打印机 ansible配置dhcp和打印机_打印机网络dhcp

部署dhcp服务器

主机发送Discover报文
目标为广播地址
同一网段的dhcp收到报文后，dhcp响应一个offer报文
offer报文：dhcp自己的ip地址。和客户端ip以及使用周期，和客户端ip网络参数
最后主机单独发一个request报文 给那个选择的dhcp服务器 （解决多个dhcp在同一网段都提供offer的问题，主要是先到先得）
dhcp最后发送一个ack确认报文给主机

dhcp和主机不在同一网段得配置dhcp中继
客户端无法指定我可以单独使用哪个dhcp

实践

1>安装包
[root@servera ~]# yum install -y dhcp-server
 
2> 准本配置文件
[root@servera ~]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite '/etc/dhcp/dhcpd.conf'? y              这个模板十分好用
[root@servera ~]#
 
default-lease-time 600;
max-lease-time 7200;
log-facility local7;配置了日志设备，那么你就需要在rsyslog中，定义发送到这个local7的日志要转存在哪个日志文件内
 
vim  /etc/dhcp/dhcpd.conf
authoritative;
log-facility local7;
 
subnet 192.168.0.0 netmask 255.255.255.0 { 定义子网
  range 192.168.0.200 192.168.0.254; 分配IP地址的范围
  default-lease-time 600; 定义默认租期
  max-lease-time 7200; 
  #option routers 192.168.0.1; 定义网关的
  option domain-search  "example.com";  定义域名
  option domain-name-servers 172.25.254.254;  DNS服务器
  option broadcast-address 192.168.0.255; 广播地址   #可以忽略
  # option next-server 指定tftp服务器的IP  PXE
  # filename ""引导文件在哪里   PXE
}
 
dhcpd -t   #这个命令可以验证配置文件
3> 启动DHCP服务器
[root@servera ~]# systemctl enable  --now dhcpd
[root@servera ~]# firewall-cmd --permanent --add-service=dhcp
success
[root@servera ~]# firewall-cmd --reload
success
 
 
4> 客户端怎么操作
[root@serverb ~]# nmcli connection  add  type  ethernet  con-name eth1 ifname  eth1 ipv4.method  auto 就只需要把地址的方式改成auto
Connection 'eth1' (d008c5e7-6868-448a-8a16-133502072777) successfully added.
[root@serverb ~]# nmcli connection  up eth1
 
5> 固定IP地址。给一个MAC地址，分配一个特定的地址
 
host serverc {
  hardware ethernet 52:54:00:01:fa:0c; MAC
  fixed-address 192.168.0.150;  固定的IP地址
}
[root@serverc ~]# nmcli connection  add  type  ethernet  con-name  eth1 ifname  eth1  ipv4.method auto
Connection 'eth1' (4dc7753b-fe97-4bc8-97f3-316b373c29c1) successfully added.
[root@serverc ~]# nmcli connection  up eth1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/40)
[root@serverc ~]#
 
 
 
 
[root@servera dhcp-server]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-09-05 18:40:00 CST; 3min 54s ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
 Main PID: 24264 (dhcpd)
   Status: "Dispatching packets..."
    Tasks: 1 (limit: 11250)
   Memory: 4.9M
   CGroup: /system.slice/dhcpd.service
           └─24264 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
 
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPOFFER on 192.168.0.201 to 52:54:00:02:fa:0c (serverc) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPREQUEST for 192.168.0.201 (192.168.0.10) from 52:54:00:02:fa:0c (serverc) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPACK on 192.168.0.201 to 52:54:00:02:fa:0c (serverc) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPOFFER on 192.168.0.202 to 52:54:00:02:fa:0d (serverd) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPREQUEST for 192.168.0.202 (192.168.0.10) from 52:54:00:02:fa:0d (serverd) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPACK on 192.168.0.202 to 52:54:00:02:fa:0d (serverd) via eth1
Sep 05 18:42:37 servera.lab.example.com dhcpd[24264]: DHCPDISCOVER from 52:54:00:01:fa:0b via eth1
Sep 05 18:42:38 servera.lab.example.com dhcpd[24264]: DHCPOFFER on 192.168.0.203 to 52:54:00:01:fa:0b (serverb) via eth1
Sep 05 18:42:38 servera.lab.example.com dhcpd[24264]: DHCPREQUEST for 192.168.0.203 (192.168.0.10) from 52:54:00:01:fa:0b (serverb) via eth1
Sep 05 18:42:38 servera.lab.example.com dhcpd[24264]: DHCPACK on 192.168.0.203 to 52:54:00:01:fa:0b (serverb) via eth1
从dhcpd[24264]可以看到 dhcp的工作过程，与理论一致

dhcp6

ipv6得结合网络设备来分配网关
ipv6得与网络设备结合得到完整的功能，所以会很麻烦

无线状态地址自动配置slaac 方法依赖于路由器为客户端提系统提供网络配置

radvump查看公告信息
也可以通过linux模拟路由器 以提供slaac功能
slaac可也提供网关 ipv6前缀 dns服务器 dns搜索列表功能

实践

[root@workstation ~]# lab dhcp-automation start 
[root@serverd ~]# systemctl status radvd.service 
● radvd.service - Router advertisement daemon for IPv6
Loaded: loaded (/usr/lib/systemd/system/radvd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-09-05 19:27:45 CST; 56s ago
Process: 8169 ExecStart=/usr/sbin/radvd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 8171 (radvd)
    Tasks: 2 (limit: 11250)
Memory: 864.0K
CGroup: /system.slice/radvd.service
        ├─8171 /usr/sbin/radvd -u radvd
        └─8172 /usr/sbin/radvd -u radvd
 
Sep 05 19:27:45 serverd.lab.example.com systemd[1]: Starting Router advertisement daemon for IPv6...
Sep 05 19:27:45 serverd.lab.example.com radvd[8169]: version 2.17 started
Sep 05 19:27:45 serverd.lab.example.com systemd[1]: Started Router advertisement daemon for IPv6.
[root@serverd ~]# 
配置ipv6
1>serverd 模拟路由器配置SLAAC功能。需要这个东西提供网关
[root@serverd ~]# cat   /etc/radvd.conf
interface eth1
{
  AdvSendAdvert on;
  AdvManagedFlag on;
  AdvOtherConfigFlag on;
  MaxRtrAdvInterval 60;
};
 
2> radvd 软件包提供了一个工具radvdump 用来获取路由公告信息(路由器来提供的，)
# based on Router Advertisement from fe80::5a83:c374:2215:148f IPV6的网关
# received by interface eth1
#
 
interface eth1
{
        AdvSendAdvert on;
        # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
        AdvManagedFlag on;        通过DHCP6来获取IP地址
        AdvOtherConfigFlag on;    IPv6 路由器指⽰客⼾端查询 DHCPv6 服务器，
        AdvReachableTime 0;
        AdvRetransTimer 0;
        AdvCurHopLimit 64;
        AdvDefaultLifetime 180;
        AdvHomeAgentFlag off;
        AdvDefaultPreference medium;
        AdvSourceLLAddress on;
}; # End of interface definition
 
 
2>DHCPV6功能： 比如网络信息，IP,DNS等都是有他来提供的
 
 
3> 部署安装包
[root@servera ~]# yum install -y dhcp-server
 
 
4> 修改配置文件
[root@servera ~]# cp /usr/share/doc/dhcp-server/dhcpd6.conf.example /etc/dhcp/dhcpd6.conf
cp: overwrite '/etc/dhcp/dhcpd6.conf'? y
[root@servera ~]#cat /etc/dhcp/dhcpd6.conf 唯一的不同时不能设置网关
 
authoritative; 
subnet6 fde2:6494:1e09:2::/64 {
     range6 fde2:6494:1e09:2::20 fde2:6494:1e09:2::60;
     option dhcp6.name-servers fde2:6494:1e09:2::d;
     option dhcp6.domain-search "backend.lab.example.com";
     default-lease-time 600; max-lease-time 7200;
}
[root@servera ~]# nmcli connection  add  type  ethernet  con-name  eth1 ifname eth1 ipv6.addresses fde2:6494:1e09:2::a/64 ipv6.method manual
Connection 'eth1' (eb7dc998-d861-435c-8abd-2b7f061f8957) successfully added.
[root@servera ~]# nmcli connection  up eth1
[root@servera ~]# systemctl enable  --now dhcpd6.service
Created symlink /etc/systemd/system/multi-user.target.wants/dhcpd6.service → /usr/lib/systemd/system/dhcpd6.service.
[root@servera ~]# firewall-cmd --add-service=dhcpv6 --permanent
success
[root@servera ~]# firewall-cmd --reload
success
[root@servera ~]#
 
 
[root@serverc ~]# nmcli connection add  type  ethernet ifname eth1 con-name eth1 ipv6.method  auto
Connection 'eth1' (95356996-edb3-4750-8170-e341cb604c57) successfully added.
[root@serverc ~]# nmcli connection up eth1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
[root@serverc ~]#
 
5> 默认网关
[root@serverc ~]# ip -6 route
::1 dev lo proto kernel metric 256 pref medium
fde2:6494:1e09:2::60 dev eth1 proto kernel metric 100 pref medium
fe80::/64 dev eth1 proto kernel metric 100 pref medium
fe80::/64 dev eth0 proto kernel metric 106 pref medium
default via fe80::5a83:c374:2215:148f dev eth1 proto ra metric 100 pref medium
 
 
 
这个网关来自于发布公告的本地链路服务器，可也发现与默认网关一样
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:fa:0d brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.220/24 brd 192.168.0.255 scope global dynamic noprefixroute eth1
       valid_lft 101sec preferred_lft 101sec
    inet6 fde2:6494:1e09:2::d/64 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::5a83:c374:2215:148f/64 scope link noprefixroute 
 
不使用fe80
开启转发
[root@serverd ~]# sysctl -a | grep forward | grep ipv6
net.ipv6.conf.all.forwarding = 1
改变ipv6地址
fe80::5a83:c374:2215:148f/64

ansible 自动化

流程
一：安装包
二：配置文件,notify: jinjia2  纯粹的文件
三： 如果有数据，传数据:  web服务： 
四： 服务和防火墙
五： handlers ： 通过handlers来触发重新启动服务
 
[student@workstation ~]$ lab dhcp-automation start
获取配置文件与清单文件
 
 
- name: Deployment DHCP
  hosts: all
  become: true
  vars:
    network_connections:
    - name: eth1
      state: up
      type: ethernet
      mac: 52:54:00:01:fa:0a
      ip:
        address:
        - 192.168.0.10/24
        - fde2:6494:1e09:2::a/64
  tasks:
  - name: config ip address on dhcpservers
    include_role:
      name: rhel-system-roles.network
    when: inventory_hostname == "servera.lab.example.com"
 
  - name: install dhcpd package
    yum:
      name: dhcp-server
      state: present
    when: inventory_hostname == "servera.lab.example.com"
 
  - name: prepate dhcp config file
    copy:
      src: files/dhcpd.conf
      dest: /etc/dhcp/dhcpd.conf
    notify: restart dhcp4
    when: inventory_hostname == "servera.lab.example.com"
 
  - name: prepate dhcp6 config file
    copy:
      src: files/dhcpd6.conf
      dest: /etc/dhcp/dhcpd6.conf
    notify: restart dhcp6
    when: inventory_hostname == "servera.lab.example.com"
 
  - name: start dhcpd service
    service:
      name: "{{ item }}"
      state: started
      enabled: yes
    loop:
    - dhcpd
    - dhcpd6
    when: inventory_hostname == "servera.lab.example.com"
 
  - name: config firewarrd
    firewalld:
      service: "{{ item }}"
      state: enabled
      immediate: yes
      permanent: yes
    loop:
    - dhcp
    - dhcpv6
    when: inventory_hostname == "servera.lab.example.com"
 
  handlers:
  - name: restart dhcp
    service:
      name: dhcpd
      state: started
    when: inventory_hostname == "servera.lab.example.com"
  - name: restart dhcp6
    service:
      name: dhcpd6
      state: started
    when: inventory_hostname == "servera.lab.example.com"
 
clients:
[student@workstation dhcp-automation]$ cat client.yml
---
- name: Deployment DHCP
  hosts: clients
  become: true
  vars:
    network_connections:
    - name: eth1
      state: up
      type: ethernet
      interface_name: eth1
      ip:
        dhcp4: yes
        auto6: yes
  tasks:
  - name: config ip address on dhcpservers
    include_role:
      name: rhel-system-roles.network

打印机

5.1.1 描述 CUPS 打印架构
打印机由 CUPS 在红帽企业 Linux 中进⾏管理，这是⼀种开源的模块化软件套件，最初由 Easy Software
Products 开发，⽬前由 Apple 领导。
 
CUPS 可以使⽤多个协议与打印机和打印服务器通信。在⼤多数情况下， Internet 打印协议 (IPP)是使⽤
CUPS 与打印机通信的⾸选机制。此协议是对 HTTP/1.1 的修改，它受到⼤多数现代⽹络和 USB 打印机
的本地⽀持，通常使⽤ TCP 端⼝ 631。CUPS 可以⽀持直接连接的打印机（例如，使⽤ 并⾏、串⾏或 USB
通信），并且可以使⽤ LPD 等较旧的⽹络协议。
 
CUPS 提供了⼀组命令⾏⼯具和⼀个 web 界⾯，⽤于管理 CUPS 和提交打印作业。它还提供了⼀个守
护进程 (cupsd)，⽤于管理每个已配置打印机的作业队列。打印机的每个队列都与 PostScript 打 印机描
述 (PPD) ⽂件关联，该⽂件描述了打印机功能以及 CUPS 应如何为作业做好在该打印机上打印的准备。
 
 
1> 在使用打印机之前，首先要发现并设置打印机
[root@workstation ~]# lab  printing-automation start 
模拟打印机
 
 
[root@servera ~]# yum install -y avahi cups-ipptool
 
[root@servera ~]# firewall-cmd --permanent --add-service=mdns
success
[root@servera ~]# firewall-cmd --reload
[root@servera ~]# ippfind  -T 30 发现打印机
ipp://serverc.local:631/printers/rht-printer
serverc.local：发现打印机的时候，这个名称client是访问不到的
 
[root@serverc ~]#  dig @224.0.0.251 -p 5353 serverc.local#没办法跑到打印机上执行这个命令。
找到地址：172.25.250.12
 
在client反解：[root@servera ~]# dig -x 172.25.250.12
ipp://serverc.local:631/printers/rht-printer替换
ipp://serverc.lab.example.com:631/printers/rht-printer
 
2> 设置打印队列
[root@servera ~]# yum install -y cups
Last metadata expiration check: 0:50:17 ago on Sun 04 Sep 2022 06:39:46 PM CST.
Package cups-1:2.2.6-28.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@servera ~]# systemctl enable  --now cups
 
[root@servera ~]# lpadmin  -p kevin -v ipp://serverc.lab.example.com:631/printers/rht-printer -m everywhere -E
 
-p： 队列的名字
-v: 打印机的URI
-m： 使用everywhere 这个模块
-E： 可立即启动打印机
[root@servera ~]# lpstat -v查看
device for kevin: ipp://serverc.lab.example.com:631/printers/rht-printer
[root@servera ~]#
-x 删除
[root@servera ~]# lpadmin -d kevin -d 设置默认的队列
 
 
3> 管理作业
[root@servera ~]# lp /root/anaconda-ks.cfg 默认的队列打印文件
 
[root@servera ~]# lp -d kevin /etc/fstab 通过-d指定打印队列
request id is kevin-8 (1 file(s))
 
[root@servera ~]# cancel kevin-8
 
4>队列管理
 
[root@servera ~]# cupsdisable -r "No paper" kevin 暂停，你把作业放到已经暂停打印队列中，他是不会打印的
 
 
[root@servera ~]# cupsenable  kevin
 
[root@servera ~]# cupsreject  -r "No Papare" kevin
 
[root@servera ~]# lp /etc/fstab
lp: Destination "kevin" is not accepting jobs.
[root@servera ~]#
[root@servera ~]# cupsaccept  kevin
 
ansible来管理打印机：问题在于：所有的操作都需要用到command模块来完成：
 
1> 通过ansible来实现的话打印机的URI是事先知道的。
 
[student@workstation printing-auto]$ cat playbook.yml
---
- name: config prineter
  hosts: clients
  become: true
  tasks:
  - name: install
    yum:
      name:
      - cups-ipptool
      - cups
      - avahi
      state: present
  - name: start service
    service:
      name: "{{ item }}"
      state: started
      enabled: yes
    loop:
    - cups
    - avahi-daemon
 
  - name: firewrmd
    firewalld:
      service: mdns
      permanent: yes
      state: enabled
      immediate: yes
 
  - name: find printer URi
    command: ippfind -T 3
    register: p_uri
 
  - name: set que
    command: lpadmin -p "kevin-{{ index }}" -v "{{ item }}" -m everywhere -E
    loop: "{{ p_uri['stdout_lines'] | replace('.local','') }}"
    loop_control:
      index_var: index
 
  - name: check default que is exit
    command: lpstat -d
    register: p_default
 
  - name: set default que
    command: lpadmin -d kevin-0
    when: "'kevin-0' not in p_default['stdout']"
 
[student@workstation printing-auto]$ cat printer-accept.yml
---
- name: Configure a print queue to accept jobs
  hosts: clients
  gather_facts: no
  become: yes
  tasks:
    - name: Confirm the print queue exists
      command: lpstat -p kevin-0
      register: cmdout
      ignore_errors: true
      changed_when: false
 
    - name: Tune the print queue to accept jobs
      command: cupsenable kevin-0
      when: cmdout.rc == 0