Sawubona, ngingu-Denis futhi enye yezindawo engisebenza kuzo ukuthuthukiswa kwezixazululo zengqalasizinda ku-X5. Namuhla ngingathanda ukwabelana nawe ukuthi ungakhipha kanjani isistimu yokulungiselela iseva ezenzakalelayo ngokusekelwe kumathuluzi atholakala esidlangalaleni. Ngokubona kwami, lesi yisixazululo esithakazelisayo, esilula futhi esivumelana nezimo.
Ngokulungiselela siqonde: vula iseva entsha ebhokisini uyifake kuseva emiswe ngokugcwele ene-OS. I-Linux noma nge-ESXi hypervisor (ukuthunyelwa kwamaseva e-Windows akuxoxwa ngakho kulesi sihloko).
Imibandela:
- amaseva β amaseva adinga ukumiswa.
- iseva yokufaka iyiseva eyinhloko ehlinzeka yonke inqubo yokulungiselela ngenethiwekhi.
Kungani kudingeka okuzenzakalelayo?
Ake sithi kunomsebenzi: ukulungisa kakhulu amaseva kusukela ekuqaleni, endaweni ephakeme - 30 ngosuku. Amaseva abakhiqizi abahlukene namamodeli, amasistimu wokusebenza ahlukene angase afakwe kuwo, futhi angase abe ne-hypervisor noma angabi nayo.
Imiphi imisebenzi efakiwe kunqubo yokusetha (ngaphandle kokuzenzakalela):
- xhuma ikhibhodi, igundane, qapha kuseva;
- lungisa i-BIOS, i-RAID, i-IPMI;
- buyekeza ingxenye ye-firmware;
- sebenzisa isithombe sesistimu yefayela (noma faka i-hypervisor bese ukopisha imishini ebonakalayo);
Qaphela. Kungenjalo, ukuthunyelwa kwe-OS kungenzeka ngokufaka ngefayela lokuphendula okuzenzakalelayo. Kodwa lokhu ngeke kuxoxwe ngakho esihlokweni. Nakuba uzobona ngezansi ukuthi ukwengeza lokhu kusebenza akunzima.
- lungisa amapharamitha we-OS (igama lomethuleli, i-IP, njll.).
Ngale ndlela, izilungiselelo ezifanayo zenziwa ngokulandelana kuseva ngayinye. Ukusebenza kahle komsebenzi onjalo kuphansi kakhulu.
Ingqikithi yokuzenzakalela iwukuqeda ukubamba iqhaza komuntu kunqubo yokulungiselela iseva. Ngangokunokwenzeka.
Ukuzenzakalela kunciphisa isikhathi sokuphumula phakathi kokusebenza futhi kwenza kube nokwenzeka ukuhlinzeka ngamaseva amaningi ngesikhathi esisodwa. Amathuba okuba namaphutha ngenxa yezici zomuntu nawo ancishiswe kakhulu.
Amaseva acushwa kanjani ngokuzenzakalelayo?
Ake sihlaziye zonke izigaba ngokuningiliziwe.
Uneseva ye-Linux oyisebenzisa njengeseva yokufaka ye-PXE. Amasevisi afakiwe futhi amisiwe kuyo: DHCP, TFTP.
Ngakho-ke, sivula iseva (edinga ukulungiswa) nge-PXE. Masikhumbule ukuthi kusebenza kanjani:
- Ukuqalisa kwenethiwekhi kukhethiwe kuseva.
- Iseva ilayisha i-PXE-ROM yekhadi lenethiwekhi bese ithinta iseva yokufaka nge-DHCP ukuze ithole ikheli lenethiwekhi.
- Iseva yokufaka ye-DHCP ikhipha ikheli, kanye nemiyalelo yokuqhubeka nokulanda nge-PXE.
- Iseva ilayisha i-bootloader yenethiwekhi isuka kuseva yokufaka nge-PXE, ukulayisha okwengeziwe kwenzeka ngokwefayela lokumisa le-PXE.
- I-boot ivela ngokusekelwe kumapharamitha atholiwe (i-kernel, i-initramfs, amaphuzu okukhweza, isithombe se-squashfs, njll.).
Qaphela. Isihloko sichaza ukuqala nge-PXE ngemodi ye-BIOS. Njengamanje, abakhiqizi basebenzisa i-UEFI bootmode ngenkuthalo. Ku-PXE, umehluko uzoba ekucushweni kweseva ye-DHCP kanye nokuba khona kwe-bootloader eyengeziwe.
Ake sibheke isibonelo sokucushwa kweseva ye-PXE (imenyu ye-pxelinux).
Ifayela elithi pxelinux.cfg/default:
default menu.c32
prompt 0
timeout 100
menu title X5 PXE Boot Menu
LABEL InstallServer Menu
MENU LABEL InstallServer
KERNEL menu.c32
APPEND pxelinux.cfg/installserver
LABEL VMware Menu
MENU LABEL VMware ESXi Install
KERNEL menu.c32
APPEND pxelinux.cfg/vmware
LABEL toolkit // ΠΌΠ΅Π½Ρ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ
MENU LABEL Linux Scripting Toolkits
MENU default
KERNEL menu.c32
APPEND pxelinux.cfg/toolkit // ΠΏΠ΅ΡΠ΅Ρ
ΠΎΠ΄ Π½Π° ΡΠ»Π΅Π΄ΡΡΡΠ΅Π΅ ΠΌΠ΅Π½ΡIfayela elithi pxelinux.cfg/toolkit:
prompt 0
timeout 100
menu title X5 PXE Boot Menu
label mainmenu
menu label ^Return to Main Menu
kernel menu.c32
append pxelinux.cfg/default
label x5toolkit-auto // ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ β Π°Π²ΡΠΎΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΈΠΉ ΡΠ΅ΠΆΠΈΠΌ
menu label x5 toolkit autoinstall
menu default
kernel toolkit/tkcustom-kernel
append initrd=toolkit/tk-initramfs.gz quiet net.ifnames=0 biosdevname=0 nfs_toolkit_ip=192.168.200.1 nfs_toolkit_path=tftpboot/toolkit nfs_toolkit_script=scripts/mount.sh script_cmd=master-install.sh CMDIS2=ββ¦β
label x5toolkit-shell // Π΄Π»Ρ ΠΎΡΠ»Π°Π΄ΠΊΠΈ - ΠΊΠΎΠ½ΡΠΎΠ»Ρ
menu label x5 toolkit shell
kernel toolkit/tkcustom-kernel
append initrd=toolkit/tkcustom-initramfs.gz quiet net.ifnames=0 biosdevname=0 nfs_toolkit_ip=192.168.200.1 nfs_toolkit_path=tftpboot/toolkit nfs_toolkit_script=scripts/mount.sh script_cmd=/bin/bash CMDIS2=ββ¦βI-kernel kanye ne-initramfs kulesi sigaba yisithombe se-Linux esimaphakathi, ngosizo lapho ukulungiswa okuyinhloko nokuhlelwa kweseva kuzokwenzeka.
Njengoba ubona, i-bootloader idlulisela imingcele eminingi ku-kernel. Eminye yale mingcele isetshenziswa yi-kernel ngokwayo. Futhi singasebenzisa ezinye ngezinjongo zethu. Lokhu kuzoxoxwa ngakho kamuva, kodwa okwamanje ungakhumbula nje ukuthi wonke amapharamitha adlulisiwe azotholakala esithombeni seLinux esimaphakathi nge/proc/cmdline.
Ngingazithola kuphi, i-kernel ne-initramfs?
Njengesisekelo, ungakhetha noma yikuphi ukusatshalaliswa kwe-Linux. Esikunakayo lapho sikhetha:
- isithombe sokuqalisa kufanele sibe yindawo yonke (ukutholakala kwabashayeli, ikhono lokufaka izinsiza ezengeziwe);
- Ngokunokwenzeka, uzodinga ukwenza ngokwezifiso ama-initramfs.
Kwenziwa kanjani lokhu kusixazululo sethu se-X5? Kwakhethwa i-CentOS 7 njengesisekelo. Ake sizame iqhinga elilandelayo: lungiselela ukwakheka kwesithombe esizayo, sikupakishe endaweni yomlando bese udala i-initramfs, ngaphakathi kuyo okuzoba nengobo yomlando yesistimu yethu yefayela. Lapho kulayishwa isithombe, ingobo yomlando izonwetshwa ibe ingxenye edaliwe ye-tmpfs. Ngale ndlela sizothola isithombe esincane, kodwa esigcwele ngokugcwele se-linux esinazo zonke izinsiza ezidingekayo, ezihlanganisa amafayela amabili kuphela: i-vmkernel ne-initramfs.
#ΡΠΎΠ·Π΄Π°Π΅ΠΌ Π΄ΠΈΡΠ΅ΠΊΡΠΎΡΠΈΠΈ:
mkdir -p /tftpboot/toolkit/CustomTK/rootfs /tftpboot/toolkit/CustomTK/initramfs/bin
#ΠΏΠΎΠ΄Π³ΠΎΡΠ°Π²Π»ΠΈΠ²Π°Π΅ΠΌ ΡΡΡΡΠΊΡΡΡΡ:
yum groups -y install "Minimal Install" --installroot=/tftpboot/toolkit/CustomTK/rootfs/
yum -y install nfs-utils mariadb ntpdate mtools syslinux mdadm tbb libgomp efibootmgr dosfstools net-tools pciutils openssl make ipmitool OpenIPMI-modalias rng-tools --installroot=/tftpboot/toolkit/CustomTK/rootfs/
yum -y remove biosdevname --installroot=/tftpboot/toolkit/CustomTK/rootfs/
# ΠΏΠΎΠ΄Π³ΠΎΡΠ°Π²Π»ΠΈΠ²Π°Π΅ΠΌ initramfs:
wget https://busybox.net/downloads/binaries/1.31.0-defconfig-multiarch-musl/busybox-x86_64 -O /tftpboot/toolkit/CustomTK/initramfs/bin/busybox
chmod a+x /tftpboot/toolkit/CustomTK/initramfs/bin/busybox
cp /tftpboot/toolkit/CustomTK/rootfs/boot/vmlinuz-3.10.0-957.el7.x86_64 /tftpboot/toolkit/tkcustom-kernel
# ΡΠΎΠ·Π΄Π°Π΅ΠΌ /tftpboot/toolkit/CustomTK/initramfs/init (Π½ΠΈΠΆΠ΅ ΡΠΎΠ΄Π΅ΡΠΆΠ°Π½ΠΈΠ΅ ΡΠΊΡΠΈΠΏΡΠ°):
#!/bin/busybox sh
/bin/busybox --install /bin
mkdir -p /dev /proc /sys /var/run /newroot
mount -t proc proc /proc
mount -o mode=0755 -t devtmpfs devtmpfs /dev
mkdir -p /dev/pts /dev/shm /dev/mapper /dev/vc
mount -t devpts -o gid=5,mode=620 devpts /dev/pts
mount -t sysfs sysfs /sys
mount -t tmpfs -o size=4000m tmpfs /newroot
echo -n "Extracting rootfs... "
xz -d -c -f rootfs.tar.xz | tar -x -f - -C /newroot
echo "done"
mkdir -p /newroot/dev /newroot/proc /newroot/sys
mount --move /sys /newroot/sys
mount --move /proc /newroot/proc
mount --move /dev /newroot/dev
exec switch_root /newroot /sbin/init
# ΡΠΏΠ°ΠΊΠΎΠ²ΡΠ²Π°Π΅ΠΌ rootfs ΠΈ initramfs:
cd /tftpboot/toolkit/CustomTK/rootfs
tar cJf /tftpboot/toolkit/CustomTK/initramfs/rootfs.tar.xz --exclude ./proc --exclude ./sys --exclude ./dev .
cd /tftpboot/toolkit/CustomTK/initramfs
find . -print0 | cpio --null -ov --format=newc | gzip -9 > /tftpboot/toolkit/tkcustom-initramfs-new.gzNgakho-ke sicacise i-kernel nama-initramfs okufanele alayishwe. Ngenxa yalokho, kulesi sigaba, ngokulayisha isithombe se-linux esiphakathi nge-PXE, sizothola ikhonsoli ye-OS.
Kuhle, kodwa manje sidinga ukudlulisela ukulawula βku-automationβ yethu.
Kungenziwa kanje.
Ake sicabange ukuthi ngemva kokulayisha isithombe sihlela ukudlulisa ukulawula kusikripthi se-mount.sh.
Masifake isikripthi se-mount.sh ku-autorun. Ukuze wenze lokhu uzodinga ukulungisa i-initramfs:
- khipha i-initramfs (uma sisebenzisa inketho ye-initramfs engenhla, lokhu akudingekile)
- faka ikhodi ekuqaliseni ezohlaziya amapharamitha adlule ku-/proc/cmdline kanye nokulawula kokudlulisa ngokuqhubekayo;
- iphakethe initramfs.
Qaphela. Endabeni yekhithi yamathuluzi ye-X5, isilawuli sokulayisha sidluliselwa kuskripthi /opt/x5/toolkit/bin/hook.sh Ρ ΠΏΠΎΠΌΠΎΡΡΡ override.conf Π² getty tty1 (ExecStart=β¦)
Ngakho, isithombe siyalayishwa, lapho iskripthi se-mount.sh siqala ku-autorun. Okulandelayo, iskripthi se-mount.sh sihlaziya amapharamitha adlulisiwe (script_cmd=) phakathi nokusetshenziswa futhi sethula uhlelo/iskripthi esidingekayo.
ilebula ikhithi yamathuluzi-imoto
i-kernel...
engeza... nfs_toolkit_script=scripts/mount.sh script_cmd=master-install.sh
ilebula ikhithi yamathuluzi-igobolondo
i-kernel...
engeza... nfs_toolkit_script=scripts/mount.sh script_cmd=/bin/bash
Lapha kwesokunxele kunemenyu ye-PXE, kwesokudla kunomdwebo wokudlulisa isilawuli.
Sithole ukudluliswa kokulawula. Kuye ngokukhethwa kwemenyu ye-PXE, kungaba umbhalo wokuzilungiselela okuzenzakalelayo noma ikhonsoli yokususa iphutha yethulwa.
Endabeni yokucushwa okuzenzakalelayo, izinkomba ezidingekayo zifakwa kuseva yokufaka, equkethe:
- imibhalo;
- izifanekiso ze-BIOS/UEFI ezigciniwe zamaseva ahlukahlukene;
- i-firmware;
- izinsiza zeseva;
- izingodo
Okulandelayo, iskripthi se-mount.sh sidlulisela isilawuli kusikripthi se-master-install.sh kusuka kuhla lwemibhalo.
Isihlahla sombhalo (uhlelo ezethulwe ngalo) sibukeka kanje:
- faka okuyinhloko
- ukwabelana (imisebenzi eyabiwe)
- ulwazi (okuphumayo kolwazi)
- amamodeli (ukusetha amapharamitha wokufaka ngokusekelwe kumodeli yeseva)
- ukulungiselela_utils (ukufakwa kwezinsiza ezidingekayo)
- fwupdate (isibuyekezo se-firmware)
- idayagi (ukuxilongwa okuyisisekelo)
- i-biosconf (izilungiselelo ze-BIOS/UEFI)
- ukulungiswa kwewashi (ukusetha isikhathi ebhodini lomama)
- srmconf (ukulungiswa kwesixhumi esibonakalayo esikude)
- i-raidconf (ilungisa amavolumu anengqondo)
okukodwa kwe:
- faka kuqala (ukudlulisa ukulawula ku-OS noma isifaki se-hypervisor, njenge-ESXi)
- ukufakwa okuhlanganisiwe (ukuqala ngokushesha kokukhipha isithombe)
Manje siyazi:
- uyivula kanjani iseva nge-PXE;
- ukudlulisa kanjani ukulawula kusikripthi sakho.
Asiqhubeke. Imibuzo elandelayo ibe usizo:
- Indlela yokuhlonza iseva esiyilungiselelayo?
- Yiziphi izinsiza kanye nendlela yokumisa iseva?
- Uzithola kanjani izilungiselelo zeseva ethile?
Indlela yokuhlonza iseva esiyilungiselelayo?
Kulula - i-DMI:
dmidecode βs system-product-name
dmidecode βs system-manufacturer
dmidecode βs system-serial-numberKonke okudingayo kulapha: umthengisi, imodeli, inombolo ye-serial. Uma ungenaso isiqiniseko sokuthi lolu lwazi lukhona kuwo wonke amaseva, ungawakhomba ngekheli lawo le-MAC. Noma ngezindlela zombili ngesikhathi esifanayo, uma abathengisi beseva behlukile futhi kwamanye amamodeli akukho lwazi mayelana nenombolo ye-serial.
Ngokusekelwe kulwazi olutholiwe, amafolda enethiwekhi afakwe kuseva yokufaka futhi konke okudingekayo kuyalayishwa (izinsiza, i-firmware, njll.).
Yiziphi izinsiza kanye nendlela yokumisa iseva?
Ngizohlinzeka ngezinsiza ze-Linux kwabanye abakhiqizi. Zonke izinsiza ziyatholakala kumawebhusayithi asemthethweni abathengisi.
Nge-firmware, ngicabanga ukuthi konke kucacile. Ngokuvamile ziza ngendlela yamafayela aphathekayo ahlanganisiwe. Ifayela elisebenzisekayo lilawula inqubo yokubuyekeza i-firmware futhi libika ikhodi yokubuyisela.
I-BIOS ne-IPMI ngokuvamile zilungiswa ngezifanekiso. Uma kunesidingo, isifanekiso singahlelwa ngaphambi kokulanda.
Izinsiza ze-RAID ezivela kwabanye abathengisi nazo zingalungiselelwa kusetshenziswa isifanekiso. Uma kungenjalo, kuzodingeka ukuthi ubhale iskripthi sokumisa.
Inqubo yokusetha i-RAID imvamisa kanjena:
- Sicela ukucushwa kwamanje.
- Uma sekuvele kukhona amalungu afanayo anengqondo, siyawasula.
- Ake sibheke ukuthi yimaphi amadiski akhona nokuthi mangaki.
- Dala uhlelo olusha olunengqondo. Siphazamisa inqubo uma kuba nephutha.
Uzithola kanjani izilungiselelo zeseva ethile?
Ake sicabange ukuthi izilungiselelo zawo wonke amaseva zizogcinwa kuseva yokufaka. Kulokhu, ukuze siphendule umbuzo wethu, kufanele siqale sinqume ukuthi sizidlulisela kanjani izilungiselelo kuseva yokufaka.
Ekuqaleni, ungadlula ngamafayela ombhalo. (Esikhathini esizayo, ungase uthande ukusebenzisa ifayela lombhalo njengendlela yokubuyela emuva yokudlulisa izilungiselelo.)
Ungakwazi "ukwabelana" ngefayela lombhalo kuseva yokufaka. Bese wengeza ukukhweza kwayo kusikripthi se-mount.sh.
Imigqa, ngokwesibonelo, izobukeka kanje:
<inombolo yomkhiqizo> <igama lomethuleli> <subnet>
Le migqa izodluliselwa efayelini ngunjiniyela esuka emshinini wakhe womsebenzi. Futhi-ke, lapho usetha iseva, imingcele yeseva ethile izofundwa efayeleni.
Kodwa, ngokuhamba kwesikhathi, kungcono ukusebenzisa i-database ukugcina izilungiselelo, izifunda kanye namalogi wokufakwa kweseva.
Yiqiniso, i-database yodwa ayanele, futhi uzodinga ukudala ingxenye yeklayenti ngosizo lokuthi yiziphi izilungiselelo ezizodluliselwa ku-database. Lokhu kunzima kakhulu ukukusebenzisa uma kuqhathaniswa nefayela lombhalo, kodwa empeleni, yonke into ayinzima njengoba ibonakala. Kungenzeka kakhulu ukuthi ubhale inguqulo encane yeklayenti ezovele idlulisele idatha kusizindalwazi ngokwakho. Futhi esikhathini esizayo kuzokwazi ukuthuthukisa uhlelo lweklayenti kwimodi yamahhala (imibiko, amalebula okuphrinta, ukuthumela izaziso, njll okufika engqondweni).
Ngokwenza isicelo esithile ku-database futhi sicacise inombolo ye-serial yeseva, sizothola imingcele edingekayo yokumisa iseva.
Futhi, ngeke kudingeke size nezingidi zokufinyelela ngesikhathi esisodwa, njengoba kwenzeka ngefayela lombhalo.
Singabhala ilogi yokumisa kusizindalwazi kuzo zonke izigaba futhi silawule inqubo yokufaka ngemicimbi namafulegi ezigaba zokulungiselela.
Manje siyazi ukuthi kanjani:
- qalisa iseva nge-PXE;
- dlulisela ukulawula kusikripthi sethu;
- khomba iseva edinga ukulungiswa ngenombolo yayo yomkhiqizo;
- lungisa iseva usebenzisa izinsiza ezifanele;
- dlulisela izilungiselelo kusizindalwazi seseva yokufaka usebenzisa ingxenye yeklayenti.
Sithole ukuthi kanjani:
- iseva efakiwe ithola izilungiselelo ezidingekayo kusizindalwazi;
- yonke inqubekelaphambili yokulungiselela irekhodwa kusizindalwazi (izingodo, imicimbi, amafulegi asesiteji).
Kuthiwani ngezinhlobo ezahlukene zesofthiwe ozifakile? Ungayifaka kanjani i-hypervisor, kopisha i-VM futhi uyilungiselele konke?
Endabeni yokuthumela isithombe sesistimu yefayela (linux) ku-hardware, yonke into ilula:
- Ngemuva kokusetha zonke izingxenye zeseva, sikhipha isithombe.
- Faka i-grub bootloader.
- Thina chroot futhi ulungiselele konke okudingekayo.
Ukudlulisa kanjani ukulawula kusifaki se-OS (usebenzisa i-ESXi njengesibonelo).
- Sihlela ukudluliswa kokulawula kusuka kuskripthi sethu kuya kusifaki se-hypervisor sisebenzisa ifayela lokuphendula elizenzakalelayo (isiqalo):
- Sisusa ama-partitions amanje kudiski.
- Dala ukwahlukanisa ngosayizi ongu-500MB.
- Siyimaka njenge-bootable.
- Fometha ku-FAT32.
- Sikopisha amafayela wokufaka we-ESXi kumpande.
- Ifaka i-syslinux.
- Kopisha i-syslinux.cfg ku-/syslinux/
default esxi
prompt 1
timeout 50
label esxi
kernel mboot.c32
append -c boot.cfg- Kopisha i-mboot.c32 kuya ku-/syslinux.
- I-Boot.cfg kufanele ibe ne-kernelopt=ks=ftp:// /ks_esxi.cfg
- Siqalisa kabusha iseva.
Ngemva kokuthi iseva iqale kabusha, isifaki se-ESXi sizolanda ku-hard drive yeseva. Wonke amafayela wesifaki adingekayo azolayishwa kumemori bese ukufakwa kwe-ESXi kuzoqala, ngokuya ngefayela elishiwo lokuphendula okuzenzakalelayo.
Nansi imigqa embalwa evela kufayela le-autoresponse ks_esxi.cfg:
%firstboot --interpreter=busybox
β¦
# ΠΏΠΎΠ»ΡΡΠ°Π΅ΠΌ ΡΠ΅ΡΠΈΠΉΠ½ΡΠΉ Π½ΠΎΠΌΠ΅Ρ
SYSSN=$(esxcli hardware platform get | grep Serial | awk -F " " '{print $3}')
# ΠΏΠΎΠ»ΡΡΠ°Π΅ΠΌ IP
IPADDRT=$(esxcli network ip interface ipv4 get | grep vmk0 | awk -F " " '{print $2}')
LAST_OCTET=$(echo $IPADDRT | awk -F'.' '{print $4}')
# ΠΏΠΎΠ΄ΠΊΠ»ΡΡΠ°Π΅ΠΌ NFS ΠΈΠ½ΡΡΠ°Π»Π»-ΡΠ΅ΡΠ²Π΅ΡΠ°
esxcli storage nfs add -H is -s /srv/nfs_share -v nfsshare1
# ΠΊΠΎΠΏΠΈΡΡΠ΅ΠΌ Π²ΡΠ΅ΠΌΠ΅Π½Π½ΡΠ΅ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ ssh, Π΄Π»Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ ssh-ΠΊΠ»ΠΈΠ΅Π½ΡΠ°
mv /etc/ssh /etc/ssh.tmp
cp -R /vmfs/volumes/nfsshare1/ssh /etc/
chmod go-r /etc/ssh/ssh_host_rsa_key
# ΠΊΠΎΠΏΠΈΡΡΠ΅ΠΌ ovftool, Π΄Π»Ρ ΡΠ°Π·Π²Π΅ΡΡΡΠ²Π°Π½ΠΈΡ ΠΠ ΡΠ΅ΠΉΡΠ°Ρ, ΠΏΠ»ΡΡ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎ ΠΏΡΠΈΠ³ΠΎΠ΄ΠΈΡΡΡ ΠΏΠΎΠ·ΠΆΠ΅
cp -R /vmfs/volumes/nfsshare1/ovftool /vmfs/volumes/datastore1/
# ΡΠ°Π·Π²Π΅ΡΡΡΠ²Π°Π΅ΠΌ ΠΠ
/vmfs/volumes/datastore1/ovftool/tools/ovftool --acceptAllEulas --noSSLVerify --datastore=datastore1 --name=VM1 /vmfs/volumes/nfsshare1/VM_T/VM1.ova vi://root:[email protected]
/vmfs/volumes/datastore1/ovftool/tools/ovftool --acceptAllEulas --noSSLVerify --datastore=datastore1 --name=VM2 /vmfs/volumes/nfsshare1/VM_T/VM2.ova vi://root:[email protected]
# ΠΏΠΎΠ»ΡΡΠ°Π΅ΠΌ ΡΡΡΠΎΠΊΡ Ρ Π½Π°ΡΡΡΠΎΠΉΠΊΠ°ΠΌΠΈ Π½Π°ΡΠ΅Π³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ°
ssh root@is "mysql -h'192.168.0.1' -D'servers' -u'user' -p'secretpassword' -e "SELECT ... WHERE servers.serial='$SYSSN'"" | grep -v ^$ | sed 's/NULL//g' > /tmp/servers
...
# Π³Π΅Π½Π΅ΡΠΈΡΡΠ΅ΠΌ ΡΠΊΡΠΈΠΏΡ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ ΡΠ΅ΡΠΈ
echo '#!/bin/sh' > /vmfs/volumes/datastore1/netconf.sh
echo "esxcli network ip interface ipv4 set -i=vmk0 -t=static --ipv4=$IPADDR --netmask=$S_SUB || exit 1" >> /vmfs/volumes/datastore1/netconf.sh
echo "esxcli network ip route ipv4 add -g=$S_GW -n=default || exit 1" >> /vmfs/volumes/datastore1/netconf.sh
chmod a+x /vmfs/volumes/datastore1/netconf.sh
# Π·Π°Π΄Π°Π΅ΠΌ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡ guestinfo.esxihost.id, ΡΠΊΠ°Π·ΡΠ²Π°Π΅ΠΌ Π² Π½Π΅ΠΌ ΡΠ΅ΡΠΈΠΉΠ½ΡΠΉ Π½ΠΎΠΌΠ΅Ρ
echo "guestinfo.esxihost.id = "$SYSSN"" >> /vmfs/volumes/datastore1/VM1/VM1.vmx
echo "guestinfo.esxihost.id = "$SYSSN"" >> /vmfs/volumes/datastore1/VM2/VM2.vmx
...
# ΠΎΠ±Π½ΠΎΠ²Π»ΡΠ΅ΠΌ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ Π² Π±Π°Π·Π΅
SYSNAME=$(esxcli hardware platform get | grep Product | sed 's/Product Name://' | sed 's/^ *//')
UUID=$(vim-cmd hostsvc/hostsummary | grep uuid | sed 's/ //g;s/,$//' | sed 's/^uuid="//;s/"$//')
ssh root@is "mysql -D'servers' -u'user' -p'secretpassword' -e "UPDATE servers ... SET ... WHERE servers.serial='$SYSSN'""
ssh root@is "mysql -D'servers' -u'user' -p'secretpassword' -e "INSERT INTO events ...""
# Π²ΠΎΠ·Π²ΡΠ°ΡΠ°Π΅ΠΌ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ SSH
rm -rf /etc/ssh
mv /etc/ssh.tmp /etc/ssh
# Π½Π°ΡΡΡΠ°ΠΈΠ²Π°Π΅ΠΌ ΡΠ΅ΡΡ ΠΈ ΠΏΠ΅ΡΠ΅Π·Π°Π³ΡΡΠΆΠ°Π΅ΠΌΡΡ
esxcli system hostname set --fqdn=esx-${G_NICK}.x5.ru
/vmfs/volumes/datastore1/netconf.sh
reboot
Kulesi sigaba, i-hypervisor ifakiwe futhi imisiwe, futhi imishini ebonakalayo iyakopishwa.
Ungamisa kanjani imishini ebonakalayo manje?
Sikhohlise kancane: phakathi nokufakwa sisetha ipharamitha guestinfo.esxihost.id = "$SYSSN" kufayela le-VM1.vmx futhi sabonisa inombolo ye-serial yeseva ebonakalayo kulo.
Manje, ngemva kokuqala, umshini obonakalayo (ofakwe iphakheji yamathuluzi e-vmware) ungafinyelela le parameter:
ESXI_SN=$(vmtoolsd --cmd "info-get guestinfo.esxihost.id")Okusho ukuthi, i-VM izokwazi ukuzikhomba yona (iyayazi inombolo ye-serial yomsingathi ophathekayo), yenza isicelo kusizindalwazi seseva yokufaka futhi yamukele imingcele edinga ukulungiswa. Konke lokhu kuhlanganiswa kwaba umbhalo, okufanele wethulwe ngokuzenzakalelayo lapho i-guestos vm iqala (kodwa kanye: RunOnce).
Manje siyazi ukuthi kanjani:
- qalisa iseva nge-PXE;
- dlulisela ukulawula kusikripthi sethu;
- khomba iseva edinga ukulungiswa ngenombolo yayo yomkhiqizo;
- lungisa iseva usebenzisa izinsiza ezifanele;
- dlulisela izilungiselelo kusizindalwazi seseva yokufaka usebenzisa ingxenye yeklayenti;
- lungiselela izinhlobo ezahlukahlukene zesoftware, okuhlanganisa ukusebenzisa i-esxi hypervisor nokumisa imishini ebonakalayo (konke ngokuzenzakalelayo).
Sithole ukuthi kanjani:
- iseva efakiwe ithola izilungiselelo ezidingekayo kusizindalwazi;
- yonke inqubekelaphambili yokulungiselela irekhodwa kusizindalwazi (izingodo, imicimbi, amafulegi asesiteji).
Isiphetho sendaba:
Ngikholelwa ukuthi ukuhluka kwalesi sixazululo kusekuguquguquka kwaso, ubulula, amakhono kanye nokuguquguquka.
Sicela ubhale emazwaneni ukuthi ucabangani.
Source: www.habr.com