基于Incus快速部署容器化FOG
IDV-NEXT中集成的FOG服务器通过基于Incus的容器化方案快速部署,并带来与物理机部署同等的体验。
Incus介绍
Incus 是下一代系统容器和虚拟机管理器。
Incus提供类似于公共云的用户体验。可以使用Incus轻松地混合和匹配容器和虚拟机,共享相同的底层存储和网络。
Incus 基于镜像,为大量 Linux 发行版提供镜像。它为各种用例提供了灵活性和可扩展性,支持不同的存储后端和网络类型,并可选择安装在从单个笔记本电脑或云实例到完整服务器机架的各种硬件上。
使用 Incus 时,可以使用简单的命令行工具、直接通过 REST API 或使用第三方工具和集成来管理实例(容器和虚拟机)。Incus 为本地和远程访问实现了单一的 REST API。
Incus 项目由 Aleksa Sarai 创建,作为 Canonical LXD 的社区驱动替代方案。
如今,领导和维护该项目的人员与创建 LXD 的人员基本相同。
容器化FOG运行环境
目前基于Ubuntu24.04操作系统作为容器化FOG运行环境的基底操作系统,后续将切换为Debian 12为基底操作系统,因Debian发行版比Ubuntu更轻量、更稳定。同时因为IDV-NEXT的Guest操作系统(即部署到客户机上的系统镜像)亦采用Debian 12作为基底操作系统。 一体化基底操作系统,有助于简化后续的部署及维护工作。
运行原理:
- Ubuntu24.04(或Debian 12)执行最小化安装
- 在最小化安装好后的系统上,使用离线部署包,快速部署Incus容器环境,完成容器环境运行时初始化
- 在运行中的Incus容器实例中,部署FOG服务器,并导入镜像,快速进入到部署服务器可用状态
Incus极大的便利了部署工作,整台服务器可在基底操作系统安装好后,在5分钟内完成FOG服务器的上线。
部署示例
Incus容器部署
容器化部署FOG所需的文件如下:
# ls
0db4101a487119c08010e1aa2c6f121650987d80215d893bed047dbf87f709aa.tar.gz idvnext init.sh install_and_lauch_incus_instance.sh~
default.yaml incusdebs.tar.gz install_and_lauch_incus_instance.sh nfs-server-profile.yaml
通过ip a获取到本机的网卡地址,例如enp1s0, 而后键入以下命令执行部署:
# ./install_and_lauch_incus_instance.sh enp1s0
部署成功后,可查看当前运行中的容器实例:
# incus list
+------+---------+---------------------+------+-----------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------+---------+---------------------+------+-----------+-----------+
| s1 | RUNNING | 192.168.1.44 (eth0) | | CONTAINER | 0 |
+------+---------+---------------------+------+-----------+-----------+
incus FOG环境适配
默认部署出的容器实例s1通过桥接方式连入到客户物理网络中,此时需要根据实际需求更改IP地址,并重新执行签名初始化、数据化重置等一系列操作,以下为具体的操作步骤。
通过exec命令进入到s1实例的命令行界面:
# incus exec s1 bash
root@s1:~#
进入到regen目录下,这个目录下的两个脚本1_regen.sh及2_reinstall.sh命令依次运行完后可以重新初始化FOG服务器.
修改inventoy.ini文件中的参数,默认的参数如下:
# cat inventoy.ini
[all]
127.0.0.1 ansible_connection=local
[all:vars]
subnet='192.168.1.0'
ipaddress='192.168.1.44'
submask='255.255.255.0'
submaskshort='24'
routeraddress='192.168.1.33'
plainrouter='192.168.1.33'
dnsaddress='223.5.5.5'
startrange='192.168.1.50'
endrange='192.168.1.90'
我们只更改IP地址及dhcp地址范围,更改后的文件如下:
[all]
127.0.0.1 ansible_connection=local
[all:vars]
subnet='192.168.1.0'
ipaddress='192.168.1.21'
submask='255.255.255.0'
submaskshort='24'
routeraddress='192.168.1.33'
plainrouter='192.168.1.33'
dnsaddress='223.5.5.5'
startrange='192.168.1.150'
endrange='192.168.1.190'
实际部署中,可以根据网段/子网掩码/ip/dns等参数灵活更改为所需要更改的网段实际定义值。
运行1_regen.sh, 执行incus环境修改后,Incus容器实例将重新启动:
root@s1:~/regen# ./1_regen.sh
PLAY [Write fogsettings] *********************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [127.0.0.1]
TASK [write fogsettings using jinja2] ********************************************************************************************************************************************************
changed: [127.0.0.1]
PLAY [Write network configure files] *********************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [127.0.0.1]
TASK [write network using jinja2] ************************************************************************************************************************************************************
changed: [127.0.0.1]
PLAY [Write dhcp configure files] ************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [127.0.0.1]
TASK [write dhcp using jinja2] ***************************************************************************************************************************************************************
changed: [127.0.0.1]
PLAY [Write mysql.sh files] ******************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [127.0.0.1]
TASK [write mysql.sh using jinja2] ***********************************************************************************************************************************************************
changed: [127.0.0.1]
PLAY RECAP ***********************************************************************************************************************************************************************************
127.0.0.1 : ok=8 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
root@s1:~/regen#
root@server:/home/dash/hostincus#
重新运行incus exec s1 bash进入到容器环境,到上一工作目录下,执行另一个脚本:
root@server:/home/dash/hostincus# incus exec s1 bash
root@s1:~# cd regen/
root@s1:~/regen# ./2_reinstall.sh
##############1. re install fog
Installing LSB_Release as needed
* Attempting to get release information.......................Done
+------------------------------------------+
| ..#######:. ..,#,.. .::##::. |
|.:###### .:;####:......;#;.. |
|...##... ...##;,;##::::.##... |
| ,# ...##.....##:::## ..:: |
| ## .::###,,##. . ##.::#.:######::.|
|...##:::###::....#. .. .#...#. #...#:::. |
|..:####:.. ..##......##::## .. # |
| # . ...##:,;##;:::#: ... ##.. |
| .# . .:;####;::::.##:::;#:.. |
| # ..:;###.. |
| |
+------------------------------------------+
| Free Computer Imaging Solution |
+------------------------------------------+
| Credits: fogproject.org/Credits |
| fogproject.org/Credits |
| Released under GPL Version 3 |
+------------------------------------------+
Version: 1.5.10 Installer/Updater
* Found FOG Settings from previous install at: /opt/fog/.fogsettings
* Performing upgrade using these settings
Starting Debian based Installation
######################################################################
# FOG now has everything it needs for this setup, but please #
# understand that this script will overwrite any setting you may #
# have setup for services like DHCP, apache, pxe, tftp, and NFS. #
######################################################################
# It is not recommended that you install this on a production system #
# as this script modifies many of your system settings. #
######################################################################
# This script should be run by the root user. #
# It will prepend the running with sudo if root is not set #
######################################################################
# Please see our wiki for more information at: #
######################################################################
# wiki.fogproject.org/wiki/index.php #
######################################################################
* Here are the settings FOG will use:
* Base Linux: Debian
* Detected Linux Distribution: Debian GNU/Linux
* Interface: eth0
* Server IP Address: 192.168.1.21
* Server Subnet Mask: 255.255.255.0
* Hostname: fogincuschinese
* Installation Type: Normal Server
* Internationalization: Yes
* Image Storage Location: /images
* Using FOG DHCP: Yes
* DHCP router Address: 192.168.1.33
* Send OS Name, OS Version, and FOG Version: No
* Are you sure you wish to continue (Y/N) y
* Installation Started
Done
* Adjusting repository (can take a long time for cleanup).....OK
* Preparing Package Manager...................................OK
* Packages to be installed:
apache2 bc build-essential cpp curl g++ gawk gcc genisoimage gettext git gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-php libc6 libcurl4 liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server php php-bcmath php-cli php-curl php-fpm php-gd php-intl php-json php-ldap php-mbstring php-mysql tar tftp-hpa tftpd-hpa unzip vsftpd wget zlib1g
* Skipping package: apache2.................................(Already Installed)
* Skipping package: bc......................................(Already Installed)
* Skipping package: build-essential.........................(Already Installed)
* Skipping package: cpp.....................................(Already Installed)
* Skipping package: curl....................................(Already Installed)
* Skipping package: g++.....................................(Already Installed)
* Skipping package: gawk....................................(Already Installed)
* Skipping package: gcc.....................................(Already Installed)
* Skipping package: genisoimage.............................(Already Installed)
* Skipping package: gettext.................................(Already Installed)
* Skipping package: git.....................................(Already Installed)
* Skipping package: gzip....................................(Already Installed)
* Skipping package: htmldoc.................................(Already Installed)
* Skipping package: isc-dhcp-server.........................(Already Installed)
* Skipping package: isolinux................................(Already Installed)
* Skipping package: lftp....................................(Already Installed)
* Skipping package: libapache2-mod-php......................(Already Installed)
* Skipping package: libc6...................................(Already Installed)
* Skipping package: libcurl4................................(Already Installed)
* Skipping package: liblzma-dev.............................(Already Installed)
* Skipping package: m4......................................(Already Installed)
* Skipping package: mariadb-client..........................(Already Installed)
* Skipping package: mariadb-server..........................(Already Installed)
* Skipping package: net-tools...............................(Already Installed)
* Skipping package: nfs-kernel-server.......................(Already Installed)
* Skipping package: openssh-server..........................(Already Installed)
* Skipping package: php.....................................(Already Installed)
* Skipping package: php-bcmath..............................(Already Installed)
* Skipping package: php-cli.................................(Already Installed)
* Skipping package: php-curl................................(Already Installed)
* Skipping package: php-fpm.................................(Already Installed)
* Skipping package: php-gd..................................(Already Installed)
* Skipping package: php-intl................................(Already Installed)
* Skipping package: php-json................................(Already Installed)
* Skipping package: php-ldap................................(Already Installed)
* Skipping package: php-mbstring............................(Already Installed)
* Skipping package: php-mysql...............................(Already Installed)
* Skipping package: tar.....................................(Already Installed)
* Skipping package: tftp-hpa................................(Already Installed)
* Skipping package: tftpd-hpa...............................(Already Installed)
* Skipping package: unzip...................................(Already Installed)
* Skipping package: vsftpd..................................(Already Installed)
* Skipping package: wget....................................(Already Installed)
* Skipping package: zlib1g..................................(Already Installed)
* Updating packages as needed.................................OK
* Confirming package installation
* Checking package: apache2...................................OK
* Checking package: bc........................................OK
* Checking package: build-essential...........................OK
* Checking package: cpp.......................................OK
* Checking package: curl......................................OK
* Checking package: g++.......................................OK
* Checking package: gawk......................................OK
* Checking package: gcc.......................................OK
* Checking package: genisoimage...............................OK
* Checking package: gettext...................................OK
* Checking package: git.......................................OK
* Checking package: gzip......................................OK
* Checking package: htmldoc...................................OK
* Checking package: isc-dhcp-server...........................OK
* Checking package: isolinux..................................OK
* Checking package: lftp......................................OK
* Checking package: libapache2-mod-php........................OK
* Checking package: libc6.....................................OK
* Checking package: libcurl4..................................OK
* Checking package: liblzma-dev...............................OK
* Checking package: m4........................................OK
* Checking package: mariadb-client............................OK
* Checking package: mariadb-server............................OK
* Checking package: net-tools.................................OK
* Checking package: nfs-kernel-server.........................OK
* Checking package: openssh-server............................OK
* Checking package: php.......................................OK
* Checking package: php-bcmath................................OK
* Checking package: php-cli...................................OK
* Checking package: php-curl..................................OK
* Checking package: php-fpm...................................OK
* Checking package: php-gd....................................OK
* Checking package: php-intl..................................OK
* Checking package: php-json..................................OK
* Checking package: php-ldap..................................OK
* Checking package: php-mbstring..............................OK
* Checking package: php-mysql.................................OK
* Checking package: tar.......................................OK
* Checking package: tftp-hpa..................................OK
* Checking package: tftpd-hpa.................................OK
* Checking package: unzip.....................................OK
* Checking package: vsftpd....................................OK
* Checking package: wget......................................OK
* Checking package: zlib1g....................................OK
* Configuring services
* Setting up fogproject user..................................Skipped
* Locking fogproject as a system account......................OK
* Setting up fogproject password..............................OK
* Stopping FOGMulticastManager.service Service................OK
* Stopping FOGImageReplicator.service Service.................OK
* Stopping FOGSnapinReplicator.service Service................OK
* Stopping FOGScheduler.service Service.......................OK
* Stopping FOGPingHosts.service Service.......................OK
* Stopping FOGSnapinHash.service Service......................OK
* Stopping FOGImageSize.service Service.......................OK
* Setting up and starting MySQL...............................OK
* Setting up MySQL user and database..........................Skipped
* Backing up user reports.....................................Done
* Stopping web service........................................OK
* Setting up Apache and PHP files.............................OK
* Testing and removing symbolic links if found................OK
* Backing up old data.........................................OK
* Copying new files to web folder.............................OK
* Creating the language binaries..............................Done
* Creating config file........................................OK
* Creating redirection index file.............................Skipped
* Downloading kernel, init and fog-client binaries............Done
* Copying binaries to destination paths.......................OK
* Enabling apache and fpm services on boot....................OK
* Creating SSL CA.............................................OK
* Creating SSL Private Key....................................OK
* Creating SSL Certificate....................................OK
* Creating auth pub key and cert..............................OK
* Resetting SSL Permissions...................................OK
* Setting up Apache virtual host (no SSL).....................OK
* Starting and checking status of web services................OK
* Changing permissions on apache log files....................OK
* Backing up database.........................................Done
* You still need to install/update your database schema.
* This can be done by opening a web browser and going to:
192.168.1.21/fog/management
* Press [Enter] key when database is updated/installed.
* Update fogstorage database password.........................OK
* Granting access to fogstorage database user.................Skipped
* Setting up storage..........................................OK
* Setting up and starting DHCP Server (incl. fix for Debian)..OK
* Configuring default iPXE file...............................OK
* Setting up and starting TFTP Server.........................OK
* Setting up and starting VSFTP Server........................OK
* Setting up FOG Snapins......................................OK
* Setting up UDPCast..........................................OK
* Configuring UDPCast.........................................OK
* Building UDPCast............................................OK
* Installing UDPCast..........................................OK
* Installing FOG System Scripts...............................OK
* Configuring FOG System Services
* Setting permissions on FOGMulticastManager.service script...OK
* Enabling FOGMulticastManager.service Service................OK
* Setting permissions on FOGImageReplicator.service script....OK
* Enabling FOGImageReplicator.service Service.................OK
* Setting permissions on FOGSnapinReplicator.service script...OK
* Enabling FOGSnapinReplicator.service Service................OK
* Setting permissions on FOGScheduler.service script..........OK
* Enabling FOGScheduler.service Service.......................OK
* Setting permissions on FOGPingHosts.service script..........OK
* Enabling FOGPingHosts.service Service.......................OK
* Setting permissions on FOGSnapinHash.service script.........OK
* Enabling FOGSnapinHash.service Service......................OK
* Setting permissions on FOGImageSize.service script..........OK
* Enabling FOGImageSize.service Service.......................OK
* Setting up FOG Services.....................................OK
* Starting FOGMulticastManager.service Service................OK
* Starting FOGImageReplicator.service Service.................OK
* Starting FOGSnapinReplicator.service Service................OK
* Starting FOGScheduler.service Service.......................OK
* Starting FOGPingHosts.service Service.......................OK
* Starting FOGSnapinHash.service Service......................OK
* Starting FOGImageSize.service Service.......................OK
* Setting up exports file.....................................OK
* Setting up and starting RPCBind.............................OK
* Setting up and starting NFS Server..........................OK
* Ensuring node username and passwords match..................Done
* Setup complete
You can now login to the FOG Management Portal using
the information listed below. The login information
is only if this is the first install.
This can be done by opening a web browser and going to:
192.168.1.21/fog/management
Default User Information
Username: fog
Password: password
* Changed configurations:
The FOG installer changed configuration files and created the
following backup files from your original files:
* /etc/apache2/sites-available/001-fog.conf <=> /etc/apache2/sites-available/001-fog.conf.1715821208
##############2. re configure database
##############3. done configuration
root@s1:~/regen#
incus环境调配
上面的部署完毕后,FOG的控制台应可直接访问192.168.1.21/fog/management, 实际部署中需要替换为配置好的IP地址。
在控制台中,需要手动配置镜像:
点击新建镜像, 键入idvnext, 其他字段保持默认后,点击添加:
此时镜像亦可以被部署到节点机上, 换言之,容器化FOG服务器已处于正常工作状态, 可以新建一台PXE启动的机器对该FOG服务器的运作进行测试:
