使用KS文件进行自动化的linux系统安装,无需有人进行安装时的配置操作,提前写好配置文件,在linux启动之前进行内核命令加载,装好系统后无需进行配置和调整,直接ssh进行正常运维操作
搜集的资料
虚拟连接关系
+------+ +-----+
Internet --> | eth1 | <==> | br1 | -> KVM VMs connected to the Inernet
+------+ +-----+
192.168.122.X/24 bridge to NAT ethernet card
- The -x option is used to pass additional kernel command line to the installer when performing a guest install.The ks option sets ks file location and rest are networking options so that installer can fetch ks.cfg and do automated installation for you.
- 参考参数
--noautoconsole \ # 加入这个参数告诉virt-install不跟踪系统安装的过程
--initrd-inject ks-1.cfg # 自动部署的配置文件(可含路径)
--extra-args="ks=file:/ks-1.cfg" # 注入vm后的文件名,不要含路径
网上找的KS文件(只做参考使用)
kickstart file(template) from internet
virt-install argument:
-x "ks=http://10.10.21.3/static/ks.cfg ksdevice=eth0 ip=10.10.21.76 \
netmask=255.255.255.240 dns=10.10.21.1 gateway=10.10.21.100"
~~~~~~~~~~未测试~~~~~~~~~~~~~~~~~
auth --useshadow --enablemd5
bootloader --location=mbr
zerombr
clearpart --all --initlabel
text
firewall --enabled --port=22:tcp
firstboot --disable
keyboard us
network --device eth0 --bootproto static --ip 10.10.21.76 --netmask 255.255.255.240 --gateway 10.10.21.100 --nameserver 10.10.21.1,10.10.21.2 --noipv6
network --device eth1 --bootproto static --ip 123.1.2.6 --netmask 255.255.255.240 --gateway 123.1.2.100 --nameserver 10.10.21.1,10.10.21.2 --hostname centos.nixcraft.in --noipv6
lang en_US
logging --level=info
url --url=http://mirrors.nixcraft.in/centos/5.5/os/x86_64/
reboot
rootpw --iscrypted $1$somepassword
selinux --enforcing
skipx
timezone America/New_York
install
part / --bytes-per-inode=4096 --fstype="ext3" --grow --size=1
part swap --recommended
%packages
@core
--nobase
%post
(
echo '10.0.0.0/8 via 10.10.21.100' > /etc/sysconfig/network-scripts/route-eth0
sed -i 's/LABEL=\//& console=ttyS0/' /etc/grub.conf
echo 'S0:12345:respawn:/sbin/agetty ttyS0 115200' >> /etc/inittab
echo "ttyS0" >> /etc/securetty
echo 'IPV6INIT=no' >> /etc/sysconfig/network
echo 'install ipv6 /bin/true' >> /etc/modprobe.conf
) 1>/root/post_install.log 2>&1
=======以下为模板二===========================
# Install OS instead of upgrade
install
# Use network installation
cdrom
# Root password
rootpw Start123
# System authorization information
auth --useshadow --passalgo=sha512
# Firewall configuration
firewall --disabled
# SELinux configuration
selinux --permissive
# Installation logging level
logging --level=info
# Use text mode install
text
# Do not configure the X Window System
skipx
# System timezone, language and keyboard
timezone --utc Europe/Bratislava
lang en_US.UTF-8
# keyboard dk-latin1
# Network information
# network --bootproto=static --ip=192.168.122.110 --device=eth0 --onboot=on
# If you want to configure a static IP:
network --device eth0 --hostname k8s-1 --bootproto=static --ip=192.168.122.111 --netmask=255.255.255.0 --gateway=192.168.122.1 --nameserver 192.168.122.1
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="ext4" --size=512
#part swap --fstype="swap" --recommended
part /var --fstype="ext4" --size=5120 --grow
part / --fstype="ext4" --size=1024 --grow
part /usr --fstype="ext4" --size=3072
part /home --fstype="ext4" --size=512
part /tmp --fstype="ext4" --size=1024
# Reboot after installation
reboot
%packages --nobase
@core
# @base
%end
%post --log=/root/ks-post.log
#---- Install packages used by kubernetes
#yum install -y socat libseccomp-devel btrfs-progs-devel util-linux nfs-utils conntrack-tools.x86_64
#---- Set bridge-nf-call
echo "net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1" > /etc/sysctl.conf
#---- Add user RKE -----
groupadd docker
adduser rke
echo "rke:praqma" | chpasswd
usermod -aG docker rke
#---- Install our SSH key ----
mkdir -m0700 /home/rke/.ssh/
cat <<EOF >/home/rke/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9F5hTts3U+E10PHRxViM3PX+DZPgBIcL7Uj/Py+udJWehhobnJmj2EoaUYbykm7VdpjImLpjas2Vhb/gNZ+wVWGho1mzWoCPl2fZ7oLXrGdDHXhlyocvfX3XPB6Y1kbFlfh7+4bUaA7w2Dg4x8LO/iXlF34z6IOa2xgx1R70Xc/97lkRMhsKszRBzwGVin6qUqdVmdXg3d0dRUnq039+q8NWUcKAz2w6F/HO7u3N7NhsSLnlpQ9+AztLvHEPeRP6UNex9a8sSHo5Jzc/mjVKGfInfWjp3nru88mwM4UQRbhhW5IeLXgALCa++H4qZw1ivZtVadXBHjK4JMKC1UWD1 rancher@k8s
EOF
### Disabling swap (now and permently)
swapoff -a
sed -i '/^\/swapfile/ d' /etc/fstab
### set permissions
chmod 0600 /home/rke/.ssh/authorized_keys
chown -R rke:rke /home/rke/.ssh
### fix up selinux context
restorecon -R /home/rke/.ssh/authorized_keys
### Install Docker
#yum install docker -y
#systemctl enable docker
%end
~~~~~~模板三~~~~~~~~~~~~~~~·
[root@kickstart ~]# cat /var/ftp/kickstart_hash.cfg
install
text
cdrom
lang en_US
keyboard us
network --bootproto dhcp onboot=yes
zerombr
bootloader --location mbr
timezone America/Denver
auth --enablemd5 --enableshadow
selinux --disabled
rootpw redhat#1
firewall --disabled
skipx
clearpart --all --initlabel
reboot
part /boot --fstype=ext3 --size=200
part pv.01 --size=1000 --grow
part swap --size=1000 --fstype=swap
volgroup myvg pv.01
logvol /home --vgname=myvg --name=homevol --size=500
logvol / --vgname=myvg --name=rootvol --size=1000 --grow
%packages
@base
-kexec-tools
-NetworkManager
步骤
- 准备KS文件
install
text
cdrom
reboot
keyboard 'us'
#Root password
rootpw Asdfzxcv1@
# System timezone
timezone Asia/Shanghai
# System language
lang en_US
# Firewall configuration
firewall --enabled --ssh
# System authorization information
auth --useshadow --passalgo=sha512
# Use network installation
# url --url=http://199.180.100.115/zjmf/images/linux/CentOS-8-x86_64_1660615232
url --url=https://mirrors.mit.edu/centos/7.9.2009/os/x86_64/
# SELinux configuration
selinux --disabled
# System bootloader configuration
# bootloader --location=mbr --append="net.ifnames=0 biosdevname=0"
# bootloader --location=mbr --append= "net.ifnames=0 biosdevname=0 rhgb quiet"
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
autopart
# Network information
%include /tmp/eth-include
skipx
%packages
openssh-server
caching-nameserver
wget
%end
%pre --interpreter=/usr/bin/bash
# MAC="e0:db:55:fc:f2:bc"
# ETH="eth0"
# shopt -s nocasematch
# cd /sys/class/net
# for device in *
# do
# if [ `cat $device/address` == $MAC ] ; then
# ETH=$device
# fi
# done
# echo "network --device=$ETH --bootproto=static --ip=107.148.193.162 --netmask=255.255.255.192 --gateway=107.148.193.190 --nameserver=8.8.8.8 --hostname=S202210122301" > /tmp/eth-include
# curl http://199.180.100.115/zjmf/ipxe/option/status/S202210122301/partitioning/40
# curl -o /tmp/get_hardware_info.sh http://199.180.100.115/zjmf/ipxe/option/get_hardware_info/S202210122301
# bash /tmp/get_hardware_info.sh > /dev/null 2>&1 < /dev/null &
# curl -o /tmp/upload_log.sh http://199.180.100.115/zjmf/ipxe/option/pre_scripts/S202210122301
# bash /tmp/upload_log.sh > /dev/null 2>&1 < /dev/null &
%end
%post
# sed -i "s/.*Port .*/Port 22/g" /etc/ssh/sshd_config
# cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services
# sed -i 's/port=".*"/port="22"/' /etc/firewalld/services/ssh.xml
# echo "nameserver 8.8.8.8" > /etc/resolv.conf
# echo "nameserver 114.114.114.114" > /etc/resolv.conf
#
# curl "http://199.180.100.115/zjmf/ipxe/option/status/S202210122301/post_scripts/90"
# curl -s http://199.180.100.115/zjmf/ipxe/option/scripts/S202210122301 |/bin/bash
# curl "http://199.180.100.115/zjmf/ipxe/option/status/S202210122301/finish/100"
# curl -s "http://199.180.100.115/zjmf/ipxe/option/dhcp/stop_dhcp/S202210122301"
%end
测试如下命令
virt-install \
--name=vm01 \
--ram 1200 \
--virt-type kvm \
--vcpus=2 \
--disk path=/images/testdrive01,size=20 \
--vnc --vncport=5911 --vnclisten=0.0.0.0 \
--cdrom /images/isos/CentOS-7-x86_64-Minimal-2009.iso \
-x ks-vm04.ks
--network bridge=virbr0 \
错误:ERROR Kernel arguments are only supported with location or kernel installs.
问题:不可以使用cdrom参数进行内核参数注入!
👉这篇 文章介绍了如果通过cdrom启动时无法修改内核启动参数的,也就是说无法加载ks文件中的内容,建议通过PXE形式启动,加载配置文件和对应iso。这样可以正确进行安装,也就是还是通过pxe的内核启动进行ks文件的加载 (这是一个解决方法)
搭建简单的http 服务,使内核可以访问服务器上的ks配置
pip3 install httpserver
# httpserver -a 0.0.0.0 -p 80 -h myserver /path/to/www
httpserver -a 0.0.0.0 -p 8080 /images/ks/ &
firewall-cmd --add-port 8080/tcp
#测试访问
curl localhost:8080/ks-vm04.ks
firewall-cmd --add-port 8080/tcp
将KS参数该为http引入(实验过程,并没有成功)
virt-install --name vm03 \
--description "this is my Centos 7 " \
--ram 2048 \
--vcpus 2 \
--disk path=/images/testdrive03,size=15 \
--os-type linux \
--os-variant "centos8" \
--network bridge=virbr0 \
--graphics vnc,listen=0.0.0.0,port=5900 \
--location /images/isos/CentOS-7-x86_64-Minimal-2009.iso \
--noautoconsole \
--initrd-inject /images/ks/ks-vm04.ks
--extra-args="ks=http://192.168.122.1:8080/ks-vm04.ks"
##错误 猜测原因
> 也许时VM中内核并没有被分配ip,无法http通信
> 文件目录未必正确
> 检查KS文件中network没有设置成dhcp
修正ks文件,修正网卡为default
cd /images/ks/
python -m http.server & #创建python 的http服务
firewall-cmd --add-port 8000/tcp
virsh destroy vm04
virsh undefine vm04
rm -f /images/testdrive04
virt-install --name vm04 \
--description "this is my Centos 7 " \
--ram 2048 \
--vcpus 2 \
--disk path=/images/testdrive04,size=30 \
--os-type linux \
--os-variant "centos7" \
--network network=default \
--graphics vnc,listen=0.0.0.0,port=5901 \
--location /images/isos/CentOS-7-x86_64-Minimal-2009.iso \
--initrd-inject /images/ks/ks-vm04.ks \
--extra-args="ks=file:ks-vm04.ks"
#--extra-args="ks=http://107.148.193.162:8000/ks-vm04.ks" \
#--extra-args='ks=http://192.168.122.1:8080/ks-vm04.ks console=ttyS0' \
#--graphics none \
#--initrd-inject=/opt/kvm/anaconda-ks.cfg \
# --noautoconsole \
#--extra-args="ks=http://192.168.122.1:8080/ks-vm04.ks"
# 感觉是镜像的问题,搞不懂了。。。
👉如果再内核参数配置了console则使用virsh console vm04 连接到客户机, ctrl + ] 退出
问题总结:
🧨内核参数 调用 --extra-args="ks=file:ks-vm04.ks",文件前不可以加路径,此文件使给initrd初始化时提供的文件,他找不到宿主机的文件路径!!!
最后的成功
前面都失败,试一下网络安装,采用mit.edu的centos镜像(成功)
virsh destroy vm01
virsh undefine vm01
rm -f /images/testdrive01
virt-install \
--name=vm01 \
--ram 2048 \
--virt-type kvm \
--vcpus=2 \
--noautoconsole \
--disk path=/images/testdrive01,size=20 \
--vnc --vncport=5900 --vnclisten=0.0.0.0 \
--location=https://mirrors.mit.edu/centos/7.9.2009/os/x86_64/ \
--network bridge=virbr0 \
--initrd-inject /images/ks/ks-vm04.ks \
--extra-args="ks=file:ks-vm04.ks"
# 附加成功的ks文件
text
network
lang en_US
keyboard us
network --bootproto dhcp
url --url=https://mirrors.mit.edu/centos/7.9.2009/os/x86_64/
zerombr
bootloader --location mbr
timezone America/Denver
auth --enablemd5 --enableshadow
selinux --disabled
rootpw Asdfzxcv1@
firewall --disabled
skipx
clearpart --all --initlabel
autopart
reboot
%packages
%end
遇到的问题
- 网卡需要统一命名,不然脚本无法判定网卡编号
- ip需要提前想好,不然每个虚机的ip是不一样的,除非在分配IP的时候使用dhcp进行分配
- cdrom无法加载ks参数,使用内核模式即--location传入iso路径