创建ubuntu18043.seed
cd /var/lib/cobbler/kickstarts
vi ubuntu18043.seed
# Mostly based on the Ubuntu installation guide
# https://help.ubuntu.com/18.04/installation-guide/
# Debian sample
# https://www.debian.org/releases/stable/example-preseed.txt
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US
# Keyboard selection.
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us
d-i keyboard-configuration/toggle select No toggling
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
#set $myhostname = $getVar(‘hostname‘,$getVar(‘name‘,‘cobbler‘)).replace("_","-")
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string $myhostname
# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
# d-i hw-detect/load_firmware boolean true
# NTP/Time Setup
d-i time/zone string Asia/Shanghai
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string pool.ntp.org
# Setup the installation source
d-i mirror/country string manual
d-i mirror/http/hostname string $http_server
d-i mirror/http/directory string $install_source_directory
d-i mirror/http/proxy string
#set $os_v = $getVar(‘os_version‘,‘‘)
#if $breed == "ubuntu" and $os_v and $os_v.lower() != ‘precise‘
# Required at least for ubuntu 12.10+ , so test os_v is not precise. Olders versions are not supported anymore
d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
#end if
# Suite to install.
# d-i mirror/suite string precise
# d-i mirror/udeb/suite string precise
# Components to use for loading installer components (optional).
#d-i mirror/udeb/components multiselect main, restricted
# Disk Partitioning
# Use LVM, and wipe out anything that already exists
# d-i partman-auto/disk string /dev/sda # 多块硬盘时指定系统安装到那块硬盘kvm 虚拟机 /dev/vda
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-auto/method string regular
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-auto/choose_recipe select atomic
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/default_filesystem string ext4
d-i partman/mount_style select uuid
# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select atomic
# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
# d-i partman/default_filesystem string ext4
# root account and password
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password $default_password_crypted
# skip creation of a normal user account.
d-i passwd/make-user boolean false
# Uncomment this if you don‘t want to use a network mirror.
# d-i apt-setup/use_mirror boolean false
# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
d-i apt-setup/services-select multiselect security
d-i apt-setup/security_host string mirrors.aliyun.com
d-i apt-setup/security_path string /ubuntu
$SNIPPET(‘preseed_apt_repo_config‘)
# Package selection
# Default for minimal
tasksel tasksel/first multiselect standard
# Individual additional packages to install
# wget is REQUIRED otherwise quite a few things won‘t work
# later in the build (like late-command scripts)
#d-i pkgsel/include string ntp ssh wget
d-i pkgsel/include string ssh wget
# Debian needs this for the installer to avoid any question for grub
# Please verify that it suit your needs as it may overwrite any usb stick
#if $breed == "debian"
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
d-i grub-installer/bootdev string default
#end if
# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
d-i debian-installer/add-kernel-opts string $kernel_options_post
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note
# This first command is run as early as possible, just after preseeding is read.
# d-i preseed/early_command string [command]
d-i preseed/early_command string wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s
# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
# d-i preseed/late_command string [command]
d-i preseed/late_command string mkdir -p /target/root/.ssh ; wget -O /target/etc/apt/sources.list http://192.168.2.56/cobbler/ks_mirror/bash/sources.list.18 ; wget -P /target/root/ http://192.168.2.56/cobbler/ks_mirror/bash/ubuntu18.sh ; wget -P /target/root/.ssh http://192.168.2.56/cobbler/ks_mirror/bash/authorized_keys ; chmod 400 /target/root/.ssh/authorized_keys; cd /target ; chroot ./ sh /root/ubuntu18.sh
# 创建 ubuntu1910.seed
vi ubuntu1910.seed
# Mostly based on the Ubuntu installation guide
# https://help.ubuntu.com/18.04/installation-guide/
# Debian sample
# https://www.debian.org/releases/stable/example-preseed.txt
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US
# Keyboard selection.
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us
d-i keyboard-configuration/toggle select No toggling
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
#set $myhostname = $getVar(‘hostname‘,$getVar(‘name‘,‘cobbler‘)).replace("_","-")
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string $myhostname
# If non-free firmware is needed for the network or other hardware, you can
# configure the installer to always try to load it, without prompting. Or
# change to false to disable asking.
# d-i hw-detect/load_firmware boolean true
# NTP/Time Setup
d-i time/zone string Asia/Shanghai
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string pool.ntp.org
# Setup the installation source
d-i mirror/country string manual
d-i mirror/http/hostname string $http_server
d-i mirror/http/directory string $install_source_directory
d-i mirror/http/proxy string
#set $os_v = $getVar(‘os_version‘,‘‘)
#if $breed == "ubuntu" and $os_v and $os_v.lower() != ‘precise‘
# Required at least for ubuntu 12.10+ , so test os_v is not precise. Olders versions are not supported anymore
d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
#end if
# Suite to install.
# d-i mirror/suite string precise
# d-i mirror/udeb/suite string precise
# Components to use for loading installer components (optional).
#d-i mirror/udeb/components multiselect main, restricted
# Disk Partitioning
# Use LVM, and wipe out anything that already exists
# d-i partman-auto/disk string /dev/sda # 多块硬盘时指定系统安装到那块硬盘 kvm 虚拟机 /dev/vda
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-auto/method string regular
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-auto/choose_recipe select atomic
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/default_filesystem string ext4
d-i partman/mount_style select uuid
# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select atomic
# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
# d-i partman/default_filesystem string ext4
# root account and password
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password $default_password_crypted
# skip creation of a normal user account.
d-i passwd/make-user boolean false
# Uncomment this if you don‘t want to use a network mirror.
# d-i apt-setup/use_mirror boolean false
# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
d-i apt-setup/services-select multiselect security
d-i apt-setup/security_host string mirrors.aliyun.com
d-i apt-setup/security_path string /ubuntu
$SNIPPET(‘preseed_apt_repo_config‘)
# Package selection
# Default for minimal
tasksel tasksel/first multiselect standard
# Default for server
# tasksel tasksel/first multiselect standard, web-server
# Default for gnome-desktop
# tasksel tasksel/first multiselect standard, gnome-desktop
# Individual additional packages to install
# wget is REQUIRED otherwise quite a few things won‘t work
# later in the build (like late-command scripts)
#d-i pkgsel/include string ntp ssh wget
d-i pkgsel/include string ssh wget
# Debian needs this for the installer to avoid any question for grub
# Please verify that it suit your needs as it may overwrite any usb stick
#if $breed == "debian"
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
d-i grub-installer/bootdev string default
#end if
# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
d-i debian-installer/add-kernel-opts string $kernel_options_post
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note
# This first command is run as early as possible, just after preseeding is read.
# d-i preseed/early_command string [command]
d-i preseed/early_command string wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s
# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
# d-i preseed/late_command string [command]
d-i preseed/late_command string mkdir -p /target/root/.ssh ; wget -O /target/etc/apt/sources.list http://192.168.2.56/cobbler/ks_mirror/bash/sources.list.19 ; wget -P /target/root/ http://192.168.2.56/cobbler/ks_mirror/bash/ubuntu19.sh ; wget -P /target/root/.ssh http://192.168.2.56/cobbler/ks_mirror/bash/authorized_keys ; chmod 400 /target/root/.ssh/authorized_keys; cd /target ; chroot ./ sh /root/ubuntu19.sh
# 创建shell 文件
cd /var/www/cobbler/ks_mirror/bash/
# ubuntu18.sh
vi ubuntu18.sh
#!/bin/bash
###############################################set conf#################################################
#set ulimit
echo \#\!/bin/bash >> /etc/rc.local
echo "ulimit -SHn 1024000" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
* soft nofile 1024000
* hard nofile 1024000
* soft nproc 1024000
* hard nproc 1024000
EOF
# set max service processes
cat >> /etc/systemd/system.conf << EOF
DefaultLimitNOFILE=1024000
DefaultLimitNPROC=1024000
EOF
#set max user processes
#set ssh
sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/‘ /etc/ssh/sshd_config
sed -i ‘s/#UseDNS yes/UseDNS no/‘ /etc/ssh/sshd_config
#sed -i ‘s/#PermitRootLogin yes/#PermitRootLogin no/‘ /etc/ssh/sshd_config
systemctl restart sshd
#set sysctl
true > /etc/sysctl.conf
cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
fs.file-max = 1024000
fs.nr_open = 1024000
vm.swappiness = 0
vm.max_map_count = 2048000
vm.overcommit_memory = 1
kernel.sem =5010 641280 5010 128
kernel.pid_max = 4194303
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_mem = 786432 1697152 1945728
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 2048000
net.core.somaxconn = 65535
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 2048000
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
# net.ipv4.ip_local_reserved_ports = 8000-20000
net.ipv4.neigh.default.gc_stale_time=120
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_announce=2
EOF
/sbin/sysctl -p
echo "sysctl set OK!!"
#set profile
cat >> /etc/profile << EOF
ulimit -d unlimited
ulimit -m unlimited
ulimit -s unlimited
ulimit -v unlimited
ulimit -t unlimited
ulimit -c unlimited
EOF
source /etc/profile
#set dns
echo DNS=192.168.1.169 >>/etc/systemd/resolved.conf
echo DNS=192.168.1.8 >>/etc/systemd/resolved.conf
systemctl restart systemd-resolved.service
chmod +x /etc/rc.local
netplan apply
# 安装docker 使用 WARNING: No swap limit support
# sed -i ‘s/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"/‘ /etc/default/grub
#update-grub
apt update -y
systemctl stop ufw.service
systemctl disable ufw.service
rm -rf /root/ubuntu18.sh
# 创建 ubuntu19.sh
vi ubuntu19.sh
#!/bin/bash
###############################################set conf#################################################
#set ulimit
echo \#\!/bin/bash >> /etc/rc.local
echo "ulimit -SHn 1024000" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
* soft nofile 1024000
* hard nofile 1024000
* soft nproc 1024000
* hard nproc 1024000
EOF
# set max service processes
cat >> /etc/systemd/system.conf << EOF
DefaultLimitNOFILE=1024000
DefaultLimitNPROC=1024000
EOF
#set max user processes
#set ssh
sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/‘ /etc/ssh/sshd_config
sed -i ‘s/#UseDNS yes/UseDNS no/‘ /etc/ssh/sshd_config
#sed -i ‘s/#PermitRootLogin yes/#PermitRootLogin no/‘ /etc/ssh/sshd_config
systemctl restart sshd
#set sysctl
true > /etc/sysctl.conf
cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
fs.file-max = 1024000
fs.nr_open = 1024000
vm.swappiness = 0
vm.max_map_count = 2048000
vm.overcommit_memory = 1
kernel.sem =5010 641280 5010 128
kernel.pid_max = 4194303
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_mem = 786432 1697152 1945728
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 2048000
net.core.somaxconn = 65535
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 2048000
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
# net.ipv4.ip_local_reserved_ports = 8000-20000
net.ipv4.neigh.default.gc_stale_time=120
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_announce=2
EOF
/sbin/sysctl -p
echo "sysctl set OK!!"
#set profile
cat >> /etc/profile << EOF
ulimit -d unlimited
ulimit -m unlimited
ulimit -s unlimited
ulimit -v unlimited
ulimit -t unlimited
ulimit -c unlimited
EOF
source /etc/profile
#set dns
echo DNS=192.168.1.169 >>/etc/systemd/resolved.conf
echo DNS=192.168.1.8 >>/etc/systemd/resolved.conf
systemctl restart systemd-resolved.service
chmod +x /etc/rc.local
netplan apply
systemctl stop ufw.service
systemctl disable ufw.service
# 设置在KVM vnc 不能进入系统出现 Starting Show Plymouth Boot Screen... # 实体机没测试
echo FRAMEBUFFER=y | sudo tee /etc/initramfs-tools/conf.d/splash
sed -i ‘s/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/‘ /etc/default/grub
# 安装docker 使用 WARNING: No swap limit support
# sed -i ‘s/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"/‘ /etc/default/grub
update-initramfs -u
update-grub
apt update -y
rm -rf /root/ubuntu19.sh
# 创建更新源
# ubuntu18
vi sources.list.18
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
# ubuntu19
vi sources.list.19
deb http://mirrors.aliyun.com/ubuntu/ eoan main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-backports main restricted universe multiverse
# 创建私钥登陆 可以CP 其它服务或者自己创建
vi authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCcDzu0/9zVFjrYf5QNQrxhmZ4OOp5MPaujQb5SvHHJmo3d70bPhN4ubu7eeU+/f52UOfg16/PsR+5VPpk1JLDZCT6s+a0tnVY5xZBs2XyXJt6g/yaTVZMAmvXj6WFv72okhAHZtEj9GemzVfp7s3ZahiWnNVtxZQm7gjpQlmR4w0+HYOSVrnXY260m/vfRGWkcjNUvjrYzjgxLg9zl+I8j9jlYxQQFq3hRezD4nvXXv/CJUPWYiZd+AvIBUHvsCf5/bQ3BFgWBw9FNPCJomsPm/FZymqA22tMqRFssq4KvLYdPJXsaBJTv454yPom8pkPCiUNe9pu4xpKbWPHbuOAj [email protected]
#设置文件权限不然下载不成功
chmod 666 authorized_keys
导入镜像到cobbler
cobbler import --path=/mnt/ubuntu19 --name=ubuntu-19.10 --kickstart=/var/lib/cobbler/kickstarts/ubuntu1910.seed --arch=x86_64 cobbler import --path=/mnt/ubuntu18 --name=ubuntu-18.04.3 --kickstart=/var/lib/cobbler/kickstarts/ubuntu18043.seed --arch=x86_64 # 等待导入完成 cobbler list distros: ubuntu-18.04.3-hwe-x86_64 ubuntu-18.04.3-x86_64 ubuntu-19.10-x86_64 profiles: ubuntu-18.04.3-hwe-x86_64 ubuntu-18.04.3-x86_64 ubuntu-19.10-x86_64 systems: repos: ubuntu-18.04.3-hwe-x86_64 ubuntu-18.04.3-x86_64 ubuntu-19.10-x86_64 images: mgmtclasses: packages: files: # repos 可以删除也可以修改成国内源 这里我修改成国内阿里云源 cd /var/lib/cobbler/config/repos.d/ [[email protected] repos.d]# ls ubuntu-18.04.3-hwe-x86_64.json ubuntu-18.04.3-x86_64.json ubuntu-19.10-x86_64.json # 修改成阿里云源 # 重启cobbler 使修改生效 systemctl restart cobblerd.service
测试镜像是否能正常安装
# 在一台安装好kvm 集群创建硬破 mkdir -p /apps/vmfs # 创建硬盘 qemu-img create -f qcow2 /apps/vmfs/ubuntu18.img 500G qemu-img create -f qcow2 /apps/vmfs/ubuntu19.img 500G # 创建虚拟机 virt-install -n ubuntu18 --vcpus=8 --ram=16381 --os-type=liunx --os-variant=rhel7 --disk path=/apps/vmfs/ubuntu18.img,format=qcow2,bus=virtio --graphics vnc,listen=0.0.0.0 --network=bridge:br0 --pxe --cpu=host-passthrough --noautoconsole virt-install -n ubuntu19 --vcpus=8 --ram=16381 --os-type=liunx --os-variant=rhel7 --disk path=/apps/vmfs/ubuntu19.img,format=qcow2,bus=virtio --graphics vnc,listen=0.0.0.0 --network=bridge:br0 --pxe --cpu=host-passthrough --noautoconsole # 查看vnc 端口 [[email protected] ~]# netstat -tnulp| grep qemu-kvm tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 76089/qemu-kvm # 使用vnc 连接
# 检查自动优化是否成功 ssh 能否使用私钥登陆
[email protected]:~# ssh 192.168.3.63
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-66-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Last login: Wed Oct 23 17:15:12 2019
[email protected]:~#
# 能成功登陆
# dns 是否设置成功# 如果不设置是不能用域名连接外网的
[email protected]:~# more /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details
[Resolve]
#DNS=
#FallbackDNS=
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#Cache=yes
#DNSStubListener=yes
DNS=192.168.1.169
DNS=192.168.1.8
[email protected]:~# ping qq.com
PING qq.com (58.60.9.21) 56(84) bytes of data.
64 bytes from 58.60.9.21 (58.60.9.21): icmp_seq=1 ttl=53 time=7.02 ms
64 bytes from 58.60.9.21 (58.60.9.21): icmp_seq=2 ttl=53 time=6.98 ms
# 静态IP 设置
apt install vim -y
#修改 vim 配置关闭自动缩进,不然修改yaml 文件会自动缩进错乱
在粘贴数据之前,输入下面指定开启paste模式
:set paste
粘贴完毕后,输入下面指定关闭paste模式
:set nopaste
vim /etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: networkd
ethernets:
ens3:
dhcp4: no
addresses: [192.168.3.63/23]
gateway4: 192.168.2.2
dhcp6: yes
# 检查配置是否有错误
netplan try
[email protected]:~# netplan try
Do you want to keep these settings?
Press ENTER before the timeout to accept the new configuration
Changes will revert in 116 seconds
Configuration accepted.
# 刷新配置
netplan apply
[email protected]:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.2 0.0.0.0 UG 100 0 0 ens3
192.168.2.0 0.0.0.0 255.255.254.0 U 0 0 0 ens3
192.168.2.2 0.0.0.0 255.255.255.255 UH 100 0 0 ens3
[email protected]:~#
[email protected]:~# netplan try
Do you want to keep these settings?
Press ENTER before the timeout to accept the new configuration
Changes will revert in 120 seconds
Configuration accepted.
[email protected]:~# netplan apply
[email protected]:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.2 0.0.0.0 UG 0 0 0 ens3
192.168.2.0 0.0.0.0 255.255.254.0 U 0 0 0 ens3
[email protected]:~# ssh 192.168.3.63 The authenticity of host ‘192.168.3.63 (192.168.3.63)‘ can‘t be established. ECDSA key fingerprint is SHA256:ENH403+PiVDKHbLyGZrgZ/7TeReYpyBsekTxP+lzzNQ. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘192.168.3.63‘ (ECDSA) to the list of known hosts. Welcome to Ubuntu 19.10 (GNU/Linux 5.3.0-19-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Last login: Wed Oct 23 18:03:44 2019 [email protected]:~# #ubuntu-19 网络 设置参考18 # Cobbler+preseed自动化安装Ubuntu18/19系统 完成