Cobbler 无人自动安装系统
###日期:2021/7/12 3:55
参考文档
- https://www.cnblogs.com/goser/articles/8066835.html
- rpm -Uvh https:/dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 下载并安装第三方源,才可以下载 cobbler。
关键操作步骤:
- 使用 cobbler check , 列出还没有操作步骤, 开始第一步生成密码,如下:
[root@localhost ~]# openssl passwd -1 -salt 'cobbler' 'cobbler' $1$cobbler$M6SE55xZodWc9.vAKLJs6. ###cobbler get-loaders 这条命令是向 cobbler 官网下载几年前的 系统文件,当前已经不在支持下载了。 1: /var/lib/cobbler/loaders中缺少一些网络引导加载程序,你可以运行'cobbler get-loaders'来下载它们,或者,如果你只想处理x86/x86_64的netbooters,你可以确保你已经安装了一个*recent* version的syslinux包,可以完全忽略这个消息。如果您想要支持所有架构,这个目录中的文件应该包括pxelinux。0,菜单。c32 elilo。efi, yaboot。'cobbler get-loaders'命令是解决这些需求的最简单的方法。
- 挂载并导入系统镜像,并查看
[root@linux-node1 ~]# mount /dev/cdrom /mnt/ [root@linux-node1 ~]# cobbler import --name=CentOS6-x86_64 --path=/mnt/ --arch=x86_64
[root@linux-node1 ~]# ll /var/www/cobbler/ks_mirror/ total 8 dr-xr-xr-x 7 root root 4096 Oct 24 2014 CentOS6-x86_64 drwxr-xr-x 8 root root 4096 Apr 1 2015 CentOS7-x86_64 [root@linux-node1 ~]# cobbler profile list
cobbler环境部署
1、系统环境准备
部署cobbler操作系统为centos7.1
[root@linux-node1 ~]# cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) [root@linux-node1 ~]# uname -rm 3.10.0-229.el7.x86_64 x86_64 关闭selinux和firewalld服务 [root@linux-node1 ~]# cat /etc/selinux/config SELINUX=disabled [root@linux-node1 ~]# systemctl stop firewalld [root@linux-node1 ~]# systemctl disable firewalld
###安装阿里云的epel源
[root@linux-node1 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-release-latest-7.noarch.rpm
##2、部署cobbler
安装cobbler软件包及其他辅助包
[root@linux-node1 ~]# yum install -y httpd dhcp tftp cobbler cobbler-web pykickstart xinetd 启动httpd tftp cobbler并使其开机自启动 [root@linux-node1 ~]# systemctl start httpd [root@linux-node1 ~]# systemctl start cobblerd [root@linux-node1 ~]# systemctl start xinetd [root@linux-node1 ~]# systemctl enable httpd [root@linux-node1 ~]# systemctl enable cobblerd [root@linux-node1 ~]# systemctl enable xinetd 执行cobbler check命令,它会提示我们需要做一些配置 View Code 按照cobbler check执行命令的提示,做如下操作 #生成一个密码,作为模板里的密码使用 [root@linux-node1 ~]# openssl passwd -1 -salt 'user' 'password' $1$cobbler$M6SE55xZodWc9.vAKLJs6.
编辑 cobbler 主配置文件。
[root@linux-node1 ~]# vim /etc/cobbler/settings server: 192.168.1.180 next_server: 192.168.1.180 default_password_crypted: "$1$cobbler$M6SE55xZodWc9.vAKLJs6." #设置cobbler来管理dhcp manage_dhcp: 1 #设置cobbler来管理tftp manage_tftpd: 1 #设置cobbler支持yum源安装 yum_post_install_mirror: 1 #修改tftp配置,启动tftp [root@linux-node1 ~]# vim /etc/xinetd.d/tftp disable = no
##从cobbler的github上下载一些需要的文件
[root@linux-node1 ~]# cobbler get-loaders ## 此条命令在 2021/7/12 是无法执行的,原因 cobbler官网没有这个软件包。
解决办法如下: [[email protected] ~]# yum -y install syslinux [[email protected] ~]# cp/usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/ [[email protected] ~]# cp/usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/ #将copy的过来的文件权限全部开放。 [root@Cobbler loaders]# pwd /var/lib/cobbler/loaders [root@Cobbler loaders]# ll 总用量 84 -rwxr--r-- 1 root root 55140 7月 12 00:15 menu.c32 -rwxr--r-- 1 root root 26759 7月 12 00:15 pxelinux.0 -rw-r--r-- 1 root root 0 7月 11 23:32 README [root@Cobbler loaders]# chmod 777 pxelinux.0
##启动rsyncd服务并设置开机启动
[root@linux-node1 ~]# systemctl start rsyncd [root@linux-node1 ~]# systemctl enable rsyncd 重启cobblerd服务并再次检查cobbler。显示下面的状况,说明cobbler的配置正常。 [root@linux-node1 ~]# systemctl restart cobblerd [root@linux-node1 ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : debmirror package is not installed, it will be required to manage debian deployments and repositories 2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
##修改cobbler定义的dhcp模板
[root@linux-node1 ~]# vim /etc/cobbler/dhcp.template subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option domain-name-servers 192.168.1.1; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.1.100 192.168.1.200; default-lease-time 21600; max-lease-time 43200; next-server $next_server; } 执行cobbler sync的时候,cobbler的dhcp模板的设置会将dhcp的配置文件dhcpd.conf的配置内容覆盖
重启 cobbler 服务,并同步配置文件。
[root@linux-node1 ~]# systemctl restart cobblerd [root@linux-node1 ~]# cobbler sync [root@linux-node1 ~]# cat /etc/dhcp/dhcpd.conf # ****************************************************************** # Cobbler managed dhcpd.conf file # generated from cobbler dhcp.conf template (Sun Nov 19 14:02:13 2017) # Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes # in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be # overwritten. # ****************************************************************** subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option domain-name-servers 192.168.1.1; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.1.100 192.168.1.200; default-lease-time 21600; max-lease-time 43200; next-server 192.168.1.180; }
##导入镜像到cobbler中,先将iso光驱启动并放入centos7.iso或centos6.iso镜像
####导入centos7的镜像
[root@linux-node1 ~]# mount /dev/cdrom /mnt/
[root@linux-node1 ~]# cobbler import --name=CentOS7-x86_64 --path=/mnt/ --arch=x86_64
####导入 Ubuntu18.04 的镜像
[root@linux-node1 ~]# umount /mnt/
[root@linux-node1 ~]# mount /dev/cdrom /mnt/
[root@linux-node1 ~]# cobbler import --name=ubuntu1804 --path=/mnt/ --arch=x86_64
##查看系统镜像的目录和profile文件如下
[root@linux-node1 ~]# ll /var/www/cobbler/ks_mirror/ total 8 dr-xr-xr-x 7 root root 4096 Oct 24 2014 CentOS6-x86_64 drwxr-xr-x 8 root root 4096 Apr 1 2015 CentOS7-x86_64 [root@linux-node1 ~]# cobbler profile list CentOS6-x86_64 CentOS7-x86_64
##制作centos7和 Ubuntu18.04 的ks文件如下: #Ubuntu 18.04.seep 文件没有执行成功,有待百度继续测试。
<pre>
#首先进入/var/lib/cobbler/kickstarts目录,因为cobbler定义的镜像关联的ks文件默认目录
[root@linux-node1 kickstarts]# /var/lib/cobbler/kickstarts
#编辑centos7的ks文件
[root@linux-node1 kickstarts]# vim CentOS-7-x86_64.cfg
#Kickstart Configurator for cobbler by goser
#platform=x86, AMD64, or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $default_password_crypted
#Use text mode install
text
#Install OS instead of upgrade
install
#Use NFS installation Media
url --url=$tree
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part /boot --fstype xfs --size 300 --ondisk sda
part swap --size 4096 --ondisk sda
part / --fstype xfs --size 1 --grow --ondisk sda
#System authorization infomation
auth --useshadow --enablemd5
#Network information
$SNIPPET('network_config')
#network --bootproto=dhcp --device=em1 --onboot=on
# Reboot after installation
reboot
#Firewall configuration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configure XWindows
skipx
#Package install information
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@ base
@ core
sysstat
iptraf
ntp
lrzsz
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
mysql
nmap
screen
%end
%post
systemctl disable postfix.service
$yum_config_stanza
%end
##可以正常安装的 CentOS7 ks文件
1 install 2 url --url=$tree 3 text 4 lang en_US.UTF-8 5 keyboard us 6 zerombr 7 bootloader --location=mbr 8 #Network information 9 $SNIPPET('network_config') 10 timezone --utc Asia/Shanghai 11 authconfig --enableshadow --passalgo=sha512 12 rootpw --iscrypted $default_password_crypted 13 clearpart --all --initlabel 14 part /boot --fstype xfs --size 512 15 part swap --size 1024 16 part / --fstype xfs --size 5000 --grow 17 firstboot --disable 18 selinux --disabled 19 firewall --disabled 20 logging --level=info 21 reboot 22 %pre 23 $SNIPPET('log_ks_pre') 24 $SNIPPET('kickstart_start') 25 $SNIPPET('pre_install_network_config') 26 Enable installation monitoring 27 $SNIPPET('pre_anamon') 28 %end 29 %packages 30 @base 31 @compat-libraries 32 @debugging 33 @development 34 tree 35 nmap 36 sysstat 37 lrzsz 38 dos2unix 39 telnet 40 iptraf 41 ncurses-devel 42 openssl-devel 43 zlib-devel 44 OpenIPMI-tools 45 screen 46 %end 47 %post 48 systemctl disable postfix.service 49 %end
##更改centos6和centos7的ks文件位置,并更改centos7的内核设置,让centos7的网络接口名称类似于centos6的eth0,配置如下:
[root@linux-node1 ~]# cobbler profile edit --name=CentOS6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-6-x86_64.cfg [root@linux-node1 ~]# cobbler profile edit --name=CentOS7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg \ --kopts='net.ifnames=0 biosdevname=0'
##再用cobbler profile report命令就可以看到centos6和centos7的profile文件的ks文件路径发生了变化,centos7的kenel options也发生了变化
- 同步cobbler,删除了/var/www下面的一些文件,重新生成了一些文件。如果修改文件不执行sync,修改是不生效的
- [root@linux-node1 ~]# cobbler sync
- 更改cobbler装机时提示界面。修改后执行cobbler sync命令,使配置生效
[root@linux-node1 ~]# vim /etc/cobbler/pxe/pxedefault.template DEFAULT menu PROMPT 0 MENU TITLE Cobbler | http://cnblogs.com/goser/ TIMEOUT 200 TOTALTIMEOUT 6000 ONTIMEOUT $pxe_timeout_profile LABEL local MENU LABEL goser company mirrors iso do MENU DEFAULT LOCALBOOT -1 $pxe_menu_items MENU end
cobbler自定义系统安装
- 通过它能进行定制的需求,比如装机时mac地址和ip地址的对应,让指定的mac地址的机器获取指定的IP
- 实际生产中会有很多kickstart文件,即使相同系统的kickstart文件也有不同,比如根据业务,对应不同的分区方案(web服务器和数据库服务器对磁盘分区要求就不同)
- 下面根据一个实例的mac地址来自动安装系统 mac地址为:00:50:56:20:EA:6F
- 根据这个mac地址,来自定义配置实例的ip hostname gateway subnet 等等
[root@linux-node1 kickstarts]# cobbler system add --name=linux-node02 --mac=00:0C:29:8F:72:4C --profile=CentOS-7-x86_64 --ip-address=192.168.65.151 --subnet=255.255.255.0 --gateway=192.168.62.2 --interface=eth0 --static=1 --hostname=Cobberl-node02.Centos7.com --name-servers=192.168.65.2 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg
##查看是否添加成功
[root@linux-node1 kickstarts]# cobbler system list linux-node88
执行cobbler sync使配置生效
查看dhcp配置文件。末尾部分可以看到自定义的配置cat /etc/dhcp/dhcpd.conf
[root@linux-node1 kickstarts]# cat /etc/dhcp/dhcpd.conf group { host generic1 { hardware ethernet 00:50:56:20:EA:6F; fixed-address 192.168.1.88; option host-name "linux-node88.goser.com"; option subnet-mask 255.255.255.0; option routers 192.168.1.1; filename "/pxelinux.0"; next-server 192.168.1.180; }
这里是自定义生效后的 dhcpd.conf 配置文件
# group for Cobbler DHCP tag: default group { host generic1 { hardware ethernet 00:0C:29:8F:72:4C; fixed-address 192.168.65.151; option host-name "Cobberl-node02.Centos7.com"; option subnet-mask 255.255.255.0; option routers 192.168.62.2; filename "/pxelinux.0"; next-server 192.168.65.100; } }
接下来启动这个mac地址00:50:56:20:EA:6F对应的实例,来自动安装操作系统,不需要手动干预自动安装完成。这种方式的自动安装系统在生产环境中经常被采用。
安装完成后,可以查看实例的ip地址 主机名等来验证cobbler system部署自定义安装是否成功
cobbler 主要的配置文件
[root@Cobbler ~]# ll /etc/cobbler/ -rw-r--r-- 1 root root 3182 7月 11 23:37 dhcp.template #DHCP模板 -rw-r--r-- 1 root root 1073 8月 30 2019 rsync.template #sync 同步 ,不用调试 -rw-r--r-- 1 root root 19928 7月 11 23:37 settings # 主配置文件 -rw-r--r-- 1 root root 19918 7月 11 23:29 settings.bak # 主配置文件备份 -rw-r--r-- 1 root root 740 8月 30 2019 tftpd.template # tftp配置模板,可以直接去 /etc/xinetd.d/tftp 开启
[root@Cobbler cobbler]# cd /var/lib/cobbler/ [root@Cobbler cobbler]# ll -rw-r--r-- 1 root root 50604 8月 30 2019 distro_signatures.json # ubuntu 支持文件,可以不用动 -rw-r--r-- 1 root root 50604 7月 12 02:25 distro_signatures.json.bak drwxr-xr-x 3 root root 4096 7月 12 03:52 kickstarts # 开机自动应答文件 cfg drwxr-xr-x 2 root root 54 7月 12 00:15 loaders # 存放复制过来的 CentOS 系统文件