SystemImager系统部署
系统部署是构建集群的第一步,如何快速,高效地部署系统是值得讨论的问题。本文描述基于开源软件SystemImager的系统部署方法并给出基本操作步骤。
SystemImager由Brian Elliott Finley创建。目前的维护者和项目小组的领导者是Andrea
Righi。SystemImager,是System Installation Suite的一部份,它能自动安装GNU/Linux,发布软件及快速部署生产环境。
SystemImager的一个主要特征是与发行版本无关,并且能支持不同种类的硬件。这一特征可
以让我们将任何种类的GNU/Linux(标准的发行版本或者自定义的版本)部署到目标机。此项目的主要目标是实现轻松,快捷的部署大量的节点。典型的应用环境包括计算机实验室,render farms(注:视觉农场,很多大片在后期制作所使用的图形渲染的工作站,类似于超级计算机),Internet服务器中心,数据库服务器中心,公司桌面环境等。SystemImager已经被证实了在集群计算环境中很流行,如网格计算和高性能计算。
另一个设计上便于GNU/Linux发行以及不依赖于硬件的特点是SystemImager处理的是基于系统镜像的文件。镜像以文件形式储存目录体系节构,即为样本节点的一个全面的快照,包含节点根文件系统中所有文件及目录。镜像以多种方法获得,包括从目标系统(golden client)中获得,或应用第三方工具直接在镜像服务器中生成。
SystemImage的工作原理:安装并配置好镜像服务器及样本节点(Golden Client),然后镜
像服务器捕捉样本节点的镜像并存储,最后启动目标节点并将镜像分发下去,完成对目标节点的部署。如下图所示:
镜像服务器Golden Client
镜像服务器
硬盘
Golden Client
系统映像
集群节点1 集群节点2 集群节点n
克隆系统
……
具体步骤:
前一阵在我的博客中针对低版本(SystemImager3.2)的安装及使用写了一些步骤,现在针对
现在的稳定版本4写一下具体操作步骤。
实验环境:服务器P4-1.7/256M,CentOS5.1;在另一台P4-2.8/1G的机器上安装几台虚拟机
作为节点,虚拟机分配256M内存,其中一台作为Golden Client,所装系统为CentOS5.2,大小
约1.6G;100Mbits局域网。
1,安装软件
从https://sourceforge.net/project/platformdownload.php?group_id=259下载需要的软
件版本和相应硬件架构的启动包。SystemImage用Perl开发,所以安装时对Perl模块有依赖性。
如AppConfig,MLDBM,XML-Simple等,需要时可以自己下载安装,此处不做详细说明。
镜像服务器中执行如下命令:
# rpm -ivh –nodeps systemconfigurator-2.2.11-1.noarch.rpm \
> systemimager-server-4.0.2-1.noarch.rpm \
> systemimager-common-4.0.2-1.noarch.rpm \
> systemimager-i386boot-standard-4.0.2-1.noarch.rpm \
> systemimager-i386initrd_template-4.0.2-1.noarch.rpm
Golden Client中执行如下命令:
# rpm -ivh –nodeps systemconfigurator-2.2.11-1.noarch.rpm \
> systemimager-common-4.0.2-1.noarch.rpm \
> systemimager-client-4.0.2-1.noarch.rpm \
> systemimager-i386initrd_template-4.0.2-1.noarch.rpm
镜像服务器及Golden Client中已经安装所需的Perl模块,所以加上–nodeps参数。如果此处
没安装有的话系统会提示依赖性,可根据提示下载并安装相应软件包。
2,Golden Client端准备
在golden client上,以root执行si_prepareclient命令。这会在/etc/systemimager目录下
生成许多文件,其中包含分区方案,文件系统类型等。si_prepareclient会启动一个rsync进程来让
这些文件传输到服务器上。
# si_prepareclient –server 192.168.1.63
服务器地址为192.168.1.63,此处也可以写服务器名称。
执行完上面的命令后系统会以命令行交互方式询问是否继续,其中会更改一些文件配置并启动
rsync进程,如果回答y继续的话,系统会告知已经准备完毕,可以在服务器端执行si_getimage
命令。
3,服务器端获取镜像
在镜像服务器上执行si_getimage,从golden client捕捉镜像。应用si_getimage,镜像服
务器从样本节点文件系统的根目录中将所有文件及目录备份成镜像存放
于/var/lib/systemimager/images中。
# si_getimage –golden-client 192.168.1.67 –image backup
此处要指明golden client的地址或主机名以及生成镜像的名称。在询问是否继续后系统会做出
反映。如果同意继续并无其它阻碍(防火墙)的话此时会复制golden client中的文件。笔者所装大
小约为1.6G的golden client系统(在VM中安装的CentOS5.2)来说复制过程大约10分钟,如
果是实机的话此处会表现出更好的性能。
4,准备分发镜像
镜像获得后存放于/var/lib/systemimager/images/backup,其中所包含的内容即为golden
client的系统文件及目录。
可以通过四种方式启动节点来分发镜像:
? 从网络启动(PXE)
? 从自动安装CD启动
? 从自动安装盘启动(USB设备或软盘)
? 从一个启动的系统启动
此处可按不同的硬件环境来选择不同的方法,如果网卡不支持PXE的话可以选择用USB设备或
CD进行启动后安装,当然不同的安装方法使用不同的命令创建启动工具。本文介绍了以PXE方式
启动安装,这种方法的优点是简约而时尚,当然,如果硬件并不支持PXE的话可以创建另外的启动
工具,对安装的节点来说只是通过不同的方式获得引导信息。
SystemImager的si_mkbootserver命令用来配置启动服务器。执行si_mkbootserver启动一个交
互过程,它会创建tftproot目录,配置tftp服务器,并执行一些测试看看功能是否正常。一旦
si_mkbootserver检测出错误,它会宣告失败并生成错误日志。更正错误后,可以重新执行
si_mkbootserver,不断重复这个过程直到配置成功。si_mkbootserver同时会调用
si_mkdhcpserver命令,用来为节点分配IP。这个命令简化了DHCP的配置, 它会询问需要的所有
信息来创建适合SystemImager安装的DHCP配置文件。
下面是笔者进行的配置:
# si_mkbootserver
WARNING: this script may modify the following files:
–> /etc/services
–> /etc/inetd.conf
–> /etc/xinetd.d/tftp
And can restart inetd, xinetd or tftp servers.
Do you wish to continue (y/[n])? y
Ok, continuing…
/var/lib/tftpboot exists and is a symlink to /usr/share/systemimager/boot.
Checking for a tftp server… found.
Checking if tftp server is H. Peter Anvin’s tftp server… yup – right on!
Checking for a running inetd… Not found.
Checking for a running xinetd… 3262.
Looking for update-inetd… not found.
Backing up /etc/xinetd.d/tftp…
Moving /etc/xinetd.d/tftp to /etc/xinetd.d/tftp.si_mkbootserver.bak1…done.
Restaring xinetd …
停止 xinetd: [确定]
启动 xinetd: [确定]
done.
Looking for a tftp client… found.
Checking for loopback interface… up.
Does tftp server work… yes.
Looking for a pxe daemon… which: no pxe in
(/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin)
not found.
WARNING: your bootserver will be configured without a pxe daemon!
(ignore this warning if you’re using a recent distro)
done.
What is the path to the pxelinux bootloader [/usr/lib/syslinux/pxelinux.0]?
Backing up /var/lib/tftpboot/pxelinux.cfg…
Moving /var/lib/tftpboot/pxelinux.cfg to
/var/lib/tftpboot/pxelinux.cfg.si_mkbootserver.bak24…done.
Copying /var/lib/tftpboot/X86PC/UNDI/linux-install/pxelinux.cfg to
/var/lib/tftpboot/pxelinux.cfg…Ok, configuration complete.
Once you’re DHCP server is configured, you should be all set.
Do you want to run si_mkdhcpserver to configure your DHCP server ([y]/n)? y
Welcome to the SystemImager "si_mkdhcpserver" command. This command will
prepare this computer to be a DHCP server by creating a dhcpd.conf file
for use with your ISC DHCP server (v2 or v3).
If there is an existing file, it will be backed up with the
.beforesystemimager extension.
Continue? (y/[n]): y
Trying to probe your DNS domain. Please wait…
Type your response or hit <Enter> to accept [defaults]. If you don’t
have a response, such as no first or second DNS server, just hit
<Enter> and none will be used.
What is your DHCP daemon major version number (2 or 3)? [3]:
What is the name of your DHCP daemon config file? [/etc/dhcpd.conf]:
What is your domain name? []: changzi.centos
What is your network number? [192.168.1.0]:
What is your netmask? [255.255.255.0]:
What is the starting IP address for your dhcp range? [192.168.1.1]: 192.168.1.50
What is the ending IP address for your dhcp range? [192.168.1.254]: 192.168.1.80
What is the IP address of your first DNS server? []:
What is the IP address of your default gateway? [192.168.1.254]: 192.168.1.1
What is the IP address of your image server? [192.168.1.254]: 192.168.1.63
What is the IP address of your boot server? [192.168.1.254]: 192.168.1.63
What is the IP address of your log server? []:
Use tmpfs staging on client? (If unsure, choose "n") [n]:
Do you want to use Flamethrower (multicast) to install your clients? [n]:
What… is the air-speed velocity of an unladen swallow? []:
Wrong!!! (with a Monty Python(TM) accent…)
Press <Enter> to continue…
Ahh, but seriously folks…
Here are the values you have chosen:
############################################################
###########
ISC DHCP daemon version: 3
ISC DHCP daemon config file: /etc/dhcpd.conf
DNS domain name: changzi.centos
Network number: 192.168.1.0
Netmask: 255.255.255.0
Starting IP address for your DHCP range: 192.168.1.50
Ending IP address for your DHCP range: 192.168.1.80
First DNS server:
Second DNS server:
Third DNS server:
Default gateway: 192.168.1.1
Image server: 192.168.1.63
Boot server: 192.168.1.63
Log server:
Log server port:
Flamethrower directory port:
Use tmpfs staging on client: n
SSH files download URL:
############################################################
###########
Are you satisfied? (y/[n]): y
The dhcp server configuration file (/etc/dhcpd.conf) file has been
created for you. Please verify it for accuracy.
If this file does not look satisfactory, you can run this command again
to re-create it: "si_mkdhcpserver"
WARNING!: If you have multiple physical network interfaces, be sure to
edit the init script that starts dhcpd to specify the interface that
is connected to your DHCP clients. Here’s an example:
Change "/usr/sbin/dhcpd" to "/usr/sbin/dhcpd eth1".
Depending on your distribution, you may be able to set this with the
"INTERFACES" variable in "/etc/default/dhcp", "/etc/default/dhcp3-server",
or similar, or in your dhcpd initialization script ("/etc/init.d/dhcpd",
"/etc/init.d/dhcp3-server", or similar).
Also, be sure to start or restart your dhcpd daemon. This can usually
be done with a command like "/etc/init.d/dhcpd restart" or similar.
Would you like me to restart your DHCP server software now? (y/[n]): y
关闭 dhcpd: [确定]
启动 dhcpd: [确定]
5,创建相应连接
如果镜像服务器中有多个镜像的话,就要告知哪一个节点安装哪一个镜像。si_addclients为镜
像的安装脚本创建符号链接。si_addclients改写镜像服务器的/etc/hosts
和/var/lib/systemimager/scripts/hosts文件。Hosts文件为自动安装客户端查阅他们的主机名提供
默认的机制。
在si_addclients的第一个配置部分,需要指出自动安装节点的主机名称样式。一个主机范围的
字段和一个域名用来定义我们要自动安装的节点的主机名;在第二个配置部分,将前一部分定义的
节点映射到到镜像;在第三个配置部分,si_addclients命令请求IP地址范围,这个IP保存在/etc/
hosts和/var/lib/systemimager/scripts/hosts文件中。当自动安装客户端启动时,它会从镜像服务
器中检索后面的文件并应用它查找主机名。
# si_addclients
Welcome to the SystemImager "si_addclients" utility
——————————————————————————–
This utility has 3 sections.
"Section 1" will ask you for your hostname information.
"Section 2" will allow you to create softlinks from each client hostname to
your "master" script in the "/var/lib/systemimager/scripts" directory.
Example: www297.sh -> web_server_image_v1.master
"Section 3" will ask you for IP address information that will be combined
with the hostname information provided in Section 1 to create entries in
"/etc/hosts" for each of these same clients. New entries will be appended
to the end of "/etc/hosts". If you specify new hostnames for existing IP
addresses, those entries will be re-written in place to reflect the new
host names.
Continue? ([y]/n): y
si_addclients — Section 1 (hostname information)
——————————————————————————–
The next series of questions will be used to create a range of hostnames.
You will be asked for your domain name, the base host name, a beginning
number, and an ending number.
For example, if you answer:
domain name = systemimager.org
host range = www7-www11,www20
Then the result will be a series of hostnames that looks like this:
www7.systemimager.org
www8.systemimager.org
www9.systemimager.org
www10.systemimager.org
www11.systemimager.org
www20.systemimager.org
What is your domain name? []: changzi.centos
What is the hosts range that you want me to use? []: www50-www80
I will work with hostnames: www50-www80
in the domain: changzi.centos
Are you satisfied? (y/[n]): y
si_addclients — Section 2 (soft links to master script)
——————————————————————————–
Would you like me to create soft links to a "master" script so that hosts:
www50-www80
can be autoinstalled with one of the available images? ([y]/n): y
Here is a list of available autoinstall scripts:
backup
Which script would you like these hosts to be installed with?
[backup]:
Your soft links have been created.
Press <Enter> to continue…
si_addclients — Section 3 (adding or modifying /etc/hosts entries)
——————————————————————————–
Your target machines need to be able to determine their host names from their
IP addresses, unless their host name is specified in a local.cfg file.
The preferred method for doing this is with DNS. If you have a working DNS
that has IP address to hostname resolution properly configured for your
target machines, then answer "n" here.
If you don’t have a working DNS, or you want to override the information in
DNS, then answer "y" here to add entries to the "/etc/hosts" file on your
image server. After adding these entries, the /etc/hosts file will be
copied to "/var/lib/systemimager/scripts" where it can be retrieved by your
target machines.
I will ask you for your clients’ IP addresses one subnet at a time.
Would you like me to continue? (y/[n]): y
si_addclients — Section 3 (adding or modifying /etc/hosts entries — continued…)
——————————————————————————–
Hostnames range is: www50-www80
What is the IPs address range (e.g. 10.0.0.1-10.0.0.100,10.0.0.101)?
[]:192.168.1.50-192.168.1.80
I will work with IP addresses: 192.168.1.50-192.168.1.80
and hostnames: www50-www80
Are you satisfied? (y/[n]): y
These entries have been added to /etc/hosts, and /etc/hosts has been copied
to /var/lib/systemimager/scripts for use by your auto-install clients.
Press <Enter> to continue…
si_addclients: successfully completed.
6,创建启动介质
见第4步骤中所描述的四种启动方式。此处所用的是从网络启动。使用以下命令,其它启动方
法使用的命令详情见systemimager手册。
# si_mkclientnetboot –netboot –clients www50-www80
[netboot] using the kernel and initrd.img for architecture: i386
[netboot] using the flavor: standard
7,启动节点安装镜像
最后就是启动节点,此处的节点均为虚拟机,从DHCP获得节点IP,下图看到的IP为79,因为
装了两台,另一台的地址即为上面配置的80。开始自动安装,到了这一步是最令人欣喜的。
下载内核及initrd
检测硬件
开始传送文件
传送完毕,等待重启。
重启系统,checking filesystems后再次重启即可进入安装完成的系统中了。这一步用了10
分钟左右。同样,如果是实机的话性能会有所提高。为了进行比较一下,我用光盘安在虚拟机中安
装了同样配置的系统,去掉启动后手工配置的时间是13分钟。可见用这种方法部署系统还是有优
势的。
8,其它
节点系统更新也是SystemImager的一个强大的功能,例如,想将100台服务器的内核更新,
只需将样本节点的内核升级,获得样本节点的镜像,在其它节点系统中执行si_updateclient,指定
镜像后,便可以很快的与新的镜像同步,数据或是配置文件也可以用同样的方法分发。
SystemImager用来确保安全的生产部署,在更新镜像前保存当前生产环境的镜像,这样就提供了处
理意外情况的机制。建立一个带有版本号的镜像池是一个很不错的选择,如果发现新的生产环境有
问题,简单地用si_updateclient命令回滚到上次正常的生产镜像即可。
除了SystemImager这种工具可以执行自动化安装外,像Red Hat的Kickstart等,基于预定
义的安装包清单来安装系统。然而,这种基于包的安装非常有限,因为它对非安装包的文件没有办
法自动化安装,如果重新编译的内核,加入了一些非安装包的软件,或者是更改具体的配置文件,
基于包安装的方法通常要求你写某些脚本或是编程来处理这些“特别案例”。相比之下,不如
SystemImager使用起来方便快捷。在安全方面SystemImager还提供基于OpenSSH方式的安装。
SystemImager应用多种方法启动目标节点,将Linux 操作系统和应用软件一次安装到位。采用分
布式的网络传输结构和点对点的通信(SystemImager提供用BitTorrent进行安装)方式可以有效
缓解由网络带宽引起的性能瓶颈。
总结:这个实验做得不是很流畅,中间遇到好多问题,但大部份都google解决了。最近半个
月以来一直在学习如何使用这个软件。主要的参考资料来源于
http://wiki.systemimager.org/index.php/Documentation,笔者下载并翻译了SystemImager
手册,放到了博客里,但是对于这个软件所提供的更强大的功能尚未深入探究。
《SystemImager手册》中提到过一些实际安装的性能:
Ole Holm Nielsen,物理系,丹麦技术大学报告:
在我们用SystemImager安装时,可以在6分钟内安装1.8G的镜像到18个客户端。请见The
NIFLHEIM SystemImager
Page(http://www.fysik.dtu.dk/CAMP/Niflheim/systemimager.html)。我们的服务器拥有
Gigabit网络,2GB的RAM,dual Intel Xeon 2.4 GHz,客户端是Intel P4和100 Mbit网络。
James Braid 报告: 从一个Celeron 700/512Mb服务器,100Mbit网络,我们做到了7~10
分钟安装大概1G的镜像。硬盘是设置了LVM的5x 120Gb Seagate Barracuda V(non
striped),文件系统为ReiserFS。
参考:
[1]http://wiki.systemimager.org/index.php/Quick_Start_HOWTO
[2]http://www.howtoforge.com/howto_linux_systemimager
PS:有